mochi/nixos/hosts/shadowfax/config/sops-secrets.nix

{...}: {
  secrets = {
    # Minio
    "minio" = {
      sopsFile = ../secrets.sops.yaml;
      owner = "minio";
      group = "minio";
      mode = "400";
      restartUnits = ["minio.service"];
    };
    # Syncthing
    "syncthing/publicCert" = {
      sopsFile = ../secrets.sops.yaml;
      owner = "jahanson";
      mode = "400";
      restartUnits = ["syncthing.service"];
    };
    "syncthing/privateKey" = {
      sopsFile = ../secrets.sops.yaml;
      owner = "jahanson";
      mode = "400";
      restartUnits = ["syncthing.service"];
    };
    # Prowlarr
    "arr/prowlarr/apiKey" = {
      sopsFile = ../secrets.sops.yaml;
      owner = "prowlarr";
      mode = "400";
      restartUnits = ["prowlarr.service"];
    };
    "arr/prowlarr/postgres/dbName" = {
      sopsFile = ../secrets.sops.yaml;
      owner = "prowlarr";
      mode = "400";
      restartUnits = ["prowlarr.service"];
    };
    "arr/prowlarr/postgres/user" = {
      sopsFile = ../secrets.sops.yaml;
      owner = "prowlarr";
      mode = "400";
      restartUnits = ["prowlarr.service"];
    };
    "arr/prowlarr/postgres/password" = {
      sopsFile = ../secrets.sops.yaml;
      owner = "prowlarr";
      mode = "400";
      restartUnits = ["prowlarr.service"];
    };
    "arr/prowlarr/postgres/host" = {
      sopsFile = ../secrets.sops.yaml;
      owner = "prowlarr";
      mode = "400";
      restartUnits = ["prowlarr.service"];
    };
    # Sonarr
    "arr/sonarr/1080p/apiKey" = {
      sopsFile = ../secrets.sops.yaml;
      owner = "sonarr";
      mode = "400";
      restartUnits = ["sonarr-tv1080p.service"];
    };
    "arr/sonarr/1080p/postgres/dbName" = {
      sopsFile = ../secrets.sops.yaml;
      owner = "sonarr";
      mode = "400";
      restartUnits = ["sonarr-tv1080p.service"];
    };
    "arr/sonarr/1080p/postgres/user" = {
      sopsFile = ../secrets.sops.yaml;
      owner = "sonarr";
      mode = "400";
      restartUnits = ["sonarr-tv1080p.service"];
    };
    "arr/sonarr/1080p/postgres/password" = {
      sopsFile = ../secrets.sops.yaml;
      owner = "sonarr";
      mode = "400";
      restartUnits = ["sonarr-tv1080p.service"];
    };
    "arr/sonarr/1080p/postgres/host" = {
      sopsFile = ../secrets.sops.yaml;
      owner = "sonarr";
      mode = "400";
      restartUnits = ["sonarr-tv1080p.service"];
    };
    "arr/sonarr/1080p/extraEnvVars" = {
      sopsFile = ../secrets.sops.yaml;
      owner = "sonarr";
      mode = "400";
      restartUnits = ["sonarr-tv1080p.service"];
    };
    "arr/sonarr/anime/apiKey" = {
      sopsFile = ../secrets.sops.yaml;
      owner = "sonarr";
      mode = "400";
      restartUnits = ["sonarr-anime.service"];
    };
    "arr/sonarr/anime/postgres/dbName" = {
      sopsFile = ../secrets.sops.yaml;
      owner = "sonarr";
      mode = "400";
      restartUnits = ["sonarr-anime.service"];
    };
    "arr/sonarr/anime/postgres/user" = {
      sopsFile = ../secrets.sops.yaml;
      owner = "sonarr";
      mode = "400";
      restartUnits = ["sonarr-anime.service"];
    };
    "arr/sonarr/anime/postgres/password" = {
      sopsFile = ../secrets.sops.yaml;
      owner = "sonarr";
      mode = "400";
      restartUnits = ["sonarr-anime.service"];
    };
    "arr/sonarr/anime/postgres/host" = {
      sopsFile = ../secrets.sops.yaml;
      owner = "sonarr";
      mode = "400";
      restartUnits = ["sonarr-anime.service"];
    };
    "arr/sonarr/anime/extraEnvVars" = {
      sopsFile = ../secrets.sops.yaml;
      owner = "sonarr";
      mode = "400";
      restartUnits = ["sonarr-anime.service"];
    };
    # Radarr
    "arr/radarr/1080p/apiKey" = {
      sopsFile = ../secrets.sops.yaml;
      owner = "radarr";
      mode = "400";
      restartUnits = ["radarr-movies1080p.service"];
    };
    "arr/radarr/1080p/postgres/dbName" = {
      sopsFile = ../secrets.sops.yaml;
      owner = "radarr";
      mode = "400";
      restartUnits = ["radarr-movies1080p.service"];
    };
    "arr/radarr/1080p/postgres/user" = {
      sopsFile = ../secrets.sops.yaml;
      owner = "radarr";
      mode = "400";
      restartUnits = ["radarr-movies1080p.service"];
    };
    "arr/radarr/1080p/postgres/password" = {
      sopsFile = ../secrets.sops.yaml;
      owner = "radarr";
      mode = "400";
      restartUnits = ["radarr-movies1080p.service"];
    };
    "arr/radarr/1080p/postgres/host" = {
      sopsFile = ../secrets.sops.yaml;
      owner = "radarr";
      mode = "400";
      restartUnits = ["radarr-movies1080p.service"];
    };
    "arr/radarr/1080p/extraEnvVars" = {
      sopsFile = ../secrets.sops.yaml;
      owner = "radarr";
      mode = "400";
      restartUnits = ["radarr-movies1080p.service"];
    };
    "arr/radarr/anime/apiKey" = {
      sopsFile = ../secrets.sops.yaml;
      owner = "radarr";
      mode = "400";
      restartUnits = ["radarr-anime.service"];
    };
    "arr/radarr/anime/postgres/dbName" = {
      sopsFile = ../secrets.sops.yaml;
      owner = "radarr";
      mode = "400";
      restartUnits = ["radarr-anime.service"];
    };
    "arr/radarr/anime/postgres/user" = {
      sopsFile = ../secrets.sops.yaml;
      owner = "radarr";
      mode = "400";
      restartUnits = ["radarr-anime.service"];
    };
    "arr/radarr/anime/postgres/password" = {
      sopsFile = ../secrets.sops.yaml;
      owner = "radarr";
      mode = "400";
      restartUnits = ["radarr-anime.service"];
    };
    "arr/radarr/anime/postgres/host" = {
      sopsFile = ../secrets.sops.yaml;
      owner = "radarr";
      mode = "400";
      restartUnits = ["radarr-anime.service"];
    };
    "arr/radarr/anime/extraEnvVars" = {
      sopsFile = ../secrets.sops.yaml;
      owner = "radarr";
      mode = "400";
      restartUnits = ["radarr-anime.service"];
    };
    # Unpackerr
    "arr/unpackerr/extraEnvVars" = {
      sopsFile = ../secrets.sops.yaml;
      owner = "unpackerr";
      mode = "400";
      restartUnits = ["unpackerr.service"];
    };
    # Borgmatic
    "borgmatic/plex/encryption_passphrase" = {
      sopsFile = ../secrets.sops.yaml;
      mode = "400";
      restartUnits = ["borgmatic.service"];
    };
    "borgmatic/plex/append_key" = {
      sopsFile = ../secrets.sops.yaml;
      mode = "400";
      restartUnits = ["borgmatic.service"];
    };
    "borgmatic/jellyfin/encryption_passphrase" = {
      sopsFile = ../secrets.sops.yaml;
      mode = "400";
      restartUnits = ["borgmatic.service"];
    };
    "borgmatic/jellyfin/append_key" = {
      sopsFile = ../secrets.sops.yaml;
      mode = "400";
      restartUnits = ["borgmatic.service"];
    };
  };
}
Add 'my packages' 2025-02-24 16:14:45 -06:00			`{...}: {`
update firefox, vscode, nvim, and added prowlarr service config switched shadowfax to a sworkstation config from server config. 2025-02-02 15:49:41 -06:00			`secrets = {`
			`# Minio`
			`"minio" = {`
			`sopsFile = ../secrets.sops.yaml;`
			`owner = "minio";`
			`group = "minio";`
			`mode = "400";`
Add 'my packages' 2025-02-24 16:14:45 -06:00			`restartUnits = ["minio.service"];`
update firefox, vscode, nvim, and added prowlarr service config switched shadowfax to a sworkstation config from server config. 2025-02-02 15:49:41 -06:00			`};`
			`# Syncthing`
			`"syncthing/publicCert" = {`
			`sopsFile = ../secrets.sops.yaml;`
			`owner = "jahanson";`
			`mode = "400";`
Add 'my packages' 2025-02-24 16:14:45 -06:00			`restartUnits = ["syncthing.service"];`
update firefox, vscode, nvim, and added prowlarr service config switched shadowfax to a sworkstation config from server config. 2025-02-02 15:49:41 -06:00			`};`
			`"syncthing/privateKey" = {`
			`sopsFile = ../secrets.sops.yaml;`
			`owner = "jahanson";`
			`mode = "400";`
Add 'my packages' 2025-02-24 16:14:45 -06:00			`restartUnits = ["syncthing.service"];`
update firefox, vscode, nvim, and added prowlarr service config switched shadowfax to a sworkstation config from server config. 2025-02-02 15:49:41 -06:00			`};`
			`# Prowlarr`
			`"arr/prowlarr/apiKey" = {`
			`sopsFile = ../secrets.sops.yaml;`
			`owner = "prowlarr";`
			`mode = "400";`
Add 'my packages' 2025-02-24 16:14:45 -06:00			`restartUnits = ["prowlarr.service"];`
update firefox, vscode, nvim, and added prowlarr service config switched shadowfax to a sworkstation config from server config. 2025-02-02 15:49:41 -06:00			`};`
			`"arr/prowlarr/postgres/dbName" = {`
			`sopsFile = ../secrets.sops.yaml;`
			`owner = "prowlarr";`
			`mode = "400";`
Add 'my packages' 2025-02-24 16:14:45 -06:00			`restartUnits = ["prowlarr.service"];`
update firefox, vscode, nvim, and added prowlarr service config switched shadowfax to a sworkstation config from server config. 2025-02-02 15:49:41 -06:00			`};`
			`"arr/prowlarr/postgres/user" = {`
			`sopsFile = ../secrets.sops.yaml;`
			`owner = "prowlarr";`
			`mode = "400";`
Add 'my packages' 2025-02-24 16:14:45 -06:00			`restartUnits = ["prowlarr.service"];`
update firefox, vscode, nvim, and added prowlarr service config switched shadowfax to a sworkstation config from server config. 2025-02-02 15:49:41 -06:00			`};`
			`"arr/prowlarr/postgres/password" = {`
			`sopsFile = ../secrets.sops.yaml;`
			`owner = "prowlarr";`
			`mode = "400";`
Add 'my packages' 2025-02-24 16:14:45 -06:00			`restartUnits = ["prowlarr.service"];`
update firefox, vscode, nvim, and added prowlarr service config switched shadowfax to a sworkstation config from server config. 2025-02-02 15:49:41 -06:00			`};`
			`"arr/prowlarr/postgres/host" = {`
			`sopsFile = ../secrets.sops.yaml;`
			`owner = "prowlarr";`
			`mode = "400";`
Add 'my packages' 2025-02-24 16:14:45 -06:00			`restartUnits = ["prowlarr.service"];`
add sonarr service and overlay sonarr/radarr unstable packages. 2025-02-03 16:13:03 -06:00			`};`
			`# Sonarr`
add multi-sonarr 2025-02-10 15:01:31 -06:00			`"arr/sonarr/1080p/apiKey" = {`
add sonarr service and overlay sonarr/radarr unstable packages. 2025-02-03 16:13:03 -06:00			`sopsFile = ../secrets.sops.yaml;`
			`owner = "sonarr";`
			`mode = "400";`
Add 'my packages' 2025-02-24 16:14:45 -06:00			`restartUnits = ["sonarr-tv1080p.service"];`
add sonarr service and overlay sonarr/radarr unstable packages. 2025-02-03 16:13:03 -06:00			`};`
add multi-sonarr 2025-02-10 15:01:31 -06:00			`"arr/sonarr/1080p/postgres/dbName" = {`
add sonarr service and overlay sonarr/radarr unstable packages. 2025-02-03 16:13:03 -06:00			`sopsFile = ../secrets.sops.yaml;`
			`owner = "sonarr";`
			`mode = "400";`
Add 'my packages' 2025-02-24 16:14:45 -06:00			`restartUnits = ["sonarr-tv1080p.service"];`
add sonarr service and overlay sonarr/radarr unstable packages. 2025-02-03 16:13:03 -06:00			`};`
add multi-sonarr 2025-02-10 15:01:31 -06:00			`"arr/sonarr/1080p/postgres/user" = {`
add sonarr service and overlay sonarr/radarr unstable packages. 2025-02-03 16:13:03 -06:00			`sopsFile = ../secrets.sops.yaml;`
			`owner = "sonarr";`
			`mode = "400";`
Add 'my packages' 2025-02-24 16:14:45 -06:00			`restartUnits = ["sonarr-tv1080p.service"];`
add sonarr service and overlay sonarr/radarr unstable packages. 2025-02-03 16:13:03 -06:00			`};`
add multi-sonarr 2025-02-10 15:01:31 -06:00			`"arr/sonarr/1080p/postgres/password" = {`
add sonarr service and overlay sonarr/radarr unstable packages. 2025-02-03 16:13:03 -06:00			`sopsFile = ../secrets.sops.yaml;`
			`owner = "sonarr";`
			`mode = "400";`
Add 'my packages' 2025-02-24 16:14:45 -06:00			`restartUnits = ["sonarr-tv1080p.service"];`
add sonarr service and overlay sonarr/radarr unstable packages. 2025-02-03 16:13:03 -06:00			`};`
add multi-sonarr 2025-02-10 15:01:31 -06:00			`"arr/sonarr/1080p/postgres/host" = {`
add sonarr service and overlay sonarr/radarr unstable packages. 2025-02-03 16:13:03 -06:00			`sopsFile = ../secrets.sops.yaml;`
			`owner = "sonarr";`
			`mode = "400";`
Add 'my packages' 2025-02-24 16:14:45 -06:00			`restartUnits = ["sonarr-tv1080p.service"];`
add sonarr service and overlay sonarr/radarr unstable packages. 2025-02-03 16:13:03 -06:00			`};`
add multi-sonarr 2025-02-10 15:01:31 -06:00			`"arr/sonarr/1080p/extraEnvVars" = {`
added unpackerr and pushover scripts 2025-02-04 11:18:05 -06:00			`sopsFile = ../secrets.sops.yaml;`
			`owner = "sonarr";`
			`mode = "400";`
Add 'my packages' 2025-02-24 16:14:45 -06:00			`restartUnits = ["sonarr-tv1080p.service"];`
add multi-sonarr 2025-02-10 15:01:31 -06:00			`};`
			`"arr/sonarr/anime/apiKey" = {`
			`sopsFile = ../secrets.sops.yaml;`
			`owner = "sonarr";`
			`mode = "400";`
Add 'my packages' 2025-02-24 16:14:45 -06:00			`restartUnits = ["sonarr-anime.service"];`
add multi-sonarr 2025-02-10 15:01:31 -06:00			`};`
			`"arr/sonarr/anime/postgres/dbName" = {`
			`sopsFile = ../secrets.sops.yaml;`
			`owner = "sonarr";`
			`mode = "400";`
Add 'my packages' 2025-02-24 16:14:45 -06:00			`restartUnits = ["sonarr-anime.service"];`
add multi-sonarr 2025-02-10 15:01:31 -06:00			`};`
			`"arr/sonarr/anime/postgres/user" = {`
			`sopsFile = ../secrets.sops.yaml;`
			`owner = "sonarr";`
			`mode = "400";`
Add 'my packages' 2025-02-24 16:14:45 -06:00			`restartUnits = ["sonarr-anime.service"];`
add multi-sonarr 2025-02-10 15:01:31 -06:00			`};`
			`"arr/sonarr/anime/postgres/password" = {`
			`sopsFile = ../secrets.sops.yaml;`
			`owner = "sonarr";`
			`mode = "400";`
Add 'my packages' 2025-02-24 16:14:45 -06:00			`restartUnits = ["sonarr-anime.service"];`
add multi-sonarr 2025-02-10 15:01:31 -06:00			`};`
			`"arr/sonarr/anime/postgres/host" = {`
			`sopsFile = ../secrets.sops.yaml;`
			`owner = "sonarr";`
			`mode = "400";`
Add 'my packages' 2025-02-24 16:14:45 -06:00			`restartUnits = ["sonarr-anime.service"];`
add multi-sonarr 2025-02-10 15:01:31 -06:00			`};`
			`"arr/sonarr/anime/extraEnvVars" = {`
			`sopsFile = ../secrets.sops.yaml;`
			`owner = "sonarr";`
			`mode = "400";`
Add 'my packages' 2025-02-24 16:14:45 -06:00			`restartUnits = ["sonarr-anime.service"];`
added unpackerr and pushover scripts 2025-02-04 11:18:05 -06:00			`};`
			`# Radarr`
mkRadarrInstance 2025-02-09 23:32:13 -06:00			`"arr/radarr/1080p/apiKey" = {`
add Radarr 2025-02-03 15:07:44 -06:00			`sopsFile = ../secrets.sops.yaml;`
			`owner = "radarr";`
			`mode = "400";`
Add 'my packages' 2025-02-24 16:14:45 -06:00			`restartUnits = ["radarr-movies1080p.service"];`
add Radarr 2025-02-03 15:07:44 -06:00			`};`
mkRadarrInstance 2025-02-09 23:32:13 -06:00			`"arr/radarr/1080p/postgres/dbName" = {`
add Radarr 2025-02-03 15:07:44 -06:00			`sopsFile = ../secrets.sops.yaml;`
			`owner = "radarr";`
			`mode = "400";`
Add 'my packages' 2025-02-24 16:14:45 -06:00			`restartUnits = ["radarr-movies1080p.service"];`
add Radarr 2025-02-03 15:07:44 -06:00			`};`
mkRadarrInstance 2025-02-09 23:32:13 -06:00			`"arr/radarr/1080p/postgres/user" = {`
add Radarr 2025-02-03 15:07:44 -06:00			`sopsFile = ../secrets.sops.yaml;`
			`owner = "radarr";`
			`mode = "400";`
Add 'my packages' 2025-02-24 16:14:45 -06:00			`restartUnits = ["radarr-movies1080p.service"];`
add Radarr 2025-02-03 15:07:44 -06:00			`};`
mkRadarrInstance 2025-02-09 23:32:13 -06:00			`"arr/radarr/1080p/postgres/password" = {`
add Radarr 2025-02-03 15:07:44 -06:00			`sopsFile = ../secrets.sops.yaml;`
			`owner = "radarr";`
			`mode = "400";`
Add 'my packages' 2025-02-24 16:14:45 -06:00			`restartUnits = ["radarr-movies1080p.service"];`
add Radarr 2025-02-03 15:07:44 -06:00			`};`
mkRadarrInstance 2025-02-09 23:32:13 -06:00			`"arr/radarr/1080p/postgres/host" = {`
add Radarr 2025-02-03 15:07:44 -06:00			`sopsFile = ../secrets.sops.yaml;`
			`owner = "radarr";`
			`mode = "400";`
Add 'my packages' 2025-02-24 16:14:45 -06:00			`restartUnits = ["radarr-movies1080p.service"];`
add Radarr 2025-02-03 15:07:44 -06:00			`};`
mkRadarrInstance 2025-02-09 23:32:13 -06:00			`"arr/radarr/1080p/extraEnvVars" = {`
			`sopsFile = ../secrets.sops.yaml;`
			`owner = "radarr";`
			`mode = "400";`
Add 'my packages' 2025-02-24 16:14:45 -06:00			`restartUnits = ["radarr-movies1080p.service"];`
mkRadarrInstance 2025-02-09 23:32:13 -06:00			`};`
			`"arr/radarr/anime/apiKey" = {`
			`sopsFile = ../secrets.sops.yaml;`
			`owner = "radarr";`
			`mode = "400";`
Add 'my packages' 2025-02-24 16:14:45 -06:00			`restartUnits = ["radarr-anime.service"];`
mkRadarrInstance 2025-02-09 23:32:13 -06:00			`};`
			`"arr/radarr/anime/postgres/dbName" = {`
			`sopsFile = ../secrets.sops.yaml;`
			`owner = "radarr";`
			`mode = "400";`
Add 'my packages' 2025-02-24 16:14:45 -06:00			`restartUnits = ["radarr-anime.service"];`
mkRadarrInstance 2025-02-09 23:32:13 -06:00			`};`
			`"arr/radarr/anime/postgres/user" = {`
			`sopsFile = ../secrets.sops.yaml;`
			`owner = "radarr";`
			`mode = "400";`
Add 'my packages' 2025-02-24 16:14:45 -06:00			`restartUnits = ["radarr-anime.service"];`
mkRadarrInstance 2025-02-09 23:32:13 -06:00			`};`
			`"arr/radarr/anime/postgres/password" = {`
			`sopsFile = ../secrets.sops.yaml;`
			`owner = "radarr";`
			`mode = "400";`
Add 'my packages' 2025-02-24 16:14:45 -06:00			`restartUnits = ["radarr-anime.service"];`
mkRadarrInstance 2025-02-09 23:32:13 -06:00			`};`
			`"arr/radarr/anime/postgres/host" = {`
			`sopsFile = ../secrets.sops.yaml;`
			`owner = "radarr";`
			`mode = "400";`
Add 'my packages' 2025-02-24 16:14:45 -06:00			`restartUnits = ["radarr-anime.service"];`
mkRadarrInstance 2025-02-09 23:32:13 -06:00			`};`
			`"arr/radarr/anime/extraEnvVars" = {`
added unpackerr and pushover scripts 2025-02-04 11:18:05 -06:00			`sopsFile = ../secrets.sops.yaml;`
			`owner = "radarr";`
			`mode = "400";`
Add 'my packages' 2025-02-24 16:14:45 -06:00			`restartUnits = ["radarr-anime.service"];`
added unpackerr and pushover scripts 2025-02-04 11:18:05 -06:00			`};`
			`# Unpackerr`
			`"arr/unpackerr/extraEnvVars" = {`
			`sopsFile = ../secrets.sops.yaml;`
			`owner = "unpackerr";`
			`mode = "400";`
Add 'my packages' 2025-02-24 16:14:45 -06:00			`restartUnits = ["unpackerr.service"];`
			`};`
remove restic, add borgmatic. update template update config template update 2025-02-25 12:33:35 -06:00			`# Borgmatic`
			`"borgmatic/plex/encryption_passphrase" = {`
			`sopsFile = ../secrets.sops.yaml;`
			`mode = "400";`
			`restartUnits = ["borgmatic.service"];`
			`};`
			`"borgmatic/plex/append_key" = {`
			`sopsFile = ../secrets.sops.yaml;`
			`mode = "400";`
			`restartUnits = ["borgmatic.service"];`
			`};`
			`"borgmatic/jellyfin/encryption_passphrase" = {`
			`sopsFile = ../secrets.sops.yaml;`
			`mode = "400";`
			`restartUnits = ["borgmatic.service"];`
			`};`
			`"borgmatic/jellyfin/append_key" = {`
Add 'my packages' 2025-02-24 16:14:45 -06:00			`sopsFile = ../secrets.sops.yaml;`
			`mode = "400";`
			`restartUnits = ["borgmatic.service"];`
added unpackerr and pushover scripts 2025-02-04 11:18:05 -06:00			`};`
update firefox, vscode, nvim, and added prowlarr service config switched shadowfax to a sworkstation config from server config. 2025-02-02 15:49:41 -06:00			`};`
			`}`