added vault server module mvp
Some checks failed
Build / nix-build (native-aarch64, varda) (push) Successful in 1m48s
Build / nix-build (native-x86_64, gandalf) (push) Has been cancelled
Build / nix-build (native-x86_64, telchar) (push) Has been cancelled
Build / nix-build (native-x86_64, telperion) (push) Has been cancelled
Build / Nix Build Successful (push) Has been cancelled
Some checks failed
Build / nix-build (native-aarch64, varda) (push) Successful in 1m48s
Build / nix-build (native-x86_64, gandalf) (push) Has been cancelled
Build / nix-build (native-x86_64, telchar) (push) Has been cancelled
Build / nix-build (native-x86_64, telperion) (push) Has been cancelled
Build / Nix Build Successful (push) Has been cancelled
This commit is contained in:
parent
6c07f5ad50
commit
f0fa47639b
6 changed files with 39 additions and 16 deletions
2
.gitignore
vendored
2
.gitignore
vendored
|
@ -7,3 +7,5 @@ result*
|
|||
.github
|
||||
.profile
|
||||
.idea
|
||||
.secrets
|
||||
.op
|
||||
|
|
23
flake.lock
23
flake.lock
|
@ -264,15 +264,16 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1725897020,
|
||||
"narHash": "sha256-0mJ37QZpUz44d0uolv9XQKDHwxUwqslz5ZSgwbdxmlo=",
|
||||
"owner": "brumhard",
|
||||
"lastModified": 1726074731,
|
||||
"narHash": "sha256-FsJQbSW9MGndQr7xz49SHjculvRaJGeqBSOgQjHguBc=",
|
||||
"owner": "ajgon",
|
||||
"repo": "krewfile",
|
||||
"rev": "e7773854b19a4288df5502946ccec79c4af57adf",
|
||||
"rev": "05183df6874c2ce479987872083017d7c1ddb546",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "brumhard",
|
||||
"owner": "ajgon",
|
||||
"ref": "feat/indexes",
|
||||
"repo": "krewfile",
|
||||
"type": "github"
|
||||
}
|
||||
|
@ -437,11 +438,11 @@
|
|||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1725407940,
|
||||
"narHash": "sha256-tiN5Rlg/jiY0tyky+soJZoRzLKbPyIdlQ77xVgREDNM=",
|
||||
"lastModified": 1725826545,
|
||||
"narHash": "sha256-L64N1rpLlXdc94H+F6scnrbuEu+utC03cDDVvvJGOME=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "6f6c45b5134a8ee2e465164811e451dcb5ad86e3",
|
||||
"rev": "f4c846aee8e1e29062aa8514d5e0ab270f4ec2f9",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -529,11 +530,11 @@
|
|||
},
|
||||
"nixpkgs-unstable_2": {
|
||||
"locked": {
|
||||
"lastModified": 1725432240,
|
||||
"narHash": "sha256-+yj+xgsfZaErbfYM3T+QvEE2hU7UuE+Jf0fJCJ8uPS0=",
|
||||
"lastModified": 1725634671,
|
||||
"narHash": "sha256-v3rIhsJBOMLR8e/RNWxr828tB+WywYIoajrZKFM+0Gg=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "ad416d066ca1222956472ab7d0555a6946746a80",
|
||||
"rev": "574d1eac1c200690e27b8eb4e24887f8df7ac27c",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
|
@ -88,7 +88,8 @@
|
|||
|
||||
# krewfile - Declarative krew plugin management
|
||||
krewfile = {
|
||||
url = "github:brumhard/krewfile";
|
||||
# url = "github:brumhard/krewfile";
|
||||
url = "github:ajgon/krewfile?ref=feat/indexes";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
|
||||
|
|
|
@ -58,7 +58,7 @@
|
|||
# Services config
|
||||
services = {
|
||||
vault = {
|
||||
enable = true;
|
||||
enable = false;
|
||||
};
|
||||
};
|
||||
|
||||
|
|
|
@ -1,9 +1,9 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
let
|
||||
cfg = config.mySystem.vault;
|
||||
cfg = config.mySystem.services.vault;
|
||||
in
|
||||
{
|
||||
options.vault = {
|
||||
options.mySystem.services.vault = {
|
||||
enable = lib.mkEnableOption "vault";
|
||||
address = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
|
@ -19,7 +19,12 @@ in
|
|||
package = pkgs.unstable.vault;
|
||||
address = cfg.address;
|
||||
dev = false;
|
||||
storage = "raft";
|
||||
storageBackend = "raft";
|
||||
extraConfig = ''
|
||||
api_addr = "http://127.0.0.1:8200"
|
||||
cluster_addr = "http://127.0.0.1:8201"
|
||||
ui = true
|
||||
'';
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -0,0 +1,14 @@
|
|||
listener "tcp" {
|
||||
address = "0.0.0.0:8200"
|
||||
tls_disable = true
|
||||
}
|
||||
|
||||
storage "raft" {
|
||||
path = "/var/lib/vault/data"
|
||||
node_id = "node1"
|
||||
}
|
||||
|
||||
disable_mlock = true
|
||||
api_addr = "http://localhost:8200"
|
||||
cluster_addr = "http://localhost:8201"
|
||||
ui = true
|
Loading…
Reference in a new issue