b6c9fa666d
This commit captures the infrastructure state immediately following the "Post-Tyranny Tech" workshop on January 23rd, 2026. Infrastructure Status: - 13 client servers deployed (white, valk, zwaan, specht, das, uil, vos, haas, wolf, ree, mees, mus, mol, kikker) - Services: Authentik SSO, Nextcloud, Collabora Office, Traefik - Private network architecture with edge NAT gateway - OIDC integration between Authentik and Nextcloud - Automated recovery flows and invitation system - Container update monitoring with Diun - Uptime monitoring with Uptime Kuma Changes include: - Multiple new client host configurations - Network architecture improvements (private IPs + NAT) - DNS management automation - Container update notifications - Email configuration via Mailgun - SSH key generation for all clients - Encrypted secrets for all deployments - Health check and diagnostic scripts Known Issues to Address: - Nextcloud version pinned to v30 (should use 'latest' or v32) - Zitadel references in templates (migrated to Authentik but templates not updated) - Traefik dynamic config has obsolete static routes 🤖 Generated with Claude Code (https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
38 lines
4.7 KiB
YAML
38 lines
4.7 KiB
YAML
#ENC[AES256_GCM,data:+pppKgjMX6IKHrEyE7WT+sVkrsKrC/S9N5s=,iv:aQcH3wCqnZ15ThzB9DRmkJhnw4xNNqVJToXsx3iwGFY=,tag:w3hEI/Nwb/GTCmwrFubQVQ==,type:comment]
|
|
#ENC[AES256_GCM,data:InHpHdYbWF+YeElQmyml7H6wQ4y3lhHmifu4hNAfdrO9fNXh+IQ=,iv:0t4/ZHfFgEVVAWEFYAXuNaKYFYwoPUllyMfOp2UR+DQ=,tag:tfqtEioUhGj+oRjSJx3Psw==,type:comment]
|
|
#ENC[AES256_GCM,data:Df/84YbfFeA/4eB3ERGLRrusmbjKRA==,iv:DDOY9P8TW54qmDQH/5jPQmFjyFjfPZ16ipOTGpotLyE=,tag:c+nwU9QFLBFZMcdTjbwCIQ==,type:comment]
|
|
client_name: ENC[AES256_GCM,data:5c7mNQ4=,iv:tiSy41HLzjP3Bhs9XSn85ZAJJtYzTCTwCARlD0wqJtc=,tag:cmPx6IQs6Ocuy2xiqzIR4w==,type:str]
|
|
client_domain: ENC[AES256_GCM,data:r/V0n6t7nOSqjXV/vYHv19M=,iv:EykIf151hcUDlDVcoGlKuOYzeRwspxajEIjnuadRQxw=,tag:KASAfQqdZg1RKQsBwuzd9A==,type:str]
|
|
#ENC[AES256_GCM,data:Zoa/hQiGtXJbn0db06ZTBachkGsEBEOa,iv:vTyWshk5HDFCJxsnuVYL3+BOMifxmhjJ+gBKiNZ2Jg0=,tag:C2k4MfPwyZ4y/AoV4i+cDA==,type:comment]
|
|
authentik_domain: ENC[AES256_GCM,data:qHPGPAh8Kc171vAsFaaD1IEMaPGwEQ==,iv:NvBP3kC7es518oXT7OT+ONnBI0o6GmfNCpGzvfdrQGM=,tag:YCCCivxJcZtI3qER4Im17A==,type:str]
|
|
authentik_db_password: ENC[AES256_GCM,data:exJBbBV0PPaLfR7u0LoLmbQRuE73ZGpwdXQ09iPvntripOTM1aBkfuqqiQ==,iv:XmDhW8EB+yWdHLdWv0DhCU35rq03IP0Q8nQPxHQq/tQ=,tag:vVMFB7FN5Vi6e+d7SsqJXw==,type:str]
|
|
authentik_secret_key: ENC[AES256_GCM,data:lfC6XAKFtaloBZmOq6hIZspxIcoRJPqMbYO5T/9LGZmz8fI9kDNMM9Skdg==,iv:Jqs1NXru9LWFnkiwQbnVz480UHzDLyw9lTz5KsJ0QTI=,tag:K5WERITMYtHN0Aa9zsG+dg==,type:str]
|
|
#ENC[AES256_GCM,data:mvQfnGJnfGog3xEFfuX7/8qISPjhI1Jw1ljyRr2X82mFVHV1bS8Wgv1TN31k/QU=,iv:9JrDtyMhIo7D39+Vl/HBrh6R23k3E7NQSZXBqmQ1Ho4=,tag:fmIHEt03EnawuPqJsLW1Fg==,type:comment]
|
|
authentik_bootstrap_password: ENC[AES256_GCM,data:AdMlkg6d2it1HzA3HG6m3yA1vSJQzfIWWJSvWbypdKH8eiqkr7D3XU5imw==,iv:lHvkemA8l3GxKUw/oSncKhUsTB0kM6q6q0qbEK8eLoU=,tag:gn3NYjrye7RmdYnTbj9qZQ==,type:str]
|
|
authentik_bootstrap_token: ENC[AES256_GCM,data:F5e4pUyXkUDpgz99e3gqa8JYsDDCv6yfKCgG0E8Mn3CfbR3ty7TtlM/CvFcOTQ==,iv:rQFxh49ACncotu5JcQyLJHJjaIWHSi2MPaMECUtoUWg=,tag:8olrhhiXRYDM0oog4Nn2ag==,type:str]
|
|
authentik_bootstrap_email: ENC[AES256_GCM,data:DfjaNz0/lxfkhBInGBiNgtyljSe/Ox8=,iv:v7HRWWbq1iGWGN8t4ckLEXanhksS+jyKvpHtWFLGJbc=,tag:CaYUvzC7DDfwbVzzCpuwkQ==,type:str]
|
|
#ENC[AES256_GCM,data:8v7EAUTlRdWKoG2ji5qcJloBymG+ytAA,iv:8/UHfEHBMDA5NYmUwZSZHq1y7TOIHFIjEO6y0hwsdV0=,tag:tdsDXMuIOxHSXu0cnJq+Yw==,type:comment]
|
|
nextcloud_domain: ENC[AES256_GCM,data:WzFgX42WIPRi5NtRWsUZAlwP3wUE6grJQE+y,iv:e/VkjDmxbQjv83g4ibg3DmXmujnYZqEytFSK4jT1uGo=,tag:gew/qFyCmtzd5LrB9MOkhA==,type:str]
|
|
nextcloud_admin_user: ENC[AES256_GCM,data:VP4i484=,iv:x5/FODYkvGwLsypL0EEFK+aX1vomc1g2BRMjz7MVdN8=,tag:yeDjVIrPHMcGIHL55CNi3A==,type:str]
|
|
nextcloud_admin_password: ENC[AES256_GCM,data:BHQxIcK37o0xyf3kN1g0RV5XO1RtH8g97nVGNjnYLJDd3+VUMKMNYL/iVg==,iv:3tTMTdLYHupHzr/YKC0gBuNRz60w9vUbGcB7INw4L+A=,tag:EWmtvDFzK239WsnseQZcLQ==,type:str]
|
|
nextcloud_db_password: ENC[AES256_GCM,data:94yfQRPn5rMdtzKWPaBbS+dZUmUAI4xo4i1/hxfm0Z0623KaMs/jcBGqwA==,iv:JNXoHRaY91zJhtViRIfz+ihPI3JlKwy9xfO5KTlDwsA=,tag:nJvT7uNts3DXaBsbHfts7g==,type:str]
|
|
nextcloud_db_root_password: ENC[AES256_GCM,data:SGw7KzCfOUVG60a099rMYI77CYoOTeoKkdQbKEYT2cSKJ2LTKtZCdbXCoA==,iv:57W+KwAPrKfB919TJDHPIdT09B5aT8ZKmkrLcz3um5M=,tag:Aq3mRmTvCsGSGLA4VK4RGg==,type:str]
|
|
#ENC[AES256_GCM,data:2Ca94oWcPDsThITdONt2BwtCQtgo1T1/+QrL5No=,iv:YNoWLwci667/gN3ZX2sYCLkYB/phYFLvtgwUVp3h9I4=,tag:pPlgbwv/6fkTFE2WfSPfdg==,type:comment]
|
|
redis_password: ENC[AES256_GCM,data:jpi8rEcRBaM2XNMLlDz0WkKosp1j6NLyGE933bZp2PieOWk2gNHFNwJ6Hg==,iv:1ynRlMYpBo2FRknD4AWosDtF6JBJnT+vuwy1HNPs2RM=,tag:gr/v/kfe5M1sHjYq1szOIA==,type:str]
|
|
#ENC[AES256_GCM,data:7bmjCFZTqyGV3MmxtmEyY21L0AX0xg2xwQyNFvQld5F4p2uT,iv:Hu5k8+bEewx+J59IKwT0l202h9Sgofzuh7/++Nvvx8k=,tag:YuRPCf4cUN8GlModxkaJTg==,type:comment]
|
|
collabora_admin_password: ENC[AES256_GCM,data:K6UAvUM90klSCqMCiWwE7VkAhvx5c/+QqSElEXjgpmDdoiNE35H1BgYNOg==,iv:v9j6cfmQUkM7IvQvh/pW0C73jOdvx8YEpYuulhKHVsg=,tag:T4bGJJfejMOCgHg9c2nrcg==,type:str]
|
|
sops:
|
|
age:
|
|
- recipient: age170jqy5pg6z62kevadqyxxekw8ryf3e394zaquw0nhs9ae3v9wd6qq2hxnk
|
|
enc: |
|
|
-----BEGIN AGE ENCRYPTED FILE-----
|
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB0YkVJdG5Vd29zRXlEMTFk
|
|
RVJjN3NSTFFHUm5DUkpQUi9ISHdiUEtZVVJBCnFTT252VGpUVWNzU3JCWGRBdXov
|
|
YzFLSXU5UzJCN01nTTVRTU00VGtoTWMKLS0tIHMrQkRFT3hJM01vOExSR1ZoKzNp
|
|
aTZOUDdNMzVUZ0lickNCT0dIaWFuS3MKWHNDkkJ4kJljn2Ull8VCksmnjuORLYtN
|
|
ASfbOgiRJqXzQxwNgigUkvnvFuAEeaijIyG8/KazEP0YlhTWTkY5Sg==
|
|
-----END AGE ENCRYPTED FILE-----
|
|
lastmodified: "2026-01-19T10:56:00Z"
|
|
mac: ENC[AES256_GCM,data:LhzvYjkGf0i5g1S1SPQqBKRFatsOKKjwch90KIITZJOZ5i6/5L5BPFeyI8EVl/3/jbN+/wIBOr206nWYkXz+G0i4fDzC0wuAxXc/o1KB+ovMRrQCg5Qw9QGEayViXlKgLOC3EzXzw3gDybxJ13yOw2YSxHgirRRdjVJr6G0/Rcs=,iv:YvE1KhDVAwtXYnjsMOAPnQoluEFMFOU4GByeiQB5W/4=,tag:HbyR29sNZXUhWyQKs5SC4A==,type:str]
|
|
unencrypted_suffix: _unencrypted
|
|
version: 3.11.0
|