diff --git a/flake.lock b/flake.lock index 390a6b8..a35ed15 100644 --- a/flake.lock +++ b/flake.lock @@ -108,6 +108,22 @@ } }, "flake-compat_2": { + "flake": false, + "locked": { + "lastModified": 1747046372, + "narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_3": { "flake": false, "locked": { "lastModified": 1696426674, @@ -367,6 +383,26 @@ "type": "gitlab" } }, + "nixos-wsl": { + "inputs": { + "flake-compat": "flake-compat_2", + "nixpkgs": "nixpkgs_2" + }, + "locked": { + "lastModified": 1758123407, + "narHash": "sha256-4qwMlR0Q4Zr2rjUFauYIldfjzffYt3G5tZ1uPFPPYGU=", + "owner": "nix-community", + "repo": "NixOS-WSL", + "rev": "ba2b3b6c0bc42442559a3b090f032bc8d501f5e3", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "main", + "repo": "NixOS-WSL", + "type": "github" + } + }, "nixpkgs": { "locked": { "lastModified": 1756266583, @@ -431,6 +467,22 @@ } }, "nixpkgs_2": { + "locked": { + "lastModified": 1757745802, + "narHash": "sha256-hLEO2TPj55KcUFUU1vgtHE9UEIOjRcH/4QbmfHNF820=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "c23193b943c6c689d70ee98ce3128239ed9e32d1", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { "locked": { "lastModified": 1757810152, "narHash": "sha256-Vp9K5ol6h0J90jG7Rm4RWZsCB3x7v5VPx588TQ1dkfs=", @@ -446,7 +498,7 @@ "type": "github" } }, - "nixpkgs_3": { + "nixpkgs_4": { "locked": { "lastModified": 1741246872, "narHash": "sha256-Q6pMP4a9ed636qilcYX8XUguvKl/0/LGXhHcRI91p0U=", @@ -462,7 +514,7 @@ "type": "github" } }, - "nixpkgs_4": { + "nixpkgs_5": { "locked": { "lastModified": 1738797219, "narHash": "sha256-KRwX9Z1XavpgeSDVM/THdFd6uH8rNm/6R+7kIbGa+2s=", @@ -478,7 +530,7 @@ "type": "github" } }, - "nixpkgs_5": { + "nixpkgs_6": { "locked": { "lastModified": 1730768919, "narHash": "sha256-8AKquNnnSaJRXZxc5YmF/WfmxiHX6MMZZasRP6RRQkE=", @@ -494,7 +546,7 @@ "type": "github" } }, - "nixpkgs_6": { + "nixpkgs_7": { "locked": { "lastModified": 1722813957, "narHash": "sha256-IAoYyYnED7P8zrBFMnmp7ydaJfwTnwcnqxUElC1I26Y=", @@ -513,7 +565,7 @@ "nixvim": { "inputs": { "flake-parts": "flake-parts", - "nixpkgs": "nixpkgs_3", + "nixpkgs": "nixpkgs_4", "nixvim": "nixvim_2", "pre-commit-hooks": "pre-commit-hooks" }, @@ -534,7 +586,7 @@ "nixvim_2": { "inputs": { "flake-parts": "flake-parts_2", - "nixpkgs": "nixpkgs_4", + "nixpkgs": "nixpkgs_5", "nuschtosSearch": "nuschtosSearch" }, "locked": { @@ -577,9 +629,9 @@ }, "pre-commit-hooks": { "inputs": { - "flake-compat": "flake-compat_2", + "flake-compat": "flake-compat_3", "gitignore": "gitignore_2", - "nixpkgs": "nixpkgs_5" + "nixpkgs": "nixpkgs_6" }, "locked": { "lastModified": 1741350116, @@ -602,7 +654,8 @@ "headplane": "headplane", "home-manager": "home-manager", "nixos-mailserver": "nixos-mailserver", - "nixpkgs": "nixpkgs_2", + "nixos-wsl": "nixos-wsl", + "nixpkgs": "nixpkgs_3", "nixpkgs-unstable": "nixpkgs-unstable", "nixvim": "nixvim", "sops-nix": "sops-nix", @@ -695,7 +748,7 @@ "tidalcycles": { "inputs": { "dirt-samples-src": "dirt-samples-src", - "nixpkgs": "nixpkgs_6", + "nixpkgs": "nixpkgs_7", "superdirt-src": "superdirt-src", "tidal-src": "tidal-src", "vim-tidal-src": "vim-tidal-src", diff --git a/flake.nix b/flake.nix index f72753c..0d63957 100644 --- a/flake.nix +++ b/flake.nix @@ -23,6 +23,9 @@ home-manager.url = "github:nix-community/home-manager/release-25.05"; home-manager.inputs.nixpkgs.follows = "nixpkgs"; + # nixos-wsl + nixos-wsl.url = "github:nix-community/NixOS-WSL/main"; + # neovim nixvim.url = "git+https://git.escapeangle.com/lander/nixvim.git"; @@ -106,6 +109,13 @@ ./hosts/widar ]; }; + heimdall = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = { inherit inputs outputs; }; + modules = [ + ./hosts/heimdall + ]; + }; # servers db-01 = nixpkgs.lib.nixosSystem { diff --git a/home/lander/heimdall.nix b/home/lander/heimdall.nix new file mode 100644 index 0000000..7eb7d83 --- /dev/null +++ b/home/lander/heimdall.nix @@ -0,0 +1,10 @@ +{ pkgs, ... }: +{ + imports = [ + ./global + ./features/workstation + ]; + + home.packages = with pkgs; [ + ]; +} diff --git a/hosts/common/optional/yubikey-gpg.nix b/hosts/common/optional/yubikey-gpg.nix index a5020b3..0b93d5f 100644 --- a/hosts/common/optional/yubikey-gpg.nix +++ b/hosts/common/optional/yubikey-gpg.nix @@ -1,8 +1,18 @@ -{ config, lib, pkgs, ... }: - +{ lib, pkgs, ... }: { + hardware.gpgSmartcards.enable = true; + programs.ssh.startAgent = false; + services.udev = { + enable = true; + packages = [ pkgs.yubikey-personalization ]; + extraRules = '' + SUBSYSTEM=="usb", MODE="0666" + KERNEL=="hidraw*", SUBSYSTEM=="hidraw", TAG+="uaccess", MODE="0666" + ''; + }; + services.pcscd.enable = true; programs.gnupg.agent = { @@ -15,5 +25,8 @@ environment.systemPackages = with pkgs; [ yubikey-personalization yubioath-flutter + opensc + pcsclite + libfido2 ]; } diff --git a/hosts/heimdall/BASF_all.pem b/hosts/heimdall/BASF_all.pem new file mode 100755 index 0000000..28ec706 --- /dev/null +++ b/hosts/heimdall/BASF_all.pem @@ -0,0 +1,432 @@ +-----BEGIN CERTIFICATE----- +MIIGTzCCBDegAwIBAgIQZ9JTwDZHdGv1S3/2jQl3mTANBgkqhkiG9w0BAQsFADBD +MQswCQYDVQQGEwJERTENMAsGA1UEChMEQkFTRjElMCMGA1UEAxMcQkFTRiBSU0Eg +Um9vdCBBdXRob3JpdHkgLSBHMTAeFw0yMTEwMTIxNTI1MzNaFw0zNzEwMTIxNTI1 +MzNaMEAxCzAJBgNVBAYTAkRFMQ0wCwYDVQQKEwRCQVNGMSIwIAYDVQQDExlCQVNG +IFJTQSBQb2xpY3lDQSBMQSAtIEcxMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC +CgKCAgEAv5kRAtBGmbXAz6KnYIUvDrdP4IRmoOnw+6QTPjijOR4fXr5/o9MqosSa +CRlQWPIzNecptSQ6s2BHspWUN/IRdNEYZBszeEJp+7djHuES8VKu9r33UVxzb4P6 +wyYR2hxdw1kLKbmn4c4Hs9NnBKuduH1QupzPRkm1uYGnFlFrLo/0nbuaMmhBJX9N +sGEfyT/aj+c3aR6FIu3Xgrv+wias6BLmqLKzWKC+IYnkOERW70QRvnT21/fl5REZ +M7mbCD9/MTDlzx/5XAOXWatFEAUZoBdS0aoLNgAvs+G7XcCfz8vBZiLFr4AOa0V6 +2oZfOnNZSjjA4k6mxN1Tcx3fTOGpljDI90rT49+CXSO1/w3Ilcz6JffeWYhwZibG +IHgxarGjyap39hOdFlo2AU5QfOXcPuUCHOgKcpuUFaeR45zb+6RnmWTd7N0513cU +EMf7xYpwoL2rBP3rY2TtNRMIRxmVzc1yFjnp2CV1lyrRRKjgkUvx8viH7PIlnGgE +1xe0C4LKWfNxZ6QjraElyqGIg7TGO5FEyKUoiQGBjHRpNhHUL6hhx9R0GdfpuGyn +cCyxggQZ0bHJuuw7uTVFVx/QvNJIE039n+lXzE6vmFg7FQ1JkAFW1S2vF+JrE6Dh +vv6biOFIzeYKcbuFaV+5U6fOV2RQbm00/VPtSBQI/iwN1g10oH0CAwEAAaOCAUAw +ggE8MA8GA1UdEwEB/wQFMAMBAf8wEQYDVR0OBAoECEIeIBTaSLUcMBEGA1UdIAQK +MAgwBgYEVR0gADATBgNVHSMEDDAKgAhNHOn/PQqTbTBgBggrBgEFBQcBAQRUMFIw +UAYIKwYBBQUHMAKGRGh0dHA6Ly9wa2l3ZWIuYmFzZi5jb20vRzEvQkFTRiUyMFJT +QSUyMFJvb3QlMjBBdXRob3JpdHklMjAtJTIwRzEuY2VyMA4GA1UdDwEB/wQEAwIB +BjB8BgNVHR8EdTBzMHGgb6BthjFodHRwOi8vcGtpLWNybC5iYXNmLmNvbS9HMS9C +QVNGLVJTQS1Sb290Q0EtRzEuY3JshjhodHRwOi8vcGtpLWNybC1iYWNrdXAuYmFz +Zi5jb20vRzEvQkFTRi1SU0EtUm9vdENBLUcxLmNybDANBgkqhkiG9w0BAQsFAAOC +AgEAdHX+kn8K6kcjFucv1BN1jftybTw6ZbhYbWBAJiM2mdTJrAVa1FCCVRj99lMR ++ypvrBFu5ZqREqpSWVb8Tml1/MHDfLWPniMYSMhcEwspzJ8vJVjU4bW1JnB0dCpg +mPiMexVZshNLtlIEvu/2PXVlTHxgpyP2hYohEuaegMh23dTh+z81unZcgt8nzl+J +ykHorAHr3MTyJjk+P9jX+aBlrblfJCAjrkHcyf1AW3T0m8Xpm/DQQ1wreEJHUWWc +DiRr86rnYlBOwrC8L1sIEfna02lz1prHTnDnW5lI4lytdAGUqlepyk7mzQ9mJrzv +lq39L5lxC6+LzWITTQLD2QURzMsZpBB+RlzY9aUlbp9e3j/sR8nrnpkBjErXrVmN +978CenIF97o6Qs9pMGCH6e3aPjtMA+h4OfvnAGJcBaUohX1juF7F8Lb+lnDiP90l +DLK8JiDhKTOiI8XEp5G1sRq/I7griPYcd5HXW41Eub0OtrhRZVcDxWjKik5a24x0 +JLPj0wmsU1VYSiaL2AA93PAmq2yIG3j7+YnCkXPKoCBgyP3MBurc3GckcAvw260F +ZkbswJPFvQoLYQiTqttkND+g3ZxbnfCykkx2PTfKj3Rsz8JDXuDnbVBR3gOSMTlO +wl7YQ0JajtGVJsYtnPXPTLL8KUjenDOekEdlmoGTz071whg= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIFRjCCAy6gAwIBAgIQdGvbkRWOFbatDydZ7o74zjANBgkqhkiG9w0BAQsFADBD +MQswCQYDVQQGEwJERTENMAsGA1UEChMEQkFTRjElMCMGA1UEAxMcQkFTRiBSU0Eg +Um9vdCBBdXRob3JpdHkgLSBHMTAeFw0yMTA5MTcxODA2MjBaFw00MTA5MTcxODA2 +MjBaMEMxCzAJBgNVBAYTAkRFMQ0wCwYDVQQKEwRCQVNGMSUwIwYDVQQDExxCQVNG +IFJTQSBSb290IEF1dGhvcml0eSAtIEcxMIICIjANBgkqhkiG9w0BAQEFAAOCAg8A +MIICCgKCAgEAm39lGE+EoSVMG5TKsAUqIJfvgP4R2qGTR4TQy0xojVoJ9BP8HdAJ +tpRQ4IeaybOiXszeZ1o7HKuIgIVoQwJYDm3JJ0hefWPHYCPGtXqneeBJKmbjpaPo +5tPthLPnz5xRVMgaPYBrpeG/QihAu1JZdWua42YTz5R0e9oZ+/ejyltJGUEbrmXz +afw6Q0TojPSSEskncK0rSy0Jm6JvfbE4AI6aA7V/PqNZaCumEae/9CAL/pfAPQ6u +TxPQNly7pb7AJGC6pzlCrKhcFl4c6dgGq4GV+QYg3GJdXL1qxsLxnDRZHGZVSmfc +LJaaZQm5ykMY6yV+Ki/6tZlAuB5SIIKmA5ZAwyTBVfrGSQKSBmmhP6BdzueVsAly +iefjx5vtmKuS6HKy5SItedN1S7lWqZ0CIWsLmZ9swR40ghqIR6WeRcs/72e9PRtb +YzqN2ntDwq2FaUqISy8jsRWbSbMv01WA5PK6qA83m6jmtdOInrQk5C83Qg52XSeC +8eCJ2DoVw8gNtW+7awYFOeQo3/bMqqxYft1nmz7VJujk3577yxYrLoQjPX3V/R5Y +PI1fLHK9rv0w1/XGXyRPYZQkkewrKs0yk9/F8hG6s8gnggO12iqQiBUxXbZvwujK +cQWP7TLVyJnAm85QNXcDBwmbXLNF7c+QWKek4jvNNDYr+wxqCy9k7psCAwEAAaM2 +MDQwDwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4ECgQITRzp/z0Kk20wDgYDVR0PAQH/ +BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4ICAQAJGCouQPAUKj4+zZj1QxBkze/2ZRbg +ds8HFaQAF0jCweFkoUxE9Ec7Zv7rA0wYrK9ZwIhocnJf5WrUGJdqrVtdrNbrMkMN +V1odZdz9hpu8oEvlegEdFL/AhIFszzZfnVE9BhfLnF6+XHvPSIPBaw/wOeSxnjOi +aX45m2exQmGrNlYew/xQrNibxrVfrqhfQ9wJHnOgtOlH1Dbo4G+JHXE64MFe3S0j +QAoE58Qzszvq/fEL1HDA2zOP0wb2nkSXcj6FnuwpoUCeV8mjVsfGsGD+Jtae+0pl +tFjHkteEkLD4EbPho3V27TSx5xxFRnzlZLxgfrlROSsWP7TZ0dC3oB38+qj6dOmp +xZLZmqlbyP4Abt0nYpznpBodbRvkHIA1D3HlU0H2lPKzXATMZN1G1i5jxZ+PU54T +Nw5jUW0fRx1Q4sjQ4Dxxvd2wJObr0MTp5qIpdMKIFlb/DfVAq5FyohQbZoqpLCnB +vmCaJi96iFeQ6sj+QZnSfDM232NORAjYydNpobAp3FkDrPD2LdsgnL434eyF0P1R +wVKsalpmwAe1eiUoq3M8b5CDTkjeUb5az5A/OkZ6UfdyBBS6rWpVrTO/V8jH9JNN +L421QEfm58XStVxEa52wTEWcvRmvV5IxPvfpmv/TH/dmtemJtm1xKatI8QxS8WL8 +vjH4eQUCK387qg== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIFSDCCAzCgAwIBAgIQd4KeHh6WMYtAso49QFpDhDANBgkqhkiG9w0BAQUFADA1 +MQswCQYDVQQGEwJERTENMAsGA1UEChMEQkFTRjEXMBUGA1UEAxMOQkFTRiBSb290 +IENBIDIwHhcNMTEwMTEzMDEwNzU0WhcNMzEwMTEzMDExNzUzWjA1MQswCQYDVQQG +EwJERTENMAsGA1UEChMEQkFTRjEXMBUGA1UEAxMOQkFTRiBSb290IENBIDIwggIi +MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCxevqwbQIRpGAAfrx7Geev2NqW +EluQNcJV90jXyECdmn5Pe3NE9+KOhMmrFVzIems8b5/PPczY03xMl7k8LyxOna2j +Cdrk8RrRfG5z+iKXbI61m00YK2rXjz26wZTq+QNHBTFUdKUDok/Av3IJgyxvIKav +zIYYGsaH10S9v0oyEU82kQ6Q75m9lZwz3NfX4nCStKcOmg9YHTU3gMAsIdSJ2NAI +MPwMZhdgoTDoNQxE1wsyXFM9bjXE70HPkb5txk5HzV9USd42TxihyRlsqtkav7A0 +ouOaiaPkpMfjcCKc7IbAgzduuho+QISVE4eQ6N57E88mo3EGaikuOyaID9y9K3nn +eJWbEeubTcGypvdHVocMk0Lz59yJdKDK/zghY3bHYjOXTI62Po1HccZzamQ08ltC +WKXL9LPMFvf5Fhg7D1YFJ6nQyZD6FABy/FXGXVTq0DQZxwotxzlzp0mz8jrzhq33 +ptZwUG5HpNzk+a6a++L79QZ20ISBkC/EEkXOKwOP6X+Y79ltCeQ33ZQbnAa8DHUI +hyikdCgljpWOzf/oZACHOxt9oO7fnLY9yTp+EV6GPrn7V8zii2zUK5BQun2oz02y +JQiV0Hr4Zny93H5tSNpQyvrZrktkMpew1nqYNIysj0xoWdA/VJiJnT7HcQ3PWMbl +AIE+GVmwY1u0cZGDWwIDAQABo1QwUjAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/ +BAUwAwEB/zAdBgNVHQ4EFgQUVvu60DgM3J65BJF7M3bgGc++miQwEAYJKwYBBAGC +NxUBBAMCAQAwDQYJKoZIhvcNAQEFBQADggIBADw2mFlBOasVCl3/cEgxfZp2gz1P +UbzEn7tpEbFaBnxvObMVpvWakK1gK0176AA2DAohh+uuW3/Km/O0VPkefLafygQJ +TRgMaqJFKrLjZqd0qzM1km2cJelUKtsQQsswALwL/+oyIwyv8uak7ZscBVJr6CF8 +TT8nPDO7jMzmG00BvNuX2zjLjs/wZOqRQshdXAzXJCvLTdDgnzXD9u6NmiRORADi +QYPh1XHV8z8Aq9nbJ3wyKD8vt7JfdS2fMLChhkyeGK5PRab0uaY2+fqRAv5THGMj +1MU/pgNsoirYt8EAREVrGUC1H9LPHHPRIb7wfuY5Ykwwbh5L8kd6iEu6nWpg25qn +2YZBvGYgp1G7ANxBr7LJ10X8XGiv1iPWhm0//J+HJIC5tIDkQrKXtSpt57VxRozG +rrLDkoTt24V+vzvAMR9ps+JAANvtpxbPyI51Cm0SYWOzaTCvCjXXxlO5rpC91IsS +/352Cz6pE+3g/B4KpAa4OIxwlEMS45RrC3+s4h6EjLNvzm6sKxGcFt0iV0DtnWa0 +GFXgoC9AKtSwNcjJElsNajIV3wdxtVBYb/xoVfOIimdtWfyovOtsGBT/Av0pwG7w +x7WbRjljx00OfkwaDR5ME2JmaQqvLlDfbL9totzffdEaOYQ8bb4jpwfeQr7YXw44 +YSpOCRJ8GqDb6sQK +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIFSjCCAzKgAwIBAgIQE0/NSu/bBa9Ikm1A6u0EJzANBgkqhkiG9w0BAQsFADA2 +MQswCQYDVQQGEwJERTENMAsGA1UEChMEQkFTRjEYMBYGA1UEAxMPQkFTRiBSb290 +IENBIDIxMB4XDTE2MDcyODExNTM1MVoXDTM1MDcyODEyMDM1MFowNjELMAkGA1UE +BhMCREUxDTALBgNVBAoTBEJBU0YxGDAWBgNVBAMTD0JBU0YgUm9vdCBDQSAyMTCC +AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAL303XTnwU7QWyiGrYWnARCE +6F2Alp3yzHpxG3ehNu1JzhBxJILnJ4G3bDbKz/mmdKIiVWoHpwm6CQqZHhoRXxkC +GDXnDjzGXTTf8KGLvmoNOLag1+Wwfu/I7CmXyXdrHcstBB+zAFryema7uTrd5mue +dMir2jEG/hOGslo9nzfLrOBdJiTkNeO2Av30Jb1abHzbZ5WTNkLmPaFpwX1Nomec +jlgyOR5zU4zvXJOa5oZ0Yj8mMk9JnRuZj8rFUE6FVSuhV25b2FXAcsOI7lnSqi1G +qFaY2nD2tv2lcWuMGuKPya6wkNVI2wuWsxkt2DF+cturFl2vKFRjVH//ZbupugOI +o55FZ9hlNu5GSeM8RU+RCxq8GV3tz9uaBxSYXZgZ4Kp4pmm1w6HqeIC2ZUzhMspq +VEn9QIokUYWWhGJllPL1PxqGkUOR2FyDKfjdT+7x+zaNg+6WdxBnMF1qRghvdkCc +NzlWujw84S+zVEQ/kxf0s/YA4nfUQrLom8isJfxfwVbkRC6fT3ck17HgMRZ84DFD +mpxiw+Q20uXLMsiIHPPjt2oczvhMKP5pt/bnLSY4LfwfyOhTUkEhHTXMxVJbnfCx +656aEBJghsqGOv9BoshDJ1+50sma1mCsy2KOv3wchjckOIyN1OfeGdoIQB8615I1 +KqwWgRnPtt9oaJvmPGnNAgMBAAGjVDBSMA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMB +Af8EBTADAQH/MB0GA1UdDgQWBBSS9auUcX38rmNVmQsv6DKAMZcmXDAQBgkrBgEE +AYI3FQEEAwIBADANBgkqhkiG9w0BAQsFAAOCAgEANq0CR8/xOYMmy7vtd5hD8k1G +8JFcaf3om85crKABBUQyXuAw0SuLdPOH8QevYR/FKhFcgTfkH5u+7i71C411+sPW +BBwIknHRxHJL9JAj8c98WtFyrJwbS/GUxSM2TurWTucl5n0MtDnkHXbbu1Eaq2vA +0W6bYdOfVy/ePNj03SsBPaAGgi+5sV0Qh3+jymNnKMKBtGDQWHpZNyn9UWJL1EnF +MEHd1Ilp7+C68HdIJRkD72V+TmcMulH4U48+FPpzEY7+77NK9MShE9l6g6yW2sJn ++mUTNO0gHpUQ9DCBHnasOCkTvnRGj2X5a4dwgTtx3uXPA5lD13OF2DxzDx9LuIzv +sD48xgbYNXux0QF7WVfXr4mi3CPPbuV8umPiyzdV1JKZVpvgg7rbInk/N3okdbd+ +k//1wQfABBMOIf5C2uxWi6sVqizzSE0vAyB9wm151DC+suUUUB1d0PYMvAU8WeKf +21Nwf7qxSLMRwfZsXdRkF4/jeyrANFp034btZTPdv6KoXMZOopbfGFXkBIwJO5Yu +Z0T8cjX5655DVuic2+zinFvOnUGKPRa6vCotGhHowHblXy+FT8x7KhJHJms8YI/m +Wh8WNNl/Cfjn+8amCdxuh7reYgFOgqN+eWBDvnc8KXQkn5GB67bnTsc02ftJRu8c +gLvaqjR/83e/bu1qFxA= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIIPzCCBiegAwIBAgITfgAAAASHCoXJivwKLQAAAAAABDANBgkqhkiG9w0BAQsF +ADA2MQswCQYDVQQGEwJERTENMAsGA1UEChMEQkFTRjEYMBYGA1UEAxMPQkFTRiBS +b290IENBIDIxMB4XDTE3MDgxMDEyNDAwOFoXDTI4MDgxMDEyNTAwOFowXDETMBEG +CgmSJomT8ixkARkWA05FVDEUMBIGCgmSJomT8ixkARkWBEJBU0YxFjAUBgoJkiaJ +k/IsZAEZFgZCQVNGQUQxFzAVBgNVBAMTDkJBU0YgU1VCIENBIDIzMIICIjANBgkq +hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAqrfoKxrCPCw/u2PBEaAwW/VHLxBw6JNi +42F3EhXmligGb/Uu4kcWO016IGFatVrPhdAtShAqmTXis0w57hWjn1Iptvo7rROY +GPmH7aSW/fYM/x2Lln7NlltayXspWawqBzWzYGADodyjn/Z5TaLYaG8lajiabCM5 +UJDhlZ/SUR3xylqIIFaQK3k2twjeGoxobhbr9hJcQZfXF0V5FCSCzJExDYma6bs1 +ZtyqP/yHaiOeWXGdnqM9EPfT8kmIC42ZXq7s2JZI5OUflJBbaebYEbuDad6Rh19E +RchXABLe68+TF/4AZCw16iRwRgq/2Re2WWPMtVomyZ2txvn51iizqBkdVGzIRklC +3yIv5MRzDFTfG940/tSAomHsz+RdGbL+NCBeWSY+rnJQdExJ7bLXFLVsTNGL68lP +MuYrkxYQKWRtVhvQCHsdd5E0t9QR4iY1JLWQxq3GHy98tBbCGiKMpBbuj/9I/E6c +Grikouv2QyNnCN34PXpUxTQmDj5LZGV9w2faqpwUBD2ZWsbyVSgvD8TcjdxzcMcj +LBnYUaZ8wHFqUj2DBahctfKQxA8Ptrzt1mDIGOQliZGDwrTVMECd+noQhTlF1eS+ +vNraV3dYRMymVxh58MPEaDJgwIRcBWAAOeBbZlyx76oskXdmjOiz5jqyoR5eweCE +tS4jfMEW6UECAwEAAaOCAx4wggMaMAsGA1UdDwQEAwIBhjAQBgkrBgEEAYI3FQEE +AwIBADAdBgNVHQ4EFgQUdn7nwFGpb8uzpFVs5QWQcsA0Q6IwQwYDVR0gBDwwOjA4 +BgwrBgEEAYGlZAMCAgEwKDAmBggrBgEFBQcCARYaaHR0cDovL3BraXdlYi5iYXNm +LmNvbS9jcAAwGQYJKwYBBAGCNxQCBAweCgBTAHUAYgBDAEEwEgYDVR0TAQH/BAgw +BgEB/wIBADAfBgNVHSMEGDAWgBSS9auUcX38rmNVmQsv6DKAMZcmXDCCAQkGA1Ud +HwSCAQAwgf0wgfqggfeggfSGgbZsZGFwOi8vL0NOPUJBU0YlMjBSb290JTIwQ0El +MjAyMSxDTj1DRFAsQ049UHVibGljJTIwS2V5JTIwU2VydmljZXMsQ049U2Vydmlj +ZXMsQ049Q29uZmlndXJhdGlvbixEQz1yb290LERDPWJhc2YsREM9Y29tP2NlcnRp +ZmljYXRlUmV2b2NhdGlvbkxpc3Q/YmFzZT9vYmplY3RDbGFzcz1jUkxEaXN0cmli +dXRpb25Qb2ludIY5aHR0cDovL3BraXdlYi5iYXNmLmNvbS9yb290Y2EyMS9CQVNG +JTIwUm9vdCUyMENBJTIwMjEuY3JsMIIBNgYIKwYBBQUHAQEEggEoMIIBJDCBuQYI +KwYBBQUHMAKGgaxsZGFwOi8vL0NOPUJBU0YlMjBSb290JTIwQ0ElMjAyMSxDTj1B +SUEsQ049UHVibGljJTIwS2V5JTIwU2VydmljZXMsQ049U2VydmljZXMsQ049Q29u +ZmlndXJhdGlvbixEQz1yb290LERDPWJhc2YsREM9Y29tP2NBQ2VydGlmaWNhdGU/ +YmFzZT9vYmplY3RDbGFzcz1jZXJ0aWZpY2F0aW9uQXV0aG9yaXR5MGYGCCsGAQUF +BzAChlpodHRwOi8vcGtpd2ViLmJhc2YuY29tL3Jvb3RjYTIxL1JPT1RDQTIxLnJ6 +LWMwMDctajY1MC5iYXNmLWFnLmRlX0JBU0YlMjBSb290JTIwQ0ElMjAyMS5jcnQw +DQYJKoZIhvcNAQELBQADggIBAClCvn9sKo/gbrEygtUPsVy9cj9UOQ2/CciCdzpz +XhuXfoCIICgc0YFzCajoXBLj4V6zcYKjz8RndaLabDaaSQgjphXFiZSBH8OII+cp +TCWW1x+JElJXo9HB7Ziva2PeuU5ajXtvql5PegFYWdmgK2Q1QH0J2f1rr7B4nNGu +oyBi1TOSll+0yJApjx213lM9obt6hkXkjeisjcqauMVh+8KloM0LQOTAD1bDAvpa +VVN9wlbytvf4tLxHpvrxEQEmVtSAdVchuQV1QCeIbqIxW41l6nhE2TlPwEmTr+Cv +ajMID/ebnc9WzeweyTddb6DSmn4mScokGpj8j8Z7cw173Yomhg1tEEfEzip+/Jx6 +d2qblZ9BUih9sHE8rtUBEPLvBZwr2frkXzL3f8D6w36LxuhcqJOmDaIPDpJMH/65 +AbYnJyhwJeGUbrRm3zVtA5QHIiSHi2gTdEw+9EfyIhuNKS4FO/uonjJJcKBtaufl +GFL6y0WegbS5xlMV9RwkM22R7sQkBbDTr+79MqJXYCGtbyX0JxIgOGbE4mxvdDVh +muPo9IpRc5JlpSWUa7HvZUEuLnUicRbfrs1PK/FBF7aSrJLoYprHPgP6421pl08H +hhJXE9XA2aIfEkJ4BcKw0BqOP/PEScyptTSAaGjS4JuxsNoL6URXYHxJsR0bPlet +Sct3 +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIH6DCCBdCgAwIBAgIKYQahkgAAAAAACDANBgkqhkiG9w0BAQUFADA1MQswCQYD +VQQGEwJERTENMAsGA1UEChMEQkFTRjEXMBUGA1UEAxMOQkFTRiBSb290IENBIDIw +HhcNMTcwMTE5MTM0NTM0WhcNMzEwMTEzMDExNzUzWjBbMRMwEQYKCZImiZPyLGQB +GRYDTkVUMRQwEgYKCZImiZPyLGQBGRYEQkFTRjEWMBQGCgmSJomT8ixkARkWBkJB +U0ZBRDEWMBQGA1UEAxMNQkFTRiBTdWIgQ0EgNTCCAiIwDQYJKoZIhvcNAQEBBQAD +ggIPADCCAgoCggIBAOg01JfJV8ESwWu26KCRzEIapFpQF54U8BUmiu704/EXFt0h ++HgFkehmc74YPlhVsm+HxpURSyyZiQ7Mjc32+/6qHXHmdmDnVM8jBOCulNrDp3du +49f2PS4iSvhj+XgUOKOwcisRP44kbKP+gbNiOVblmVAadF25hZdd4q5vjKDLU/6D +ZaVJyKtTfGKAMyVpiyT9YNtIQcfne6aXPHjmLgX8e5qXLZei+SSS59dQ+I0+fBgz +2izh26Q5SuE0S0NYpMOqt/1pjA8xuQos25ubGtfZWxEprlLqtuBNSh+baN8lpJO4 +/LLhBHTQIMfUS+2OPAGAT2k9nD5aC/MvsFiBPOa7UtW0VV15ExOhCKOKbbO4xmra +4JKqJQTJqej0Pr1LPEBKoqu+D5V+/t/GIc2YMUPUZTrXp6gJxEIstoYLzXVLVJmE +TRj/0eNN0kp6ZYaiTfS6oZRJhIh3ydS9H9h2flFqrkEdodLHJkOoyZhiiISCqiw+ +4wgErcuWFsEtLBFLlx8wCb1/SCN+azCQlMSTYYqRKPz7T+Zy6RBzl7cw2HTh8dTd +n+/4LtjS9BaYYtl0m0RZoZrIcKIZhJfeUjAbxmoB5PToJwUWspbAWKzkRfv00TL2 +6CaAEF8Br1M9dgoJdcp7CeEEtgaCLT5pPSZIMvOTEdaGzkVH/SSzo3OJB6JbAgMB +AAGjggLSMIICzjALBgNVHQ8EBAMCAYYwEAYJKwYBBAGCNxUBBAMCAQAwHQYDVR0O +BBYEFBllF9SPX5mR+EonDSF4q62rZV2bMBEGA1UdIAQKMAgwBgYEVR0gADAZBgkr +BgEEAYI3FAIEDB4KAFMAdQBiAEMAQTAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQY +MBaAFFb7utA4DNyeuQSRezN24BnPvpokMIIBBgYDVR0fBIH+MIH7MIH4oIH1oIHy +hoG1bGRhcDovLy9DTj1CQVNGJTIwUm9vdCUyMENBJTIwMixDTj1DRFAsQ049UHVi +bGljJTIwS2V5JTIwU2VydmljZXMsQ049U2VydmljZXMsQ049Q29uZmlndXJhdGlv +bixEQz1yb290LERDPWJhc2YsREM9Y29tP2NlcnRpZmljYXRlUmV2b2NhdGlvbkxp +c3Q/YmFzZT9vYmplY3RDbGFzcz1jUkxEaXN0cmlidXRpb25Qb2ludIY4aHR0cDov +L3BraXdlYi5iYXNmLmNvbS9wa2lmaWxlcy9CQVNGJTIwUm9vdCUyMENBJTIwMi5j +cmwwggEiBggrBgEFBQcBAQSCARQwggEQMIG4BggrBgEFBQcwAoaBq2xkYXA6Ly8v +Q049QkFTRiUyMFJvb3QlMjBDQSUyMDIsQ049QUlBLENOPVB1YmxpYyUyMEtleSUy +MFNlcnZpY2VzLENOPVNlcnZpY2VzLENOPUNvbmZpZ3VyYXRpb24sREM9cm9vdCxE +Qz1iYXNmLERDPWNvbT9jQUNlcnRpZmljYXRlP2Jhc2U/b2JqZWN0Q2xhc3M9Y2Vy +dGlmaWNhdGlvbkF1dGhvcml0eTBTBggrBgEFBQcwAoZHaHR0cDovL3BraXdlYi5i +YXNmLmNvbS9jZXJ0ZGF0YS9CQVNGUk9PVENBUFJPRF9CQVNGJTIwUm9vdCUyMENB +JTIwMi5jcnQwDQYJKoZIhvcNAQEFBQADggIBAKDOz/LrB4gutzepAO81ctvZdbNX +6F4Eyr/siH2BVjc6iipAp8RH2oX2lHsRTSaXt1Cf7AJne99YRzE55uIuLeqq5zac +aHBssdVKRuJkUQKBcqKLsuN8ZwTGrQ+tmuSdRNpcCT5dOkPcc+H+CIPJqujk2UaO +U5CVwn8q/Ic+PSQDzd0bxqDJ9eYhVPzMXb/7k+epSzYQilSjvZdU3Ek7S0dOdS66 +Pu+3zfsnHC2E8FXe1FyopEw+3XT/u9ByT7CjEzUEepXGdD+pEwwAgjgpN6FWPxJj +UbWZoZNfAMPaazKKEIiccgZMvfFew0As+saPzE48YtOHlXsPdtHuxbSJcn0rAKWX +Bg7PB+bQu1GgT5DEPgydmgpItYhFTBD3UY98NY62ib7QOlWDVT8dJSAVnQFerjhX +grYwG57rDxaEWM4ZOQDcYfjyYuFVXIkPOkU8oPen/dHmSYFlVXFEhkuIgKgEn+os +jwKugWA+QZbDpwxzXb3c+SykKqluCB456WpESEhsB3lTtjWz2iIfPfFldt1eNpb4 +e+VMhO1gLuj9tggynN+UAYrlmRj+ecpyHsZtWooiGIDzgdNtXs9dNY6XbSqe1/fo +p5l5rZ9W/N58ZPhesz/qadzP/CqEH37vBKx/WHNwcr6d/oj+JqbDQvpxmudJKX8F +BM7a0yFNCepVQdgo +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIGxDCCBKygAwIBAgIQYsMnc5jV69S1ko7pZPWycjANBgkqhkiG9w0BAQsFADBA +MQswCQYDVQQGEwJERTENMAsGA1UEChMEQkFTRjEiMCAGA1UEAxMZQkFTRiBSU0Eg +UG9saWN5Q0EgTEEgLSBHMTAeFw0yMjA0MTkxMDA0MjZaFw0zMDA0MTkxMDA0MjZa +MEMxCzAJBgNVBAYTAkRFMQ0wCwYDVQQKEwRCQVNGMSUwIwYDVQQDExxCQVNGIFJT +QSBTZWN1cmVXZWJDQSBMQSAtIEcxMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC +CgKCAgEAniMj1KYv0563U3OW43miARd1KX4/+Df6WQhDI5vPA9xY9oSTjO6rAW70 +LiV1ouMPuZ44P4ckmrMaoBWLXRFn5EfvrjXLTb9HcfxicwqQZu0fbS0wIX+Y0YJS +u43q/5LtDKW7OujKgEGyFWbfy4HXWHlXQ9MGtgoBLS96lNMxxJ774ut1azUS9osl +FBoc9UGL+SaxxZBA5QdMxj53QcrSmk8CzCKryWYKxt0ISXbl99gXZC8jG1uRJSbZ +QJfZkHU6rsPVGcNgnc0F8wrEml+qd2Wq2nTOELjYXMuVjGsie+Hp+Z4ZD1p4rKi5 +rsaiz4obRlzMvnIc+K/kFlYmD5gcByj9OuOHTqDXpG3G6QRSh1tCrXIzS+gnoEo8 +A1lHmv2ognLZ9PpJUxxnhsJwVXMSkno8XCCjFYtmMXmhjfXyHvDIc8ZUqeisRhjO +o7GH5yUNdIsLNOUX4zMg7h5WBT7eyCaF7905YOrFy4ia/+Nc1sVmIJF8Ea7+Ajcn +bwaJWW3ich1wfzaqtxsPTBZopC34U64MFeibqciuCy40Qa+ZDnQdSrYzmB3IQC2K +F1laM2o/4DWnPttiMG5Rp7IrFoVGnHSCAFL7BEhOMEnvWI/3iGJ9M4brpn7IMzlm +BwuXi9ePs4a9ADGnk+SufnTnRIDIleGS7ulQMyYNqFW42BrpuXECAwEAAaOCAbUw +ggGxMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG +AQUFBwMCMB0GA1UdDgQWBBRfC7MKIWmxZXnjWadKTWc7lOybeDBQBgNVHSAESTBH +MAYGBFUdIAAwPQYMKwYBBAGBpWQDAwQBMC0wKwYIKwYBBQUHAgEWH2h0dHA6Ly9w +a2l3ZWItcXVhbC5iYXNmLmNvbS9jcHMwEwYDVR0jBAwwCoAIQh4gFNpItRwwXQYI +KwYBBQUHAQEEUTBPME0GCCsGAQUFBzAChkFodHRwOi8vcGtpd2ViLmJhc2YuY29t +L0cxL0JBU0YlMjBSU0ElMjBQb2xpY3lDQSUyMExBJTIwLSUyMEcxLmNlcjAOBgNV +HQ8BAf8EBAMCAYYwgYYGA1UdHwR/MH0we6B5oHeGNmh0dHA6Ly9wa2ktY3JsLmJh +c2YuY29tL0cxL0JBU0YtUlNBLVBvbGljeUNBLUxBLUcxLmNybIY9aHR0cDovL3Br +aS1jcmwtYmFja3VwLmJhc2YuY29tL0cxL0JBU0YtUlNBLVBvbGljeUNBLUxBLUcx +LmNybDANBgkqhkiG9w0BAQsFAAOCAgEANhHIJ+gd0FYywnO3sbwv2tER1ERvSLuf +WugFC1mPkLO9EfB22VBOwPNVuCWegqdvSRPKWys3IXxr5ZAjobffFpdi0HOriOna +Ir8Brr3LSES5DK72ym8yv2p0/8EdfrVDHECpbsen68fYOpRZSf4Goy2tM8LnckU+ +ti1tgKiLajHqmUPInaegboKK0ng4EEj9sw6ocJ3sjL+yx7waW+80M5eI3q59lE5r +AAFbHbj8vxlbAjtr7FuVGisKaKf0wfHblFZ2ynXbRlUH5Ov0tC0hb/7LdU7McntX +ChEHuu0hizvAi8RO9ZSbWVEtbQFs2iun5N23wV1RPgwpXI74a1uRHnVZ9nIL58ym +5/uUTGV6D5J2exASbFRvB67E3PmvCBHeapBfEshJx93t4ba9bU35QOsareyyyY08 +v6zbPdl5Mo2LE8xPnLYwMrx2xpzY7azyPEUyM0jloEgaPve4L9dBRRdZ83gEC42D +lcYNgOuK9S6MoH+znXn6K3E8jLq1DS4dZX9fjTCJOcJtR9G0JlB1qd/XwxQdUCv8 +9PF3R9IPxkzZFaIxjKpiHQTayQQrdFJlfTHWXlhLtI7TrHfAPZmDIJ2AS924n24V +OpaIIrfkX4jJwD/YUgPnzXQX4CF1lLCr6tT3PKLxbtyfRe8KaLFIl1VZ83T1cESd +TaTqWx2saLs= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEWTCCA0GgAwIBAgITLAAAAAVK5f1XUcNBQwAAAAAABTANBgkqhkiG9w0BAQUF +ADAYMRYwFAYDVQQDEw1BRFBBMy1Sb290LUNBMB4XDTE3MTAxMDE0MTczNFoXDTI3 +MTAxMDE0MjczNFowSTEVMBMGCgmSJomT8ixkARkWBWxvY2FsMRUwEwYKCZImiZPy +LGQBGRYFYWRwYTMxGTAXBgNVBAMTEEFEUEEzLUlzc3VpbmctQ0EwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbTwJxN8zqHPSIgxhjSelB5tKb/v7pS51o +7xonI6JDAb7+cRLcESH6M3fFWXRQVREDe0+XOnCny7V1urluNwrnnj7J6CzUIJXS +nj8RwiYmNBZGDl7eQzddg8qHmgFQtC3FGO2Oc9AYw4nlci+F5ivtoKnQUFXVQ0XO +GJNKdCaj5fT6YYeVsCr7qP3oWup/ToRNBoY/QgDdigFhh/UCRK1EKuWBeJTDN0sH +mUke7+S6RYYycWvAH/i9Q/BMtvxSqjn/i0M74cMojkG649T3TT+6JsECPsgYD5v0 +ZoBEM4G52AzshA8zz2pNIe1pBjcNJWx16L1xfvEYSD1Rb34sgAh9AgMBAAGjggFp +MIIBZTASBgkrBgEEAYI3FQEEBQIDAgACMCMGCSsGAQQBgjcVAgQWBBS7Z/XxrLqS +SQ3FCaLnaOQJAAFJ1jAdBgNVHQ4EFgQUxCNozHZbwbiWUlrSTVGBhV2NnE8wGQYJ +KwYBBAGCNxQCBAweCgBTAHUAYgBDAEEwCwYDVR0PBAQDAgGGMA8GA1UdEwEB/wQF +MAMBAf8wHwYDVR0jBBgwFoAUhoWWqTIinlAP77tGWuSkt0ztRIwwTQYDVR0fBEYw +RDBCoECgPoY8aHR0cDovL3BraS5zZWVkcy1leGNlbGxlbmNlLmNvbS9jZXJ0ZW5y +b2xsL0FEUEEzLVJvb3QtQ0EuY3JsMGIGCCsGAQUFBwEBBFYwVDBSBggrBgEFBQcw +AoZGaHR0cDovL3BraS5zZWVkcy1leGNlbGxlbmNlLmNvbS9jZXJ0ZW5yb2xsL1VT +M0NSQ0EwMV9BRFBBMy1Sb290LUNBLmNydDANBgkqhkiG9w0BAQUFAAOCAQEAKpbs +M0Oh+9UlVMao+3oe5Kboysz03WsqIw4ZvD/e5CVupVMPk46nNlvCTnc34y0b/LD9 +f0x6Rr2zOqun5zIgTD5umUmkEoc5bQxIL0kdn27DORR7r8KrjFaFbtUGgRY3Y9Vo +vYolDEfVjSbj+L+3V6195NUSGe2cy+97kgwtEVdkDnhyQ+qJ8IGF8y/rDJkt+YSS +1WrFfMyLdAtpORQrvmcvNiyUA4PS5dGdT/4KVfa9WJvwdNnLBawRmYMcJ3Z8ZLSL +feHaYQR/ETmcZGa/QXNu7h+byLRWhO6zFH/v24moHy8Omt1W+8xvY8cBsvdutxwu +MBRzP4jW6w1QnmG2gg== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIDpjCCAo6gAwIBAgIQet0dK6DlG5VEP+t0RAMbYTANBgkqhkiG9w0BAQUFADAY +MRYwFAYDVQQDEw1BRFBBMy1Sb290LUNBMB4XDTE3MDUyMjExMzY1OVoXDTM3MDUy +MjExNDY1OFowGDEWMBQGA1UEAxMNQURQQTMtUm9vdC1DQTCCASIwDQYJKoZIhvcN +AQEBBQADggEPADCCAQoCggEBANVuTo/hl46CplAKpqNl6pdetibFD6P44MVkfAov +fvsawS4zcLi0Kee0MUBjGL24s7WdIZNY8Kz06gC7rEpgOB6x+fZJ3uuv+FDFWBHG +trYNZ1N/yDEk7DyxBlHTM2ZVn5E7aW/iXmyNCicmVD+UvoSbznWjNhhOwg/csasb +tyPdRnpth6nFGJ8zfyE3FsjZea6ptITwCz+WaI5J5jULTN9Ed4x/pnEtf0hpE6ps +aIqWzxzxl6AneqNxcJogKNH01JK5mxDNbDmKQPIfV7j0Bs4bWwohNFq0o3+yVKma +4cBn8Blr4Bk4X7JjvrS2A7uoQSz8xIHW5hVX54iXulVfqfkCAwEAAaOB6zCB6DAL +BgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUhoWWqTIinlAP +77tGWuSkt0ztRIwwEAYJKwYBBAGCNxUBBAMCAQAwgZYGA1UdIASBjjCBizCBiAYI +KgMEiy9DWQUwfDA+BggrBgEFBQcCAjAyHjAgHQBMAGUAZwBhAGwAIABQAG8AbABp +AGMAeQAgAFMAdABhAHQAZQBtAGUAbgB0IB0wOgYIKwYBBQUHAgEWLmh0dHA6Ly9w +a2kuYWRwYTMubG9jYWwvQ2VydEVucm9sbC9wb2xpY3kuaHRtbAAwDQYJKoZIhvcN +AQEFBQADggEBAIxPHJEKlq64/2nJIpit9XSHc2UFAWBTXPB5jWFa/bheOfN/SKlF +m1AxPr1WHRAcAsljIlQWx4sHL3CRlOll13IZ0f8eYb8dQmL4EVeHsQNJSc4lXu7k +e/wN0zuhKagBsUi1Y5tKJJQtEATzv2WPRp6Jnp+Ag1xrvgrOn+ul7b26765PElYJ +u+RxNq6QQaxqEuzYLBUOQR30MDTQ/egdVTUzzKGMB9T20T3vIYFneZbSU66gifH2 +SwGvc+2rddMpdRTeOEYzrF5qc7+zCUusLkxJhzCDdBqhwSJjQ4jLcEI9d7wIhpBk +9ru9iX548P0CdbsaJm/t7OjPYa/l5VjGOfw= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEIzCCAwugAwIBAgITSwAAAANiXsUL7Q8T8gAAAAAAAzANBgkqhkiG9w0BAQUF +ADAYMRYwFAYDVQQDEw1BRFBBNi1ST09ULUNBMB4XDTE4MDIxOTE2NDk0NloXDTI4 +MDIxOTE2NTk0NlowSTEVMBMGCgmSJomT8ixkARkWBWxvY2FsMRUwEwYKCZImiZPy +LGQBGRYFYWRwYTYxGTAXBgNVBAMTEGFkcGE2LUlzc3VpbmctQ0EwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDstINmFrputEfV9nc4xgt9jVdsK70nA7Kt +LhuoEaBghVcDr1JyYteRBwWVbaUl1PxxSnrC4XP4MwlN7fka63S6/LaPHV0W2EGY +DVvDFAqZ5BQhhFwp90i6AqTxgufN2NECLvJXzru9RJPe78Eq6TTQh/FnaNg5ncYz +1BnRkgzFSS6GxsDb7ZjmOVU8S2mIP45szXiTWcoBx1E9lsv8Cdys9Zo2J2mrMYMt +AdzrBKzLM7E9E/uncS3P3Rol6TfNY4J/FUA2g7N+H8tNmhhIWfkWavFNP/0qcXqB +3KiR3n8hwffXiKMIGyghVxPNEHCibnvUqXEv98KULzWFyqBxVMHVAgMBAAGjggEz +MIIBLzAQBgkrBgEEAYI3FQEEAwIBADAdBgNVHQ4EFgQUdlWttZC6rwfyhq+5oWYw +FJuWTvYwGQYJKwYBBAGCNxQCBAweCgBTAHUAYgBDAEEwCwYDVR0PBAQDAgGGMA8G +A1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAU0Zt9g/C6tfVjWZJ7oWSHhCtz8/8w +RAYDVR0fBD0wOzA5oDegNYYzaHR0cDovL3BraS5udW5oZW1zLmNvbS9DZXJ0RW5y +b2xsL0FEUEE2LVJPT1QtQ0EuY3JsMFwGCCsGAQUFBwEBBFAwTjBMBggrBgEFBQcw +AoZAaHR0cDovL3BraS5udW5oZW1zLmNvbS9DZXJ0RW5yb2xsL1VBWlBJTlJDQTAw +MV9BRFBBNi1ST09ULUNBLmNydDANBgkqhkiG9w0BAQUFAAOCAQEAio6z9hY29Ew8 +WA5t/oLuDlZEKFcpVvPQBVBiNOp9zfIPIJWnrr/8mxMOXgAp0TszVQ+DALhm9VyV +nTX90LU0M5RARiIpDzfW3x1RBS+54+Vys5pqOG5Ajjx1IM+Fle36X/UCoaIg0WiG +1q0SA1GR8sbXkbr3ikTUnKz95zxu0IEkZ2AiQM0saWsuj06nLa88wEq72hyoF2+v +v7vPzHmdR4iCpBUwWobqQisAAg141u9+TCJiLXh1yLq13tKiaEMvtPHms/EJ5QK4 +c15u6dDixZkDvsFQMK7FSCM/Ze8+XcHyjPRAEOmgZZFJxVJHFZTgqvMhXQxg1Hbf +bapINgfakQ== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIDpjCCAo6gAwIBAgIQTxpxDCsNFI9CEEc3sIyxSjANBgkqhkiG9w0BAQUFADAY +MRYwFAYDVQQDEw1BRFBBNi1ST09ULUNBMB4XDTE4MDIxOTEwMzgwNFoXDTM4MDIx +OTEwNDgwM1owGDEWMBQGA1UEAxMNQURQQTYtUk9PVC1DQTCCASIwDQYJKoZIhvcN +AQEBBQADggEPADCCAQoCggEBALjQCUHTqjo4xnypGr+a+5qC8lPAH/CiIQoLNA7U +5qvovnKsAkXQjifdPRvgy+DEfOx8b/HWoFHJsNMACpCpu9LYZcj7gdbbEJJniwAN +Y/Z4e4PAcRdwNstnZXH17f8BRYyoAglOwrRzLA8X72nwjkvowyN2H7PWj43Esd2I +96yteJaExuMM5G798avglUKK4HzfkF7DdlKEsRPL50dVt8BuF5fFKp0PIDkxipid +ykMz+unR9PamBWZNPRawxTCZ+tD/UlkIDl8HHHtp7bFmJPDKC4V5yRlGz383LIet +zNKTt4B/YavAgUrwqwgLdX+b/WTMjPbAO1lrNo92vFPoe9MCAwEAAaOB6zCB6DAL +BgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU0Zt9g/C6tfVj +WZJ7oWSHhCtz8/8wEAYJKwYBBAGCNxUBBAMCAQAwgZYGA1UdIASBjjCBizCBiAYI +KgMEiy9DWQUwfDA+BggrBgEFBQcCAjAyHjAgHQBMAGUAZwBhAGwAIABQAG8AbABp +AGMAeQAgAFMAdABhAHQAZQBtAGUAbgB0IB0wOgYIKwYBBQUHAgEWLmh0dHA6Ly9w +a2kuYWRwYTYubG9jYWwvQ2VydEVucm9sbC9wb2xpY3kuaHRtbAAwDQYJKoZIhvcN +AQEFBQADggEBAFFt7WP6YW1H5CiooFUIhULugoRLocr/maxBnFnYk5+uNyRIxaaK +4KdnpST8Tx4jZPAf5wWe5wVdLzBG93z5DOs28dJtwULGnU9E6SIk+w1unH3Uhxvq +3VqUZFk6zaSlhv0u/+Apna3EkI25IUeKzbuZYRbNlP2GfjJSyMTAF/cv83ocq1iY +D0pZtelrhbLTWsPassXsR1k8vlRrAlxRtt6cO+QpINb+orI+0l4nqO2aaLcKBmqk +f+XbBJlf5ZYGzBXoJJt0JT22dTnquZ/fzn/yL3m4qeXIOo1ncDQ+eS+4DDhE3U2o +B1zLHeHgSo1DNq5INoBMuqN/AcFTFUIMtOE= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIFHTCCAwWgAwIBAgIQMueuV5fEfLhKwD56RmHWVDANBgkqhkiG9w0BAQsFADAh +MR8wHQYDVQQDExZWZWdldGFibGVTZWVkcyBSb290IENBMB4XDTIwMDYwNjA5NTMx +NVoXDTQwMDYwNjEwMDMxNFowITEfMB0GA1UEAxMWVmVnZXRhYmxlU2VlZHMgUm9v +dCBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAI9J8RRjS+c3Ux1g +Wagb7Bwu3M0Emg2iLMhseOuIT4BdyMZWKpFgxbCjdplUDlV9rJVfATUwcEmAfZP8 +Xna+YrxQQifcorm/z2f38S53l9C7bXrDEGnVRj9jem4vjzVlnfj1nQKsTR4Ls7P1 +1S43NA2fLIIfRla6DqiT6dCYMG4SUxJ/i+u+lqHNjMSt8C229rUZlY659ltKB9Sd +4w0gPcyBRoZWDTm8fsKRl3y7ssiQviMiRD/rvAy4HV92PY2Yj9Ugyqwquk3+42J8 +qzjt3yJefOBynhVI0T4kGUO/flqIl9HQ5WO80Qftz3hH4uap/qIoZVXbwnd2wskV +2ZCjCg2jgxcNvK8OEQy8hLKYrGSvVE3eD57duhHMBnGdR6zOORXL1vZTESf1rFR1 +qKjmtYK4WzGwG4o5tjEgVIJSlyix8GDm8m9VvutOSAhwYR21QnBBiSdgeUI+IFLG +TtKIRBI/2pe8zZ+bLilU7TlAkdxy7eDu8ZOKAKXCIR9GJNvfJVwdKEcf+gNZ+SiK +RksYWR6Rp46YKnnsrrdQ0Latq/8fQeDUrc0epnQmuJlqTx2DpY6Izc5BhdK6C8vc +Sn+U1Qgh4Tce/vE4JpQgtLB9QPSVDsXkBoVW7do0Z1Nv78nml6BfFm4JeFkh2AeP +T//BRCV7KDF/7X6g2xMTpyiSVX/DAgMBAAGjUTBPMAsGA1UdDwQEAwIBhjAPBgNV +HRMBAf8EBTADAQH/MB0GA1UdDgQWBBTHWowMSqQoOn5WWtg1SSm9aTTcIDAQBgkr +BgEEAYI3FQEEAwIBADANBgkqhkiG9w0BAQsFAAOCAgEAe7xumagg2ctLSwirbqqm +X0xPx85afcppZi+XgrkPCP0MRI7uQz6AgzufXVfdzAZddJG80UHdbtmMghnGXKcp +sA7m9RiOqpuhWb7NkPPE7qCCN2iaBktDPiQqdAwOFuDYTVtDLlAng1Tx6PG89RUP +6XmHNv0FQ5aRO700p7NcTx4O8H9LhIIyi9OSYx0wwHYeTUU6++hHJjDlf2FcP0Jc +e1zVLbSqCyZwsCa50alP8qK1m/OxWMaSR6s0lgMATQaw2B6dl47PK6O6u1n67ajl +x6Fg4ZCd/XforYMYNLGT+DjYPZvP+xOEv/V7HhWhZUA6Il2j+FKPPooMIO2gidse +FeQ8diFTKAFB21KroFR0XuQU+Re8+J/YAdpCzZR5qaH/yM91xkML4k5WUx2f05Rq +hr1WVOPhY9Nm5DnrUnqKsa03cOGiOcshpuAbvNgKt+Z95GMHrRH6cdtH/TBjPZ/G +sr6qOrgStGBeoLJbxRH14z9ebzkrgxq+ASjAx3QEa1gpJyn8VoTX2+mBUnlV+uxW +heogL/+t2/Sviboq7uMg/SNOY9qq/1YEO0NHeaQxvhbXiHU4pMPAp5xwiTUDv7Om +BE9U3Wbb0Bu9QdLUP/IS5ATiN1U23fprf+vGAnPw4j8408iT79CO7faNpqWlgayM +XOMTPfFUtsq+LRtAVZEARWI= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIIVjCCBj6gAwIBAgITfgAAAAPgRtxGG2dLZAAAAAAAAzANBgkqhkiG9w0BAQsF +ADAhMR8wHQYDVQQDExZWZWdldGFibGVTZWVkcyBSb290IENBMB4XDTIwMDYwNjEz +MjEwOFoXDTMwMDYwNjEzMzEwOFowUjEVMBMGCgmSJomT8ixkARkWBWxvY2FsMRUw +EwYKCZImiZPyLGQBGRYFYWRwYTYxIjAgBgNVBAMTGVZlZ2V0YWJsZXNlZWRzIElz +c3VpbmcgQ0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDLiNxutHVF +hx0HyE5iCCDeUrk9CSIteOFw4LRQzjDih0TuwR4BbWEh/mqIa9Kq7TpYz/Txn8DT +zVGnLUMxdRnubfGpS1+diE2UmOeKyyAhtX1IrI30K/joXpxGtx2P4XFHwfWGKbeW +EkgOaBXsf/XznLfK6Quaf4sYsV9ybFoTuv//2gjLx8gc5uUxIMKYpkE3l4+53urD +Jg7egxJ7m424vSCj9w59s07RfD31CqczemM3LcqH5L3DqnxfypAsKe8EpGzvzya2 +eZoi9Znx6k+wsF08PM249GMPsdTp2aZbWjVz9/Aj1H5BGPepf5KfFvLM2vbsil+O +DQdazbsauSXeAsqxBiiT/NIPDnqacA2Rw395w0LlSfT/pRH7nrf0vLqvxEY+gpFA +WCYHlcE5XKA/d+4wwhbmAN8M6zsHmDKWg5bfZ+1QnNPFYEgq7DoWVWkw1YdZt7YI +4Ch83BnpkP7Lf2RKmPyGmRkS/4pOjnaVbEr6U3na9iDxE3LyByU1YuTCfYnKYpBz +Ku+FRCRGnzr/EH13lDgSo3d1PCODJ2nvk4yHmaXgA3h+K5swKMRiEsX9PqZrRGHH +t0OevlgtdZzbvIlOA5k7Shj9O/C9O5nj09l0smIFegoY4i8H8L3xalSuzTfib21N +kDSypXMfkrNDsd0NCQK+Yp/Cxb0vuV6DkwIDAQABo4IDVDCCA1AwEAYJKwYBBAGC +NxUBBAMCAQAwHQYDVR0OBBYEFBjBM1odWB/0c2hQX19EiW6lVRwFMFIGA1UdIARL +MEkwRwYIKgMEiy9DWQUwOzA5BggrBgEFBQcCARYtaHR0cDovL3BraS1zZXJ2aWNl +cy5udW5oZW1zc2VlZHMuY29tL2Nwcy50eHQAMBkGCSsGAQQBgjcUAgQMHgoAUwB1 +AGIAQwBBMAsGA1UdDwQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaA +FMdajAxKpCg6flZa2DVJKb1pNNwgMIIBMgYDVR0fBIIBKTCCASUwggEhoIIBHaCC +ARmGgcZsZGFwOi8vL0NOPVZlZ2V0YWJsZVNlZWRzJTIwUm9vdCUyMENBLENOPVVB +WlBJTklDQTAwMixDTj1DRFAsQ049UHVibGljJTIwS2V5JTIwU2VydmljZXMsQ049 +U2VydmljZXMsQ049Q29uZmlndXJhdGlvbixEQz1hZHBhNixEQz1sb2NhbD9jZXJ0 +aWZpY2F0ZVJldm9jYXRpb25MaXN0P2Jhc2U/b2JqZWN0Q2xhc3M9Y1JMRGlzdHJp +YnV0aW9uUG9pbnSGTmh0dHA6Ly9wa2ktc2VydmljZXMubnVuaGVtc3NlZWRzLmNv +bS9DZXJ0RW5yb2xsL1ZlZ2V0YWJsZVNlZWRzJTIwUm9vdCUyMENBLmNybDCCATcG +CCsGAQUFBwEBBIIBKTCCASUwgbkGCCsGAQUFBzAChoGsbGRhcDovLy9DTj1WZWdl +dGFibGVTZWVkcyUyMFJvb3QlMjBDQSxDTj1BSUEsQ049UHVibGljJTIwS2V5JTIw +U2VydmljZXMsQ049U2VydmljZXMsQ049Q29uZmlndXJhdGlvbixEQz1hZHBhNixE +Qz1sb2NhbD9jQUNlcnRpZmljYXRlP2Jhc2U/b2JqZWN0Q2xhc3M9Y2VydGlmaWNh +dGlvbkF1dGhvcml0eTBnBggrBgEFBQcwAoZbaHR0cDovL3BraS1zZXJ2aWNlcy5u +dW5oZW1zc2VlZHMuY29tL0NlcnRFbnJvbGwvVUFaUElOSUNBMDAyX1ZlZ2V0YWJs +ZVNlZWRzJTIwUm9vdCUyMENBLmNydDANBgkqhkiG9w0BAQsFAAOCAgEAD9PznNtD +P9t8uB3lV4G995TGDrq5eRjjsLqwDRppp5kqoqsEa0OTiMFCmGk8dJkRkjewvl62 +6H3rwaWVmNMT4IBf+OtDgIM7KJqmN6Yl0d11JJRtIzIMe60CWSpxxpVNYKczHwND +SJq8/J6UxH5qc10RAbh6MpE4fxlE7yBJg/JmoVLmQwwwZ2D9O/DGyCAUztftqdsq +21UrWRucPuEvpyu4vyvyN+wfxo9U1Iir1vL11Rv7+j36T8b5AnIBY00hihoF66nA +kwQrGvcNeuor9kXXM5bBokfKafV9SwUCX6eXaGxplgnJ4bPDzk3IC/EliMMRiWhn +rpJoBMAJBioxQw5zXOpCeJZcEODELMY95AYOB6g1zChxoJzva2uJj/CB64RM6n2V +ukbZvrRjVTKXzqxuuWOWZtzfJSKHTQnSMwhzCeGhupDOIRVcnhU9DqEpFVNJCV1x +7mDB6DqK4NPCqM6QeX8MsfqDbw+uUdje3YWSHj53r0hnGCCsdTp5F3uQ0XZ8QrMF +gGFdv/JPb7Cn837bST/o5kSbhxrl9r9tT6m6R5bpraKe5EHcWsTv2lS0AIA6ta2/ +SHMR2jYd0uIL8R3fsuY9Mo27HJap9yxE6d5xHVHBRYW0DwzoDKfBc2doQNAYQO8+ +1A3PMr4SHRYAUQBzy6xQUJK+oMnpGmHWIqw= +-----END CERTIFICATE----- diff --git a/hosts/heimdall/default.nix b/hosts/heimdall/default.nix new file mode 100644 index 0000000..d46bcd0 --- /dev/null +++ b/hosts/heimdall/default.nix @@ -0,0 +1,39 @@ +{ pkgs, ... }: +{ + imports = [ + + + ../common/global + ../common/optional/yubikey-gpg.nix + ../common/users/lander + ]; + + wsl = { + enable = true; + defaultUser = "lander"; + + usbip = { + enable = true; + autoAttach = [ "1-2" ]; + snippetIpAddress = "127.0.0.1"; # using mirrored networking + }; + }; + + networking.hostName = "heimdall"; + + security.pki.certificateFiles = [ + ./BASF_all.pem + ]; + + environment.systemPackages = with pkgs; [ + vim + wget + ]; + + nix.settings.experimental-features = [ + "nix-command" + "flakes" + ]; + + system.stateVersion = "24.11"; +}