feat: Secure endpoints for llama and ollama with api keys

2024-11-29 16:56:39 +05:30
parent 4b2b3f9858
commit c94ca8bc6d
4 changed files with 87 additions and 42 deletions
--- a/nixos/mirai/configuration.nix
+++ b/nixos/mirai/configuration.nix
@@ -18,11 +18,18 @@
    secrets."nextcloud/adminpass".owner = config.users.users.nextcloud.name;
    secrets."llama/user".owner = config.services.caddy.user;
    secrets."builder/mirai/cache/private" = {};
+    secrets."llama/api_key".owner = config.services.caddy.user;
    secrets.users = {
      sopsFile = ../../secrets/users.yaml;
      format = "yaml";
      key = "";
    };
+    templates = {
+      "LLAMA_API_KEY.env".content = ''
+        LLAMA_API_KEY=${config.sops.placeholder."llama/api_key"}
+      '';
+      api_key_env.owner = config.services.caddy.user;
+    };
  };

  # Use the systemd-boot EFI boot loader.