servius/dotfiles
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

feat: Deploy nextcloud

Browse Source
This commit is contained in:
uttarayan21
2024-11-20 17:14:34 +02:00
parent b56d9b148a
commit dc124ceceb
4 changed files with 50 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
.sops.yaml Normal file
View File

@@ -0,0 +1,11 @@
# This example uses YAML anchors which allows reuse of multiple keys
# without having to repeat yourself.
# Also see https://github.com/Mic92/dotfiles/blob/master/nixos/.sops.yaml
# for a more complex example.
keys:
- &servius age1pw7kluxp7872c63ne4jecq75glj060jkmqwzkk6esatuyck9egfswufdpk
creation_rules:
- path_regex: secrets/[^/]+\.(yaml|json|env|ini)$
key_groups:
- age:
- *servius

7
nixos/mirai/configuration.nix
View File

@@ -11,6 +11,13 @@
]; ];
security.sudo.wheelNeedsPassword = false; security.sudo.wheelNeedsPassword = false;
sops.defaultSopsFile = ../../secrets/secrets.yaml;
sops.defaultSopsFormat = "yaml";
sops.age.keyFile = "/home/fs0c131y/.config/sops/age/keys.txt";
sops.secrets."nextcloud/adminpass" = {
owner = config.users.users.nextcloud.name;
};
# Use the systemd-boot EFI boot loader. # Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.canTouchEfiVariables = true;

10
nixos/mirai/services.nix
View File

@@ -17,7 +17,17 @@
enable = true; enable = true;
package = pkgs.nextcloud30; package = pkgs.nextcloud30;
hostName = "cloud.darksailor.dev"; hostName = "cloud.darksailor.dev";
config.adminuser = "servius";
config.adminpassFile = config.sops.secrets."nextcloud/adminpass".path;
configureRedis = true;
}; };
services.nginx.virtualHosts."${config.services.nextcloud.hostName}".listen = [
{
addr = "127.0.0.1";
port = 8080; # NOT an exposed port
}
];
services.caddy = { services.caddy = {
enable = true; enable = true;
virtualHosts."music.darksailor.dev".extraConfig = '' virtualHosts."music.darksailor.dev".extraConfig = ''

22
secrets/secrets.yaml Normal file
View File

@@ -0,0 +1,22 @@
nextcloud:
adminpass: ENC[AES256_GCM,data:v9WXJ3Ig5NcWd+02P8VnaNkMy2yfEQ==,iv:LfS0avmRZfjdqjNE69h7L90ePzzdmtP57X+0U1vAMvs=,tag:Dq90tfGAUyqzTW3oM96IRg==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1pw7kluxp7872c63ne4jecq75glj060jkmqwzkk6esatuyck9egfswufdpk
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBaQi9GRXpvUmVtdXJ3aitF
M2tLc1ZwS21yRlZnMlN4cjNuRWZWK2dWWFNBCmRVdGk3US91VUlQL0t0TEFPNU03
RVYwYUd3bkw3WmcxMHFUSWxqME0vMmMKLS0tIGFINWlBZDV3cWhEN2JOTXZweWZI
VGZKdHpVeFRpQUxtSEkyaEhLMlBJcGsKLb0DvPNZosPBUuiX6qz1s5IO5INQh8CK
ZtXTVClwMSmaUYhdSB2gKFrKVZHXTJZ4oAL5t/BpC0pOHyr+o96T3Q==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-11-20T14:43:08Z"
mac: ENC[AES256_GCM,data:j7sIw6/cKbNSRXSjAxZsDvIe5ZPnZ5YioGno33E0WWNYPohj9YtEwzi8ik59aynzSIQf3Usj76c2QMqwgjAFuaVIK5E3ASPGF2Tq4CAczNPPu3q1Kl1ZfEOGNd2nb0t3Zi0EKNE68BRCTAHJw5+UzDEDhPct1QrVlq8MfZSO494=,iv:bLNaaxnZlx8Ffvf9ohcMPDhe1jqGofL91DX1dwUHi2c=,tag:gb0aDWJFC3LX9HkaLoUgZg==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.9.1