Add restic backups and glances (#89)
* flesh out impermanence * glances * hack * hacking in plex and tautulli * hack * hacking * Auto lint/format --------- Co-authored-by: Truxnell <9149206+truxnell@users.noreply.github.com> Co-authored-by: truxnell <truxnell@users.noreply.github.com>
This commit is contained in:
parent
504e0b1feb
commit
dc0b2518da
56 changed files with 1080 additions and 732 deletions
|
@ -14,7 +14,7 @@ keys:
|
||||||
- &citadel age1u4tht685sqg6dkmjyer96r93pl425u6353md6fphpd84jh3jwcusvm7mgk
|
- &citadel age1u4tht685sqg6dkmjyer96r93pl425u6353md6fphpd84jh3jwcusvm7mgk
|
||||||
- &rickenbacker age1cp6vegrmqfkuj8nmt2u3z0sur7n0f7e9x9zmdv4zygp8j2pnucpsdkgagc
|
- &rickenbacker age1cp6vegrmqfkuj8nmt2u3z0sur7n0f7e9x9zmdv4zygp8j2pnucpsdkgagc
|
||||||
- &shodan age1j2r8mypw44uvqhfs53424h6fu2rkr5m7asl7rl3zn3xzva9m3dcqpa97gw
|
- &shodan age1j2r8mypw44uvqhfs53424h6fu2rkr5m7asl7rl3zn3xzva9m3dcqpa97gw
|
||||||
- &daedalus age1jpeh4s553taxkyxhzlshzqjfrtvmmp5lw0hmpgn3mdnmgzku332qe082dl
|
- &daedalus age1w3jtd4lecn2ng8qxantw33qxl2uasfqfjfpx45u6uweexwtxyq4spwssmh
|
||||||
|
|
||||||
creation_rules:
|
creation_rules:
|
||||||
- path_regex: .*\.sops\.yaml$
|
- path_regex: .*\.sops\.yaml$
|
||||||
|
|
|
@ -23,7 +23,7 @@ for host in "${hosts[@]}"; do
|
||||||
if [[ " ${skip[*]} " =~ " ${host} " ]]; then
|
if [[ " ${skip[*]} " =~ " ${host} " ]]; then
|
||||||
continue
|
continue
|
||||||
fi
|
fi
|
||||||
fqdn="$host.l.trux.dev"
|
fqdn="$host.l.voltaicforge.com"
|
||||||
if [ $reboot -eq 0 ]; then
|
if [ $reboot -eq 0 ]; then
|
||||||
echo $fqdn
|
echo $fqdn
|
||||||
nixos-rebuild switch -j auto --use-remote-sudo --target-host $fqdn --flake ".#$host"
|
nixos-rebuild switch -j auto --use-remote-sudo --target-host $fqdn --flake ".#$host"
|
||||||
|
|
|
@ -14,7 +14,7 @@ while getopts ":r" option; do
|
||||||
r)
|
r)
|
||||||
reboot=1
|
reboot=1
|
||||||
host=$2
|
host=$2
|
||||||
fqdn="$host.l.trux.dev"
|
fqdn="$host.l.voltaicforge.com"
|
||||||
echo "$fqdn with reboot"
|
echo "$fqdn with reboot"
|
||||||
nixos-rebuild boot -j auto --use-remote-sudo --target-host $fqdn --flake ".#$host"
|
nixos-rebuild boot -j auto --use-remote-sudo --target-host $fqdn --flake ".#$host"
|
||||||
# ssh -i $rsa_key $fqdn 'sudo reboot'
|
# ssh -i $rsa_key $fqdn 'sudo reboot'
|
||||||
|
@ -25,7 +25,7 @@ done
|
||||||
|
|
||||||
if [ $reboot -eq 0 ]; then
|
if [ $reboot -eq 0 ]; then
|
||||||
host=$1
|
host=$1
|
||||||
fqdn="$host.l.trux.dev"
|
fqdn="$host.l.voltaicforge.com"
|
||||||
echo "$fqdn"
|
echo "$fqdn"
|
||||||
nixos-rebuild switch -j auto --use-remote-sudo --target-host $fqdn --flake ".#$host"
|
nixos-rebuild switch -j auto --use-remote-sudo --target-host $fqdn --flake ".#$host"
|
||||||
fi
|
fi
|
||||||
|
|
76
flake.lock
76
flake.lock
|
@ -1,27 +1,5 @@
|
||||||
{
|
{
|
||||||
"nodes": {
|
"nodes": {
|
||||||
"deploy-rs": {
|
|
||||||
"inputs": {
|
|
||||||
"flake-compat": "flake-compat",
|
|
||||||
"nixpkgs": [
|
|
||||||
"nixpkgs"
|
|
||||||
],
|
|
||||||
"utils": "utils"
|
|
||||||
},
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1711973905,
|
|
||||||
"narHash": "sha256-UFKME/N1pbUtn+2Aqnk+agUt8CekbpuqwzljivfIme8=",
|
|
||||||
"owner": "serokell",
|
|
||||||
"repo": "deploy-rs",
|
|
||||||
"rev": "88b3059b020da69cbe16526b8d639bd5e0b51c8b",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "serokell",
|
|
||||||
"repo": "deploy-rs",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"flake-compat": {
|
"flake-compat": {
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
|
@ -38,25 +16,9 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"flake-compat_2": {
|
|
||||||
"flake": false,
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1696426674,
|
|
||||||
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
|
|
||||||
"owner": "edolstra",
|
|
||||||
"repo": "flake-compat",
|
|
||||||
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "edolstra",
|
|
||||||
"repo": "flake-compat",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"flake-utils": {
|
"flake-utils": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"systems": "systems_2"
|
"systems": "systems"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1710146030,
|
"lastModified": 1710146030,
|
||||||
|
@ -115,7 +77,7 @@
|
||||||
},
|
},
|
||||||
"nix-vscode-extensions": {
|
"nix-vscode-extensions": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"flake-compat": "flake-compat_2",
|
"flake-compat": "flake-compat",
|
||||||
"flake-utils": "flake-utils",
|
"flake-utils": "flake-utils",
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
"nixpkgs"
|
"nixpkgs"
|
||||||
|
@ -216,7 +178,6 @@
|
||||||
},
|
},
|
||||||
"root": {
|
"root": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"deploy-rs": "deploy-rs",
|
|
||||||
"home-manager": "home-manager",
|
"home-manager": "home-manager",
|
||||||
"nix-index-database": "nix-index-database",
|
"nix-index-database": "nix-index-database",
|
||||||
"nix-vscode-extensions": "nix-vscode-extensions",
|
"nix-vscode-extensions": "nix-vscode-extensions",
|
||||||
|
@ -262,39 +223,6 @@
|
||||||
"repo": "default",
|
"repo": "default",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
|
||||||
"systems_2": {
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1681028828,
|
|
||||||
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
|
||||||
"owner": "nix-systems",
|
|
||||||
"repo": "default",
|
|
||||||
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "nix-systems",
|
|
||||||
"repo": "default",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"utils": {
|
|
||||||
"inputs": {
|
|
||||||
"systems": "systems"
|
|
||||||
},
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1701680307,
|
|
||||||
"narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=",
|
|
||||||
"owner": "numtide",
|
|
||||||
"repo": "flake-utils",
|
|
||||||
"rev": "4022d587cbbfd70fe950c1e2083a02621806a725",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "numtide",
|
|
||||||
"repo": "flake-utils",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"root": "root",
|
"root": "root",
|
||||||
|
|
37
flake.nix
37
flake.nix
|
@ -26,12 +26,6 @@
|
||||||
url = "github:Mic92/sops-nix";
|
url = "github:Mic92/sops-nix";
|
||||||
inputs.nixpkgs.follows = "nixpkgs";
|
inputs.nixpkgs.follows = "nixpkgs";
|
||||||
};
|
};
|
||||||
# deploy-rs - Remote deployment
|
|
||||||
# https://github.com/serokell/deploy-rs
|
|
||||||
deploy-rs = {
|
|
||||||
url = "github:serokell/deploy-rs";
|
|
||||||
inputs.nixpkgs.follows = "nixpkgs";
|
|
||||||
};
|
|
||||||
|
|
||||||
# VSCode community extensions
|
# VSCode community extensions
|
||||||
# https://github.com/nix-community/nix-vscode-extensions
|
# https://github.com/nix-community/nix-vscode-extensions
|
||||||
|
@ -51,7 +45,6 @@
|
||||||
{ self
|
{ self
|
||||||
, nixpkgs
|
, nixpkgs
|
||||||
, sops-nix
|
, sops-nix
|
||||||
, deploy-rs
|
|
||||||
, home-manager
|
, home-manager
|
||||||
, nix-vscode-extensions
|
, nix-vscode-extensions
|
||||||
, ...
|
, ...
|
||||||
|
@ -216,6 +209,7 @@
|
||||||
];
|
];
|
||||||
profileModules = [
|
profileModules = [
|
||||||
./nixos/profiles/role-server.nix
|
./nixos/profiles/role-server.nix
|
||||||
|
./nixos/profiles/impermanence.nix
|
||||||
{ home-manager.users.truxnell = ./nixos/home/truxnell/server.nix; }
|
{ home-manager.users.truxnell = ./nixos/home/truxnell/server.nix; }
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
@ -253,35 +247,6 @@
|
||||||
# images.rpi4 = nixosConfigurations.rpi4.config.system.build.sdImage;
|
# images.rpi4 = nixosConfigurations.rpi4.config.system.build.sdImage;
|
||||||
# images.iso = nixosConfigurations.iso.config.system.build.isoImage;
|
# images.iso = nixosConfigurations.iso.config.system.build.isoImage;
|
||||||
|
|
||||||
# deploy-rs
|
|
||||||
deploy.nodes =
|
|
||||||
let
|
|
||||||
mkDeployConfig = hostname: configuration: {
|
|
||||||
inherit hostname;
|
|
||||||
profiles.system =
|
|
||||||
let
|
|
||||||
inherit (configuration.config.nixpkgs.hostPlatform) system;
|
|
||||||
in
|
|
||||||
{
|
|
||||||
path = inputs.deploy-rs.lib."${system}".activate.nixos configuration;
|
|
||||||
sshUser = "truxnell";
|
|
||||||
user = "root";
|
|
||||||
sshOpts = [ "-t" ];
|
|
||||||
autoRollback = false;
|
|
||||||
magicRollback = true;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
in
|
|
||||||
{
|
|
||||||
dns01 = mkDeployConfig "dns01" self.nixosConfigurations.dns01;
|
|
||||||
dns02 = mkDeployConfig "dns02" self.nixosConfigurations.dns02;
|
|
||||||
|
|
||||||
# dns02 = mkDeployConfig "dns02.natallan.com" self.nixosConfigurations.dns02;
|
|
||||||
};
|
|
||||||
|
|
||||||
# deploy-rs: This is highly advised, and will prevent many possible mistakes
|
|
||||||
checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) inputs.deploy-rs.lib;
|
|
||||||
|
|
||||||
# Convenience output that aggregates the outputs for home, nixos.
|
# Convenience output that aggregates the outputs for home, nixos.
|
||||||
# Also used in ci to build targets generally.
|
# Also used in ci to build targets generally.
|
||||||
top =
|
top =
|
||||||
|
|
|
@ -4,7 +4,7 @@
|
||||||
name = "default";
|
name = "default";
|
||||||
isDefault = true;
|
isDefault = true;
|
||||||
settings = {
|
settings = {
|
||||||
"browser.startup.homepage" = "https://search.trux.dev";
|
"browser.startup.homepage" = "https://homepage.trux.dev";
|
||||||
"browser.search.defaultenginename" = "whoogle";
|
"browser.search.defaultenginename" = "whoogle";
|
||||||
"browser.search.order.1" = "whoogle";
|
"browser.search.order.1" = "whoogle";
|
||||||
"browser.search.suggest.enabled.private" = false;
|
"browser.search.suggest.enabled.private" = false;
|
||||||
|
|
|
@ -3,5 +3,6 @@
|
||||||
./fish
|
./fish
|
||||||
./starship
|
./starship
|
||||||
./wezterm
|
./wezterm
|
||||||
|
./git
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
77
nixos/home/modules/shell/git/default.nix
Normal file
77
nixos/home/modules/shell/git/default.nix
Normal file
|
@ -0,0 +1,77 @@
|
||||||
|
{ pkgs
|
||||||
|
, config
|
||||||
|
, lib
|
||||||
|
, ...
|
||||||
|
}:
|
||||||
|
let
|
||||||
|
cfg = config.myHome.shell.git;
|
||||||
|
inherit (pkgs.stdenv) isDarwin;
|
||||||
|
in
|
||||||
|
{
|
||||||
|
options.myHome.shell.git = {
|
||||||
|
enable = lib.mkEnableOption "git";
|
||||||
|
username = lib.mkOption {
|
||||||
|
type = lib.types.str;
|
||||||
|
};
|
||||||
|
email = lib.mkOption {
|
||||||
|
type = lib.types.str;
|
||||||
|
};
|
||||||
|
signingKey = lib.mkOption {
|
||||||
|
type = lib.types.str;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
config = lib.mkMerge [
|
||||||
|
(lib.mkIf cfg.enable {
|
||||||
|
programs.gh.enable = true;
|
||||||
|
programs.gpg.enable = true;
|
||||||
|
|
||||||
|
programs.git = {
|
||||||
|
enable = true;
|
||||||
|
|
||||||
|
userName = cfg.username;
|
||||||
|
userEmail = cfg.email;
|
||||||
|
|
||||||
|
extraConfig = {
|
||||||
|
core = {
|
||||||
|
autocrlf = "input";
|
||||||
|
};
|
||||||
|
init = {
|
||||||
|
defaultBranch = "main";
|
||||||
|
};
|
||||||
|
pull = {
|
||||||
|
rebase = true;
|
||||||
|
};
|
||||||
|
rebase = {
|
||||||
|
autoStash = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
aliases = {
|
||||||
|
co = "checkout";
|
||||||
|
};
|
||||||
|
ignores = [
|
||||||
|
# Mac OS X hidden files
|
||||||
|
".DS_Store"
|
||||||
|
# Windows files
|
||||||
|
"Thumbs.db"
|
||||||
|
# asdf
|
||||||
|
".tool-versions"
|
||||||
|
# Sops
|
||||||
|
".decrypted~*"
|
||||||
|
"*.decrypted.*"
|
||||||
|
# Python virtualenvs
|
||||||
|
".venv"
|
||||||
|
];
|
||||||
|
# signing = lib.mkIf (cfg.signingKey != "") {
|
||||||
|
# signByDefault = true;
|
||||||
|
# key = cfg.signingKey;
|
||||||
|
# };
|
||||||
|
};
|
||||||
|
|
||||||
|
home.packages = [
|
||||||
|
pkgs.git-filter-repo
|
||||||
|
pkgs.tig
|
||||||
|
];
|
||||||
|
})
|
||||||
|
];
|
||||||
|
}
|
|
@ -6,9 +6,6 @@ with config;
|
||||||
];
|
];
|
||||||
|
|
||||||
myHome.programs.firefox.enable = true;
|
myHome.programs.firefox.enable = true;
|
||||||
myHome.shell.starship.enable = true;
|
|
||||||
myHome.shell.fish.enable = true;
|
|
||||||
myHome.shell.wezterm.enable = true;
|
|
||||||
|
|
||||||
myHome.security = {
|
myHome.security = {
|
||||||
ssh = {
|
ssh = {
|
||||||
|
@ -49,7 +46,6 @@ with config;
|
||||||
|
|
||||||
daedalus = {
|
daedalus = {
|
||||||
hostname = "daedalus";
|
hostname = "daedalus";
|
||||||
user = "nat";
|
|
||||||
port = 22;
|
port = 22;
|
||||||
identityFile = "~/.ssh/id_ed25519";
|
identityFile = "~/.ssh/id_ed25519";
|
||||||
};
|
};
|
||||||
|
@ -58,6 +54,23 @@ with config;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
myHome.shell = {
|
||||||
|
|
||||||
|
starship.enable = true;
|
||||||
|
fish.enable = true;
|
||||||
|
wezterm.enable = true;
|
||||||
|
|
||||||
|
git = {
|
||||||
|
enable = true;
|
||||||
|
username = "truxnell";
|
||||||
|
email = "19149206+truxnell@users.noreply.github.com";
|
||||||
|
# signingKey = ""; # TODO setup signing keys n shit
|
||||||
|
};
|
||||||
|
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
home = {
|
home = {
|
||||||
|
|
|
@ -26,14 +26,11 @@
|
||||||
sabnzbd.enable = true;
|
sabnzbd.enable = true;
|
||||||
qbittorrent.enable = true;
|
qbittorrent.enable = true;
|
||||||
};
|
};
|
||||||
mySystem.nasFolder = "/tank/";
|
mySystem.nasFolder = "/tank";
|
||||||
|
|
||||||
mySystem.system = {
|
mySystem.system = {
|
||||||
zfs.enable = true;
|
zfs.enable = true;
|
||||||
zfs.mountPoolsAtBoot = [ "tank" ];
|
zfs.mountPoolsAtBoot = [ "tank" ];
|
||||||
|
|
||||||
# run impermanence
|
|
||||||
impermanence.enable = true;
|
|
||||||
};
|
};
|
||||||
|
|
||||||
mySystem.services.nfs.enable = true;
|
mySystem.services.nfs.enable = true;
|
||||||
|
|
|
@ -6,24 +6,18 @@
|
||||||
, pkgs
|
, pkgs
|
||||||
, ...
|
, ...
|
||||||
}: {
|
}: {
|
||||||
imports = [
|
|
||||||
|
|
||||||
|
|
||||||
];
|
|
||||||
|
|
||||||
mySystem.services = {
|
mySystem.services = {
|
||||||
openssh.enable = true;
|
openssh.enable = true;
|
||||||
podman.enable = true;
|
podman.enable = true;
|
||||||
# traefik.enable = true;
|
traefik.enable = true;
|
||||||
# homepage.enable = true;
|
|
||||||
# sonarr.enable = true;
|
plex.enable = true;
|
||||||
# radarr.enable = true;
|
tautulli.enable = true;
|
||||||
# lidarr.enable = true;
|
syncthing.enable = true;
|
||||||
# readarr.enable = true;
|
|
||||||
# gatus.enable = true;
|
|
||||||
# sabnzbd.enable = true;
|
|
||||||
# qbittorrent.enable = true;
|
|
||||||
};
|
};
|
||||||
|
|
||||||
mySystem.nfs.nas.enable = true;
|
mySystem.nfs.nas.enable = true;
|
||||||
mySystem.persistentFolder = "/persistent/nixos";
|
mySystem.persistentFolder = "/persistent/nixos";
|
||||||
|
|
||||||
|
@ -41,6 +35,7 @@
|
||||||
systemd-boot.enable = true;
|
systemd-boot.enable = true;
|
||||||
efi.canTouchEfiVariables = true;
|
efi.canTouchEfiVariables = true;
|
||||||
# why not ensure we can memtest workstatons easily?
|
# why not ensure we can memtest workstatons easily?
|
||||||
|
# TODO check whether this is actually working, cant see it in grub?
|
||||||
grub.memtest86.enable = true;
|
grub.memtest86.enable = true;
|
||||||
|
|
||||||
};
|
};
|
||||||
|
@ -64,6 +59,4 @@
|
||||||
swapDevices =
|
swapDevices =
|
||||||
[{ device = "/dev/disk/by-uuid/0ae2765b-f3f4-4b1a-8ea6-599f37504d70"; }];
|
[{ device = "/dev/disk/by-uuid/0ae2765b-f3f4-4b1a-8ea6-599f37504d70"; }];
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,5 +0,0 @@
|
||||||
{
|
|
||||||
imports = [
|
|
||||||
./firefox.nix
|
|
||||||
];
|
|
||||||
}
|
|
|
@ -1,22 +0,0 @@
|
||||||
{ lib
|
|
||||||
, config
|
|
||||||
, ...
|
|
||||||
}:
|
|
||||||
|
|
||||||
with lib;
|
|
||||||
let
|
|
||||||
cfg = config.mySystem.browser.firefox;
|
|
||||||
in
|
|
||||||
{
|
|
||||||
options.mySystem.browser.firefox.enable = mkEnableOption "Firefox";
|
|
||||||
|
|
||||||
config = mkIf cfg.enable {
|
|
||||||
|
|
||||||
programs.firefox = {
|
|
||||||
enable = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
};
|
|
||||||
|
|
||||||
|
|
||||||
}
|
|
|
@ -10,7 +10,7 @@ let
|
||||||
user = "568"; #string
|
user = "568"; #string
|
||||||
group = "568"; #string
|
group = "568"; #string
|
||||||
port = 8686; #int
|
port = 8686; #int
|
||||||
cfg = config.mySystem.services.sonarr;
|
cfg = config.mySystem.services.${app};
|
||||||
persistentFolder = "${config.mySystem.persistentFolder}/${app}";
|
persistentFolder = "${config.mySystem.persistentFolder}/${app}";
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
|
@ -41,15 +41,15 @@ in
|
||||||
dependsOn = [ "prowlarr" ];
|
dependsOn = [ "prowlarr" ];
|
||||||
environment = {
|
environment = {
|
||||||
PUSHOVER_DEBUG = "false";
|
PUSHOVER_DEBUG = "false";
|
||||||
PUSHOVER_APP_URL = "${app}.${config.networking.domain}";
|
PUSHOVER_APP_URL = "${app}.${config.mySystem.domain}";
|
||||||
LIDARR__INSTANCE_NAME = "Lidarr";
|
LIDARR__INSTANCE_NAME = "Lidarr";
|
||||||
LIDARR__APPLICATION_URL = "https://${app}.${config.networking.domain}";
|
LIDARR__APPLICATION_URL = "https://${app}.${config.mySystem.domain}";
|
||||||
LIDARR__LOG_LEVEL = "info";
|
LIDARR__LOG_LEVEL = "info";
|
||||||
};
|
};
|
||||||
environmentFiles = [ config.sops.secrets."services/${app}/env".path ];
|
environmentFiles = [ config.sops.secrets."services/${app}/env".path ];
|
||||||
volumes = [
|
volumes = [
|
||||||
"${persistentFolder}:/config:rw"
|
"${persistentFolder}:/config:rw"
|
||||||
"${config.mySystem.nasFolder}natflix:/media:rw"
|
"${config.mySystem.nasFolder}/natflix:/media:rw"
|
||||||
"/etc/localtime:/etc/localtime:ro"
|
"/etc/localtime:/etc/localtime:ro"
|
||||||
];
|
];
|
||||||
labels = config.lib.mySystem.mkTraefikLabels {
|
labels = config.lib.mySystem.mkTraefikLabels {
|
||||||
|
@ -62,12 +62,13 @@ in
|
||||||
{
|
{
|
||||||
Lidarr = {
|
Lidarr = {
|
||||||
icon = "${app}.png";
|
icon = "${app}.png";
|
||||||
href = "https://${app}.${config.networking.domain}";
|
href = "https://${app}.${config.mySystem.domain}";
|
||||||
|
ping = "https://${app}.${config.mySystem.domain}";
|
||||||
description = "Music management";
|
description = "Music management";
|
||||||
container = "${app}";
|
container = "${app}";
|
||||||
widget = {
|
widget = {
|
||||||
type = "${app}";
|
type = "${app}";
|
||||||
url = "https://${app}.${config.networking.domain}";
|
url = "https://${app}.${config.mySystem.domain}";
|
||||||
key = "{{HOMEPAGE_VAR_LIDARR__API_KEY}}";
|
key = "{{HOMEPAGE_VAR_LIDARR__API_KEY}}";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
@ -77,8 +78,8 @@ in
|
||||||
mySystem.services.gatus.monitors = mkIf config.mySystem.services.gatus.enable [{
|
mySystem.services.gatus.monitors = mkIf config.mySystem.services.gatus.enable [{
|
||||||
|
|
||||||
name = app;
|
name = app;
|
||||||
group = "arr";
|
group = "media";
|
||||||
url = "https://${app}.${config.networking.domain}";
|
url = "https://${app}.${config.mySystem.domain}";
|
||||||
interval = "30s";
|
interval = "30s";
|
||||||
conditions = [ "[CONNECTED] == true" "[STATUS] == 200" "[RESPONSE_TIME] < 50" ];
|
conditions = [ "[CONNECTED] == true" "[STATUS] == 200" "[RESPONSE_TIME] < 50" ];
|
||||||
}];
|
}];
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
services:
|
services:
|
||||||
lidarr:
|
lidarr:
|
||||||
env: ENC[AES256_GCM,data:lxWrT4S/irVLwthc75RUX3bM5JEHcsGup9sdJlUe3Utq4XJnBfcFE/tcdOdjGrQuSfRguOFnoAlFSAsQkl0SLUb1OodcfYylKhY7CMg1ZFcpl5vWZdq0Ot6/tEGxkUqeDZDRg2RNedotJ98nrPc=,iv:gmnwzagAiX4XCdsFy4Xp2n3FsgPUD017S8XL8qOhOjc=,tag:1343PXN07VjR9Jct1Pk+Ww==,type:str]
|
env: ENC[AES256_GCM,data:CNeLt9d/2eZhiazlJXKJzr3oLRvtMRLCJbNQ3ZEapLj3DwswxkC8SH4003DCCyyw98eDNzcTTwFpeu26nAuCmChJqNbyaD7j9k87xGgr+k+OjYdzUfaW3kNnz0dh2Ip2ryg7XTws9q/2laWlqyY=,iv:H2VVi2j0JI8WhawPXQKdMoHCK3S6SH1N9fwRXsz+sAw=,tag:o9ZEB1Pxogere0/gV9uHZQ==,type:str]
|
||||||
sops:
|
sops:
|
||||||
kms: []
|
kms: []
|
||||||
gcp_kms: []
|
gcp_kms: []
|
||||||
|
@ -10,59 +10,59 @@ sops:
|
||||||
- recipient: age1lj5vmr02qkudvv2xedfj5tq8x93gllgpr6tzylwdlt7lud4tfv5qfqsd5u
|
- recipient: age1lj5vmr02qkudvv2xedfj5tq8x93gllgpr6tzylwdlt7lud4tfv5qfqsd5u
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkcVZDNlJUZ2dJRWVEYnpU
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4N1p4aFNmbit6ODBacUVO
|
||||||
MU1ud2o2UEVxS21DZmd1QnZjcHpLMjlpUVVBCkY2VktEdkM2OElTdS8xUkovclBh
|
bUh1Sk1oQWZwaUF0RW5UVTN5b1RHdnRjRXhVCm95cndpQjdmdGRTd1gxV3ZVS3NF
|
||||||
QzduZ1A1VitaTDFjeFZ3SElOYUV5amcKLS0tIHNBQXYyd1Z0TFI0QkcrVC9FQWdx
|
WUxrY1FyNkpKb0MzS0d0bjJvVFdVazQKLS0tIElPN0JqMkUvbmM0aWxVOFY3TkZh
|
||||||
WXVvMjU4eU5QZCsxU25QZStBTWhZQWcKv6Mgm2Y2SzrtuzkH7Z43by6T8ROxCgus
|
dDRjb1l1dHcwNXpqY3YwVHdRR3FTYTQKlklHK/ARZQvcDBFa/am6aza1NdUl1mmP
|
||||||
QaEukJv1ut6ISvYusApAJvKDaF5KofSR8zMNHcUZqtYKP4TppB7Qnw==
|
bvP437PbtoSTZJNQCcRE1tv+3i4xC+OPVmuE7e5BJ/BBdHGSdyziPA==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age17edew3aahg3t5nte5g0a505sn96vnj8g8gqse8q06ccrrn2n3uysyshu2c
|
- recipient: age17edew3aahg3t5nte5g0a505sn96vnj8g8gqse8q06ccrrn2n3uysyshu2c
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtR3EwWFpDbHFNMXJOSUkx
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBuLy9zY216TDBaTmdDcnJo
|
||||||
SG5rV0JRcWNLT1RnYnBzTFIvRmorSVZMZGxnClRvK0JWaGQzdDY0eEFEV3RMbXRP
|
NWR0QzRXb3NyaDdHVExsSnJ4NlFKc1lMUnh3CjM2VGpBdjNMY3RJOGVMS054Z3Ji
|
||||||
ZGhkWGpPVHRhc3RULzlJME5qSkU3SXcKLS0tIFpCYThyV3pGcUtYcktzSGQ5WU5v
|
elJPMzV3ZHA2anZUbmpXaDhoMnE3WjgKLS0tIFZndDQvcWhlVDM3U1piZnhOQzBu
|
||||||
Q2hqUlBkU2ZITDV3SFgyTDd3WC92TlkKbS6OxsGcP4v2U1t83ucQ0zUUVbgT35sg
|
bGpPemtXY1Z6NXNjc29JMDNBOG5Kc2cKcavrDAWBVmzjY7kO4PFve7oP/mSkrtLN
|
||||||
C5KGUS+2+W6J850hzjvd8aYTxx1fBrC6KrWGgqhLUDYfhmHUP0evAA==
|
by6Y4jFH6ndySi5dZlPX+GeyVhlgOtV3CXIcojtVFSVSY4x6DxUARw==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age1u4tht685sqg6dkmjyer96r93pl425u6353md6fphpd84jh3jwcusvm7mgk
|
- recipient: age1u4tht685sqg6dkmjyer96r93pl425u6353md6fphpd84jh3jwcusvm7mgk
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSArVFNTUldORnN2V3RLRUdT
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0cktRZHlHMjFPa2x1QTJW
|
||||||
VEpobWdISDBHTzI3WXgxd1JaOWJsaXRCQ1ZFCit4UFdmS1N4cTFnYUVIbTN5NDhs
|
Y1RPS0lVRTQ3MmhRNW1zaEhxTkFzVWtIcFVrCkRFWHpTMU15bkFib1lHWkFJMGJ1
|
||||||
WDJhS1JxZlloSDR5aW1sQ1lZZjkyYmMKLS0tIG5IdjVOWkpEMytmUWRYbjlRZkxo
|
TStXaWN6eE9tU2RvNmNpMnQyWkdaM3MKLS0tIHhhQjBtd1FLcHlOV1Q1NG12MFlI
|
||||||
ZDNQTCtucS81UXVXYm1BZWZzaVFCR1kKjfx36fR7lTBAa/NNn6NhIVKmzmfpZ4il
|
T2hpS1hYWnJUaUE3ZGFzVzFza0tjSEEKhnpYBWngmgWQfn756hmclB3oeEyFye70
|
||||||
sxh0ISEEjqCBo04WvidZmxPK2w21Pbkvj/yZ0n+sjY+FBIBBo4GH3g==
|
Kd4PdabjMOECpMWAuFbPe/4tZW7K4Y/wqylQ+Z2oz3TkcLxrm6S+zQ==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age1cp6vegrmqfkuj8nmt2u3z0sur7n0f7e9x9zmdv4zygp8j2pnucpsdkgagc
|
- recipient: age1cp6vegrmqfkuj8nmt2u3z0sur7n0f7e9x9zmdv4zygp8j2pnucpsdkgagc
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4KzdtYTgremIzVS9RMFdZ
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB6RmlSZHI5byszTkducW9l
|
||||||
Z0MxRHM5eG9HSjZaNzhOdGZoY3Q2THcrWGk0CldIbk04anRGakNaS0tmSDUzd3Mx
|
aUk4cTY4dWhILytpb0c3SElBTnZvdTBIT3pVCkxZYUJzb09DQzNCK2QzYno1bmR4
|
||||||
WHlvOHF4SmIzTUxmRktYb2hqcVhrUUkKLS0tIDdKSTdienRncXFTZHlZYlRJMkN6
|
ajFVL3V1WkdUN3MzRGxaNHRVQUVZbTQKLS0tIGU2TWdtSXBpRTB4N0t3YzR4ZVhi
|
||||||
N0xTdkJKNzdJNG9JQW5HTU45UkQrSWcKgW99UNgbs3CdMj8rmtLxRa4IRlx5VwYy
|
NHc1Q0dmWXJLYlFpOXdJVS9NY0FuVHcKjdqOjcj9lO/cAjAR9IC8MHhWwsZLASEW
|
||||||
yNbHvTnl41DJRdv7kn7e05pFJ7Y3WeYH0XfozKw+Tk3pct7h7hGOBQ==
|
dLXvW2Uq9yemF+X/lVh5FcWdZH9/GzaRVSIF7dtJquMD7QPie9tUzg==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age1j2r8mypw44uvqhfs53424h6fu2rkr5m7asl7rl3zn3xzva9m3dcqpa97gw
|
- recipient: age1j2r8mypw44uvqhfs53424h6fu2rkr5m7asl7rl3zn3xzva9m3dcqpa97gw
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVMXJmRFlxc2VqMnhCVU1U
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHTHhDU2ZCK3EyWkdBQ3Mx
|
||||||
THhVSG9QS3RKRmxXRE9VL3pUOFBYd2VrbVFnClZGdFZnOXBjazcwQ2QrcTNWT1lV
|
MmZzT1B5Ukt2QkhVOVorQVdnTHI3MnRwTENrClgwWXg3cHpocDAwcGJNRnJXajY4
|
||||||
OGxkM1pVVDV3UEVjM3krcWpGN1cyeVUKLS0tIDU5Mi9ock05YUMvOGFXdUNpQWUv
|
b3QvcUZia1JZc0d2VUJnOC9Pamw1WTgKLS0tIE04dDEwVUREVkFpaGZPU3U0NHRL
|
||||||
RjlsTWJueG5tL1dxUEgvYVVVUHhjM1kKcHay9WYhxOY9BHDAd5logzzMmGzMuW16
|
cG15eUk4TDJPZ2VwYUlweEVWS09yWUEKygFWuuYw7T30P83Ds6dJo6yU5UkcTGl0
|
||||||
Njz2FcsymdZ+YBFhQ0oyAk1v7oYpu2JrMwP5MI5E75/PgGsbQgm3uw==
|
w04upLLxzCTZW141ACNS1s2ydTrs/tfFvzgmP/Hm8AoBrfBbSgVObA==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age1jpeh4s553taxkyxhzlshzqjfrtvmmp5lw0hmpgn3mdnmgzku332qe082dl
|
- recipient: age1w3jtd4lecn2ng8qxantw33qxl2uasfqfjfpx45u6uweexwtxyq4spwssmh
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGWVcwN0g2UHRnUlNuNEl2
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4MHl6N2pPdUMzUzV6YVY3
|
||||||
M2FhTW1aQVNuMkQ3eWpVY0VHMFhrQUZGc1hVCmlqSjljWThkeVhPUnZVbmVEN3hx
|
TzB4UmRFc3hmSk1MQURUakZReExZMVZLd1VFCmN6MWxHVFFJcEgvdFFYZ2lsRllD
|
||||||
RDJteC8zWTdDVkRaM2xEMUVROUxkTlkKLS0tIGQyZDIrdmtLWnZQN0ZXTDhQWEVG
|
Rkd4ZjVMdXlmYll1cXVWdS9SRXNWZ1kKLS0tIGxodVM3Q3c3K1p0UVBLa2Vpc3FP
|
||||||
ZzI4ZGNYME1IL295NTNDYnF5eUJVNWcKHtkBcI9hycZbL3FJmZS5VH1Ig8yhbvk7
|
ZXZscmZZN0VRdlVqdnlSWkx4WHMzOHMKbixVd4tn+cmwDp0Fw2/05Q+k0VxLqeqn
|
||||||
lvZEAbNpObvFiG3pNyuOSJ2oMMT0bOEGAnBUER/rx8S1s8GDONONBw==
|
E7PSrCkdxnW5x8fJO9JUKsXeisif2AqCNOXQTuH5PXN43QWEsfKdng==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
lastmodified: "2024-04-11T07:59:07Z"
|
lastmodified: "2024-04-11T11:56:37Z"
|
||||||
mac: ENC[AES256_GCM,data:Dl5La9KOKdZHMx5xtdgpJTOD0t7Tt3YoUq4i7y7yjGV5ylVkHRXIg3thaADIBcCgu4sVcJjGz46fqyDbezcSoaWgZBu+dpJEpY4VMBjIIygn12Nj0Dwhc8ILImnIH9vQydCc2hukdM80eZfKgeDjq4oBjLtZqhiENoP6EnWh6fY=,iv:JY62wTyhAzlTQgCi0WtWFb1hUCjJZ3VMtcIWanNyQlY=,tag:5jAmHLV69B5CkVXIJVKrgA==,type:str]
|
mac: ENC[AES256_GCM,data:9HRLNEt7he7qoSTHCi0wAHkuzLoAg0JOFbr4syvomYy5TAIH1PzVgX9AUrZCz90pUBQdHx+JDbnsfjP3EcVNwxdABHAlF6GzA1RsfVne4nRr2W9rFeQtREGPuNH8imTMitxEo2C+42tnLr4oYneawNZ2EHrBKlQRhIcxQCylQWg=,iv:kmnE66eFBI7ggNYfknktB06tVwn82y/9Y4NGrUqpAMQ=,tag:8U1IiM0ofEnRHSy6Zz6W5g==,type:str]
|
||||||
pgp: []
|
pgp: []
|
||||||
unencrypted_suffix: _unencrypted
|
unencrypted_suffix: _unencrypted
|
||||||
version: 3.8.1
|
version: 3.8.1
|
||||||
|
|
|
@ -10,7 +10,7 @@ let
|
||||||
user = "568"; #string
|
user = "568"; #string
|
||||||
group = "568"; #string
|
group = "568"; #string
|
||||||
port = 9696; #int
|
port = 9696; #int
|
||||||
cfg = config.mySystem.services.sonarr;
|
cfg = config.mySystem.services.${app};
|
||||||
persistentFolder = "${config.mySystem.persistentFolder}/${app}";
|
persistentFolder = "${config.mySystem.persistentFolder}/${app}";
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
|
@ -40,9 +40,9 @@ in
|
||||||
user = "${user}:${group}";
|
user = "${user}:${group}";
|
||||||
environment = {
|
environment = {
|
||||||
PUSHOVER_DEBUG = "false";
|
PUSHOVER_DEBUG = "false";
|
||||||
PUSHOVER_APP_URL = "${app}.${config.networking.domain}";
|
PUSHOVER_APP_URL = "${app}.${config.mySystem.domain}";
|
||||||
PROWLARR__INSTANCE_NAME = "Prowlarr";
|
PROWLARR__INSTANCE_NAME = "Prowlarr";
|
||||||
PROWLARR__APPLICATION_URL = "https://${app}.${config.networking.domain}";
|
PROWLARR__APPLICATION_URL = "https://${app}.${config.mySystem.domain}";
|
||||||
PROWLARR__LOG_LEVEL = "info";
|
PROWLARR__LOG_LEVEL = "info";
|
||||||
};
|
};
|
||||||
environmentFiles = [ config.sops.secrets."services/${app}/env".path ];
|
environmentFiles = [ config.sops.secrets."services/${app}/env".path ];
|
||||||
|
@ -61,12 +61,13 @@ in
|
||||||
{
|
{
|
||||||
Prowlarr = {
|
Prowlarr = {
|
||||||
icon = "${app}.png";
|
icon = "${app}.png";
|
||||||
href = "https://${app}.${config.networking.domain}";
|
href = "https://${app}.${config.mySystem.domain}";
|
||||||
|
ping = "https://${app}.${config.mySystem.domain}";
|
||||||
description = "Content locator";
|
description = "Content locator";
|
||||||
container = "${app}";
|
container = "${app}";
|
||||||
widget = {
|
widget = {
|
||||||
type = "${app}";
|
type = "${app}";
|
||||||
url = "https://${app}.${config.networking.domain}";
|
url = "https://${app}.${config.mySystem.domain}";
|
||||||
key = "{{HOMEPAGE_VAR_PROWLARR__API_KEY}}";
|
key = "{{HOMEPAGE_VAR_PROWLARR__API_KEY}}";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
@ -76,8 +77,8 @@ in
|
||||||
mySystem.services.gatus.monitors = mkIf config.mySystem.services.gatus.enable [{
|
mySystem.services.gatus.monitors = mkIf config.mySystem.services.gatus.enable [{
|
||||||
|
|
||||||
name = app;
|
name = app;
|
||||||
group = "arr";
|
group = "media";
|
||||||
url = "https://${app}.${config.networking.domain}";
|
url = "https://${app}.${config.mySystem.domain}";
|
||||||
interval = "30s";
|
interval = "30s";
|
||||||
conditions = [ "[CONNECTED] == true" "[STATUS] == 200" "[RESPONSE_TIME] < 50" ];
|
conditions = [ "[CONNECTED] == true" "[STATUS] == 200" "[RESPONSE_TIME] < 50" ];
|
||||||
}];
|
}];
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
services:
|
services:
|
||||||
prowlarr:
|
prowlarr:
|
||||||
env: ENC[AES256_GCM,data:hUd/39VQBX5mrtVVBE9pB/10FysJflAPgbVbSZpsw8DFXj3yoHxjJX6SAzRIz6K1iHD4kLTLjlO2jQ/L/C95byuLqNhgUHuGpdMQNJvkye3apJSwnCxE4wv2oNnB9cJXF81K8efvP0cqBNhBMfNUwNYa,iv:UCk6Z7oVY40c7hF5gJ8xR21jgxV5n6MIIAD3YZ9r6KU=,tag:EfCCHmJ+IqA82JEhIAzQBA==,type:str]
|
env: ENC[AES256_GCM,data:tosSq3uaBG3aWTf2HjIbYDwwgi4HcbRjZ+yU5udmgueraBcdgGkbzftziFOXaMJAsXQTuWl1xBRMYf7/oLKQFpS6ZsqyV8jpCOY4aDCb9g7AiNmBiqzYEoCNhorARX2o0CHDwUruU5TxSanx/ahT3GVU,iv:VY9n7WgNHyQDUfhgcjcx50w/5dJSdh94WPhnjHumCT8=,tag:JRArtemWaxiEweBS4MQpDw==,type:str]
|
||||||
sops:
|
sops:
|
||||||
kms: []
|
kms: []
|
||||||
gcp_kms: []
|
gcp_kms: []
|
||||||
|
@ -10,59 +10,59 @@ sops:
|
||||||
- recipient: age1lj5vmr02qkudvv2xedfj5tq8x93gllgpr6tzylwdlt7lud4tfv5qfqsd5u
|
- recipient: age1lj5vmr02qkudvv2xedfj5tq8x93gllgpr6tzylwdlt7lud4tfv5qfqsd5u
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBoTUdVOUc3R01XREtPODN6
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0WVRlOGV6QVdtYXRxenN4
|
||||||
YmpHbS9wRlZsaG1nSi9uRkVXNTc3cE9NR0hzClNXSVQvSW5KU3pkSHROU2JhK1VE
|
dmI2LzVYNEZSdnBDWmdYbXlJcVQzdlYrQ0ZrCmRiUlZnVXdLOTZXNEV6ODdQM1p3
|
||||||
NXVIWTljYnJueG9udzBmcUJEZDNnSmMKLS0tIG12VW16dkxrQmRYOEkyNFBCWitH
|
dWxCL2VhdjcrSHdwT3kvbWR3cHVaSE0KLS0tIDdEbzY3TmFJSWJKSmtaZ3dzc2dL
|
||||||
d1VnTHVjTm9VK3pzY2FzMkptMjk3VE0K9Wz2lmxhe1MdJ+7Z/bIDsgxHNkHGDVB0
|
TG5sU29veFBObjZackhtcE5WczI5eDgKpUFMN37YWaUbpu6kuNr25CkJvI3O1CNe
|
||||||
eM1fRSOWBdmZJvd7UxJ79LTgymgiRjP/gDGUAtIuLMaAHkChIbN8Ww==
|
jmcJQOW5QwSbIZbmk6U3TvELBvz766RlK66heE5KGx10Li9AJBXaEA==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age17edew3aahg3t5nte5g0a505sn96vnj8g8gqse8q06ccrrn2n3uysyshu2c
|
- recipient: age17edew3aahg3t5nte5g0a505sn96vnj8g8gqse8q06ccrrn2n3uysyshu2c
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4MjR1azhEcnhqaGVtazBJ
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4SkYxd3RRcHJlTE9Sb2Ry
|
||||||
eHNwN2lYZ2VRRVJESkZyaDJ4TEV3eEc0cHo0CkxLL3ZpeFUwd0dIY2JKemNlcWFq
|
VXJtVDB1RTN3ZnNPV05FQ2RCSTZPT0xUdWtzCmRaMWhsVjBFNTlZcGtpWi91RDM4
|
||||||
a1o5a3F3RFVSSEQ1UWc0K09QWXg0aE0KLS0tIDdJb05aTjZNQ0czWlhNQnRmdXVy
|
dlZIcDl4NVFUOElPY293aUg5NE1BaVUKLS0tIDlnMGhkdXV3S1dMS1F3NDBha05K
|
||||||
S1o4STZydVNZbzFwSm9kUjhpcHRFUEkKdmKu/jDfBgwhMDKY1sfz9bKjaqhu/1Eg
|
QStGQlgvT2JuZzk1eFQ1MEhRd2RCUWsKJ4Rbbye9WKsMfmsFSrzKp4EsCc46/CQB
|
||||||
uYqLGaf9TCxOnYSTtdSQH+Q0usU0IV/DcrPNJZsJbkRpXpJLIz11/A==
|
X6AqxkIi/fvwy9ZWrqDzLZn2iq4O2Zt8g6wEYaUDudxEWlR1C4JGcQ==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age1u4tht685sqg6dkmjyer96r93pl425u6353md6fphpd84jh3jwcusvm7mgk
|
- recipient: age1u4tht685sqg6dkmjyer96r93pl425u6353md6fphpd84jh3jwcusvm7mgk
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvbGpqbDdZcWdlbVYwOXBm
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVVzFFRkExbkw2c3JqVHcy
|
||||||
VzdDQ3JIRGNEQm45TjV2OEZCZjVlUm9uT1JjClBtb1ZCOWNNbnlVekIxREtKRnRi
|
ZUl0azlTeC9JTkNMdGdPamVVbVZBZ2tOcHdZClpQcVdISUlEcUE1UEtrVlpISlNx
|
||||||
V1hDK0R6QncxMGdmVGh0eHB0ZEJNbTAKLS0tIHVrbXRjVnJhUkNNYnIvYmg1Y25H
|
RytnSEFua2h1Yy9rRkFxNkJldHBDNm8KLS0tIENKcE9vZHJUek5jdkUrSmVDSzlF
|
||||||
dzQ5SjYvUHA0bTNJS1NkbXlUK2tDYXMKx4u7Elq6jjqSR84PBnXNwqyKJCETv6f9
|
M05MN2RQajhPR1oyaTM2YWRLWm1LcmsK3m970XSRhwIbMaSjd2OnH7Wm+qVkI0qA
|
||||||
Bn06vcCHuzApT8SGuvm4+v34IbZmUwFK930aZiMkSnjDn1LLF7DqcQ==
|
5HhJ0EsGCQIDVrSFCnCV85mcgUlglCnRaSu0tWL7lH/qIvzNOG1YUQ==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age1cp6vegrmqfkuj8nmt2u3z0sur7n0f7e9x9zmdv4zygp8j2pnucpsdkgagc
|
- recipient: age1cp6vegrmqfkuj8nmt2u3z0sur7n0f7e9x9zmdv4zygp8j2pnucpsdkgagc
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0ZVVWU3lRSnRvbmdoTll0
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB0WFVmWXgyZGpseXVIK2FV
|
||||||
c0tYZkdKYTI3eFZSSTRuUlhPT2lHQTFYRDJVCmdUeTJvZWlIdXRqdjNBVXhWL21r
|
bTZuSFdXTUNET290UGRDZ2d2OWZ1WGZXeFM4CnRNNHc5eWtSWnNvMHBEMnBXTll4
|
||||||
WHFmdDVuRnN5S0tzcmYvT1h1Vm9qUjAKLS0tIDBJRTNVaG11WFo4OWRGYzVya1Vn
|
NDhrL1NrNFRXR0dlYXdYWjliaVVsVkEKLS0tIE5yUVE1dFQ2bzBSYnZiNzRmNjk5
|
||||||
VElmRlVDRVdLNGVvVXRhNGkxY1VhQncKo3zk7GuHxOzDg1eYKkCLRSvulQ0PmNff
|
ZmNrNjJFWDVYT0M5Nms4aFAzd3E0SUUKL5cKrLsmk9zZGCmPhlo9LTH+dZicq2GQ
|
||||||
HrJfk6a4CprFKKdhv0EPIu7u/ggBsOyWpmHRoN0+0IzMgkXU4Sjthw==
|
/lcvE5Zr7H9QfaAfXIjgc4g5DLvCbxq0tQxzbUdg0mtCuhIUXpTSsg==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age1j2r8mypw44uvqhfs53424h6fu2rkr5m7asl7rl3zn3xzva9m3dcqpa97gw
|
- recipient: age1j2r8mypw44uvqhfs53424h6fu2rkr5m7asl7rl3zn3xzva9m3dcqpa97gw
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBZNys4ejR1WHZwdjdCa2ZM
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwbnMrS3FZUWsrOFNhU3R2
|
||||||
VCtmS1ptWUVwNlgzVEs0c3RkTTBVbnJRNTI0CkhIVHZVeXhJdGtmM05yTEFhdVdl
|
bGtnMjVzRXpxWVRUb2NqQm9YRlJPS0hyY1hzCjc5Vk5iMXZNcFpZdWxMM21qNmI0
|
||||||
TDNDc3FYa2pmY1hVd0ZrSDBiT0g4M3cKLS0tIGJuOUZIZCtUbkZYZGFyTzZheTZp
|
UzhWSTYyZ1BuOVdjQVFBUU9BNCtrQnMKLS0tIGtFdFlObDdYSkRpUkdTaS93eGM5
|
||||||
QjdZS0IzYXl6d01xS1ZTR0xLRi8rSkEK19L6i+KSc9rnZ+pF2BKfIrp1zeipyNNy
|
eUJldE5jRURQUmM5Ykd2eXJXbExxdDgKQUOwrK0wbhqXMTEtV4FUMZdHsXaXf8kT
|
||||||
VGcwyh+YD2K1S9KAgCffvr1zJ0Vwf/Ttc4/pqiSTnYIUJeBHNx/s4A==
|
lzhAovOKimF2Q47Zr58QFnJTAk7HBGoZ4sBEAa9dfvG6jRg4B3NVkQ==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age1jpeh4s553taxkyxhzlshzqjfrtvmmp5lw0hmpgn3mdnmgzku332qe082dl
|
- recipient: age1w3jtd4lecn2ng8qxantw33qxl2uasfqfjfpx45u6uweexwtxyq4spwssmh
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB6ZE85THN3MDF3Um5TckU1
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB1M2FqSkpKZkZ1QW9UYXNQ
|
||||||
SHJlaDc5eWRTUGROU3krcmorbkZmTEFBcXhJCjRFNTNOVXIxMW8vQjZEY1U1OE5C
|
enVIdzlldXVJZXVWdVRmMEpkWHpVOHlObURZCk9xTWh5MVl5UjJxZnplMC9lN1Qw
|
||||||
ZS9lUFNkNVhHaHYybTc2YjdpaWxIaFkKLS0tIE1lZ1MvdG90aVd2aE5PUXZrSFps
|
cDJ3ZDBsWWN2R2xWR09NU3VFT3hueUUKLS0tIHhmMGNBWkRZNGQ1TitIbG1ZVFJF
|
||||||
cmpuTEp1U1BoTjJ1NnVtcTNlQ0FaS0EKDtNAMdObm+nK0WQ1BtQllguTkzchIIZ7
|
ZXFacDJYeUdjbUk2QjhuWVV1dEpNdk0KU+zEg4KPciFx+H8/W2ajrlLPHL+WX2fL
|
||||||
99kkhXumgi/qsri19ZSXsz9GhDliISNHW2oo4ClCwJg2Wk3wWIRUow==
|
q0ULbEBieZ0SrCqrnRl/XR1ZxKi5RlJJKKIIfOjEDryy6AtlEU+3SQ==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
lastmodified: "2024-04-11T07:59:07Z"
|
lastmodified: "2024-04-11T11:56:37Z"
|
||||||
mac: ENC[AES256_GCM,data:nxW6oesMxMTUEy492qiSW6A3D7xZHo2YaIaJ3WZCk7Pr9bPPzGQnJmkYeiANiIOJNPdeguMZrBJ69Ng6wObBzn4YQc/noLItuMOPzJscpg/p7obPdG9ijMpl3/HIcY1HVdV0skJsXW8l3LvcCE6Ynx/jxbbxzXtyEV8Pm5KU6oc=,iv:l0nE1E/xjmk5fzqYyCzgmZMaSdfGbKbZ3XkXBW1FeTs=,tag:HHqtBv3rFOzXqvb/IsOl5g==,type:str]
|
mac: ENC[AES256_GCM,data:m3pQR6lC0DzLOi6ZFK9DPWfjKnROPcFXdlukUP7f/udjLhqWeZSl9HDs7d+xS+o/MdSeoV7BnMs6NcMhzXHz5//AB1pG0eNxxO0mALZKRqjEcs4ZRrnTeYb7TPOVLpGh+nDCe+RzJ81xqM2cDXC+ajZlnJpZ5XLalxGBu/vXupg=,iv:ZW2yiNKrm2TwZVqhR6vtAuc0/Dy2mPSN8z6ey8dcpJ4=,tag:DzxtOSRMUP5LDMEvJavy0w==,type:str]
|
||||||
pgp: []
|
pgp: []
|
||||||
unencrypted_suffix: _unencrypted
|
unencrypted_suffix: _unencrypted
|
||||||
version: 3.8.1
|
version: 3.8.1
|
||||||
|
|
|
@ -10,7 +10,7 @@ let
|
||||||
user = "568"; #string
|
user = "568"; #string
|
||||||
group = "568"; #string
|
group = "568"; #string
|
||||||
port = 7878; #int
|
port = 7878; #int
|
||||||
cfg = config.mySystem.services.sonarr;
|
cfg = config.mySystem.services.${app};
|
||||||
persistentFolder = "${config.mySystem.persistentFolder}/${app}";
|
persistentFolder = "${config.mySystem.persistentFolder}/${app}";
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
|
@ -41,15 +41,15 @@ in
|
||||||
dependsOn = [ "prowlarr" ];
|
dependsOn = [ "prowlarr" ];
|
||||||
environment = {
|
environment = {
|
||||||
PUSHOVER_DEBUG = "false";
|
PUSHOVER_DEBUG = "false";
|
||||||
PUSHOVER_APP_URL = "${app}.${config.networking.domain}";
|
PUSHOVER_APP_URL = "${app}.${config.mySystem.domain}";
|
||||||
RADARR__INSTANCE_NAME = "Radarr";
|
RADARR__INSTANCE_NAME = "Radarr";
|
||||||
RADARR__APPLICATION_URL = "https://${app}.${config.networking.domain}";
|
RADARR__APPLICATION_URL = "https://${app}.${config.mySystem.domain}";
|
||||||
RADARR__LOG_LEVEL = "info";
|
RADARR__LOG_LEVEL = "info";
|
||||||
};
|
};
|
||||||
environmentFiles = [ config.sops.secrets."services/${app}/env".path ];
|
environmentFiles = [ config.sops.secrets."services/${app}/env".path ];
|
||||||
volumes = [
|
volumes = [
|
||||||
"${persistentFolder}:/config:rw"
|
"${persistentFolder}:/config:rw"
|
||||||
"${config.mySystem.nasFolder}natflix:/media:rw"
|
"${config.mySystem.nasFolder}/natflix:/media:rw"
|
||||||
"/etc/localtime:/etc/localtime:ro"
|
"/etc/localtime:/etc/localtime:ro"
|
||||||
];
|
];
|
||||||
labels = config.lib.mySystem.mkTraefikLabels {
|
labels = config.lib.mySystem.mkTraefikLabels {
|
||||||
|
@ -62,12 +62,13 @@ in
|
||||||
{
|
{
|
||||||
Radarr = {
|
Radarr = {
|
||||||
icon = "${app}.png";
|
icon = "${app}.png";
|
||||||
href = "https://${app}.${config.networking.domain}";
|
href = "https://${app}.${config.mySystem.domain}";
|
||||||
|
ping = "https://${app}.${config.mySystem.domain}";
|
||||||
description = "Movie management";
|
description = "Movie management";
|
||||||
container = "${app}";
|
container = "${app}";
|
||||||
widget = {
|
widget = {
|
||||||
type = "${app}";
|
type = "${app}";
|
||||||
url = "https://${app}.${config.networking.domain}";
|
url = "https://${app}.${config.mySystem.domain}";
|
||||||
key = "{{HOMEPAGE_VAR_RADARR__API_KEY}}";
|
key = "{{HOMEPAGE_VAR_RADARR__API_KEY}}";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
@ -77,8 +78,8 @@ in
|
||||||
mySystem.services.gatus.monitors = mkIf config.mySystem.services.gatus.enable [{
|
mySystem.services.gatus.monitors = mkIf config.mySystem.services.gatus.enable [{
|
||||||
|
|
||||||
name = app;
|
name = app;
|
||||||
group = "arr";
|
group = "media";
|
||||||
url = "https://${app}.${config.networking.domain}";
|
url = "https://${app}.${config.mySystem.domain}";
|
||||||
interval = "30s";
|
interval = "30s";
|
||||||
conditions = [ "[CONNECTED] == true" "[STATUS] == 200" "[RESPONSE_TIME] < 50" ];
|
conditions = [ "[CONNECTED] == true" "[STATUS] == 200" "[RESPONSE_TIME] < 50" ];
|
||||||
}];
|
}];
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
services:
|
services:
|
||||||
radarr:
|
radarr:
|
||||||
env: ENC[AES256_GCM,data:ukUND0l3OVMVD2ChJhzGXwzeM2fCgxkEVygfXdRkWo0XH2QZB5FlYSqx+AasTAXcqOaaH96YrAIQWeYQADrXP2mmSBG3e2V7ZFOyADN89MSEkwr4XtSdTEBl2l4v49geN6mhkHI67Wm/kdV3Vpnj8ViOTnwXIgaRgTc+r9Jp0pyg1WXdZqdU8jOtPNbniCzfRemcxLM5MBIF5Wd5bBrHW8/+yj42/1xL18iO6bgpN9k1tenq7/60ajgDXD00AiAMYKtyCDtJEqvaKiAF/1yf,iv:e/Bb4ztBM/cSnouFxgxQy5iVkRYnOwaz1bYdDKA6ySQ=,tag:UcAGRhEI6Gep+V4L+YjdMw==,type:str]
|
env: ENC[AES256_GCM,data:xNR1zU9Il+jeL2uuKtiMxQV3IHDZ6uAAOnP8/odiQIlysPpcKMrP23z6iKSeUgLha+WtYYk61FmtR9gr5QcLl6WK1EWcyVfiw7ndbZgczWUr1irGCNAGGbKcyqoohUFg9aPcOUBz4MQOpdPK9gc4Uk2QAAB63HxcZxfLDQCHc9M/U6Tm8Mu81x0DtFa6gzAGeAPjeydofrY8/ZnMIkAIVxuCKOw9N6pFSCeF6YS4YsGGC0pcXSyRelnF30SuJewLm1NmE6ub0e7+FW+0Y5nO,iv:XzoK7NaQjmi/8smaJTyWLAoUENVG4DRkYL12Bb09AT8=,tag:jFAHyoSjrp1CBSG0SDlADA==,type:str]
|
||||||
sops:
|
sops:
|
||||||
kms: []
|
kms: []
|
||||||
gcp_kms: []
|
gcp_kms: []
|
||||||
|
@ -10,59 +10,59 @@ sops:
|
||||||
- recipient: age1lj5vmr02qkudvv2xedfj5tq8x93gllgpr6tzylwdlt7lud4tfv5qfqsd5u
|
- recipient: age1lj5vmr02qkudvv2xedfj5tq8x93gllgpr6tzylwdlt7lud4tfv5qfqsd5u
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwN1ZCTHkrRkRzY2FvMEFB
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzSkhzTTg5MTgxMS9pbm1q
|
||||||
TnhuRFdFckY2UVJBWGxEOEE3T05SOXlRaENZCnpPbGc1aG9vQ1Z2emlSY29rYVNJ
|
cTdERTJwU281YXF0N0NQNmIwMWw3T05ZMHpnCmttbmcwdjEzNVVXZGN3WXNwcll2
|
||||||
c0xkUWRuK0tBelkvOUpvRi8vbERGTWsKLS0tIFQ2Wmh1ZzRmdElBbEo0S0NrQWNM
|
bUxmRlhIbnJ4aDNFM3Y0ekVReFNuTWcKLS0tIEdCSDI4MzY2b3d0M055d2lMN0kw
|
||||||
MG1LMEJSTzBzcDlPYlhTOVhJY29mb1UKU6F0gaSPshJJ/7s5E8nFcX8sznmNGAAO
|
NzEwbkJTd0d1WWxvUHFNUTNiMVVhSDQKvq54ESh7DU/VGOu4Oe9D1esq+mbVOeKy
|
||||||
U7e2YoImKOteHOTCp4mCIDvJMbTWAls7LeElkVTZrdG8Cd0qFQLbZQ==
|
7xcX7vU4cI1dqMBRciigwfV/45Aq/fhcZWDY+gv77claD18BgjXZjw==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age17edew3aahg3t5nte5g0a505sn96vnj8g8gqse8q06ccrrn2n3uysyshu2c
|
- recipient: age17edew3aahg3t5nte5g0a505sn96vnj8g8gqse8q06ccrrn2n3uysyshu2c
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSArYUJycWowckorWDI5TW9W
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBsamdmNnpaTjdUdklxNlhm
|
||||||
WVNuaFJrbHRqUUp2MG1MWFcxMFRIc0lmTzFVCnZ6N2RpRWphaTN1dk1iU2xYYWh3
|
U3BEVVJJZWxlQ0hUQlAxVmV6MnNUaWpaTVhVCk5PL24vcUsxeVM2aGtxZ3JlN2VN
|
||||||
VUhmLzlkVWxJNzNpc0dPRTNRMmZaU2cKLS0tIHkwdHlYQ1hDRzlxUGVlYmZZOWZO
|
STF5VW5aeTRrbHFGNDFXeGE5akx6LzAKLS0tIGRzbXVvTUs5ak0zd0Ewd2JYM21u
|
||||||
M05EYmU4SDU3YlR4Y1FNTjNrNSt3d1UKjOYnX6tAYGV1FIQ1KhsxlpP3G4iGKvzQ
|
cjFRTjFVNzFyZzI1Ti9kK1E1U01zcTQK7a5HVOPOQ6dEjjc6fLIiR0gPBQp2sl65
|
||||||
B856D24XmztXROWxLekQRqG2zA/tfBnRzyeNnnPf0k///4lPFBfhRA==
|
bZnjLPl4OW1C1vQisk2c+jw8setNdtHZ1cNEX/Tpp5jMRvG6wfFdDQ==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age1u4tht685sqg6dkmjyer96r93pl425u6353md6fphpd84jh3jwcusvm7mgk
|
- recipient: age1u4tht685sqg6dkmjyer96r93pl425u6353md6fphpd84jh3jwcusvm7mgk
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0OHZjNFBxNHJPaXRxMGpt
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTU0JWZlV0WnptcWk0V2tW
|
||||||
SS8yUDI2RUJraGRXV1hpMzRMc0ZnUEJrN0hvCkNOMENQbXlJd1JxNytFT0FpS3NB
|
RGp4NXU0TlVrcThnY1ovcnFCT0tFYk5qWVI4CmxPWVdNd2pjNndKQzlpVjdzRndU
|
||||||
VXNUd2NSWTBFbmhuaVcyTXFWWU1SQlkKLS0tIG4wTGlxeEx5SlN6NEhjbm9ma3R6
|
VC9GRFkxK1dZakc4VWJTK3dhNFI1dWsKLS0tIEVKQkxmK3BCcVlCTExxaytWc3p4
|
||||||
MWNGdlFvZkg0OTl6M2pOb3RyTEQ0ZDgKVJ161HNXY9dh6bTIlf/G093ZJNUuDFIW
|
ZWJWaWlQUE5panE2UExRdk5VTXFLVTQK7b+YCdLJfBuDGjdTT3+jBrt/UtLgqopl
|
||||||
inXia0GDh06Vq3V6f9Lt4DW+a9HZdoIT8NaAOcNmc+8a0F1h/5jZxw==
|
Eyu8qA1vcANG/nHyWNIsv9ogXXPns5tx/EjHoDWFtmK+xYb35elahQ==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age1cp6vegrmqfkuj8nmt2u3z0sur7n0f7e9x9zmdv4zygp8j2pnucpsdkgagc
|
- recipient: age1cp6vegrmqfkuj8nmt2u3z0sur7n0f7e9x9zmdv4zygp8j2pnucpsdkgagc
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBMejVkNTZGaDF5NVMybVRE
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBYT2ljZ0l4ZXNKQnNvcExW
|
||||||
RE5WNDFoKzRURjdMbHBHSXNsajJiQW90MlRRCmpyaE1MQVFGM3pDSDU3Q3lPQ1BV
|
dWxnaURiTWx4Ykt6M0VueVRLREh0NEkrR3k4ClYxR3F3a3hDazV6ZWpYZ3lZUmJY
|
||||||
QjVRVk5rcUVFb3pqdmVPMitRUXFDWlEKLS0tIElKV05IQnRVbFE2TnI1OGxOcENE
|
OFZBeFc0YXBvWUU4TVBPWjR3WDM4NTgKLS0tIFJUTzNmZXBPbFhZZG10cWNQK2pW
|
||||||
bzZpZjJtdDJpWWVCcUZ1YVoxalFDMlUKnhnYyirfgIhVZBnYN8PnXY3eRm5eDWn7
|
ZVBpZmFMeGswNUVOa1k1WVdmeFdrVW8KXjm74fFrEhWTP81MVpGxT8DOPGdfldFV
|
||||||
NMnsvahaQfplfIzY7nf3LV1y4s4eptnpmpPrygn52Y1TNiC8neF3vg==
|
6AmRLlon/j4LFfhHEa+mMQyRBQ4Yf3ddA1ZGkMENpmYaZANEMK27VQ==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age1j2r8mypw44uvqhfs53424h6fu2rkr5m7asl7rl3zn3xzva9m3dcqpa97gw
|
- recipient: age1j2r8mypw44uvqhfs53424h6fu2rkr5m7asl7rl3zn3xzva9m3dcqpa97gw
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5SElkOTdpRWN6TnkyQWJt
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtMzViTnhNSVpuNGRQUmZI
|
||||||
dHBBSkVYeWRERXlPZWxwT0lhRzcwd3FrR0FZCk5NRmg2T1dZZEtOcjk3QytnUWF2
|
ZmVicEIzb3VEYU12K1JFWC9lTlh2NzEyVUZjCk9qQUFmSm5od1pKQ1hOMEZ1dzV5
|
||||||
T3JJR3lHV01reDZPZ2xtY2RKYnNDTWcKLS0tIFNHZEhHblU5aDBJUGlBMXhGQktz
|
U1BxcDB2RjFndTBKV1BxWWRqbHZYVjAKLS0tIE0rMDJuMWFzQzRUL3Q5aHB3WDI4
|
||||||
QjRST1RQVWNZZ25nM0p6Q0FzQ3o3bzAKQqKRumMEIggkkzcPfuRfDkfRqbkLLbok
|
b1JJOFNxYVBPdHc5Q0FvYTBYdG1pQ2MKClJdJIeOlCsZbV5crlNWb0ibIRo4jgb1
|
||||||
9DDYqxWQDuEDa3wDm3n13uoN0iwVzdDIUj2V2i5xgNyQgFFyEvT4xA==
|
x2qfjH4kcyyxueYaYQmVAsJwus+mF5DphQH6GLyEBWhecWU7hd13+A==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age1jpeh4s553taxkyxhzlshzqjfrtvmmp5lw0hmpgn3mdnmgzku332qe082dl
|
- recipient: age1w3jtd4lecn2ng8qxantw33qxl2uasfqfjfpx45u6uweexwtxyq4spwssmh
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNYWlJSVBCTEVVVXB4SVJS
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB1Z2ttbFphWEJOZGlXbTAx
|
||||||
NVl2ZXp4b2ZxeDFKRk43ZEMzL2FQOTZBd2swCll0Tlc4OEJUWENWUDh6THhHYWtj
|
ejAvSW5RQ0ZtZnY2R3hZcFQ1dEpZVjlabFZrCnVCZzMzSlpJcmhLVUNaRXdZUDRq
|
||||||
S0RzdEtQemF6TkVCSUZJaFVGZVg3T2cKLS0tIGRqclN4YXJNNG9SY09TOHhmWWc3
|
OEhqbkRxT1lvN3l3K0VuZ01aeEZBTGsKLS0tIEszd0ZjbGxJc3BJYVdIeDVCSnFC
|
||||||
Z3RQZ000Lytoa2lwUnN6SVB3UngyNGsKnF7qVwcmVJmJhY8GfW3yrC9QEu/V0/wv
|
S1lZN3NiQlZYclVQeHBheFpnS0dHNlkKnm38ebqxyazFs2f3R+Z9JxBDi05fMmgL
|
||||||
eHruyTb3CfUqJ9rrhhQ0uOUCZ3YHZjg0rMfOjj6bsZPjGL3kH0OeWQ==
|
7zt4SrK5puEz6Tps+Uzxc3tIw72s3IKjiolJ5NTLggVDxJC5RTHK6w==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
lastmodified: "2024-04-11T07:59:07Z"
|
lastmodified: "2024-04-11T11:56:37Z"
|
||||||
mac: ENC[AES256_GCM,data:1GVohNu9Mz+6v7QHjAvsq8QVYaHnjdmWAG/CpMU8Xg5e/4MJr0N21jh92M8/09hZ7quv0Tvh9KfD/O0j4cssuYcZpCGZPrKSZ5D4NVTYN6bI4oVGgiloPtMR06g1TLJBOmov+fdwGtU5JPf0J8HjbUx/63ZLBB9o6CjRWK7C3Ns=,iv:lxn7ZCH6YWcccZ6Rs7d/hEV/rhDkmGVMb12W27zgN58=,tag:LejroHBhmmHL9NPMHa+y+w==,type:str]
|
mac: ENC[AES256_GCM,data:eBU8ATyScttrDfc8M17qCGrNVNxpfnW+u2f3JTiuKl79+KgVLF958K7BUiYGZ3J+BrmWHsV8YeAso6hjHS/3JLJJyRGlMeQ+ywJxglnj87TKVitqRMk0Kx+BVE24SjGxJ97/IsDUhBmLVxphv49aeiaHtPAPQ97+OfFKwFOaHwQ=,iv:0KvN1Xc25QQd9/v7apuM22Dyr5VRCwiP7eRTPi6Jrcs=,tag:lyiiNPo/Y9+RWiBzV3RmMg==,type:str]
|
||||||
pgp: []
|
pgp: []
|
||||||
unencrypted_suffix: _unencrypted
|
unencrypted_suffix: _unencrypted
|
||||||
version: 3.8.1
|
version: 3.8.1
|
||||||
|
|
|
@ -10,7 +10,7 @@ let
|
||||||
user = "568"; #string
|
user = "568"; #string
|
||||||
group = "568"; #string
|
group = "568"; #string
|
||||||
port = 8787; #int
|
port = 8787; #int
|
||||||
cfg = config.mySystem.services.sonarr;
|
cfg = config.mySystem.services.${app};
|
||||||
persistentFolder = "${config.mySystem.persistentFolder}/${app}";
|
persistentFolder = "${config.mySystem.persistentFolder}/${app}";
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
|
@ -42,13 +42,13 @@ in
|
||||||
environment = {
|
environment = {
|
||||||
TZ = "${config.time.timeZone}";
|
TZ = "${config.time.timeZone}";
|
||||||
READARR__INSTANCE_NAME = "Lidarr";
|
READARR__INSTANCE_NAME = "Lidarr";
|
||||||
READARR__APPLICATION_URL = "https://${app}.${config.networking.domain}";
|
READARR__APPLICATION_URL = "https://${app}.${config.mySystem.domain}";
|
||||||
READARR__LOG_LEVEL = "info";
|
READARR__LOG_LEVEL = "info";
|
||||||
};
|
};
|
||||||
environmentFiles = [ config.sops.secrets."services/${app}/env".path ];
|
environmentFiles = [ config.sops.secrets."services/${app}/env".path ];
|
||||||
volumes = [
|
volumes = [
|
||||||
"${persistentFolder}:/config:rw"
|
"${persistentFolder}:/config:rw"
|
||||||
"${config.mySystem.nasFolder}natflix:/media:rw"
|
"${config.mySystem.nasFolder}/natflix:/media:rw"
|
||||||
"/etc/localtime:/etc/localtime:ro"
|
"/etc/localtime:/etc/localtime:ro"
|
||||||
];
|
];
|
||||||
labels = config.lib.mySystem.mkTraefikLabels {
|
labels = config.lib.mySystem.mkTraefikLabels {
|
||||||
|
@ -61,12 +61,13 @@ in
|
||||||
{
|
{
|
||||||
Readar = {
|
Readar = {
|
||||||
icon = "${app}.png";
|
icon = "${app}.png";
|
||||||
href = "https://${app}.${config.networking.domain}";
|
href = "https://${app}.${config.mySystem.domain}";
|
||||||
|
ping = "https://${app}.${config.mySystem.domain}";
|
||||||
description = "Book management";
|
description = "Book management";
|
||||||
container = "${app}";
|
container = "${app}";
|
||||||
widget = {
|
widget = {
|
||||||
type = "${app}";
|
type = "${app}";
|
||||||
url = "https://${app}.${config.networking.domain}";
|
url = "https://${app}.${config.mySystem.domain}";
|
||||||
key = "{{HOMEPAGE_VAR_READARR__API_KEY}}";
|
key = "{{HOMEPAGE_VAR_READARR__API_KEY}}";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
@ -76,8 +77,8 @@ in
|
||||||
mySystem.services.gatus.monitors = mkIf config.mySystem.services.gatus.enable [{
|
mySystem.services.gatus.monitors = mkIf config.mySystem.services.gatus.enable [{
|
||||||
|
|
||||||
name = app;
|
name = app;
|
||||||
group = "arr";
|
group = "media";
|
||||||
url = "https://${app}.${config.networking.domain}";
|
url = "https://${app}.${config.mySystem.domain}";
|
||||||
interval = "30s";
|
interval = "30s";
|
||||||
conditions = [ "[CONNECTED] == true" "[STATUS] == 200" "[RESPONSE_TIME] < 50" ];
|
conditions = [ "[CONNECTED] == true" "[STATUS] == 200" "[RESPONSE_TIME] < 50" ];
|
||||||
}];
|
}];
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
services:
|
services:
|
||||||
readarr:
|
readarr:
|
||||||
env: ENC[AES256_GCM,data:E+p2naBJFyYW3FsuwT9pi+w/o/s7Kf6LCN5v2fiz9cMxWHTR4X9WYrqPhYPrWFoVxc2xyYZgNQWH7+g1Oncy6tWcHVN2AWiVzNXAH+zKkiWjRGbhLkxiAJXct3BUXtB+x9YP+TVDAsXkE3SbIR1KwQ==,iv:/qsVs0cI7Z5oFzVBvlvmirMBF5jWqqqPOlHn4XGqz8Y=,tag:4Yixp4lN7dDdtvMOo/Os9g==,type:str]
|
env: ENC[AES256_GCM,data:YrtC84SDPVC/pWrKeg1kmA5T3QKOqxt+y9x0rnYC0pErta9v8xGU+pgC1jVZfqh4Dp81tRohhmQBMC9KZz4bmmn/5YsAHAB8Y4xJSwm/kZ3LNjVRuZ+PmvEh2ggfwvs2nFDRbMx/TLETbSZ9t6NGtg==,iv:ZwvHaREcEkFSXyL+VBDFFKgZZwg7+utMs8qZex7pzHU=,tag:+3GdLnxxo63XxvMQ3UwK+A==,type:str]
|
||||||
sops:
|
sops:
|
||||||
kms: []
|
kms: []
|
||||||
gcp_kms: []
|
gcp_kms: []
|
||||||
|
@ -10,59 +10,59 @@ sops:
|
||||||
- recipient: age1lj5vmr02qkudvv2xedfj5tq8x93gllgpr6tzylwdlt7lud4tfv5qfqsd5u
|
- recipient: age1lj5vmr02qkudvv2xedfj5tq8x93gllgpr6tzylwdlt7lud4tfv5qfqsd5u
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB2VklCdjREc3R4MFdDVTFp
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTd1pGYXZCeG9RTm9pTmhC
|
||||||
ZllReFdrOXdWQXUrdVd6SGVuRDEzMkNIZlUwCnQ0MWFHbVlaV2xvNFRKajZJbzAr
|
dVc4MHYvZE9leHF3L1JwS3ZwVXRaY1VZOEE4CmVVeW04TWRNVXFFbmNFMkZvMEEv
|
||||||
ZEFLM2V5THcveXh6R1hmL1lDWi9wbEUKLS0tIDU4cmJMZTdIYmZmOHZ0eC9wUWc2
|
ZUdLUmZjSXppeG9zT2xjWGlMVTVISlkKLS0tIDh3YXk2MzQyMnozbkdXQmx0NmpZ
|
||||||
emRVT0JXU25hUzdQY0Vna2xFQ0tpZ3cKr+pvCb1xnyBfE4FcCNwHvcVkNJTmmOsB
|
ZTlicGQ3WlhkTk81dHlhUUhNNGl2bEUKziPthUL3m69WSsKwAblDeQff3kyoUOp6
|
||||||
jaD7VxiZy/p4WRndex4VVHpJ+qFJs8bPyCCT8a618du4ZGv1Y/xX8w==
|
3e8h1C/+rAx7LZIlQaMvBKFy2IiAb2bb47tb7L3k3BLx38FP2g7a2g==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age17edew3aahg3t5nte5g0a505sn96vnj8g8gqse8q06ccrrn2n3uysyshu2c
|
- recipient: age17edew3aahg3t5nte5g0a505sn96vnj8g8gqse8q06ccrrn2n3uysyshu2c
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBneS8zSXJRTHdmY3ZzcXZT
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBiZUoyeTFycXZuZTJnblJY
|
||||||
OTlCQXRvN2FONWphcGYzWlhlbzg2YkJ4R1g0ClkwSGJ6QU1JbEtZUC9xQzdBMGEy
|
cDNxUk5YWWVMRHlHUXZPYmdVUmNvS0tadlN3CmlFbjNuU2t3OENySmNqenlLSnlD
|
||||||
VmNZT3NJRERpV1I1Ym5DL2NYQXhKVjAKLS0tIGVGZEYzQmg3YVdRL0x5TDBsbEYr
|
ZnRNZnJnN052eHJUNzYwbG5SWTZTWU0KLS0tIFd2bk54RWV4TzVheXRyekpreElR
|
||||||
ekpvaytPeFBoSEJJL0pMN1pybFFDVlUKb5pQPix1Q0c/7VTPFeinRy+l8WqJpyzb
|
YmVoVVM1T1Zwb0hOVzVpemwvOTY2WE0KjfJ8ertgqaFEEN6lgWNOVTv2UdL2/+uD
|
||||||
ueep961qEfS4jtesoNvHGdS3Vf+yq6ucfcryJ14vvRFks+OlrVhUNg==
|
5W68LANkIHbVNuY6IFE6HEeBUww7BfshW/D3NjJ9/GHMdVyO0MFs3A==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age1u4tht685sqg6dkmjyer96r93pl425u6353md6fphpd84jh3jwcusvm7mgk
|
- recipient: age1u4tht685sqg6dkmjyer96r93pl425u6353md6fphpd84jh3jwcusvm7mgk
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXSmxEQXpYaXA3aHJ6ZDBx
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB0dTFNSUVQRmpaL1FrSFkr
|
||||||
YXpBOXBBMlFDQzU2c3FCQmNIQStRMHdiY1dnCkNTSDVwTm9QRkhmWDZ0clBuNjdq
|
cXQzRFAvcUNsSUIyT2piZHJyR25hMTYwQ3hnCjdFbjFvNlBFSkVzMXdJd2U5ZE1s
|
||||||
b0tJYXU1ZEZyaUlqOVNiRTVJQjdVeGsKLS0tICtjdFVVakp4NTU2ZEpGWlF6Rll1
|
U2srMktJSnVVQjVDZnpFYUtKL2QwR3MKLS0tIEd5eUlJbnB6NmJvcXh2ODY5cGhk
|
||||||
QzV3OTQveU9XenhDZ2FWSUdrZlRpeDgK/u5xjNdLQNjZnOEd4o60loTIuEr71vak
|
VlBldU5pRXdiK0NwYWtPOThOYllyQmsK/onUlwfcxSA1uj7UeO0Al5SDrOnlnY+q
|
||||||
MxXpg/2G115YSY1p6o4N8uy0GN3Shh2quTLYjkUm1PPAzvbE8arkpA==
|
A/8BRBjvc4NZbmQRqQFL1jAbnjWGKkr8nga68+Po41o5HGK7bQLjLA==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age1cp6vegrmqfkuj8nmt2u3z0sur7n0f7e9x9zmdv4zygp8j2pnucpsdkgagc
|
- recipient: age1cp6vegrmqfkuj8nmt2u3z0sur7n0f7e9x9zmdv4zygp8j2pnucpsdkgagc
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4WWM0ZDhKeC9CKy9tNzA0
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2d3V1RUVjNTRzUm1scTAx
|
||||||
UmdhSHBJcVhudDBpZncwMzB6WWt5TyttMkR3CmQ2Mm1tOWFoZkNXc0hMYmJRMW93
|
aE81TUtFZkJxK1kvelY5UzFDdm4yY3RDNVRJCmNnZmpyWkNMZXNUNlZNenFtVzAz
|
||||||
UzB5ZXZCb2pzM2NQVW4xQ2xoOVdDTVUKLS0tIHpIajZsb1kzVmRVN3JjN1p0YTVS
|
b0tSVnBmMEhzQ1ZCeVFlZE45aFpsVHcKLS0tIDBLYXBrblpwUDZHdXBkU05WeUM0
|
||||||
K3AzSWx6QUI5Rk9uQTBmZEI2NEhHdDQKAlE/XMS0NKCZXORSWcPcknoFGWjq7pBf
|
S0R5dWM1Z21vVDdYZTVPdzZybGdKNDQKKMGfvicyhJLtRljF8+2aN7B05lOQdVue
|
||||||
BjEbBX5Q8hOW0thpw1gythyxav213cHj7xzuwCer+k04/OcKzF/F2w==
|
9fbkdQqmyjlDBzgcpXlWYEiFXAGQw47QursiRgi5IWNrPIYUsNUGVg==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age1j2r8mypw44uvqhfs53424h6fu2rkr5m7asl7rl3zn3xzva9m3dcqpa97gw
|
- recipient: age1j2r8mypw44uvqhfs53424h6fu2rkr5m7asl7rl3zn3xzva9m3dcqpa97gw
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBOam5UZ2VweGw5OG92L2hK
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBnazdub1l5SHZrakNJem1Y
|
||||||
dlk0b09TcnZvK0RHUmd5Zkd1TVVYLzM2Tm1VCldWNEVMWnJnM0xNZG0yOU5oTTcz
|
R2Y4dUdLYUNYekZUaTF6UGp0NThSRStRdEM0CmtZajZkaURXSXdwQ0xyYVBxMGox
|
||||||
MGRmQW1DdUZmWStUNHFhdk1DNzMyVjQKLS0tIFJ6czFVN2VjNHZxVmI5eStOUmcr
|
Wm8reDU0SklpQVlwN0FVUWphUU41Rm8KLS0tIEFvem1QckhSLzdZUzFYU1lkeU52
|
||||||
WjVIU3JLdWg1clZXbng5TndXd0lwQ0kKil4CF12Gnb5BQFxcH+QWPfHwabHDSdaI
|
bHEvamFnRm1hQzhWVzc2NlpMdDZjamsKHw2l5wMqtMHgOlDa40+3RWMrFrC1I23i
|
||||||
bC2LpzoLZRlkZZwmmL2tLosaSBHqFzPMA3BR1dotRnQtMF0El0MnaA==
|
rXFmm5x6BR1xfHFfor5rJK2CrIEhgWoRLSqcj4CN2lv1CQ9Q3CZchw==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age1jpeh4s553taxkyxhzlshzqjfrtvmmp5lw0hmpgn3mdnmgzku332qe082dl
|
- recipient: age1w3jtd4lecn2ng8qxantw33qxl2uasfqfjfpx45u6uweexwtxyq4spwssmh
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSArOTF1TEEwTDFZYTRIUDJ2
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzMWZDOTdvY3ZtVWIxYXEw
|
||||||
cHpieUN3eXN5b0ovVnJOUThUWEwxMnNBelM4CkExei9GaEgxNUd6V1lDdTRRbzRC
|
YlFwcjA2ay9ySDRuRmFuOURUQ2lOUlA5SGhRClZhY3FCZENHWkFNeDBIeEw1M21N
|
||||||
M21MQ2p2MnBBSXRPU25WSGJESWgrU1kKLS0tIFg2YnQwS3YvRnh1SkNJQ3NUd0NW
|
QS9OcmhSVzhTZmdvZG83aWZqRkZUQXMKLS0tIE04elFzaWlTYlBBNDJIcXg4b2hy
|
||||||
VDA1TjVZWVhHakJCdHM0dXRVTUdKaEUKMYzg0tMqXOds30d+GF1JCb1J26DOghYb
|
UENsWnZLZXZwUlZkOElHazM0aHJvNHMKtc3HGsZ6jmAZEapTWNGCfUmSpjpH7bIl
|
||||||
P58AMxqVAG2IAtVFFrye2RRUlAfa5t7vzilpWUWZqRPYXvaDVoOE3w==
|
dClmX+63ZVOL++SrUMRh9gZJF4utXzFbwgJsh8WrVpbg1SNplA+tKA==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
lastmodified: "2024-04-11T07:59:07Z"
|
lastmodified: "2024-04-11T11:56:37Z"
|
||||||
mac: ENC[AES256_GCM,data:GeVWlsIrfEoJtANhgAvhLGsbpYCQSrE3/2V30/wTUjoywdO23Su+0vcmQEBbppH/ArGCVA4WwnExNd/jfORXffGDdJL9336pHVvlJ+n4QTYNx97lbwu2IAgixM//qof45Ob3OOvThfffAyeENcAANrBNb5eIPFYV1uurbhAEixA=,iv:NWzQaAO5/aCcMNwiQxpB0/2Hw74aqSzZrO/6JyRvWKY=,tag:I5nLIZI8se0hCjaQzB47sg==,type:str]
|
mac: ENC[AES256_GCM,data:etgC8IZtH6YGGhbDoGK3tKjbrtIyu9mYwXRMDygCVK0uJfrktW8I7OJwKa2PAHLDzG6ffIQRJdgDNFIgVobK5hFx2MgY1mR4dwopmClovBD6H2OvXT8IdzVjAUW5xJY7rk9L9tmeackKp+sWnAxlfVtZ8rWl+i5vBYxm08UrHv4=,iv:ITUc8sDSyP/uYUSyC+B4pEjlxJ7gheTk2Wk7ibmuIyw=,tag:khG/fPxlCl/ru68iBAZntA==,type:str]
|
||||||
pgp: []
|
pgp: []
|
||||||
unencrypted_suffix: _unencrypted
|
unencrypted_suffix: _unencrypted
|
||||||
version: 3.8.1
|
version: 3.8.1
|
||||||
|
|
|
@ -43,15 +43,15 @@ in
|
||||||
environment = {
|
environment = {
|
||||||
TZ = "${config.time.timeZone}";
|
TZ = "${config.time.timeZone}";
|
||||||
PUSHOVER_DEBUG = "false";
|
PUSHOVER_DEBUG = "false";
|
||||||
PUSHOVER_APP_URL = "${app}.${config.networking.domain}";
|
PUSHOVER_APP_URL = "${app}.${config.mySystem.domain}";
|
||||||
SONARR__INSTANCE_NAME = "Radarr";
|
SONARR__INSTANCE_NAME = "Radarr";
|
||||||
SONARR__APPLICATION_URL = "https://${app}.${config.networking.domain}";
|
SONARR__APPLICATION_URL = "https://${app}.${config.mySystem.domain}";
|
||||||
SONARR__LOG_LEVEL = "info";
|
SONARR__LOG_LEVEL = "info";
|
||||||
};
|
};
|
||||||
environmentFiles = [ config.sops.secrets."services/${app}/env".path ];
|
environmentFiles = [ config.sops.secrets."services/${app}/env".path ];
|
||||||
volumes = [
|
volumes = [
|
||||||
"${persistentFolder}:${containerPersistentFolder}:rw"
|
"${persistentFolder}:${containerPersistentFolder}:rw"
|
||||||
"${config.mySystem.nasFolder}natflix:/media:rw"
|
"${config.mySystem.nasFolder}/natflix:/media:rw"
|
||||||
"/etc/localtime:/etc/localtime:ro"
|
"/etc/localtime:/etc/localtime:ro"
|
||||||
];
|
];
|
||||||
labels = config.lib.mySystem.mkTraefikLabels {
|
labels = config.lib.mySystem.mkTraefikLabels {
|
||||||
|
@ -64,12 +64,13 @@ in
|
||||||
{
|
{
|
||||||
Sonarr = {
|
Sonarr = {
|
||||||
icon = "${app}.png";
|
icon = "${app}.png";
|
||||||
href = "https://${app}.${config.networking.domain}";
|
href = "https://${app}.${config.mySystem.domain}";
|
||||||
|
ping = "https://${app}.${config.mySystem.domain}";
|
||||||
description = "TV show management";
|
description = "TV show management";
|
||||||
container = "${app}";
|
container = "${app}";
|
||||||
widget = {
|
widget = {
|
||||||
type = "${app}";
|
type = "${app}";
|
||||||
url = "https://${app}.${config.networking.domain}";
|
url = "https://${app}.${config.mySystem.domain}";
|
||||||
key = "{{HOMEPAGE_VAR_SONARR__API_KEY}}";
|
key = "{{HOMEPAGE_VAR_SONARR__API_KEY}}";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
@ -79,8 +80,8 @@ in
|
||||||
mySystem.services.gatus.monitors = mkIf config.mySystem.services.gatus.enable [{
|
mySystem.services.gatus.monitors = mkIf config.mySystem.services.gatus.enable [{
|
||||||
|
|
||||||
name = app;
|
name = app;
|
||||||
group = "arr";
|
group = "media";
|
||||||
url = "https://${app}.${config.networking.domain}";
|
url = "https://${app}.${config.mySystem.domain}";
|
||||||
interval = "30s";
|
interval = "30s";
|
||||||
conditions = [ "[CONNECTED] == true" "[STATUS] == 200" "[RESPONSE_TIME] < 50" ];
|
conditions = [ "[CONNECTED] == true" "[STATUS] == 200" "[RESPONSE_TIME] < 50" ];
|
||||||
}];
|
}];
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
services:
|
services:
|
||||||
sonarr:
|
sonarr:
|
||||||
env: ENC[AES256_GCM,data:kfTyr1nndHNK60uADWYhS5bMr8U2MolgdHGM72t4wWhjIRL3OHFF6zwFtAU7nbOHw3hroa9v9zjzFRSAoHNpzqOE9Gdj4zIKzU3FpxulRyhUzI983zZkN20aZCVJYTdPm0KwJP1+bLdaaJKMqhYePM17mSMCxAJPEY9vLeEI+C1OwIdr8V6XJ5RCD54PuzCsBNjX19vhFjADJLasDUAT3IZCt72zhPNp59rJPlKMLyKPwbPiILHJmP5ly3ZmldaZ3iz4I/+c4HCy36qBQ9xh,iv:4AauiPFfgtFMvf9g0mTMpSOD/78eN7qL0OL2fu4J8aM=,tag:nLw2hgQndHUKdZEzoaNkGg==,type:str]
|
env: ENC[AES256_GCM,data:oMGIe0t1e23S1W/7XbarR/fb53VB9AnUFHOl/RVy6tQxLanVgnvupexvWzwgCAHV5RTvbqm4leOw/ho/PUoCsh9HKgTNgzZnsDctoaXxnZ/r+z2uzl4VNWhpPW6WIBMHA2tkK+93972hNWrxhttmNAC/iIn7dymByWrqCIFt6BE4uQwDmetb4pgwlbPDkF/qfrZlcrAESQhJht73jk1TuRCP1oTnZFCY8O1mqiwVbdt43d/wXG+lQ0TmrPQ5LafNbnx2meL6BZbwZzMDPYEP,iv:e8+AfvHozU8V0yu0nD9foriv3ButNPuKUWJ6m2L322o=,tag:ElYdWzj5VLgWZyeLpjXGLg==,type:str]
|
||||||
sops:
|
sops:
|
||||||
kms: []
|
kms: []
|
||||||
gcp_kms: []
|
gcp_kms: []
|
||||||
|
@ -10,59 +10,59 @@ sops:
|
||||||
- recipient: age1lj5vmr02qkudvv2xedfj5tq8x93gllgpr6tzylwdlt7lud4tfv5qfqsd5u
|
- recipient: age1lj5vmr02qkudvv2xedfj5tq8x93gllgpr6tzylwdlt7lud4tfv5qfqsd5u
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB5Y2g3K2t6b3BQUzh0NUFP
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvWTFZWFNZTWRxMm5qRmRk
|
||||||
eUg5aENGcnRsZlJBd0s3NDlzdlV2WEZ4NndNCnBKeldSVTdVYUNYd0EySkVYb1I0
|
MXNmSEJnZEZSWHpBTjk5ZU1Ld3pQUGNFVGhBCk9PMWdlbm1adGE5UXo0NERqT2c3
|
||||||
S2JFUTBZcUdHQXZWYk5TYWhxUGhnOVEKLS0tIGFQcDlCN1VqMk1tbHdNdk1yR3ha
|
V0ZpN2FIYzBkSEVXQ2lyUitoUkphczAKLS0tIDBsTXFBMDY5YldLLy9iaTFvbVFD
|
||||||
REd0R2RLSld6dVZCVGsrTWNLRE1XTGcKYlqyo1Hu6Bs22mAVQCNZoKLOZGX9tl3b
|
MU02RVF2dXRFcElhM3JVeFJKK2tTTWcKb2WurFhZ0ANk+iyyMVjk26Ldo25cO2cH
|
||||||
VjpYta/cVokokWIP7xA9fL1zBEbOiFMBz+wNE+x1OT10VH0GllKrGw==
|
DMfkmK5NEy7iKrZZdNYQR8gBkO1GgQfI1Wm4JPaLc0vIBT9CXVDlLg==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age17edew3aahg3t5nte5g0a505sn96vnj8g8gqse8q06ccrrn2n3uysyshu2c
|
- recipient: age17edew3aahg3t5nte5g0a505sn96vnj8g8gqse8q06ccrrn2n3uysyshu2c
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhWmM4aGJzNDdVRjJlZGYv
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBRitPYkxWOHJ1WkFRbndv
|
||||||
S2dSMGFnMzFrbTU1NnhySDMrU2hhWk0wMjJzCmJVZVJIYVhVUy84eXg1Znp6U1Zk
|
NklNS0JZaXJEQ2ZkOG9SUzlySFR3ZFVvWUZVCnFXY1czNURBY3hINllEWVJpNXA2
|
||||||
V2ljd3VVc29hTmhHczM5MkFhS2pMTXcKLS0tIFNqanBSQksrenJTNHlKRGhyeWtE
|
RHp0VlYzN2ZlMkNnMmhPOXlPNCtpQ1kKLS0tIGg5cU5Nc2k2bEtOSmx1NmhJWVVD
|
||||||
aXRQRlNuYjNKSGVwRzJ5cGdRV2wvSjgKtg3q7su7I0E2bBIhr3tRrsnPTm1yYRHX
|
dmtjSWxjN0xRYWtNbzhUQ0FNaFVpTFEKM9wSMsEYgJErzO79L6YOXfZpGnd57Xcy
|
||||||
5lRDuoz9kvcgBxzCtyWZSFwXfHQfdoFcz2D+u4SjyNH3ELpwo/Gkmg==
|
jxrwzFhZ9AVVtPjGmyozYWY3uGlMzJtxDCNNRV7BbK4m+AsjtYJ9fQ==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age1u4tht685sqg6dkmjyer96r93pl425u6353md6fphpd84jh3jwcusvm7mgk
|
- recipient: age1u4tht685sqg6dkmjyer96r93pl425u6353md6fphpd84jh3jwcusvm7mgk
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXemxCWmVUcFRTbnloS1RN
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBlaldmZW0zQkZkNG1sTzFp
|
||||||
RUJGaExmSHVWVjl5K2VPTUVHdzZvNUVwd1hBCmpyb3E5QnhsaHlyZGRFVVluUVhG
|
UTRUMEtwRCsxdGZFbmdiUWdVVjNsd2F0WUJJCjFRNnBVcU1GWTQ2NGFheHkvZytC
|
||||||
WE5UdGoxRzVkTFRXZ2hzNThDNUtZY3cKLS0tIEtkL3l0WW9abG5rMjJUbjlRSVpa
|
TkgwVm4rWlN1NklIeS9YTGh1dXNQVnMKLS0tIGZ2UlNXWUM5cnVLaWxDNXdzSE1P
|
||||||
ZUtwZ2dML2ZocWJvMERUbWJhVk1kK1EKzu8syOj2Wrage1MDSv3bXDaYMqZkCP2G
|
TTVEanZuVyt6SkE2RWRQOEprbi9mVk0Kjrh4oB+EfFVDx4CW3h3be61X+RNDrZ8O
|
||||||
cRW02byav6dHdsrGHRiLpLEbRUP3QXf/P1QuZGQvnF6p4mgZ/FHfGg==
|
IDNFRznHaYUM757C16GMLx3We/pAinPvDlZd1eDBj8kpHGGMjIU+Ew==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age1cp6vegrmqfkuj8nmt2u3z0sur7n0f7e9x9zmdv4zygp8j2pnucpsdkgagc
|
- recipient: age1cp6vegrmqfkuj8nmt2u3z0sur7n0f7e9x9zmdv4zygp8j2pnucpsdkgagc
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB1VWd5dnUzbmdueEUzdzAz
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXQ29URGpEUHRJb1NzbitL
|
||||||
R1lsTmNMd3BSSCt1MDZpYldvNVI1OWhqZ1ZvCkhWY1FJSzNlMFoxVnFLVTE5blVM
|
MGFFUFJLQjhxQWtoMXRIRnlkZUpmRkhERnhrCjFqNnRwc3VoZEIxZlh0UG1UaDI2
|
||||||
UXNtWU5LN3FiOUI2aDJuMS9VQ0NSZFkKLS0tIDZmZzkyTjJqdWRjcUlXQXRBY1N2
|
M0pFSzdLcmI1MU5NcVpRdEx0c01kaTAKLS0tIGZSRXdDZUtNRXhjbHJtSTNJRkxh
|
||||||
b1dBUlcydVA5Y0tNaU0rcGFTMW1Hb0kKwNHD4G+k7o84TjvjTDCoSS5N8D5AU2Kg
|
SGJOR0E5N3NkZFhuMkd5L05veUx5Ym8KEVUDZCs151SwCfDC7b9vb/xK++/TftWK
|
||||||
TUeYt03ZRILHd7f+9Q3ko0RC+oUnYBHVPYl1YQOlJhvLib3lxTL4xQ==
|
9FdCeNNEMEpTOuX8Z2Osmh003aoMpCk61VOYPBVUMrf43oSQFSb+mA==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age1j2r8mypw44uvqhfs53424h6fu2rkr5m7asl7rl3zn3xzva9m3dcqpa97gw
|
- recipient: age1j2r8mypw44uvqhfs53424h6fu2rkr5m7asl7rl3zn3xzva9m3dcqpa97gw
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBZNXRzT2ZHd2tYTmZWVWJ6
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4YW83VGI5WXNhOGg4S0hF
|
||||||
KzMvQU0veXpnTEgxMGV6Nm1EUDg5V0VsaWh3CmJNTE9uZDZISnlqdm4waHRGVGcx
|
eGk4c0o1R1ZEc2dwcjJqNFdQVEFQN2JGNmxjCmJQUkRFcmY0cWVLV3R5NzBKaGlJ
|
||||||
TTA4Y1VjL29wQzFpWjdBS3pYRmdWNXMKLS0tIEVwMFJGdVhBZFZEM0xTVWVZTjZW
|
b2Z5QW5RSXlpR0g1M2gzYk80THQwSm8KLS0tIEtHc0VFTWVKSlVWV2xTLytVNWlo
|
||||||
K0xQSWdlbmwveGlMbW1NN2tVelkvMjQKndZZ4Bw6c93Lp/IjL6mpdQ0vQFamNeZN
|
blBoaFdETkw5T2R0S1RQN2RFZmgyK2MKz7PDVFyumWboD3OgPQgmPSR9dk4xQi3V
|
||||||
6Xpte6FefJefauux7rtPBod7mA477zmLxGcXwlQDYLxTFilzxNLzhw==
|
ivvJsiV6eb0rv2T9kp3Zs3Zfbj4G4o/GhBrTNka7SkqsNPV2h3c7Kw==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age1jpeh4s553taxkyxhzlshzqjfrtvmmp5lw0hmpgn3mdnmgzku332qe082dl
|
- recipient: age1w3jtd4lecn2ng8qxantw33qxl2uasfqfjfpx45u6uweexwtxyq4spwssmh
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBuMzczVnZMVHZDS2x4RUR3
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBMMGxWR1Z3MmQrZWQ4aVlJ
|
||||||
cG5CWHNLa2lFRFc3UVc3Q3dXcmc0UnJFb1M0CnpsOXcyMXBXQkwycHZ4dVZRa0Ns
|
QmVtZkwzbXRxckVDRnN4TGd6em51MXRzYmlRCkx6OVczMTBwZklXSkhxbFdHR1Bs
|
||||||
Zzc5MXpwVmxWTkNzWGtBYUd1LzZGemsKLS0tIHZHYi9ucys5VHh1SzIrbVRKcU1v
|
OVFlMTB3REY3N3pEU0FqTSt1TUp3U1kKLS0tIFFiK2dxSVd1OHVqcEdWMDNIUGZm
|
||||||
R1BkQWZocitWNFFienNDeklVOW8zelUKi4JyarjoWZIOf5yFDG4LrKCs2BcnfhHD
|
dDlCa1Z0Sm1Yeko0Qm00R012NzdobVEKOwMKLmb5khE1oh+Gr22UxeGrV7nDWSrC
|
||||||
iLo+h3PVWMaqEQUqkW5DwyOtxeAd/wkCoe0Q0cNyohxxSponsQ4k3Q==
|
7WJy9NFYrfZpRveRAoIDJoZsQjsGE41J5e7oRguocmmz6K1oLazxwQ==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
lastmodified: "2024-04-11T07:59:07Z"
|
lastmodified: "2024-04-11T11:56:37Z"
|
||||||
mac: ENC[AES256_GCM,data:1iCI435tp39RXAL+rHrOKYHZFLGXRWJ1RN9m0AhTuQV3HbqKTl4RS1qrs3tEBM9T660QfoxMLxcBDPpyJW6vqogKu1BfGKH2KtDBtCvVaPdnZewS6aJLfn4n9cMWBbhbHrdl+zP/X54eZtWhveuSs2y3dz/B3lT9Fz2Gb2dnXxU=,iv:X/fp7H5rh4UGbfYLBJB24/dSFQrvpApTt4DqGpJJxiQ=,tag:4i17h5kdVmLWLXhUGpL93g==,type:str]
|
mac: ENC[AES256_GCM,data:qUGaCVWO8S6XHkm/bnwi7ICZsVdKyLHV2HF0BmuBci0qaINuP6316TB81Fsi362acXnd1kAQLWtpT6OVg4/sTQw7gXO6K6Hu4VhtpDf56MrTqvfkzbro3en24mrEtGqaPm4AE90TjbWQcgo1TVfPOuxmYBKvlEsBWB+GRwGWweI=,iv:Exqcdd0HhLG3Rb2+Wz5qhafPnJbjRPJBwTGd+iyGUag=,tag:aQzhUOz+XUIV5BYuxHViPw==,type:str]
|
||||||
pgp: []
|
pgp: []
|
||||||
unencrypted_suffix: _unencrypted
|
unencrypted_suffix: _unencrypted
|
||||||
version: 3.8.1
|
version: 3.8.1
|
||||||
|
|
|
@ -5,5 +5,7 @@
|
||||||
./gatus
|
./gatus
|
||||||
./sabnzbd
|
./sabnzbd
|
||||||
./qbittorrent
|
./qbittorrent
|
||||||
|
./plex
|
||||||
|
./tautulli
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
|
@ -17,7 +17,7 @@ let
|
||||||
{
|
{
|
||||||
name = "firewall";
|
name = "firewall";
|
||||||
group = "servers";
|
group = "servers";
|
||||||
url = "icmp://unifi.l.trux.dev";
|
url = "icmp://unifi.${config.mySystem.internalDomain}";
|
||||||
interval = "30s";
|
interval = "30s";
|
||||||
alerts = [{ type = "pushover"; }];
|
alerts = [{ type = "pushover"; }];
|
||||||
conditions = [ "[CONNECTED] == true" ];
|
conditions = [ "[CONNECTED] == true" ];
|
||||||
|
@ -25,7 +25,7 @@ let
|
||||||
{
|
{
|
||||||
name = "pikvm";
|
name = "pikvm";
|
||||||
group = "servers";
|
group = "servers";
|
||||||
url = "icmp://pikvm.l.trux.dev";
|
url = "icmp://pikvm.${config.mySystem.internalDomain}";
|
||||||
interval = "30s";
|
interval = "30s";
|
||||||
alerts = [{ type = "pushover"; }];
|
alerts = [{ type = "pushover"; }];
|
||||||
conditions = [ "[CONNECTED] == true" ];
|
conditions = [ "[CONNECTED] == true" ];
|
||||||
|
@ -33,7 +33,7 @@ let
|
||||||
{
|
{
|
||||||
name = "octoprint";
|
name = "octoprint";
|
||||||
group = "servers";
|
group = "servers";
|
||||||
url = "icmp://prusa.l.trux.dev";
|
url = "icmp://prusa.${config.mySystem.internalDomain}";
|
||||||
interval = "30s";
|
interval = "30s";
|
||||||
alerts = [{ type = "pushover"; }];
|
alerts = [{ type = "pushover"; }];
|
||||||
conditions = [ "[CONNECTED] == true" ];
|
conditions = [ "[CONNECTED] == true" ];
|
||||||
|
@ -41,7 +41,7 @@ let
|
||||||
{
|
{
|
||||||
name = "icarus";
|
name = "icarus";
|
||||||
group = "k8s";
|
group = "k8s";
|
||||||
url = "icmp://icarus.l.trux.dev";
|
url = "icmp://icarus.${config.mySystem.internalDomain}";
|
||||||
interval = "30s";
|
interval = "30s";
|
||||||
alerts = [{ type = "pushover"; }];
|
alerts = [{ type = "pushover"; }];
|
||||||
conditions = [ "[CONNECTED] == true" ];
|
conditions = [ "[CONNECTED] == true" ];
|
||||||
|
@ -49,7 +49,7 @@ let
|
||||||
{
|
{
|
||||||
name = "xerxes";
|
name = "xerxes";
|
||||||
group = "k8s";
|
group = "k8s";
|
||||||
url = "icmp://xerxes.l.trux.dev";
|
url = "icmp://xerxes.${config.mySystem.internalDomain}";
|
||||||
interval = "30s";
|
interval = "30s";
|
||||||
alerts = [{ type = "pushover"; }];
|
alerts = [{ type = "pushover"; }];
|
||||||
conditions = [ "[CONNECTED] == true" ];
|
conditions = [ "[CONNECTED] == true" ];
|
||||||
|
@ -57,7 +57,7 @@ let
|
||||||
{
|
{
|
||||||
name = "shodan";
|
name = "shodan";
|
||||||
group = "k8s";
|
group = "k8s";
|
||||||
url = "icmp://shodan.l.trux.dev";
|
url = "icmp://shodan.${config.mySystem.internalDomain}";
|
||||||
interval = "30s";
|
interval = "30s";
|
||||||
alerts = [{ type = "pushover"; }];
|
alerts = [{ type = "pushover"; }];
|
||||||
conditions = [ "[CONNECTED] == true" ];
|
conditions = [ "[CONNECTED] == true" ];
|
||||||
|
@ -66,7 +66,7 @@ let
|
||||||
{
|
{
|
||||||
name = "daedalus";
|
name = "daedalus";
|
||||||
group = "servers";
|
group = "servers";
|
||||||
url = "icmp://daedalus.l.trux.dev";
|
url = "icmp://daedalus.${config.mySystem.internalDomain}";
|
||||||
interval = "30s";
|
interval = "30s";
|
||||||
alerts = [{ type = "pushover"; }];
|
alerts = [{ type = "pushover"; }];
|
||||||
conditions = [ "[CONNECTED] == true" ];
|
conditions = [ "[CONNECTED] == true" ];
|
||||||
|
@ -74,7 +74,7 @@ let
|
||||||
{
|
{
|
||||||
name = "dns01 external dns";
|
name = "dns01 external dns";
|
||||||
group = "dns";
|
group = "dns";
|
||||||
url = "dns01.l.trux.dev";
|
url = "dns01.${config.mySystem.internalDomain}";
|
||||||
dns = {
|
dns = {
|
||||||
query-name = "cloudflare.com";
|
query-name = "cloudflare.com";
|
||||||
query-type = "A";
|
query-type = "A";
|
||||||
|
@ -86,7 +86,7 @@ let
|
||||||
{
|
{
|
||||||
name = "dns02 external dns";
|
name = "dns02 external dns";
|
||||||
group = "dns";
|
group = "dns";
|
||||||
url = "dns02.l.trux.dev";
|
url = "dns02.${config.mySystem.internalDomain}";
|
||||||
dns = {
|
dns = {
|
||||||
query-name = "cloudflare.com";
|
query-name = "cloudflare.com";
|
||||||
query-type = "A";
|
query-type = "A";
|
||||||
|
@ -98,9 +98,9 @@ let
|
||||||
{
|
{
|
||||||
name = "dns01 internal dns";
|
name = "dns01 internal dns";
|
||||||
group = "dns";
|
group = "dns";
|
||||||
url = "dns01.l.trux.dev";
|
url = "dns01.${config.mySystem.internalDomain}";
|
||||||
dns = {
|
dns = {
|
||||||
query-name = "unifi.l.trux.dev";
|
query-name = "unifi.${config.mySystem.internalDomain}";
|
||||||
query-type = "A";
|
query-type = "A";
|
||||||
};
|
};
|
||||||
interval = "30s";
|
interval = "30s";
|
||||||
|
@ -110,9 +110,9 @@ let
|
||||||
{
|
{
|
||||||
name = "dns02 internal dns";
|
name = "dns02 internal dns";
|
||||||
group = "dns";
|
group = "dns";
|
||||||
url = "dns02.l.trux.dev";
|
url = "dns02.${config.mySystem.internalDomain}";
|
||||||
dns = {
|
dns = {
|
||||||
query-name = "unifi.l.trux.dev";
|
query-name = "unifi.${config.mySystem.internalDomain}";
|
||||||
query-type = "A";
|
query-type = "A";
|
||||||
};
|
};
|
||||||
interval = "30s";
|
interval = "30s";
|
||||||
|
@ -122,7 +122,7 @@ let
|
||||||
{
|
{
|
||||||
name = "dns01 split DNS";
|
name = "dns01 split DNS";
|
||||||
group = "dns";
|
group = "dns";
|
||||||
url = "dns01.l.trux.dev";
|
url = "dns01.${config.mySystem.internalDomain}";
|
||||||
dns = {
|
dns = {
|
||||||
query-name = "${app}.trux.dev";
|
query-name = "${app}.trux.dev";
|
||||||
query-type = "A";
|
query-type = "A";
|
||||||
|
@ -134,7 +134,7 @@ let
|
||||||
{
|
{
|
||||||
name = "dns02 split DNS";
|
name = "dns02 split DNS";
|
||||||
group = "dns";
|
group = "dns";
|
||||||
url = "dns02.l.trux.dev";
|
url = "dns02.${config.mySystem.internalDomain}";
|
||||||
dns = {
|
dns = {
|
||||||
query-name = "${app}.trux.dev";
|
query-name = "${app}.trux.dev";
|
||||||
query-type = "A";
|
query-type = "A";
|
||||||
|
@ -216,12 +216,12 @@ in
|
||||||
{
|
{
|
||||||
"Gatus Internal" = {
|
"Gatus Internal" = {
|
||||||
icon = "${app}.png";
|
icon = "${app}.png";
|
||||||
href = "https://${app}.${config.networking.domain}";
|
href = "https://${app}.${config.mySystem.domain}";
|
||||||
description = "Internal Infrastructure Monitoring";
|
description = "Internal Infrastructure Monitoring";
|
||||||
container = "${app}";
|
container = "${app}";
|
||||||
widget = {
|
widget = {
|
||||||
type = "${app}";
|
type = "${app}";
|
||||||
url = "https://${app}.${config.networking.domain}";
|
url = "https://${app}.${config.mySystem.domain}";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
services:
|
services:
|
||||||
gatus:
|
gatus:
|
||||||
env: ENC[AES256_GCM,data:eMGiI7GIWa4nPbT/mb08KvaOC64krGnzHlR6zR5PVBocLsD2mlKGhPzRHXJYdfubuhs/aUn8ML1PyKc6CxZOk3N/Fg4m20cT8OuWJzid5Z0u7kDh4JFI3CO2lKwTTtyQu5by,iv:ffeXqvCH0jLe68q+zjAd4nuVglkSPeBDLVg67EYROwg=,tag:SFwvCcEbzxN+hpuKGTXNoQ==,type:str]
|
env: ENC[AES256_GCM,data:77RkFJ6MfTxdVu2QbKHLvIRHxB18oUKJ/Jq0bxHKCAZkbQ0DqJ+npjTchX9aAHp54oROApBQklk3Rf4E7Wjn04BirxI1yh42I9AgfoRphlLB6JFAhWPmsRZIMWUjjLdA81gH,iv:odRx/Ht6Nku7WSakECHEbjZbRtLiT1HtLCv8LkLbDWg=,tag:ZFL1u/Kg3+TdGOpby40Ndw==,type:str]
|
||||||
sops:
|
sops:
|
||||||
kms: []
|
kms: []
|
||||||
gcp_kms: []
|
gcp_kms: []
|
||||||
|
@ -10,59 +10,59 @@ sops:
|
||||||
- recipient: age1lj5vmr02qkudvv2xedfj5tq8x93gllgpr6tzylwdlt7lud4tfv5qfqsd5u
|
- recipient: age1lj5vmr02qkudvv2xedfj5tq8x93gllgpr6tzylwdlt7lud4tfv5qfqsd5u
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0V0xPSnVpcGNTNEkwcTFu
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBCL096VEdTdzE3ZnpTU1M2
|
||||||
c0pTUGFlQ0s2cjYyT0IwdHpPOTREQ2paSlJJCllMRW9lVm83dVZkWDlTNXBlNmtV
|
NngxUEY5d0FNd1cwR0VrN1E3eWJmOEVEOWtVCjNOQUErL2NvOERJR0x5NVFYcHJH
|
||||||
TDQxcmI5YkNEeTlJOGt5d0o1NDVSdDAKLS0tIGFPeVllRU1RMkRiVGtaZWtGNFlG
|
ekdVNVc5TnIrQ0E2OFI3K3VIdFo0RWMKLS0tIGtEcFBWQ29KbmkyRng0bXovUTB6
|
||||||
SnFuaUxJWll4KzNaRlo0Q3EyMjRLWTQKzl7TRHQwyKi1YMjJZ/EUeioWP3UONAtJ
|
NWJBdDJYU2JjU2Y2KzZPaERyZE1HdEUKHOJMtRFmWNTzwr/j7cxL6E8BnaZk75Dr
|
||||||
1lkNGggPSQ/rlpoxg4lNvoiCnzQKhoEikJExCVWCLQFmsTNCCzEQug==
|
RYW+8oGT905PMP0jh6dFKuUIsxAuCGQXZUfnUXlbCBUJjYIjeCNGOQ==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age17edew3aahg3t5nte5g0a505sn96vnj8g8gqse8q06ccrrn2n3uysyshu2c
|
- recipient: age17edew3aahg3t5nte5g0a505sn96vnj8g8gqse8q06ccrrn2n3uysyshu2c
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGNDlSbmY3RzMvS3FlclN4
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0ck00a0xwOER3SmZ6OTM5
|
||||||
VlBGN2twazgxaGNrWUc3c0RwM215djhoVUZ3CkNRVkhwUWdObzBtaXJEbDZrdDV3
|
WGEwVjZ6ZUJhUit6SU1KTmtqak9uTHJDT2xRCjcrMHlvRkw3SGMyNE50WXRjcUtw
|
||||||
YTRld1pOU3VZQm5GMTBKYStNYUhWNVEKLS0tIGNBbklXVUhmaHdVOUlMRU1kL2VE
|
bldUSUdTZlhRUGVPQ1FaTWFva015RmcKLS0tIERrd0F5eVBMYllYS3BCZkt3bW1v
|
||||||
YUVXRzgwL3NESE1RRCtpM3BFT2R3OUUKITmM4vr/kbbaZS1AayK3SL0lVpylQDwz
|
VFlYQVp5cURqWXV2ZmczWFF2UlpYKzQKWlw1CxLh2LwA9z92ZVbkZPhJuleUZHdN
|
||||||
5cU3F+Ykgo86A4RqouSm3grd2PoOnXCpzxRDGP+MLiQK6j+Z8+HXOg==
|
hOfpFEfd/nP2Mh22NW41ZN1X5nT6hG+0N5LANmjzGoRUCS7pYaPTGw==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age1u4tht685sqg6dkmjyer96r93pl425u6353md6fphpd84jh3jwcusvm7mgk
|
- recipient: age1u4tht685sqg6dkmjyer96r93pl425u6353md6fphpd84jh3jwcusvm7mgk
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB2WGZ6RzFxREtTb2VubVl4
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVR3U1OTJncTgvcVdrUSs1
|
||||||
bVlyWW12RDE1dFRqcmFuSmdMemxQWTY5YkNrCmlQYm85YmJQalVVSDNXTGw1cjBZ
|
VDBBaHpUU283QVFRZVNhMHJEUDZYaUZTTlNzCnFyMHYvbGwzb2VmL2Y1dnREdEpl
|
||||||
ZlVEemQ1TTR4dE94Z0NVTzd6YXB0bFUKLS0tIHBPd000M1ZTaW52RFArNHYvNzRm
|
Z0ZkbGwzTUpoWEVQaTlPMnNFN3ArNkUKLS0tIGxtSS81TVF1SVVHcCtVZHhES015
|
||||||
eVZxRkNRcWIvbzFvWUVCcHVQZC9KWXMKQROjso1zSegkmz0G1KMDBSLDwMuYmwBG
|
YVBza2hzM1ZaVjFIbWhoOW9QRVZEamcKImmazw+OsTpec1pJMrmHlSS6R3MBFDPc
|
||||||
rOBnQGjVeXzFi5pxDO+imE1BkbR2Z0xftWVPooB9/ZfAYbNd3ZZ96A==
|
j6I/7AKS0mdspo9T/csjLVQWTXYgCe2x0gHhqY6I4997Dagqc8SaHw==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age1cp6vegrmqfkuj8nmt2u3z0sur7n0f7e9x9zmdv4zygp8j2pnucpsdkgagc
|
- recipient: age1cp6vegrmqfkuj8nmt2u3z0sur7n0f7e9x9zmdv4zygp8j2pnucpsdkgagc
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBycFdxSEtERHEyQTcrRjha
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBEMTUrQXJpWVQ0OGpkS21p
|
||||||
c0hEMy91TW1ZUFJ2SHhJVTh1aS9Wd3FtWTE4Cm5kcVhwZno4MFB6eHJoNDV2YU9m
|
eWVURUJGbkE2SStmbE5oSE02Tll6YXl4ekFjClNjTGtMNWFkdzh2TXlndEl2ZjZG
|
||||||
SWJaSTlMNkJVSnN0VTdOUk9NSGNtVmcKLS0tIEM3UVVIUEhXRTNBUkJEMzdaY0Uv
|
K21KOFRCdUJHMml2TlVHUXU5cnVpUGsKLS0tIHE4NS9ob2JoREU5QU4xYkN0c3BY
|
||||||
WFV3UkRRV3NnL1hGUzR5c1dXRVlneDgKfrRxl/eAx8gdBlujm/KwVGlElJWZOELe
|
YXBQeXNnWVEzaGF0WjNKaWhmK2dtTVkKoSxBOjZmZeucQrHob3wEr69L7535zN/N
|
||||||
nEsEu7g2ECOaIjiZo45sn8GcmQUwbetA8U2xoGsvO9kcnEs4cvbG2A==
|
rpZqBmmTnLPuD0+fuYhLVbsRVp3cEULepRfltpQuutEJbhDAhWpTKg==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age1j2r8mypw44uvqhfs53424h6fu2rkr5m7asl7rl3zn3xzva9m3dcqpa97gw
|
- recipient: age1j2r8mypw44uvqhfs53424h6fu2rkr5m7asl7rl3zn3xzva9m3dcqpa97gw
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxOVZCcVRwU2JhR3k2all5
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBazAyNmswaTdnclNpMDkz
|
||||||
a3hoWlY2Q1NwdTVwQ2tHUWk3NUhuWEdlMFRFClVKTzNCSHpuM1VwQlJjU1ZFSUw4
|
c1BDTFQyTFNiYlpPVU1zR05DaEQ0U2tDVXpFCkttdFNSL292eDErbzJ3VFZEUHhm
|
||||||
NzJMWVhRQTErQ0hzcEgrVlR5T0QyK3MKLS0tIDhSN2FQSzYyOG4reGFuOXFiK0R1
|
THRJWWhadW95VTFxZmtsQVl1d1RiUzQKLS0tIHNrQW5WVWF0TlFvN3JJM01PT0dl
|
||||||
Y0hpOE8wTlZlZnlBZDZBTnVtQWUwSVkKOmQTv5OdFAYXFmOzSWpcRtjDnQ/8XbfF
|
dUxBa3FuM3JFMlVMa3Nobkh0bjFBQjAK+WhiuurDU3OwT+kuWJ/+kZOdIYwjsjgn
|
||||||
eEDsEOshSVtvW8SYUsxMwQxlQfwuJkASGQfqhY/HJ06+B1yNqReiaQ==
|
DkcUNWEt6IP8CKWJws6RoqlkH1cO+6JsKd/LWMwI14UhzaQI7zms8A==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age1jpeh4s553taxkyxhzlshzqjfrtvmmp5lw0hmpgn3mdnmgzku332qe082dl
|
- recipient: age1w3jtd4lecn2ng8qxantw33qxl2uasfqfjfpx45u6uweexwtxyq4spwssmh
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBEVUh6ci9iYURmZzNDV01h
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBucWtiUkhlVTBDRHQrYWlV
|
||||||
L205QnpKVW1jdm1rZm1OWjZIUTNSRkRvdmo0CkIyOXBrbkY4b00rT2xqM3I2RDc4
|
elcxeFJ2Y2Vxd0tTUERCaVRvQUZCaTU1U0FjCngrZ2sza0NzNWFZNkk1Vnc5VTJY
|
||||||
a05JbERwTGYvV29yTC9ST3VYeTZiN3MKLS0tIHl5Rm9Kamd2Nk10SkNXZ0ZtbWRw
|
WjF4MU1jcHorc09IdDFlU0FRT3hhUnMKLS0tIEUrYU9aTkcwTVhCbmQ1Unp4eEpU
|
||||||
My96ajRqRmtIZ3A5d1ZOUFVVVEhuSHcKUpLC/u4V2+gsYkkOyWJIqZoAgSf9YDDG
|
R2RkZnZaNTBPTWJMdjlTSjhCK0tuMU0KsSsbacU86FneM4NHNYxd6YEBvOW2Pcmm
|
||||||
PzBbnTNmyFzH51rY/NJqJtLvkC+iFFKpIyc/6ujW757DTDT34nGR8A==
|
dzIaD9ZlQGQEEwqTFFHmXI1pMVibMNG8I2LlNml4xM8J8yH+e/7YzQ==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
lastmodified: "2024-04-11T07:59:07Z"
|
lastmodified: "2024-04-11T11:56:37Z"
|
||||||
mac: ENC[AES256_GCM,data:/w3KbS5sK9RVZjNfxPFX2TWBLxvVCj16vXs8rI3n5tO1z9diGYJL3PYOex07fdXSuU/E8c8zpgr8MzeimiazaQry+XYxOQrfR6u0xVz7EFZsHFM2Y/trNs11rw5MPfYBgiKKvB4k1pW7wDKgPq6oC/NfNNylioDl5hf3dTtrg9M=,iv:59PgjcBY8yU5FaE+el1Mhvol4cL/DIzH8gbgFp5wpZA=,tag:UBXKM3+yeWBDvNzL5U0fYA==,type:str]
|
mac: ENC[AES256_GCM,data:cELSGJgfHkR0RPVZAJxTd3jmaYNHb+HBNPccSZ+pD5dBsa7WBhlcdTVy+O/XkhQkiYvcVcpXZZgODcv9SwvJM24yA6s2+5nhcs6mJzVtYT15hSzH0YepAe2OHk8rR5S7ucUZZYIJzjFOTxWPvExx2ntsBVngZhHCrLm/EyjWbv0=,iv:yTDtfR1R9SVmCvwiLgdiMX4Eso6PIK1eiqlPtwW++lY=,tag:wxSrF/qz04Cdw9VATtnd3w==,type:str]
|
||||||
pgp: []
|
pgp: []
|
||||||
unencrypted_suffix: _unencrypted
|
unencrypted_suffix: _unencrypted
|
||||||
version: 3.8.1
|
version: 3.8.1
|
||||||
|
|
|
@ -23,7 +23,7 @@ let
|
||||||
showStats = true;
|
showStats = true;
|
||||||
disableCollape = true;
|
disableCollape = true;
|
||||||
cardBlur = "md";
|
cardBlur = "md";
|
||||||
statusStyle = "none";
|
statusStyle = "dot";
|
||||||
|
|
||||||
datetime = {
|
datetime = {
|
||||||
text_size = "l";
|
text_size = "l";
|
||||||
|
@ -100,11 +100,12 @@ let
|
||||||
extraInfrastructure = [
|
extraInfrastructure = [
|
||||||
{
|
{
|
||||||
"UDMP" = {
|
"UDMP" = {
|
||||||
href = "https://10.8.10.1";
|
href = "https://unifi.${config.mySystem.internalDomain}";
|
||||||
|
ping = "https://unifi.${config.mySystem.internalDomain}";
|
||||||
description = "Unifi Dream Machine Pro";
|
description = "Unifi Dream Machine Pro";
|
||||||
icon = "ubiquiti";
|
icon = "ubiquiti";
|
||||||
widget = {
|
widget = {
|
||||||
url = "https://10.8.10.1:443";
|
url = "https://unifi.${config.mySystem.internalDomain}";
|
||||||
username = "unifi_read_only";
|
username = "unifi_read_only";
|
||||||
password = "{{HOMEPAGE_VAR_UNIFI_PASSWORD}}";
|
password = "{{HOMEPAGE_VAR_UNIFI_PASSWORD}}";
|
||||||
type = "unifi";
|
type = "unifi";
|
||||||
|
@ -142,7 +143,8 @@ let
|
||||||
extraHome = [
|
extraHome = [
|
||||||
{
|
{
|
||||||
"Prusa Octoprint" = {
|
"Prusa Octoprint" = {
|
||||||
href = "http://prusa:5000"; # TODO fix with better hostname
|
href = "http://prusa.${config.mySystem.internalDomain}:5000";
|
||||||
|
ping = "http://prusa.${config.mySystem.internalDomain}:5000";
|
||||||
description = "Prusa MK3s 3D printer";
|
description = "Prusa MK3s 3D printer";
|
||||||
icon = "octoprint";
|
icon = "octoprint";
|
||||||
widget = {
|
widget = {
|
||||||
|
@ -288,7 +290,7 @@ in
|
||||||
mySystem.services.gatus.monitors = mkIf config.mySystem.services.gatus.enable [{
|
mySystem.services.gatus.monitors = mkIf config.mySystem.services.gatus.enable [{
|
||||||
name = app;
|
name = app;
|
||||||
group = "infrastructure";
|
group = "infrastructure";
|
||||||
url = "https://${app}.${config.networking.domain}";
|
url = "https://${app}.${config.mySystem.domain}";
|
||||||
interval = "30s";
|
interval = "30s";
|
||||||
conditions = [ "[CONNECTED] == true" "[STATUS] == 200" "[RESPONSE_TIME] < 50" ];
|
conditions = [ "[CONNECTED] == true" "[STATUS] == 200" "[RESPONSE_TIME] < 50" ];
|
||||||
}];
|
}];
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
services:
|
services:
|
||||||
homepage:
|
homepage:
|
||||||
env: ENC[AES256_GCM,data:g3DEqsekcQ2pH0sDo77bGSwBOr3zfvk8mgZgZdDi9G1xbTQPDXtAc6pjmEmjglkM131Rf87gTffHJKwD1poLF54LHYOJ+Qx7fhy+yjerV418QumccJaRkb9GqJWGoTLYZpdYTwHg4Wry0S2QiOxfQ//hDK1INIl/duJhdaeGNrpqMXviq+PqOM9fbWkI2iRzTvWjQioUINiF8I4YixuYXLTqAwEOdcCcr8tBZtToFaOzWzLtCICHKm3l9D7TefLCn9RBTTgaN8ahavMNPBKC7HRKXFi7b3NRyzJuH9zXtzMpNz9XNeG7jXfmhN+W2gNFTlTVbqYc2aIb+OI8hYTDk0EiA5vJ2rqYXl884CmcxpCE872Zo8xynelZO+Xjn0hq/2WHjclTuN1H9J7gIOfbrNQ9NiFc2q2d3UeyS0aX73tkp4Zx55J2XgTB1uS2pm3Rl4KfgYsCc1MyG0f4qVfpMOHCZsQoBdCFdp/yJzGsdYJt2K9R/acO+1JA4nSB2v/MvckluldzHOUVHXqs8WguCBXf3RERq04+Jt0kVxtk3QUOqBVhRUBDKiJ4Fyqye2bkG5ZmT2KNWKBKoLH1oJrBqNIqwqHytAqPgltsn5uq61iAZ/6kVRsmpHQz+itUBsnApiH4vfh1Q7Wv7S0KzhQ79Lnf3koyIqH4ZJu6YmfaGEbXpDzhx83A8T0L7ZCfsWWfwA41YBiPlf+c/TCNr5RaDcARZfGKi7hxqK0Cd0bHDKMWfPsiNfNt2MP9lBxFyItJ12yI/doI+lk/rwtVuwl72qW62CZCrUuIge/t9fuwYaUZtA==,iv:JBQxAqYRFKzAD7poNGjvqzEwfxIQcXGMzwLiP3eqcXg=,tag:ZSPjAkr4OnLuiyW4+QG2Vg==,type:str]
|
env: ENC[AES256_GCM,data:eC/ML1lypdxqPKmSpry9C46qD8h+LFhLXF47Z3qmeW6R/KOsyjVA7LwHFJ2JMZa2dq1G27FVGwDFSc0BBFjSEAq4QEHrHINf2kotSkS4bLHgnI+x7ZbO4EQezJqQQSstpaflJbX5SC/lTox7xhSjMYF9+9RUKu1FShv8buLNCc3TyQI7JCM21nXo3st4xOxTsPWDeFyOR7uvXi/kj04+2LQJveNGkN45+foc73VXD0jMA0mBJihwLRqL6PpAM64dQfwspDZ4dThNTGJzSQpnVfb1zDw/u8KWZeHZ8NMdT4SB0DjuOtaxQ6elIXzu96NOQYV/ncE9tZiAhjhpTleJsV/KWM9RhAKV7SEWT7x+vEmvmiZkwwz2wKWKgM1SKOplAupk3EsJ/NeDJAP+NltYWymN9qeOnFqcqXT2EWNkrCgHJwiVIuuMf1eh5l9xuxj5u0Es+a4plpbKiuNi8Ws/3IvL/ClJ1LU9ONZj4TSReOzuqJWvSKtAAx/kXeSP+H1bU4qyK+oOzJ6KUphZHctRX7H+c1jovkPKhRMit90/G31ydKo41MJwhV59lEr0pvz3BXrw8INJrBxgGRCylC55vgbJmgeZlIE4x+UpU+GNB0HnFC1PUxELOxBX7jTAN9mf48K58VLNH+kvvXuE4+tZt7sSJMw6HFlsQPxNoTFg3XxqVWB2FrFpf4mCd9K8cZUxEz0OtyLHDRuLgNtAv2cP4J8azvjhtH3rTKZOFrVtNB3K3mE2B6nyeeMCrpXoj+qpbApqfDInToz96CQSzx7GPkG7hrZkGr/nVd5U1LrLg3eulg==,iv:ntzX/uBd2wShWGAm+oOOYRZtZBazeVR6r8Jjp/ewLsU=,tag:Rsb3/GLTBnvv98bUicJRTw==,type:str]
|
||||||
sops:
|
sops:
|
||||||
kms: []
|
kms: []
|
||||||
gcp_kms: []
|
gcp_kms: []
|
||||||
|
@ -10,59 +10,59 @@ sops:
|
||||||
- recipient: age1lj5vmr02qkudvv2xedfj5tq8x93gllgpr6tzylwdlt7lud4tfv5qfqsd5u
|
- recipient: age1lj5vmr02qkudvv2xedfj5tq8x93gllgpr6tzylwdlt7lud4tfv5qfqsd5u
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBuN0lFdkdyYmZibm9jT0dG
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4MXN2MXZZdWk0QzZvUUtR
|
||||||
aVZGKzBpREVRYlZkbkRBNmlLdmhQRTE4Zms0CjZLYUo4K0hWcnlzTnNqUWZ4SVFn
|
bytQUmxVZXh3cHg2dUhaNFNMM2FxbjU5Z1JVCjhDVlZEWXZYV1R5UlBXL0ZrN2FF
|
||||||
S3VFQnBycGJzLzgva2hObCtINmRxRTQKLS0tIE1IR0orOS83Sk8wLzJDSi9aOVNo
|
dFkxZnE4QzBaWnZvYWp4bUxzdzJCMlUKLS0tIERCeis3eGVpSWZiMnNkUzFDMWlv
|
||||||
ZGUzeHZVdFd4bHJjZXpYRUJZcWdXWWsKVgJAiuoSekJb9656urzv8fg5rCRorZ+4
|
MEUvelQ0d1BETW94eTIwb3FYRU05SHcKIwkwqn+/TQYPD2E9Y8Y5CKYWWOOlOqNX
|
||||||
zD26aBUA9lB/BqZgO/sXaE8Vw90FsypgSO5+tPMyLiPMNZsRFYsg0A==
|
INWN0DgzQb3pVn/L3HD6R7rpCIujQhV/KE42p4theakT56cEFMpjaQ==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age17edew3aahg3t5nte5g0a505sn96vnj8g8gqse8q06ccrrn2n3uysyshu2c
|
- recipient: age17edew3aahg3t5nte5g0a505sn96vnj8g8gqse8q06ccrrn2n3uysyshu2c
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4WnRWV0VMbGZLQ25pMEdv
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3UWYwVWlGWUtENWhuQlpY
|
||||||
QTB5aytUcGR6WEZKcitrU1F5MUlvQUJoZEdNClZsQXlQN296UGhreEF1aUlSQlRD
|
THhSbnJkaENaUnNVekE2UndKeUpsRElpNFdZCmoxODUxQ1FvVW9UcFFiN3M1TFh6
|
||||||
ZFdGb3NVZmNwWU5XR3hZTW5MVVNXSU0KLS0tIEV5Ry93S2tvUGlwYVZSVU84MnVU
|
UzRRbkdzQWs1SXVCUyt2ZTlPaDlwK0UKLS0tIEJSdk4rU1M0bmR4QTlEeFRwbUxT
|
||||||
NmtSUzV3Y2M5eHBiSXkrSTNOTGQyS1EK1oAfIrAx9s1TjkvqKvdWMwNXVDK2m0b0
|
dlpkaW13VkNCWVcvcGlVT0JSVm1jd2sKxDSwNVZkt+1VrEIEkSDFSL6XpkmRU0UZ
|
||||||
mGW/JDm8rGr8BaY5NpYJnKBn6OwwAlFsOt82gHmfKhVYjJFOWGuHpA==
|
bsRYQjTxdqMxAVtyeKVIocMizGQIcsbjrwxL2RMnUev73wjNEKjAJA==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age1u4tht685sqg6dkmjyer96r93pl425u6353md6fphpd84jh3jwcusvm7mgk
|
- recipient: age1u4tht685sqg6dkmjyer96r93pl425u6353md6fphpd84jh3jwcusvm7mgk
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0ZEtJc2lCbWJpekN1dlBJ
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBrSVowcEdHQVV5U1h3Szky
|
||||||
YnhnOUt3TEUxRFdESEpTcmlFMDNsaGdOK1ZBCjdHQ1M2d3hZQjNkVG43SGdibXNm
|
Wk9zTSsyZU5lWUxXNXlGcGNBQUd6dTBXSkI4Cndsb05DUy9QYUl5K1VGT3NLOFVl
|
||||||
S2RoT0N0M3l5SGo3UTVwN0p4dU1rbVUKLS0tIGtvdTgyZGhTTDl6Z0xuSXNIK2NT
|
NzdCeG5wSjZ2SG0xSlVSZ29EQzlzT1kKLS0tIForSGZzWWdsYlJVSXhRUzMxS2dO
|
||||||
RE1yRitIMSt3NFVua1hDcUZwek1STmsKgTMExZ/Dnlh/yPRAid/yMWR71Txjsyuj
|
ZG5SbFo5VzdsZ3BHMlhpUWVYajNVUm8KIL/y0lbYiYruyLRmdgj7/4bP4NLdL/uU
|
||||||
7tUY0roAhMKBPGECbJinpit3vlDouwfWAIhOdLpybSgkVaBi+MO96A==
|
/bR46RvXfAhgyncp+4hXrhh1CdPUwkg4Bh6WfwYaO+0kp/4FU47u+A==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age1cp6vegrmqfkuj8nmt2u3z0sur7n0f7e9x9zmdv4zygp8j2pnucpsdkgagc
|
- recipient: age1cp6vegrmqfkuj8nmt2u3z0sur7n0f7e9x9zmdv4zygp8j2pnucpsdkgagc
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPdmZxY0NmaHZFYmViWlNR
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwdjJZMmhqTzNrZWk4SGJ5
|
||||||
WXUxZjU2WjRPdStNVXBPSm5XZ29RWmhJeGo4CmYzKytFN242RklHYTg0LzVldHVa
|
bkVaOHdCOXRwT2V3VEd4Q2VDRzlCMDFDelFZCk5LMWZoK0g5YUt1ck1jQlZONDRS
|
||||||
WGxWb0hRNzdvUTlEL2dyMkZpbWpqRUUKLS0tIEx6dlNpWVI3WkEvcmQxdWFNblI4
|
MDFpSzRQaDRmMDg5YWk4NnBtU2RXcDQKLS0tIHZ1aWxjcS9mejRaTnVKV3pDUmgx
|
||||||
NGZyK2tXZGRicng5MVVLYi83WmVmN28KJn80I7V4qiMrLMpZ8ZkUBKj6ng3vyzR1
|
RGJFZHhsME96WFFOWUx4QUtZeWpCSDAKX6odRaFPR8vHTSZ+YD5POCeFVMeWk+Q0
|
||||||
YWx0IRufErdXF2v594839zqjw563l09BhHTX3hA6wJmwktwxkLpbNQ==
|
f4zjiGN1HXOk4pwH286z66VAZ9Eem+c15mb60ZmKFRhxTeJc0Xvq6g==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age1j2r8mypw44uvqhfs53424h6fu2rkr5m7asl7rl3zn3xzva9m3dcqpa97gw
|
- recipient: age1j2r8mypw44uvqhfs53424h6fu2rkr5m7asl7rl3zn3xzva9m3dcqpa97gw
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBScFUzdDlOVUI5UmQxdEw3
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxMy9OYWdsNjRXZ0YwdjJI
|
||||||
V1ZIM3ZndjZkRGFsV05nWUZyaFRFNHIwZjBZCmNkcHljR1N0ek4wWUk2Njd3OHpx
|
YmtJK0krNm1XamU3bGlyWDVPL3FscmNqREhJCmtQR255bkcxMEFheEZ5WXFvUjVJ
|
||||||
L3BPSEpyb0NHWFdCemdOR1MxbXRwQ1EKLS0tIFNYSGwvL3h6M21Rb2hTNGJNdXJa
|
NWNQOVc3YnVZNVBSSkRZMGxCVjhsdFkKLS0tIGNyQS9BbnFJclFtYjlYZ1h1dFhi
|
||||||
NEZNR21RWG8wajJBQTEySEpVdTdEbVEKgo8VaYuBs5Jg3Q5gnhCVTy3MM99bBC6A
|
bUEzWmRZUzZIYjJJQ09YVU4wVUgrV1UK+PmTnYJ67rUGld61S0/GMa3ZQYSAePul
|
||||||
VpomgvMz6ELblyYXz/mlcOfkTkHHlwjbw0ERHs5i09idDBM/HaqQWA==
|
+a/5BKlvLgPJVua6Fv5LIoA0zzmFLEpOOsnLarbmRfWm9XpQDD5wEg==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age1jpeh4s553taxkyxhzlshzqjfrtvmmp5lw0hmpgn3mdnmgzku332qe082dl
|
- recipient: age1w3jtd4lecn2ng8qxantw33qxl2uasfqfjfpx45u6uweexwtxyq4spwssmh
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBOcWN5M24ya2hTbS9rRUND
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBsaGdWWVgzQUwwbVlHZVgr
|
||||||
WXJWQUtPWlRVTFlNMTltQktMT1lwRXF5SUhzCnBNRXJSQnV4djdBTmlqeThQUVJn
|
U2NDSk9SV2FRQS9GSUUxK010WTFaK3g1dmg0Ck5Ld0Y4ZEticFhoTDFNb0x1NDk1
|
||||||
TjE5aFFyQWhSclFwenV1NTY1bE5ZRHcKLS0tIGoxUW44d01NRytiRGowanFiMTR2
|
SWxXcFk0RDh3V0xQUS94ZjRoK2xESnMKLS0tIE15LzRjYXVjS01JTEEwcDNuS2lz
|
||||||
dkVDRktHejJQK25HQW9vMStDODJENW8KUYt/n6qvgaLWgiUA6pZcO8QtiCiHdkwo
|
YWR3NnNjbjUrTTVCS0t3TzRydnlSNkkKKIi0I49zJ574JR7aVu4x7PZcaRvxnzvm
|
||||||
GIZXXpVgBazi3zOtZZ6Wl4NnrFH824VQZqTL8sJbtG4Oz3HZ688YHA==
|
Z2IXLciMBKkiIQNf0eRocSjfSumToBAhXORJVklAxW9j67haSuKZMA==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
lastmodified: "2024-04-11T07:59:07Z"
|
lastmodified: "2024-04-11T11:56:37Z"
|
||||||
mac: ENC[AES256_GCM,data:2HwYgQj/gyEur81qo0w73B0cCvZB5hCEBkYDEAALn2BW53ZyGX2s0qj16S6WNh9UxKDgnsPeSxmq7Pf8CtkfwjRAXpNxEfYDY2htVj68DR/UGaWauxI20EfI8T8uwaNZ837oW6yJbtk8IKj2eQusx4PgvKwBZvKZUncAbAOWBXQ=,iv:RCmODe480/Yt8JZBLV0o9ZVh1omAOvbWRkpNjr50uTM=,tag:yXeZ4iBQm3euk2O6zX69VA==,type:str]
|
mac: ENC[AES256_GCM,data:7IBluUr6uRBeQoaIG4LG3CFEUa42UEl2NMUS/V01W/fKlEBb97Jog2dpdivMQ0P4Az3MSzPqfq0Y7b4XBcU/LnSGNBNKFAXO75rBwvmuKF5qcw7X8MUl28qgTyS6DImDL33r+ydA731lTzQazntAzgqquFTtjNqixkF/2qDTgeY=,iv:ROdwE2T5M6zofyP/vxJRhvRj1X3BCKiG0Kjmfp1Jd1A=,tag:oOs4LF7RHxEb40w7KvFFcA==,type:str]
|
||||||
pgp: []
|
pgp: []
|
||||||
unencrypted_suffix: _unencrypted
|
unencrypted_suffix: _unencrypted
|
||||||
version: 3.8.1
|
version: 3.8.1
|
||||||
|
|
81
nixos/modules/nixos/containers/plex/default.nix
Normal file
81
nixos/modules/nixos/containers/plex/default.nix
Normal file
|
@ -0,0 +1,81 @@
|
||||||
|
{ lib
|
||||||
|
, config
|
||||||
|
, pkgs
|
||||||
|
, ...
|
||||||
|
}:
|
||||||
|
with lib;
|
||||||
|
let
|
||||||
|
app = "plex";
|
||||||
|
image = "ghcr.io/onedr0p/plex:1.40.1.8227-c0dd5a73e@sha256:c8d74539a40530fa9770c6d67f37aef8f3a7b3f30ee353c2cb5685b84ed5b04c";
|
||||||
|
user = "568"; #string
|
||||||
|
group = "568"; #string
|
||||||
|
port = 32400; #int
|
||||||
|
cfg = config.mySystem.services.${app};
|
||||||
|
persistentFolder = "${config.mySystem.persistentFolder}/${app}";
|
||||||
|
in
|
||||||
|
{
|
||||||
|
options.mySystem.services.${app} =
|
||||||
|
{
|
||||||
|
enable = mkEnableOption "${app}";
|
||||||
|
addToHomepage = mkEnableOption "Add ${app} to homepage" // { default = true; };
|
||||||
|
openFirewall = mkEnableOption "Open firewall for ${app}" // {
|
||||||
|
default = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
config = mkIf cfg.enable {
|
||||||
|
# ensure folder exist and has correct owner/group
|
||||||
|
systemd.tmpfiles.rules = [
|
||||||
|
"d ${persistentFolder} 0755 ${user} ${group} -" #The - disables automatic cleanup, so the file wont be removed after a period
|
||||||
|
];
|
||||||
|
|
||||||
|
virtualisation.oci-containers.containers.${app} = {
|
||||||
|
image = "${image}";
|
||||||
|
user = "${user}:${group}";
|
||||||
|
volumes = [
|
||||||
|
"${persistentFolder}:/config:rw"
|
||||||
|
"${config.mySystem.nasFolder}/natflix:/media:rw"
|
||||||
|
"${config.mySystem.nasFolder}/backup/kubernetes/apps/plex:/config/backup:rw"
|
||||||
|
"/etc/localtime:/etc/localtime:ro"
|
||||||
|
];
|
||||||
|
ports = [ (builtins.toString port) ]; # expose port
|
||||||
|
labels = config.lib.mySystem.mkTraefikLabels {
|
||||||
|
name = app;
|
||||||
|
inherit port;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
networking.firewall = mkIf cfg.openFirewall {
|
||||||
|
|
||||||
|
allowedTCPPorts = [ 53 ];
|
||||||
|
allowedUDPPorts = [ 53 ];
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
|
mySystem.services.homepage.media-services = mkIf cfg.addToHomepage [
|
||||||
|
{
|
||||||
|
Plex = {
|
||||||
|
icon = "${app}.png";
|
||||||
|
href = "https://${app}.${config.mySystem.domain}";
|
||||||
|
ping = "https://${app}.${config.mySystem.domain}";
|
||||||
|
description = "Media streaming service";
|
||||||
|
container = "${app}";
|
||||||
|
widget = {
|
||||||
|
type = "${app}";
|
||||||
|
url = "https://${app}.${config.mySystem.domain}";
|
||||||
|
key = "{{HOMEPAGE_VAR_LIDARR__API_KEY}}";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
||||||
|
];
|
||||||
|
|
||||||
|
mySystem.services.gatus.monitors = mkIf config.mySystem.services.gatus.enable [{
|
||||||
|
|
||||||
|
name = app;
|
||||||
|
group = "media";
|
||||||
|
url = "https://${app}.${config.mySystem.domain}";
|
||||||
|
interval = "30s";
|
||||||
|
conditions = [ "[CONNECTED] == true" "[STATUS] == 200" "[RESPONSE_TIME] < 50" ];
|
||||||
|
}];
|
||||||
|
|
||||||
|
};
|
||||||
|
}
|
|
@ -34,7 +34,7 @@ in
|
||||||
};
|
};
|
||||||
volumes = [
|
volumes = [
|
||||||
"${persistentFolder}:/config:rw"
|
"${persistentFolder}:/config:rw"
|
||||||
"${config.mySystem.nasFolder}natflix:/media:rw"
|
"${config.mySystem.nasFolder}/natflix:/media:rw"
|
||||||
"/etc/localtime:/etc/localtime:ro"
|
"/etc/localtime:/etc/localtime:ro"
|
||||||
];
|
];
|
||||||
labels = config.lib.mySystem.mkTraefikLabels {
|
labels = config.lib.mySystem.mkTraefikLabels {
|
||||||
|
@ -47,12 +47,13 @@ in
|
||||||
{
|
{
|
||||||
Qbittorrent = {
|
Qbittorrent = {
|
||||||
icon = "${app}.png";
|
icon = "${app}.png";
|
||||||
href = "https://${app}.${config.networking.domain}";
|
href = "https://${app}.${config.mySystem.domain}";
|
||||||
|
ping = "https://${app}.${config.mySystem.domain}";
|
||||||
description = "Torrent Downloader";
|
description = "Torrent Downloader";
|
||||||
container = "${app}";
|
container = "${app}";
|
||||||
widget = {
|
widget = {
|
||||||
type = "${app}";
|
type = "${app}";
|
||||||
url = "https://${app}.${config.networking.domain}";
|
url = "https://${app}.${config.mySystem.domain}";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
@ -61,8 +62,8 @@ in
|
||||||
mySystem.services.gatus.monitors = mkIf config.mySystem.services.gatus.enable [{
|
mySystem.services.gatus.monitors = mkIf config.mySystem.services.gatus.enable [{
|
||||||
|
|
||||||
name = app;
|
name = app;
|
||||||
group = "arr";
|
group = "media";
|
||||||
url = "https://${app}.${config.networking.domain}";
|
url = "https://${app}.${config.mySystem.domain}";
|
||||||
interval = "30s";
|
interval = "30s";
|
||||||
conditions = [ "[CONNECTED] == true" "[STATUS] == 200" "[RESPONSE_TIME] < 50" ];
|
conditions = [ "[CONNECTED] == true" "[STATUS] == 200" "[RESPONSE_TIME] < 50" ];
|
||||||
}];
|
}];
|
||||||
|
|
|
@ -34,7 +34,7 @@ in
|
||||||
};
|
};
|
||||||
volumes = [
|
volumes = [
|
||||||
"${persistentFolder}:/config:rw"
|
"${persistentFolder}:/config:rw"
|
||||||
"${config.mySystem.nasFolder}natflix:/media:rw"
|
"${config.mySystem.nasFolder}/natflix:/media:rw"
|
||||||
"/etc/localtime:/etc/localtime:ro"
|
"/etc/localtime:/etc/localtime:ro"
|
||||||
];
|
];
|
||||||
labels = config.lib.mySystem.mkTraefikLabels {
|
labels = config.lib.mySystem.mkTraefikLabels {
|
||||||
|
@ -47,12 +47,12 @@ in
|
||||||
{
|
{
|
||||||
Sabnzbd = {
|
Sabnzbd = {
|
||||||
icon = "${app}.png";
|
icon = "${app}.png";
|
||||||
href = "https://${app}.${config.networking.domain}";
|
href = "https://${app}.${config.mySystem.domain}";
|
||||||
description = "Usenet Downloader";
|
description = "Usenet Downloader";
|
||||||
container = "${app}";
|
container = "${app}";
|
||||||
widget = {
|
widget = {
|
||||||
type = "${app}";
|
type = "${app}";
|
||||||
url = "https://${app}.${config.networking.domain}";
|
url = "https://${app}.${config.mySystem.domain}";
|
||||||
key = "{{HOMEPAGE_VAR_SABNZBD__API_KEY}}";
|
key = "{{HOMEPAGE_VAR_SABNZBD__API_KEY}}";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
@ -62,8 +62,9 @@ in
|
||||||
mySystem.services.gatus.monitors = mkIf config.mySystem.services.gatus.enable [{
|
mySystem.services.gatus.monitors = mkIf config.mySystem.services.gatus.enable [{
|
||||||
|
|
||||||
name = app;
|
name = app;
|
||||||
group = "arr";
|
group = "media";
|
||||||
url = "https://${app}.${config.networking.domain}";
|
url = "https://${app}.${config.mySystem.domain}";
|
||||||
|
ping = "https://${app}.${config.mySystem.domain}";
|
||||||
interval = "30s";
|
interval = "30s";
|
||||||
conditions = [ "[CONNECTED] == true" "[STATUS] == 200" "[RESPONSE_TIME] < 50" ];
|
conditions = [ "[CONNECTED] == true" "[STATUS] == 200" "[RESPONSE_TIME] < 50" ];
|
||||||
}];
|
}];
|
||||||
|
|
71
nixos/modules/nixos/containers/tautulli/default.nix
Normal file
71
nixos/modules/nixos/containers/tautulli/default.nix
Normal file
|
@ -0,0 +1,71 @@
|
||||||
|
{ lib
|
||||||
|
, config
|
||||||
|
, pkgs
|
||||||
|
, ...
|
||||||
|
}:
|
||||||
|
with lib;
|
||||||
|
let
|
||||||
|
app = "tautulli";
|
||||||
|
image = "ghcr.io/onedr0p/tautulli:2.13.4@sha256:809bccf944ee56c33af99993841e797e18dc85243639788de3c9d668c291b215";
|
||||||
|
user = "568"; #string
|
||||||
|
group = "568"; #string
|
||||||
|
port = 8181; #int
|
||||||
|
cfg = config.mySystem.services.${app};
|
||||||
|
persistentFolder = "${config.mySystem.persistentFolder}/${app}";
|
||||||
|
in
|
||||||
|
{
|
||||||
|
options.mySystem.services.${app} =
|
||||||
|
{
|
||||||
|
enable = mkEnableOption "${app}";
|
||||||
|
addToHomepage = mkEnableOption "Add ${app} to homepage" // { default = true; };
|
||||||
|
};
|
||||||
|
|
||||||
|
config = mkIf cfg.enable {
|
||||||
|
# ensure folder exist and has correct owner/group
|
||||||
|
systemd.tmpfiles.rules = [
|
||||||
|
"d ${persistentFolder} 0755 ${user} ${group} -" #The - disables automatic cleanup, so the file wont be removed after a period
|
||||||
|
];
|
||||||
|
|
||||||
|
virtualisation.oci-containers.containers.${app} = {
|
||||||
|
image = "${image}";
|
||||||
|
user = "${user}:${group}";
|
||||||
|
volumes = [
|
||||||
|
"${persistentFolder}:/config:rw"
|
||||||
|
"${config.mySystem.nasFolder}/natflix:/media:rw"
|
||||||
|
"${config.mySystem.nasFolder}/backup/kubernetes/apps/tautulli:/config/backup:rw"
|
||||||
|
"/etc/localtime:/etc/localtime:ro"
|
||||||
|
];
|
||||||
|
labels = config.lib.mySystem.mkTraefikLabels {
|
||||||
|
name = app;
|
||||||
|
inherit port;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
mySystem.services.homepage.media-services = mkIf cfg.addToHomepage [
|
||||||
|
{
|
||||||
|
Tautulli = {
|
||||||
|
icon = "${app}.png";
|
||||||
|
href = "https://${app}.${config.mySystem.domain}";
|
||||||
|
ping = "https://${app}.${config.mySystem.domain}";
|
||||||
|
description = "Plex Monitoring & Stats";
|
||||||
|
container = "${app}";
|
||||||
|
widget = {
|
||||||
|
type = "${app}";
|
||||||
|
url = "https://${app}.${config.mySystem.domain}";
|
||||||
|
key = "{{HOMEPAGE_VAR_LIDARR__API_KEY}}";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
||||||
|
];
|
||||||
|
|
||||||
|
mySystem.services.gatus.monitors = mkIf config.mySystem.services.gatus.enable [{
|
||||||
|
|
||||||
|
name = app;
|
||||||
|
group = "media";
|
||||||
|
url = "https://${app}.${config.mySystem.domain}";
|
||||||
|
interval = "30s";
|
||||||
|
conditions = [ "[CONNECTED] == true" "[STATUS] == 200" "[RESPONSE_TIME] < 50" ];
|
||||||
|
}];
|
||||||
|
|
||||||
|
};
|
||||||
|
}
|
|
@ -4,16 +4,16 @@
|
||||||
./system
|
./system
|
||||||
./programs
|
./programs
|
||||||
./services
|
./services
|
||||||
./browser
|
|
||||||
./de
|
./de
|
||||||
./editor
|
./editor
|
||||||
./hardware
|
./hardware
|
||||||
./containers
|
./containers
|
||||||
|
./lib.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
options.mySystem.persistentFolder = lib.mkOption {
|
options.mySystem.persistentFolder = lib.mkOption {
|
||||||
type = lib.types.str;
|
type = lib.types.str;
|
||||||
description = "persistent folter for mutable files";
|
description = "persistent folder for nixos mutable files";
|
||||||
default = "/persist/nixos";
|
default = "/persist/nixos";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -22,6 +22,16 @@
|
||||||
description = "folder where nas mounts reside";
|
description = "folder where nas mounts reside";
|
||||||
default = "/mnt/nas";
|
default = "/mnt/nas";
|
||||||
};
|
};
|
||||||
|
options.mySystem.domain = lib.mkOption {
|
||||||
|
type = lib.types.str;
|
||||||
|
description = "domain for hosted services";
|
||||||
|
default = "";
|
||||||
|
};
|
||||||
|
options.mySystem.internalDomain = lib.mkOption {
|
||||||
|
type = lib.types.str;
|
||||||
|
description = "domain for local devices";
|
||||||
|
default = "";
|
||||||
|
};
|
||||||
|
|
||||||
config = {
|
config = {
|
||||||
systemd.tmpfiles.rules = [
|
systemd.tmpfiles.rules = [
|
||||||
|
|
30
nixos/modules/nixos/lib.nix
Normal file
30
nixos/modules/nixos/lib.nix
Normal file
|
@ -0,0 +1,30 @@
|
||||||
|
{ lib, config, ... }:
|
||||||
|
{
|
||||||
|
|
||||||
|
|
||||||
|
lib.mySystem.mkTraefikLabels = options: (
|
||||||
|
let
|
||||||
|
inherit (options) name;
|
||||||
|
subdomain = if builtins.hasAttr "subdomain" options then options.subdomain else options.name;
|
||||||
|
|
||||||
|
# created if port is specified
|
||||||
|
service = if builtins.hasAttr "service" options then options.service else options.name;
|
||||||
|
middleware = if builtins.hasAttr "middleware" options then options.middleware else "local-ip-only@file";
|
||||||
|
in
|
||||||
|
{
|
||||||
|
"traefik.enable" = "true";
|
||||||
|
"traefik.http.routers.${name}.rule" = "Host(`${options.name}.${config.mySystem.domain}`)";
|
||||||
|
"traefik.http.routers.${name}.entrypoints" = "websecure";
|
||||||
|
"traefik.http.routers.${name}.middlewares" = "${middleware}";
|
||||||
|
} // lib.attrsets.optionalAttrs (builtins.hasAttr "port" options) {
|
||||||
|
"traefik.http.routers.${name}.service" = service;
|
||||||
|
"traefik.http.services.${service}.loadbalancer.server.port" = "${builtins.toString options.port}";
|
||||||
|
} // lib.attrsets.optionalAttrs (builtins.hasAttr "scheme" options) {
|
||||||
|
"traefik.http.routers.${name}.service" = service;
|
||||||
|
"traefik.http.services.${service}.loadbalancer.server.scheme" = "${options.scheme}";
|
||||||
|
} // lib.attrsets.optionalAttrs (builtins.hasAttr "service" options) {
|
||||||
|
"traefik.http.routers.${name}.service" = service;
|
||||||
|
}
|
||||||
|
);
|
||||||
|
|
||||||
|
}
|
|
@ -1,8 +1,8 @@
|
||||||
system:
|
system:
|
||||||
networking:
|
networking:
|
||||||
bind:
|
bind:
|
||||||
trux.dev: ENC[AES256_GCM,data:ReWcaafRGpgrMBiWBl4ofSVFK6NU/P2n/FTN0f4ILe/dBFtZiMJxyLsmi4tb/JBD1ndil0C/eZvld13+xVk+FsTgh7C/4YnJm+9SpgQv8kxorVzGnKU3JGufku7LDyrnING/A+yjMo6vD0h6SQnSt6i2YB72rN09+o7aO7obHNLWJ+B2GSS/IiQb2voncDCjDuiu8ESZevTPVGHhmnP/VrWZOy/cwTOqgF/i65gcOdqbqfeF+iXQBKV1WJa2vEBcj1+yLrS5+YSSueReGec7tn4ulrTKiNPFczCOM32kFbwxEhI6TlxIh6MasjQtHAo/qMyEgk63oiZWKsaz21VfXyPNOnDJB1woE6T0IqRLMUUbuw7150TaRtBWnKazfCH3cdxwi0llh3zp9HBAKPrLOa0V7rOSOrE5f26x0ZA9AoVLQY82Ms1ibMHDNJ+cZa1TYmxcGLlag5g6gaLwkKGM0YJ+FgrI3zBLqcrOe8SysoNI2Ru2uAA5a9K8TWDasF0R+/Z6WWFeu1qFr8th/QvoHHehXKEiXGz+89X2hC4TBm61/IKIMcls9zIYKExeZ5ePPPU8w/oiG4SAxjnl+ppMs18a50/wXpBvi8GPeG6gdvrfUnhWv5j5au+43IHrQiBTb3jGGur5rLQ0cKNGzEBNvjPyhXRi6H2KuFwi+XVKNjnWYoTa4PFGZMK6OHqJa+yOhqF8h1r5ydlhGLumBGU+RzEG6wSU2L0ewOXH3XPb8T2bUejyg/kq9ruGe7/Unx4gfyuxgI03Jv7+repZk0gbN26ZiPh62FpDLKS8YFHFSIEFJJJwCUU0Lhb3xxQL8klrGbuxcZrFcK4sxFCF0UiexRO5betiN0RG4KS3jJ96iaSvrAc8T24pJb6cZtvTgGNcMyeQSaEiyp0l2wjEXzE3xNmTTZ1AcIcig+9dY8bKBLx2EDRS1YN/C/ucuXI+9/6V6O2cjmw1SvonQUr2D1UemndrJy242SUrguAch/Iay6nsWgurCrPe7IJgwaWh5SIGDmmA7sfYW4GjtIqwo9J1NoooD9ROwAZhv6aEm9Iy2350eSOUV1SE105wh73FTV8HKBW0QpEFL+ebw1OVbjFXQ5iTHh+s/XVihsbf5y22s+E6p6wzwmpzty9fToXcm2RbdCMaHnKdoEPvnfCY940s5th4cn4+d6lurlHuulmizLtZJnrfnb1LRBqyrK0dOdi+nP8fB4unOiBSUoOkdaoLKpL1yikUtPwsAFGgQKYP4KCvmkGhUfm18ZLI4HzvX1TKmAGfrnD10OGzlZnj3QtmPhfuhfqgYzYn17YlyFp7r1MwIch64lEf0Y5LiGzRdQ3swFwunS/A8C4iPCP6oxLWk3lKftBfQXvdYLghUS47dxXw5yTRNPSaZPqWhCEPHu9eTO7/ZAgEQ4e0HpnON5zGYqPiyPwsC5h7Q1rOqgAN45iY762q+bx8IAj43J96sHEfJxVUFvjGZvIRKZ0Lg+CtWKtjMSEtzCeR6R6Q79EazEyAagOpKShI3URLkgGlfixmVArekPq8SUzBgtSl93fuXNyuu4n65CCo39VHXEPlmE8rLK4R0SCTNgzCffZQqzoelta8CEcRCx53KvWDblfAgFciy5my7zr9Jg4mHX4cjB194VnXmEL7gUrCV+WXT/p7NYQqiLe+z3roesi4VdCkYASwkg2C7TIL5dbhSaiiKH3/43DChmEDhLib36BAxD+EmBc7p+yuy8NOlT4pjimziCbA31qdY7bTe+6V3eSqkVNKE4+6hBVJM1m8eBuxcw7Ed7tkUmDqInZF+bKg0ZsdZrKtxzSdoN5QidJ6oPokU+IcAqF8ey71qIODwbzEls33K5RH3f9K2YtQziWoc9ditSjBb5hv/x7a7fJ16ouhoJWCQ4FNIRF2RdeitolAHgtbyAcuocNCUhPQ+/5pdlozbPdmsvLCG7aJSrVByC90gaFYEvjBv6nK/tbgAKSYnuw0JvPvg87LZIQXjULSrOl537PP1ivyVjNMV9R91HKYuFGr+Rjf7mxjlCetYtTPDDdxtVx3ZPhVpyW07EVHflGl50WNqHa9YUMWHFjjAHQgFkvZnNA0Yf01fG3rp09IHK+U/oisHeSMt9+uuaQ+6+Jcn8PAjZZH31esc/5BbzH8QbOZ+6AMRuxyIAvJRQ87KMC2PxMUceUooDmq3zE0K+KDot0SYDgGi8z3d/4Te3pqHAzWpVU0ttLnwt6e+dhu4kM7uCdOqeiBqDNBxonmTrosx/izB88GhTkLGo8SX9LC/zVGLcTMMbWceJxjgTXu0J/VXVeAJrmfJWIu8f/u8VMQ3IBLR1hKDLy60tj2w4aIApCEY8PZJwBTiuf9eMtLLIFSmCIcERwH25sJ7Hc7KFnZP+NYah1k8XDU4hHCs0TjTc5kcneLwLxUD289meqZkBmN2KFF72mRqP5ZC8f6pPJDg6lctB9FNldpOKM5qWJXGLOu1D7/dhk6ilAyPpK+k9GySrd74khiN9m1kevTBKKsBrgdaxmwym86reK71m8C6txQ5PbaRFEn8t/8Liy3vF8ecKGir4qjwFcqATJUQjN9p87IPDnTdFOGBFXhan4mPg1JY+TSvFH0v0QSoIf3mxz2rSBlg6s538X6Oiqzyg7KrUng+7x93auAJG4xY9+ja5wK96Li4mLm0YL4MftDwpCBjOf5ML9ZuyA9CFBEz1An01dpHnqK0UCgZCArqxAb3hLVzCk7qwxZf5s8SZoMjJR2+wvdLi1K4sW2ayq/trcpwawWgoFevedk9sRpBv99xBwWnbWe+zT8hMYJR8O/b60I/tSOVSJ5S7ZbklA84zc/X9KJQ8s22Se12Bvr+h18rmAsxc9RSW+5/JCJohhO/IEB/zhqwQK9aKrHURKwZ4mKsguk4B74+xUAqkxh+Lbn625EZ7EI3MRUEtM/A5I1mYPDt5F+xfKUo/6NF69FCRwOlOlQ7nToobPlfNcm+ttnSzj9NAIG9LQWajiC5lWSB5aLHvfDGpsPrAxauQOPUG2avTA22UXANfA1KAkxvmsUtavOFVLyjHctxnsZI7nCZMIIy+efPXu1FKyijM2uKOkHdrEnS0mb7ZLGUKlwQHJvOsu+5zsRsXZ5FPcdm0zNP+f05DGtKw0saWrjyP8AiiiG89rv6LPGnhwRxGI3yZfJOVcXwhoPNSJ/BHgjk4OF4d8/T6y25+xETrTr819N+ocVrhrNFZbSW11BzCBCd3kwTx6SFNcwmlm3tGyfB255YX1tF6G9HuuVD4A=,iv:pjMSO0iSk9K4+Z1TpYfI6YudZETkL7b2KndChnE0ITU=,tag:kMf6a1UornfzCjzuPUTvvQ==,type:str]
|
trux.dev: ENC[AES256_GCM,data:Qr2DNPQrymbiTaZYPN+aFT+njbzEAO4X1qRiVEo5Lz03GsmQ2ct9bmF5VyNGrjKyBVkjEZVeX5istUYXOf7Opq5NA04N7z8uCZCBU2YuzUEVfkz6PXSU1F3NbdBlika+2iogLpDcJRttg3ciNhSrWDiWSlns/VZBKIxjrRX7yGLvCF71UdgaBdCYiTDQNU2kpHQaYLafftppAtLXzWA8HAp6lxsP8a4RISBvA78o1+fr1WzEffjFd8jbdfr61kWhOIygGhdWbVs0taQ5vLzjd4+eN9YFdjNRiHZdktyrJS1PpteJ8FwAZwulDHdKoMvLhm6PnuSw/iTk/CnEXPiaFOKf8g4NxLOcM6kJUgcfiwqorvY6YYQ1j2DfZ2eyiE1TdC/a27oj4ZqoQSKyn+nuILXRu0ptP7IfNEX1QlAeKl2Gi6qgiZLQ1F/67dzJvLAA0onncMkyGV+cHGSSqmb15aBESJ9T/gcTa8b+JjYj++bSL7b5KedHf5VwmoJ6Tug1qPXxubscGP1mD7i7uxZmgW7UYCStAtx+GyIK7dTlCuAjKoLkGxgiQD1elQjuqwJ0RM2YV9cdWwpeFb78sAOSyUfZKfQZDmnutSWzNInW42yLJoNO8URBWsWvc9lpwDLlAGfPo4BXUfzdG+qX5UCFmfPn6AvcYIcLOUz8vEw2YG3byJ1QUYXRIQ851D+aeBte84P41ZlXwC+ov/A9PXztJlz8phCFJQZpe/6LwUqchtwl6CJAvop6nHcgYnQfIrRJGEKkQDLYWLeDrQtovpDqNgZTNkmk0KXeuPGKjPCrXhvmqs4YYUIyQdvGqqli/OLhs7Zq7GOvSSGNWx/wCrptavgxiG/eGBlc1veDOACPdrV4q8LdTfavCTbzNO8lCq8kkzzL9zN7NJYu2vButkkOsmSQ8y0nubpnsxw26a7okeMx5wh1YTZ9dllKS89zVIuXbwuIxRu5z13RrDoOQWm6UGjgvuoTpIsptPfSSA/EGJvy7AQwsWQsmcgm46MLffoRfhD5p6LgwQVVetGGM4iCOmtUDsnFsBbY7KcyPUAw7KI4NacGlAlsJEkdpAlR8HvL229/J8xuOzDSH45nJ53nwH5Ki5WjurS3ovl+ByMg4v5EX4fEY7bWDsYAYzhhQfZrDWFYvJdNEO7j2Wtl7t8gIPiGPOhOnXExZoL6WAauFKer3N9nOE13xqkTJIL9KAJrf3oE39W4i9fWLa3vMknbyKLUu4ycW9r3ndKPk7KIb3kd2TBNqGXUyc6ZomE369lhGs8oajtv6M24V3d9ggE/eHWjUllq35go4YmJG29i7G3vQR5o9HEFxe+RnCqe7j26/lU48+2xDJZtve4uCvAbkU+awLoKz8/n4PQJ309aPPODOMZgA9HWe+I1V93UHZUZuKc0ySsgykru2+dvN8Z53nRwyZWrn5XxVVi5zf+5y1YK/r9SUq2cklny58jr/r34lACLkanXPR2+RMihumcQz00VrTdpadWAsdSk351O86aY9JxSQDqTgvLRZgz4urUCKo9IxhXs3XigIRQlRwPaxUtZuvuSagTqAFnw6qcU7Js2AL/obQ6R6ciU3W+IGid5DZi02GV4Gwxx0FJdXPmx7jOoGghwrZv00h0GCtT4BCqH7VWdEE9ZPShglOhUaPMcN9N7RdN1+iHq4/4KO0McuoTtVCYhHI4lKkq8NJZBP7y3ft8lcsI+PLKUXN7wdy3lcTCYvS8wOVM7WuBncpqdobD/A1TZZm7czEZqi/y7fDPqsQ1g316XNdVqKHzOdg3ejDFIjQST87ep4JnWwaIEFklassPPCy6BJ7sLLPUux7JuSIgaWyMPAbB7U7SY6N5uZl4A1+f14mMb9qheWBqwDcWQ83R6QMjpoum2es7XxXGB2/9oYopslyM9glWigPMJPLojWZydJpZbIiB7o4yQBp/OFozl+AJLij/IIrbtECug6bap27LjajVKRSjQVwvZeOg+omttYcwR6dlqW/sHMNR5pkDhJ5lXzWeyvO1C1WIg2qFLE2WwrgM0/V9JDZHo8Uk7q3NUmnVOYlUyTyrTR/OKFEas7GYBv+/f9l5h4UqQZWzU7S6cMAFbQXYxcX3YzdDIJ4edmuzDdWCuIAy+dQsu1h7cVCRYO3tNKSDyYJ2XymEtNUu8tewicf2t52AF4UCR/3dRr+rgEFbrTpxn1Sm0O8azMIkBiRZSF/hF8qzWZmCEqvMtxWjnZDSAeHVv58/83ZFRx9M42gLqzlc9WaAvKNtIWgTQDOz7lJ3ymWdHdYaFq8z3aOh2IgOBhwAFee9rP1IXu6ASsl9NjlK9TRy1FrTpMzZKRLtqQgXaQKFs20FeoGQR+as7ZBCfIyANF2a/amjQOlV7nAVMGtpPS91DG7NcejHuVklVwBwZ62FAH8Wlm7VuBSKPCJqlbqO3ixsuHtuhUE1IBJNIR5kQbxtkoDjfaIpWB4m2VBUIxmV6d+Bw7lWII0UZPIjoImZ8QnLe67NotgJfRXx/pFnm4zpcSBGMaHpP5HoXVDWbpTjkTZPP99e9v8uWr1qaJfJEBykwAOCRXGM6qh3rj/uqwwUKC8KH1cqOrG5tKudtdE3sWGpV/7YwJMnHEardDCKuKQtOqtWHerZ8b1euhRqQClOB/HVNerAMO1I6mym31btePgRDfcLGPBjL8hE5wC+iuZlYjl4RUHVvhvCVXUwF9aGEv0u7Ut9WfUj2f4YRinI43KawVeQTIPGUD7k6c9RLwVwz3YujY03ruzgDq1urDtTFI2N2PtFR6iiTzk3R9To6Wodjd8lbk8GWYipg1IKORHaQ3e0wgZPbgBI4tj2xwZN1WHIzvM/MLqu8XFW/fnhV3+TZ8JfjNOXFn29Nn79F8rHuil5DUfBQHJh6z/EWQ9+2Wu/B8OA45JqBO4HpLGKN3JmuCuQeqwJi5Rcd9OBJl2OK0Ccm38uGWyYWGsIIL5SefZaAioMoPZs1T/Z7PejwKDamve7sGTIOXvFMIx2S4glqZ3/da9/GeIqCQ5NRG18slP9jbx9RD2GEytsXDJhWo6bgCfKIhk5j0s3vKnQ1cbMpBbRib+RtPsQGfBDw1IasWg3oGZXPclH/zYd9HZsAZN+qY2ny7VZOCY3wswXvCZjda+pYF9I30LcVIfErM19REQn2L3iUqvPJN/Wj+KfosARZAl984FHlvui7IfJN9EuHEMA7c9s9EuyoNWXi7wOcFrt7CBnURk6nNZwq6RbKtSPVCkrRgY9W2sRPlhOXvRFcVM0vRnXAtkpYX0+sVfMQSrmTeS74ippLLwKItjZMgi/M3ZczQkewdMeFbGa0mUZQbjM/bAYQqQ==,iv:amqQUxzTVYI91hO/xbfuAmclf0KLXMwHa7fStRAA4WU=,tag:rMOqMsMfanq45O4Vm2+SSg==,type:str]
|
||||||
natallan.com: ENC[AES256_GCM,data:yCeI4+Dk63MmpiwjtU/fl1Y6lIiTS5tzXqsXsJUlZ7Xg0fFhnt0YFslNNgtbeDP14ACdrF1lMXSDi8AkUuJ2w6x/LO6WEKo8cV0PFUvR6DHIjatS/6ttm9tJdRtX3b5sO5dyTrMeTv6qtOQY1Gk1l9jWRYvll+GXbAf+8pcufe+IHZ+/TA/+AYs2ryIszCKCm96wXq4Bs8p/ihFgS18YcpLcxly3FVqZIz8xB4Z9yYIcHinNMhGvOKXDnsSPkXUoB+s/Nm0jPxzN2i6beBsu/8sOg83LgEdM3c0UGVyRcctFhCZurPR6xs9A/WhmRCoj/A8V/3aVHR2Ky0HmyFKzue5Pe5khA2Sy8nv4QrR6YX3yqYempwGTxrZXu0/TymUQbmG1HXlVCk6cgYTFbK4NItHDsopML0QKBAwovtiAGnV5f7jA366XPo/3c7rQDo9qRuWZLMGAbXIHsgxFdnbMA/CXnf/8hEBuf8kdfUVX8U7EQgxoQGbOV0d99gCy0O6qZYwwk8rseGSLPk6nYN4ChiHvsoyrFjXUZJP8CR/wMSscKw4wqW0Y7ec56yiOJ/iPuVIZL+G6D56gZ9M+21dQp4QvfdPyEBElVSZNyBuo00ipJiTLs/G5Sh61oQCUZfWHf+1vnnkSAdoD2BpCqCoYm/ZkxYnOzU+7SCm2obHixcySCWz1B3EgwAargqaKECJNKpL+AR054jApYZVvIaJnERTPZvPqY8O7DkcLzJuvSCac2GwSqT7uG6722ZfO2geUD1REp1YWRtP5dHDIhG2Zg6rwQxCr6VdicHQlx90llaSWq9WtJU9xhw==,iv:OeFQXQdLbXynTqHxfV5OtWIzwckGDkEzL/IRZonpukM=,tag:ex0TYR1Q7LsCAIuHJJQlmA==,type:str]
|
natallan.com: ENC[AES256_GCM,data:LFZgRF1LvGxERKW/oJh//K6KzgN7thRouJB2JDLyn46tR/1QVrhbOomVYynGMJayRC08wMY0nYABrkkVMkzXGWbcR1Qxwi8yWp8eDSGPUqnIvMy5y5N84HC6F6vuTbBkNlxOipAWgTLa4iG5UuIs9Rq4hk2oIDvNM4oeGScaLjbw6oOlMivRCqrzUsrqjnnR2AIkLsbb/NhwlKlfN+r+IzULi8dYtjvz38RJ+pQT7nFD4aq31hCKHEovH/FhP+JOC2Nw95gaa00ORodBqs+tdTgBH/7x6PomjiSfY9V/47XlccgBRR/ax6R8j2Nb0xydxTR2EVt19EUWpAsA18xjkWhefoD5qAPRI+MS2IQGSW8hO0wYVxQ2bCXohw2/AmqACNwar0Otbi7mlSQ+UmsWgh7CaWhWrRR09yljLs5nV/qKZl7v15cuzhyqYRgeQiwYNWYhK8L3HgBOy64sIFp3vcVLzkVnvL95213pg5Z+tXuwiyP3zPwUPHMOvsaajVJZtE4SEe70ivhpwgHJRaQ0KjtupCjZAYOpdOXyuyk3w2DF/kWpBGa04b5cUmIER4uFCbJwxhY5nqtMMdMZ0uzCzHxL0cK4JUWqfgXAJsPkn1qPI0bL1/k77MnSDr5wvaIqH2WtUc3tywBss5EdF7xb51FCRNfnDaGy1NI0465n02HkseyslWvXC9bOqO8VMfUOerxdqDtyPc8EAoJyCaZXHrYxq4DRXFi8pAek9VhBTI7xdWraIFbuWHXUswSeE01zeNVvkFKCP1NIclmNvtngJRwTUESPK27RLJisNM3oMGXOaHvOdz/V1Q==,iv:NoGshUs7G4p9wQ7O+PpxtinwPa0SrdALeK49SkwYLFY=,tag:S4L+h7wkP34DWxB3RpjqyQ==,type:str]
|
||||||
sops:
|
sops:
|
||||||
kms: []
|
kms: []
|
||||||
gcp_kms: []
|
gcp_kms: []
|
||||||
|
@ -12,59 +12,59 @@ sops:
|
||||||
- recipient: age1lj5vmr02qkudvv2xedfj5tq8x93gllgpr6tzylwdlt7lud4tfv5qfqsd5u
|
- recipient: age1lj5vmr02qkudvv2xedfj5tq8x93gllgpr6tzylwdlt7lud4tfv5qfqsd5u
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4RjJQblo2d2NINTdabkhx
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBLUlNkMnpmTjZsRnNBaitv
|
||||||
MUl5enArczB5V1JteENjNnJmb05uN3VDSkFzCm95THZkRmg2TkR1WklscW5UdEs4
|
U253MTlac3BueGJ2RG5SdUNkaExOSWYzQWxFCldOemJQUjFJdE04TjVuNGRIV2RN
|
||||||
MXR2a0JxZWxjeENyeE0xZFBYL215VXcKLS0tIHNZOEVFbUFGOUZEL1MreUlNamZ4
|
NTNocEZtd2tDZmFjVDEwR2liMi92TVEKLS0tIE1SUDd3andzeEFrOGxlZGdSTEIw
|
||||||
Q0p0MGZpdnVJc28zZUFOdTI0RjlkOEEK7YOXO0412wSTu+1oW3eDoA0p90bskEGv
|
K1VyWHFSR1cvV25RTXIvR3BrNDZGczgKwaUCUNINj+o7d2DlIcq6V1Ls9ZJqxXQd
|
||||||
VEhdI4NgUn4Ibg2xOFLP4dTtFRLVoghkehCb8YO0Hci82gdAa3yF/w==
|
L9lSOMTZ7wG2liFnySqCSKSSgQELCzHVRo0njv8LU7JLt2VFAjU2Qw==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age17edew3aahg3t5nte5g0a505sn96vnj8g8gqse8q06ccrrn2n3uysyshu2c
|
- recipient: age17edew3aahg3t5nte5g0a505sn96vnj8g8gqse8q06ccrrn2n3uysyshu2c
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNV0JHei9pOFhvaFFuSGRC
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzOW9wVW9RUzFTdDRZUXJx
|
||||||
ZWMyVFlRZ0I4NklJSGF0WDRUNG5RelhTNDN3CmdRRC9QSkRnMGMrL0FLNzNEbVlB
|
Uk9Vcjd1UWN2amFOaXM4aHk2dkg5ZXpGNTBjCnA5allSZGZWRVZVNW5GQ09Iekpt
|
||||||
NGMwQndWNitWZStwWmpZSStYMzJEZXcKLS0tIFdHVDVaL3FyZk0vQUhNM2xRS3o3
|
NDNoTUlZa0VLanBYTjlsREtZeGRmZzAKLS0tIGlNUW9OTHkxVkNrVXVmRkdBUWtz
|
||||||
K2xiRVFOL2hQSlFCNHNBblphdG1VR1UKMhrKTi5bsNAC1/JTcz1BTndXV81ylHZk
|
KytWWnFzSVY3YU40bW90blZuWm1PTFEK4EDj8GtLCWcd5FIEx/fywU+XLVeU0X87
|
||||||
AqxpgFh6M/fI52KCzXTACQPbNUW9oh2vKmdNHFJiThaZl3k8vgbbhQ==
|
UwJfkWaUYbLouqMTSKZZc1wf4KvL1GH1qyEANnjY6EDHf3kBGZMkTw==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age1u4tht685sqg6dkmjyer96r93pl425u6353md6fphpd84jh3jwcusvm7mgk
|
- recipient: age1u4tht685sqg6dkmjyer96r93pl425u6353md6fphpd84jh3jwcusvm7mgk
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBCcjdqWUs2L090TlB2NGxp
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBUVGxsMC95MW5tZjRzSEQy
|
||||||
OWFwWGpMNTNvaEk4OHlOaXNzRjBEZW01SW1ZClg1d21IbkpTWXNHUjhGR3c5OXlp
|
VmpqT1dSUjdSL25vTmJOVnlTR1lLWUdBdVJrCjk2TVAyWmtHSjVDNEhsVG52RzNu
|
||||||
cDY4d3p0MzJ3ZmZBSkxEa0VNbHpsOFEKLS0tIDI1QWZsTERodWZIVXV3eFhaeHRK
|
aTNJbjlIbVFucktyd3hVak5weWtORmcKLS0tIFdwSkVGamt6dTNlOGNoVDJ1dy8r
|
||||||
MURpU21sNm1CYk5xd1dDNzAya0xiVDAKD6q1WT7nqaEb3ZxtZHvHWu3KP3QKf57j
|
RExTQlByTm5NUFA2aW1tR2lSZ1Q5d1UK8e7BRwBzeOvOUXYFwkgBraP1+vrZ3HvL
|
||||||
35+K0BBQwvQajR8Pmq6z5uTP0SmuJhKrMG9/WbwCL0laRJHZ1SO8sw==
|
gaMH+5AEH4GiEd34svgjLAtmbSzm2/VNhboxYmAWUk+Ff4jn7+tvmw==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age1cp6vegrmqfkuj8nmt2u3z0sur7n0f7e9x9zmdv4zygp8j2pnucpsdkgagc
|
- recipient: age1cp6vegrmqfkuj8nmt2u3z0sur7n0f7e9x9zmdv4zygp8j2pnucpsdkgagc
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBjVHdsSkRiVk1ISU9SVVlm
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSUHBUWnZIcHEyZXVUdGRJ
|
||||||
Y3NYTWN2V1ZIdUtwaTE1bllsY3M3RTZtQkJNCnU3Z2RINmZMdWNTVFpLNEpKNmhi
|
MC9UT3lEM2hlOXJna1MzRzRvMjVtUThQWjBjCnB6OVVqNDE0dFNMTFBWMGkwSEMx
|
||||||
OUptWEx2NXl0ay9hYk1qWGRtU0MrdUkKLS0tIFVPRmprU1RwdjFjc09TeU9tam5K
|
YkRQL1VJYXZjQU00YTJ1eDdPUWREeFEKLS0tIFpYRWtOaTlTWFFOdUd3VXZGNGcr
|
||||||
WEtWdENWbkFyb1o5b2FUc0NocWNoWG8Kt3qnXdryCQMSHlzQGdb/yd1L0zP+e++Y
|
TXZFN1BzMEhkMUlObXdYV3BxbzV5dUEKCVGvWx1ZiU8VEZoFvThef2mfa5QmgYp4
|
||||||
QdYLfvzFu5QXoFzwbEPMrWMfZvt5hJ5hxgWTO6OqDX9p6b3AyMmOxg==
|
rqgTrivwQv6uwp80i+mGzrVpdqhCYhwYgiQ29M8sGJqJSawbUTZ+5w==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age1j2r8mypw44uvqhfs53424h6fu2rkr5m7asl7rl3zn3xzva9m3dcqpa97gw
|
- recipient: age1j2r8mypw44uvqhfs53424h6fu2rkr5m7asl7rl3zn3xzva9m3dcqpa97gw
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBmWlZIa0J3bndUeldPTDVV
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBZMDdGN3pRekxsbmdmOUNL
|
||||||
K2xVNFlHQ25xMnNHcGdEOXFlOU9qMS9sY3hzCnRONTBaRHlTNEJ5bTF6VTNVeXpR
|
SHZJc0xvV2tvMi83dkdDT1Y0bDVIemt5QTFJCjZKbzAzRElMczBTNmkrU3lnU2lR
|
||||||
TjhWMlk0UFN1d1dqT2hFVERwZ01Ca3MKLS0tIDUvcTh2aEpJV1RtYUM2Qmxzc2x1
|
dm5pRDQvOExJTW5NRnZXNXVnSmx6UGcKLS0tIEdlU1hSQW9GaEZFeU1xUUFPcFZI
|
||||||
K21pUFgyb2ZHM1pmcVQ2Y2VXY3ZTR1kKGqi1hEmSR+wTaabmwZxvq2hFHlJwXo6K
|
bFU2bmVvcDNSUUZqRjhXbVQwZDFzWGcKJBad1AlJUOPjvVVqFUuzee14Bkt+Ounu
|
||||||
BNSCTKdEMLuknH1+Hn1QkPd05eBRUj6TlNMP//23BHBN64K5BusdZA==
|
LhhZ+UviDzZ2El1S4gwBY3Rut3aq/vR7n2EziXjNIz9OJtKW141LOw==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age1jpeh4s553taxkyxhzlshzqjfrtvmmp5lw0hmpgn3mdnmgzku332qe082dl
|
- recipient: age1w3jtd4lecn2ng8qxantw33qxl2uasfqfjfpx45u6uweexwtxyq4spwssmh
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNTkxrelNzYmpCclNHSld1
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGMmVtZUhFUzlpVHNXYnFP
|
||||||
YmlkMUpXUVpXYlc4dE1oR2NNUU1rSGJrdlNRCjVtZ3BTdStnYWEzMnA5RmxwVU9N
|
Z3RSa2JYRURQR0ZRZTJjMTg0eVlkNmZGVXpzCnR1TEduZFA2MzhGeStKMHo4SDNW
|
||||||
dUc4aGFWQnNXTXZYaW9UaUs3V0ZQQVUKLS0tIHRqekd1NU9lcVF2RHo4Njd5WjhJ
|
WFplb2MyQnBjSW1oNlBMQXZWZmZaWTgKLS0tIHA0NVdhbVdncTZZMGU0cjB6cmxr
|
||||||
Y3VsOEYzL3dtZVRWREtySWU3OUVvcTAKiGVzvIu9hTFbw3KEWKzwp3hr8SJC5Ck6
|
Tk9pSnZsNEdmQ1UzSUQyeHEzZkZKMkEK2dAdumuwokijR1Oj6Bt1UXZlk4ZeRWq2
|
||||||
1oiLHPK36xK0iTiCFxrHfypwjiuOPC5hYNWBqAXCQ9lJ3qruZLjoWg==
|
beEr19lYPqQVdluR5X/5+JYb+aRQCKN+y3VYDo+7a4bn5967xVilAA==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
lastmodified: "2024-04-11T07:59:07Z"
|
lastmodified: "2024-04-12T10:42:56Z"
|
||||||
mac: ENC[AES256_GCM,data:TVSeK1Ci9IpnhQonAXqunPvNJ/zQT3E4JnPZAqjaXL7xu1Hv1YAGea9RH6xMWB9jhU2nm8GiBO768yPrx32TQ5iMk0hvE556FeY3od1M2HK8fxeqebySuzw9+EMHFHdNruIyh4XGZIU+P99EnfsMnH4AsZtlkvF2UrhHudpJYBQ=,iv:G960JXYcvKGQBZf6nWhtXCPfFyRRuHxiTTXdar3QevI=,tag:u2RgMusHWBHrTFZQ821img==,type:str]
|
mac: ENC[AES256_GCM,data:QF+mFqddIId16iEkXb6euJW/BUTGkwV+cIuJNWt6/rivHJCGYtd+GX6RgSui/hYKooJP04vFzmcaeilwvbq1/sR+D1exQZZ1p4tG5LFRTrbermPHvcYy7Lel7On1c1OkjPTR8tJ6Vhs1en/FESUeL1JdgAX79IPuxa2WveIPE2s=,iv:pM0d7mPEY2kQ70qE+uiawCTwqFzkY1UhIjrkdKejYOw=,tag:eR5gNrTbZuYz4MHOgk9VJg==,type:str]
|
||||||
pgp: []
|
pgp: []
|
||||||
unencrypted_suffix: _unencrypted
|
unencrypted_suffix: _unencrypted
|
||||||
version: 3.8.1
|
version: 3.8.1
|
||||||
|
|
|
@ -1,8 +1,8 @@
|
||||||
system:
|
system:
|
||||||
networking:
|
networking:
|
||||||
#ENC[AES256_GCM,data:xrdExx+mG8yvJowdOsxDm1aXWDak4Fc2n7n8W3aFm7OnlAGrDymmWh4EvCP9UImfT6dsgWjbb/TcFbGH8ATLpj/sjXfA91Y2iK+GDA==,iv:K7eNWL9MKzDu4lSZXrr6HDDco+BgUuLnwzXSjUPT+DA=,tag:y8nUEt+XaMfmA1JJqwDN6Q==,type:comment]
|
#ENC[AES256_GCM,data:rMKS8YbaNQi7RL9FcxPX9GrbYQ56yzosmLzzL3AZeZvEVQTInKbbWR6tcj3AW5bBntzNRomeKMH83cdqQ2xtkqLH1RsTUmV/mr+8Ng==,iv:+bFJXtcz7kpOeRVUvco8MuwH6y6bb0HqS+R1urbbqQ4=,tag:9yexHkeG5jGtL9Q4tEr4+g==,type:comment]
|
||||||
cloudflare-dyndns:
|
cloudflare-dyndns:
|
||||||
apiTokenFile: ENC[AES256_GCM,data:Rp6OM+m1nN2JTDwmtHeVeyktWGCeDoklE4pMoYFZlf9nw7AEPdX7fLpZnnxcz7yFx1Yv6ycKo7s/1S2VpoSEevsxLcDQKx+9AEhvCH7SxZGJrhZX34qgeez2hZBN9EGRcj0yTzWxfPcnVztXym4AoNlW1A==,iv:frSkgoxKljh59CqzKIlU1tLcqOU5BSy6zHfyKA97I8A=,tag:JZVKFScpTXCAdGhSViB9EA==,type:str]
|
apiTokenFile: ENC[AES256_GCM,data:ImeFlc6BAwq+1X1K8PWegOIJDJzEW63VING8lH0aYgpRbInckoarJ6a2OfYD38Powynl8mLqkcDYrlvgTDF57sRzEMGBa8mybhYZKn4ORFZPkbTpon5GuAz55Vbt9nMgoLDwiwOaE+DN2bbLVND3absLfQ==,iv:rN81afwtVNZtFqwI7s1ZA+OGNp7236IvprPE6pBSVvY=,tag:ekjTmihMMhCuBYFXpgxkDg==,type:str]
|
||||||
sops:
|
sops:
|
||||||
kms: []
|
kms: []
|
||||||
gcp_kms: []
|
gcp_kms: []
|
||||||
|
@ -12,59 +12,59 @@ sops:
|
||||||
- recipient: age1lj5vmr02qkudvv2xedfj5tq8x93gllgpr6tzylwdlt7lud4tfv5qfqsd5u
|
- recipient: age1lj5vmr02qkudvv2xedfj5tq8x93gllgpr6tzylwdlt7lud4tfv5qfqsd5u
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB5YkQrUjlQRVhPRGtSNUxD
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBva09IMGhuSXQ5dVVqZmtx
|
||||||
VHl0SUJEcUs0akplZzNRRkFsYkVOdFlacW13CkVvVEM2Q1J1ZXVxeXJVSnRWNDgr
|
bm5UNjRVN0tKSytuc3dBdTdrUG9DZDBGVEJnCnNTclg1cUUxVFE5UCt4K1BobDZi
|
||||||
UlUxejdXN1JLSTRWSjJ2UGEzRFI3cHMKLS0tIDF5RGhkK3BWR3JaUTIraUw3c2ZV
|
QllLTXFmY205cVlsMDI1cks4TEkxaTQKLS0tIGtjek5OZ21OREl5ZElmY3MzUEcr
|
||||||
d04xbzFPVnFob2JQbVhoRkYzd21zQ3MKZldbeUx6NXLU8qxOml+WXqfcpJVY5JRY
|
YTNyZUtHTFhWYWRhcFNoN3ZCYjYwNHMK6wyDzfQAJe+722HF1f3DegqcdGsj2y1j
|
||||||
IsSALDe5yK/CgrgmC2H69GTBshYCHBE2las+UVJjSvQfUv4WMHsBoA==
|
ZK3wfCxqo7X39goywNcbnVbugHUltMvd1KW7nEKMuCF/YV9EK521xA==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age17edew3aahg3t5nte5g0a505sn96vnj8g8gqse8q06ccrrn2n3uysyshu2c
|
- recipient: age17edew3aahg3t5nte5g0a505sn96vnj8g8gqse8q06ccrrn2n3uysyshu2c
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNY0hNWlVaRm9iOWFxRkht
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2LzVrU25Qcnppd1pzYU44
|
||||||
SVBaZ0ROZTJFK2xhWHJuM2hNdFd0YmNRYmpRCk0rR1BkSFdrRFhSN01ZWDZDNkta
|
Qm4yTlJkSEZhajJBTmFXdk53b0lPYUU2TmdJCmNTUDBQT0dIT0RnZ3UzQUFFbW82
|
||||||
SCtzb0k2a3loZEU4MHRUZGVSVEVXdUUKLS0tIEFBeE5BaWt3ZkxYajh2VlR1R20w
|
aTd4T0JKU0p3NFQ2NzJHR1VMbG5BWGsKLS0tIGZPa1hqUzFNaDZVWjhFRi8rZXRL
|
||||||
WHdEV2RucDNnSlZ6K3A1Y0JVTEN4REUK8OGgcNn9J2BQAoVw9YVU/C0jt/7rUL+Z
|
U2RtMjFSbGRIS1FaWFVOSHArWWFJYU0K34Ct6CN5d96bBB0XBYYoVwL+i8+/pAJl
|
||||||
QRGNHxQfn41+v0qm5fiX7Rfyjx9HUfcLf+unj0oCNMwKXvRayMZlbQ==
|
qpSxekXpw8K1nuHLy5102Vws0AEEMCHNAkEHsjesMXjV3S/cjJWMig==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age1u4tht685sqg6dkmjyer96r93pl425u6353md6fphpd84jh3jwcusvm7mgk
|
- recipient: age1u4tht685sqg6dkmjyer96r93pl425u6353md6fphpd84jh3jwcusvm7mgk
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJZml2STc4MWR6RUZxRHlj
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBsRVJmcE5VYngvUGRBMSt3
|
||||||
UWRZMVRSQUlxa0VyUTlPT0w4aThrdUtyM0dVCnY2N0I2YTlncVpadUpKelgyVXZa
|
dHRod0FMWmVOTlN6eHlvUE50dHNiMzRuZ1V3CmpCamdobFhoNVc0amI5TUxHck9y
|
||||||
dHZNQkRZNDlnUmIzK0IxdGJDMUlWK1UKLS0tIFVrR1FsM0JaUE9RVHhsaGttTWxL
|
MHo3RkdPMnduK3QzZFlxYVV1VWZKQVUKLS0tIDFFR2U4cVdRN2RaeFFuUmtCSkFE
|
||||||
QlJ0VWxBT3p6UkVVWVpVekwwNUJMU2MKreBun8A7dy1VkUjdTQqTmKz3mb60AmUd
|
MnZVeElOTFJGc3kxS0NxZ2xvaXdOQjgKOPZe0NQpG02tsAFFpyfDQVsCw2lZeSOr
|
||||||
axdWZU9Qk78S0AeE3zrr80NQHw7i4oiSFs1Lyz2N2MtmdMMdGSVROA==
|
sOPOXV/zPxCGYqs4dxzx33RG/YaiAVtqA6wp00BE5y8jrxWU6HOv4A==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age1cp6vegrmqfkuj8nmt2u3z0sur7n0f7e9x9zmdv4zygp8j2pnucpsdkgagc
|
- recipient: age1cp6vegrmqfkuj8nmt2u3z0sur7n0f7e9x9zmdv4zygp8j2pnucpsdkgagc
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBEcEVHQUtRZmpwd21lOFdV
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtRW9mcnJjVU01Ky9PUFdT
|
||||||
ME9IbVBOd0lPQnFvdTVhU05yaEVON2xlTjBvCnBiUUZTaVJSLy80SVJGQy9NVlVw
|
TmNHVS85ekhSTGE4aWlnK05oUWFIdTBnVGo0ClYrNzh5WEp0UTJmdFFkSzdhYTdj
|
||||||
REJRWEhrZHR2Z2lJeEVxVlBWRUd3ZkkKLS0tIGhPZDdoSTJ0WCtCVC9IeXRwVFBp
|
d2hOVWNhQmJQNERSdEpBMDJNbEMwdDgKLS0tIEtrV2NFTTNDSS9rL1l5cWRvdlAv
|
||||||
WFZFbmtVMXo4WW5NQkE2U1RFLy9JMEUKzYezCTgRxYKwSn+3cNZ5KgiX55pvwZBf
|
RWg4VUoyLy9WTis0N2hKSXNVRW1wdDQKIpSGvd5Npk0RrfpgvkFI3VCaMmoMd/uX
|
||||||
vFcy2V/nYpyvULGZ5+mdPkPwJQqIE6olD6GtWoLtIc2y1GUk+T6M6A==
|
J4ci1P2jMb8Q+oeNi5MulBOJMx6P83BLqzTZC2rbniZJH/ItUZL1ow==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age1j2r8mypw44uvqhfs53424h6fu2rkr5m7asl7rl3zn3xzva9m3dcqpa97gw
|
- recipient: age1j2r8mypw44uvqhfs53424h6fu2rkr5m7asl7rl3zn3xzva9m3dcqpa97gw
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWd25WNnByTSt0UnhnTStQ
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxMjExWXkxbjYybkE2NEs0
|
||||||
TWZlS1V3elNjZGZtWXlvSGtIemFMTkpTemw0CkUyMzBkRkZ1SzViTTJFMHo3bGFp
|
c3hpV05oMU9PWEFMQW9OUXN5SzJYZTJZVVg4Cm9nWmlKVU15OFM2YjM3WVdrYm1w
|
||||||
ejR4dkFFZ0lnQ0NhRFRvNnBxYkh5R2MKLS0tIEpLZHZFZUxxWkN2alJGZGs2VS9L
|
NTA3QVZsMUFzR0psdWg2N2N0VjhlOUkKLS0tIExCbXZoSTJwMW0wSzZuYWQ5VDV6
|
||||||
cnBRTnYvYk5Kd3dMZXRrYXA3YzMrME0KtpMwDN2wTJumIyGcR/ww36VITWJ9DGvo
|
d2tnMXJPY2kxcFJKNDdWY1dVb3pYVVUKVCfLKncZvTagMZ5pLnzryIPxvILaXo9l
|
||||||
kf0QBL7cGbEQTlpcNAwD43Mb4Wakk5COK9qWbSsL1qy1UyaUWpqA/A==
|
I004nyoMSOasctN6+TbVV+qshTa4pTZsn3czjOgTMb3fg1QCVLLb8Q==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age1jpeh4s553taxkyxhzlshzqjfrtvmmp5lw0hmpgn3mdnmgzku332qe082dl
|
- recipient: age1w3jtd4lecn2ng8qxantw33qxl2uasfqfjfpx45u6uweexwtxyq4spwssmh
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBORTFacjRLVitKRDAxQ0lp
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBqcTBhemdHcEdrbTQ0SFVQ
|
||||||
cG9KNkhGOGo1UWtsU0lJa3BoNDBMQ3RncVNVCkVQbmJweElOQWl6UlQ2RlJpOGVY
|
K2h0MmpRZmNtTG9GWm1jaDFnT0grbmk2N0IwCkt4THh6OFRNdUltZEc2VXQ2a3Fs
|
||||||
anpISGlEZVZNZnZMczBKMmNoSnhOdG8KLS0tIHVvTWJ2LzFYQW5vUlliZGVTY2dN
|
alQyUW1NMGtVYVFtYzNNT3hYdzZEV2cKLS0tIGVyK0hPUWRPUFRCdGFscXFRVXB2
|
||||||
UVZPL1p4ZkQ1Z1pnMEkzU2x3b0tsdGsKVPnAAQd9RqYQW+TUJ+yMqdQIVUyjqvf+
|
QStyYVowM3NDZVErSzlkVGV1WXRndFEKdJdRlJp6W9ZgSihAwDnw75mnj1JtZns7
|
||||||
mcEbwNKI2ZHvGn86JzqJNGnBLy8kY742aQcKXv3ce8+R5zpMh2jchQ==
|
v9DG0nl9+O3Z+e7HXX/LKg7DhjizfNjrwXlh7YeuYvQqTS2Hw9F9KA==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
lastmodified: "2024-04-11T07:59:07Z"
|
lastmodified: "2024-04-11T11:56:37Z"
|
||||||
mac: ENC[AES256_GCM,data:qw4g+yKwgoOa2kS/tj1dryk1fAUfhsn0fxj6ZAFT3qrv92d81vvb1ioj5qqGFNArCe1/vnRxDuTB8Vv0cGwIAxQf9X6rNYJw9/QzxeVDL0pI8/EK+mz/SmFA6T6l9/2K15USLOzcFovqTzqoK9EqcI46jLKYH5jvZcH8B6K3OGU=,iv:YtTCXwza5zIMOlTIGD5f7/JronMPRnM0uLUYaeOahAw=,tag:0t0mCAunDrsxB34GVywaLg==,type:str]
|
mac: ENC[AES256_GCM,data:OEzJ9yXtbBf89s7d780P7Zy/bTH9WJbimuW7MPh4VVy0V+O23EEkEg+veCsJqNyqwCGZc7jfHkgBDglMKk/rcF6zYFOpxq359kLdXrbtdsb/74SRylN2ux7YwWMZNIlGN8eIMo4nqd/47SH4ALmH01DqztFjaXQZhe0tvUT1t0w=,iv:WVzo5MR7tmFqYGL0SpiDAkXkC3kS/+rUemw617bcR7Y=,tag:94M7kvTQjuO1dSdl9ytAGw==,type:str]
|
||||||
pgp: []
|
pgp: []
|
||||||
unencrypted_suffix: _unencrypted
|
unencrypted_suffix: _unencrypted
|
||||||
version: 3.8.1
|
version: 3.8.1
|
||||||
|
|
|
@ -11,6 +11,7 @@
|
||||||
./nfs
|
./nfs
|
||||||
./nix-serve
|
./nix-serve
|
||||||
./bind
|
./bind
|
||||||
|
./glances
|
||||||
|
./syncthing
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
system:
|
system:
|
||||||
networking:
|
networking:
|
||||||
dnscrypt-proxy2:
|
dnscrypt-proxy2:
|
||||||
forwarding-rules: ENC[AES256_GCM,data:OqEb7P7c62CRZ8oGa2q7g4fuVQmG2H4nLpxP6XxKC0i6ibOqrRMXj9smSorlTGtGhQEk28i3rXlTZblQObXYnXn2KWglZhmA2EDOZQ==,iv:XqdkpxdqFALb4nv2JVSagjPtcuSmUZ82k/OGzrRfkzs=,tag:fhmeV4AO4CcNSe1TLQ3uhg==,type:str]
|
forwarding-rules: ENC[AES256_GCM,data:XsHHK0gDDDi0Vjxytx64QXtX+CEb6BoPCbfg3TnAnpG6uFaor3/YEJHNnlmguVlThIjbXAf4B1TeJf1Mch95y3iN1EG2iw+ginzejXUFfWPahOOvKnnb+rXSsdiqX3bXKbmcx2IrSINKhQw=,iv:MMccx35r0sQz5irLHmeZLQbAFNZZq49nP7CKmMPLg+w=,tag:xCAKUdgPIpSKky0WTpsqKQ==,type:str]
|
||||||
sops:
|
sops:
|
||||||
kms: []
|
kms: []
|
||||||
gcp_kms: []
|
gcp_kms: []
|
||||||
|
@ -11,59 +11,59 @@ sops:
|
||||||
- recipient: age1lj5vmr02qkudvv2xedfj5tq8x93gllgpr6tzylwdlt7lud4tfv5qfqsd5u
|
- recipient: age1lj5vmr02qkudvv2xedfj5tq8x93gllgpr6tzylwdlt7lud4tfv5qfqsd5u
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJT1lrUUlRNjEwSGVEREVi
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXb0hRQjJKNEJncWRTUGw5
|
||||||
cHp3dHVQTXZyWXhWNmk1U0sybm5qdUM3aWdrCnJkZmZWVkg1S2Y5M1I5UGFNL3B3
|
QjRFSkk4WXVmdG9XNE03V2NYb0pnUCs5QVQ0Ck1aWVVGTmtmQ2pZVUVyRk83WXlI
|
||||||
V090RXUvdEtkNEhBS1BSUlpHbURkUDgKLS0tIEdSNGdWRyt4b1c3cFh1VFBZTktE
|
VkcyTis4UU1SOWdFTGRIOHhYQnhVdjQKLS0tIDRLS0dTNk9mOVByK1BTSm50SUds
|
||||||
Yzh5OWdvdTZwOEpnYnBRVzlGL01LNFUKPpXMygtxw4tOAKmboe8yxmiiRoDJhVkh
|
eVRPSkdFRGFUaWJZMzFjakt1aXVRYkUKmi3m1Shpz+nMJ0lGZ8/JBJQyZ4y/CWwL
|
||||||
4YY7sbpeoDYVwfuJmMkaKGfPWDr7REbxVzZDoyw8fFh/Ea0lcqVfbA==
|
yb2U4SZFEzBsxszKCBl0rk90Hpx7HduS0hDVauhmfWzpYzr55bEh9g==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age17edew3aahg3t5nte5g0a505sn96vnj8g8gqse8q06ccrrn2n3uysyshu2c
|
- recipient: age17edew3aahg3t5nte5g0a505sn96vnj8g8gqse8q06ccrrn2n3uysyshu2c
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxUjJGNFlmbk5PdldYOEM4
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJSFpKdTVBUUE0UjhRM3hK
|
||||||
eGZwaGJNdWdPZ3dpbE5CQWJRRFYyV3lPdGprCmZjQ1YwdUVra0ZvQmIzOC8zU1lU
|
NDB5KzNJOWozK3cySEZYbFdJSSsxTWdVWUJJCkJ5WjY4Y0xEY0RPcGplM0xsUWRY
|
||||||
VU1nQUU1ajhNOVdVNFVDbUR5TXlSZEUKLS0tIC9GZzJXS2VQck9zbk1kM3hhR2Nl
|
bWZEaFpBMnd6Rll3MVhlNi9pQlA5VGcKLS0tIFlSdVVLTzd5RGlPY2RSN2JRdldN
|
||||||
dFdjRzgvMVBCckFCdlFnWVAvTCtHSW8KaAMKb+P9TaavlrFt1esYlOO7XuQ4LTzl
|
UFdXSklWd3UwbHZlRVR4RmZ4VzF5aU0KsAwJJimAUcW7pGJfZ5RIHNHQtAwy0HZj
|
||||||
MlxgJIjgSGmOc4dRLK1fRFvcFRTRl+0LsqZT1OkE3wWLXr/ElN0OoA==
|
oaaeV704j6VtFUhv2Bcf8OYjA0dH8RIn8psYS0j2WCnNrC19q3Nwrw==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age1u4tht685sqg6dkmjyer96r93pl425u6353md6fphpd84jh3jwcusvm7mgk
|
- recipient: age1u4tht685sqg6dkmjyer96r93pl425u6353md6fphpd84jh3jwcusvm7mgk
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXT3UxYWRzaU5oRXZTYlIr
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5K3Q5VlNZaXVNdklybDF6
|
||||||
KzhQVklzN1ZzeXZuc0doOXErNjdwZitHb3dVCnpMaVRuZ2gxWFpSd2JyK1U4Sytr
|
QUFuNDZtOFJINzUxdWNLU0YxL3JQT1lJcjFrCnJoZ3Y5NFNMd3grTll2QktIQVhp
|
||||||
c2FBeTdBOGo4WGFyaDdqaHdPbGUyU2sKLS0tIG4yYWVoTm9oc2RtRW9XdCtORHda
|
Nkc5dU5uVks4MVlRVTM0S1RFVlo0aU0KLS0tIFFpV2w3M2xwU1k1ODVxVU5pMnpE
|
||||||
WVkyL1AzNGZ4YzNrYjRPYU9CMHpqeU0KESkMmihHwhh7oIW3mmmHJwFfdfEDWkI0
|
ZWp5ODJYVkZjekFkSTcvRU45MjZJcTQKCX9kK2wNXJJOLNJnDcvJ5zBumLZeU5Fe
|
||||||
WWA3656EKVXQ2s3bqUfeOS+6rPLmnU1bkXO5okWIG6j7BXyO+dPp/g==
|
2yUJJFfZe9mkzXz9++muE3LpBh9rlyXvnuOMD+0V3+Tgqbax0tA5qw==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age1cp6vegrmqfkuj8nmt2u3z0sur7n0f7e9x9zmdv4zygp8j2pnucpsdkgagc
|
- recipient: age1cp6vegrmqfkuj8nmt2u3z0sur7n0f7e9x9zmdv4zygp8j2pnucpsdkgagc
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBR1dDZUlWand0ZXNlZ005
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzcXZVK05oV1BRK3U1dHFp
|
||||||
WXU0djlkWHhIRnR5L0FNcEFZc25nNlMvelRJCkV0WERlS1A5L1RTUE1jSlNYb3hU
|
OVZoTlpDdm52SHFDZ1ZobldKM3IrTi8wYTEwCmhNNFlZc2NNejZwK1FxbEdvMFJC
|
||||||
YjNBMTY3d1JPNHdSaGxVSHhpR1J4dGsKLS0tIHpRYXdhR2Q4OGswNWthSXNCL0ht
|
M09DSFJKK0dyWk1mVXdHZDlnSS85R2cKLS0tIDdkZm1uaXR0U3NOWlJ6WDkrK2Zu
|
||||||
RE1YNnhzWXV0U3VLQkFOMTJINTE1eG8KcvhtqFq0ywMDxspOxq7hKoteU8rTixsi
|
RVZ2UUJ0RWo4UzlsSUhWejZySHFGZmsKOXFJVA3AHLgSyIPEn+RtDo0f2oNBUHuV
|
||||||
M0xrR9hSFDpytNqr1qv0hZIaIrl80GaBkzhogRaT8RDito01B5r7Fg==
|
pgjTtjD7bsrlCuhH/mMPFCHf7PH8XZA8PMDfU3hNvpVWxOB2io4RvA==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age1j2r8mypw44uvqhfs53424h6fu2rkr5m7asl7rl3zn3xzva9m3dcqpa97gw
|
- recipient: age1j2r8mypw44uvqhfs53424h6fu2rkr5m7asl7rl3zn3xzva9m3dcqpa97gw
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBrRVFYOXVpTVNpOXBiMGI2
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1WUMzeXFmcW5WcFdnOWZI
|
||||||
N1UxVjkxS2lvT2ZNUmF1cnFCb3Fsc283NVFRCllQR2wzclpGTjJjWjV4cW9mdmxQ
|
UDBYZyt4Y0hQRkhCaE9MMVducVBRU2szZENJCkFHNnJCc2Q4RlJlUlpKTnZLM0w2
|
||||||
TjRBaXdtbzg0dDZZcVU5UDZOMTBuR0EKLS0tIFg2UVhGbEYrRHVUT0I3UDFTUUpp
|
aTgxeUNCRmpWZ001UVRLNElwcWxUNkkKLS0tIFBFNnVOUldOcUVIVDk1TjgyRGJJ
|
||||||
YUpzKzUzRjhhc01ZL3dERUZ4R04ySmMKpZb+juKeLyo2oIg5ottWszJ56uiRbQaW
|
UlgrT0VwaGJISUxpeUxuS1hiamJsVTAKVZKDd0naQHxadHsd0eRNWqweRb/7z6Q1
|
||||||
BVdydsbyo/++odMEQzlIh+MHFaHioSSztyQ0el2WDzAkby1xK7iGOQ==
|
Mf3NbnkQOKTMILntxousk8ZszvDQVZ87wyZ3mzmGay1B2B19QrPkGQ==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age1jpeh4s553taxkyxhzlshzqjfrtvmmp5lw0hmpgn3mdnmgzku332qe082dl
|
- recipient: age1w3jtd4lecn2ng8qxantw33qxl2uasfqfjfpx45u6uweexwtxyq4spwssmh
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBueVJ2MGN3WVJFNXFSWUN5
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVb2R2YzV3eHF5UGNPZmE0
|
||||||
ZmVFWndCYTd6QWZKamQ2by8xT2xQTjFGS2lNCitsSzhUZWVQQzZiUUpDbUxtaEI3
|
MWcyK0NwNFdFVXpzbENFZkM1dDFMbElRUWg4Cm9ORXk5TCtzdXRxcEhQcURmaCtI
|
||||||
dFdyeGZUOE14MG9rVDRXRTJTdTFkbjgKLS0tIDlEM3hjUFR1YXVUZzdNc2tUdDNV
|
R1BRZVE0WHF6THh1VGhUVVEyTFZHemsKLS0tIFpGVFJGZFpSenVLNkloZlhvK0Nz
|
||||||
OVlPVVgySWNsZlVTcXBBVVhyUUVhdGMKrc7PnV32vHEcdOC5bPi/ZEEfwDkvwkIF
|
QThCYlc3N0ZtSnBES2dCWm1PMW42L00KSmKKlPDzs4sUYoVZOzW4pAsbQP4m2gu3
|
||||||
OJeCIpfOQ76aeV7Lsb5xSeDYkOFGEfsnvnayXABZjsp05Vz4Y6Qspw==
|
mPTtlyqZrSbhGSgtwEw8C+p+LZOqQXnelkhGb8I759TpR7DASrqP8Q==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
lastmodified: "2024-04-11T07:59:07Z"
|
lastmodified: "2024-04-11T23:56:52Z"
|
||||||
mac: ENC[AES256_GCM,data:qJxctGzBG+I9sb4NF0bRRf08C9ughPyvIxDk1lvG9ypbU9eqZ/sZXTbhyBvz8D68CfyouIjnZctsts/1urjZTBD0Z4C3eWtuwWtJTqnO4MzuiMLUCgpNaT1ouhCFKQSpaJbtF5ioo1eYZ/DuGRD04WDoFkuqhB9J/otveuh4+9A=,iv:Ly92+d3lcVSv2AMOnUjpqxsXMozlLYMfAG2DQGQRyYA=,tag:InW7hx7Yc3Qve/JCe2pq2Q==,type:str]
|
mac: ENC[AES256_GCM,data:z4v5yRXeB/MCa3ltyf9KZl6NEXqsiIfSmEzzZAJRchOreJ1aIjWj2te5DM0n/08iW2ijFi/bekpcsl3U+5UJkwAjA+82zlvRnw91ppmb7mtnojEq25yhpB6tAUXoimLmT21saY3PnrHx/DFeVqg/P6cX/pGo9iGB2izwH7oCfUI=,iv:NDr9ypPZlTXS5npdrRGCwI51zhU0qCkvEUZfx3JxhUU=,tag:v3NLWsekZlxRyLsCCNR/Vw==,type:str]
|
||||||
pgp: []
|
pgp: []
|
||||||
unencrypted_suffix: _unencrypted
|
unencrypted_suffix: _unencrypted
|
||||||
version: 3.8.1
|
version: 3.8.1
|
||||||
|
|
94
nixos/modules/nixos/services/glances/default.nix
Normal file
94
nixos/modules/nixos/services/glances/default.nix
Normal file
|
@ -0,0 +1,94 @@
|
||||||
|
{ pkgs
|
||||||
|
, config
|
||||||
|
, lib
|
||||||
|
, ...
|
||||||
|
}:
|
||||||
|
let
|
||||||
|
cfg = config.mySystem.services.glances;
|
||||||
|
app = "Glances";
|
||||||
|
in
|
||||||
|
with lib;
|
||||||
|
{
|
||||||
|
options.mySystem.services.glances =
|
||||||
|
{
|
||||||
|
enable = mkEnableOption "Glances system monitor";
|
||||||
|
monitor = mkOption
|
||||||
|
{
|
||||||
|
type = lib.types.bool;
|
||||||
|
description = "Enable gatus monitoring";
|
||||||
|
default = true;
|
||||||
|
|
||||||
|
};
|
||||||
|
addToHomepage = mkOption
|
||||||
|
{
|
||||||
|
type = lib.types.bool;
|
||||||
|
description = "Add to homepage";
|
||||||
|
default = true;
|
||||||
|
|
||||||
|
};
|
||||||
|
|
||||||
|
};
|
||||||
|
config = {
|
||||||
|
|
||||||
|
environment.systemPackages = with pkgs;
|
||||||
|
[ glances python310Packages.psutil hddtemp ];
|
||||||
|
|
||||||
|
# port 61208
|
||||||
|
systemd.services.glances = {
|
||||||
|
script = ''
|
||||||
|
${pkgs.glances}/bin/glances --enable-plugin smart --webserver --bind 0.0.0.0
|
||||||
|
'';
|
||||||
|
after = [ "network.target" ];
|
||||||
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
};
|
||||||
|
|
||||||
|
networking = {
|
||||||
|
firewall.allowedTCPPorts = [ 61208 ];
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
|
environment.etc."glances/glances.conf" = {
|
||||||
|
text = ''
|
||||||
|
[global]
|
||||||
|
check_update=False
|
||||||
|
|
||||||
|
[network]
|
||||||
|
hide=lo,docker.*
|
||||||
|
|
||||||
|
[diskio]
|
||||||
|
hide=loop.*
|
||||||
|
|
||||||
|
[containers]
|
||||||
|
disable=False
|
||||||
|
podman_sock=unix:///var/run/podman/podman.sock
|
||||||
|
|
||||||
|
[connections]
|
||||||
|
disable=True
|
||||||
|
|
||||||
|
[irq]
|
||||||
|
disable=True
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
mySystem.services.gatus.monitors = mkIf cfg.monitor [{
|
||||||
|
|
||||||
|
name = "${app} ${config.networking.hostName}";
|
||||||
|
group = "${app}";
|
||||||
|
url = "http://${config.networking.hostName}.${config.mySystem.internalDomain}:61208";
|
||||||
|
ping = "http://${config.networking.hostName}.${config.mySystem.internalDomain}:61208";
|
||||||
|
interval = "30s";
|
||||||
|
conditions = [ "[CONNECTED] == true" "[STATUS] == 200" "[RESPONSE_TIME] < 50" ];
|
||||||
|
}];
|
||||||
|
|
||||||
|
mySystem.services.homepage.infrastructure-services = mkIf cfg.addToHomepage [
|
||||||
|
{
|
||||||
|
"Glances ${config.networking.hostName}" = {
|
||||||
|
icon = "${app}.png";
|
||||||
|
href = "http://${config.networking.hostName}.${config.mySystem.internalDomain}:61208";
|
||||||
|
description = "System Monitoring";
|
||||||
|
container = "Infrastructure";
|
||||||
|
};
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
}
|
|
@ -1,7 +1,7 @@
|
||||||
system:
|
system:
|
||||||
mail:
|
mail:
|
||||||
maddy:
|
maddy:
|
||||||
envFile: ENC[AES256_GCM,data:O7Wj/RcP8aBWnhxhDrxwu3pZdXFtarqPvRIK5ijO33nIfZ7Lvuh/tJcriQAvu3kSQ+UwfURLI2z/1BPOsBx9T9J8gJvPUwT/9BbuuaTsAfQjf/mmF2tBWBLtJ16VL+omS8h0gJrzOw8Zi4HtRAnO6+IW7vvqdNqH/0KGKeINpNs/Dxs=,iv:DQDHphtI0I95V1E1EvcTfIktr0Q5hyGL46IHtIczLFY=,tag:yK/Bpwf6BgZK0KODps0/Mg==,type:str]
|
envFile: ENC[AES256_GCM,data:QIP7YvY/kYYkqwxwLsrRC6ptExf2tzw7/+t4fdkyDwOUqWM4dI0TpjKr1LXfASCjHrVwb2a6+iqt7N+9ievD4MsrEEsoRYMYIjOlpsmPiHam85ql5WJlfTbOy91VebN35Q2aThC2NmeGcptJ7UX7cigO2KcmYPa5i4evIE+grruoQhM=,iv:0x8ezgw3xDkhQRYbASpz4IAw4hE7nRzImB/5rrs63Rg=,tag:Azm6Fn1gwLibRh7wjD6rWw==,type:str]
|
||||||
sops:
|
sops:
|
||||||
kms: []
|
kms: []
|
||||||
gcp_kms: []
|
gcp_kms: []
|
||||||
|
@ -11,59 +11,59 @@ sops:
|
||||||
- recipient: age1lj5vmr02qkudvv2xedfj5tq8x93gllgpr6tzylwdlt7lud4tfv5qfqsd5u
|
- recipient: age1lj5vmr02qkudvv2xedfj5tq8x93gllgpr6tzylwdlt7lud4tfv5qfqsd5u
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1VkJURmFnSlBqRFMzR3Bv
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBEdFBMdFg0aVdXVTFWSHY4
|
||||||
VUVzeGV1UEdqOEZxQWFhTlR0ckhHNldBckNvCjFDbU80WmFTKzhPSkJoeWJoVU54
|
STNQcFM1VnVnNHhkVmhhMGZpb3V0ZnJBOGxzClcyQlBOMXo1UXRTYVkyQ1FxSU52
|
||||||
ZWNmbUljKzBqNWxIOVlNeVQrenNQRG8KLS0tIE03NUFxcGVueG1ueXdNZ0xsb1o5
|
K0h4SjJCUHdZcS8xQStSTFU3S0trTDAKLS0tIGV3WW8rOE8rSmhLc0MwYW9tVDZO
|
||||||
MWhmMTk4R0dUM2Nsb3o5dUlvZ1k1bE0KBXVMIte5E84vKgyEUgZdOfUasJNTN4US
|
ZGdpbmovK3NBMms1Yy9WTkk5eE9mem8KXnwaEyS2Ztwd8NVY9R+B70AwMukAeFmf
|
||||||
1IpvfJ98Upss6id5UhAgQSLEdnUJNjOjz38lxhufinbvxwsiuGzyHw==
|
3Gvj3C57EivrRLDTgot5Sh8TSni5VAlzXJPwwSfgEIiia4qiSUkkXg==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age17edew3aahg3t5nte5g0a505sn96vnj8g8gqse8q06ccrrn2n3uysyshu2c
|
- recipient: age17edew3aahg3t5nte5g0a505sn96vnj8g8gqse8q06ccrrn2n3uysyshu2c
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1OTdhekNmTVV4aDhQZ1I5
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB6YnlzaXRjMElRM1djdkNx
|
||||||
d2Faa3BJMlBab0YzdmNjTk5McGZvZzhMMlhvClF1K3lKV1VCTkRIRDQvZ2RQRDk5
|
UmprK3N2UmxyL295UmhoRC9DS2FvNGk4eEU4CkdiK0xVWWt6dWJEcHpjSHQ4elpq
|
||||||
cU9VZG1SZjN2b0MzWmZ6cEVCdUh0NlUKLS0tIHV0bXhFWkhoTEQrdzF2RkZnTmty
|
WHJhazhveUgxUW1ObWRmaTE4N1ZUMkUKLS0tIDVYekQ0OE1vSVl4YVFmZTV2VEl0
|
||||||
Y0IrcHhHcnpLT2Z5M2Q5YmVuWGhYSE0Ku8WrjvwEJZQXdLKoUvgZQZTM/akml0kO
|
amQ4NnU3WFRyc0FBTUk2NmZqdm9haVEKZ67m9O3CLBrF0U2q/1x1KQYx1gxs747t
|
||||||
lSTUMDfBqQLj5mXwwMLvffqNdiJjL3ONpyUHeyDlWQG6MRTY/kYjnA==
|
KDNfjNXQgIx3VI6xgIVOflzK4vePUWWQ4OMr3M5h5qSCKmHImIMCvQ==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age1u4tht685sqg6dkmjyer96r93pl425u6353md6fphpd84jh3jwcusvm7mgk
|
- recipient: age1u4tht685sqg6dkmjyer96r93pl425u6353md6fphpd84jh3jwcusvm7mgk
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxZUw4N3U0ei8rNUV4VCtv
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBMbUh2TFR5c3d6MWdmeHBr
|
||||||
ZEhpZEc4M2s2U0xlQTlTNjZWcnNMYkFndVE0ClpCaldTVFJobnZtSW5BK0M1RFI0
|
QjNpN1EyZTFINVc3b0xaMHB4dzdoWUVzUkJBCnBYKzhNRHF0L3JiSlpaM09STlg2
|
||||||
bW1PTy96cHl3NnZJQllNYzlMdy9lWm8KLS0tIHRKT0lGa0NGc0NRQ0wwY0ZseUlZ
|
V0RiYTRWUDhPV0xVK3d0VFFVeWZzemMKLS0tIE9kMys2QlZ5VFc1UnI5RTdSdVRX
|
||||||
N0RxTFdoUU1LdkdQcHg2OEIySHFVNDAKeXH3fzCqd5zoCNSykuNIp39S4Ntvrg8z
|
dmNZL3IrSFRSQXFnTTBzMVEwMVg3UlEKxf+eHlF4Lq5XbnT89fel8+332gYNKv0O
|
||||||
g8UgS8edE4q2/wzvhKh3yZXhEnyUfVPKzUFHVaVcIzaQmQitzF8kgQ==
|
toOh5OJvN591LAk/NFy32BYXuxL1Fj3AE6wFvpx5Bkl5UYrWmwbHjw==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age1cp6vegrmqfkuj8nmt2u3z0sur7n0f7e9x9zmdv4zygp8j2pnucpsdkgagc
|
- recipient: age1cp6vegrmqfkuj8nmt2u3z0sur7n0f7e9x9zmdv4zygp8j2pnucpsdkgagc
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBRazZyVmVDYXFuL28zTlZ1
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBON25iQlpWK290UkxHK0Fr
|
||||||
QTFIdTRlekZJUzcrZlc5NzhJUG83NWxpd1VRClVnalNWaVQ4NjB4V3lnSTUxOXRz
|
dWxCRnd5bEsxL0F1Q0NWd0NCV0ZJeFlXaUhNClVVTFhsZzIvRk5vQXpaSDdOT0VN
|
||||||
VTZkTCtPeVdpUEgrbTdxcllSTTBtOTgKLS0tIEpSK2ExT2pHNGh2SnpvMnBoenVG
|
UDFTTGF1N1VMU3g5ZTVUWStmRGtLQjQKLS0tIHV3ZkpnbHcwai84NS8xaVAwUG1G
|
||||||
Mno1dkxoc21wNGJpZ2pCSDZ2cGhSL2cKz568EszLyjw8GjZcvYB2uHkjUpN+owhn
|
TzlsSkdWZUF5TnNMRXFKL3dXN1Z6QzQK8JCT3nzdHwkpoQE3tvSPSzoRYd/gwdpr
|
||||||
2Hg3fsqFO/Q+pYEZ2uC4aPs2pVkoI3GN8AnvXpX1UdROlPpoZB4S8Q==
|
63jF28zhmEY8hoMxof6rfiqk9souAobIzwbnfW/CkF86L5iS/1iepQ==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age1j2r8mypw44uvqhfs53424h6fu2rkr5m7asl7rl3zn3xzva9m3dcqpa97gw
|
- recipient: age1j2r8mypw44uvqhfs53424h6fu2rkr5m7asl7rl3zn3xzva9m3dcqpa97gw
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtMzA5TlVRRjZrTm9mSkEv
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHSzdsa3Q0SUQ1RDBsN2s0
|
||||||
UVlRU0Z2dVRsbHE5WDVacXA4dUkrTDdxWjNvCkt5b3pFSDMxSkJvK1NBa3BEK1pQ
|
bnBPM0dwUFRoalVqS2d1bVVQbUNOaVh6M21jCm9VYlRydlZtV3MwZ1BPR2g4dThu
|
||||||
WmF3VlRDRlprRFNjRTN2NEZVMS9QZk0KLS0tIGxvdUhSdTlrNmlTejk1Q0xxUnJI
|
TW5hZHYyc1VFOW1YSURRN0RiRFJyR2sKLS0tIGF4NkZmQ1F0WTcwaFB0d3c1V0Zv
|
||||||
dlVRbEk3QU1kbmkxYmpiRFZMSnNua0EKup42WKbdn/e52YIys7Btt5dGbOS0C0t0
|
Ynduc3pCcEVhQmdoZWZvZDg2NXRWWHcK884kU6xQiLuJ8foQY2rdZHEWzqGo1FGd
|
||||||
r3ifAGANhSGm/47OGmrp3D3zBdDPJynt2DXjd+Z4eSpGyXlcNmKdSA==
|
/Xfj8A7EGJWOSdi/n4dJZ6AWB7Z6rPAAzNBr4Her1yckG7JVxv4Oww==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age1jpeh4s553taxkyxhzlshzqjfrtvmmp5lw0hmpgn3mdnmgzku332qe082dl
|
- recipient: age1w3jtd4lecn2ng8qxantw33qxl2uasfqfjfpx45u6uweexwtxyq4spwssmh
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBseXp5L2F0SmFYV3JRQkRy
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxa1RkMmtaS0pSOGU0bWJN
|
||||||
TGdQaVlETFVYODNORUxDRHh1UTJpZFI5S0c4CllNcGQweUUzR2Q0bE9ZL0dtWVY0
|
R283VWU1cSs2eGF3dkJVejI2RUhManJMRUNJCkpRV2NCYklzeVdYZ3VySzZ6MjBq
|
||||||
WUNMRk96YzdQdXc5SmxLSldEUDd4WlEKLS0tIE5HY1kzWXRxWGRRTEJnamlBbUhk
|
QTlpRWRDTUx2YjZIREhyb2pMcmFKeEkKLS0tIEtNKy9DQjJBa0VZeGxpUzI4TlJl
|
||||||
UEdsT0tsRnBWeGRTNHRtMEw1STFRRjgKEFLv+SdRAulVyQyUZKQjOKkg+nzqlnY7
|
THlORDQwdXJ3RGZmVTFtaWNlODhVYzAKKDvNETiOrLrrE6eiYM45c7JRa3UCx1iF
|
||||||
qvCpAqEciZbFVlpD/aaLQ58jP2Ly/t1aHQFcWnEIWuhPYXw+k1gmOQ==
|
soxcSqU7iKhr+bvo2X8idMQlwS9EhkPerFMWcON7ubcW4IznSMCXhQ==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
lastmodified: "2024-04-11T07:59:07Z"
|
lastmodified: "2024-04-11T11:56:37Z"
|
||||||
mac: ENC[AES256_GCM,data:bMDjOYp2S9uT4671XD4T5LRYgoVBftLLbpNKsmx7ALlgcbSpHHF64k8IiR+KgUeGPp7uNiMGe6BT3w4be//yWUxJVwydxjF/V56q/VkYa4SRU+PZZw8bUp/rE2RnczvJp6OwSt/dAmyFfY8UG9bhNOGWeBBfwjrgzS0pfzIyVJ0=,iv:p5tDvddXy0cApRfeQaYcEYEpqGYPDXl/TrayS9qcmCw=,tag:Khj3RUhrbFDtPtwE4BGNmQ==,type:str]
|
mac: ENC[AES256_GCM,data:QmlccYlL5IJD0OJ8CGfpma6fXSsrLISvBIlv8yvCFMitPnrFowWYzwN5EDOFIEGq1bIKef0tygBC2JDua+mH2xK5ZKftC9tTjhavZZpw4w3nWq1PP2zZWuPh2NmoSk1RtpQ760XTs1U+AloTJGIiCIUxhO/OT9fLo8WW2GyMJ1A=,iv:zXfkO1vJc1EtKgOz3Qs8BtwFQPGCvvWzLu60seO04WM=,tag:kzUS6IPrz4I2ke8kVviPgA==,type:str]
|
||||||
pgp: []
|
pgp: []
|
||||||
unencrypted_suffix: _unencrypted
|
unencrypted_suffix: _unencrypted
|
||||||
version: 3.8.1
|
version: 3.8.1
|
||||||
|
|
|
@ -22,7 +22,7 @@ in
|
||||||
mountConfig = {
|
mountConfig = {
|
||||||
Options = "noatime";
|
Options = "noatime";
|
||||||
};
|
};
|
||||||
what = "daedalus:/tank";
|
what = "daedalus.${config.mySystem.internalDomain}:/tank";
|
||||||
where = "/mnt/nas";
|
where = "/mnt/nas";
|
||||||
}];
|
}];
|
||||||
|
|
||||||
|
|
|
@ -31,6 +31,11 @@ in
|
||||||
virtualisation.oci-containers = {
|
virtualisation.oci-containers = {
|
||||||
backend = "podman";
|
backend = "podman";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
environment.systemPackages = with pkgs; [
|
||||||
|
podman-tui # status of containers in the terminal
|
||||||
|
];
|
||||||
|
|
||||||
networking.firewall.interfaces.podman0.allowedUDPPorts = [ 53 ];
|
networking.firewall.interfaces.podman0.allowedUDPPorts = [ 53 ];
|
||||||
|
|
||||||
# extra user for containers
|
# extra user for containers
|
||||||
|
|
39
nixos/modules/nixos/services/syncthing/default.nix
Normal file
39
nixos/modules/nixos/services/syncthing/default.nix
Normal file
|
@ -0,0 +1,39 @@
|
||||||
|
{ lib
|
||||||
|
, config
|
||||||
|
, pkgs
|
||||||
|
, ...
|
||||||
|
}:
|
||||||
|
with lib;
|
||||||
|
let
|
||||||
|
cfg = config.mySystem.services.syncthing;
|
||||||
|
in
|
||||||
|
{
|
||||||
|
options.mySystem.services.syncthing.enable = mkEnableOption "Syncthing";
|
||||||
|
options.mySystem.services.syncthing.openFirewall = mkEnableOption "Syncthing" // { default = true; };
|
||||||
|
|
||||||
|
config = mkIf cfg.enable {
|
||||||
|
|
||||||
|
services.syncthing = {
|
||||||
|
enable = true;
|
||||||
|
group = "users";
|
||||||
|
guiAddress = "0.0.0.0:8384";
|
||||||
|
settings.options.urAccepted = -1; # decline telemetry
|
||||||
|
openDefaultPorts = cfg.openFirewall;
|
||||||
|
|
||||||
|
};
|
||||||
|
|
||||||
|
mySystem.services.traefik.routers = [{
|
||||||
|
http.routers.syncthing = {
|
||||||
|
rule = "Host(`syncthing.${config.mySystem.domain}`)";
|
||||||
|
entrypoints = "websecure";
|
||||||
|
middlewares = "local-ip-only@file";
|
||||||
|
service = "syncthing";
|
||||||
|
};
|
||||||
|
http.routers.syncthing.loadbalancer.server = {
|
||||||
|
port = "8384";
|
||||||
|
};
|
||||||
|
}];
|
||||||
|
|
||||||
|
|
||||||
|
};
|
||||||
|
}
|
|
@ -7,38 +7,22 @@
|
||||||
with lib;
|
with lib;
|
||||||
let
|
let
|
||||||
cfg = config.mySystem.services.traefik;
|
cfg = config.mySystem.services.traefik;
|
||||||
|
routersFile = builtins.toFile "routers.yaml" (builtins.toJSON cfg.routers);
|
||||||
|
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
options.mySystem.services.traefik.enable = mkEnableOption "Traefik reverse proxy";
|
options.mySystem.services.traefik = {
|
||||||
|
enable = mkEnableOption "Traefik reverse proxy";
|
||||||
|
routers = lib.mkOption {
|
||||||
|
type = lib.types.listOf lib.types.attrs;
|
||||||
|
description = "Routers to add to traefik";
|
||||||
|
default = [ ];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
config = mkIf cfg.enable {
|
config = mkIf cfg.enable {
|
||||||
|
|
||||||
lib.mySystem.mkTraefikLabels = options: (
|
|
||||||
let
|
|
||||||
inherit (options) name;
|
|
||||||
subdomain = if builtins.hasAttr "subdomain" options then options.subdomain else options.name;
|
|
||||||
# created if port is specified
|
|
||||||
service = if builtins.hasAttr "service" options then options.service else options.name;
|
|
||||||
middleware = if builtins.hasAttr "middleware" options then options.middleware else "local-ip-only@file";
|
|
||||||
in
|
|
||||||
{
|
|
||||||
"traefik.enable" = "true";
|
|
||||||
"traefik.http.routers.${name}.rule" = "Host(`${options.name}.${config.networking.domain}`)";
|
|
||||||
"traefik.http.routers.${name}.entrypoints" = "websecure";
|
|
||||||
"traefik.http.routers.${name}.middlewares" = "${middleware}";
|
|
||||||
} // lib.attrsets.optionalAttrs (builtins.hasAttr "port" options) {
|
|
||||||
"traefik.http.routers.${name}.service" = service;
|
|
||||||
"traefik.http.services.${service}.loadbalancer.server.port" = "${builtins.toString options.port}";
|
|
||||||
} // lib.attrsets.optionalAttrs (builtins.hasAttr "scheme" options) {
|
|
||||||
"traefik.http.routers.${name}.service" = service;
|
|
||||||
"traefik.http.services.${service}.loadbalancer.server.scheme" = "${options.scheme}";
|
|
||||||
} // lib.attrsets.optionalAttrs (builtins.hasAttr "service" options) {
|
|
||||||
"traefik.http.routers.${name}.service" = service;
|
|
||||||
}
|
|
||||||
);
|
|
||||||
|
|
||||||
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
||||||
|
|
||||||
sops.secrets."system/services/traefik/apiTokenFile".sopsFile = ./secrets.sops.yaml;
|
sops.secrets."system/services/traefik/apiTokenFile".sopsFile = ./secrets.sops.yaml;
|
||||||
|
@ -56,6 +40,7 @@ in
|
||||||
users.users.truxnell.extraGroups = [ config.services.traefik.group ];
|
users.users.truxnell.extraGroups = [ config.services.traefik.group ];
|
||||||
|
|
||||||
services.traefik = {
|
services.traefik = {
|
||||||
|
# TODO refactor into subfiles
|
||||||
enable = true;
|
enable = true;
|
||||||
group = "podman"; # podman backend, required to access socket
|
group = "podman"; # podman backend, required to access socket
|
||||||
|
|
||||||
|
@ -76,12 +61,18 @@ in
|
||||||
# Allow backend services to have self-signed certs
|
# Allow backend services to have self-signed certs
|
||||||
serversTransport.insecureSkipVerify = true;
|
serversTransport.insecureSkipVerify = true;
|
||||||
|
|
||||||
providers.docker = {
|
providers = {
|
||||||
endpoint = "unix:///var/run/podman/podman.sock";
|
docker = {
|
||||||
# endpoint = "tcp://127.0.0.1:2375";
|
endpoint = "unix:///var/run/podman/podman.sock";
|
||||||
exposedByDefault = false;
|
exposedByDefault = false;
|
||||||
defaultRule = "Host(`{{ normalize .Name }}.${config.networking.domain}`)";
|
defaultRule = "Host(`{{ normalize .Name }}.${config.mySystem.domain}`)";
|
||||||
# network = "proxy";
|
# network = "proxy";
|
||||||
|
};
|
||||||
|
file = {
|
||||||
|
filename = routersFile;
|
||||||
|
watch = true;
|
||||||
|
};
|
||||||
|
|
||||||
};
|
};
|
||||||
|
|
||||||
# Listen on port 80 and redirect to port 443
|
# Listen on port 80 and redirect to port 443
|
||||||
|
@ -96,8 +87,8 @@ in
|
||||||
http = {
|
http = {
|
||||||
tls = {
|
tls = {
|
||||||
certresolver = "letsencrypt";
|
certresolver = "letsencrypt";
|
||||||
domains.main = "${config.networking.domain}";
|
domains.main = "${config.mySystem.domain}";
|
||||||
domains.sans = "*.${config.networking.domain}";
|
domains.sans = "*.${config.mySystem.domain}";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
http3 = { };
|
http3 = { };
|
||||||
|
@ -173,11 +164,11 @@ in
|
||||||
http.routers = {
|
http.routers = {
|
||||||
traefik = {
|
traefik = {
|
||||||
entrypoints = "websecure";
|
entrypoints = "websecure";
|
||||||
rule = "Host(`traefik.${config.networking.domain}`)";
|
rule = "Host(`traefik-${config.networking.hostName}.${config.mySystem.domain}`)";
|
||||||
tls.certresolver = "letsencrypt";
|
tls.certresolver = "letsencrypt";
|
||||||
tls.domains = [{
|
tls.domains = [{
|
||||||
main = "${config.networking.domain}";
|
main = "${config.mySystem.domain}";
|
||||||
sans = "*.${config.networking.domain}";
|
sans = "*.${config.mySystem.domain}";
|
||||||
}];
|
}];
|
||||||
middlewares = "local-ip-only@file";
|
middlewares = "local-ip-only@file";
|
||||||
service = "api@internal";
|
service = "api@internal";
|
||||||
|
@ -190,11 +181,12 @@ in
|
||||||
{
|
{
|
||||||
Traefik = {
|
Traefik = {
|
||||||
icon = "traefik.png";
|
icon = "traefik.png";
|
||||||
href = "https://traefik.${config.networking.domain}/dashboard/";
|
href = "https://traefik.${config.mySystem.domain}/dashboard/";
|
||||||
|
ping = "https://traefik.${config.mySystem.domain}/dashboard/";
|
||||||
description = "Reverse Proxy";
|
description = "Reverse Proxy";
|
||||||
widget = {
|
widget = {
|
||||||
type = "traefik";
|
type = "traefik";
|
||||||
url = "https://traefik.${config.networking.domain}";
|
url = "https://traefik.${config.mySystem.domain}";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
@ -204,7 +196,7 @@ in
|
||||||
|
|
||||||
name = "traefik";
|
name = "traefik";
|
||||||
group = "infrastructure";
|
group = "infrastructure";
|
||||||
url = "https://traefik.${config.networking.domain}";
|
url = "https://traefik.${config.mySystem.domain}";
|
||||||
interval = "30s";
|
interval = "30s";
|
||||||
conditions = [ "[CONNECTED] == true" "[STATUS] == 200" "[RESPONSE_TIME] < 50" ];
|
conditions = [ "[CONNECTED] == true" "[STATUS] == 200" "[RESPONSE_TIME] < 50" ];
|
||||||
}];
|
}];
|
||||||
|
|
|
@ -1,8 +1,8 @@
|
||||||
system:
|
system:
|
||||||
services:
|
services:
|
||||||
#ENC[AES256_GCM,data:YEM+PywM4mm+0BlFscjwyDRdQLzJR2E11RumZ3NFJzjz7vyD+yZQI3dC5mIAFEI3ZmPNtxadtvGvQIIMs5XdHf3bm3lcVX2bsMfqWQ==,iv:4JhcykwwFc98iMXZZp9gBX13TFyic1kVKmimsT5a9q0=,tag:8TpvQcQQgoCD+z4+lNcduQ==,type:comment]
|
#ENC[AES256_GCM,data:XPfrPhKBn7rS7oL1ob3KqOuGprzSsdfnEKHm8ep6Lr2qWgKUpnLyiOqkPapooPO0E2RnHXDv1GeLpl6+NbHQRWUCcfP0ypEko0ZZPw==,iv:R/sUawRMIts93Gdz8dRBJz7VWdK3nFXQfaGk+rWXK2c=,tag:xwONcjRqD05CiSyg8u7Yvw==,type:comment]
|
||||||
traefik:
|
traefik:
|
||||||
apiTokenFile: ENC[AES256_GCM,data:BoFswFKyWhg2nAkdQ8eNW0+rWSMeIKvc/p0e/7ZHOsiltI/vgcYGQdz97mvwh2zck7OUvYRJbKZQ/W2bLmSZSmPScd1+drbKGPdo8s/K1KZSlqhfk4ldXqr9kpI+QV6FUw==,iv:mupO6Dj0lXafJK4+vXp85PlkVJLRP8HuQ4Jfj/EhcIs=,tag:CPhKdlAvtBtAs/IFZq+ZFw==,type:str]
|
apiTokenFile: ENC[AES256_GCM,data:qFz1VRqM6Jfu33ImmglKp2L1WihYbZE86zx0BuXvgUSLrHodcgQ8ft8vpy0ur+I8I0i2/HLNKSrdz9bAdfDWdqqBpLwQA5SSu3pod/pxXTMvVEqZqYGwvXD24SifSHLKLA==,iv:YXah2ezPGDVJ9FWL5TJdqIT/ZPSEW6MxlKSqb33MNzE=,tag:UjJOl0g1UltdGicLDxqJQA==,type:str]
|
||||||
sops:
|
sops:
|
||||||
kms: []
|
kms: []
|
||||||
gcp_kms: []
|
gcp_kms: []
|
||||||
|
@ -12,59 +12,59 @@ sops:
|
||||||
- recipient: age1lj5vmr02qkudvv2xedfj5tq8x93gllgpr6tzylwdlt7lud4tfv5qfqsd5u
|
- recipient: age1lj5vmr02qkudvv2xedfj5tq8x93gllgpr6tzylwdlt7lud4tfv5qfqsd5u
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDYzFWUDduWnNZNVFHd0VC
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVME1FckowdTFIaFByNFk4
|
||||||
aFM4aTR2N2xTQ1FXcFU1NXRjZHNoanVxc3o0Cml1MHFxcU1oSXZSWGhLTDQwRjBS
|
cHM4WnprZk55WUdlcUlkcSsxQXIrRjloTXhJCm1GMWw4UGU4WnpaQmUycUxCci9i
|
||||||
SFlkYW1LZUhpUU5Kd014b3ErL2tVbGMKLS0tIFVIaXIvZXNWMlhsdC9YME5lK0JT
|
WmtmbzdPSTZ5Q2l6QTZVdHkxajlpTE0KLS0tIDVxQ1ZMaFlSS3d0akQ1UDM5TFJG
|
||||||
NXFtV01BVG90dGpqT1YvTFlhZGdHZnMKMgARGl+FIQRafv5n9H54jdtD9K82J8b+
|
T096em14d1FRUjF3dm85MkthRVh6UnMKelOf2qNobndcxX5QR+iTt4sSIsngRbvj
|
||||||
uXXJgLas5GKc5dPKUuMXIGgYQjuDKbpn9282OhXBeNXtxhk6LPiHcw==
|
wy6W5s53x2bqe4K21RSNhAUkUO3AshotN/caiYKzYx/kBZk2kRcVXw==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age17edew3aahg3t5nte5g0a505sn96vnj8g8gqse8q06ccrrn2n3uysyshu2c
|
- recipient: age17edew3aahg3t5nte5g0a505sn96vnj8g8gqse8q06ccrrn2n3uysyshu2c
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNemtaYlNCWm9ReXozU2dt
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwTHczMFY1Rm5IQlV0TTJV
|
||||||
VGVRa1YzRU5qV2xueFFGZXJwNGVuUXdXVDNBCnp2WnZmMUVvZmk1Tnc2dGRrTVJV
|
Sk5lKyswTlBteVZRRVE0TWY2Zm5uNXFjalNZCmVVU3FQZENSOUNtb0FGbEtqSmtG
|
||||||
KzdjQkZRdU9pRXUxay9KcVVkTlhma1UKLS0tIG5vZmt6LzkwUG9adnVxUmRZVE8w
|
SnYyNEgyeDIvaW94U0wyV2dFd3g2VFUKLS0tIDN0Vmg2RjNkanp4b2wvK1RVbTU1
|
||||||
cnBCTFl2ZmFaa0RMa3BGK1lSRlZHNzAKytTZsl1Qs1Ln5lUFsWf4B3sTtMNUjQsn
|
ZzQ4Q2VLNXI0M3hXL1pyV2gvbzhuUTgK4MjauT0PDEBn9HJicK3J8FXamsoSdqGA
|
||||||
zOWT/aL5EkDhKYI5afpaMLdgjrZNcUn53UTsN1QqGJfN9xz8I87VMQ==
|
5F0E6ettiC80jYV7Cp48cyQ1vo18glFSvQ1IrJ1x0z5Oznr+ZPXK2g==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age1u4tht685sqg6dkmjyer96r93pl425u6353md6fphpd84jh3jwcusvm7mgk
|
- recipient: age1u4tht685sqg6dkmjyer96r93pl425u6353md6fphpd84jh3jwcusvm7mgk
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4VVovZ0Nuc2kxQTgzWVAy
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDOFpvYnRWY2F1bTAvbmpC
|
||||||
bCtRMDVlOHJ6R09wMDN1NHRVc0dKQW1FSEJVCjNpQ0dUbGdEWDhKTFBEdUQ3Qm9N
|
SEh2SmhaeEVEK2ZLbzBPeE1YVlkxM1FlQTBRClRNRWNZQ3BZcVE0VTF0bDUwWk1k
|
||||||
RGZ4ZmJ6b3Q4YUl6b084dE50QkVIMmMKLS0tIGt0SGNsYUUzRTBwbGNnR1VPQVBa
|
Q1l5RWtYSy93V09EeGUxcVBzOVd0eDAKLS0tIDd3QlBQcHovWDlsdEg3eDlmVWtn
|
||||||
YmJtbEF5NW9Od2RTcjNra09JNERwYkEKL3yA04+igcbuwc01x7vx9DcnoUL34YHo
|
OUhNMWxENzhqNmdaZTFkQWNVM3I0cW8KKeEKoG+e+rClRk8bWWtdGEjcyYiIPF3u
|
||||||
P6t+eTnKP7d0TmFHSieKSKu6Kk4rzeFVoQCkxlsyjrSNtht3QCj91g==
|
24flOm0iStrfy4b0Cf33sTzozFR6cdG3DZ1bqQLR3rwKAh9XdWbAhg==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age1cp6vegrmqfkuj8nmt2u3z0sur7n0f7e9x9zmdv4zygp8j2pnucpsdkgagc
|
- recipient: age1cp6vegrmqfkuj8nmt2u3z0sur7n0f7e9x9zmdv4zygp8j2pnucpsdkgagc
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBCTkdNdEdPcGhCRkFHVlR2
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBjakxOcDBvcm05ckYzekIw
|
||||||
bVpKZXZDNjMxdjkzVGJEMFVHUDdMRUczOEVRCnlUeTFzaTdOa01rdVhNS3pTWEs4
|
Mm54a1k2U0Q3SkNtWVpqNGlnOWprK21lbVFnCnNZa0FReG54MFhPQVJESmM5eklS
|
||||||
YnNPdGNKbkdJUTZpR2RmbGhqTkdZcXMKLS0tIHlwK0Yzdm9SSWtycTU1Wm1OSHRn
|
Zlpxeml3QnZVY2V1U1VRRXJsd05jajgKLS0tIGYxTjZkNk40eG91aHZOa1AvWHl5
|
||||||
b0pBdUxtcVlsc2NDTlRBUTd1b25oajQKFnpXnZ/8PmXD65oICcYpyAj0Op0nDSRH
|
L2JqS0FjVzF1a1dZb29lM2dIVitiVWcKtyN9D5aqvwr5wKI7cZ+6ARZ2ntFN77bb
|
||||||
0hCWLscdq6KQiyG6Zi0/EQXHhXDc8PJbMHgGQ1rn3tqWhXozOP9ZTQ==
|
xRS99lmHiOzEHoDK7KaU0trdeCLiUCGdVUye8RgPbe/SUXa8Nb36pw==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age1j2r8mypw44uvqhfs53424h6fu2rkr5m7asl7rl3zn3xzva9m3dcqpa97gw
|
- recipient: age1j2r8mypw44uvqhfs53424h6fu2rkr5m7asl7rl3zn3xzva9m3dcqpa97gw
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJM2NmMzc5K2ZwZTVlSXZq
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWWERTcWZNZlM2Wm10aUps
|
||||||
YkdzRWttdWZPQjBFaDh4UGUwZFFRVDlETFUwCk83emxCS0dXWitCV0hHZWphdnpF
|
dGQ5eEFVTkVBYVJCdlN5WFZKUUI4MzBwL1I0CnAxbUNocHFCZFZHRnVmbzhwd0xY
|
||||||
R3dLQlZRenpsRlkweS85dnpGSzVITGsKLS0tIGlEWUM2SmowbUdhcVgrRitaUkVL
|
aGcyelVJREh5MzBSUXNKaklXdGRFb1kKLS0tIFRvLzhsNFNvNGVvZWFPVXVFTC9H
|
||||||
Q3ZaaS81TjQ1MTE4ZVUwR01VUTNnMVUKlyPkDLQmkT2B6+ud0yrrTEbuHqaEQN4f
|
NGQ5ZTk2dFVKNGdiQTJaNjZtR0d3YjgKz2AluV3wR0Cz7bJEXAUqBwHbdk7zmD5P
|
||||||
7ABgPx3GHrqgbZY/Xi1R75NiQ9n7+TGoB3v7AAjc+xc4b90yRuyx1g==
|
nux9nLQfoD9YDfbp2DIBDktHPL5KjY5H4/zn+Obo3fPeq+PrZMNZZw==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age1jpeh4s553taxkyxhzlshzqjfrtvmmp5lw0hmpgn3mdnmgzku332qe082dl
|
- recipient: age1w3jtd4lecn2ng8qxantw33qxl2uasfqfjfpx45u6uweexwtxyq4spwssmh
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBpSk9lUTNGUFJaK3psT1Zj
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5WDhQckJCdW1tTXBEalE5
|
||||||
Y0h2akx6SktqOSs1ckRRL29YNkxIcHhVdmxnCmZSeWdtckFQMHNtZUxEN1FNSnR2
|
VTJNL3dJWlIzMm9LTjVaUFl3SlNNVERwM3lRCmhCT25UWkxCYkdUNytjUjZCVWF2
|
||||||
VmxjR0ptT01FYjBRRGRZMjdSS3ZEcDQKLS0tIERpWmcxSHM2a3FhRy8zOTdmaEtC
|
NjY5ZU5xWkxRZ2tIUzRNTzl4Mk5RK3cKLS0tIGxJamh0SnJIZWIxTjZzSEtHaXdy
|
||||||
blZJb3F4MTdoQVIyRVo1RnVCR3FYelEKYDXcpDVDrf/VYTEzNAM/XHkrx9cLkdC5
|
M1V2S01iclNnMzZta2lYY29HM1dMVXMK6omDe7Pgb57Q/zA6KUQV3mt/QQN3NlUZ
|
||||||
OCGfMqoqJPHZn4tGJOD2FpfZK8AVhih73gZKAHItDizm2aBuaT5yig==
|
QESTtrrtDveuK/GBeiTQZpOdetYja3V2UHnePR5IHuMw3QexIKUlKw==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
lastmodified: "2024-04-11T07:59:07Z"
|
lastmodified: "2024-04-11T11:56:37Z"
|
||||||
mac: ENC[AES256_GCM,data:jpvoc5aacRAYifmVljRBZ2p8uXaeUiIbflGyjaYxVIy25N5Fa4v3wQOqmC1VGaSoOIMmx0Bt+p8ihdvhf2ihRwLF/L/jO+oSl0EiVqrx+u6xIXB19jD0flvw8d4lTE4E2DTxqvPGwGAOAp5g2fstdPAbrkDY+3/f6PMhlbvlPFw=,iv:T3HESCilOJ1S2cntErmaFmBhrLLmLRC2cFZN8gUFAUU=,tag:qXgobz+R/rDsrYs2wQhQQA==,type:str]
|
mac: ENC[AES256_GCM,data:ZIOBc6KR2K5ttfx3EvZTL4Iod8aJCxHB90g+5cIMG0Cx5X6sf9RNVznab7/fTuCDcqEzG9KOrWhaSI1fx8NN1xbNY3GZ3iKFa8NEXlg6mO+7Kyir9GPBQaRTjCAUVKQnCukEq/50KPQsFRETyx4lOt9VFnd1GXpc1QgIXg8jnaQ=,iv:+TQstFomD658x6QYyY49Y7y2CduD16Bl8uhcIW09g6Y=,tag:bcfwfk3xfQsXom44OJq81g==,type:str]
|
||||||
pgp: []
|
pgp: []
|
||||||
unencrypted_suffix: _unencrypted
|
unencrypted_suffix: _unencrypted
|
||||||
version: 3.8.1
|
version: 3.8.1
|
||||||
|
|
|
@ -7,7 +7,5 @@
|
||||||
./nix.nix
|
./nix.nix
|
||||||
./zfs.nix
|
./zfs.nix
|
||||||
./nfs
|
./nfs
|
||||||
./impermanence
|
|
||||||
|
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
|
@ -28,7 +28,7 @@ in
|
||||||
security = {
|
security = {
|
||||||
sudo.wheelNeedsPassword = cfg.wheelNeedsSudoPassword;
|
sudo.wheelNeedsPassword = cfg.wheelNeedsSudoPassword;
|
||||||
# Don't bother with the lecture or the need to keep state about who's been lectured
|
# Don't bother with the lecture or the need to keep state about who's been lectured
|
||||||
security.sudo.extraConfig = "Defaults lecture=\"never\"";
|
sudo.extraConfig = "Defaults lecture=\"never\"";
|
||||||
|
|
||||||
pam.enableSSHAgentAuth = cfg.sshAgentAuth.enable;
|
pam.enableSSHAgentAuth = cfg.sshAgentAuth.enable;
|
||||||
|
|
||||||
|
|
|
@ -2,8 +2,6 @@
|
||||||
, ...
|
, ...
|
||||||
}:
|
}:
|
||||||
{
|
{
|
||||||
# deploy-rs overlay
|
|
||||||
deploy-rs = inputs.deploy-rs.overlays.default;
|
|
||||||
|
|
||||||
nur = inputs.nur.overlay;
|
nur = inputs.nur.overlay;
|
||||||
|
|
||||||
|
|
|
@ -9,38 +9,44 @@ with lib;
|
||||||
# Not sure at this point a good way to manage globals in one place
|
# Not sure at this point a good way to manage globals in one place
|
||||||
# without mono-repo config.
|
# without mono-repo config.
|
||||||
|
|
||||||
|
|
||||||
imports =
|
imports =
|
||||||
[
|
[
|
||||||
(modulesPath + "/installer/scan/not-detected.nix") # Generated by nixos-config-generate
|
(modulesPath + "/installer/scan/not-detected.nix") # Generated by nixos-config-generate
|
||||||
./global
|
./global
|
||||||
];
|
];
|
||||||
|
|
||||||
mySystem = {
|
options.mySystem.system.impermanence = {
|
||||||
|
enable = mkEnableOption "impermanence";
|
||||||
# basics for all devices
|
# explicitly specify ssh path key
|
||||||
time.timeZone = "Australia/Melbourne";
|
# just so I can track where sops-nix needs to find it
|
||||||
security.increaseWheelLoginLimits = true;
|
sshPath = mkOption {
|
||||||
system.packages = [ pkgs.bat ];
|
type = types.str;
|
||||||
|
default = "/etc/ssh";
|
||||||
# Lets see if fish everywhere is OK on the pi's
|
};
|
||||||
# TODO decide if i drop to bash on pis?
|
|
||||||
shell.fish.enable = true;
|
|
||||||
# But wont enable plugins globally, leave them for workstations
|
|
||||||
};
|
};
|
||||||
|
|
||||||
environment.systemPackages = with pkgs; [
|
config = {
|
||||||
curl
|
mySystem = {
|
||||||
wget
|
|
||||||
dnsutils
|
|
||||||
];
|
|
||||||
|
|
||||||
|
# basics for all devices
|
||||||
|
time.timeZone = "Australia/Melbourne";
|
||||||
|
security.increaseWheelLoginLimits = true;
|
||||||
|
system.packages = [ pkgs.bat ];
|
||||||
|
domain = "trux.dev";
|
||||||
|
internalDomain = "l.voltaicforge.com";
|
||||||
|
|
||||||
|
shell.fish.enable = true;
|
||||||
|
# But wont enable plugins globally, leave them for workstations
|
||||||
|
};
|
||||||
|
|
||||||
networking.useDHCP = lib.mkDefault true;
|
environment.systemPackages = with pkgs; [
|
||||||
networking.domain = "trux.dev"; # TODO make variable
|
curl
|
||||||
|
wget
|
||||||
|
dnsutils
|
||||||
|
];
|
||||||
|
|
||||||
|
networking.useDHCP = lib.mkDefault true;
|
||||||
|
networking.domain = config.mySystem.domain;
|
||||||
|
};
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -30,14 +30,12 @@
|
||||||
"https://cache.garnix.io"
|
"https://cache.garnix.io"
|
||||||
"https://nix-community.cachix.org"
|
"https://nix-community.cachix.org"
|
||||||
"https://numtide.cachix.org"
|
"https://numtide.cachix.org"
|
||||||
"https://deploy-rs.cachix.org"
|
|
||||||
];
|
];
|
||||||
|
|
||||||
trusted-public-keys = [
|
trusted-public-keys = [
|
||||||
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
|
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
|
||||||
"numtide.cachix.org-1:2ps1kLBUWjxIneOy1Ik6cQjb41X0iXVXeHigGmycPPE="
|
"numtide.cachix.org-1:2ps1kLBUWjxIneOy1Ik6cQjb41X0iXVXeHigGmycPPE="
|
||||||
"cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g="
|
"cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g="
|
||||||
"deploy-rs.cachix.org-1:xfNobmiwF/vzvK1gpfediPwpdIP0rpDV2rYqx40zdSI="
|
|
||||||
];
|
];
|
||||||
|
|
||||||
# Fallback quickly if substituters are not available.
|
# Fallback quickly if substituters are not available.
|
||||||
|
|
66
nixos/profiles/global/secrets.sops.yaml
Normal file
66
nixos/profiles/global/secrets.sops.yaml
Normal file
|
@ -0,0 +1,66 @@
|
||||||
|
truxnell-password: ENC[AES256_GCM,data:/ZLxonyxqLLRJvVSuPczEkeiOaY/Z/1pmtwnOl8HQAds/hAnTWzVnfaovOP5KbsrS5GohTbHTAL80NOBflB1vZz+pWzhKVBbqQxnmYXGpp3jdO7q6Vo9yKPTnu4ClkFkN2QkX4xmUgSIRQ==,iv:xMhbcgBwqjCeKx0ZfTwORonxaFNZZ9yzBb2F27s0KO0=,tag:legRUJEC2ZXWTHCF0Kb7DA==,type:str]
|
||||||
|
sops:
|
||||||
|
kms: []
|
||||||
|
gcp_kms: []
|
||||||
|
azure_kv: []
|
||||||
|
hc_vault: []
|
||||||
|
age:
|
||||||
|
- recipient: age1lj5vmr02qkudvv2xedfj5tq8x93gllgpr6tzylwdlt7lud4tfv5qfqsd5u
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkR0xqVzZsZzN4VEFsbXJn
|
||||||
|
RW1uNjJqNjVUcjN5c3Z3RkRMbUpERzRidVZBCjdLYis2TzdnMkJGalN5WEJ4NzdC
|
||||||
|
eEMvSFhjamllM1VPSGhGWFAwSzltYm8KLS0tIHFLWHlPdkVsYmpWUW5YWmdzUXZQ
|
||||||
|
dCtSdXNWdGdrNGlLcVg3bVBWWEdWeG8KFNFYMPp+uPhlFyDXzps946gowRM+EpnG
|
||||||
|
SljpZ2XTMHLZ2ZNHqrkdXaou8H7dDZjafo010I5c+U0/BzYg3GKwlw==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
- recipient: age17edew3aahg3t5nte5g0a505sn96vnj8g8gqse8q06ccrrn2n3uysyshu2c
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB1dWtHWVR4NFNaMS9LM2xr
|
||||||
|
dm9UamZkTmVwOGtaMmdJeU5uZGY5TGJwcnpVCmpyZ201OVpJSmFnT0V3aGluZUxP
|
||||||
|
djRTYUJCNis5NHhKbmNtZ3NlQldXdWMKLS0tIEJuSTJPVzhJVW93Qi8zSFFvSzlk
|
||||||
|
SW9jdk5BaHRhc3puVzE0cEwrMlRMcVEKV5++1oZk48SA2iuxf64NVg1gQo997tM/
|
||||||
|
06VqoVuLX1Vqo/InVmWzMJJA6IKSAe1k8eOeoZ7Sbgty7rcd3al1VQ==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
- recipient: age1u4tht685sqg6dkmjyer96r93pl425u6353md6fphpd84jh3jwcusvm7mgk
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBjSVhBNnpKREgrWHFSd0lC
|
||||||
|
bVd4b2ZmblR6Zlp6alEwV01CQm1TWGdFU3o4Ck5PY2R2VU5OSDZxME8zWkkyZ2Yr
|
||||||
|
bjJpZmFjUEdHY1hxWUZQSVd1Rlhnb3cKLS0tIEE2SnlkTThtR0pOdmF0SStNOUxi
|
||||||
|
MnJ2Ri9xb0E5Wis3ejhTVDdtQUVPc28KpDiexpCl7Pocrv1PAHEWVHEFEDUDq4F5
|
||||||
|
CsUxpyH4+odoi1Qzj2iDkbuaun5mTER96B/gfXKb8UZqOIygHA/89g==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
- recipient: age1cp6vegrmqfkuj8nmt2u3z0sur7n0f7e9x9zmdv4zygp8j2pnucpsdkgagc
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB0bHZmS3FkSnhlNndWOGhU
|
||||||
|
eC9oSlEvUEorTHlvKzZ4RjhZNWthUzFTdTFrCktNWUNCYlQvZDY5OC9YRFJ1ei9V
|
||||||
|
UEY0MGhDMDVHai9LZzRrYWtqMzNJd0UKLS0tIGtPZHVPOTFXeXJEWTFwVmZoZFdX
|
||||||
|
ckF5M1Z6Z3lRRC9yYVIvaGJsbllSK1EK8JODbe2VZg5ABspZn5eNmvF3pJziVY9X
|
||||||
|
B05xe15jisD3k5mXcbolo3wkt78+fBV1M5EYuOYgtwI4bdWp1he+TQ==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
- recipient: age1j2r8mypw44uvqhfs53424h6fu2rkr5m7asl7rl3zn3xzva9m3dcqpa97gw
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDZk8zS3c4alFyL09WSkMr
|
||||||
|
aDFhZGhQRVBYUExmV05DbjlJb3B4ZmFmcEcwCkx4aGhRbFNudGFEeHN3Q2xSSkxa
|
||||||
|
SnBxeG40L3YwbkFZL2FLY1hWYTA3N0kKLS0tIEZOM0o4VUFPWm1YUERzTS85Zmsr
|
||||||
|
ZHgwR2xPTE5zaGx3dDIxZ3F6allKRjgKgpcA82ZC8WrCF5b9EqkaHvrCQQYEFWXI
|
||||||
|
BxY8+3w3/hqnDiWzlPdwRQGN0J0e2WeIUFzSaQFYpR7kemP3DJ+MtQ==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
- recipient: age1w3jtd4lecn2ng8qxantw33qxl2uasfqfjfpx45u6uweexwtxyq4spwssmh
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0YnNXdkZSclc2L2NYMEJs
|
||||||
|
MG9LeURhc2VsM1Zxa3dIU0dNSTZpYTJqblUwCjV0QnE4eHljZHU1cGZTTUhLNzkv
|
||||||
|
WEJyQnFDS1JTRTd4dzJYa21EcW5hekUKLS0tIGMzMC9aVjJkZEZnM1JlTU9uTWdl
|
||||||
|
OUN5d2lEYnJCdW0vTXJnUWt4d3hCT28KjuBFDRjCyU037UV7s4ZSaMxPhZhUBakG
|
||||||
|
6IEpCm0U2NYfLAgqDrq9Pn1J9Ut1Q3Uep/UWBfqNET/yARoiXPDTvg==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
lastmodified: "2024-04-12T03:04:28Z"
|
||||||
|
mac: ENC[AES256_GCM,data:lDxEN6svXfQEHyWRrDcs8XU8Sblxof820ZOcMoVfSMkjgNcx883E6ZKbZlE1lQztlG1RCyvGgpPotjfEN7KgH87IZ3EpUdq6t+4f2ag8T2xnjDNoU1PeiLLTGvd5rt5MeKK3YqhxQ17OKrdvwVDL+wcnZedF9X0vgbpFehBTIhY=,iv:S4cRp1It/BNYknkLk8x75oi615ddXp3FbS7Q5HBtgrg=,tag:9ugtzg2cw5Gc3/KpHbmuFQ==,type:str]
|
||||||
|
pgp: []
|
||||||
|
unencrypted_suffix: _unencrypted
|
||||||
|
version: 3.8.1
|
|
@ -1,6 +1,6 @@
|
||||||
{ config, ... }:
|
{ config, ... }:
|
||||||
{
|
{
|
||||||
|
|
||||||
sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
|
sops.age.sshKeyPaths = [ "${config.mySystem.system.impermanence.sshPath}/ssh_host_ed25519_key" ];
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -9,7 +9,7 @@ in
|
||||||
|
|
||||||
sops.secrets = {
|
sops.secrets = {
|
||||||
truxnell-password = {
|
truxnell-password = {
|
||||||
sopsFile = ./secret.sops.yaml;
|
sopsFile = ./secrets.sops.yaml;
|
||||||
neededForUsers = true;
|
neededForUsers = true;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
@ -17,7 +17,7 @@ in
|
||||||
users.users.truxnell = {
|
users.users.truxnell = {
|
||||||
isNormalUser = true;
|
isNormalUser = true;
|
||||||
shell = pkgs.fish;
|
shell = pkgs.fish;
|
||||||
passwordFile = config.sops.secrets.truxnell-password.path;
|
hashedPasswordFile = config.sops.secrets.truxnell-password.path;
|
||||||
extraGroups =
|
extraGroups =
|
||||||
[
|
[
|
||||||
"wheel"
|
"wheel"
|
||||||
|
@ -26,7 +26,9 @@ in
|
||||||
"network"
|
"network"
|
||||||
"samba-users"
|
"samba-users"
|
||||||
"docker"
|
"docker"
|
||||||
|
"podman"
|
||||||
"audio" # pulseaudio
|
"audio" # pulseaudio
|
||||||
|
"libvirtd"
|
||||||
];
|
];
|
||||||
|
|
||||||
openssh.authorizedKeys.keys = [
|
openssh.authorizedKeys.keys = [
|
||||||
|
|
|
@ -8,7 +8,6 @@ in
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
options.mySystem.system.impermanence = {
|
options.mySystem.system.impermanence = {
|
||||||
enable = lib.mkEnableOption "impermanence";
|
|
||||||
rootBlankSnapshotName = lib.mkOption {
|
rootBlankSnapshotName = lib.mkOption {
|
||||||
type = lib.types.str;
|
type = lib.types.str;
|
||||||
default = "blank";
|
default = "blank";
|
||||||
|
@ -22,26 +21,27 @@ with lib;
|
||||||
default = "/persist";
|
default = "/persist";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
impermanenceRollback = lib.mkEnableOption "Rollback root on boot for impermance";
|
|
||||||
|
|
||||||
};
|
};
|
||||||
|
|
||||||
config = lib.mkIf cfg.enable {
|
config = {
|
||||||
|
|
||||||
|
# move ssh keys
|
||||||
|
mySystem.system.impermanence.sshPath = "${cfg.persistPath}/nixos/etc/ssh";
|
||||||
|
mySystem.system.impermanence.enable = true;
|
||||||
|
|
||||||
# bind a initrd command to rollback to blank root after boot
|
# bind a initrd command to rollback to blank root after boot
|
||||||
boot.initrd.postDeviceCommands = (lib.mkAfter ''
|
boot.initrd.postDeviceCommands = lib.mkAfter ''
|
||||||
zfs rollback -r ${cfg.rootPoolName}@${cfg.rootBlankSnapshotName}
|
zfs rollback -r ${cfg.rootPoolName}@${cfg.rootBlankSnapshotName}
|
||||||
'');
|
'';
|
||||||
|
|
||||||
# move ssh keys to persist folder
|
# move ssh keys to persist folder
|
||||||
services.openssh.hostKeys = mkIf config.services.openssh.enable [
|
services.openssh.hostKeys = mkIf config.services.openssh.enable [
|
||||||
{
|
{
|
||||||
path = "${cfg.persistPath}/nixos/ssh/ssh_host_ed25519_key";
|
path = "${config.mySystem.system.impermanence.sshPath}/ssh_host_ed25519_key";
|
||||||
type = "ed25519";
|
type = "ed25519";
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
path = "${cfg.persistPath}/nixos/ssh/ssh_host_rsa_key";
|
path = "${config.mySystem.system.impermanence.sshPath}/ssh_host_rsa_key";
|
||||||
type = "rsa";
|
type = "rsa";
|
||||||
bits = 4096;
|
bits = 4096;
|
||||||
}
|
}
|
||||||
|
@ -49,7 +49,7 @@ with lib;
|
||||||
|
|
||||||
# If impermanent, move key location to safe
|
# If impermanent, move key location to safe
|
||||||
systemd.tmpfiles.rules = mkIf config.services.openssh.enable [
|
systemd.tmpfiles.rules = mkIf config.services.openssh.enable [
|
||||||
"d ${cfg.persistPath}/nixos/ssh/ 0755 root root -" #The - disables automatic cleanup, so the file wont be removed after a period
|
"d ${config.mySystem.system.impermanence.sshPath}/ 0755 root root -" #The - disables automatic cleanup, so the file wont be removed after a period
|
||||||
];
|
];
|
||||||
|
|
||||||
# set machine id for log continuity
|
# set machine id for log continuity
|
|
@ -19,7 +19,7 @@ with lib;
|
||||||
|
|
||||||
name = config.networking.hostName;
|
name = config.networking.hostName;
|
||||||
group = "servers";
|
group = "servers";
|
||||||
url = "icmp://${config.networking.hostName}.l.trux.dev";
|
url = "icmp://${config.networking.hostName}.${config.mySystem.internalDomain}";
|
||||||
interval = "30s";
|
interval = "30s";
|
||||||
conditions = [ "[CONNECTED] == true" ];
|
conditions = [ "[CONNECTED] == true" ];
|
||||||
}];
|
}];
|
||||||
|
|
|
@ -62,7 +62,6 @@ with config;
|
||||||
yq
|
yq
|
||||||
btop
|
btop
|
||||||
vim
|
vim
|
||||||
unstable.deploy-rs
|
|
||||||
git
|
git
|
||||||
dnsutils
|
dnsutils
|
||||||
nix
|
nix
|
||||||
|
|
Reference in a new issue