treewide: move nixos modules
This commit is contained in:
parent
d84be7c616
commit
8eff4c5e4f
73 changed files with 62 additions and 62 deletions
|
|
@ -137,7 +137,7 @@
|
|||
lanzaboote.nixosModules.lanzaboote
|
||||
nixos-mailserver.nixosModules.default
|
||||
nix-index-database.nixosModules.nix-index
|
||||
./modules
|
||||
./modules/nixos
|
||||
];
|
||||
darwinModules = [
|
||||
agenix.darwinModules.default
|
||||
|
|
|
|||
|
|
@ -128,7 +128,7 @@
|
|||
};
|
||||
};
|
||||
|
||||
age.secrets."passwords/users/charlotte".file = ../../secrets/passwords/users/charlotte.age;
|
||||
age.secrets."passwords/users/root".file = ../../secrets/passwords/users/root.age;
|
||||
age.secrets."passwords/users/charlotte".file = ../../../secrets/passwords/users/charlotte.age;
|
||||
age.secrets."passwords/users/root".file = ../../../secrets/passwords/users/root.age;
|
||||
};
|
||||
}
|
||||
|
|
@ -17,5 +17,5 @@
|
|||
setSendmail = true;
|
||||
};
|
||||
|
||||
age.secrets."passwords/services/ssmtp-pass".file = ../../../secrets/passwords/services/ssmtp-pass.age;
|
||||
age.secrets."passwords/services/ssmtp-pass".file = ../../../../secrets/passwords/services/ssmtp-pass.age;
|
||||
}
|
||||
|
|
@ -87,7 +87,7 @@
|
|||
};
|
||||
|
||||
age.secrets."passwords/networks.age" = {
|
||||
file = ../../../secrets/passwords/networks.age;
|
||||
file = ../../../../secrets/passwords/networks.age;
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
@ -130,11 +130,11 @@ in
|
|||
};
|
||||
};
|
||||
age.secrets."files/wireguard/psk" = {
|
||||
file = ../../../secrets/files/wireguard/psk.age;
|
||||
file = ../../../../secrets/files/wireguard/psk.age;
|
||||
owner = "systemd-network";
|
||||
};
|
||||
age.secrets."files/wireguard/${config.networking.hostName}.privkey" = {
|
||||
file = ../../../secrets/files/wireguard + "/${config.networking.hostName}.privkey.age";
|
||||
file = ../../../../secrets/files/wireguard + "/${config.networking.hostName}.privkey.age";
|
||||
owner = "systemd-network";
|
||||
};
|
||||
};
|
||||
|
|
@ -9,7 +9,7 @@ in
|
|||
environment.systemPackages = [ phone-push ];
|
||||
|
||||
age.secrets."files/services/phone-push-url" = {
|
||||
file = ../../../secrets/files/services/phone-push-url.age;
|
||||
file = ../../../../secrets/files/services/phone-push-url.age;
|
||||
owner = "charlotte";
|
||||
};
|
||||
}
|
||||
|
|
@ -35,10 +35,10 @@ in
|
|||
home-manager.users.root = { ... }: (base "/root" "root");
|
||||
home-manager.users.charlotte = { ... }: (base "/home/charlotte" "charlotte");
|
||||
age.secrets."files/programs/ssh/host_configuration_charlotte" = {
|
||||
file = ../../../secrets/files/programs/ssh/host_configuration.age;
|
||||
file = ../../../../secrets/files/programs/ssh/host_configuration.age;
|
||||
owner = "charlotte";
|
||||
};
|
||||
age.secrets."files/programs/ssh/host_configuration_root" = {
|
||||
file = ../../../secrets/files/programs/ssh/host_configuration.age;
|
||||
file = ../../../../secrets/files/programs/ssh/host_configuration.age;
|
||||
};
|
||||
}
|
||||
|
|
@ -18,12 +18,12 @@
|
|||
};
|
||||
|
||||
age.secrets."authorized_keys/root" = {
|
||||
file = ../../../secrets/authorized_keys/root.age;
|
||||
file = ../../../../secrets/authorized_keys/root.age;
|
||||
path = "/root/.ssh/authorized_keys";
|
||||
symlink = false;
|
||||
};
|
||||
age.secrets."authorized_keys/charlotte" = {
|
||||
file = ../../../secrets/authorized_keys/charlotte.age;
|
||||
file = ../../../../secrets/authorized_keys/charlotte.age;
|
||||
owner = "charlotte";
|
||||
path = "/home/charlotte/.ssh/authorized_keys";
|
||||
symlink = false;
|
||||
|
|
@ -44,7 +44,7 @@
|
|||
environmentFiles = [ config.age.secrets."passwords/services/telegraf-env".path ];
|
||||
};
|
||||
age.secrets."passwords/services/telegraf-env" = {
|
||||
file = ../../../secrets/passwords/services/telegraf-env.age;
|
||||
file = ../../../../secrets/passwords/services/telegraf-env.age;
|
||||
owner = "telegraf";
|
||||
};
|
||||
}
|
||||
|
|
@ -35,7 +35,7 @@
|
|||
}];
|
||||
|
||||
age.secrets."passwords/services/accentor" = {
|
||||
file = ../../../secrets/passwords/services/accentor.age;
|
||||
file = ../../../../secrets/passwords/services/accentor.age;
|
||||
owner = "accentor";
|
||||
};
|
||||
};
|
||||
|
|
@ -66,56 +66,56 @@
|
|||
};
|
||||
|
||||
age.secrets."data-access/ssh_host_rsa_key" = {
|
||||
file = ../../../secrets/data-access/ssh_host_rsa_key.age;
|
||||
file = ../../../../secrets/data-access/ssh_host_rsa_key.age;
|
||||
path = "/run/data-access/ssh_host_rsa_key";
|
||||
symlink = false;
|
||||
};
|
||||
age.secrets."data-access/ssh_host_rsa_key.pub" = {
|
||||
file = ../../../secrets/data-access/ssh_host_rsa_key.pub.age;
|
||||
file = ../../../../secrets/data-access/ssh_host_rsa_key.pub.age;
|
||||
path = "/run/data-access/ssh_host_rsa_key.pub";
|
||||
symlink = false;
|
||||
};
|
||||
age.secrets."data-access/ssh_host_ed25519_key" = {
|
||||
file = ../../../secrets/data-access/ssh_host_ed25519_key.age;
|
||||
file = ../../../../secrets/data-access/ssh_host_ed25519_key.age;
|
||||
path = "/run/data-access/ssh_host_ed25519_key";
|
||||
symlink = false;
|
||||
};
|
||||
age.secrets."data-access/ssh_host_ed25519_key.pub" = {
|
||||
file = ../../../secrets/data-access/ssh_host_ed25519_key.pub.age;
|
||||
file = ../../../../secrets/data-access/ssh_host_ed25519_key.pub.age;
|
||||
path = "/run/data-access/ssh_host_ed25519_key.pub";
|
||||
symlink = false;
|
||||
};
|
||||
age.secrets."data-access/password_file" = {
|
||||
file = ../../../secrets/data-access/password_file.age;
|
||||
file = ../../../../secrets/data-access/password_file.age;
|
||||
path = "/run/data-access/password_file";
|
||||
symlink = false;
|
||||
};
|
||||
age.secrets."data-access/readonly_password_file" = {
|
||||
file = ../../../secrets/data-access/readonly_password_file.age;
|
||||
file = ../../../../secrets/data-access/readonly_password_file.age;
|
||||
path = "/run/data-access/readonly_password_file";
|
||||
symlink = false;
|
||||
};
|
||||
age.secrets."data-access/authorized_keys" = {
|
||||
file = ../../../secrets/data-access/authorized_keys.age;
|
||||
file = ../../../../secrets/data-access/authorized_keys.age;
|
||||
owner = "charlotte";
|
||||
path = "/run/data-access/data_authorized_keys";
|
||||
symlink = false;
|
||||
};
|
||||
age.secrets."data-access/readonly_authorized_keys" = {
|
||||
file = ../../../secrets/data-access/readonly_authorized_keys.age;
|
||||
file = ../../../../secrets/data-access/readonly_authorized_keys.age;
|
||||
owner = "1001";
|
||||
group = "65534";
|
||||
path = "/run/data-access/readonly_authorized_keys";
|
||||
symlink = false;
|
||||
};
|
||||
age.secrets."data-access/create_torrent" = {
|
||||
file = ../../../secrets/data-access/create_torrent.age;
|
||||
file = ../../../../secrets/data-access/create_torrent.age;
|
||||
owner = "charlotte";
|
||||
path = "/run/data-access/create_torrent";
|
||||
symlink = false;
|
||||
};
|
||||
age.secrets."passwords/services/data-basic-auth" = {
|
||||
file = ../../../secrets/passwords/services/data-basic-auth.age;
|
||||
file = ../../../../secrets/passwords/services/data-basic-auth.age;
|
||||
owner = "nginx";
|
||||
};
|
||||
};
|
||||
|
|
@ -32,7 +32,7 @@ in
|
|||
timers.garmin2influx.timerConfig.RandomizedDelaySec = "30min";
|
||||
};
|
||||
age.secrets."passwords/services/garmin2influx-env" = {
|
||||
file = ../../../secrets/passwords/services/garmin2influx-env.age;
|
||||
file = ../../../../secrets/passwords/services/garmin2influx-env.age;
|
||||
owner = "charlotte";
|
||||
};
|
||||
};
|
||||
|
|
@ -62,23 +62,23 @@
|
|||
};
|
||||
|
||||
age.secrets."passwords/services/git/initial-root-password" = {
|
||||
file = ../../../secrets/passwords/services/git/initial-root-password.age;
|
||||
file = ../../../../secrets/passwords/services/git/initial-root-password.age;
|
||||
owner = "git";
|
||||
};
|
||||
age.secrets."passwords/services/git/db" = {
|
||||
file = ../../../secrets/passwords/services/git/db.age;
|
||||
file = ../../../../secrets/passwords/services/git/db.age;
|
||||
owner = "git";
|
||||
};
|
||||
age.secrets."passwords/services/git/jws" = {
|
||||
file = ../../../secrets/passwords/services/git/jws.age;
|
||||
file = ../../../../secrets/passwords/services/git/jws.age;
|
||||
owner = "git";
|
||||
};
|
||||
age.secrets."passwords/services/git/otp" = {
|
||||
file = ../../../secrets/passwords/services/git/otp.age;
|
||||
file = ../../../../secrets/passwords/services/git/otp.age;
|
||||
owner = "git";
|
||||
};
|
||||
age.secrets."passwords/services/git/secret" = {
|
||||
file = ../../../secrets/passwords/services/git/secret.age;
|
||||
file = ../../../../secrets/passwords/services/git/secret.age;
|
||||
owner = "git";
|
||||
};
|
||||
};
|
||||
|
|
@ -51,7 +51,7 @@
|
|||
storageDriver = "zfs";
|
||||
};
|
||||
age.secrets."passwords/services/gitlab-runner/registration" = {
|
||||
file = ../../../secrets/passwords/services/gitlab-runner/registration.age;
|
||||
file = ../../../../secrets/passwords/services/gitlab-runner/registration.age;
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
@ -82,15 +82,15 @@
|
|||
};
|
||||
};
|
||||
age.secrets."passwords/services/grafana/smtp" = {
|
||||
file = ../../../secrets/passwords/services/grafana/smtp.age;
|
||||
file = ../../../../secrets/passwords/services/grafana/smtp.age;
|
||||
owner = "grafana";
|
||||
};
|
||||
age.secrets."passwords/services/grafana/admin-password" = {
|
||||
file = ../../../secrets/passwords/services/grafana/admin-password.age;
|
||||
file = ../../../../secrets/passwords/services/grafana/admin-password.age;
|
||||
owner = "grafana";
|
||||
};
|
||||
age.secrets."passwords/services/grafana/secret-key" = {
|
||||
file = ../../../secrets/passwords/services/grafana/secret-key.age;
|
||||
file = ../../../../secrets/passwords/services/grafana/secret-key.age;
|
||||
owner = "grafana";
|
||||
};
|
||||
};
|
||||
|
|
@ -152,15 +152,15 @@ in
|
|||
'';
|
||||
|
||||
age.secrets = {
|
||||
"passwords/services/mail/charlotte@vanpetegem.be".file = ../../../secrets/passwords/services/mail/charlotte_at_vanpetegem.be.age;
|
||||
"passwords/services/mail/hallo@robbe.be".file = ../../../secrets/passwords/services/mail/hallo_at_robbe.be.age;
|
||||
"passwords/services/mail/huis@vanpetegem.me".file = ../../../secrets/passwords/services/mail/huis_at_vanpetegem.me.age;
|
||||
"passwords/services/mail/noreply@vanpetegem.me".file = ../../../secrets/passwords/services/mail/noreply_at_vanpetegem.me.age;
|
||||
"passwords/services/mail/peter@vanpetegem.me".file = ../../../secrets/passwords/services/mail/peter_at_vanpetegem.me.age;
|
||||
"passwords/services/mail/postbot@vanpetegem.be".file = ../../../secrets/passwords/services/mail/postbot_at_vanpetegem.be.age;
|
||||
"passwords/services/mail/robbe@robbevanpetegem.be".file = ../../../secrets/passwords/services/mail/robbe_at_robbevanpetegem.be.age;
|
||||
"passwords/services/mail/robbe@vanpetegem.be".file = ../../../secrets/passwords/services/mail/robbe_at_vanpetegem.be.age;
|
||||
"passwords/services/mail/webmaster@vanpetegem.be".file = ../../../secrets/passwords/services/mail/webmaster_at_vanpetegem.be.age;
|
||||
"passwords/services/mail/charlotte@vanpetegem.be".file = ../../../../secrets/passwords/services/mail/charlotte_at_vanpetegem.be.age;
|
||||
"passwords/services/mail/hallo@robbe.be".file = ../../../../secrets/passwords/services/mail/hallo_at_robbe.be.age;
|
||||
"passwords/services/mail/huis@vanpetegem.me".file = ../../../../secrets/passwords/services/mail/huis_at_vanpetegem.me.age;
|
||||
"passwords/services/mail/noreply@vanpetegem.me".file = ../../../../secrets/passwords/services/mail/noreply_at_vanpetegem.me.age;
|
||||
"passwords/services/mail/peter@vanpetegem.me".file = ../../../../secrets/passwords/services/mail/peter_at_vanpetegem.me.age;
|
||||
"passwords/services/mail/postbot@vanpetegem.be".file = ../../../../secrets/passwords/services/mail/postbot_at_vanpetegem.be.age;
|
||||
"passwords/services/mail/robbe@robbevanpetegem.be".file = ../../../../secrets/passwords/services/mail/robbe_at_robbevanpetegem.be.age;
|
||||
"passwords/services/mail/robbe@vanpetegem.be".file = ../../../../secrets/passwords/services/mail/robbe_at_vanpetegem.be.age;
|
||||
"passwords/services/mail/webmaster@vanpetegem.be".file = ../../../../secrets/passwords/services/mail/webmaster_at_vanpetegem.be.age;
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
@ -56,19 +56,19 @@
|
|||
};
|
||||
|
||||
age.secrets."passwords/services/mastodon/vapid-public" = {
|
||||
file = ../../../secrets/passwords/services/mastodon/vapid-public.age;
|
||||
file = ../../../../secrets/passwords/services/mastodon/vapid-public.age;
|
||||
owner = "mastodon";
|
||||
};
|
||||
age.secrets."passwords/services/mastodon/vapid-private" = {
|
||||
file = ../../../secrets/passwords/services/mastodon/vapid-private.age;
|
||||
file = ../../../../secrets/passwords/services/mastodon/vapid-private.age;
|
||||
owner = "mastodon";
|
||||
};
|
||||
age.secrets."passwords/services/mastodon/key" = {
|
||||
file = ../../../secrets/passwords/services/mastodon/key.age;
|
||||
file = ../../../../secrets/passwords/services/mastodon/key.age;
|
||||
owner = "mastodon";
|
||||
};
|
||||
age.secrets."passwords/services/mastodon/otp" = {
|
||||
file = ../../../secrets/passwords/services/mastodon/otp.age;
|
||||
file = ../../../../secrets/passwords/services/mastodon/otp.age;
|
||||
owner = "mastodon";
|
||||
};
|
||||
};
|
||||
|
|
@ -180,50 +180,50 @@
|
|||
};
|
||||
|
||||
age.secrets."files/services/matrix-appservice-slack/config.yml" = {
|
||||
file = ../../../secrets/files/services/matrix-appservice-slack/config.yml.age;
|
||||
file = ../../../../secrets/files/services/matrix-appservice-slack/config.yml.age;
|
||||
owner = "matrix_appservice_slack";
|
||||
};
|
||||
age.secrets."files/services/matrix-appservice-slack/registration.yml" = {
|
||||
file = ../../../secrets/files/services/matrix-appservice-slack/registration.yml.age;
|
||||
file = ../../../../secrets/files/services/matrix-appservice-slack/registration.yml.age;
|
||||
owner = "matrix_appservice_slack";
|
||||
};
|
||||
age.secrets."files/services/matrix-hookshot/config.yml" = {
|
||||
file = ../../../secrets/files/services/matrix-hookshot/config.yml.age;
|
||||
file = ../../../../secrets/files/services/matrix-hookshot/config.yml.age;
|
||||
owner = "matrix_hookshot";
|
||||
};
|
||||
age.secrets."files/services/matrix-hookshot/registration.yml" = {
|
||||
file = ../../../secrets/files/services/matrix-hookshot/registration.yml.age;
|
||||
file = ../../../../secrets/files/services/matrix-hookshot/registration.yml.age;
|
||||
owner = "matrix_hookshot";
|
||||
};
|
||||
age.secrets."files/services/matrix-hookshot/passkey.pem" = {
|
||||
path = "/var/lib/matrix-hookshot/passkey.pem";
|
||||
file = ../../../secrets/files/services/matrix-hookshot/passkey.pem.age;
|
||||
file = ../../../../secrets/files/services/matrix-hookshot/passkey.pem.age;
|
||||
owner = "matrix_hookshot";
|
||||
};
|
||||
age.secrets."files/services/mautrix-whatsapp/config.yml" = {
|
||||
file = ../../../secrets/files/services/mautrix-whatsapp/config.yml.age;
|
||||
file = ../../../../secrets/files/services/mautrix-whatsapp/config.yml.age;
|
||||
owner = "mautrix_whatsapp";
|
||||
};
|
||||
age.secrets."files/services/mautrix-whatsapp/registration.yml" = {
|
||||
file = ../../../secrets/files/services/mautrix-whatsapp/registration.yml.age;
|
||||
file = ../../../../secrets/files/services/mautrix-whatsapp/registration.yml.age;
|
||||
owner = "mautrix_whatsapp";
|
||||
};
|
||||
age.secrets."files/services/matrix-synapse/config.yml" = {
|
||||
file = ../../../secrets/files/services/matrix-synapse/config.yml.age;
|
||||
file = ../../../../secrets/files/services/matrix-synapse/config.yml.age;
|
||||
owner = "matrix-synapse";
|
||||
};
|
||||
age.secrets."files/services/matrix-synapse/slack-registration.yml" = {
|
||||
file = ../../../secrets/files/services/matrix-appservice-slack/registration.yml.age;
|
||||
file = ../../../../secrets/files/services/matrix-appservice-slack/registration.yml.age;
|
||||
owner = "matrix-synapse";
|
||||
};
|
||||
age.secrets."files/services/matrix-synapse/whatsapp-registration.yml" = {
|
||||
file = ../../../secrets/files/services/mautrix-whatsapp/registration.yml.age;
|
||||
file = ../../../../secrets/files/services/mautrix-whatsapp/registration.yml.age;
|
||||
owner = "matrix-synapse";
|
||||
};
|
||||
age.secrets."files/services/matrix-synapse/hookshot-registration.yml" = {
|
||||
file = ../../../secrets/files/services/matrix-hookshot/registration.yml.age;
|
||||
file = ../../../../secrets/files/services/matrix-hookshot/registration.yml.age;
|
||||
owner = "matrix-synapse";
|
||||
};
|
||||
age.secrets."files/servers/matrix-sliding-sync/env".file = ../../../secrets/files/services/matrix-sliding-sync/env.age;
|
||||
age.secrets."files/servers/matrix-sliding-sync/env".file = ../../../../secrets/files/services/matrix-sliding-sync/env.age;
|
||||
};
|
||||
}
|
||||
|
|
@ -55,7 +55,7 @@
|
|||
};
|
||||
};
|
||||
age.secrets."passwords/services/nextcloud-admin" = {
|
||||
file = ../../../secrets/passwords/services/nextcloud-admin.age;
|
||||
file = ../../../../secrets/passwords/services/nextcloud-admin.age;
|
||||
owner = "nextcloud";
|
||||
};
|
||||
systemd.services."nextcloud-setup" = {
|
||||
|
|
@ -50,7 +50,7 @@
|
|||
preliminarySelfsigned = false;
|
||||
};
|
||||
age.secrets."passwords/services/acme" = {
|
||||
file = ../../../secrets/passwords/services/acme.age;
|
||||
file = ../../../../secrets/passwords/services/acme.age;
|
||||
owner = "acme";
|
||||
};
|
||||
chvp.base.zfs.systemLinks = [
|
||||
|
|
@ -34,7 +34,7 @@
|
|||
};
|
||||
};
|
||||
age.secrets."files/programs/transmission/config.json" = {
|
||||
file = ../../../secrets/files/programs/transmission/config.json.age;
|
||||
file = ../../../../secrets/files/programs/transmission/config.json.age;
|
||||
owner = "charlotte";
|
||||
};
|
||||
};
|
||||
Loading…
Add table
Add a link
Reference in a new issue