Commit ad2b494
Changed files (5)
modules
nixos
base
mihomo
secrets
base
modules/nixos/base/mihomo/config.yaml
@@ -0,0 +1,444 @@
+# From https://github.com/yyhhyyyyyy/selfproxy
+
+mixed-port: 7154
+allow-lan: true
+mode: rule
+log-level: warning
+ipv6: false
+find-process-mode: strict
+external-controller: 127.0.0.1:9090
+unified-delay: true
+tcp-concurrent: true
+global-client-fingerprint: chrome
+
+profile:
+ store-selected: true
+ store-fake-ip: true
+
+dns:
+ enable: true
+ prefer-h3: true
+ ipv6: false
+ enhanced-mode: fake-ip
+ fake-ip-range: 198.18.0.1/16
+ fake-ip-filter:
+ - +.+m2m
+ - +.$injections.adguard.org
+ - +.$local.adguard.org
+ - +.+bogon
+ - +.+lan
+ - +.+local
+ - +.+localdomain
+ - +.home.arpa
+ - dns.msftncsi.com
+ - "*.srv.nintendo.net"
+ - "*.stun.playstation.net"
+ - xbox.*.microsoft.com
+ - "*.xboxlive.com"
+ - "*.turn.twilio.com"
+ - "*.stun.twilio.com"
+ - stun.syncthing.net
+ - stun.*
+ - "*.sslip.io"
+ - "*.nip.io"
+ respect-rules: true
+ nameserver:
+ - system
+ - https://223.5.5.5/dns-query
+ - https://doh.pub/dns-query
+ proxy-server-nameserver:
+ - https://223.5.5.5/dns-query
+ - https://doh.pub/dns-query
+
+sniffer:
+ enable: true
+ sniff:
+ HTTP:
+ ports: [80, 8080-8880]
+ override-destination: true
+ TLS:
+ ports: [443, 8443]
+ QUIC:
+ ports: [443, 8443]
+ skip-domain:
+ - "Mijia Cloud"
+ - "+.push.apple.com"
+
+tun:
+ enable: true
+ stack: system
+ device: ElysianRealm
+ auto-route: true
+ auto-detect-interface: true
+ dns-hijack:
+ - any:53
+ - tcp://any:53
+ strict-route: true
+ mtu: 1500
+
+# # 订阅配置
+# # 这部分在 `default.nix` 中配置
+# NodeParam:
+# &NodeParam {
+# type: http,
+# interval: 86400,
+# health-check:
+# { enable: true, url: "http://cp.cloudflare.com", interval: 300 },
+# }
+# proxy-providers:
+# Node-1:
+# url: "<占位符>"
+# <<: *NodeParam
+# path: "./proxy_provider/providers-1.yaml"
+# override:
+# additional-prefix: "[A] "
+# Node-2:
+# url: "<占位符>"
+# <<: *NodeParam
+# path: "./proxy_provider/providers-2.yaml"
+# override:
+# additional-prefix: "[B] "
+
+# 节点筛选
+# 按地区筛选
+FilterHK: &FilterHK '^(?=.*((?i)🇭🇰|香港|\b(HK|Hong)(\d+)?\b))(?!.*((?i)回国|校园|网站|地址|剩余|过期|时间|有效|网址|禁止|邮箱|发布|客服|订阅|节点)).*$'
+FilterTW: &FilterTW '^(?=.*((?i)🇹🇼|台湾|\b(TW|Tai|Taiwan)(\d+)?\b))(?!.*((?i)回国|校园|网站|地址|剩余|过期|时间|有效|网址|禁止|邮箱|发布|客服|订阅|节点)).*$'
+FilterJP: &FilterJP '^(?=.*((?i)🇯🇵|日本|川日|东京|大阪|泉日|埼玉|\b(JP|Japan)(\d+)?\b))(?!.*((?i)回国|校园|网站|地址|剩余|过期|时间|有效|网址|禁止|邮箱|发布|客服|订阅|节点)).*$'
+FilterKR: &FilterKR '^(?=.*((?i)🇰🇷|韩国|韓|首尔|\b(KR|Korea)(\d+)?\b))(?!.*((?i)回国|校园|网站|地址|剩余|过期|时间|有效|网址|禁止|邮箱|发布|客服|订阅|节点)).*$'
+FilterSG: &FilterSG '^(?=.*((?i)🇸🇬|新加坡|狮|\b(SG|Singapore)(\d+)?\b))(?!.*((?i)回国|校园|网站|地址|剩余|过期|时间|有效|网址|禁止|邮箱|发布|客服|订阅|节点)).*$'
+FilterUS: &FilterUS '^(?=.*((?i)🇺🇸|美国|波特兰|达拉斯|俄勒冈|凤凰城|费利蒙|硅谷|拉斯维加斯|洛杉矶|圣何塞|圣克拉拉|西雅图|芝加哥|\b(US|United States)(\d+)?\b))(?!.*((?i)回国|校园|网站|地址|剩余|过期|时间|有效|网址|禁止|邮箱|发布|客服|订阅|节点)).*$'
+FilterUK: &FilterUK '^(?=.*((?i)🇬🇧|英国|伦敦|\b(UK|United Kingdom)(\d+)?\b))(?!.*((?i)回国|校园|网站|地址|剩余|过期|时间|有效|网址|禁止|邮箱|发布|客服|订阅|节点)).*$'
+FilterFR: &FilterFR '^(?=.*((?i)🇫🇷|法国|\b(FR|France)(\d+)?\b))(?!.*((?i)回国|校园|网站|地址|剩余|过期|时间|有效|网址|禁止|邮箱|发布|客服|订阅|节点)).*$'
+FilterDE: &FilterDE '^(?=.*((?i)🇩🇪|德国|\b(DE|Germany)(\d+)?\b))(?!.*((?i)回国|校园|网站|地址|剩余|过期|时间|有效|网址|禁止|邮箱|发布|客服|订阅|节点)).*$'
+FilterOthers: &FilterOthers "^(?!.*(🇭🇰|HK|Hong|香港|🇹🇼|TW|Taiwan|Wan|🇯🇵|JP|Japan|日本|🇸🇬|SG|Singapore|狮城|🇺🇸|US|United States|America|美国|🇩🇪|DE|Germany|德国|🇬🇧|UK|United Kingdom|英国|🇰🇷|KR|Korea|韩国|韓|🇫🇷|FR|France|法国)).*$"
+FilterAll: &FilterAll '^(?=.*(.))(?!.*((?i)群|邀请|返利|循环|官网|客服|网站|网址|获取|订阅|流量|到期|机场|下次|版本|官址|备用|过期|已用|联系|邮箱|工单|贩卖|通知|倒卖|防止|国内|地址|频道|无法|说明|使用|提示|特别|访问|支持|教程|关注|更新|作者|加入|(\b(USE|USED|TOTAL|EXPIRE|EMAIL|Panel|Channel|Author)\b|(\d{4}-\d{2}-\d{2}|\d+G)))).*$'
+
+Select:
+ &Select {
+ type: select,
+ url: "http://connectivitycheck.platform.hicloud.com/generate_204",
+ disable-udp: false,
+ hidden: false,
+ include-all: true,
+ }
+Auto:
+ &Auto {
+ type: url-test,
+ url: "http://connectivitycheck.platform.hicloud.com/generate_204",
+ interval: 300,
+ tolerance: 50,
+ disable-udp: false,
+ hidden: true,
+ include-all: true,
+ }
+
+# 策略组
+proxy-groups:
+ # 主选择组
+ - {
+ name: 🎯 节点选择,
+ type: select,
+ proxies: [自动选择, 手动选择, DIRECT],
+ url: http://connectivitycheck.platform.hicloud.com/generate_204,
+ icon: https://raw.githubusercontent.com/Orz-3/mini/master/Color/Static.png,
+ }
+
+ # 手动/自动
+ - {
+ name: 手动选择,
+ type: select,
+ proxies:
+ [
+ 🇭🇰 - 手动选择,
+ 🇯🇵 - 手动选择,
+ 🇰🇷 - 手动选择,
+ 🇸🇬 - 手动选择,
+ 🇺🇸 - 手动选择,
+ 🇬🇧 - 手动选择,
+ 🇫🇷 - 手动选择,
+ 🇩🇪 - 手动选择,
+ 🇹🇼 - 手动选择,
+ Others - 手动选择,
+ ],
+ url: http://connectivitycheck.platform.hicloud.com/generate_204,
+ icon: https://raw.githubusercontent.com/Orz-3/mini/master/Color/Cylink.png,
+ }
+ - {
+ name: 自动选择,
+ type: select,
+ proxies:
+ [
+ 🇭🇰 - 自动选择,
+ 🇯🇵 - 自动选择,
+ 🇰🇷 - 自动选择,
+ 🇸🇬 - 自动选择,
+ 🇺🇸 - 自动选择,
+ 🇬🇧 - 自动选择,
+ 🇫🇷 - 自动选择,
+ 🇩🇪 - 自动选择,
+ 🇹🇼 - 自动选择,
+ ],
+ url: http://connectivitycheck.platform.hicloud.com/generate_204,
+ icon: https://raw.githubusercontent.com/Orz-3/mini/master/Color/Urltest.png,
+ }
+
+ # 应用分组
+ - {
+ name: ✈️ 电报信息,
+ type: select,
+ proxies:
+ [
+ 🎯 节点选择,
+ 🇭🇰 - 自动选择,
+ 🇯🇵 - 自动选择,
+ 🇸🇬 - 自动选择,
+ 🇺🇸 - 自动选择,
+ ],
+ icon: https://raw.githubusercontent.com/Orz-3/mini/master/Color/Telegram.png,
+ }
+ - {
+ name: 🤖 AIGC,
+ type: select,
+ proxies:
+ [
+ 🇺🇸 - 自动选择,
+ 🎯 节点选择,
+ 🇭🇰 - 自动选择,
+ 🇯🇵 - 自动选择,
+ 🇸🇬 - 自动选择,
+ ],
+ icon: https://raw.githubusercontent.com/Orz-3/mini/master/Color/OpenAI.png,
+ }
+ - {
+ name: 🍎 苹果服务,
+ type: select,
+ proxies: [DIRECT, 🎯 节点选择, 🇭🇰 - 自动选择, 🇺🇸 - 自动选择],
+ icon: https://raw.githubusercontent.com/Orz-3/mini/master/Color/Apple.png,
+ }
+ - {
+ name: Ⓜ️ 微软服务,
+ type: select,
+ proxies: [DIRECT, 🎯 节点选择, 🇭🇰 - 自动选择, 🇺🇸 - 自动选择],
+ icon: https://raw.githubusercontent.com/Orz-3/mini/master/Color/Microsoft.png,
+ }
+
+ # 自动选择 - 按地区
+ - { name: 🇭🇰 - 自动选择, <<: *Auto, filter: *FilterHK }
+ - { name: 🇯🇵 - 自动选择, <<: *Auto, filter: *FilterJP }
+ - { name: 🇰🇷 - 自动选择, <<: *Auto, filter: *FilterKR }
+ - { name: 🇸🇬 - 自动选择, <<: *Auto, filter: *FilterSG }
+ - { name: 🇺🇸 - 自动选择, <<: *Auto, filter: *FilterUS }
+ - { name: 🇬🇧 - 自动选择, <<: *Auto, filter: *FilterUK }
+ - { name: 🇫🇷 - 自动选择, <<: *Auto, filter: *FilterFR }
+ - { name: 🇩🇪 - 自动选择, <<: *Auto, filter: *FilterDE }
+ - { name: 🇹🇼 - 自动选择, <<: *Auto, filter: *FilterTW }
+
+ # 手动选择 - 按地区
+ - { name: 🇭🇰 - 手动选择, <<: *Select, filter: *FilterHK }
+ - { name: 🇯🇵 - 手动选择, <<: *Select, filter: *FilterJP }
+ - { name: 🇰🇷 - 手动选择, <<: *Select, filter: *FilterKR }
+ - { name: 🇸🇬 - 手动选择, <<: *Select, filter: *FilterSG }
+ - { name: 🇺🇸 - 手动选择, <<: *Select, filter: *FilterUS }
+ - { name: 🇬🇧 - 手动选择, <<: *Select, filter: *FilterUK }
+ - { name: 🇫🇷 - 手动选择, <<: *Select, filter: *FilterFR }
+ - { name: 🇩🇪 - 手动选择, <<: *Select, filter: *FilterDE }
+ - { name: 🇹🇼 - 手动选择, <<: *Select, filter: *FilterTW }
+ - { name: Others - 手动选择, <<: *Select, filter: *FilterOthers }
+
+ # 全部节点
+ - { name: AllIn - 手动选择, <<: *Select, filter: *FilterAll }
+ - { name: AllIn - 自动选择, <<: *Auto, filter: *FilterAll }
+
+### 规则配置
+RuleSet_classical:
+ &RuleSet_classical {
+ type: http,
+ behavior: classical,
+ interval: 43200,
+ format: text,
+ proxy: 🎯 节点选择,
+ }
+RuleSet_domain:
+ &RuleSet_domain {
+ type: http,
+ behavior: domain,
+ interval: 43200,
+ format: text,
+ proxy: 🎯 节点选择,
+ }
+RuleSet_ipcidr:
+ &RuleSet_ipcidr {
+ type: http,
+ behavior: ipcidr,
+ interval: 43200,
+ format: text,
+ proxy: 🎯 节点选择,
+ }
+
+# 订阅规则
+rule-providers:
+ reject_non_ip_no_drop:
+ <<: *RuleSet_classical
+ url: "https://ruleset.skk.moe/Clash/non_ip/reject-no-drop.txt"
+ path: "./rule_set/sukkaw_ruleset/reject_non_ip_no_drop.txt"
+
+ reject_non_ip_drop:
+ <<: *RuleSet_classical
+ url: https://ruleset.skk.moe/Clash/non_ip/reject-drop.txt
+ path: ./rule_set/sukkaw_ruleset/reject_non_ip_drop.txt
+
+ reject_non_ip:
+ <<: *RuleSet_classical
+ url: https://ruleset.skk.moe/Clash/non_ip/reject.txt
+ path: ./rule_set/sukkaw_ruleset/reject_non_ip.txt
+
+ reject_domainset:
+ <<: *RuleSet_domain
+ url: https://ruleset.skk.moe/Clash/domainset/reject.txt
+ path: ./rule_set/sukkaw_ruleset/reject_domainset.txt
+
+ reject_ip:
+ <<: *RuleSet_classical
+ url: https://ruleset.skk.moe/Clash/ip/reject.txt
+ path: ./rule_set/sukkaw_ruleset/reject_ip.txt
+
+ cdn_domainset:
+ <<: *RuleSet_domain
+ url: https://ruleset.skk.moe/Clash/domainset/cdn.txt
+ path: ./rule_set/sukkaw_ruleset/cdn_domainset.txt
+
+ cdn_non_ip:
+ <<: *RuleSet_domain
+ url: https://ruleset.skk.moe/Clash/non_ip/cdn.txt
+ path: ./rule_set/sukkaw_ruleset/cdn_non_ip.txt
+
+ # 所有流媒体(包括上述所有流媒体)
+ stream_non_ip:
+ <<: *RuleSet_classical
+ url: https://ruleset.skk.moe/Clash/non_ip/stream.txt
+ path: ./rule_set/sukkaw_ruleset/stream_non_ip.txt
+
+ stream_ip:
+ <<: *RuleSet_classical
+ url: https://ruleset.skk.moe/Clash/ip/stream.txt
+ path: ./rule_set/sukkaw_ruleset/stream_ip.txt
+
+ ai_non_ip:
+ <<: *RuleSet_classical
+ url: https://ruleset.skk.moe/Clash/non_ip/ai.txt
+ path: ./rule_set/sukkaw_ruleset/ai_non_ip.txt
+
+ telegram_non_ip:
+ <<: *RuleSet_classical
+ url: https://ruleset.skk.moe/Clash/non_ip/telegram.txt
+ path: ./rule_set/sukkaw_ruleset/telegram_non_ip.txt
+
+ telegram_ip:
+ <<: *RuleSet_classical
+ url: https://ruleset.skk.moe/Clash/ip/telegram.txt
+ path: ./rule_set/sukkaw_ruleset/telegram_ip.txt
+
+ apple_cdn:
+ <<: *RuleSet_domain
+ url: https://ruleset.skk.moe/Clash/domainset/apple_cdn.txt
+ path: ./rule_set/sukkaw_ruleset/apple_cdn.txt
+
+ apple_services:
+ <<: *RuleSet_classical
+ url: https://ruleset.skk.moe/Clash/non_ip/apple_services.txt
+ path: ./rule_set/sukkaw_ruleset/apple_services.txt
+
+ apple_cn_non_ip:
+ <<: *RuleSet_classical
+ url: https://ruleset.skk.moe/Clash/non_ip/apple_cn.txt
+ path: ./rule_set/sukkaw_ruleset/apple_cn_non_ip.txt
+
+ microsoft_cdn_non_ip:
+ <<: *RuleSet_classical
+ url: https://ruleset.skk.moe/Clash/non_ip/microsoft_cdn.txt
+ path: ./rule_set/sukkaw_ruleset/microsoft_cdn_non_ip.txt
+
+ microsoft_non_ip:
+ <<: *RuleSet_classical
+ url: https://ruleset.skk.moe/Clash/non_ip/microsoft.txt
+ path: ./rule_set/sukkaw_ruleset/microsoft_non_ip.txt
+
+ # 软件更新、操作系统等大文件下载
+ download_domainset:
+ <<: *RuleSet_domain
+ url: https://ruleset.skk.moe/Clash/domainset/download.txt
+ path: ./rule_set/sukkaw_ruleset/download_domainset.txt
+
+ download_non_ip:
+ <<: *RuleSet_domain
+ url: https://ruleset.skk.moe/Clash/non_ip/download.txt
+ path: ./rule_set/sukkaw_ruleset/download_non_ip.txt
+
+ # 内网域名和局域网 IP
+ lan_non_ip:
+ <<: *RuleSet_classical
+ url: https://ruleset.skk.moe/Clash/non_ip/lan.txt
+ path: ./rule_set/sukkaw_ruleset/lan_non_ip.txt
+
+ lan_ip:
+ <<: *RuleSet_classical
+ url: https://ruleset.skk.moe/Clash/ip/lan.txt
+ path: ./rule_set/sukkaw_ruleset/lan_ip.txt
+
+ domestic_non_ip:
+ <<: *RuleSet_classical
+ url: https://ruleset.skk.moe/Clash/non_ip/domestic.txt
+ path: ./rule_set/sukkaw_ruleset/domestic_non_ip.txt
+
+ direct_non_ip:
+ <<: *RuleSet_classical
+ url: https://ruleset.skk.moe/Clash/non_ip/direct.txt
+ path: ./rule_set/sukkaw_ruleset/direct_non_ip.txt
+
+ global_non_ip:
+ <<: *RuleSet_classical
+ url: https://ruleset.skk.moe/Clash/non_ip/global.txt
+ path: ./rule_set/sukkaw_ruleset/global_non_ip.txt
+
+ domestic_ip:
+ <<: *RuleSet_classical
+ url: https://ruleset.skk.moe/Clash/ip/domestic.txt
+ path: ./rule_set/sukkaw_ruleset/domestic_ip.txt
+
+ china_ip:
+ <<: *RuleSet_ipcidr
+ url: https://ruleset.skk.moe/Clash/ip/china_ip.txt
+ path: ./rule_set/sukkaw_ruleset/china_ip.txt
+
+# 分流规则
+rules:
+ ### 非 IP 类规则
+ - RULE-SET,reject_non_ip,REJECT
+ - RULE-SET,reject_domainset,REJECT
+ - RULE-SET,reject_non_ip_drop,REJECT-DROP
+ - RULE-SET,reject_non_ip_no_drop,REJECT
+ - RULE-SET,cdn_domainset,🎯 节点选择
+ - RULE-SET,cdn_non_ip,🎯 节点选择
+ - RULE-SET,stream_non_ip,🇺🇸 - 自动选择
+ - RULE-SET,telegram_non_ip,✈️ 电报信息
+ - RULE-SET,apple_cdn,DIRECT
+ - RULE-SET,download_domainset,🎯 节点选择
+ - RULE-SET,download_non_ip,🎯 节点选择
+ - RULE-SET,microsoft_cdn_non_ip,DIRECT
+ - RULE-SET,apple_cn_non_ip,DIRECT
+ - RULE-SET,apple_services,🍎 苹果服务
+ - RULE-SET,microsoft_non_ip,Ⓜ️ 微软服务
+ - RULE-SET,ai_non_ip,🤖 AIGC
+ - RULE-SET,global_non_ip,🎯 节点选择
+ - RULE-SET,domestic_non_ip,DIRECT
+ - RULE-SET,direct_non_ip,DIRECT
+ - RULE-SET,lan_non_ip,DIRECT
+
+ ### IP 类规则
+ - RULE-SET,reject_ip,REJECT
+ - RULE-SET,telegram_ip,✈️ 电报信息
+ - RULE-SET,stream_ip,🇺🇸 - 自动选择
+ - RULE-SET,lan_ip,DIRECT
+ - RULE-SET,domestic_ip,DIRECT
+ - RULE-SET,china_ip,DIRECT
+ - MATCH,🎯 节点选择
modules/nixos/base/mihomo/default.nix
@@ -0,0 +1,38 @@
+{
+ config,
+ pkgs,
+ ...
+}: {
+ services.mihomo = {
+ enable = true;
+ tunMode = true;
+ webui = pkgs.metacubexd;
+ configFile = config.sops.templates."mihomo-config.yaml".path;
+ };
+
+ sops.templates."mihomo-config.yaml".content =
+ ''
+ NodeParam:
+ &NodeParam {
+ type: http,
+ interval: 86400,
+ health-check:
+ { enable: true, url: "http://cp.cloudflare.com", interval: 300 },
+ }
+ proxy-providers:
+ Node-YiYuan:
+ url: "${config.sops.placeholder."mihomo/providers/yi_yuan"}"
+ <<: *NodeParam
+ path: "./proxy_provider/providers-yi_yuan.yaml"
+ override:
+ additional-prefix: "[YY]"
+ Node-MoJie:
+ url: "${config.sops.placeholder."mihomo/providers/mo_jie"}"
+ <<: *NodeParam
+ path: "./proxy_provider/providers-mo_jie.yaml"
+ override:
+ additional-prefix: "[MJ]"
+ ''
+ + "\n"
+ + builtins.readFile ./config.yaml;
+}
modules/nixos/base/networking.nix
@@ -13,6 +13,12 @@
};
};
+ networking.firewall = {
+ trustedInterfaces = [
+ "ElysianRealm"
+ ];
+ };
+
# Use an NTP server located in the mainland of China to synchronize the system time
networking.timeServers = [
"ntp.aliyun.com" # Aliyun NTP Server
secrets/base/default.nix
@@ -1,4 +1,16 @@
-{sops, ...}: {
- sops.secrets = {
- };
+let
+ mapSecrets = keys:
+ builtins.listToAttrs (builtins.map (k: {
+ name = k;
+ value = {
+ format = "yaml";
+ sopsFile = ./secrets.yaml;
+ };
+ })
+ keys);
+in {
+ sops.secrets = mapSecrets [
+ "mihomo/providers/yi_yuan"
+ "mihomo/providers/mo_jie"
+ ];
}
secrets/base/secrets.yaml
@@ -0,0 +1,31 @@
+mihomo:
+ providers:
+ yi_yuan: ENC[AES256_GCM,data:7K18ggNPbJvU5De/VyLUXkM8gVysDpElw3+Cyt9HXa9yYg5hCcjgndg9f7yg49yjkiS4oAbhsxibte48jW3U+c7hYvV2emaCnbbAiojGY9E06XsH8U3yYxUJu74emvE=,iv:bZtmdTaDR4jR9phF+f8rW/bSEWHHJrykb09oFDlTOiM=,tag:IpOhT9bSibdiwrCDu678aw==,type:str]
+ mo_jie: ENC[AES256_GCM,data:4LlsSgySGC8OijK6NsWZv9MoBN7qlrpypM5K3aXa8peMWrCBsefAi37QhDBAaXPPVkYYgmYDV5lTsp+XOCOvDoNj463vgVIvR4fFpImI6g==,iv:j0470ctmLb2zQfpROewDbreKmqSYa1eBKPFe0POz8mE=,tag:qWn0iwihXPii7cnJWG6f2w==,type:str]
+sops:
+ age:
+ - recipient: age1sur93fevme8az4v6txee9uw7gk8xcpz2u0mfzvayavrcx9zkefxsmcpnln
+ enc: |
+ -----BEGIN AGE ENCRYPTED FILE-----
+ YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4MUJodUUvWkxNeDQyemR0
+ NmhWV20vNFRkK0JUN3JFZUpyZHl1WVdBaFFnCjJ3Zmdra2RlODkrZkc3Kzk5Q2Zy
+ N2plT2dRQkUzOG53RDUrZHY1ZjFsS1EKLS0tIGdRREVxaGc5S1ZTV1R0NmNvenpJ
+ Yi9ZV013dWo1NjlEbkREMlYxL3FZS0EKMStYByW8u5mTQ+ZthgWqTTOsjatJVuFo
+ 5bOZw/lgD5L6XcSb+xWbM21dlV/Vn7ulMsTHM7FE2Z36OGQc0cwQUA==
+ -----END AGE ENCRYPTED FILE-----
+ lastmodified: "2025-06-03T17:08:12Z"
+ mac: ENC[AES256_GCM,data:EEUgAyh/l9hLqnp0BRXZszDixQ377O86F/xUmziJC+VLRNAfUMRuay9oa62uJ4dSk+lUI5dGReajeuKlESqtoPMJY+AFx8xz9m9Lv225pRjsJfg4PJr5veMRsaWYaHGV+5wCHvFCqhEb8H1h10ZVdtnHitoia0Z9PY5HqefuAnc=,iv:+jT/QlTnw3lW+r2P27q9Rkq0JKhjaCa3R0h6Sca7gww=,tag:yCdjI4k3IIQdAAEnZUaI2A==,type:str]
+ pgp:
+ - created_at: "2025-06-03T17:06:45Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hF4Dh4vQ8CmRuq4SAQdAMt829MplCrLDjQjnpmQfj1f1l98VHir3KmuwyHHqYUgw
+ F+I8O8PReUS+LKLFy+H1HbrsAuBUfnC8y8q9a6eX092cjX3hcNRAlPMUa89yG1Ud
+ 0l4B43c42oJb/mxgorqnjMieIAE3pzXd2vX/qFZzKMZHFT30rpwWGXQibW4nRG2Q
+ fmboUVQPEcwx/9FdO9kQP8lldCQA5ny6HalKL0e3LWTXSi39XpTtb8ZMO6G3xvG/
+ =kTIM
+ -----END PGP MESSAGE-----
+ fp: 56AC2ED35E51AFE66EAAA569878BD0F02991BAAE
+ unencrypted_suffix: _unencrypted
+ version: 3.10.2