From c694915cd572c0207befe85da18d2c3be4d34385 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christopher=20M=C3=BChl?= <toki@toph.so>
Date: Wed, 18 Feb 2026 13:39:06 +0100
Subject: [PATCH] feat: add cache.toph.so Nix binary cache key and substituter

---
 home/by-host/endurance/config/aws.nix         |  32 ++++++++++++++++++
 hosts/endurance/default.nix                   |  19 +++++++++++
 modules/generic/nix.nix                       |  10 +++++-
 modules/home/common/terminal/shell/fish.nix   |   8 +++--
 new-secret-ci.key                             | Bin 0 -> 4096 bytes
 secrets/aws-credentials.age                   |  11 ++++++
 secrets/nix-cache-privkey.age                 | Bin 0 -> 532 bytes
 secrets/nix-cache-s3.env.age                  |  11 ++++++
 ...b7d73f036321af22c8a9c-nix-cache-s3-env.age | Bin 0 -> 348 bytes
 ...ba1595d566934c2ea6ba-nix-cache-privkey.age | Bin 0 -> 475 bytes
 ...f8ec095d92d6d65af01f5e-aws-credentials.age |   8 +++++
 11 files changed, 95 insertions(+), 4 deletions(-)
 create mode 100644 home/by-host/endurance/config/aws.nix
 create mode 100644 new-secret-ci.key
 create mode 100644 secrets/aws-credentials.age
 create mode 100644 secrets/nix-cache-privkey.age
 create mode 100644 secrets/nix-cache-s3.env.age
 create mode 100644 secrets/rekeyed/endurance/50db29637a0b7d73f036321af22c8a9c-nix-cache-s3-env.age
 create mode 100644 secrets/rekeyed/endurance/b26d17749592ba1595d566934c2ea6ba-nix-cache-privkey.age
 create mode 100644 secrets/rekeyed/toph.endurance/0948f172d4f8ec095d92d6d65af01f5e-aws-credentials.age

diff --git a/home/by-host/endurance/config/aws.nix b/home/by-host/endurance/config/aws.nix
new file mode 100644
index 0000000..653b3ff
--- /dev/null
+++ b/home/by-host/endurance/config/aws.nix
@@ -0,0 +1,32 @@
+{ pkgs, config, lib, ... }: {
+  home.packages = [ pkgs.awscli2 ];
+
+  # Derive AWS credentials from the existing nix-cache S3 secret â€” same
+  # credentials, different format. No duplication, no Nomad API access needed.
+  age.generators.aws-credentials = { decrypt, deps, ... }: ''
+    KEY=$(${decrypt} ${lib.escapeShellArg deps.nix-cache-s3-env.file} \
+      | grep AWS_ACCESS_KEY_ID | cut -d= -f2-)
+    SECRET=$(${decrypt} ${lib.escapeShellArg deps.nix-cache-s3-env.file} \
+      | grep AWS_SECRET_ACCESS_KEY | cut -d= -f2-)
+    printf '[t4]\naws_access_key_id     = %s\naws_secret_access_key = %s\n' \
+      "$KEY" "$SECRET"
+  '';
+
+  bosun.secrets.aws-credentials = {
+    rekeyFile = "aws-credentials.age";
+    path = "${config.home.homeDirectory}/.aws/credentials";
+    mode = "0600";
+    generator = {
+      script = "aws-credentials";
+      dependencies = {
+        inherit (config.age.secrets) nix-cache-s3-env;
+      };
+    };
+  };
+
+  home.file.".aws/config".text = ''
+    [profile t4]
+    endpoint_url = https://s3.toph.so
+    region = us-east-1
+  '';
+}
diff --git a/hosts/endurance/default.nix b/hosts/endurance/default.nix
index f76bd9e..79d649e 100644
--- a/hosts/endurance/default.nix
+++ b/hosts/endurance/default.nix
@@ -20,6 +20,25 @@
 
     #quirks = ["avahi" "docker" "nix-ld"];
     key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPjqieS4GkYAa1WRYZpxjgYsj7VGZ9U+rTFCkX8M0umD";
+
+    secrets = {
+      nix-cache-privkey = "nix-cache-privkey.age";
+      nix-cache-s3-env = "nix-cache-s3.env.age";
+    };
+  };
+
+  # Sign builds and push to the S3 binary cache at s3.toph.so/nix-cache.
+  nix.settings = {
+    secret-key-files = [config.age.secrets.nix-cache-privkey.path];
+    post-build-hook = toString (pkgs.writeScript "nix-cache-upload" ''
+      #!/bin/sh
+      set -uf
+      . ${config.age.secrets.nix-cache-s3-env.path}
+      ${config.nix.package}/bin/nix copy \
+        --to "s3://nix-cache?endpoint=https://s3.toph.so&region=us-east-1" \
+        $OUT_PATHS \
+        >> /tmp/nix-cache-upload.log 2>&1 &
+    '');
   };
 
   networking = {
diff --git a/modules/generic/nix.nix b/modules/generic/nix.nix
index af43f90..bf6bf3c 100644
--- a/modules/generic/nix.nix
+++ b/modules/generic/nix.nix
@@ -30,7 +30,15 @@
       keep-outputs = true;
 
       trusted-users = ["root" "@wheel"];
-      substituters = ["https://cache.nixos.org/"];
+      substituters = [
+        "https://cache.nixos.org/"
+        "https://s3.toph.so/nix-cache"
+      ];
+      trusted-public-keys = [
+        "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
+        "cache.toph.so:sre7NaMFLUyRGuHY5MoC4Il4wD9lC53Ct0D1A/lwb+A="
+        "cache.toph.so-ci:e5n27lZmhhdQvYClj9PZUFJIYwiBfC7eJkEXe8h4PKU="
+      ];
     };
   };
 
diff --git a/modules/home/common/terminal/shell/fish.nix b/modules/home/common/terminal/shell/fish.nix
index c542177..186427e 100644
--- a/modules/home/common/terminal/shell/fish.nix
+++ b/modules/home/common/terminal/shell/fish.nix
@@ -20,11 +20,13 @@ in {
     '';
 
     functions = {
-      nomad-ui = {
-        description = "Fetches the Nomad management token from alvin and opens the authenticated UI";
+      nomad-auth = {
+        description = "Fetches the Nomad management token from alvin. Pass --ui to also open the authenticated UI.";
         body = ''
           set -gx NOMAD_TOKEN (ssh root@alvin cat /var/lib/nomad-acl/management.token)
-          nomad ui -authenticate
+          if contains -- --ui $argv
+            nomad ui -authenticate
+          end
         '';
       };
       agx = {
diff --git a/new-secret-ci.key b/new-secret-ci.key
new file mode 100644
index 0000000000000000000000000000000000000000..fffffa2d5ef1436088af32180adb4890a042a207
GIT binary patch
literal 4096
zcmV+b5dZIXRO0q6&vuZ7LMUd3P_4hNHbXqTH^;R5g3w3MziO;C3%{YXldGO)-+iK)
zVC07BT&*<0@>Ql{*Q(qj4oDHEF{$DzooF?xL2?f>F+~J3flEaZ(8i2yT`XTY6MicO
zImR{0Y^kGcIbKsR(9Syc;Q~qK+yhR5GAL|ttc(uZ$6|MB9JdrI@yTAEx%|}T>}iPH
zl#u9~|0(+@`Ph58ZfLO4_5map!u?|%Z+rB6m6i^O+ZL}mMaXuD@TqHHv{8G(47his
z;w%W<2pOs}R(%b9L2rJs34w!E;q&1nq4_oNL&)_=vJjq`p2B~<qlq(L50|0juJG{l
z_zCu>pR2evKZ7tXCivQ(Ve9<|=w|R)(W(zG;si0wu@A%C_QT3+6X>PdB=OE;l=r%A
z9>qvA_tr^L(!u`*o11!=R20vL{a8x)564sh?e`p$l(nPjG^d3Duz&jk1y2czJRIhj
zpZS}mD6y$N)1|2fcqZJyczj~Hhi+sBw6OKMia0r#doD@JcWK!C$kR_Cb8Ri`r(Gf7
zbL(>a`X7kCnQzp9Z!4wyr1Qirl8=?K_--;Y2bSlx*X3ZLfNTTAootyHZdBPLPO)5X
z3l&I}->|q`+Mf(y)x3l#y`;G=#{XN1ERzx^rZD2d>{$7&6BwI9aN=Y@d2DYhu?UEf
zYiK3VZcO^)WQ*WccqY^L&;9TA26*NL*a#hA5ZS0VBj@(#vL`J{kp#)$yZ3xcA(6Fn
z+0ya|&yg)nCStN<9>_%z%Psf}Jt9@mO=ywytq9rAIFp&Z(yT3sJfQr+1ED1a>md&|
z-(#G{A(8;ND%RU<`>Q1JpGq^uh5e))`QQ}!cAp+Hc*VGdIt;P5jmOMs1FTUFl3w+#
z6)Gj<wPYhkldIt9(s|Yrfga_mrw$)4)Aky;TE|*XH?R!S5L33sHam2sOi9@XdfZtF
zLMLXWe;L_B09m6B^zKssr74a&I`n@y2*C==^hYc~31w+69UvC%NG?{r9gadWgD4=g
zi)}5M4msLlWCy>Rntx<V-RSj1M@&Tjj6heG!O{-D7@P9rYl@-#1wQ^x|1Ddyg?#Fp
zu*jdj?=x<;g{*Q+4J6q+3A#hNkX4$G0_oq6GInYXeVGUHd7os9v&I!hs;>UlQ({lK
zZp!t)k{tcD-yp_IglaVMgR(xq8qMq&Ox#)JhccR(ls;HPv}s?e8<Sma0=CccP3jsQ
zn${z%X`8=16_f1FwE=mdf1$MyCKosOU0kszouo;thH2h`BId%4@3Cs&d!IZ7zRzI>
zQq)spQk-9dFA5W{aGd#w!juxL{*bY5#4v$YtR`vl88GIfcF==rVIf9w0tz`o-t7jO
z)nG;cO*l545PMyY%jfG?GuxK77fx-OE+paTY<aKA+JxR$Za5_4NdRoxAMinN`ni1?
zy?|Z^sTk_Ud+I&A`KfycQ{q&qQx+62;XWnx3Zgew_64S%)YJ29pM{G4+fPf*0^wo$
z4<nY#PB*J4q_56gZZRJo0<Gfcb*Jx}UB-j(Gh@5=r{dUx{=$sBE*opk0Ji*$<*=#R
zlv(QtIs}lG8Ag`&EPKW8H<%<4kjpLMSp*{KugX6kSUOhkg+~W#H`MpSyHz>e7il(t
zUy&$M08v|my4aasGP0}7z(n^oO&u9o3`rzpmT(%hO9slDbWtYK{Bq&YWeDm;@Sl(R
zN(Z7Mvn%$gaNP@D*Ux?>$rk(1{!M9u9ytqYBqWyCsRknT%mz5XpwAeed3Ttv@^@h?
z51ywAqpfeCigbe-`C{mqa<Owgk$+u0lv!AKaJa;1&Ez=Dkqj6w`}0qb{JY$5mn6u=
zb2z~=9git)wbi*<!(@VW1LMBx+Q4w^ob{hN1a=jLSEkf}XMnCurKz(aPHmwk{XX2|
z*-Jj;m?qTR!%+*-a{##YXK&g6x_MNSPSat#IA$u7t=V%-t7E>K`lGtd*~7}+^l}Gm
za(|^9btE%$!9BgCRZ-1FI%po<EQ*vbCA72hLW~hq{k1>fCCCHx&f?Lm4BXU?%>ANz
zCVOe;8sJ|mxNvD;Ohd2-)GPu4rQ-9;<0u5C|6&U<XLTzB)4={g-v-XCtM$KE;}PgZ
zv=)>DGxX<a6VNK+pqU7*w4>`x?&?P?rouLJ0qa*N=#Ju~w<m-##FXO)MNns@d*XH|
z1?1LQp3LTBQ47gdw?J}knpAA;iMtSd-)z!|?P5UV7IBGXjhkXkzWhUHyw4>00BQF+
z5?r_Xx&R61VU<&w#fU}^E+ghAE^Q9IBBM5c@)>?Op~z(7$qDZ^&3#6qR`OPNy_H_H
zdmQO#1r_Y^faiu&Yij)E*pgD>=M!`w(16C_V5o0<4RWMJUoP(|&vlnj=uqjq&spA1
zN6c}jdG0obn$bW}xwg?FMMbr&VT|r7p`^>h@?d|V{&BFdT)SP7>FI>Z{_lyQ7p6HS
zX~WZCwgi7e4DZXTo>v^u^BB44H24u@WRmby*pOc<Kbgi@19qwcf&cDkqKE%?P{Y#J
zT$@UyrkPl%!gwR<gkc*MgcU=5je!$Tr%XO5FElpA{L%NWOUkj=C^^)Sm^fAPKnoqV
zb3ld0h~IHFAx$)CuqEtm6+{*oZZ%iF_q(5AZX<;0xC^B4MW=h=A5t2zE#S#vqeRXW
zXl43%?(QZ92Br{+6{bEu2?r$9P*~(*9S>&@dbQFr0nKkbA9tQA&y0lxqH((n6E2t_
z_kSVk-p|{5n0?F{>V2P45c9MqL7KY4W!Yf>lH$5SURH}Bp^1t}4R8TFhUkJ}%L-_i
zCtna29P;owD_G0BpdO-XV+$X~Z_eI-haAC9aII`dn_y|CpQ^dTB=Ea9S#PpdcmX)n
z7rbB{uRSJJ$p4zS*!TK~Ln^NFL)N7!m8v>+drc2mT`M6Yc^^tbl}n899NAvBM%Ja^
zv=snzpA2m!OstY0yZ1Q=8e_I97``4r|46)CenWGpp?*F6SBqN99f;sY-|fDlOEM4f
z1h520yZqHnbB8zl@^>PT7t3R(g+tfoghZylL74({ig{;g3~DHciYd&IXd6k#KEkB(
z`j+>dK|2WUK|kLF=Y)TB64zW2a;aCxZKmnpyT+=pM?(uoQ7p5)2klp|+Nop&1`x<{
z=s_KvPTh})^gT-uVau#GE7;{RkJ{mB^_-8<-}ZVruWT(#tNLyBEFOA8*f2oLZ*BS-
z;N4imb`fh(q0^oH`eIk3d>n9Yx@hy&41Lc)^>HwZD8Uq@?PP`ZX&m}&B1mM!VBoCT
zasWhqPUOxaQ!fXhlA!#DW)7Em1Qva9>j*quKEi!D&z@^EthX5G@(vT6AGR11UeBf(
zK{R#{oh6siu(@<HpUJ^;AhFmc_oS4>6QM(?yl{=}`j>5kMJ>-mL0K8#y$2L)W~5E-
z7yYvBPgh%K$%l#{lOW&DR2Bu%aP%oXRFpk3R`d1P7o|L}FH?kX4d?9Q1b4;Fp!wqi
zPz8$~H=aq=qF2K~ME+kAopr)=Gd}?W-VK*oS8bFnG3)4ufGx<DSyQaSI~T>$P4xa(
zC0&xh&^6i8X|VUozswA^k8L#M%w0K6m)CSDgAj&{pF@K8$<)VV333t`Wucm`;L|w2
z<K{B(gBY=iL#e?jcn|7n1H=gNuNVc#qmXyN_Hu@Ee#-n`r`su(b3#cTg6ctCv<3LS
zC*GzXrd-V{Y)9AH0-Os6?~g8)5Q{nGnNA;zp3%y4DbeMe;hces;|?2#IDP%?RtmVZ
zsF+fv7(FyH1_C)0@1gosX75|w5}c1Zg>cLHeC6m}AbnJh=WVB!R+w-($!Tk=Rj1UJ
zYAd>*#{P9^br}zZuuS^|C1L&;pwZjZppA-EABxgX`je1yD--Wog&kJ9N27ef8vpd;
z8FqezEN0L*Wd<bl$NZb4ad8y=h_8b0fT^T7pJ0c0?3U&i$MR01m|NCXmt$*L%)IJ#
zehy-3#<~~g%$Y3znr*)&_<jd5@YDkjm@BLTq8*G)2=tV^E4p`?nfd71=g(w@);SJ-
zQ^&YA&^O3?x*xoKh;0YDdgfU+CpLUw732JFvI`=V+#rVQEHxbB)0=*nik-dR{n-zj
zl-U|ABEPhT;;P``X7ZtB^i|IaXQ*xNY4x97g`FJ4NxI6*+9iNLMiqhs6cmO!P@#Wi
z7I2z2CTI1LivrFchb;C3yILP+)*udP5*o%Bthgk7)uz~YPf69|Ij#3`vY(I(Jua80
zWC_?kv=`TAWIQ$`XP^yV{*ZANhSjmncz`^y^NnY7KfLuPD4DA_nlLU2XT0KsT#4;?
z#ZqyAV^_W}A2XEsc?yAVOk+xQFEFjX1Y@6Z<RSWBaTQIB|0>MZ;gX)E=yIvC$GE1l
zL6q;u1wyut_EAD{W2i%^{u&&BcB#*v-0<MD-S#962@&ugGwCyq*T;yjnZ@Vjs?k5t
zeYeu5(&0WxF`VKJHKa3`WQWBAyKp^>O12se=fZ71VjveL8Jac>g$VK1b9%~RS9dVP
zjCHR<Qg2HNI*5lC0*xfhm#>{``J~W$zL@h1)18HKLjuiS>{Xqz?K^wk)LgwxPBD$f
zJW7OV^tPZQqg;l#K%!Tv@dcwJIip=(k^#yg^K;cWO!hLkrn*Z@O+O3o8QeZgwF}15
z2Z5r1D>?%QQ-&1=z?^?u>JkrqOKKcKhI?Q~aMChg-<{luc&Ve(QrH(A@q}Hq(wby0
zeJC-M2AZ8PO3NglqxXa0=x*`E76sLr&}<HIrY~tW`42oC9KS9p@=}eW2gCmw5uX#6
zNP<3+1Th~jhzdrhDoc4|8<<O~1m7r`JchKPA(<i_&#%B2oCkvb1%tTI);u@1`N$|a
z+L+f{)HS|0<@wT$k~tOrIGDG7k%!4rC(>492v)(8`_=%7Dr3p{ylj5tp*o{)an!jo
zw%SV75GVKniUGW-?=o^9qXwYMjfpD2U~lT@^q6S;^4qUa2&jh>&up>Z`l5HP<4H`3
zU?KzyUSN(l$s56SH1DBMVW5@AQyoi|<J#VXJzyirLOxvGt#3msyEhe8=HJX1)ueh0
z80du25NM6kdJfn$=^*>#cfK5b=Qi+Rl%UHnU49s-r~7s?0bYb)eHIP$Nv`(<j;t*9
zsXE!OgG)qr{soZAbf$#>W|hb&AF2b*0}f<~sBYpY{N~y+Xnyo=i?G`6A$Sh90Ya7(
z9Dz~Q5={qg^Y$;ygd)^5(S0r#JH;}JI&PO}ab@Jm8~c)yiueZ-4vK{js*<b2Toz9m
z{@IYR{BYYi;SXP6SW@D2?*rqP>|2(2>MV2V3^#xVZdGZlA?q%^$g7$v0t*RiQ@TkR
yaX)_yWQC=JoJj>1B)^pTSZIsk`LaG_EA&sM8?>CzknQ3tc|HYWD6gcSF&z&U|N6iH

literal 0
HcmV?d00001

diff --git a/secrets/aws-credentials.age b/secrets/aws-credentials.age
new file mode 100644
index 0000000..aafd581
--- /dev/null
+++ b/secrets/aws-credentials.age
@@ -0,0 +1,11 @@
+age-encryption.org/v1
+-> X25519 j9CFK6quTBAviKfxt7nk/sdsTR/5swqEfqLgo7gjmTw
+BSrgJCxZY1nIOtjkzAdx60POzJ98IF5ryF1SLXKMgZk
+-> piv-p256 Kmn3OQ AwqKwTZh40d7YdbU3mMJFhKz75X/NKfXdBCzpKWf75uo
+FIuAwxkVMN12HoV7SN7iq1fOhqakL4Lbz5Wp/PabTO4
+-> F=1e<+J-grease pk rVDW+r/ Zme4
+y52QMNBhnOd9wwF4NauKUGkRCt99O7L+cqGD6od03cDf79bfsCxc0jyY7wW+fe9R
+TgFDwzdeRl4LQCL/3uH4bj+j
+--- zuMUxvMUyLES8iVG6tbdW/oU0bAaTDlRJwN7x+k6kTw
+Ê_Ï5ýZÄB£öÛù~Úi©Ç%B¸3RÕ›ËrÜËôê˜W<| ASƒ•=œ×³Û*IÁ~Þ»Ø¦y$¦äY´`Óp|F¨Èz?nR	ÄÂâÚ4h7y·Á#‘/r…Vy«|Ò¢B+~òBfÁƒ;±å|áÇWu¤$Y“E=ËÇIÁU'… ¬
+¯
\ No newline at end of file
diff --git a/secrets/nix-cache-privkey.age b/secrets/nix-cache-privkey.age
new file mode 100644
index 0000000000000000000000000000000000000000..5b663c3526a51a7ddbdeafc4a3cfa1c69f9a8fbe
GIT binary patch
literal 532
zcmWm7OK8(z003YI9!3uCBJ&`Fh~8pt6PqU0IZPjE)0U)Z(<F@t$>VRDN0YSaBh5r6
zj3Eem5HAV?J&5$+L2wANiy|KMB6tuV%m)YxV<%67xZOYaR1+kCrw^vV(DJ=A{=iI*
zQ7Ewj%NUNMS(tLLo`!I;QRA6H3>dp(@uQZVYZ6nNr0`tZWU5J?o{j_^a(%^UR>e-H
zVU_KQql2K!R#93BS+;<TBh;N(Xy{jD3uzq;fi+G97@mQvJ?|{X!&JX5aefR)(~k<h
z35%4cHAhouHrkitWS%87Ce_g$uO_7+C6x<8sgX?QDcl`lz^%&_LdpniS4>xRm5ywl
zq%wUe-A)}`6ZGUoJz)-j8Upxo$#mcjx2y^mE?t2&Xxapsl1&JpTPy1T7*-^T<)Bh*
zQ8Jk(2uCFpvN9}U241Jqp;?c;*lhFpKrmdql&WQ+WY~1|dKO5H$mc3V%Eqi-9PY=7
z1l-Vc8|kJkEmB)@)+bw&oJSbisMx`kK~v<Iz!$I~#jCLct?%An{VJTgzO&PPxv+JQ
z9b@yGPu-QnyGPy<YkTK!oNm)kHleK_uO59q&TOx)9TP=o_Z?Cvq$LR~`gaGt`Jad0
zY(H4P`tWaGe{sUN&Hj$-v%<HVAGC#k^xWPo-{-$?e43j1FRnfNb<6qlc=;Nm*o$);
Q&)w+g$Ja~mpPjq&A7mxL@&Et;

literal 0
HcmV?d00001

diff --git a/secrets/nix-cache-s3.env.age b/secrets/nix-cache-s3.env.age
new file mode 100644
index 0000000..3c32295
--- /dev/null
+++ b/secrets/nix-cache-s3.env.age
@@ -0,0 +1,11 @@
+age-encryption.org/v1
+-> X25519 pxQqMT3kixRevDw5AOugW61Stxpa54NPwdaMDf5ywBc
+emM75EuTf5bL1eueeWsmFfbEZDT5+27VzBOQgCfGzlw
+-> piv-p256 Kmn3OQ A92Zkli15jy0zZZiW+VYVi5apkhwXi5gZdGsfz4Nzrai
+wP2maNvDOmxxA6PMcj930SJLFnExpQHYOqWVXvh2g3o
+-> ,*$Gmjb-grease `Ob>AA UG\`RJP S @-2
++HbUwSV+W2xrg8coxxpvSQ+VfPGWfqr0HjtDmX3wCmCO0jpjqKqRCDEAsTj5oTKL
+MUOwTg
+--- Ib2BGSJRp6WTD55zNN072D+RFxRegKZhjXa48sKg3+Q
+ìLŸôÐô~\FþQ$Â€´¬šáûÌFõ²
+i¯ E±EØ®ÔMi[x¿/z ÒþŠ¢·ÿÃ×s‡ÆüÆg®l8· 6tÒìi]ø’¨0Èo6—¿%’ÆúáÜÐc/ïÃ+%Ô¹Œ~ùšHˆpPŽ‘%[úuQ;ÑˆŒ_[p_§²}ªw†È
\ No newline at end of file
diff --git a/secrets/rekeyed/endurance/50db29637a0b7d73f036321af22c8a9c-nix-cache-s3-env.age b/secrets/rekeyed/endurance/50db29637a0b7d73f036321af22c8a9c-nix-cache-s3-env.age
new file mode 100644
index 0000000000000000000000000000000000000000..5beee021fec1f12c0708dacba0897652939431ea
GIT binary patch
literal 348
zcmV-i0i*t5XJsvAZewzJaCB*JZZ2<fXD@a!3N1b$b8~1dWn?lnH8D9LFLf_vSwSFE
zM`UG6RCP8nGcjg%GH69YH#bO3Sa5hxP&rjcb~bHzFlS6_b7wPBMK}sKc}QquZ*fCK
zQ&L$rRY5j5FF0{QMO8;rOfhh0c}jRicvm<!VoYLbPBaQFJ|H!IEoX9NVRK~)Y<5Xv
zZ!1}4NOW&(W^HLlRx)^Pcu@*1EiE8dR!2ckPC|BeI5Jd0ZbwU3V>eAsGDuS}YG+4p
zdQ?GnPGdB4b!k{-S7!=T^{`6w6MW}ZID>4qi6-bU_=dU{DxJ(v3a&NcK!_i@>-o+m
zerFN4#Swk<@$Hctj;gIDUvuA#vXkuqzH(V68Ravs>bU0Bl*!tQECl1*8fQ`tIJg7^
utu&2$!v8f)u#9}=y^}A|Z_-h=-)f{?`nBG@E*@;84BS>@ByW+D7{`M>8i^MG

literal 0
HcmV?d00001

diff --git a/secrets/rekeyed/endurance/b26d17749592ba1595d566934c2ea6ba-nix-cache-privkey.age b/secrets/rekeyed/endurance/b26d17749592ba1595d566934c2ea6ba-nix-cache-privkey.age
new file mode 100644
index 0000000000000000000000000000000000000000..de73162170e6f208112cbef98cbc1fbc91adcb63
GIT binary patch
literal 475
zcmV<10VMumXJsvAZewzJaCB*JZZ2<fXD@a!3N1b$b8~1dWn?lnH8D9LFLf_vSwSFn
zW;bMQaawIyXnA^JQ&vWBHB3)7XlzeYNltcbLR3OCW=Sz*Lp63wSTG7$cy2N=M0jjf
zadS>#bt^JKZbWZ-Qf*jjQ+hdNR&HWSF<4J>S7>iiP&5iHJ|H-5Lqk$UMsF==a%Ew2
zWgvYiAX`8nU~VgKL}(&c3Qb~8HB&cdLsB?YcXKpRL~t^1Y*06PHgrZgcWY8*ZB9#7
zPBD6EPe)@{GI>v7aWPm@d1_)xT2OL!aZO`GP6}%)XhuYMFE)60Nl8m<MOHI(Fl<#e
zc}qo2N^y5}QEO64Gd6ZGFL^Lpb5dGHT4QEQYC={?cXUl+X*dckEiE8yIcG$3M=@+<
zL~BDrV^3FSMNfG&Ze%rbcWXFNQEy9TYj93UZ*ekmdNc~;06A)EIC(sp(R^S~`mFR=
zACy%h%JHKYZ~sf=5<=Y6$c0eO$2tNXx<U-+NZU|nZaagWa4Jk$xZr0{9BP15p}os$
zuE(rItdv>7yNi^Ulu9<(jeV@9AV_`D?koTo?CBcLya_-Z)F=w18g|=M*q7ect#@*-
RI5(Ka$NaBsT^eLX+@SNwvS$DQ

literal 0
HcmV?d00001

diff --git a/secrets/rekeyed/toph.endurance/0948f172d4f8ec095d92d6d65af01f5e-aws-credentials.age b/secrets/rekeyed/toph.endurance/0948f172d4f8ec095d92d6d65af01f5e-aws-credentials.age
new file mode 100644
index 0000000..6255616
--- /dev/null
+++ b/secrets/rekeyed/toph.endurance/0948f172d4f8ec095d92d6d65af01f5e-aws-credentials.age
@@ -0,0 +1,8 @@
+age-encryption.org/v1
+-> ssh-ed25519 Sih9FA DiICdXQXdFzjmLaO3TbZmurGr7rRlOyeyT4B6Q2hbgw
+AMltu9LuCxoev0zm5Ihoa0aSYVvs7SAD04NIF4gyMxw
+-> K0!Lf-grease AnUy
+q4vQ1RJdAeh03A
+--- g4sTWmo/FkvfmPBcfalOQE3FUapLvqYKLEfqDUvt2Yw
+*ñUäA†±=¾w1üƒ·&º*d©UÙÎs>a4¦s«˜hig€}K	Š»}ÒïàÆ8dÄþp‰¸œˆÔVë†bB¼•†TxéÊÈŒ0sˆüdÃ÷Q¿UR+
+nF?æÈÚ ýƒÏP'i¥Xœ²)¥UsÜq¶²EŒ~Êèi¥ûÀˆ=âµ|P.¥ùÁâ2
\ No newline at end of file