From c460d98467182bd3f4e40ac502883bb4634abcd5 Mon Sep 17 00:00:00 2001 From: uku Date: Fri, 2 Feb 2024 16:20:46 +0100 Subject: [PATCH] etna: add ukubot --- flake.lock | 84 +++++++++++++++++++++++++++++++++++- flake.nix | 6 +++ secrets/etna/ukubotRsEnv.age | 13 ++++++ secrets/secrets.nix | 1 + systems/default.nix | 1 + systems/etna/default.nix | 6 +++ 6 files changed, 109 insertions(+), 2 deletions(-) create mode 100644 secrets/etna/ukubotRsEnv.age diff --git a/flake.lock b/flake.lock index 7144341..c646ae2 100644 --- a/flake.lock +++ b/flake.lock @@ -267,6 +267,24 @@ "type": "github" } }, + "flake-utils_5": { + "inputs": { + "systems": "systems_7" + }, + "locked": { + "lastModified": 1681202837, + "narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "cfacdce06f30d2b68473a46042957675eebb3401", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, "gitignore": { "inputs": { "nixpkgs": [ @@ -430,6 +448,7 @@ "home-manager": "home-manager_2", "lanzaboote": "lanzaboote", "nixpkgs": "nixpkgs", + "ukubot-rs": "ukubot-rs", "vscode-extensions": "vscode-extensions", "vscode-server": "vscode-server" } @@ -481,6 +500,28 @@ "type": "github" } }, + "rust-overlay_3": { + "inputs": { + "flake-utils": "flake-utils_3", + "nixpkgs": [ + "ukubot-rs", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1705371439, + "narHash": "sha256-P1kulUXpYWkcrjiX3sV4j8ACJZh9XXSaaD+jDLBDLKo=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "b21f3c0d5bf0f0179f5f0140e8e0cd099618bd04", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "rust-overlay", + "type": "github" + } + }, "systems": { "locked": { "lastModified": 1681028828, @@ -571,6 +612,45 @@ "type": "github" } }, + "systems_7": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "ukubot-rs": { + "inputs": { + "flake-parts": [ + "flake-parts" + ], + "nixpkgs": [ + "nixpkgs" + ], + "rust-overlay": "rust-overlay_3" + }, + "locked": { + "lastModified": 1706885691, + "narHash": "sha256-zFUVa4h12XJgCpsKhX5+CsJ+ngmNzwrHgj+LoziipUI=", + "owner": "uku3lig", + "repo": "ukubot-rs", + "rev": "121a9a212aae5625aea3bf8b646a1c45b0bd5d9b", + "type": "github" + }, + "original": { + "owner": "uku3lig", + "repo": "ukubot-rs", + "type": "github" + } + }, "utils": { "inputs": { "systems": "systems_3" @@ -592,7 +672,7 @@ "vscode-extensions": { "inputs": { "flake-compat": "flake-compat_3", - "flake-utils": "flake-utils_3", + "flake-utils": "flake-utils_4", "nixpkgs": [ "nixpkgs" ] @@ -613,7 +693,7 @@ }, "vscode-server": { "inputs": { - "flake-utils": "flake-utils_4", + "flake-utils": "flake-utils_5", "nixpkgs": [ "nixpkgs" ] diff --git a/flake.nix b/flake.nix index d0e0aff..d5762e0 100644 --- a/flake.nix +++ b/flake.nix @@ -55,6 +55,12 @@ inputs.nixpkgs.follows = "nixpkgs"; inputs.flake-parts.follows = "flake-parts"; }; + + ukubot-rs = { + url = "github:uku3lig/ukubot-rs"; + inputs.nixpkgs.follows = "nixpkgs"; + inputs.flake-parts.follows = "flake-parts"; + }; }; outputs = {flake-parts, ...} @ inputs: diff --git a/secrets/etna/ukubotRsEnv.age b/secrets/etna/ukubotRsEnv.age new file mode 100644 index 0000000..29648b8 --- /dev/null +++ b/secrets/etna/ukubotRsEnv.age @@ -0,0 +1,13 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBsd1M5ejJVNmFTSGcwR1pT +SWUvMVNRSnNGSGR6WFpjZDNHZVpheHdNYnlBCjVtbFNPL2FGVDJEdGVtaFlLMUFK +Smw0eXhvbStSeFJrTnNOdUgxbGp5Rk0KLT4gWDI1NTE5IGlYcGttMmUyYi9rYVZ6 +di9PK0xSTUpXOVRTckdlOFMwaWY1V3R4Vko4QzQKTGE5cnZtd2MzbnMvb3RyUGtp +Yk1DMkllS2R4bjBHbE9vYmJuL3k4Z2x1awotPiBYMjU1MTkgeUdCTkFLaWVNRWZV +TUFzdTk3L1dFZEs1V3JqNU9wdXlmdnRjaEJ1TlBqQQpHajJVNVFZd2lHZHdRSkZ3 +b0NXRGhrTU5UejJLMmVja3d5ODgvQVE1NUZJCi0tLSBKY3RqM052b3haVzNXc1I4 +SUZTaTZzSEhZZmgrZGkvbXBRdGFFZGRZL3NrCpKih9v0HxE509uL0VIPCOD5XLgm +UNzpfuxGDhzCMVagTlp0v/ra7yeZcYtpQVIkLxeGI0sgQyH/oytDCcNzOOmymaF8 +gOGuht94I+pPDQ1NtsKWSUMNWuf5JzY3VQ84O17XNMpcmr0sS7wLuPr/G7i86f+z +Kcs= +-----END AGE ENCRYPTED FILE----- diff --git a/secrets/secrets.nix b/secrets/secrets.nix index 31e28f7..0c675f0 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -15,4 +15,5 @@ in { "etna/rootPassword.age".publicKeys = main ++ [etna]; "etna/tunnelCreds.age".publicKeys = main ++ [etna]; "etna/apiRsEnv.age".publicKeys = main ++ [etna]; + "etna/ukubotRsEnv.age".publicKeys = main ++ [etna]; } diff --git a/systems/default.nix b/systems/default.nix index 343b6de..863a7ad 100644 --- a/systems/default.nix +++ b/systems/default.nix @@ -56,6 +56,7 @@ in { server ++ (with inputs; [ api-rs.nixosModules.default + ukubot-rs.nixosModules.default ]); }; }; diff --git a/systems/etna/default.nix b/systems/etna/default.nix index 5b4c1a6..d1868bf 100644 --- a/systems/etna/default.nix +++ b/systems/etna/default.nix @@ -9,6 +9,7 @@ }; apiRsEnv.file = "${path}/apiRsEnv.age"; + ukubotRsEnv.file = "${path}/ukubotRsEnv.age"; }; boot.loader.systemd-boot.enable = true; @@ -19,6 +20,11 @@ environmentFile = config.age.secrets.apiRsEnv.path; }; + ukubot-rs = { + enable = true; + environmentFile = config.age.secrets.ukubotRsEnv.path; + }; + cloudflared = { enable = true; tunnels."57f51ad7-25a0-45f3-b113-0b6ae0b2c3e5" = {