jahanson/mochi
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions

added vault server module mvp
Some checks failed
Build / nix-build (native-aarch64, varda) (push) Successful in 1m48s
Details
Build / nix-build (native-x86_64, gandalf) (push) Has been cancelled
Details
Build / nix-build (native-x86_64, telchar) (push) Has been cancelled
Details
Build / nix-build (native-x86_64, telperion) (push) Has been cancelled
Details
Build / Nix Build Successful (push) Has been cancelled
Details

Browse source
This commit is contained in:
Joseph Hanson 2024-09-11 16:15:18 -05:00
parent 6c07f5ad50
commit f0fa47639b
Signed by: jahanson
SSH key fingerprint: SHA256:vy6dKBECV522aPAwklFM3ReKAVB086rT3oWwiuiFG7o
6 changed files with 39 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
.gitignore vendored
View file

@ -7,3 +7,5 @@ result*
.github
.profile
.idea
.secrets
.op

23
flake.lock
View file

@ -264,15 +264,16 @@
]
},
"locked": {
"lastModified": 1725897020,
"narHash": "sha256-0mJ37QZpUz44d0uolv9XQKDHwxUwqslz5ZSgwbdxmlo=",
"owner": "brumhard",
"lastModified": 1726074731,
"narHash": "sha256-FsJQbSW9MGndQr7xz49SHjculvRaJGeqBSOgQjHguBc=",
"owner": "ajgon",
"repo": "krewfile",
"rev": "e7773854b19a4288df5502946ccec79c4af57adf",
"rev": "05183df6874c2ce479987872083017d7c1ddb546",
"type": "github"
},
"original": {
"owner": "brumhard",
"owner": "ajgon",
"ref": "feat/indexes",
"repo": "krewfile",
"type": "github"
}
@ -437,11 +438,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1725407940,
"narHash": "sha256-tiN5Rlg/jiY0tyky+soJZoRzLKbPyIdlQ77xVgREDNM=",
"lastModified": 1725826545,
"narHash": "sha256-L64N1rpLlXdc94H+F6scnrbuEu+utC03cDDVvvJGOME=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "6f6c45b5134a8ee2e465164811e451dcb5ad86e3",
"rev": "f4c846aee8e1e29062aa8514d5e0ab270f4ec2f9",
"type": "github"
},
"original": {
@ -529,11 +530,11 @@
},
"nixpkgs-unstable_2": {
"locked": {
"lastModified": 1725432240,
"narHash": "sha256-+yj+xgsfZaErbfYM3T+QvEE2hU7UuE+Jf0fJCJ8uPS0=",
"lastModified": 1725634671,
"narHash": "sha256-v3rIhsJBOMLR8e/RNWxr828tB+WywYIoajrZKFM+0Gg=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "ad416d066ca1222956472ab7d0555a6946746a80",
"rev": "574d1eac1c200690e27b8eb4e24887f8df7ac27c",
"type": "github"
},
"original": {

3
flake.nix
View file

@ -88,7 +88,8 @@
# krewfile - Declarative krew plugin management
krewfile = {
url = "github:brumhard/krewfile";
# url = "github:brumhard/krewfile";
url = "github:ajgon/krewfile?ref=feat/indexes";
inputs.nixpkgs.follows = "nixpkgs";
};

2
nixos/hosts/telchar/default.nix
View file

@ -58,7 +58,7 @@
# Services config
services = {
vault = {
enable = true;
enable = false;
};
};

11
nixos/modules/nixos/services/vault/default.nix
View file

@ -1,9 +1,9 @@
{ config, lib, pkgs, ... }:
let
cfg = config.mySystem.vault;
cfg = config.mySystem.services.vault;
in
{
options.vault = {
options.mySystem.services.vault = {
enable = lib.mkEnableOption "vault";
address = lib.mkOption {
type = lib.types.str;
@ -19,7 +19,12 @@ in
package = pkgs.unstable.vault;
address = cfg.address;
dev = false;
storage = "raft";
storageBackend = "raft";
extraConfig = ''
api_addr = "http://127.0.0.1:8200"
cluster_addr = "http://127.0.0.1:8201"
ui = true
'';
};
};
}

14
nixos/modules/nixos/services/vault/resources/vault-config.hcl Normal file
View file

@ -0,0 +1,14 @@
listener "tcp" {
address = "0.0.0.0:8200"
tls_disable = true
}
storage "raft" {
path = "/var/lib/vault/data"
node_id = "node1"
}
disable_mlock = true
api_addr = "http://localhost:8200"
cluster_addr = "http://localhost:8201"
ui = true