Create base test-corp environmnt

This creates more commonality between a nixos-anywhere bootstrapped
system and a locally built nixos image, which is good.

host/test-corp/configuration.nix

@@ -0,0 +1,12 @@
+{ config, lib, pkgs, ... }: {
+	imports = [
+		./hardware-configuration.nix
+		./networking.nix # generated at runtime by nixos-infect
+	];
+
+	myModules = {
+		cloud-init.enable = true;
+		do-agent.enable = true;
+	};
+	virtualisation.podman.enable = true;
+}

host/test-corp/hardware-configuration.nix

@@ -0,0 +1,9 @@
+{ modulesPath, ... }:
+{
+  imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
+  boot.loader.grub.device = "/dev/vda";
+  boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi" ];
+  boot.initrd.kernelModules = [ "nvme" ];
+  fileSystems."/" = { device = "/dev/vda1"; fsType = "ext4"; };
+  
+}

host/test-corp/networking.nix

@@ -0,0 +1,50 @@
+{ lib, ... }: {
+  # This file was populated at runtime with the networking
+  # details gathered from the active system.
+  networking = {
+    hostName = "corp";
+    defaultGateway = "159.89.144.1";
+    defaultGateway6 = {
+      address = "2604:a880:2:d1::1";
+      interface = "eth0";
+    };
+    dhcpcd.enable = false;
+    domain = "gleipnir.technology";
+    firewall.enable = false;
+    interfaces = {
+      eth0 = {
+        ipv4.addresses = [
+          { address="159.89.154.99"; prefixLength=20; }
+          { address="10.46.0.5"; prefixLength=16; }
+        ];
+        ipv4.routes = [ { address = "159.89.144.1"; prefixLength = 32; } ];
+        ipv6.addresses = [
+          { address="2604:a880:2:d1::7f9a:6001"; prefixLength=64; }
+          { address="fe80::d4a8:45ff:fe46:cd11"; prefixLength=64; }
+        ];
+        ipv6.routes = [ { address = "2604:a880:2:d1::1"; prefixLength = 128; } ];
+      };
+      eth1 = {
+        ipv4.addresses = [
+          { address="10.120.0.2"; prefixLength=20; }
+        ];
+        ipv6.addresses = [
+          { address="fe80::4ac:1fff:fe36:cb24"; prefixLength=64; }
+        ];
+      };
+    };
+    nameservers = [
+      "67.207.67.3"
+      "67.207.67.2"
+      "67.207.67.3"
+      "67.207.67.2"
+      "67.207.67.3"
+      "67.207.67.2"
+    ];
+    usePredictableInterfaceNames = lib.mkForce false;
+  };
+  services.udev.extraRules = ''
+    ATTR{address}=="d6:a8:45:46:cd:11", NAME="eth0"
+    ATTR{address}=="06:ac:1f:36:cb:24", NAME="eth1"
+  '';
+}

host/test-corp/secrets/secrets.yaml

@@ -0,0 +1,45 @@
+vikunja:
+    auth:
+        openid:
+            providers:
+                clientid: ENC[AES256_GCM,data:mg2upgLEQdpZEnwG76/INggkZmo6dQI1JQ2h1MtDqJZihXYpyCQlpQ==,iv:TgtzUXEyd9mlDTBujo8kVsrAhncVnCxBw3SzhNZxpG4=,tag:FkxmtHayYFfG/XOBNxgygQ==,type:str]
+                clientsecret: ENC[AES256_GCM,data:xcbWGC5HUUPECiKGr/ueQvphT3tzou5Wvl/RzqRXN3PLgFT/mZtenBrKlf/mjhSwGHkNJHdZrm6RAK3Uhu+FNFZalrAO2wR+YXoPIRKoBjNwmq2eO5nVIWpXNnkhME9Tzc2OwyafJ6+rFh84Oynx5/+Ely0v041iLM6LHXKSVVE=,iv:/lyeEUh3YH3QN7LFe83InVtywFP6ChlXYCASOfl/C4M=,tag:2gtFCCruyGbijH1njNnOsw==,type:str]
+    database:
+        host: ENC[AES256_GCM,data:1WYHQ+x+wJ+F5KXYuZ95HMoQCmVN6M+wQ6pIzMqFJgvcnIphq1/uePA0bAq87+b0lGSor0c4mPqkb28EUt6hOcYcEcoawViXrb7DscJGljddeUl9Dtc=,iv:u+AATslu+oUdSvPRu5xUMUYPlTDugyKpJARy7D3wurc=,tag:GBLHimUoJiInSvJ3guv+hA==,type:str]
+        password: ENC[AES256_GCM,data:CloDvjAt+N2B7ubewNQP1EdYhA==,iv:7g0W2EkFjAnw7d+VPDe6eiRv7XpriIg/0g53eRGDe3o=,tag:LrNAT2tqFOMJ1C3yrjIaaQ==,type:str]
+        user: ENC[AES256_GCM,data:/JsWYTb/YRQDyy0P,iv:N+slGsGKqD0is0WWNXxrTMAC/Puo4ZgHC7s2m7PzYNs=,tag:lO9wl1uHind1Y1jssySZBA==,type:str]
+    mailer:
+        fromemail: ENC[AES256_GCM,data:6R29Cxg29t68qgc48QZCAeF2eUPtt5795C/YdNY=,iv:EcF2zwvgs1IwlQlCoRsrfbsufRtslhY0Iyy+UdUwArI=,tag:6Dx4sp9t0qmzVGfuzGTAOQ==,type:str]
+        host: ENC[AES256_GCM,data:NxsCNMJMl1qG4EgbDfTS0maHHsQ8,iv:SOs/rGY8hq8AEW+bDUCulAbV4YGoF4mIdNX6qOL1/ik=,tag:9j7jey8e/jcKYXM3rsSqbA==,type:str]
+        port: ENC[AES256_GCM,data:nr+LpQ==,iv:6jtsaHr5FYmUL0Mw3HSeyeI4rnlHVSTdKWEDBNBDuwo=,tag:L89e9tUBJqpMQM82J2RG+w==,type:int]
+        password: ENC[AES256_GCM,data:8zQeI0GtMPTy+L4JjCwLePejy9KEfx2b,iv:hOWwnCKSLJ5Uuu17r35FH++WE7AM9F/cxc3e+ETkdRY=,tag:RDtZvrJp0p/qqRVM5xWDMA==,type:str]
+        username: ENC[AES256_GCM,data:II7dPDmoZGD05wwrupUR3nDWyMhZ3RGhSWwSwSA=,iv:C/X9W7RkV/rLfWsZf+PlIi5LWxIwnDRSDcpDVQsgyvE=,tag:IQf29fGa1HuBblkd1F/lnQ==,type:str]
+sops:
+    kms: []
+    gcp_kms: []
+    azure_kv: []
+    hc_vault: []
+    age:
+        - recipient: age1kgwk20cc6t68kqj5nhem6swvx6k4e7zjx2xdwy382360h8tdyqrq0nn3gf
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWUHhKNXYydHVPK3cxNzhj
+            TlgyOFc5QXlhOEdjcXhRR2x0UHNxbjQyWm5JCkxUcGgyZUpPT0kzejVjcDZFbU1M
+            aktLbFFsZE5PaCsvb1oxSjRSK2hZNzgKLS0tIGJnUWFMQWhWSWV2WkZVMFBsN09a
+            bXNjYThSVkxRaHVCUzBFVWUwMWJDV00KS8CbS1qaS44PceePrLRzNW1ykCxOdeH+
+            d0QMQIb73/n1MIDyqBX/zIIqEGsvBKqOX3JQ7U2G62opHnosGBFN0A==
+            -----END AGE ENCRYPTED FILE-----
+        - recipient: age1z8gnjnye5d0czrluvvs468h05sjugcdapngdmjpwlk6l26y2n3asa0phg7
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4ZU1Wby9RL1pXS0tweTZ5
+            aCtGQUw0NjRMYXFzSjF1TDhPWnZLVWdlM21RCnBSSnhZYkRHQkp3VFVGbGpNMHpB
+            NWhTMXlXa1Ewb1JpTENDWTJ4U0R6MncKLS0tIDdLSjJpTnZ3QUlDVUtldmdmenNH
+            OEdlQmtPdDAyZlRUbU1oVWR3Y1U2ak0Kt+IIpRpTz+VcG4Iur2UcP91t7r79qNet
+            9oDJxwta0DmbjHN/PIaqzrObJzeijGWpiILBN6RvB1HQ+4Gdi1FWUA==
+            -----END AGE ENCRYPTED FILE-----
+    lastmodified: "2025-05-09T18:49:41Z"
+    mac: ENC[AES256_GCM,data:0OFrVM/sqkpVDtB7PxizOnRhcbZUjrSpA24jC9ViD7sueSe633fSfGEJTsUvF/RqUniVWTyWghVstS2HzhxORElQ0ZNjqD7K1GBkNK5XGzfo/aRQ+MWFu0g1Fu7wUe+Yc6ZAF0yExQgpl10Gt9tZysCcwlEFZIYOFWwyY8SiVtU=,iv:xvcsIQij3H16IJOfH0RjwPJKk0KbmnAupDQ1ozHDmOA=,tag:ozr9gaBinE9PF77N9a6UVQ==,type:str]
+    pgp: []
+    unencrypted_suffix: _unencrypted
+    version: 3.9.4