b6c9fa666d
This commit captures the infrastructure state immediately following the "Post-Tyranny Tech" workshop on January 23rd, 2026. Infrastructure Status: - 13 client servers deployed (white, valk, zwaan, specht, das, uil, vos, haas, wolf, ree, mees, mus, mol, kikker) - Services: Authentik SSO, Nextcloud, Collabora Office, Traefik - Private network architecture with edge NAT gateway - OIDC integration between Authentik and Nextcloud - Automated recovery flows and invitation system - Container update monitoring with Diun - Uptime monitoring with Uptime Kuma Changes include: - Multiple new client host configurations - Network architecture improvements (private IPs + NAT) - DNS management automation - Container update notifications - Email configuration via Mailgun - SSH key generation for all clients - Encrypted secrets for all deployments - Health check and diagnostic scripts Known Issues to Address: - Nextcloud version pinned to v30 (should use 'latest' or v32) - Zitadel references in templates (migrated to Authentik but templates not updated) - Traefik dynamic config has obsolete static routes 🤖 Generated with Claude Code (https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
38 lines
4.7 KiB
YAML
38 lines
4.7 KiB
YAML
#ENC[AES256_GCM,data:RGF9yorvXzWMSWdhscxtn5C964XA+/IkfgE=,iv:yAjY3CrAjNS/JlZbrDdK4OMjfh3uyO0+DPYRW8l7GYY=,tag:xU94y+pyC3/fSF5b5vWMuA==,type:comment]
|
|
#ENC[AES256_GCM,data:yknOZn2UtlVcGsIKrLvRbQlHSbr0alQUrhCgPmR+97NV8D2cm9c=,iv:KYJWVBfNHj2KtSNP0e5eOx2hhakZwfspcP5LUuayQDc=,tag:J3gL8A3HDFOLjmdBpS5DbA==,type:comment]
|
|
#ENC[AES256_GCM,data:fxDy2AK9zP+igk1rxc7GcbxOkE5Zzw==,iv:FUMvH9VwQGLBKB68Wg24bwBYc8dY04hJc6P293Ma31w=,tag:e1GxGh3XW7UPbaUVssxCrw==,type:comment]
|
|
client_name: ENC[AES256_GCM,data:tv1fhY8=,iv:cAMyIDjZsel44lfZip/JlfnKzkbATxYuwW+ByYkG658=,tag:5Pl4Rls+9TrFAYswPPkXRQ==,type:str]
|
|
client_domain: ENC[AES256_GCM,data:p4f90ADNdeycGby7rCcpWCU=,iv:jfRw9oG5Lz0sY5QzXAVdNTnlQOPw/Em4mBviva8nA+M=,tag:L60czr0DNFrHP/K3uDvTuA==,type:str]
|
|
#ENC[AES256_GCM,data:PETVydzmEI8h5wmrpCijpL6DYXM4cIGz,iv:05CjqutrdhemcRwjVUxrXIG1aGYZ0wGvP9bJxPGsZkQ=,tag:coJXV1wr48V87QzfBkvsHw==,type:comment]
|
|
authentik_domain: ENC[AES256_GCM,data:8gQAjxcBeXUOIgY/dWZ7Nl4xXs/IJQ==,iv:0VhKsC3YT/6d6iaX7qag4YWZrnJn2M+eNmAozKo9Ry4=,tag:YNGgRsEIA4wjSCXUPa7iVw==,type:str]
|
|
authentik_db_password: ENC[AES256_GCM,data:lSfuOczTbKp7dGgoxlLR258SNeNMUiYUD3ousLDeC3pTg9bpck6v1E+eBg==,iv:F1/5dRRVwPJ4NrwA3IPDsJtH09Xri1iBUqCCO9xpUs8=,tag:7I5K6FEUgj3XqwX3R8ukaA==,type:str]
|
|
authentik_secret_key: ENC[AES256_GCM,data:+PSgNbtKleEUazMzt5PlhqolZbIntLj5GMGVYkvHoKsDzQ9YuGkN4eelMg==,iv:aHyQUjzEpmBEyGhjfcI/V3lPyVCvAk6R2V6Rig+rVgo=,tag:wobcHSmepivNf7giByLA2A==,type:str]
|
|
#ENC[AES256_GCM,data:cH3ULQzHGDeYR+aa02YI26EaPMag9UfuzK20Y19p44SuVNwhVfXpOdI3Ea/hLck=,iv:iR2lvbQAmwwraZir+7T6uzduWIaI3+2frvg+Rwe0bU4=,tag:v/OSZKMkczloL/++NfCLmA==,type:comment]
|
|
authentik_bootstrap_password: ENC[AES256_GCM,data:V0ua8jW/+jFiwu+VOvPYs4Pu+w1KknfMDdRboNZqDhT6juzvsyvKoM3vhQ==,iv:UZw8o7s0luFTtYkbPfUXPzEoeDcJqb16Atx/TprTT/E=,tag:irl+tNh3DDTyL1PTCCSzkA==,type:str]
|
|
authentik_bootstrap_token: ENC[AES256_GCM,data:otHKwk1LhsMH0gBo69VYwYBB4Oqkp3ZJcWHt54iuQvF2OV1O9a5R8kpLJgSlqw==,iv:OaVW9c2XQJUNUIZTceUQXlA/+RnQbDEHIkAiPzNl+ss=,tag:V9pwQKQkSMOReGHJVrqV0Q==,type:str]
|
|
authentik_bootstrap_email: ENC[AES256_GCM,data:CWlZIVwBxqE2RBTiGcIG1dujQgTCCis=,iv:lYb6yppkFGK/PANeCXY9+4ZLQ6cU9zL6YYMYza9SKeg=,tag:NAssJMYH+ErEIlHxKnBaog==,type:str]
|
|
#ENC[AES256_GCM,data:0tDLV9dubxl47Q1YVkxpkCHI6Lw7xp7T,iv:GJutMJoIbN5aLo5kDSo68gPdGumBHPugXbdmNGSXgU0=,tag:/75Whr9APJ4b+f7L/iOAbA==,type:comment]
|
|
nextcloud_domain: ENC[AES256_GCM,data:BG34MrxgOWpIrMZf23nTpN9DumSJ0hsUYFRZ,iv:NX8oFSOnUwB4Z8bTDgNnkFnoDW+QpOuvb6ytysgiZmA=,tag:a6JxQD1p2VqR1NMATXFanw==,type:str]
|
|
nextcloud_admin_user: ENC[AES256_GCM,data:p6HrBkc=,iv:xWDx2c3w4Jbd68ZoR6coAefZUT4PVxiRMJ8Csr645H8=,tag:SAcYI4Nzs0Uo9HVRdwYeEw==,type:str]
|
|
nextcloud_admin_password: ENC[AES256_GCM,data:lpn91mx/I4IU9pdQ7Vn+m9z3YZIMW0h5DcY1+z5xXG87wpa0mukNQxrm/A==,iv:GQLesAS3xUMkYkPt3OpLsLxXbvcU4FMwVWbK4vmKlCg=,tag:PhTVeiQY2jKiVVjzVcEpSg==,type:str]
|
|
nextcloud_db_password: ENC[AES256_GCM,data:wienpLg+QkUbqazEfhosFqFH32eVSecef+NkBSJ/Xk8JbKxw9eU45S9IfA==,iv:74DE8BD01YaFj7MytjpCdfcks6iFvBIqm3hXZSHYBME=,tag:A7D6nbnG6ReT8sK8mS33Ug==,type:str]
|
|
nextcloud_db_root_password: ENC[AES256_GCM,data:f4xjVOiU/wdNifENTGDQeCBFY43056ktFzOvzicT3YbUdUl0tgnwUcM1BQ==,iv:Ch1b1JbvI0plSV1mB9To21pWgwAD8E1Wyicra47GGWs=,tag:/yQ21BTxhTRnhsyK5euUSg==,type:str]
|
|
#ENC[AES256_GCM,data:2AQKUKlnbjUXv7aCvvGoEYy5+xRiVhB6POOh+pE=,iv:jLo1cdid+6JU5+/XDb1EnrUIWMjs9+Fp/Gwn5Iq45e4=,tag:JMdlj6PbOnO6Q3UJgCGMiA==,type:comment]
|
|
redis_password: ENC[AES256_GCM,data:oUlYFaptttsMM3rpfVveXuahz1ygBcKx1IV+uaCmcqPD34BiINVnC9E3xA==,iv:0nC/b42Oub2Qj7bHQRbOUy3oRsptAnVxaf7l9Q4ZOsk=,tag:PPF2LqXuVyYpkn09sMTRMw==,type:str]
|
|
#ENC[AES256_GCM,data:7tSQD98CIC203QnJG5fG6ukCwuvIwQ4Pn3hocW2DA/d3hyck,iv:kGXiuxJ3WczmmGqw2MM4BUnP6wzYXJJlUqVt3hA81Mo=,tag:9tNp35S/A7J+y5wy2k4ykQ==,type:comment]
|
|
collabora_admin_password: ENC[AES256_GCM,data:Wf/fuet2JGCv9Ise7lT8c/i+VVyUp1jJcy1PEafuDcJ6+usuHJeEr+Is3Q==,iv:8B5LOtypt3Q+KDjIBhAnbBa73VKOsJLjbvyUorZZPH4=,tag:YNeOP5USNDe1fW6/DIKUOQ==,type:str]
|
|
sops:
|
|
age:
|
|
- recipient: age170jqy5pg6z62kevadqyxxekw8ryf3e394zaquw0nhs9ae3v9wd6qq2hxnk
|
|
enc: |
|
|
-----BEGIN AGE ENCRYPTED FILE-----
|
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAyQkJGRWJnVi9aMmZhWjFX
|
|
ODBrcWVweUJ4NjA2S2dHQkgvWnk4NUZvOFFBCjlPUkY1VnJnT1NnTEoxRTZZVmky
|
|
dXR0QjFsY2MwQVJoZnoxRytZTmpxejgKLS0tIGJKRk40dUNjRmlrMHg0eWw2VkZa
|
|
WFNzNjZIRzBIQVdBZnVzcnowVkFLc2cK2FMHZPwcaEopR/wTqbhToPABRGNAr5qI
|
|
KA5rlTPAeLWmZtr/3LtvlR4IcMwdJY9guwkjWwV6elp5lZ6SE/sKnQ==
|
|
-----END AGE ENCRYPTED FILE-----
|
|
lastmodified: "2026-01-22T10:05:00Z"
|
|
mac: ENC[AES256_GCM,data:p02A5wX3cvycCJiFLjPPnhMMTPHp6Ceo6NJwTjSNkIbEPKTZ494dFILRuD3jU5mmmplQ+uKosIgd0SBPXwvog6Wca7Ftfl1s98feodxunLtz0+A47AemmVxrCqKxdBa+OG26PRLj5j5K9eWHu6nzSiHA4tnWeyx/Lose3J70g30=,iv:ygy4Fjo4GPnZMQ6rVDLyeGE03hYq6n2U6zKamDTlnD0=,tag:IR2xLsR/KxxwC8kUEAfZZA==,type:str]
|
|
unencrypted_suffix: _unencrypted
|
|
version: 3.11.0
|