From e5a3158d2e932c4897509074ca65823630bdac64 Mon Sep 17 00:00:00 2001
From: Ivan Bushchik <ivabus@ivabus.dev>
Date: Fri, 28 Jul 2023 15:39:50 +0300
Subject: [PATCH] uhhhhhhhhh add secrets refactor things

---
 common/base.nix                   |  18 ++--------
 {roles => common}/laptop.nix      |   5 +--
 common/locale.nix                 |  12 +++++++
 common/networking.nix             |  15 +++++++++
 common/remote-access.nix          |   9 +++++
 common/user.nix                   |  54 ++++++++++++++++++++++++++++--
 flake.nix                         |  12 +++++--
 machines/stella/configuration.nix |   6 ----
 machines/stella/hardware.nix      |   2 +-
 roles/devel.nix                   |  15 +++++++++
 roles/gaming.nix                  |   1 +
 roles/graphical.nix               |  22 +++++++++---
 roles/yggdrasil-client.nix        |  13 +++++++
 secrets.nix                       |   9 +++++
 secrets/.gitattributes            |   2 ++
 secrets/canary                    | Bin 0 -> 4118 bytes
 secrets/hashed-password           | Bin 0 -> 95 bytes
 17 files changed, 161 insertions(+), 34 deletions(-)
 rename {roles => common}/laptop.nix (80%)
 create mode 100644 common/locale.nix
 create mode 100644 common/networking.nix
 create mode 100644 common/remote-access.nix
 create mode 100644 roles/devel.nix
 create mode 100644 roles/yggdrasil-client.nix
 create mode 100644 secrets.nix
 create mode 100644 secrets/.gitattributes
 create mode 100644 secrets/canary
 create mode 100644 secrets/hashed-password

diff --git a/common/base.nix b/common/base.nix
index bad46dc..3329219 100644
--- a/common/base.nix
+++ b/common/base.nix
@@ -1,7 +1,6 @@
 { config, pkgs, ... }:
 
 {
-
   nix = {
     package = pkgs.nixUnstable;
     extraOptions = ''
@@ -15,7 +14,8 @@
       automatic = true;
       options = "--delete-older-than 7d";
     };
-
+    daemonCPUSchedPolicy = "idle";
+    daemonIOSchedClass = "idle";
   };
 
   environment.systemPackages = with pkgs; [
@@ -27,19 +27,7 @@
     pciutils
     coreutils-full
     killall
+    git-crypt
   ];
 
-  networking.networkmanager.enable = true;
-  networking.nameservers = [ "1.1.1.1" "1.0.0.1" "8.8.8.8" ];
-
-  services.timesyncd.enable = true;
-  networking.timeServers = [ "ntp1.vniiftri.ru" "0.ru.pool.ntp.org" "0.pool.ntp.org" ];
-
-  i18n.defaultLocale = "ru_RU.UTF-8";
-  console = {
-    font = "${pkgs.terminus_font}/share/consolefonts/ter-u16b.psf.gz";
-    keyMap = "us";
-    packages = with pkgs; [ terminus_font ];
-  };
-
 }
\ No newline at end of file
diff --git a/roles/laptop.nix b/common/laptop.nix
similarity index 80%
rename from roles/laptop.nix
rename to common/laptop.nix
index 58c8eef..b26664e 100644
--- a/roles/laptop.nix
+++ b/common/laptop.nix
@@ -5,8 +5,9 @@
     powertop
     lm_sensors
   ];
+
+  boot.plymouth.enable = true;
+  
   services.tlp.enable = true;
   services.upower.enable = true;
-
-  networking.wireless.iwd.enable = true;
 }
\ No newline at end of file
diff --git a/common/locale.nix b/common/locale.nix
new file mode 100644
index 0000000..418502d
--- /dev/null
+++ b/common/locale.nix
@@ -0,0 +1,12 @@
+{ config, pkgs, ... }:
+
+{
+  time.timeZone = "Europe/Moscow";
+
+  i18n.defaultLocale = "ru_RU.UTF-8";
+  console = {
+    font = "${pkgs.terminus_font}/share/consolefonts/ter-u16b.psf.gz";
+    keyMap = "us";
+    packages = with pkgs; [ terminus_font ];
+  };
+}
\ No newline at end of file
diff --git a/common/networking.nix b/common/networking.nix
new file mode 100644
index 0000000..6e467d8
--- /dev/null
+++ b/common/networking.nix
@@ -0,0 +1,15 @@
+{ ... }:
+
+{
+  networking.wireless.iwd.enable = true;
+  networking.wireless.iwd.settings = {
+    General = {
+      EnableNetworkConfiguration = true;
+    };
+  };
+
+  networking.nameservers = [ "1.1.1.1" "1.0.0.1" "8.8.8.8" ];
+
+  services.timesyncd.enable = true;
+  networking.timeServers = [ "ntp1.vniiftri.ru" "0.ru.pool.ntp.org" "0.pool.ntp.org" ];
+}
\ No newline at end of file
diff --git a/common/remote-access.nix b/common/remote-access.nix
new file mode 100644
index 0000000..af1aa9c
--- /dev/null
+++ b/common/remote-access.nix
@@ -0,0 +1,9 @@
+{ ... }:
+
+{
+  services.openssh = {
+    enable = true;
+    settings.PasswordAuthentication = false;
+  };
+  programs.mosh.enable = true;
+}
\ No newline at end of file
diff --git a/common/user.nix b/common/user.nix
index e6a95b9..82e0cb6 100644
--- a/common/user.nix
+++ b/common/user.nix
@@ -1,9 +1,12 @@
 { config, pkgs, ... }:
 
-{
+let
+  secrets = import ../secrets.nix;
+in {
   users.users.ivabus = {
     isNormalUser = true;
     extraGroups = [ "wheel" ];
+    uid = 1000;
     packages = with pkgs; [
       tree
       cargo
@@ -12,6 +15,11 @@
       gitFull
     ];
     shell = pkgs.zsh;
+    openssh.authorizedKeys.keys = [
+      # Air M2 macOS
+      "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC6HY6er37FUz2tPQnwq5SUQZ5KHmMpGQA5yNlxPOyoCV+uvdx/cU8KF7jlFoyBC9xf2FvNyB8H1MZ6t2eUs4m/pVMpoBbNSTZLSxlvv2n4HuxL2Sg3qPdioJOyxDfnXA4OIZ+Tc+z4zM3ZnPJm1ccGW7W+YPhZ7GhBpl5wlMw+m06dCt8wfdDA4fuf4brnLt1ZMs4aOtVM8u4ZEtMs3IVXVUgtRH5m0RXZ94s7RkrUHhl2UOkOclhkQOiQop9RuJMjpi+iYkDYCniuGCKcKPrmi1+qicKM8KyrYGqR7FkUvzr+H8XtJXu++Kvmjcn54jDYqM4sq/MNL2rf8QaIUGLwiq2ljH2dGamElvElWZoXQBGPp4L80IEbaMVISIcvcNj+8cKW3rPvEUK5iT8jCkIOUwm1oo70YawS5VXTPLDsZif12QduTcJhVJekEaP0ZSifO52zeJksj0adwiEMJPqm7bIk5Y+9dCbQH7PtkWY4Tw3bdGNsYnTXC80MeEfrIKE="
+    ];
+    hashedPassword = secrets.hashed-password;
   };
 
   programs.zsh = {
@@ -21,7 +29,47 @@
   programs.gnupg.agent.enable = true;
   programs.ssh.startAgent = true;
 
-  programs.git = {
-    enable = true;
+  home-manager.useGlobalPkgs = true;
+  home-manager.useUserPackages = true;
+  home-manager.users.ivabus = {
+    gtk = {
+      enable = true;
+      theme = {
+        name = "Catppuccin-Macchiato-Standard-Blue-dark";
+        package = pkgs.catppuccin-gtk.override {
+          accents = [ "blue" ];
+          tweaks = [ "rimless" ];
+          size = "standard";
+          variant = "macchiato";
+        };
+      };
+      iconTheme = {
+        name = "Mint-Y-Blue";
+        package = pkgs.cinnamon.mint-y-icons;
+      };
+      cursorTheme = {
+        name = "Catppuccin-Macchiato-Dark-Cursors";
+        package = pkgs.catppuccin-cursors.macchiatoDark;
+      };
+      font = {
+        name = "Ubuntu";
+        size = 9;
+        package = pkgs.ubuntu_font_family;
+      };
+    };
+    home.pointerCursor = {
+      name = "Catppuccin-Macchiato-Dark-Cursors";
+      package = pkgs.catppuccin-cursors.macchiatoDark;
+      x11.defaultCursor = "Catppuccin-Macchiato-Dark-Cursors";
+    };
+    programs.git = {
+      enable = true;
+      userName = "Ivan Bushchik";
+      userEmail = "ivabus@ivabus.dev";
+      signing.key = "DF1D910360471F0CCF076E449F6DDABE11A2674D";
+      signing.signByDefault = true;
+      package = pkgs.gitAndTools.gitFull;
+    };
+    home.stateVersion = "23.05";
   };
 }
\ No newline at end of file
diff --git a/flake.nix b/flake.nix
index 998f7bd..b98a51d 100644
--- a/flake.nix
+++ b/flake.nix
@@ -11,16 +11,22 @@
   };
 
 
-  outputs = { self, nixpkgs, ... }@inputs: {
+  outputs = { self, nixpkgs, home-manager, ... }@inputs: {
     # Stella = Unchartevice 6540 (Ryzen 3 3250U, 16GB RAM)
     nixosConfigurations."stella" = nixpkgs.lib.nixosSystem {
       system = "x86_64-linux";
       modules = [
+        home-manager.nixosModules.home-manager
         ./common/base.nix
         ./common/user.nix
-        ./roles/laptop.nix
+        ./common/laptop.nix
+        ./common/networking.nix
+        ./common/locale.nix
+        ./common/remote-access.nix
         ./roles/graphical.nix
-        ./roles/gaming.nix
+        #./roles/gaming.nix
+        ./roles/devel.nix
+        ./roles/yggdrasil-client.nix
         ./machines/stella/configuration.nix
         ./machines/stella/hardware.nix
       ];
diff --git a/machines/stella/configuration.nix b/machines/stella/configuration.nix
index 5dfed17..b61d086 100644
--- a/machines/stella/configuration.nix
+++ b/machines/stella/configuration.nix
@@ -6,16 +6,10 @@
   boot.loader.efi.canTouchEfiVariables = true;
 
   networking.hostName = "stella";
-  time.timeZone = "Europe/Moscow";
 
   services.xserver.videoDrivers=["amdgpu"];
   boot.initrd.kernelModules=["amdgpu"];
 
-  services.openssh = {
-    enable = true;
-    settings.PasswordAuthentication = false;
-  };
-
   system.stateVersion = "23.05";
 }
 
diff --git a/machines/stella/hardware.nix b/machines/stella/hardware.nix
index 3339db0..f740056 100644
--- a/machines/stella/hardware.nix
+++ b/machines/stella/hardware.nix
@@ -39,5 +39,5 @@
     STOP_CHARGE_THRESH_BAT0 = 80;
   };
   powerManagement.enable = true;
-  powerManagement.cpuFreqGovernor = "powersave";
+  powerManagement.cpuFreqGovernor = "performance";
 }
diff --git a/roles/devel.nix b/roles/devel.nix
new file mode 100644
index 0000000..06fb2d8
--- /dev/null
+++ b/roles/devel.nix
@@ -0,0 +1,15 @@
+{ config, pkgs, ... }:
+
+{
+  nixpkgs.config.allowUnfree = true;
+  environment.systemPackages = with pkgs; [
+    jetbrains.clion
+    rustc
+    cargo
+    rustup
+    vscode
+    clang
+    llvm
+    lld
+  ];
+}
diff --git a/roles/gaming.nix b/roles/gaming.nix
index e2e9dcc..e6b91b9 100644
--- a/roles/gaming.nix
+++ b/roles/gaming.nix
@@ -1,3 +1,4 @@
+
 { config, pkgs, ... }:
 
 {
diff --git a/roles/graphical.nix b/roles/graphical.nix
index e08219b..10832c1 100644
--- a/roles/graphical.nix
+++ b/roles/graphical.nix
@@ -9,11 +9,12 @@
     mpv
     glib
     ffmpeg
-    cinnamon.mint-y-icons
+    cinnamon.nemo
     usbmuxd
     telegram-desktop
+    keepassxc
   ];
-  services.fwupd.enable = true;
+
   services.greetd = {
     enable = true;
     vt = 7;
@@ -37,7 +38,6 @@
       swaylock
       poweralertd
       kanshi
-      catppuccin-cursors
       libsForQt5.qt5ct
       mako
       pulseaudio
@@ -55,15 +55,29 @@
     enable = true;
     alsa.enable = true;
     pulse.enable = true;
+    alsa.support32Bit = true;
+    jack.enable = true;
+  };
+
+  qt = {
+    enable = true;
+    platformTheme = "gtk2";
+    style = "gtk2";
   };
 
   services.dbus.enable = true;
 
-  fonts.fonts = with pkgs; [
+  fonts.packages = with pkgs; [
     noto-fonts
     noto-fonts-cjk
     noto-fonts-emoji
     jetbrains-mono
     font-awesome
+    #google-fonts
+    liberation_ttf
+    open-sans
+    roboto
+    roboto-mono
+    kochi-substitute
   ];
 }
\ No newline at end of file
diff --git a/roles/yggdrasil-client.nix b/roles/yggdrasil-client.nix
new file mode 100644
index 0000000..10b35a2
--- /dev/null
+++ b/roles/yggdrasil-client.nix
@@ -0,0 +1,13 @@
+{ ... }:
+
+{
+  services.yggdrasil = {
+    enable = true;
+    persistentKeys = true;
+    settings = {
+      Peers = [
+        "tls://ygg.iva.bz:50002"
+      ];
+    };
+  };
+}
\ No newline at end of file
diff --git a/secrets.nix b/secrets.nix
new file mode 100644
index 0000000..12ad542
--- /dev/null
+++ b/secrets.nix
@@ -0,0 +1,9 @@
+
+let
+  canaryHash = builtins.hashFile "sha256" ./secrets/canary;
+  expectedHash = "bc6f38a927602241c5e0996b61ebd3a90d5356ca76dc968ec14df3cd45c6612c";
+in
+  if canaryHash != expectedHash then abort "Secrets are not readable. Have you run `git-crypt unlock`?"
+  else {
+    hashed-password = builtins.readFile ./secrets/hashed-password;
+  }
\ No newline at end of file
diff --git a/secrets/.gitattributes b/secrets/.gitattributes
new file mode 100644
index 0000000..e62dd61
--- /dev/null
+++ b/secrets/.gitattributes
@@ -0,0 +1,2 @@
+* filter=git-crypt diff=git-crypt
+.gitattributes !filter !diff
\ No newline at end of file
diff --git a/secrets/canary b/secrets/canary
new file mode 100644
index 0000000000000000000000000000000000000000..1e2e9376abfea60c313b4a881b8ac079d6cb8bc7
GIT binary patch
literal 4118
zcmV+x5b5s#M@dveQdv+`03n>04dB)IMHHkzW)nD2M(U>@Jo*3xNFz%UZ?9Eh<*Gv2
z=g4qSr^&Lut9-&9r{$o<cJ>&fk;M+JHPE@R)sS7gXa=LN!5Yc|q`m8Mabdrv9Kf4Y
z5tuWYk)6Ch>@`!dN+je{B(V%TO8v}MaS_=}H(ML^C@3d4e6bF5u*FA-lEB1!&=RV2
zZh#*>SKbcoATj3l@OGs`l%1?Fboi;%AOgKF)LHy&1jY{FReRjOO}8DBf&vDQGlxC@
zT0FHP6oO@J0AbIFpRYHSMg}IhBqr#Nj|vV(>;R9wIZxwV!6ggH9nK#8eGz>X<3vj<
zgX^Ijn&nELAL#r)OgpJ%F6MilML8O{@=)H!!7fI+W1pd0=C?2}Kt&X?oO-yWy0l`}
z43IipK>&Lw?CWvqC%IcX)OIk^SH%N-i=&fyO=!-Ztw`vd*PF=e_71RjTozxo9~p5X
z@hAL}9&>wsM3>K-ctHbi{-(3yau{Yx*qGon0ofSD{Y|$O_ST3y^L6Yhv!}xv*VW!a
z@LPz5+Oc#gRdKaw(TN$NGr{jzo!!vu3}0=f=J0RKo(>e?!0ITegR7oa*JO7Zm1Ja|
z`ZD)@F2@$aeY3w73YteP6KxPJibwI!E|ty(Ziciw${>IFZGaIA5*->dgeSZ!+NZ*V
zBB%mVDJ%k0s{(DTJaA3Bd4}mie|P)gI%q)B_Al*U>Xu#JQYeFG>%X0b8H+Yzb`7%f
z-Lb0XujKKG%3@=cHy5xfv%TR~hzW{LyWa%1_47ifj~{3|%C1YO2ezaA0_K19^0A4c
zA2+yXD^WM)yDhxHHE1ZTw$jg|1nJ&=pYFiSLnZDXdP3<adRNzCZ^HBQ*X_f@IeewR
zCbK>aGp!(RY@#LZfSkA`x6NcV?E!;eMT>Zz6av#_L!vFS>N6E5N@@zsb9<>!j^GIv
zJ|NHULs=PVQ>Na8GN{7#Hm^w&xJQ|1bgZxY<?iynk0Jh!_)`9c%&lPkVki`z%VWfJ
zW+O0Fm4a_Tel^-~?oqe$36ZTBr?>((5dB{0oa#P#!FzxQzD|WQmU7*xOQ1=n>Luus
z{h9y2&px@P#x;SJT`eR1Rr=N#Ijwx@IX9GAES?wiV(r*EM&WdEs8TlIlFDN|i?i6B
z;~n_QpiQ6da!sXKPp9z|Bi!wt;b3rr<e!KfIY^gRokwm+!v!8lDO7&QH5*l`DfYWC
zC?vVvo1c^QoW>t_G`M;?V1#^y9hWDSjSfF9Wz?9%IQirWw|TF2wBsA_1rr*%Zg6}R
zti4X);u04W(m-f|no(*rnR@jaEmoxv1F#r+fHy26;bx>+Kfv_b3^)>F%fW7SIB);-
z8(YJ}0%EW2BrGQjNrFv$lB&K7Op^bV34o+<O#SuVIrJTd@g{>D=TKV;pnh_t<khzX
zvES)pA|s^qLZN)z%WpxzzCW7RM;KhS*ebj~+G|2aqejvG!TOR6tl5>mq3lg2NGOL`
z2^N6!brDl@$;t)zZ4*-P_<%rz!vvRkb*n-CyhTc6hN=vtWMAI8TaFw)Cyr%*oNt>^
z-0OgIy4NqT%X$yyNEEPXaCfwBuNccxC?>5Rio5MCzlBF-wfg*bJ27x(KkN+<6;}l?
zkR!}HM+VsNdw<*}!(R5L`l0*5jJB~Ta|#puUR-qel40_1x;c}m5Si+39O5~EFh$qi
z+_?m(IGO9cZ=5Tt&s%GKf|}6KVAm~)lH?!c69z%>X{YGR9D^ECrOg+2<LNhloJ#4g
zAk<Vin?^>HkZ6`M;MJ}1`9Ei>smZKf%&LEq<igi@RhN9zAS8wK^^W>HU@KII7<>d*
z5MPT)FcNda7$8Kn=aP!@gYgX3C#$$n20fZRVjzVQ8uQdSxCaJG?vO&O$TCY(GKIfd
zNFjTz?0baEz$4yL(5b7Ub2hqjqA&lUuDnG5@84wfUbTCOJbA1Cg;aLhIM<3&7MS@I
z`z9r9vKB@|u0bh7(qjF>58E3j&l7oiol{9O8SPC)8?>^aT1X=|fBuxdw!Lx4v=IN%
zEXHTJxeg6*6F#jE(3y7>@e^${mcWS{Y>cFd@3EzF$m2{ApurSDiCCWNJzw`LHmCw_
zl-P?B$?ni4js5xL>wiSW%@yyyT7r#>Y0yyG?;|MPW*d^$2y3Us!#-2d!<nmpwD1o#
zvArj;F1N+#;OkVpe{l}o&^8#jveOZSXB4h9=JcaD-4rWDk)I-7!iYaHN*9nTyc!J4
z$%=&EwDzyZ3S^>c_^F~DPoeQPpGS>PiGsP7P?TyLQ0_11((9o%k4AYBN1c{%$_u3(
z5lhrQBGHP{NMR|$S&e5-GIlYYx9O}w*-MV;$rmuEn%k5mV_L1?Uhh|P*pJlpGsTdc
zM&E=*1%WNl%cKUaEa$=ptB|bAe<fR76vb#=Rvh|AuvH82^6PARyW+3(&?9c^xr61?
zV6Y|$c^%Pf=5;sNsWD1>Y8MoLyi$?FX16!?PX4-PMqZLe1R~gQo$uVpA-iJ3TX|I9
zq#SZqv{?cs3z&VHLg@z{I^0S6OI}^lXebrA!TwN&c`xCA;Eu~rI6u=b%kpi<Lai4P
zviR!+D*Qa0Nh1oseYw$6CarE=jTVyOX=wonjhq+4zLC)&g^b<@vXs#Gl#I&2#qRJc
zHTh!c2cLA!FHaY!gG)&N3~q98rv&)MFP>!+FJjUv+A;^i`_Ti*dEakh*E>YnC!5R$
zdJumTW~ruDJvQRfB31TGXtZujC-vXb`dEooDl7Y04rrq&)|QI0Rs^PmvHn$U(|m9K
zi{Knjaf^S7&2iVjhCd0LFvU;a&FXw-`k^83)()}eu=^*mq5lVdV6K_ReTRUr!SbX_
zbjEXk`k4~5mf%9#rijl0bVlWZ-2y;||6g}ciq<oDFEm&|{pj;CBqn%n^!zndKN4KQ
zSZW1+A1mMX>MEC$cYkC}Sc{leD|q&7VJ`BtT3o2w?rT9kl1!E<?VO8qX`uc<bCMP&
zOBNlPcn}6QE|>QFDr(k9G^#4WB-ZB?dya>F%0z5tXo0O{c&I_qb?ID3`P;9NXoWr0
zS35H~VUiTjLvHFMGeJYitLtve%u2txaA^~-Fa6X>QoP6X7tR#L)E&$P^po9B=*xb`
z`8{KDHxYj3oH^#)PNF3~t!@>962aOAr6q^JDi7N9LSH)Q=H~gvNp19L9&_3`!xgHj
zUXOSwn(HBC!6;*<%^=Eqbp|K^ySl4bc%kVDBSI{)(p+&`Ql*q$klb+w(?y#`2S$9p
zX9zu~xy$h(ULv+!%qQfEv~6}3LfOn=j6!lqxrqe{fvPm5f`(AOM9lzjM+8*ttJTT}
zLkcLC)#9KZptdDuJ2r;8@v@T+{x-7i;Z&?lk-Rhg3oiu7yK&u}KRJX+=@<YwH`D@^
zCN{{%A%ggevvTJ=m2WxKSvEI0n2Gt3<Kp+zL>$hxhLMMhW*ETYHi?o!SWv3wr3`dv
zfZzuOAEL#vD8ng*3_`v?rr$2<Oi?G+%|icb@W37#a@|sfjzo}4DaGl?rI@G^Kw&8A
zp6j3!vESsXIk~nie{1H4J@P7jQXmfg&_jWt25qW~G;AMH(FXD%{F1!xlVG8_dNNzW
z!6LF!C^wMd>My1<AANG?qDW0ijTxH`7a5=Kl=Yk5J(irE#l|+}vVhu1hobVYmQ-lb
zVN_~`lyDl}O@L!PEIEF&sWbu4-g!Qp^@A_Rrm~x~@bvicGn2^$2PCks`?1GW(WcVR
z%r@lCttwRg$W`z#6}W<$zB`F#&X_bBAiB9cw#qk2DU+E7z$Gd?J8&E1XPD~C<f%e_
z5;*x7&Q`4~rN?v_H%L!2AB$s5xVuYyLnYj&XG*>Z;3ZnkH>2;r9$aMbhLLZ$x8R{O
zSj+^5+coOmF>$vn#8~;(;L(j=&{x5$Q~_QRC(qZ6W?0hnm)l3}3$SVEaPJWGS}drG
z(7SVTq5O*~PJzH6q7#7dv{d)r`P<@dU-LU;Ytgy6tPu{5R?aw{d=aKAA%q%Of$P;J
zkjQM9bVPCAw)f`O$$0&2>rB4*9)63tuGrd}WkgbG?*uKZuigYETrPbo?M_qF_J&~y
zC{s+$Pi*Sy7GTPWcf5b>4JYd7p_q|zKzXJjj5qB^ExH)staV?dj$?JJ(Wr1uG}jgo
ztwezDayG}eTWyepBqOQ4T$!`KYTWZX?ylS=i0}Mv@HKjmD57D8@u`<vFkR1|XfAH(
z2XS=~QNs)$5>P4rAP6e;K%FGmUaU|l@3)0^9IFt*xVO>4!m|Dx!ctblC3#cc$wnUx
zDoTpqV0BNLNdRAR(9w=U3^adBTUI|wt~9jvVX9<qJWonRddprxVhI4FAD1DX`=hA6
zoChmV^4n?CStX2jYn?0${)s9!8d5%~nvQ3_R&@d#X{lYf&_c{2)w%tAof4e;K#7fm
zul}Oi7QPdlE45ja!F?#WoMv>Z6j(8InT3tEed_yN!61~pE1qQdIm7<IAqD_svj0D=
zdx3rYS1=DEjcPZgou@gAfP;%DGC{GCT-(UaRx)#Q{jwx2PdHfPtGIRD6?d0`5Q;~P
zmv8HnAy7OX7PKj6xC+62!TGbNcvAx7k#rw23!Qa4)Afq`>(^HI%PO78!|2&EWFoLO
z%>Gj`RxVvY6A-KE*7qJuA<_8?d#k@{;CBG}$jK{=JxK~3LPjA?U*!C4la83IPO1ma
zMv7E`YLH69_9`A<7Bxo(Gr*&9B48=fTh!xlZJu~R4X+2(8yvYhhivTk%k@?=R@1X6
zI>slw8AVu~1$_IJQ*}Cc;Hvs_rE`+3<IMy7V4Evn>GEKwY7OPg`ACe-*9C$m^=nPh
z6kbls<nt=u9zVD3inl=;tmFpU`N?j_;C-XwsAWFU7Tv$eERK-}NI9tzuUC`^e1kDY
z<HiUa{`>zQ2g~c9UNc?_*_HpUj$Lwl6yyKk=U-y{I_Lou!IA#D{?}I5BKhDlbv4n$
zS;bq#&vXE!cK>%-EJ0sTf4Ub{zbBD~G~c>!o82tKv3974Q(EVOpROct1zk0h7>S(n
zFN0)m|3orY=(EvG$SkUGFR)*00ffQj?Fp9UHqq6fIN~1%2_fQ)i=mQB^=_7vz~v5N
zF0oa%89saH>Di_|>`&gom9CH!zMH%93^zxO^&$UIkpJ5`1Oz?bcbyZL8=-4|wBcI(
z?&RwEHi-Nr0t-zUG^0+Wk+z}UELql@6i;`&%c3$07hfr~4+*fL+PmhOAd(ke@d5cq
zP77D`ZW+|y#2h3>LCa<e<szg20GJDjj)DXasnd`IU1X{#89^3&lDnJ-E4%>OC#(h=
zZ~`0l-yqI$?hX$J(~1Yep)kCgeUqV}SRQ2Ic0(Z4&Z1^ao733ieD0GYFgjBKbYq@i
U+rN3b3EpEu;8d-jz9mLtg<<sxo&W#<

literal 0
HcmV?d00001

diff --git a/secrets/hashed-password b/secrets/hashed-password
new file mode 100644
index 0000000000000000000000000000000000000000..5fc645a34ca4176e6da7d56e050fb843278df0fe
GIT binary patch
literal 95
zcmV-l0HFT>M@dveQdv+`0C=AqAs6!)?KVepAo>zP$p=YN+os*zc5>j2rcaZ&Nj;Ey
z&yg7M@;H&)kURij^aQpgDQubN?^)}+@UUSGh=FO+b1MT3Zrd!bt%V16xZxqm^$Nu*
BEL8vi

literal 0
HcmV?d00001