xun/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

port hopper back (partially)

Browse source
This commit is contained in:
xunuwu 2024-11-10 13:47:58 +01:00
parent 1352f012bb
commit 9e955a6386
Signed by: xun
SSH key fingerprint: SHA256:Uot/1WoAjWAeqLOHA5vYy4phhVydsH7jCPmBjaPZfgI
10 changed files with 560 additions and 68 deletions
Download patch file Download diff file Expand all files Collapse all files

39
systemProfiles/secrets/hopper/default.nix
View file

@ -1,6 +1,6 @@
## TODO use defaultSopsFile mayb
_: {config, ...}: let
autheliaUser = config.services.authelia.instances.main.user;
# autheliaUser = config.services.authelia.instances.main.user;
in {
sops.secrets = {
wireguard = {
@ -19,7 +19,7 @@ in {
slskd = {
format = "binary";
sopsFile = ./slskd;
restartUnits = ["podman-slskd.service"];
# restartUnits = ["podman-slskd.service"];
};
cloudflare = {
format = "binary";
@ -36,48 +36,51 @@ in {
restartUnits = ["podman-betanin.service"];
};
# lldap_jwt_secret = {
# sopsFile = ./lldap.yaml;
# key = "jwt_secret";
# owner = "lldap";
# };
#
# lldap_user_password = {
# sopsFile = ./lldap.yaml;
# key = "user_password";
# owner = "lldap";
# };
transmission = {
format = "binary";
sopsFile = ./transmission;
};
"lldap/jwt" = {
sopsFile = ./lldap.yaml;
owner = "lldap";
};
"lldap/password" = {
sopsFile = ./lldap.yaml;
owner = "lldap";
};
# authelia
authelia_lldap_password = {
format = "yaml";
sopsFile = ./authelia.yaml;
key = "lldap_password";
owner = autheliaUser;
# owner = autheliaUser;
};
authelia_jwt_secret = {
format = "yaml";
sopsFile = ./authelia.yaml;
key = "jwt_secret";
owner = autheliaUser;
# owner = autheliaUser;
};
authelia_session_secret = {
format = "yaml";
sopsFile = ./authelia.yaml;
key = "session_secret";
owner = autheliaUser;
#owner = autheliaUser;
};
authelia_encryption_key = {
format = "yaml";
sopsFile = ./authelia.yaml;
key = "encryption_key";
owner = autheliaUser;
#owner = autheliaUser;
};
authelia_storage_password = {
format = "yaml";
sopsFile = ./authelia.yaml;
key = "storage_password";
owner = autheliaUser;
#owner = autheliaUser;
};
brawlstars-api-key = {

11
systemProfiles/secrets/hopper/lldap.yaml
View file

@ -1,5 +1,6 @@
jwt_secret: ENC[AES256_GCM,data:C5TnV7d/qdgiX+J/K7vsKXuZ6atsrEwwbr189c7kURHH5bK3xW0BBw3p+MGS6RAQBK9+SN7t5k4uWlEm9Ekm5wDbgt10/WXerC1ZNacxbcSlB7i+w/Fne+g2d6vg7SwC7wpgH0nBmWSAnCmOdDlXOO6NYQ1zL8apCN99Z2M4SVQ=,iv:DzkZjX8+stqZxzNjcgl+uWR142bAdfeQd3RyByHzOE4=,tag:7tbciVbRuLRt8/1q2NRlAw==,type:str]
user_password: ENC[AES256_GCM,data:IuBlcthybynSI4AJpJ7nZFOgzbH5v4ucKxEO7fe65M1hak33gX7uQSFMRcj9gJAh/E8h87VudQkpxWC6+RKW/w==,iv:WJrvL2RhmoWCaqAjK7nn98Js/TXOL/3oeVADoOt9Vr8=,tag:JcQeKs0O+exoWCG5m/EFtQ==,type:str]
lldap:
jwt: ENC[AES256_GCM,data:/s7dTCwufcURfCEm7dUyo8sstQjN/0592xkw4I/Qt35xYXPEWL6RSuYe2epJ8SRDTH6JZtak0YvSnsE02Edauy9dPmP8CA/Sl3YzQsoMe5LfGrpcP4a5CdlInXKuUUFmecaAO5vufCPaLliATsWDzPo6AY8D21leqdxY8QRa9oE=,iv:Tq9v4sQyzw3leMGD9syL9/Jdoxu/66c3SHRD583uqzc=,tag:miGWl1G57gWWjNRbEcVfAw==,type:str]
password: ENC[AES256_GCM,data:Y4TCgSOl+LiOHSzLseX8HeuyreOwGfa9LWrTcf3CGbr70RKgef5si+A3qi4vTJa9Ft/+smHoLd9eCH2Ti9kR1w==,iv:934juRr049XQEz4UG41ZNHyvq7qTyTzTiKRm+bbxkv0=,tag:NCnB0FMOOama8dm7wEv3AQ==,type:str]
sops:
kms: []
gcp_kms: []
@ -24,8 +25,8 @@ sops:
WFgzK1BpVks3YmcxT3gxYzl3eHpySFEKJwsayqczYl2bFViRTWlP1p2OomPA1NnE
EKU51AINXIYfnNaXzMKWEj52yoVLvtKiA/rdJeVVOOopwD+qa/lRkw==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-10-01T04:00:12Z"
mac: ENC[AES256_GCM,data:9mu/knvioQT4y7WGdRjDvfeZxYgNb3TnNnDWOIALN6sqNhs8cI8Q+ussNny9zTygRN/LsS4cvhGypqxZ48CT4YyIKxJ2Xuf32Ho+ojh65a4Kabe3CjklLaAnj//MXnvpUtEXFGKlTiyKi/JxHaQLOaeZBeMv1yfYKuo0hjdzlho=,iv:KR2UMbNmsyxa8TEv6lwTJlqc3Qe81DaTTVtzSZRZyik=,tag:B3Hvr1RRGDrxROylhUuFxg==,type:str]
lastmodified: "2024-11-08T18:13:26Z"
mac: ENC[AES256_GCM,data:XArGpA+g2rBudPew1FlVbe+u3hfrqfsTpCb+u6a5MDp3+ro6EUXytnuUJRS3PpsmfJ6PfzmM4q2QHa5qjTnqt3G4DXtenrb2zVixiSykE4qBwr2Jj07aDqG0/8fDQskAkP868EhTjJ+/3KQ3MyNLoaoWEISGN8ryLjM/ASHxD5s=,iv:LrqLod4yS3H1QYRozZv+sEKzigtaMGnLb1UfWdvoSEs=,tag:HoxUl6oOOjKRpyPt86CGxA==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.9.0
version: 3.9.1

24
systemProfiles/secrets/hopper/transmission Normal file
View file

@ -0,0 +1,24 @@
{
"data": "ENC[AES256_GCM,data:r/cojq4Krb+3JeDL+5P5wUlpehJHCRYR2fUAnGJoGSFMi2jMxQ4/rasSqZJlNxisReusu2cECUZT3LpjzUFZONsHQtHs0iC+xWMVZasJwxnWu62vLxQoJhTb/2EvnTKpV47WhAJeiaeVbFURKVCST6Z6xET/0kFxFB92iVFLIFWMfByMBMq34+xW41+fboOLA5vsWyNTcIQC2fVKc7wyi8Iq0ge+yAONm3QA2Qd24psuC5Dv,iv:sLLbYhE6tshYZo2HWGzNNmcDxb0ziPsDg+lsX6G92Ds=,tag:VRslfMCy1/GNGJ3vG9d+aQ==,type:str]",
"sops": {
"kms": null,
"gcp_kms": null,
"azure_kv": null,
"hc_vault": null,
"age": [
{
"recipient": "age17pdqkpfh6kc6wm7gxzdnwf6vphlwddv9yfpdu3j76e24y3amd9tq3avfc8",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJNVpReEZBb0tsT0QyczBv\nTVVTcEdaN0hoTUY5ZWhEU2NWcjlEa0VsOUdVClFONjhncXduNEdaWlBFTUF4TUFU\nWVJmQTN5dmV2dGJkenZVaXMrbWxuZW8KLS0tIGEveFBPc0hrS3FvVFdTZGQ2TW1r\nS3NWNTBFbGtJYlpnTUNUN1IrMTZKd3MKBtEbUpRAfnbyyXXOLDIvEd7aQaKKWvqh\n8z/s5a/yWGdh4VB90FRZol8Te0Ahu3hYBWiaUWE8dELeAb0Joakm0A==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age15mgf89h220puhz48rjpwxwu4n2h4edur60w6cd8gku2hh4e5kqpsghvnyw",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5dGh1VmFjM0FqRlEzMUoy\nblVscWNHQWkzTmVDV2hEaU9NNGtIOE5CbkRJCjcvTXdIaElqMmNrY2Q0RThUNWZr\ndDJvZzVVU01mUGJoR004MnRmZ2ZHKzgKLS0tIHUxSHJLc3RBWXdBT2pXU0lNZjVS\nSDdMeVppSkR5UXYyY0pUMVFjbllvVncKAp62v5o/vMgrbygJ1+5QWriRNbrdel5x\nPJAikvtzttEotMSVBww1Qj9T9H+NxfywqMT3PleZLeixz0eSr8vBAw==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2024-11-08T12:20:18Z",
"mac": "ENC[AES256_GCM,data:yjPmnEZOLT63kPaf8I634/QNHIoz76/KbrcbqlbxhageGf49vHSmoQabA+nZ+X0e4QKYJamP2w03SHaTkBiAWPibmy4DxIxaZONGDNZyB0kXwgQHVMJS4ioYitPlzkOxuuNA0YywJ0zfQr2UL7f8Pnjv5Ce9fJX1ywfNGZ2SJXg=,iv:Pew7Icme84LO5cwtVkUJ4wVF0mwJiNrlT6ulKHCb8/o=,tag:/98B67+gAEMM/BKWLULPfQ==,type:str]",
"pgp": null,
"unencrypted_suffix": "_unencrypted",
"version": "3.9.1"
}
}