diff --git a/manifests/cilium/cilium-allow-google.yaml b/manifests/cilium/cilium-allow-google.yaml index 62cd7ac..cb888d3 100644 --- a/manifests/cilium/cilium-allow-google.yaml +++ b/manifests/cilium/cilium-allow-google.yaml @@ -9,484 +9,24 @@ spec: app.kubernetes.io/instance: server-xray-public app.kubernetes.io/name: server-xray egress: + - toPorts: + - ports: + - port: "53" + protocol: ANY - toPorts: - ports: - port: "80" - protocol: TCP + protocol: ANY + - port: "8080" + protocol: ANY - port: "443" - protocol: TCP - toCIDR: - - 8.8.4.0/24 - - 8.8.8.0/24 - - 8.34.208.0/20 - - 8.35.192.0/20 - - 23.236.48.0/20 - - 23.251.128.0/19 - - 34.0.0.0/15 - - 34.2.0.0/16 - - 34.3.0.0/23 - - 34.3.3.0/24 - - 34.3.4.0/24 - - 34.3.8.0/21 - - 34.3.16.0/20 - - 34.3.32.0/19 - - 34.3.64.0/18 - - 34.4.0.0/14 - - 34.8.0.0/13 - - 34.16.0.0/12 - - 34.32.0.0/11 - - 34.64.0.0/10 - - 34.128.0.0/10 - - 35.184.0.0/13 - - 35.192.0.0/14 - - 35.196.0.0/15 - - 35.198.0.0/16 - - 35.199.0.0/17 - - 35.199.128.0/18 - - 35.200.0.0/13 - - 35.208.0.0/12 - - 35.224.0.0/12 - - 35.240.0.0/13 - - 57.140.192.0/18 - - 64.15.112.0/20 - - 64.233.160.0/19 - - 66.22.228.0/23 - - 66.102.0.0/20 - - 66.249.64.0/19 - - 70.32.128.0/19 - - 72.14.192.0/18 - - 74.125.0.0/16 - - 104.154.0.0/15 - - 104.196.0.0/14 - - 104.237.160.0/19 - - 107.167.160.0/19 - - 107.178.192.0/18 - - 108.59.80.0/20 - - 108.170.192.0/18 - - 108.177.0.0/17 - - 130.211.0.0/16 - - 136.22.160.0/20 - - 136.22.176.0/21 - - 136.22.184.0/23 - - 136.22.186.0/24 - - 136.124.0.0/15 - - 142.250.0.0/15 - - 146.148.0.0/17 - - 152.65.208.0/22 - - 152.65.214.0/23 - - 152.65.218.0/23 - - 152.65.222.0/23 - - 152.65.224.0/19 - - 162.120.128.0/17 - - 162.216.148.0/22 - - 162.222.176.0/21 - - 172.110.32.0/21 - - 172.217.0.0/16 - - 172.253.0.0/16 - - 173.194.0.0/16 - - 173.255.112.0/20 - - 192.158.28.0/22 - - 192.178.0.0/15 - - 193.186.4.0/24 - - 199.36.154.0/23 - - 199.36.156.0/24 - - 199.192.112.0/22 - - 199.223.232.0/21 - - 207.223.160.0/20 - - 208.65.152.0/22 - - 208.68.108.0/22 - - 208.81.188.0/22 - - 208.117.224.0/19 - - 209.85.128.0/17 - - 216.58.192.0/19 - - 216.73.80.0/20 - - 216.239.32.0/19 - - 2001:4860::/32 - - 2404:6800::/32 - - 2404:f340::/32 - - 2600:1900::/28 - - 2605:ef80::/32 - - 2606:40::/32 - - 2606:73c0::/32 - - 2607:1c0:300::/40 - - 2607:f8b0::/32 - - 2620:11a:a000::/40 - - 2620:120:e000::/40 - - 2800:3f0::/32 - - 2a00:1450::/32 - - 2c0f:fb50::/32 - toFQDNs: - - matchPattern: "google.com" - - matchPattern: "google.ad" - - matchPattern: "google.ae" - - matchPattern: "google.com.af" - - matchPattern: "google.com.ag" - - matchPattern: "google.al" - - matchPattern: "google.am" - - matchPattern: "google.co.ao" - - matchPattern: "google.com.ar" - - matchPattern: "google.as" - - matchPattern: "google.at" - - matchPattern: "google.com.au" - - matchPattern: "google.az" - - matchPattern: "google.ba" - - matchPattern: "google.com.bd" - - matchPattern: "google.be" - - matchPattern: "google.bf" - - matchPattern: "google.bg" - - matchPattern: "google.com.bh" - - matchPattern: "google.bi" - - matchPattern: "google.bj" - - matchPattern: "google.com.bn" - - matchPattern: "google.com.bo" - - matchPattern: "google.com.br" - - matchPattern: "google.bs" - - matchPattern: "google.bt" - - matchPattern: "google.co.bw" - - matchPattern: "google.by" - - matchPattern: "google.com.bz" - - matchPattern: "google.ca" - - matchPattern: "google.cd" - - matchPattern: "google.cf" - - matchPattern: "google.cg" - - matchPattern: "google.ch" - - matchPattern: "google.ci" - - matchPattern: "google.co.ck" - - matchPattern: "google.cl" - - matchPattern: "google.cm" - - matchPattern: "google.cn" - - matchPattern: "google.com.co" - - matchPattern: "google.co.cr" - - matchPattern: "google.com.cu" - - matchPattern: "google.cv" - - matchPattern: "google.com.cy" - - matchPattern: "google.cz" - - matchPattern: "google.de" - - matchPattern: "google.dj" - - matchPattern: "google.dk" - - matchPattern: "google.dm" - - matchPattern: "google.com.do" - - matchPattern: "google.dz" - - matchPattern: "google.com.ec" - - matchPattern: "google.ee" - - matchPattern: "google.com.eg" - - matchPattern: "google.es" - - matchPattern: "google.com.et" - - matchPattern: "google.fi" - - matchPattern: "google.com.fj" - - matchPattern: "google.fm" - - matchPattern: "google.fr" - - matchPattern: "google.ga" - - matchPattern: "google.ge" - - matchPattern: "google.gg" - - matchPattern: "google.com.gh" - - matchPattern: "google.com.gi" - - matchPattern: "google.gl" - - matchPattern: "google.gm" - - matchPattern: "google.gr" - - matchPattern: "google.com.gt" - - matchPattern: "google.gy" - - matchPattern: "google.com.hk" - - matchPattern: "google.hn" - - matchPattern: "google.hr" - - matchPattern: "google.ht" - - matchPattern: "google.hu" - - matchPattern: "google.co.id" - - matchPattern: "google.ie" - - matchPattern: "google.co.il" - - matchPattern: "google.im" - - matchPattern: "google.co.in" - - matchPattern: "google.iq" - - matchPattern: "google.is" - - matchPattern: "google.it" - - matchPattern: "google.je" - - matchPattern: "google.com.jm" - - matchPattern: "google.jo" - - matchPattern: "google.co.jp" - - matchPattern: "google.co.ke" - - matchPattern: "google.com.kh" - - matchPattern: "google.ki" - - matchPattern: "google.kg" - - matchPattern: "google.co.kr" - - matchPattern: "google.com.kw" - - matchPattern: "google.kz" - - matchPattern: "google.la" - - matchPattern: "google.com.lb" - - matchPattern: "google.li" - - matchPattern: "google.lk" - - matchPattern: "google.co.ls" - - matchPattern: "google.lt" - - matchPattern: "google.lu" - - matchPattern: "google.lv" - - matchPattern: "google.com.ly" - - matchPattern: "google.co.ma" - - matchPattern: "google.md" - - matchPattern: "google.me" - - matchPattern: "google.mg" - - matchPattern: "google.mk" - - matchPattern: "google.ml" - - matchPattern: "google.com.mm" - - matchPattern: "google.mn" - - matchPattern: "google.com.mt" - - matchPattern: "google.mu" - - matchPattern: "google.mv" - - matchPattern: "google.mw" - - matchPattern: "google.com.mx" - - matchPattern: "google.com.my" - - matchPattern: "google.co.mz" - - matchPattern: "google.com.na" - - matchPattern: "google.com.ng" - - matchPattern: "google.com.ni" - - matchPattern: "google.ne" - - matchPattern: "google.nl" - - matchPattern: "google.no" - - matchPattern: "google.com.np" - - matchPattern: "google.nr" - - matchPattern: "google.nu" - - matchPattern: "google.co.nz" - - matchPattern: "google.com.om" - - matchPattern: "google.com.pa" - - matchPattern: "google.com.pe" - - matchPattern: "google.com.pg" - - matchPattern: "google.com.ph" - - matchPattern: "google.com.pk" - - matchPattern: "google.pl" - - matchPattern: "google.pn" - - matchPattern: "google.com.pr" - - matchPattern: "google.ps" - - matchPattern: "google.pt" - - matchPattern: "google.com.py" - - matchPattern: "google.com.qa" - - matchPattern: "google.ro" - - matchPattern: "google.ru" - - matchPattern: "google.rw" - - matchPattern: "google.com.sa" - - matchPattern: "google.com.sb" - - matchPattern: "google.sc" - - matchPattern: "google.se" - - matchPattern: "google.com.sg" - - matchPattern: "google.sh" - - matchPattern: "google.si" - - matchPattern: "google.sk" - - matchPattern: "google.com.sl" - - matchPattern: "google.sn" - - matchPattern: "google.so" - - matchPattern: "google.sm" - - matchPattern: "google.sr" - - matchPattern: "google.st" - - matchPattern: "google.com.sv" - - matchPattern: "google.td" - - matchPattern: "google.tg" - - matchPattern: "google.co.th" - - matchPattern: "google.com.tj" - - matchPattern: "google.tl" - - matchPattern: "google.tm" - - matchPattern: "google.tn" - - matchPattern: "google.to" - - matchPattern: "google.com.tr" - - matchPattern: "google.tt" - - matchPattern: "google.com.tw" - - matchPattern: "google.co.tz" - - matchPattern: "google.com.ua" - - matchPattern: "google.co.ug" - - matchPattern: "google.co.uk" - - matchPattern: "google.com.uy" - - matchPattern: "google.co.uz" - - matchPattern: "google.com.vc" - - matchPattern: "google.co.ve" - - matchPattern: "google.co.vi" - - matchPattern: "google.com.vn" - - matchPattern: "google.vu" - - matchPattern: "google.ws" - - matchPattern: "google.rs" - - matchPattern: "google.co.za" - - matchPattern: "google.co.zm" - - matchPattern: "google.co.zw" - - matchPattern: "google.cat" - - matchPattern: "*.google.com" - - matchPattern: "*.google.ad" - - matchPattern: "*.google.ae" - - matchPattern: "*.google.com.af" - - matchPattern: "*.google.com.ag" - - matchPattern: "*.google.al" - - matchPattern: "*.google.am" - - matchPattern: "*.google.co.ao" - - matchPattern: "*.google.com.ar" - - matchPattern: "*.google.as" - - matchPattern: "*.google.at" - - matchPattern: "*.google.com.au" - - matchPattern: "*.google.az" - - matchPattern: "*.google.ba" - - matchPattern: "*.google.com.bd" - - matchPattern: "*.google.be" - - matchPattern: "*.google.bf" - - matchPattern: "*.google.bg" - - matchPattern: "*.google.com.bh" - - matchPattern: "*.google.bi" - - matchPattern: "*.google.bj" - - matchPattern: "*.google.com.bn" - - matchPattern: "*.google.com.bo" - - matchPattern: "*.google.com.br" - - matchPattern: "*.google.bs" - - matchPattern: "*.google.bt" - - matchPattern: "*.google.co.bw" - - matchPattern: "*.google.by" - - matchPattern: "*.google.com.bz" - - matchPattern: "*.google.ca" - - matchPattern: "*.google.cd" - - matchPattern: "*.google.cf" - - matchPattern: "*.google.cg" - - matchPattern: "*.google.ch" - - matchPattern: "*.google.ci" - - matchPattern: "*.google.co.ck" - - matchPattern: "*.google.cl" - - matchPattern: "*.google.cm" - - matchPattern: "*.google.cn" - - matchPattern: "*.google.com.co" - - matchPattern: "*.google.co.cr" - - matchPattern: "*.google.com.cu" - - matchPattern: "*.google.cv" - - matchPattern: "*.google.com.cy" - - matchPattern: "*.google.cz" - - matchPattern: "*.google.de" - - matchPattern: "*.google.dj" - - matchPattern: "*.google.dk" - - matchPattern: "*.google.dm" - - matchPattern: "*.google.com.do" - - matchPattern: "*.google.dz" - - matchPattern: "*.google.com.ec" - - matchPattern: "*.google.ee" - - matchPattern: "*.google.com.eg" - - matchPattern: "*.google.es" - - matchPattern: "*.google.com.et" - - matchPattern: "*.google.fi" - - matchPattern: "*.google.com.fj" - - matchPattern: "*.google.fm" - - matchPattern: "*.google.fr" - - matchPattern: "*.google.ga" - - matchPattern: "*.google.ge" - - matchPattern: "*.google.gg" - - matchPattern: "*.google.com.gh" - - matchPattern: "*.google.com.gi" - - matchPattern: "*.google.gl" - - matchPattern: "*.google.gm" - - matchPattern: "*.google.gr" - - matchPattern: "*.google.com.gt" - - matchPattern: "*.google.gy" - - matchPattern: "*.google.com.hk" - - matchPattern: "*.google.hn" - - matchPattern: "*.google.hr" - - matchPattern: "*.google.ht" - - matchPattern: "*.google.hu" - - matchPattern: "*.google.co.id" - - matchPattern: "*.google.ie" - - matchPattern: "*.google.co.il" - - matchPattern: "*.google.im" - - matchPattern: "*.google.co.in" - - matchPattern: "*.google.iq" - - matchPattern: "*.google.is" - - matchPattern: "*.google.it" - - matchPattern: "*.google.je" - - matchPattern: "*.google.com.jm" - - matchPattern: "*.google.jo" - - matchPattern: "*.google.co.jp" - - matchPattern: "*.google.co.ke" - - matchPattern: "*.google.com.kh" - - matchPattern: "*.google.ki" - - matchPattern: "*.google.kg" - - matchPattern: "*.google.co.kr" - - matchPattern: "*.google.com.kw" - - matchPattern: "*.google.kz" - - matchPattern: "*.google.la" - - matchPattern: "*.google.com.lb" - - matchPattern: "*.google.li" - - matchPattern: "*.google.lk" - - matchPattern: "*.google.co.ls" - - matchPattern: "*.google.lt" - - matchPattern: "*.google.lu" - - matchPattern: "*.google.lv" - - matchPattern: "*.google.com.ly" - - matchPattern: "*.google.co.ma" - - matchPattern: "*.google.md" - - matchPattern: "*.google.me" - - matchPattern: "*.google.mg" - - matchPattern: "*.google.mk" - - matchPattern: "*.google.ml" - - matchPattern: "*.google.com.mm" - - matchPattern: "*.google.mn" - - matchPattern: "*.google.com.mt" - - matchPattern: "*.google.mu" - - matchPattern: "*.google.mv" - - matchPattern: "*.google.mw" - - matchPattern: "*.google.com.mx" - - matchPattern: "*.google.com.my" - - matchPattern: "*.google.co.mz" - - matchPattern: "*.google.com.na" - - matchPattern: "*.google.com.ng" - - matchPattern: "*.google.com.ni" - - matchPattern: "*.google.ne" - - matchPattern: "*.google.nl" - - matchPattern: "*.google.no" - - matchPattern: "*.google.com.np" - - matchPattern: "*.google.nr" - - matchPattern: "*.google.nu" - - matchPattern: "*.google.co.nz" - - matchPattern: "*.google.com.om" - - matchPattern: "*.google.com.pa" - - matchPattern: "*.google.com.pe" - - matchPattern: "*.google.com.pg" - - matchPattern: "*.google.com.ph" - - matchPattern: "*.google.com.pk" - - matchPattern: "*.google.pl" - - matchPattern: "*.google.pn" - - matchPattern: "*.google.com.pr" - - matchPattern: "*.google.ps" - - matchPattern: "*.google.pt" - - matchPattern: "*.google.com.py" - - matchPattern: "*.google.com.qa" - - matchPattern: "*.google.ro" - - matchPattern: "*.google.ru" - - matchPattern: "*.google.rw" - - matchPattern: "*.google.com.sa" - - matchPattern: "*.google.com.sb" - - matchPattern: "*.google.sc" - - matchPattern: "*.google.se" - - matchPattern: "*.google.com.sg" - - matchPattern: "*.google.sh" - - matchPattern: "*.google.si" - - matchPattern: "*.google.sk" - - matchPattern: "*.google.com.sl" - - matchPattern: "*.google.sn" - - matchPattern: "*.google.so" - - matchPattern: "*.google.sm" - - matchPattern: "*.google.sr" - - matchPattern: "*.google.st" - - matchPattern: "*.google.com.sv" - - matchPattern: "*.google.td" - - matchPattern: "*.google.tg" - - matchPattern: "*.google.co.th" - - matchPattern: "*.google.com.tj" - - matchPattern: "*.google.tl" - - matchPattern: "*.google.tm" - - matchPattern: "*.google.tn" - - matchPattern: "*.google.to" - - matchPattern: "*.google.com.tr" - - matchPattern: "*.google.tt" - - matchPattern: "*.google.com.tw" - - matchPattern: "*.google.co.tz" - - matchPattern: "*.google.com.ua" - - matchPattern: "*.google.co.ug" - - matchPattern: "*.google.co.uk" - - matchPattern: "*.google.com.uy" - - matchPattern: "*.google.co.uz" - - matchPattern: "*.google.com.vc" - - matchPattern: "*.google.co.ve" - - matchPattern: "*.google.co.vi" - - matchPattern: "*.google.com.vn" - - matchPattern: "*.google.vu" - - matchPattern: "*.google.ws" - - matchPattern: "*.google.rs" - - matchPattern: "*.google.co.za" - - matchPattern: "*.google.co.zm" - - matchPattern: "*.google.co.zw" - - matchPattern: "*.google.cat" + protocol: ANY + - port: "27015" + protocol: ANY + - port: "45000" + endPort: 60000 + protocol: UDP + toEntities: + - world + - host + - remote-node diff --git a/manifests/cilium/cilium-policy.yaml b/manifests/cilium/cilium-policy.yaml new file mode 100644 index 0000000..c7af3ef --- /dev/null +++ b/manifests/cilium/cilium-policy.yaml @@ -0,0 +1,17 @@ +apiVersion: "cilium.io/v2" +kind: CiliumNetworkPolicy +metadata: + name: "cilium-policy-allow-dns" + namespace: public-xray +spec: + endpointSelector: + matchLabels: + app.kubernetes.io/instance: server-xray-public + app.kubernetes.io/name: server-xray + egress: + - toPorts: + - ports: + - port: "53" + protocol: ANY + - toCIDR: + - 1.1.1.1/32 diff --git a/values/badhouseplants/secrets.server-xray-public.yaml b/values/badhouseplants/secrets.server-xray-public.yaml index debf729..51fe0c3 100644 --- a/values/badhouseplants/secrets.server-xray-public.yaml +++ b/values/badhouseplants/secrets.server-xray-public.yaml @@ -1,28 +1,28 @@ files: - config: - enabled: ENC[AES256_GCM,data:IeE1oA==,iv:tDAmGSUCTvP2Ey1BBvpWvhqUN9Y5CpkT/2aU0LM8XPk=,tag:3PNVGpWh2/dJW2+X3/iSaw==,type:bool] - sensitive: ENC[AES256_GCM,data:/CF2INw=,iv:TUBu92fuG+M1SCCEOhPC2s5LFMCIedUMEca2dZK41P4=,tag:wCVVKJAPpFl507jlj3oKgQ==,type:bool] - remove: [] - entries: - config.json: - data: ENC[AES256_GCM,data:zcHfzYfEiAY31+7xSYZk88yxQl0Vsem0koVdhtx00mRUzPxAmgQCxOEYge5iu7SXHzUlkftPjuzpjxPkSvIAgW9DqyelssftmH3pIO3G7jpj4gcff8S7jTncloDpeTei81H0sXNkceeSGzYZ2xll3yWKmPuGLgCElz/mZnkcgnC5bS+4QpRHDYyqZj69ZRLJj20o1am0fEWANIisvaGO53R0fHhHgvJQyhtutIqMMfOFAECqEjeBDLJaym85Za8x3UAsRnVXAbiR/ftZkE9WuhtmdawRRuaG4SC6kQaI+A8HijAC7o5TaeN7O66CHMntssJhW2Bw0WK3kkwaArrPvNmdKWj2Cusif9PhWdMrW9ZsYqXt1UGRaLYBZcuugkvb0q/MTE1E/jr++r5t7GK2aAZxYx1H7iLAoopOlKTVqT78N3j/5f9TZE6TKXBbwbAi2e/f2uTwCYvX8K9QYjgG/2FJ9q53PqkPOFVw0iDL1QbcMTxhaE8rQpVQ9jyyr6iSTD72EWPccVa/yFIcb/x+BC1Xyy7BK61+NzG+jGEnv5bhsE5cnN42I1lVHgfJzjDUyufayf9X4HUoKlR8f4vKTDxZeluGgmM9Q95dOB3dysxKl91aT4hRtRmhYvdsFyGOAWUEMGUX6IXw62g4hGyIezmNoz9yV/3laJDNxVlQTWDIPx2O+kMelpDtVaJHypNEcgmkkbSs+Ib5geqia4TNF61bX/8mPX4UaJKEgP+TBsrgwFwiqtntGfSyu/X7FcUtuZw52g+t7doMSn39dLMsPfjnZk56wXtKT3QIJ1H2WJN1/bz0kOcVkvMS6UpoTCILwiAsEFX7j6pXJBWbF+6NaofXbXHA07vXexfE2HytfnWYX93DpjF4+8rFHh1b8f2UrOikAxbx+1nGEnQ1hQeB4dBaCwQgGcbeN6fy2YGwMAg732zqcxKcNciMAv2KOzSBQD/JXKyeVqY2+lVHm4leTyb5TATypvOcNkfBco3USif9sOr94qfgTdF472fMSqn9Mj3TrgkHGA+5rTOCeLquz/p2TZgXIGBC/toCIzwyynnykJG1PZ5T0MqXzsJ8Wmkx5LRNBkgWXSlJSA42hxGaMW4a5H0dpYKF3uB742CRCMXTL7CcwTV7Dem+nvVREZAFNaAn2q0cRSJxI8LfEtinxU2qbDUh/qdVZ4pfHr1uwzOLZFu5rt6q9mzXfgmjY7kMUn8tdb64v/ZZhli7UZ20Wy6WbNyVWf/gW0cfa1sfnB0zhPij413fXAbeh9m/sWs3EJljTBfIbWUXs1n0DD10uL9Wzx8VtJr7YDs98mgb1G5Z+MBXvWlQqXL8SW5Q+Ohloo94yGt88wu4zGrMdm5WDFN2DkJxLAm8y+Pme0YL5IShZdO/I0JMIs/8AnmKR77PfbEZr8VJJzLiZOHj8Y36q9KFYjmIqUOLlbXwFYJlbzyL8HMnPyN72BAezAtR02a8/vRZG+z0nJ43IXNlJIkgDTu8tdoOffig3HyQM5jzc1/68q7FhR9jAcLkkiUuUOwxLN4uZGdta+IIdqcGpHnsA6Mr7LELo7lYxkRRy1jgNwz/AvtMRloY6sLamNnfJ24PEbykuuTG+ZLnHNbNWGiie1r4jwmaA2AnR0iVCRxx88Loxjt3DdQIGv4ATir1GrQcxmMr6lC3a6gsLM9Q0SS7SRVQn8UBnFOAcFe7Pw/oiVd46wUIoyMogtIA2q8Z0WfLXDcBSEj/sedlbCjC/zK26kZ1xnhvQFtw/9zDO67+UTxwKxIxBFDUoJ7/4BObN14x9xjsKG6Ue+7EEMFlTNsGJg9i/ICQP2xA5Os9Hv87nMMc8AYhBUIDyRe37h4cvZHA5fk9hAam8eYeAj68KnNenl8O7mPs7FSi/qCE18xIfYM+49OVwDwshW7O+1sHhjDPSmy0QZ/zj/0mLNdZb/dQTAyWu0oSVDYsUrsH197xvGdXJHwOBl2Y4VV74zx2lFAl/AeztqDt+1m2ZavD3/mwvzPLUBfPgXhrkVa12qlCEWJgTbl07/9fvyi/LniHG2vEbfk3d2M28Nx1X1vD5qPDExPtoBjOqi2XG+2inY8L9jz59UNTU4sYRXKt2r5NJBR6CZ8wYlVDzPXG48lpQd48/EX2trWpMZhr8wWerg2mv6NGqcZaxXL+MzfkUNxdFJdsHtvJ9cQtdBpOgam6YeHUCQ/IhUqKaOt3ke+et6L8GMjTmCs0QIYtH0UZCVOcRn5QkqIbTfvPIPv8nKnsqtHGXW83zCkupgxD7WCB4ewT0F/n571ZSouifXNF24/3EO16xkGgHBVHZdHXGO2b74CcfnHX+NTH3xBFBEf1zQx0cbQuhKtF6dna1vGOudMExG6otBTPB7U/2+l8yK0l90TuZ6SKtCmL4b3LcdbR1vwE0i1Az4/di8Ro1cuVI79kG7lzXL0EUddDPi3fwoOWtHyHaS3cwHLxGxN5WH4OXLy69No5NkvbTDx93Yp0j1g/3wDKuvS+zMWP3d1czrz8bUZ5U3cFJTQhB6JsqWhO/nfbovLGun5PRLUPzcaZpXRY1N98LvRIHHkj3+GGr7IFo3pNluh90Bpd/lDkqYD/iJs+zEqyEgaRxdaS3WXYVI9Yaxx9bG06SvVsviI86qYU2Rs8Fwe328n0xjwfeNthPx0QunSOoTOTU5pTOeVaM0Lb60M45YxfwKD7CP7Pa0X2OI54tQzAd2KU2nEy+reuwVHN/4D1MHDwncSqUO/kdrQeWwTMwtodSpHW9C4UyGQC79oSJnVi9YRJaPIw+J2BcDjOcAmphJXA/KRFei33Ms3OM5019lP3dq0S26slvrWK7VLia34JuKTCuVZXix51uCk8jG5jbCjZzJCY38HsR/Y2+g4mZZQY2lDhzALYZSXW7yMvqTNDIae6ynJTEENbUJLFQnwBX7KY7ZpUy3R4VDrP32vaDGBFXvN5EY0KrJ1gGQXQKW7Rdm0oPoVeezAqJumhKJ+ZR2VFMb3FGcWbsUNH3eyITJ0nJ9M24a4T/5DNRWqshIjv6jWY5gtlV8deEztXxal3sRAnGC+PNqup7pV2YitJIhZP356xG2wQSj1pgz/VNxdQ8hFgpdHOf08eoGu4tvI08lFuvX3QP/HWvLtKOhUN4dpTCQtktxCbQfM4FKmTwNDhQGfD0i+Xc8xEaF+LShEg8WvO/BqSyDZ/n+YeELgZ551d/1820iEdiAreCgOXUrsOZa0n5kAxrTuCEVZErdoqV45fQOYS7Ka9YUurJJG68jCodw22A7HiBCWjSoO+kLbAkeY5ZV5fgmkf5YeMtGiZh9XGq1wXDUBrb5CYpOnGlGwPv4Vz6A==,iv:LQwajPlEu5Jizce4veKcKJs8LlUXZ7ai26IDvsjJ8dg=,tag:+ojhEALok4xtQCMIaWWYoQ==,type:str] + config: + enabled: ENC[AES256_GCM,data:y18c2g==,iv:FRD+qBN7L0ysAY3ht9FE8OXS4w/k0yFiRYAVtf5d+uo=,tag:H5lD0h7kSpIAhy83Vxn3og==,type:bool] + sensitive: ENC[AES256_GCM,data:RGe20/Y=,iv:YmPgCW3bn7TStBaKF2goO8SKCdVnoQgOKm4wPwf2e2o=,tag:hQk9ODykd+w19BgSYs0M7w==,type:bool] + remove: [] + entries: + config.json: + data: ENC[AES256_GCM,data:zBd+SBz7E5Z6kG8JN8UXktwMbDe9Y4BToj2LbOYypt7IHpXa8Q7ap87DuqEtl7vwK6FhfLehsfdUA64TnGbrhurU0NwaaIUx0Gnw6W0u6HQKYAsPp7or4WZ7+sOzRGy8fMij+QLuP1xyMQ0NchKFhL61SaTmo3bKwRUHHcF97xscoPltPcJEJe9FLEetB1EHKeGeK2YeZgGR4MOEkmfN+zP8AisXczKvujVYHNpnyxFpT/em0QZcD8HjDhd1NyESKmBRmjJLuUX3UR0VnQVxMmKq4KWbrAJ24ge3UGJwtN8tyHEJ0143AGjdslOmmgNhiDCTmuaKEaiaRpjDKRLfU8kNW3G4kIquKYhSN9pYCynD0muRB/pAlx5MWzkAupM62rcRf+Plq9NNtrLiHM+adMS4F62GO/Qx6upMYrKCjadFOLGbc0HkGar534Tdawdi6ghOyK2fAERgqdoDbymx20CMN7fJpeh4kYQ4DfKzA5O7YntkRX8PDgtVS22XgQSXFkSxVJG5mYntSy4Ml37Ya5PN4GNRRQ76hCDbhfQvvdyg1LnCN1x3mpP6DP7PNQdqCUGlcKI03/UrGtqatekbyLGiS9OB12uA9SvNGdRQDP669xKG2lgqBB7djFrPhgZj8ZXKxdzNaZijZVVkETieNEQ/KvxWAAjilCtWHTld5FL1inrLjzFB2+hFFzQnbAeHSRvRJKW9GNysK1yt0Lq/cbthDbYYWElugoNPW+q3nJ7wP5aWKLkPVj31/rN0y6OFE/SGqXrdmHlnixzoyG+M63P3ZwnnJIwiIrnn3RdCvMenJl7ui3aGtxituFFnKw2UN1oein5nEuaUtiQ8MYNLX2CvUt3j4TqVrCV8DUNCG10dOGQzZGEpR7fNMctIPXJQjqsS6Cam+9/MK9g+I5x47Fo5C4vMmRf/4aKGMjMj7Kxwu7TZcvXY99Lap+PxQFFLqOxyJBMyPlpaHmpoYRLJfwdPlHIwPny0j5Esat+G8OFhDwYOBR8NVlDIyFGyUyIhd8IWeJhuVR73Nnhtd+e7UIPpRiUgC/H9aIBgfN2Cv83lZ5LSGewcV6sn6olrHKh4jobmNboHatr6rw/KviDD7qz/7dfyav2AnxE+a/jyeo+viA1pz9QxxRFWguBQLDBpuh+oXzLSK2GyMPJMmJHp8BdG390W0aVcUhOusFy8UneZYf2dVSwh1KPPSjOCfPWFO3WHQ0OdFkqzKnizecy9vqJOGzzyNj21BS6JnFuRQuRzlXuXW62P5a7GZPBSPpqNB8V42udHfwzc4jMOGDrlvrguHXyGuNCPlWPxtN4Wx1neW43+BU+sO7xZNcS71KwyGiJ1Dd/K9qmjH3GJIc/M3PqssGHfiHVmZighc+I2YjF71sKfQfU3dypcT7JYBwXO0R384gLEaovo7KzW3udg4PnpnMVIOGLCRfMNlLBMyombvFFzn+cM8veJ6UK086WNV8ikIjz2odbqlxJxvjwytxkuTPFu0AjmM1d6sTreCVTOKMssXWaCjowBzrxJNXczW9K4YtVkN0fGkQUDIo5ROMoQjF/EM/I5uTtMNWlnUwqa2Y+yequLR/aGYXhb5H635NmOwgeNtNv/LC6oPWhjz0IHzo1l9xk9dSBFRtYS0RLaX7ik1ojeQ2xCv9g26OZWhnwi5g32hKwy/bEmVCaU46i9OarlJUKGA5NKVbxN6J6J7HI1kBClSqXG1Rd8IUG2E4BBb0AiQzlfuU/KaNSwPa/0xTmbbTOrLNw22EfSG7yA6hoQybljWDMCXb3b4DP5b3F8bRNyuFD4+2WjONe6eYTc3a2kX7z7RQdiRuHtVsyPMeOjR/V8QWu9kRD4M9wBnlG8y9miRyALKV511zgTZ2be0TfNHX+/LDY6OdcnmT4LfBU+3+YhLg23Bfqf4MWb5Gs5qqUVQsDH8BCWrbidTfZC6wrIx57hLup9dXi7pqDkWAnKOdYtoFCdDkMTWZ12ETr10jAdFOF92dZRBVsGsnd1X4ddVWRTuDgqEvt/RA4raA8HS7kuzQ/5m4m06LVF+tAY7wbyoUBcTDQqvg1mN7y4TPMcnmR9AXQ9YrryAsm0GbSL5TFY2llhX6n5sUMFZOZ2bp3lAZKuGGImH93fNnBtb2iE0Hg5eYoAWotCgpMa1WFQXEHcXwG07DEt9l4jXWKH8hPx4tl8HKRqvk/I3A4FKmIu5xHrh6jzOEmyCOY9XDoEDiPaRQqniCRjoOThhtVLCw8bTmzuSk0E1tW+ympwzA6Xd7UsiYVk+Als6oPiLwZBJrnTW0YVHPcSx6psfrb1WZt7g+nxmIIOV2C/DUSzn6B/I6hIbl8iSnEtKptpkf2B0yS6Fe811tA5rmSqqpWaMC3eAcIuvsMG7eL97IAiuRNeK2RaJ7mIsS1unTA1eqQEjBTpSAKPBlow5xLxL8D49qVchsprfTTBNcocQE53Gce8+11HArRN+ihlvuEVUbddYtyiIVsXnSvgQsD36quXoIlpzxkSRB5a1zok3xMYA4OZ8uX99bSrokNWBiqKMRAQveF6ttR+ZAtSQiK/LYw+B3FLatX0WYN7dJ9rDk4YPuj+X46CeA8UllqlcSKiYSur630XyBJMKImthy+ZcgZZO4i/8cv/nZuSZN/vin926jNAJCjuXssz7LofqBXG4hZK2qJ9XSIxiEZHIHR0RUy6suXXHaSMzNqODTv8wyKJJNhx0e6zyr7IE2H3dH+a60R3UbZSlm6zNPqEbAqlNtS/sVa8tDMj/SdB+oi3tuWqK+5dfB54sX0oqWANdzTuDkg9Y+3rNNZ/dcPhuC2FPxxaiiGrdXw2wZuIj08X2W8VGuoKDLe0UVAZp1bU8Z0xFhduLZR+LcB3X/NjrbqwLGKMJhzwiB6UsuMOuQcNFwwpHlfm3nfEQY+ZO7SVilPNeRpyVLyACHovUi09M+fadwPOOhI+NqKs3Q/HjxFQO2VQNRsXoH4+WguOBbHF6oJxqHy92JXeebzMjEjj08ywe6FEaWvb+IrVkipvvpoYo06alGVMeyykhXWAgyLflftXsPOIPZIBYMAnZXSUgptRc8WtNOng5E2h2uQuwgTFU3ku/3IxUnbrWWp+6pvYtq84MrJOM2nowPBeTIyl8tsFB8sEJo/MUvjufDmpnhDifR6XWxoJKE5TtZNXzwTm1/ToaB26WUEWS7FCvKJkTMrY5hI8tD/OV+nuM+GChsPa1dR8TjyofjztjkIaOpp6/ULb5LMGXrOvi4ACWfMJxReKtGfJEMrPeKUI77MjHe3dUej050o5lDEUITgq4lMD5r4pzlwYqdKv5drpnJKy9NPr/3Xzv+4OhGXHyDqjlolHSqYIIQj2HQvBRAUfy1aHEIfWYQ6qproD7TAI9AD1VCFg8JCZrjNCJLc/rRdsdkCfCiB1ekJnV7zafKaWmfmLx4GRbLEvbn2v3TOnaODEj8EsTS768c8se6YXy9nyamjgQ+GdmIu79F8MMWKdgz+KQgQvt+hgBxpZxDDIA4NxpqMaNdGrWGt6pQb4pcSzE5MssjKt4ke7CVwYUQg6LfTB1b/1DxogN6v+zL+nRjY6QaU7HqVZJubK0nI8XC4yI9U7iQ8aVMCdEoKikFKrYoGcBZhu0u0lDIXMUSuTaDn7p5LT32tdIQ4txwnqRp0qJuX9Zc5gHJXOSGPm2XPFJV7jQdgdVCOwV8oDmKaBRRiz5kyRM+GpjWilroae5R8NTmcPu7zENEjVPvsroSBheoK3M3/++EHxRtM8poS2aZu8bY5cNb/b0WTZy+jIKfOcy329X9Fb7983D3dIFjsXhU2PCcsnmAf2gqLyezw7+7T1Dlmrk6XPTVk6JAZICil02T+9lM+5ZAifnbb4kH2RmE0vlTWBvgfpMXdRJLSNRrLJLZ2HL4w9Qw8C5L5fu607vnd9H1nKSdGgpD5Paol/jdIxr6FzAOvLoSkg5mr3boavJJ2ABFUjnbPoPxb6Asz8JgHv6TuW4W1590yQXovqgvwstqQpk7Jv5pB8oT+DbzQr0W7/V9QFnckY676CfGDF43JykvGd9p5faaoPeLKOZ+QJUBQ91mj8WPNufdAsm7NvuxkRUiTblXiULYpILrpqpNju6sumOTWYG6ObpnnUetgJMQXT31Vy2BbUuh7WYRNNGqs6TkopCuUZCCNf2oz5Tbku726uEQ/bzm8Zz4B4aNO9EnKM/EgLupP93uC/mi/V5jrF0XRCT8shSsdbBT2D7gOwsq74qId7816sOIISfK1cuVniCHg60iTDeBzoJg4wfkbGEAFwsvAqwzSQOhSSqiPC0wC66Ht5GeXmBBFZZAJJd4HvOYJourtsyFyTx+khcmWCs9i5Vj6oiWNfCDfH0ODbafon1ysLbyMv5ipogS4AuMpeoizo36nCe762VIC+FpzHun1yNY0y94XQUu4/noX99aAtZC2lUe1OS/IynH4ubufH3TsZd1ZUdfExU1OlFz/VaWaenZmGRsjDG5lU0haWAtJYau8qVdkSJDAObbGL6sorTgiNgPQNaisZbyXY/xua5V3SuYNnCrTvonkfmZX0DpEYKlKGCQSztTsNc1EPZDDqc+s9At9l8A3/dcg8yIw8tk8LziytkMtzwzdpMWT0zoDJmbhdZmrnECZZ/Rm3hy0=,iv:2FfYC5EzHxp4ZWVBzlLftapE9iBH2unE8UeXHRbOugY=,tag:VEBFzMQcEVISjH1xrTN+fw==,type:str] sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSZDZMZFRaRVB2RnZsL0Jn - Tjk0T0pIWm83aVdNeWduK1R0U2x6bWJZWnlzClFoQmRRcUxHY1ovUi9MZzluRjYv - aU9HUmIyOVh5RlB5RXY2RjRQdzdVRGcKLS0tIEsrV25PTk1sZ3NocHRxZDhZVVhq - dW9kVk9UbjJaS0pkNVN6ZkhDcXFqTDgKfQdGqWopgZ8zvGL7FS05YIEr+LoLy3DT - 4c+KmuONPuieQ7Txns/EiVlQNxKJkIo5TnkMMLeDYA0jJCx40hKYmQ== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-10-08T23:23:06Z" - mac: ENC[AES256_GCM,data:1QUkLQv5tdIM+pU6JGqSWzq7ujKrwpKN/vGXL51h27REs2mf/Xmo0rNFETxlTswoFqVrZxbzJqbACWaGMzhi9P90RAlgnK35YjHJu+Nis63mC/1bSeqBuo0h18IsQrFHqbN+ZNu30FvEUmvDJu9xgTvmHHcZkqwfeappo8Rrj4U=,iv:B6NTOFrh0aKmZbHw88zqj1WgsxIR9mQkWrLAASbMy54=,tag:JCJmvmNB0CsmTYQmObGCxw==,type:str] - pgp: [] - unencrypted_suffix: _unencrypted - version: 3.9.1 + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBsVThBNjhnTDU5Z3cxWXU0 + M1JTMWl0SWRqdk43Nlh3dzlnYXlHZ2ZsQkYwCkZqcWl6V0o2QkZjenZhVzF4b2VX + S3EzNk14MWllTWsyOTZ1VUNidjNYK2MKLS0tIGpSM3c2NXRBeE5JYm5mUnlUYXhL + eFgvUk5VczFSNUlUNk5JSVpicHd5T1EKOeH99svrNdbqlwtnACJgOvUnTIACHyoI + Qy1KG+x9Jv23v2OnFi/0lFkNX1gHOMtR7HGVhTze6iS3CA5pbT4YiQ== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-10-09T09:05:37Z" + mac: ENC[AES256_GCM,data:63XWibTSeb+8ftrxIhmXrzaf7Vy3y1XHhd6S/0tg0SAKhkqc0r3lodwdV+q0d08gmX6PLJrOgYaq6Nxte0veNtH8L+BiWsBPKYHzgPyu1E6KS3YGz30236MaO9VUH2ceAB5WBeslRX52ztvT2LxL2bmLIreTRFuy9yTYEPf/NA0=,iv:xBq3VHcO6V5j4xlnsLJHN291pIbkhT1X/YrDlukRmhY=,tag:YCjK/rtATbWkZOTlB96Hhg==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.9.1