dannydannydanny/dotfiles
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
dotfiles/vars/shared/data-mesher-network/network.key/secret
DannyDannyDanny 6846faa5f1 feat(clan): data-mesher + dm-pull-deploy wiring 🌊 
Stage 4e-a of the clan migration. Set up signed-file gossip
(data-mesher, experimental, clan-core) and pull-based NixOS deploy
(dm-pull-deploy, experimental, clan-community) across both servers.

- sunken-ship is the data-mesher bootstrap node + dm-pull-deploy push
  role; phantom-ship joins via /dns/sunken-ship.clan/tcp/7946/... — the
  hostname resolves via /etc/hosts (clanHostsModule) to sunken-ship's
  ZT IPv6 since we don't run a DNS server for the clan domain.
- Both machines run the dm-pull-deploy default role with
  action="switch": they watch /var/lib/data-mesher/files/home/
  dm_pull_deploy/target and nixos-rebuild switch against the pushed
  git+…?rev=…&narHash=… flake ref on each change.
- Signing keys (shared + per-host status) generated via clan vars
  generate, ran on sunken-ship because data-mesher isn't packaged for
  aarch64-darwin.

The legacy dotfiles-rebuild timer stays installed as a fallback until
dm-pull-deploy is proven; a smart push timer on sunken-ship (calls
dm-send-deploy only when origin/main moves) comes next.
2026-04-20 11:38:01 +02:00

14 lines
1.1 KiB
Text
Raw Blame History

{
"data": "ENC[AES256_GCM,data:R4nCHoU/rU9JtO0++nwu+DWr9lB8iMb5CnH0YxG8kEp/UIFS8ZJrO/ZFR5f8NFAWLJQyhDb8rXyWehHbSBxqzEdT6topx0Jj7Ehx07pOsajLSaVLfHMBp3sgLWkMCNYFm76NRnq0aT7Fq6+eFACdU7K2ZgPPdGs=,iv:09RfU5lOKeXDVGQGI5qbWB9zEkUbS9sEQWqDo2TbIsA=,tag:VH4X0VKrzCaPYCM6wfvBrQ==,type:str]",
"sops": {
"age": [
{
"recipient": "age1g6y8gvcampqj5y3yzdajke2h5n7k6ckdg6a424cghy5325px7cmqjmmd28",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWQTgxOTQrQVVWbkhlMC9h\nYlFtdk9XdUlUQTVjeU1USTk1U3YzaXlMN2dzCmtaSWRlb2JudzR4U090OGlSa2hu\neUgxNTRLYmd4RTY2Vkp4ZlQwQjlxRHMKLS0tIFNHUEhpRGJPM0VIV1ZwRnFjU3Ri\nek9NT3Q4UnBqUWJzai84alpLMWpwREEKFA1LUso4N82+YlX2QtsC8JpUBde4Z1yQ\nbCP9joC8c7CuSwfJGVm7JfL2KlbxPeihyJsswhpWoupWjlTL4Nn2rg==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2026-04-20T09:37:03Z",
"mac": "ENC[AES256_GCM,data:R6yaI8KB40un4P9aq6mQsVsr2gRh0LEKJ+c/DG4zydWVUxQOcLtPfYEsOOo9LNXOF0XvbnvXrVwwBSIe5aWFyPELft3mOyxFgVkxuFNfi1ppWduFaVe1EnnNwy1AiIzLsCfVr7CM8KYffaLXreZ5R3vc/QUF0ORxzhWzzbndPu8=,iv:O384W8d6nhVONeOkT7CF4Fa1bQroITsZWV4jaIP/LF4=,tag:a3zabV6K+VdSKBypOT9ofw==,type:str]",
"version": "3.12.2"
}
}
Reference in a new issue View git blame Copy permalink