lytedev
/
dotfiles
Archived
1
0
Fork 1
Code Issues Pull Requests Releases Wiki Activity

Plausible on?

This commit is contained in:
Daniel Flanagan 2023-07-28 16:25:21 -05:00
parent d0fbcf4374
commit 1bbd5ace05
Signed by: lytedev
GPG Key ID: 5B2020A0F9921EF4
2 changed files with 13 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
os/linux/nix/machines/beefcake.nix
View File

@ -56,6 +56,10 @@
owner = services.api-lyte-dev.user;
group = services.api-lyte-dev.group;
};
plausible-admin-password = {};
plausible-erlang-cookie = {};
plausible-secret-key-base = {};
};
};
@ -316,9 +320,8 @@
services.clickhouse.enable = true;
services.plausible = {
enable = false; # TODO: enable this and fix access? probably need a proper secrets management system that integrates with nix (sops-nix?)
# otherwise we can probably chown these files to a group that plausible has access to for reading
releaseCookiePath = "/root/plausible-erlang-cookie";
enable = true;
releaseCookiePath = sops.secrets.plausible-erlang-cookie.path;
database = {
clickhouse.setup = true;
postgres.setup = true;
@ -327,12 +330,12 @@
baseUrl = "http://beefcake.hare-cod.ts.net:8899";
disableRegistration = true;
port = 8899;
secretKeybaseFile = "/root/plusible-secret-key-base";
secretKeybaseFile = sops.secrets.plausible-secret-key-base.path;
};
adminUser = {
activate = true;
email = "daniel@lyte.dev";
passwordFile = "/root/plausible-admin-password";
passwordFile = sops.secrets.plausible-admin-password.path;
};
};

7
os/linux/nix/secrets/beefcake/secrets.yml
View File

@ -8,6 +8,9 @@ example_number: ENC[AES256_GCM,data:AifVPuuPnEw2lQ==,iv:/L/vG2znNlM35u4ZGM31bweT
example_booleans:
- ENC[AES256_GCM,data:GD3U7Q==,iv:ahTK9d6m8lQkjd2sS9Yo6V3EyFWoyEbeQG6Uke4hF40=,tag:rykfnfaLz39V+SJbomu5Zw==,type:bool]
- ENC[AES256_GCM,data:hK/CtTQ=,iv:EFXdBumvMKdaXdd97vUBIMKIaw1rMfUt+/irkRZGc4Y=,tag:JofhZ5SS+jzRe6WJmP34Xg==,type:bool]
plausible-admin-password: ENC[AES256_GCM,data:dC9olypZgMLdPOsmjthOaa/fMLtbGBlF9A==,iv:GU2ccj10TKQ0KW9b9X9AgYnvhS/wMVqYTyxr6Xt50Gk=,tag:ypQ0VtutVD8wgdfm40QZkw==,type:str]
plausible-erlang-cookie: ENC[AES256_GCM,data:zhmC+D6EjIE8Rw91lIrMqY0QIazTX1e1jBzcZJP/76B9VvHWZ5bCkP1+KdfCY0lk3wIEq5vRfb8=,iv:RNNjlV3OFtXn1N0a5fEb/3FWzcHX19wtCLMdaVlKNJ0=,tag:8iU5oFVbzd0eMe5Mo1PiAw==,type:str]
plausible-secret-key-base: ENC[AES256_GCM,data:ylakPGzY4S9640krl0fxYgm0Getf0+I7zthyTqTD/IpVhz5xgYBYx3Y2lSNa9Oi9yQ7+f9OdOBC6nc7n6MuUBg==,iv:YLPax/cRjMdIFti26gJd8COKr+3jXNZ7HCA5VvQVyAo=,tag:LHqYi590oEIp1IihLcFTtw==,type:str]
api.lyte.dev: ENC[AES256_GCM,data:14C5GQ41m/g7qHPzxlYoWjKWDOcm7MEDkuSofiuLfRNc/nji61t1eDbKX3d+SQL1UBchJFoBrWrUxnf0mUERhED1196z8vUq2jKEkcqKCAUS3soECInlb8zcxTcxaTFjYSjp1vUBdAn05AqLsF+hh9Bsm4fMQYjnHEZke9EmPZhuTlUdZa4eLv3+L3xAPHk2QIHQhdsjcTjGAZRMZOgTEcCvtGlb5pQuo11XmR2JzwzOXMC51WFDeOIWMAdO80yQBAdILso7rp1Nts/lwF0Bc9t7bNdHyoVTOA==,iv:jWGqUpXOTb/O972qXOqeX0EMFQLDKwaNHBqlpuGrZOk=,tag:uwB/jlAgESkLZ+vJ/OeV0A==,type:str]
sops:
kms: []
@ -33,8 +36,8 @@ sops:
b0lTRjVCMU9ELzdvbFBJZ0tHbGtsYkEKLEcXCEikC3T3hfVOYKtWcNSGmfg28y+f
nGC4dQh9EciEbk1ZBbN3i6YSNULDoMSH172KBmRyt1ogr1ZPyCNqtg==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-07-28T18:18:23Z"
mac: ENC[AES256_GCM,data:1jsXTfH2XFdm+99XBkZ6Esy8FCQuVYb1khA+iESLdGcQqrkHq5uRBsYD151BcMq7bCz/NDJPzvYx1gdKk1BqWrecfvfbpLZTfySF0LyXkZkGZwiP1Z54NMiFZ5Qp3jLYkwn1le5BPAFYcv8q3qeXCHmoxlCHAbzbvaMzlGhqLcE=,iv:wHEZqC75m+my0g/KUP2oTZMagsSIoXc/cgRp0MF1PyY=,tag:Z9C6Nkqvibw3voAk4l6qAA==,type:str]
lastmodified: "2023-07-28T21:11:56Z"
mac: ENC[AES256_GCM,data:V/Gdc3LEwlNlfSqUzQFHFmtJQVaQ5wGXZmzoBpwHzhyHQpEkezHBwhq4XTCuXH5XPpjmWvih/dAbOn9EBA6gvPSX1DB0j/JvHvK9b8+BpjlL4xtnYaBql2eQgCWLKqzZMGCnbwONWi+1sjowK1ac4zPnXhEr52EIES31hV8KHKU=,iv:4NzQxve+iKhRcQVxfXbDsQz1sBU+pnm9x/HQnv2TLgc=,tag:zLYKf+tEUsXApNdc1hLjhw==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.7.3