b6c9fa666d
This commit captures the infrastructure state immediately following the "Post-Tyranny Tech" workshop on January 23rd, 2026. Infrastructure Status: - 13 client servers deployed (white, valk, zwaan, specht, das, uil, vos, haas, wolf, ree, mees, mus, mol, kikker) - Services: Authentik SSO, Nextcloud, Collabora Office, Traefik - Private network architecture with edge NAT gateway - OIDC integration between Authentik and Nextcloud - Automated recovery flows and invitation system - Container update monitoring with Diun - Uptime monitoring with Uptime Kuma Changes include: - Multiple new client host configurations - Network architecture improvements (private IPs + NAT) - DNS management automation - Container update notifications - Email configuration via Mailgun - SSH key generation for all clients - Encrypted secrets for all deployments - Health check and diagnostic scripts Known Issues to Address: - Nextcloud version pinned to v30 (should use 'latest' or v32) - Zitadel references in templates (migrated to Authentik but templates not updated) - Traefik dynamic config has obsolete static routes 🤖 Generated with Claude Code (https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
38 lines
4.7 KiB
YAML
38 lines
4.7 KiB
YAML
#ENC[AES256_GCM,data:263AsaFnsT/v03J3dTnRU9reOdPrqBK+Eg==,iv:ihmZCQ8KnKc/qwa34pr/JOj42tceourqSkirLVOlg+U=,tag:1otLg1EwXYv7/EcE197WDA==,type:comment]
|
|
#ENC[AES256_GCM,data:6NozW8S6KxeV87FehIpl1qNRpKsdl/lg36chh3egDk2sWn4iNhY=,iv:QwVCpWyFTUpPXf57OdcCqajRmLdXOlNbCoPgEU+7EH4=,tag:yFyiWe5/OI5m/AI5rs6yLw==,type:comment]
|
|
#ENC[AES256_GCM,data:jlKWnfCv+u//hfMa/8L3YlUCoyBjwg==,iv:NxvrTJ/lVlJK/JnWXTY/4OhQ9rzjZmQWTWoMDUy9kPA=,tag:T5rIeC1ZmBDxNiA3SG6jdw==,type:comment]
|
|
client_name: ENC[AES256_GCM,data:Go1JEQ==,iv:3P3tHtfLbc+DspwK1SVrNyHExioefaVbfA7yXATHHpI=,tag:KY+W2M+pi/xYc7i/5Hb3Cg==,type:str]
|
|
client_domain: ENC[AES256_GCM,data:/0tEausGEs9gdL+ZOkRsFg==,iv:iCqkzpRmxzq1O7J8k2GWxocCsJmpkF/lgHHFBS42Evw=,tag:E/Z8URfOFNLx2NGVkbTcEQ==,type:str]
|
|
#ENC[AES256_GCM,data:Q4cIm4NebGcflGee+HZZgEX7/OyuwtAp,iv:Gb92l3hzk7e5GQscDwoDBi9YBdhZvOtmrTaRErScYqA=,tag:IEqwdyE6j4u0uGK26hei5g==,type:comment]
|
|
authentik_domain: ENC[AES256_GCM,data:jEkOfeF+FQn14QdYfprDFO3FyL5N,iv:LZ7knjGqqBGyKBTRqzSlFI3da2nRujGY/+B9Uyw+ga8=,tag:hx98SqLo3oz/V5BQ220YKg==,type:str]
|
|
authentik_db_password: ENC[AES256_GCM,data:jBQTmw7unol2VNI5HHPm6ac8zEaN4gFJpof00JMOr2hg/BKGErnWNYRlNg==,iv:kF/L2gqncz/yHK6v0Mz1/SsiyG1upMG8DeIKWYj0o1w=,tag:WBvL687LuSsdhnkDCCEonQ==,type:str]
|
|
authentik_secret_key: ENC[AES256_GCM,data:pY5wvfM8dMYRzNSlwU4vfMSKOxEqJm2IEXsfCHjFtA47/7Ltj31NApee8Q==,iv:XWUacJqrDgutuT6hTtgxEvfhWucQnP5vdce9puzhb64=,tag:y7Hey6dwt/9+VcgMbNxvew==,type:str]
|
|
#ENC[AES256_GCM,data:5ucGhUZv2qjbYwI5o8rG1/8gqOX5x0Scip3+/T2EVyH87J+lxYKn4vK6jhCDJY8=,iv:Fff+f7SlljApCvryzqS/9aAQoKCyA5AbWqBNZ01MAls=,tag:rjK2ivHO3u1OVXRwoZOwBw==,type:comment]
|
|
authentik_bootstrap_password: ENC[AES256_GCM,data:VwxTylvuPqL/H4ad+Nr85NxCCgvEhAeC3/xa4RZt0vZ/7RMcSkXECIusng==,iv:3a5cvPXP+4wVKsRuOUxepv9idK03qknHPoiGYT4JYNc=,tag:DWacaePwtEiBlcARzXXGbA==,type:str]
|
|
authentik_bootstrap_token: ENC[AES256_GCM,data:WRwF8eAyMFaHbCIC7us8KfDZ8FUErkj+OUsyAJziIETC0YPIFOyG8v4nM7MFRg==,iv:RtfGnGWhXDUHWc77tyEbpini6wlD4Zr/FuMfB/Exf3Q=,tag:GZQunFQynvG49FC979FNng==,type:str]
|
|
authentik_bootstrap_email: ENC[AES256_GCM,data:a5opY+7AVaGZ7DJR3jhxdGk3hODH6w==,iv:Ea1CRC45PEStquXv7W2M/WgQPnBNlTq5qh1K5ZwG9CI=,tag:VBNh/xVnIYY98Z53CvU7VQ==,type:str]
|
|
#ENC[AES256_GCM,data:uJ4wPND6Cg+f0gOnx+a8K88RNrvGxszl,iv:s5NEVK+9buT2607GdGE7hO2EQnEFEGhMABtBC6QVuLg=,tag:DPDxu0IKwxJzUqsr3w8zag==,type:comment]
|
|
nextcloud_domain: ENC[AES256_GCM,data:Qit+lD3CB8NrM1JsQtqdC8XBMwS1dsQD7Hk=,iv:p0WFFJpgXeIkBB19o7jJvONEuF8C9i0Q5L+sF+vKu8Y=,tag:8SmnbpSF3euICD55M01bdQ==,type:str]
|
|
nextcloud_admin_user: ENC[AES256_GCM,data:EbRJDQQ=,iv:t077WeC7X88/XnoMP+xKSiCG6a3KWftjcwS3lKDxFfc=,tag:ZhFL5eJ7iH1Ka8lawa5tPg==,type:str]
|
|
nextcloud_admin_password: ENC[AES256_GCM,data:D1lsP/cOUC13sps8kmRlvazq7lkOMzHv/AvxKRmdlUsEOUC+vaHjl7HKjA==,iv:DHqxqin2dw2OJ5KAWNcCThPJanZd2S+cDNJhfw/trCs=,tag:X0BBH2arW2nsWxHdT9F33g==,type:str]
|
|
nextcloud_db_password: ENC[AES256_GCM,data:USgbbNviB76dpGdKfrlT5FJo8NJWs6TDZ1V3HtvBajlaHOVHrg7HZ/ciBw==,iv:5jg7hiZsEtu7D3eoNzzeOEX8/ISMDlIosquh/cnfh/M=,tag:t8yv/jPMtIePgQ6guklE1g==,type:str]
|
|
nextcloud_db_root_password: ENC[AES256_GCM,data:pliuG8kF3nhvUfTuXBnTZ8SEn+NcdiMMFYaicCpeSL5b664YWsYA6b9O2w==,iv:8C2ecJUZg4a0Va08cDvelptN3RObL7qpwqunwkFt7As=,tag:1fBz3hrP0wAVtjuq/I2fAw==,type:str]
|
|
#ENC[AES256_GCM,data:FDhOFTZd5ODvp/k/7LwJEbSTgmQB4y0C3Dh0UQw=,iv:kryzQXpKS38QCrxVThG3IHV+96+5q2twNRn4NGipSdo=,tag:ZxByg7mBnHlJ0naR/6ZVAA==,type:comment]
|
|
redis_password: ENC[AES256_GCM,data:ShoUwNalboMrmEvmnthtCHjUZerRzzS5L2tVkW35S9jEExZaSZSUwfcPLw==,iv:TwDLqrgzRDhuwos3wnyNXA3PmJeEAfquwj3Z+F9qM40=,tag:St6MUoT7tymgjkefx6mB6A==,type:str]
|
|
#ENC[AES256_GCM,data:PIlcwi0CYHxJ+2gWR3h8ZeE4LaKUUtAk1E8ERu9b3mq7/jZa,iv:HKO5hKbieTF2P2w3BFYx4WLJ/81stbLYwj/sSa2UvX4=,tag:YFxA45XUC3+zrvgwUFg4kw==,type:comment]
|
|
collabora_admin_password: ENC[AES256_GCM,data:DFpT4PXQeQXZzTygONz5Sbi8Qfj+yBkvTf9cnje1EbLwizITA4mnyyXaFw==,iv:PvA3FhLoJEwQrC5jr0koqkcxlYpjBBLINjiIKgf05MY=,tag:b0kfuU077mOwlRb98YSoFA==,type:str]
|
|
sops:
|
|
age:
|
|
- recipient: age170jqy5pg6z62kevadqyxxekw8ryf3e394zaquw0nhs9ae3v9wd6qq2hxnk
|
|
enc: |
|
|
-----BEGIN AGE ENCRYPTED FILE-----
|
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB2SFZxckxOL0JMRzhFYVZV
|
|
bmRiV0dmeU9XUHdtYVlObHJKRjRZaGs3K3lFCmZ6NEFSTlRSTmRCUkJSTFFEZllj
|
|
WjBlMGxWZzhLazFRczdkMnhHZ1l6SEkKLS0tIDljaWZnaGxzYXU2NVM2U2lpU1dH
|
|
VVZXNVhkTW1xRFgvTmJQM09oRDRJV3cK7ZO0tK0+KTovKYqW5AW0hhk7NxNVi9o8
|
|
UAqmY2X1vAV1ekHryLRZtdQ9CpQh6Pc/8D6aGg79ZbHxPMeUBdPf/g==
|
|
-----END AGE ENCRYPTED FILE-----
|
|
lastmodified: "2026-01-21T06:50:20Z"
|
|
mac: ENC[AES256_GCM,data:iTRh6UXx/EeR/2ZrcUoIvujPt8cVlKEEuSO3x9miMEquZsNTnp8RIXoDETSmNpheXx7gG2jXOvgBbo/Bj52p45/Wo42TgmJGEo7tMExAfDKrx4JZAQqNO7SOGt3Vo8xQ05M6edfsbzAnke7Iz7T41065RYgl8L5qqFdGASAb8Po=,iv:JwIxfaG2nzWy8uRxsz5/b8bdv5HyUCkB9FsVep8EUjU=,tag:FapmKA3FwOOxNe0Diet56Q==,type:str]
|
|
unencrypted_suffix: _unencrypted
|
|
version: 3.11.0
|