From 8356e15211735da3edb4e560bd3b756a0bf31932 Mon Sep 17 00:00:00 2001
From: sinavir <sinavir@sinavir.fr>
Date: Sat, 12 Oct 2024 17:45:41 +0200
Subject: [PATCH] feat(hackens-org): deploy ragb server

---
 hive.nix                                      |   4 +-
 machines/hackens-org/_configuration.nix       |   1 +
 machines/hackens-org/ragb.nix                 |  78 ++++++++++++++++++
 machines/hackens-org/secrets/default.nix      |   6 ++
 .../secrets/django-gestiohackens.age          |  57 +++++++------
 machines/hackens-org/secrets/django.age       |  57 ++++++-------
 .../hackens-org/secrets/matterbridge-env.age  | Bin 1670 -> 1670 bytes
 .../hackens-org/secrets/prometheus-webconf    | Bin 1658 -> 1658 bytes
 machines/hackens-org/secrets/ragb.age         |  30 +++++++
 machines/hackens-org/secrets/ragbJWT.age      | Bin 0 -> 1615 bytes
 machines/hackens-org/secrets/secrets.nix      |  54 ++++--------
 machines/hackens-org/secrets/snipeit.age      | Bin 1613 -> 1613 bytes
 machines/hackens-org/secrets/wg-key.age       | Bin 1613 -> 1613 bytes
 npins/sources.json                            |  11 +++
 pkgs/overlays.nix                             |   7 +-
 pkgs/ragb-backend.nix                         |  13 +++
 16 files changed, 221 insertions(+), 97 deletions(-)
 create mode 100644 machines/hackens-org/ragb.nix
 create mode 100644 machines/hackens-org/secrets/ragb.age
 create mode 100644 machines/hackens-org/secrets/ragbJWT.age
 create mode 100644 pkgs/ragb-backend.nix

diff --git a/hive.nix b/hive.nix
index 1676f1e..c93acef 100644
--- a/hive.nix
+++ b/hive.nix
@@ -50,7 +50,7 @@ let
     arch: p:
     import p {
       config.allowUnfree = true;
-      overlays = import ./pkgs/overlays.nix;
+      overlays = import ./pkgs/overlays.nix { inherit sources; };
       system = arch;
     };
 
@@ -61,7 +61,7 @@ in
 {
   meta = {
     specialArgs = {
-      inherit metadata;
+      inherit sources metadata;
     };
     nixpkgs = defaultNixpkgs;
     nodeNixpkgs = concatAttrs (builtins.map mkNixpkgs nodes);
diff --git a/machines/hackens-org/_configuration.nix b/machines/hackens-org/_configuration.nix
index 568a32a..0edbce0 100644
--- a/machines/hackens-org/_configuration.nix
+++ b/machines/hackens-org/_configuration.nix
@@ -16,6 +16,7 @@
     ./matterbridge.nix
     ./nginx.nix
     ./orga
+    ./ragb.nix
     ./snipe-it.nix
     ./secrets
     ./static-sites.nix
diff --git a/machines/hackens-org/ragb.nix b/machines/hackens-org/ragb.nix
new file mode 100644
index 0000000..719f6db
--- /dev/null
+++ b/machines/hackens-org/ragb.nix
@@ -0,0 +1,78 @@
+{
+  sources,
+  lib,
+  pkgs,
+  config,
+  ...
+}:
+{
+  services.django.ragb = {
+    enable = true;
+    src = pkgs.ragb-src + "/frontend";
+    settings = {
+      DEBUG = false;
+      WEBSOCKET_ENDPOINT = "https://agb.hackens.org/api";
+      ALLOWED_HOSTS = [
+        "127.0.0.1"
+        "agb.hackens.org"
+      ];
+      DATABASES = {
+        "default" = {
+          "ENGINE" = "django.db.backends.sqlite3";
+          "NAME" = "/var/lib/django-ragb/ragb_frontend.sqlite3";
+        };
+      };
+    };
+    processes = 2;
+    threads = 4;
+    port = 9991;
+    extraPackages = p: [
+      p.authens
+      p.pyjwt
+    ];
+    secrets = {
+      SECRET_KEY = config.age.secrets.ragb.path;
+      JWT_SECRET = config.age.secrets.ragbJWT.path;
+    };
+  };
+  services.nginx.virtualHosts."agb.hackens.org" = {
+    forceSSL = true;
+    enableACME = true;
+    locations = {
+      "/" = {
+        proxyPass = "http://localhost:9991";
+      };
+      "/api" = {
+        proxyPass = "http://localhost:9999";
+        proxyWebsockets = true;
+      };
+      "/static".root = config.services.django.ragb.staticAssets;
+      "= /api-docs" = {
+        return = "302 /api-docs/";
+      };
+      "/api-docs/" = {
+        alias = "${pkgs.ragb-src + "/api-docs/"}/";
+        extraConfig = "autoindex on;";
+      };
+      "= /api-docs/patch.json".alias = pkgs.ragb-src + "/frontend/patch.json";
+    };
+  };
+
+  systemd.services.django-ragb.serviceConfig = {
+    Wants = [ "ragb-backend.service" ];
+  };
+  systemd.services.ragb-backend = {
+    script = ''
+      export JWT_SECRET=$(cat $CREDENTIALS_DIRECTORY/jwt_secret)
+      export BK_FILE="$STATE_DIRECTORY/data.json"
+      # export RUST_LOG=info
+      ${pkgs.ragb-backend}/bin/ragb-backend
+    '';
+    serviceConfig = {
+      LoadCredential = [
+        "jwt_secret:${config.age.secrets.ragbJWT.path}"
+      ];
+      DynamicUser = true;
+    };
+  };
+}
diff --git a/machines/hackens-org/secrets/default.nix b/machines/hackens-org/secrets/default.nix
index 121200b..1d70be9 100644
--- a/machines/hackens-org/secrets/default.nix
+++ b/machines/hackens-org/secrets/default.nix
@@ -3,6 +3,12 @@
   age.secrets."django" = {
     file = ./django.age;
   };
+  age.secrets."ragbJWT" = {
+    file = ./ragbJWT.age;
+  };
+  age.secrets."ragb" = {
+    file = ./ragb.age;
+  };
   age.secrets."snipeit" = {
     file = ./snipeit.age;
     owner = "snipeit";
diff --git a/machines/hackens-org/secrets/django-gestiohackens.age b/machines/hackens-org/secrets/django-gestiohackens.age
index 648eda5..77148e4 100644
--- a/machines/hackens-org/secrets/django-gestiohackens.age
+++ b/machines/hackens-org/secrets/django-gestiohackens.age
@@ -1,31 +1,30 @@
 age-encryption.org/v1
--> ssh-ed25519 JGx7Ng WteJXpTnBzKZpognUrmY7vJkwvgxG2JlqPOkJ1BnoU0
-Hn44BN9Sb0BhgWBDZR7Xm4AAeRY2LE7ILgtBi8D/QTA
--> ssh-ed25519 kXobKQ H0VlX0C2BfZWzA+c7tGaokBTGR855cTlE2qlZkKyZXg
-9cTALIMwuoLyfjQ6AwzM+DWE1jLmxzoKuQ0NsGud+Ik
--> ssh-ed25519 7hZk0g XYW9TFHZ2ule9rmiOeTGPLEGEEhkTGvV946UwV1XVwQ
-eOlzfpFFROTb2zni2A0cKwmnjvaUsZpSvDqW8E9mMZg
+-> ssh-ed25519 JGx7Ng UMbo24t6bweWPSYr1MUpjW96t3+usu+M3+WmLkJpSTc
+vW8wOX/E6p3YEh8rRObScdcKB+uCtVIEOQ58HXSHYRU
+-> ssh-ed25519 kXobKQ wEsnzLjnW+tdNvBHYBL+pLQh0GsAviTiD7tODc+5nSc
+gW8TEewhh4N0ed6KNe+PYBQuEmuL8iO+KxLQt2imbbo
+-> ssh-ed25519 7hZk0g 2Y9Y3DSR9Zt5N1XXckNMlHEpczvsyruqBue54fC4lQY
+1UTRMGuN4uXR2ljP+3h7y58dU9C4GCkfKMY6l6GgRas
+-> ssh-ed25519 5rrg4g 6ILvq1I6OlTmvxhgo145YUdpNxZomFvCYl7nguL10kI
+7DPETzO4s3J4+lHIlkWvo4M0zH2792NttKBIJ09xii4
 -> ssh-rsa krWCLQ
-1JcEgjO1//IKYtTSj6bwhjudrpcYuaHAa62lhIL0m6ScSaMcZhGIy8SWU+LvlgM4
-eGYvzinsVhxCAgSJnD81yKSOjU0U+BoY1egx6DTAD59YR+IJ299yM1kjqjJhP3lc
-fomOiDbr7mz0UoD2/Pe1Q2ps49rYkVH+ms7Dt9jKyYh7TwsyWitsvHEoXHjhG/u3
-PjLCVe3ngJtPagl42g3otOpmiZ1ycx/HP9ppJvQYoH6VUt9x9nPjUqtUQf66jwSn
-87lfDXpGoyPO/pKX+IR45zGE4mVHfYsGzfNJMHyE2AImqxfAoZxqmRdQiQLCVihy
-4xuHqWeuHN+Q6KAvhlnhRA
--> ssh-ed25519 /vwQcQ ShQtj+r8CjS6zB2T4IYps21Wt8psIzrrff9NmibGQRI
-dGBMjJfL11Asv+w5FrTJo1iknZZQNekcxoaLxmzAJAI
--> ssh-ed25519 0R97PA hhRQZ7ddcQtQfwLHADUz6LI3lofzMxNfsLBSsN+keUA
-sMKxjsYj+f75tMsM6d4dqLgTozzRcCzZQf9rgjRi4Wk
--> ssh-ed25519 5rrg4g OETtCVypHjgLnenHGL6inIhhestIUEF0LVfJVu6HBSY
-4GWYGsrHaCQURF6ffwN67Sz0DSwBWJ+cBn4WsA9+bm4
--> ssh-ed25519 cvTB5g 5QS4yEkwZDcRKx5w9ip/XW2RUKuDoR9hjT2rITG9bj0
-a6uP4DJZuOEy5wFnCoM1pUd5p1ySSNXBd8WINORz314
--> ssh-ed25519 Wu8JLQ 4/ETnzSAyvb1rm30ZXxBvWrCVvYzmvEjjai4W+nfEmU
-8YpBxgtgNASRGABkPIWV19iQdcK5OI2toSefifCJi6A
--> ssh-ed25519 EIt1vA pKBHFdt17ruSWarLGRMv9Jg5p4owmb05Chqi1waUlEM
-21pDqeyKGbmkoHblA6LujvYNMo1DQ6u+0KjASPp88L4
--> ssh-ed25519 X51wxg p7PTrP8g6+85BCyujUAI6h8D5dQOWV4n72Cu2wQzBls
-X9Sz+dmsnWfVn7RfdQoNdK9ifDKuyqa4QnIz+OfK1xY
---- JD+a9OJUT/rKwLe2m4naby7JV5VE/d4fDaeg2Edyl5I
-]=Ë
-ÄÓÝ»÷â8L’tømrœ]e-\Q=:¿óYx×:Ÿ6—ÕÚýNôäî‘ÉnIÓï©dc€0YË0¥ŒC ]MôD—
\ No newline at end of file
+LdJzAaTTOSSxXTjLEv2n3pRjDJ8Cv/rLZZCsadK2vIK/2swax5loeprUzx60xRUt
+3qLZuXocsE1S8sUq4E0lzyQXmJj3DtgjWFvvhDhsx+UnUPB/S7yojlNPLsqSxJkO
+r5p6dvXsngF78BDDlFU/DnDI/tMnH6wL5PqV7iZiosSmASWxHMAQYcWGNZqdV1xl
+9q2txZF7LxvE1S2eUOFcXTC7r8Z/kBt7XqPfGyBWI1wYPG2r2Zw+tbO8S04iZExT
+Lj2YGnrNGGwNbREoqhMwAxDM6fLVoNnhHXoVQvCkr/wxk+sh2/Lt1ivcTT7Ua2YG
+ApaavUan7cEs3ghnanM+6A
+-> ssh-ed25519 /vwQcQ oaIOirE4++Kx76xSCoQ8EKmnI3Zh8rzou0XACYVY3Gw
+H9DsHQPdKaN/5bz4kf224NiJ8W1ykGx9tARd5UUrMbc
+-> ssh-ed25519 0R97PA SujU6d2DMDGX4zxsQwQTLFM2ap/3ni2y7zpU8BksTw0
+zLuD8EwORd5aDOFBpE0Nm5gHpi8ChRobg6v7r1sNfMU
+-> ssh-ed25519 cvTB5g t62LJ9atiYi5K+CBXXLB9obIZRWBKxrC896q6iCz/mA
+WYkA2muGBMuXlO5ebnul3NkidNcyIWecAdNTo03trf0
+-> ssh-ed25519 Wu8JLQ 3gzrf2TLDbG3YtMmO0qKVKiEPw+arN8DJvNiC09/4wg
+bYCCgA0ve55hKEjGFa+nAelWiYWy6WFHss9R6uEjiUI
+-> ssh-ed25519 EIt1vA kKs5NcxlLTt3iGD8stN7nOgOfomKEv2aZZ969dZNFlg
+IQT3Fx9Egd4kJ6Q3gsbiymu8EHSrjG1F7T5Uz76Z6Bo
+-> ssh-ed25519 X51wxg GU838E9JPhdAkYgRRcYi+gMsFFUTvY4iciFi9b43WhY
+vsHQ70mCsW0NUzMKjgRq6czFD8FwIFj6uo/jklPzI68
+--- axO8MoSOSkcp2HcVpAz9tQuuf0Unh2Ri20S60/Yq6xA
+i¸0ä<3›6,Û{àu›$apG7¢—Ú10Y•&«Øf7(&{3Û]àƒcÝ“ ¶>l¶P"$`ÝU(9¨ì5+°îJî^¼æé‚Ï»|†Õ:~
\ No newline at end of file
diff --git a/machines/hackens-org/secrets/django.age b/machines/hackens-org/secrets/django.age
index 8340af8..1572685 100644
--- a/machines/hackens-org/secrets/django.age
+++ b/machines/hackens-org/secrets/django.age
@@ -1,30 +1,31 @@
 age-encryption.org/v1
--> ssh-ed25519 JGx7Ng eXYZhPOAu5XuLnLyVZEWG0yGReNd1NrYoZaYWk03rAw
-rMmxeUr95ruA24E5rchZ7dWCaJOerRmulpjwbAtqqCA
--> ssh-ed25519 kXobKQ rJXA+IoLwVLV/EUlDBQztg1jDIj36u5k7C0wDEfR+UQ
-2vWEQ52uMZ+cQvXIdMelvgzeUZ/8bENDJCQDHDuKLaU
--> ssh-ed25519 7hZk0g O9G401J2twPY8gB6uYTLkpDSMQRZB3ScmlS91WzWfjU
-7piYGZj0UbyS+KnSVfZthI3HfaNcc0eadRAORtyTd0o
+-> ssh-ed25519 JGx7Ng IWxk65t5YAq/Sg+0CCcLGJyDhvPydKm1D9rYAfCDjUc
+ckB1V+J7Qddbt9EILraMge9RrThyTU2al5Eg6ffD7C4
+-> ssh-ed25519 kXobKQ ZEECnMHvZL3+JfkQpSjuzIuGfcLIIcudeiMlanUUBhc
+pBWa6DxVrinuv6urFDKPW2kSaa95FVFCXOFwMQ/X1RY
+-> ssh-ed25519 7hZk0g la8ZgkcqYQgFzYoqgkZrdSuaK+89mPx9UbiSWGOVXjQ
+4NWbJtWRUnZGMMLyDLArvZktfVfhXmgtn7h5oghH5Ms
+-> ssh-ed25519 5rrg4g KC9SOs8NJ18pbE4/HwHmX8W5XSeu528dFl2tEt3JfW0
+at+D2BMK1UAPsA2fkhMW5uHUjJSK2p+BPeFcfqyD/LA
 -> ssh-rsa krWCLQ
-bFQHI2oqIXEor7qbt4QJfPC0q4PanQ3lUp/sNJbsA54OZAW5b6yC2HOeYjbv1KQZ
-JdOeKZEruUlxPkNBEUpvz777THUnwlTHNxRxO//mDyHGU9PwgyIQS0aMf4Vkpfn7
-OZMJrCmyYh1Hx2olnJjioMC0H3hBeuAbm4hJYu1EEfhCzhyNc8jbgn8s0VTWBeDo
-w8+Nxo3/IOimSI2qaZGBFl/3yE73KfuiYw68vRYkrPWGviDeyCEBJpYcmBsiu81s
-e0mTkZdMBMwVwceaYakDc7fK8ij9s3fpKXvJ4EJ2qqUG6ThsHN4eHNNRbau10Zvs
-YNKk3d6TpoyPl37eqy9i5w
--> ssh-ed25519 /vwQcQ DkKWQydhpA7Lu0NZH6VWG9Jxs8TdfpvV+eHLc8S82Xs
-fvDQQntMZHrLNBxHWsR7R4hb5gnCzCVqPeHFTOrrBKg
--> ssh-ed25519 0R97PA 5Z29MXm0pPIkEihLzGI/hB82keRx+OoVwgHL+pTd1m4
-l+FnUyvBzeeNT2dlbXJQQn5QNd+2za58BwPCqE1rTWw
--> ssh-ed25519 5rrg4g 2uDRtM8kUl/Vhws4ibsZiw4Fo7pmgx4MyJtNjyKLTRY
-ZOuKQfrs1d4hzvwur8BCPd3BXOP0vGewpgfkUKahEU4
--> ssh-ed25519 cvTB5g gOS3PUBQlBWqmKIq99lT10hqEEmCKg2xlxfbWSAtxFM
-i63Ilu0tzXEtUlJ8jKlCW9SM+un+KePGXbaBr96rb54
--> ssh-ed25519 Wu8JLQ 2nRMfMlSNQVOdZGklQfgkH2jv8ECmRKML99H1iPbNys
-bLxntIPxKRBqEu+ovCU2NJklH1UEQr7miSg83Pfrskk
--> ssh-ed25519 EIt1vA 9MwmTDKECbLsFwQYfQaF6RlOmYdlu3iLOCFQopifuiQ
-GZl2HMbgI+u6oAVFSa6zV+d3ra9QbmJcITsrMbxU/pk
--> ssh-ed25519 X51wxg qRnN1ZKEBckkixg7wgAqDphIRULurzrd+dj8l2u6RRQ
-gfdYoCOppQ/ztSY9tEa8PYEbyx5rzu3Qu7Ba/OvcA78
---- q31//bFmbqBhs9r8hy21qyVIwqSy7sYXRn1a/XIrfJc
-íËÁî†*R·ÿª–TÎR‚ÅÅtÄr˜ÿCóAÏ_j]DpÏnö•÷wÕJ`j‘‚ž_fýgO¹Ðö¨ÁO®XˆªŠ1¬w‹—Ì€vÊ
\ No newline at end of file
+U0DpCXNugnsPlWvDJZIwlFA3lCg/uihhLmLFYsdpwpx7kdyRF3KGn9p4X0kfjNQa
+PjT7akh+xaCC9a3GRDEsc3B4L6M/91YdiIX5kCtWccT3fFkdC8xrHnVblE0h6vYM
++I4ay5PR9etittiMIb3coanBU5gZpAhCFvSNjWIV3YvchpOtWO2PL8rR9fRqDfmT
+BdTZMUOm01vuFuPFKmzKNbQS5ydwydv8BGc1MktqoyhafYVBirnVcwtsTQKZKDEL
+CBNgH81down+UFaCi/FTSffkBtBfnl1mzCF3TJ0CrSeEMgyY5yxvtWHUksDzznfJ
+C2ev+95nbRYUSM+OOBABHQ
+-> ssh-ed25519 /vwQcQ C7TusZYxTvR03xbxEmUf8+ePmdTRBbi4eAeg2+kbAAY
+3YpLUT5mmGLSel0vPpDUwPyFav1z/HCAsPsYA7woQas
+-> ssh-ed25519 0R97PA iQRH2sRnDsNoWuom8fVt8naGMrVAX3JAPmwnU/pZ3m8
+CipYmklGkMXYlWyhatEj7cGk51RNdfkkwlKPz26Q220
+-> ssh-ed25519 cvTB5g 05g8kd7yu1+4JzFCrqMEZ6QNsO8VE2egXOUR73fo/hM
+AY/8cMfVTyOY4z08Hz6cLnKrM1GYZbbgpwPVnwnJ3NU
+-> ssh-ed25519 Wu8JLQ Bn0shD1/Uzb3VdAOuyNeHSzLaboxhAUsqQWXycZYDFc
+V2EHtwK0CUdLYCzia43m4WmBxFy8frfR0hkdIkARnl4
+-> ssh-ed25519 EIt1vA FmznskIDNtFkD6HD64uL5OS2rwPwT1S5lCirtYFW0Rk
+3TKTCN45ygLTcrfSRdsXJZKdoz+A3tP7lXbNn2NOhvk
+-> ssh-ed25519 X51wxg X3KyzjW97PF8CFcb0NWW5F6JNMZslmP22d0+r0FRvlo
+mZq7lSEnD3Ui7hcloSCdTH/q4mB2q6lFTvzMRS+BCb4
+--- 4u64XNKKDMEaWeL4wLdkOgugYTkrqpfoFeG/BW4/zK8
+)Éé9çèñ”ÖÙ
+È.kâùô}O0Š«6ï'¥áJ¼}ŒýW(„ÖÖ·V>dè$ö8icjw	hÂ<aöÞ¿4›3Ð5NŒUºÎÎègYÃ
\ No newline at end of file
diff --git a/machines/hackens-org/secrets/matterbridge-env.age b/machines/hackens-org/secrets/matterbridge-env.age
index ee4ab7c77fe7904a5a9f8bcadeef918e86901896..99bb6f1208eb3d6f6b6f881e35a66a5a510cff4d 100644
GIT binary patch
literal 1670
zcmZY8%ggKr0R`}a;3D0)YoUlE2p0*TNhZl8QE5psd1vx|OtLb`<UNyQl1!2bTtT_*
zS}8(NgzmH=?gSB)F09Z^k%ATr{R4DU7p}yGcXKyi_XmD(I48=}hqOuhdpDMC^R2ee
zp$P#VUf&Eu@sOUjIF3*oSy%`y-|YMe3+@g~K$B8;t5cA5dI2fQs}pq1!BH&kXN0X_
za;5?Nss?ReVfd{x_Kav>v;(!2dW2_@tDijq+;&ZlS4Vlk9&7cnjTLiqoEAPL7KH$J
zv37|$0zHe70xDvpQVN*wX^wU12q_qk15S5X9n<)RkTP!h7IHjU7<ng{Qs3tt?RE^g
zsvrd3MsR+t5k*+T`Nm#Zi7z~J4<$W5ZG&=Wo}ls;Cnn^gdTO{1+IH44>bL_?iso*j
zN>|ZMa*_v{To2h%P50TgviWoj%rzW6+rP<``&h&KKF9J+xjQvhHGmVy2g+EF3+UW5
z!8R{rZgMx5n;7n*?X0Wmb3iThlWSXjM>}5B<6*1|ZRi^KHV{%xZsD^XQ$-<XDmT2)
z`XSoXz0ay95TXVGXF(u<ntd~n183!iz=T`Z<_ez}@Vk>=xW#2L1FWjPup2x>ger&k
zL27J^y#SOZn+sR3DYdDj+=Ru-L!8G)d|skays}Wiv9VE}Er>?Avq9@p#pA7Dl(1Sl
z!a2wQVjP+z#cnn`(Gq&Xg(T0GJ}OOq^enZW4pFJ49GKo)FAjFG8*X!NXO9qVHZyC?
zFkp53jNF8qb%lFv#S$1fEo(}k*b#xuQ3UN3b9kaDEc_rC8d{(h);1PjY22}AcytS}
zxGCVF=8Ji#-|u*NgQo82<jBA@jMP5Q9vXx!1_U#^eptzPn8KtUET_P@`7A*Rz+G3d
z6Krfx;Ul`HmxA5x4D&_XFJ1yovzeHiOJwb<h}~rZa*@w@SKkaiyrf40>4h@YX)Hgs
zyE(yRYXFoo0|hs7rm462%<*Uk-WIeN!GunvO}t%|gYTqm;M8B(Eo@PQL2o>-Yrq}p
zsakdSBtZl{wHeR4DcZ+cESjQ3&;EQVMELnjG^4~NBE_7JCnb^;WK7D$r1h%{Z;a%r
zNLEt`HM*{<FMKkY90t!ftdA;^-X?o5ubPQh?~Y{dn}BwRFs6%nf)gadPnKl+2Owib
zUbcd?PS31wNd=_vR}xbCT!5qn>9l=Mlk-qAl|Vmk(!Y_iYHq}Jf6Lhu#EZEz3y@0o
zIEUqC>@OW9<QC<Dyu<q^pW+i>l#?VGV8oK^CfnX|Zb|Op+T4Prh$S(Ec8%0_zIQyW
z<YSGKMr5KltK!Xv_L4Rx-9SosAf0wzaA>5efN^!f<*W+Qi~V`p!oVTyy1R68r>OTG
zEMxg0i^$x*)(E&i`La*>*z$bvja*8PwIhzqOTL-6ScB3ab49n&lGWJ>S+`W0-d#Ou
zz(WSgSuz~v=#={jpw`Qv^PsZdQtlv<eZk2trOHrin>4miu5>k&ds-1^I|m*f9yWL3
z2-8%`a|tu+5nRnNA#+uuret2H=%qXcg29d;vSVuCuhduG_~-v#efZh4Prviu?>Es8
z-$a4mbo6I$zej-m_MIR6<+Hb5djF$W-hIY?>7#!<{qWsyeDd>;fA#5;4?fU-|JoJ!
z#fLBddGojWO~L&3S#y7@{_ano|M=zizq@<sdw=}otABs;+P|0sT3?_32Yw^?_t&55
j`ZwwR*I)kpJ?7b4A3yo!JFkE3?VtSNr<Ye>`O*IY5(g-8

literal 1670
zcmZY8$?Nn69mjD&TnH9Cc<?wpRuIOY*|#G0$ug5|lF2q%1}x1s$xM>TI@u@{DXkli
zUJ4#d?NO!P3LacQsi2<PTUFXiPaaDVJ=k8J%kTLMUcA3wK0%t?CD*8(>;7C_zg4v<
zIKaT&cUE1O-6b)C<1oFFg^ASCRaLhGr=wk{TgL30OL>C@x+Z9@(A7%j<pxyhC^{Ow
zzyPy15ng<u8llP7@tQLW+H}iwd!sCdcE<HdSwKk3`)do`*K)546=OAzo7~7CAx)$p
zCuT#_`DrWg48|vlTaB_^%r@g^Wx?fujllT@c8`tUm)><c9nD%M>rIQFy>{HKx!za1
zsgBq&$nR@pcFdu4l?eIX#@5>2EDr(#cb08co8@r!jmos9q(6^6B~V_|%|1{S$Ky_4
z6IzrqEvBIt8KKouapHwIcABWV0ekZyL8?UNzJ|ALilwWuZpa>0$SY>E3GRA)x5f9H
zO7as|cT3*^2c8oc+E@$<z~~bKDFP<NZHFbwj0izK_z}0=SBoORHFnewF{dy^=s(ul
zE?DKQ%k2!n2_)gv=exuwi5pQuh%(ZC#zz~>&e%}ZXDP!aJtG}wo#hhUQR~=+rDPUW
z=SH1D0+<!UDw_^3^<#^4+Xj(f2ilTz(pBIk*_xwBg<vb|B<hJ08#(-pa$HaM*A6qc
zN#z2`9*$-;uoZ_aqF#*aI-QV8uv%C19b}~VBIueu3$B$-*@w#_r_xzesb=cNdaEHC
zkfEcH<$jz&%Whe)xZj|<X;OTu&zZ{~jyxXrrf{lBUtyw-I+p^T+KCf0R6|<_>juD8
z5U!a(Db$)FD~R)HJfZ9Zg+jwdrEZiLIBKdhraI7>s1UTXbxyQjCH>W;HC2uQ#F&R`
zi=Ot<l??IeawKnlYdpU8<CTEJXhg<}D&o=F?vl7V32ISXZ8bjdRg)&i)-fwitW!c2
z0s?NV5peLVQ_^a;HQK#;pytcMx%@oUV%8Hzc<fz-H#Vx<_0<zAflQjznblcFVHV1J
zWKu6%!@6W`aZDLj9zlWJ-RcmeB;49)f_R_+`9jU2jlp}Ry1^y9kbBCUcX>Aj{?0rX
zfhGr2Q#nT|#qPI7gU#aUibcU=BsGTt#9a2%I`h<Z1%;nl{;VdopHw-A62;)I83Pz2
z*c%B*;zQ6zMQqB*Q8<ak%;-~v+8J6BL!A_b;?GZL?v0Xn#tKY`5@rT5xW&7Hfo?Hl
zdc}xGL)gT&Fr|vzUFob~3|j)a)<Nz5iifCWcW^$|TsR85Jmc8hse(OwHfp}vtdZOL
zaKCLM_3*%~=-An7=lGzClG?*zN_S*{ovDW3a{JIA&h>2Zgvee)aRiDS%N+;}A&<r8
z@Pztl>5bKV#p<F#2pWtQcJBo~b!eXWn}@^Wl&*ve0l^dE=G&qw#VR)o%a1M*7lKz0
zj-f)Xs)6w+X<g<3iMc~#D77~*dfV8ZiD`rcCpZ?Jh2~(%jv0<BHpIdC)3&?2)iN)o
zIE<EXFrv~S)2MD8O?RW=>~9!tU8T3Al|d3#y$<-?XTAad|G>T_Jov@KumAar|9I`W
zH-F5({PvHY5}$tI`DZ+8{MmOe`1>RE^jGrNUis>W@BZ=O`(Mz0`R1eFef;uo-S@uv
z&R@U%tB)W2{^6@13eUdy(y)E?m5)C7+Yf&J_Yb7cKl9YP|M~Bq`hR<`|K#;AfA)=k
m{^e`s_Z|@ci{AM4-S>a^)^8px$aDXC^wRTR`st%TxSs$GP%r`j

diff --git a/machines/hackens-org/secrets/prometheus-webconf b/machines/hackens-org/secrets/prometheus-webconf
index c3c3e3c4a2509d233372376c10e7a692ec28eadd..e2ca172408c4418e50292e1ecde2ffddb11a8bcf 100644
GIT binary patch
literal 1658
zcmZY8yX)fw00(dt<REy$ttv-1IpWW}la|vv@@m?oNt-lp7xQYKZPO&pYZMi6JP;QZ
zaq&PAbWsooaZooGb#V|yJY5`gaS@#ye)kuA`11XJy*Rpv4nZ}PO?o^$eXL@rMSzQ2
zle$hWq7WqrWHu3no>Jn8(3K$UPWO14jvg6FF-}{dzu<SJN6ciZrK+lQIGZ{h3?Mw}
zRGo`W1SeYMXv#ukIx<-<V__szC(O5?KJ=l!n;Z0HEw_)pq)sreQ^7T}2=&6#nmv&l
zTFDitg3EDEowqg;=Jqf$eKZ8X`D}I;L2cpXDT`;MCd-*A5T1Fk-7tj90fsB*40>&@
z$d@%LadSAHc)4D>=eXW15;`?0W;LgDs)>Xi)%Fm2a$)AkH$@@jh78Oitzb2Z6v4un
zA_vZl0zMhcMY4?=Nn=@=Mw>RANtSe9HlnIxJf3iVDxT95M_4|!vcwW+Duk$xSSsg@
z9zpS3%9MCD+I?;S0h;ED>DvjKvYk6}(lRp(Os7Mkj9N7ubB-qZ6$@{w|Fc!KH_0oD
zU8#T@SCCB>p0dW3MVtmKGo!h&KOEDnS(j_%q)e?Y4otD4ocXSIm&R;wsYfx~6xtSI
zLf`}yOxn9Dqs-O4L))2dFV$_RfYZgvT-ST066HDOZPptjl0+z`6=NGmbt5(szR<%X
zK!}8kaE2H*>!}IKzTpfCCuNXNxP>$N^d^RjQWJulv%R$&o-%e*?)weOcha~TQw4zf
zO-i@SKFybbmmRA8*>xMirn}7LGm9HmJ5r8aoS8d>Ftb5Vp6MtG7Jf8PGR`cH0Lkx;
zV4%9KLVJ6PWF_*1dxO}Is7Y$!Rt<!Gu91!2ki_VV?1;o*T`^_2AJZ1~@ExE!$|?$@
zqHc5MR0s3iHmLl*ZlShQ19g()gc;ZTG}o5Qo?otrE?86M0y{)hFHCJ@yDQI{t~Z$u
z1GL<cCTsh_dfm@N_G}du1umEsp1bxm#PoLO@)4cD)_9)=Ycpy?Pw;NJ;D@<P5H%XA
z#MU~A=F}jG@(@9Tt5$2~l$HFpYE%_SARN_fMdr>b3VRtl`Vd#PNn+N`*4>JcZ}glZ
zP7z5{FTW&cb%uy1rz$G@7VZoVX{3T4(_Ut=${yS}GX}U7D8<rf**Xhd4X_E*amk90
z>^<WRD$g{f5HN;^oev!<M3{}vI@4VWO7C3Otn*Y{sS_M#@Rf0tL)w@LHqSZ5bP%(X
zC-tC%F`b`oEJxtmvMO?*82E8i=LZm_yskr5Fu@`rgH2hcJZ+V-Am_G{95gIA<d-#m
z*&r=F5lpPKAn1HjL)dZJ#M;uw5<Tpu1VyUYQXR$r_BfE9n81Jo&vnjGI3-JCI&uq-
zSLZ~9pDBOb*!reU2Xn7xY;9M@Wz8m#u8$`SudQaX-Xpf9QPMG1`-MAB%@9*|Jg7+E
zt_GbUkb}Ihfdk^Q9@Jpa(hwsp&d(GYA;l~xJJ6yFK_C>#!}5LGr8RJIaWNSXO{=qz
z%;UP+8P-wF1iK#(bKmlm?R*#Z35+&YYgCZ~eE#><{`Pmptw+9n>1*@4|Ec(ke0BHh
zwFmE9e;Ii8i5Gu-?)npN2Or-4SlK;r<)26Ies%lz)d%0d|K>NhH*ZP6-G^Uj-u&{5
zr`~x!{^OOuUw`NKyFXmJ@#NKHcJI?q;*Baj{?lvoZ~p9``T1UW^RM5oy!Y8hZ@n?T
Od*jYSH(!11<9`9s-YKO3

literal 1658
zcmZXUJIm|{0fx6YC<M0<ZwR^!SXhM5Niw<2C<wVt?)Q7ZOD2=sBs0n6o)lXNimPBF
zRx5~wAhK}W1)J?GS5V{>TG+`RwGqU^(yuwqcYeXc`|$8aS@MwF;&y5JqP~5tZnNzO
z0}tQabY1?CoDmFz4;zu22{qebTPa3#luL+??wg_L!-4^G!-Q>36+8(|!gEvm$J=PK
zK-pxVC@iZoaFK;wNSiK3@Q$qoVl0tlVwaI$>!2d09(_tH{rV&s8_r>!-intXhYQQ;
z>5)%ju9Y>gI;ky)V3Vqb)KE)V-T~Qw@d<$!&dec5-b<sq@(7mjs&Yju_ROA|iK}jB
zjq;|aG$Id6DBBR|&}t`N*KATMkMX+BQQPU3YWsm8Itt$7qzN6-gfs-;c!Ou-JoJtq
zSyF!}l{g#Q)PsC1AvN#7$OA>ETv&ov;T5gzqD|R)v}^!*UkZJPuT9U94R=qIjNLh$
zWw?cQ3U>-v6Iq^jcN<U59YZy93E4$?nn`AA{H(88pilX9t~F=8K}{`lg&j;*V;fWD
z5r}n8Rq@*HaC5!fg&`pCbG+V3qOQdVq=SCdH3ukZns2Vsnqx{^c;r3N_pr@c$}NGJ
z60fTIKoeYzu=_@9uc}$9_im6gY=J{~LQVG$j81f6d%;|IZFKYtTs!1dRu;Yy7s^A!
zfgwS-YH(q7BM2+BaChYQiZCNdrv%8jLIA9dSU7}JpRDHs8U<WD=1RP52jd(cazx!)
zQ^~;zJ(;eMrl5Y!sB0igwcQf7i|#7mVoGNX0%zBoTzd6Pfo*PF_R99FZnxuP#KxxK
ze6#Z-+GquxuqOt><9(4+PPvY|ZQU=?JxmGDuj6A4RF2lgUYJ&Bjxv=MBZ+sz@1yOK
z+k?>8Ma&rZn$(zqzSb>d9tfS><QT(HynJ8l#+<V-?b+>i7js$FpztZ0n=lN*eJb`U
z3jx$Xz<jfycconXd9`Kkd{9-vnZrdm2dX}W;-k=<-dC?}i$|NnvJDf|hvCXtDrh-P
z<ulAqD^yyfb((6B?$pkqd*%0b8!`fbWy@A{_g2O`EVu4zJND~3s*T+d=6m_7iMMbE
zE0P-L&{LD%uoq=x14ZOz#=|z$xq{V?MK)c7g2m<X*tr8k$ae+tola8@76hEtVZA_b
z4{5S`YWG8BEsH;<W3MKTS@!#-qI8^w<XiX}4QtyB%{J;bHF!xPH1eph2Cw%TWcw?U
z+V~Di9k(kXE_Y{o=TkL+iZrZ;lT+W6L1}o&-6h!(WGtZpm#Z6anFF@Mta=?9Jl)0$
zJv@?|UAbgkbXmhtTlL4>V3L?%ekN%A95$H(9h*=hEC-=%5-38O*0d{GTQt2tnw;&~
z!?q9Du2rhJEJ(S*AFr>!nfm@I&Bx$r&Nj1BFI?qj(IpY3eaN<$%5<PMZ{09I7GhVQ
zNWLKPo3{o4c*{naEe{7TICt=x?3oG5%)kZd6J5=AD|n~Vm>36ae5~Z*VWVFb&n8GX
zLQAd$=_@Q=sPd9g5R;%M2*ca;qL)0QBagiofB&KT{+~Zhz5ndZ<bxN#{^d`;`Yxyc
z?#plHUmrhw{?}i9=k^h8|M%bDus-p|=RPI=>E-^}yTAY7w2g!pZ@lw^Km75%=Rf}V
z?YDpX;X9xG$3NeC`O!)I!neQm@<%U!_ND)PzWU3H^n3q${<pV&`hD{=FZ7>7&%XQK
Tx%kB=1LZeg`QOLaFRK3sA(<=_

diff --git a/machines/hackens-org/secrets/ragb.age b/machines/hackens-org/secrets/ragb.age
new file mode 100644
index 0000000..d1b1fe3
--- /dev/null
+++ b/machines/hackens-org/secrets/ragb.age
@@ -0,0 +1,30 @@
+age-encryption.org/v1
+-> ssh-ed25519 JGx7Ng 6s1XuhN3TFuW433ZrghssoyScvjqG6tg+ZSvHBwYOjQ
+54ijsvv7CO/1L9ib4fgiRAQHmlU2r3j/fbc79qiAo38
+-> ssh-ed25519 kXobKQ WMApvaovS/ddPbz7Eh9bCF3SzmUJN1NQGMKzWCJ6jQc
+3NehvO3X7uMU/H7g7d4nFsmHk0PhXrRT1XetWUBHAnY
+-> ssh-ed25519 7hZk0g RqNPzJqoSY1umAJE/FPZ+MR0R9eCDdxonzuh3uMBRhI
+Cfou0mqV4gHGP7OJbgPm8VotU4cM5YVX3iUkd6myU+E
+-> ssh-ed25519 5rrg4g mSZUVF9y4vYfBbjgP0UnSfgaGTC3/Yx+fAFquA5022E
+1yiri7+CZTSUhPpJlo9f1EraRVl3Ihw4wtjgXJPMRqY
+-> ssh-rsa krWCLQ
+gMc7ogvibqMuboKqSgqfedIxqyhhljJFp5zI2bK6D5rdcV5CIPVz2xQdk4h678Qg
+8pYlg1+UDu+JyXvJgtWZHYMGSs17woIYZmw9UQh+IYMo4Qn89tn4QN4exYwB+7gm
+dWEqo7GggWG0Mu2w2OVu2oB1D5aUvF940hUCyl40V7hIkMpJwFfMfvvD04XsScXV
+GLpWNYcWIQNaBAxTWRGkpt9jvD1W/DjsOUhOk0BP5hnSPm39awfLFRo3wWFBiaDq
+yPRi6P8AJdVWS2n+KdQ1j5dLo19DngkUAmepIR+oiNvgIFKqDAvIB5y30d3guGdP
+7zCS7IEOOMLQvBiq99DU2Q
+-> ssh-ed25519 /vwQcQ GWEth3AXh2blSPzXzyqaHdRlA+Qmopvdk9DfL69PVlk
+sVq7EbVmJ0SnYLueCHB5zOr/aR9QurTqtMIXGdL22cY
+-> ssh-ed25519 0R97PA gZLoe8C+FTOXM0i4VWBwBSNSxZhfxG6U3pakRBDwZ0k
+LKxzJofqUfdY1swAbRNcOcWfZJ1lbp7S20y+dfjKvUU
+-> ssh-ed25519 cvTB5g GbEB6Z/6A/ntU8truri+tshuy5tqYSSo5SF0Brt0VgI
+DOkGd68tE85ajEBmKUx9HXiKLjCdUf/tKME6+Ems/RA
+-> ssh-ed25519 Wu8JLQ tOF/Dc72uMnmQy4rNjPoRzVhQEuwiYLrmmdCsmJ5wEk
+RS5erkX1HIvTDw6g8qrOtZy1zpCphnGw/bqT4F0Q6/8
+-> ssh-ed25519 EIt1vA tSBgk0ljTD1pLRsw7axRh2zl+vIMISjrw7zrr01TBB0
+hb3kb12kRHCxMeBlxjg6tJpgQpHzJkovH5ncuM4MzNA
+-> ssh-ed25519 X51wxg Gy0QJbua5ZoNYDnuQXlPVFxQvm7SSOMUR0uDRI719gk
+VEYU1qazlM62F2xsXIFhIAEL4ssWW8o2/e07NguMp88
+--- VwkrST6cm5HpWtRWBM4tkk14C/NwtxpBbXHVj6ouyxk
+(`WÊ;+u'oÓj	Ý—õ{ïMÄP0ž‡›DèÈ™J}Å¯»È{ìætˆ°ïj`ÂK:×¸ŠI;™çA2ÿCÕ+ ö\Nú
\ No newline at end of file
diff --git a/machines/hackens-org/secrets/ragbJWT.age b/machines/hackens-org/secrets/ragbJWT.age
new file mode 100644
index 0000000000000000000000000000000000000000..75ccf2a78fa78c2df25f6628dce4be1a4c54b6d3
GIT binary patch
literal 1615
zcmZA1yUX+h7QkT}SqK&`h`Wg3fLeujbH5cTnPg^?naTa0%G@TIB$NAfDiOBY?H0BW
z{QiTFEw)e)`9QF-woz=f-fsJ4-^ya(^bd!_`2}h6lvGi-Hp8{9{!(`-G$Fv#$D6*-
zo{|_P2!z=j4+|xyo4dZ+UT<hz$8XC5OWoTd#8%^Rm_CuZz>7*jEZ2$Sun5=}`$#rq
zP^}4Z=FL$%n;w*Ujo7vp<_$K3&LzJChaFNpYK2>eCv5}j+X3SOa(<p%SZsL3NZH&$
z(UB!{e;OR4<}k5BMPUc<*?OhuKv!UgXfYPPK-JOH_f39M8w*AhvnLZ23tAA|J!(|u
z7jU{UDI;TRTFSx7PvX0)GYL1!1LGmyjGEwVC+DMYbf%Z~fQe!2KGzr0Dxqw*ZQ-T&
z57Pl7uHDEs9a;*App(9KinT|L=(-e7H>697QZ&{V(ny<L5%sl<-CAtqo>}2|OFB1p
z=<Jdpv>6b0he?MV-$Gm-?K_9<xA$49WW16%syPSzD9s{%D_7<B-MT*56rIDJHQ<=g
zH#S#ken(mzVNgYpUm{C$)S07|JGd=9t@5Efi%&wO#$MVi_iQi)M4fRuDr5#gL|4jd
zj@jaojT$mk;B%Z5t2-P;L}_zy(WJu15L;a^xt<BRv@Zt=<GQPD%Hq;1K+w7lwB@6m
zosMaMkn8G_YpWb%H0V|ztxBYbVRfL%faAq;dk;>Y(KPEgbExVRf&`=|6jfSI=rv!c
zI4K$Pd(hN%cavc>t+~k~qj-=&+_W(*-iZmBQRASxWlz(LVT&b@(}*3>u9u5}$R+qy
zCdiap#TH^b=rUW^g%$|<R&dhYP_2GR*&x`DW;#rB-?b!h0m6e?Y2lf=GFxK1Cp<p1
zsxW=LEi}zqq-}0wRUA(NWoGH(AbY(PJ%KW#_7a@%UP2Q|%;#CRE+v`*qmPujdKx?b
zvcJKaqR!2ZzPeW7D4HY4X2G?|IH^Mj;*T1vGnC41;A2BZhdGcXy}r3TqzpG~-J%SH
zEKJgDPkvYM#>lfVVgW(Hkg;pSnW~J}ov|N4rCIq-h)r3V`*VDvc-BsPoz3b;Et<?N
z@mv7$9?Xyr9Za21mNmgawG9t^Zs+N3SAr`ipqh6N8y@q3Skks`LpBb=p^;$k3%U-`
zjGvf6R^hU)?s#=A`9q41-lOJ>^zp21IFFMtxYQg6FW_T%$(0}(=Hia$Q>0JZM530Z
z5q(fbX#h>i@%cTV{A};tnC=92BK?r=mp1JQN2!MW5+)b!!cozqwi5?rVmEB0qH1bZ
zG-D&-!C12Hd_5Le?veZ6SjbZ^9zf8J74RMbhbSi@xy+={8Z4joun^_1k;<Dzv{1`Q
zOXAFD`b7v2?4#xq$h@SRSR4)TlzBRY%*C-X?}FFzk`R_BTMTWQp5a?<vTnrPV88`q
z>N#KGaM{{SBh;!c(N4#!l2Aytf|#*%6-BF^xkv(@o}M->%;(1O{@g-UW<!m)U8TS;
zHbn0BD}K#MPWNLX&`<uv0-t{U!yo?rw)xdRpuhh3;>+awfBh+gU;FSo;MI2@jX(br
zRsT3&Uaza*w^u*mUwr%PCx3qJ<-7lT^~THh-}?J|*5BTL;eYU%_0E5O`{uu&{_>{q
IdHuov0WD1qegFUf

literal 0
HcmV?d00001

diff --git a/machines/hackens-org/secrets/secrets.nix b/machines/hackens-org/secrets/secrets.nix
index f9ee762..2072486 100644
--- a/machines/hackens-org/secrets/secrets.nix
+++ b/machines/hackens-org/secrets/secrets.nix
@@ -5,48 +5,28 @@ let
     builtins.filter (k: k != "") (
       lib.splitString "\n" (builtins.readFile (../../../pubkeys + "/${user}.keys"))
     );
+  keys = 
+    (readpubkeys "sinavir")
+    ++ (readpubkeys "hackens-host")
+    ++ (readpubkeys "catvayor")
+    ++ (readpubkeys "raito")
+    ++ (readpubkeys "gdd")
+    ++ (readpubkeys "backslash");
 in
 {
-  "matterbridge-env.age".publicKeys =
-    (readpubkeys "sinavir")
-    ++ (readpubkeys "hackens-host")
-    ++ (readpubkeys "catvayor")
-    ++ (readpubkeys "raito")
-    ++ (readpubkeys "gdd")
-    ++ (readpubkeys "backslash");
+  "matterbridge-env.age".publicKeys = keys;
   "snipeit.age".publicKeys =
-    (readpubkeys "sinavir")
-    ++ (readpubkeys "hackens-host")
-    ++ (readpubkeys "raito")
-    ++ (readpubkeys "catvayor")
-    ++ (readpubkeys "gdd")
-    ++ (readpubkeys "backslash");
+    keys;
+  "ragbJWT.age".publicKeys =
+    keys;
+  "ragb.age".publicKeys =
+    keys;
   "django.age".publicKeys =
-    (readpubkeys "sinavir")
-    ++ (readpubkeys "hackens-host")
-    ++ (readpubkeys "raito")
-    ++ (readpubkeys "catvayor")
-    ++ (readpubkeys "gdd")
-    ++ (readpubkeys "backslash");
+    keys;
   "django-gestiohackens.age".publicKeys =
-    (readpubkeys "sinavir")
-    ++ (readpubkeys "hackens-host")
-    ++ (readpubkeys "raito")
-    ++ (readpubkeys "catvayor")
-    ++ (readpubkeys "gdd")
-    ++ (readpubkeys "backslash");
+    keys;
   "wg-key.age".publicKeys =
-    (readpubkeys "sinavir")
-    ++ (readpubkeys "hackens-host")
-    ++ (readpubkeys "raito")
-    ++ (readpubkeys "gdd")
-    ++ (readpubkeys "catvayor")
-    ++ (readpubkeys "backslash");
+    keys;
   "prometheus-webconf".publicKeys =
-    (readpubkeys "sinavir")
-    ++ (readpubkeys "hackens-host")
-    ++ (readpubkeys "raito")
-    ++ (readpubkeys "gdd")
-    ++ (readpubkeys "catvayor")
-    ++ (readpubkeys "backslash");
+    keys;
 }
diff --git a/machines/hackens-org/secrets/snipeit.age b/machines/hackens-org/secrets/snipeit.age
index 3d76be63af127fcfe383cb160d1b1abf690ad49a..0dfb3d38f4b05c0705a38066d9774157b7581382 100644
GIT binary patch
literal 1613
zcmZA1Im`5h5eM)p2?&>N+?a(_K|GPPy1_PRb*ygf>XsTKX?3iml~(rwZt?*V2!S-g
zq)U1e2myDF2_&V{1l&1QF#ZaDnm5JM4h%nLhW|u)`jR$Dzdgr$+x)Wab7)3@mroAE
zP`sqKBaS2VK|Zgfo*(>+y*v_$_O}V0YM-E-d=m=8T(}{&nK_AUt~e`u!UzMvSDaj&
zJE0pr%+(}Cr!CDvwSJK@5DjoxnP9tBGH8*dw_4@5v2r~?A$Tp2$`K^cr%886V@I5E
z1oSuAK4zgeZ~|-#w;E<(fbtMj?=N<YL@gIExJLSEiJK579|Lu3@)dG+iILpKciw7b
z5ms=1Sj{}w19_6qjEPNF8m4V1k)z(VeU%_5jyFJgCx%E7F<=c8se3{^e7+(h?iPl3
zda`%Q%T<fx!bypZoTy20ET`(NhWCAr<%hyU+;Cb|FlEoFBXb4k=cq~-h@w3q!+zRx
zd5n#Vv@{Mdpu$|PP${sNh`60`Gna={z62SjCT+=C9rhSweviN*d8hS5bf|idRj&ZE
ztaoG6jnz~P20al&+z1bvbeNOtH<N$6-Nd4XuN7RLZ}O->=Ny%;sL42&n}-o823V*%
zTtSoX5(Y&Jlyi!L2%;U0a%R@YPRO3GRc}MU(H$h^y3#h$^Ev4!n^#}YIRQX}TB(|n
zAFD)L?NBJsb&$2DHbI-lp%SP;D5r(@B(VZJ0z)v75tKK%N1?g}?t>*@LNh9B8az+W
zrChzny=k(}?8lp`M~i0*(n&`om&t?67P-Aj(;|Vh7u8`>{m8m20Z3HL8#02A72Z+X
z?o-@iXL92Qrwb@-I_0?*JmX%rTJs6gc)}gabPCPev4EP(Gfn_O3G*-<Y3$6Ep<08x
zm}U6#Zrkrt0?o@cxgL@cp0AlRI0lu!4((t_?Q*AMl;rDVQw6JdVz_LNO4v1kpU@!k
z8P{nAqC2idg`G(9!P)`asTA4AU6=~`X$*Rgd8@%DO<tJ8x@g!`MSLc~CmIbz%b_!p
z6bN^2!Y~<4812)1?>SDufT>lfWk>Jbe!_2!MeX2XO3Z|_4^gAGvXO<`)N*54Gum4%
zne7vvACmnsKJUFZHZfBsGH+C>l^m_C$1MLb@?c6nEs)_Uf^C7}2>W90rPb=q7p&Qy
zmJ`B3u6P^Q#t#Usbp|teXLiolx0*LmvU)w#SRqmxBd5cTm;P>X8D(*-uP0Bc^yH?4
zEi>3y_M)F)Ai#WMYFE!cb4`CMCNg3(YLN9nhw3&`5+q(JM2R>?_<u^?-Hn$<WM&Sj
z=5$U{DT|0tv0??(uyi(BX3m|i+fYgSn)d3_rNp%b7+FQPQ^H2~aWMi>C9&J~cpyoW
zpE8ULx?_1i%k7%7aQ=2SA4iroKS)$0-SPVF*1@&CH=|IntW@I0-R#R^TRlU*O{C1^
z=t=>7cUd7SrP5=g-_2zg2}JZ65R7oq-po>SFd{+h*Hmw>|K{c8Fyg2%;`=zrYOKJe
z9FkL84{-+S;k_hY8)=G5yS_F07WmtLOXZ(G{N&dk{Q0v#{pX8s>FeMB`q2-MpMU-d
z|Nb|>r+*9n;;Zj}_30PiMRxSf-7^36m(RZZquE|Qe(&G^`~2nWkK~{J><|C=9q}RY
L!Fyl75B}yy(}oTB

literal 1613
zcmZY9Im_(!6$bE>Mm8?e*iB#vr19`t8tsB$^Or`WeI$+csiI{@(nuQZ%cymi>&}IH
zn?P`5+}pTGijY7E1TKV-B45Cbt5kWL+r0M^{LXov!wJ*N)8!s_k7mg0`^R;c!qX0V
z`ef7h+0!LK31Y`=WMQF>>BhRQq;|3}0~`ko!vc*aV%HW>2MOJ~hTX#ZnHQIHUFHr1
z#3d)yi`}pJVI{g)*SA5Y3M=Mk?THF-tu>32Jmv=)f2kFI9VzBUSF#a@VcpJwLr|q>
zKPJve2oS^vp8|DH4^rALdzx?pNIoJpy-#W!^;uyz<2iR=WS@zR-oo~P;7upQPOjEJ
z(zi4!I~Pd0xxq&_t%hRClHMXHo0pPy5AqE5%4@8`Ioh>bD~?M9Xb?gP;0Rc09ahhk
zM?(ZIothvhx2>qe6EeeLgXEgM*8H2@x<1?#oyVyrw9GB4kCY=a7dO3I<=&xoRT3qs
zql9`8uw@%&8sMjgsyY7I!UIu0s|pJ<b+&C~orS=dWHXJ8m#n)fkK^t+f7S2N^Nz0y
zQ9}07P*{ze=Mx+emWz<~DY444;#0WH7ux7S+W{VN`hx8&a+GMb$UD3ztz>ccrl#)%
zV1N@!R2fghH->dpi?@k}*qc@njMJsxS<sbAE1rTMv&KzJf(vsVlG4!lw=<RU9iT>8
zp6hdk9F@@tHLB(i{~Xb$ddH;Pc(DX%B25{iENUKhH_Tz3D8IvJFHRjoAXb%Dm@Sr`
zOy!X<tL=iV6y2&$MISA5C{KX(DkxxNZoja`xaXIaoS7U<j%L0|`_0|L(`?4(CWQN7
zG)PYp^|)tly`?yr=UYsL1j-0MPj6rFmLm<94WOv8JtaNZ4K+)G1=5u;<0FAZ_h_a?
z+Cna^8#`pK$b$4zLrx53fK6M3WfW!NQ4iDxD;D(#ci^#Pk0}*Z_3ZeLRt)iSlb$ch
zK~Bzr0LC2{E<OWxc${ca5Dww33r1yM#C1eHjO*Rk;+GoHbt#^1G<(^x9NuG7S+mY1
zKAny8SdB~*v(7YFG)X4qNcGP+0s#~&ZXAgdZq{7$&R=cPRyFN0TTQ#RqV7BUHg&X%
z?IJI=c(Pd{-IT499WR)FMY>S9)nI_Tk}cd;XG2xt(6mp519?Qb+%6z_g~`^-*Zt&k
zvK`PWignmRDce<(9LL70Lqi;*@o{Rjmzp=yvTAM)Nqpbdc{%}iBs1n}bc>8SR6xpZ
zZy{HkV-?xAkn--w5KJ^xXR3Fr3E)scWfz!;-0oKLPCvINx7y{jRCigxy|+F9FAcj1
zZ0O#JxLyji#t>(wK}^h5mry4b9k9x>h0pbrYt~*MEfY$QS2=9swBW=7)$MAmd8v{j
zCgAu8Ht4KoqzUyetFV2mH=o$eOS)knEFVgxF}5;oI|DhHe14S?%|Q?0e4X_xT**!`
zQG?h+-L+-_jmPGLNxW34R2IYnUVE)B<rQXQUWy%#!huNI8hUzq+7zUh9)s())cC|a
zmeUB=KsBj#TkkqzKY>9onjE|GzKBEj@812>KmYgdFJJ#w{AgMJ^V#R0zy8$+KmF+c
z;|D_h;`hJ!^qo)hlk)m^Uw>7i@A2Ob-@p39U*13b{k!Xbzy9m5(GUOl<KN6*{_Cq(
NfBxn-k@f!1{|A?y4U7N)

diff --git a/machines/hackens-org/secrets/wg-key.age b/machines/hackens-org/secrets/wg-key.age
index 258092ef7574b3a36e0ebe739f67b33dec110c66..d61d8e08671f9483e69b82bcbb8a93130ea187d8 100644
GIT binary patch
literal 1613
zcmZXTxy$?r8GzYJNVRAqi^>$*7(OTWfgt40B$IP;Oj4Q2Ik~S%GAXv(ZX3I0VRyk@
z&_!_nfCXzSK@_aC5G)rPE$sX?Ka0=$EgqitdEY2cU(z-npZ$FA+Mje|eq3PS<!6U!
zDqhkA!Eu;ADAGpi`9bE`ily=_aQW6>BeRx<hk(*qE3iug#e%n;DeqAnGb8|>O4M&H
z5_>IVl|tJ~?f~Xll7SwT;aYh|lwvSl8AkonYg%>fZmM;lv%2UXQhU_$!LA*QsrzEl
z?ToJG_VE;#r!}f%nyR;}02Fd>R!D<geKo(W`T`T)UQiFE>MN*Pb=V&`Ou|O#j0>-6
zWD!<SemL^h9cGzsG1Vrmkv)$K;mu?l>4ge6@0t=9`*A%!%Pj{~=4{?vT_pl(x!m<E
zx1>uFj(4T2df9D^<KoReeaRZ||J?9#%(48S58~|Tr>JuRp%}=^E^;0Z&Il7iD5Ixf
zH59xhHwn2jfX)YOcuJ)6X^v&H32Zrp`4C@<+J>zeGR>JE>@Dl)B7f^PPSK$neeP@l
z^Ro^UUp1z&!we+HjR?h<Gm92{bHl6g-Yyk6U0K!gOVEmJ=BN;P%D4mB%aR7}6QHHV
zu1$$@#pbH!T!9j}0*~u8$y%qz$p-Z3GT|wTWAZ6}ijyWMSA-Q#<u2)H#lk=t?7Trv
z=g!!Oic0TRWQy}vImbCLPxR6!&*yVfFZf(^Yh%&0ehDpCjx=XzIFyi4VB$vjO>lEm
z9iijGlve90*%5V%Ofw-nqazjEbFoW$?<O<T#loN~-oiJ#MK3&8^MI+jVo};#<Cl7X
zMb_YMce+-56~+4-MK+<HL}qxEVXC=}k#l;SAc{p*XS8t`Mob^*cqgvH4xRR5w-H5w
zVn-sZx7&XECC6p8V(W0Dn?#UcP|=i)XM5rXt?p5gG)$|Lf?UZm!}`3qfoZt{u#`pG
z)2K3;Kc0@pBI{)WS9{{Xi{IXCIAcs~k3cZS|JU{{4YFy{WDXFYR9jz89YYBA9Yd$8
zzmUiJInP?HJa9JF#S0^%V2)zIyrY>0ap3L{X)EUU;ij&4);~LmaX~iq99l-3+kJ))
z*lV|VaacS*L}yS4j(pJ7W6?#bZ1&7zj_9Zx=;9O}_!zEqgVLoSVL;r90~F_+AH@*4
zfrR(~HM*OKbu-^ws~lexkh)KOP?^<hn*X4bvvpWkOBx^S7E-e-OY55`WV&}|2`7nJ
z`%T(34HcaT;baQ{<hxyhK@B>4CfGO|!qT@R#&ix`#aAZPJ*_P%_AJ^D?KMp}&G5n;
z_P{VrGt4VYKe^9Sdwq6M&)HReOs2wk*k-FfR^_RYwFW3Hr67~l!oxVrn8D~9i5kJg
za)sowNcQj}7NvTjxHZ&k+7*Y_EkDp*=1Ig3gX*eP6;1lyo#V5XxjK3-?pDCElMocF
z2|rh0UHzK7DadB{HZ6uL81-cf!<sdym-H!5wh}C&;DM0m0xvHw2g}8UwL!8-4Q7#$
zRkDckt7l%yeJHJ46cWePR0ufbxf786?UPUc^4Ip`KYjk=@BR9n55D^8x4(S+^ZkF<
z6ZGdVe)p~SzR~dP4`uQ9fBfS6zq-Hs=@*}U{^9S5-+c3<f63qd`knXU<>$Zs;g=u%
OC-}|}{s{U0FaHbR{S%}B

literal 1613
zcmZXTx$5k60EGoB1GXyMW-Kfu{7o{GRY94oGs$F|$u_}evi-8mWSi_@?@I_)UTg%h
z&_)EGL8~hwY9)xB79v_*i+i8o<DBoD3y2@$GHmC%%c}CNss+e^K@ab)?)UT|j@AT$
zF)LY`C=INvbX``uWZ}A624jcuNZ<fRN~Bae0S=vs1?iV1WFu=2@rC6AYDRZ8JZ?jq
zIPk@tHbO32XD5V=X|&DRT-AeqzCTMVyed%4l^Ml%&AODlbPA8NnW3~19}Z=Fmm^1~
zH#S{i9-|q#CfX3cwQ;GjDaAhAwux+bGN(CkqzX~NW}Qh*&5)pbwOMlTER9P20tG96
zfYBitcbC|#&~o6#*@`HM>hQ+IDpp5GLmO14nN?|o3bmLwqk!`VgHPnePD-stMrMq#
zC7#4`VXwx4F+kl&#Zy{)zpRSZ<qjq^hBUp!TzHuz)>SU1q7=4!MN0peOn}`ZFlG7T
zWrxZ-hw6Q%(uOV*jd>>lXqhUFpgrif${|~axp<8@-|vMPlRDXO_JR?Olp^Km0QyB9
z9C2`n<m9vweGxf$I#eoU6&!R{ji$EXvT9}bOq?a+h=~Jvxta9N66srk+hkb<_(+X|
zv<W<gJ{?J+;MTln@&j`cA;$D(R12<VHkC+zy-`>Ph>r6}*y8G<L5bNZ=nctIGViF1
z5K&RE!MLVm+ex6uu7YqX6VG$l)UI@+!6u8O+iq@U*g;)Rz_s`q%8L@%APH)HiyqNi
zw(~$A!7-;0@=#BZUNuEUM@hI`dt}|sr&_Wa^J&{pcZ&?88Jer)$j5ET=5r}tO%-v0
z77;b2MZnO`3I?A|ViwjeCwXfCVZ`pf*5~_{bZ5EnjZHmfs*#C9J)cTnVPe`61I^cj
z;JGECM}{)CE5mGRLDUhe3pHyU4qGLya1nR%ahLEF*lD+cPq3r|>jJW9z%sFW;+V_Y
z@-5QH3qMscpjS2M)LV)4TT#1+`<SVo%@z(8OMn%I;po-D411e+t~QKz3pauRPK>bI
zuyC64C=8c}5j~}6C=uEQxk@}B)3WrM+KCz_yq&YW^58`86tan$tU6Je{all7Ps;~$
z<)l?}u)~uU*Zq|~d$!{^`OVz|%QkD5xS*n)Oq<c>Bom@HT!|o?;#_s>i7C1bpKnVw
z(WtXpwya0oZ<?oObARmqf5}sCMB4%!tYDnE7e&kvHJR7A;9j%#MkEC2>xSBvtk;*R
zR%=cgZv@D_2C{fJxy*0ZjqjYXjp*h+MRfwsI1;Lk7m+yv&1bUbvI+YR8@8*0H4=H^
zlf@qeZyN6y@GCDkFo+^YS+G@fwUIpSkeX=-)rc-njb8+fkY-JT&aC1!(z19s!p?}h
zaK^>#<5P#o`)9p*1U61!MJj67W+EXF{Vk<TZ184J83{JV1E#_EyHPw;xF_X$x`)#J
zg^ZiEn|sKZH^Ow)jCkA>hHz05OE~V&c29QvaS}BgdU$wPZQ|~9JD&+(T39^>yb@tq
z-(iHl=UcskJGC>a7F!3`euUr`|4v@{=kxczdGov7m-su6|NY~K`fKUYt8aYz<hQT>
z{N&?budg}xk6!xub+UZ>{kQ*KKKveip?&=15&OwsFMsy?lgHow^y4pu`t$h<{{5dm
F_z!OF7JdK#

diff --git a/npins/sources.json b/npins/sources.json
index d2de6b3..1e5f72a 100644
--- a/npins/sources.json
+++ b/npins/sources.json
@@ -61,6 +61,17 @@
       "revision": "06cf0e1da4208d3766d898b7fdab6513366d45b9",
       "url": "https://github.com/NixOS/nixpkgs/archive/06cf0e1da4208d3766d898b7fdab6513366d45b9.tar.gz",
       "hash": "0l68zz8mn2kvp9wvc6rgw7dns8vkl7w9y6z92blvgn1wnm9ib6ab"
+    },
+    "ragb": {
+      "type": "Git",
+      "repository": {
+        "type": "Git",
+        "url": "https://git.dgnum.eu/HackENS/ragb"
+      },
+      "branch": "main",
+      "revision": "dfbaf2fd65fe16f5a66b5b16afef83502ea4b237",
+      "url": null,
+      "hash": "0vjs8cm2q2f2s8a8zqjj159rg1m7q6fzrg269gfpmrmgwpp3wh52"
     }
   },
   "version": 3
diff --git a/pkgs/overlays.nix b/pkgs/overlays.nix
index 3f4e266..709ad01 100644
--- a/pkgs/overlays.nix
+++ b/pkgs/overlays.nix
@@ -1,5 +1,6 @@
+{ sources }:
 [
-  (import ((import ../npins).agenix + "/overlay.nix"))
+  (import (sources.agenix + "/overlay.nix"))
   (final: prev: {
     pythonPackagesExtensions = prev.pythonPackagesExtensions ++ [(self: _: {
         loadcredential = self.callPackage ./loadcredential { };
@@ -11,4 +12,8 @@
         markdown-icons = self.callPackage ./markdown-icons { };
       })];
   })
+  (final: prev: {
+    ragb-backend = final.callPackage ./ragb-backend.nix { src = final.ragb-src; };
+    ragb-src = sources.ragb;
+  })
 ]
diff --git a/pkgs/ragb-backend.nix b/pkgs/ragb-backend.nix
new file mode 100644
index 0000000..76828a7
--- /dev/null
+++ b/pkgs/ragb-backend.nix
@@ -0,0 +1,13 @@
+{ lib
+, rustPlatform
+, src
+}:
+
+rustPlatform.buildRustPackage {
+  pname = "ragb-backend";
+  version = "0.3";
+
+  src = src + "/backend";
+
+  cargoHash = "sha256-lyYCXjmsm12xYHk30g5PDBpQb10xaB6zpoEi2xpjeiM=";
+}