gensokyo-zone/infrastructure
1
0
Fork 0
mirror of https://github.com/gensokyo-zone/infrastructure.git synced 2026-02-09 04:19:19 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions

Added private submodule. Started using secrets.

Browse source
This commit is contained in:
kat witch 2021-03-02 02:42:47 +00:00
parent e47deebca2
commit b0e4c31d6e
No known key found for this signature in database
GPG key ID: 1B477797DCA5EC72
6 changed files with 19 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

4
.gitmodules vendored Normal file
View file

@ -0,0 +1,4 @@
[submodule "config/private"]
path = config/private
url = "gcrypt::git@github.com:kittywitch/nixfiles-private#main"
branch = main

2
config/hosts/athame/nextcloud.nix
View file

@ -17,7 +17,7 @@
dbhost = "/run/postgresql";
dbname = "nextcloud";
adminpassFile =
"/var/lib/nextcloud/admin-pass"; # TODO replace this with proper secrets management
config.secrets.files.nextcloud.path; # TODO replace this with proper secrets management
adminuser = "root";
};
};

1
config/private Submodule

@ -0,0 +1 @@
Subproject commit 933f5058c9942bfd51812cd0beaaf9b61a8205b7

8
config/users/kat/default.nix
View file

@ -20,6 +20,10 @@
];
shell = pkgs.fish;
extraGroups = [ "wheel" "video" ];
packages = with pkgs; [
git-crypt
gitAndTools.gitRemoteGcrypt
];
};
home-manager.useGlobalPkgs = true;
@ -49,8 +53,12 @@
programs.git = {
enable = true;
package = pkgs.gitAndTools.gitFull;
userName = "kat witch";
userEmail = "kat@kittywit.ch";
extraConfig = {
protocol.gcrypt.allow = "always";
};
signing = {
key = "01F50A29D4AA91175A11BDB17248991EFA8EFBEE";
signByDefault = true;

4
lib/hosts.nix
View file

@ -1,4 +1,5 @@
{ pkgs, hostsDir ? ../config/hosts
{ pkgs, hostsDir ? ../config/hosts,
privateHostsDir ? ../config/private/hosts
, commonImports ? [ ../config/common ../modules ], pkgsPath ? ../pkgs }:
with pkgs.lib;
@ -12,6 +13,7 @@ rec {
_module.args = { inherit hosts profiles; };
imports = [
(import (hostsDir + "/${hostName}/configuration.nix"))
(import (privateHostsDir + "/${hostName}/configuration.nix"))
../modules/deploy
] ++ commonImports;
networking = { inherit hostName; };

2
todo.org
View file

@ -3,6 +3,8 @@
** TODO Move virtual machine config into nixfiles
** TODO Add dork.dev to mailserver
** TODO Set up proper user service for scream
** TODO Migrate non-PGSQL services to PGSQL
** TODO Gitea theme + resources overwrite - See PBB gitea
* Secrets handling