feat: add nougat-2 to pub.solar/infra branch #251
|
@ -188,11 +188,16 @@
|
||||||
path = self.pkgs.x86_64-linux.nixos.deploy-rs.lib.activate.home-manager self.homeConfigurationsPortable.x86_64-linux.barkeeper;
|
path = self.pkgs.x86_64-linux.nixos.deploy-rs.lib.activate.home-manager self.homeConfigurationsPortable.x86_64-linux.barkeeper;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
nougat-2 = {
|
nougat-2 = {
|
||||||
sshUser = "yule";
|
sshUser = "yule";
|
||||||
hostname = "nougat-2.b12f.io";
|
hostname = "nougat-2.b12f.io";
|
||||||
fastConnect = true;
|
fastConnect = true;
|
||||||
profilesOrder = ["system" "direnv"];
|
profilesOrder = ["system" "direnv"];
|
||||||
|
profiles.direnv = {
|
||||||
|
user = "barkeeper";
|
||||||
|
path = self.pkgs.x86_64-linux.nixos.deploy-rs.lib.activate.home-manager self.homeConfigurationsPortable.x86_64-linux.barkeeper;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
#example = {
|
#example = {
|
||||||
# hostname = "example.com:22";
|
# hostname = "example.com:22";
|
||||||
|
|
|
@ -15,8 +15,8 @@
|
||||||
''}";
|
''}";
|
||||||
};
|
};
|
||||||
in {
|
in {
|
||||||
age.secrets."hosting.de-api.key" = {
|
age.secrets."hosting.de-api-key.age" = {
|
||||||
file = "${self}/secrets/hosting.de-api.key";
|
file = "${self}/secrets/hosting.de-api-key.age";
|
||||||
mode = "440";
|
mode = "440";
|
||||||
group = "acme";
|
group = "acme";
|
||||||
};
|
};
|
||||||
|
@ -43,8 +43,8 @@ in {
|
||||||
isReadOnly = false;
|
isReadOnly = false;
|
||||||
};
|
};
|
||||||
|
|
||||||
"${config.age.secrets."hosting.de-api.key".path}" = {
|
"${config.age.secrets."hosting.de-api-key.age".path}" = {
|
||||||
hostPath = "${config.age.secrets."hosting.de-api.key".path}";
|
hostPath = "${config.age.secrets."hosting.de-api-key.age".path}";
|
||||||
isReadOnly = true;
|
isReadOnly = true;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
@ -1,7 +1,5 @@
|
||||||
{suites, ...}: {
|
{...}: {
|
||||||
imports =
|
imports = [
|
||||||
[
|
|
||||||
./nougat-2.nix
|
./nougat-2.nix
|
||||||
]
|
];
|
||||||
++ suites.nougat-2;
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -3,6 +3,7 @@
|
||||||
pkgs,
|
pkgs,
|
||||||
lib,
|
lib,
|
||||||
self,
|
self,
|
||||||
|
profiles,
|
||||||
fix-atomic-container-restartsModulesPath,
|
fix-atomic-container-restartsModulesPath,
|
||||||
...
|
...
|
||||||
}:
|
}:
|
||||||
|
@ -13,6 +14,11 @@ in {
|
||||||
imports = [
|
imports = [
|
||||||
./configuration.nix
|
./configuration.nix
|
||||||
|
|
||||||
|
profiles.base-user
|
||||||
|
profiles.users.root # make sure to configure ssh keys
|
||||||
|
profiles.users.barkeeper
|
||||||
|
|
||||||
|
|
||||||
./acme.nix
|
./acme.nix
|
||||||
./caddy.nix
|
./caddy.nix
|
||||||
./keycloak.nix
|
./keycloak.nix
|
||||||
|
|
21
secrets/hosting.de-api-key.age
Normal file
21
secrets/hosting.de-api-key.age
Normal file
|
@ -0,0 +1,21 @@
|
||||||
|
age-encryption.org/v1
|
||||||
|
-> ssh-ed25519 Y0ZZaw mpeEJ0Pmd9BR/HQ6tcY4H38pCNrel+8L6WgnPj77ByQ
|
||||||
|
UdF11WoYedaNjDwLhGplUlHYtAW9wSTLrf6BMSQGXa8
|
||||||
|
-> ssh-ed25519 BVsyTA V8CrvHHBOPuJE6xqdQlC+dLoc5CU625aysWOk8oS6Sw
|
||||||
|
jJtQYWFVhCwwBGpQph8WNKPNLWrXiJVJj05EY0PZFzw
|
||||||
|
-> ssh-rsa kFDS0A
|
||||||
|
QXSYUXN04FSQofXobqNcPEApTKsDcUJV6eXYpS+9HffRE1PDt5JKRXWMk+3RMw0Z
|
||||||
|
fBlWPBMmS4M/letqH3PHG1gFv6MFrGaddfJbZo4FYUzMNeT+Fh5ZWM2bQO6iczd9
|
||||||
|
WUYYKonOzgRd8Nwg3DAHxJ8zXzocHp6F+cAqnw4y1ou50erVDMEIQ+wc16R8yT3t
|
||||||
|
OEKfz2Vr8FadAsCw2JBqouwyvdM6bd/+AjnJZbFrIq/gKlgIe0KuSZK1lr08v2aL
|
||||||
|
Nbk0bykb83N22kIG7kecYuY9Tz/Jh0geotkti7MIcsLez6OQW0+IC9bDZ/Swl/Cb
|
||||||
|
oXJdrjRCZipD1PKGdxzyb+bXZHmk778kc9WHB8NRas8ICFcOS0Pu0JMjhEfU2rER
|
||||||
|
QQoYAmk1mmJGDW1DVv90VUb2RokpF6QuzgIjfJUi7R7JLPcahBvfJRa8gytC33OP
|
||||||
|
Nr733zR5NP06b3LMdjjUyiYyf0cyZG9Qxra8aN2kAlT/mHZe+v9m4piHrJ1b+j73
|
||||||
|
pyZPNa9w5AXl942fV5DbERRpXtP1kc3bO776All8X7ARy5GaHpHmvmEE1ooDhicS
|
||||||
|
iSvEm5c/BvgTBijXqsXk/SkIoFiLrGQ4wkTjNpeTsX25ghZc1W5gHrcDY7QtdDLz
|
||||||
|
RotNg5klu2XZR5mB7hFPUoXwGhwYc5l1mf05/2tEkVs
|
||||||
|
-> E>o)tKn-grease T9%P;\g
|
||||||
|
y6At0SwlBQ5jKI7Rj9ceRCqW3gH+b+7K0rLp0w
|
||||||
|
--- ABiFxl1ZHUSZJPkagpG0QNgvWeWrJsBtCvDImCQHULQ
|
||||||
|
a$£ÑÖt/³\“h”åÙPD߸AëÑy¦]ö¯p÷ÛF#HŒM%<25>gÝ3p)^ˆc~]Ú–ªPKÕÝ4:õ‚ê,cœF Ó5éƉÀ
|
20
secrets/hosting.de-api.key
Normal file
20
secrets/hosting.de-api.key
Normal file
|
@ -0,0 +1,20 @@
|
||||||
|
age-encryption.org/v1
|
||||||
|
-> ssh-rsa kFDS0A
|
||||||
|
MLbUT2OZ5uLq2uC4GdBNhQqrN8BjF3FibWT5NpfcL+ryr5wI1HfHnTINQR1SfcP6
|
||||||
|
e7YF2+lJXiI+Clp+V3/eG5mDMXo358lr1usQPo3AJp0L/F+ZXuYgXIYgp/H6CpX7
|
||||||
|
ztVM3BavlwvKibiFzpJVESIQW/aMp+fotTG5BBCzQ9P5ejpRCyBnw023VXG4bul6
|
||||||
|
kSBbjaclmXAB/kErB/CBrQX8khYzy/sPWMeyKfNpQNRebwHfwifSKtwvl9CrII0S
|
||||||
|
6UAK6oKhi+5heqCtn0t2ToY+Jo9ccMjf1tKuQkUkT9gxJqalYakK9Z/Cn1YjteS1
|
||||||
|
/QBE+pVNJYtqeND2kWoh7GDgHMN3RpSOZTTfLYWMatfwdZn78y5Qnri6GxKMMpcH
|
||||||
|
HJjFR3/u08sa5Z6QJN5ajMCze5QEVCfkbP7OUvdD77JagoR2TGphJXHWuHBBjNT0
|
||||||
|
67GnaVjtjBSkPc2wHaB9jXCLcpkYtx2JwvcYIBmyzu+uw3dVXekT54dXMckW04B9
|
||||||
|
2A+zH35yNX7cG1BdAaqXsj0q8XHLi+ZyyZBB/OSXFaz07JI8Uo7V17MU6N+yFCbn
|
||||||
|
UeIh82gingQU1+OBRSi1Qbee76RqRGOB9oJywxWYoj0tfCb5j+CW0UH18rKRCy1p
|
||||||
|
nbyIY2mp1pVMVnkv+UH5HDJZYTVt6H8HllKZcqy8tUQ
|
||||||
|
-> ssh-ed25519 cakP9w r7YM3I761Ly8mdPE5Aue4piOtU2WuBCX/ZkuODcC11E
|
||||||
|
+FGBvDNQiChuuYWGzo9lKiFGWtkGpd+h+zbi0fjR610
|
||||||
|
-> f(eo)$--grease = zT<uk K? Ijd3$!v
|
||||||
|
H/OGi9ibCTdNA59VlE4PWHH0sxeAehnSHPboQdGqc+mRBWhmyhuN0flH0lSc+Psq
|
||||||
|
NM0a5Cwz6j3FYrQDi2H20oFCLCaHNm4UDkzMhhL/0UYvgQ
|
||||||
|
--- OBqMSFnHs3uuRccjWbid3GxwdVDy+5rbWohAFal4HGM
|
||||||
|
¿Àä]y÷=¡0µÑYÒ†¢•÷jQ˜ZŸÓ€^þåÊBåò-$'mÄ…þÖ<C3BE>ݵ•ö:Rš/M{^–ƬDdzlFGo]ß`‚£›î¤D”î
|
|
@ -1,21 +1,20 @@
|
||||||
age-encryption.org/v1
|
age-encryption.org/v1
|
||||||
-> ssh-ed25519 Y0ZZaw 6Ab765r1KhdPSNomPyArPOa9EpOK1gJH1O/2ImGovDE
|
|
||||||
AbIsUHJvTypKJbOE3LuLFXYkIzfTXxRmiLFy91HzaUE
|
|
||||||
-> ssh-ed25519 BVsyTA tCs+TlkHQMbqgeN28U2aLo3luZNHRemLKbsqX8gOSWU
|
|
||||||
PU1JXT1JjKeSZ5cybTuq+WOipWWmqhHGLtEVHi1/8pg
|
|
||||||
-> ssh-rsa kFDS0A
|
-> ssh-rsa kFDS0A
|
||||||
TQbtZUL6l+DJxir6AVNUWMNPXrzJ6Ns3xb2C9s+lXsvlTlm834H8nt/JxJBCeRoH
|
DWQcu9+8Tt6PbnhhtjaEh4JwKckPzGp8T886OitKmT36ONeX1xm4rxUV1BlZJESH
|
||||||
ymH0PcXKHCk54iPypW5KqFRIwoDYBTi3t3fSqjyLQk4eFNBjByGy+IVAaF6dcS5y
|
bBUorgCjlVeNadhrvMH6f79iq84Itz3wFsRn3wtXTHPjyOjXKq3mBFCZchkNQXrQ
|
||||||
+pYwpZxgshv8u6iSEiRgLvqp0bIs/g/tPHowZ6ezlpyKOzh3+KRYK7e82dJFznwb
|
kAlHVSU4KxArWdDgxZlSDDjqVKUO2otOax0jQIrATyoyXxydv3IrY+I/QJNXyMVV
|
||||||
Q9V+PdWZJLqobbo4bmz7nT3qNlS75tpcVk2FAwsNB1pk3Q4ucbQb33eslSny93s9
|
TWWur2MjLfRtXf8pKhKHhZMGthOtnYRYJplR638hw4TQ0j4/7J34qcZZgNoo4pUY
|
||||||
DjGCQFOMCkSZwKk98jV8aV01Liu4+tgMty5Sb6+Ei/tt+4TvjlX3t6hl9kvCVQNn
|
FHO1xLqxdRzMiE5Kn7drhJ667QeEANZUr1sPjejXahMx/oYatpZ7YxDk2l8P4bcO
|
||||||
gXjc1y2FxfuwN7hTnFYM6QAwB4ETUPwsyqoOAzfFWzpQNpit+ZOtRMw42gcSkhA7
|
qAiQ5Z3h1wfhfhHJWLCXac9jBifZeMXXsi43lB7/A+8OCPPZbJam6ng9Nqi6q52S
|
||||||
RcyHeYGtQCeK+MKU9YaWZrDZjFjwpA7oxVkBGk6Xd6drVfw0tMurXpruuIzswo2Q
|
nCwY54c50mDp1iS8b8coBnVqr4JPA+mipy31KGmbysxjKRV7SovYuPq6xzGzL9gO
|
||||||
iwdSGNsyAmMAKIoAWrjyxuXodgAwii8JgLr93IfkEuOQ/izQQ5sJCFP4Q4pB/Svk
|
nAxpvwGuPShuKQMQ373u0NL5Fx3gnSwBpDax9Q8ZIvkn/iGIjntQj8IaDDXUtOUg
|
||||||
8yG62fflaJ6epTn2uEBD9EDqlNCGpDwNwdBnASdpcSCeooCqcqDIHpk0VJly+HiQ
|
6r3wQD8m8C54q8hdOeb8dvDTb8YkXJGumikOwx04KhhX/MJbIMpwSmhZGHdCY44v
|
||||||
VyxpD+3ZfaguUkiVC44oxAkQocitj8ypNmuGqphG+1ReN4ew8xi74f0WWq4lxkY4
|
qhTQcnudnPUskTZsenY4pw9LOdzuVeLqGL2359qvw8w8KTNtZfeif0xCpWBKMOw8
|
||||||
DieriNG+NG4JS7SgUTz5ZStYbOuIJJ/n82TcejWkJGM
|
F3wdYRaowGp0Hqi1wb+mKtiz4Tyx93crkflrpxs5hT8
|
||||||
-> dqJ?-grease .CNJ%TkE
|
-> ssh-ed25519 cakP9w m4+f1g38ZLRWqO1eKOSnu/0wJ+ou4j/4VgR8IJhh9Bc
|
||||||
D6Hq2UnwetlWfmLWLcijubdNB2uJNjRRIw
|
1MkqVLAk5hZyyvjVSU7ScIitGkIiQlCl7oxJCBw7xmE
|
||||||
--- +wyqgdU3ahUepcqy53z01275bJE6CadK4+yXH0bSvuI
|
-> Bp=k^MJA-grease
|
||||||
ò¡ˆœÃ¿ÆV-j‘^/u˜»¼y{ŽÊ‹”Ášj¾Éø 7@¡øâhõ´©‘$†p«·íÜ—Q˜Ý'k œ£äz•<>š#ö:¦<>„‚àˆ·,¿4v}1š<C5A1>Ðr¥Áüje›V
|
iP4iWQsV1F2QEiShf0j9AhCUq+SXOxQ
|
||||||
|
--- d1wE82sM45YxhJkxchil/8TFhZMjyDVSySvgS6BQCck
|
||||||
|
dV¿ÏQ“rJ8¿ýörøg(¤âì‡
|
||||||
|
êiàŽfï6O¸#ßãõWj,ÌÛdq—<xŸòOÑŒ^}-p9<70>`B
|
|
@ -23,4 +23,5 @@ in {
|
||||||
"mailman-core-secrets.age".publicKeys = deployKeys;
|
"mailman-core-secrets.age".publicKeys = deployKeys;
|
||||||
"mailman-web-secrets.age".publicKeys = deployKeys;
|
"mailman-web-secrets.age".publicKeys = deployKeys;
|
||||||
"mailman-db-secrets.age".publicKeys = deployKeys;
|
"mailman-db-secrets.age".publicKeys = deployKeys;
|
||||||
|
"hosting.de-api-key.age".publicKeys = deployKeys;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue