From 2f2ae6b983ab218675d45fbf32bb84529d477ce0 Mon Sep 17 00:00:00 2001 From: prescientmoon Date: Thu, 9 May 2024 03:33:22 +0200 Subject: [PATCH] Move to cloudflare dns --- home/features/cli/productivity/mail.nix | 2 +- home/features/wayland/hyprland/hyprland.conf | 3 +++ hosts/nixos/common/optional/services/acme.nix | 8 +++----- hosts/nixos/common/secrets.yaml | 7 +++---- hosts/nixos/lapetus/default.nix | 2 +- 5 files changed, 11 insertions(+), 11 deletions(-) diff --git a/home/features/cli/productivity/mail.nix b/home/features/cli/productivity/mail.nix index ba4c64b..5e50214 100644 --- a/home/features/cli/productivity/mail.nix +++ b/home/features/cli/productivity/mail.nix @@ -57,7 +57,7 @@ neomutt.enable = true; }; # }}} - # {{{ Email client + # {{{ Neomutt neomutt = { enable = true; sendMailCommand = "msmtpq --read-envelope-from --read-recipients"; diff --git a/home/features/wayland/hyprland/hyprland.conf b/home/features/wayland/hyprland/hyprland.conf index 63a8605..5e08334 100644 --- a/home/features/wayland/hyprland/hyprland.conf +++ b/home/features/wayland/hyprland/hyprland.conf @@ -46,6 +46,9 @@ animations { # Execute apps at launch exec-once = wezterm & firefox & discocss & spot & obsidian & obsidiantui & smosgui +# Without this, xdg-open doesn't work +exec = systemctl --user import-environment PATH && systemctl --user restart xdg-desktop-portal.service + # {{{ Window rules # {{{ Automatically move stuff to workspaces windowrulev2 = workspace 2 silent, title:^(.*Firefox.*)$ diff --git a/hosts/nixos/common/optional/services/acme.nix b/hosts/nixos/common/optional/services/acme.nix index 2edfc4b..ef55b3f 100644 --- a/hosts/nixos/common/optional/services/acme.nix +++ b/hosts/nixos/common/optional/services/acme.nix @@ -1,16 +1,14 @@ { config, ... }: { - sops.secrets.porkbun_api_key.sopsFile = ../../secrets.yaml; - sops.secrets.porkbun_secret_api_key.sopsFile = ../../secrets.yaml; + sops.secrets.cloudflare_dns_api_token.sopsFile = ../../secrets.yaml; sops.templates."acme.env".content = '' - PORKBUN_API_KEY=${config.sops.placeholder.porkbun_api_key} - PORKBUN_SECRET_API_KEY=${config.sops.placeholder.porkbun_secret_api_key} + CF_DNS_API_TOKEN=${config.sops.placeholder.cloudflare_dns_api_token} ''; security.acme.acceptTerms = true; security.acme.defaults = { email = "acme@moonythm.dev"; - dnsProvider = "porkbun"; + dnsProvider = "cloudflare"; environmentFile = config.sops.templates."acme.env".path; }; diff --git a/hosts/nixos/common/secrets.yaml b/hosts/nixos/common/secrets.yaml index dddc0cc..80f8f66 100644 --- a/hosts/nixos/common/secrets.yaml +++ b/hosts/nixos/common/secrets.yaml @@ -1,7 +1,6 @@ wireless: ENC[AES256_GCM,data:Ib0PdBd2r/DPyE6Ah9NffT8Tw8c2y+seGFrE0e9GkyRaStdYMiiIlWCiaBO0u1HHaVV+2MQ33MnMdqyCGRlqGk45kl0GIwVR5iAiSYnobj/6wcse+kx/+5mzNOHXD1kJRGJBm5+SN9ntiGABNkQXJdn/Qoc/ukY1uaGe2nBeFKmGdD9JL7KfgdI5jYjQYyDbCL9JUszxkXNcplIRBAAy8JDaBVeo9HgI0QDIZToPKwuEeQoA9XzdimrjbCazlZy3ZvjAuoQXmrc1nIRHF5GabSRGTFTnTfcBeW2fGpUxmIhLyucn2DIQBXLm+RDdMLWoqcGbKiLVqKyUXck3ZZyoHMf2b9N52xMUwcS7,iv:ozkDwWmurWTD8TZHGvWL9Yh8cOrP1PzSBkz+1bBZybo=,tag:iGPjRaOoGRcOWJMweTL2yA==,type:str] adrielus_password: ENC[AES256_GCM,data:lREgbcKwzAJQ3PPTWt7LXmgAsrKFCN+baQx4Q2YrHlu16yvKpmaZzPHJ/C5IjucUNbdceTs6Ef99IWzju0d8Hl5Z5UTMspYIhQ==,iv:JqnL3zfCd/xMRqTciA/Q6nYmFKzJkBqda4zucsE5KFw=,tag:RGZ/0/NEpdchj9h/l3Z7Ig==,type:str] -porkbun_api_key: ENC[AES256_GCM,data:cWUk5+JEnI7dhVskK4Gr2oBJWcbmnsTiuEaXhDupRfDJheI5ySh7rVnvOZn7lJ7toqq6HW0qZ6WZES721Mc90khq1IM=,iv:IaaYv/RrZm+iUmvm5vc1CMX6JBicGh4RV8d4bhX/Xfw=,tag:kRG5tUsKlEAm9pGFP4UuSA==,type:str] -porkbun_secret_api_key: ENC[AES256_GCM,data:doWMi6+3CNGd0y49jqtzRbzzxlVQR59CFo/1XSLiBx/mjJBL0WLfJEmtY9ZWVfwdmoY8TQuWBgizutexRhdc32OY6TA=,iv:v3z9viXTcI4VvIUB1INGlVaahQty4xt+VPLv9QnGivQ=,tag:cIzSwu1nrvvWmyvBlueGsA==,type:str] +cloudflare_dns_api_token: ENC[AES256_GCM,data:SAIMCvKOpGb5g9s03Xapc08KpOgLI+qlT5oiH/uNGxV+9JFSX3nvmQ==,iv:HFKcmHRG4EEOuJ8gRD0ZWsE18SLaZjewMSLznboLUeI=,tag:z21GURSxvNmZ4qkbri9mDQ==,type:str] sops: kms: [] gcp_kms: [] @@ -35,8 +34,8 @@ sops: WFd4ZFNHWG5Cakw5cU9MRE9HWHQ4THMKr/S7v1Oj3zQziMtI/NuFVm6AaJF5JV5U sEr2nEptYFz4G6YL5psQGXHaKzQKBg+crgKRbYL4akhqT7pfYPC0bQ== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-04-07T09:55:54Z" - mac: ENC[AES256_GCM,data:I7FNDroWbk612o2lqM837fDivrb17AqJctIrtYM+GTlqtpPH6yUB8QFGt1NLB/btuwAICN+8C8zrnlhp9Hi3SUoXgcS8UFUHZ19a0Nzy8Ae1JYhej5BQq+prl9P9K1sVDUkJPJY9+iHW8NBtLKP74RlC6wnYLYIknVqawFXo+/A=,iv:jG9d0eIsiOYykiuKzwMRV6mtgMPTw/hnwE96oE0TEoA=,tag:gO7kvxnEvEJf4HFC46QMig==,type:str] + lastmodified: "2024-05-09T01:31:33Z" + mac: ENC[AES256_GCM,data:W7sfnSzxLNAjdLtgwIlYhjaxa3gobh8El/cVggJTOiJVm1bC5TdLd0rUSh7J0UkvGj/lfPYjDDtYayaf09pjo8vLrZvH1SIy5wVF0ggcLM0tJxVqV8MDS+5pdUJiDOTfMiX1hyMBRH+N75PIqUMCte5x2zJg/79JMjch+E3NmA8=,iv:OAlKpC/2pz0ilwCNaBTsqTR/wNz6ZIVDgohDT8RvE5Y=,tag:VFAgHyr+DiWEeGaCSCh6og==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.8.1 diff --git a/hosts/nixos/lapetus/default.nix b/hosts/nixos/lapetus/default.nix index 15fd12b..ead812f 100644 --- a/hosts/nixos/lapetus/default.nix +++ b/hosts/nixos/lapetus/default.nix @@ -19,10 +19,10 @@ ./services/invidious.nix ./services/diptime.nix ./services/radicale.nix - ./services/ddclient.nix ./services/redlib.nix ./services/jellyfin.nix ./services/qbittorrent.nix + # ./services/ddclient.nix ./filesystems ./hardware ];