From 9704df774d37a0bb2193386b130298859b9fe22b Mon Sep 17 00:00:00 2001 From: m3tam3re Date: Mon, 13 Feb 2023 19:58:05 +0100 Subject: [PATCH] littlelink-m3tm3re + traefik env fix --- hosts/lkk-nix-1/default.nix | 9 ++------ .../services/containers/little-link.nix | 6 +++++ hosts/lkk-nix-1/services/traefik.nix | 21 +++++++++--------- secrets.nix | 2 ++ secrets/godaddy-api-key.age | 16 ------------- secrets/godaddy-api-secret.age | 16 ------------- secrets/traefik-env.age | Bin 0 -> 912 bytes 7 files changed, 21 insertions(+), 49 deletions(-) delete mode 100644 secrets/godaddy-api-key.age delete mode 100644 secrets/godaddy-api-secret.age create mode 100644 secrets/traefik-env.age diff --git a/hosts/lkk-nix-1/default.nix b/hosts/lkk-nix-1/default.nix index f8f1cbb..e287271 100644 --- a/hosts/lkk-nix-1/default.nix +++ b/hosts/lkk-nix-1/default.nix @@ -38,13 +38,8 @@ owner = "n8n"; }; - godaddy-api-key = { - file = ../../secrets/godaddy-api-key.age; - mode = "770"; - owner = "traefik"; - }; - godaddy-api-secret = { - file = ../../secrets/godaddy-api-secret.age; + traefik-env = { + file = ../../secrets/traefik-env.age; mode = "770"; owner = "traefik"; }; diff --git a/hosts/lkk-nix-1/services/containers/little-link.nix b/hosts/lkk-nix-1/services/containers/little-link.nix index e7a42cd..3214669 100644 --- a/hosts/lkk-nix-1/services/containers/little-link.nix +++ b/hosts/lkk-nix-1/services/containers/little-link.nix @@ -5,4 +5,10 @@ ports = [ "3010:3000" ]; extraOptions = [ "--ip=10.88.0.20" ]; }; + virtualisation.oci-containers.containers."littlelink_m3tam3re" = { + image = "ghcr.io/techno-tim/littlelink-server"; + environmentFiles = [ config.age.secrets.littlelink-lanakk-env.path ]; + ports = [ "3011:3000" ]; + extraOptions = [ "--ip=10.88.0.21" ]; + }; } diff --git a/hosts/lkk-nix-1/services/traefik.nix b/hosts/lkk-nix-1/services/traefik.nix index 17bb06f..06edfa1 100644 --- a/hosts/lkk-nix-1/services/traefik.nix +++ b/hosts/lkk-nix-1/services/traefik.nix @@ -59,6 +59,8 @@ [{ url = "http://localhost:3009/"; }]; littlelink-lanakk.loadBalancer.servers = [{ url = "http://localhost:3010/"; }]; + littlelink-m3tam3re.loadBalancer.servers = + [{ url = "http://localhost:3011/"; }]; }; routers = { api = { @@ -176,19 +178,18 @@ service = "littlelink-lanakk"; entrypoints = "websecure"; }; + littlelink-m3tm3re = { + rule = "Host(`links.m3tam3re.com`)"; + tls = { domains = "links.m3tam3re.com"; }; + service = "littlelink-m3tam3re"; + entrypoints = "websecure"; + }; }; }; }; }; - systemd.services.traefik.environment = { - GODADDY_API_KEY_FILE = config.age.secrets.godaddy-api-key.path; - GODADDY_API_SECRET_FILE = config.age.secrets.godaddy-api-secret.path; - }; # TODO put all the variables into an env file - systemd.services.traefik.postStart = '' - - /run/current-system/sw/bin/bash -c GODADDY_API_KEY=`cat $GODADDY_API_KEY_FILE` && export GODADDY_API_KEY - - /run/current-system/sw/bin/bash -c GODADDY_API_SECRET=`cat $GODADDY_API_SECRET_FILE` && export GODADDY_API_SECRET - ''; + systemd.services.traefik.serviceConfig = { + EnvironmentFile="${config.age.secrets.traefik-env.path}"; + }; } diff --git a/secrets.nix b/secrets.nix index 7c9f5e7..bd8aae3 100644 --- a/secrets.nix +++ b/secrets.nix @@ -16,4 +16,6 @@ in { "briefkasten-env.age".publicKeys = [ root ]; "littlelink-lanakk-env.age".publicKeys = [ root ]; + + "traefik-env.age".publicKeys = [ root ]; } diff --git a/secrets/godaddy-api-key.age b/secrets/godaddy-api-key.age deleted file mode 100644 index 4cb95f5..0000000 --- a/secrets/godaddy-api-key.age +++ /dev/null @@ -1,16 +0,0 @@ -age-encryption.org/v1 --> ssh-rsa DQlE7w -qGTWBFuZm/sDdGs+eE6L7RWjb5FtITdX8SI6TmkR03wtT8tQVNNOx/QGZGSXdaiU -IXSFIuV0Scp6xa8WMNusY3/7IhNGjVqLkC6Fq7UpmsRtCHMlATGs4vYVDkQ2wg/W -Zh2e6IOKJi4X1eTHNmVsrBueAVtwr3tZYG2aDMedse6YA2qaEfbfWIOVfbQABVhU -0DyCcws5Crf2ziLc2dGLR5PO89zhHPubwiBEtPLqFF8n+E9kSOQE+mcLzaTBIlRI -qoamyrIdzTtt8ucP2o32mc33gPR5c7X4orzCetgSXTU3N/AsQmUUV/Y0pUChR+FJ -ZfrXi6UY+b8JM68a53QXMaMntMZgR4rg6gKjP7idSoL3X8dHKWGADXTDpeqFjgPR -gdN6TfGKQShcYVFpmtcjz7ZyVa78FVHFGf4N7MWPkfdB6511WTgM1puWwAJyePpK -a4GoV2RaysZjYGtsUFHpyBzXi7YO+XUj1SmgYNIuV3S17soMnvVuynhhO/ay7RvL - --> L7R2f-grease 4ILC 'm6r ?@ IO7~E4: -8/3HXdMjZdytuWSIN4QsX5oxzZA3yAk9owoN/DctLHJY+o62Wx0ieX+oGiXQmQlq -2R9qyDQPVVsYlmUEwCcPTL6r9sU ---- xZbC6RcmS2NKOABU90HS9IxRX71dw2K4ezFqmQCx1Rc -|ݩ Gԩ& 5nD=!Sy*NwXAܻba\/S \ No newline at end of file diff --git a/secrets/godaddy-api-secret.age b/secrets/godaddy-api-secret.age deleted file mode 100644 index fbb49d6..0000000 --- a/secrets/godaddy-api-secret.age +++ /dev/null @@ -1,16 +0,0 @@ -age-encryption.org/v1 --> ssh-rsa DQlE7w -QkdCC22ZrirDnNc5SxzeXw8c5L3VRvvmv/xpegV3qi5Q/UmpjwSNin/i3/94UEKS -Ql8Vrgj8IC2xnWC+dj+pXgzAIqDIKlqdCsq2IwwjdlT9hezH+t+huQNYS2j7ppYn -Qgjo+bHMb0oDjxEP+ZMrXLIRmtE379aWGfBb2wzJyAxQBS7Hvqs7Gmc8ZUdklwjY -bN6AH7OKNRMUC8N9XenMkMHJ7IViu6XNfJvniPqsV0ZM1JY2icEdN4zAudo72iDa -1uw/s/CZQ07woZEE1bhJG7uPtRj7EIykAQyjkxkvCG3bIjXJKvkWT9BgPQu9U9ha -D5u2KSEamEZ7+RiLKSk6DkbBYXXed5KPBtGhGAe2BtJO3HocsE/zcPocQCGwT5Ga -FD576gRfkd+jEg6CSvuZH1ru/adGFbLG2/kbSVJyW2YtR7ViXsxQJcsBbI04XVyX -sc8iIBE7rwJCykIAMGaVa7xlk9a4p4nwgDuqAakehiUzMa9hnc9ib3oSFybt06EX - --> yY7{-grease HYjC1A [Am -4Gmr6n6e9AnqQbfjMcPTXxoAxOdsY79uXjoT2DhDWasp32p7NdHYBIhb1c4xqcg0 -d8rPIyeU/yh0WsrM ---- 72/rzIIngDXVFlG+nyrCHmztUGwU94DSShk+XIGOw08 -?zDHB +snǎ@hX{d9ZWv_p5.|0| \ No newline at end of file diff --git a/secrets/traefik-env.age b/secrets/traefik-env.age new file mode 100644 index 0000000000000000000000000000000000000000..4f4a03bdf1031cc08123ffd84d96bcb4c576e015 GIT binary patch literal 912 zcmWmCNvqrh003a|*-H*ZPl5-Tf_g9=vnMm9^pSn?vS*UntY9)(XOdZxylj2gD%k#j zqG%~7C@7+bCkVm=LG&P16fFhuRz0dGPo7+U!Uvxl1^r;N%-da=Y&S1#^9ZUCpns)T z6mdT<+#YA9JXHe)+>U(8^;fP`NgD4&!QMxdT^Ee6ackQS{}jcuVoWEyl^g{q2qC7C&N zokM7A00uc2&X3Y0S?8?NdUe8CzR)5=ab6hWl=i8SH|2Cn2;*uwVFQ(+$Mp=PmunDT z`Qsc01dsO!dzrFHt|MK!-Qw%W7&E$tWLxM)9pL{O zk@I}`%%&gZfm;MUW-`BYcB#@cBuPr;tNwjHG~Jamg^5>+pDi zii>n6l6a#@Q#tb;Y8ogIjMj|G`8bH%14*_)8Y(ADfsq}4Z08`k1X`|3;c9D*Lqg3f zXOEG3ik7=L&t0gNG{MtL+qYqDfke%eB)dA)5l2l$T<#R0-|zP_JSzr)#?ZPm|0-uUa6_RM&Fef9Q*SAM+m+v&ZhdiTG6 zS@`Gnh1YJ(9@f{tk