b6c9fa666d
This commit captures the infrastructure state immediately following the "Post-Tyranny Tech" workshop on January 23rd, 2026. Infrastructure Status: - 13 client servers deployed (white, valk, zwaan, specht, das, uil, vos, haas, wolf, ree, mees, mus, mol, kikker) - Services: Authentik SSO, Nextcloud, Collabora Office, Traefik - Private network architecture with edge NAT gateway - OIDC integration between Authentik and Nextcloud - Automated recovery flows and invitation system - Container update monitoring with Diun - Uptime monitoring with Uptime Kuma Changes include: - Multiple new client host configurations - Network architecture improvements (private IPs + NAT) - DNS management automation - Container update notifications - Email configuration via Mailgun - SSH key generation for all clients - Encrypted secrets for all deployments - Health check and diagnostic scripts Known Issues to Address: - Nextcloud version pinned to v30 (should use 'latest' or v32) - Zitadel references in templates (migrated to Authentik but templates not updated) - Traefik dynamic config has obsolete static routes 🤖 Generated with Claude Code (https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
38 lines
4.7 KiB
YAML
38 lines
4.7 KiB
YAML
#ENC[AES256_GCM,data:38aUbCWeuHrSJ4UMuLkuGj/eMnL4foaEdsnM,iv:WRv5ed/FGlkozCKw9f83fDYTCaXYfZKlA3ZlNiuaO9Y=,tag:DAvZ6c14PpfHtMbdzrH80g==,type:comment]
|
|
#ENC[AES256_GCM,data:dZ/jzcuXlLT29Vb6U0eLmNIKO1EIwfrQoBh6kHQRkMEYouCupjA=,iv:C6azAP0KfX7OQGKasg0eq/GAhQtht8NeO9HTWicaX5E=,tag:xTXdUrImAAk4D5BWwYo2OA==,type:comment]
|
|
#ENC[AES256_GCM,data:dRVGRH3SGAdzyG+Y/wGhWq0Dx4QqVQ==,iv:KiZmQKRW0STGHhxQh233fCfnJtmuImmNYk/wU8gOxCs=,tag:scGhi/prlmwwLikf1IYKBA==,type:comment]
|
|
client_name: ENC[AES256_GCM,data:3zPrF0pB,iv:BOomPNbfc1x0KtrDWsCWfb2QUABq2FRRVi0gba1k6xE=,tag:zoVJLIYHM+VQaTwhKJ54RQ==,type:str]
|
|
client_domain: ENC[AES256_GCM,data:Cr7GhZ1o7XdR/PB4HTvpNjFm,iv:7VmHONNTWfqJFI8A2r361xZgV0ecIopcrwuFPr/tM2Q=,tag:dT+JB+ebUtwwx168dctH6Q==,type:str]
|
|
#ENC[AES256_GCM,data:nYF9G09Uzj7ivZOU/Mf/tlkid5meHz/P,iv:NTP6Rzy9Rx2ToBX60IhVf77EcJwQsCr4u/Yi+8IAiec=,tag:vxJFXANyTVKAnZTG9DzJMg==,type:comment]
|
|
authentik_domain: ENC[AES256_GCM,data:oFBo59xd15xFmN7dAocZQGYn+qTn8bM=,iv:wTXbudWvFcEa8zsgsQJIzIAdutrFlHGPdVq2LXGN2U0=,tag:7T0F3fhba/eW4L6qSODbzA==,type:str]
|
|
authentik_db_password: ENC[AES256_GCM,data:QKv114mUTyBVYzK3TQqp+7wCKizEEmnU7X+CMcMcsw/f2IR+Ob3qVEU+Eg==,iv:hiTHPIy7tosh16pesLjPl//bbNgkXcYGRS9TQ1fwlaY=,tag:fZQYu4Ctwp5zhxQC5uxlPg==,type:str]
|
|
authentik_secret_key: ENC[AES256_GCM,data:DfuHQVIPDiczdsZYqa4Wn3HxjNSzvuL5vRojGaVBgSHCKwUlFRqOcYeUwA==,iv:8DMzp9kdndphH2lbEegkQedknDYHGX/YqJQV4LmIFf0=,tag:uXPb2qdO6UcY4r2tpHB9qQ==,type:str]
|
|
#ENC[AES256_GCM,data:tUfzVHkvxXiQCUBRXyyXaVjZB1OUeMmSFS0RxgOQ4oRA4oW1fLZFOBYKq7SyeCE=,iv:lKOgWtb0ihbzxCedDKWVqsSEPA0g1fE7+jm2P5WGgRw=,tag:LKPP+3rlY91QtgCELERBfA==,type:comment]
|
|
authentik_bootstrap_password: ENC[AES256_GCM,data:21yEgNsIvkXhM8BWYaajgUw1d+NkQbQyxB3DQTAjGjvwv27g9mvT5nlmaQ==,iv:iEqeWliuHa2QSsKDgeeincsimAb/kVwoTIbXcj9vAtY=,tag:OWW7xQMbeTUSsdXuCIqBZw==,type:str]
|
|
authentik_bootstrap_token: ENC[AES256_GCM,data:wlht8BfP+N2NP+fU2NlKMQOOV0/ryWWbg6hBqBvXUYeAsUtmON7HKi+Jp4pSAA==,iv:kOuILM+Ax4YCrzFItI7z3MYXTK1G/YeCegRglhME9f4=,tag:OrmUvqPCB/8yLqk4IzgsHQ==,type:str]
|
|
authentik_bootstrap_email: ENC[AES256_GCM,data:N9Z/UuMuKyz4ARYs1HfbAbWwA0the+74,iv:JpTmfqPlq9vO9otZ3BeTk8OHLHgW2bd6hpcy8kGGlW4=,tag:MVlDKPZkX3FIkmxANvNSvg==,type:str]
|
|
#ENC[AES256_GCM,data:BQYe87BZnR8xhfWAaK7hdegjjWpwBEK6,iv:F5s3BrUOK0t0bH1VXt1GOQOEbfoKtGo/AsB52DsO+Mg=,tag:cew2DUJsdokcV7Gb+Apppg==,type:comment]
|
|
nextcloud_domain: ENC[AES256_GCM,data:eRL9eRLVkPqvr80wI4O+FklLdJaq6ItjgEjDpg==,iv:sPDZw6JA0NyVF+QuoswagPdlbIiPmxAhi8Hes80UMrA=,tag:RCE2rARy055L+16nVdYcLQ==,type:str]
|
|
nextcloud_admin_user: ENC[AES256_GCM,data:URnEwfk=,iv:DxGJh6Ja54SuKe0RktQHo+MblaUqpSjZVQ8WExTkvVQ=,tag:YQCpxxWzuQzF5phVMQBkhA==,type:str]
|
|
nextcloud_admin_password: ENC[AES256_GCM,data:Vyfr0UHAcwgCcghBetom74cVUt5BknCdFFicAo8eSrnSpmkFJNLWzWXmzQ==,iv:dsvsJabbqz7Q5v1fhInHykZmQ9A+Z8nOTvKoQYCko0c=,tag:2/P2BOppuAPf/ouYlSnu+Q==,type:str]
|
|
nextcloud_db_password: ENC[AES256_GCM,data:mhCb13Clcd7gPMi4eVHP9gBYVcoIQwt6ZrtbPYCWAscTWB9jai+Wafa3Nw==,iv:lfU8/bivrTknJhMpch6wvcIgiEVSin4LM6xwJCxMxIM=,tag:+RImMT1bWV3lHkHRj6ju1g==,type:str]
|
|
nextcloud_db_root_password: ENC[AES256_GCM,data:m44Qx3K895lKRRUH0uY/lejQpscf+dE8OjaSt0kl2cc+7zFvLSrzsnZ5HQ==,iv:OOn8Olejw/PSSklz61fGPANF1HD5UfyJRUUx1C+LN/0=,tag:6nYNfYqX9GipaKeVt313Cg==,type:str]
|
|
#ENC[AES256_GCM,data:6CaSumSa+TKM9GdSAbnIpqMHIahqsQuZJoK43Vs=,iv:EfBYYv9ua1GdVkU/+7bgWQUELtsROVBTeyUKoDr67kQ=,tag:dgWCqA9o4WJPZJolO4viUw==,type:comment]
|
|
redis_password: ENC[AES256_GCM,data:BRIEt2oU1grSkfFTEQzYvg8dK3OXrL7DdswpIU4SeTvh/7fGRS+pnJokNA==,iv:IJCFcFj2N/NHuJm4CTBnOa8YGoNNa4KrAbdRatil20k=,tag:e3SFXDpyX5uo69fisF2aRA==,type:str]
|
|
#ENC[AES256_GCM,data:C66DApdfqVNaYdrjKft+SG+hImN1AGEZvO9wIFygVQ6mqODU,iv:FLWB7Az7/As1POoMNmzOyk3vLJqDOrlM65OgOB//wnk=,tag:pBGTeOOvp7fBRMKr+hB7jw==,type:comment]
|
|
collabora_admin_password: ENC[AES256_GCM,data:mlyj/bdmwdJ6aaXQ57JqgJEWwbfdVWEVudlM0XTlBrOjYdVSXvJhiUH+qw==,iv:lJHeJ+F3mCA4B2ZdCRAZdO9foYHWJAta776lqvL5CDE=,tag:9P1RMpfIcmzb7O2wAD0iYA==,type:str]
|
|
sops:
|
|
age:
|
|
- recipient: age170jqy5pg6z62kevadqyxxekw8ryf3e394zaquw0nhs9ae3v9wd6qq2hxnk
|
|
enc: |
|
|
-----BEGIN AGE ENCRYPTED FILE-----
|
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBqbFBEd2ZCVjNMZDR5NFp1
|
|
KzYzeDVhYUdMS1F0SzNoVXU4ZGc1bzBmMVZjCnFVRUxuUENmWWlmNVJtSjc1cDdF
|
|
QjFCVHpsTzhBUmFrSXlQamtsQ2lNRm8KLS0tIEJxRktXTitkcG9wNnJOT0N0d3Qw
|
|
YXRyZkw2ZEgrKzBQOU4rQWRjWWdZOWcKusRHznYQu8aNxA/UkA7mI96qVGN9B3Es
|
|
wf28XieHbXJ6DXrr1ZB2C4FqE2VbQsahV7ugw+mHppK1va1x0bJB/A==
|
|
-----END AGE ENCRYPTED FILE-----
|
|
lastmodified: "2026-01-18T19:25:09Z"
|
|
mac: ENC[AES256_GCM,data:aUf/1f3LRTc3009K5WW5et2A4vnkigKfG3sYDRv5Tg4gRjwvxh4cuyKNpGfzKZ2UT99gAIt6ruCRD93BKVX8rG2gzK9lM77Z6vkuY9vC5HzVOtUA9fJauIWCib/rzczsHIykcoA/xwSBhAZjQmiWe4tpbffSI+GIUtAhfxaAZ2s=,iv:JCZFBc1nfMR1XK/WBJOKfOAiqG4xVJ1VXbZifdxWUUI=,tag:DmJ9SFboiXKpSVkA235qEg==,type:str]
|
|
unencrypted_suffix: _unencrypted
|
|
version: 3.11.0
|