b6c9fa666d
This commit captures the infrastructure state immediately following the "Post-Tyranny Tech" workshop on January 23rd, 2026. Infrastructure Status: - 13 client servers deployed (white, valk, zwaan, specht, das, uil, vos, haas, wolf, ree, mees, mus, mol, kikker) - Services: Authentik SSO, Nextcloud, Collabora Office, Traefik - Private network architecture with edge NAT gateway - OIDC integration between Authentik and Nextcloud - Automated recovery flows and invitation system - Container update monitoring with Diun - Uptime monitoring with Uptime Kuma Changes include: - Multiple new client host configurations - Network architecture improvements (private IPs + NAT) - DNS management automation - Container update notifications - Email configuration via Mailgun - SSH key generation for all clients - Encrypted secrets for all deployments - Health check and diagnostic scripts Known Issues to Address: - Nextcloud version pinned to v30 (should use 'latest' or v32) - Zitadel references in templates (migrated to Authentik but templates not updated) - Traefik dynamic config has obsolete static routes 🤖 Generated with Claude Code (https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
38 lines
4.7 KiB
YAML
38 lines
4.7 KiB
YAML
#ENC[AES256_GCM,data:0u28ehaNftLzef/Ge203EtpREQG4w5kU,iv:uowORCiPGmtOa56MNO5cKaQsmsom3foNlQnmwctgw0U=,tag:19iE53kteSZ9Q09PYh4ykw==,type:comment]
|
|
#ENC[AES256_GCM,data:wWjTifXRNQ25dM+k4W8cMyolIMQ+zphKe2AYiMuEVyIBd2Evdv4=,iv:Q6/LgZNSv3tee2FcHXUZ1wIvSR25aoiqg7BAyWgWTKI=,tag:p5LuG2OMb3hoYPgK+ab7mQ==,type:comment]
|
|
#ENC[AES256_GCM,data:RjmOnfVrJ/8xJZaTlN6OGobGGACNZQ==,iv:4FBY1WOfonv5WfKATTuZkEsqYPicM1zcX8qWu+lTk0Q=,tag:I025riqowW5FKUezBm0GZA==,type:comment]
|
|
client_name: ENC[AES256_GCM,data:b03e,iv:In6iivcJ24tpfG9N34qsCOazY9H8Elg6QIou+om14CI=,tag:fplhvM7ExqVZCBHT1wcOKA==,type:str]
|
|
client_domain: ENC[AES256_GCM,data:pDlhbKxvHqbSG9cwDXGk,iv:Yn62cKh+Xq2yCzLMS+FjsXjbzvGKMruY/vdmjlr5q/k=,tag:fsJ/jJF6NAvIXRzBLg0mvQ==,type:str]
|
|
#ENC[AES256_GCM,data:icjtWREHoSAGN5rPbdL4j1XPeMZuzEoS,iv:sIuJcsE+rO0sZ5qhdNK6PGxtErrv2bm2HCi48P5FQKQ=,tag:P5plYgUPY9LNOQhpux6fSg==,type:comment]
|
|
authentik_domain: ENC[AES256_GCM,data:QMwZmfUeW1nYDppRFWBu6JhJLDM=,iv:RlLkkWYK+AfwhfPScek67Ba+T0JF5cebPZbC1hNcrrk=,tag:3b45Z6WflSMtJw/wpcPPbw==,type:str]
|
|
authentik_db_password: ENC[AES256_GCM,data:/P3gQbozHLINd3KQJA/0u8MhUqhMcz6MOoLVH31X6cwmGv2q3y6KeBA8gg==,iv:stKEPGqH4EMc3h3afSX2pP3dEos3H8+mJ9o1LSF224k=,tag:7XtR6fRYfqJ4veuUlpK/vg==,type:str]
|
|
authentik_secret_key: ENC[AES256_GCM,data:/1LY8xqI9A5Et20mkY3X2y4o6d+ka7/vqNSxQS2PJ5LAMTAEt9qbX2rr1g==,iv:v93bXYDwvXgifMLngG25qDaXPR690LWeQjkTf0fqNuw=,tag:0JYsyKSJFYWAHYawDybfGQ==,type:str]
|
|
#ENC[AES256_GCM,data:Mw3fsLyDrw39Q2OWiyrtEdls8ub5fTWEqVmGeLTg0qkpvzsrgWRW/GiPW7SYbKU=,iv:qHqh5k1N/GaxbTJYRvPZm4RfYc0MVNDXdI7skEBBqvg=,tag:tQ3OQyNLoBymibw59GG+VA==,type:comment]
|
|
authentik_bootstrap_password: ENC[AES256_GCM,data:RDvAMIvOYmxbwxSjb+kXqmh8GU1sSA6KHqSh8UecjB1k7F5auXN6O8ETfw==,iv:S6DC4/UTMRy/NwhnT641q+ary4638hdLPSJ2duivgZ0=,tag:8etXMMBlgVz8pM0trndyOg==,type:str]
|
|
authentik_bootstrap_token: ENC[AES256_GCM,data:m467HmEab1OSqAzw8Yi9rcL3lRkJJW82k6nYlFiXj7UOgutJtT4BxUaSfMdUxA==,iv:8bi5CITxJK8Mgr0iSB3aD5I1Wm1+c/SL9GrBKKTIqdA=,tag:IhRleBBgg6C7ARgPwnZNcQ==,type:str]
|
|
authentik_bootstrap_email: ENC[AES256_GCM,data:m0sZisLNP774T6ytCwhO3c699wy7,iv:06/kldGACKC/DuSf6hO+r2IgCIJiP+qEKBiJcWCNC2Q=,tag:JRwxkhuDLOU2sMw1cT1c4w==,type:str]
|
|
#ENC[AES256_GCM,data:klnql0MQeS1KXd/3VjVW4WRjSl5yg9Kf,iv:+v30PZBWQVnFEeeQI2InGf9kH5tvzgZnD5JCOyBnEHo=,tag:UHNaI7WU6PhzhkXkHTYtvA==,type:comment]
|
|
nextcloud_domain: ENC[AES256_GCM,data:mN0xoqcpE6tH8UxKPmEaO8zw/qlJRBSpvA==,iv:myiAX/cbkEuyIUcOW2jOrIuO5E931bLi6orxUwUdwzY=,tag:Rd87OGiH0HBc/dFBvvXhOg==,type:str]
|
|
nextcloud_admin_user: ENC[AES256_GCM,data:uscegTQ=,iv:vK0tQIFNQZ1onK70GEy23VDfh7zcofxwyjJXEg8uY6I=,tag:wwna86Sx35Cc6QIMehfDPw==,type:str]
|
|
nextcloud_admin_password: ENC[AES256_GCM,data:SC7jJfHvbaqynl30IdJ0wjy1Jf37eLab1VBJI6p0w1aT35EA+GCAA8HmzA==,iv:PwYkMhyHuZpiRqN53BOMFSBBUBM2mMfTVOOatNTWB1c=,tag:hnI9EUmZ9vI9w7bCT3bFyg==,type:str]
|
|
nextcloud_db_password: ENC[AES256_GCM,data:CLpONcvumICrvxk39UK4ev7wneE70DPUoqx9Gl2N1/A1M3oOYexVbivFAA==,iv:hWgXELPBooRql5wp3O09OluTn2KBfTL98XNnNyiIfLE=,tag:2o80+vU71xtPm5MI6hlUaA==,type:str]
|
|
nextcloud_db_root_password: ENC[AES256_GCM,data:UH4PKHcvfqbp55I8Ru2AtkQDXP+CJpaY156QjO24n6GbIXGT16G0aKN6bQ==,iv:3YKqu61Mdhy/Q2jfK+bItcRx0YFIB+HYpUgpNkXwlMY=,tag:GsQBfVfwJNufY/jY7oDPpA==,type:str]
|
|
#ENC[AES256_GCM,data:zqxETKX7LgG6yCW8n/MUvBf80DeszYo+3TH0HVw=,iv:w+Ymv0DKrE/aPYmGsbCPIhrmauNAlDMTGQqQM7HZrVM=,tag:2wYvCPs5xeerRRpfc5f1UA==,type:comment]
|
|
redis_password: ENC[AES256_GCM,data:9QjDXsOtQDylRyvzu+6KaWxV53BuPqUOIIF10YygBvaSvtTjc6MvROqltQ==,iv:DDPKUOwz0DLnE7tHHx51SV++Upmc7isgKNvx9fKBTIA=,tag:7ieGACSPG+FiiWqUB5UDXw==,type:str]
|
|
#ENC[AES256_GCM,data:Dw9sxUT5diW1LvGQ/VRkPIfv2KMIoCjlsdYGtr1cU51FCRqx,iv:QDf/zXCB8qIvwRAQM9od6Ger8lyXZPDorZXb/Xg+8KY=,tag:dO/1SxL3fpLWnsEtA0xNYQ==,type:comment]
|
|
collabora_admin_password: ENC[AES256_GCM,data:QfjXR22OLAcPewDSDKKRxYXiouzBJ3pTTB8usKq0mEOLOCkzrFR49eWvXw==,iv:BpYApcb6quYdUZ2BxIRJmY5lJK++tQ/PxSOgiIJSDjM=,tag:FQBc+HyTzOyVDYTFsvHVnQ==,type:str]
|
|
sops:
|
|
age:
|
|
- recipient: age170jqy5pg6z62kevadqyxxekw8ryf3e394zaquw0nhs9ae3v9wd6qq2hxnk
|
|
enc: |
|
|
-----BEGIN AGE ENCRYPTED FILE-----
|
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2ekhQVmprdjlER1g3NGFU
|
|
d3pZWk1XbTZXM051N2t5Z2RLem8yVVM3ZUhvCkFrYWF0cW9XbURpQ2VKaDhuelRh
|
|
R28wNGVlTndzcGlHa211NWxFRnBVd2MKLS0tIGhRNmkxanBndjNxTWt1bGRIaHJr
|
|
NFU1eU51MkNDOU5jbnFSbXVYU2cyQTQKxGGn9gHuxY+1L07Ouq22dvZMjF6uLUFI
|
|
GxlyXcV9Eyrz7AI+tliNf8XWULsixcGQ4wAzvAYOoT8JZ8CiWFd7LA==
|
|
-----END AGE ENCRYPTED FILE-----
|
|
lastmodified: "2026-01-20T19:27:02Z"
|
|
mac: ENC[AES256_GCM,data:qwucrhsdG8HKhyDn9H788SVX376oAyLmViVSr9zL8ffCjDNH620JSkHhF7xzeN2O3/eDqwjSbCukABEiQNV91LZjSHD8fibWvzldPGqxaR2cm/zt7gM995Iu/HnGq2QVBnWfNHey3eGYTtxXZ5zvQ3EUjNw/rbEEFvSb/V2okSA=,iv:RFKkAIhLHyF2Nv643YT52vloT4erDkpXbuEwrPA/nPo=,tag:F5PQaOhz02WZoVJhf4Ryxg==,type:str]
|
|
unencrypted_suffix: _unencrypted
|
|
version: 3.11.0
|