b6c9fa666d
This commit captures the infrastructure state immediately following the "Post-Tyranny Tech" workshop on January 23rd, 2026. Infrastructure Status: - 13 client servers deployed (white, valk, zwaan, specht, das, uil, vos, haas, wolf, ree, mees, mus, mol, kikker) - Services: Authentik SSO, Nextcloud, Collabora Office, Traefik - Private network architecture with edge NAT gateway - OIDC integration between Authentik and Nextcloud - Automated recovery flows and invitation system - Container update monitoring with Diun - Uptime monitoring with Uptime Kuma Changes include: - Multiple new client host configurations - Network architecture improvements (private IPs + NAT) - DNS management automation - Container update notifications - Email configuration via Mailgun - SSH key generation for all clients - Encrypted secrets for all deployments - Health check and diagnostic scripts Known Issues to Address: - Nextcloud version pinned to v30 (should use 'latest' or v32) - Zitadel references in templates (migrated to Authentik but templates not updated) - Traefik dynamic config has obsolete static routes 🤖 Generated with Claude Code (https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
38 lines
4.7 KiB
YAML
38 lines
4.7 KiB
YAML
#ENC[AES256_GCM,data:+OGneTnZcnOaOPgw4zJDfO9lhon2bn72N3km,iv:/nZQnMlDMbofcxjJom4Tm4vXc7wQJCTRbZvzm3wEk2w=,tag:0HA3xkq9oRCwahio+48QFQ==,type:comment]
|
|
#ENC[AES256_GCM,data:DzVdDsbfKUPhrR3RfDtNcz5t0eai/DIe9ip30YDHqP1Cy25Bock=,iv:p+B0zs9MJqBY5pskUPraGLBzolkp6mJgfuBt9hNuDB0=,tag:Z6xCRTWDFlQFS2rq5Wcu9A==,type:comment]
|
|
#ENC[AES256_GCM,data:UwzF6CrMrTa7w2x1WZkeeu4XlCO3KQ==,iv:515JLeVFc99aDjhZm46YBiHP6XU2054t/JlAMJP8ATc=,tag:tbWqRRIjVVBN/CW2q2tP4g==,type:comment]
|
|
client_name: ENC[AES256_GCM,data:OW87HSgM,iv:l9hVz5O9kIpIU8coHFEAi7USAT9szRd/yWEPUJ/cy+c=,tag:nkmXbsXgRFdfLxlXEK3Cvg==,type:str]
|
|
client_domain: ENC[AES256_GCM,data:T96fwpdymgEzpWk1AHCuyPk6,iv:hxyUMZRUptennahYciQN5SvaFKNY5L9vbSkod3sJ/18=,tag:1H2qxINQe6+bahDqwg/+kQ==,type:str]
|
|
#ENC[AES256_GCM,data:yt18Q2bAXbVqlh1YYhITEi0sqA3ysADl,iv:Ps2WPtuOTYrH4eBAijAxvr6iVwPy7UE4pCVxck+qTRk=,tag:y5yQxqKR55R594815o4ivw==,type:comment]
|
|
authentik_domain: ENC[AES256_GCM,data:EGcA/dwACmdF4BxHBniaTw5VbBwcFLM=,iv:a7Br9mBBbRCLrBLtXOVlhyaNMl9KojCky2DnnAorzaM=,tag:J7BY5gGrWtq4K/Fi4vPrGg==,type:str]
|
|
authentik_db_password: ENC[AES256_GCM,data:z3hJ1S58N2+e2JSLZDFk4EfZdQnWOHXYXQLpRlq79xMOICfkdNOPk4Xy+Q==,iv:PbJMxOVvnCzx9NTZ7TmuzjjCnAPRfnAhEtgNUndkP24=,tag:iNeufIP3cexO//3HXX1l5w==,type:str]
|
|
authentik_secret_key: ENC[AES256_GCM,data:p7XuDZJpX1TB729fnwWSjw8xOiq89n9RuUInbz59yQwj1WZnMbOGFWtKhA==,iv:lCVIG22DPaq3zlWdhTNKkTxoZhHYDSUi/X5HCgd3RxA=,tag:8rb5pgQFSFPqbPb6CyN2Jg==,type:str]
|
|
#ENC[AES256_GCM,data:+GpzYBHrXCH8MLp9hNnTq8KQGE21woqupYuhdFsgtXIYNgcDJF7vYpvgMe3Svgg=,iv:9co1ZnzMW6JP0CTF4Y/MpOBSxJJIAHUlrcLV7zqmiZk=,tag:cIMlwU6C4cOCYc2ECGkczw==,type:comment]
|
|
authentik_bootstrap_password: ENC[AES256_GCM,data:96NFk4/+nQ3tFX2lWZwWj6G8JbxLVMwYrDghHEC+UebE/QGgV0XpWbmzFw==,iv:Vvqpr3dbxROLEQBe1Qu//8ZcnWeJPH2XBel/4kDn+Os=,tag:yO1ofUIr5fDwiaMJ5Gye4A==,type:str]
|
|
authentik_bootstrap_token: ENC[AES256_GCM,data:St6ECyiagUCW4MaBnD8YxUb/BMHEUqeIpvbkokMnWN5SVkBp3RjbsfcHTJyGDA==,iv:osYqlia0kbscK2o7L4tX0BsOXM+RyBGrvnHzBTMoVqg=,tag:xclsy5A/sAECV2OdAzPakw==,type:str]
|
|
authentik_bootstrap_email: ENC[AES256_GCM,data:aM5/55cmtD+KpcPuLG8o7Xk8Y53wtiQM,iv:xJl0XP3BROi7Cd5xsoyTJD1WG0sFXV8DYu+utM/Gr0E=,tag:Zng3mRgJlZodmzm1vYAfYA==,type:str]
|
|
#ENC[AES256_GCM,data:ewwEAuc2sMr7/JymX/unIrWbPLiYmFCp,iv:RCTjyRNDpbb1KASMaQLivmzPTUqhIj87xBf0sPkAo7A=,tag:DhpjJbmdz4LptfkiK4tuFg==,type:comment]
|
|
nextcloud_domain: ENC[AES256_GCM,data:m8wSqeV2KINu4jDEZzJLHWCXCf+2mkD2qW4GfA==,iv:VjDqoqslB2m6iiEwiqFYmSWs3FzFGMs4L27Scd0W1jU=,tag:ZUEyoijAdOttmCPA3jYqSw==,type:str]
|
|
nextcloud_admin_user: ENC[AES256_GCM,data:2wJAtW0=,iv:2M24KF/VVNYW4SuQpzRimujh1U4iUnTdXmdvMoDgDIk=,tag:ZwlovzOtGyBItAG2UbVhBA==,type:str]
|
|
nextcloud_admin_password: ENC[AES256_GCM,data:aU28NwDezrkeyLQzGqs/P955uyICfPH+Tiqw1MyReERBl3/iAhXzPf7STg==,iv:PCPovUjxW1FIM47bTCuaimkMHY+3W3WdOtj/Utyu55k=,tag:Meg3UOwbNsMHWttSp9VVEA==,type:str]
|
|
nextcloud_db_password: ENC[AES256_GCM,data:9KIlpdOY4PrmjqFX8xv5qj4Vi0wcrcKWOAzRVxnFst8YDKaOEwRLvOxT6A==,iv:lpUiKPb2A266p9NLM7rm3zWz5axXp/HM1/E9WhSj4zI=,tag:i7hts7cQCVidJ3Z1drpuEA==,type:str]
|
|
nextcloud_db_root_password: ENC[AES256_GCM,data:yDmM51PHybSGy0t5349w0cXOBvb9/ow0a8PooPr80PAYg9IIik3kyDcZrA==,iv:FgbqiKS+ilhmlqkZ7O8UdnvFYeAwjlpkQYO+yTMuODI=,tag:AxHEn1qPSlAEdSyBY8UvSg==,type:str]
|
|
#ENC[AES256_GCM,data:WWVZIdIMEoxOQOwJWUgPho2tSHpHtkFtzdiHzl4=,iv:m37ibZwqNOuyVZwo5ImwP4Nct52tAUGPJ9ATC2wRsFo=,tag:eovZH2v4k5Vh726L9WNpHg==,type:comment]
|
|
redis_password: ENC[AES256_GCM,data:/BwaUhH4nAKeTkzdOZYksHapMbhiR7BqhB8JTBxvcZUycRKpz4IHjrHKHQ==,iv:bE/6biVZ/EY2CGU3JM0R7MxASM5zd6Bky/1qv5MFzUk=,tag:0XFoF4AvgIgy0zJS5nEMyA==,type:str]
|
|
#ENC[AES256_GCM,data:SUh/lkNFWNxcqprX+qpLUp7T05d8m/X33lEiP6e63oqntICG,iv:itrjKHbXWc9MmCcT39JDpWXgBpd/j2j17t4Gi+BT4sI=,tag:W6u02s+tuyE4KADgwzN8/A==,type:comment]
|
|
collabora_admin_password: ENC[AES256_GCM,data:kEYIiowJqq8+rPynVbKz7f8J92XoFnZAlK4I1135gIRzpH9QFFaZl+OdsQ==,iv:gPWECbawEkAQ8gvr6qXbmji3RnrFRJyiUmD9B46kebs=,tag:X6vDF0zNj+relaveRZJm/A==,type:str]
|
|
sops:
|
|
age:
|
|
- recipient: age170jqy5pg6z62kevadqyxxekw8ryf3e394zaquw0nhs9ae3v9wd6qq2hxnk
|
|
enc: |
|
|
-----BEGIN AGE ENCRYPTED FILE-----
|
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPVUVEbFBaZVBoM3U2dDFa
|
|
clhaSjNob1VwT3ZMYTViSHd1enptZkZxcjFZCmVxR3RZaVU0NjB4QWNrNm94aEs4
|
|
WVZ3OFBBM0pjZVpUblQ5Wi9wZlF0RTQKLS0tIE5nQ0ZPaWJVSHlxbHIzcHc3UTE4
|
|
U3dnS2YwRVdvd1JWUU41WGVrcVZDYUUKHCxEWjcs3tSh0M7r58O2lrAlgL8qSum4
|
|
Wt+TzqCGv0u3mMTsilTSTtaWqLeMHu9jXvPgbD118KtHrSy3tr2imw==
|
|
-----END AGE ENCRYPTED FILE-----
|
|
lastmodified: "2026-01-22T09:15:08Z"
|
|
mac: ENC[AES256_GCM,data:kx3z9ok704JFFv6f4ffkLPrf0EifQKoW2HsZ+ff1mWUxAm9seFpE1OhmyU3SpSrndmbKSANVMOI88eXne/2w1plqxVYUp75nS2f2fAKTlssTEVrH3vvWS0a7O9McGKgGIQUhzjSiavsrReye7ok50WeiQSlgnzYreM9FBk46c2A=,iv:0ekt8pMJCF9hhRh3CahbKb44Pq/+wordmoe3he78Kg4=,tag:AReHlK8VvGQHy4m8uqK+lg==,type:str]
|
|
unencrypted_suffix: _unencrypted
|
|
version: 3.11.0
|