uku/flake
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: uku:8fbb9fc4cae9f79cc32903735753abe2f3c89e70
Branches Tags
uku:main
...
compare: uku:2842058f23ed5a98732fd650f47824d13e9bb786
Branches Tags
uku:main

2 commits
8fbb9fc4ca ... 2842058f23

Author SHA1 Message Date
uku
2842058f23
fix(etna): set vmauth token again 
this is an ugly, hacky fix, waiting for a better solution
 2024-12-04 12:19:32 +01:00
uku
590cabff51
flake.lock: Update 
Flake lock file updates:

• Updated input 'api-rs':
    'github:uku3lig/api-rs/e62f892e625b8a9872d9cd7bc140f7a8962abd81?narHash=sha256-wt0T39BRtLafAy3%2BIlX4ZZ8%2BKiZNykm9CrYO9IwTvEk%3D' (2024-12-03)
  → 'github:uku3lig/api-rs/e4c38c04529ca5fff3f170b8eca728ce72cfa529?narHash=sha256-DhrFTYBw4dqS5ZQG9yoAUr/ibTkN3wKjgogU4I9W2a8%3D' (2024-12-04)
• Updated input 'home-manager':
    'github:nix-community/home-manager/70803283187c8f775ff561be4117e5b1a11b296e?narHash=sha256-TvDEljXVpgJ7mPLyh9KKJLZkOypF%2BLCkcvJq/jBz9MU%3D' (2024-12-04)
  → 'github:nix-community/home-manager/6c3a7a0b72c19ec994b85c57a1712d177bd809b2?narHash=sha256-o6wNhr1ONxMuBJUGC9v0hEjFdv5rN6XzHJEL/rQJLjA%3D' (2024-12-04)
• Updated input 'hydro':
    'github:jorgebucaran/hydro/9c93b89573bd722f766f2190a862ae55e728f6ba?narHash=sha256-QYq4sU41/iKvDUczWLYRGqDQpVASF/%2B6brJJ8IxypjE%3D' (2024-11-02)
  → 'github:jorgebucaran/hydro/7d0b895f8c82ee9b3710a038e0ac558d99941a72?narHash=sha256-KXch0JvfAfZfBgA8oXnYs6mRN417WvDoJN9EOZNZn10%3D' (2024-12-04)
• Updated input 'ukubot-rs':
    'github:uku3lig/ukubot-rs/35067c20002e73d766836e6c6fa79b8937c2fe59?narHash=sha256-rPqOllvleOnYJaMU%2Bzv%2BIn7b2pTncRyRnzG7xjTZk8A%3D' (2024-12-02)
  → 'github:uku3lig/ukubot-rs/02c6c93e4f6d2cdfcc585f34275a1863f9c8efc6?narHash=sha256-OAVSSpI6TBcu0Gr38JkD3AuO6hiEZFaB6zVy2iU9Zdg%3D' (2024-12-04)
 2024-12-04 11:01:27 +01:00
4 changed files with 33 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

24
flake.lock generated
View file

@ -37,11 +37,11 @@
]
},
"locked": {
"lastModified": 1733214974,
"narHash": "sha256-wt0T39BRtLafAy3+IlX4ZZ8+KiZNykm9CrYO9IwTvEk=",
"lastModified": 1733301261,
"narHash": "sha256-DhrFTYBw4dqS5ZQG9yoAUr/ibTkN3wKjgogU4I9W2a8=",
"owner": "uku3lig",
"repo": "api-rs",
"rev": "e62f892e625b8a9872d9cd7bc140f7a8962abd81",
"rev": "e4c38c04529ca5fff3f170b8eca728ce72cfa529",
"type": "github"
},
"original": {
@ -189,11 +189,11 @@
]
},
"locked": {
"lastModified": 1733299177,
"narHash": "sha256-TvDEljXVpgJ7mPLyh9KKJLZkOypF+LCkcvJq/jBz9MU=",
"lastModified": 1733304249,
"narHash": "sha256-o6wNhr1ONxMuBJUGC9v0hEjFdv5rN6XzHJEL/rQJLjA=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "70803283187c8f775ff561be4117e5b1a11b296e",
"rev": "6c3a7a0b72c19ec994b85c57a1712d177bd809b2",
"type": "github"
},
"original": {
@ -205,11 +205,11 @@
"hydro": {
"flake": false,
"locked": {
"lastModified": 1730549115,
"narHash": "sha256-QYq4sU41/iKvDUczWLYRGqDQpVASF/+6brJJ8IxypjE=",
"lastModified": 1733306048,
"narHash": "sha256-KXch0JvfAfZfBgA8oXnYs6mRN417WvDoJN9EOZNZn10=",
"owner": "jorgebucaran",
"repo": "hydro",
"rev": "9c93b89573bd722f766f2190a862ae55e728f6ba",
"rev": "7d0b895f8c82ee9b3710a038e0ac558d99941a72",
"type": "github"
},
"original": {
@ -412,11 +412,11 @@
]
},
"locked": {
"lastModified": 1733124015,
"narHash": "sha256-rPqOllvleOnYJaMU+zv+In7b2pTncRyRnzG7xjTZk8A=",
"lastModified": 1733301392,
"narHash": "sha256-OAVSSpI6TBcu0Gr38JkD3AuO6hiEZFaB6zVy2iU9Zdg=",
"owner": "uku3lig",
"repo": "ukubot-rs",
"rev": "35067c20002e73d766836e6c6fa79b8937c2fe59",
"rev": "02c6c93e4f6d2cdfcc585f34275a1863f9c8efc6",
"type": "github"
},
"original": {

17
secrets/etna/vmauthEnv.age Normal file
View file

@ -0,0 +1,17 @@
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBFZHdmMjdOTkFNZzY3UC83
d00xb3MwcmlSSGRtcVhYTWdWdUpsdmhQZ2xnCmE4Tkt0bzB4Z29lMTFMSzEvR0k4
VUlFVVY5RGdyaFJyS1pkc2g4VGY2VEUKLT4gWDI1NTE5IFY2SFdpdlIrYnBTd1ZX
STREdWZjQ3JOOThVNFBLRUtLUEViVnorcTJHeVUKcUJ4M09vaUlzKzM0QW5WOU0r
LzNGTEcyWEJlSnNud1h1VlJVY1VuV2dCYwotPiBYMjU1MTkgUENxTkhUSE5SUXZI
NE9SQkJTVU10RWp3YTc3d09zd05BT2ROSXhST3RVMApydlQxUjdKNkhrRG5HWVRk
eTF0QjBUVmJ4dndUbmFaZFUvM3JaZTE3djlnCi0+IFgyNTUxOSArZi9VM2dVMVRN
bjZxSk1FZlNoL0pLNFg4RGJ4Y1VlMEJGdkNTaHQyem5VCmVVaEdOQmhyOFpENWdN
WXBYN01YU0xESmMybHBocHZWTVJGc2YrZFpxdHcKLS0tIDdiTngrUHJCWU9PYVow
TVFVTUxrV1M5NFEwQzdUM0ZjMGVqaHhvM2hhbnMKlx7IO02Yx2u0jAXj/6qnUjF1
j87tucKv9X5YHkreU5u/C/x+NCvjR2SckJxJ8wDvhxeu/0WhkTWV2gG56kkf5BiT
QEA5UHkt157SIDM4FgH1VlmWr6lnhPdr+nQJB51BQNM70adOdY6qdmQ7BJ5W754G
BqnEKtZUQE+IV7esHNObKXnbkxf99KCiUxhGXHfbu/jdG/hCTBUbbEKpHGlot3xF
2XeVslCvdO49Jq24ae71fDo1/gbE2QKXgueBWU9jLXI96YCvRiqwIY7SqSz0Pr5O
bE9IRrs0rVQO
-----END AGE ENCRYPTED FILE-----

1
secrets/secrets.nix
View file

@ -30,4 +30,5 @@ in {
"etna/navidromeEnv.age".publicKeys = main ++ [etna];
"etna/forgejoRunnerSecret.age".publicKeys = main ++ [etna];
"etna/vaultwardenEnv.age".publicKeys = main ++ [etna];
"etna/vmauthEnv.age".publicKeys = main ++ [etna];
}

4
systems/etna/metrics.nix
View file

@ -6,10 +6,12 @@
}: let
vmcfg = config.services.victoriametrics;
secrets = _utils.setupSharedSecrets config {secrets = ["vmAuthToken"];};
vmauthEnv = _utils.setupSingleSecret config "vmauthEnv" {};
in {
imports = [
mystia.nixosModules.vmauth
secrets.generate
vmauthEnv.generate
];
cfTunnels = {
@ -59,7 +61,7 @@ in {
services.vmauth = {
enable = true;
listenAddress = "127.0.0.1:9089";
environmentFile = secrets.get "vmAuthToken";
environmentFile = vmauthEnv.path;
authConfig.users = [
{
bearer_token = "%{VM_AUTH_TOKEN}";