dannydannydanny/dotfiles
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(clan): re-enable dm-pull-deploy via forked clan-community 🌊

Browse source 
Stage 4e, take 2. Point the clan-community input at our fork's branch
that sanitizes machine.name for data-mesher's file-name validator
(upstream PR: clan/clan-community#25). Revisit this pin once merged.

- flake.nix: clan-community.url → fork + fix branch
- flake-modules/clan.nix: re-adds meta.domain = "clan",
  inventory.instances.data-mesher (sunken-ship bootstrap, both default),
  inventory.instances.dm-pull-deploy (sunken-ship push, both default
  action="switch"), and clanHostsModule that puts /etc/hosts entries
  for <host>.clan → each machine's ZT IPv6 so libp2p multiaddr
  resolution works without a clan-domain DNS server.
- Generator vars for data-mesher + dm-pull-deploy signing keys were
  regenerated on sunken-ship (data-mesher isn't packaged for
  aarch64-darwin, so clan vars generate runs on Linux).
This commit is contained in:
DannyDannyDanny 2026-04-20 19:58:16 +02:00
parent 1d4c6c8f4f
commit 22808f39fa
34 changed files with 337 additions and 20 deletions
Download patch file Download diff file Expand all files Collapse all files

1
vars/per-machine/phantom-ship/data-mesher-node-identity/identity.cert/machines/phantom-ship Symbolic link
View file

@ -0,0 +1 @@
../../../../../../sops/machines/phantom-ship

18
vars/per-machine/phantom-ship/data-mesher-node-identity/identity.cert/secret Normal file
View file

@ -0,0 +1,18 @@
{
"data": "ENC[AES256_GCM,data:tWPgk97Zn1F81EuITs0GWe/hycZGreo0S1oYemuOXxpqdbq/kwKwdZydSxs4cZfXOVzf9nL8V8R01/prbfAMFBJl/OgWW5qFqv5Mj7mBDZWYOrDVW481hhkMuZGzlc+2f2Q6Enmugw1tKQa277KV6t9lZ1mrPYvzVqXh1ZJm4Ez8FJidwwmHkHxAeK8q1AkMXZKMNBBvt86VfTFmWlkhav53CUpGIvchdyAPw8c97sGTTd58L7r9xImR2ZtSgXl237q1NZC40+oUDMS6QB+l9JtAPus2BROQ84U0zImcLEuDh+cHGUnlowXPRvTL,iv:3E+iqOJy7mKBQE40doDEhlVS7yU6tsB2W99defE48gc=,tag:d0SnUTshXNewGECH2sTuJw==,type:str]",
"sops": {
"age": [
{
"recipient": "age18gtjh28qxeltg2r2tzxwl096crkqkqk8tjhersyf7mzdsddady7qs34x0m",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2Z21ES1dTMmZYN3pWTkpo\nY1dBVTY5K1UrT09xNnBWNWhTcWRQSHpyeDBzClBSRVJDeWxtM2ZjWHllWXV5ZHFM\nQ3BYbmhhUTF2dDlwYkRFbTBneGxoVFEKLS0tIHhvQWpTSGJvN2EvM29aenQxTG5L\nZUsvaUM0YWN6czUxM2FHWnhlL3pZREUKF3sKxQqPebE5DZQgYeChHlWcf89peqD1\nVTaZP8CDmLPxxXMOPt31PgOPwP36CHrYM12Fil3lXY31tM7fGw1hVA==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1g6y8gvcampqj5y3yzdajke2h5n7k6ckdg6a424cghy5325px7cmqjmmd28",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGUHBUQnZzc1ZXKzl5RlpG\ndWpKcEIrWE5RS01kOHZVWFNsNjFML3VwT21zCk1KV01JaWI4cHVVR1pOTCtPUU5n\nbVJPbWZmUzNTZ3dETWwwb3Nvb2t4MGsKLS0tIGFKRlB4ZzAvZEpWemZqYjJlT2pC\nOEhSYXRZOE9oUkRqVzUrWUxpK3dwb28KMrhCm/S1zF8ZqSkKE/dy2A/xiFwBOs0Y\nGtl9HJEAA/xx9gHAy7cuGe3sV8KLSySFUbdL3UE7OhqtuGJwt67hGg==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2026-04-20T17:57:26Z",
"mac": "ENC[AES256_GCM,data:8W+KPrzQwbdXi+haUjvYjVjfN+/WmlQso4imTBI9RBYLJwX9e//sfvq4Jd2HOplb8lfIvPqbMUELKma95J3qbSmBTuU6JHP07D53KRz50ZfVH+f9U9yo35nmhLQzlSWAZY4mHF23eq8pyt2EJ5b0M1TLs5bG00FmjWG1ir8avLU=,iv:I6rMyCjLUCRwZOX2YiETgb73wlRhpkPA+8psgfWZnR0=,tag:0wieM5ylopWzr3g9QUfZzg==,type:str]",
"version": "3.12.2"
}
}

1
vars/per-machine/phantom-ship/data-mesher-node-identity/identity.cert/users/danny Symbolic link
View file

@ -0,0 +1 @@
../../../../../../sops/users/danny

1
vars/per-machine/phantom-ship/data-mesher-node-identity/identity.key/machines/phantom-ship Symbolic link
View file

@ -0,0 +1 @@
../../../../../../sops/machines/phantom-ship

18
vars/per-machine/phantom-ship/data-mesher-node-identity/identity.key/secret Normal file
View file

@ -0,0 +1,18 @@
{
"data": "ENC[AES256_GCM,data:vhKOKajk8ZG8Xjtj3dqgYETBjLIhvECvmVKP4LdrHa0sSK2IAm2dBO0vBaeHHst5pSzpRJuNJwwNhAZlO404puXSh2ul9/AopKSgGqr6DqDlgQDemSduCSmQRcQUfygQYB086mnACl+TUo4U0l7j/oDCVbIcvMM=,iv:RnjAM8KlFsdKvZ5h3l4PfXP3GzSun5cSQnfQL3KwOpw=,tag:7vp61F375LY4WOLHg9pTPg==,type:str]",
"sops": {
"age": [
{
"recipient": "age18gtjh28qxeltg2r2tzxwl096crkqkqk8tjhersyf7mzdsddady7qs34x0m",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5Y3JXOTAzQzlWdjE3b0oz\nUDBCb1dEY1BQUXltc0ZPUUttSDJmOStVRkFBCnliR0tPbEViTzZPZkt4ZGJoMGli\neWg4a3E5OE5taitsRzZQQkZ3dmJubW8KLS0tIDVGRW5TcStrVzY3ay91VGVGREFl\nMm5sWUpJY1JGOUtLSGxreHovN3RnWU0KqLtu8z+hm5S8M2U+ApZ5Wgw7HoiImamu\nVf9ARzgQ1G4kDKU7CW3nH7Oun876HoA1hcPnKgTlDSHMh95nMASC5A==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1g6y8gvcampqj5y3yzdajke2h5n7k6ckdg6a424cghy5325px7cmqjmmd28",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBybHM4Mzh6UWFKU0JzdHdU\ncmpEM2VqRk9GRDRsL24wSmw1Y28vYStna3g4CjZhaEs2T3kzZTc1VmptWlBMVnpp\nTzJ3bnZtd2NSK2tiaDJHdUxFdWQ0ZzgKLS0tIHA0MFZPSjZYYUdUYmxLaGhsSVdn\nT20xVWczdWlPbFM3VXo2MkNJcTM1L2cKfOO02LLAxJPd1zsxj2fpntGRXSA3Lg3m\nW+1LoGFoFofZ0ds9MVls1ILZMdaBpHdQ4eF5B7IJt5B5Up9rk//p9g==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2026-04-20T17:57:27Z",
"mac": "ENC[AES256_GCM,data:2qoVM/dTkE/qn2BPhDlUIFHg9nObArUh4yPVCzUng+wiLF9Umppl7DfzG0F+JNsKR087nMKYSEsN/yWeWdDaTfR6tOnTsxBj7ybNjUokNCTT5h4eN1RH1aAdOVXtFoF6EV1pkYN+uXuc0HhC04qVVgnFtLRO97oyI9CjgH7eSjI=,iv:MhW2NwpNlkahGw8V803NF9lEchQBue5BbDlJSv3HYTs=,tag:MyYA1QwKfxbwpyCsvXc76w==,type:str]",
"version": "3.12.2"
}
}

1
vars/per-machine/phantom-ship/data-mesher-node-identity/identity.key/users/danny Symbolic link
View file

@ -0,0 +1 @@
../../../../../../sops/users/danny

3
vars/per-machine/phantom-ship/data-mesher-node-identity/identity.pub/value Normal file
View file

@ -0,0 +1,3 @@
-----BEGIN PUBLIC KEY-----
MCowBQYDK2VwAyEACJQ3sNPsTp/ZnTQ3npwQKqYKH9Qw0Tqq+OYusLlGOyE=
-----END PUBLIC KEY-----

1
vars/per-machine/phantom-ship/data-mesher-node-identity/peer.id/value Normal file
View file

@ -0,0 +1 @@
12D3KooWAPrWoqCMyrh4m1gYty5X9kANicXKnGwpiuLHEeeneKPe