host api on etna
This commit is contained in:
parent
db569e4fda
commit
0a4a2209f1
7 changed files with 178 additions and 26 deletions
128
flake.lock
128
flake.lock
|
@ -23,6 +23,30 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"api-rs": {
|
||||||
|
"inputs": {
|
||||||
|
"flake-parts": [
|
||||||
|
"flake-parts"
|
||||||
|
],
|
||||||
|
"nixpkgs": [
|
||||||
|
"nixpkgs"
|
||||||
|
],
|
||||||
|
"rust-overlay": "rust-overlay"
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1706818243,
|
||||||
|
"narHash": "sha256-xhUSxZ+JFoVcp86fMESPatNYFl0kAZUKxgwcU8XSBNo=",
|
||||||
|
"owner": "uku3lig",
|
||||||
|
"repo": "api-rs",
|
||||||
|
"rev": "da75616d1686fac75bffd93db095f6f1911afedf",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "uku3lig",
|
||||||
|
"repo": "api-rs",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"catppuccin": {
|
"catppuccin": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1705010618,
|
"lastModified": 1705010618,
|
||||||
|
@ -173,25 +197,7 @@
|
||||||
},
|
},
|
||||||
"flake-utils": {
|
"flake-utils": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"systems": "systems_3"
|
"systems": "systems_2"
|
||||||
},
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1705309234,
|
|
||||||
"narHash": "sha256-uNRRNRKmJyCRC/8y1RqBkqWBLM034y4qN7EprSdmgyA=",
|
|
||||||
"owner": "numtide",
|
|
||||||
"repo": "flake-utils",
|
|
||||||
"rev": "1ef2e671c3b0c19053962c07dbda38332dcebf26",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "numtide",
|
|
||||||
"repo": "flake-utils",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"flake-utils_2": {
|
|
||||||
"inputs": {
|
|
||||||
"systems": "systems_4"
|
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1681202837,
|
"lastModified": 1681202837,
|
||||||
|
@ -207,6 +213,24 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"flake-utils_2": {
|
||||||
|
"inputs": {
|
||||||
|
"systems": "systems_4"
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1705309234,
|
||||||
|
"narHash": "sha256-uNRRNRKmJyCRC/8y1RqBkqWBLM034y4qN7EprSdmgyA=",
|
||||||
|
"owner": "numtide",
|
||||||
|
"repo": "flake-utils",
|
||||||
|
"rev": "1ef2e671c3b0c19053962c07dbda38332dcebf26",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "numtide",
|
||||||
|
"repo": "flake-utils",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"flake-utils_3": {
|
"flake-utils_3": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"systems": "systems_5"
|
"systems": "systems_5"
|
||||||
|
@ -225,6 +249,24 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"flake-utils_4": {
|
||||||
|
"inputs": {
|
||||||
|
"systems": "systems_6"
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1681202837,
|
||||||
|
"narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=",
|
||||||
|
"owner": "numtide",
|
||||||
|
"repo": "flake-utils",
|
||||||
|
"rev": "cfacdce06f30d2b68473a46042957675eebb3401",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "numtide",
|
||||||
|
"repo": "flake-utils",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"gitignore": {
|
"gitignore": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
|
@ -295,12 +337,12 @@
|
||||||
"flake-parts": [
|
"flake-parts": [
|
||||||
"flake-parts"
|
"flake-parts"
|
||||||
],
|
],
|
||||||
"flake-utils": "flake-utils",
|
"flake-utils": "flake-utils_2",
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
"nixpkgs"
|
"nixpkgs"
|
||||||
],
|
],
|
||||||
"pre-commit-hooks-nix": "pre-commit-hooks-nix",
|
"pre-commit-hooks-nix": "pre-commit-hooks-nix",
|
||||||
"rust-overlay": "rust-overlay"
|
"rust-overlay": "rust-overlay_2"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1705918090,
|
"lastModified": 1705918090,
|
||||||
|
@ -381,6 +423,7 @@
|
||||||
"root": {
|
"root": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"agenix": "agenix",
|
"agenix": "agenix",
|
||||||
|
"api-rs": "api-rs",
|
||||||
"catppuccin": "catppuccin",
|
"catppuccin": "catppuccin",
|
||||||
"deploy-rs": "deploy-rs",
|
"deploy-rs": "deploy-rs",
|
||||||
"flake-parts": "flake-parts",
|
"flake-parts": "flake-parts",
|
||||||
|
@ -392,6 +435,28 @@
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"rust-overlay": {
|
"rust-overlay": {
|
||||||
|
"inputs": {
|
||||||
|
"flake-utils": "flake-utils",
|
||||||
|
"nixpkgs": [
|
||||||
|
"api-rs",
|
||||||
|
"nixpkgs"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1699841702,
|
||||||
|
"narHash": "sha256-EG1Fpw732KmcyFJB0tUNsvreRomwTI/H5ngqlGrfB1Y=",
|
||||||
|
"owner": "oxalica",
|
||||||
|
"repo": "rust-overlay",
|
||||||
|
"rev": "05c34b45e276a9939d1170b025faafe7a5fab2c8",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "oxalica",
|
||||||
|
"repo": "rust-overlay",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"rust-overlay_2": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"flake-utils": [
|
"flake-utils": [
|
||||||
"lanzaboote",
|
"lanzaboote",
|
||||||
|
@ -491,9 +556,24 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"systems_6": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1681028828,
|
||||||
|
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
||||||
|
"owner": "nix-systems",
|
||||||
|
"repo": "default",
|
||||||
|
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "nix-systems",
|
||||||
|
"repo": "default",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"utils": {
|
"utils": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"systems": "systems_2"
|
"systems": "systems_3"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1701680307,
|
"lastModified": 1701680307,
|
||||||
|
@ -512,7 +592,7 @@
|
||||||
"vscode-extensions": {
|
"vscode-extensions": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"flake-compat": "flake-compat_3",
|
"flake-compat": "flake-compat_3",
|
||||||
"flake-utils": "flake-utils_2",
|
"flake-utils": "flake-utils_3",
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
"nixpkgs"
|
"nixpkgs"
|
||||||
]
|
]
|
||||||
|
@ -533,7 +613,7 @@
|
||||||
},
|
},
|
||||||
"vscode-server": {
|
"vscode-server": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"flake-utils": "flake-utils_3",
|
"flake-utils": "flake-utils_4",
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
"nixpkgs"
|
"nixpkgs"
|
||||||
]
|
]
|
||||||
|
|
|
@ -48,6 +48,13 @@
|
||||||
url = "github:nix-community/nixos-vscode-server";
|
url = "github:nix-community/nixos-vscode-server";
|
||||||
inputs.nixpkgs.follows = "nixpkgs";
|
inputs.nixpkgs.follows = "nixpkgs";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
# ==== uku3lig stuff ====
|
||||||
|
api-rs = {
|
||||||
|
url = "github:uku3lig/api-rs";
|
||||||
|
inputs.nixpkgs.follows = "nixpkgs";
|
||||||
|
inputs.flake-parts.follows = "flake-parts";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
outputs = {flake-parts, ...} @ inputs:
|
outputs = {flake-parts, ...} @ inputs:
|
||||||
|
|
12
secrets/etna/apiRsEnv.age
Normal file
12
secrets/etna/apiRsEnv.age
Normal file
|
@ -0,0 +1,12 @@
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTKzh3RnpkUGxBZnVuYlRD
|
||||||
|
UDBXNVZJeTFvQ21scnFjcHhhUUwzaUo5NGg4CkxCMkNNM2haMG5ub0YzT2Zxajhj
|
||||||
|
YmdhSlhyeDgyeVVMUWhaYVpiNHJVcnMKLT4gWDI1NTE5IEtMczAvWERxbEg1eHkz
|
||||||
|
dDRNQmhiM0p6QzVrTFpkSjZ0aXo4OUxzaFd3QlUKdVZoSnhWUWl4NWtZSXRNQWhH
|
||||||
|
YlBUYWNFSjRSUm0wRmViWnFsRk1oc0dDSQotPiBYMjU1MTkgcnc1SVE0ZnplWVhj
|
||||||
|
cHdNeC96Nk9UZ1B6ZFlKM1YvRjN3VnkwK0dDL0ZnQQoxMFFKeE9ERHJWbjNqV2My
|
||||||
|
aWFWTmgzbzk2d0FMVHBMOE9hVXJKUHFLOXkwCi0tLSA0RWtDWHBzTmlzUS9aMWdB
|
||||||
|
cnZISldlNWxKRncwZ0I2VU92NmE0aDlTWi9jCraKbxDaARBL64xUSH1R10zNA5QJ
|
||||||
|
Ake+50nG72o6eZwuhaTdQJ4P7Lo9PC8m0yJ7m2/HVtvwkNLsKewZ419IL+9ftmGv
|
||||||
|
og7UdJOdm3QVu5ak+AoOI8gGJlo9sG8G124NjjyTdeAAEzgohuvVingL
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
14
secrets/etna/tunnelCreds.age
Normal file
14
secrets/etna/tunnelCreds.age
Normal file
|
@ -0,0 +1,14 @@
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVZWt2TVVTQk1zZVRZaW9S
|
||||||
|
dTI3RHZqdTZiWE5TaUtuTmdwdGU0MDBHbEdFCnN3VXhrM05Oa3lhZTZZZ0tzZjVN
|
||||||
|
Y3NDRDN6T2VuKzFUS08rKzhEcjhxcGMKLT4gWDI1NTE5IHU3dzlQelNQT1JINnJo
|
||||||
|
QUFPUVl4UG5lNnNBZnEvejAzSGIyTHJQdzh2U28KN3M3RTZud2p0Yit3VWwyUUth
|
||||||
|
eDFPaElQemlaL3dQQnJFUzZJU3A4a24zcwotPiBYMjU1MTkgd3pCMnJNQWpyTGRZ
|
||||||
|
VDFTTkl3QVlsTUQ2eFpHaVVXSXdPMTBTQXludW5CYwptZFBTMFpaNHhqMFUyZFAv
|
||||||
|
ZTFwd3RmUUFXT3MxYUdNdkRHRlRxNWRON05FCi0tLSBTR1ZRME9rREtYWWNXUDVT
|
||||||
|
WXV3RkhNV25VUE5xcmFHc3BPRzBjUlVjVzRnChfpiOqANNHsSeDwXTAB2j/m3eQ9
|
||||||
|
m28KHq8agBi90IU1fORG6MVPNgKIVHk5CY4thErTOrVpWQhIA0HrruyiS3sLkPv2
|
||||||
|
aDPv4c/cYx3jWfzYyb1dovIVkB/4PVPxg8+YX7R7ZNesdLrEEAo+QbTfQ9cr6tYt
|
||||||
|
8kQfmO4BUI+c8yILTtv/GtufLr+dYaP6pnzgjLM5koU6fUn2TwXqqVIV2Phb385Y
|
||||||
|
WUBEmI717nhsBr5cYPmRYMfxiF3I01ZQ2bUC9iB3
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
|
@ -11,5 +11,8 @@ in {
|
||||||
|
|
||||||
"fuji/rootPassword.age".publicKeys = main;
|
"fuji/rootPassword.age".publicKeys = main;
|
||||||
"kilimandjaro/rootPassword.age".publicKeys = main;
|
"kilimandjaro/rootPassword.age".publicKeys = main;
|
||||||
|
|
||||||
"etna/rootPassword.age".publicKeys = main ++ [etna];
|
"etna/rootPassword.age".publicKeys = main ++ [etna];
|
||||||
|
"etna/tunnelCreds.age".publicKeys = main ++ [etna];
|
||||||
|
"etna/apiRsEnv.age".publicKeys = main ++ [etna];
|
||||||
}
|
}
|
||||||
|
|
|
@ -52,7 +52,11 @@ in {
|
||||||
|
|
||||||
etna = {
|
etna = {
|
||||||
system = "x86_64-linux";
|
system = "x86_64-linux";
|
||||||
modules = server;
|
modules =
|
||||||
|
server
|
||||||
|
++ (with inputs; [
|
||||||
|
api-rs.nixosModules.default
|
||||||
|
]);
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,3 +1,35 @@
|
||||||
{
|
{config, ...}: {
|
||||||
|
age.secrets = let
|
||||||
|
path = ../../secrets/etna;
|
||||||
|
in {
|
||||||
|
tunnelCreds = {
|
||||||
|
file = "${path}/tunnelCreds.age";
|
||||||
|
owner = "cloudflared";
|
||||||
|
group = "cloudflared";
|
||||||
|
};
|
||||||
|
|
||||||
|
apiRsEnv.file = "${path}/apiRsEnv.age";
|
||||||
|
};
|
||||||
|
|
||||||
boot.loader.systemd-boot.enable = true;
|
boot.loader.systemd-boot.enable = true;
|
||||||
|
|
||||||
|
services = {
|
||||||
|
api-rs = {
|
||||||
|
enable = true;
|
||||||
|
environmentFile = config.age.secrets.apiRsEnv.path;
|
||||||
|
};
|
||||||
|
|
||||||
|
cloudflared = {
|
||||||
|
enable = true;
|
||||||
|
tunnels."57f51ad7-25a0-45f3-b113-0b6ae0b2c3e5" = {
|
||||||
|
credentialsFile = config.age.secrets.tunnelCreds.path;
|
||||||
|
|
||||||
|
ingress = {
|
||||||
|
"api.uku3lig.net" = "http://localhost:5000";
|
||||||
|
};
|
||||||
|
|
||||||
|
default = "http_status:404";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue