servius/dotfiles
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

feat: Use mirai as substituter

Browse Source
This commit is contained in:
uttarayan21
2024-11-22 20:27:10 +05:30
parent 5a1729328e
commit f26456606b
9 changed files with 62 additions and 60 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
nixos/mirai/configuration.nix
View File

@@ -10,15 +10,13 @@
./services.nix
];
security.sudo.wheelNeedsPassword = false;
sops.defaultSopsFile = ../../secrets/secrets.yaml;
sops.defaultSopsFormat = "yaml";
sops.age.keyFile = "/home/fs0c131y/.config/sops/age/keys.txt";
sops.secrets."nextcloud/adminpass" = {
owner = config.users.users.nextcloud.name;
};
sops.secrets."llama/user" = {
owner = config.services.caddy.user;
sops = {
defaultSopsFile = ../../secrets/secrets.yaml;
defaultSopsFormat = "yaml";
age.keyFile = "/home/fs0c131y/.config/sops/age/keys.txt";
secrets."nextcloud/adminpass".owner = config.users.users.nextcloud.name;
secrets."llama/user".owner = config.services.caddy.user;
secrets."builder/mirai/cache/private" = {};
};
# Use the systemd-boot EFI boot loader.
@@ -35,6 +33,7 @@
build-users-group = nixbld
extra-nix-path = nixpkgs=flake:nixpkgs
builders-use-substitutes = true
secret-key-files = ${config.sops.secrets."builder/mirai/cache/private".path}
'';
gc = {
automatic = true;

52
nixos/mirai/services.nix
View File

@@ -8,36 +8,32 @@
factorio-headless
];
sops = {
secrets = {
"authelia/darksailor/jwtSecret" = {
owner = config.systemd.services.authelia-darksailor.serviceConfig.User;
};
"authelia/darksailor/storageEncryptionSecret" = {
owner = config.systemd.services.authelia-darksailor.serviceConfig.User;
};
};
# secrets = {
# "authelia/darksailor/jwtSecret".owner = config.systemd.services.authelia-darksailor.serviceConfig.User;
# "authelia/darksailor/storageEncryptionSecret".owner = config.systemd.services.authelia-darksailor.serviceConfig.User;
# };
};
services = {
authelia = {
instances.darksailor = {
enable = true;
settings = {
# server = {
# address = "unix:///run/authelia/authelia.sock";
# };
# session.domain = "auth.darksailor.dev";
access_control = {
rules = {
};
};
storage = "local";
};
secrets = {
jwtSecretFile = config.sops.secrets."authelia/darksailor/jwtSecret".path;
storageEncryptionKeyFile = config.sops.secrets."authelia/darksailor/storageEncryptionSecret".path;
};
};
};
# authelia = {
# instances.darksailor = {
# enable = false;
# settings = {
# # server = {
# # address = "unix:///run/authelia/authelia.sock";
# # };
# # session.domain = "auth.darksailor.dev";
# access_control = {
# rules = {
# };
# };
# storage = "local";
# };
# secrets = {
# jwtSecretFile = config.sops.secrets."authelia/darksailor/jwtSecret".path;
# storageEncryptionKeyFile = config.sops.secrets."authelia/darksailor/storageEncryptionSecret".path;
# };
# };
# };
tailscale = {
enable = true;
};