b6c9fa666d
This commit captures the infrastructure state immediately following the "Post-Tyranny Tech" workshop on January 23rd, 2026. Infrastructure Status: - 13 client servers deployed (white, valk, zwaan, specht, das, uil, vos, haas, wolf, ree, mees, mus, mol, kikker) - Services: Authentik SSO, Nextcloud, Collabora Office, Traefik - Private network architecture with edge NAT gateway - OIDC integration between Authentik and Nextcloud - Automated recovery flows and invitation system - Container update monitoring with Diun - Uptime monitoring with Uptime Kuma Changes include: - Multiple new client host configurations - Network architecture improvements (private IPs + NAT) - DNS management automation - Container update notifications - Email configuration via Mailgun - SSH key generation for all clients - Encrypted secrets for all deployments - Health check and diagnostic scripts Known Issues to Address: - Nextcloud version pinned to v30 (should use 'latest' or v32) - Zitadel references in templates (migrated to Authentik but templates not updated) - Traefik dynamic config has obsolete static routes 🤖 Generated with Claude Code (https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
38 lines
4.7 KiB
YAML
38 lines
4.7 KiB
YAML
#ENC[AES256_GCM,data:0GANpiSe/t/8nNVeEeF3xhbPLbswHZk+1g==,iv:2Q+TbLECTqw8LOF12qlCpTCJVAiiONafgtqOxOy6jvg=,tag:H5m1lytoOFuWReEnQrN8KA==,type:comment]
|
|
#ENC[AES256_GCM,data:As3OROMNLTL+e2EUAZFv7RrJ3p+EQvkOdNjvFNuUSI5iq0xhYNg=,iv:23QHhD4A0VW8ccjMW3ivRsKlW2mNaQ0AwgqTg3LQUnc=,tag:zlFt8r6m+FNvD0Y9d48FeA==,type:comment]
|
|
#ENC[AES256_GCM,data:vbx3SU+Yc5p9FaaaTX+lzNScNsmEBQ==,iv:3goZ/7+7erCc186ZPJjnS+01KFbun327rQ2u/ia9NLc=,tag:V01ZFE1y0/Yhp8t/O+X6pA==,type:comment]
|
|
client_name: ENC[AES256_GCM,data:mhCH2w==,iv:4oRhdfLMY/IJv+DXiFVLXZ4vBxKk+zoYlDThq7ARfOA=,tag:DojfBjqyXAMgk1cDs8FWmw==,type:str]
|
|
client_domain: ENC[AES256_GCM,data:vCltXbTBfuJqj4jk8Uf/Ow==,iv:6hsza3t7nQDNHYEIrYvopSt8os+o1fz7Enc0cJFxbYY=,tag:rwoAEHdsCSWGOKniue8xOQ==,type:str]
|
|
#ENC[AES256_GCM,data:36WknJsToqr6KDZgMvm9VsCZwC+BOyIq,iv:lIV3CJXv80WQkTvud7KlPj058xY+AcIg+ti9B+tqRmk=,tag:0Ho8XR14HxO9nrGlqw84Bw==,type:comment]
|
|
authentik_domain: ENC[AES256_GCM,data:xRr/HCyiscbPJUIzLbl5muzX4lPl,iv:DzDCwXEgaI65ViKOgeydbQ1XBPBVk8Vr3IPX2HsrTC0=,tag:FzUcBnT84QLjUELO/NepcQ==,type:str]
|
|
authentik_db_password: ENC[AES256_GCM,data:EKxxfM01KdXFXZkIe3Odpl2n8I4nbdQzUC6ryN7aM52MHQDzv4Y+z3pANg==,iv:zaG2VcR+x8fqkMyL2vQTonKK9u/KmObyBiE3oFYgwTM=,tag:eS2cQmNoUbet5gBB/EoAzg==,type:str]
|
|
authentik_secret_key: ENC[AES256_GCM,data:vojKY09CrpwNdcJR3GHv6Z3HfR8n7EB+qNZs4fXXQOVgk3eqVMSz3Qx8mQ==,iv:RG9f1hHUEHlqRiHXXODJV0HIsIFHib6837p68p1746c=,tag:YqIueX3A07hRAjJmsI6r6Q==,type:str]
|
|
#ENC[AES256_GCM,data:VsLPKpx3W6YN6QXhRx+YTAxKNu9IQzGiZG32H4Rwvg8wxje5BMhmuSTR5UJorMU=,iv:QswzckRT9Q51N7vSRQrm13kxECRhfBJpsFooFYHKb0s=,tag:oEC4Hc6AVALzVqiOG/09DA==,type:comment]
|
|
authentik_bootstrap_password: ENC[AES256_GCM,data:dz0+NGAa5D154vbjuKpuRnIEXVQfTgUsIOPjIzdxYMLxbbNTBP2z4whElg==,iv:hWR7E+hPMQ6zSgZIaIvaGHPRuW8md/uYfRQ/xeb8DeE=,tag:CRgtDtN9UEk/6DUCFMwoYw==,type:str]
|
|
authentik_bootstrap_token: ENC[AES256_GCM,data:e8O+c7DAwwYV91ATgEOi0Hf/i0IfnQoxAQRK+KIZ/Tdo4O0t3Al/6SHl+BFGZw==,iv:9f+tfa9tRhn/yuBSqFaLJndnRDx150zBd3Wxc38onRw=,tag:KOeZnWr/uig4KI5g8BE6VA==,type:str]
|
|
authentik_bootstrap_email: ENC[AES256_GCM,data:MlQJIrG2a7f8jRVjRm3pFBTwz+SMCw==,iv:c5MSTtscFb5qFWghRilJqscrqdriju/AU3H4bE5zYfQ=,tag:msz63u6YpGoAI7ulT880TQ==,type:str]
|
|
#ENC[AES256_GCM,data:p0JREYAvVu02Qqoz0HoEufCL287NwNDH,iv:2oJm8p5m+KyEv/MedtBjurQcLDer+QMcxjVxfjkljZk=,tag:k87CX+v7zGZbcbjT8s8JGQ==,type:comment]
|
|
nextcloud_domain: ENC[AES256_GCM,data:gPyjwlPhAh1B56O2Ua7+hgVYbr3girvNgn0=,iv:jWGVFWDxXuYFqQtWIMlrBn0bYkYzB2vrH46sFvrX7lM=,tag:5/jQQTEtsWoy2i59sR58jw==,type:str]
|
|
nextcloud_admin_user: ENC[AES256_GCM,data:v7wuCG8=,iv:YG6aNYwV0RPJ/sfHcSleqvBvkdq+zE2nBjMyN4QDir4=,tag:n987hO4NlJvdgvUqjf8ZVQ==,type:str]
|
|
nextcloud_admin_password: ENC[AES256_GCM,data:B5mp8NCWgQclAERE4QXoROeV6nlxwiYP5+hsizIfHctk+iMZldEt9YCJ3A==,iv:xLg6G5lYc1fBVXCy8PnCIpO+t3K3kZ5iYMfBFfZ5llE=,tag:xIi1A1nuwlN4TyrEeN7Zag==,type:str]
|
|
nextcloud_db_password: ENC[AES256_GCM,data:vLx15cJfiToYaaAR4eIqWAo1wBLDSCIYznC3SBsngMBKssVkQcQpnpO7Zw==,iv:DNDNz19jU3nATAzJw6/FXyq8QUcsUIv3xVWG02CZKJQ=,tag:mEkQIJgpcQdKlxTey6Zqjg==,type:str]
|
|
nextcloud_db_root_password: ENC[AES256_GCM,data:BVHmAhREJQ9U91YiQoLp8trQR1A6hpMrXGUCVLGKSV3xgxloWCcPvF5Fmw==,iv:kcJrzZlvmwAUQRbKe6cFu7BTr5Eg/s7frfTAoGrk6HA=,tag:Z6kUpUx3GeIf073mYHE5Lg==,type:str]
|
|
#ENC[AES256_GCM,data:FuFmCCQIoLt38f3rp/f21F2SUEmUe5mew7mafIs=,iv:/epTrJv3iq3Apu82EXzv4cLL6678wDvtEL10xnKN8lg=,tag:dTSwYH1+TWZ3uTAn+8e5Pg==,type:comment]
|
|
redis_password: ENC[AES256_GCM,data:2ZRr7+7Nnq09Ozal4FWU/vb+qdBX3njZE5KdzyXPdtZQZ3lkB8p5mgXkUw==,iv:4YXUPxFubIQyIoSYMWc059zGAUPI9dk+YF3V7kn5j6Q=,tag:+0Gi1qZ6HFgjnzah7pGBUQ==,type:str]
|
|
#ENC[AES256_GCM,data:uw9XOlYDr7zZK8dx51LFiHzPjKgBlmwWoyPqREd3cQHzwo5U,iv:9luZspimHV61i9oTgpePLJur78Km17lyhrOWjVledXA=,tag:pSezIsLxWvcEZ6rklfJ4Mg==,type:comment]
|
|
collabora_admin_password: ENC[AES256_GCM,data:NpAz49/Nu/SAVa9gpfnkdZKuRXqbawVutx/YuGA4V+KL6/mXSJn30EtBdA==,iv:lzDFtpF+3AZ7SQiKwN1ewY6jeWAI0GKO6M6QbxjGGUM=,tag:lPc7ubFRLIOBT0G7fZRhCQ==,type:str]
|
|
sops:
|
|
age:
|
|
- recipient: age170jqy5pg6z62kevadqyxxekw8ryf3e394zaquw0nhs9ae3v9wd6qq2hxnk
|
|
enc: |
|
|
-----BEGIN AGE ENCRYPTED FILE-----
|
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3K2Q1VUdWcG5LVmxEVzdl
|
|
SXNjZ0swWTdJNmlQV3pudkV3QlZ3cStHL2lrCjVCMHY4a1lTK2V3cHo1UHN0Qit0
|
|
aU5BYy81dERuZGhpNzlQbkxnU3BncTQKLS0tIFNGS1NFRk5LamhMc2dOZXBQalVP
|
|
UktCNEQ2MGxLM2R0Y3cxRU9WV2hvUkUK3q4VetTBIM/xB5rdALtaNkhVr14XcOvv
|
|
Od35KPTjMKjTycae9K/9UAaW/GyqYUhna+S10iMKiVImaNyP+Yve+g==
|
|
-----END AGE ENCRYPTED FILE-----
|
|
lastmodified: "2026-01-21T19:27:39Z"
|
|
mac: ENC[AES256_GCM,data:hv6CBUEhuu8sdqAjSjbB6fS559RY8nCssdejS1L55/PY6KtLvh/lPhmlc9eIiXwt4gVCO3S5eSguK9FDGN6AcPbCR4oV6abO2HsjoXnkAq2twlY+vvQ9WHnt3yR9ndSu4+8T17WqlQkib7p1Akzns8g3GL8W6wt4A7hW/YcnZqE=,iv:m7neOUmZ9Ou9MCtfGElDMUrOiffX+ROafOTaMK2XfiU=,tag:70Veha2fvdobCEKhLVn3iw==,type:str]
|
|
unencrypted_suffix: _unencrypted
|
|
version: 3.11.0
|