b6c9fa666d
This commit captures the infrastructure state immediately following the "Post-Tyranny Tech" workshop on January 23rd, 2026. Infrastructure Status: - 13 client servers deployed (white, valk, zwaan, specht, das, uil, vos, haas, wolf, ree, mees, mus, mol, kikker) - Services: Authentik SSO, Nextcloud, Collabora Office, Traefik - Private network architecture with edge NAT gateway - OIDC integration between Authentik and Nextcloud - Automated recovery flows and invitation system - Container update monitoring with Diun - Uptime monitoring with Uptime Kuma Changes include: - Multiple new client host configurations - Network architecture improvements (private IPs + NAT) - DNS management automation - Container update notifications - Email configuration via Mailgun - SSH key generation for all clients - Encrypted secrets for all deployments - Health check and diagnostic scripts Known Issues to Address: - Nextcloud version pinned to v30 (should use 'latest' or v32) - Zitadel references in templates (migrated to Authentik but templates not updated) - Traefik dynamic config has obsolete static routes 🤖 Generated with Claude Code (https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
38 lines
4.7 KiB
YAML
38 lines
4.7 KiB
YAML
#ENC[AES256_GCM,data:7JUvIjolKk0K4LX1Ruum6SLciqyHyybfTQ4=,iv:MNU2x5ACjpm/QJlGjBD6a6LJFtD219uTWHFKmr9IfQk=,tag:CVItmHXurNofeg9w+haFog==,type:comment]
|
|
#ENC[AES256_GCM,data:wWjTifXRNQ25dM+k4W8cMyolIMQ+zphKe2AYiMuEVyIBd2Evdv4=,iv:Q6/LgZNSv3tee2FcHXUZ1wIvSR25aoiqg7BAyWgWTKI=,tag:p5LuG2OMb3hoYPgK+ab7mQ==,type:comment]
|
|
#ENC[AES256_GCM,data:RjmOnfVrJ/8xJZaTlN6OGobGGACNZQ==,iv:4FBY1WOfonv5WfKATTuZkEsqYPicM1zcX8qWu+lTk0Q=,tag:I025riqowW5FKUezBm0GZA==,type:comment]
|
|
client_name: ENC[AES256_GCM,data:W0Bh0eE=,iv:VKQcOSHp5N9JH6eJoow3pXwcWU1eWGcbThQFocrayWQ=,tag:M4E+gRivJQbrjd0/bQNudw==,type:str]
|
|
client_domain: ENC[AES256_GCM,data:Nqo8XlNOqHv8LkhRby06fUY=,iv:hfQYcKPm+btkwdenIPEX2TIXsPVGnWQiCY81aaduBks=,tag:GiHBboDci/99P8QHS7/PbA==,type:str]
|
|
#ENC[AES256_GCM,data:icjtWREHoSAGN5rPbdL4j1XPeMZuzEoS,iv:sIuJcsE+rO0sZ5qhdNK6PGxtErrv2bm2HCi48P5FQKQ=,tag:P5plYgUPY9LNOQhpux6fSg==,type:comment]
|
|
authentik_domain: ENC[AES256_GCM,data:W/R65b//HiDwPhxYXEKR4Fxi+rJtRw==,iv:mr9cs4LR/aA/7bJdO68WI+sKvzvy80RTCvmU66Cvzg8=,tag:DDKCjeyc2kC5Mval69f6OA==,type:str]
|
|
authentik_db_password: ENC[AES256_GCM,data:/P3gQbozHLINd3KQJA/0u8MhUqhMcz6MOoLVH31X6cwmGv2q3y6KeBA8gg==,iv:stKEPGqH4EMc3h3afSX2pP3dEos3H8+mJ9o1LSF224k=,tag:7XtR6fRYfqJ4veuUlpK/vg==,type:str]
|
|
authentik_secret_key: ENC[AES256_GCM,data:/1LY8xqI9A5Et20mkY3X2y4o6d+ka7/vqNSxQS2PJ5LAMTAEt9qbX2rr1g==,iv:v93bXYDwvXgifMLngG25qDaXPR690LWeQjkTf0fqNuw=,tag:0JYsyKSJFYWAHYawDybfGQ==,type:str]
|
|
#ENC[AES256_GCM,data:Mw3fsLyDrw39Q2OWiyrtEdls8ub5fTWEqVmGeLTg0qkpvzsrgWRW/GiPW7SYbKU=,iv:qHqh5k1N/GaxbTJYRvPZm4RfYc0MVNDXdI7skEBBqvg=,tag:tQ3OQyNLoBymibw59GG+VA==,type:comment]
|
|
authentik_bootstrap_password: ENC[AES256_GCM,data:RDvAMIvOYmxbwxSjb+kXqmh8GU1sSA6KHqSh8UecjB1k7F5auXN6O8ETfw==,iv:S6DC4/UTMRy/NwhnT641q+ary4638hdLPSJ2duivgZ0=,tag:8etXMMBlgVz8pM0trndyOg==,type:str]
|
|
authentik_bootstrap_token: ENC[AES256_GCM,data:m467HmEab1OSqAzw8Yi9rcL3lRkJJW82k6nYlFiXj7UOgutJtT4BxUaSfMdUxA==,iv:8bi5CITxJK8Mgr0iSB3aD5I1Wm1+c/SL9GrBKKTIqdA=,tag:IhRleBBgg6C7ARgPwnZNcQ==,type:str]
|
|
authentik_bootstrap_email: ENC[AES256_GCM,data:wsXyTCeS7jJQQ8vkAC7AKjDr6cna4ac=,iv:Jkq17JmmSIPcnLK0SuJ1ErUUGi5Z136GQmR9VfdFCi8=,tag:NjReOWjfRxSsIbWzrrltxA==,type:str]
|
|
#ENC[AES256_GCM,data:klnql0MQeS1KXd/3VjVW4WRjSl5yg9Kf,iv:+v30PZBWQVnFEeeQI2InGf9kH5tvzgZnD5JCOyBnEHo=,tag:UHNaI7WU6PhzhkXkHTYtvA==,type:comment]
|
|
nextcloud_domain: ENC[AES256_GCM,data:ZxuLrS+XqzdLVtnFRQNv/KgN5gZWAFHGqz0m,iv:isE7Bp945CPVgoeI0mKngpTlRUTItLX2HIxSCfJ5T6Q=,tag:6p26HFeNmKU/EzNpQd0yhA==,type:str]
|
|
nextcloud_admin_user: ENC[AES256_GCM,data:uscegTQ=,iv:vK0tQIFNQZ1onK70GEy23VDfh7zcofxwyjJXEg8uY6I=,tag:wwna86Sx35Cc6QIMehfDPw==,type:str]
|
|
nextcloud_admin_password: ENC[AES256_GCM,data:SC7jJfHvbaqynl30IdJ0wjy1Jf37eLab1VBJI6p0w1aT35EA+GCAA8HmzA==,iv:PwYkMhyHuZpiRqN53BOMFSBBUBM2mMfTVOOatNTWB1c=,tag:hnI9EUmZ9vI9w7bCT3bFyg==,type:str]
|
|
nextcloud_db_password: ENC[AES256_GCM,data:CLpONcvumICrvxk39UK4ev7wneE70DPUoqx9Gl2N1/A1M3oOYexVbivFAA==,iv:hWgXELPBooRql5wp3O09OluTn2KBfTL98XNnNyiIfLE=,tag:2o80+vU71xtPm5MI6hlUaA==,type:str]
|
|
nextcloud_db_root_password: ENC[AES256_GCM,data:UH4PKHcvfqbp55I8Ru2AtkQDXP+CJpaY156QjO24n6GbIXGT16G0aKN6bQ==,iv:3YKqu61Mdhy/Q2jfK+bItcRx0YFIB+HYpUgpNkXwlMY=,tag:GsQBfVfwJNufY/jY7oDPpA==,type:str]
|
|
#ENC[AES256_GCM,data:zqxETKX7LgG6yCW8n/MUvBf80DeszYo+3TH0HVw=,iv:w+Ymv0DKrE/aPYmGsbCPIhrmauNAlDMTGQqQM7HZrVM=,tag:2wYvCPs5xeerRRpfc5f1UA==,type:comment]
|
|
redis_password: ENC[AES256_GCM,data:9QjDXsOtQDylRyvzu+6KaWxV53BuPqUOIIF10YygBvaSvtTjc6MvROqltQ==,iv:DDPKUOwz0DLnE7tHHx51SV++Upmc7isgKNvx9fKBTIA=,tag:7ieGACSPG+FiiWqUB5UDXw==,type:str]
|
|
#ENC[AES256_GCM,data:Dw9sxUT5diW1LvGQ/VRkPIfv2KMIoCjlsdYGtr1cU51FCRqx,iv:QDf/zXCB8qIvwRAQM9od6Ger8lyXZPDorZXb/Xg+8KY=,tag:dO/1SxL3fpLWnsEtA0xNYQ==,type:comment]
|
|
collabora_admin_password: ENC[AES256_GCM,data:QfjXR22OLAcPewDSDKKRxYXiouzBJ3pTTB8usKq0mEOLOCkzrFR49eWvXw==,iv:BpYApcb6quYdUZ2BxIRJmY5lJK++tQ/PxSOgiIJSDjM=,tag:FQBc+HyTzOyVDYTFsvHVnQ==,type:str]
|
|
sops:
|
|
age:
|
|
- recipient: age170jqy5pg6z62kevadqyxxekw8ryf3e394zaquw0nhs9ae3v9wd6qq2hxnk
|
|
enc: |
|
|
-----BEGIN AGE ENCRYPTED FILE-----
|
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2ekhQVmprdjlER1g3NGFU
|
|
d3pZWk1XbTZXM051N2t5Z2RLem8yVVM3ZUhvCkFrYWF0cW9XbURpQ2VKaDhuelRh
|
|
R28wNGVlTndzcGlHa211NWxFRnBVd2MKLS0tIGhRNmkxanBndjNxTWt1bGRIaHJr
|
|
NFU1eU51MkNDOU5jbnFSbXVYU2cyQTQKxGGn9gHuxY+1L07Ouq22dvZMjF6uLUFI
|
|
GxlyXcV9Eyrz7AI+tliNf8XWULsixcGQ4wAzvAYOoT8JZ8CiWFd7LA==
|
|
-----END AGE ENCRYPTED FILE-----
|
|
lastmodified: "2026-01-22T09:44:44Z"
|
|
mac: ENC[AES256_GCM,data:iN71AD8G36b2VOTg5l2xyIwXqkPx7Mq5QoOtslug2OLzTSBz/h0RNZv3UtGXi+Au83IVLeAEJ0gPq/BA6sN155hFJPeh/VhIwffelHPzufwohZjhFdK3zB4QKlKAcKEEC6vI74GOBfQfUOMimeiuuS0IiLo4kEeADd1qk2GHcbw=,iv:LmCsgkvGcE9Jp6JO0nxsu/pqGPX48d8dmZJCEt9RHBs=,tag:fkpzKVv979jqyYUyWI0ucg==,type:str]
|
|
unencrypted_suffix: _unencrypted
|
|
version: 3.11.0
|