diff --git a/nixos/klipper.nix b/nixos/klipper.nix index 603d1be3..94b7103e 100644 --- a/nixos/klipper.nix +++ b/nixos/klipper.nix @@ -5,7 +5,8 @@ enable = true; octoprintIntegration = true; mutableConfig = true; - configFile = "/var/lib/printer.cfg"; + mutableConfigFolder = "/var/lib/moonraker/config"; + settings = {}; }; }; } diff --git a/nixos/moonraker.nix b/nixos/moonraker.nix index 9d38775b..acc7b3e3 100644 --- a/nixos/moonraker.nix +++ b/nixos/moonraker.nix @@ -2,6 +2,13 @@ inherit (config.services) motion; inherit (gensokyo-zone.lib) domain; in { + sops.secrets = { + moonraker_cfg = { + sopsFile = ./secrets/moonraker.yaml; + path = "/var/lib/moonraker/config/secrets.conf"; + owner = "octoprint"; + }; + }; services = { moonraker = { enable = true; @@ -9,6 +16,7 @@ user = "octoprint"; port = 7125; # it's the default but i'm specifying it anyway settings = { + "include secrets.conf" = { }; octoprint_compat = { }; history = { }; "webcam printer" = { @@ -24,7 +32,7 @@ in "https://kitchen.local.${domain}/${toString camera_id}/stream"; snapshot_url = let inherit (motion.cameras) printercam; - inherit (printercam.settings) camera_id; + inherit (printercam.settings) camera_id; in "https://kitchen.local.${domain}/${toString camera_id}/current"; aspect_ratio = "16:9"; }; diff --git a/nixos/secrets/moonraker.yaml b/nixos/secrets/moonraker.yaml new file mode 100644 index 00000000..61f028c5 --- /dev/null +++ b/nixos/secrets/moonraker.yaml @@ -0,0 +1,138 @@ +moonraker_cfg: ENC[AES256_GCM,data:zoL9QcPYhalVMcVLqZK08mC0yisVbWpA0QKfMX4yY1QfQ8Q/FWAOVquUoqvv550hBkiL8+2VwLka1LKxITExWQQsqg8HgUyIPO7hz+Iq2gsX6lBUucAGU0QC4ju+D8juSQ2TKQqLrbSmiGa2hBIjzhzTA6qnlf85fsriE2PMC9BlKHkW62fICsmkpvONqNY8h5F10kKTSh+PoEYVjNoOlIQACFSGOYMWW5aJj5LP79gtp100U5SQm2pxW5BsVwo2j/ROMxfNop+BjDjQ80AfGqOA10TZzA/m0Opb+7RmJnSHO9yNRW9VCy8M9Jmrzv0WzWB4d49B+SccU4Q+k4Aeo4HF1TJudtQ=,iv:efuXPhZnQktivSvdIc31pnw8WINEl2JBu/XcjOo7hg4=,tag:vXk+PhQwJ1AbYe8FhrVRqA==,type:str] +sops: + shamir_threshold: 1 + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age12ze362pu5mza6ef9akrptr7hfe4auaqul4rkta7kyy2tnrstqensgmujeq + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVUWVZd1EwNGZhSU9ReVkz + NjJRMzljOXNKVWkwdHpVMVNzUzBlVUJuSEdNCkgwOU1BR2w4U01lWGRZOFJPaXhK + UFludWo3S2l4eFdNRWxpTmhmVitrbzQKLS0tIFNtOXhyUHE5Rk1kVGE2QUFNU2Vo + VE9yeWptYm5tdDVRR3pTYm0yUHlVb1UKAkSDklaSZdkj6wnwyuV0iAMuurIGCn2M + mhodRypQ7oUR4eZXl3EBI2c30wNsumrxlbjCexL7irF8PGv5tI22nQ== + -----END AGE ENCRYPTED FILE----- + - recipient: age176uyyyk7veqnzmm8xzwfhf0u23m6hm02cldlfkldunqe6std0gcq6lg057 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBmWisvR2JXOXlWQXRodDRk + Y0tPOFM1MnJoVHBQTmVwZFkwandhcGYycVZFCkNTQ29WZkFqOW5BTVJrYmtKK2Zy + TmQxSkkyT3RlRjFjd3pMY3RHdDRISjgKLS0tIFFUdm10anJDK3J5dUJqMXZGaThJ + c2JBUnRVS0NCUGMyeFExeWFNdHpQRFkKKxTZ6otK0IjDscE7mmNW5789JOQI+hhy + A0sNyELYui6eYeicjEwo2fXzBTc520q9WnkzUKC8oSkjRBx4E9/ZnA== + -----END AGE ENCRYPTED FILE----- + - recipient: age15hmlkd9p5rladsjzpmvrh6u34xvggu9mzdsdxdj3ms43tltxeuhq4g7g9k + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGbXlJUkNLa3k4MVJDcHZa + KzFQd2hUSnRnOFJJbGJiVFU5MVdZT0VYdGhRCjB3Uks3Y2t6VVBTYkRLL2FZbldl + SXJ3aWNidyt3VkJyYlF4dERxTDBZYkkKLS0tIEZUYWRhN2xmNTRXNDFtUEdCVjUw + YkZBTUdsUlBTb2VJcVhUUkpxVlVyVFkK240zMRp9xbBtZtZo7OYox61GC5jMluK6 + niWvzPb32ST/tqEYMKYyBcxYniMA/YMzlmG89bSdH4jejBYmE6PN1w== + -----END AGE ENCRYPTED FILE----- + - recipient: age10t6kc5069cyky929vvxk8aznqyxpkx3k5h5rmlyz83xtjmr22ahqe8mzes + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBheGxqRHZQbzdCUGRVYXVL + bFFTZk11dko3bmZmdVk0WVpIQTcyTXEzTlc4Cnc3Z2REZDc0OGpKdE9hSW9ERVhO + RFEyMEFwVGtNbDFZZzZKaEtHcUxWbTgKLS0tIEhLY1RScFVySFcxL09MS2w1TUtT + VHBJVDB3OW5oZXV6OTREaEc5T1UzVDAKjCZtZH6qD7sG8RD4hxa9fx/TRNHiRWKp + C/OrG70IXxllNwxvN1+jONptWfywxHS20jpjAwUYVU2g7Ip93+9UKg== + -----END AGE ENCRYPTED FILE----- + - recipient: age1a2quf2ekkj94ygu7wgvhrvh44fwn32c0l2cwvgvjh23wst90s54szdsvgr + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBFdVA4M2VDcUs2RVNKVlYx + RkZmU1RHSFI0bHNpOUs3U1Bra2daeE5ucEdVCm1nMXI0OVp3OXAxbUFrM1hSWHNP + dkw5Qkt2ODJQcXc4NXdEYWlVWG83Tk0KLS0tIDlyWFpyTVQ4bDRaRjg1Q2ticEtk + dm1CQzZTSW5sNXFkM2ZwaHZmenkxa3MKagLoUsCcTa2XwYwpOznUVa4RmlKfBbC1 + Rh2kQ5EVQIH9Tw+tY/eo3kdzzMRDCDonIFaRf5A1UUFqq/QxpQ/eVw== + -----END AGE ENCRYPTED FILE----- + - recipient: age16klpkaut5759dut8mdm3jn0rnp8w6kxyvs9n6ntqrdsayjtd7upqlvw489 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWb3BzMXg1Nlo3RzUxQ01W + ZEgvMmJWQ25yKzdtYkVUK25qOGs4M2VQcjJjCkw3dURLa29FMzY4WWJlYUFwdHpW + dDRldk53RG9CRUhXN0pNcVBtb2Z0V28KLS0tIFNmaXhZbVFnTzkrZGN1TW9CM05T + NHA4MDl6cnJSY09pZkNUN0Q2QXpRbTgKqVJ3IhOcNDwjOYihK/P0FCqAPShbxGTm + vmNfypKSiNgMYjP/AlUnhG+2GvwA4yDkD5KGh0ijdr6MCIlgBurICA== + -----END AGE ENCRYPTED FILE----- + - recipient: age13qgddr326g5je0fpq2r3k940vsr3fh9nlvl9xtcxk3xg2x0k3vsq7pvzaj + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBoUWtaZ1NQb2F5VUJFYk40 + eSttYTV1SnZOdzY4akV5N2VhT0QwZ2NjSkJnCkQwMFhOcE5zMU5ISnllV3dOU3h6 + VFYydVJLcFBnZjlGbTdsRUNYRG55VFEKLS0tIDhLZEloajMvakVoOWJKaHpxUElG + cUt1N2FUbEtla3JIRUNITXRIbDk3bE0KS76j71709HT0zTVlo1vWrSrjLK2uXpq3 + 1WJ7F8tGfGpCEBl7THft7CHZkQy1CDEqUWu/0hc64rgCUkguAn2qQA== + -----END AGE ENCRYPTED FILE----- + - recipient: age1ktmx2szedfnpe5xumnzs8vkk0ffqgga6ved3drtksg9pye6ndsnsnqq488 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkWUc2K1BuVnJKVlhnUnpu + a3lWa0liWXNkS0t4V251cCtRT2M0V2RHdWxrCmNRUW1uYnkwWXZkVDRoUWdEZ1Vu + UE5WQUhLdHoxZ0JuMW10QWxJM2Jaa0kKLS0tIFNPeWc3aEZDR3pKWk0zdFRhZVBU + TU81aVAxcVZNMi9oK0NvZndrQmNYeDAKGlGSe94RVhfk5exRWv7hSEm28DEXdG1Y + Es042bKntIxXE4EDhbBDRES0nP/B1TFkjicjhMalQXI/2pX6/j+xqQ== + -----END AGE ENCRYPTED FILE----- + - recipient: age1fjcafp0j45sz03zq5srnxyq2mujndmn25vceg3wj2cgzymqm73ssmhdgku + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXQnFGOHBMdUpCYmZBdkR5 + OWpXcEdJNXg3dGE0V1NjMW56c2g1bmhwYmtrCkJTYWVkdzU0NVplcGM0dWxhd08r + elhyMUJCeXA1NDJoZGY5QW4xOENza1kKLS0tIEg0RjRZU2V0b1FMaVZObmhETC9j + eW9zMmhkZ1dKY1pZT1dJU0s1cUVoL0UKhxGjnavRD236CQ3rH5rL9BjnmEOF+C1S + qVOduid3kKCOdSjYXuFIsdllsGwp2Hx29pSiyxkV8QDw9EGgBvZM/Q== + -----END AGE ENCRYPTED FILE----- + - recipient: age1tkkau8vk5h9dh3kemash4eghn7lk84j0hhpmvvf7j6phgcsm9vmsphv0py + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVY29PTStxYkJ4SVBWT3ZF + emJESTZRem03WFQrOWZjRmh6cEVKUDVoemhBCjJVa2lQRHU1TFY1b1NFOERrNHZR + aEE2T2g0SStwNE5xbEM5RUM0Qm9jM00KLS0tIER4UFdRazlZSE1LOU1UL3hlc1hU + UDZWWTd0c1VOTmhPaGZ6NHNXTVZxK28KFkJMsdYFfTJDwmgywhl6uj6oSqAsiSCk + rzFV2k8DnbF8oCGISO5/jP2M2YYkWQOLsam1i1Qm0+G2iqjZKw4XIw== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-08-08T20:35:55Z" + mac: ENC[AES256_GCM,data:v08cQPUZBKz+PuecgcQdMb2nZvFgRhn3jdMWmwhRE5ThR8lvD43jBTbPtwqpibw2rNIW97UjXCzxuyXpOfimcqDV0yai36MaudAfG6vuvfSLT0KYZ0jZ1zvEBWwqRSgrNbQJJWT/pfYMxoWgSwEsnvYGVib6da3vuEG/Y61zc0Y=,iv:jAm/Y4zA2j3TkMr1WtKfyPm2aGa9aiHaMszglfmcSsU=,tag:XortGMIyiJWttQ6Gt1Fr/Q==,type:str] + pgp: + - created_at: "2024-08-08T19:27:10Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hQIMA82M54yws73UAQ/+MvAlOZv7GlvYNnGpYKLoJnYtbuu8OhYiEVHXmqCL/PJ3 + rHSlxEgYGVi11J7sqcOpyb14DzHg9Nu+ZwRD8ikdbUPPvcfhYqcDJdM1wveCiXsD + JRCMvBUhpO5HgYB26hGIIKxhrTFR2FVINSHzGOlicBou4OB0lVbpNY+XBl8nKCoa + cdkqF+qVT7vsAEtl4qB0CzklFNnX32DXeFqnLS8Pydv2N7gKyb+dBNGsYGfVPCXY + 18UOoE5fjeM5S9X1W+BXgqO+51J2vxXLuimgAUqgNaJ2Eo97Z3G0SHWa5KZRQ3EN + U8CzkASWL+QnVArjTzKjrBhJrh2webnC08LEzD/J5t7/buXx7lIZ66JywRR1EoXW + y0+iSQKrhgXlMfOJMtgiNOVuuEvEA/cgBYVNLDJVOdg3Amqsvvf0/nIy76SViHeE + wK9q0BeR0FZFNnDrpRmCdCwFWGVJKWa+U1bI6AYxLFqcDeCqhs+LyH7duGIVkFhJ + Gy5F9fhGFKLlBnd6fwceR1tmYdWMPjX6E6YayR3MZwIRMvnE87p32F4yQ8dBPQ+a + d2/BZlKb0kHb102z9SkQLgf9+FSEZ3ZdPEJW4v4Z84IKrFbIcUz4mjxIrlWwHMMh + sOOaljdkZZXvu+eD55NEj5DtpJc+lNWz51Vilevq+W8vdnlLJ6WA9/id8YxKpgzS + XgFmohrBLnhsctCxS9Ct6QqZmP7ZwiF5fNpWwZp9dgjXHi7sty8BP2NH1NoRWQHV + EUr/RxGQST4vkd1G4UJYWR7Pd6KvLriWX1nQqVEUvpEZ4LDKA0dD3Rl0Sl/ybTI= + =+ErV + -----END PGP MESSAGE----- + fp: CD8CE78CB0B3BDD4 + - created_at: "2024-08-08T19:27:10Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hQEMA2W9MER3HLb7AQgAlb4Qh31IzHhAyx+TebwgYerChh5NbhVtZfxv8shyb/Em + b9LXp5WkBitLZC2/awSujr8YpAx/msVigy0dCBAtywwnlfMtoOVDYg9KaHRDYqO8 + cfRFfZnAA5AyqaZeXP3+tsn6hvQuJwP3xVMW157smDOdGf6L1Kv8Nixy9ZKLuIGG + 43mylZ99CDbcF1QZH6H+Jvexn/HvRhZvo4fUjf28IveCyqw/rmHbFZNZGYv1qp3V + tqIYmxx0ZBW+HNEgacQUUERzHI5bSBe+yMOf6gJSewANCpCZozqq3Oh/iMSVHtJT + bRo68Lf+8i9+xf02Ex+P4Czl9H2k5nD/RoBiPsDsqNJeAWCs/0XJx1OxrZ4GuobJ + WLBwHN/GRGoaB4RvGKStlp9lMDWSZRuPa+gS2rCeGhQTuDeUQdcgZ3VWe5pAWWK5 + xuGlXNFEluvnYnGW9Eyo6XD4TisPcwpgRlqqtrrM8A== + =dCPU + -----END PGP MESSAGE----- + fp: 65BD3044771CB6FB + unencrypted_suffix: _unencrypted + version: 3.9.0