diff --git a/secrets/etna/frpToken.age b/secrets/etna/frpToken.age new file mode 100644 index 0000000..d177951 --- /dev/null +++ b/secrets/etna/frpToken.age @@ -0,0 +1,14 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1NXQ2WjRZVi80RDV4Sk9Y +K3lBV01SZjA1dG1kMmZyT1VhbGZHYUE2cGw0CjkxQmUzV1hPWmJiTThFNVJ5b1ho +anE4VnE4Q2NWTURQaVhkRXgxcUZOK3cKLT4gWDI1NTE5IEI1SFlEVndDejEycWlN +RklLUHRzTHlVR1BuRVEvelZkc1BwV0V3YWJrRGsKMUVoYkR2Y05uWEZiQVJlSk83 +VE9FV3VkWjJwb0s4Q09MUFVMQnFWSGV5NAotPiBYMjU1MTkgbE5TMnVKL1dSNkQr +TmV3S3pqdTdUTkx3RDY4S1BQS1NOKzZFTmwzVmhDdwp3VVNyRWhJcisrYzJpZWJY +VEUwcFZtbFdHNHhjWjVrR1BoSmJ2RWYyOUJ3Ci0tLSBzSWU5V3RtanpIRnZGMm85 +VDBYVFN4amZ1TjZkQ0pPOUtJOTNhTTlhV25nChNeUHLoQWLy2V2iovF7AAi+0idD +Uy9YLOA7w+mxdvNA+qqBvlmuMExu68Ij8Fi1CEofathH9mnxpHxITczWCfdQHnke +bCcwnAWAKbXq1/aetBlTd4AQ8TRWTFScC+/TSuItSJdOsR/6lQAa6gzhqu/YutWy +0pVd4XPAaMjlWpXSznkSN6feEl3m0sNwAU4MwrAY22qeTneFq0nGrUaDI7yuP/pC +7IXea6PmIQ== +-----END AGE ENCRYPTED FILE----- diff --git a/secrets/secrets.nix b/secrets/secrets.nix index 7036576..6c354e6 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -20,4 +20,5 @@ in { "etna/minecraftEnv.age".publicKeys = main ++ [etna]; "etna/dendriteKey.age".publicKeys = main ++ [etna]; "etna/nextcloudAdminPass.age".publicKeys = main ++ [etna]; + "etna/frpToken.age".publicKeys = main ++ [etna]; } diff --git a/systems/etna/default.nix b/systems/etna/default.nix index 6247d37..e41b06e 100644 --- a/systems/etna/default.nix +++ b/systems/etna/default.nix @@ -31,6 +31,8 @@ in { owner = "cloudflared"; group = "cloudflared"; }; + + frpToken = {}; }; boot.kernelPackages = lib.mkForce pkgs.linuxPackages_6_1; @@ -46,6 +48,10 @@ in { settings = { serverAddr = "49.13.148.129"; serverPort = 7000; + auth = { + method = "token"; + token = "{{ .Envs.FRP_TOKEN }}"; + }; }; }; @@ -57,4 +63,6 @@ in { }; }; }; + + systemd.services.frp.serviceConfig.EnvironmentFile = config.age.secrets.frpToken.path; }