lander/nix-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: lander:df16d1359022a88bb6b8d0e7fb867e91d24e183e
Branches Tags
lander:main
...
compare: lander:b9fca228e3c91f620186b8d4d60b6576346a1dbf
Branches Tags
lander:main

7 commits
df16d13590 ... b9fca228e3

Author SHA1 Message Date
Lander Van den Bulcke
b9fca228e3
fix: disable postfix ipv6 for now 
Signed-off-by: Lander Van den Bulcke <landervandenbulcke@gmail.com>
 2025-10-21 12:53:38 +02:00
Lander Van den Bulcke
b2b16fcbe3
fix: only deliver escapeangle mail locally 
Signed-off-by: Lander Van den Bulcke <landervandenbulcke@gmail.com>
 2025-10-21 12:41:11 +02:00
Lander Van den Bulcke
d9a3b79c27
fix: use correct vaultwarden db 
Signed-off-by: Lander Van den Bulcke <landervandenbulcke@gmail.com>
 2025-10-21 11:21:57 +02:00
Lander Van den Bulcke
38c01bd3c0
fix: add protocol to vaultwarden domain 
Signed-off-by: Lander Van den Bulcke <landervandenbulcke@gmail.com>
 2025-10-21 11:19:44 +02:00
Lander Van den Bulcke
93b2df0ef7
feat: configure vaultwarden smtp 
Signed-off-by: Lander Van den Bulcke <landervandenbulcke@gmail.com>
 2025-10-21 11:07:28 +02:00
Lander Van den Bulcke
bf3dc8f03e
feat: add bitwarden send mail to mailserver 
Signed-off-by: Lander Van den Bulcke <landervandenbulcke@gmail.com>
 2025-10-21 10:56:51 +02:00
Lander Van den Bulcke
9d5d5f447a
refactor: add mail-01 to colmena 
Signed-off-by: Lander Van den Bulcke <landervandenbulcke@gmail.com>
 2025-10-21 09:17:32 +02:00
12 changed files with 179 additions and 210 deletions
Download patch file Download diff file Expand all files Collapse all files

6
.sops.yaml
View file

@ -70,6 +70,12 @@ creation_rules:
- *hosting-02
pgp:
- *lander
- path_regex: hosts/servers/mail-01.yaml$
key_groups:
- age:
- *mail-01
pgp:
- *lander
- path_regex: hosts/mail-01/secrets.yam?l$
key_groups:
- age:

30
flake.nix
View file

@ -160,9 +160,6 @@
};
# servers
db-01 = hetzner.mkMachine "db-01" {
ipv6Address = "2a01:4f8:c012:15d4::/64";
};
hosting-01 = nixpkgs.lib.nixosSystem {
system = "aarch64-linux";
specialArgs = { inherit inputs outputs; };
@ -170,16 +167,6 @@
./hosts/hosting-01
];
};
hosting-02 = hetzner.mkMachine "hosting-02" {
ipv6Address = "2a01:4f8:c013:7fc0::/64";
};
mail-01 = nixpkgs.lib.nixosSystem {
system = "aarch64-linux";
specialArgs = { inherit inputs outputs; };
modules = [
./hosts/mail-01
];
};
};
colmenaHive =
@ -200,6 +187,7 @@
{
imports = [
inputs.disko.nixosModules.disko
inputs.nixos-mailserver.nixosModules.mailserver
inputs.sops-nix.nixosModules.sops
nixosModules.bandcamp-collection-downloader
nixosModules.namespaced-vpn
@ -212,12 +200,16 @@
machineConfig
];
deployment = {
targetHost = "${name}.escapeangle.com";
targetPort = 22;
targetUser = "root";
buildOnTarget = true;
};
deployment =
let
hostname = if name == "mail-01" then "mail" else name;
in
{
targetHost = "${hostname}.escapeangle.com";
targetPort = 22;
targetUser = "root";
buildOnTarget = true;
};
}
);
in

3
hosts/hosting-01/default.nix
View file

@ -160,7 +160,8 @@ in
enable = true;
dbBackend = "postgresql";
config = {
DOMAIN = "bitwarden.kinkystar.com";
DOMAIN = "https://bitwarden.kinkystar.com";
ROCKET_PORT = 8222;
};
environmentFile = config.sops.secrets.vaultwarden.path;
};

8
hosts/hosting-01/secrets.yaml
View file

@ -20,7 +20,7 @@ forgejo:
mailer-password: ENC[AES256_GCM,data:sO8Tt1Smwcr8hME/zYs118DiUfbcmhKnT2FCyjyUZfId4cHfjvxHuqZIHvBSlec27sbCmxRBHeCJ3Can6IFCAA==,iv:kPmW6oFCRBEzKScpFrW3Z0xhFCRg+MpiA9qJozakHjE=,tag:9xCVN/wFjN8Kl95PSC9aXA==,type:str]
oidc-secret: ENC[AES256_GCM,data:NeLfEXssdP5f4ff1uz3RwURw+OWAm3QgYz/EPpWb1aE+vIDIhPigiPem1+NrVvdBQ5uysL3VdnLtJPxwppcouoT7VGJkcog+,iv:eCl4I7EC7GTeQNSthk5QrMqNl1B9qvGGxQTspjD+LEU=,tag:qyPKf7E5xNmUI913Fb8n8A==,type:str]
mealie-env: ENC[AES256_GCM,data:3fZJffJs/WwtmMirHBRkghfPPkTB5sgY6oWNs5GUbkUzOooWurOvm0OcQHAEQf+HLn21kCOk/ilmlrcdMFtzXijClpHuy8n7cwmdGI0bwZ14QPCVlSYvSPisjX0=,iv:tc77J3T4tNGzBnXNBlq4wmfFMFQ44ZFEtl2N1QAt77U=,tag:hW7YceS5/GQveJj8fcf5uA==,type:str]
vaultwarden: ENC[AES256_GCM,data:8mv//++mIkbJHrREx0ESy038tU/ZS7EE5OCxOXLufxogr891fx4wFSTrVT2QRQ9+iLsdmSI9h5ug7SUiZ7layga2pJp502luOJZOXATYnGj9Bn8z8Nlrz9RkbbuUy7pY/6Ka66DxXzoukO3djhaSfTvt1DvJvlwOMvS94C6rA+Dpf5IzuZeaomTg1GWHAvfLgypCyQy973WHh1ZHLaTv7wMJYq9ZDoU5aw==,iv:HvsKgWjyzRKDE9BiQLIa4v6JhvS3BS8QAOVPCvmlfgE=,tag:l5vT78Xe0GRpo4JA/QtqFQ==,type:str]
vaultwarden: ENC[AES256_GCM,data:6yLk6ip/Bd/469XNDYq5kKl+fPy8/+9Ybhruyly0HopNXbrBmzfAkAhuP0geZZTeAkxp2k/nn8vQ9I10QwzQ5Si0RhQWWidUdd2VyAlDlppiGBhtpeiY3J/2tlEGH1rf1O0NL23oGtqvRe4mEMZtyqK6YPYv7skOjaV5mzxu97psTQlqnOOAaisIVN/LqmKmzR72T3/SxlN8I0JzMneICfSLcwEp2//qVplqvTwTQgWziMf/Gkf2kkbugKRWSbp7sQ6cel2Gk2zyREx86biTje6nOjZ5goT2dcXzGexp6bzFb+XKu1Zj5wfY7dmvxZzMyigm4SSkjLd0Fh0QxU9cEiMAe5Max8c0i4Nqfh3Y1JZFj5sMS7e34oERMSA5wNu0l9hTaM5AYWiNPpvi4T3kLlguX5oerWvZWzeQT53soZF2iKdah2+J/0Wck8FRU3JXhC56XfIb,iv:AFzQvZnD8Aswoshp6X3AFkdxRCvL7rbClMwoW9C8epA=,tag:+W4t7W59LQMc3JzwoaAAcA==,type:str]
sops:
age:
- recipient: age18g4z53ykxzq35dsjq3a2np4f88xwat0kwtax229l3zn0ykhlpvqqy8fgtv
@ -32,8 +32,8 @@ sops:
NW9CUkJQbis1NmpyU0xrb3J4UVNKTDgKsPFnlQBa8LGm6s8uZsUXq9RIt4WzzROc
mz9dEVq/R54xvjMRltgzZyu54BWWOQYgkZUEhOnDoqwVnA7XwGGYtA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-10-14T13:26:58Z"
mac: ENC[AES256_GCM,data:+3VBgbv7jeeeH8K8CXQCIXgbazGG98KJvglzHSQhpRY6P14EuF0xi8tkeSD69IfrfoATHNcV5QUppNMYB6DBWl3JClhuPRKkp2wQsCUE3OxsMgxuMxSjNXt+5UJvNJ3kCtfoX7Nm/8ammCK5x8lIQJdFleTMK9r6Am2QQy4HGOY=,iv:dsTWs5Ym5nmhZjrhAHC3qzPZAHeHfZuXdOukatJBKSs=,tag:OhrCtGP/cE8+GSAURo9gag==,type:str]
lastmodified: "2025-10-21T09:26:44Z"
mac: ENC[AES256_GCM,data:yiWDzGJj/Yuq/Y8DvE+muEGiynr8TI0RkX2YAu3KdloSvtAvjBRbc3kkyFqEAjLA9EKJAhb+0O00Ugul5uo0icw8PMBOBg2lMgLGcW7w531O1DgSgoVloUNRp+YlAnFQMkBO/euRwWOgfHmp3Usj4NmnUStTXuZUH225EeSBYkE=,iv:dPnfHLkgpp/AyuAAY4r13toPlMa5myzo3ubNDDN8Ya0=,tag:FaA31H6Rd8RUJvixsIo9BQ==,type:str]
pgp:
- created_at: "2025-07-06T18:28:35Z"
enc: |-
@ -47,4 +47,4 @@ sops:
-----END PGP MESSAGE-----
fp: 4BE1257015580BAB9F4B9D5FCA5B1C34E649BF92
unencrypted_suffix: _unencrypted
version: 3.10.2
version: 3.11.0

101
hosts/mail-01/default.nix
View file

@ -1,101 +0,0 @@
{ inputs, config, ... }:
let
floatingIPv4 = "78.47.245.200";
in
{
imports = [
./disk-config.nix
{
_module.args.disks = [ "/dev/sda" ];
}
inputs.nixos-mailserver.nixosModules.mailserver
../common/servers
];
time.timeZone = "Europe/Berlin";
networking.hostName = "mail-01";
networking.interfaces.enp1s0 = {
ipv4.addresses = [
{
address = floatingIPv4;
prefixLength = 32;
}
];
};
networking.defaultGateway = {
address = "172.31.1.1";
interface = "enp1s0";
};
networking.nameservers = [ "8.8.8.8" ];
sops.secrets.mail-password-lander = {
owner = "root";
group = "root";
sopsFile = ./secrets.yaml;
};
sops.secrets.mail-password-authelia = {
owner = "root";
group = "root";
sopsFile = ./secrets.yaml;
};
sops.secrets.mail-password-forgejo = {
owner = "root";
group = "root";
sopsFile = ./secrets.yaml;
};
mailserver = {
enable = true;
fqdn = "mail.escapeangle.com";
domains = [ "escapeangle.com" ];
loginAccounts = {
"lander@escapeangle.com" = {
hashedPasswordFile = config.sops.secrets.mail-password-lander.path;
aliases = [
"postmaster@escapeangle.com"
];
catchAll = [
"escapeangle.com"
];
};
"authelia@escapeangle.com" = {
hashedPasswordFile = config.sops.secrets.mail-password-authelia.path;
};
"forgejo@escapeangle.com" = {
hashedPasswordFile = config.sops.secrets.mail-password-forgejo.path;
};
};
extraVirtualAliases = {
"abuse@escapeangle.com" = "lander@escapeangle.com";
};
certificateScheme = "acme-nginx";
enableImap = true;
enableImapSsl = true;
enableManageSieve = true;
virusScanning = true;
};
services.postfix.config = {
"smtp_bind_address" = floatingIPv4;
};
security.acme.defaults.email = "landervandenbulcke@gmail.com";
security.acme.acceptTerms = true;
system.stateVersion = "24.11";
}

52
hosts/mail-01/disk-config.nix
View file

@ -1,52 +0,0 @@
{
lib,
disks ? [ "/dev/sda" ],
...
}:
{
disko.devices = {
disk = lib.genAttrs disks (disk: {
device = disk;
type = "disk";
content = {
type = "gpt";
partitions = {
boot = {
name = "boot";
size = "256M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
};
};
main = {
size = "100%";
content = {
type = "btrfs";
extraArgs = [ "-f" ]; # override existing partition
subvolumes = {
"/" = {
mountOptions = [ "compress=zstd" ];
mountpoint = "/";
};
"/home" = {
mountOptions = [ "compress=zstd" ];
mountpoint = "/home";
};
"/nix" = {
mountOptions = [
"compress=zstd"
"noatime"
];
mountpoint = "/nix";
};
};
};
};
};
};
});
};
}

30
hosts/mail-01/secrets.yaml
View file

@ -1,30 +0,0 @@
mail-password-lander: ENC[AES256_GCM,data:6A0pw04sdzAAE2dakrGt68OkYzMFzeY1fKBAAIcO6PF1Sbna+6JbdIjikuN7ucdEGC+cPBpHNaWM8ZuZ,iv:LC4WSSAWW4uEFGHiDiZG5Q1mQgQnp28WngFyE4sECI8=,tag:gcDe1+PX9Zbe7Uu6RXJ8Ng==,type:str]
mail-password-authelia: ENC[AES256_GCM,data:pbI48v40B8Sehrl28HuZKEdw0nK4pmn7O8FveQzCh/C5+kkbg1QBG6facY58+mvsHXJ5pBZNfPp9uAV9,iv:zZkwl+dDzY0ynun0Pgm5lVB+YZIGFnGr/nNTRE9IgHc=,tag:KmuBl1E8/80yvzP9IAGlnw==,type:str]
mail-password-forgejo: ENC[AES256_GCM,data:arHdupQdSSJgVzcjJdYZ3gB51VfdABk8VNa9tuc9ayerfoOCPn7ydt8eS/qg7XX5fKsH+/5h4q9N/Etw,iv:cc+mqg0ETTikuwXC/i8vKea2k7Ph9Dx7fQOb2iHAOk8=,tag:/bxU7tArkKtv33HPeyxauA==,type:str]
sops:
age:
- recipient: age1u2a7wakgsyct6ed7ah2pksymh7jjl08ankedeyl5pa5jcs8r0uks02jpza
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBrUXBtSzJiYXhZMStON3dj
MTlXdE5BaVRWalAzUDBxRWpDT3dWTmRLNFVnCnN0cGc3Qkt5YXRTTHJCaGVIQjgw
NVozQzZDTE5TNUpsa3cyVU9mNEdWOUEKLS0tIG1FWkkrQ0s1TlV1VkIxR2RjRXFw
bG9hd3RXaERsYU5RaCtiOVYrcFlvam8Ky3iq96BO4uMiYLpZ903UCJYfByQIMtI5
YNDVMgIqVI9vVDq1BnPqyOssHJ7FO69i+BUSSrjqZKsyAjknqPmvoA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-07-08T10:48:10Z"
mac: ENC[AES256_GCM,data:8BkeK7uMlWWulKvr1aEcKDpDsHntIVTIz37qePaSSby3zOVu6agc4VwNVNk4tbCLvuXJS+ULPUltkAfh9qffsFJe5X+Jd7ZnvEd5IBMJGdWDDtP1iYSMgga9aYfl/hE030xSo6Utblprf2KGw+KpHEeCViFvU6+oJFqTB/Vwekc=,iv:97YBIUh9HjLIwoGFB1oDiLC6OqwRK1POeksDxE+Ierc=,tag:ZBBb4k5tJdqI/HcZCfKoLg==,type:str]
pgp:
- created_at: "2025-01-17T23:46:22Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hF4DARdpY4woM6wSAQdAKAJEIw16NdGquumUwVQeZeHWaQixvg6z/BiWYhkdmRAw
U7r4y86ZTf/Am1D+N+mMSZTWB0ncKjgfS8nzvHyFKHUkBMmJhIwtVNxlIoWe4+xc
0l4BC+s5Mk8rhkofbq+fw6k5dwVF5HxqE7o9JK9ntbOkyHGsblQd9PsIyvr6pXt+
Edllt9Ol/oJC+T+Sv3O2Y21y9ZzNJoleGv7UaFvgQ1+9nksYTbYRHLGh7w0B+xSH
=YYVU
-----END PGP MESSAGE-----
fp: 4BE1257015580BAB9F4B9D5FCA5B1C34E649BF92
unencrypted_suffix: _unencrypted
version: 3.10.2

3
hosts/servers/common.nix
View file

@ -86,6 +86,9 @@
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPnthKtz0fE4yQ/X10cJgKVCjYCNkRNoqV28xAhD7h2M cardno:22_498_026"
];
security.acme.defaults.email = "landervandenbulcke@gmail.com";
security.acme.acceptTerms = true;
nix = {
settings = {
trusted-users = [ "lander" ];

7
hosts/servers/db-01.nix
View file

@ -1,5 +1,12 @@
{ config, pkgs, ... }:
{
systemd.network.networks."30-wan".addresses = [
{
Address = "2a01:4f8:c012:15d4::/64";
}
];
services.postgresql = {
enable = true;
enableTCPIP = true;

10
hosts/servers/hosting-02.nix
View file

@ -5,6 +5,13 @@
...
}:
{
systemd.network.networks."30-wan".addresses = [
{
Address = "2a01:4f8:c013:7fc0::/64";
}
];
networking.firewall = {
enable = true;
allowedTCPPorts = [
@ -146,8 +153,5 @@
};
};
security.acme.defaults.email = "landervandenbulcke@gmail.com";
security.acme.acceptTerms = true;
system.stateVersion = "25.05";
}

108
hosts/servers/mail-01.nix Normal file
View file

@ -0,0 +1,108 @@
{ config, lib, ... }:
let
floatingIPv4 = "78.47.245.200";
in
{
systemd.network.networks."30-wan".addresses = [
{
Address = "${floatingIPv4}/32";
}
{
Address = "2a01:4f8:c012:976d::/64";
}
];
mailserver = {
enable = true;
fqdn = "mail.escapeangle.com";
domains = [
"escapeangle.com"
"kinkystar.com"
];
loginAccounts = {
"lander@escapeangle.com" = {
hashedPasswordFile = config.sops.secrets.mail-password-lander.path;
aliases = [
"postmaster@escapeangle.com"
];
catchAll = [
"escapeangle.com"
];
};
"authelia@escapeangle.com" = {
hashedPasswordFile = config.sops.secrets.mail-password-authelia.path;
};
"forgejo@escapeangle.com" = {
hashedPasswordFile = config.sops.secrets.mail-password-forgejo.path;
};
"bitwarden@kinkystar.com" = {
hashedPasswordFile = config.sops.secrets.mail-password-kinkystar-bitwarden.path;
sendOnly = true;
};
};
extraVirtualAliases = {
"abuse@escapeangle.com" = "lander@escapeangle.com";
};
certificateScheme = "acme-nginx";
enableImap = true;
enableImapSsl = true;
enableManageSieve = true;
virusScanning = true;
};
services.postfix = {
config = {
inet_protocols = "ipv4";
smtp_bind_address = floatingIPv4;
mydestination = lib.mkForce [
"localhost"
"escapeangle.com"
];
virtual_mailbox_domains = lib.mkForce (builtins.toFile "vhosts" "escapeangle.com");
};
localRecipients = [ "@escapeangle.com" ];
};
sops = {
defaultSopsFile = ./mail-01.yaml;
validateSopsFiles = false;
secrets = {
mail-password-lander = {
owner = "root";
group = "root";
};
mail-password-authelia = {
owner = "root";
group = "root";
};
mail-password-forgejo = {
owner = "root";
group = "root";
};
mail-password-kinkystar-bitwarden = {
owner = "root";
group = "root";
};
};
};
system.stateVersion = "24.11";
}

31
hosts/servers/mail-01.yaml Normal file
View file

@ -0,0 +1,31 @@
mail-password-lander: ENC[AES256_GCM,data:eSsuEoAyIAL41qCD9SoqwqPsgkYM43Dp/OEatNZ42ocv5neVXBk2QyIYmZWp48vUwBOUwhzTVvV8yZov,iv:AKoosg/0Zf3OkhTiEJQkFjnG6JuQL7EdoUEmEIzsSjE=,tag:jQtTk6kQdYXqYNDDWss8Ig==,type:str]
mail-password-authelia: ENC[AES256_GCM,data:JCSPMP2DMFeb7fdBbkLhj35A3C6h4PmHSKgIuRrrfVlLPHXA+FyhQrl8P3hxdrFiFB1vr+G4ftOcoeZa,iv:Vk1xWJNrETCBKLqijE+Ftc7+hOg5u7KdcdqngIq9ZCE=,tag:pNubO1GLaiegRLAkU6rw4Q==,type:str]
mail-password-forgejo: ENC[AES256_GCM,data:8BQcs6getbwXLvSTJ+j5j1XyS54qa9XMsyVvGaRocNUIgNnjhGndOVtEa2HfdXouIspbBP2rEY/yWRQj,iv:H87iJeDxR5n1VcdCtvVe29VJbvB2xfZE/DyIsl8pzzY=,tag:kIWsl2Rh0If1/8E22qf2BA==,type:str]
mail-password-kinkystar-bitwarden: ENC[AES256_GCM,data:GhhF3k4awem4qldNqX6iInXOq8WVdHg0BKgzr9gq2KjHByAmDwIE5YtsQhHBZe73uUgyKryLBkqDdr/o,iv:wMLuJ/H/ChUKX5CcY6c+gV+kNKIEpqnZMbRd2QlFCNI=,tag:eJTE7iRVjSzaQD6bcLz+MQ==,type:str]
sops:
age:
- recipient: age1u2a7wakgsyct6ed7ah2pksymh7jjl08ankedeyl5pa5jcs8r0uks02jpza
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4TWFSZnBDcHk2YkZ1SUlx
aTBMZXdDajlGY3diUlRJcElJN3Z2T1B6M25rClFHVS9yU1NyZTl1L21QaVFiNmtR
V1liS3NWVERzcGpBclk0SHZaOEVZOTgKLS0tIHZKckRDaDd3ajFNQWw4cUNPeElx
MjI1UTlRRXdVaE5oSHBVRy9hcFNESzAKhdgGeeLl+BhslAFJmChAy7Ht+CPmZQqo
0Km8AGCKAmOQWEym0yRW/rKp35sOla4PQ4JWGlthNhcqyR2Kd916OQ==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-10-21T08:56:35Z"
mac: ENC[AES256_GCM,data:6ICy3l8BoHAi4NB3VbfiVs7PJdrqgloQUaLWKGam8Qp2gfzTYDm1TQaH/FjAgfE7AtTa5v0CRb0X/+emBpWdh1Swf4sGL/ILyNNSmg1E/mu0/z0FpzSSbCy4JpBwn8aCrUZ6oX/zMobwbNCBBsmhqhFRt8FNDcUeYxkfk3MofnU=,iv:Y8hfwcOCzr7tB2hRosDZsNg5aPUMRlZPnet6YzHpjts=,tag:ypNhw2+VLgx2gqWAG2NH2w==,type:str]
pgp:
- created_at: "2025-10-21T06:31:32Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hF4DARdpY4woM6wSAQdA/Ndn97s0tXWWExKKZS97MBYSoUlgJNysXtHWVMWBfRsw
NtHXaGCHfWTTfVYyM4gZ3uIGdxAJSKafac54AgttzP/XOObv4bkE94eWSdFhwK2a
0l4BqfqGy3OQmwuwbKjrZJ1HpQ7YvyDdwuHgG+t5fXc7g46DYgn6XkYVVY+nGas2
o6HxRApdHgXu0V8d9bcZtXaJXBjSW0RllTT5zeHX7kTqtFR9cg7hsggbvrbkqcmN
=xqTz
-----END PGP MESSAGE-----
fp: 4BE1257015580BAB9F4B9D5FCA5B1C34E649BF92
unencrypted_suffix: _unencrypted
version: 3.11.0