Commit ad2b494

HPCesia <me@hpcesia.com>
2025-06-03 18:56:53
feat(app): add mihomo
1 parent 3b07e9e
Changed files (5)
modules/nixos/base/mihomo/config.yaml
@@ -0,0 +1,444 @@
+# From https://github.com/yyhhyyyyyy/selfproxy
+
+mixed-port: 7154
+allow-lan: true
+mode: rule
+log-level: warning
+ipv6: false
+find-process-mode: strict
+external-controller: 127.0.0.1:9090
+unified-delay: true
+tcp-concurrent: true
+global-client-fingerprint: chrome
+
+profile:
+  store-selected: true
+  store-fake-ip: true
+
+dns:
+  enable: true
+  prefer-h3: true
+  ipv6: false
+  enhanced-mode: fake-ip
+  fake-ip-range: 198.18.0.1/16
+  fake-ip-filter:
+    - +.+m2m
+    - +.$injections.adguard.org
+    - +.$local.adguard.org
+    - +.+bogon
+    - +.+lan
+    - +.+local
+    - +.+localdomain
+    - +.home.arpa
+    - dns.msftncsi.com
+    - "*.srv.nintendo.net"
+    - "*.stun.playstation.net"
+    - xbox.*.microsoft.com
+    - "*.xboxlive.com"
+    - "*.turn.twilio.com"
+    - "*.stun.twilio.com"
+    - stun.syncthing.net
+    - stun.*
+    - "*.sslip.io"
+    - "*.nip.io"
+  respect-rules: true
+  nameserver:
+    - system
+    - https://223.5.5.5/dns-query
+    - https://doh.pub/dns-query
+  proxy-server-nameserver:
+    - https://223.5.5.5/dns-query
+    - https://doh.pub/dns-query
+
+sniffer:
+  enable: true
+  sniff:
+    HTTP:
+      ports: [80, 8080-8880]
+      override-destination: true
+    TLS:
+      ports: [443, 8443]
+    QUIC:
+      ports: [443, 8443]
+  skip-domain:
+    - "Mijia Cloud"
+    - "+.push.apple.com"
+
+tun:
+  enable: true
+  stack: system
+  device: ElysianRealm
+  auto-route: true
+  auto-detect-interface: true
+  dns-hijack:
+    - any:53
+    - tcp://any:53
+  strict-route: true
+  mtu: 1500
+
+# # 订阅配置
+# # 这部分在 `default.nix` 中配置
+# NodeParam:
+#   &NodeParam {
+#     type: http,
+#     interval: 86400,
+#     health-check:
+#       { enable: true, url: "http://cp.cloudflare.com", interval: 300 },
+#   }
+# proxy-providers:
+#   Node-1:
+#     url: "<占位符>"
+#     <<: *NodeParam
+#     path: "./proxy_provider/providers-1.yaml"
+#     override:
+#       additional-prefix: "[A] "
+#   Node-2:
+#     url: "<占位符>"
+#     <<: *NodeParam
+#     path: "./proxy_provider/providers-2.yaml"
+#     override:
+#       additional-prefix: "[B] "
+
+# 节点筛选
+# 按地区筛选
+FilterHK: &FilterHK '^(?=.*((?i)🇭🇰|香港|\b(HK|Hong)(\d+)?\b))(?!.*((?i)回国|校园|网站|地址|剩余|过期|时间|有效|网址|禁止|邮箱|发布|客服|订阅|节点)).*$'
+FilterTW: &FilterTW '^(?=.*((?i)🇹🇼|台湾|\b(TW|Tai|Taiwan)(\d+)?\b))(?!.*((?i)回国|校园|网站|地址|剩余|过期|时间|有效|网址|禁止|邮箱|发布|客服|订阅|节点)).*$'
+FilterJP: &FilterJP '^(?=.*((?i)🇯🇵|日本|川日|东京|大阪|泉日|埼玉|\b(JP|Japan)(\d+)?\b))(?!.*((?i)回国|校园|网站|地址|剩余|过期|时间|有效|网址|禁止|邮箱|发布|客服|订阅|节点)).*$'
+FilterKR: &FilterKR '^(?=.*((?i)🇰🇷|韩国|韓|首尔|\b(KR|Korea)(\d+)?\b))(?!.*((?i)回国|校园|网站|地址|剩余|过期|时间|有效|网址|禁止|邮箱|发布|客服|订阅|节点)).*$'
+FilterSG: &FilterSG '^(?=.*((?i)🇸🇬|新加坡|狮|\b(SG|Singapore)(\d+)?\b))(?!.*((?i)回国|校园|网站|地址|剩余|过期|时间|有效|网址|禁止|邮箱|发布|客服|订阅|节点)).*$'
+FilterUS: &FilterUS '^(?=.*((?i)🇺🇸|美国|波特兰|达拉斯|俄勒冈|凤凰城|费利蒙|硅谷|拉斯维加斯|洛杉矶|圣何塞|圣克拉拉|西雅图|芝加哥|\b(US|United States)(\d+)?\b))(?!.*((?i)回国|校园|网站|地址|剩余|过期|时间|有效|网址|禁止|邮箱|发布|客服|订阅|节点)).*$'
+FilterUK: &FilterUK '^(?=.*((?i)🇬🇧|英国|伦敦|\b(UK|United Kingdom)(\d+)?\b))(?!.*((?i)回国|校园|网站|地址|剩余|过期|时间|有效|网址|禁止|邮箱|发布|客服|订阅|节点)).*$'
+FilterFR: &FilterFR '^(?=.*((?i)🇫🇷|法国|\b(FR|France)(\d+)?\b))(?!.*((?i)回国|校园|网站|地址|剩余|过期|时间|有效|网址|禁止|邮箱|发布|客服|订阅|节点)).*$'
+FilterDE: &FilterDE '^(?=.*((?i)🇩🇪|德国|\b(DE|Germany)(\d+)?\b))(?!.*((?i)回国|校园|网站|地址|剩余|过期|时间|有效|网址|禁止|邮箱|发布|客服|订阅|节点)).*$'
+FilterOthers: &FilterOthers "^(?!.*(🇭🇰|HK|Hong|香港|🇹🇼|TW|Taiwan|Wan|🇯🇵|JP|Japan|日本|🇸🇬|SG|Singapore|狮城|🇺🇸|US|United States|America|美国|🇩🇪|DE|Germany|德国|🇬🇧|UK|United Kingdom|英国|🇰🇷|KR|Korea|韩国|韓|🇫🇷|FR|France|法国)).*$"
+FilterAll: &FilterAll '^(?=.*(.))(?!.*((?i)群|邀请|返利|循环|官网|客服|网站|网址|获取|订阅|流量|到期|机场|下次|版本|官址|备用|过期|已用|联系|邮箱|工单|贩卖|通知|倒卖|防止|国内|地址|频道|无法|说明|使用|提示|特别|访问|支持|教程|关注|更新|作者|加入|(\b(USE|USED|TOTAL|EXPIRE|EMAIL|Panel|Channel|Author)\b|(\d{4}-\d{2}-\d{2}|\d+G)))).*$'
+
+Select:
+  &Select {
+    type: select,
+    url: "http://connectivitycheck.platform.hicloud.com/generate_204",
+    disable-udp: false,
+    hidden: false,
+    include-all: true,
+  }
+Auto:
+  &Auto {
+    type: url-test,
+    url: "http://connectivitycheck.platform.hicloud.com/generate_204",
+    interval: 300,
+    tolerance: 50,
+    disable-udp: false,
+    hidden: true,
+    include-all: true,
+  }
+
+# 策略组
+proxy-groups:
+  # 主选择组
+  - {
+      name: 🎯 节点选择,
+      type: select,
+      proxies: [自动选择, 手动选择, DIRECT],
+      url: http://connectivitycheck.platform.hicloud.com/generate_204,
+      icon: https://raw.githubusercontent.com/Orz-3/mini/master/Color/Static.png,
+    }
+
+  # 手动/自动
+  - {
+      name: 手动选择,
+      type: select,
+      proxies:
+        [
+          🇭🇰 - 手动选择,
+          🇯🇵 - 手动选择,
+          🇰🇷 - 手动选择,
+          🇸🇬 - 手动选择,
+          🇺🇸 - 手动选择,
+          🇬🇧 - 手动选择,
+          🇫🇷 - 手动选择,
+          🇩🇪 - 手动选择,
+          🇹🇼 - 手动选择,
+          Others - 手动选择,
+        ],
+      url: http://connectivitycheck.platform.hicloud.com/generate_204,
+      icon: https://raw.githubusercontent.com/Orz-3/mini/master/Color/Cylink.png,
+    }
+  - {
+      name: 自动选择,
+      type: select,
+      proxies:
+        [
+          🇭🇰 - 自动选择,
+          🇯🇵 - 自动选择,
+          🇰🇷 - 自动选择,
+          🇸🇬 - 自动选择,
+          🇺🇸 - 自动选择,
+          🇬🇧 - 自动选择,
+          🇫🇷 - 自动选择,
+          🇩🇪 - 自动选择,
+          🇹🇼 - 自动选择,
+        ],
+      url: http://connectivitycheck.platform.hicloud.com/generate_204,
+      icon: https://raw.githubusercontent.com/Orz-3/mini/master/Color/Urltest.png,
+    }
+
+  # 应用分组
+  - {
+      name: ✈️ 电报信息,
+      type: select,
+      proxies:
+        [
+          🎯 节点选择,
+          🇭🇰 - 自动选择,
+          🇯🇵 - 自动选择,
+          🇸🇬 - 自动选择,
+          🇺🇸 - 自动选择,
+        ],
+      icon: https://raw.githubusercontent.com/Orz-3/mini/master/Color/Telegram.png,
+    }
+  - {
+      name: 🤖 AIGC,
+      type: select,
+      proxies:
+        [
+          🇺🇸 - 自动选择,
+          🎯 节点选择,
+          🇭🇰 - 自动选择,
+          🇯🇵 - 自动选择,
+          🇸🇬 - 自动选择,
+        ],
+      icon: https://raw.githubusercontent.com/Orz-3/mini/master/Color/OpenAI.png,
+    }
+  - {
+      name: 🍎 苹果服务,
+      type: select,
+      proxies: [DIRECT, 🎯 节点选择, 🇭🇰 - 自动选择, 🇺🇸 - 自动选择],
+      icon: https://raw.githubusercontent.com/Orz-3/mini/master/Color/Apple.png,
+    }
+  - {
+      name: Ⓜ️ 微软服务,
+      type: select,
+      proxies: [DIRECT, 🎯 节点选择, 🇭🇰 - 自动选择, 🇺🇸 - 自动选择],
+      icon: https://raw.githubusercontent.com/Orz-3/mini/master/Color/Microsoft.png,
+    }
+
+  # 自动选择 - 按地区
+  - { name: 🇭🇰 - 自动选择, <<: *Auto, filter: *FilterHK }
+  - { name: 🇯🇵 - 自动选择, <<: *Auto, filter: *FilterJP }
+  - { name: 🇰🇷 - 自动选择, <<: *Auto, filter: *FilterKR }
+  - { name: 🇸🇬 - 自动选择, <<: *Auto, filter: *FilterSG }
+  - { name: 🇺🇸 - 自动选择, <<: *Auto, filter: *FilterUS }
+  - { name: 🇬🇧 - 自动选择, <<: *Auto, filter: *FilterUK }
+  - { name: 🇫🇷 - 自动选择, <<: *Auto, filter: *FilterFR }
+  - { name: 🇩🇪 - 自动选择, <<: *Auto, filter: *FilterDE }
+  - { name: 🇹🇼 - 自动选择, <<: *Auto, filter: *FilterTW }
+
+  # 手动选择 - 按地区
+  - { name: 🇭🇰 - 手动选择, <<: *Select, filter: *FilterHK }
+  - { name: 🇯🇵 - 手动选择, <<: *Select, filter: *FilterJP }
+  - { name: 🇰🇷 - 手动选择, <<: *Select, filter: *FilterKR }
+  - { name: 🇸🇬 - 手动选择, <<: *Select, filter: *FilterSG }
+  - { name: 🇺🇸 - 手动选择, <<: *Select, filter: *FilterUS }
+  - { name: 🇬🇧 - 手动选择, <<: *Select, filter: *FilterUK }
+  - { name: 🇫🇷 - 手动选择, <<: *Select, filter: *FilterFR }
+  - { name: 🇩🇪 - 手动选择, <<: *Select, filter: *FilterDE }
+  - { name: 🇹🇼 - 手动选择, <<: *Select, filter: *FilterTW }
+  - { name: Others - 手动选择, <<: *Select, filter: *FilterOthers }
+
+  # 全部节点
+  - { name: AllIn - 手动选择, <<: *Select, filter: *FilterAll }
+  - { name: AllIn - 自动选择, <<: *Auto, filter: *FilterAll }
+
+### 规则配置
+RuleSet_classical:
+  &RuleSet_classical {
+    type: http,
+    behavior: classical,
+    interval: 43200,
+    format: text,
+    proxy: 🎯 节点选择,
+  }
+RuleSet_domain:
+  &RuleSet_domain {
+    type: http,
+    behavior: domain,
+    interval: 43200,
+    format: text,
+    proxy: 🎯 节点选择,
+  }
+RuleSet_ipcidr:
+  &RuleSet_ipcidr {
+    type: http,
+    behavior: ipcidr,
+    interval: 43200,
+    format: text,
+    proxy: 🎯 节点选择,
+  }
+
+# 订阅规则
+rule-providers:
+  reject_non_ip_no_drop:
+    <<: *RuleSet_classical
+    url: "https://ruleset.skk.moe/Clash/non_ip/reject-no-drop.txt"
+    path: "./rule_set/sukkaw_ruleset/reject_non_ip_no_drop.txt"
+
+  reject_non_ip_drop:
+    <<: *RuleSet_classical
+    url: https://ruleset.skk.moe/Clash/non_ip/reject-drop.txt
+    path: ./rule_set/sukkaw_ruleset/reject_non_ip_drop.txt
+
+  reject_non_ip:
+    <<: *RuleSet_classical
+    url: https://ruleset.skk.moe/Clash/non_ip/reject.txt
+    path: ./rule_set/sukkaw_ruleset/reject_non_ip.txt
+
+  reject_domainset:
+    <<: *RuleSet_domain
+    url: https://ruleset.skk.moe/Clash/domainset/reject.txt
+    path: ./rule_set/sukkaw_ruleset/reject_domainset.txt
+
+  reject_ip:
+    <<: *RuleSet_classical
+    url: https://ruleset.skk.moe/Clash/ip/reject.txt
+    path: ./rule_set/sukkaw_ruleset/reject_ip.txt
+
+  cdn_domainset:
+    <<: *RuleSet_domain
+    url: https://ruleset.skk.moe/Clash/domainset/cdn.txt
+    path: ./rule_set/sukkaw_ruleset/cdn_domainset.txt
+
+  cdn_non_ip:
+    <<: *RuleSet_domain
+    url: https://ruleset.skk.moe/Clash/non_ip/cdn.txt
+    path: ./rule_set/sukkaw_ruleset/cdn_non_ip.txt
+
+  # 所有流媒体(包括上述所有流媒体)
+  stream_non_ip:
+    <<: *RuleSet_classical
+    url: https://ruleset.skk.moe/Clash/non_ip/stream.txt
+    path: ./rule_set/sukkaw_ruleset/stream_non_ip.txt
+
+  stream_ip:
+    <<: *RuleSet_classical
+    url: https://ruleset.skk.moe/Clash/ip/stream.txt
+    path: ./rule_set/sukkaw_ruleset/stream_ip.txt
+
+  ai_non_ip:
+    <<: *RuleSet_classical
+    url: https://ruleset.skk.moe/Clash/non_ip/ai.txt
+    path: ./rule_set/sukkaw_ruleset/ai_non_ip.txt
+
+  telegram_non_ip:
+    <<: *RuleSet_classical
+    url: https://ruleset.skk.moe/Clash/non_ip/telegram.txt
+    path: ./rule_set/sukkaw_ruleset/telegram_non_ip.txt
+
+  telegram_ip:
+    <<: *RuleSet_classical
+    url: https://ruleset.skk.moe/Clash/ip/telegram.txt
+    path: ./rule_set/sukkaw_ruleset/telegram_ip.txt
+
+  apple_cdn:
+    <<: *RuleSet_domain
+    url: https://ruleset.skk.moe/Clash/domainset/apple_cdn.txt
+    path: ./rule_set/sukkaw_ruleset/apple_cdn.txt
+
+  apple_services:
+    <<: *RuleSet_classical
+    url: https://ruleset.skk.moe/Clash/non_ip/apple_services.txt
+    path: ./rule_set/sukkaw_ruleset/apple_services.txt
+
+  apple_cn_non_ip:
+    <<: *RuleSet_classical
+    url: https://ruleset.skk.moe/Clash/non_ip/apple_cn.txt
+    path: ./rule_set/sukkaw_ruleset/apple_cn_non_ip.txt
+
+  microsoft_cdn_non_ip:
+    <<: *RuleSet_classical
+    url: https://ruleset.skk.moe/Clash/non_ip/microsoft_cdn.txt
+    path: ./rule_set/sukkaw_ruleset/microsoft_cdn_non_ip.txt
+
+  microsoft_non_ip:
+    <<: *RuleSet_classical
+    url: https://ruleset.skk.moe/Clash/non_ip/microsoft.txt
+    path: ./rule_set/sukkaw_ruleset/microsoft_non_ip.txt
+
+  # 软件更新、操作系统等大文件下载
+  download_domainset:
+    <<: *RuleSet_domain
+    url: https://ruleset.skk.moe/Clash/domainset/download.txt
+    path: ./rule_set/sukkaw_ruleset/download_domainset.txt
+
+  download_non_ip:
+    <<: *RuleSet_domain
+    url: https://ruleset.skk.moe/Clash/non_ip/download.txt
+    path: ./rule_set/sukkaw_ruleset/download_non_ip.txt
+
+  # 内网域名和局域网 IP
+  lan_non_ip:
+    <<: *RuleSet_classical
+    url: https://ruleset.skk.moe/Clash/non_ip/lan.txt
+    path: ./rule_set/sukkaw_ruleset/lan_non_ip.txt
+
+  lan_ip:
+    <<: *RuleSet_classical
+    url: https://ruleset.skk.moe/Clash/ip/lan.txt
+    path: ./rule_set/sukkaw_ruleset/lan_ip.txt
+
+  domestic_non_ip:
+    <<: *RuleSet_classical
+    url: https://ruleset.skk.moe/Clash/non_ip/domestic.txt
+    path: ./rule_set/sukkaw_ruleset/domestic_non_ip.txt
+
+  direct_non_ip:
+    <<: *RuleSet_classical
+    url: https://ruleset.skk.moe/Clash/non_ip/direct.txt
+    path: ./rule_set/sukkaw_ruleset/direct_non_ip.txt
+
+  global_non_ip:
+    <<: *RuleSet_classical
+    url: https://ruleset.skk.moe/Clash/non_ip/global.txt
+    path: ./rule_set/sukkaw_ruleset/global_non_ip.txt
+
+  domestic_ip:
+    <<: *RuleSet_classical
+    url: https://ruleset.skk.moe/Clash/ip/domestic.txt
+    path: ./rule_set/sukkaw_ruleset/domestic_ip.txt
+
+  china_ip:
+    <<: *RuleSet_ipcidr
+    url: https://ruleset.skk.moe/Clash/ip/china_ip.txt
+    path: ./rule_set/sukkaw_ruleset/china_ip.txt
+
+# 分流规则
+rules:
+  ### 非 IP 类规则
+  - RULE-SET,reject_non_ip,REJECT
+  - RULE-SET,reject_domainset,REJECT
+  - RULE-SET,reject_non_ip_drop,REJECT-DROP
+  - RULE-SET,reject_non_ip_no_drop,REJECT
+  - RULE-SET,cdn_domainset,🎯 节点选择
+  - RULE-SET,cdn_non_ip,🎯 节点选择
+  - RULE-SET,stream_non_ip,🇺🇸 - 自动选择
+  - RULE-SET,telegram_non_ip,✈️ 电报信息
+  - RULE-SET,apple_cdn,DIRECT
+  - RULE-SET,download_domainset,🎯 节点选择
+  - RULE-SET,download_non_ip,🎯 节点选择
+  - RULE-SET,microsoft_cdn_non_ip,DIRECT
+  - RULE-SET,apple_cn_non_ip,DIRECT
+  - RULE-SET,apple_services,🍎 苹果服务
+  - RULE-SET,microsoft_non_ip,Ⓜ️ 微软服务
+  - RULE-SET,ai_non_ip,🤖 AIGC
+  - RULE-SET,global_non_ip,🎯 节点选择
+  - RULE-SET,domestic_non_ip,DIRECT
+  - RULE-SET,direct_non_ip,DIRECT
+  - RULE-SET,lan_non_ip,DIRECT
+
+  ### IP 类规则
+  - RULE-SET,reject_ip,REJECT
+  - RULE-SET,telegram_ip,✈️ 电报信息
+  - RULE-SET,stream_ip,🇺🇸 - 自动选择
+  - RULE-SET,lan_ip,DIRECT
+  - RULE-SET,domestic_ip,DIRECT
+  - RULE-SET,china_ip,DIRECT
+  - MATCH,🎯 节点选择
modules/nixos/base/mihomo/default.nix
@@ -0,0 +1,38 @@
+{
+  config,
+  pkgs,
+  ...
+}: {
+  services.mihomo = {
+    enable = true;
+    tunMode = true;
+    webui = pkgs.metacubexd;
+    configFile = config.sops.templates."mihomo-config.yaml".path;
+  };
+
+  sops.templates."mihomo-config.yaml".content =
+    ''
+      NodeParam:
+        &NodeParam {
+          type: http,
+          interval: 86400,
+          health-check:
+            { enable: true, url: "http://cp.cloudflare.com", interval: 300 },
+        }
+      proxy-providers:
+        Node-YiYuan:
+          url: "${config.sops.placeholder."mihomo/providers/yi_yuan"}"
+          <<: *NodeParam
+          path: "./proxy_provider/providers-yi_yuan.yaml"
+          override:
+            additional-prefix: "[YY]"
+        Node-MoJie:
+          url: "${config.sops.placeholder."mihomo/providers/mo_jie"}"
+          <<: *NodeParam
+          path: "./proxy_provider/providers-mo_jie.yaml"
+          override:
+            additional-prefix: "[MJ]"
+    ''
+    + "\n"
+    + builtins.readFile ./config.yaml;
+}
modules/nixos/base/networking.nix
@@ -13,6 +13,12 @@
     };
   };
 
+  networking.firewall = {
+    trustedInterfaces = [
+      "ElysianRealm"
+    ];
+  };
+
   # Use an NTP server located in the mainland of China to synchronize the system time
   networking.timeServers = [
     "ntp.aliyun.com" # Aliyun NTP Server
secrets/base/default.nix
@@ -1,4 +1,16 @@
-{sops, ...}: {
-  sops.secrets = {
-  };
+let
+  mapSecrets = keys:
+    builtins.listToAttrs (builtins.map (k: {
+        name = k;
+        value = {
+          format = "yaml";
+          sopsFile = ./secrets.yaml;
+        };
+      })
+      keys);
+in {
+  sops.secrets = mapSecrets [
+    "mihomo/providers/yi_yuan"
+    "mihomo/providers/mo_jie"
+  ];
 }
secrets/base/secrets.yaml
@@ -0,0 +1,31 @@
+mihomo:
+    providers:
+        yi_yuan: ENC[AES256_GCM,data:7K18ggNPbJvU5De/VyLUXkM8gVysDpElw3+Cyt9HXa9yYg5hCcjgndg9f7yg49yjkiS4oAbhsxibte48jW3U+c7hYvV2emaCnbbAiojGY9E06XsH8U3yYxUJu74emvE=,iv:bZtmdTaDR4jR9phF+f8rW/bSEWHHJrykb09oFDlTOiM=,tag:IpOhT9bSibdiwrCDu678aw==,type:str]
+        mo_jie: ENC[AES256_GCM,data:4LlsSgySGC8OijK6NsWZv9MoBN7qlrpypM5K3aXa8peMWrCBsefAi37QhDBAaXPPVkYYgmYDV5lTsp+XOCOvDoNj463vgVIvR4fFpImI6g==,iv:j0470ctmLb2zQfpROewDbreKmqSYa1eBKPFe0POz8mE=,tag:qWn0iwihXPii7cnJWG6f2w==,type:str]
+sops:
+    age:
+        - recipient: age1sur93fevme8az4v6txee9uw7gk8xcpz2u0mfzvayavrcx9zkefxsmcpnln
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4MUJodUUvWkxNeDQyemR0
+            NmhWV20vNFRkK0JUN3JFZUpyZHl1WVdBaFFnCjJ3Zmdra2RlODkrZkc3Kzk5Q2Zy
+            N2plT2dRQkUzOG53RDUrZHY1ZjFsS1EKLS0tIGdRREVxaGc5S1ZTV1R0NmNvenpJ
+            Yi9ZV013dWo1NjlEbkREMlYxL3FZS0EKMStYByW8u5mTQ+ZthgWqTTOsjatJVuFo
+            5bOZw/lgD5L6XcSb+xWbM21dlV/Vn7ulMsTHM7FE2Z36OGQc0cwQUA==
+            -----END AGE ENCRYPTED FILE-----
+    lastmodified: "2025-06-03T17:08:12Z"
+    mac: ENC[AES256_GCM,data:EEUgAyh/l9hLqnp0BRXZszDixQ377O86F/xUmziJC+VLRNAfUMRuay9oa62uJ4dSk+lUI5dGReajeuKlESqtoPMJY+AFx8xz9m9Lv225pRjsJfg4PJr5veMRsaWYaHGV+5wCHvFCqhEb8H1h10ZVdtnHitoia0Z9PY5HqefuAnc=,iv:+jT/QlTnw3lW+r2P27q9Rkq0JKhjaCa3R0h6Sca7gww=,tag:yCdjI4k3IIQdAAEnZUaI2A==,type:str]
+    pgp:
+        - created_at: "2025-06-03T17:06:45Z"
+          enc: |-
+            -----BEGIN PGP MESSAGE-----
+
+            hF4Dh4vQ8CmRuq4SAQdAMt829MplCrLDjQjnpmQfj1f1l98VHir3KmuwyHHqYUgw
+            F+I8O8PReUS+LKLFy+H1HbrsAuBUfnC8y8q9a6eX092cjX3hcNRAlPMUa89yG1Ud
+            0l4B43c42oJb/mxgorqnjMieIAE3pzXd2vX/qFZzKMZHFT30rpwWGXQibW4nRG2Q
+            fmboUVQPEcwx/9FdO9kQP8lldCQA5ny6HalKL0e3LWTXSi39XpTtb8ZMO6G3xvG/
+            =kTIM
+            -----END PGP MESSAGE-----
+          fp: 56AC2ED35E51AFE66EAAA569878BD0F02991BAAE
+    unencrypted_suffix: _unencrypted
+    version: 3.10.2