From 915cd1a8cb8e1899dbae0c6e22de3361ca5c568e Mon Sep 17 00:00:00 2001
From: Lauren Lagarde <lauren@lagarde.dev>
Date: Sun, 10 Aug 2025 00:43:41 -0500
Subject: [PATCH] Redoubt initial configuration

---
 flake.nix                         |  27 +++++++++++
 secrets.tar.zst.gpg               | Bin 6303 -> 7321 bytes
 systems/redoubt/configuration.nix |  72 ++++++++++++++++++++++++++++++
 3 files changed, 99 insertions(+)
 create mode 100644 systems/redoubt/configuration.nix

diff --git a/flake.nix b/flake.nix
index 9ff8267..5015109 100644
--- a/flake.nix
+++ b/flake.nix
@@ -272,6 +272,33 @@
         ];
       };
 
+      redoubt = nixpkgs.lib.nixosSystem {
+        system = "aarch64-linux";
+        modules = pi_modules ++ [
+          {
+            networking.hostName = "redoubt";
+            system.stateVersion = "25.05";
+
+            home-manager.users."lauren_lagarde" = {
+              home.stateVersion = "25.05";
+              imports = self.homeManagerModules."lauren_lagarde" ++ [
+                ./secrets/mlaga97.nix
+              ];
+            };
+
+            time.timeZone = "America/Chicago";
+            sops.defaultSopsFile = ./secrets.yaml;
+          }
+
+          ./nixos/features/openssh-server.nix
+          ./users/lauren_lagarde/lauren_lagarde.nix
+
+          sops-nix.nixosModules.sops
+          home-manager.nixosModules.home-manager
+        ];
+        specialArgs = { inherit inputs pkgs-unstable; };
+      };
+
       ##########################################################################
       ##########################################################################
       ##########################################################################
diff --git a/secrets.tar.zst.gpg b/secrets.tar.zst.gpg
index 6fcfdf3841a5b02c5e5207c4e0d14811ad84919a..2dbc5443bf00a53958b6358448ac110bbc2770da 100644
GIT binary patch
literal 7321
zcmV;K9A@K%0t^GtQPoXEkO}7j5B(K06cg~kKJQDEV}bz$$by*A@L$R)uqXIh_)Vw*
z0=ZX|b(v6mOpFV~Fvf~fmvh)=M5oc#79MF$CBpXV#yKFYq~+XrAcd0o3!V?6s*Q%u
z7zITEEGNXqcP*EssiaV7+MzUy?U8nL|NFpP=FYT|CZJrpk%MTj<q2*7M-uc!#x1yj
z59+WPhjhsi4HK}SMwjgzFl^W|iO}37N_V+mklm6E5!gwN_k2Gj`~a0%+?(d|CoOUh
z&h+MV?g3C6EzFbM`#Oh+EOhiG%gqfKj%ZQC_oym+kLoVYCK~dKF?pv4YJr8^@W?g!
zzTs@Vw_LucCe@_(IIy{5H5i3l8m<O**$MdYqa!;&)S>80zMd0?7vdV1f-pfHQ|i0g
z8KP;u2dVCzLejH31{?1n-OsJLeT@W`lruUoPvo9OKr!pNY&1e7h<XUzQ$YQpvkrs|
zEUPY9;!U-FFLn-bT;_m}4z}b)<LHvH+y6nt0R$CseX(UpBp&+*lC1~W1di-x$njiw
z&+}us$**ru_3@lo%#vlPEJTJVfJkJbdXGP(Mv^_&Kg}Vtx4PQ(o7!U_hjl?&>->{<
z-HEpOfO0;E)InGA=g_*cLAu|noI!%QnUhoPSTBeZ%e-e~7mkBo*cB4_oe<njT%`zX
zGnz<c!iy1iJ-|(ro5s@W0e%YY^PFJD8~8$KNkg%%AB73Cje=6412O1DFck;1Wih~a
z)VOlou~q0-%)<bv+v$Qb_)J>3Hf8wDqC!lJoXyM9MEP*ThS+<ZSaV&`O)<mYy_Iub
zT^eNfs+pN7^8-fz%eyC05!4Qq1Kq<^Dd)?Cv*A~H5B7>1y+84=LspU=uj*8LvPy#4
zPb1^fz{$W8f|0r9@LE?nHnBuCH)L2n=_I?&2$xVqwr|kCJEGov9Xs}$74JDm7f5At
zFy4NM*o9X$xy+v_rTW@$wA%@hd{BD%*zC-SOa(a6@Y*;UT-z7zvBT>zvMTV)i3Z8R
zfyA}eY^u~E8bUF+>TrCtN0sQfx(4{}qJlayadZ~4U~bD`neqMihWoX|YI`DL;D<XC
zcl3b+k@@pJk$meSM7f)Y(6a`HnP@5pGC}fJPe}8b1aCZ|^O@LZwU7AWI@OH_4SKRI
zia_ra%V1koNWgCox>nbP;Yu%akcg1&htM9aA<QO9kQOZ7bAkDM;HZu;b8)}iYm>FZ
zd)EkJG;Y5}tsd8_5@`i3vKc^@iMe$DuhTDHt?oK<1anM;rO@e&;woKHeWbLnRj5z{
zbaQn+iYIq7(GC)f<~pc`qjvrys2opxI-E|}T=IhklPkKV5LkzX`ZpSD5(^p~h~eNi
zSfQU|E$3{@vl!bjCwtz9X|v)7?BERaLN^JNsZKiizEp5iQh6_}jbw4P6qz#mmiMcQ
z)Hp#$ms0rWI^<e$Vg0hae-0vN3<t#+D6}uAYd=Rpm?Ehk)X`)67~;ilRuDTG5ah2I
zgH7*k%8l6&;K3`jTDOXXsIl8?TxS8nCL&84Wd-POXfYSl3)+UoV32T0Lv=Of77(dY
zm#qK5<bVEs4R#=%Tzo-9uf%bxUDXC7^de#$qGnW_2#ls1tcLZRE|w-x*?MbE+gj^H
zth|zJ-3r1qYd_ZZL;R51+iuwR*|isYA2dHrb$<TQ+}}5%b`#Fa4mJg&C|vzO`y%&(
zB}A@^gXJxT1=X^G)tTc-yjKQx#GXfuDPw|_h2~()hJW`&A&kjCz`k3b$_%GW>>>Y?
zftii~D7=Y&n|Bta?D&wG&j`ILl(c0!$YOpI7NB74q>XFj#mVn(#cOnU8MVGluz={B
zC2BTiyo~D}INrFho8tp0x;FBY6t=+tPPKXfnzJs(w21q0XE$wZl2}v?b?`AwP??4?
zsGU89<O@&Z0?50{&Ka>|EISvSdBxEtecZ~n7~~p5-Ku9ti0Xs#+D^2X2CgG_C0?7W
z+~|KdQ!9Zei0Fi%i2L>E7Yu3ZEjsER5Ht5xJvdI*EAPTbYgBZymq(v6`bcA2F5c&i
z>VJ1XVB8eQmzUXZ!`%Tdp|Mw>J5#|(IAaH2?SXanNp$jzC!dwQY~`Wcd`IchBjrm9
zMI$Om8DkWNUbVN!uCAjy*3jNx=8c&&I>f<-<}4qqmmgi>E?`g=rdV{tYGi-6>t3?=
z=XBlKO!?nNTOiUmFxj7fH8y6QS2x%)+#DLMMu4-`hOcrKz%ODbp+YpjJ|3V6wjKHn
z1eI`BEU$6Z$;AP$4ZQLlSlXoQDPiZPxs(ams_DG_*+v8VTBPR@g%#Pe7Y?S>>Np*<
zToW<RIG|W}zz7o1AIXJ(xL^}8flC&3kp#(xDEx3`V;)|k=Z(XR%q^C$yvwjuJ!aSR
z>>Eq7pMf@q-u%#?a-UdTjYTM223CXT74b6wU#K&8tPX;|%v0qAj7@2ld%ISPV8$Mi
z!w?y{>f&Z6F<O^UQ0U;imQxX<)@6TqFA&U7-<6p_e;9D)JcO-Ym0?}kAoviQjOen%
z2R~Ob3b_{Pgt#{tkx&1kus?fGyMt|6O?;xm+*bxBWze0IddekA*4G`oP<$eaqqasl
zEXVHP&=Jlg=t_hN#qhAvL>tb6gsQOCDdkTXn~h^akjqMvi2iN<gLE^UL~M0$s7k7m
zP+kj3=i$))@LeU=`F~NZM8RH7(23iGt(P<q4I<T#tzBoQPoyypKKCgIHb`2S40gLU
zV1YcJH|#0R$_fq(pK9$%M{T-gkzengznFzkEl@+x(1^z~${@Y;E$|J?M(ZB~lm>hw
z{BFAT>l*0GzG?2#Y3x|4n{`g%DII4}WTX!=h-nW*Uz3Aspl#!#WK?{2B$AgXvrzV3
zZ=se;5uu%Fdo>~kB={Y7T`t}eBYupL$a=rk<*GH}@RK{(;B5pA(7VA@EuuNyKFp()
zVhCfvZ?+z>6tv)~5lMD_C5Ml7!M--j1UTVs*)_>EF^uH_=823Q{8Wrd^Shh#x2^_T
zRNV<NzQv$=fF3#g#Ku}z|E}Q34!h#1{C0>iFZw|KSn!&6Z6o7tNULxZ)%%;Sy@BIm
zsMyoJk-;Wec)-Af&e5eSkTxeg;^y~70BlTD|NRQsQ@My0dyy{d#PuyP&7#mPR@Cfr
zK5Wm}p7WU+I=D$D|HQd(3a*3r60q<=aXUcxP3fhQglLHP*K4-yWTtA)EPfB-h5LuZ
zFe5KoYe-870AvUg&dv=oYJZ$&1MX~mGXavs-*+CFK-A^8qbBK@M_nMU4XTd(NsUL4
zGCEJoQ=Y77t}GoRP^{<S+`Dd=T`UX~0Mg}1WbZtPiZ1&ZDb>;DECoxg=ajmjM`5^Z
z=^Sdh=FReALe6n^my+8p%UDbUk+O8UAMnT7x!e3+wmdKL8S2W@;0}f=8D{NYt~2ys
zWBlx6aIdL)^~9xNb>W^mGRwpW0fSJGw@1%z%ek$e&KXuqI1NK`!qbOy?hUd0F>Ie9
zw`Lg6QjGeu9xx}pZ}|imW;(v)2&|(JJ$N?OJc%@u>f(5zNPhE$?I!o;$CK>x0a^(g
zR;SHEE>CAL8yKfQY}tpGn5I!MLKZ)R#kM7^)dP)E3QEyy!1|58{+Y7VWS`;Osb9f-
z`KJzTf`E#*6eaJF5|kF2ogVR?Kw-X5qs=|0EVj=PFlv2!7enls*hQXVj;=rtlZo0m
z&ULF2Dwu=FDpUG(0!Im?pqh#modc58lBR;=HSxnsH_K9YZYk&`5E8A;+9H+FnstzQ
zj<@$+`NUSpmx=>LIWl)seQ-O^^$4V(d_J9-q-=KT8E~!&^&<`ne+GC7-5I<|q(y?U
z0kxE|Q_cJ4IwI{RucjXy^od$Xyrs<k4WFrRA{d#@RyWoR-4U?JUUD|1t6a4`h~1c-
zpGxJnSPG?FYFx)5v`*oT8rGhoYAuPf3uOiUayij4iw-{G&+UFP&h9Co#8@43+o(6I
zM|8FqNr3LHLW;?<3Gdz8qcK|)H<u9m3(t1}v)F$&8ZJ^A>;7c!g3)T8%|duTsy6BH
z{td2Q=X~xW(rBxtkg}?VQ!P<UM&b{S^!O}kechn((C^asE^wcv$ohjsk9AOjce46&
zNj06HV<{@Ta02f0ND9=K%qBd&jFdoI0b<Z_Qh~`9P%rib1*n%7KVwWPc_a)DvQGYb
zBj$)A{^6G&<n>u3yl&9xWd+4>VU$D>I5q2HWN@&|-p7)1d?i=rNU#<uIMUp}<|p|u
zWD)w~&n(fc-={;7(vhC7j@Q)%wrL?~z@y!IvZrC1d5IlKKNCWMUp`wrZE8IbN*>vT
z%+jku^qbUR0U(50GNmTmFRFLYI{|`1R9kzUc>M#ep7n3ow}YS(+o`#cayySE#QaNR
zo7eOH29oaN<6A^WEQou6k>ij$Wij~e1GDqOZmMEjCYnvSGSz2D7*w}Yr`{1Ai+JK>
zwGV@0`9r{3OYa7Zv27dH^+Mn$c_%DZinZQD->87)!gSU_^uuShx28X@XY%G}xxvg?
z!RKV&HmGhdCjGd&$=jU$odj9KP`y`d%ygHsi#{C8i+9r=F0`7g<!Hqs`(u-7JqntU
zGc}X8U@RJr&%QVe@+oW;W2@(^PX<xhssM-BW|)24DeVewm|=6&lnA}6aIJe&#c*x%
zpp#q%F@<l>`Mi>>Ns8L_;$Dlj$s~p)U5FS&=9^#ATO;L@1y6lZju_#5V=MnbW&Y&k
zTz^%{_ETRyHo~(qtAsSR0}R`f?EUN8#;HZ%Q`tw?>(IIS)Dw)Hm)l^lyL7wHv*<m}
zMO#b*#ucj#)FRStvRajzNQNZ@wdJI}oRU1T9M4-qUguKkP=B}Hwxng%BPqUp4nf@E
zo)lnc$n!Vlsze=J#1sg^ji_#*7%iXW-l*$=#JQdu-}tEY*kmhSwGrPZ2{K0ozKWgn
zDV$)*O~_G>Vl1-&$#W3H5u(;)gwXR9ds%T)Lqjse9YDZILbraSK-zr=`GkxzDR7+;
z+7Ww`K)*L#<u!}a@M|NGo{8}>JYDK(n>2#NhVR${@@9ssv>mQ8P#SZ~Im!A2uVxss
zh&~n+{}0^;;CLn2n#%~m)+@9um;BZJ^zkABK6akTgXI`5sH?3xAf7wKGBCTyl?gV#
zGM>EW;8JsJG8tL`eA!dP8taTjvQsjbYGx&#x-1nuvwl;}nOwvSi^zs`-poYaib7&~
z-A89)1X9G`*zkZal4hUl(ka5v<cy=8_BcjcSa0;`7O6Q1fC5fyT0!p<s*Sz}U2g#N
z=|s1gEX}J#;8gR(>L(S>>8_?!#4NmaKI6eYz85w$VN3WOZ^0?W3*TSvOQ6!IH^QL+
z>O4BvvQ#tq2Jzbu+7%O#YDy~2XbmUD4&{fUci~*Dg`Hr<Zar7&hqmFA6Dc1{OOQUt
zSB=PNm6c=;q>k8wR*4#lwPq_Bj<QVj*`e?1oBZ8*09Uu`nn!X(YhQ&`ey>8DTS63#
z9J3U|oZ^g^h^~)8)0D}nKidpO&IM~18hG>Z6WNo8jBs@C$GOX$I-#sQygY>&6kaUX
zNF5-X$@v}TspP}ogJS$(G9X*UU7wDo;RHwr=Xyj(s_gyld(qXSz|>H~XJeX8MObUx
zqT_H<Bn~VFqp2-?Pap`%pJ<eVLLPZOOjfeQti3)l3kOpI`<;yc5;1b6tB+##x&UWv
z=uB=!Ll}l+pbuy|2XyBlqXf-^Y-v4c!n{8=A8oQl^5<byQ%=V7R45|LN(O7-pgz>1
zV=^L@D{*hJ3L-6c%pnN>)!=8kutm1vEIMnP|5dEP=~Qd%>Ep+|SfG|f%<0Y&dEb|=
zxvc&k5q#^qz-GNEuO}K6ACjR2V^UI{NyJ+r2cQDkK?4N%>&{O1Qqhc?(3;k~^T{bJ
z&7@0eh0j4w1kH*lUXzOYZHiKu99<srnODiKTApl99-e6t>iTOms6;cy^tHPsTm#({
zHIc$;6byLLXRu|bje*5Iq4Xoa?H2>wVJuv6FG;x&sPNfgus^>D3M%?w8-usS;ol{>
z#JgVB)xF6D$u%kOZQ@GOHGUVI9yU-Z5+{QRhjI~&DW$Djkc$b03rJVAfT-mdoE`0G
z-i1SGPy2(`9}V}qv<yS2PEjvOhU|%>a!=^CM?0&iGc?L%toiW;$m1D?ZA7y+m75U7
zr~HSkX7l%KFrAuN=iLdC>P^TO0P<+eJ*reQnJFfcB;!Oz)^zW%Y5RBQ`BZ0ZlDJ52
z=SC4OE}&hG@?cVnkJ5q@vJ#2WEn)g-VwM@smkgv$C@Pf?YeHbC9(848-q*;J5LP;#
zKzt@&dmiLLm=m@7Jzi|v_{)3ULNz5J+*t=~zc#+>P#{31s3_TUf2`fNl>H5-+p_b*
zAqZZk;$NDmRdH-2(OYHUg$#u7q!xG*I3+8VxpBPngJ64NA*^m%HU>qHe<D2xJ>^~k
z$3bs*Ez^U@QV0Z|-9n!G#ylEk7i0OHa3^Bed^ZmN5-gd4<v+@$=|ow4GkB((H!VIq
zv-X9Kf>@-i9a`0CJA>Mqd%Dq}jq}&laZEdE;3=Z^`RTMi#I1%(ElxgQ91U|?IC7V(
zGF?b<+qo($^{sJ(H&Oh@BR7tRy|nYw0b;UoCGPLNG}Z+PX^Eq&hr-x#UiQ1;4hZ#9
zi5cP-=-7=93tN~*QkW2xW3OH0KSz8F-kEX{nqW@pLEigLC?Ora1^CIYb^|-^f6gD#
z)+B)*-pS)Xm_-%a96sriv8n^w1RY9bM2eZZ7VD{QrgffFIkhcw;w3&gHyuQ8m(LP{
z7}+KQHDU<~EY8=#Ck0P=gbp{kDRn02*zSGgr0M#j$4b;WZd;NLLGwwcdmx$$yXBT|
z)ubtwn$L8(IO|C=I?s}`1cTe@7`4Z1bGcof;bU~&S1$CSRtElTY!4V0@1a~RGM~?%
z6@WfjW#Z7i8epyI3sib5PbLf;4q6}hk49+!AAL(@^KjSe7rj4<qQYt2z%xCD4^fc6
zqxP}Hja_by(b%IXe^e3_jK5SwnJG90WmYqb+NKg(E9RbY-<$7!*qaf|%)Nc14GW7$
zXFGxMh=AO4=;6RN_VI_~JsR#DrXACuCU^W~wH)~PYQn6@c`sm5{X;g^*~RJ2kzP=g
zLJ*r-<mEVI&c?AtWMd#P%xUhkUx3ty-m+B1vpch~4L^MkcydD-f^Fwy{~0%F(m-{m
zL^|<YL<@O=**EeZz38=88bYJ1UxT-s=LYcqv(-)1uct=CB*LK<!*ZMI0E+ALo!NRj
z^Ox5*c%>%E6POO>dhKPDcm`MlvlUjRIH#P1-ZXEAc8|%U7yTup=dT$7&JRHxx>M*V
zbQnstsS6JD+wN1Bap5QhT~Zle5=j7Z#~X6QT^_z)xmwv4N!@qTz6VxpJJ0r6fM-%?
z51#rU?l_ZnqobN_ov--yfTF~4b#IJ&+HG{K$<(g^%8#N6Cg4`tZ)1z<GarwuxAYsM
z4&;@Zm9Z(o((&3qVfMdlH<?mGY*a<JbZ?TQYOo4&Dx6=a@ZBqfwj+mISd5!JTq(#6
zF@K$0?@2gtvopXugSkVnG$O|xlf9FPvCIMz2d8lr9vc25xB#@6V!Q3hg-Fp#fXc!+
z*=a$xZu?K_;ykppwgp`L(_*)Z(0dJR30m(Bzl5H1%FNdZ5ymqsQDpZ4l__Qh3kxX=
zxED|hr~Rtsv;X@K!i#?GgOy{JX~}Zr?E$b^tM23Ig60w{h>!&ss|a|y%VP^~3{AsP
zLC%QB;=^j$K0d+|)=I%)J@{VQwhTlDogPpzfopPEv_5-1O)AOk8)Lu-fZT`@?k1UU
z_44ogQ^o3Atuv*kY6X%^;J!s+bQl}dOg4X0r*G<DZ2(pqn1H#08B~Vx%jV6PaX=iZ
zW97n>is2=?6!JuhBsoGAJ)%hr7IJU`XSLF!e8NmLWR6op6y*as`ZsPs*CG!+k%bQD
zlw`4d6<9C0p%WZ?2Z*75m-5Mo^s0XNCcT|9UsH?jR|2uWha_f>aDt{MvRB!__UQ+(
z)pC_!A$B-4K}J{Vci3AT%9-<N7c?d#$eo3cx^yN>Sff%?6cmVrh24H~Y*ODKe77l!
zFSunDzxyg{@EUM=u}xYlG$F_`Co^j7_4V;8>yRX_Cpe&UFB!|Xh5V;VcqvBYSqZau
z!SC=$mu^~qI|~0Gp4clNCJjOoa0EvfIb;*>BcdCj1uw0!LNrh*4Pg*?s%dZyau$Pp
z35cHSwQjSRVD?S_fTFngsb3mUP+VH@_fN{x*FcUBU0+UL(}=KP8^Y_w`6p5~TG~b5
z$407Of^+O&dpX!elpYJI492F%znJzmEcemJ5Hfaxf9|o5LxJ=KL+VKUx9tZ|q;z*S
zup3g691VX`%D&Zyca#M+xz#L5OAmiXg5M_^YqfZAE!!gpP5R64mT0O;<))FSjAt=A
zNsR^BDfK;K&#6#Ylve{j_6TLhD;?`I@pHN3&k<&v?OdMWLyil753Q2qi9U{_xSx$A
z57Fs{LyqkBsnNtaVhcSjKx5ej&3jzRAt=|Jxv9(gu+7!FZGIJc>ELquo(?W8J2+0C
zUc&iFnxknK=R~$Y6@{1Lzw2LYtJgvgJ)<G{3}lr*{YoiE!f!Hf=3^RK?<lTDO^W75
z3l($;2qXr3m@IrgJu3V(iWH69SiDe2)aQUFj#wO(LSCjkXudQo8MD$itU|g#)j`zp
z8SW_W4(0^B<vY*0^I8;I4PT7j?_ZT+R=0dwX~>j2xZ_OBj**mGW2|;+64-p5ffbZ!
zy*GKMOo(2N(g)t0yeT$d6^1osg|FHgJG*d8>DKAWdfrRIzS2npUGBe6W$4EVBwRO|
zcWJ>@RxCVV9|4aD9R8|mxyF+=^`}ti{WI-zc6OW5L0k*_cTw6nwy!=!N^&HKeybgf
z%`JbIvQbuY+>ev^g|;XIDAjdNaEY>NIj0VS;j@EorpAYRkYa%a2}*NZ%O#S}%(-Yn
z0b;F8=^7UlmRn)K7XpdjwWpm$R*%bS{aF@zKUz;86iKdLABu?;+>LA&mn}KISU4P7
zEOZ77Yq^A?EN5R+!fg>nbURv*0$#Z{srnB1UhI>l`LkG*r965_FfLRO$hA5isPq|a
zVh80%5J>Z4!C0Up`CcWuxG}e8rUq&{lSW=*86YgS6H6^m{jH?&#F}C@PJQyHN1clb
zGWcY3MZ0(T?iMyCG8}8X8r*<iU$zOr8&QRNe8;2uH89DEXWg%R=*jKQH$>%tmdmu>
z`dJ4}OE4AROPco?7{Tgcu+w?i1`I+HnrAZ$6R7cLgyvcU8<(7`m1pDVxCx~~f7X}C
zJU$>`QPvcA`!3w&kks5dd&^yIkKvG!^EO(Ki4{f&V*NQ>3aM4IXVAE?)Y^tQ(r{JY
zF5zDO$d~FHx3&RRt4!OQzpQttd*`Ki%V)<Wy*|EOBt<kAuiE=aBv$ps-KZl<hN8Dn
z+vxVN6Pmo6+MWe}!5EFg+gC$py@J_jBa!{*0ZB3gh5}5bY-qOgSmsxbE-Fxu@4Mgy
zY@J!{oZ^`NPP+x)_x2r`mh&g|8cJjviqHo8G9$%oZo2O1<MOT?wmVaT^cGjIX?DIm
zlKi`Iek=PCVD~Un<HXqw;Cc5&(z3Nr@*oMM$3W0{EtId_<R|-}r_9_G+VtEqnP53N

literal 6303
zcmV;Q7+~jx0t^GtQPoXEkO}7j5C2U?g|rzZ(Io7DWH3^b$bVr^!`IFLpt}+9>Znsf
zcIEAd?s?cde>e(iQnWKYIw>St^kB>9$#99kjbmxTyGByAbbT<W>s;;&J+FN4Q(UoR
zgtn*mFB`*bC7}xTTy0^wylFnJ$#4*+tfYZ0=aaC1%5`OSkXGLc+;D?gSoy&`aI=A`
z$bnmwtOvrEMGb7DA2CyI*&Wi4+zD|xVh#OWl~^~*=xPeOm&L)geXWNch7Dl_Y+Cz4
z>49pF5T)xJ<f+E~9Nu}Y45zj@zrhw;3SHvRv;IRuzckC<01SWD8)U~O5|JsKvItwQ
z=cy1L_S<0fJ1g=-hf0bdv_7u$xhFF=Qk;yumAkQ_@5<84tXZSQ){>#N^zU*Omhk$B
zYuWyOW+(mqN=VS)Ztl@+uH;?AjHg0jI!uNU{(LTGBurYh$&XBa**^9(t;A`kvm7uI
zfDNh4XHEroG!ybtn=*?q?8z4Uz)}vu(I%&y2{P<h@L@R<{a4;0rza_tz@}?Opy=kr
z4R{PK==DBH{a)lokrtn~yVHYql$->5z|(BpaZJ!Ba#~O}$Zla*9G9}(%<OxI5Y?=U
znuNIfy^oKav`R7^oBWT;fX049{Lw+zWWmmO)t@p;__J9Q+agUer8f$wF&wFvhWC7!
z9=MgSUWb)MWV56dYk1P?0VH>h`7I6xb-t0oM6Q-)UccH;y%<yB$O$JS<-!6T$!lN#
z?QG~tVa@jTr=yW<tJI2j9&sez5oDK}ts=6F<9dsqIn$Xtc;ujrW~?)SmsxtFcfo|)
zm++}~#)ppMdka0*NvuwmLVeI2KTlyh90f@fp@%X^f(uUe!prZfvRcA<*s&}TM9Jw{
z+o7s)MuJj{s)o@+g&WQ4u`F=wxIWNI8bnM|CDd<BYX)p5Lvy0#b^_Kh?;=sE8qlD(
zqi+-nA<}GmzI^Dl!RFNC|N7XrdeI1X8`Ff<ZbL(p(YWiPYLKN?`<M<S)b#`pUuvnU
z3l%1HmqfmO9@1}h%1Yxjsy84mT~8SQ)FGFZR}f+^+pQZUgX9UOK7dosGa)Ofr7WlJ
zAtJgM0fi;`yrU0bhMpFe;ri7WitepG?P=fR&dF{Qm7#lPh>6$csp60mrPGQV@%-WK
z@dBiiHy0=-&J*V1nbv??&EULAfCAr=oWXpv@gD_U+1JnP=SoncQRW%JTG||{aAXPL
z>)>K~b{JQ^9)qR3A_nJSPE!!LRZ&CqmC)8Gbv|e`+n(PLPq5#knZG344rlFi3Ve?<
zF#7!*mA0teWiHExLoB4VY?&eir!10DuU}4ul`lavkGUn~iRwBoA=sh{1@qm&)s1@T
znepKMSe|-uJ(wSVDk$3z0!o;|0GS8T3O~yB<q#lry3P(}F|<!2Vs$aVc!!X-p(~Fh
zpMCl%nF%8g37v(?8`N1I&OF@DdJ7zgb%Ys0?Ta;jZk>MwK#&K>f7Sm<loq%;z@D8S
zt26@~l|*c%s|O`RD>>&OUyhX^qImrjCdVDF@;n5rPrD0Lg&*f>A}(t`&#Dujq@0E!
zn=@cxnI@h$?+xZ_6hSe^a>z|lKbJUljz@v%*hj(TX7x_e=}h6y|8b%8puIsFnUWdD
zzl<d@D;Rrso<0(P#R%^OxYV1<9ZM-50J(0Y13*yh2i3A~nD{HJn>O*}Ut3KZ9>l0r
z3Tpy_PH%4PpU*s8-C&RdzAbrz4$v4lJm<D_zHfJ|lGYJ5@yFk&wv(cPHGZm8ijFu^
zS$^KdFKQOxls()^#eXT(ef%?#LbmkV9!UDW34Rn7Sz6)pHF~?d2p=7!W26md8Hf@k
zMP5{^jOzUVPY^l!tKQ69{%(_rUKi*%z|J3Ff5FbhvTuRN94nPR><6MFrezfFsFFGV
ztEOXr^hI?A$@q@)E^el^!F<zkjFWyQA5dMsOv9I6rvB~};*CMNgAdY|L-(7}BR-09
z1em({o<4DT(iV{_MZf8}yk9|pXqdD5{cit6D@6ENYoKOlUm@N<Wyg7N0|QU)V!})%
z>N;@xjwgI~U=Y5qd>SIWQyka&k|^CHu9m?oXiJ1PWmO^|xyK)JixxFvm=3H@V}8gz
zWYmU-x+af4CYzoJR8*=Wi1RW6XBW_R@jYTE(d$cSejQh>;m@UMNxe6cdbDsajtuO4
zTEE`(7x^PecY+N|asKbScWd>5Tr}^|37q+n)HWj~WViOON%+n<d#sPOy5VX%xY!~x
zNlm@|NAD`J<<2t!Qp5*k%iqIZ-I^mji<=|0+x#eX&0zL?t5io(&w2@{?pXG)IbsAk
zim%^Wv)h{UAlRH}XoVUqj8`)IRa2*Tep^p=?>R&>wUzv$x|5(H_Xx;6D;|!jHKW))
z@OD>}tY@<PWUjs(^u9Ku-<v;y900+r?KrvH>8up_nJ+Sd_G;<}pY6?JAFA?SCKD?9
z@11ME^o&<}PrPkh<s7x_Xy!1X*yvBXXMxVQe1dPlhCxrR<fR4Diu}$0^rz9t7hMZm
z%xW&=dP*Lvvz5!kyVn;U8WG+rfu1t3qCKS8#R#YT>kZcgZ-oxm0fnmN@1gf?@45k%
z0=NQQ;G@Zm=u?3xW=h1w#DlnM0UJrbS{0q<`Xpz>HF;Wfe1&~xst5&n{#PDzIS@|w
z9P(0QfHO<u6*?9hd3a-k1cJDp4z!wmbpS~2Db5eu_Nn~654IKJ?#56jrH?*T>*xUc
zo;2cf$TdQ&iC4YUYKj%Ocwu6zE^I4z;66%Ik>gE42SXTK4}t@#1;6Gb#{!po(T1E9
z`0Vjp2$-q??J^}e>s8x*enm%^y0Q~f)P#$rpaFSj;PpHIXt2As2SrHC*%P<lHe+b%
z)=g$2DGe`!V;K0(@-3a&<hDyLk>-)&PWUa4Vp!d7z2Oc7&<TOYKNJr&Dkr)D{wlDc
zT$~fx*hNGc@83SKp~^Ky``vQfgMPSc&oo%Gf=%Zza(T!L(?Z&gD1Qth;*0Mtl7(4i
zB%@U2qX_4<fKGq%Ej;#<4YE=d6^V2&As(xRzGA^+Z{ikQ&}0Zc+U2DsS;><#+sQBq
zrJ7)cv)=G2C<hxbakT01_<+E}640M!D@UyzT+AK2W4DCJx`<cQxf*%lKlN%$5e_@a
z9+JNW?#2PoB`{F27ijhkZ%oI7UzPp^sfCAE0GK)eXWTtqd%IV_ccAQ0Js~LAzyxS%
zKl*R8>%Y>&%b3I)f!9q^Xgx8?Sb^(cz<xCbggWMHo@l%E1#4UmhXzpV&(w!M67O7$
z3|xmzqeys><Yw*DD|E0H8k6MySRRh_^=Qh&xT&@Pz}{tX&M%L}(HPf8LW1Z7kme|-
ziW4YLt)rmX{K^*&)i%xeI1-9eIHV_`J_KL$@0H6@LU>)oa_Tntgc?;6={K-XUQoc%
zQ2>K9>#1(7=pcp0EMkh!ZET2VxF6A)i+JAwL&S13viT1-vVQulnR~R(X{{?|-}wOp
zpGKfnLefZa^M0^X#j{+=0x`ph@mleI$M?{vITN*Qcr_f{H58lzl>Ejfk;e&y8-AU-
zSOy^55{_}QM0m?<Z$7u?Qg*$MI*Kq9dP#4_b3cEUDLmPaCnZf9nJKtk5XNfai?V?*
zB1d9)k<5>H*8-yvftOQl#ZICLkWTi7IBkSn)tmg1K{MJIma9nl&?8%FJ24>Vr1V(^
z%z7pvrXBBp!)ny%u|!6IQi6MHLXyZ(H}14n{WH9gi4MwB2p}^wp&t!Zf;M=54wFoG
z|J0=GygAnP8^eQ7X>7Hkxti04<g*{0_%bW=Dqm$q_S-#GGJc%g5Jl1-=$?PQDU2}T
z1Zx((CtEFC1z-ahFg9h<;(JS2U;v71k^Si<%nI+^?!>T}j2N|DTRyECq{>w>$OhL=
zGQ91|d}u#qbW>gG@}+RiC%h<_Med?oPo|TN8Bo_eDu=|(LOPW2?5z(<W>T6dWGwR*
zU8%{FN`zP^gLd3P3+tf(HX#<U$F$4UH>?c1@_9W~f>wRZumIIE!AJ$H!+Qx6Mobn@
z11=Ggk^Czygfv+*h+&Y)P1PUU{RDXzC&18Wo$G=wVR_g`40n-FseM7z!v{N!7~RPz
zB=UFFn{&VPdv0_abPP1l2*ViTP5lD)l0yC-Cj=bahVk%q<KeW4ZWheNFX?4_PpAB6
z>x{{&7>j8{S{$q0rjWUmop)C>kqb^tm*`|=`-&O9dRY!0>@P0$c;4o&EE&9^U5|&I
z^MckmHLneiNIG?OBTbY<>!<5J5g?qwJAU8+8pMfS88`~vrh;53`^^bE-}tU#N^U5;
z_ERWQU1yg_hAO#NImx7ovHaq(7zVGbJGZ>oEA;en6T)lh71Th67vo{yxlySr79lPw
zri>FsuT6p`Z{(v{K3=Eloo@Ri`=5jJyxkz)-v+dwqZTGmezW*h^Zwnle0vJkeAGM@
z6~??oY>Vj%u$RvZs7?e$4FMW})TCZ=_qw7&aCggZM@$;@0siX43JrXpMpDNK&jOAX
zkO@{$*!&Bj)8FJp>e8TNz4D%H5tp9v_BH<xfrWrM9@waz^W8@|L>4HPo9=5y^c+$f
zTF_J^1U?ez<ciSq832XZ%3bl#JPUSQ_l5Ue=qMek?)%7JjE%rv+Bd5lj7UmA2NTz{
zs+$GLep)dWo;h1hWWEnOzz2G`ktXQY6bp77CaW;$cQ<CV9E;qt_gl_zG(do$YgJcx
z>TtjR&<Kbwlm}OsL(LOV^w`B)%UbJ$z>eB6QCG){KT6~YXvw2PsJNSBjYyO#F(n9y
zWa6CgTM|_UCsAgIg?0&5HsHvF4{W}KD15%&=ku1U{M4y>=)|$7Mhl-y*~ivn0FP^p
zZt`fK_aMEkUBP_9yxzuMpZH+wf-XQUy9j2OZzQfrbLmR$KDgGT+sO?;dJ<-vKO3ns
z!A}_apJ9FTTAHj~=vLx&pQG$E6n3C-AI{pvA94JE*55mN1lxM&b`1Qy88y!hkS}%g
z+l(yE372*O29d0cb9n|{3&r4=f}Dqn{1_1e7mRw8lrfmXn87khpKaaKeJ3VrWunv}
z+dz5~ns84UCijDhGn$0VpQ3I)z}Jgp0$s;55QR5mS2U`UC+3ubX}1^w&lNz+|0>Pj
zyp$6;R8bW@P4nKE4AwbGB3l}B6!#WygB6r*WetW;1cT0d&!vY%)|@GYxi3!luebxE
z;5rgh76#OhBx=T9I)4uHKjZFcWfsQ{wV}*@P<Z`yX>#4_jz`hb#A!(n@yC2h6{O!u
z&>1~K+_KDMIOaIDSbPjwmgi_;Dg9NQJ_lC>4j!pz8mds>NxXk5+>VkTG*=WjKb85t
z_d3{6lYEi~y9e0~h0t@_?BqCG7ZM95z+98qwZelL4J&`IU=T!uUm#`0Y?R<E3&W|R
zHc)ucac=@4M?2j*M!JRO%ttf$+$JsJ9d$-1vx8UZ?_X)}jzuYb!K#ein?qde@Ke@|
zZm*3=9e^+8I7YR3Ih%0|!65If(>(mx8-+W@Wcq2_qUV8pKBKGU)f(R+3^Simd(e`N
zOtSXwXx(EfyPmFQ{R;Dyakrwd?VlxcAvN`+<_AeinPpauAqbbMPU==lEDmP&BZ<8b
zTE|tqLkJ;3L4-6eRW+&nREr@!SD!X=6P5uRQC$l%Y@~2^kuEiph=a-@1E!a$1_gL!
z@r1ge$)XfKJkOK0J-Gd3nppUbZ^6*&63k{xRrUZt?!lA#qyB=@cWO-~zUKnd>g|FI
zy^Li^)quqm@m^K+GOGRPLwR3c%c20+rLy>)&qv)81+2DwfHXg)Y+4tG--ZTuDG%-D
zz}cYzAo71V@u6!0Ly6-B>i@zc>b-MU2k#x~4YbY!MsdUJ4W4X`HS_1s7Gknp)hFn3
z+tZF``4Z!9w97V*Ff>xJOFkC^KkIR+B&vc2Xc1+|>}EiHYJHro6i4_6my-Y=T)l%j
z*YEjjk%j<@bKMS{`~IRz2d}(@;sI|``XD;193x<#yxy!>va32K9xFveJAD9FM1z)U
zafdXm>_y*mW<+|%AwM5}Sar|5bwHNSJ5`BzWGTEl_cei%ZmmRqte29BV-?bN`Ty?(
zXV)+KLCnK3569{Y7_acO8)yj?v|3rKV*qfXERWNmzf|-qQ4tRyLU_3sV7^#j#LnR|
z1;-c}kF#}jXh5=b5#-|>Oz!2Vp!v4a>aJAGku*6E>CDdc;}O8=+o+%fN}c!}+gwsE
z3KZpbB|hvgu?(a%cWHU3mA_F`{DZWt-A^k|1PScAaae2aB{*_BXxu4{o>}!uI`;hF
zOhL2B=$P7rQER1`p+yPhAKQb2bFkTH)t-((8_edh6DO3x<a2!5ebv@-8eQ>f1dgz%
z&2qbe7iQ+kYk~9xC3u5(F+4+gEmF#uf3QxoagI(;oG@Tir6C{k#Lbi1)}$x~N@V0M
zsTVFjEWwr(K4lC~z0lG-ZwSW|ssXP9NT{EGji~$s1gCfsA@F$#o`mtGTS$ZAzo$4t
z>xyJYY=Dgl0Gf3Ec?p60A^266F|M^TgB9eG&h%@gG^1P)Hlp^&Hyl;>PQ217tZyt;
zlRVt}G)A1}aR&P9vgxIg-rg0=u^nc$KE3nqEg<7{Kd6Eb0Goi}(6=lF{z%=WJR8rs
zV#T*YTCA<GuIF^|P)>jZrXe#lfooONCZjLYtTsYF>?wu54x(q17Q~h6h0XmT|F$hZ
zz}<(YqYI1LN?M3+8x7lQ(OOCAdN?1}NQB_`WNtXb8OK~-;8ClX3}tcboAji)p(yX>
zfh{GM1;HgFhA%4V+NHwU`$cKisEehp%aUiH01Fm&!v;RiOe2U-M%QeFKSJddNjx@N
z#Z{T5_c|MzFOPF|<2*aEpuFi6a9jAJ=8q=Ff1^oM@^unIf5Rv?rpX^ZVLeizs?Jmv
zG=oo}kVCW2zPs>8sK}LKnHO&SqED#l^NlA(tg<?Bo3wtGF?s6&XZTR!F-P8;3O@%%
zd@%sk@!gpgj$WNX0|r&f!C)FJxvqa5qvAoS14~267p`f#G4l2m=zBSazvdGsl*Kjy
zhKo-2Zhea}?2g=@hh%eI636{?Bv`o`?1-cRQWdx&va94}bF|L=h$x3bA1;h>+~IZY
zwW~5`%L1^jm2P>4)ZeV9NuqeVQ~R$9f$O^G-A&gXg~b-s0ohqTsjVOTZ~x{LM4u`~
zmG}i9?0ys?fZI?$OPe$zI*4tk;N0IZSy&aFgd|IeY?~A2ciFaYu-F*9M9+A^=okf>
z5iG_?1i7xI%GL@jbfVm3o00DjKD6d`GK0jB`{ZH?N^z`7_9uJ&qd;4%Z$CAY^yL0F
ze2Y4sQDc0(#VpEo`ReV=S$5dhJ8nKc_<@__nm;H?M%xXFz=xDBt5`C>h%#Keq!Bw^
z&~&@9f#Jt#yKv?@wTJI4C{Jt`v;#y-6HGGXvl64Oc<ul2#gMVnS?BQSWWAqq)*zcz
zokB@kHvgwtnODx}#=R%Mo(sib5{Cnm{p*3@ktDFVBJ!x8dl`uGpjcKdQXM!Ynp2U%
z5POAX!fNKkb-e^&?n;*xxl-l#ZSVsDrfE->iTH>s+%{3;8vD_?5)Q!^R5;<RQ*PTh
zhdu9M09Z2$Jj~G*-(rE1Wbc`kI;PQofY%w=vF}5>=yiHdX|L9RCM}e(hRFY0TT3#$
z6)*q|dfk)=7SgNg)4xN@`oyyvl3o#Lk28rg0IBW0j=!nn(=|ChVCGoccfrfYfQRso
zt)K-G)mN1w%q{>l7Ch(lvjG_wiZ<5nXPXA!XGLU@zZOI~cgqd4ue05oD+X$+^3?Gh
z1h=jXj)KKDU+E8uQ9JF4=!k$|-o52peV&vl#KoChA@(bjaW-YsS5g_6nq1M_9tF?H
zj*DL{s%e^}>FfPFpd($QZJBb`BU>6Dq`YKK6TgF|8s1Bu=daqO4wU3(q9Z5lmc$Y^
z)k36WNKrB4@M0Fr{l9->51Nv9h=QI1uvmH0yB+oScCxuhwaH&BuiA{3K|wBD$bnof
zCJw5{`eiTTavJb<Y;WNYM_O#i2W>@{YQ#9{7j&80=ewX{{zk0cAu^tge6SGj{^w8y
zk>sTYE%}rr9W2ad6Y6z3Ur`0`qG|OEziej32HG=pp^zG0iMQLnpb?tD?r;p}*M{b{
z$InOK2b(x)CD_;Q&q75Nq$}HOmswwm;wUk1#DTQZU@xVu?as$uLi+d4x;QgQ^*S0U
zu?egJ55i^dV1}u3GT;LXZgj&KQoLn4Dn3Nf-6npwQuJYeig(lUYn9Y+rur`0&i%=L
V)_A)_!6v@r><#*g(S7&Y8xO}gI{yFw

diff --git a/systems/redoubt/configuration.nix b/systems/redoubt/configuration.nix
new file mode 100644
index 0000000..52d255d
--- /dev/null
+++ b/systems/redoubt/configuration.nix
@@ -0,0 +1,72 @@
+{ ... }: {
+  imports = [
+    # Core Features
+    ../../nixos/features/base.nix
+    ../../nixos/features/tui-apps.nix
+    ../../nixos/features/openssh-server.nix
+
+    # Core Tweaks
+    ../../nixos/tweaks/zram.nix
+    ../../nixos/tweaks/enable_flakes.nix
+    ../../nixos/tweaks/systemd-resolved_nonsense.nix
+
+    # Dotspace
+    ../../secrets/dotspace.nix
+    ../../nixos/features/stronghold-binary-cache.nix
+
+    # Users
+    ../../users/lauren_lagarde/lauren_lagarde.nix
+    ../../users/ashley_funkhouser/ashley_funkhouser.nix
+
+    # Features
+    ../../nixos/features/virtualization/dockge.nix
+    ../../nixos/features/virtualization/docker.nix
+
+    # Redoubt
+    ../../nixos/tweaks/disable_firewall.nix
+  ];
+
+  ##############################################################################
+  ##############################################################################
+  ##############################################################################
+  # Services
+
+  virtualisation.oci-containers.backend = "docker";
+  virtualisation.oci-containers.containers = {
+    dozzle = {
+      image = "amir20/dozzle:latest";
+      ports = [ "9999:8080" ];
+      volumes = [ "/var/run/docker.sock:/var/run/docker.sock" ];
+    };
+  };
+
+  ##############################################################################
+  ##############################################################################
+  ##############################################################################
+  # Networking
+
+  networking.useNetworkd = true;
+  systemd.network = {
+    enable = true;
+  };
+
+  ##############################################################################
+  # Tinc
+
+  sops.secrets."dotspace/fortress/keys/tinc/rsa_key.priv" = { sopsFile = ./secrets.yaml; };
+  sops.secrets."dotspace/fortress/keys/tinc/ed25519_key.priv" = { sopsFile = ./secrets.yaml; };
+
+  systemd.network.networks."90-tinc" = {
+    matchConfig.Name = "tinc.dotspace";
+    address = [ "10.86.84.107/32" ];
+    routes = [ { Destination = "10.86.84.0/24"; } ];
+  };
+
+  services.tinc.networks.dotspace = {
+    name = "fortress";
+    ed25519PrivateKeyFile = "/run/secrets/dotspace/fortress/keys/tinc/ed25519_key.priv";
+
+    chroot = false;
+    settings.ConnectTo = [ "stronghold" ];
+  };
+}