m3tam3re
/
nix-configurations
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

added secrets via agenix for baserow container

This commit is contained in:
m3tam3re 2023-01-19 10:56:59 +01:00
parent a453346e4d
commit 223e533acf
4 changed files with 19 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
flake.nix
View File

@ -24,7 +24,7 @@ nixosConfigurations = {
specialArgs = { inherit inputs; };
modules = [
./hosts/lkk-nix-1
agenix.nixosModules.age
agenix.nixosModule
];
};
}; homeConfigurations = {

10
hosts/lkk-nix-1/default.nix
View File

@ -14,7 +14,7 @@
services.openssh.passwordAuthentication = false;
networking = {
hostName = "lkk-nix-1";
firewall.enable = true;
firewall.enable = false;
firewall.allowedTCPPortRanges = [{
from = 3000;
to = 3100;
@ -26,6 +26,14 @@
} ];
};
age = {
secrets = {
mj-smtp-user.file = ../../secrets/mj-smtp-user.age;
mj-smtp-pass.file = ../../secrets/mj-smtp-pass.age;
};
identityPaths = [ "/home/m3tam3re/.ssh/lkk-nix-1" ];
};
nix = {
gc = {
automatic = true;

8
hosts/lkk-nix-1/services/containers/baserow.nix
View File

@ -1,9 +1,13 @@
{
{ config, outputs, ...}: {
virtualisation.oci-containers.containers."baserow" = {
image = "docker.io/baserow/baserow:1.13.3";
environment = {
BASEROW_PUBLIC_URL = "https://db.lanakk.com";
EMAIL_SMTP = "in-v3.mailjet.com";
EMAIL_SMTP_HOST = "in-v3.mailjet.com";
EMAIL_SMTP_PORT = "587";
EMAIL_SMTP_USER = config.age.secrets.mj-smtp-user.path;
EMAIL_SMTP_PASSWORD = config.age.secrets.mj-smtp-pass.path;
};
ports = [ "3001:80" ];
volumes = [ "baserow_data:/baserow/data" ];

6
secrets.nix
View File

@ -1,6 +1,6 @@
let
m3tam3re = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC3YEmpYbM+cpmyD10tzNRHEn526Z3LJOzYpWEKdJg8DaYyPbDn9iyVX30Nja2SrW4Wadws0Y8DW+Urs25/wVB6mKl7jgPJVkMi5hfobu3XAz8gwSdjDzRSWJrhjynuaXiTtRYED2INbvjLuxx3X8coNwMw58OuUuw5kNJp5aS2qFmHEYQErQsGT4MNqESe3jvTP27Z5pSneBj45LmGK+RcaSnJe7hG+KRtjuhjI7RdzMeDCX73SfUsal+rHeuEw/mmjYmiIItXhFTDn8ZvVwpBKv7xsJG90DkaX2vaTk0wgJdMnpVIuIRBa4EkmMWOQ3bMLGkLQeK/4FUkNcvQ/4+zcZsg4cY9Q7Fj55DD41hAUdF6SYODtn5qMPsTCnJz44glHt/oseKXMSd556NIw2HOvihbJW7Rwl4OEjGaO/dF4nUw4c9tHWmMn9dLslAVpUuZOb7ykgP0jk79ldT3Dv+2Hj0CdAWT2cJAdFX58KQ9jUPT3tBnObSF1lGMI7t77VU=";
root = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC3YEmpYbM+cpmyD10tzNRHEn526Z3LJOzYpWEKdJg8DaYyPbDn9iyVX30Nja2SrW4Wadws0Y8DW+Urs25/wVB6mKl7jgPJVkMi5hfobu3XAz8gwSdjDzRSWJrhjynuaXiTtRYED2INbvjLuxx3X8coNwMw58OuUuw5kNJp5aS2qFmHEYQErQsGT4MNqESe3jvTP27Z5pSneBj45LmGK+RcaSnJe7hG+KRtjuhjI7RdzMeDCX73SfUsal+rHeuEw/mmjYmiIItXhFTDn8ZvVwpBKv7xsJG90DkaX2vaTk0wgJdMnpVIuIRBa4EkmMWOQ3bMLGkLQeK/4FUkNcvQ/4+zcZsg4cY9Q7Fj55DD41hAUdF6SYODtn5qMPsTCnJz44glHt/oseKXMSd556NIw2HOvihbJW7Rwl4OEjGaO/dF4nUw4c9tHWmMn9dLslAVpUuZOb7ykgP0jk79ldT3Dv+2Hj0CdAWT2cJAdFX58KQ9jUPT3tBnObSF1lGMI7t77VU=";
in {
"mj-smtp-user.age".publicKeys = [ m3tam3re ];
"mj-smtp-pass.age".publicKeys = [ m3tam3re ];
"mj-smtp-user.age".publicKeys = [ root ];
"mj-smtp-pass.age".publicKeys = [ root ];
}