Add Twinkle Hub MCP secret

Sync vault from vault.yml.text
Clarify zip password file diagnostics
2026-06-03 08:12:57 +08:00 · 2026-05-22 16:36:44 +08:00 · 2026-05-15 08:22:17 +08:00 · 2026-05-15 08:18:07 +08:00 · 2026-05-14 21:03:48 +08:00 · 2026-05-14 20:31:58 +08:00
16 changed files with 1799 additions and 218 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -7,3 +7,12 @@ __pycache__/
 .DS_Store
 .vault_pass.txt
 secrets/plaintext/
 # Local plaintext vault password must never be committed
 vault-pass.txt
 secrets/vault-pass.txt
 # Placeholder marker generated when password archive is absent
 secrets/vault-pass.txt.zip.PLACEHOLDER
 # Local installer env overrides with real secrets
 install.local.env
 *.secret.env
--- a/README.md
+++ b/README.md
@@ -1,19 +1,99 @@
 # Agent Secret Vault
-這個 repo 專門存放本地 AI agent 開發會用到的機密管理機制。
+本 repo 專門管理本地 AI agent / worker 需要的機密資料。
-核心設計：
+## 核心設計
 - 使用 `ansible-vault` 作為加密格式
 - 加密檔可進 git
 - vault password file 只放在本機
 - 多個 agent 透過統一腳本存取 secrets
-## 內容
+- 使用 `ansible-vault` 加密 `secrets/vault.yml`
- `scripts/vault.sh`：初始化、檢視、編輯、加密、解密、rekey
+- 加密後的 `secrets/vault.yml` 可以進 git
- `docs/secret-vault.md`：使用說明與設計原則
+- vault password file 放在本機：`~/.config/vault-pass.txt`
- `secrets/vault.yml`：加密後 secrets 檔
+- 新機器可透過 repo 內的密碼保護壓縮檔 `secrets/vault-pass.txt.zip` 安裝 password file
 - 多個 agent 透過統一腳本讀取 secrets，不各自發明 credential 管理方式
-## 目標
+## 主要文件
- 讓 Hermes / OpenClaw / cron worker / 其他本地 agent 共用同一套 secret storage contract
+
- 不把明文 secret 留在 repo
+- 人類使用指南：[`docs/human-guide.md`](docs/human-guide.md)
- 不讓每個 agent 各自發明一套 credential 管理方式
+- Agent 安裝 Runbook：[`docs/agent-install-runbook.md`](docs/agent-install-runbook.md)
 - Agent 整合補充：[`docs/agent-integration.md`](docs/agent-integration.md)
 - Vault 基礎說明：[`docs/secret-vault.md`](docs/secret-vault.md)
 ## 安裝設定檔
 Repo 內提供：
 - `install.env.example`：給人類/agent 複製參考
 - `install.env`：空值 placeholder；安裝前先填入 vault-pass 來源設定
 常用變數說明：
 | 變數 | 用途 | 範例 |
 |---|---|---|
 | `VAULT_PASS_FILE` | 最後要產生/使用的 vault password file 路徑 | `$HOME/.config/vault-pass.txt` |
 | `INSTALL_VAULT_PASS_METHOD` | 指定安裝方式；可填 `create`、`manual`、`url`、`archive` | `url` |
 | `VAULT_PASS_URL` | 當 method=`url` 時，從這個 URL 下載 `vault-pass.txt` | `https://example.com/one-time/vault-pass.txt` |
 | `VAULT_PASS_ZIP_PASSWORD_FILE` | 當 method=`archive` 時，讀取 zip 密碼的本機檔案路徑；比直接寫密碼安全 | `/secure/path/zip-password.txt` |
 | `VAULT_PASS_ZIP_PASSWORD` | 當 method=`archive` 時，直接提供 zip 密碼；只適合安全 shell，不建議寫進可提交檔案 | `...` |
 | `VAULT_PASS_CONTENT` | 當 method=`manual` 時，直接提供 `vault-pass.txt` 內容；高風險，只適合受控環境 | `...` |
 | `VAULT_PASS_ARCHIVE` | 覆寫密碼保護 zip 的路徑；預設是 `secrets/vault-pass.txt.zip` | `/path/to/vault-pass.txt.zip` |
 安裝方式含義：
 - `create`：產生新的 vault password；只適合全新 vault，既有 vault 無法解密時不會自動覆蓋。
 - `manual`：由人類輸入或用 `VAULT_PASS_CONTENT` 提供 vault password 內容。
 - `url`：從 `VAULT_PASS_URL` 下載 `vault-pass.txt`；適合一次性 URL / 內網安全下載。
 - `archive`：從密碼保護 zip 解出 `vault-pass.txt`；密碼可放在 `VAULT_PASS_ZIP_PASSWORD_FILE` 或 `VAULT_PASS_ZIP_PASSWORD`。
 `install.env` 不應填入真實 secrets 後再 commit；若要保存本機私密設定，使用 `install.local.env` 並透過 `INSTALL_ENV_FILE=install.local.env` 指定。
 ## 安裝流程（先設定 env）
 安裝前請先設定 `install.env`，再檢查 env 是否足夠，最後才正式安裝：
 ```bash
 cp -n install.env.example install.env
 editor install.env
 ./scripts/install-vault-pass.sh --check-env
 ./scripts/install-vault-pass.sh
 ```
 `install.env` 範例：
 ```bash
 # 例：用一次性 URL 安裝 vault-pass.txt
 INSTALL_VAULT_PASS_METHOD="url"
 VAULT_PASS_URL="https://example.com/one-time/vault-pass.txt"
 ```
 ## 全自動 agent 安裝
 Agent / CI 也應優先設定 `install.env` 或 `INSTALL_ENV_FILE`，不要直接進互動選單：
 ```bash
 INSTALL_ENV_FILE=install.local.env ./scripts/install-vault-pass.sh --check-env
 INSTALL_ENV_FILE=install.local.env ./scripts/install-vault-pass.sh
 ```
 ## 常用指令
 ```bash
 # 安裝 vault password file（會要求輸入壓縮檔密碼）
 ./scripts/install-vault-pass.sh
 # 維護者建立密碼保護壓縮檔
 ./scripts/create-vault-pass-archive.sh
 # 檢視 vault
 ./scripts/vault.sh view
 # 編輯 vault
 ./scripts/vault.sh edit
 # 讀單一 secret
 ./scripts/get-secret.sh openclaw_alice.http_nodes.gitea.password
 ```
 ## 安全原則
 - 不要把 `~/.config/vault-pass.txt` commit 到 git
 - 不要把解密後完整 YAML 貼到 chat/log
 - Agent 回報時只回報 key path、commit hash、驗證方式，不回報 secret value
--- a/docs/agent-install-runbook.md
+++ b/docs/agent-install-runbook.md
@@ -0,0 +1,255 @@
 # Agent 安裝 Runbook：agent-secret-vault
 這份文件給 AI agent / cron worker / automation 使用。目標：把 `agent-secret-vault` 安裝好、缺檔時建立 placeholder、並能安全讀取 secrets。
 ## 安全規則
 - 不要把 secret value、vault password、token、private key 印到 chat / log / 工單 comment。
 - 不要 dump 整份解密後的 `secrets/vault.yml`。
 - 只讀取任務所需的單一欄位。
 - 所有暫存解密檔用完立即刪除。
 ## 目標路徑
 - Repo：`~/projects/agent-secret-vault`
 - Vault 檔：`~/projects/agent-secret-vault/secrets/vault.yml`
 - Vault password file：`~/.config/vault-pass.txt`
 - 可覆寫環境變數：`VAULT_PASS_FILE=/custom/path`
 ## 1. 安裝系統依賴
 ```bash
 sudo apt update
 sudo apt install -y git ansible unzip
 ```
 驗證：
 ```bash
 command -v git
 command -v ansible-vault
 command -v unzip
 ```
 ## 2. Clone repo
 ```bash
 mkdir -p ~/projects
 cd ~/projects
 if [ ! -d agent-secret-vault/.git ]; then
  git clone ssh://git@gitea.cowbay.org:2203/hermes/agent-secret-vault.git
 fi
 cd agent-secret-vault
 ```
 若 clone 失敗，建立 placeholder 讓後續步驟可明確回報缺什麼：
 ```bash
 mkdir -p ~/projects/agent-secret-vault/{scripts,secrets,docs}
 cat > ~/projects/agent-secret-vault/README.PLACEHOLDER.md <<'PLACEHOLDER'
 # Placeholder
 agent-secret-vault repo 尚未成功 clone。
 需要 Gitea SSH 權限：ssh://git@gitea.cowbay.org:2203/hermes/agent-secret-vault.git
 PLACEHOLDER
 ```
 然後回報人類：需要把此 agent / 機器的 SSH public key 加到 Gitea 或 deploy key。
 ## 2.5 設定 installer env
 Repo 內提供兩個 env 檔：
 ```text
 install.env.example  # 範本
 install.env          # 安裝用 placeholder
 ```
 安裝前必須先設定 `install.env`（或指定 `INSTALL_ENV_FILE`），不要跳過這一步：
 ```bash
 cd ~/projects/agent-secret-vault
 cp -n install.env.example install.env
 editor install.env
 ```
 常用設定：
 ```bash
 # 一次性 URL 下載 vault-pass.txt
 INSTALL_VAULT_PASS_METHOD="url"
 VAULT_PASS_URL="https://example.com/one-time/vault-pass.txt"
 # 或：zip 密碼放在本機安全檔案
 INSTALL_VAULT_PASS_METHOD="archive"
 VAULT_PASS_ZIP_PASSWORD_FILE="/secure/path/zip-password.txt"
 ```
 注意：`VAULT_PASS_ZIP_PASSWORD_FILE` 必須指向「只包含 zip 密碼的一行純文字檔」。不要把它指到 `secrets/vault-pass.txt.zip`（zip 壓縮檔本身）、`~/.config/vault-pass.txt`（Ansible Vault password file）、私鑰、或任何二進位檔。若 installer 報告檔案含 NUL bytes，通常就是路徑指錯了；請改成正確的 zip 密碼文字檔，或改用 `VAULT_PASS_ZIP_PASSWORD` / `url` / `manual` 方法。
 若需要使用另一個 env 檔：
 ```bash
 INSTALL_ENV_FILE=install.local.env ./scripts/install-vault-pass.sh
 ```
 不要把含真實密碼/token 的 env 檔 commit。
 執行安裝前可先檢查 env 是否足夠非互動安裝：
 ```bash
 ./scripts/install-vault-pass.sh --check-env
 ```
 若輸出顯示 env 不足，先補齊 env；只有人類在本機 terminal 操作時才允許進入互動提示。AI agent / CI 不應直接進互動流程。
 ## 3. 安裝 vault password file
 標準位置：
 ```text
 ~/.config/vault-pass.txt
 ```
 執行 installer 前再次確認 env，然後安裝：
 ```bash
 cd ~/projects/agent-secret-vault
 ./scripts/install-vault-pass.sh --check-env
 ./scripts/install-vault-pass.sh
 ```
 installer 會先判斷 `~/.config/vault-pass.txt` 是否已存在：
 - 若已存在：保留現有檔案、修正權限為 `600`，並嘗試驗證能否解開 `secrets/vault.yml`。
 - 若不存在：提示使用者選擇 4 種建立方式。
 ### 缺檔時的 4 種方式
 1. **建立新密碼並初始化 placeholder vault**
   - 適合全新 repo / 全新環境。
   - installer 會產生新的 `~/.config/vault-pass.txt`。
   - 若 `secrets/vault.yml` 不存在，會建立加密 placeholder。
   - 若既有 `secrets/vault.yml` 無法用新密碼解開，installer 不會覆蓋它，避免破壞既有 secrets。
 2. **使用者自行輸入 vault-pass.txt 內容**
   - installer 會用 hidden input 讀取一行密碼內容。
   - 寫入 `~/.config/vault-pass.txt`，權限設為 `600`。
 3. **使用者輸入 vault-pass.txt URL，自動下載**
   - installer 會提示輸入 `http://` 或 `https://` URL。
   - 用 `curl` 或 `wget` 下載到 `~/.config/vault-pass.txt`。
   - 只適合可信的一次性下載 URL。
 4. **解壓 repo 內既有密碼保護 zip**
   - 預設讀取：`secrets/vault-pass.txt.zip`。
   - zip 內必須包含檔名：`vault-pass.txt`。
   - installer 會要求使用者在自己的 terminal 手動輸入 zip 密碼。
 ### 若壓縮檔不存在
 建立 placeholder，不要自行編造密碼：
 ```bash
 mkdir -p ~/projects/agent-secret-vault/secrets
 cat > ~/projects/agent-secret-vault/secrets/vault-pass.txt.zip.PLACEHOLDER <<'PLACEHOLDER'
 Missing file: secrets/vault-pass.txt.zip
 Purpose: password-protected archive containing vault-pass.txt
 Action: ask human maintainer to provide this archive or use installer method 1/2/3.
 PLACEHOLDER
 ```
 然後回報人類：缺 `secrets/vault-pass.txt.zip`，或請人類選擇 installer 方法 1/2/3。
 ### 若要用非預設路徑
 ```bash
 export VAULT_PASS_FILE=/path/to/vault-pass.txt
 ./scripts/install-vault-pass.sh
 ```
 ### Agent 全自動安裝（避免卡在互動密碼）
 若安裝由 AI agent / CI 執行，不要走互動 prompt。優先把設定寫進 `install.env` 或 `install.local.env`，也可用以下任一非互動方式：
 ```bash
 # 方式 A：從安全 URL 下載 vault-pass.txt
 INSTALL_VAULT_PASS_METHOD=url \
 VAULT_PASS_URL="https://example.com/one-time/vault-pass.txt" \
 ./scripts/install-vault-pass.sh
 # 方式 B：從密碼保護 zip 解壓，zip 密碼放在本機安全檔案
 # /secure/path/zip-password.txt 必須是純文字，內容只有 zip 密碼本身；
 # 不可指到 secrets/vault-pass.txt.zip 或 ~/.config/vault-pass.txt。
 INSTALL_VAULT_PASS_METHOD=archive \
 VAULT_PASS_ZIP_PASSWORD_FILE=/secure/path/zip-password.txt \
 ./scripts/install-vault-pass.sh
 # 方式 C：從密碼保護 zip 解壓，zip 密碼用環境變數帶入（避免寫入 chat/log）
 INSTALL_VAULT_PASS_METHOD=archive \
 VAULT_PASS_ZIP_PASSWORD="..." \
 ./scripts/install-vault-pass.sh
 # 方式 D：直接提供 vault-pass.txt 內容（只適合安全 runtime，不可印 log）
 INSTALL_VAULT_PASS_METHOD=manual \
 VAULT_PASS_CONTENT="..." \
 ./scripts/install-vault-pass.sh
 ```
 推薦順序：URL 一次性下載 > `VAULT_PASS_ZIP_PASSWORD_FILE` > `VAULT_PASS_ZIP_PASSWORD` > `VAULT_PASS_CONTENT`。
 ## 4. 驗證安裝
 ```bash
 cd ~/projects/agent-secret-vault
 ansible-vault view secrets/vault.yml --vault-password-file ~/.config/vault-pass.txt >/dev/null
 ```
 成功：exit code 0。失敗時只回報錯誤摘要，不要輸出密碼或 vault 內容。
 ## 5. 讀取單一 secret
 ```bash
 cd ~/projects/agent-secret-vault
 ./scripts/get-secret.sh <dot.path>
 ```
 範例：
 ```bash
 ./scripts/get-secret.sh gitea.api_token
 ./scripts/get-secret.sh openclaw_alice.http_nodes.gitea.password
 ```
 把輸出直接交給需要 secret 的動作使用；不要貼到 chat / log。
 ## 6. Worker 需要 env 時
 ```bash
 cd ~/projects/agent-secret-vault
 umask 077
 ./scripts/render-env.sh gitea > /tmp/gitea.env
 set -a
 . /tmp/gitea.env
 set +a
 rm -f /tmp/gitea.env
 ```
 使用完如果擔心環境被 dump，執行 `unset` 清掉相關變數。
 ## 7. 更新 secret 的 agent 流程
 只有在人類明確要求更新 secrets 時才做：
 ```bash
 cd ~/projects/agent-secret-vault
 git pull --ff-only
 ./scripts/vault.sh edit
 ansible-vault view secrets/vault.yml --vault-password-file ~/.config/vault-pass.txt >/dev/null
 git add secrets/vault.yml
 git commit -m "Update secret <key-name>"
 git push
 ```
 回報只包含 key 名稱、commit hash、驗證方式；不要包含 secret value。
--- a/docs/agent-integration.md
+++ b/docs/agent-integration.md
@@ -5,7 +5,7 @@
 ## 基本資訊
 - vault 位置：`~/projects/agent-secret-vault/secrets/vault.yml`
- vault password 位置：`~/.config/continuous-ai-workflow-spec/vault-pass.txt`
+- vault password 位置：`~/.config/vault-pass.txt`
 - 加密格式：ansible-vault（AES256）
 ## Agent 讀取 secrets 的方法
@@ -64,7 +64,7 @@ cd ~/projects/agent-secret-vault
 確認：
 ```bash
-chmod 600 ~/.config/continuous-ai-workflow-spec/vault-pass.txt
+chmod 600 ~/.config/vault-pass.txt
 ```
 ### 3. ansible-vault not found
--- a/docs/human-guide.md
+++ b/docs/human-guide.md
@@ -0,0 +1,227 @@
 # 人類使用指南：agent-secret-vault
 這份文件給人類維護者看：如何安裝、操作，以及如何用自然語言指示 agent 管理 secrets。
 ## 這是什麼
 `agent-secret-vault` 是本地 AI agent 共用的機密資料 repo。
 - 加密資料：`secrets/vault.yml`
 - 加密格式：Ansible Vault
 - 解密鑰匙：`~/.config/vault-pass.txt`
 - Repo：`ssh://git@gitea.cowbay.org:2203/hermes/agent-secret-vault.git`
 `secrets/vault.yml` 可以進 git；`~/.config/vault-pass.txt` 不可以進 git。
 ## 安裝
 ```bash
 sudo apt update
 sudo apt install -y git ansible unzip
 mkdir -p ~/projects
 cd ~/projects
 git clone ssh://git@gitea.cowbay.org:2203/hermes/agent-secret-vault.git
 cd agent-secret-vault
 ```
 接著先設定 installer env，再安裝 vault password file：
 ```bash
 cp -n install.env.example install.env
 editor install.env
 ./scripts/install-vault-pass.sh --check-env
 ./scripts/install-vault-pass.sh
 ```
 重點：先填 `install.env`。若 `--check-env` 顯示資訊不足，先補齊 `INSTALL_VAULT_PASS_METHOD` 與對應欄位，不要直接進互動流程。
 installer 會先檢查：
 ```text
 ~/.config/vault-pass.txt
 ```
 如果已存在，會保留並驗證。若不存在，會讓你選 4 種方式：
 1. 建立新 vault password，並在需要時建立加密 placeholder vault。
 2. 手動輸入 vault-pass.txt 的內容。
 3. 輸入 vault-pass.txt 的 URL，讓 installer 自動下載。
 4. 解壓 repo 內既有的密碼保護檔 `secrets/vault-pass.txt.zip`。
 若選第 4 種，請在你自己的 terminal 輸入 zip 密碼；Telegram / chat 不能輸入到 agent 的工具互動提示。
 驗證：
 ```bash
 ./scripts/vault.sh view
 ```
 ## 建立安裝用密碼保護壓縮檔
 維護者若要讓其他 agent / 機器安裝，先在已可解密的機器上執行：
 ```bash
 cd ~/projects/agent-secret-vault
 ./scripts/create-vault-pass-archive.sh
 git add secrets/vault-pass.txt.zip
 git commit -m "Add vault password archive"
 git push
 ```
 腳本會要求互動輸入 zip 密碼。這個 zip 密碼不要寫進 repo、chat 或 log；交給安裝者時用另外的安全渠道。
 ## 安裝時設定 vault-pass
 安裝流程要求先填 repo 內的 env 檔：
 ```bash
 cd ~/projects/agent-secret-vault
 cp -n install.env.example install.env
 editor install.env
 ./scripts/install-vault-pass.sh --check-env
 ./scripts/install-vault-pass.sh
 ```
 `install.env` 可設定：
 - `INSTALL_VAULT_PASS_METHOD=url` + `VAULT_PASS_URL=...`
 - `INSTALL_VAULT_PASS_METHOD=archive` + `VAULT_PASS_ZIP_PASSWORD_FILE=...`
 - `INSTALL_VAULT_PASS_METHOD=manual` + `VAULT_PASS_CONTENT=...`
 - `INSTALL_VAULT_PASS_METHOD=create`
 若 env 內含真實 secrets，不要 commit。可改用 `install.local.env`，再執行：
 ```bash
 INSTALL_ENV_FILE=install.local.env ./scripts/install-vault-pass.sh --check-env
 ./scripts/install-vault-pass.sh
 ```
 ## 給 agent 的全自動安裝方式
 如果目標是「AI agent 直接安裝，不要卡在互動輸入密碼」，請不要讓 agent 選互動 zip 解壓。改用環境變數指定方法：
 ```bash
 # 一次性 URL 下載
 INSTALL_VAULT_PASS_METHOD=url \
 VAULT_PASS_URL="https://example.com/one-time/vault-pass.txt" \
 ./scripts/install-vault-pass.sh
 # 或：zip 密碼放在本機安全檔案
 INSTALL_VAULT_PASS_METHOD=archive \
 VAULT_PASS_ZIP_PASSWORD_FILE=/secure/path/zip-password.txt \
 ./scripts/install-vault-pass.sh --check-env
 ./scripts/install-vault-pass.sh
 ```
 不要把 zip 密碼或 vault-pass 內容貼在聊天裡；應由目標機器的 secret manager、一次性 URL 或本機安全檔提供。
 ## 常用人工操作
 ### 查看 vault
 ```bash
 cd ~/projects/agent-secret-vault
 ./scripts/vault.sh view
 ```
 ### 編輯 vault
 ```bash
 cd ~/projects/agent-secret-vault
 git pull --ff-only
 ./scripts/vault.sh edit
 git add secrets/vault.yml
 git commit -m "Update secrets"
 git push
 ```
 ### 讀單一 secret
 ```bash
 ./scripts/get-secret.sh gitea.api_token
 ./scripts/get-secret.sh openclaw_alice.http_nodes.gitea.password
 ```
 ## 用自然語言請 agent 操作 secrets
 你可以直接對 agent 下這類命令：
 ### 查詢但不要顯示 secret
 ```text
 幫我確認 agent-secret-vault 裡有沒有 gitea.api_token，不要把 token 印出來。
 ```
 Agent 應該只回報「有 / 沒有」與使用的 key path，不應顯示 token。
 ### 使用 secret 去登入或呼叫 API
 ```text
 用 agent-secret-vault 裡的 openclaw_alice.http_nodes.gitea 帳密登入 Gitea，登入成功後回報狀態，不要把帳密貼出來。
 ```
 Agent 可以讀取 secret 並用於 browser/API，但不能把 secret value 回傳聊天。
 ### 新增 secret
 ```text
 幫我把新的 API token 加到 agent-secret-vault，key 放在 openclaw_alice.http_nodes.example_service.api_token；先 git pull，更新後驗證可讀，再 commit/push。不要在回報中顯示 token。
 ```
 如果 token 需要由你提供，請用安全渠道或互動輸入；不要把高敏感 token 直接貼到公開群組。
 ### 修改 secret
 ```text
 把 agent-secret-vault 裡 openclaw_alice.http_nodes.gitea.password 更新成我等一下提供的新密碼；完成後只回報 commit hash 和驗證方式。
 ```
 ### 列出 key 結構
 ```text
 列出 agent-secret-vault 目前有哪些 top-level sections 和 key 名稱，不要顯示任何 password/token/secret/private_key 的值。
 ```
 ## Agent 應遵守的回報格式
 完成更新後，agent 回報應包含：
 - 更新的 key path
 - repo path
 - commit hash
 - 驗證方式，例如 `./scripts/get-secret.sh <key>` 成功
 不應包含：
 - secret value
 - vault password
 - 解密後完整 YAML
 ## 故障排除
 ### `Decryption failed`
 通常是 `~/.config/vault-pass.txt` 不存在、權限不對、或內容不是正確密碼。
 檢查：
 ```bash
 ls -l ~/.config/vault-pass.txt
 ```
 權限應為 `600`。
 ### `secrets/vault-pass.txt.zip` 不存在
 代表 repo 裡沒有安裝用的密碼保護壓縮檔。請由維護者建立並提交到私有 repo，或用其他安全方式提供 vault password file。
 ### Gitea clone/push 失敗
 檢查：
 ```bash
 ssh -T -p 2203 git@gitea.cowbay.org
 ```
 通常需要把該機器的 SSH public key 加到 Gitea。
--- a/docs/secret-vault.md
+++ b/docs/secret-vault.md
@@ -4,7 +4,7 @@
 ## 設計
 - 加密檔：`secrets/vault.yml`
- 本機 vault password file：`~/.config/continuous-ai-workflow-spec/vault-pass.txt`
+- 本機 vault password file：`~/.config/vault-pass.txt`
 - 管理腳本：`scripts/vault.sh`
 ## 原則
--- a/install.env
+++ b/install.env
@@ -0,0 +1,10 @@
 # Local installer config for agent-secret-vault.
 # Fill this file before running ./scripts/install-vault-pass.sh.
 # WARNING: this file may contain secrets. Do not commit real values.
 VAULT_PASS_FILE="$HOME/.config/vault-pass.txt"
 INSTALL_VAULT_PASS_METHOD=""
 VAULT_PASS_CONTENT=""
 VAULT_PASS_URL=""
 VAULT_PASS_ZIP_PASSWORD_FILE=""
 VAULT_PASS_ZIP_PASSWORD=""
--- a/install.env.example
+++ b/install.env.example
@@ -0,0 +1,35 @@
 # agent-secret-vault installer env template
 #
 # Usage:
 #   cp install.env.example install.env
 #   editor install.env
 #   ./scripts/install-vault-pass.sh
 #
 # Keep real install.env private. It may contain secrets.
 # Where to install/read the Ansible Vault password file.
 VAULT_PASS_FILE="$HOME/.config/vault-pass.txt"
 # Choose one method: create | manual | url | archive
 # Leave empty for interactive menu.
 INSTALL_VAULT_PASS_METHOD=""
 # Method: manual
 # Direct vault-pass.txt content. Avoid this unless running in a secure local shell.
 VAULT_PASS_CONTENT=""
 # Method: url
 # One-time HTTPS URL containing vault-pass.txt.
 VAULT_PASS_URL=""
 # Method: archive
 # Password-protected zip path defaults to secrets/vault-pass.txt.zip.
 # Put the ZIP ARCHIVE PASSWORD in a local plaintext file when possible.
 # This must be a small text file containing only the zip password.
 # Do NOT point this to secrets/vault-pass.txt.zip, ~/.config/vault-pass.txt,
 # a private key, or any binary/archive file.
 VAULT_PASS_ZIP_PASSWORD_FILE=""
 # Method: archive fallback
 # Inline zip password. Avoid in shared shells/logging environments.
 VAULT_PASS_ZIP_PASSWORD=""
--- a/scripts/create-vault-pass-archive.sh
+++ b/scripts/create-vault-pass-archive.sh
@@ -0,0 +1,50 @@
 #!/usr/bin/env bash
 set -euo pipefail
 REPO_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
 SRC="${VAULT_PASS_FILE:-$HOME/.config/vault-pass.txt}"
 OUT="${1:-$REPO_DIR/secrets/vault-pass.txt.zip}"
 usage() {
  cat <<USAGE
 Usage: scripts/create-vault-pass-archive.sh [output.zip]
 Creates a password-protected archive containing vault-pass.txt.
 Default source:
  ${VAULT_PASS_FILE:-$HOME/.config/vault-pass.txt}
 Default output:
  $REPO_DIR/secrets/vault-pass.txt.zip
 The zip password is entered interactively. Do not print it in logs/chat.
 USAGE
 }
 if [ "${1:-}" = "-h" ] || [ "${1:-}" = "--help" ]; then
  usage
  exit 0
 fi
 if [ ! -f "$SRC" ]; then
  echo "Missing source vault password file: $SRC" >&2
  exit 2
 fi
 if ! command -v zip >/dev/null 2>&1; then
  echo "Missing dependency: zip" >&2
  echo "Install it with: sudo apt install -y zip" >&2
  exit 3
 fi
 mkdir -p "$(dirname "$OUT")"
 tmpdir="$(mktemp -d)"
 cleanup() { rm -rf "$tmpdir"; }
 trap cleanup EXIT
 install -m 600 "$SRC" "$tmpdir/vault-pass.txt"
 (
  cd "$tmpdir"
  # zip prompts for archive password interactively.
  zip -e -q "$OUT" vault-pass.txt
 )
 chmod 600 "$OUT"
 echo "Created password-protected archive: $OUT"
--- a/scripts/get-secret.sh
+++ b/scripts/get-secret.sh
@@ -3,7 +3,7 @@ set -euo pipefail
 REPO_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
 VAULT_FILE="${VAULT_FILE:-$REPO_DIR/secrets/vault.yml}"
-VAULT_PASS_FILE="${VAULT_PASS_FILE:-$HOME/.config/continuous-ai-workflow-spec/vault-pass.txt}"
+VAULT_PASS_FILE="${VAULT_PASS_FILE:-$HOME/.config/vault-pass.txt}"
 usage() {
  cat <<EOF
--- a/scripts/install-vault-pass.sh
+++ b/scripts/install-vault-pass.sh
@@ -0,0 +1,406 @@
 #!/usr/bin/env bash
 set -euo pipefail
 REPO_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
 DEST="${VAULT_PASS_FILE:-$HOME/.config/vault-pass.txt}"
 ARCHIVE="${1:-$REPO_DIR/secrets/vault-pass.txt.zip}"
 VAULT_FILE="${VAULT_FILE:-$REPO_DIR/secrets/vault.yml}"
 ENV_FILE="${INSTALL_ENV_FILE:-$REPO_DIR/install.env}"
 load_env_file() {
  if [ -f "$ENV_FILE" ]; then
    set -a
    # shellcheck disable=SC1090
    . "$ENV_FILE"
    set +a
  fi
 }
 load_env_file
 # Re-apply env-configurable paths after loading install.env.
 DEST="${VAULT_PASS_FILE:-$HOME/.config/vault-pass.txt}"
 ARCHIVE="${VAULT_PASS_ARCHIVE:-${1:-$REPO_DIR/secrets/vault-pass.txt.zip}}"
 VAULT_FILE="${VAULT_FILE:-$REPO_DIR/secrets/vault.yml}"
 # Optional non-interactive controls:
 #   INSTALL_VAULT_PASS_METHOD=create|manual|url|archive
 #   VAULT_PASS_CONTENT=<content>          (for method=manual)
 #   VAULT_PASS_URL=<https-url>            (for method=url)
 #   VAULT_PASS_ZIP_PASSWORD=<password>    (for method=archive; avoid chat/log)
 #   VAULT_PASS_ZIP_PASSWORD_FILE=<path>   (for method=archive; safer than env)
 usage() {
  cat <<USAGE
 Usage: scripts/install-vault-pass.sh [archive.zip]
 Loads installer env from:
  ${INSTALL_ENV_FILE:-$REPO_DIR/install.env}
 Override with:
  INSTALL_ENV_FILE=/path/to/install.env ./scripts/install-vault-pass.sh
 Installs the Ansible Vault password file to:
  ${VAULT_PASS_FILE:-$HOME/.config/vault-pass.txt}
 Interactive behavior:
  1. If the password file already exists, keep it and verify permissions.
  2. If missing, prompt the user to choose one of four setup methods:
     [1] Create a new vault password and initialize/re-encrypt vault.yml
     [2] Paste/type vault-pass.txt content manually
     [3] Download vault-pass.txt from a user-provided URL
     [4] Extract vault-pass.txt from a password-protected zip archive
 Non-interactive agent mode (via install.env or environment variables):
  INSTALL_VAULT_PASS_METHOD=create ./scripts/install-vault-pass.sh
  VAULT_PASS_CONTENT='...' INSTALL_VAULT_PASS_METHOD=manual ./scripts/install-vault-pass.sh
  VAULT_PASS_URL='https://...' INSTALL_VAULT_PASS_METHOD=url ./scripts/install-vault-pass.sh
  VAULT_PASS_ZIP_PASSWORD_FILE=/secure/pass INSTALL_VAULT_PASS_METHOD=archive ./scripts/install-vault-pass.sh
  VAULT_PASS_ZIP_PASSWORD='...' INSTALL_VAULT_PASS_METHOD=archive ./scripts/install-vault-pass.sh
 Check env sufficiency without installing:
  ./scripts/install-vault-pass.sh --check-env
 Default archive path for method [4]:
  $REPO_DIR/secrets/vault-pass.txt.zip
 USAGE
 }
 ensure_dest_dir() {
  umask 077
  mkdir -p "$(dirname "$DEST")"
  chmod 700 "$(dirname "$DEST")" || true
 }
 secure_dest() { chmod 600 "$DEST"; }
 verify_existing() {
  if [ -f "$DEST" ]; then
    secure_dest
    echo "Vault password file already exists: $DEST"
    return 0
  fi
  return 1
 }
 require_cmd() {
  if ! command -v "$1" >/dev/null 2>&1; then
    echo "Missing dependency: $1" >&2
    echo "Please install it first." >&2
    exit 3
  fi
 }
 create_new_password() {
  require_cmd ansible-vault
  require_cmd python3
  ensure_dest_dir
  umask 077
  python3 - <<'PY' > "$DEST"
 import secrets
 print(secrets.token_urlsafe(48))
 PY
  secure_dest
  echo "Created new vault password file: $DEST"
  if [ -f "$VAULT_FILE" ]; then
    if ansible-vault view "$VAULT_FILE" --vault-password-file "$DEST" >/dev/null 2>&1; then
      echo "Existing vault is already readable with the new password. No re-encryption needed."
    else
      cat <<WARN
 WARNING: $VAULT_FILE exists but is not readable with the new password.
 To avoid destroying existing encrypted secrets, this script will NOT overwrite it automatically.
 If this is a brand-new install, create a plaintext YAML file and run:
  ./scripts/vault.sh encrypt /path/to/plaintext.yml
 If this is an existing vault, choose method [2], [3], or [4] with the correct password instead.
 WARN
    fi
  else
    mkdir -p "$(dirname "$VAULT_FILE")"
    tmp="$(mktemp)"
    chmod 600 "$tmp"
    cat > "$tmp" <<'YAML'
 # Initial placeholder vault. Replace with real secrets using ./scripts/vault.sh edit.
 gitea: {}
 openclaw_alice:
  http_nodes: {}
  ssh_nodes: {}
 YAML
    cp "$tmp" "$VAULT_FILE"
    ansible-vault encrypt "$VAULT_FILE" --vault-password-file "$DEST"
    rm -f "$tmp"
    echo "Created encrypted placeholder vault: $VAULT_FILE"
  fi
 }
 manual_create() {
  ensure_dest_dir
  if [ -n "${VAULT_PASS_CONTENT:-}" ]; then
    umask 077
    printf '%s\n' "$VAULT_PASS_CONTENT" > "$DEST"
  else
    cat <<MSG
 Paste/type the vault password content now, then press Enter.
 Input is hidden. The content will be written to:
  $DEST
 MSG
    read -r -s pass
    printf '\n'
    if [ -z "$pass" ]; then
      echo "Empty password is not allowed." >&2
      exit 4
    fi
    umask 077
    printf '%s\n' "$pass" > "$DEST"
  fi
  secure_dest
  echo "Installed manually provided vault password file: $DEST"
 }
 download_from_url() {
  ensure_dest_dir
  url="${VAULT_PASS_URL:-}"
  if [ -z "$url" ]; then
    printf 'Enter vault-pass.txt URL: '
    read -r url
  fi
  if [ -z "$url" ]; then
    echo "URL is required." >&2
    exit 4
  fi
  case "$url" in
    http://*|https://*) ;;
    *) echo "Only http:// or https:// URLs are supported." >&2; exit 4 ;;
  esac
  if command -v curl >/dev/null 2>&1; then
    umask 077
    curl -fsSL "$url" -o "$DEST"
  elif command -v wget >/dev/null 2>&1; then
    umask 077
    wget -qO "$DEST" "$url"
  else
    echo "Missing dependency: curl or wget" >&2
    exit 3
  fi
  if [ ! -s "$DEST" ]; then
    echo "Downloaded file is empty or missing." >&2
    exit 4
  fi
  secure_dest
  echo "Downloaded vault password file to: $DEST"
 }
 read_zip_password_file() {
  # Bash strings cannot contain NUL bytes. Detect likely binary/invalid password
  # files before command substitution so agents do not hit:
  #   warning: command substitution: ignored null byte in input
  original_size="$(wc -c < "$VAULT_PASS_ZIP_PASSWORD_FILE" | tr -d '[:space:]')"
  without_nul_size="$(LC_ALL=C tr -d '\000' < "$VAULT_PASS_ZIP_PASSWORD_FILE" | wc -c | tr -d '[:space:]')"
  if [ "$original_size" != "$without_nul_size" ]; then
    file_desc="$(file -b "$VAULT_PASS_ZIP_PASSWORD_FILE" 2>/dev/null || echo "unknown file type")"
    cat >&2 <<ERR
 VAULT_PASS_ZIP_PASSWORD_FILE appears to contain NUL bytes; provide a text password file instead.
 Configured password-file path:
  $VAULT_PASS_ZIP_PASSWORD_FILE
 Detected file type:
  $file_desc
 This variable must point to a small plaintext file containing ONLY the zip archive password.
 It must NOT point to:
  - secrets/vault-pass.txt.zip (the archive itself)
  - ~/.config/vault-pass.txt (the Ansible Vault password file)
  - any binary/key/archive file
 Fix one of these ways:
  1. Create a plaintext zip-password file and set VAULT_PASS_ZIP_PASSWORD_FILE to that path.
  2. Or set VAULT_PASS_ZIP_PASSWORD directly in a private local shell/env.
  3. Or use INSTALL_VAULT_PASS_METHOD=url/manual/create instead of archive.
 ERR
    exit 4
  fi
  # Accept the first line and strip a trailing CR for files copied from Windows.
  IFS= read -r zip_pass < "$VAULT_PASS_ZIP_PASSWORD_FILE" || true
  zip_pass="${zip_pass%$'\r'}"
  if [ -z "$zip_pass" ]; then
    echo "VAULT_PASS_ZIP_PASSWORD_FILE is empty: $VAULT_PASS_ZIP_PASSWORD_FILE" >&2
    exit 4
  fi
 }
 extract_from_archive() {
  require_cmd unzip
  ensure_dest_dir
  if [ ! -f "$ARCHIVE" ]; then
    cat >&2 <<ERR
 Missing archive: $ARCHIVE
 Create/provide a password-protected archive that contains one file named:
  vault-pass.txt
 ERR
    exit 2
  fi
  tmpdir="$(mktemp -d)"
  cleanup() { rm -rf "$tmpdir"; }
  trap cleanup EXIT
  if [ -n "${VAULT_PASS_ZIP_PASSWORD_FILE:-}" ]; then
    if [ ! -f "$VAULT_PASS_ZIP_PASSWORD_FILE" ]; then
      echo "Missing VAULT_PASS_ZIP_PASSWORD_FILE: $VAULT_PASS_ZIP_PASSWORD_FILE" >&2
      exit 4
    fi
    read_zip_password_file
    unzip -P "$zip_pass" -q "$ARCHIVE" -d "$tmpdir"
  elif [ -n "${VAULT_PASS_ZIP_PASSWORD:-}" ]; then
    unzip -P "$VAULT_PASS_ZIP_PASSWORD" -q "$ARCHIVE" -d "$tmpdir"
  else
    # unzip will prompt for the archive password interactively.
    unzip -q "$ARCHIVE" -d "$tmpdir"
  fi
  src="$tmpdir/vault-pass.txt"
  if [ ! -f "$src" ]; then
    echo "Archive extracted, but vault-pass.txt was not found inside." >&2
    exit 4
  fi
  install -m 600 "$src" "$DEST"
  echo "Installed vault password file from archive: $DEST"
 }
 verify_vault_readable_if_possible() {
  if [ -f "$VAULT_FILE" ] && command -v ansible-vault >/dev/null 2>&1; then
    if ansible-vault view "$VAULT_FILE" --vault-password-file "$DEST" >/dev/null 2>&1; then
      echo "Verified: vault.yml is readable with $DEST"
    else
      echo "Warning: vault.yml is not readable with $DEST" >&2
      return 5
    fi
  fi
 }
 preflight_env_config() {
  if [ ! -f "$ENV_FILE" ]; then
    echo "Installer env file not found: $ENV_FILE"
    echo "Copy template first: cp install.env.example install.env"
    return 0
  fi
  echo "Loaded installer env: $ENV_FILE"
  if [ -f "$DEST" ]; then
    echo "Preflight: vault password file already exists: $DEST"
    return 0
  fi
  method="${INSTALL_VAULT_PASS_METHOD:-}"
  if [ -z "$method" ]; then
    echo "Preflight: install.env does not set INSTALL_VAULT_PASS_METHOD; interactive menu will be used."
    return 0
  fi
  case "$method" in
    create|1)
      echo "Preflight: install.env is sufficient for method=create."
      ;;
    manual|2)
      if [ -n "${VAULT_PASS_CONTENT:-}" ]; then
        echo "Preflight: install.env is sufficient for method=manual (VAULT_PASS_CONTENT set)."
      else
        echo "Preflight: method=manual but VAULT_PASS_CONTENT is empty; hidden input will be required."
      fi
      ;;
    url|3)
      if [ -n "${VAULT_PASS_URL:-}" ]; then
        echo "Preflight: install.env is sufficient for method=url."
      else
        echo "Preflight: method=url but VAULT_PASS_URL is empty; URL input will be required."
      fi
      ;;
    archive|4)
      if [ -n "${VAULT_PASS_ZIP_PASSWORD_FILE:-}" ] && [ -f "$VAULT_PASS_ZIP_PASSWORD_FILE" ]; then
        echo "Preflight: install.env is sufficient for method=archive (password file exists)."
      elif [ -n "${VAULT_PASS_ZIP_PASSWORD_FILE:-}" ]; then
        echo "Preflight: method=archive but VAULT_PASS_ZIP_PASSWORD_FILE does not exist: $VAULT_PASS_ZIP_PASSWORD_FILE"
      elif [ -n "${VAULT_PASS_ZIP_PASSWORD:-}" ]; then
        echo "Preflight: install.env is sufficient for method=archive (inline zip password set)."
      else
        echo "Preflight: method=archive but no zip password is configured; unzip will prompt interactively."
      fi
      if [ ! -f "$ARCHIVE" ]; then
        echo "Preflight: archive file is missing: $ARCHIVE"
      fi
      ;;
    *)
      echo "Preflight: invalid INSTALL_VAULT_PASS_METHOD: $method"
      ;;
  esac
 }
 env_has_noninteractive_config() {
  method="${INSTALL_VAULT_PASS_METHOD:-}"
  case "$method" in
    create|1) return 0 ;;
    manual|2) [ -n "${VAULT_PASS_CONTENT:-}" ] ;;
    url|3) [ -n "${VAULT_PASS_URL:-}" ] ;;
    archive|4)
      { [ -n "${VAULT_PASS_ZIP_PASSWORD:-}" ] || { [ -n "${VAULT_PASS_ZIP_PASSWORD_FILE:-}" ] && [ -f "$VAULT_PASS_ZIP_PASSWORD_FILE" ]; }; } && [ -f "$ARCHIVE" ]
      ;;
    *) return 1 ;;
  esac
 }
 run_method() {
  case "$1" in
    create|1) create_new_password ;;
    manual|2) manual_create ;;
    url|3) download_from_url ;;
    archive|4) extract_from_archive ;;
    *) echo "Invalid setup method: $1" >&2; exit 4 ;;
  esac
 }
 if [ "${1:-}" = "-h" ] || [ "${1:-}" = "--help" ]; then
  usage
  exit 0
 fi
 if [ "${1:-}" = "--check-env" ]; then
  preflight_env_config
  exit 0
 fi
 if verify_existing; then
  verify_vault_readable_if_possible || true
  exit 0
 fi
 preflight_env_config
 if [ -n "${INSTALL_VAULT_PASS_METHOD:-}" ]; then
  if env_has_noninteractive_config; then
    echo "Using non-interactive configuration from env."
  else
    echo "Env is not sufficient for a fully non-interactive install; installer may prompt."
  fi
  run_method "$INSTALL_VAULT_PASS_METHOD"
  verify_vault_readable_if_possible || true
  exit 0
 fi
 cat <<MENU
 Vault password file does not exist:
  $DEST
 Choose setup method:
  1) Create a new vault password and initialize/re-encrypt vault.yml if needed
  2) Paste/type vault-pass.txt content manually
  3) Download vault-pass.txt from a URL
  4) Extract vault-pass.txt from password-protected zip archive
 MENU
 printf 'Enter choice [1-4]: '
 read -r choice
 run_method "$choice"
 verify_vault_readable_if_possible || true
--- a/scripts/render-env.sh
+++ b/scripts/render-env.sh
@@ -3,7 +3,7 @@ set -euo pipefail
 REPO_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
 VAULT_FILE="${VAULT_FILE:-$REPO_DIR/secrets/vault.yml}"
-VAULT_PASS_FILE="${VAULT_PASS_FILE:-$HOME/.config/continuous-ai-workflow-spec/vault-pass.txt}"
+VAULT_PASS_FILE="${VAULT_PASS_FILE:-$HOME/.config/vault-pass.txt}"
 SECTION="${1:-}"
 [ -n "$SECTION" ] || { echo "用法: $0 <section>"; exit 1; }
--- a/scripts/vault.sh
+++ b/scripts/vault.sh
@@ -3,7 +3,7 @@ set -euo pipefail
 REPO_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
 VAULT_FILE="${VAULT_FILE:-$REPO_DIR/secrets/vault.yml}"
-VAULT_PASS_FILE="${VAULT_PASS_FILE:-$HOME/.config/continuous-ai-workflow-spec/vault-pass.txt}"
+VAULT_PASS_FILE="${VAULT_PASS_FILE:-$HOME/.config/vault-pass.txt}"
 usage() {
  cat <<EOF
--- a/secrets/vault-pass.txt.zip
+++ b/secrets/vault-pass.txt.zip
--- a/secrets/vault.yml
+++ b/secrets/vault.yml
@@ -1,199 +1,455 @@
 $ANSIBLE_VAULT;1.1;AES256
-39653934363136346238396131373436306661643233356236643938336666653663643866666530
+38643636393930613934353734343561383831633862666534323662396133633635656466346663
-6232333534626335663533376237383033623839366138350a313562646138633130353636333462
+3436613662353265313930363361646365373836666665640a643238356261376261393965646333
-64343532333534333863366331666237636162643338653137303235386337373235633164383233
+63386232323538313564303834363061356561363532646266653562633230646435386539306135
-6366613034633638620a303337653462326266663033356364613632353730666530303934616462
+3937616533643837380a396231643864653837663033386265653034383932313538656664616336
-35316136666430643764643232613266633838346662323761343134333733663330383065306630
+39373535326130336563386431663436643138346162666534313362663564356661396131336532
-39353861643638363835313266383330336133653436376232643066633636653061363766373864
+38613735626664613766366636663563366365646632393936333038633537393139383839383632
-38383162333236633330623634363032323736623366616364326666376631333136313036303931
+37653666363730666465653038633632636463666131396361376633366436376535343031616235
-37383162393962326335626433393164316565333031303761303431363363303230363730323639
+36646531323531383233363736323533306239656338633139626237396366653035396262343365
-32366635346562346335383137346634343633653130663330373966623234643732636131303463
+65363531313264643935623233656163333530643865643730643363396561316539303333303037
-62366530653436393562326231323238323433633931663733306338663335323564373732343437
+37333238643633396432316231353530366664303162393064626364356337326464636236366133
-31303533393934333135333030646237333835633866326164393831346664306339373765396630
+62626164303762623161313833626130393136616261356236383165343435626563613634343464
-30333162663834363939656566383863323632656639646464643038383430643831633039616663
+34306232626336353066323066346163616263306131356461633539666333376636386431333266
-62336438343031363830393032343638393236343138653363613938366564613438666132376363
+63313464613739656334343163393762336564313835313264346631316438653964346666363631
-30376135616261666261663232373739306534363363653438343865336363646633356265353934
+31616238303737626238316330323937343837323164346433653935333661653266313139356233
-38326532623036326161663731623964303035333065303633663336653034356537336162613938
+30623265313335383838346230343239343934663030393263636336633633313430626338396262
-37393934393961623363616563313964643238646565363533396639373736613331303236333832
+62356630616534323263653464303237303332613835303830306264353465363533353336373431
-38666662366161326439383461346138643662663037613130373034316135613633383262363335
+63373764363639366364633136343237373836356536643633303331646363306335623233326266
-30643330653130646338613961336437626335333662306631656564373063306331613765343864
+34383231626437646137383339333965323065373931646562393864333437373265656561303530
-61633264376534363166343665343461613763353261393138373861396665633830303631383038
+38323835396263633165323565343363623264653133656563356662373063383632623761323437
-39316366376564353136393337633364343337666635613261653261666431376132666166313064
+37616665643136393437343434636534613465306663353130656262353234323838356634613734
-62333630313064633330663534353362393931343039386563353865313165383934393661646566
+66316338316363323830666532323237363465373335653666313163653530303331633139393561
-38353833356163363438643138623763303639613633396132643265366266656566333331393134
+31616236653262643934363265373930346634346563303964663464656532303563623631626535
-34323139333466316230313664636662353030616165343063393933326335643561303638356664
+61373137356639643130633866356435393430366366653638626532353363356336306532333030
-37383463346363366335646266353166636236323662323031353565366431616234356233613866
+30303537356330643432343161373864653736666661373539656539613331666339366134386136
-33336230373032643461643639643465343734613664303663636435626539386435663033306563
+35663862323031626165393936363335356562396635346566366261613863323363643862373963
-36333439663239646630326332376563326263383366366263386138653063393432313032383731
+37323630376365633766336334643731636635376164373938336233643064653461656664666533
-39643533353632623836353231663466316161643939313432343636383034313237316465326263
+30373633623863666530353563393034376632356266306161653738643861303130386261366631
-65356139383637313762366230303062653065316263346332373538623131353238663032626437
+38636561356334323538333932326233383530653430616465643762396163316562633465353432
-65313064303461626262353962306362356537316561623463656536373766613661356230636239
+62663761663666613330303266623364343130333463633563666537393039623235383339646131
-38353837616435636537363264396238346635373032633064356163653735663130396631646163
+39316631303738306430373864326339396237646637356234303038633762366365356262313334
-36663966383537333631646536653562646366366439646438393061653038643932376535303638
+39303237643631353064383231323333396439643061613164313830656233646233613935646666
-64646433636133393761396535616163656361393266396633313433373233323731333363386438
+31613061363333363737666533663133373836383532643030323539616634323462373866636534
-64323965643132656264323366626430303936653564313639366466323935616239333638363363
+34346562303266613566633430663735613533613031636538626231376437353137316632306261
-63366235396534303330343062393138316239313064396535663832306535373732343233363533
+30313363373139373631333364326563303164313532346631646331613866626333326139323065
-66383163386539313037333763633335633162613539396636643162383166336535386238636439
+63383331376431386438313734616536653331346136386461333165313036613032663338356537
-62353030653133363034646139363335306262623134343662346433396264346635356264343935
+66393539336263643831623136623032323566353339636561633636663937633630306666386662
-30633834653965646135636338656362616232623032663339643139646233383935386539313134
+62303539653966646361353235316439396333316435376236396336643230393663363562303933
-39653166653634393036656261643831663534343862656638376638353564383661303430623632
+32373230323039663434653032306564353439326334306231613034376338313262303736323663
-63396432366438326131613639333466343830653131653733396663636237336265373138376165
+35343638393336303763616664386436323337626661306633323832633232333734613662333665
-31633262373462316539353838363261303631633235323035393335366630363632616365353265
+32356438333963643636396166366130653131336638316636666636366531643333336639366134
-37363937616134373764313837613338323064623164333464326339363431393863383334623431
+61616630373431316638366530343934636162396661383266333333383964663031356562323961
-31333962663032313433633737616364383662336336383134356335666236393736653762363534
+38373535646234623334373864633635663061653665316564623461373034663664643531343464
-62613334393337623136393739653933356461316430666163316136326535353130363264346437
+37663362343665646530666261343432386539396232613363656238623762656133303339346466
-62633437373564343635643437616630333139356463633435373665376335633664663330366639
+30313637326233633335316362613731343831623464663666666561303331363766313862356430
-66353063386665323436623039653161363463666163613462313731636432393437306230303664
+39326263653265363131633935326266636266343735306332663033393537393335343863376561
-63303565633561366333643061383933643962326462323665646666313133323462303462373361
+30343039656234336662613563313264323161306339303163373730346533653830356134653337
-39623638653566373361346661383133623336373837326431376263346231663666646234353234
+38396437313939663766323266616437636236656435366439643234326536333061663431626435
-38366662323761656534653238623335346139366137656561343231653764316564643234316235
+66383139306336303265623065353237333437383733343761323738326638333638336333633934
-62616333656530303137316632326366333063383365613739396534343863636561353963396534
+31343238343136653461343731393366303833636564326566616538636132613161326539363535
-33666238383332653163303632366561666562333037626238326665316632653831336330636132
+37313761326334333862306539633331636439326338353038656639616363303663303963313461
-61393066373030313030393236633838363562613838303164353432633931366332313434366562
+61323330336363336237633064353331323564376335323766653130363261386336366239353163
-38343133366466333362373438336238653963633130643839623165663866396630626339323966
+37343234333466356461643361326265653438633831323834313130333766303661393339396165
-63666135653037343634663066643866363933663936343438646532613435663763396235313437
+63376431363734313939616136633261386337663234626131313161323266313437336535633565
-65643438613636356462666266393565303837643061646265363863343461306132393264396539
+63313137366333373562333361633063636633396230633363356363363530306339343738633562
-65356665666237636439623761633735613661623362326462626639313765313061346465363236
+66396264376235343631353931333236363165303730326162326361353662333837326332666430
-37393639376338353163326164346435613865633838366338623362613065363664363763323037
+31336562643366343065376536343764613633646437636262643666636464623733626632636437
-61333334666630353138626439636262363330623033393764316539313331633332336662633261
+37373065646430383239393065386231643661313630613934303665393336383835613963343436
-61633733373430656364633535313834653134376661663935306232646430366162616665316136
+30393731316337373566386138663138613037356363616530666536303137656562376564633138
-38373732313237366137343837323562623632663338626464616435623232333432393161353435
+34643739373461386464393866323165633037643063303138353033653637373739653430373665
-33653734643436653339353165336238656434383633396634663837333533373766383236666264
+31663434663866363063313537393237633937333236623362383961356139316633333932303363
-64626335313231336437646337633465386338323737653461633439323830653331643630353430
+32383232393530613432616438613232356333623164326332633030623634313536646233663266
-31663436613934373165613964383232633065616434313636643434316463633061316261623632
+64613336313737623037353434656238393336326362396439386232366537653563306662646364
-65356530613730323539373464393431613332393531376539366436613334653232363933326630
+38623763663537643065356133313330636562306432366636656436626132616138386332316636
-32633636386433663535336334333835363337666335333834363765393164626332636461616264
+34393065313165643663383636373032633561656433343034356135623331303339306536623330
-64343135353361306436643261626635396564366431363863313964346335623862666562363031
+34356531343630363839343866646234633062316139646138386665623232333530633365636536
-61313332313033303865656263653330346638306531306666373936643335393164376236393938
+35653631396361333936633064656566313336613138326466636430353165356161356365313536
-62666330636532396639653736613336333762353231616533376366383230353130623633316662
+61623032323537303065333234393365333136346337313138313238356330663737616439313561
-63313962343734626262616663633366363432343135326362616435376533346334626131316261
+31383761616361633561393138636238353261376638663231363835316330313330363133303732
-35663666383566313061323663383330353337343931613063393238316532623734316639626330
+31623062646262393133313565363465303266663039343131393430373935613838366638633030
-63343431353563383636363936636438303663333538303439316436383730663865373162663265
+38363635346265623365343537323362376630363538396438663534653738306661633238343137
-61373963626237666432656364366439323336316334663831363966393337336638663665616235
+39666438333733656339663233646132636530373036323362346138663335386530343431333465
-30343637373131353961323566366263663463323230626230313163376564636364623833623033
+39613664633662633062653863636363336633386233323834316432646536626238653862643866
-33643730623662633538393335303461666435366439613864633637386537383935613835656564
+31646464326638633435313639656531333632363331346664616530363337313864353439346635
-38363863626232656661373565343133393430653038346130373433663835333536333633366662
+61343237343931303364316533356636633633336532313735366561616365663963346134393764
-35613430306264613530316332636230313132373636343038303837623039393437353133306233
+37653333383831383134626463636664366636326433336633663537326266666264383962646166
-39363565613765623031623466343964346335376366353161313961366664316533383361386438
+34303833353063333962356234363431356635343734643539303134633236666461313633353764
-34626134633735343864363137323161333236373463376261386631356135376537333162363536
+64646133366230656463616230363564643766313965343764366564643637663566323130343464
-63366537646265356539316166623266353832313965383430643565626330383361363539313933
+31323434336239303036326533666463306335636561383362306232396332636434323366333333
-34363734343961643034373239336533346166623766343532316263356662303663353165383165
+64376363376266666437353438336463613131666366363336633764343535383636356262636535
-30353032333366646431356237623464306230303038326337623666343964313536373465366637
+37343065623865326337356663653233623938643362396465636232386634636463346330653636
-32346138356536613136376565646466633233643336636339316634663932633961616337343230
+30663662653034643665313762353235356137343064343535353065323464663938303061616436
-65363465356662656336633133353337636464386637636661363637663363396135613862346166
+35653239356266376663353238616531623765363261636636616461666161343131653962616339
-39363161313433633765613434663138396165353134376264363933313236306264336364353164
+61643635373934326134643732663234643239386234336236383966373065383133326333376137
-39306236353130633332356361383533303632313336616330643036613039383531646461666662
+63306264643830303637653063363265346632646165343262653866373636363737326666626632
-63663530356634336538373230656661653565303030366337303237313461623632633731363736
+65356131353663653365343538383038316664393731373466313864366533393936383636636130
-31363235373432663733393033393738656539376237313334326430326663633566623562316530
+34623762616233633834663561376566366130393137633663626634396462396566393062313536
-63646139383165353163356566343234663764383464633339326336393932316630303439613562
+33643634383566633432326233323937386235636330643766616333353139303233393938653038
-38366632616337663435643237613064633963623237316332616166336261633061613135323261
+37643032653937323430623037383039373234323637333039373139373762373339356337323064
-34383466666366656230313831343865646435353030306231313135333537333330343634656233
+63333832343963326633663564363131303530333830306238306430316130643537623466356666
-32306636663361373363616431326238333538346362396432303434386165623439396635623162
+64653430363564366333353738303464396434653061623336356133326365376365653433656332
-32343535306539633838333564366438356562393662303332643439306635346236636637666333
+62373639393530373237653339336335396438393636623538363137626132343330343331326239
-32663030616537666539376339366232653133613037663363616163623933633838396533343262
+30306364323065363566643030366634376436663566356433616235326266396464303234393031
-62633233633730353039333836363866353461383636643138383066366236376664653637396562
+30313534303931333737396563326463613263336132326630333134623738376132616635323665
-34306565623030376532343064313833643637343132396631363061336337383537383034633866
+35343831626537656231643638613532353934626533326266666639373533396134396335643034
-65326531663037663532333663336463383864663466633064636663303931343761613834366334
+65613234616238353432313033643133623633656361376336323935336439376532353736393530
-31336262666664373362383139383831623135346465303862653035303131323638666663663565
+64386464636265636330613734333865613566386437643264343262366534653834313663663138
-36393035333762353539653538323061653763346465333532303837316330643238663266333961
+64366139646436613230383638343331653565333330383135353662333331633331313961616535
-65313536396634623938623139303835323461323831633661663332313730303736383937663435
+61396361343739383838313932396664343961373935333139323735633463376231613138633433
-35313636646464656139353436336439366166373837633438376130363534376336623638386338
+65623431623837356263643461343062333234333462336436646263356663653338333463353261
-37333530343235613865323366643435306439393964343934313735323432316435643838646334
+33636336303939386633366334636661383035336162633565313839656431323563393130316338
-37656661623162353564363532633062613462303662386366386365633833396437636566656432
+37633262326136366339623162316639663233656165346334396131346463393865323665643135
-32643763316433356664343234666130376537373333386130616434666333313964393063623637
+62613464313938356536663931373661356661636665336136633639346138383232393334346537
-32326234306163663264343335666665643139613262666432326237653633323961393561383939
+30303937656139343932393262353665636564633731656234326233653630326566366462353866
-62636564383066333766616566363639643931386133363335653930383238353865373366663937
+64396636386331303639303537616562343738316134366638653833353061353831373733616339
-36373135333939326336643166646538303964323535373465366438343563396463316261393561
+63653466313363393362386664313461636531396635613564633461353938396661623364373838
-63636130613238353461653636623662333765333661626336613163383734643138376537313363
+62366330653162343432343736633532623963316665323566303331656464663732643666353032
-32383834376239333535386663303832356534663761326466383839366331366134636665616437
+64343038396133396638313065373834326163323164333831356565303263323763633234326230
-38666462316563653836376337636130663130663034333938303462316562373232326466333035
+36656237386264386166303437393337306265633362663239643634393162343165383238323430
-61313130396163653366353836613863323863333065333466343830626434626139613433663462
+37383236346238663438343235376662343338623431343762383936333238626535656135366437
-36306631663833383037663137306366613238343136363230613933313234353539323938303933
+33303262343131656137653066393034663534303432383365633462626637316135373732626465
-36663437306132316164336137383037396333316662666235313636663336663163373465653439
+61303936363464366335646662616664363939663763656431623637636566666631386565393438
-37633732366162366535313562633865373534373932626534656164646532356464626264323337
+65316230613136383135323362376433376635393036336163616231343831356137323030313064
-61646364356662386166343764333136356631623563316233363465653034353339333939343736
+30616366343636636463633063383232386637643536346431643833386235323632313733623537
-39306138656463633134663930363966323732313239303939326634333562633937353064393332
+32343134343061383531306633613864656131393037616366666130323936393837663636636332
-39623866613835333931303566326634636237333130383637616262643136366566306438636235
+31623233313835326666383961663838363964653162393761313435316338633566383165376263
-37396438643633623831363831323730326166303338303530386134306564333737653065636431
+33646431623235323063303966326334373965653963613639353732613436656561396234353631
-38366361393266303137396666396231333763393465633530633063383538666537373131636532
+32373962623030333331363037396466646134383736663661643861306238623837646530613839
-36396636323063316465383432356164383761346535373263333838386163323230353962376665
+35663833356161366361326466323933353530376235666537316564623964343831623363396464
-36343334616663313634643837646663636564346239356463633333303562353435653432363061
+32343466353861616666303663363762343462393835616232346435323733353664376434623765
-65366333323030386361613662376634343032363238623764316462366234643762326231313362
+32366134323365323462643164663034323761366236636637383134646139636332373964333936
-31343961353139386664383662306335373839313962306366613063396262323564306435633435
+61333030636434383038376465336336326330363131613336353164656630626265653538306234
-30353130636637313139663037306338336130626137323139383861356130333038393462346264
+32313736393865613634326238316335613661643836303465636265646533646638323436343633
-38363130333139336164383237613564373435613230333639663037633837346362373033336439
+63623433373238343538393036343435623836346531383539323433356131386361663439653639
-32643535326231653962663361373238636664306130653530663632636665396463343166363534
+36643331663838316431643339623365646639346662306638376162376365343134366234633532
-64316139393664653834323962623538323362316664383465336135646633326131356236396663
+35653936306333343431663561323762323835303131656438653631313433656663373964326561
-63333731343432343566303264653961623239633566316166383834626538313764626166373865
+37366637376330383664616336303365303764326637326132326163333938633630356135373663
-32313965306332306230306561613236313166363239333738386430613731393061393732613534
+31313362386233666164646539656534636536373334333238643364386361656631343533346438
-65333835316263646465326532663134623065383539313237343966306532356532326535356365
+35353135323538616465663037613238613862373138333864386330306130343334396138623237
-61363536626532336266666133336166366232653630653862636530393038333332623237303036
+30633937343430353038363263346231633837363666636338623666333739636163643963316433
-61616461323965306534646438633430363733666264393862666637333639613466653633316437
+63363664396262636664653563633765613937303533323231393365666534666233613235663232
-39316561303936303638386465663963333061383936353962613166646337363831663131363865
+37376566666361623333633834663966613238663433363735363132373862373863316464303138
-30343239343833343432323038303733613862393535653035363337666231383031663364613431
+30323936613366363763623234303730326130303631356665393233303335636533656532643264
-38393138333965383932383338333933636635633465663863356130356236353637303430353935
+38613930313532626338656565326137306537353031376433363261343536313830346562363131
-61636162363963623834336662663930306164636366306662393663653138636635396130303430
+65643666646261383133383933336263633361386539616235353035396463653737623938303035
-32653436373439613361633631633835616563333934336430303961326635336631646363393038
+64393565316439633330616436316338343438383961306633323330366432323735393737356663
-38313064303061623337363262643632653361323064373861653830613165633165303262653662
+33343730653731303831323739333337626232356238613835616365663533386131376336636539
-38616437343833356639343466373532323337613838653633636262383032376534616535303330
+30393438313963363535346631353162633063326562643965396139666334666334366639383039
-32623137313434306465626561373937666234336164326236313265653762333932623734333061
+31363135373036653932633863623832663234313236616463323435373036646464663961326332
-30643233366561343263306365383736326236396335306161353239336534353262313562366363
+31616338373361623262356336333137663664656166656666613031356264363531663339626565
-36633661333037653762333166353231303138326361383634633131663163393330636135393735
+37616330653337643839333231363432306438636333393337393265343231333735633933396162
-64373464346336363134376261623765386163363261326536336632383136636539383532316635
+38313538393836353131303165313064396130663433366239633837623935616533313461646362
-36346561396636393536323831656166373362356532636131613261366335323932613739393463
+63646639386634393563653261663666633963306265343936653666653462393532363932383437
-65643834373561333330643631383830636562386663633935323665353335343939383134623166
+38633539613232303261316264663731653733353362366138306132666635316333653066626464
-30363632336633383134666134666461613461356564303538363536356139623336613539313964
+63636261663663346135343231323863356637616161643032316438353134633432616166643631
-31646136346230366538366437336130356632666538303663646531363438613838393634613835
+31346430326164666532643137366230313130643566353664356563373666343637666133666337
-61316365613666303036643436373562353733356461663262396362323933616336396666623033
+62393334613432656566383562643062653865613732666533666236623535646230646337343136
-65613166363031386333613130316265626366393363623066383261343631343066346533326531
+38633632626239383739306231343038383030666363333965653939616631356534323164313563
-33623838353066366532663937666330313831643933613738313065643564336136333163363164
+63643966313331303466363539653862316433333736376166626365353834376134643936616539
-36613335666632313736336531333933393866643366343365316264623065323339643465613231
+33326265643634646333353431373632306165636466646337386139643165643366356530643534
-39326337623533666263373431663534383566353137333464393036656564666362653131383265
+31333166393334646233656434316461343937326632613964346662386530646137663336626335
-34386435646565616130366136326639363365363865313634383866383934393330316136636637
+33353738613833646633663564346339643566653561613363663765333433653631626233656432
-65613339353364626434636337613832636232333562343735616461326436656662353561366234
+39386265316562643139313561376530393737363334393362353262646338303333363534666366
-61343334336264633034643432303933636535343065613365396463633537626335653734353461
+64376563623335643231373136366339646362623530393832376366653664376138396631343665
-31393463633730383039646338383866323661626633366566383834646432653833353762656630
+64316162393364363631656362343462316333656330663531353863383132656364323966336439
-35333263623830623865396539306532373166636630393730353463363739313935376232323038
+33396661343637353430396234303630323036386661383565306130356439643566643232646232
-66613438376630666630643465336638353737356563373635303161303736656364346430616437
+36383331666130366135336163656161393130383836343865616563386261373138323135353364
-37303464313931633036306430393865356634396639373162396431373065323763303138643830
+37376634396239373237313834303963376132633264333261313833636662373833353433346664
-38313330663737363832316432323961653366613465653130333062313061623932316434643064
+39306164643963636330306162396665656635356563346130633735343232333736313634376631
-64623362656136323161363965613933313938353232653761626436643961333631353762353664
+34366666343561393132643466623639656237353536333438663934663032663562626465323734
-34326531646663633938303933373132326663346639303135333065343130626462636363636235
+38353133626139636337333731363139666363396135303737383731613335326364653533613436
-37613638353235643937323931376234396162636637356131353835363764303638666532643363
+31656265353737343234623833326538333635343935303863316362316563663637643361666264
-65636130626637383561613736396338306565386661363739653265636233353234323561663436
+63383937333863613939326631343730303632363064636431636561613664376134386433303165
-65633131323437353439633732353331343836623263356337366134366364373237363765636563
+38663033643665613364353530666461653863646236373432383730333366656338633365633365
-31346265653831386262333834613335643662306166626663306662376231353335616538666431
+30326630313135656462323733346139353838363466366361643838623333666363383333306430
-31386536383137633533316432316461646535323363623762373439363962346462353436353963
+30653337666430666166616434303566346336666566353736643037343033663737343433623666
-65313134303662643831363934376134363035396665646531633035313261356461393539313134
+34323839643133363066313262353266353563386663383166323736643339633837313537623633
-64633132393361333664636136636665623437623430643837383265626236613830313065373336
+31666236336335663032613966663033343337666134633065303533666562663765613565386534
-66643333636632643265376630623463643466613237626261363837633233396433643361623134
+65303737633333343834613564633437623633633230613039313961623266383232343535336562
-30333232666432636239356236613161313063633337393930333866643738346237613363303765
+61343033313738636537366535623637343166636438323666303036326563666633646539653831
-61633461333466306635626233313861656635333938663362363530333035323937616432633833
+62383439323439343661333634656338383334356437613432313130373431656633326137343034
-66373439376534653935316633373737306233343062306339383335343062326636653438633566
+34636138663030613939306431636662623337626239326338623130386239373466383535363534
-38326333626164303932613464343330346331633964363163303036353637376664316366653539
+34353064626165343931643633313364353861313063643365346534366536323537643131663965
-65383830376235353732646665316133393631326362363136336434346639636230653030303964
+62303334373531633836356264356631303366326561383865383431663565656439343863393931
-35323561616436396632396535663339303033643464643939626563373664306233613662343264
+36316533663136313964643835323265323533666364623833313265346233643965336630633939
-38636439373261356436333536623864376266656664376137653433633866373462313262663561
+35633036656237663237333030643461353330396634313331396434326564613964333734366364
-36653132376137666534633430323661336264663738373339343438653564666332633431336363
+66363636643761656132306433646663663636363632616636313063626337623137353561643565
-63306337653866356536666438396465323939623333646232666336363534636462336262323264
+61303436393336343535323933303762333335363364363764333464396366376561653863623638
-62343332383231626631363934373161383037356664653138323363333366383239646338616561
+39393335343365363162313361316265323265336161343033333836313330326362373930643838
-34336532396165636636643237393838313734626530646537633063306134616539643864633531
+32636532333366646136303264366335383538303237663931653963366666636365336563653636
-34313831663430663463633061636632336665306431646366663331323062633565313262323061
+37306466323936623764643065373062646466356566303839623239356663353761313231656538
-63333339656366356435383936333033313366666662633364353965643366363732353730626132
+64333761663732326530613634303438653539306166633634666461333966646165376437373362
-33383566316331363538323862636231313431356431633639376363653939666234623464343733
+38616262383336383334343666613964393365306131323138663061333031653863663239363632
-61333262393531663538633332633265393133653131336465656239356130643138623562393332
+38663636306139336534663065316634666230366431313634633162386532383534343833323530
-31613237636164343233376630336264643731336132626334373231353532663430383439643830
+35643832343138393130383066623163633832386565646161653736323165383836333164636566
-34643463373265623932636366323431333835633131653064303735303562383435663761653164
+30353161643332656338636538383436316337623134346561316563343037653363653265623431
-31386237626239636636366666326465613433346439616134306462383261303430613231623763
+66383532633837646438636138386637336134663763336165376134383638646464633236333935
-38313132383261333134623365326264333133373533333437326364633132306435663966613063
+31333964393934366661393039333533303034393339663639353430303634613463313862656566
-37623563363761356261386137383635383431626464366331326132363332383130316334623433
+62363537656563636163663230386430336262326162616564373966336665356463663462323362
-38363636363432336136306630636336616435613030323436313837653637653638666230343462
+66306637393734383839343266343664316264633064623538363166393132656231333135363333
-64373035316466356161363738356139643765346466323830623639663834336261633139656333
+61663533313664333537653135643763643239323437623337616638666234623261396631633230
-35643539373264336131323535396436303265313631626134313266396332383762376261393438
+64316432626466313435386235613366393638613965373032343963663331643032313037336534
-61623961616339616462396632333233346538393731373962633037616363383961353539646338
+34313233613035373532656466656131633662333066336231626430323734313732316166393030
-65616239303239396336613237656163363833333766363565643366623438656561656331306633
+35336330623339656538613534383336643837393462633836356237623862633762646536633232
-33376365313038366637363533633163316631643539306666353466646638633364353066373134
+62656638396336663066303139373262623333323732373935306564383839333962303663366262
-64666139613861346339666530326134306166643064333031386632303937303432386665356538
+39393062376134363262393461346262356436313166386138353232376234383232346337343666
-65663736353930353030656263653436383765313766313239656362376266636638626261646238
+39353336376365376532386666376366633962623862636436316635333933353566303338613065
-35656533316634346463613939306235623365353634316662316430663137306334353732373433
+35343761663239656536373931376238323133383966363431313561373066303332313837383865
-3564343038313764366631386661383334386635363632626261
+33656662623937373935373935336663376633613238383933643934336662613534333638663434
 65656465633036383465376562386661653236313265313963623333366533636230656638363636
 39323435643034663863303561386130303166633965643762616434316332646564646462396438
 62393237376462316337346361623331353339356533376236383166663864646162323538313835
 32326665353064343530376162363332626366623762333137633139393963323139333734323238
 62666131626135316164326631383332616136396564646637313635386234356433663661323565
 33316163373165333335346337353062306339343236356231366538646266346364626630336137
 61633430663963326132386130356138626564393763386630326239656263376234633731333338
 39633735666638303638613664366134396631653966303236616337333639663531343431633063
 32646433333439366261363233643032326639656439323133653262383963303061353061373631
 66396162653632396664376237393465356362333561326630616561383536373831636239323234
 32343663383836623666663465323234386462336463366237626561316539343631626436336636
 39653630353037323333366163393865323462643366613162336235633566303235363037623536
 36383561656331383166613261396235613363616166373966383861626361353635663361643531
 38643135306365346436633036396664383165653131633538346230396233376234383235393536
 63376161656336663135386534643963626239643136643462636466313132303635383864313163
 37316338623763656664366465663465323233623965393438326331633831643231383564616539
 38306161343034383831646633323465323464336133653962616235323462393638663531616638
 65376134663732316663313630393261643965353438643336366262643738656630623366656566
 33303036663230653465393239616539386164386138393061636462386461643638653630646538
 33356335393064653731623966616534633437666136316236386530316632386138613238386234
 61393130626135633632336266666233303062393866653636623631373763643964396162663231
 35383935356264346131643232346365393336356638366536616135333834313939306534633766
 62383938306235663132343162633034313035646265363735666235666535333339376361393961
 61356438646633663265643665386362626633653933316131643733636264336137333361393936
 34316530346366316366373633366634393937363536613832663564653762643933653361666632
 35643035636465303633363336313963346134333464303133626332363939306135326266313164
 34383165623138653865356532636234663638373064333263663032376431663837633133653634
 61383735633030623236383432636333346335383265623233393833376665633337663561383939
 34306562613033373961333662643837376463396134343235386533343530326536303937306332
 38343733373963333635353662326264313139663064383639376334656338623132333461316166
 32613438393431303362623432363561393130666265666663323436633231626565373165336562
 33376132323333313138333437633739333430646263323230643536313538393930363763636563
 37363935333533326666323263336166613963366436303339646164646634356661393539646363
 36633963646362393661303332346661333665323535653564616661303336613132303864376662
 64383063383538656332396132363336393063623862653834636630636530643638303665336464
 37366263363230333466313839386161616334646161356563386232393063353935356563393530
 32353536333262653665666630326534656536653331353736343166393239643962343565323034
 36386565666366653036616665613837303665623666383138336130376561303265643365613562
 39313666316661636362636461313561363964643864363164633763646237653036653536633839
 65346433353837633730666434323336396533633538653937363966653763303932356366373364
 65663337333639623238343033313830326434613438353535313337663138323637363061353536
 31366234363065393461616334393163353539613263383230653938376362653263616161623538
 39373034343263633238626536306562393539303165383033366339613766653039646533386332
 32313166313039396530653132613038343439623936353365393238626536393362383562353934
 66316361653531306134643234613533356163396139303638616133633034373735396433373264
 37636336316237346362643431383130356435313566306533393433323939303464383365663265
 37653966626632303165653738343264373236316234326439663965376631306533656539326337
 35383133616637326361393634633732356131353761663261626236653534323563313835353935
 34393163653931666239383066383033353561343633393735336235616137623064396661613764
 65363532643165363430636263643831393363653730663136613863356630653466383566393638
 32323131373831326130663531383966636662373963666666636532386533323061373366643432
 34326334316166623165353066633830303130376537346137653330386233653163636564363133
 32653138316535396635373830653463343435663666396437313531306530333734376235343430
 38366336363236643432623136343163336434623262613132353162323438373362366362306538
 38313233633933663839613934306263373265363738333566373732646634356338373936613730
 37653161646565323836393432323664383665346439616266323032323361306264316266653438
 64376130373531383862363933393834363532646161643861373766396363396138313265653435
 34643561663666636366613764666131363339363538383866326434666562323363343237643865
 32663132653862333733373532373436643263356432353933303637306562626462393165343966
 39393038393064306464613865343761386663343236376232653935393537316463613262623532
 34343539363830666433393630353662316331326231346630616235663834323934636538316632
 37386137343163383232336461386230313266356439323263306235663431333338333035653439
 32386461353034386637653238333765376162393039313166653261633135353366306131326131
 37663636326131623438353934343830373538323838336438623430653635343533353064346538
 62316334343836306539626330666464623332323964613365356139383738636164343865646139
 33636136343263373764643139356236626331333232616132323464356464333631343136336161
 63316633313038356662336632306566653634393130303833303865303865306332343235643864
 62666239343463306637353633356639336538343131306264636430363334396532626438623562
 35303763333432633165646435356330336632333063663935396330363862666433383861343630
 34626238643634636638316435663437363736303933313835656564656338636639626537656664
 63353334643035663032396464396532613337636566306232336436346135326234366530643534
 62636138346466303838353136353939366663336133616161646661393131346538346565663861
 63306439323062343531393766616234343433623634613061393937646163303538373932623731
 38366162653331373839343538353764613138333536613937623235643831323364303938653665
 64653264383731396563303135636535333366323666643364343438343364626634646530613937
 65656238373038663364356365306332396162383165333866623136616131613636623033336634
 33663763633838653433616461656565653632313132376166376261663239326361346635616363
 64306462336632353862643566316266316237633934656236323833623134623632656233613038
 34343933613564666639333635376133303366303433366339356636663735366131656435333237
 30666639363935333965643734373635653036373966613963333561353663626637616538393464
 32663465323837363336396434623562626661666237646537643561316561303861343336636161
 30306261616137373937616339666239303061313931646662653832383964643438653634333539
 37633063363061613237363235396635636233313738636361353839353064666538363834643635
 35363534333762623431653234383539336461326165353937316237346262343263373237366263
 32393931316133303061353036643664333163653566663062363232366434363238386435663861
 32643266613435373632306537646362633234346264366334336663613535626439343530633466
 35353961323634363931386333336562386135373734303236373931316535323139343137373961
 62383461646662656136336431326438663166613138333639663936363234626166666330646663
 34626434643933323665386135363666646163343164613565333862396263306135393262383239
 61646163653032633366353632303031393633613065376235643763323164336139336633656437
 39666339656266633837653335633938626635666339373364333336653265366636363730343464
 62356639373538646134343261363034393061343235666136363936383861623734363132353138
 66633664303165613137356339613632363735666335343839626631353437633836646661393135
 61623164333238336539346432303333393934363430333065356663656631636162346135633563
 36343232386530666238666230346266663239316632326466336161393062613037306165313234
 63356663373734653439356439313537356465643966336138633931643662383833363562656561
 62333934663639666338306662316430346363643365623662306665353866616461306532363835
 65336166303861323464366339623433313766363738623935346533363332393430313561626130
 32656338383362386662383037653032643936323830623763306232646536366237616263626537
 63396363366537663838336438326565626166393634346262393836386234363764363165336462
 35643230343339323162663130353334303166623436666161343439316238636663346331326661
 31636234616635303339393035376430343537623061616261326632323636623939353039363861
 63643435386235326633643631373366656330613839333437313130323962613339656434643962
 64616662363630653631323362626364653965653334336130333139613232646435663863393262
 33343538613564323065613837636361306432323863356634376635616463653261376438396465
 31666430623938373132643135633037393234343037623738383163316134363465356564356139
 64333261353732383432346134396662303333623238613262356164643630653135323664353263
 32666433663366363136313638343862613333613762636330316661613537633730383135343631
 32373533363462303661666163363065373030356366636464363032646165393833396333316136
 66636133623463383765656662633333323262353662356564326264393232333463336333663534
 36393634343662336161643532346331303834306464313630333533356431323936386236643665
 61356566663130663035383163303936633235383534343962333032373964656366383831353132
 63343332356463613766383834383634313236326431663861643639366134633437393533303966
 37383537636139386661366466373236633564333162376535333565373933323737356632633838
 39336430653166333963373064366231623762346336386430306633633762383363353131386231
 39656262643530306632653461393137336562383932323233376530646230633739663663623362
 37623064396661363135353131363538326338633161343138383961343761623338613635613034
 64653665346237653163366535383730323135333036363061313039386132666338303730636634
 63383433353532343933333561663932613364616233336562313464396339386465303930313136
 31313066363863663639623835336664353732653035376664326337353632616432366565393430
 34373531316135316132333731623261366333383139623835643465323234313235363962633561
 39393963653463663738303662333738623333343265313565636363393033636438333237663437
 35633862316363616361326138633832643965383463633565313438313233356566613665373563
 32356364333336653564623463303234646532613235636363356637323833343765653033613165
 33613233633630323561623031396464316534313230646164653237643237343733393032383132
 39353763313166643762326234313332613561656530643036656535343065616263373038313166
 37326362356530326538386530663664656137636439353363383230636132373338343866663933
 62323361653261623538623233613165303465383463303838366562646232656334303661633036
 33366335616261353761363736343662373330386136343033363461396433663932393730333634
 32333362333335346564393963376464303165303561613531666362313165383261633834363536
 38646634353038313365396466656435306465653562306336316231376537303964323633386633
 32313466323262633133373932633838313231393831633664386533363032353836323763366462
 65373034303665396433646638633934633466323966313036636235363634363563646437306563
 39653534663963616262626663383331373062613334643639316432393638633462316532383930
 32663737353337643562373665643663346163313465393136333862373663643533643663613537
 36366530373539616466336330373632353039383437633166613833323737663736643266633462
 66313936383836663132616432623939393165623534303765393266306332366136343135613763
 38396361323338633161306463383764333466393866616530333138383436363637313164643833
 65643330343939626662663235323361366238393339366231346438346530356233343231326332
 31613461633536393033633361373433643364333163346535303434383933633636353761316563
 37383335643531393336646166336462613331623962353562663162386132643963313537613063
 66343335646433356436313663383136363163303835633132653966353533393464363630323237
 63666330386363653366316565306366643332646236623530626338323639653036313765623464
 33613530396633633730633964323161663632343031643036656538643030383763643537333433
 62386630633037333261616262373936343062613536333733393930623934373830636431653563
 65356334343765393833613636326333656332636265636161316131616263666537336131343335
 63616237666335313234626562636138626134666262636237376265666563346530656237303462
 61643562633837656439363861326131323435656561643733303037613937636531363238376432
 39656133363464383661323461303061313963343835653132376262383162613262616464323038
 63663465313266623765643665306330306564663866623165346164623635613063323932336534
 35393262626534633730366439343434653630396232626135626132386466306539383664313831
 63633932333839303630393633396661653764636234653939323335643133373534363534323238
 33646534633061646463333239363866313065366265316161663136343534353461316638326165
 65353736303032316138373030383063356230326430383430623861636461366461313964336433
 37306636313637363836393665646435383238383366633432343432663132323733623665643664
 32646537373137666362326433336234316235643563643063663739663838333564343039303534
 62316165373834316436616137306464633230653337643835346131613366373365666664396462
 37383532646435303365623831333434653434366338383664636535313233396636643438336230
 34626638376464313162376338613031313861633034396335613031333430613735396565323437
 66613034356233386633643030616230306639616663333837626663306335303665613066343063
 30643531356435366334353934343039303234663131396662656131653332643432393162303935
 65313732633335656665343436616264343230363361343034643737626464326565386463323631
 32396535643937376136343063333262326230326130653238643934303065666234643930356534
 38313731663966376139343864633932363463333935333761613662386437306366353835313233
 37633064366433303863396363643435376136626134646664633139646261393461366638383831
 65303032333035356336656466623336616535353761346530376163346666376661306330663336
 61613634383732303631616461356532313436383539323536316433363733636161386637346131
 62663964306438663231336536393837336238383638363763663462386630333732383536383039
 65646533363461616239393431643162313534643430623833303532373263623733316465353033
 61313435653030333137626365336237346137393565626366353465373839313834653530613165
 34396638623739616233383037316661666235653134353432393864386462613038616139633133
 37386237313239323836373133623334373964616134383938666661323462653162616331386232
 31353032363136336636366436336337656365396463393066326437383939303337383230346433
 31653965303838393235326130363132626237333263303966363839616235636538333138623164
 65346533386232643064323764303963323933323437363938626231343737623661383565386232
 37633462643763643437313038643063646239663136303365326262363762626434326662313330
 64646536623837383638636563653531376333663330363465383433323162643736393139633033
 64373432383631323732663336393963636635613632343838313765323564396339653465326336
 65363962613630343532326236623165656162376237323961316135346164323233646239383930
 37323136396432326334353037313834633635326464313037393064383539646630353937343764
 31343631383530653262333665633130666366343636303366316634306530633061646262373062
 65373561373263386539656666333936376132373238366133396362383934626566653039306539
 30633137613433333630373133346264386431336237646633633263326432363630323939643763
 66623761336237616162636437393166646366323764633861393431333638376338306137376230
 30396464343039353431666265333861303064356561366539666361316536623232313636383666
 35353230373662303539636564616163666536633133616462633733656166346161363937316333
 36333833643636383864623634656335313835383561363036323066636637383632623066343838
 66346635393331303564383465393331616563303737613333373239313766313661393933666161
 37623433366130343230356461613838353966363163643861333562646465623332356536326565
 61376234623432373464393266316636376135333838616163323834383630653266663239343064
 34653332393462346439623131643433396662613433623732313466663533383435313334366539
 32643563643063663030383138376136626561613236666330633532616330356661666334646464
 64363432666364336162643033346164346234663866333438393264633037313361363733663437
 36613362373936303135373562393139316461363239363238653236323335323034303537323864
 38643466333230386439626566363262303038616232643432323465363833323263626266653764
 61653964393262613662306235666237653831313836326437306335376132636237353932616639
 62313835353931646566303165396532353734353362613065313362613231633634383763613334
 66616539303930326131376565663963623633633563313737393039643036383830386433306437
 66663831326465373039306562333130366164346536323065613530623033326131623733316533
 39346338333465616539376138383164663837613336343766613463313966326366653531346162
 65343666636534636439373966323461333161346630376362343266356430316465316630363338
 34303132656461366664363733326135393337353231313265313032623132613135383534346338
 34343665663931653362613038623464326235396433623863633739396664323136316663356364
 65323936633966306134363131613963613065383139303734333131316139623139663433623962
 39373465366535656266373031396332306237616566376362626434623066653366346465383830
 35646132386337656563386336616136646538343435626239653539623138336532343935336362
 65373531353535303463653663653563346636643564336438346464636137663138313030373465
 63353136353466383930303930623937643533366665303034333163376337613266643462613738
 66646430363030353537336661336437303635376537636336363632343766343138626633386137
 31666165653831333232376439326637613732656431303834626261613565653964303132336564
 35643633663338613537346465623562656639323433343862353237363063646562353731306463
 35333165386231393061623934323662343466626361393336656432656633326562663138373362
 63373439393832646663646564356461313266663733303463613434663738333365636365363432
 31313435343663396234323966616164383439353166616466623835636161363966643566626431
 34363538616263316332376436393865636462366532303363633235353435383661353931363536
 39333761616338333231373330633036616166646661633235633664616562636434623632376435
 34326131363962366366353132396535343338333334623335376662653939666266383033393533
 64663663306463346539343834313936633034333666383565613665326264616233383666393630
 34663131356138663333383963633264393366326635633165653538326163643062313730326639
 39633631373964636665363363363164353635383661636265326362333936666333306664626338
 34623238343062613230366362363133386332636663653131353163323938643138633365663930
 38633665336464346138656532353761323464623430323036306336653863386461663865396566
 62363134633139333066346665633135306164393463393832373665346465306665373439663635
 63376530643965343735303938623638376438393234396365646637356634393635636365313236
 30653036396534303834343866623832363532356234666631366231383637333365366664326132
 35656634373131303864393634343637316539343561646465393932336435326638303031633566
 39323237623664386565623133396265313038316536626636306232623039356630303638633536
 35643933393237646664396438383638316335366337633538313132393834376365343963353261
 32656535393037353137316466336664316666323739643233373531643036363261316437303661
 66623262373636653462306362333036623363313136333537363531333532666661316631343666
 35343961623731306338656564366639303264336532363965643930613637666135333834306664
 62643834373361663132303432373335646230636539393639363933613830303733323363316465
 37346261333531376566666466323131666639643361343466613936343036313863336564336464
 30643239303563356139633733613764386536326634393137653162303939613931656539353635
 31663238656133663330343663656365613466343937646265643666383062623031343734616362
 61633237663166363266393862393332623965383531323833316236633866316166623138616161
 38633865626531653734396665376163316439326639356261356531633962666363633836376461
 63326130326633306334636533336633303666353763366434653132653239366232326663636364
 35306638373033326233356464313136353766313531383464626462366664356138623166643531
 33303930663637393263383065376137656662316137316530616331613766616431393231633636
 35366461623366353763653734366235313832343736393165366563643636303764386466303730
 63653366666562663862643531646165366461316462643765363536353362373264346666653233
 34616333373034306534633161303834313937646264653433386335343534343165326632323332
 34306432613730356166363132663034323534313034353438336262643265363231643834386564
 31626166663765363436333933373639396637663261616365623433396132663837646130346432
 31636530353361643935396435343236326566653339643434613231376464366333663737316164
 33613336376438643232653934383266313165346265366166376638663062616636616533363530
 66616138653933373332323036656166373132656432653762396432356638356631323534313963
 39316566646330313364313163346666643131643164633664373761623631333738303735646133
 30393237326639623236363364326239613531376131343634353436376331663539376364353139
 65336566626634333665383133323766633630353536323961646434326165303262306335663565
 66373037633438333865616262636637383262316230626338326238633433353036653939316463
 63366435316237333037393937626366643831353432646263333735356632633438616162393663
 39653530326463393431633431666334303734356530383262643363663164303062333562343639
 39313036393637373835373130323939656265353861346162633966623937323334353262376236
 3132313233623863323430656665306565633438353263373837
--- a/secrets/vault.yml.text
+++ b/secrets/vault.yml.text
@@ -0,0 +1,253 @@
 openclaw_alice:
  http_nodes:
    NPM:
      account: openclaw
      password: wnHgM62DeWCz
      url: http://ai.cowbay.org:8181
    ftp_excenone:
      host: 66.45.244.235
      note: FTP (SSL/TLS available) account provided by Eric
      password: B3FWN8td
      service: ftp
      username: excenone
    gitea:
      url: https://gitea.cowbay.org
      account: openclaw@cowbay.org
      password: openclawOPENCLAW1!
      token: 6175f48f82a2708f2882b8b170f08294ae8afab5
    gmail_mc_ai_claw_agents:
      account: mc.ai.claw.agents@gmail.com
      password: qekyha5360QEKYHA5360
      provider: gmail
    google_ai_studio:
      api_key: AIzaSyCfr19UPwFlEJ1hSnV1uOYDsAgBDgqY6bM
      note: for Gemini / Google AI Studio testing
      platform: google-ai-studio
    librenms:
      account: alice
      api_key: aeb09cd2e66c385013be8b470fe4acd4
      auth: mysql
      email: alice@ntu.edu.rs
      note: LibreNMS API + UI account provided by Eric for ERP-DB disk usage check
      password: phow1aeV4ad)au6k
      url: http://192.168.100.2:8000
    linear:
      account: alice@ntu.edu.rs
      api_token: lin_api_m061e2U96xrd0rYLHsJDwKmIRQVyKKFEJ3vVZQYy
      url: https://linear.app
    maton:
      api_key: 3gJcxhUWqpmDd94QEi8SIjQw_j6DQTTpi8nLSbylpTou_wm_ZFfAfWC_KUAlvEMMFCea82548A8v_VAklhVwl3xvP4bp7YnO3xo
      service: maton-outlook-gateway
    ntu_webmail:
      url: http://mx.ntu.edu.rs:8025/webmail
      account: 
        - name: hermes@ntu.edu.rs
          password: uNi0lo7Vohz_aigh
        - name: alice@ntu.edu.rs
          password: qekyha5360QEKYHA%#^)
    outlook_alice:
      account: alice_mc_claw@outlook.com
      password: phow1aeV4ad)au6k
      url: https://outlook.live.com
    tavily:
      api_key: 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
      service: Tavily
    vertex_ai:
      platform: google-vertex-ai
      token: AQ.Ab8RN6L8qyV-5udTlUeLu-iMjGTmxUOscKwGWMWyUlKS7W_O_w
    multica:
      url: http://192.168.17.123:3004
      workspace_id: c0b7cb73-8f49-4ae6-904a-44d462213cde
      pat: mul_01d7722234218c999e2b573f11ffd4cf1016a930
      note: Multica self-host; PAT for API/CLI (revoke+rotate if exposed)
    image_host_excen_one:
      url: https://i.excen.one
      account: alice
      password: Atie=W2Uovahngae
      purpose: public image hosting for WordPress-visible assets
      api_token: MTc3NzI1MTI2MzYxNw==.Y2YzYWY0Mzc1Y2M3ZDIyMmQ0YTJmZjI0Ljg0M2FmNGE5Njk5YWU4YWY1OGIzNzQwNTBlMDI5NDI0YTRiZTJlNWUxMDEzZTQ0NWNkMzk5NTQ1NTRhNDhhY2NjODA3MDg2NTFmNThhOTE4MGU1ZGU3M2VmNzk0ZDM1Y2M5NmQ0MjEwM2VhMmU2ZGUyMjdlOGFmNzEwMzI4NDU4M2QuNGI5YThhNjlmYzhmMDFiOGRlNzNhNDg4NjMzNTQyZWQ=
    wordpress_cowbay:
      url: https://wp.cowbay.org
      account: alice
      password: dfDhT3EPiE4Nik*W0j3q7hIU
      purpose: WordPress site login / publishing target
      application_password: zyml YP9N goCe fqvb lYjp boPW
    HQS016_MSSQL_SERVER:
      type: mssql
      host: 192.168.100.16
      port: 1433
      database: application
      account: observer
      password: uy7pee5Thi)soo6e
      connection_string: Server=192.168.100.16,1433;Database=application;User Id=observer;Password=uy7pee5Thi)soo6e;Encrypt=False;TrustServerCertificate=True;
      readonly: true
      note: Read-only MSSQL observer account for application DB; key renamed from
        HQS014_MSSQL_SERVER to HQS016_MSSQL_SERVER after host was corrected to 192.168.100.16
        per Eric on 2026-04-27.
  ssh_nodes:
    ai:
      account: alice
      hostname: ai.cowbay.org
      public_key: /home/chchang/.ssh/openclaw_alice_ed25519.pub
    gitea:
      hostname: gitea.cowbay.org
      account: git
      public_key: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPHGz8BuT9vfZ2Z+fvuxfxHKoQdLlTdpZSYn3zFvuIj2
        openclaw-alice@A0411117
      private_key_path: /home/chchang/.ssh/openclaw_alice_ed25519
      public_key_path: /home/chchang/.ssh/openclaw_alice_ed25519.pub.pub
    gitea_for_alice:
      hostname: gitea.cowbay.org
      account: git
      public_key: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPHGz8BuT9vfZ2Z+fvuxfxHKoQdLlTdpZSYn3zFvuIj2
        openclaw-alice@A0411117
  cowbay_provider:
    base_url: http://ai.cowbay.org:8317/v1
    models:
    - gpt-5.4
    - gpt-5.3-codex
    api_keys:
    - sk-MFvBcto52ZiUxlz1V
    - sk-HPIwhEI0dXkc0y1oM
    - sk-mWOVHJhS0da5gxXbx
  infra:
    hqs_virtualization:
      summary: HQs virtualization/storage/backup environment provided by Eric on 2026-04-27.
        Contains ESXi01/02, guest OS inventory, vCenter, IBM FlashSystem 5045, Synology
        RS822+, and HP ProDesk auth host.
      esxi_hosts:
        esxi01:
          sn: J900PBC5
          ip: 192.168.100.41
          account: root
          password: root#DSC
          xcc:
            ip: 192.168.100.43
            account: USERID
            password: Dsc@52404664
          guest_os:
            hqs35:
              purpose:
              - ERPDB
              - EFDB
              os: Windows Server 2022
              windows:
                account: administrator
                password: dsc@52404664
              sql:
                version: SQL Server 2022
                account: sa
                password: dsc@52404664
              backup:
                sql_schedule: daily 00:00 backup all DBs to D:\SQLBACKUP
                sql_retention_days: 28
                synology_drive_client: installed
                nas_backup_schedule: daily 01:00 backup D:\SQLBACKUP and Conductor
                  directory to NAS ERPBACKUP folder
                nas_retention_days: 30
              resident_programs:
              - socket system controller
              - dispatch center
            hqs36:
              purpose:
              - ERPAP
              os: Windows Server 2022
              windows:
                account: administrator
                password: dsc@52404664
              resident_programs:
              - socket
            hqs37:
              purpose:
              - EFAP
              os: Windows Server 2022
              windows:
                account: administrator
                password: dsc@52404664
              resident_programs:
              - socket
              - electronic dispatch center
        esxi02:
          sn: J9014TRN
          ip: 192.168.100.42
          account: root
          password: root#DSC
          xcc:
            ip: 192.168.100.44
            account: USERID
            password: Dsc@52404664
          guest_os:
            hqs38:
              purpose:
              - B2B AP
              os: Windows Server 2022
              windows:
                account: administrator
                password: dsc@52404664
            hqs39:
              purpose:
              - B2B DB
              os: Windows Server 2022
              windows:
                account: administrator
                password: dsc@52404664
            hqs40:
              purpose:
              - Veeam virtual machine backup
              os: Windows Server 2022
              windows:
                account: administrator
                password: dsc@52404664
      vcenter:
        ip: 192.168.100.49
        account: administrator@vsphere.local
        password: Dsc@52404664
        notes:
        - vCenter created
        - cluster created
      storage:
        ibm_flashsystem_5045:
          sn: 7811DY9
          left_controller_ip: 192.168.100.45
          right_controller_ip: 192.168.100.46
          account: superuser
          password: Digiwin@123
          hardware: 1.92TB PCS SSD x2 RAID1 cache; 2.4TB x8 RAID6 main storage
          volumes:
          - 12TB
          - 500GB
      nas:
        synology_rs822_plus:
          ip: 192.168.100.47
          hardware: Synology 4TB x4
          management_account:
            account: nasadmin
            password: Dsc@52404664
          backup_account:
            account: bakaccount
            password: Dsc@52404664
          folders:
          - ERPBACKUP
      auth_host:
        hp_prodesk_400_g6_desktop_mini:
          ip: 192.168.100.48
          purpose: authentication host
          os: Windows 11 Pro built-in
          account: dsc
          password: dsc@52404664
          installed:
          - Guard Manager
          ports:
          - external-to-internal 6666
          - external-to-internal 6667
      licensing:
        csp: assigned to customer original account
 gitea:
  base_url: https://gitea.cowbay.org
  ssh_url_template: ssh://git@gitea.cowbay.org:2203/{owner}/{repo}.git
  account: openclaw
  email: openclaw@cowbay.org
  password: openclawOPENCLAW1!
  api_token: 6175f48f82a2708f2882b8b170f08294ae8afab5
  private_key_path: /home/chchang/.ssh/openclaw_alice_ed25519
  public_key_path: /home/chchang/.ssh/openclaw_alice_ed25519.pub.pub
Author	SHA1	Message	Date
hermes	758c395334	Add Twinkle Hub MCP secret	2026-06-03 08:12:57 +08:00
hermes	2955c97eea	Sync vault from vault.yml.text	2026-05-22 16:36:44 +08:00
hermes	209420f60d	Clarify zip password file diagnostics	2026-05-15 08:22:17 +08:00
hermes	0730eb1d01	Handle binary zip password files in installer	2026-05-15 08:18:07 +08:00
hermes	97d0e3960e	Document installer env variables	2026-05-14 21:03:48 +08:00
hermes	73bdbd7a20	Clarify env-first install docs	2026-05-14 20:31:58 +08:00
hermes	7fa14229a3	Add installer env preflight	2026-05-14 20:26:20 +08:00
hermes	525161dd0c	Add installer env configuration	2026-05-14 17:29:29 +08:00
hermes	1cd0bfb9f2	Add non-interactive vault pass install modes	2026-05-14 15:45:16 +08:00
hermes	ea1bb0979f	Improve vault password installer options	2026-05-14 15:15:10 +08:00
hermes	3a67b253d8	Document agent secret vault installation	2026-05-14 15:03:29 +08:00
hermes	c74aef7b7d	Rename HQS MSSQL secret to HQS016	2026-04-27 17:36:28 +08:00
hermes	c96299c204	Update HQS014 MSSQL server IP	2026-04-27 17:34:19 +08:00
hermes	ff75cced31	Add HQS014 MSSQL observer secret	2026-04-27 17:20:20 +08:00
hermes	a7729fac4e	Add HQS virtualization infrastructure secrets	2026-04-27 12:22:00 +08:00
hermes	b60841014c	Add WordPress application password	2026-04-27 09:30:38 +08:00
hermes	7478747b70	Add WordPress cowbay credentials	2026-04-27 09:23:02 +08:00
hermes	24b1982e1e	Add i.excen.one image host token	2026-04-27 08:55:32 +08:00
hermes	75dd33ef06	Add i.excen.one image host credentials	2026-04-27 08:54:05 +08:00
hermes	60ea4485aa	Add Multica self-host PAT/url/workspace_id	2026-04-26 13:49:14 +08:00
hermes	79b88a7c9d	Update Alice Gitea credentials and SSH key	2026-04-23 11:32:46 +08:00