diff --git a/.beads/daemon-error b/.beads/daemon-error new file mode 100644 index 0000000..5d7768f --- /dev/null +++ b/.beads/daemon-error @@ -0,0 +1,16 @@ + +LEGACY DATABASE DETECTED! + +This database was created before version 0.17.5 and lacks a repository fingerprint. +To continue using this database, you must explicitly set its repository ID: + + bd migrate --update-repo-id + +This ensures the database is bound to this repository and prevents accidental +database sharing between different repositories. + +If this is a fresh clone, run: + rm -rf .beads && bd init + +Note: Auto-claiming legacy databases is intentionally disabled to prevent +silent corruption when databases are copied between repositories. diff --git a/.beads/issues.jsonl b/.beads/issues.jsonl new file mode 100644 index 0000000..fc91a6b --- /dev/null +++ b/.beads/issues.jsonl @@ -0,0 +1,10 @@ +{"id":"homelab-3p8","title":"Watch cluster rollout","description":"Watch the rollout of the cluster to ensure all pods are starting correctly","acceptance_criteria":"- Command `kubectl get pods --all-namespaces --watch` is running\n- All pods are observed rolling out\n- Pods reach Running/Ready state","status":"open","priority":2,"issue_type":"task","owner":"laur.ivan@ec.europa.eu","created_at":"2026-02-07T00:32:25.122454196+01:00","created_by":"Laur IVAN","updated_at":"2026-02-07T00:32:25.122454196+01:00","labels":["bootstrap","verification"]} +{"id":"homelab-4cn","title":"Configure GitHub webhook for Flux","description":"Configure GitHub webhook to send push events to Flux for automatic reconciliation on git push","acceptance_criteria":"- Command `kubectl -n flux-system get receiver github-webhook --output=jsonpath='{.status.webhookPath}'` returns webhook path\n- Full webhook URL is constructed with format: https://flux-webhook.${cloudflare_domain}/hook/{path}\n- Webhook is added to GitHub repository settings\n- Webhook payload URL is set correctly\n- Content type is set to application/json\n- Secret token from github-push-token.txt is configured\n- Events are set to \"Just the push event\"\n- Webhook is saved and active","status":"open","priority":2,"issue_type":"task","owner":"laur.ivan@ec.europa.eu","created_at":"2026-02-07T00:33:23.881275565+01:00","created_by":"Laur IVAN","updated_at":"2026-02-07T00:33:23.881275565+01:00","labels":["configuration","flux","github"]} +{"id":"homelab-7k4","title":"Push talhelper encrypted secret to git","description":"After installing Talos, commit and push the talhelper encrypted secret to the repository","acceptance_criteria":"- Changes are staged with `git add -A`\n- Commit is created with message \"chore: add talhelper encrypted secret :lock:\"\n- Changes are pushed to remote repository","status":"open","priority":2,"issue_type":"task","owner":"laur.ivan@ec.europa.eu","created_at":"2026-02-07T00:32:05.950780413+01:00","created_by":"Laur IVAN","updated_at":"2026-02-07T00:32:05.950780413+01:00","labels":["bootstrap","git"]} +{"id":"homelab-82o","title":"Verify Flux status and resources","description":"Check the status of Flux and verify all Flux resources are up-to-date and in a ready state","acceptance_criteria":"- Command `flux check` passes all checks\n- Command `flux get sources git flux-system` shows ready state\n- Command `flux get ks -A` shows all kustomizations ready\n- Command `flux get hr -A` shows all helm releases ready","status":"open","priority":2,"issue_type":"task","owner":"laur.ivan@ec.europa.eu","created_at":"2026-02-07T00:32:43.666513198+01:00","created_by":"Laur IVAN","updated_at":"2026-02-07T00:32:43.666513198+01:00","labels":["flux","verification"]} +{"id":"homelab-f7u","title":"Tidy up repository (remove templates)","description":"Clean up the repository by removing the templates directory and templating-related files to eliminate clutter and resolve Renovate warnings","acceptance_criteria":"- Command `task template:tidy` completes successfully\n- Templates directory is removed\n- Templating-related files are cleaned up\n- Changes are committed with message \"chore: tidy up :broom:\"\n- Changes are pushed to git","status":"open","priority":3,"issue_type":"task","owner":"laur.ivan@ec.europa.eu","created_at":"2026-02-07T00:33:32.475687645+01:00","created_by":"Laur IVAN","updated_at":"2026-02-07T00:33:32.475687645+01:00","labels":["cleanup","git"]} +{"id":"homelab-gqj","title":"Bootstrap cluster applications (cilium, coredns, spegel, flux)","description":"Install cilium, coredns, spegel, flux and sync the cluster to the repository state","acceptance_criteria":"- Command `task bootstrap:apps` completes successfully\n- Cilium is installed\n- CoreDNS is installed\n- Spegel is installed\n- Flux is installed\n- Cluster is synced to repository state","status":"open","priority":2,"issue_type":"task","owner":"laur.ivan@ec.europa.eu","created_at":"2026-02-07T00:32:15.371162045+01:00","created_by":"Laur IVAN","updated_at":"2026-02-07T00:32:15.371162045+01:00","labels":["apps","bootstrap"]} +{"id":"homelab-k3j","title":"Verify DNS resolution for echo subdomain","description":"Check that DNS resolution works for the echo subdomain and resolves to the Cloudflare gateway address","acceptance_criteria":"- Command `dig @${cluster_dns_gateway_addr} echo.${cloudflare_domain}` resolves successfully\n- DNS resolves to ${cloudflare_gateway_addr}\n- DNS resolution is working correctly","status":"open","priority":2,"issue_type":"task","owner":"laur.ivan@ec.europa.eu","created_at":"2026-02-07T00:33:02.539037288+01:00","created_by":"Laur IVAN","updated_at":"2026-02-07T00:33:02.539037288+01:00","labels":["dns","verification"]} +{"id":"homelab-mbk","title":"Verify TCP connectivity to gateways","description":"Check TCP connectivity to both the internal and external gateways on port 443","acceptance_criteria":"- Command `nmap -Pn -n -p 443 ${cluster_gateway_addr} ${cloudflare_gateway_addr} -vv` succeeds\n- Port 443 is open on both internal and external gateways\n- TCP connectivity is confirmed","status":"open","priority":2,"issue_type":"task","owner":"laur.ivan@ec.europa.eu","created_at":"2026-02-07T00:32:54.223562688+01:00","created_by":"Laur IVAN","updated_at":"2026-02-07T00:32:54.223562688+01:00","labels":["network","verification"]} +{"id":"homelab-n0h","title":"Verify Cilium status","description":"Verify that Cilium is installed and running correctly","acceptance_criteria":"- Command `cilium status` runs successfully\n- Cilium reports healthy status\n- All Cilium components are operational","status":"open","priority":2,"issue_type":"task","owner":"laur.ivan@ec.europa.eu","created_at":"2026-02-07T00:32:34.123646456+01:00","created_by":"Laur IVAN","updated_at":"2026-02-07T00:32:34.123646456+01:00","labels":["cilium","verification"]} +{"id":"homelab-rzs","title":"Verify wildcard Certificate status","description":"Check the status of the wildcard Certificate in the network namespace","acceptance_criteria":"- Command `kubectl -n network describe certificates` runs successfully\n- Certificate status shows Ready condition\n- Certificate is valid and not expired","status":"open","priority":2,"issue_type":"task","owner":"laur.ivan@ec.europa.eu","created_at":"2026-02-07T00:33:12.166198226+01:00","created_by":"Laur IVAN","updated_at":"2026-02-07T00:33:12.166198226+01:00","labels":["certificates","verification"]} diff --git a/bootstrap/sops-age.sops.yaml b/bootstrap/sops-age.sops.yaml index f2d0847..657181f 100644 --- a/bootstrap/sops-age.sops.yaml +++ b/bootstrap/sops-age.sops.yaml @@ -4,20 +4,20 @@ metadata: name: sops-age namespace: flux-system stringData: - age.agekey: ENC[AES256_GCM,data:nSKGHXW5dRxzBb0CmpYaIL/LdbFYvctP6V8UffwlE+zv7/QKT8gOfV/m26R8W4FUvUeR123IU75ygje8Ky2V+urS1WabmqJvV8E=,iv:15SpNCWOV32L4+mv6ud+EnRrR7i87SeAo5Kewo24h+0=,tag:i/VUNMHY0VzJR/C64hvXiQ==,type:str] + age.agekey: ENC[AES256_GCM,data:wUWN4GHTYiqT6SqRNcr5hk6YEPnqcHQSBSYLbxnIpwaguwfhE7B/hIDXMngOyIWaDSoqohx0hGHoWAMKdPEv1b8bVEbDaaKo1QI=,iv:5y2IvZUzLeHfChv1BfO0H0nz2s4bwVzg3rfy30GzIik=,tag:KRxEgCHgShNYkuPq6qwCJQ==,type:str] sops: age: - recipient: age1yzrqhl9dk8ljswpmzsqme3enad5kxxhsptdvecy3lwlq0ms80gaqxrctst enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3YjdLTUhYT2Z4NjhkaDBw - bmtxUWh2dkZtaTRRT2p6N0NkYjBPYjA1K3hJCkt5bXhuLzN6bUFzaW5CMzRZSE9y - S0RoMkhzNWYxejNVTjBRYVZtcVE3bDgKLS0tIHNBc1EvazNqNHp6R0w5ZUMwbkNz - L0xCNnVpMDZjd1hQMWVEd2hmdmdTYlkKP3r9BmwP7LBS925BfbPMvnp5K7tSeSxI - EXBW/Xlzf390tNoyw06PlCzx3kbiF58KjVI0wznFere6N/v3NRvGrA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB1UGY2VXZFd2FLT0oySnJa + UTlIM21JemtRUzNUTEE1aFVvcGxzMlJ3V204Ck9sb0o1a3VJZStxekZvbmE0c3B1 + WjNJbmpBaWxrTGlnd0lQTThxU1FZMGsKLS0tIGtjNExDMStVZndhU0tmcnJsa1E0 + cytWWnRoNnlhVXpYcG0xRTZRMzQwTU0KW/C7wKtC8iM6no6YrjU7rfXMZs+uNJMy + DjHgledfcJ5r/Ae5KwY5Su7tx/hAQAw+y+XOAUm1fzwV/zTVz5/WTw== -----END AGE ENCRYPTED FILE----- - lastmodified: "2026-02-06T17:15:16Z" - mac: ENC[AES256_GCM,data:0qWpT3ZpR8agsokUwGPbJ8O2ampboSSvVU7/EEByhLX/kHeCsChK9w/1wpKNWCxxxsiBjfFL91xyweVcbFXnix+O6hM78naUKYt2w1mTrNSw6SIwr9BCr6j+5kaen2edj8suy2OtIiobMOcOiu9UW2zEU3a9vSJLQQJi3uaWDaI=,iv:51+uzZHen36n4vF0t7R0YXC3e73u8nhfgQmNLAlj9c0=,tag:oEigckA9aW7KdcF6ssnr2Q==,type:str] + lastmodified: "2026-02-06T23:19:54Z" + mac: ENC[AES256_GCM,data:Kz53Z7KukIQqM6l3WRkv8Fm8ceZwFIEcMCi59ewh3H8o9qPYKtB3QJsqUJJZBrUor5FP/tbeTyutZxZU2Muqo8zge1+FrheyplIQSmVhMF6feCZSNdd9MZHBJD2jc1KHXHy3o0GdNyntARRjICDnE3vq6nrbMdVofODVBtEJGXk=,iv:VFUBchPk9PlOaQ0jfrHp0VgVCFcB50vbQcWOkadYeNY=,tag:nUNkgfwGy2QutLrpUHqP1Q==,type:str] encrypted_regex: ^(data|stringData)$ mac_only_encrypted: true version: 3.11.0 diff --git a/kubernetes/apps/cert-manager/cert-manager/app/secret.sops.yaml b/kubernetes/apps/cert-manager/cert-manager/app/secret.sops.yaml index c652b6c..80f8b67 100644 --- a/kubernetes/apps/cert-manager/cert-manager/app/secret.sops.yaml +++ b/kubernetes/apps/cert-manager/cert-manager/app/secret.sops.yaml @@ -3,20 +3,20 @@ kind: Secret metadata: name: cert-manager-secret stringData: - api-token: ENC[AES256_GCM,data:g7EU9+F/w3ZfOmXfurtTriURKH6ACy0=,iv:cYlb1qcgA6rm4At9MB7gLd6nhx2xOUX3kS07EcFcpRc=,tag:M06roUVzO+KiCoo0Szafxw==,type:str] + api-token: ENC[AES256_GCM,data:8ZfAyBvM7tVWaG2G/L/FFY6hbAAALBQ=,iv:NlG4loGnqLe+ECP0ckFz1LSCd2OAxXoyVk61FV/nskA=,tag:8xYcDqsFkmPa6l8N+0rGtQ==,type:str] sops: age: - recipient: age1yzrqhl9dk8ljswpmzsqme3enad5kxxhsptdvecy3lwlq0ms80gaqxrctst enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4MlhjQTZjTnpReU5uOXBK - c2VzZmdFWXhBdHlRZEM2SHdJRUNTTDRFREVRCnMweDQzaTA5ZmlZTm1wc0NoYzBX - UTFoRXczMVl1ZExjSk9ENG9zYkRLdFkKLS0tIHNzbDRXbzEyS1c4TWxLLzdEU29E - UGZIbmJpOUVsMkV1eXlERVhhV2l4U1kKHwiICIi0T8JYanOwocbOjOJArZnp7+X0 - S75OyFJSTWtX5s5lAfpOnc6xfYDmEKVFC1IWGLcPpHSiXrl9blsd0A== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtWDJhaDR4QVhRZVZjbXVF + MDdGazU2RWRuRzVDTVV0N1ZzQmpVYTFMZGdnClp5UExtUzl5K3ZjRWJEcDY5RnN0 + cUJ2QnA5ZGRONGFOeWhiZHhiWmJWRTQKLS0tIFM0ZStnK3VZRkQ5bU1EVUlFV0hY + WVZ6L0JlZzZGVmhWa0tKQXhDWFowbTgK9cxIrmI9NEN5/MLOKfM/porIWuVu1jKL + F+HPb7isgvY0P3c/PJLd9d0Z2mderFhvLPTgNVjXkqIVDMj8kJUtmg== -----END AGE ENCRYPTED FILE----- - lastmodified: "2026-02-06T17:15:16Z" - mac: ENC[AES256_GCM,data:2JyFiMBdroxwKgYCq7Nh+5m9iuOrVAFuMk/OUZW2Lj0W1R8INvnNcrcXmtcr1g1Z+4M1mwGa2XKwDoJjNzeN6G0sVcU6vDb7Gxs3bjsGjE+pr5rxrbVumL+6x86t0AF/I6bUDXmcPJPoEoHxyJ1nY+9AeMPsqAHJ5pd2+Bcx3PE=,iv:oyafLwhq6vHEu8wTEhqIgqQAwyDahzdvtwjtDVRSKXI=,tag:hZdGfTQEEbxFF4wdLkbS4w==,type:str] + lastmodified: "2026-02-06T23:19:54Z" + mac: ENC[AES256_GCM,data:8A0c8MxMJLCd4nhsFBLRUGiC8IUbu7qJBa8zgp3vhgY+W7YCThmYzu2Q147zbch5kvA8PORF5CAbZjDvvwQ7WojSDw2qHEA7wPU8wbSE7WSL9o3Lp1027z1fk15TvlFCGRR3V3L8kTyMQXxc9tHCd0vFx7F+O99/c6hlovbSuDE=,iv:V8Okp/ciK/rt0FnEc6NJ9PDxjdoiUgiYs4UK6D2t47E=,tag:AMX4EDTokC66DMMBZ4hpYw==,type:str] encrypted_regex: ^(data|stringData)$ mac_only_encrypted: true version: 3.11.0 diff --git a/kubernetes/apps/flux-system/flux-instance/app/secret.sops.yaml b/kubernetes/apps/flux-system/flux-instance/app/secret.sops.yaml index 7c6aace..efd196b 100644 --- a/kubernetes/apps/flux-system/flux-instance/app/secret.sops.yaml +++ b/kubernetes/apps/flux-system/flux-instance/app/secret.sops.yaml @@ -3,20 +3,20 @@ kind: Secret metadata: name: github-webhook-token-secret stringData: - token: ENC[AES256_GCM,data:Ax/iC24DNn7q+Muzr/1n7nW5rHkyI+RL272ptAqNj9E=,iv:93LLC0H0/rP7SsEVwu/K+FXGSIT+JrOxyEy9E5yohVw=,tag:3M8XVHUe057sZe0YdjIBkw==,type:str] + token: ENC[AES256_GCM,data:tPhLMHfjDb36TYDTrURsThcMTPnEUXXd673xcrk0W9o=,iv:yTsvzqOTZvAJuEf8qmPS3boVQ6F0sUlFBy4VA67DXUM=,tag:DZr236d3zm55CufMo1+XQg==,type:str] sops: age: - recipient: age1yzrqhl9dk8ljswpmzsqme3enad5kxxhsptdvecy3lwlq0ms80gaqxrctst enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0dmt3TFl1cXZTUkJ6eDFt - NzVzUU96NEVwSWgyTUVyWGVZdEFTRWRMOVhzCm9SbVpVZ25wMDFrYlRSazhleng5 - M3ZDUi9mWjJXSk1jS2x3cUtwNXpyd1UKLS0tIEZXWTZXVmdRRnBueG9aTzJwTitz - VysvZFpUOVEwV09yTXdEaUs0NXJ0a2sK6qQ9XVf/hlBeCM1t/jzdd9mbX5zPpddd - 3wWEUxW+UnPiVDn5+4I1SYmx6ZGNs4hDZ41PzipV0MaD+VPbaVJkAA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBQzRTRms2bWdobnYzOW9Q + UTg4WGtmMUMyaWVrVXhJUmpsV0ZTTmJiMWlZCmEzUnYvdWNENG5DdTg2elFiY09O + ckhoTFp6RXdHM1NXcjlaMmdKd0dMaW8KLS0tIHFhMWNtZ0NzVU1ZOFUxQkN1NVBX + RUV4d2ZwQ1c0cThxK0h1Wmo5cE1NelEKn1zF0F3mTITgcfr2Pt6Xgy1HjuXLAF7e + d6xpY7HKSEhhESQO5veXdYpYi1k8o81HyZtl13pwkgwgOkuJw5MDlA== -----END AGE ENCRYPTED FILE----- - lastmodified: "2026-02-06T17:15:16Z" - mac: ENC[AES256_GCM,data:CsfeTXYkMOAO+oL88JFSi4Hg9wBlLb8Fx/PNPcJJdm7z5bekkKmjQDzTyoon5xLMQazppTZ3FUK6MMYCXXdXVK+KoSgrxjgjw+BBx7+SPuSowwLhRD0bw3qyzZkVoVJR26ZzeJ/L4Zn1gAH8O0wBOvgPqEn7kq+1y2ybeK6ONyg=,iv:xuh6P1TToQkIikCGCFu8WQzy3uN1X+DeT7fOKKEZG+Y=,tag:CHtHBAve8e7Yzx/C/bcRyA==,type:str] + lastmodified: "2026-02-06T23:19:54Z" + mac: ENC[AES256_GCM,data:DoTwNwD8Vx3KXNDPeCLp4vyJR8s0Q2IOV10sUvwCSGWbuBm6P63v3k/6Yr74e72x5HHRFEG19yV0SKOY5S5V9GgMdb587gt08Nd7iInO9pVFl6sIyMOx1OiVBlmtdtB5TQP57FhoQ1uttcESsbKHgyEJCD5AAW81gbg6083EA9g=,iv:/HlzSO/9rSSXE7FRa5NLCyApYYxbXbwIsuFsYV15HJc=,tag:X2dE8gXXbz6ZInkvZqEgLg==,type:str] encrypted_regex: ^(data|stringData)$ mac_only_encrypted: true version: 3.11.0 diff --git a/kubernetes/apps/kube-system/cilium/app/networks.yaml b/kubernetes/apps/kube-system/cilium/app/networks.yaml index a12ea35..dcb98dd 100644 --- a/kubernetes/apps/kube-system/cilium/app/networks.yaml +++ b/kubernetes/apps/kube-system/cilium/app/networks.yaml @@ -6,7 +6,7 @@ metadata: spec: allowFirstLastIPs: "No" blocks: - - cidr: "10.0.50.0/24" + - cidr: "10.0.0.0/24" --- apiVersion: cilium.io/v2alpha1 kind: CiliumL2AnnouncementPolicy diff --git a/kubernetes/apps/network/cloudflare-dns/app/secret.sops.yaml b/kubernetes/apps/network/cloudflare-dns/app/secret.sops.yaml index a05f56b..1fd4a6d 100644 --- a/kubernetes/apps/network/cloudflare-dns/app/secret.sops.yaml +++ b/kubernetes/apps/network/cloudflare-dns/app/secret.sops.yaml @@ -3,20 +3,20 @@ kind: Secret metadata: name: cloudflare-dns-secret stringData: - api-token: ENC[AES256_GCM,data:UKpTJgaK9G9O3J8d7Fgzw8WbfCg24JE=,iv:H1HKlF7vWiDxt7+A7OinafKHyNb5sf7U0krOZ3jK3DE=,tag:FrjImSrAjAf+ba3EWeieBw==,type:str] + api-token: ENC[AES256_GCM,data:WYpLcODNDH+hR5Du1vC0cyukqZxPSl0=,iv:m/EH50DeTQ1h15DKnLU+54XKfJzdSTB8kB3PiXpcYoA=,tag:FBaqpUvXd1iRxt+TgpBjIA==,type:str] sops: age: - recipient: age1yzrqhl9dk8ljswpmzsqme3enad5kxxhsptdvecy3lwlq0ms80gaqxrctst enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3MVRtS3UvTWkwUVpJVzlx - S2NPWUdVcEhCZjdXdmNBbDQ2MStic0FUblVVCjJrUHMwcWJ6YUI4YTR6NGJRN0RM - Nnh6WllvWWkzak1INENIWi8zTHNFNk0KLS0tIHhGRG0wRWNWWXVwUlRsaFYyWUxO - VUJTazdTanRPNCtLQXh4and5ZHJNYU0KruRvlrvLZkUTCTBa10m7+RWJ3o7AzntC - OnxLebUJC9aYTX6J1BVMPrhmFfSxsK6Rh7X3W8onDtIp2iy3ArrpNw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBpdUIrWHJhR1QrdWdpZHJI + a1R1M1lxc2FmUERmU0h0TkpzVWorRnF2a2dnCktmQTFjRzBnZGJ1enBWUWdmb0JB + MnRoZWs2eEZMbGhsSnFhTENQYUJXOTAKLS0tIC9rS2MxTVZUK0c2TEljRnkyTVBs + NDZrc3p4VFgrYjdXUkp6eTY5bnN4TzQKj77N+klrJSaenw7zNDh6tSj8av+oZwKo + zEiAV3l6WnhNPV6d1MXISkWs1jdmq1mnUj96uN4L/8M9Rp9e5oN8Pw== -----END AGE ENCRYPTED FILE----- - lastmodified: "2026-02-06T17:15:16Z" - mac: ENC[AES256_GCM,data:gVpksh43O9k+oB/d+zWnZmUdN1VoEsNTL0PzSh1sVceKgxKqVmnWZ2rd4SeGgb5ZRY8qWVoc/VjBpmO5MOR+e9G/Mnr+ObgaMNF7jHfONqHrKrI5cb/V1QY6dLlGfOJXZAeJjNlFW66eBbOA4MYxSL2BN9EmEujhcTw/wN0eg0s=,iv:JJaPxRmuQjkOuLchKqncQKHye4Y/WZNId2HAe+SDQf4=,tag:YcubZaOGX7fNtb3KhEYwew==,type:str] + lastmodified: "2026-02-06T23:19:54Z" + mac: ENC[AES256_GCM,data:Cu9pIzQf4QJGe6ur4QmT5uKyTywJ9Ayqe7U6IgVQl0YQWMTgzPcr7crE7HzcHbnSWf0VOLTc69+4cdsMqiwZ8p/PqET+UD7QprFPa7tmi19rbuPSMgRhrYlbCPjo8tx22ASh17rQPLKDN/hw4HCt7N8lABDod6irOh5kJt4Ewdk=,iv:FR+JkSo/BMKuhy36/R1Cx0tmvYzV+oTmEvjex8E4jVQ=,tag:ynTb7yutVO61YSm5JNemFg==,type:str] encrypted_regex: ^(data|stringData)$ mac_only_encrypted: true version: 3.11.0 diff --git a/kubernetes/apps/network/cloudflare-tunnel/app/secret.sops.yaml b/kubernetes/apps/network/cloudflare-tunnel/app/secret.sops.yaml index 0d13847..e4827e0 100644 --- a/kubernetes/apps/network/cloudflare-tunnel/app/secret.sops.yaml +++ b/kubernetes/apps/network/cloudflare-tunnel/app/secret.sops.yaml @@ -3,20 +3,20 @@ kind: Secret metadata: name: cloudflare-tunnel-secret stringData: - TUNNEL_TOKEN: ENC[AES256_GCM,data:9esVt/nhRJpjGM3SprOlvtUHHwhbY1b03lcG/Mod68ljpaIlrdu3qJ4iOIch8tRAETPATpB0ikbyyXtygFIQZ2wD5oiO/KhkmqDwmGFA+KRCah6ghnipMhpYhdYytNDaLfEnQBv88sTZFWDT7apjnHp+msUcpb0F+mD4LrTjLVE+WIBHFYfdAWspsXa+JWQwemjoHASJ6c4gvbB/yW5V1bjLy5R05Zyb5d5SYh+pb9WCLatl,iv:/8uhuoSjwTXFutDUlBxRFsJXQ/lsqs2AcieeUL5Bf0U=,tag:KpzZF9ic999b4NxYiB+8VA==,type:str] + TUNNEL_TOKEN: ENC[AES256_GCM,data:7dUHKyUL1HueEKAUYXBXFBJjOG7+DQs/kO+nCf9J2WxK8i88DiKjkoSoHeKJLXAyggayVjzOM15kxgZIa6SFfBKZWFN/qLHZ7I8rULyzkHf+FQvJx1GE7I31uLvWj7EXejPp053z+pGYBjdYe5/eZMfHy1rFXPqEPXw8oPSZ43UbP+Oa9Af5h8QSfuevNOpKX9VhIVdL71OoBsfKPNQhGkuCID6e3+x3QEbAnlB0tD8o2nOt,iv:YSf2745drewpDiNmcT6r/fVYAwakdUkBJWmPBS7wNjo=,tag:6v3A3X7TRIOtxOwGeQsIjA==,type:str] sops: age: - recipient: age1yzrqhl9dk8ljswpmzsqme3enad5kxxhsptdvecy3lwlq0ms80gaqxrctst enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5M3F2RTNleFBoR0ZqWnJK - NnZJcUNjdXJ3NlJTN3NtMVU2RE96a1l0WFhBCkw1Z0ZCMmxwMU9IZUJsUUo1Lzhm - V3ViR2ZVaGVnU0RpUXBPZC8wYXlscHcKLS0tIExMbVEwdlk0a0RTN2d6M0tpNlo5 - UHBPdnh0Y1N3SGk2N2ptT0o5bzEwMWsK1WCmvr5K8G6GCTmuNUlY9nmzvIh9UNuL - c5FQouMsoLnDcj7Vy/IwfHRr5wU2u28RdPmh4dq3yVVGxud3cPgfVw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDQ2FOZEU4OWsvTDNZa3pj + dUhPMkd4ZUtKWGxCSFpQZE05ZFhuQnAvelVjCmp0S0VpcDhGRGpLRGpIbFBzOGEx + dUJScnBOcDhmYnkwY2VRc05sNGd0YXMKLS0tIGJhNGRGcWY5Vjc5cEZJVFVYcHcw + UkdCRWI4Y096bU53c05xMWdiMjBpcDQK+FcoUkF4fcSokWwiKpgcFOl99V7KV3/N + AvV/Zhl2nrB0u/fsEhSBoPx4sHbrYe8qZZx5wgazQMnjkgGbbgyJ6w== -----END AGE ENCRYPTED FILE----- - lastmodified: "2026-02-06T17:15:16Z" - mac: ENC[AES256_GCM,data:Grg4MQaP8HS2RFO9I6NBQX/zCbF/YbrK56sH4jCtXISt3FPEvYs31Ka9DwRQD4ajPH8wAK9NQDsX8l9ph27sXIPabbB2oxMvrtT7p8/Ntj5h5asX/hqOOb/5465unw1TzwmSIDN6+8jEQlWzwG2qndNCX6WC54+xa//V1euNjt4=,iv:eMGsHVcLN2IjqwZuH1JToEwyjKUdJZw5yG6Eu7lnsVM=,tag:0oIQa83kSb1suI4db9qhMA==,type:str] + lastmodified: "2026-02-06T23:19:54Z" + mac: ENC[AES256_GCM,data:/P01+iM+clwj5/M+mh8UyeFLM/s9FYJPwgqrc8tD8vGy/BGISd+D6PKn2ia8ETKpNxCtPcM/9rv0mrmRFRD7nrJeY3iDa87tpRnoyo3+CDe0yJ22stAavrJf5O1Tu71NPKWhsw1SRYJgWUUB0mhIXVcRB4/+ECA7u3Wm2ux080U=,iv:7ulGhyCFZQdy5LEKyxydzGhg9gKYUgiERTZ38k9s3QA=,tag:dDaCZCRtvNYmKXODQ0+dwQ==,type:str] encrypted_regex: ^(data|stringData)$ mac_only_encrypted: true version: 3.11.0 diff --git a/kubernetes/apps/network/envoy-gateway/app/envoy.yaml b/kubernetes/apps/network/envoy-gateway/app/envoy.yaml index 6be05c8..f30d55e 100644 --- a/kubernetes/apps/network/envoy-gateway/app/envoy.yaml +++ b/kubernetes/apps/network/envoy-gateway/app/envoy.yaml @@ -52,7 +52,7 @@ spec: infrastructure: annotations: external-dns.alpha.kubernetes.io/hostname: external.${SECRET_DOMAIN} - lbipam.cilium.io/ips: "10.0.50.110" + lbipam.cilium.io/ips: "10.0.0.210" listeners: - name: http protocol: HTTP @@ -82,7 +82,7 @@ spec: infrastructure: annotations: external-dns.alpha.kubernetes.io/hostname: internal.${SECRET_DOMAIN} - lbipam.cilium.io/ips: "10.0.50.102" + lbipam.cilium.io/ips: "10.0.0.202" listeners: - name: http protocol: HTTP diff --git a/kubernetes/apps/network/k8s-gateway/app/helmrelease.yaml b/kubernetes/apps/network/k8s-gateway/app/helmrelease.yaml index a357e83..0969181 100644 --- a/kubernetes/apps/network/k8s-gateway/app/helmrelease.yaml +++ b/kubernetes/apps/network/k8s-gateway/app/helmrelease.yaml @@ -16,6 +16,6 @@ spec: type: LoadBalancer port: 53 annotations: - lbipam.cilium.io/ips: "10.0.50.101" + lbipam.cilium.io/ips: "10.0.0.201" externalTrafficPolicy: Cluster watchedResources: ["HTTPRoute", "Service"] diff --git a/kubernetes/components/sops/cluster-secrets.sops.yaml b/kubernetes/components/sops/cluster-secrets.sops.yaml index a9a99ef..5ef5782 100644 --- a/kubernetes/components/sops/cluster-secrets.sops.yaml +++ b/kubernetes/components/sops/cluster-secrets.sops.yaml @@ -3,20 +3,20 @@ kind: Secret metadata: name: cluster-secrets stringData: - SECRET_DOMAIN: ENC[AES256_GCM,data:/oM3dDZMlNi/FNit,iv:Rcx5E20gYVa/KYsT+LBAB3WCOXVo8xn82XJlEHzCIno=,tag:XwQNLwZNF9kRX90DbtZiXA==,type:str] + SECRET_DOMAIN: ENC[AES256_GCM,data:FiRQTWKukYWG5SeU,iv:ZF66ws//NtgsLAAopFWxqfnS3v+zJ91cCtGDdKmrt8I=,tag:qpZ02/pHY75vPiNn55bnCQ==,type:str] sops: age: - recipient: age1yzrqhl9dk8ljswpmzsqme3enad5kxxhsptdvecy3lwlq0ms80gaqxrctst enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBLRDVKT0QwRHNNSzlicVMz - YW52SHR5UmVSUTFzMHlOeCtPUjBPQWtQRzJRClJYUWdZWGlaeVF6ZDdJclVZQ0ht - TnVHb214MkE4NkgwZUcwcmtoUmxWU2cKLS0tIEltL09BK0R5Z0VkWURzbmxGbE1M - Y1hPbFo0eDlvZ0lnazc3aTRGd2htd0kKdyJCErhBU1d/d7ijNkW9OYWEjLAnsdjO - Ov2z/d+7swzx7xhh5mmpjgDbLYoh/CMqTwGj5O4toNDgv/Zus4VpCg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPeU9xRzFpNUIwVDd0L1FW + TzBwS0U4bmNob0dISGlhRS9vY1FWVWRnVmlnCnlxOEZPUEd1WUdzK2VyNEpxckts + S1QyUDVGaTJQYW53VzNHWHp2ek1CbzgKLS0tIG9hczhjY2s0U1N6RCtRS3pBUWd5 + S21ack5la3RDUTQ2dW8rRHNNK2ZXVEUK63/NjwmIn0cKAfbGGdgdN7meUQxHPnNH + acqptglQpDthoGoI3sDhBeG+jcMfIwNCYP+lANbVaN0JXnTG/O7qxg== -----END AGE ENCRYPTED FILE----- - lastmodified: "2026-02-06T17:15:16Z" - mac: ENC[AES256_GCM,data:DRtYVDbOL02OivB7Bymy/bMW9I3gJfVcpHDYXaVDRdj1Nq6oQNbToTBdfJNgOcvVzVtq+AuJg7UF7mL4+hGN5EC8DoSbU9CfJxV0w7Zw7gyHKMV9OFsvE6dzXEXKYfsQtHnmQ/tZ6uSx9yrUzdq8cyLS8Dc9MxncCygTFwFp/fU=,iv:IjTWClKnorqCLVGxzq2pnp7EaivDdjMqnZ126CkQGbs=,tag:eO+t9hV9B4CZpnoO4DQonw==,type:str] + lastmodified: "2026-02-06T23:19:54Z" + mac: ENC[AES256_GCM,data:vAD+P1BodNPfsReicZ45ODsKol0e4zxG/x6USbJKvkNkVFAoqIlXCfbh8TeabDUbrVsucZMpCtViuhjGwnRaU1qhwoxxCAcq27MZk28c6eCjsWG8KxrUx3WM5nBk19Htgkm118Y+ls0vYCcS+H8rVuezAJ1+ZT2OhfD76JYHatY=,iv:T1nN8eKDlwICgRxfURETqrlD2FMie1ux9SlR/YnYkbc=,tag:IyCZ12r1hvpiKm4xXf62Yw==,type:str] encrypted_regex: ^(data|stringData)$ mac_only_encrypted: true version: 3.11.0 diff --git a/talos/clusterconfig/.gitignore b/talos/clusterconfig/.gitignore index 34f2952..142838b 100644 --- a/talos/clusterconfig/.gitignore +++ b/talos/clusterconfig/.gitignore @@ -1,4 +1,4 @@ -kubernetes-blade-cm4-001.yaml kubernetes-esxi-2cu-8g-02.yaml kubernetes-esxi-2cu-8g-01.yaml +kubernetes-esxi-2cu-8g-03.yaml talosconfig diff --git a/talos/patches/controller/cluster.yaml b/talos/patches/controller/cluster.yaml index 5179e0a..3415939 100644 --- a/talos/patches/controller/cluster.yaml +++ b/talos/patches/controller/cluster.yaml @@ -15,7 +15,7 @@ cluster: extraArgs: listen-metrics-urls: http://0.0.0.0:2381 advertisedSubnets: - - 10.0.50.0/24 + - 10.0.0.0/24 proxy: disabled: true scheduler: diff --git a/talos/patches/global/machine-kubelet.yaml b/talos/patches/global/machine-kubelet.yaml index e7b93cd..91631cc 100644 --- a/talos/patches/global/machine-kubelet.yaml +++ b/talos/patches/global/machine-kubelet.yaml @@ -4,4 +4,4 @@ machine: serializeImagePulls: false nodeIP: validSubnets: - - 10.0.50.0/24 + - 10.0.0.0/24 diff --git a/talos/talconfig.yaml b/talos/talconfig.yaml index fc03f40..3f7c54f 100644 --- a/talos/talconfig.yaml +++ b/talos/talconfig.yaml @@ -4,10 +4,10 @@ clusterName: kubernetes talosVersion: "${talosVersion}" kubernetesVersion: "${kubernetesVersion}" -endpoint: https://10.0.50.100:6443 +endpoint: https://10.0.0.200:6443 additionalApiServerCertSans: &sans - "127.0.0.1" - - "10.0.50.100" + - "10.0.0.200" additionalMachineCertSans: *sans clusterPodNets: ["10.42.0.0/16"] @@ -23,7 +23,8 @@ nodes: installDisk: "/dev/sda" machineSpec: secureboot: false - talosImageURL: factory.talos.dev/installer/376567988ad370138ad8b2698212367b8edcb69b5fd68c80be1f2ec7d603b4ba + # grubUseUKICmdline: false + talosImageURL: factory.talos.dev/installer/43a1a6104d8dcd6547983f4ed13abb6f5e8a1b2fdad796c69e7db6e95d122884 controlPlane: true networkInterfaces: - deviceSelector: @@ -32,17 +33,18 @@ nodes: addresses: - "10.0.0.145/24" routes: - - gateway: "10.0.50.1" + - gateway: "10.0.0.1" network: 0.0.0.0/0 mtu: 1500 vip: - ip: "10.0.50.100" + ip: "10.0.0.200" - hostname: "esxi-2cu-8g-01" ipAddress: "10.0.0.146" installDisk: "/dev/sda" machineSpec: secureboot: false - talosImageURL: factory.talos.dev/installer/376567988ad370138ad8b2698212367b8edcb69b5fd68c80be1f2ec7d603b4ba + # grubUseUKICmdline: false + talosImageURL: factory.talos.dev/installer/43a1a6104d8dcd6547983f4ed13abb6f5e8a1b2fdad796c69e7db6e95d122884 controlPlane: true networkInterfaces: - deviceSelector: @@ -51,17 +53,18 @@ nodes: addresses: - "10.0.0.146/24" routes: - - gateway: "10.0.50.1" + - gateway: "10.0.0.1" network: 0.0.0.0/0 mtu: 1500 vip: - ip: "10.0.50.100" + ip: "10.0.0.200" - hostname: "esxi-2cu-8g-03" ipAddress: "10.0.0.147" installDisk: "/dev/sda" machineSpec: secureboot: false - talosImageURL: factory.talos.dev/installer/376567988ad370138ad8b2698212367b8edcb69b5fd68c80be1f2ec7d603b4ba + # grubUseUKICmdline: false + talosImageURL: factory.talos.dev/installer/43a1a6104d8dcd6547983f4ed13abb6f5e8a1b2fdad796c69e7db6e95d122884 controlPlane: true networkInterfaces: - deviceSelector: @@ -70,11 +73,11 @@ nodes: addresses: - "10.0.0.147/24" routes: - - gateway: "10.0.50.1" + - gateway: "10.0.0.1" network: 0.0.0.0/0 mtu: 1500 vip: - ip: "10.0.50.100" + ip: "10.0.0.200" # Global patches patches: diff --git a/talos/talenv.yaml b/talos/talenv.yaml index d64ee92..2a9dad2 100644 --- a/talos/talenv.yaml +++ b/talos/talenv.yaml @@ -1,4 +1,4 @@ # renovate: datasource=docker depName=ghcr.io/siderolabs/installer -talosVersion: v1.12.2 +talosVersion: v1.11.3 # renovate: datasource=docker depName=ghcr.io/siderolabs/kubelet -kubernetesVersion: v1.35.0 +kubernetesVersion: v1.34.0 diff --git a/talos/talsecret.sops.yaml b/talos/talsecret.sops.yaml index e7dc962..3f57e90 100644 --- a/talos/talsecret.sops.yaml +++ b/talos/talsecret.sops.yaml @@ -1,39 +1,39 @@ cluster: - id: ENC[AES256_GCM,data:UbPjoI9hAzphOnpjT0Q5lMxrGHtUup993QjGfjfCh1BJPJBCsW5+OS5ol88=,iv:VVpOc6CWFSvTXzCwNd0fZy/xL81Wyec9ocw6H+ZCk4U=,tag:pjFOvu3+qrnQZjfuVpcD/g==,type:str] - secret: ENC[AES256_GCM,data:AAZNhs/M0MZqmBOL+gPzuLD5FO/pc2uAr8O2JjRYDwK277CB+gqs+0Y4js8=,iv:UOuLOr4HeFcuKWIGGsODBYXnk6ZXNymATz4y8RIBX1M=,tag:mwPRkFFGxgvpUawR8tnWwA==,type:str] + id: ENC[AES256_GCM,data:wZcsWFU8kRCoVtvmG4ETngPlHqsOcueyW5YigyYcBTCYZ+tTCHEzNBB4jL8=,iv:+/SvdadjJpoQAhzwqnXjGzgt3m3TGWE/MHze0jKW8rc=,tag:M3mqe6/LcyDY58KpW3oi2A==,type:str] + secret: ENC[AES256_GCM,data:ilNYmt1a1upQRGlMcsi/jLPXjR2iPppARxUHnfnOYqh1fnP7RC2xWRJIZ+w=,iv:MWzgsY69G/3KaH9DxlDbwaTy8tBVN+P1+qqpWc9VmJY=,tag:f+Aj94/l6kK1KGGP7g34BA==,type:str] secrets: - bootstraptoken: ENC[AES256_GCM,data:jXzZt1WQyRb7x1x8cRxDLS9IWTEQdpk=,iv:Wda82jF6l+xnC5mjo7szAKOqUr48AjcaVlhoqeSGWM0=,tag:ZaR/0u2wdpxDhq+P/t+MeQ==,type:str] - secretboxencryptionsecret: ENC[AES256_GCM,data:p6xvFNMDII0Rzc5YQLHvjV2KBxw7Ic5yu1o/LljyPwbtDVQoTZVp6BdJ6Z4=,iv:qY7IarYUbLvHKUD7wTMeqe26XE0tSclXXZPSaKFoI9Q=,tag:RskkE6URmXmpQy9ssf38SQ==,type:str] + bootstraptoken: ENC[AES256_GCM,data:sImQtX0OU1JfNueO8UazvmTtvWwxzvc=,iv:DpT64HH6tPQvxqcdDq6v3FBB8EmQLKENfjyoe1fqNFo=,tag:ooGkmxxTtp+XEwGck192GA==,type:str] + secretboxencryptionsecret: ENC[AES256_GCM,data:4xvWX7mYOyVF4OcdTF4TMD+E/pgl88K7eFfd/kA/8AB3tLBr6VhmaeELHDI=,iv:qqimUtuJCXpeO7qnHuD3OvjxLYBcirFVPYFfLQRP2QM=,tag:ZlC7XvYP6/boLVkBkIOAAQ==,type:str] trustdinfo: - token: ENC[AES256_GCM,data:x/3NF6/mi3cB9Q83kshrcgY6bmUF8Mo=,iv:PoEb6nkoHp43IMN6FvDEGsfjNG9kOkdyx95yRwOQpO8=,tag:1EkyelQQX3MRakohbotNVQ==,type:str] + token: ENC[AES256_GCM,data:s5auSeOtuesRZUnFSQA0mN+R4OzqPRE=,iv:qqmgjzYLB/zaxgsipZ4TF2EG+TS3W8qvDGckfHw0jzQ=,tag:pnmTlab8Jdg5E6nIHn7U+Q==,type:str] certs: etcd: - crt: ENC[AES256_GCM,data:jEySIpXFoTuiic1xqpUpVXA2Ed4PcjOQ5Yl7BcqlB+Th9PmTm90WFA9OgPEVLRfl/2aKBprRG2EO59uJvRXDLLszaRRasNPwkUL4fgSngbjN/94doBTTlq8PepvUa3C4lCd2rX91TGcQxe4tRW+weBLE2LkFLsdML4sKxi4KwWw75pgbARuhQ+iEjy9/H0H6oc4/nAlU+BvCuoJvnxqZpuPzLhAkiTy0/EQAS7QJvKmSSrXyclOZT0X/I877BtYBhV+U0OHTQHi88lxn/EEcMvOhqQVBrfauVK778anpig5Z+Ijbe16T09LavRU4xUypbQja7rSJAaFZoL+jhwD8cmEjD7+Da1jihsdkg/noNCcBy+Zn6sr3jsxw2MMqx9kigTPY9Hj0W/Mz8EMQpGqle3Hg7+Ti7O02aMOb69XOgWNlZbmSHnWiD9n7XP/mD4eIyxHBqoHis9AFLZQzb7DK/I1UJGsITqF/5BAGWv6q1S1LGjRrsSL+psh8+X7CiaHrEVkF4Z7+LpolOUujxvILCYb97UFocyTYoEEXUmsNGS2mqXPNsecF0swPDmlKUm0eMX4tESuA7BF1T3krwTBzLeE7RjAu9Mz33gbFu3xoKMTKmuf0ewmzTKyP0E7M93WPVjmt1StzOXmbKTWWEcY2daQvOu9Yhbi+M3N1Xly24tL1xxjG99qlVdmrWUm7NMwJYCaV1uzfShLW5YVyIRnvS3z9mb05LlyHErRSTHjJpWlndcDkaTkRZNXL1E7LaMlWoCT4zPyDq6rY89Vi4e3FrfUHE5NYeN0BbdC1/VwVYDp/NvO0YO/JCwVMQdxx4yzIjPall+Z5xWnQEZTx+7mjmLz9j0ncI8UM2HwCyOIODN222HPadIWZVBYodQJXyZCZPSbdSN7LNDdq1tLAFkYvnQ9FldryMDhoMXXE45LQcnA0830R6rGM7DHdAUUAFXlaB42eYGGlN/L7lgS9nyLIemdLr1f2BAB1Vo0Up4RvHiLzR1KPK2ZtaeIxGo7oTTpG/nKMrg==,iv:WHSyP+KlWbT/5aMDMriBvPopH4o3tMtUFeejjnpxz9k=,tag:EXU6ePqnH6q3/aFYsvFD5g==,type:str] - key: ENC[AES256_GCM,data:Cr91Wd1TvMnoVO7ti8jCsuaQKRg51/TMSLLgQMyWl5qeGu0hnRqY1bctyhvbT5Y87/+1Caw0pu5GWJ3unDmS0IuE+fpiE4TKb7CQKmrYDjz3N99y0jTPpyNTvQPAch6e542BQNlyIh4ljKa3Xp2u1bHTvF1BexXirFrYNskPAf5NUx1iEKsDP9M+AlnoYdPmeRAxyMLEq9RnKQWnHCyjar6b2GDqe7D16mdfJTolmTlhTKeO806pkdY7Mtr274nefz5+MEpi23n/Z0X5c1vGYk6AuG9j41QC6ZzbKK7MFJ5GR3nwVhEduBrXCmgdBHqbO5jfdwNtTdmQASEQ/LXDaQgz1dnaIBkgJF04UOpny0vBrHELH/zVw2QSiBnYO1XnVNyDdDuIE1wlAg0Rd9O8Eg==,iv:Im4rifcz+cAxAvz4aN3abxw/M96F+7yP/PJeLCWCXfs=,tag:We9AM+eYsV8g6pWAj+PitQ==,type:str] + crt: ENC[AES256_GCM,data:mgwTht9936A+uQfZpDdhmTpJaesLL3DOsM3QFm/jlHtm2CdgPlBHC+P2TiuHb8zk+HdkTT9x3V2EA4jE+o3VC83pPUqjzxih45C5eRhVUTApCjtHHJucAaLrMHgOvnM5pJusLKz4Nl9uS+Wi1LJqVtwEPLbA1TKPzsvn4rPDkwYhpqWJZDO9tei59UY+AVDZTmTUZ4L3z3D0iGEoQoSUWz+bxKZyVQ7xzdzG5VHejxWjM7S7difOUugZcHm/mjtDcpWl7mHp7TNBTPWHvcWsXZvZSM4EZ66GXkt9UI5M9njr4WBx1SA2Aj7iTmCBfD26W5ztZDstrzeCSom/DatlTPRNG0RkccMYjbTP2Up5lLF5vKyEctMTKCkql/2oKHdVA06xiq+Yab7g1osv4UE7s03V3TQpszcXatbvIFyMsoKcyn2nQpt4skRxjv7/y5BQ4RvhlRy6AqFtluzA9LOBdwdoL5piUy7LCINm6Ds9mkgLRgtorjSRDfwCbM3rBNEhSrfRbYQwQX9148igBrf0iVe885kXj+Dp3RVUQjn8NkCZE20WItWXq7+yFF4sR+HGUpTnuq1t2mCoF8lSQ0MnZQUs2gXIVc6PWmw8YSm3RlOtearEd28SaEJ19OvUFmQ6ZtMB+DXKGM50Q4kLANd6Fj0oHdOqGq7Y091cnJCWvZjWnU2Y0kvJ62ScjUaZoR+ZZBPYbn58NQ/TcmFd7xtUSrVu8dq09ggtT+YHog7wS53TUbqjh+iFT2F1pHxw4UKdr+cqq0u2wJgDwepMwo9wl8gvMX/khzwFWin/RtPSwDgTEKJ1NeRYRPJoR2kz3sdpLOvwZuVrcA2LU8IZ7UJmMyzJpF/qNMHwxQODZXKz1EIG0W45buY4fXHX+CBecEoGclV5HdBzrGauL5Kg3ZQHh2hzx0W8pZE3U2bUCXpX1feLQWHkpLnbW0vL/CnEqyfeHciohpxoGeMH9zy0pfV9LVG4zcGQMkxXsyDGIUWUxs+Vz5DXOcULqyIXz0edGxSfbQXeUQ==,iv:d0Jwa3a6MZiyxwG7PkSztpVpu44HDNMtpeok1bguRLw=,tag:Dih9h/waEvrgN5LDXz6qbA==,type:str] + key: ENC[AES256_GCM,data:dOacEv7MJbGHfvuDCG8kMvfXDKoVbw+cL5eG5DpUhSjzxb83MxGgTFlIaDgpkZXE+OXUR1t1nxu4rdBMdWfQdIcuefmANm3m/9mBcbQjyL3gchzutEA7sVv46dX3+QPdILGirAzo+WE2f7PRYAF6pRk7AoieyzmWoHp5rREEnpGO3mNPk4Qctn4BeOHlJiYcjQtxzw7aQooGJln5QeIcbFkx3n/v6IAC7Ovsn7CttosPPIJpiXhxlWcPJst3EYAMsfZjkkFEQ06Iunumllc1BwKVdvbUgfscqVXzjy6i2Bi40M+rnyAWlhiAAUDgYIIIEew7F7Qas95DkLw+jczDpiDFR9IwDhr0asiwi+MlkLrtAfo/5fLh/qY5c0u4V4a/l4eAdOn86DSGZoHYDsdpCw==,iv:Mai5q4fyowZlwC/IuuL12HIFFv1VTX5CmR40mRng6TI=,tag:N/8/lFNV5EwgUsGsDpiySg==,type:str] k8s: - crt: ENC[AES256_GCM,data:vfQrCIHysoYZ1EL4p6b+VjnEaczVn7Z1Er+zhcx4CRC2PuH1k90xzs6ESWEXakbV/SJR1EN/5DlUkKLglFZB4RiRAMb+ao6IP0/Im/bhItdmHuR76tdJx+vKJcCAQa/X9n3DPCtUBHx9jLuIstW69Iz6ip84awnhg3HGxE+iNjOQjS+pEg43616kKfiw1pdLkZfmGE88HSXs2nW5SQgWS3kkTVGycg+hLbpXjHiTvquEsE+qyYdCItPxWsUkuJy0enTywyRNj0O9VcjBm2LBZOefsjdYzUbX8tIV8T0Is+7a7ZM6J933u5Noba/T31YFzybJGgq9rj6xytuiD+tGuYJzUnmwdI8DfhrjCc47w/r3cNNTieynyiJsSRXCZb/VCACognFWVL6k0OSY9clqfD1qPYjx7gUGSFtjN4vDd33pnaL9gDCNYNr2HUavp9u4vDXHOOJjdZ11Nn7CZvSqsqXxJ3o6oJI5WhkJl1yzEGO0/hBKeRkaKMNqftA5n6YOuwO0o+eqZ+YaayLWPvZi45odnAVbHRZzhVDMWgppyQhOYP59OtGhbFKLjvK7ZybjWDHgds4GEI63dCZcFZc/RNuIVlZZ2gnowXEvVsK1zlClL8fj/9q984X/IGx5L6zGFcwvNuFyXa//1egoYLu0tg+y33phQsrRXyhaI225mv4IwsNlioX9/R9WDsW+eTUya3lVdN+nUe6fUN8UDGtAg8skMw/gdwEPC34aXVg/FGDjXzpcm6x/rpQ+qpCtwhT5waebIikvIfEJFUvwpKmiJnwlYo1rS+6N6nRnQ6aebGgViGWpBO7Vs86cIRbCYCXw7BY7va8b3IdpWtZidooxnc379fprhZ0PELvV7s0oNIq4eeEDX27ce9isJfx8zMycYGRuGKLtIU0XXCTo0bQcBIIci/qhIIG2mTCg93+4qEigQgNgXymH0QwF5bJOTMK6u9qCQZI3xY5u+d78PN4DVmOjCq9nKFH9OFqvVUPJd+YvykXZZb6LSYWOecDvwCbM8fpgOJOURrgRuP0O8s3JKRAxCTk5Diyp70OzMg==,iv:Y+0TE7qFzsHhg5AeMnPtJVPyQeza3xLeonwW4NzvSl8=,tag:0DLaIVttsER9XpeO73fAgA==,type:str] - key: ENC[AES256_GCM,data:mmAuw7plSD0vPxx0zC3ddMb2RxjjK4HhqfkKz3wpoYOpw2t7bsIDUegOwnfe5isBkvGHCqshjFhlmnB+UF/zFFQAFfUHS8d4XQVq2DKQE7qybc94+JE+W70DvwFDT8m+3IP4Czgt7EA/iSte8n+ldoa2bfOEpqxrcq/wd3Gh0f9fH5l0SPWrJEsnZa2fg+Ooj3usgd2vq8JBXhgvEFaLWq+UFveIY4tBunDJnNIO8Qt8JlkTH5Vj5Ix5IjVMN4l5PD4ppmeUQer/xWk7WBPhXaVCbXUet5Z9waFbzhWV6Saf8dYDfI4yMGkd9HklP/Sx9oMiRpIVAkzhJkHoAthm34qAE0lVc08fcWsVkJsm0UeGvJVbPWfuJi7O9oUAfLuMAsrdsjbruyIajHLcG55kyQ==,iv:yY4Xg5kPOSGwBA6khmhlUhSIEJ9F5U/9P7JRLaYNkHE=,tag:0rNODK90zt/kHz/SYsXDmQ==,type:str] + crt: ENC[AES256_GCM,data:mE9svIapdMIVrzvDFpu1r4Ou2pwKugCVTHRXz1rkSzotmh+d/oqg9/0u5nsKmpcgE3DjAznVeHnaFV68t3E24+UuTd6B4Y0VblS+QldvBB4vbdJeQIK/lrjqsH70H23sUwjdFfW7sVslHJWxTV9JOG5vG7Gb52bI/uF/CKZC8DEbpnHBUB8RvVnrzYllwNHTb90bHE2SfYEd4PBTnh7GBdeV3RFAJ/tndWJ2xBk7cGF6T6ds2XJ68sSZ7g+1FHqkBG2jfrqORoci9FCIQvXvIzspuvRVoLiUwg/gDRGI2lztKDBPxKCh/yVEl9ejMmfR24Ik0H0zOUU9CfWuzztwbdEfTyc8gHTqFGBKBc8C2b73hc9vLYeAuMf8UtuPdeh/pGVzHYFGLA1d5O8i85AkeJnormf8prKX7zlShr5NjKdLkPTz5ZdBJbpSAHSZzDn+w7DJlxCtt5PBnKRzXlKJclR+dzZHYeQJYVi5qnls5+YqneD79K8C0FwNFfiTvvPriMUM5947w5vvEnnS7KtsxBKGG8IN0LeHKBt63TdRbJTgaWFkyRiiZ5pYPLwOzSZ48vym53A52K7/fBnePcVf0FZY/rA13sY+xahknYBqCm8Unm1TC/DzraoifF5NwlOe6kRub03K/S+E0Qse85zAtGY691F4TFDVOWIoU2zQMfsGBAf0Dpao2rmxLMkUuVOWzJ9cbKATLHgQiYPyyvs6hhQizJ2VtJgzBMBVJ4sBnlNTpW2zdwzN6H79CKLD2H5FKFhATktjYwcT58/0KVquPgZ3gTuSYYRfsmXnk4359HnZHqznbe3SIfdb1pwv/tFWjxhZqn6C2nz4TKFqBPOh1/Osb37xlA8H6/jBip9QWfDYZJ3uc9dZRgXPV9+AJD2wA/ssOlf5SgRYRu+Z8yhsQXIca3MEd0GCsIiaEtR0XeilOvVzLWWYjZtBTIWaL1lq9uWGeswffgVIR4DjfxfX5M4g/rsm+KMdQz+joPQF9q0dU4W7s5FUOxInTxedNTvEcmn8e5ZA1lYoT0aZxoMYJET/cJnOPzkH4NqsjQ==,iv:GFl/7xFIn9BOboYD753ZnXAczK1f/y4RnQh51j+aLlk=,tag:02+2E1zCe95SHSZzf5SjPQ==,type:str] + key: ENC[AES256_GCM,data:f7lC2Jo9d3gpUvK3a3PqQOtJY8AY+b+D2IWARNdudjTGhJe118BIldtJ6iFYhLnJE46ydFDMFbYoi6JxTzds+By+mqOm3oSzR+Yhu5I/ghKzgHK2V3WxOoAKz38sQrGQncMFCOpUgcjJoUerv0eu9f+U27BdMn9ECIk8qTw1aqnBKR1wMzB9goAdPGaUmiEWtPveGQqyRLd/cE7L6ceZl9xUBAYO3DGHPa164mb0HrhsbKFyQR676BqIMWwBMZsiXq+1xABFHhGuCQM0a1Qr2aw7byND5HfE7RQkxkCbvWdMwClWtEs5yb3LhyiS94YZQRhnzAQOGx7/e6YFCb6/1QInnoAihJwjcwDN4Hcz6qYM3tVu7icc2fl8Cg9t9Nuzek9sK2N1PVQnpRyW+6rAIQ==,iv:cPOumhq1ssntQcI1/Iq+3BYo3wkn3WkJPTVvo5yN1QQ=,tag:0x7Db3CFHr3pkBxucC8SkQ==,type:str] k8saggregator: - crt: ENC[AES256_GCM,data:dM/eVjR4mviv5N4M9ckziF0vFLAvOGv3OcwBNKBCGcO14SiFqC9tUCuNQs7bg9J0b2dzF818VppZb0XtZiVqjOX46X/IgbtrlAZZEVGjJhRSPNnlu5Q6pQyDIiCk3LkbfG0fbbcn1+O4M0x/3F/tVveDOvY1kfiMzU+onP/xvh6tINLt+BQ9xSVx/JbSzv91fdMug6YYKtAQNWWqCzrweu0FOd7CQy1YRhNNjnzCyMi+o8Ola8A70U0cn+Z3JhEdyphUViMnxusedns1N2AsJ6fT1b4SELYbeb8ryGkuGK1UctiCamcil6kM/JbcNQvY8kOEuA24tyWy2der4fhbCumUUmj0KZq1npiDCGgv4eZh0fOt81MnRluj8h7glA+Y4fI0EdHv+mhtV3ePZ6uv4efPHJ9dljmFgdQhvTS0TPV2MHaCS1D99rXEfG7fqKFGkUCECsC/nHqoy5dI59Mb4ROBXAys4XzVVc7h5szlL00t3V5KpSz9ajc+VljzbDDi9U6uGig7L/NdSAQd14T2Vwz1UgqChOaVDMlKuct2+rVu6/X1sDF/jcEH8YhbonDwBrQuMQFdNTp6DTLAqFg/fSSr1CmjX+Q8J+ZaQWERI1hPTIpl/Ul+z/raWwWWFDwoI4JAOTBdS13yPQrZrH0vgGwQQ1t1NA6fU7ayeqNvVj6vHHwk2CsJTFoqqySfNAcBjAPU2F5aRN5syAQ6BJ0pBxu+o8f3dJUMpICEsudvPFiMtBUviwJF7BVLpMTdOv991ZoPhXvVoPC3ssrtxxKhNjFcjVZUKYxCBUfQ1ZSoWi+gygK+ZubypsAa6Hsi4v/JfQ2MzAR3tBscdN/evhbkLpo/yja9LxUg9eMnwYis+Kefh4CtWFsbMkW62aOCWZyZMqn4QF/2S44E484rl4juhZPiEc3MIvrF1suCAjGf7OMMuSuKL8kUXQ==,iv:aAR4VPcNZqUdmZmp3ko7z8DhDftjhpZZEIWL6GDRFCg=,tag:eB+GKS+9Cyw3R21Oz7rmFQ==,type:str] - key: ENC[AES256_GCM,data:3F45XpH3TMaVUeCD9cw5i1QGWaXqbTYb5iktwGDo6N+sOZhYxylkaFZtaRCliQGTQA4Cd8hXLva/qyAl4UOwiimgGb1YiOUfT4LXO4l4H5Dmq0VkPKsuslzBNu/2Wu2Wt1d67XFH2OFu85z3e7dBiSG6/8COo0U0op0WUwUv7Xid3u2rVMWbJt+inBMtKXbZ2RPG2cQPmQk/0t80l0dtI/mx5Sl+AbcBqGpNBChSNek8GIip67mZtqLozTWZEd/YzgXQzXyNYqOpNJ5mYtcl54HxG0QaaZoxjfrWd81cVwgf354lT8h0vGa6E7uomaA4Xtf5AbbIzH/HMTniwUmQ5s6lw85MIIEOVGMoi5pZKut384h2gcsm2NHe/hxJkHAH2njowell6v0P+WXT+gqZxQ==,iv:j3TCYw2x0XJZOMzYfIWdLss04YCMwzK5xNjQvx6iguk=,tag:KExYVPCGG+VfR/2CFlFi5Q==,type:str] + crt: ENC[AES256_GCM,data:xpnZ7jqVYoJS1dNX53r1vJG4NtrrF3BXXNmjcSMiNx2xeZBvbtLLbw7DJT8CNlWCjtZ73Jg0jBpWRqPgnIAjXEIxsYZ298kgdVkKA9aTtNdK9VCw5IczML/x+k76lXY0WhW68zWSJmz3B5mRNQeUAWnti5M7s46swLpR4LLyjp3jH994BwfM4Zr2iO8B8sn/mt3AyVOkDTOkMfOMUDGWWWirql81wgEj1aOmGF+WJCNgTZFfnnUufAFWrJ4IeW/qGwkeUmJNbMDwB5FSpGQhSE1xHbTAsrlFbsfQEs79h3nE477SEiMnmuU/+C+fRpvDmzE7x19kQKpBYopyZ6GnN8Ia6x3kll2KViLFlsXf2eP8y8Ksdnjxq/stPMZBCEuAjFt1bAmsbsxyNbrnYfbQPWvPw04tlYxOSD6g5vMdZ/6f9m3JWpOfRuiBIiY62R1ZbojY10ktDNOLWpBWLb3JcgknUBCok+ycc23LhfxbKuFORlM/jtwvV6AjrwPyhyfv2GJT1hJYYExzXc0orqIPu15+O2tSDHw1RnD9U1hUg+rnFUdF1BvBlw5z7A05H8NZOgPPq1W5gzzj/SIDCEJFja+NsRu1JPiZmQV0oXz37Agv9cU7eIOHKuvN8PNuFWflg5ez6TPELVh+pU4kIvKg1+DQj0dZmOzUt+icnI6XkOdVbOAucmf5skdGumYz7TO2+5oH53CmEi3TBxVQQ3CZsfSVhG7oV1RcbZUlKrYbZG4Idb9yrVB/md5hBztlwQooBPfSTDwmeXhC61ZYcMkqPc0dgkD6NAp7E0P2J+0j09fVwhVj6uutkeqr5lS5nzSOa4Ei3wl6trsDBTWcf8ZkhOUnBac5RQ88H9q9GU4sievSF/dkBhoFgIfDDthEIrtgEVeQlVuKfm7i9/RrCBTHdVHcdUNBLx5joGFRd86Mh1+3RKga50rrqQ==,iv:O1KRBZVj+S4Ipth5rpMDvwMNNhKiY67MSIxqYsoPsyA=,tag:rj3zKiFZHMoCC/4KVmEL3w==,type:str] + key: ENC[AES256_GCM,data:TayAcPt858qqzBDNBrbl/9/QejxdrSslU/qJVkfX6bFpyQNpk8FtVK8RVnZldS5SrJqVGFx9C1H9hSC7fv83o2iWyJYs0S58PGeq3WM07jrK9qkIq+9109rSjplWt9XIfPs4rZf1ke642dp7SLpCOZ/1Ob5H5utVgfRISt0ICjExQ3FGgaOTJkNrfkebp931gqYy2QihcJf/0LvwoqvtIivJ9Ggr7YmW7K18ifNYakpYxkFsxI/6NbB3fAtY/tglDZj7axh+Gx8kYFL8GgfjkUjDGuvL8+l1utkH6ktf06It7PSD+BEnl/9s0l76co/FlfoGWcx+T9Vb2uz5KBLtwT7V574ifXfgIv34ENlHslhtDpK2tIDmNntrVv+g022Pw1UiUtnDMkmxMHp57FtIvw==,iv:F6XgDkPATAAd1b2bSEqUdHL7tkiqfKWOErng70HtJLA=,tag:Ub6s0veo4uOVsTnYlMnU8w==,type:str] k8sserviceaccount: - key: ENC[AES256_GCM,data:Sv4wlwKiTEUWpwv4o7kI0W24/ZdBkD+bbRsJKgBTPukja9+X3ZIVQEREUNTvLEbN4eMf4dBe7yf70Sa9JYbuZz30qMahW3lIn01ZeOyIX13VD51/AZe0cMm13tU68+EMLb7Q+FJuT8QPlV8nZG+HKyX024c8hMfT0HIioXOaantGonPutVDcoqs10jGIbVkTtr0Xgl3V3IdTXzQfYdLxsCH2ODe3M5RIpVFl89Dhe+/Ci/CzFqyxK13nQ430+rRpP79NVPjmB7sv46caxq0uX4++XVPMFGhlSzZVKi/msGsZFmsQiyF0az/vPI7KUC6GUWAlapIx1SN71ZHeA4SAPJ+8uHEgC7aDgxsJzNrDLkxaqOUIyBb+KdYqzoLb2DfiE7fCCfPrTtXNsSmaE15rZEJLWfBfzeAfNJe8okYydOz4EqOANuAo+DmiYU8Zsgf1FA78T6kh07wBJyBx78empLzlgndFe4aVy/aJyR8yCvOJ6iHad7K6Hlg8UMr1/CZuWNCHYYvKEXHQVnKHYHAKNKDGJtj9lKDns3CqjqddigIyPFLMuUQNqahBuS9z5K3VVv3WKvj0X0p34jzKHKNdnn633PUbCzkZxA3FH29eybTGy8wdU72FnMXnyUeKTrkI42dufMhTZjS1VFXE3sKosLn1uLk7PTehe22Owumapc1E2+SqpCAh6f4Qkd36UME6f/p+W1HeW5tSP2RsfmvXu/Sib/jNmyScuoOGxd1IxGUwIwbzhYqiGUL9ULcBaYORji8Ue3l5zL3YzKz9hLEUXHqf+G9YuLlkcg53cVPtCEkzxKMsmOg0XrHbxAumYRrM4ar8pAm7ygz/vOxkOk4vCl6owtEg+VS5p1Zt1J3Vorj3RwcAnGWM3k6nyEpQNfMfqiZD5FGPdZ4DaDkv/ApkYlRsTKn2BCthYYUpYm0vyyQfS4bgkgiWaFVGYWcm18eEWydwDcXAla1mporDKiTSeCBDbGW8afohqnJZEfwfveeaGzxg1g3u6V8HgIMgOiKJMtqnJROFQsGdTTPmtlf2a8D/VPF2ypn0BfUzkGMtAKUAqfRQQQ7brqgXLWrEjpbywhpJXlVc6OLHUXkYzMGFNoPpMbDPn3Kuw33pGloE66wl+6qOZEg+JgbmMzmiDowbwLJAg70G+P3/7RIEGz2ohLKfbuFcD6oIsZE3BZMdNtA7JKd0ski2hddzN6qVM4p5u955zUzYFdyOK6ehUGFc05hHiN2CE6cgXrsKLwZwC7dLvzEcELFnrKKlNsp0H2KsnPNWIKDeT01nIA6Ah+xwJt9ZFKSC3KudWOCmbx9j/WjBAXJIs4STbhTTTY+YZ1dWdJI2mlV4KZu/Wh7bB78B6L/+neCIlKA0UpO+UpBx5uBDZ/GCNKgJ4uthtNz3lLtPy/+UVSFgzFJoM2AEy9aJDZXWZL8cNxeDyP59QNa9TWLLn5dybP+0wr2MKAShnOnUhIoqaKPcudLBBzG/ypueuERu6J+f9sHb+TkiBap4nct7ccwt1gaFfqECKXWT8M38I8CeAuH4JvG/OYDwaAoDJmSwCIgojba9Wdyx79RDZswFBRIRfTb+ltwtAU4DCFn/39tJp0dvWLKE4cJ+JlzS2E2F2Yuv3m2zMJYFcWJOaY54R0VW9KvDwTzdZiuhmVnnxuZltmy6C1a4Hjq0hjkPo5BkwAkvYvO0cmpzKTGVYPOJg/tVVWGRWamGfCqj+yDWch79DR96kxr5INGu6H/ppt+poDBtxRDJA2+I32nVr65b2PkRcmRRhvrbxoDRvViYf3LiqsR+JCYJH5oA2Wlp/NHlfmaDccMWYIOhTUsYsY9uvZmbh6BXUUOXUnGXgkijLApfiucfVtVdyUEb4wcFfaKxnaofVn8c8yY/qAWr2YY1jBuk02peFn2fOpn2ANDzgE1xPFt80f6DdLW8dST8e2tEDyIfAlG2z/kx1Dy6lEpMSoRbUbkV05QYoXpWTE2Xj+ayWl1l3slWLWxApk2yIcOlnR+tpua2tL6rcpSXXiRF3EBuBj/6yoYUVbvRElUrRglYjPj8I3YerH7WlCHATpQEXXRXYORI5fFEhG/XFLHsk9vfzKiMVG32MSP2ESnwHBHb7mWmmVjRPjs+HxqtdJYsSjWKogLLvERfHAtCvqLuew7RIztOlEmuilmAC7J8d17tpwLAK0VT7pGK70JWWjXTJJ9pEOww8bX+8ZiBXR4TbVzLEVDa1i1W9+HGq0+nEu1++Cq3PtuxolXHJ8H+HqMyP9kk69lE6CPDCCOi126/KTsL4l1TcZr7QzWr1f9CkRLXeFLXuHIpZJBMt79+r2dw5m4kDUlaM0czw5PTThpBza8OKozERh0k13RWbf0NQNE5Lx6jBQkdaBmLol4hWqXXbT8N1AIM4kwYMQa0e+oqk5rQDKiRhXL/XsJXZ5uWSOjAch3VNFcRFlKRB2ge0XeUfKBhyeZ6dE8uQ7GG3V/Oj2lUZAC43fNxgNH8SD7bQ7OnMmH3ix6MkOQtTnBXjoQP2Q56HhkpsclCM1IHehHrBiQeTB4fPvzUlHe6RcmkcrRZ5RiqjtVsebpNNInMa4xdABo/IQEwrvPDznNyxNxSDZ1qbYC0/QSNOtmZZljIWP2lnoAJD/Lg2QdQqF+1zuLHnmSKTXRYwUSNoI26QnY0sjdRsAR2W+wflEDXTzzm0nUVAvzlbPwY24f/Lv29iJKEei+0ZNvt1xkSWVXAYcH9UJjhC6EDoII7KBl6lF5R7yEj94rRvaWrMYhf+1vVVez7XuxTURo+JkecaWUYVG1TZvygPZGYxoR8A/yBV3U82i6au7ez2588AdR6yb7Q29lunvX+hshY4WvFudP77aoQTHBIrs53FvpYG7r26zfko14ZkoyovzlsLWW7YxLulrfAatwv0CFxFOvGscx2mwFfDs7jLiofPx2XQfqj98p47cVcBVU/gbTEV4iiOQ5140fz8rX4noKLM7SoHi+F7ONKm2s7trWHW92acaYNKgq0Qz9kH/iwKIA7hK+uvsNhPiWdE7eNZUcv9zaIGkNyaMHetiu8bzO1Z1CKO9Ih3YntkEWcjYsE7iADutaxpcXoMa0LhsMrONFqCbTPg+5JWtnxjbkRE24LQni6pkBwYAHeCat+K6xpR3KllbSU/PQVC6VYWaA7PmZ80cw4e/W9Lr+nZhCIBYjBACzRVGSlwROjiq7TBZ9ag6pmbBd7/PUF7rSKvAciW5SD+lsYhBRsKX0gtiusrm6ysM3o6o7HLVUOSGprgWeXyZYiwzZlPAJYP/SllytIZ262r7jgj+EPgXCRPLgkCHIkuK95oUlHl9IFnFg0cksKaViaiAEVx0EFwKkGnk9M3QvAyoyNA/jLADb+8qxfXJhjPE10HY5T8aprz2UteHy7a96hEyGvu91A3SGGclRsg1yzwmMdXaC674t/7w6iRMlG0ed0u/VzuH0OUFFvZNKCP6A1EdORMWEwrkOm1w+qDB9QfEA3NVCvXCWMgq0FFKBDVBXWvIjyhz8fABkqkqIfDkG/V/3fUBkFvZVmBIlx8MohB5V7jmm3U+ufBt2aUi091C1xott6TE0WsByijlHMT1y1HaaM1EDvoB/0bFXOLDTz4riZs8aTnIucAntw8VNPGLCkTNeWMo0jGiqkx4lrIDytCaUfFZqHuiDCXtZCXlsUK3cMT+MxJxHDpKsQeF3EeCfJlmKvhjRiQEAG34VymNsxbIj5Rker+yizhWF/Ab73qGG/UTWEH/eabcSXjL8af/m207EAg7OodWQcAHR/EcL/w5xqdt+ZppO3e629hVqJRiZ5VbkHYmMb0cGkngVCI1NUEWIAF0JIzJ2le7OyROJCYbzQO39jdgZygaNVeIjxcwwwXZfbcarATekzjuyZa8K9Ua3TK4ZUVNN5KAD8MFo+xdr1kStRU7t2kH5G9kdLC2k/eyzE9kanVK/wrOPgvIqeD9Eb+BMIcT9eWvmjDDsT0a/exwinOXFzgR7bFZj3ASRDVBLUe/a/vF/n7y2FPt5vM+6K68mF+UkhVgzBp6t03cKUJayee89ecJCaH/bsPcAqW1ONy8kc15K0VG9gsWWfQK4cCgG86/ZpRVVXqG1x04kbYNnDFo38auxaIFhCQVc9n4fVYFZJEMRmbGXk5Ope7SRnZbvVxTIIDKeEiuhCgpA34+L5eUsZm4UOWixpLVYe7SZIMnUDVQoJuKXuyDmOiQcuDRzvnV8UgBcZgzbkfIUWvZbrS7oLnEBmoa+dlJRnL+52D5ALtJkORtv8kW81mOlT2jKhfYDNv0YcuPM1Maf2SGG6g5jW3p/CvLaqbkM6dYQHgr+wQMX4hKCdfTIOMKmYzbKhogIzimRkJW4z3usFgSueLzUSnhJ4w/DsgR1zMqDLv/MZ/bSQW0glBdOeMKqYK+WBkDXRnGJXKr5LoGLQ4JH2biAddwCailZR0qReI2y6Lx6aSc+/brUhz05H+9/JWPvqNDykvFJJfJUDeskl1ROFuEFapin0baDLFYyr251Jt1ic0RZuvsjw9EAxIKkbn4LxNj/ht+TZ0v1OTUpersGAC+BzpIxJxb9EpJqWJEB7DlGBYQIIJT/LnV7ugtYWLPkfAmAnqrdqVvR7Llyc6zrkGgyUOMc7yq9H4EnHxV2dscqIKk5JnuzQNXVzGGC5BlMpIfyvcA3IgLbKt+jFkzQhs/hnYZDkgMHXUbLK5o6GqAvx/ZLkJIYBhKxcupJ7oBvcoRiVe39wE/MjtvgDfEDq9epZxMMFqXadnegN+9jApF3pFH2rReqd5Aa5xA/OQwVg5gywscDyqPwvi2/H8SKjsI+vpTKvy3D/+zuBVngKV+R/87VvgeaBpk1jKqI8IQ6+8SHkP34PcmQQO1+BYMGZQfheTI9GYKHU8eyFwJLQq0jOIl+3nfWlUPftDXHaLMnTT2/+4MP0LuSuiEUsN1zgUXnVaPyX/Sbab/n5wdkuUjGjQH6fkd8qwG1hfho0smDjS2y26I3MKj9xme8uVTpRzTvmxbKTx2FNiI02J5h2o3snfHra6oaptPPFm+w9RCuIyuyxcchiS5c92AEHKmhvzxIcQfYd948xyTlgZnsO19auYMTKoFyN/imPMg6WSc7GbkwLRZsVL04+O3zdDVwng3x5TojZHGzxgvOYbTT0FjTeHi9lp8GakJhvc87USyKMSp1dcGKVVFYJqaWDgodwkpw/ohcY3nwfyK9n1G+CuGpS3QtSdABjl1LxVh7E9O5qscIFUvxZPhJgZBqV07HhfIu7Ej6qy2eAqO5CDJBbVp+X2P62ZhN5bwVEViYwYSaiZtNpISZbM45HomIxQM53GzbiXtAUiIUqPbylQfrv/jaSU0GrO+yBniDMlLv9oBCI0ZT2QUOxKw1adIOxAQZMyNJPUxxu3K0JutY1V6nX3tE6d3L4KHnjjEpyeViZVeOU4/jpveU61j935z7vBLF6BzazyAtiWVQfVuFfJVIdKYIotcEV+IZ/564Nqg67M7TKBxkm3unYbAA8KQs+xeq7AzRt3ESIVF58AsJ3Ixk9ydLRoaJjc4WdrMm4qZPsq0nz3a6mMyhuLuLnFLko+zIKRBoWTQRCIl6te3YVoAdoGVEFQ/VKPyo8NhlGxANHN+5orSr2fucrvNCCIlPDgR5dmvoYCIPUoxUjttfjf95KmYy/xx5IwjrdGT0dYZ/4hn80gAs4W3eycVUY7+GOebEBbdODjPGKO3nf9S0H4IqE3bTl3RzfnZbNcWpbaYXf0fDWwe4h3g==,iv:uRcuFCjo2t16FvV+MjPXc5KQmSYCFBXeDfpgVQINNyw=,tag:4lUS77H1dkpZzb0DuNragA==,type:str] + key: ENC[AES256_GCM,data:sJAVVXHDLaBmpTk/f/nk+JNul7O9xR/dJDeLe6Vr2Tc2j8rOLmbWOPXxuJofiFb5pRZB7a0sdKfmvfIg8dnRbxkxSB/yQX9z0wyGKMbMw1Cxx5xxOgz90iKbS0BSqhJsGeZZVbFiAsHxpE73odsGj1orUgF6nPHGQGQSNVM2IMmIzcJ5AJ++sliCGN85g6IWPmeraJbUOajfkjdrqroYwwyWLAUuV5y3Vlax9WZLrTs9QjbIVjnxaEj3Sw/TvFObQ695xAJB/wcb6aCyfLizuC83/R1Yq+ChPZYWeFCNNM+eOx/7+T16ZsLRtsa0FFFIM2PGM1r97RRfNowCiYdua0mtRbotrBm2icrWAwHLOM2y5A7gas9amt+mLAF3w0Zp86aFTWdEu+CaDJFAks4H32YSx6zhGsf81LE1yHRw3n/nbyTrD5NUoZRZnNh5Ry4pWhm05lHNOLTAkN5QEkgLbxm3TWx4QfP2Kiwkgz/1bcGJA+XwzvOZxJBZ/7SdvMGwJKVUwNoRZCu0tCUYEIfa231X/725di/4TcpWWtdvaGR4cFhD9nslvujzwKRj6x7etXFupHAia2J94sRDiVECZF+znriYG9V5tq9kXRq33CaR0BeHCM6L8ORj/ZdEtVn312kfjaGtqhFAw4Grc3XaXV5OpI9dLJ6mW9T20Efnm+WPC4fF4sdO2LCMLHl1fkNEYKxP8bSEbvu8pOg9fzOiFNu3vcnXkI7yX07a6KwDerqHC2ZCYPQiRHogNZLDBGWSK9iDt2hTnubZ3z6I9D3FpSivq6YVK1PRE1fNOPRZC6cCyZkPQAW0KxihpQqWB8bBk5UQHOh4FN+0lkO7po+7Wf/JYB8r1oha+4tcdLcI+ubqDkHflpyd5XpL3aGWYHreSvFJyoWHT01QuDo32miyQRpqJvf+sn9ObXAEUDWnzizGaJ82GbHH1ZooOvFo5Cv00qY6xGVm0rjWsForG+kZDNrG8wnOmhNJlwU4LgWlRJqMuBKIL0F1mSA9OREd2Z3OK/S1H2kfPvgQuDjrWtD8SwYmFnHAdbVlAoMkACnhPFGBmxpVMLe/14ILgELUKxHwjxSj2jutyC3/WEUVaenQUWVlprdTJBFUzTIQMWE36XSr3kL9FRPGf1v8qbKDWFNhCeyh3G5OFC5aXG/giE8H8l76XCBHjVXQcX69vKLD1MDQgU/tgiFXp+G3g6MJwtWmKWtRepJYKBtAKjxJXbxuzSXHkZejYQ9ivD+wrFhsg8Ajvdsihp5ZZ2chbLZuJAMXqpKsZSZPlpmbpkt8TtrqEtMArH3i7X3PaZfcnBaLWPQiw+yNM/aUfpw0+4Ri7+XftK/DP//vu/rRK8XjBngjqG5GtnKt3ARV5OGz03HsB6KnmzHq9aT3syC6CMof3S20vgGK1Mj2U+0pGYgfqGY/A64fXvKRjN9dpdyrPtbCh/kW8lO7YJg/2rK3h3V3/7LzPNfvtpThwGqpnPmcVAjBuqjPSrCVay73i7pgcj32oNNAAYE1eYsSiblJftPhJtGXsIp2JIVtD7lodahRKe96fJH0pSRw4VcHfetHi+0cb31pSi1ENNE52a7pbqUXftOTJzcHBLBu5vv1oraNotEsQlStJTAI9r3UWN2Kah2gr9whFGzLgcvyDnN8LzYre1b8o/H9f5Kr/4JyfpFfKScIEA9hADJP7YlJD8VFOUtllehQDXk55FxV//oCCAmpCCfoFecKorFnhkVzwh7Aze8TlAi0TdnAxHaqknA6wI5IBao6HFcafe4QFW9rem/rSdmtVr+3SBaL/O8VtmDEoRG4b15svsXU6iNLVXcq1ksUAjX0+rDF4l5audrvD9GVNM1itsAvP9YhLAznQ2Rj9X8nXC56CS6XykfVrbndhDfDIo9bdJv26nUyb0u42Jju70LZoYWGtG5JSIX9Ivmpq1Ugb4ky+l0B4vR3y85ioZN+78y/C4mAka1xWkWZDBTJUaLhR5OgpZJxsV21+0uBV68V3rR63gN2PZyqrB3hUuNXEb738iUiADYpY/jkuf9D5HiaR1MioZI6ZwO9mLZYfGFsqJ8nHYgb+V5CZeaGj3SEbvKPuPGSTSq4GFqKYc6DddbpIInYrBIcJq4iMQ0DzYcDmmrq102GfDDpgSNGDvASk1fE99RM95MVDp/D+wSoJozQ0nsUdAQOONCkWvRnYfQ3BN0zPiWDyauTkmncjHGnEcUK+YStMg8Yo7spJOVzOBGgE05FceYYtCtxofZi4n+mLVoHiEu1wQaHKCib4Z8w8BU4+21pRaGTLqh1u980Lq/2jpYmcFPKaO24xyHPOZmaCCDKBHf+o4tAB04/GjK6IwWAcWcXNsDy7Mmx6CyNqKTzRcOX6nrZAw+q2Cuv/lanbL5/j2K2cWlhZ12V+d5gJF3d5ksiDadeiOaciyR7BhIIs/I9AAzoozWeDq/oA0ZYD6fxVxHvf9PFr3QquyekyPnHinkHpv8Ev0xSAegqRQFOqHnsWlKG2qNgMAFiZYQf5HFbj+dMrP4ZQZA5OvaTmcslDY/pqawMtl+wU6eGpvG29VRqCKgzDokDT0viBUF/an/eIKcb+6zImDcVlVXWqkWEYuFGdOaAzhvdIWsvWSu+WhaVR7rYXeBf5eJAiHcSOES6lf7izpmStucHVWS+789nkjL2S+l/wskkpMWMd5cdVqRQdoqNrMJvCMr8peRn6RZZIcyJ/ol5MehLzLXRDvDUnBjE06ETuhS201A6c4jCfzVB+Kepe28y5HWJUMzCIWvs3B7iUKOpx3WVWCdDJqXWlJg1R6XLjDLnTIcpK/RsRRRaSmMp/EISp5mHuN5k841ICqg3QsV3nffhjqWxfFTFTyl+cBwmhG1H9RJBWdZZQagj7ktf8nXkZNxvXkI0Frt2ZorL/i3pVDRyakvv2HaM/EAZUXmqWwz1VNCANwyNMduDII38EgvCEPwn8rTLzpNcYKsX1d9ES9VOMQ72DbquqZWv3CHSZo2GcuBJQkRlKq4pGW27SBztD/x71rs2FcEK3PPMf3ya28NyYznPPhqPdaZVhqNNjK/JvYb1TNZ4nJQasLy+FF4BPU6G8YZlyD7/jqGW+hMFL0keDzZJoux38A4yMwY51J6/39ukylGAlnV6DS97G7fNv2DEvG31q1/nBsMqiavt/6CQcDyjT2O/hGbJFGsym5UpEmP8+v+JVTq1yoH5XKFCK7drkIsLRM1Xgzuvi0NwJPc0TKhFJSEUOjCIPI2iEaI0HwI94+J0SK7DZvb6TtHT0mdilgEp6L/ozR+2NPbdgQq9VzwDjWZjp44TTYOA7yCNJm14IrAN/wiq1N+NnNhC54h+O2MDVPtqQm2TB/l0uZR9sgGKf3IJ2o0/hvnodWk1nZB752wxiJi8RxGswYzySsqSe2WdM7hNk6W9IsvRie9VT7mdfZV8E38lyqFvJ0HHEuTNEDfhD4UNV51KmsHVAMN9/wxZbrp0NnY8s3qvBBS9taVUv072CPA5w/FRHKs81yPGfgih65Z/p+x6HK060H5FcAL8ZuE/0A9LK0Nhk46/tOdC30mRcO5zjGq7rxW2WndJYjbaIaIXICfgaKbhA/x3mptciyiXA+feCbhmADaxMkQQ6SdxF/DOMYitHEHKzyaxqSqd1Zd/cotZI4n4EKDxqspqwrx2DXNNAkSXWdCvJt7qnsC4HkXPQqS5Z51XwTQkVReWXHaSApU9sQfGJvRGX7hVY+bUmYtQDhAlBoXgUwZWSyGwGrgruXH6AzMY0megm94ggE05XEj8dZr19HHbQItLGH0zqW8xWPlh5hzmuhcPv2RMuCUU3bHkMtaLghqj0IO/AGvNbir9dTY/bx01HQwaECv23YKyTHQ3Sjp6SmnvC/EdV2odphBhoXInMWbPbBdOWh69N0xwCigaVYbzYWH+OZnJKwwBD9N7vlCoOsehmhKbeZ4AoO6rdH0mx8uUsmo0mKhuF7AiNpG7G0/mYqbnMmkKz1838yepguf6x10WaaXhvbVOymD7q5d0Qo/Ei7IA5ZoBF8/fAbythFzWKl7/aRBleQMz2PkaPzJ9dh5YSBd5ODL+vZ1C9BilX3DPXx/3fCPgGLIBmC+I5GvNejsG0I7YfHU+cs7hDbaDrOIoCXvBwJECgXSIsZvTkz+AIEYV6xZaaCOHd16i8ppTLSngBuc+D4B4L8uXTSq0Lc2Vu1RAfX0dqQ4IJiOCesSt35CN6k3H0r7BeOifOKKP6f16fIoc8yTURtB+FmSPVv8QcecutBiXjdopeAIb0Uz4cU6hk6WjcBcNrkOHlmfNsMpRoPD5GtfMZqB0Q4moejc1EFhQnASJSgL7KWl5vKxu7TfPkfnVIFqSyJS5jG/uH3Io7lYoCvd9psswbjKKNm7AoKEkuOWrfqdwQHRpNop2t7SWMqertT2sBwI+YvdzmTOjaqms9e9Zy4hFgfejgqpCdkvpDb4o9/mxS8FraysAi3ywT3kcU/0/sJCl0+Gi9JJcuzEXHnpK0IA6bklHuBtRmlVCQs+Ma8nQqbuhQCbiX4SUsOoSF17QkEhg3svuCBWRygD5oEU6DVeh1MbsZ9hbtJaz3kZF+Xpb3REWYOFY+TtRt6Xi2QgwFW+gLxrtlhJ2nrWb5i/ezPgiMD6R+TZWG5zdZdxcyePx38bOqw+PlkV3VBW19In+pLlh+qDtojqvENdrnOoYC88YOMnrP2dFJu+paU/+vfkwM7jM05/gdhKZm8V8wMH8RgNb3FRppPOA1GnONrDo35lz605e7ts+J8eAZY8R/y/16tQZ/SClSuSb2MxFVO6Gm/MAVvICNqJhowefpvpIixXOoHbgcaMtOIiXTOxsgIEiH7YJexpYMAH6qtJu2oWpJo96p9TdLSoe8suY7QOxxmBgBDtimu0n3hGNuUVSMfiitY7G0/YH/LyjsYGAN8B+DCpqyW3Ou5bZXS9Wmh3VwAmT8ygjFAZXl/C9EwJKLunS0X9c4hIDah/BJTUMC1wLzt+ApDahxo1GUVlHXlX/6lMlLoAQVyzfzINYhajQJdXCVxjHLnvlGjQrP+5sj1JNG5iHoF/J9XfVzxUJzW66y5CgfrApqDtfIHKX5pJEU22ImDLZQ5QKOCDJnIYY2LmT6foDFSMSKHKgDaYGwJlFinlQLcgvlRak9nDq8wPKl4ZmGmmCjIQ0g0LqO96yNB2ZO1zl/qkSp8DdSBggBMFpmmkhLToqs3igUgmE7bGpZ0u9pOrdP/NEcfNUzRYLy2ftG/VPqAr9XG1nlDW29eYA9HoH7fE8ifg5Lo2wCeuYnMFkYR9/uCxiHn9buABfOsvht0jGxdtjBlj6Vq9bKPSXmILy99TFCybAu1aH7wC5v3c+tgfH0cyyh2UHOHuWsaI/f21ObNwPtXzejeT/sE1e1bjIAXNbZ0PufeXSQ3kwSaf0cteEMLmUJLliOeVUojGYs2jWhL/4kHv131fFM6MAcEQvh8DICdjQApKoQkL1S/xN4VMXINh0IO3lF1kC8PQP2hcI9avlht01Lvxoxtjc/RcW2YxV4XkxhS7aZe7NOFjNOfVGt1jvDCzZ2712PqNAkt0Yyv5kaokv/Lh1Mn20PYPfgEPwpV/dhSFFFcWV0LBmvi5bjdpeeUA8iqqKUevuFHqK8caMiH61g/S3Qfg1KwShyKCnkLv7v7kOsUxiLehHZ53rw+GZfk4ElMIlLCmPl2kzcdc5jKKINIzGyCx0OXUprZdxZ0t5Ol8x+iRkwprppR+/Ltj5gzhoh7KhnQ==,iv:2vljKc9QUvDr74JOQnuTL+vhypu/qXBooOEzlX8Dcv0=,tag:FDcQ5wpnbpIGAVpJHGW2sw==,type:str] os: - crt: ENC[AES256_GCM,data:CXsU2fv7zBqJpVy8tYxA+iywmqj4c4CD75JijnjkBNwxLE4ufzEhluDUx1V9h7wfuuocZI1JaTOJpl5FL+RujPKiutbM2QURC/L8tuSXkofr5vN9htDvrXdmHNGMHvzRdeJqsP0CqrXM6GtKHCzbmiT8wHTtQN7e4CQMhSyYXLZEr/krZoz9yIe8b9DdFpotUbnthocsCOnB+I8V+RmimOtJ0UcrTr0w5oe2vrqCYquGPoINSloNkkc9sVmRcmdFwe7t0XSTUmqBMQCcN0Rmy3nrspNVN0lhNeSb82ivzMe9xmVdd+IO+Cfs2gmDtyl1Im8SNjTT6ak20sZ/V173J6o6PmWsmePKs5qoivEKymnaz1pEUB7RKO8oI782+XTLf+SsDtb5Z6J9GHjirWza3HDhEhzMMVNFeKgZ+5g5NDXDDA1uoYc7FMoMRSUV7CUEbV8Px+gQYHaITQRWbXDBbu28K4iEK+xhvWxF+vskYsYd4ZaIGnbV7L63wlseu3GltjNzhpvk/7xm7OcIpmU2ZhTbBGaybKlbE5t35X3DQybuFO5FVuDSAdLX+q4T6aN22v11AJbCWFP0JbFRKznyMGVJYfX2GrMhtMRSiY4diZeRY4I9en0XW+M5DfTZc1k41p4Y9XYIkWyjqRwzuB5wG+QZFlky0ScQ7viT9+epHSJCKBkdCGGPgcNgp6dFeQVaQ7cy2uyu//5W+oQZBrWC7pUmiyxBADsOTF5a9kLYJB9+1Tus6bz8frD6zP0q3qIbSHr7IH+F2SM0QAYg3Wn/57TdEzljuF+PHfXTVxIFEpCV6BpYWl/XJqdUdSyK3zzeqmvOqxwPrKJJcjYHg/DGG6PxcIExYkxTa8Q1F+2Q1J3deW28,iv:AfF/4IQ2nbHiuNz8sY6PBRsxvGU2xmoxeullm+3C+8U=,tag:BsE02mqdVv5I6a5ptLWlfg==,type:str] - key: ENC[AES256_GCM,data:lTp3HBuFE/2ENhQpS0/MCkbQHbhKsIUTpe/5i1TxnVO47IWr4F+fD8C6ogtAsMKzeITTGUZoLb/yiZq03/jYOjSCgazua9IYwtozFF/yqNObcS0+fWn9LtQHZE5Ao+SVkVNMsD5CyKzWgjDyH6MxjHNwlbf88Vl+FhUGbVZ5KeSn11Q7wmcqUCluJUz/6W5UZ4tl8Nijplg3S4tMQJ9JI5RzIbj8kP8n6C85RmVp+3dI3Cg5,iv:fFfBYlikmUZEn8mbEOLkfqW/WDbH9jxguVGfKi6HHrs=,tag:j8Km0tpj37yl3eA+hrMXsw==,type:str] + crt: ENC[AES256_GCM,data:IpDNiPF0Zei3qF/nhFDX1SkybadvApRBXsc8Hab3uvQfiEKFIeAT6HmU6gaRN0IklOxubp8c2+wN0sVLehJP4I5P1iiwKQXZi+eagkTTljy0KqrJCbs/49YGRfsnroVPUqsxC2wKrlAFeE4GNc4GfvAfgbU8Eeypwmzkh86wph6DOaHDu3sSa5lEtjHf/0oU+kBi3lkfAg7U6T+JQ4DAr/dhLpoinjlHYm3SJ4fGZi3jBbx0qYQs0TpzOCJi+OAjzVmZZvPC1QInyLHeFnBrJHuafpu3dgc3vTFM/cFErOQyDUAnXUV+v/7vBCIVEj/pGb8kfF05MxgyICf0l+6mlMCSHOFadhcL20t8R6ew086dQ6KvvdX+0UL1P3KxqyUjn42SMvQ7V/hWTQoCDNtjw2VRB8GaazpUqhUYydjnHrKUIFuZVKBpMVPxUrEhBoDTzFi7Xtp/BgGgblqTwPUspSQcQJqk0kzAmgHV0yPZD5jLF4LZmvJ1IF80/hCMO4h+hSaWkdPSKEeXxb1LNh4H8R4H44xHaBT1Zke2h6nRa2MS5E2VbAt3+k81wxdXREuK/L4UZK1n663roNNGtK8AsnOLsV34D0L40NZF+ClIhtvhXm2bZUKj1jmecOGdkNQaYR0C9QF8d8O6lyX/+4sZd1ntPVdo3QCMObxqv4xnvMtLoysVU9qbUx0wnFxWqb+B31F1qA586UE+x1XwaR51PsakZS/p8NY9XH20sFTHDiLmC7LFzsLKn1pW0hIw2jLCmtz7UqJy4ucMvlK/QbsTLuF7V1z23CEzVvA2vcR66wYqH0ft0BVrxR75/hg4OhWQsEiqJQR/rdNfzwSG0mTqqoJhYDCfnGR9E6BwYYG6doINRa1a,iv:vgNqCwmPi3kLodps6WnZ9mbt8eTr3iok0YKOIwHiTXU=,tag:gcwm6k9WEhP1d1E6BCMdCw==,type:str] + key: ENC[AES256_GCM,data:S6q9XKVn+omXvrWk6/cWr1qm+TTBMWXmy2Yk8y0bJ4Ff7onqgTCZly9od29Bf2m/MN0zS6jGkVIB0S/+vJNAuRDyTfm921Q2pf6Rz+v83VdnWVa3NG7yRd//eFeQQRNLNRA+pyBKSaanhhLQ0FgsT8hiqNRNN7Wc0SPgn6Jh5izKDCWIF7ac+0fi821m4eHqM3KJ5ubbTrVxmG6s5iyKZGVTwz2ZUC5C/Z8i6s2O1tltYnaN,iv:urWlnXt4/TJq3z4gsAEgcdm24o1HPJqRoU/wGgeLfnM=,tag:V80jbL/Ce0nySULOtchgbQ==,type:str] sops: age: - recipient: age1yzrqhl9dk8ljswpmzsqme3enad5kxxhsptdvecy3lwlq0ms80gaqxrctst enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwTkFTREQ5ZTRZOVY5L2pT - cTEzdFREUGdqUDNMZlN2RkduZUNmUkJrTTA0CnY0NHlzcC9oSXhxNkJRdnBTMEhM - ZmJDY0JMOEZJeS9ydGZwdStvbDRRQ00KLS0tIGYzM2toa3d0UTB3aEpyYW9lYklM - dlViYmZQdjZOYWNmakl0azcycDZwUk0KHoM23EHk94w0+VQeqHM1DGyxwsyG4NbJ - uIAsVPueSYcI7upO1Dd8sIHA3Dbg3MvQ4eNntkKbhVrPdzE4YF5FRg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwMzFXdjFFMHZHQndsTlhN + Vm02Y3AzcC9RK3hReFMwZlVzUlhHOTk4aEJ3Ci9HZXljMWdnKzg2Y0c1RE9WWXRo + MXNwT01iQUJBMGVIWndhUVZ1RnBsWXMKLS0tIDdXUWcrTlM2bTNHN0JiN3NPNmdB + TVJLTGxkUnRNNnQwVkNwUnp0dW9DZXMKBZJIslsC9yRHjfJ/WoSaVR4LeMDe7oay + mwryosGEdc5A3b9eLmHjMYQVpKFdhhIedoCFVdvFhIHkBzwC4RwHSw== -----END AGE ENCRYPTED FILE----- - lastmodified: "2026-02-04T15:21:39Z" - mac: ENC[AES256_GCM,data:CKYc6kgmpVlryPFEx0Zy71UOj/qV1jgjTchPdGT145KU9vFrPhfXl3r7X/cRmDp1ai8Ahms+pR/iC51EDqCl+m8TTBPASfvJuI4NbEoAdfJ1MsbBoyLZTqPeLEKan5oAvkbNWHbc2WweAcYirVR3mOng6mzlJTS07xJGGrU/mKk=,iv:LGBUno1An+vL91LIANhv7U7rn/thGs55ombWWreUL7s=,tag:+Lj4PRo0+tETFKyTNdhtMw==,type:str] + lastmodified: "2026-02-06T17:17:48Z" + mac: ENC[AES256_GCM,data:ZLF1w8jeBnfteAvNQCuaU+Vaw8aG5qWKZHx8z1dbfC/pmgr5EYO8Pf+T6O3Exxg/wdxRHmg0A9Ixy544m2Dmwyaf04n+neajGOHQZhpZZ2oESTrNYIeuKb3+CILuQ0S/x8SPbmPg04uu/B1w9iz13s2IZCBWWxG5zVuvcDiKADA=,iv:tlkn1LJUwyFzQkrOvSbJMV9Ffc0N6G5cBongR9Ix65s=,tag:NACeXpI7MuZZ5zkT3rncLg==,type:str] unencrypted_suffix: _unencrypted mac_only_encrypted: true version: 3.11.0 diff --git a/templates/config/talos/talconfig.yaml.j2 b/templates/config/talos/talconfig.yaml.j2 index bff070c..a7ea3c7 100644 --- a/templates/config/talos/talconfig.yaml.j2 +++ b/templates/config/talos/talconfig.yaml.j2 @@ -32,6 +32,7 @@ nodes: #% endif %# machineSpec: secureboot: #{ (true if item.secureboot else false) | string | lower }# + # grubUseUKICmdline: #{ (true if item.UseUKI else false) | string | lower }# talosImageURL: factory.talos.dev/installer#{ "-secureboot" if item.secureboot | default(false, true) }#/#{ item.schematic_id }# controlPlane: #{ (item.controller) | string | lower }# networkInterfaces: diff --git a/templates/config/talos/talenv.yaml.j2 b/templates/config/talos/talenv.yaml.j2 index d64ee92..2a9dad2 100644 --- a/templates/config/talos/talenv.yaml.j2 +++ b/templates/config/talos/talenv.yaml.j2 @@ -1,4 +1,4 @@ # renovate: datasource=docker depName=ghcr.io/siderolabs/installer -talosVersion: v1.12.2 +talosVersion: v1.11.3 # renovate: datasource=docker depName=ghcr.io/siderolabs/kubelet -kubernetesVersion: v1.35.0 +kubernetesVersion: v1.34.0