From 1864141a1b0d9a83c35d7d789fe99b5fdad77aae Mon Sep 17 00:00:00 2001
From: m3tam3re <m@m3tam3re.com>
Date: Sun, 17 Nov 2024 18:29:52 +0100
Subject: [PATCH] *basic traefik

---
 hosts/m3-helios/default.nix          |   1 +
 hosts/m3-helios/secrets.nix          |  15 ++++++
 hosts/m3-helios/services/adguard.nix |   2 +
 hosts/m3-helios/services/default.nix |   1 +
 hosts/m3-helios/services/traefik.nix |  78 +++++++++++++++++++++++++++
 secrets.nix                          |   3 ++
 secrets/m3tam3re-secrets.age         | Bin 968 -> 1078 bytes
 secrets/tailscale-key.age            | Bin 822 -> 932 bytes
 secrets/traefik.age                  | Bin 0 -> 956 bytes
 secrets/wg-BR.age                    | Bin 1122 -> 1232 bytes
 secrets/wg-DE.age                    | Bin 1123 -> 1233 bytes
 secrets/wg-NL.age                    | Bin 1123 -> 1233 bytes
 secrets/wg-NO.age                    | Bin 1121 -> 1231 bytes
 secrets/wg-US.age                    | Bin 1124 -> 1234 bytes
 14 files changed, 100 insertions(+)
 create mode 100644 hosts/m3-helios/secrets.nix
 create mode 100644 hosts/m3-helios/services/traefik.nix
 create mode 100644 secrets/traefik.age

diff --git a/hosts/m3-helios/default.nix b/hosts/m3-helios/default.nix
index 3e17ab6..0d317fe 100644
--- a/hosts/m3-helios/default.nix
+++ b/hosts/m3-helios/default.nix
@@ -37,6 +37,7 @@
     ../common
     ./configuration.nix
     ./programs.nix
+    ./secrets.nix
     ./services
   ];
 
diff --git a/hosts/m3-helios/secrets.nix b/hosts/m3-helios/secrets.nix
new file mode 100644
index 0000000..9ab40c8
--- /dev/null
+++ b/hosts/m3-helios/secrets.nix
@@ -0,0 +1,15 @@
+{
+  age = {
+    secrets = {
+      traefik = {
+        file = ../../secrets/traefik.age;
+        mode = "770";
+        owner = "traefik";
+      };
+      m3tam3re-secrets = {
+        file = ../../secrets/m3tam3re-secrets.age;
+        owner = "m3tam3re";
+      };
+    };
+  };
+}
diff --git a/hosts/m3-helios/services/adguard.nix b/hosts/m3-helios/services/adguard.nix
index 2bc68f7..0af8890 100644
--- a/hosts/m3-helios/services/adguard.nix
+++ b/hosts/m3-helios/services/adguard.nix
@@ -12,4 +12,6 @@
       };
     };
   };
+  networking.firewall.allowedTCPPorts = [53];
+  networking.firewall.allowedUDPPorts = [53];
 }
diff --git a/hosts/m3-helios/services/default.nix b/hosts/m3-helios/services/default.nix
index 2fed452..ea619e6 100644
--- a/hosts/m3-helios/services/default.nix
+++ b/hosts/m3-helios/services/default.nix
@@ -2,6 +2,7 @@
   imports = [
     ./adguard.nix
     ./containers
+    ./traefik.nix
   ];
   systemd.sleep.extraConfig = ''
     AllowSuspend=no
diff --git a/hosts/m3-helios/services/traefik.nix b/hosts/m3-helios/services/traefik.nix
new file mode 100644
index 0000000..edda2d6
--- /dev/null
+++ b/hosts/m3-helios/services/traefik.nix
@@ -0,0 +1,78 @@
+{config, ...}: {
+  services.traefik = {
+    enable = true;
+    staticConfigOptions = {
+      log = {level = "WARN";};
+      certificatesResolvers = {
+        godaddy = {
+          acme = {
+            email = "letsencrypt.org.btlc2@passmail.net";
+            storage = "/var/lib/traefik/acme.json";
+            caserver = "https://acme-v02.api.letsencrypt.org/directory";
+            dnsChallenge = {
+              provider = "godaddy";
+            };
+          };
+        };
+      };
+      api = {};
+      entryPoints = {
+        web = {
+          address = ":80";
+          http.redirections.entryPoint = {
+            to = "websecure";
+            scheme = "https";
+          };
+        };
+        websecure = {address = ":443";};
+      };
+    };
+    dynamicConfigOptions = {
+      http = {
+        middlewares = {
+          auth = {
+            basicAuth = {
+              users = ["m3tam3re:$apr1$1xqdta2b$DIVNvvp5iTUGNccJjguKh."];
+            };
+          };
+        };
+        services = {
+          m3-prox-1.loadBalancer.servers = [{url = "http://192.168.178.200:8006";}];
+          ag.loadBalancer.servers = [{url = "http://192.168.178.210:3000";}];
+        };
+        routers = {
+          api = {
+            rule = "Host(`traefik.l.m3tam3re.com`)";
+            service = "api@internal";
+            middlewares = ["auth"];
+            entrypoints = ["websecure"];
+            tls = {
+              certResolver = "godaddy";
+            };
+          };
+          m3-prox-1 = {
+            rule = "Host(`m3-prox-1.l.m3tam3re.com`)";
+            service = "m3-prox-1";
+            entrypoints = ["websecure"];
+            tls = {
+              certResolver = "godaddy";
+            };
+          };
+          ag = {
+            rule = "Host(`ag.l.m3tam3re.com`)";
+            service = "ag";
+            entrypoints = ["websecure"];
+            tls = {
+              certResolver = "godaddy";
+            };
+          };
+        };
+      };
+    };
+  };
+
+  systemd.services.traefik.serviceConfig = {
+    EnvironmentFile = ["${config.age.secrets.traefik.path}"];
+  };
+  networking.firewall.allowedTCPPorts = [80 443];
+}
diff --git a/secrets.nix b/secrets.nix
index 13db831..b157f18 100644
--- a/secrets.nix
+++ b/secrets.nix
@@ -2,14 +2,17 @@ let
   # SYSTEMS
   m3-ares = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC3YEmpYbM+cpmyD10tzNRHEn526Z3LJOzYpWEKdJg8DaYyPbDn9iyVX30Nja2SrW4Wadws0Y8DW+Urs25/wVB6mKl7jgPJVkMi5hfobu3XAz8gwSdjDzRSWJrhjynuaXiTtRYED2INbvjLuxx3X8coNwMw58OuUuw5kNJp5aS2qFmHEYQErQsGT4MNqESe3jvTP27Z5pSneBj45LmGK+RcaSnJe7hG+KRtjuhjI7RdzMeDCX73SfUsal+rHeuEw/mmjYmiIItXhFTDn8ZvVwpBKv7xsJG90DkaX2vaTk0wgJdMnpVIuIRBa4EkmMWOQ3bMLGkLQeK/4FUkNcvQ/4+zcZsg4cY9Q7Fj55DD41hAUdF6SYODtn5qMPsTCnJz44glHt/oseKXMSd556NIw2HOvihbJW7Rwl4OEjGaO/dF4nUw4c9tHWmMn9dLslAVpUuZOb7ykgP0jk79ldT3Dv+2Hj0CdAWT2cJAdFX58KQ9jUPT3tBnObSF1lGMI7t77VU=";
   m3-kratos = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDl+LtFGsk/A7BvxwiUCyq5wjRzGtQSrBJzzLGxINF4O";
+  m3-helios = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIyHuLITpI+M45ZZem33wDusY2X988mBoWpD1HDeZNRJ";
 
   systems = [
     m3-ares
+    m3-helios
     m3-kratos
   ];
 in {
   "secrets/m3tam3re-secrets.age".publicKeys = systems;
   "secrets/tailscale-key.age".publicKeys = systems;
+  "secrets/traefik.age".publicKeys = systems;
   "secrets/wg-DE.age".publicKeys = systems;
   "secrets/wg-NL.age".publicKeys = systems;
   "secrets/wg-NO.age".publicKeys = systems;
diff --git a/secrets/m3tam3re-secrets.age b/secrets/m3tam3re-secrets.age
index 66aab8503b9c404a37048685ca4a59062a1ef235..4d8d5b373b72decd5f0d46d2424f1a2e4d15243c 100644
GIT binary patch
delta 1039
zcmX@XzKvsoX1$AVVMK1aML?OWK~jionqg{Uwr5asNM?SpNm)*|nX{XlMWR!rMOt~J
znR~8_Z+fwBib17Wl37JyrIBkyHdlUPVOVHRL~e<GxOPO4zP6ihrkjsRq>q=Umy5f0
zez>P^j$eLyYKWOpsaaZfzD1I0S+0knS6*<1WqEN>PQ5o*p?jK_yMAPTy1$20for8v
zaDJ*~sBdn5L9%<QhgZ3Cu(oG`NtBV3Us$D|iI0mxdA3WHNuWVugt?=SZ$w5mSCvbi
zS(SgPt7o`RRETq?p^<l%i)&?Nuw{~;U!Ze<Yh{X?e^OXbv2TT&wvl03RC+}~NM%$`
zak4>>cfGGqUN)CUShAybv16f2N`_lOW@=$zp0B=-OR%w}ene80c34DkxqDVlm~&K8
zxwlJHh?BFqYm$YliC=kXrjdn#epCdPew3$|etuPCSxB}=fm4=upmT|Sgtvi{XQY9C
ziFSmCYoKMWXP%{3Vvd`6c!jo$MQ~M?WpZ+{Wqo*QNThFOIG0(bM`~)4mtTcJSwL!j
zQn0a~V{*D#RjRLJxW1>ef03VyMM%Drn@?h>qhV2sm$Pp`VL^dwp;>BVZb4<9krS7x
zMV^tNe|S=+wy~LanX8|+kzawIPn3ygS-5GbuV-PBadA$$zhRKSUrDNEX^>-xvuUP<
zbA5noc$jxcgrjK=7niP`LUD11Zfc5=si~o*f@O+Hq-UUlQ-(`ffS-?hqOpf@Vp>#1
zMp3$jQ)p0rvR71yOL3)ziA7eRSz@_%aD*pUpi81_X<k51L6m{3p?Pk4k&k6wxj|W2
zpl4{BNkLk=V`_40Zf<dkrK>B%w#jBpg7tyLz5)705mmu18BwVvj(NETCT<>HrAgk7
zIhm%(8QK-;u0`ISmBx<Qo?MYR23{#uULm<&rjePUPOf1V&L(By0mdac{-z%K27bXA
zt||UbMy5pp*<8B1x(d18K2^qP`NlbwCdE~rK9OEQCg#p%X=Q0nnN_LzIT`7GM)irA
zRl)Azsl{Bbe_O=(J1x#D$#1(;mMUjr>soY?NygzhuTLeDv~}loiRX`tzb+D4JAI|X
z!Gmi=nl4PdeCOVs++glEKf(e_d7iJ~Tz<_b?b)>O^c?s7C!RcCA!6_ONH<qpDqib_
z=F{5u-`2l7qV>((j`6^TD36_O8$!Km)@)9$uWS1=amB)huYp~&7szX0Dmi(eYl@1X
zXnflKE9RR%a34`U=~dG(^;k)C=Z~Ek@e&VWcTASKz58AFy_YWHjhph=N|XxsS4wan
z5ElHPWyRy)saNz^hr{xWL0EOs0e|%u%9{m$hRxTlWZbIob!prlb%qTyXQ<9RE50{W
Ph3_=?A}bcVDMthWG>>);

delta 923
zcmdnSae{q<W_?<Sw{}5xRJe&jR8mfnU#h2PmRqG|NS>RkM`1yte}%i3QC7H{b7;Ot
zNPcp5UTJEfWqNV8V^x7qeyWpq5SLGyL2hc2VL@Ppsk?SbsA;*gS$TwWn2%9;K~aRU
zlbeNUZjO_FQh}LYxpPKka9(bbVR^cNMZROPlYgdPa(yJ1pMg(FN^wATZgxs;USW7z
zT3WW5X<k}Hm}OvzZ)RYoxx1%Zx=UbXg??amZjnKTTZDPGTeg3=kx8U!d3KoxS8-Hg
zrAdB%WTs<isfUT7Sz?Y;ps%ArhH*$qNI^wrpuS69k$Y8ubA+jBRAN<DYFVjkfM2D%
zi??>UYkhWTK?zrGo?CuVVU)H<VRBM{vtPNFQ&^y-VR%7GVqu_Tm5Ebeq;^?QQfO##
zu6bpNe@<e4psQtJieIvkuX~DVQL-ynfp)T2mSvQodw5cXTcV4Bg@tQYahRcRK%Re!
zb49vEc1cpAk(XDdk)L;kPjQ81vQw^eVOdyIQGJS^i9vpu5m%0TptrfVTd7$@PM&M1
zNuFVtUyg;ge@0GDRA!K8kVTPpNTq>WW~jHPWoTehWJ+<SV{U$6Ze~!Cn`vZZRU(&J
zL5_Q<Nse=}rDM2RaZZt`d016ao|CI%s<}nDpIM={VR2}vOJ!=hMPx}-lzF6OK#{w4
z9(Q_ha6n2#VNhBr*W`Ij;`LcYrAGd~{+=dghAx3s`r*DA0ck!Fz9|J+VUcN>g~9q|
zDN&ipc`m*NzFZNGr6oQlKDjyO?#1a*+1dJDjs{U77GWOACYjnLzGf*No;f+0!D$sH
z$y~a+x(XGp#svn>e#xG0Dam<$mQ^L*h1zL;`P!*QLEfgOMn(n3`Slhl9+jm5rRiL?
zTMe4brWH>2lyjF@o7vqpK~v9cebG^-?W?)pMK~n?o$EJ~;mEwtb3`V^##ems4YQhi
zIe#jPXv{>8yH{>yY{~rT|5!v__fkV=X@t!D(8f<uyI=TwL^5i;Tkh&P<)f%DPs~o{
z0~QTOesuPi{Mlvw{K;0~Mchy7WuFVIi73^6pZf5%R+ZM(f*&i47Eip%nD?7e`C8Db
zE~B@e28~%ZSN~1Td~fG=<w?SRsYQNm0hhcu-M1ZAl=QvUlpJg)Ao5K5;*s~_jWzQR
zoSkfZ@<$ib9o<C#)B8Wp&dI(0=tEkuu1D7vN!6W^HhXr)-}e8MA<wsPdI+DGItPpN
H$^sDppNm(T

diff --git a/secrets/tailscale-key.age b/secrets/tailscale-key.age
index 9ff3ac21cc57d10077f83af9aa861eff44e46ec1..ea8df1882f18b09ee19714db53fd1a9ef5835cf5 100644
GIT binary patch
delta 891
zcmdnSwuF6xMtypgOQ~5-sb_j&a)z0Ub52#Rcez_md2(K0WsrAfns&B<OOl&*kWW%-
zh*^53g?CtHdbnRja&mA{NRFdPQ2|$uMWkPLafWx9r*l|&Mpbg8MW9P+j&p{8ut`{Q
zaAZWfL9lj?NnWz4v3qDmntPeHXGUSNVRo)%WRY={d%b@;S7wAyctC|&sk>otu~(j7
zlz+NWd6k)2L2i(Fj+vu@L2!n*VVYT<Ut*@Cc3_CUd1+Euc0ff{xqESVP^f9P6PKxx
zep+ODSyf7ShG~dFrkhJhfJtC!qED1XWl~XQk%z0XSy8EhYk7`=tBZC~ZgNs?YMQrs
zvUWyfUcF~wR!{*~et}<Uka?h+Nmx#Sdy%()N@<`$LAGnKk9lZTQIT&&V2De(Pm+F-
zb5wR=lAB*>er8c_rN6I5q<*fWvr|S6mtk;{yQ8_kWwu#%Wk^w~qnUwuxlf9Ldtqjn
zi?N4$npu!#nOkCNfV*j$ex`nQn0JPOu|-OxbA4_^VR~?SRuxx@n|qRLmb+<jR6v1t
zdRdZtQC4Mkm|LQ^VNs%Xh*PkEiE)m3s)3<tP_lNpm%EFZXLf01cw|O$dRm~bMN}Y{
zU!+lxOL>HQUUF2KQHFV{nP<LFqH#u2c|eL`h^t9@T25JhkyBu@i-BR8i@T41NKjgk
zc6~u&K$3Q*M~-)@F&CGvokDSOhHh$#k*TSnrGjOONu+0>LTXC5p;3}?rdL{?t8tNW
znPo(zxua8BdWC+XU#WjZMP+beaC(WKzk99;S5Q@jb5w?3cz}UPRAydjPI;NBk*Ptr
zp|5dphLM?3mUh0GrLS*Ld0Dvy*tW^0OhWY$+L8M1`G)D{McHLh?xA5uQ5m6z##P=K
zg@&H_x#|AdRcYRp#-UDb?gm^XrAek{sRk+e7NH?dRVhWr$zD~(KH*i4iBb7wm096l
zp%#%*{w7)JX`WoVy1EMfRhAVM?!KjI`XP~?6=qqkUZIJZ$wua;1qFqHc~M27Nd*OF
zIl&oKRYewD-^Hw!wSCdgoO1EMxt?mnovRgv5npC-<u^?@am~<5!}!nQO9fAzlNMgs
z(ZA=zwzrH%hJS74m;Y3jfBC|@PTh3zvWp`22eqCZPuXFx*73S_O~d2vH;fGPmqp#N
RZw>w8xorOyp5MNY>i|bsINSgL

delta 776
zcmZ3&zKv~yMtwoPZ)H_Pv5B#vcV1*xNu;?!Zcs=>k#CAcs8O<4WnNNwkU?syr(0%H
zW`MJ{QD}&Es9|NLUzvN6U#O39fe}|!mT`q?zPp!Kad<{Zabjqcwxd^8YN>m+NkC;{
zL0M&yeo1*=lzB;pg;#`Uxqn(jYNAV`b5MwXUYMm<LA{eZSGbE?KuNfNS&?sEa7IL4
zzJZgYzE4=GPjZD}l3!w_Nm;gmZ?QpuxnEhJMPZ(|Z)Idrg=cm|RJoyZrnA0}F_&>w
zXj-0sW@>U`x=&$AXnLlFNw85so_nE_Yq5)wZ@yz#WtmHWbAg$6o_AVkhD$_tUS5TP
zuc=XTQGH;9i(d&>U}Tm@S!6+pWn@%Hx}|4nN}^k;tBI+0PC;mPZkdT^uB%U$UvW}o
zdO&cPU!`Sug?XVxa&b_Or?IcMUrI<hSAKA@kx8JxezAFRka2~FiI<C^sYz61nz44K
zdqkGMzGrB<cWz30QMRFhN1481iFSEzrnympU%jQFdxe*)cM(^qhjYF`p+Qh?fPr>E
zmUf7xhpRz&iiv4Ju$Nz!aamBLle>3HP?nQ<lwpulMu~Znad<#Vs+nh=g^yWcSaA-Q
zqhqLhR+VS2hrWS-uuEu?Pe#6fPLaR4yK`7XVz#%Bd$CDGp>cM2h=o&rnU70Sah6|M
zF^|82U$BvTvT>1H5!d8-Oycz>7EYFB$t9_YM#foH$zhqvc^TQ>Ud1M522oLwkw%6Y
zzLw_Z#fAlChS^+325y-d6-DVjp}}7Iu9n{UmLX{Y&e;(brGYs)rH1CENxnW7Nm-`B
z`Q==?y1EJll_sU;`d%qU*<NPO6)F0enPG)q;r`i1M*hhaX&J75+C>Fb+Ijhfff3nU
z0jqQ@j8lytm~d=5b|N+`tJ?L6NB`H_Z;K{6DY~>wU2bXOqWkTL*^X3+>jyJ=|F769
z|F-vBZEDZOZ0qgW8~o49rkm#18MdFzsGP%htE`~)q>*I9Rc*~$Ck`L8oVE{tCu~1=
I@`Uni0RK4;7ytkO

diff --git a/secrets/traefik.age b/secrets/traefik.age
new file mode 100644
index 0000000000000000000000000000000000000000..6c6012463cc6a7e7d3ea2753370bb9c8fefdab49
GIT binary patch
literal 956
zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR14F3!*`Do#{z3CwXdFXze%NiL5_s?0Ra
z3ac;*i3|-dbaG6LO80P1H?9gu4X-jtPSrQgFh~kC@T^St^~_HXGOY*;Gfr`JHgz&e
zDe>bfDKj_DH>*f=D$OuRPD?gTth7uq4|Z|R@=8h!ukgz9i117fcQkeNNK48rax^xt
zD#}WC%?>Wf&G#`WiOO;3N^v!DE;UTa^$f6x@-YjIa<?ogPH_p#h$tv6E%ysCsHil|
zG%fRYjL3EgjLh@N2r;cPGY^Px&9wA(HcoP@<f<w$D|B+nD>nBG$xIC}b+Paa%}esP
zFo|;Y%?c{4EJ-RX3rxxIcPT2$POK;`EjG?|F>pyS$kFz*%t`jMG~>!Badr1d$@X@t
za?du)3(t19H1crta`(+D%}DpjNDc~2OZ3e*GVqSncXD!%aP<!=$&XCUbTu+C$ubTw
zO)TUx52!GUEDkj`4-E<}EzLCb@=MCiFm);NOero&^$m}R@^lZ$G%yS{bn{Ab@`)<)
z%?Sz(2uUj{3Cj<0%1-s*N-Ro^v^4WH2~8?=GzzUskBmw(b#*n449cuZiO33bFV~N-
zFbN9^buxA-t8~kDDG7*(2=R=J$Tttn_pgWy;xbGr_02ENGOa31v&=KBN-aoF)DKBY
zH4G06Gb@a6tEvbzGLJNHPRvNm%{DJ~N{TGY_VD)%&nyj1Gca-1&*y?Ajnot)Q&U4r
z1<MqZNY6k8152|^H$SiJAhXEaG*d5MV@IFJ#Io$F6lcRCpNNP=OOL#y#H3)8ppa~?
zkl^$n!(`_Weapnmob=#O?X0TA(5g`X&~$Hu@+|FA{i+bdob;m7T!UhC+l-x(iww&Z
zoIJ}7DuUdqQj<)R-OYSL3cO8y6HAM{vI6qWER#}74ZS_m3Z49X%d%X#i~}PJ%v{_J
zoej#|3R3eUOI<y@a=kMGlYET}%v^%Y^9#)keUc)|JTrZ{baizV@&X-GGYzYX1H$vO
zEKAZ|3rd2t&E2CMvkHyPyizjElQNwn)1r!<Oj9hln3W5vLL<VT^<CJJymrY0y#yBK
zJu~hx_`mSIvGQ!o+RTe<?&$v6>V0e1sW6>}pHiD*=2R|SSeIlMzeui#@5aStA0DRp
z?tK_`BQIIwjx{%LkCoBs(rM1B&H}HRi$sp{t(N@q@z4&3P>w)z1HtzX7SAhFV3G@w
OKh*i^ZiKe6%sl{=AxrZB

literal 0
HcmV?d00001

diff --git a/secrets/wg-BR.age b/secrets/wg-BR.age
index 10182445e8d610d60e55432bcf6ac82a62105c7c..0205336181afabe146b36ddd815a5d7e219607fa 100644
GIT binary patch
delta 1194
zcmaFFae;G!M!maZRd}g+UXf*KV5DzGu17>_uxGh(Sb=tFN>qtSVr90Up=F?FK%hrO
zsbglkp?^qTM22~Ksi}U7xsiKTULsd|m2;$zhkliTqorkHSg^5gwncD~d6;9qc1o#-
zX-0Umc2r)ZTTxm_lDVf(h*6|@adu*MdO&%yL6NbGalNr8S5BIDq>-zCRC1zMaB*c)
zzJF4_hp&@yVph6eWoDALueZ6UPhhZ#kDpg!Vnumjv1gH2P-$hdPk>``u5)@;0atpC
zNl=zsfuEtag@Kn@c2s0RRjHeiYesogacRDxUzSI%MOc28g>jl&hGk`8xp8hmnOjv(
zSXr=vW4*b5MrjpSgr8qflBr)sZltfbmzP<3o`JWsM}WIud2oe^sd+}KSz2C1v1621
zW<_dceu#&2pth%Lc4V$|xxSNUsX=BTSDwCqXh5=dk)L*WWn^Axp0;~>gjueSX<1@K
zQl+_LwsEC#vXhsiNl|*GlYWM4R$)<yk(0T;TfMhygm;xoem<9JVWhKpZegUUe!5vu
zWv;$+L8+NbNp_NJP=1hEvT2pCe_5h&Vx~!!yH}`5NSI5NVNO~_Wt4?qsCj-xzMmgg
zU{0ZBUV(v=hht81u}NvBc6wfwwo#5zc9CVGS6E6|WSNCQuCtS?Utw-ZUP-FEsk>i9
zYJH@EZ)Rm~aHx@+Hy4+#okDSOhHh$#k*TSnrGjOONu+0>LZXMag|}--iD^N&c6w$+
zWQ4Ovk)uU$MNw&`Q?PMHV2-0>SY=>FXjpnVSCV#cfUj%1W15+vg?CnFUT|e_foqa~
zc7Aehl$noyP^o`}c}}8pNN8|2*tW^0OhWakE`=85u7&}TNsfVr*&car6={|}#lePw
z>A~gh#)Y9i9_AkACdGNVE(TmFDaPf6d8PpY&i)m-6|QE%u2Ch<#jeI>5nkcJe%XZq
zA<kw&*~u>9DZX5~y1ELMeuasyNuE9hE=JzkP8mTa?&YcGk=gmFUd5HUK6xd9#-8=&
zfrZ``9)*Eim(1&em-`*r_<Q|KiNivX!RDd6A7^|IYnK&2c|>4Z(Hh2`7L}`atq}iu
z!t>KEtrhd$xMz0oCvLi)sxK6kbaBzIv*D@NFG&@CwR{$PVEfh=SLOxkF8ltwqE9<~
zroNh~Oq$q~5FWw1H{(hVu&!$q_ivcI=g~wX#`>KzbocT~i62}X_<g4S_xVDSRR@kQ
zI^#I!W8<VM9f>Eep8xfz@zYx^rGBmZ<*jop#jJ-X)Nst$m~`Sopysr>Yg6n6CfeUP
zBGP*>a_LE~5Nq@OFP1m1Tf?=}m%Vbo4F9x+3u@vc47N^t%H8UEW1g3Xci-322Avf(
zj%K!BDmyO+)W57Ryi|PmS>oTQRmMk(=NvUT#$9vZa8YK<*7&<RNjn#CcphbXR)2M-
z{f9Z)rgx_1glPS=zRn?cpyY0_MmhT`my*pt)*LLIXR<1>;E(aiiMGC7DF-eKNw2<e
zWz7}g!>gF}bmE0ot8z~H+{r)owcf+!bRy%4ET=-dIBDKJw*?dA(`NQEq=om@o;kXW
ZOS)J)aqes0_eEEKO3Pn<6no-h1OUgA%o+dy

delta 1079
zcmcb>`G{kJMtzi1QD&a2g?V~$K$wr2t7%b@OHM#QN{K;QR(W`-MO1`emA|%sP>Pe0
zPi199UXEj$hj*TZW0i$hVrHO=w*gmWc&2BmhecUYrdyzSs-=E;M4(qtkaKoqT2OLD
zUb$gFSy@?;iMvm@N3xl=c3Qf7c!_tOQJ`6tznf=qYJG-3S7uU3gh^y!xNlHWL0+X}
zVo9)5Vw8t@qK}upuc?7YiKn}-MUr;9K}vD3Pg$B@h`w>IyIFB%U~XuLcZ9#68&`p^
zhgqqANkMq2NkxIXr=eT9X>x9OVpO1;x37zVrC(&Aae#YTdA3_vhErffQi-9nPeHL?
zMtGTzZ@o!rgh3#ewvTbPb3{O8n!ZPNWm$2yQI&Rfl}WZ`iHnnoYod98V@R>Dm#J52
zRAOFeMv{kLv2mbzqH~^Ch>L-1v8PuAmsenrTY0L#Q>1C8N2rT)nty(|w}GQ^N>oX5
zTDq5qL6Nz3zDG!6U|_O^XNp0kX_S$-d9aUhUcGT<ctl=urV*EmUrJF(a+GnplVyoT
zSe}WCe?_uqm}Ov^Pf|sGNm_QGUxc5dV`5NYaAZknsFAs4o<Ux6Rbf)Owu`A@Rfq|f
zMR=H_Q+l{xdWngPuSL0uUwTNPsew^>PMUs>c3@eGe^pXZd0|?pM?h&(WVoTfn|YN{
z9#2uQd1`82X`;JNI@jcROyc$7zR8aHM%rcWIr?sf;ZE*}rV+-)0q*{##;H}lxse8@
z`98*OPI-oo?#Wz!S(z2aUKM5qfrXx7p@o)tMQI*xW}$`o6`@t7+EtluP63f+UM7j<
zsp(w0y1EKwo{k}Y&IVb5>3$XFre<E+6{-H^m7WpiMiHJVj=|oM{#o@ozGcNB-ah4A
zKbAf*71a3G?El;&dj)6zL5pes;+E~6;kN9CT_Vr-tq)cuG<D5<`0bj-o_lVG_pzOM
zd8^`?VeYHdeR4bxv{)tO+bh(5@1GH)vg3Zg#B#?MkLGV~ozc=+!*ytnyg2{%d(qb_
z<Lir#EjE~9x8L?$*Pqp{{0sY3L+Uqlu&%kO?viX|r6eQ4xwU%g-Ix_$a##OS=d;wC
zqd7zNV7BDv$pU{?9P=*liC<rLVG{3)L$9+eZa38~oEl;s5hZ%Y$f{oU@|L;9;=5mS
zZ95p{wxCT__|@UUiT?#>I5#wCJyo{9c1>&Q&pA%&@|+7}suLQ&>?oVo{N7pE`qbU7
z`jVHgF7&#roG{ILf?Mo6A>}oW2J2*hWzS7xm=sdZJojjn+L6|G{u9<77g(ILy)<-k
z&c^uDi+T=!Rdo4y-~P|+c<1+*XZJhZ+k5I%xqhKtrpd4Mn+`v;-7Na{bh6oZpJ$$K
zW|`*?i}IcfOfcQnzEFQsiu0?7Ew2*iK93JSt?#r*o^ck>=3Og{c*?$LINh}PyCO6*
ST3~}tY~<QSdTl@F{|5m56{;ry

diff --git a/secrets/wg-DE.age b/secrets/wg-DE.age
index 11ac80bf3f820276c855b918ad4cdfe9cf10f011..092584e8bad320dd4ef71d5449c71baadade3c65 100644
GIT binary patch
delta 1195
zcmaFNaglR^MtxR#K&f$FL9(|~YGG=rUus@pc$8CtS9WQZnPpz4pP_eZsbflNrKek@
zr?zXbMPR1CZ-hx|aA07lYj9b5stK2NQE-@ds6~WFWkIe%il48AagkqOs7Ym2xM``6
zsi#MtSwM0|R#}#TMNv^@sHKUiS#oJ`s6}XQd6<_)VttV-my20Maj9Qkl7F~GR(O<l
zUT#vAXSi>ek+FWEWrcx-S6)C^c$!~9enzROr&DU7c~*9IR%x+Wm07t{Wl?FKFPC9>
zeqmIgbDDdFcU5ItR=TBerBSG3nt6$3V!4rDRJx_1TVO;=xIw5-P*7T+VNrTsRYa6=
zRhqU%ZoN-hiGB`OT6SJZxmlP`cBprHu4z%KW3fl3mwu#4R-Ri{RAQ30W43c-l5bFA
zk*i;TUq-H_X;EHKcvM(`xnY!cO0iouS4w7?bCi2Qp}A9vqp^=sVMK6bwz*-tQ;MH!
zQn;&gVt{sHm4$a$x}$koahZXmS-7jdzL|?jP`z)leyD|$k0n=SURZIJn@>bim48lH
zut&O~c6dZyQHpy(Xl|6YX<4qNhkl@miHm1JRi;m1c#&UJg->RcZ(>qtrFW*Gc3wDF
zps%4>aZ+h<xnZeKW@vCpZdJZ^wr7!{cV3lYaZyNlWoblmNs()@MR0O*Sx~M?T3SSy
zUwv*+R9K3obCr)*Iv1C&okDSOhHh$#k*TSnrGjOONu+0>LU~k_i@SeBd8x5cmQ!ef
zZ+N(gK~}P_r$>Z~xuJ<?fk{+_cdn;vp0`svSF($vQCUh<NmN*YuS-NqesX$ZQGs7%
zScXS<rf+I+WmuG>tG1(2ilc=E*tW^0OhWaMm6a||o;ltImBxluIpu-+79s9g2F}TW
zVOd2f<{s(U`j+07t}apfVFq0Of!PLW`F@E7ft4O9=~b@29%khpiRG#J2Ej%ahNTt;
zKCb>LRfZwC2A*8Hy1EM9#re)D&cPwMK7Qo^2I0jaE}lMF25z2ShIthxk>-|J1<v(h
zSuXme-s$;VC(p(Ct`OjT6Obig^4e%p{*S+X+zsE)?71rUE!5h&Xl2M>No$Tn>P3^z
zlo>WH{&7-tR=&%UtPYKTFJ^3KeeA@#Cvg6ehRm03+k#_f@3{7^<x0}7^7KVg4>$}G
z>YC3>MCtqtFkP_su|e10^7T*7HSb`!GW&}XOa0#e@vXOd*<8|?xeYr#f}B^Y$JU%(
zxa68%&)#)9mv68y`BC!0^oF9||DWn7#AMVRKF%xJKZk$vq{R1}k8^Huo8Aiz{PJkh
z&8J$4uQC<ls-7j3Z}`5<UF%uhy1xY>Rws=;<{NsnG_Tfd5IPckhCQwLKEvP0o2NTB
ziW+%~O_sh|->Udv%QH*%|CX0sD$hp>U6WkK_)OB?;<eDtjhc2oG4}$!roGml|K;MR
zeP^dd{`d6c3W(qG^OBbCqBSz_6Rd>{d;8~Ezjpb*PNU$T$Ag+vXBam8{_r@*{NFdZ
z=aaa3mw!DKvuif%`>oT@9rc_0Y<<7B+bN@RKF63(%j!<&{IB|`u>Wf87h$jGz3+~O
apHA!-(-3HNn_s8$(RJlTBkS#q1?2!VgVR$0

delta 1080
zcmcb}`IuvZMtx?ffs>beYEei?m040?d5CLxVsb`dM81i)TX4Fog^#6WU~X_`q+7P7
zds$X_for0^xqeBiS6YZgRb`T;hZC1`XnAo+zGqgtu|cr5p@F}*yI)aeVs52JaJY|K
zRaR7zabaedQ<z7kp>KMHU$SYaSE*T2UU6!LS!iUSetlUsmqB)rNo9Giv!g*uvSoom
zL~(eMuZMPuseWZ?l(tD|P>7MYg-LKmNo1*Eq(N$KQiZdHW2JVbOGa{}QAKc30GE@0
zT8f)jk)>y3rD;x*uTzAvuc2R&xqpUFQKp%>TVRH^vxS#-Sa@KLS4x1fw`XBVig8x5
zUuZ>9RK0$Zsc$M*NxHUsU}$hgl~JINVWzfMMQ(9XWQjpik%vdPhjU(`YifB!lx4n2
zVrf}wa#&GLWk_LWYQC3$dU!^nvvXoHS9(C9WoVjbNOoCKv9Y_cg|mCPaj=P-m!(T;
zMOBumL1>s+W}1&tc$is1W`uFMX|{`{k#<^PTD@^{ez>o8r8`$~pl7nByH8e8WrU-?
znMZ|brHgrbg;}JViAhnZcCLkSc6gYDe`306wnvI#ctLrFX{J|(UwMV4lTUd_R<<vf
zQDQ{8u|Y_fWs-YXrfX1HQdDZ1S)!MviLrB3d1+#?M{sCya)e`$S){3fen3FDMOs!^
zDo>=dUqFF}tFN191lQzwOyc!!k>LeNp`lS0+5X8!9*KqJd2U8wK|$FjxtSiBUXG?I
zN#Pd$>BgnSM%i3dSs`wDg=rNj<)Ibj`r2OlMnQo=RRIOLp5+#)DaGd5?j?Su<wefP
zrGZ?!y1ELb76pYN85Thm!HJQ6RZe+<W<EhKWu~SE=B8D?#aS-K1}XJkS=xpvj-jDk
z<y|Tp{{IYiym4-ZVNLD6)4NV;xSLs}IB{tIG%8s%^$>^LzIxI1VL_5vQhO#COkF7P
za<}~&E3VKp<*W-HH}VOXYFjLQ#OzX?t9E_W{bwqg-RY$>->=D>@^EfXDIa&k3tm&_
z<*z<}xUgzPMM1*`hn3P3lO$W4>p#g$y7WAHb+qt>M%R0Np|}rx0dk4wpV>X`ol^I8
zdrwixj4)}|W$V>~4`}dlUfQ19!k)5A?Zxek9@bZyazV#B|1X>^evd=_!pGbvhQ7;^
zU#nEknRa&3llm<eSsv{B60zdf2h+l8qxD>cvps4~pO%?vCU}-%bz0}dCI9`ub7ual
z_bkfHJFsCP`)vLbEk{zHuk!Rt*ko>R;GmtP7Q~+SeCy=Knr5l@8h7fpZaEX$_|<ON
zw<e~a)fr14Ii>I3tvTz@eQE9H346aDR(-lYa&_AU-@hgndJC7o)wEK-Yk9LKU!>9c
z*X{X-nl)H6RiB(IYn#1SXchNM`=6c(kCj?yoVcOj_HNbQv+v%o@y*D1*Pg3Xcy?9!
SdH+ZITcucARJ6T5`2zs2+^LTM

diff --git a/secrets/wg-NL.age b/secrets/wg-NL.age
index 6755197e0867595e6e2d8760328f04e47b7a3dd2..bef787c5b65d6b2668b59e9d3fa6bc6b6bf13787 100644
GIT binary patch
delta 1195
zcmaFNaglR^M!ma9S!k7oQ@%w}rM`!cvzw!%e`1hPT3TpoMYwyoV`^STc1lT7hPQj6
zp;@VgkyB_`M0lyEV@_#uS(bTnxh0odcyVxIUa5a}pk-cQQCeA&SE;j?S%I6Ii+*CU
zqk*@1dTCj@Q(kF>fm4vFwsUT<g-5nig|T~ZR<3VwL4Affms`0}scTYraDG63nya64
zd17HvL5RP5wwsBGS*oFVK~;K5T9vz5m3eAlTBLbma#c`OWq4`1tEF*Bg=t<{E>~)J
zk!M7jW0<3HL2ja9aGt(#aE4n(Qc1qQQ=v<WPnJn)WpYwcP-Jm{N4iCTSF&@Mwt;iH
zdA7M_PJMWgds#A9dRBI6nqyW@m`RaWpr@;6NRVMkwsTZ?p=*eLkw-;-a)fqhc%Gqe
zifMUehJU$NXt;Bxt3{rNYfhO@RhU;QmxZ%ak$y>Wu69^axJz1bUO-NwcYwLJd2*(+
zzQ19jPk5z4ZmEB!lc7hYMYyR~PDEr*u1{c?d3}<1c1gLrMF3Z>w!6Qxc5XnFlb>aI
zj;oJno_l0+Mo^_+nTvC7m4S0rcu=KDMpm9{VwSdxzJ5@-Nnn9<Wno2rhJmxOXPF<D
zdscFQWo~6=X>NW{L1vD5SU{4un@>n;l~GBMqhXqbnSVr}k&|(zcR*pObEuKNS42oa
zRlTowZeUJSWU+6l5f_)PokDSOhHh$#k*TSnrGjOONu+0>LP>@}phskuv3q)yX=-+$
zd8VUBl5c26Vxoabevq@fb7?@irDbKZbErokS8$$VXn|otim7|5u}502cXEn{zF(q+
znVWu8im_Kpgmy$kRG?{Ckwr#1*tW^0OhWaJo~g+xhJ`Mb>7`X3zWxTu`6(fZ!EV}V
z#U<sA0ZAUk*{P`+E+#ouA%R>0RoPjN*%?`prml`|ff4S;7KN#X{#j)~{-OE$Y1v6R
zNv=MQQGVHJ=>}Z7y1ELL#gXZiMNTe}<)+1<{@IS^rp5)8u0F-#RfhU0xn9{ho=)|_
ze(w3H$?g_ho>?5(vDxaGi&t_7e*0ljSGjPi`p%u5lRnJ;W$^B*WU>(BeRaoQ1v^cy
z6xt}C-&d?2+1wH;ZS~C~C8<*+V3lcA8(aO%^SxP}R&DRz*EkgxPO*I({4m!sVb)Uv
z_e<`*qBh}Q)=%vC{PRbq?|EacW2KfCbyHr{2Z&wb@swS{v;4yT=4#yozA5&1Z{7L3
zNB^GQOq(ey_OfYDPr5o^Ev_X_n9F0<E{^rtk=Dl@qR&;Bw7+MbaHQa@mg<MzW!gzE
zjH*|E=lt36nBOJv-1ph1O<k@o*k1Ol`oHtC30j5;?R({QW>~~8T@(}+?v}PW@=$!x
zwazN_-;(ug0tM08)28nC?Y+jo`mb*2oX?5747d9Wo{m`fa7t~Vvc6ALQP<v$2Q;tw
zF64{geEL#>K~!Sm48NNXX6Hss)lBMBli;`0-`{5TU9U~zq>9hvs!VgeIUKoW=S1b#
z*R;&>IzD^(*V`G4&MTW&^NKB3{obNraaCcpSf-(!_pTKi6uj2xm8MR}4-Dq7*lqRK
XW?A=6k<v??yWV`=bnOQ_&r1OSq>aQ-

delta 1080
zcmcb}`IuvZM!ko#OHojXr;$@)m}9cOb9i}BzFS3Eu2YJ+b3ln_P-3FKv6q>jOG=qf
zRccD8hhbK_S3zO9uV-ahUT8?NQ5BbYNpfCZW<Wq$R7rMaaBzj8YgKVbRd$hfM6P92
zVX}`=N^z2LT9CGhUqC=qRiLYDpl5ldcX4rPXk}VrPQ9@?S584dQf5xMS!GC2sfn>u
zR6t--dZ@OuSw%s1U~Z{JxJyVyL}*};Tc%}_Us<xFQKnHrXqLXGU%I7fV!nTcA6JrB
zihfQ=rdwW0fRCSRMp1TgkZ)OLK%POdMWAE2Pm)(ksC%JTRGDR@uXdhuP(`j=g_&7+
zfnRoTd3|V=zqt=rS(;a_QC4uEcd1uKp{1vzOR`6Bp=Y^4fOBX`d5}RsNkwv$b67xu
zzqxCreyDkBT402)fw#Y_b52B2RH#8HSD;&Yh^x0}S+;jcfnTygMzTeEW>8SReo|^;
zW@)5jP*tUVaB+@HesFH0e_(!@SCvn3YNVf`PrZI_KzWXKVhC55wxL&5NqV4Xh>52`
zj*Ca8mq}4XL|RT{rIB`&Z)&oMce;^fM1hA<np1#xxtB#?PLxx5R%J-Kvty-&WvDS%
zT6R@%gtl*zpSQW8epF6naByy<Pe6rNQGi#vPfC<ihLb^9Sdd9+exY+(h<TB@Yrcu4
zF^@rbfKN$;fq`STHrM2NOyc!n`CeuDmS(vTkrBS-rWMXfg@xvRd8xUnsrgR9LB82#
zk!9ZQK`tRaPT5>0$)$!FMiKg%=^@%#MOopwzOGKD<%ZhDNl{tJ&fXDOf#F3KMWv~R
zPJvvyy1EKQrmh8UriHlysXjhc?nwr|rN&{YNjYT}IsTq0-f8LShLQCthPh5v$p$7|
z2bJ?AZre(V&(`y4+xg#TQ}6T4qGf*T^n}hwOYTkkk+{;S>1%C4#|2AE8!f35O#SUO
z2U@x0|IMhql(O@G^_}9?S6DY%B?v!ei~3@j%(F6vNzbTCGx4*o+Mm^>8w__b-#aJ&
ztN!rPrLHA);YP-Xe(qzMbgrSQUaGOs#bbWu`7Ol-E0(D`++nT=i*m1&G4}8g?_Hwk
zD!$<J&!P{C{8?Kw@AOGLanlMq8(<t&z_u#?pA`2)x5!B+pSct_sb5NYFmdj&d!9=V
zOKfskHR-nMHvwjDEjis6Q=UBXvO8$Hd7~qD>&yiey9_FO3@Z)OzAr1Q+nLoXdAHu5
z%}?W-?W!HSRy_zlx22uWOtDI37W?Pu7rqiJGka#8R;Wp+lvpMluO~2Vqy4X*@16|)
z#}tpL74*o|E3eY+=k3(tm{xq$SZ6tlubQp4-n7)~$9V0u&U{_OdYU)X?UVo7HBT2v
zzX<x$v2_MJn+wa{f=!1nwr|<lwc1uEGyc(ig_9wIS~XS=oPVj#+k2cPe7?$qBS#$f
PmIN2Qh&SAtr|J#>t7@JY

diff --git a/secrets/wg-NO.age b/secrets/wg-NO.age
index 4607ff92a6cd059a7b130afe8e83721ff06cc24c..e7733f232b11154fafee8fcfc509b073ec416a05 100644
GIT binary patch
delta 1193
zcmaFJah`L6M!lbjzh$1OWl~<KrFW%eRjFg9wp(aUhN)M1x`9hodZ~|TzHwBPqfb>p
zfp><PmvKb0TUnZ)uZN{;P@;Esr88GSs$oS{RG4RkWxh*6d2U32W3hIqaY>|edX%<@
zPi2{Yv4>Aux|6eeNJ&L%S!7tbuW_hZO0Iu!ibq;iKz)WIS6)?KMM!v}xvPPrK~hm_
zcwl~5m`_$vo~2igzFDcci*J@mXjy7jfvbyQZnAHNPg$8so>x&+K$&|%sHwMOF;`SY
zVriB^xMf~tZn>FhQHhUBfw#9;T3A?Nak#0UuV+}GYhr=Fc43%LP(VgWnz_EaaYk8E
zs82~=XnllVpm9EzpMiyImW6hyseVd%ab#qOn^}pGK~8w0XHukxMNVRXxtWD~prg4-
zU}kx0WT0zyW{_#NU$J3sd00hQagk3FS9x){iDht<L77omsik95v43G+ioSPfNvN+!
zuDiRhK~P|Mv73iqR!C}TU}RB{ce0VWlR;r&ZhfVtqg#Ndw<ni*WV&l!dSHlCR77TG
znz5y!Yl?AIV2YtxkhXTPL9$`8pG#4Ag|~;1xrb}8VOUnUcYdy4qJg8ihlOvcvAH3a
zcZ#`JV0b`rntw`OnRh@{L}*lDPC%kpm}90(a(;eJs9&&mcu8SONQ75uWK?2QX|A`v
zaeY=&Qea+=b7oGq3m2EJokDSOhHh$#k*TSnrGjOONu+0>La2+MuS-O!w_##Pnu&gJ
zMv7@@N?MqScD|cQcA$?@uup1nNtI_sNMv~+SCw~gc4Tf;d5}+5QkJV(SXsVDpiinr
zq?c(`WwE($s;6&iL~?+0fVYV+*tW^0OhWZ8t_B|F85O4Keip8l8DZ{b1^&k66-I%<
zVIDq3sU<mSrDdsJW}#6P<rZ8~j)vM62ByKeei6RL!9K=D8Hs^WE@9r;&e|y+0U^$%
zq2^AJra2x}sjghQy1EL!+C|xAz7?JZh5C_c#aZ5g+DV?;UgjwtK3T3ICdKAu5ia$q
zd0~!)Rr&^8;vFqh{F=R6Ya+E~{hY%b&3d<^I8cZE)8bXHzl!LKuPbWOIJ$27%9!P0
zUvvd+7oAO-d}@|u%Z=)_=GXq7P5#c&`c+11dc$jjdApVNO*;HQL|o8r>Un3!f1H<>
zyGn0YjZ{~7cq`qO%_p_mdM*c>mO}kY-aC&w>u-7REc0f(@_qTm=`-7RBzE<zUYC3M
z#7_~SK%X6E3bM;ow|x4v<@6@uFSA-c?fAOkc#B(#m{-|i#=q8jt0(LhXL#7<t!DV5
z;M7y2y!HjpYl6OP%VhtY&)fS@)bV0N!~b>H++rGi-Z8gXsAjwOv_5MscUgX?Y~sfg
z3R3&_)Gp|+*Drb(%xG0wFunXhh~SUimu0MKJ=dnE&b_dS|60?;C4s@`quEUxZ#?nk
zy*lsOuB|tAEq%|USYz_v`Sj7yqgA`&4#)3M*dOY)i7)csi^2wOzu=p~<}!s`PrZyL
zmBj|L8&)VJR9g1ghHII>;H>E1%cd0YRc7C}m*K^aZp;s8+briRXPtUx!oi=C+zYp*
XJbYuovcM_x$kpdg+Ij!^p8o~_)L6%o

delta 1078
zcmX@l`H*9RM!kQrfnla!VMJ)8m$OS*VQ6TWPkF9|W01RXNr-udSBP(EzPovryM9!J
zc49z8aIuAXaeAItL}96KdYD(ZuRd2*xKT-}aawSQS)g%prk8QHZ)90TWmSMnMwNbs
zr+bxwv751%Z;?Tyv!{WXX^C5@u}87Hzh6m7gqc%dNxfeoSEgrXxP^CAm9s@uqM=h^
zU`|>_n2VQwu4RF1MqaSFrDs5nb74ujM^vaqq(w%dqoGGiV6kzcw`-YaUWA{&Czo?%
zX<(ICUS45odZ<xJRcNr0f0kv6c~wzqmT5$Ol4-Vop=o8dZ@#lfN_eD&ahgSNXhxKi
zb7G=FQoV6VhJO^7aX^Mec9n^LpihyTk%e!fV`YA!k*AM|v%hwEvA#=Ie!g#bWm06I
zVWoaxa=N8|d3uqDdt|0bZa|oOxIsh|SBAd3eoBa8Sh`z?NpPyaS*fRyxm$%{h<QO?
zQCdM^Wodb2R!Om6c7d;>fk#+HNMvwGP-&Q1MZH^aNl<Q9nI%_haz&A;mu0EBfl*RK
zmcNmKho!G+U{PLDx^q^xWnxsOnUimNv9Vu}OJ!Q2ho`f7zE?n^uVb2<M{%H|c49DB
zPMLY8Z?dbeNltloPO?R1Sy6$PsiUKhtG`jEvs;q8c}{U<a%6diai*_tx}j%YZcb1|
z1dmHahKGM%K$NMIBiH14Oyc#~m67I=*(R1Hp2kK&$r-6$ktsQTQ7#@X9u|=n{-K_U
zo|ch$j;`6M6((FxiNTRo`7XhMfzHKQ1zw(|S!G#aM#Yw{nHAwtVL5JoNy(NGk(G%B
zo}pa2y1EKsuBn-YULLNQ<v9^Si5bNKE@@>Eo|XCq5tiwxrQx0tu3q(CRb_!WUWO)I
z4)5ONZsfb<>9XZ-U8^#ye{v01Pw=lfvx073aEt4a-ZDQpj3*{amSy3kIUnwZSBbva
z@J!@W>~rOf+xCl}j`{IpRl$0G#vKd|hNUxSXiZu3to&)O!QL%R0-xB}#VdbW|JQcy
z`ouHOX=nOj3-*Ic^x0I;zYa~+uixFjwCdZg3y;n*+5LF1ndjcU-kr}r@88;^sl7d;
zw3+ki!5$8VLl<99ox6467cTh;`5)C5oO`<OR)+Jr$>j~Ldg>zYU*G0$|IFn7YGTAB
z-euRAqhGsTnDs&6vBWmBpgr7Plk~#MJauchx~80S_uHl$<h|J6#-h9V&x+1Q>B=)c
z^(GUlve`5qRsD9JsCj<w*45u8cP!j<*WYPp^!;o}nI`qCT(VDRbLBi*AHbNTT{y9`
zhk1Fuiiqmzi}^oJ2%njL_TE&!znohX)t1cJvf%E9nY-6aI2axx!SiAUceksQ?v^fw
z)T1`b1HyDzt&i_v-u$cV-w~N*ll(V5YS<ZinB!oeoa{Z@-GAa<OXP0QI3uh6aoQ#Q
RsdxR85A}Rml4V)14FGPrsU!dZ

diff --git a/secrets/wg-US.age b/secrets/wg-US.age
index aa2bda3f7f91ef213c45c71d5bbfebbea181648a..9133d8dda6f1108338b0d3e5571771e568f71600 100644
GIT binary patch
delta 1195
zcmaFDafx$+Mt!7_iF;&0P)>P9c1Dp~Vq~tdOR%4rVP;NxWT1a}Wm>RzMsjknad~Ql
ze?W3TxkX{JUs9!6P<DQrX-TMAjwzRkk$#$io2yA+pjVNfvAIP-sj*i`kcXLJMo@vT
zQ$VG8WvOSDzII5maYkl#Nri{8b3vM0Zho;*QK){lOMQ|lSAkb*UU8UvnwhtEa<G1S
zrg3DNVR}VaM7n;Nv2jpRWTBa#tDm>Kc3!e+N~&8$p<#ttc!{T%yQPn|bGnaT3Rgv<
zX}W8un{jZ7tGidFkD;r#nT1P5af*d$kwto0wrN0Om0792lSQbbccg(~m8qwTnQ@YF
zKv8LsWqn|=pIH%CVy<tdNpM!BS*EdLl0lhyNm#OPV6s_CaEO12c2Y`(ah^wFae-rY
zv7upsTe^k0fs=<(q*0}3qKlWdg_BP?m$S2<uYs|ruYZU|R<>hNP+GW$L7qX5No7Sr
zilw=Cgrj?Ul5@VXS9Y$pb9rQOdZ<~RcS@0)cYU#ERZ4M6SRPllNnt^9Vo`EVeoml)
zdxW!lP*HeNh)b$-p=ElKvrmqDW>BbisdGVwfn!x_VOB*%YNd9$Sy7g6rK`JBQe`-o
zL1~tAzI$4bUvXi2R)}Gcet3alqL)RKc1}c4R77&Hqmxs5o?}H+L`X?el~;0!lW|32
zO1*KiQ(lH|v6D|(As3gfokDSOhHh$#k*TSnrGjOONu+0>g1LS{W{HzuMsljTX;5I6
zcT~2wc8Z&`r-f6dk)Nr)yPJESZ=jEPqPCF<myt_SRGzlKyJ2ZnPGY{Jad4r&yQ4{t
zvA#>1Nq$~psf%S<cwj_jU{+=}*tW^0Ov3e+5w2PJAqM3EE-o%E+C`b}rY4RBX89K7
z`8iR(j;19k`5B&>MV|R?`CLw(g%RZjB_V}I=^2q(N#4#*`IZHV$!2*j6~=C9Wg$k%
zruk(h{z;J*p<KGUx(Z2t&d%<^MO9_mMLE8Op%vZ%Iq4~ZMgBSFX+inLCaHO0QC{^W
zUgjCe&VgJ~{&wt1<-$x)nVW8^@JhdF_F1$b^uzT%0XDlMb}=e3iAHKve!A%8GqLza
z=ls~xrzaO{)(D7XO>nK4#c3CxE!D-w-M#NlTl|tA+5Ovl53=_t*Cnie^l^6J=a2hO
zCwjklV$nIT$n{c&RnC#b34fQ&`Tyhh%j>J()El2|QcL;p-R(i*tx2X63vO-t?0r|o
zVE&BX<r2B(k(Ifc>ko%Z`6MYPFUq*|rMkb<IiF$K-dN*j9|QKr@4wuWWNO^HF*NbQ
z$~|8?dl_Y8H+?DTiGK9MUE+FB(}&_m<)4pDHd&*4WMSThWzzrN%|3DaLuBQt+;u7a
zo31UKea6wV{zlDG-+3>u);`>mlG-4#uVk(fYm4bCRvo@s?K_!Nu3WPHKQHi4+4G!}
z(cCW%9sKcxPa~V}M!(Z8_ugtXJ*ONARq0O|ZS&jyKi|`}Sa_*&^2AssgI#A0d-%?4
z?U)?Nv+KpaDDAq6ye(zLd!Ag2`Q9b<?6B=-h8=zfP6+jubgx!W&K6naTX^CH|I5Q^
ZY{!>9h}cqb$Y54CpX>suS)Y`nlmP=m(0~8{

delta 1080
zcmcb_`GjMFMt!DBlviL-c5#MJV1-9zP=2nqbAf(Jm3~OBr;B%yXK<!_Nq$;rPFi-7
zQ($?rwzqy@ra`iEWLS}<yGwz$MHyE_j&q@}tA1W&v7?21zFB%imS;(+ahXS1L9$<d
zMMPqHfp0;Wvr|R6V?>FoesW?(MuvYzn6`hok)^ShLA|RvS7>Oeg`2B+xM_)-xrbXs
zg>QyeKx(S7QMhYhc9pStN=boNZiGouxJQ6<rk{SYxxZ6ZWKp=0sYzr-x`|(SDVMfq
zM6yr5QDw24bE&(wpGS^!c14y+gm*+)m4!t>WMX<@p;wfLM_`U?o@su8fmyn{V@Y^%
zM3B2@R((~ZV}UDIpmv#?MR=Bbke9EQn`LlBSXHrcYKT)>iMEqlvX7@lx@T#WS&pBt
zhiiFIm2+{3S6GE}Wnf{In_o$Gin(7dmye5YRIq1~W4M`neyLBPYejHrp>eK$o>{2B
zlW9^^m2a7$X?|gWk%^0Ts;|D2yG4#cX@q6EcD=W@n`3xVq&`<lp=VA>Vpw8XQnp1{
zsfmxip;vmScS@;iQHEudwnu7MVOqM8M|oIzWQJ*Rcv)1wiEDscVorEix^r4?Wri77
zhJJ3kUrADgNl8_bkDr@sXqlIDKyi^puz^8ZzJG36kdv2NMqpxbW~P%%N?A&gQ%-q?
zKTlSeUs!lywpoB@2G`_yOcM2F1?ip!zG=ax`9?YBriD?47EW1aRq1ZV8QOliMP43>
zQH3V?6~0N17F?;}?nXgnMv?iZ<`vrRSpg-+rlF>V8AVa4eu3Ghp5?`XUR9}{mZomy
zp<KGUx(b$+<`zX}CE0mll~G|KIerl#QGr3OF3FAs6@ETG+Sz%A9uf5hmN`C_i56TP
z$Bu>M+T|F#oU%BX#IeF&sr$anGn4PjKAlOcne4J7L~)OL#IpROnOAKk7H`zc_!DvC
z$xi9KHQtMQr>eH8hlgn07dX^cAFcCzYs^!x0*BUnx4)m3d1{z&+UHN#>|HX;SFPE(
zjiu#j%7e$f%B~JCmZ;zNDRJBKuilbfN5<PR{NaHd2K%dTvn!GU>$IP~&tJU!?ZM{_
zN1g3X>(5*J>C?^&|HGc$*K~||8Q`*|d{V0Vv^#E>KKsA;>K<v&^uESIOzT)6Q{8I4
zUAzaDf1bXma`EP*)k~XXPD*{a{OqBDn3#>>omCza>uUUNX<lXb+mso;cEx+skU}lH
z`ky-5t6tCA%(6kOCBN{4*UNK~Gp>X!S(?4FCFxMt?v;)nR{LyUyq)^XczfopV&=^o
zZX^Xh)0+Kwf6wmY9p(pGYMyvzOzSY-CGK;$d2{2{pYE$H4|qEt3SIhq?VcN<iZ_nV
z>$@z_7E#>!!bjXG<{*RIgQ<2dAzBY39xdm1Yub{a;JHWVbLLyk)0KPnv_xub|5sSi
Sq)^u_JUh#Mubh9u=KBDSRIr}_