min
/
infra
1
0
Fork 0
Code Issues 15 Pull Requests Packages Projects Releases Wiki Activity

Fix #15 + #18

This commit is contained in:
minish 2025-05-13 16:45:14 -04:00
parent f990d5df05
commit b9a6819fb3
Signed by: min
SSH Key Fingerprint: SHA256:mf+pUTmK92Y57BuCjlkBdd82LqztTfDCQIUp0fCKABc
17 changed files with 179 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
.sops.yaml
View File

@ -1,15 +1,18 @@
keys:
- &min age1yubikey1qg5k0y844v5e79uwax3r00u7zdljwnjlrmwvdr3st9m5a3ra5098qy0sjdj
- &min-two age1yjqjfdpajzg8a2cj4e5ax6wcg5rq3337rm9jwsfzug2tr7yj8yfq27vteh
- &eidola age1uqxzduupzes3tgfrrlret0n6thyldmlef60nqfzk689lmg6yayvsqpwxj6
- &silver age19yhycdgqczrvttszq97ccljh684x3r7f5dj4p0wdwqsrusqlcayse0vsh3
creation_rules:
- path_regex: secrets/eidola\.yaml$
- path_regex: secrets/eidola/[^/]+$
key_groups:
- age:
- *min
- *min-two
- *eidola
- path_regex: secrets/silver\.yaml$
- path_regex: secrets/silver/[^/]+$
key_groups:
- age:
- *min
- *min-two
- *silver

8
nixos/hosts/default.nix
View File

@ -19,9 +19,11 @@
system.modules
++ [
{
_module.args = {
inherit inputs;
};
_module.args =
{
inherit inputs;
}
// system.extraArgs;
}
../modules

6
nixos/hosts/eidola/default.nix
View File

@ -1,9 +1,7 @@
{inputs, ...}: rec {
{inputs, ...}: {
system = "x86_64-linux";
pkgs = import inputs.nixpkgs {
inherit system;
};
extraArgs = {};
deployment = {
host = "eidola.int.min.rip";

5
nixos/hosts/eidola/hardware.nix
View File

@ -32,11 +32,14 @@
hardware.enableAllFirmware = true;
# Enable hardware acceleration (for jellyfin, immich, etc)
hardware.graphics.enable = true;
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
# networking.useDHCP = lib.mkDefault false;
networking.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;

2
nixos/hosts/eidola/secrets.nix
View File

@ -1,6 +1,6 @@
_: {
sops = {
defaultSopsFile = ../../../secrets/eidola.yaml;
defaultSopsFile = ../../../secrets/eidola/default.yaml;
age.sshKeyPaths = ["/persist/etc/ssh/ssh_host_ed25519_key"];
secrets."root-pw" = {neededForUsers = true;};

2
nixos/hosts/eidola/services/jellyfin.nix
View File

@ -1,6 +1,4 @@
_: {
hardware.graphics.enable = true;
services.jellyfin = {
enable = true;

4
nixos/hosts/silver/default.nix
View File

@ -1,9 +1,7 @@
{inputs, ...}: rec {
system = "x86_64-linux";
pkgs = import inputs.nixpkgs {
inherit system;
};
extraArgs = {};
deployment = {
host = "silver.int.min.rip";

2
nixos/hosts/silver/secrets.nix
View File

@ -1,6 +1,6 @@
_: {
sops = {
defaultSopsFile = ../../../secrets/silver.yaml;
defaultSopsFile = ../../../secrets/silver/default.yaml;
age.sshKeyPaths = ["/persist/etc/ssh/ssh_host_ed25519_key"];
secrets."root-pw" = {neededForUsers = true;};

4
nixos/hosts/silver/services/breeze.nix
View File

@ -15,6 +15,10 @@ in {
locations."/" = {
proxyPass = "http://127.0.0.1:${toString httpIntPort}";
extraConfig = ''
# advertise http3
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
'';
};
};

2
nixos/hosts/silver/services/grafana.nix
View File

@ -19,8 +19,6 @@ in {
http_addr = "127.0.0.1";
http_port = httpIntPort;
enable_gzip = true;
enforce_domain = true;
domain = dom;
};

3
nixos/hosts/silver/services/min-rip.nix
View File

@ -12,6 +12,9 @@ in {
extraConfig = ''
add_header Cache-Control "max-age=15552000, must-revalidate";
add_header Content-type text/plain;
# advertise http3
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
'';
};

11
nixos/hosts/silver/services/sim-breeze.nix
View File

@ -2,6 +2,11 @@
httpIntPort = 14012;
dom = "simul.lol";
in {
# xray depends on nginx config in this file
imports = [
./xray.nix
];
sops.secrets."svc-sim-breeze-upload_key" = {
owner = "sim-breeze";
group = "sim-breeze";
@ -15,6 +20,12 @@ in {
locations."/" = {
proxyPass = "http://127.0.0.1:${toString httpIntPort}";
extraConfig = ''
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
# advertise http3
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
'';
};
extraConfig = let

48
nixos/hosts/silver/services/xray.nix Normal file
View File

@ -0,0 +1,48 @@
{
config,
lib,
...
}: let
httpIntPort = 14060;
dom = "simul.lol";
user = "xray";
group = "xray";
in {
# depends upon sim-breeze.nix
services.nginx.virtualHosts.${dom} = {
locations."/streaming" = {
proxyPass = "http://127.0.0.1:${toString httpIntPort}";
proxyWebsockets = true;
};
};
sops.secrets."svc-xray-settings" = {
sopsFile = ../../../../secrets/silver/xray.json;
format = "json";
name = "svc-xray-settings.json"; # xray needs .json extension
key = ""; # extract whole file. not nonexistent key `svc-xray-settings`
owner = user;
inherit group;
};
services.xray = {
enable = true;
settingsFile = config.sops.secrets."svc-xray-settings".path;
};
# assign user/group to xray
users.users.${user} = {
isSystemUser = true;
inherit group;
};
users.groups.${group} = {};
systemd.services.xray.serviceConfig = {
User = user;
Group = group;
DynamicUser = lib.mkForce false;
};
}

2
scripts/rekey.sh
View File

@ -8,7 +8,7 @@ ROOT_DIR="$(realpath "$SCRIPT_DIR/..")"
pushd "$ROOT_DIR" > /dev/null
rekey_dir() {
find $1 | xargs -i sops updatekeys -y {}
find $1 -type f | xargs -i sops updatekeys -y {}
}
rekey_dir "secrets/*"

31
secrets/eidola.yaml → secrets/eidola/default.yaml
View File

@ -9,21 +9,30 @@ sops:
- recipient: age1yubikey1qg5k0y844v5e79uwax3r00u7zdljwnjlrmwvdr3st9m5a3ra5098qy0sjdj
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHBpdi1wMjU2IGpBdE54USBBb2FySEVQ
MlJXcHhrRGdaUWdqMVlhOVU2TFZDWVFaYURNK2JFMTI3eFZRRgo5ZmltTHRDSStB
MjhvSFM1bnViUllYQXcxT2ZUc3hUWnFhRmtDUFNxbWhJCi0tLSBXRlBOQ0FjWTFF
SHcvWFlHdnczbzlZeFdLaWFtaURzSENHZWJ6eGdUVEtJChc+IZb49DXtLhh+xutX
va765WabBmojoMKI6tIZGUqwwBCMZXd9tWAmyNOu3vxQ43KCpWXP/NkYxGgd0+Ot
7eY=
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHBpdi1wMjU2IGpBdE54USBBL3lkOE1Y
VDFoZjJic1ArNVNaSGo1NmJHV3lYSHY2REMxb0JyY2RUcHdwVQp3WDRNVldMcDNV
TTZRV1FaZHE4YzRNam1PNjNhNDRrNFFsZDBLeWpZeitVCi0tLSBtRG0xc2FDazJM
YVB4N2tCSDFLbnZoYWRYU0Y0ZmREdk8zQ1JSU3loOFBrCq3tOwFRmsroKOiN96Iq
VybSNCFyTMSf9bq42EK0BS6AbOQmaEiKwJTNMhjUZldkYJqKNVfj3T2tqMNiFs0P
mv8=
-----END AGE ENCRYPTED FILE-----
- recipient: age1yjqjfdpajzg8a2cj4e5ax6wcg5rq3337rm9jwsfzug2tr7yj8yfq27vteh
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtaGJ5bW1uSHpEZEg3TXlJ
bm5YQjFhTUVEZ2JTTGVZVE5HKy93T2pzSXlZCmxGS3JkMlNVV1FGNUFtWXM2QjJQ
NUMxRytuOTVkK0xlTjIzck1IZFRvU3cKLS0tIERPM21OZ0RXOUl5SWoyc1EwS1gv
RkNod3ZqRkdIbnlrcXhFK2pEMmRERk0K9985Wrlc/JBWmJsVHoyH9CcEr5cX8bgx
C3cg1V/0+GYP0b3ovnYsssftMprYYEDmRYlJHheQFcCkRou/umBycw==
-----END AGE ENCRYPTED FILE-----
- recipient: age1uqxzduupzes3tgfrrlret0n6thyldmlef60nqfzk689lmg6yayvsqpwxj6
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHdkJmdTJ2ZXl6ZEtjbVh1
amVVREtNQURUVUpDdHp6OFV4eFpaaTVVaGs4CmZ3d3pCVlFpOUR0aFN6dlpPbjJs
eE5VRFBGOCtHbDZhbzgxYyt3anNGOTQKLS0tIGpoWkNHNTNoUTFUYWRTMFl1Mzh3
VTJvaGtSZGpQMSs5N05pblQ4aEIzbkkKQiM+335AZC2+UmotonvM1nsyA/l9F5gr
da9+ltLr5U88pXfcdpiXTmxrSnMzDgLuZLRKZ0S/ZllGDhlnwxsuOQ==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVWW9Gc3NPZzcrVTVneFc2
NnpJQzNvbXhMaVR5bHllYnhBZE1JRnNmemgwCnp3bXpGWDRkbCsyU3lLMVF6T0Nv
NlkwZHZUQzBCL1BwOUFzWTFsTFZJajQKLS0tIER1dWhsaU1mbW4zSEhCbmVib1cy
eWRoSXlMamNjTHVaenpMR3dEOXNuWDAKSmbC+fGeKYcKy0eQdWPVVMpyBVYtogur
A0fYIBLXi+HMN+/7LXFb80vSnXN3v42KGQ/tzsWJo0ed3Q16wJ4eUA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-05-09T23:52:41Z"
mac: ENC[AES256_GCM,data:38RF2ZBEN8bnldWusQNhpju9zPd/sWRG8LgNesarcuqyqHVJCbjOo3Wm2arXCmnQAFlcmrLCbyheD/bpNhgbVEP2JscrqsH1PFTAAi+iLUK6AT4VZ1q/cdhRVVnHlR+wtehxufJ1sEAp3LNBbDKeSKTk8jorEfEz8NdE0uPvvjg=,iv:u9F0nEKYO/0E51f4z46GNvgK8E7QwoVI+xn7do5sGRc=,tag:Ovv85eGJi037y9hh1KqzEg==,type:str]

31
secrets/silver.yaml → secrets/silver/default.yaml
View File

@ -17,21 +17,30 @@ sops:
- recipient: age1yubikey1qg5k0y844v5e79uwax3r00u7zdljwnjlrmwvdr3st9m5a3ra5098qy0sjdj
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHBpdi1wMjU2IGpBdE54USBBaksyYUQy
UlhXUDJlRE9SY2NUUE9OSWJjcFVPRkNJaUdWUktMT3NVU3pveApRU2NGSWVlZXAz
ODB0b1Y4Ry9iWVoxMFpxOU9HR0ppZ1A0MUFCSFEzRWJvCi0tLSBRVHdMUU5SR2d4
ZlMzTkhDUDZJYXRlWTJ0NkpMaXZaUFprVzZKdElyZ3RjCo6/6NJZpJxTW8I4WsN+
aGOyPa0xeiGs9kCkkYykoD6tQsf4FVovT+YOvvAlRrch4yKDo7oAVNF+hfw4vLeP
24s=
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHBpdi1wMjU2IGpBdE54USBBcThHdTl3
NHNSNEw1VVVTNnlyM2FzZHFlcFVnWTRLNzRsSDhhQ0R5WlZ5Uwp2S1NtS2RKd0t2
Wlc0dmcvWGJGclZrWDNEaTRvOEo0UlpyaG1pemZLTjY4Ci0tLSA0UE9uQzA5bUlo
N3pYM25yU09ZaFNzb3F6bFJCR0lzRDlNZ1IyMWZ6SDlvCscwVPwWt83Lr8L4G72L
vi98Md6DBrNc0xNCnR2fUHaCSeTST/c1VeEHpsqgeQ43wnWnYWG3LRS7aX1tVvvo
UrQ=
-----END AGE ENCRYPTED FILE-----
- recipient: age1yjqjfdpajzg8a2cj4e5ax6wcg5rq3337rm9jwsfzug2tr7yj8yfq27vteh
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNdm9HZTBsVngwcG54RS9W
WElrYzJ3TUM2WkRCYThJcS9XTThQb0NnUXhvCnN3Z0ZlNkE5cHFVa2tDM01MaUJZ
NWJyL2crUDRVZkhIMkxQbFkvTmpGZzgKLS0tIDdsSklTVDQ1SE80WlkwVFZ5UVlX
Z2FrNldQeXFjMzRWTVN5Ykh4K3RMTWMK/7venyyXy0fJsWi1hqEdw3DUl7xFbj0z
kiiLLQt035RH/UiKyOlEVPC5xDAOEE00n0wSaYC9//vI/LXAxDgx3A==
-----END AGE ENCRYPTED FILE-----
- recipient: age19yhycdgqczrvttszq97ccljh684x3r7f5dj4p0wdwqsrusqlcayse0vsh3
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3a0Z3TVBYSkV5YU0zeERa
T3NXUGxlMGp6UEFrdXJ2YmdjRE5YQ0t4eEVnClZ5eEgza3UzaGhIY3ExTjdZRVpO
eXFRMFU2NEFZRXZlRUlGUlF4V2tzUXMKLS0tIGF0RjR6aFFDMVZ0SWhJNDNTdkNp
MXdERWkyRitkbWtHMnpQaGxhbTRma2cK75S4x9TdquXAV00m9EQ1vJno14YTmPD4
K8ne37brRWWi3gW6JsaOQOshNE19u4uwkAXZ2IQ+NdAq7Kt/qrcU8w==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBEZ3Z1czI5UGNXcDAyT3FN
cVV4YTJZNnNqa2dIMDVqVnB4Q0lxTUp3YWc0Ckt3MzNZUzdOSjBWQkIzTzRwbEhE
Rjl3NUFVclJ6VVM4Q0IyUDNJT1ZDckUKLS0tIHYyVTNaY28zekhXWUtVUThqUjdF
NVREcHJGWWIvY0Z1OGt4cGN6am1RaXMKAnlb8FOJ1wO5qtcmej57s7rhWjv5wqIn
nCUJX0R7s0/KH3aj98bX/4hQg2ZAw1l+xViOOIfwfRnzLWeyaAnk5A==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-05-11T01:03:55Z"
mac: ENC[AES256_GCM,data:QiKJfX/odDwZLH8Ds6pTBrQ5FplSMGLzDwk9jhXu8y5B6SAnahuf4X9Nj9V6rNHvYMN7MBnVQKcb5lD/nofNPOLvck9CTP6yWJ3WTK4Nd79Ffx0kRK3QY8Q1WlzjE0fDel5pJaytivf/l+BZwrWKIR20h0HmT2ETSb+lzMdYFSs=,iv:rrT6VJkf/D3tzbuysu77eUiwUmHKZCwdrbcx3oTyBUI=,tag:zsBE/r7WGQ0PIo/ZQHS4/w==,type:str]

53
secrets/silver/xray.json Normal file
View File

@ -0,0 +1,53 @@
{
"log": {
"loglevel": "ENC[AES256_GCM,data:mbQi7zKBog==,iv:1Xxb95L7iloljmHdBsYY50rCoQyrRu7AeU1sCN/tyzw=,tag:62F9cRuxJTyrTJ4OG09aUQ==,type:str]"
},
"inbounds": [
{
"listen": "ENC[AES256_GCM,data:HtY8ByxZ3vkM,iv:ZXYZ0es7pFOA/RGQQvCNRU23i7n7AGza1pqP4KvAoS0=,tag:GScJnzymZJ6uUlhwmppfaQ==,type:str]",
"port": "ENC[AES256_GCM,data:+qHgc8o=,iv:Ya3KrZzLjcb7uVAXFhscjFMD6yJXnyt/AakRk2SS6eA=,tag:DA+69lIbzm+z6ev7kfpSVA==,type:float]",
"protocol": "ENC[AES256_GCM,data:R6dhbB0=,iv:TwVobIOIZG3qXM3UylX2yAc04U77rh+XROwqH0fcXTw=,tag:xktgDmPYjxA1TP27w4dFyg==,type:str]",
"settings": {
"clients": [
{
"id": "ENC[AES256_GCM,data:sW/OrfmvvIoUCesh6o6i13ii42ppMlULMCHm7dGNR60THrL+,iv:5o1ebsFvFz7FV/7bfEZWpjoTGpCGWpvS6c7JPlpCJuU=,tag:hTXbENZLcD4pUNfvPe9axA==,type:str]",
"email": "ENC[AES256_GCM,data:5ecahRH9zjXwQ3UshHJciCs=,iv:wt9ikuL6g2Pqrew0S9zs8z4Sn6TjIxuCIW7NNAZ6R/g=,tag:pcSreGlfKzsMJmFX1k8DdQ==,type:str]"
}
],
"decryption": "ENC[AES256_GCM,data:THm0tQ==,iv:fcCansdqlMqfyaa4qoLeXVyV+QGEm7hfPr6L84VL0wc=,tag:TnO5Wu7KlwK+qB77xOGSjQ==,type:str]"
},
"streamSettings": {
"network": "ENC[AES256_GCM,data:bU4N8q8sCJc67uo=,iv:S4nLjgnVn18Lw3vTqZewu2H735WCKB6HXpuySWHax/U=,tag:zwLcQYneVvZYaim381H1CA==,type:str]",
"httpupgradeSettings": {
"path": "ENC[AES256_GCM,data:/r2IHJSgagkshA==,iv:eb+CVVjsE1bWzhxd4a0u6lM3J65AqZ3wOeHdm7AQrgU=,tag:hblCpH7Vnqir6uZHO7AdYA==,type:str]"
}
}
}
],
"outbounds": [
{
"protocol": "ENC[AES256_GCM,data:+5U3oYGUBA==,iv:Z35TWquRT5f51jQoAEROACUtyI7fPFyGxa/gXumSEq4=,tag:Ui3YF9lTxP1T5D4Xq+I13Q==,type:str]",
"settings": {}
}
],
"sops": {
"age": [
{
"recipient": "age1yubikey1qg5k0y844v5e79uwax3r00u7zdljwnjlrmwvdr3st9m5a3ra5098qy0sjdj",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHBpdi1wMjU2IGpBdE54USBBM2pNeE1B\nYVVZUGc5ellpSk5RS1pJNURFTkYvUzNmRS96cTZaM1VOSEhVWgpOeU5VQUY3R3Zn\naHpsdGluRnJjZnV1bzNDS3A5WXVYQWpaaFpob3RaTWpZCi0tLSA0aHRiV0tuZFda\nVGI3Z0F4b0U5b1ZKMGlKNDRMeERBbVB1VmpkK3lFaTkwCh4I81eVgiv2kf0WBo84\n9gn/BOeFlAORXh0GJt4g496lwkIFWb/NSTG9Vl2hdGx8OCw/3vUhcbWL8Ndtx34c\n0Ls=\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1yjqjfdpajzg8a2cj4e5ax6wcg5rq3337rm9jwsfzug2tr7yj8yfq27vteh",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwVFJlVzNtSmFzTkZ4SW5s\nb2U0Szc0SytGZjRUVEFCbzBKd2lQOG96amhFCkRtMXQ0UG1qcm9lbjBDRnBiQ21Q\nZ3h1RDZtN0VONTdvWk1RWTE1WEwxd0kKLS0tIGNGSHl3NWE2SjFMd29CcDJ3Znlx\nQUNkNkhLTXpoWk1WVndUbGRRbnBNOG8K2sDAgRPo/4qlc/NQBV5fmDEX21Ri/qr8\np1ttuUxo141ZuTnJ/czKdMMiJScaIghUMZW4oFyxLwqQZfTSdyy4mw==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age19yhycdgqczrvttszq97ccljh684x3r7f5dj4p0wdwqsrusqlcayse0vsh3",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB5SjVJS2NRS1VwSm42bWRP\nVXFqT2wvWUVqS2RiZGVZTWEvTDNqbGExWFhRCkY5N213WEp1RWp6bkZEdkcyNUhO\nclVCTjI4enpBOHNUMEJTMzZoTzdlWjgKLS0tIDRpaU9NZitxY3lzL3Q4MGtXM3lN\nZWpRT3hhZ1hTeVhnMFRVZlAvOUIyYWcKeamBTHEl7QVFxFevy5ZiDQFgEFIAM+1u\n8bvwoMfrq95DKIqxC1cQ1ndTzALdok7kWfPjKG3nDxgFS1y84Fh04Q==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2025-05-13T20:34:00Z",
"mac": "ENC[AES256_GCM,data:JqBN/0K0BT3cZ+CNaRMMM5zTA26QvAPQcKuPmZda1DTWmu7uCzpvGhZb58VFDFDG5Pj7hqFy9ba++cu8GcBuAqbu/wlW9ogkgWtBdDi92wZyqU7KYO0cFVYuz8MVJBmI/tr1ikdsRypjdgGYKNLXhr9h3lQiQGGkB2uIe3SiKpA=,iv:LBB0T+Zdgt0ZK3cs8/ewpYJPetqol963DKVTfWutglY=,tag:Gp9sZRk1nrLAGqU0mlKfpQ==,type:str]",
"unencrypted_suffix": "_unencrypted",
"version": "3.10.2"
}
}