summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--flake.lock143
-rw-r--r--flake.nix12
-rw-r--r--os/common/modules/nix/nix.patch10
-rw-r--r--os/kay/configuration.nix1
-rw-r--r--os/kay/modules/dns/sinanmohd.com.zone27
-rw-r--r--os/kay/modules/headscale.nix112
-rw-r--r--os/kay/modules/www.nix11
-rw-r--r--os/kay/secrets.yaml12
8 files changed, 274 insertions, 54 deletions
diff --git a/flake.lock b/flake.lock
index 9ea2255..7e0e6bc 100644
--- a/flake.lock
+++ b/flake.lock
@@ -33,12 +33,12 @@
"nixpkgs": "nixpkgs_2"
},
"locked": {
- "lastModified": 1757033802,
- "narHash": "sha256-BLUHtWWoHFR6UJJJwkmivSv7RTjo92wlT0Y7kbCd2MY=",
- "rev": "e154f8433851f8f2509490f33680e3285d553df4",
- "revCount": 301,
+ "lastModified": 1760032600,
+ "narHash": "sha256-h/JQLcAfRNAo3QSobPxzTY/KxSwEmwmFJmUd5dGchQw=",
+ "rev": "a3becf5149650592a821daeb2b63d26597506652",
+ "revCount": 305,
"type": "tarball",
- "url": "https://api.flakehub.com/f/pinned/DeterminateSystems/determinate/3.11.1/01991762-b4e5-7a3b-8bfc-5d0f1ed4965e/source.tar.gz"
+ "url": "https://api.flakehub.com/f/pinned/DeterminateSystems/determinate/3.11.3/0199ca21-1b70-7110-891b-829db1f1e850/source.tar.gz"
},
"original": {
"type": "tarball",
@@ -48,37 +48,58 @@
"determinate-nixd-aarch64-darwin": {
"flake": false,
"locked": {
- "narHash": "sha256-Dym4kTLMTxAxNyZcrHRKRVMBINQPA7qgr+7dHozNrps=",
+ "narHash": "sha256-Nug8jpanW4BbUfzq508ZWtCG24YGvyO8AOeTAyDMOKQ=",
"type": "file",
- "url": "https://install.determinate.systems/determinate-nixd/tag/v3.11.1/macOS"
+ "url": "https://install.determinate.systems/determinate-nixd/tag/v3.11.3/macOS"
},
"original": {
"type": "file",
- "url": "https://install.determinate.systems/determinate-nixd/tag/v3.11.1/macOS"
+ "url": "https://install.determinate.systems/determinate-nixd/tag/v3.11.3/macOS"
}
},
"determinate-nixd-aarch64-linux": {
"flake": false,
"locked": {
- "narHash": "sha256-eYVSpk+ly2YRSYvgT47ABmFRwG0DliNO/8ntBkoRmjI=",
+ "narHash": "sha256-kRAuNurPaJBhuOq1SpcCBmDOqCXvGDMKuMAb5vJRqtk=",
"type": "file",
- "url": "https://install.determinate.systems/determinate-nixd/tag/v3.11.1/aarch64-linux"
+ "url": "https://install.determinate.systems/determinate-nixd/tag/v3.11.3/aarch64-linux"
},
"original": {
"type": "file",
- "url": "https://install.determinate.systems/determinate-nixd/tag/v3.11.1/aarch64-linux"
+ "url": "https://install.determinate.systems/determinate-nixd/tag/v3.11.3/aarch64-linux"
}
},
"determinate-nixd-x86_64-linux": {
"flake": false,
"locked": {
- "narHash": "sha256-ZvRoKG/v0WS2XrDgkV+/hq3ARGokGisyelncKwlefvk=",
+ "narHash": "sha256-7AF8O33I/xlMengDU6tHvmPVvXJZF7XQEdAbjfTPJ6s=",
"type": "file",
- "url": "https://install.determinate.systems/determinate-nixd/tag/v3.11.1/x86_64-linux"
+ "url": "https://install.determinate.systems/determinate-nixd/tag/v3.11.3/x86_64-linux"
},
"original": {
"type": "file",
- "url": "https://install.determinate.systems/determinate-nixd/tag/v3.11.1/x86_64-linux"
+ "url": "https://install.determinate.systems/determinate-nixd/tag/v3.11.3/x86_64-linux"
+ }
+ },
+ "devshell": {
+ "inputs": {
+ "nixpkgs": [
+ "headplane",
+ "nixpkgs"
+ ]
+ },
+ "locked": {
+ "lastModified": 1741473158,
+ "narHash": "sha256-kWNaq6wQUbUMlPgw8Y+9/9wP0F8SHkjy24/mN3UAppg=",
+ "owner": "numtide",
+ "repo": "devshell",
+ "rev": "7c9e793ebe66bcba8292989a68c0419b737a22a0",
+ "type": "github"
+ },
+ "original": {
+ "owner": "numtide",
+ "repo": "devshell",
+ "type": "github"
}
},
"flake-compat": {
@@ -118,6 +139,24 @@
"url": "https://flakehub.com/f/hercules-ci/flake-parts/0.1"
}
},
+ "flake-utils": {
+ "inputs": {
+ "systems": "systems"
+ },
+ "locked": {
+ "lastModified": 1731533236,
+ "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
+ "owner": "numtide",
+ "repo": "flake-utils",
+ "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
+ "type": "github"
+ },
+ "original": {
+ "owner": "numtide",
+ "repo": "flake-utils",
+ "type": "github"
+ }
+ },
"git-hooks-nix": {
"inputs": {
"flake-compat": "flake-compat",
@@ -144,6 +183,28 @@
"url": "https://flakehub.com/f/cachix/git-hooks.nix/0.1.941"
}
},
+ "headplane": {
+ "inputs": {
+ "devshell": "devshell",
+ "flake-utils": "flake-utils",
+ "nixpkgs": [
+ "nixpkgs"
+ ]
+ },
+ "locked": {
+ "lastModified": 1760298620,
+ "narHash": "sha256-0mNbLZH9oy4+UHquPXu9J194pGfVyL+UJB0JopcvQeA=",
+ "owner": "tale",
+ "repo": "headplane",
+ "rev": "4ccc73d7e4c9cca68db88fa609e7794cd1d644ce",
+ "type": "github"
+ },
+ "original": {
+ "owner": "tale",
+ "repo": "headplane",
+ "type": "github"
+ }
+ },
"home-manager": {
"inputs": {
"nixpkgs": [
@@ -174,12 +235,12 @@
"nixpkgs-regression": "nixpkgs-regression"
},
"locked": {
- "lastModified": 1757029043,
- "narHash": "sha256-/XtKs/hpYXJPeT3WppFVFZH1WvPDmeTt11hMWt/Bwas=",
- "rev": "7143558a0989008c8e08cc27c3cb6a031f30b356",
- "revCount": 22309,
+ "lastModified": 1760027527,
+ "narHash": "sha256-1aMQb+eSrGDbTrX7PvtpD142CniIvKFxej9hZxBWeMY=",
+ "rev": "80d3406e25c753bb5144bef45afe980e6a642c29",
+ "revCount": 22421,
"type": "tarball",
- "url": "https://api.flakehub.com/f/pinned/DeterminateSystems/nix-src/3.11.1/01991737-661d-7932-b7c9-d3a0499b4c3f/source.tar.gz"
+ "url": "https://api.flakehub.com/f/pinned/DeterminateSystems/nix-src/3.11.3/0199c9f4-3aa1-723c-a5e0-be7fb957ff9f/source.tar.gz"
},
"original": {
"type": "tarball",
@@ -188,11 +249,11 @@
},
"nixos-hardware": {
"locked": {
- "lastModified": 1757103352,
- "narHash": "sha256-PtT7ix43ss8PONJ1VJw3f6t2yAoGH+q462Sn8lrmWmk=",
+ "lastModified": 1760106635,
+ "narHash": "sha256-2GoxVaKWTHBxRoeUYSjv0AfSOx4qw5CWSFz2b+VolKU=",
"owner": "NixOS",
"repo": "nixos-hardware",
- "rev": "11b2a10c7be726321bb854403fdeec391e798bf0",
+ "rev": "9ed85f8afebf2b7478f25db0a98d0e782c0ed903",
"type": "github"
},
"original": {
@@ -250,12 +311,12 @@
},
"nixpkgs_2": {
"locked": {
- "lastModified": 1756696532,
- "narHash": "sha256-6FWagzm0b7I/IGigOv9pr6LL7NQ86mextfE8g8Q6HBg=",
- "rev": "58dcbf1ec551914c3756c267b8b9c8c86baa1b2f",
- "revCount": 854745,
+ "lastModified": 1759632233,
+ "narHash": "sha256-krgZxGAIIIKFJS+UB0l8do3sYUDWJc75M72tepmVMzE=",
+ "rev": "d7f52a7a640bc54c7bb414cca603835bf8dd4b10",
+ "revCount": 871443,
"type": "tarball",
- "url": "https://api.flakehub.com/f/pinned/DeterminateSystems/nixpkgs-weekly/0.1.854745%2Brev-58dcbf1ec551914c3756c267b8b9c8c86baa1b2f/019908ed-e731-796e-b7c5-ea173f5d3b8d/source.tar.gz"
+ "url": "https://api.flakehub.com/f/pinned/DeterminateSystems/nixpkgs-weekly/0.1.871443%2Brev-d7f52a7a640bc54c7bb414cca603835bf8dd4b10/0199bd2b-6c92-7223-94cf-69e43f5561ee/source.tar.gz"
},
"original": {
"type": "tarball",
@@ -264,11 +325,11 @@
},
"nixpkgs_3": {
"locked": {
- "lastModified": 1756787288,
- "narHash": "sha256-rw/PHa1cqiePdBxhF66V7R+WAP8WekQ0mCDG4CFqT8Y=",
+ "lastModified": 1760284886,
+ "narHash": "sha256-TK9Kr0BYBQ/1P5kAsnNQhmWWKgmZXwUQr4ZMjCzWf2c=",
"owner": "NixOs",
"repo": "nixpkgs",
- "rev": "d0fc30899600b9b3466ddb260fd83deb486c32f1",
+ "rev": "cf3f5c4def3c7b5f1fc012b3d839575dbe552d43",
"type": "github"
},
"original": {
@@ -282,6 +343,7 @@
"inputs": {
"alina": "alina",
"determinate": "determinate",
+ "headplane": "headplane",
"home-manager": "home-manager",
"nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs_3",
@@ -295,11 +357,11 @@
]
},
"locked": {
- "lastModified": 1754988908,
- "narHash": "sha256-t+voe2961vCgrzPFtZxha0/kmFSHFobzF00sT8p9h0U=",
+ "lastModified": 1760393368,
+ "narHash": "sha256-8mN3kqyqa2PKY0wwZ2UmMEYMcxvNTwLaOrrDsw6Qi4E=",
"owner": "Mic92",
"repo": "sops-nix",
- "rev": "3223c7a92724b5d804e9988c6b447a0d09017d48",
+ "rev": "ab8d56e85b8be14cff9d93735951e30c3e86a437",
"type": "github"
},
"original": {
@@ -307,6 +369,21 @@
"repo": "sops-nix",
"type": "github"
}
+ },
+ "systems": {
+ "locked": {
+ "lastModified": 1681028828,
+ "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
+ "owner": "nix-systems",
+ "repo": "default",
+ "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
+ "type": "github"
+ },
+ "original": {
+ "owner": "nix-systems",
+ "repo": "default",
+ "type": "github"
+ }
}
},
"root": "root",
diff --git a/flake.nix b/flake.nix
index ec6258d..cb746da 100644
--- a/flake.nix
+++ b/flake.nix
@@ -6,6 +6,11 @@
nixos-hardware.url = "github:NixOS/nixos-hardware/master";
determinate.url = "https://flakehub.com/f/DeterminateSystems/determinate/*";
+ headplane = {
+ url = "github:tale/headplane";
+ inputs.nixpkgs.follows = "nixpkgs";
+ };
+
sops-nix = {
url = "github:Mic92/sops-nix";
inputs.nixpkgs.follows = "nixpkgs";
@@ -31,6 +36,7 @@
nixos-hardware,
alina,
determinate,
+ headplane,
}:
let
lib = nixpkgs.lib;
@@ -69,6 +75,12 @@
./os/${host}/configuration.nix
sops-nix.nixosModules.sops
home-manager.nixosModules.home-manager
+
+ headplane.nixosModules.headplane
+ {
+ # provides `pkgs.headplane`
+ nixpkgs.overlays = [ headplane.overlays.default ];
+ }
];
});
diff --git a/os/common/modules/nix/nix.patch b/os/common/modules/nix/nix.patch
index 4f565d8..606e61d 100644
--- a/os/common/modules/nix/nix.patch
+++ b/os/common/modules/nix/nix.patch
@@ -1,8 +1,8 @@
diff --git a/develop.cc b/develop.cc
-index ed25e655d8f..f78eee59abc 100644
+index c27c254fb..e914d5f6c 100644
--- a/develop.cc
+++ b/develop.cc
-@@ -627,13 +627,12 @@ struct CmdDevelop : Common, MixEnvironment
+@@ -629,13 +629,12 @@ struct CmdDevelop : Common, MixEnvironment
fmt("[ -n \"$PS1\" ] && PS1+=%s;\n", escapeShellArgAlways(developSettings.bashPromptSuffix.get()));
}
@@ -10,14 +10,14 @@ index ed25e655d8f..f78eee59abc 100644
-
setEnviron();
// prevent garbage collection until shell exits
- setEnv("NIX_GCROOT", gcroot.c_str());
+ setEnv("NIX_GCROOT", store->printStorePath(gcroot).c_str());
Path shell = "bash";
+ bool foundInteractive = false;
try {
auto state = getEvalState();
-@@ -656,19 +655,17 @@ struct CmdDevelop : Common, MixEnvironment
+@@ -658,19 +657,17 @@ struct CmdDevelop : Common, MixEnvironment
Strings{"legacyPackages." + settings.thisSystem.get() + "."},
nixpkgsLockFlags);
@@ -39,7 +39,7 @@ index ed25e655d8f..f78eee59abc 100644
throw Error("package 'nixpkgs#bashInteractive' does not provide a 'bin/bash'");
} catch (Error &) {
-@@ -678,6 +675,11 @@ struct CmdDevelop : Common, MixEnvironment
+@@ -680,6 +677,11 @@ struct CmdDevelop : Common, MixEnvironment
// Override SHELL with the one chosen for this environment.
// This is to make sure the system shell doesn't leak into the build environment.
setEnv("SHELL", shell.c_str());
diff --git a/os/kay/configuration.nix b/os/kay/configuration.nix
index ff9b225..6c2c618 100644
--- a/os/kay/configuration.nix
+++ b/os/kay/configuration.nix
@@ -20,6 +20,7 @@
./modules/observability
./modules/alina.nix
./modules/minio.nix
+ ./modules/headscale.nix
];
networking.hostName = "kay";
diff --git a/os/kay/modules/dns/sinanmohd.com.zone b/os/kay/modules/dns/sinanmohd.com.zone
index 0307cd6..dcbdf6c 100644
--- a/os/kay/modules/dns/sinanmohd.com.zone
+++ b/os/kay/modules/dns/sinanmohd.com.zone
@@ -2,7 +2,7 @@ $ORIGIN sinanmohd.com.
$TTL 2d
@ IN SOA ns1 hostmaster (
- 2025062100 ; serial
+ 2025101400 ; serial
2h ; refresh
5m ; retry
1d ; expire
@@ -37,17 +37,18 @@ mta-sts IN CNAME @
_mta-sts IN TXT "v=STSv1; id=2024022500"
_smtp._tls IN TXT "v=TLSRPTv1; rua=mailto:reports@sinanmohd.com"
-www IN CNAME @
-git IN CNAME @
-bin IN CNAME @
-static IN CNAME @
-home IN CNAME @
-nixbin IN CNAME @
-immich IN CNAME @
-sliding IN CNAME @
-grafana IN CNAME @
-stalwart IN CNAME @
-minio IN CNAME @
-s3 IN CNAME @
+www IN CNAME @
+git IN CNAME @
+bin IN CNAME @
+static IN CNAME @
+home IN CNAME @
+nixbin IN CNAME @
+immich IN CNAME @
+sliding IN CNAME @
+grafana IN CNAME @
+stalwart IN CNAME @
+minio IN CNAME @
+s3 IN CNAME @
+headscale IN CNAME @
_acme-challenge IN NS ns1
diff --git a/os/kay/modules/headscale.nix b/os/kay/modules/headscale.nix
new file mode 100644
index 0000000..24df170
--- /dev/null
+++ b/os/kay/modules/headscale.nix
@@ -0,0 +1,112 @@
+{
+ config,
+ pkgs,
+ lib,
+ ...
+}:
+let
+ domain = "headscale.${config.global.userdata.domain}";
+ stunPort = 3478;
+
+ # A workaround generate a valid Headscale config accepted by Headplane when `config_strict == true`.
+ settings = lib.recursiveUpdate config.services.headscale.settings {
+ tls_cert_path = "/dev/null";
+ tls_key_path = "/dev/null";
+ policy.path = "/dev/null";
+ };
+ format = pkgs.formats.yaml { };
+ headscaleConfig = format.generate "headscale.yml" settings;
+
+ policyFormat = pkgs.formats.json { };
+ policy = {
+ groups = {
+ "group:owner" = [ "sinan@" ];
+ "group:bud" = [
+ "sinan@"
+ "ann@"
+ ];
+ };
+ tagOwners = {
+ "tag:bud_clients" = [ "group:bud" ];
+ "tag:internal" = [ "group:owner" ];
+ "tag:cusat" = [ "group:owner" ];
+ "tag:gaijin" = [ "group:owner" ];
+ };
+ acls = [
+ {
+ action = "accept";
+ src = [ "group:owner" ];
+ dst = [ "*:*" ];
+ }
+
+ {
+ action = "accept";
+ src = [ "group:bud" ];
+ dst = [ "tag:bud_clients:*" ];
+ }
+ ];
+ };
+in
+{
+ sops.secrets = {
+ "headplane/cookie_secret".owner = config.services.headscale.user;
+ "headplane/preauth_key".owner = config.services.headscale.user;
+ "headscale/noise_private_key".owner = config.services.headscale.user;
+ "headscale/derp_private_key".owner = config.services.headscale.user;
+ };
+
+ networking.firewall.interfaces.ppp0.allowedUDPPorts = [ stunPort ];
+
+ services = {
+ headscale = {
+ enable = true;
+ port = 8139;
+
+ settings = {
+ logtail.enabled = false;
+ server_url = "https://${domain}";
+ noise.private_key_path = config.sops.secrets."headscale/noise_private_key".path;
+ dns = {
+ base_domain = "tsnet.${config.global.userdata.domain}";
+ override_local_dns = false;
+ };
+ derp = {
+ server = {
+ enabled = true;
+ private_key_path = config.sops.secrets."headscale/derp_private_key".path;
+ region_code = config.networking.hostName;
+ region_name = config.networking.hostName;
+ stun_listen_addr = "0.0.0.0:${toString stunPort}";
+ region_id = 6969;
+ automatically_add_embedded_derp_region = true;
+ };
+ urls = [ ];
+ };
+ policy = {
+ mode = "file";
+ path = policyFormat.generate "acl.json" policy;
+ };
+ };
+ };
+
+ headplane = {
+ enable = true;
+ settings = {
+ server = {
+ port = 8140;
+ cookie_secret_path = config.sops.secrets."headplane/cookie_secret".path;
+ };
+ headscale = {
+ url = "https://${domain}";
+ config_path = "${headscaleConfig}";
+ };
+ integration.agent = {
+ enabled = true;
+ pre_authkey_path = config.sops.secrets."headplane/preauth_key".path;
+ };
+ };
+ };
+ };
+
+ environment.systemPackages = [ config.services.headscale.package ];
+}
diff --git a/os/kay/modules/www.nix b/os/kay/modules/www.nix
index 6b8e285..e64c65c 100644
--- a/os/kay/modules/www.nix
+++ b/os/kay/modules/www.nix
@@ -112,6 +112,17 @@ in
};
};
+ "headscale.${domain}" = defaultOpts // {
+ locations = {
+ "/" = {
+ proxyWebsockets = true;
+ proxyPass = "http://localhost:${toString config.services.headscale.port}";
+ };
+ "= /".return = "307 https://headscale.${domain}/admin";
+ "/admin".proxyPass = "http://localhost:${toString config.services.headplane.settings.server.port}";
+ };
+ };
+
"${config.services.grafana.settings.server.domain}" = defaultOpts // {
extraConfig = ''
proxy_buffering off;
diff --git a/os/kay/secrets.yaml b/os/kay/secrets.yaml
index da4f9ca..68998c0 100644
--- a/os/kay/secrets.yaml
+++ b/os/kay/secrets.yaml
@@ -17,6 +17,12 @@ mail.sinanmohd.com:
github-runner:
nocodb-registration-token: ENC[AES256_GCM,data:QJ2wGjyzBV0Xmsanc8dpvmi5Iv8ICShpQH0qC7E=,iv:s+IeTdz3cQ22vQiUZlSjFR7xTFwwKVnBvwkyxVeCw4s=,tag:ADeouBMAJiJjCvqLKHTVIw==,type:str]
age-master-key: ENC[AES256_GCM,data:wvhr+iYnjAZh4u+PNtRw3/O/7FAtWAdpC0nOifX8Pf6aB0njLOyhmCo3h8Ti8p4oInvHrJGYCtfUenvACUZSrHVykdDZKC5DgAo=,iv:miFWVbVlpTNV6TZys4tb/WNXiDfC/tobcaM3L9MMytk=,tag:wadOdhXSNZsAlSubVDpqtA==,type:str]
+headplane:
+ cookie_secret: ENC[AES256_GCM,data:ZhUYeusYNPSkuA+CEHHmeRlCB3Y030J+1EpPs88coFs=,iv:Ck3CfLtkwskkwo8Ind+CuLtVARjHI4y3mZITfzCKPso=,tag:yhupLPeAyfBF6LtNqbJs2g==,type:str]
+ preauth_key: ENC[AES256_GCM,data:XBtitZ0fb8mU7Z7aSP+RxUSDvyxqcfKYiq4bLa9WnKef1xEnQK0+l7QfrQAVRyqI,iv:G82b9GcdTTLF/+jVh4nx6Fu7mnMmKarF6Rc+AabaLwE=,tag:x7HMaJknnrA/SjTfYu6B4w==,type:str]
+headscale:
+ noise_private_key: ENC[AES256_GCM,data:pqh0alokNqQsG9Ghi/qZl3lEi45om8GV4uron4a5JriLrR/QiRKcZQFbMK2u1m4wLwAw57ugN/jXynATlW15vUWw4SAU+PtC,iv:j74JLjGDGbmN65YfARYisSa20ExBXVPUm+QKU4qk4rw=,tag:UUgthumk2/a4xJ14Ucok+A==,type:str]
+ derp_private_key: ENC[AES256_GCM,data:EMt3RtQzqIY4i5S2S1kK0kxu0wMt3/bBcpaEc3YP0Cmj8F4yZECOaDUYk4dM2QsfmoP84plktAqIrM4MSiY94lQpqRoCvTru,iv:NU/nVFQxBQTou0mf5xvLmlda8hzJfoCRiU1vCgJGyyc=,tag:IEDCDy6ifL+ulYzp7qr3vg==,type:str]
misc:
wireguard: ENC[AES256_GCM,data:zwctPH+ScqRWUD4Jjcu/dTTGwxGl6rCEsp5D4+EfXPEIhECL2vjyTtcy5cM=,iv:yfv6fV5zxAbsVf+veTJYLmAwhJbaqFt89s3jlU+HO2k=,tag:vZldtANCKvMWW5pXRUv+vA==,type:str]
default_password: ENC[AES256_GCM,data:xON6jifcv8k8tKA=,iv:Kk3Ax/GGvCvAbTAhNnlkoNh1BzsrZVptchRuQi+vqhc=,tag:9vYn1Gslr+1pAYdKvwRhnA==,type:str]
@@ -42,7 +48,7 @@ sops:
bGRaOE1Mc3VqVnYyd0xIVGl5ckpqRFkKpT2gTC4lf9HRQNJDykdGjPdfH+V8og7X
XHq1XqIRoRbulZifuZlmzN/RWMPIoBYkXeHfqaMjmTz5HIBcnO/t9g==
-----END AGE ENCRYPTED FILE-----
- lastmodified: "2025-05-25T06:56:01Z"
- mac: ENC[AES256_GCM,data:loRxlNwS3ShMhm5r8J+2lG3xR5t3RWDJzwdQmzE7aaONHxeYAhyq6EF8uBZl9Q81aYw6xnpcyKdS2FqH7cHM2JacBG5QE5Iy/of34SVU92Vo1ar57VfKo7K35Vl5Ybx77LGv1Yn7TIpXGPHlWCDMJ0c1oZokSW9zvThUYnJWXes=,iv:ZBeD1HCrFAUk35nwDBzcUK2rnNSG/fdhftF3To/tqmc=,tag:vPb28lHfT+6KEdSIqXeFig==,type:str]
+ lastmodified: "2025-10-17T02:46:27Z"
+ mac: ENC[AES256_GCM,data:DEFPWr+mjPG7AGmtBLEi1X6JukiMgHCAyp3qxjh9Fn2pgNKGLvsINe+z8eG9oR1wb7It1wFfDd0TN5Z5Jp21DyWt3LNTOCGD2ggfubtePMnctRgLtHcjopJ973ONhJ+UljU7FidbMd6BnGftSrmcx1zRcuZKV5w3yjQ3mlfXBkI=,iv:n6/+FQmQZb10zct997MuwvEhjhBnDbCrvkAvvec01wc=,tag:RA+cPFzbT7VtEkAmNBielQ==,type:str]
unencrypted_suffix: _unencrypted
- version: 3.10.2
+ version: 3.11.0