host api on etna
This commit is contained in:
parent
db569e4fda
commit
0a4a2209f1
7 changed files with 178 additions and 26 deletions
128
flake.lock
128
flake.lock
|
@ -23,6 +23,30 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"api-rs": {
|
||||
"inputs": {
|
||||
"flake-parts": [
|
||||
"flake-parts"
|
||||
],
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
],
|
||||
"rust-overlay": "rust-overlay"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1706818243,
|
||||
"narHash": "sha256-xhUSxZ+JFoVcp86fMESPatNYFl0kAZUKxgwcU8XSBNo=",
|
||||
"owner": "uku3lig",
|
||||
"repo": "api-rs",
|
||||
"rev": "da75616d1686fac75bffd93db095f6f1911afedf",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "uku3lig",
|
||||
"repo": "api-rs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"catppuccin": {
|
||||
"locked": {
|
||||
"lastModified": 1705010618,
|
||||
|
@ -173,25 +197,7 @@
|
|||
},
|
||||
"flake-utils": {
|
||||
"inputs": {
|
||||
"systems": "systems_3"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1705309234,
|
||||
"narHash": "sha256-uNRRNRKmJyCRC/8y1RqBkqWBLM034y4qN7EprSdmgyA=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "1ef2e671c3b0c19053962c07dbda38332dcebf26",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-utils_2": {
|
||||
"inputs": {
|
||||
"systems": "systems_4"
|
||||
"systems": "systems_2"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1681202837,
|
||||
|
@ -207,6 +213,24 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-utils_2": {
|
||||
"inputs": {
|
||||
"systems": "systems_4"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1705309234,
|
||||
"narHash": "sha256-uNRRNRKmJyCRC/8y1RqBkqWBLM034y4qN7EprSdmgyA=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "1ef2e671c3b0c19053962c07dbda38332dcebf26",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-utils_3": {
|
||||
"inputs": {
|
||||
"systems": "systems_5"
|
||||
|
@ -225,6 +249,24 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-utils_4": {
|
||||
"inputs": {
|
||||
"systems": "systems_6"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1681202837,
|
||||
"narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "cfacdce06f30d2b68473a46042957675eebb3401",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"gitignore": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
|
@ -295,12 +337,12 @@
|
|||
"flake-parts": [
|
||||
"flake-parts"
|
||||
],
|
||||
"flake-utils": "flake-utils",
|
||||
"flake-utils": "flake-utils_2",
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
],
|
||||
"pre-commit-hooks-nix": "pre-commit-hooks-nix",
|
||||
"rust-overlay": "rust-overlay"
|
||||
"rust-overlay": "rust-overlay_2"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1705918090,
|
||||
|
@ -381,6 +423,7 @@
|
|||
"root": {
|
||||
"inputs": {
|
||||
"agenix": "agenix",
|
||||
"api-rs": "api-rs",
|
||||
"catppuccin": "catppuccin",
|
||||
"deploy-rs": "deploy-rs",
|
||||
"flake-parts": "flake-parts",
|
||||
|
@ -392,6 +435,28 @@
|
|||
}
|
||||
},
|
||||
"rust-overlay": {
|
||||
"inputs": {
|
||||
"flake-utils": "flake-utils",
|
||||
"nixpkgs": [
|
||||
"api-rs",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1699841702,
|
||||
"narHash": "sha256-EG1Fpw732KmcyFJB0tUNsvreRomwTI/H5ngqlGrfB1Y=",
|
||||
"owner": "oxalica",
|
||||
"repo": "rust-overlay",
|
||||
"rev": "05c34b45e276a9939d1170b025faafe7a5fab2c8",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "oxalica",
|
||||
"repo": "rust-overlay",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"rust-overlay_2": {
|
||||
"inputs": {
|
||||
"flake-utils": [
|
||||
"lanzaboote",
|
||||
|
@ -491,9 +556,24 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"systems_6": {
|
||||
"locked": {
|
||||
"lastModified": 1681028828,
|
||||
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"utils": {
|
||||
"inputs": {
|
||||
"systems": "systems_2"
|
||||
"systems": "systems_3"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1701680307,
|
||||
|
@ -512,7 +592,7 @@
|
|||
"vscode-extensions": {
|
||||
"inputs": {
|
||||
"flake-compat": "flake-compat_3",
|
||||
"flake-utils": "flake-utils_2",
|
||||
"flake-utils": "flake-utils_3",
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
]
|
||||
|
@ -533,7 +613,7 @@
|
|||
},
|
||||
"vscode-server": {
|
||||
"inputs": {
|
||||
"flake-utils": "flake-utils_3",
|
||||
"flake-utils": "flake-utils_4",
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
]
|
||||
|
|
|
@ -48,6 +48,13 @@
|
|||
url = "github:nix-community/nixos-vscode-server";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
|
||||
# ==== uku3lig stuff ====
|
||||
api-rs = {
|
||||
url = "github:uku3lig/api-rs";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
inputs.flake-parts.follows = "flake-parts";
|
||||
};
|
||||
};
|
||||
|
||||
outputs = {flake-parts, ...} @ inputs:
|
||||
|
|
12
secrets/etna/apiRsEnv.age
Normal file
12
secrets/etna/apiRsEnv.age
Normal file
|
@ -0,0 +1,12 @@
|
|||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTKzh3RnpkUGxBZnVuYlRD
|
||||
UDBXNVZJeTFvQ21scnFjcHhhUUwzaUo5NGg4CkxCMkNNM2haMG5ub0YzT2Zxajhj
|
||||
YmdhSlhyeDgyeVVMUWhaYVpiNHJVcnMKLT4gWDI1NTE5IEtMczAvWERxbEg1eHkz
|
||||
dDRNQmhiM0p6QzVrTFpkSjZ0aXo4OUxzaFd3QlUKdVZoSnhWUWl4NWtZSXRNQWhH
|
||||
YlBUYWNFSjRSUm0wRmViWnFsRk1oc0dDSQotPiBYMjU1MTkgcnc1SVE0ZnplWVhj
|
||||
cHdNeC96Nk9UZ1B6ZFlKM1YvRjN3VnkwK0dDL0ZnQQoxMFFKeE9ERHJWbjNqV2My
|
||||
aWFWTmgzbzk2d0FMVHBMOE9hVXJKUHFLOXkwCi0tLSA0RWtDWHBzTmlzUS9aMWdB
|
||||
cnZISldlNWxKRncwZ0I2VU92NmE0aDlTWi9jCraKbxDaARBL64xUSH1R10zNA5QJ
|
||||
Ake+50nG72o6eZwuhaTdQJ4P7Lo9PC8m0yJ7m2/HVtvwkNLsKewZ419IL+9ftmGv
|
||||
og7UdJOdm3QVu5ak+AoOI8gGJlo9sG8G124NjjyTdeAAEzgohuvVingL
|
||||
-----END AGE ENCRYPTED FILE-----
|
14
secrets/etna/tunnelCreds.age
Normal file
14
secrets/etna/tunnelCreds.age
Normal file
|
@ -0,0 +1,14 @@
|
|||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVZWt2TVVTQk1zZVRZaW9S
|
||||
dTI3RHZqdTZiWE5TaUtuTmdwdGU0MDBHbEdFCnN3VXhrM05Oa3lhZTZZZ0tzZjVN
|
||||
Y3NDRDN6T2VuKzFUS08rKzhEcjhxcGMKLT4gWDI1NTE5IHU3dzlQelNQT1JINnJo
|
||||
QUFPUVl4UG5lNnNBZnEvejAzSGIyTHJQdzh2U28KN3M3RTZud2p0Yit3VWwyUUth
|
||||
eDFPaElQemlaL3dQQnJFUzZJU3A4a24zcwotPiBYMjU1MTkgd3pCMnJNQWpyTGRZ
|
||||
VDFTTkl3QVlsTUQ2eFpHaVVXSXdPMTBTQXludW5CYwptZFBTMFpaNHhqMFUyZFAv
|
||||
ZTFwd3RmUUFXT3MxYUdNdkRHRlRxNWRON05FCi0tLSBTR1ZRME9rREtYWWNXUDVT
|
||||
WXV3RkhNV25VUE5xcmFHc3BPRzBjUlVjVzRnChfpiOqANNHsSeDwXTAB2j/m3eQ9
|
||||
m28KHq8agBi90IU1fORG6MVPNgKIVHk5CY4thErTOrVpWQhIA0HrruyiS3sLkPv2
|
||||
aDPv4c/cYx3jWfzYyb1dovIVkB/4PVPxg8+YX7R7ZNesdLrEEAo+QbTfQ9cr6tYt
|
||||
8kQfmO4BUI+c8yILTtv/GtufLr+dYaP6pnzgjLM5koU6fUn2TwXqqVIV2Phb385Y
|
||||
WUBEmI717nhsBr5cYPmRYMfxiF3I01ZQ2bUC9iB3
|
||||
-----END AGE ENCRYPTED FILE-----
|
|
@ -11,5 +11,8 @@ in {
|
|||
|
||||
"fuji/rootPassword.age".publicKeys = main;
|
||||
"kilimandjaro/rootPassword.age".publicKeys = main;
|
||||
|
||||
"etna/rootPassword.age".publicKeys = main ++ [etna];
|
||||
"etna/tunnelCreds.age".publicKeys = main ++ [etna];
|
||||
"etna/apiRsEnv.age".publicKeys = main ++ [etna];
|
||||
}
|
||||
|
|
|
@ -52,7 +52,11 @@ in {
|
|||
|
||||
etna = {
|
||||
system = "x86_64-linux";
|
||||
modules = server;
|
||||
modules =
|
||||
server
|
||||
++ (with inputs; [
|
||||
api-rs.nixosModules.default
|
||||
]);
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,3 +1,35 @@
|
|||
{
|
||||
{config, ...}: {
|
||||
age.secrets = let
|
||||
path = ../../secrets/etna;
|
||||
in {
|
||||
tunnelCreds = {
|
||||
file = "${path}/tunnelCreds.age";
|
||||
owner = "cloudflared";
|
||||
group = "cloudflared";
|
||||
};
|
||||
|
||||
apiRsEnv.file = "${path}/apiRsEnv.age";
|
||||
};
|
||||
|
||||
boot.loader.systemd-boot.enable = true;
|
||||
|
||||
services = {
|
||||
api-rs = {
|
||||
enable = true;
|
||||
environmentFile = config.age.secrets.apiRsEnv.path;
|
||||
};
|
||||
|
||||
cloudflared = {
|
||||
enable = true;
|
||||
tunnels."57f51ad7-25a0-45f3-b113-0b6ae0b2c3e5" = {
|
||||
credentialsFile = config.age.secrets.tunnelCreds.path;
|
||||
|
||||
ingress = {
|
||||
"api.uku3lig.net" = "http://localhost:5000";
|
||||
};
|
||||
|
||||
default = "http_status:404";
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue