prescientmoon/satellite
1
Fork 0
Code Activity

Fix smos setup conflicting with vaultwarden

Browse source
This commit is contained in:
Matei Adriel 2024-02-12 19:02:56 +01:00
parent 735f0c1d9d
commit c1d486fffa
No known key found for this signature in database
5 changed files with 27 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
flake.lock
View file

@ -2799,11 +2799,11 @@
"yesod-static-remote": "yesod-static-remote_2" "yesod-static-remote": "yesod-static-remote_2"
}, },
"locked": { "locked": {
"lastModified": 1707756524, "lastModified": 1707760469,
"narHash": "sha256-6A1nR0w+N5nEiVwknUihrqRmplo/63gagSEQZ3ktLVE=", "narHash": "sha256-iTCnqUS0WouA4HEXsS7A60fUpgWTFmQiiKox0q9Qa7E=",
"owner": "Mateiadrielrafael", "owner": "Mateiadrielrafael",
"repo": "smos", "repo": "smos",
"rev": "99ed45b8dc0aa065617361373970497f639799ee", "rev": "d4f0f17c72d4c12e45f37ad3cb6f5042affc8ee5",
"type": "github" "type": "github"
}, },
"original": { "original": {

5
home/features/cli/productivity/secrets.yaml
View file

@ -1,5 +1,6 @@
smos_github_token: ENC[AES256_GCM,data:kqy5mQf96DoPN1iEt2akJWFfD3IJWdSkvZa0MeAyF0WJ/+V5P5C4iQ==,iv:QwmIdV/vzGTLE89XJVi3prgfmXqRa/OYcp9CA7KJDYc=,tag:+S1EZBcxoOQO2ADjDx9STQ==,type:str] smos_github_token: ENC[AES256_GCM,data:kqy5mQf96DoPN1iEt2akJWFfD3IJWdSkvZa0MeAyF0WJ/+V5P5C4iQ==,iv:QwmIdV/vzGTLE89XJVi3prgfmXqRa/OYcp9CA7KJDYc=,tag:+S1EZBcxoOQO2ADjDx9STQ==,type:str]
intray_password: ENC[AES256_GCM,data:lTCLWSZIk93LhzHJ/ymc,iv:NcmCK3raatp25cKY6GrlL9hiuJp4HGzVNk/eWqDoobo=,tag:v1dirckcNXJjATvMikfNYw==,type:str] intray_password: ENC[AES256_GCM,data:lTCLWSZIk93LhzHJ/ymc,iv:NcmCK3raatp25cKY6GrlL9hiuJp4HGzVNk/eWqDoobo=,tag:v1dirckcNXJjATvMikfNYw==,type:str]
smos_password: ENC[AES256_GCM,data:s+WuVJpe+bSZ7IPYKqA=,iv:fH4k1VTxkcgBwabX7TwZFu1bdWtinK8vug71xa0PiSo=,tag:epqGvDj5pfh9IVLFQLcifA==,type:str]
vaultwarden_env: ENC[AES256_GCM,data:dKAkO1pckFVpuN3srD99aGln8fhT69ZNCO1QbdfyJMHlypyNX3YOReR7BoAeDK5DYGRs//8/PLPynRzKPAICng7+yfNDsHHzaF+QNpY=,iv:oNntDA4cXlg5gbTZwqnpyx5nGkYzmLvds5BsAdpdUdc=,tag:IXYS+CKnVb9ZfBm/zcG3JA==,type:str] vaultwarden_env: ENC[AES256_GCM,data:dKAkO1pckFVpuN3srD99aGln8fhT69ZNCO1QbdfyJMHlypyNX3YOReR7BoAeDK5DYGRs//8/PLPynRzKPAICng7+yfNDsHHzaF+QNpY=,iv:oNntDA4cXlg5gbTZwqnpyx5nGkYzmLvds5BsAdpdUdc=,tag:IXYS+CKnVb9ZfBm/zcG3JA==,type:str]
sops: sops:
kms: [] kms: []
@ -16,8 +17,8 @@ sops:
Y2E3bmM1TkZoOEN0anJqYUNSQUN5ZDAKtobUBBKbfaUeiPtKN4/oTNaxY3C2joCK Y2E3bmM1TkZoOEN0anJqYUNSQUN5ZDAKtobUBBKbfaUeiPtKN4/oTNaxY3C2joCK
8h4FlRLXd+CGnAyjN2p4FliWzLgmOg4HFNmZSmYLpIh4E9yqadNSSg== 8h4FlRLXd+CGnAyjN2p4FliWzLgmOg4HFNmZSmYLpIh4E9yqadNSSg==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2024-02-03T13:51:00Z" lastmodified: "2024-02-12T17:57:29Z"
mac: ENC[AES256_GCM,data:m1q618alC6N3eImV20vQNQkzt2QX4haAQcD9nM4hG8GZPVxwiC7m3wmspqfquCBgFuwZ/MbD+FJnBaNJedh39LO5jahO6dp/uWxg/Kbm+3xNua47R7Ivolcp8hhU1YBMSPJpC8gdlLq4O3Wedcp0Z6fpzCMXvuaaNkiJ/e5jsxQ=,iv:6Fb4YKE4Td2bbyVNpomEdEEJ21/LXwEzPyTyOGqB76M=,tag:4a/qHFs5sHGaSJPdNbX64g==,type:str] mac: ENC[AES256_GCM,data:Ggc4CJuCxQM6vYR8BvCQsPX0dKOAi0TqiHlRgANFaP++d8er5Qz2JIsggwpmABt2E1ueZVY08DNgtg6GQYJDtC5rYzdj0b2kWrfy3NUMh9UAaqxRhcFi8W1Rhn2tQEEf+JRx1hW2yCkqoBvAzzmb+WOM4yS/Fr3IBpPO2jaerrM=,iv:dUqDjN9KHm9yGXs9dO+FkZBzmaHT1UjFoiUjwuzFz88=,tag:LbSy8jFFp2HjBkq3W0zbfQ==,type:str]
pgp: [] pgp: []
unencrypted_suffix: _unencrypted unencrypted_suffix: _unencrypted
version: 3.8.1 version: 3.8.1

9
home/features/cli/productivity/smos/default.nix
View file

@ -2,6 +2,8 @@
let workflowDir = "${config.home.homeDirectory}/productivity/smos"; let workflowDir = "${config.home.homeDirectory}/productivity/smos";
in in
{ {
sops.secrets.smos_password.sopsFile = ./secrets.yaml;
# {{{ Smos config # {{{ Smos config
programs.smos = { programs.smos = {
inherit workflowDir; inherit workflowDir;
@ -9,6 +11,13 @@ in
enable = true; enable = true;
notify.enable = true; notify.enable = true;
sync = {
enable = true;
server-url = "api.smos.moonythm.dev";
username = "prescientmoon";
password-file = config.sops.secrets.smos_password.path;
};
github = { github = {
enable = true; enable = true;
oauth-token-file = config.sops.secrets.smos_github_token.path; oauth-token-file = config.sops.secrets.smos_github_token.path;

12
hosts/nixos/lapetus/services/smos.nix
View file

@ -23,6 +23,7 @@ in
# {{{ Docs server # {{{ Docs server
docs-site = { docs-site = {
enable = true; enable = true;
openFirewall = false;
port = docsPort; port = docsPort;
api-url = https apiHost; api-url = https apiHost;
web-url = https webHost; web-url = https webHost;
@ -31,6 +32,7 @@ in
# {{{ Api server # {{{ Api server
api-server = { api-server = {
enable = true; enable = true;
openFirewall = false;
port = apiPort; port = apiPort;
admin = username; admin = username;
@ -42,6 +44,7 @@ in
# {{{ Web server # {{{ Web server
web-server = { web-server = {
enable = true; enable = true;
openFirewall = false;
port = webPort; port = webPort;
docs-url = https docsHost; docs-url = https docsHost;
api-url = https apiHost; api-url = https apiHost;
@ -52,8 +55,15 @@ in
# }}} # }}}
# {{{ Networking & storage # {{{ Networking & storage
services.nginx.virtualHosts.${docsHost} = config.satellite.proxy docsPort { }; services.nginx.virtualHosts.${docsHost} = config.satellite.proxy docsPort { };
services.nginx.virtualHosts.${apiHost} = config.satellite.proxy apiPort { };
services.nginx.virtualHosts.${webHost} = config.satellite.proxy webPort { }; services.nginx.virtualHosts.${webHost} = config.satellite.proxy webPort { };
services.nginx.virtualHosts.${apiHost} = config.satellite.proxy apiPort {
proxyWebsockets = true;
# Just to make sure we don't run into 413 errors on big syncs
extraConfig = ''
client_max_body_size 0;
'';
};
environment.persistence."/persist/state".directories = [ environment.persistence."/persist/state".directories = [
"/www/smos/production" "/www/smos/production"

2
hosts/nixos/lapetus/services/vaultwarden.nix
View file

@ -1,6 +1,6 @@
{ config, ... }: { config, ... }:
let let
port = 8404; port = 8406;
host = "warden.moonythm.dev"; host = "warden.moonythm.dev";
in in
{ {