From c478f795f1ee514b9e3a16f2354419a2c14d2176 Mon Sep 17 00:00:00 2001
From: Alexander Heldt <me@alexanderheldt.se>
Date: Sun, 12 Jan 2025 12:07:41 +0100
Subject: [PATCH] tadpole/test-vm: Update `WHIB` service

- Update `WHIB` input
- Update secrets to reflect changes in input
---
 flake.lock                                    |   8 +-
 hosts/tadpole/modules/whib/default.nix        |  29 +++----
 hosts/test-vm/whib-backend.nix                |  75 +++++++++++++-----
 secrets/secrets.nix                           |  10 +--
 secrets/tadpole/whib-backblaze-bucket.age     |   7 --
 secrets/tadpole/whib-backblaze-key-id.age     |   8 --
 secrets/tadpole/whib-backblaze-key.age        |   7 --
 secrets/tadpole/whib-backend-env-vars.age     | Bin 0 -> 676 bytes
 secrets/tadpole/whib-gpg-key.age              |  12 +--
 secrets/tadpole/whib-grafana-env-vars.age     | Bin 0 -> 407 bytes
 secrets/tadpole/whib-grafana-password.age     | Bin 350 -> 0 bytes
 .../tadpole/whib-postgres-backup-env-vars.age | Bin 0 -> 564 bytes
 secrets/tadpole/whib-postgres-env-vars.age    | Bin 0 -> 405 bytes
 secrets/tadpole/whib-postgres-password.age    |   7 --
 secrets/tadpole/whib-signing-key.age          |   8 --
 15 files changed, 80 insertions(+), 91 deletions(-)
 delete mode 100644 secrets/tadpole/whib-backblaze-bucket.age
 delete mode 100644 secrets/tadpole/whib-backblaze-key-id.age
 delete mode 100644 secrets/tadpole/whib-backblaze-key.age
 create mode 100644 secrets/tadpole/whib-backend-env-vars.age
 create mode 100644 secrets/tadpole/whib-grafana-env-vars.age
 delete mode 100644 secrets/tadpole/whib-grafana-password.age
 create mode 100644 secrets/tadpole/whib-postgres-backup-env-vars.age
 create mode 100644 secrets/tadpole/whib-postgres-env-vars.age
 delete mode 100644 secrets/tadpole/whib-postgres-password.age
 delete mode 100644 secrets/tadpole/whib-signing-key.age

diff --git a/flake.lock b/flake.lock
index 4fd8eae..b3d00bf 100644
--- a/flake.lock
+++ b/flake.lock
@@ -267,11 +267,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1735900130,
-        "narHash": "sha256-bj1b9f8hmyzQH74Lg6rBhe6DXbThifGhKQKIns3GT8w=",
+        "lastModified": 1738420006,
+        "narHash": "sha256-hz/8diWmWxyq5ywodBPTAs60MzH2t8IldooYnU5weZE=",
         "ref": "master",
-        "rev": "c9b16ef5558e48703bcb85be413f0c39a896e85b",
-        "revCount": 365,
+        "rev": "f73bdd33f47da1e6db9d5ff93039450ef972857c",
+        "revCount": 367,
         "type": "git",
         "url": "ssh://gitea@git.ppp.pm:1122/alex/whib.git"
       },
diff --git a/hosts/tadpole/modules/whib/default.nix b/hosts/tadpole/modules/whib/default.nix
index e12e428..86b82b5 100644
--- a/hosts/tadpole/modules/whib/default.nix
+++ b/hosts/tadpole/modules/whib/default.nix
@@ -1,5 +1,4 @@
 {
-  pkgs,
   lib,
   config,
   ...
@@ -26,26 +25,20 @@ in
       enable = true;
 
       backend = {
-        signingKey = "$(${pkgs.coreutils}/bin/cat ${config.age.secrets.whib-signing-key.path})";
         domain = "api.whib.ppp.pm";
         useACMEHost = "api.whib.ppp.pm";
+
+        environmentFile = config.age.secrets.whib-backend-env-vars.path;
       };
 
       postgres = {
-        database = "whib";
-        host = "postgres";
-        port = "5432";
-        user = "whib";
-        password = "$(${pkgs.coreutils}/bin/cat ${config.age.secrets.whib-postgres-password.path})";
+        environmentFile = config.age.secrets.whib-postgres-env-vars.path;
 
         backup = {
           interval = "*-*-* 00:00:00 UTC";
 
+          environmentFile = config.age.secrets.whib-postgres-backup-env-vars.path;
           gpgPassphraseFile = config.age.secrets.whib-gpg-key.path;
-
-          backblazeBucket = "$(${pkgs.coreutils}/bin/cat ${config.age.secrets.whib-backblaze-bucket.path})";
-          backblazeKeyID = "$(${pkgs.coreutils}/bin/cat ${config.age.secrets.whib-backblaze-key-id.path})";
-          backblazeKey = "$(${pkgs.coreutils}/bin/cat ${config.age.secrets.whib-backblaze-key.path})";
         };
       };
 
@@ -53,19 +46,19 @@ in
         domain = "grafana.whib.ppp.pm";
         useACMEHost = "grafana.whib.ppp.pm";
 
-        password = "$(${pkgs.coreutils}/bin/cat ${config.age.secrets.whib-grafana-password.path})";
+        environmentFile = config.age.secrets.whib-grafana-env-vars.path;
       };
     };
 
     age.secrets = {
-      "whib-signing-key".file = ../../../../secrets/tadpole/whib-signing-key.age;
-      "whib-postgres-password".file = ../../../../secrets/tadpole/whib-postgres-password.age;
-      "whib-grafana-password".file = ../../../../secrets/tadpole/whib-grafana-password.age;
+      "whib-backend-env-vars".file = ../../../../secrets/tadpole/whib-backend-env-vars.age;
+      "whib-postgres-env-vars".file = ../../../../secrets/tadpole/whib-postgres-env-vars.age;
 
+      "whib-postgres-backup-env-vars".file =
+        ../../../../secrets/tadpole/whib-postgres-backup-env-vars.age;
       "whib-gpg-key".file = ../../../../secrets/tadpole/whib-gpg-key.age;
-      "whib-backblaze-bucket".file = ../../../../secrets/tadpole/whib-backblaze-bucket.age;
-      "whib-backblaze-key-id".file = ../../../../secrets/tadpole/whib-backblaze-key-id.age;
-      "whib-backblaze-key".file = ../../../../secrets/tadpole/whib-backblaze-key.age;
+
+      "whib-grafana-env-vars".file = ../../../../secrets/tadpole/whib-grafana-env-vars.age;
     };
   };
 }
diff --git a/hosts/test-vm/whib-backend.nix b/hosts/test-vm/whib-backend.nix
index 8087835..061a6c7 100644
--- a/hosts/test-vm/whib-backend.nix
+++ b/hosts/test-vm/whib-backend.nix
@@ -1,4 +1,5 @@
 {
+  pkgs,
   lib,
   config,
   ...
@@ -14,34 +15,68 @@ in
   };
 
   config = lib.mkIf enabled {
-    services.whib-backend = {
-      enable = true;
+    services.whib-backend =
+      let
+        backendEnvVars = pkgs.writeText "backend-env-vars" ''
+          SIGNING_KEY=signingkey
+          POSTGRES_DB=whib
+          POSTGRES_USER=whib
+          POSTGRES_PASSWORD=pgpassword
+        '';
 
-      backend = {
-        signingKey = "super-secret-key";
-        domain = "whib-backend.local";
-      };
+        postgresEnvVars = pkgs.writeText "postgres-env-vars" ''
+          POSTGRES_DB=whib
+          POSTGRES_USER=whib
+          POSTGRES_PASSWORD=pgpassword
+        '';
 
-      postgres = {
-        password = "postgrespassword";
+        postgresBackupEnvVars = pkgs.writeText "postgres-backup-env-vars" ''
+          PGDATABASE=whib
+          PGUSER=whib
+          PGPASSWORD=pgpassword
+          B2_BUCKET=a
+          B2_APPLICATION_KEY_ID=b
+          B2_APPLICATION_KEY=c
+        '';
 
-        backup = {
-          interval = "*-*-* *:*:00 UTC"; # Every minute, for testing
+        gpgPassphraseFile = pkgs.writeText "gpg-passphrase" ''
+          foobar
+        '';
 
-          # Set these for test runs
-          gpgPassphraseFile = "";
+        grafanaEnvVars = pkgs.writeText "grafana-env-vars" ''
+          GF_SECURITY_ADMIN_PASSWORD=grafanapassword
+          GF_USERS_ALLOW_SIGN_UP=false
+        '';
 
-          backblazeBucket = "";
-          backblazeKeyID = "";
-          backblazeKey = "";
+      in
+      {
+        enable = true;
+
+        backend = {
+          domain = "whib-backend.local";
+
+          environmentFile = backendEnvVars;
+        };
+
+        postgres = {
+          environmentFile = postgresEnvVars;
+
+          backup = {
+            interval = "*-*-* *:*:00 UTC"; # Every minute, for testing
+
+            environmentFile = postgresBackupEnvVars;
+            gpgPassphraseFile = gpgPassphraseFile;
+
+          };
+        };
+
+        grafana = {
+          domain = "grafana.local";
+
+          environmentFile = grafanaEnvVars;
         };
       };
 
-      grafana = {
-        password = "granfanapassword";
-      };
-    };
-
     virtualisation.vmVariant = {
       virtualisation = {
         sharedDirectories = {
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index a80f3dd..dfe883b 100644
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -48,11 +48,9 @@ in {
   "tadpole/alex.tadpole-git.ppp.pm.pub.age".publicKeys = [ tadpole alex ];
   "tadpole/gitea-dbpassword.age".publicKeys = [ tadpole alex ];
 
-  "tadpole/whib-signing-key.age".publicKeys = [ tadpole alex ];
-  "tadpole/whib-postgres-password.age".publicKeys = [ tadpole alex ];
-  "tadpole/whib-grafana-password.age".publicKeys = [ tadpole alex ];
+  "tadpole/whib-backend-env-vars.age".publicKeys = [ tadpole alex ];
+  "tadpole/whib-postgres-env-vars.age".publicKeys = [ tadpole alex ];
+  "tadpole/whib-postgres-backup-env-vars.age".publicKeys = [ tadpole alex ];
   "tadpole/whib-gpg-key.age".publicKeys = [ tadpole alex ];
-  "tadpole/whib-backblaze-bucket.age".publicKeys = [ tadpole alex ];
-  "tadpole/whib-backblaze-key-id.age".publicKeys = [ tadpole alex ];
-  "tadpole/whib-backblaze-key.age".publicKeys = [ tadpole alex ];
+  "tadpole/whib-grafana-env-vars.age".publicKeys = [ tadpole alex ];
 }
diff --git a/secrets/tadpole/whib-backblaze-bucket.age b/secrets/tadpole/whib-backblaze-bucket.age
deleted file mode 100644
index 78446dc..0000000
--- a/secrets/tadpole/whib-backblaze-bucket.age
+++ /dev/null
@@ -1,7 +0,0 @@
-age-encryption.org/v1
--> ssh-ed25519 5R7G9A V2ngjouYa4wi42HngK3TQfGRNqZ+gW4iQ01HxdnfNxo
-vvK7WyZkdH/vmeBrC8cs3neLpaZ8RryvYg61sBzf12A
--> ssh-ed25519 +oNaHQ 1pK15FPOkaejA0GfotISM2ATOcE8tsUgZOpL0PONC08
-dDjq/2ZH/FHgLCQHgRaYba/3JtOvHl4k9GgzxyQw+L4
---- yyW+//7KvwvcTHs76bPxtG9TUrFgJzp7KtqaqjP/0GY
-™~É}"[ê~nImö«¦2ÑØtÇËÀTáÏxwÒTÈÍÅ5,5^úûw‰‹6lœèTƒ¦(Ó
\ No newline at end of file
diff --git a/secrets/tadpole/whib-backblaze-key-id.age b/secrets/tadpole/whib-backblaze-key-id.age
deleted file mode 100644
index a8c90e3..0000000
--- a/secrets/tadpole/whib-backblaze-key-id.age
+++ /dev/null
@@ -1,8 +0,0 @@
-age-encryption.org/v1
--> ssh-ed25519 5R7G9A YRCagpPHZ/4X9VyWgxWbugjSdYTzSUD2ncgWunzYVFs
-7SKYPayWt4XGG5YVB3yKt+dpGKOBtJW3E/LZq3eJmGI
--> ssh-ed25519 +oNaHQ EHjg/EH4AbcqEHp27hhJqOLwa9P7sz2iavqIvkBkFQA
-T/2Po7X5FFb575QSxvvE1LqwZpFoDX/gnKLopBw/NMU
---- 2cWhyrmkeeeiYNTyhJri/UHVhLqU0fJ3Py34rzhmr7c
-clNó2ƒÊ˜“y~,lsXü¨½Ãs.«‚4Ð*!³«Ñj‡c
-]uÖÆ·ûz£g“ŠÔö;F
\ No newline at end of file
diff --git a/secrets/tadpole/whib-backblaze-key.age b/secrets/tadpole/whib-backblaze-key.age
deleted file mode 100644
index 7258cf2..0000000
--- a/secrets/tadpole/whib-backblaze-key.age
+++ /dev/null
@@ -1,7 +0,0 @@
-age-encryption.org/v1
--> ssh-ed25519 5R7G9A /exiuF2v+lsAUID7eT53DooUgVnQHsE0lJOPgdbLuzU
-KPZKG2vYo7hczQ9iRTubb8mBUM9F3E19+1T6GExhsJM
--> ssh-ed25519 +oNaHQ 6/BOd1ahNHbKPH6V4DwiSWQ2MFPztTAqBHTc8V1HJFw
-IF8V4HtNQqYzK58WdxYg1e2bfh9T7keV67VR/VzCUz0
---- WuqN3ez4lofmNyDaaKKXA23lFtnd+2VwuG7wT28u0xU
-Ð¡Q™ÙVd«„Èî>\™™äÚÜ‡óT‹îí­ÿ-ÐQ,Ò½þ\;y š×^~òn¹‘VXRs6A­}
\ No newline at end of file
diff --git a/secrets/tadpole/whib-backend-env-vars.age b/secrets/tadpole/whib-backend-env-vars.age
new file mode 100644
index 0000000000000000000000000000000000000000..e27fdb4a679bc6a240637a4239606a567a329770
GIT binary patch
literal 676
zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR14F3!+RO))YxHMCSP4KjDPbX2Iy4lXka
zsSGqT^7AM)2o8-1N>5C!iZTw)3pOr|2(@&}P092O^ULrGHQ+K0@{dR=3duM3jLgUi
zj&dris0b}K^NuR;uW$>gC@u_jNlXn6PRnrdiA1+eJKrzSBTylv)H~HE%{93+Ge0=M
zBGKF=$Fj=Yz$r7)zsS5a)ypi^!@Vq{EX*`GJekYH-!mxEP1{31-yk&I#mChxB*oRN
z(o8!oKRhu#C^R`B#3a$*KP1fG(}YV`S69KmB+t+<(K9&2z$ZB<&@0ieyuzs}DYGa&
zs46L-!p*S6%gHG>DJ3}Eu$ZfO`HKx_uTL&}H6j1dCe}%Br_Jne4sKEud&#Kgl6GX<
zx@?ZBUm~ja4l1SytTEH5)&G>=m{)$#=lI3T1rONbe+PdTZRWXIUvbe&-~66VR_%48
z43$#(kF$cJmzm~--uVA#D(}5??bUaiukKeq+MF=iZr;o<^{>}oQBv6YNONOWPwFDZ
z3k~ZgEZY!V8n{FI$m&B0^+Inlm^?E#SKjUjdCmBB%dM`=i_KA`(-uCcX57=U^UI9r
z-S>{q;67b)@bmncg-Va7v=*fwJ9cvW>V}Z|cP#1shqIR$n@^LBEO``^RwTnCc);(E
z#iFhIGyexiZRzH@I7{u-{BNi7WO^=EZM$}cY5$XlGqtUcGc5O$agCB@>QHh?e014B
zch+vL`}4b*FYmEmK4Z_n<&!IfwCAmw(L1;2^m5scD<qDn`_A2Z;P6DLQ|lR=>gMaD
zO-|RG`{~|8&Yo?&^#`mfAA7F--~H91U{1!eyLUF&Ogi4MwY@*-&_db0q2DIjzB{r_
Qk8g67_q{DGlbjSX09oNCEdT%j

literal 0
HcmV?d00001

diff --git a/secrets/tadpole/whib-gpg-key.age b/secrets/tadpole/whib-gpg-key.age
index 2683cd9..5f519af 100644
--- a/secrets/tadpole/whib-gpg-key.age
+++ b/secrets/tadpole/whib-gpg-key.age
@@ -1,7 +1,7 @@
 age-encryption.org/v1
--> ssh-ed25519 5R7G9A ORTl5WSeg4vSKUAwzCp9ABRL02SvjFZrBHuWLMbSmxI
-obXt5wHXbfkdOAXwPySZeFelSFwJnCoH1EExtXNmBio
--> ssh-ed25519 +oNaHQ vxTHufUlEwbuztnIsCcprfXonpNUlv1ZcHQpEQjGtz8
-uFym0SgmM6LZRqJrSPMLHI6DLZ5t/WLvKP0dMvM8bUc
---- 7UQLcCs/G20iP2YlwjCEmpFcXgqJfQacqSVGBBPmAbY
-yµÓ†ÅÖ'”_K­f‡3ŠÍ¾ÉXî€ï£_½tu[ù\¾£á—)uKÍÂ,Æ«äzqñ­å|¨1!XöYYág¿7¥¡EÚ›°^žÿ
\ No newline at end of file
+-> ssh-ed25519 5R7G9A Q6V8S5312DQhP0QtPbAlbn+uDER6jpi+gvn40ndmnn0
+soymoaAKbNlYicSbtHhqn54D0zVBHBuHUKngex/VgoM
+-> ssh-ed25519 +oNaHQ cpzCyu/9Jrm9Rx5C/rhuZku6uJWjrlHpCYxWOwuwQWw
+1GA8NsLeOTo/zHs/k0vt/N8hH+2MXfMNRy+qKBqi3fM
+--- 5O74sFn1xDZ53xHM7KHZ+ge7DzdnhyeB0W0znMk7NYQ
+u¡™™²wèDüms"š4¸—ýÙwÞüG¼LÏur	7V`G=	‰¡ã„C¼Èn2±¯n‚§3S~go¡½¾ìõcsþ@7ÂœÆ³
\ No newline at end of file
diff --git a/secrets/tadpole/whib-grafana-env-vars.age b/secrets/tadpole/whib-grafana-env-vars.age
new file mode 100644
index 0000000000000000000000000000000000000000..140bc4cd25402cd12df827e2b7e6daab7449d7e2
GIT binary patch
literal 407
zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR14F3!+RO))YxHMCSP4KjDPbX2em3Xaqd
zbIb{MEAc7Lat=2#4s-Hy&Ik`m^(gTV3y4Vd&2<ZP)UGfKj^wJ03@mpxG)~EnGN^Pc
zD@ymP)J}5B&N0+>jq)$ZD+{QyFm*EWFE#cJjYPLiJKrzSBT&K3vm&{m($lEa(A~}7
zB+(!^sJPU*(lp=HGt)e<s3bAm-^a(j$T7svJ(4TPBrl~Z#HiHGA}QE8&(GX3C{sJa
z%sDO8JHXSY(9PJ?-J>!uxFR#ayO>K?S689Zztq?`GQ-(8DImKv-9IfnTfZv3BDY98
zASAiiKRdj{!!<A>qpHxq)RpU9a?sNRlRe4LroE{UEuD4C+Ipdt3nRy@TB~IqOLm3+
z-uLmH1g~*z{DnUP>Tga?`qr46Q@e!W@!?P3jh6PW+bkTfRP%b-CcO{0f6m%*UA^O=
rOr`3-8^N2tdz$_8ZacNjn7KA5XxiTQdE828-#?hdd#e1Q&--uyDWRJG

literal 0
HcmV?d00001

diff --git a/secrets/tadpole/whib-grafana-password.age b/secrets/tadpole/whib-grafana-password.age
deleted file mode 100644
index aed434a737cc11b39f848926970c4282483a925d..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 350
zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR14F3!+RO))YxHMCSP4KjDPbW|vf2n}!#
zEyyvlNHi&P4>n74Ds*?%uc&Y<s4@s~Ps&dT_D(TPt?)6(v)~E|i->YJ&MNjYN_O-2
zs5H;Ei1cyt%qh$E&NuW6$x89Bbae~~H}xoXE=IRaJKrzSBT&I3ygWkRD9<F<!>z=*
zB&a;d-K5OdEHBmB**Uc|#XBNUJKWgc*vBox#el2a$+TQQJIgZ6AU8-mv^3K&GQ`a_
zzslIF(#JB&q`WG`B+S{gz|CLZH<U|PS63k^%cm$K(KyOE$i%}mF+9b~FFB(!t;8>|
z*wMwpsHnK4$SbrYwZz%eDV<A-^JMAUCKb(|sr|g6mpn6W)ppcQn^tSHp!tcj0PCN`
hlIXM;<~Fg|gr)Y28GeRUNBOKfk{{%hZzbMx4FGYzbw2<A

diff --git a/secrets/tadpole/whib-postgres-backup-env-vars.age b/secrets/tadpole/whib-postgres-backup-env-vars.age
new file mode 100644
index 0000000000000000000000000000000000000000..7e78c242aaacc9e384d947949f65cef15cf96882
GIT binary patch
literal 564
zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR14F3!+RO))YxHMCSP4KjDPbX4%qt#VJ%
zPVosZE>6wxa5M8NboMMRsVvJkarE`~cFpk0GAau9aWinr@#QM0GS@C~%ks%{aW%29
zC``#t4@-*7$#QXv%=Gl}O7$`fb2SKb&bIW7Do3|XJKrzSBTykb!&y5bH?zbe#68E;
zHO#HbqRPWPGp)3!B(2QYtH?FOyhJ~|ETuR&B%Q0Y)Wjpu(ImgPAlcI-FWtno$jQw#
zJvH37KtDXl**&bJBF&}HywoMot(Z$!S63m`F|p7wASKl@%{ekJ$jzw4IKnkB%r7u0
zIM_S5!muJMS-;rPDAUBq$d~IKyMyS}|2A5@Z2ykvW!W;%ah~)cXr2=Lj~_1IgkvQv
z9KZaZm;cMcVVSjqQ6P^5>)aI+SVHD7b2cB>VmSZ9T4iVG|Kf61rAJ?<d|RNN_}*0S
z`eU}%gJsiJ2^CEG@1<uyWwLnFHs?&`S*cT)vz9Me#uGd*Z0_01X`25I?z+FqkpCp>
zhDA)rGVDIhwf|gDm)G;Ho-5gd>szIl<ZiZOudk)7-m!S{vA2DVNwefmUei{;va&j?
zTjaO!)tJo2YnyFeE$#aFm6v(J-Pbeyi{Ef7)u@Q|h<H^hT-C086>Z+SPpa~FMeOg)
zSu*-X#rl6;^_T==<fDp1&)$*JunoTRaKq(=m$W>zbQ#NPoZfa-A8fp)@lpu@k=Nbd

literal 0
HcmV?d00001

diff --git a/secrets/tadpole/whib-postgres-env-vars.age b/secrets/tadpole/whib-postgres-env-vars.age
new file mode 100644
index 0000000000000000000000000000000000000000..7cf216c6d390334da49b956b61414b3d3b37f79c
GIT binary patch
literal 405
zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR14F3!+RO))YxHMCSP4KjDPbW|ud5BAJR
zD+uzB(l>H*_Dv2=E6XZKFRd(bwJbC9b<OoRDvl@%@F=e;FXqZmjPl4WcQ*|w3eGG~
z&GGj4uy7B|4i3t8N=^#QGWIA5Gc(K#Pd774_eHl&JKrzSBT%8RQrpKeBgn_4($cIT
zs3gSL*u^;4$jv(^-?+lLASc`{B{Rh<FU_nZFOtjOH6_Z&u{5_lwV=Q(Fg4lT)zLA}
zFU-rsG}$B5*D1*)$G^xar?{-r*pW+DS69IxJu582z#_}c-LotyHKe#Q&99(b-!RkL
zu+ZEyr7GW|Ffcnfz`)f%B#`T(w$E>iRYxEF@Tm<*p7um|(squ_ne*&JPVSF-`&v)(
z_o-0DQWZDhi3V9$3uV$itPuRzz2f+%v!}1e3o#VF(fE)tMI(~0+jo6!nPII-iQV&<
olr?kre{k%)GGq2DxwQdH_I)xa{CGu6xynIby{R)c^Kx4Z0LgBbasU7T

literal 0
HcmV?d00001

diff --git a/secrets/tadpole/whib-postgres-password.age b/secrets/tadpole/whib-postgres-password.age
deleted file mode 100644
index 17cae0c..0000000
--- a/secrets/tadpole/whib-postgres-password.age
+++ /dev/null
@@ -1,7 +0,0 @@
-age-encryption.org/v1
--> ssh-ed25519 5R7G9A WqkH9G2AGAcQfa9u+w6+QVXYVlozt0JsB/icILH/Jnc
-SGhXQ33eRtVtIEKdZCmpyxNUtFgtZhGUs9QX20GbHRg
--> ssh-ed25519 +oNaHQ k66ZToSUzHxDm0yZkI4+Gase/Q5GJrsB7c6+LvmgGSg
-6x9dzdloKJT2Tcawn4m2d518KUjdINGi4u+PFvMt9tQ
---- 395jqjDR3lBIIPOUIlnOJW/048qeJPC5CJbMJdpSjTo
-þÏ›Š<uI‚X"¤^CÚj};‡é´ÃKdÌíÒÅÙ—X•—bÔ§ÆÂWü,{7u+xšL]ÿÂž
\ No newline at end of file
diff --git a/secrets/tadpole/whib-signing-key.age b/secrets/tadpole/whib-signing-key.age
deleted file mode 100644
index 0eac6f4..0000000
--- a/secrets/tadpole/whib-signing-key.age
+++ /dev/null
@@ -1,8 +0,0 @@
-age-encryption.org/v1
--> ssh-ed25519 5R7G9A ncGAywK2O0Geyy5E9HmRdDCmCD7RwmflyyBXFKH4KSc
-4Izx8nT/k5yOMOG4InifQw+wzEDe9PqMyeF3LEicOKE
--> ssh-ed25519 +oNaHQ cPf/X971sb4pNKz9t0W318EpY3XJNB/OId7nGZ/ooXc
-Vp5x6PZML0jtPEjuaDo7KjtHdKv5SyPAS2+Fvhjbro8
---- 4jGA5763tvEcNDmNnYaoCfw99xROjqpKW0dMG23BqbE
-ŠŽ¼j^tþøª£…ÖÑB%®aÉ×Å$öÖ8m}-LbMÎnè¼ÿþR÷×cZ–Áÿ=õˆ$xû«}¿Û)PHº{X”3¥á»¦¤’V±àü¶š½â£û€Õ•ª6Rs¦ùÌÿýr¡±b…nl]ƒž/ÈŽe@/‰*†¤õ:©Ú¸ãØV~¼¬V×a]`×«“¿¸=Ù¿v›z\……œX‘ËÇ-È×Ñâ‚ð•½Ž
-w^.NŒ½Ð”ñ3ÆáNéDB;cu%/Ä%qÞ–Ñw£¤ãýëª×Ò´î„iTË<û•½aôå‹‡Ëû-ÍPå¸W*¥vÎ÷|Aô0»÷ÙqXì®ìf†ª*ÓÐð‰Yœ—v9«¹
\ No newline at end of file