(T)im's N(ix) Flake, Multi-Host Configurations for all of my machines! 74k1.sh/
nixos nix
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

feat(secrets): more changes

74k1 9931f764 70f8b0e7

+8 -7
+1 -1
hosts/nixos/eiri/configuration.nix
··· 218 218 addSSL = true; 219 219 useACMEHost = "eiri.${allSecrets.global.domain1}"; 220 220 locations."/" = { 221 - proxyPass = "http://255.255.255.255:9000"; 221 + proxyPass = "http://${allSecrets.per_host.eiri.int_ip}:9000"; 222 222 proxyWebsockets = true; 223 223 }; 224 224 };
+2 -3
hosts/nixos/knights/configuration.nix
··· 124 124 crowdsec-firewall-bouncer = { 125 125 settings = { 126 126 api.server = { 127 - # SECRET 128 - api_key = "00000000"; 127 + api_key = "${allSecrets.per_host.kngihts.crowdsec.api_key}"; 129 128 }; 130 129 }; 131 130 }; ··· 206 205 "${domain0}" = { 207 206 addSSL = true; 208 207 enableACME = true; 209 - root = "/var/www/example.com/"; 208 + root = "/var/www/${domain0}/"; 210 209 }; 211 210 "vw.${domain0}" = { 212 211 enableACME = true;
+1 -1
modules/nixos/daemons/graylog/default.nix
··· 7 7 allSecrets, 8 8 ... 9 9 }: { 10 - # send logs to 255.255.255.255:1515 :) 10 + # send logs to ${allSecrets.per_host.eiri.int_ip}:1515 :) 11 11 services = { 12 12 graylog = { 13 13 enable = true;
+2 -1
modules/nixos/daemons/paperless/default.nix
··· 4 4 pkgs, 5 5 inputs, 6 6 outputs, 7 + allSecrets, 7 8 ... 8 9 }: { 9 10 age.secrets."paperless_pass" = { ··· 14 15 }; 15 16 services.paperless = { 16 17 enable = true; 17 - address = "255.255.255.255"; 18 + address = "${allSecrets.per_host.eiri.int_ip}"; 18 19 passwordFile = config.age.secrets."paperless_pass".path; 19 20 consumptionDirIsPublic = true; 20 21 consumptionDir = "/mnt/btrfs_pool/paperless/consumption";
+2 -1
modules/nixos/daemons/vpnconfinement/default.nix
··· 3 3 outputs, 4 4 config, 5 5 pkgs, 6 + allSecrets, 6 7 ... 7 8 }: { 8 9 imports = [ ··· 60 61 enable = true; 61 62 # rpc_file = ./yee.age ; # file path with ENV vars perhaps 62 63 RPC_USER="taki"; 63 - RPC_PASS="00000000"; 64 + RPC_PASS="${allSecrets.per_service.transmission.rpc-password}"; 64 65 }; 65 66 }; 66 67 };
secrets/secrets.nix.age

This is a binary file and will not be displayed.