Update flake lock
This commit is contained in:
parent
4ebf3b291f
commit
cab3b9b7b3
3 changed files with 48 additions and 12 deletions
|
@ -6,11 +6,11 @@
|
||||||
"nixpkgs": "nixpkgs"
|
"nixpkgs": "nixpkgs"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1690528331,
|
"lastModified": 1690530040,
|
||||||
"narHash": "sha256-5FTIFs4QbXJ/wq/Q4y0//111HVTKR1jG0sG/m/KuXjQ=",
|
"narHash": "sha256-xuEvYkll4AB++/aatW3x8eXCsv9Kz7rujfOK3uzxTIQ=",
|
||||||
"ref": "refs/heads/master",
|
"ref": "refs/heads/master",
|
||||||
"rev": "0bf3b9073f33a06c7c12f97f7123a2728b996a0d",
|
"rev": "8aab004307252563e0b2c8de55e13bdf9891c892",
|
||||||
"revCount": 61,
|
"revCount": 63,
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "ssh://gitea@git.lyte.dev/lytedev/api.lyte.dev.git"
|
"url": "ssh://gitea@git.lyte.dev/lytedev/api.lyte.dev.git"
|
||||||
},
|
},
|
||||||
|
|
|
@ -2,13 +2,19 @@
|
||||||
# your system. Help is available in the configuration.nix(5) man page
|
# your system. Help is available in the configuration.nix(5) man page
|
||||||
# and in the NixOS manual (accessible by running 'nixos-help').
|
# and in the NixOS manual (accessible by running 'nixos-help').
|
||||||
|
|
||||||
{ pkgs, inputs, ... }: {
|
{ config, pkgs, ... }: rec {
|
||||||
nix.settings.experimental-features = [ "nix-command" "flakes" ];
|
nix.settings.experimental-features = [ "nix-command" "flakes" ];
|
||||||
imports = [
|
imports = [
|
||||||
# <sops-nix/modules/sops>
|
# <sops-nix/modules/sops>
|
||||||
./beefcake-hardware.nix
|
./beefcake-hardware.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
|
services.api-lyte-dev = {
|
||||||
|
enable = true;
|
||||||
|
port = 5757;
|
||||||
|
configFile = sops.secrets.api-lyte-dev.path;
|
||||||
|
};
|
||||||
|
|
||||||
sops = {
|
sops = {
|
||||||
defaultSopsFile = ../secrets/beefcake/example.yaml;
|
defaultSopsFile = ../secrets/beefcake/example.yaml;
|
||||||
age = {
|
age = {
|
||||||
|
@ -17,6 +23,15 @@
|
||||||
generateKey = true;
|
generateKey = true;
|
||||||
};
|
};
|
||||||
secrets = {
|
secrets = {
|
||||||
|
api-lyte-dev = {
|
||||||
|
sopsFile = ../secrets/beefcake/api-lyte-dev.json;
|
||||||
|
format = "json";
|
||||||
|
path = "${services.api-lyte-dev.stateDir}/secrets.json";
|
||||||
|
mode = "0440";
|
||||||
|
owner = services.api-lyte-dev.user;
|
||||||
|
group = services.api-lyte-dev.group;
|
||||||
|
};
|
||||||
|
|
||||||
example-key = {
|
example-key = {
|
||||||
# see these and other options' documentation here:
|
# see these and other options' documentation here:
|
||||||
# https://github.com/Mic92/sops-nix#set-secret-permissionowner-and-allow-services-to-access-it
|
# https://github.com/Mic92/sops-nix#set-secret-permissionowner-and-allow-services-to-access-it
|
||||||
|
@ -201,11 +216,6 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
services.api-lyte-dev = {
|
|
||||||
enable = true;
|
|
||||||
port = 5757;
|
|
||||||
};
|
|
||||||
|
|
||||||
services.smartd.enable = true;
|
services.smartd.enable = true;
|
||||||
services.caddy = {
|
services.caddy = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
26
os/linux/nix/secrets/beefcake/api-lyte-dev.json
Normal file
26
os/linux/nix/secrets/beefcake/api-lyte-dev.json
Normal file
|
@ -0,0 +1,26 @@
|
||||||
|
{
|
||||||
|
"DISCORD_BOT_TOKEN": "ENC[AES256_GCM,data:oRMz8tyyFO/ztTUQTjz+X4VLPJDkpDM8Jn6gCbvZk4FzDHpHI784msX3UPGJFE9ZbvVc5etpXYTMeCQ=,iv:Q0LqiD3+2U48LLb91yrC/hXdXf1jS+Dq7xEtq9qwhAo=,tag:rsNykECJ15SskVOnQxrONg==,type:str]",
|
||||||
|
"DISCORD_OWNER_USER_ID": "ENC[AES256_GCM,data:ImAA85aKgOwdoLSdXTJ6Fodd,iv:1DjAgq5OU56kee6PMRjsHOVCEcQ7XZ3HAWMv51A+OnY=,tag:KfjwuZuWKGOjD2Zi/V1zMw==,type:str]",
|
||||||
|
"OPENAI_TOKEN": "ENC[AES256_GCM,data:mM0D+UXD0cu45gfEeLKaJioHcJ8lM5TA1ao+IzYHdGc8L1IBNiKN+/D8rkr6wFwrpBQQ,iv:99UAkefC+PlAU5bJILQExZAoHR48RhMvvMVJbXRyIwE=,tag:NLYoaJcjFRsjGwmwu37qwA==,type:str]",
|
||||||
|
"sops": {
|
||||||
|
"kms": null,
|
||||||
|
"gcp_kms": null,
|
||||||
|
"azure_kv": null,
|
||||||
|
"hc_vault": null,
|
||||||
|
"age": [
|
||||||
|
{
|
||||||
|
"recipient": "age1stdue5q5teskee057ced6rh9pzzr93xsy66w4sc3zu49rgxl7cjshztt45",
|
||||||
|
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWdXdGQ1Y4UHMzdnpNQ2tJ\nQzNTNHpCN3JyRVdPTmYwQ0ZSQ1E1czZMVnkwCnc0M2ZXbHVscWJIYXA3ejArMTB3\neXZnYWV3b1Q5VzlrRWFMbUVmb3pLNVEKLS0tIGtXVGYrTnh4dCtvVWdVd21VZWQr\nOEdSZk5CYXJDUHBwbFhIZW1Ob0dQU00K7Vc9lRZAljJ4HjHyQqcj82wIRT4MMkuV\n9105iqIbCLW+3Jc9BQkDgq6lIdZ62xhuHMa0vycvD/DOKJuyUwerAQ==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"recipient": "age1k8s590x34ghz7yrjyrgzkd24j252srf0mhfy34halp4frwr065csrlt2ev",
|
||||||
|
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB5WWpXeFR6YVZDcXkxcTUz\nbm9KTkF6bVhybDJYR3RuNVlScit2eHAxNmdBCnlPZzB3azA1Nzlhbm84N1czNDZJ\ndjdpdkcvRVgzcTg0UnBOdmo0bnB5eFUKLS0tIFVNZzk3WlEwQTNrVUtFZU5YM2Q3\nRmZDUUw4eHBOZXpwN3B2SDlXZmtPT2sKCgvPtxgRehJmfz4b1qIQLauwh8SddVK3\ndAtU8W5UcNYiDd8de2is2mxzcuNzvD3R0BorrO1SSpulQSdPj6gabw==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"lastmodified": "2023-07-28T07:39:26Z",
|
||||||
|
"mac": "ENC[AES256_GCM,data:IfjCRLyAPQpMMGqDLFxkw/McYdWeNwVayvcMhzU6XDnC79LFYhUcAw2927pnHawezS6qI1Aaj5rY8eT93MZ5K3Gk1JW0S/wuitmUGvOT0VaRbVskqd9VFgg/5bcFntfpKUDgwmvs7vfDfdFY0v0S2cAQ5nP9GAkcet4+stCYzOM=,iv:CqMhU52vSdhL9jOnaD3mZ2tmo8c3u4dOvr9qsZY/v0U=,tag:wnmTTnW2iq5dowoTROICcA==,type:str]",
|
||||||
|
"pgp": null,
|
||||||
|
"unencrypted_suffix": "_unencrypted",
|
||||||
|
"version": "3.7.3"
|
||||||
|
}
|
||||||
|
}
|
Reference in a new issue