diff options
| author | Soispha <soispha@vhack.eu> | 2024-03-28 12:11:28 +0100 |
|---|---|---|
| committer | Soispha <soispha@vhack.eu> | 2024-03-29 22:55:35 +0100 |
| commit | 94b9ce350c1ee693a0823c0b1c49d2b796d677c2 (patch) | |
| tree | b2fbb6b5207d6e36cf16778e5a37c22a4879e2b4 | |
| parent | style(system/secrets): Sort `secret.nix` and `default.nix` alphabetically (diff) | |
| download | nixos-server-94b9ce350c1ee693a0823c0b1c49d2b796d677c2.tar.gz nixos-server-94b9ce350c1ee693a0823c0b1c49d2b796d677c2.zip | |
refactor(system/services/taskserver): Move away from git-crypt
| -rw-r--r-- | system/secrets/default.nix | 6 | ||||
| -rw-r--r-- | system/secrets/secrets.nix | 1 | ||||
| -rw-r--r-- | system/secrets/taskserver/systemd_tmpfiles.age | 17 | ||||
| -rw-r--r-- | system/services/taskserver/connected_users.nix | bin | 432 -> 0 bytes | |||
| -rw-r--r-- | system/services/taskserver/default.nix | 8 |
5 files changed, 28 insertions, 4 deletions
diff --git a/system/secrets/default.nix b/system/secrets/default.nix index 1393849..b763570 100644 --- a/system/secrets/default.nix +++ b/system/secrets/default.nix @@ -49,6 +49,12 @@ owner = "root"; group = "root"; }; + taskserverSystemdTmpfiles = { + file = ./taskserver/systemd_tmpfiles.age; + mode = "700"; + owner = "root"; + group = "root"; + }; }; }; } diff --git a/system/secrets/secrets.nix b/system/secrets/secrets.nix index b450955..21558e3 100644 --- a/system/secrets/secrets.nix +++ b/system/secrets/secrets.nix @@ -19,4 +19,5 @@ in { "matrix-synapse/passwd.age".publicKeys = allSecrets; "miniflux/admin.age".publicKeys = allSecrets; "taskserver/ca.age".publicKeys = allSecrets; + "taskserver/systemd_tmpfiles.age".publicKeys = allSecrets; } diff --git a/system/secrets/taskserver/systemd_tmpfiles.age b/system/secrets/taskserver/systemd_tmpfiles.age new file mode 100644 index 0000000..9ddb060 --- /dev/null +++ b/system/secrets/taskserver/systemd_tmpfiles.age @@ -0,0 +1,17 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB2dFg3YmpPeGVxTUoyREF3 +eWhObFJlTVh6K0pyZ3hBUWtNcXgvQ2NIZDJRCkI5K1JCM0VaazJjRmJ3Y0huZHY0 +eGhxOExlM2dqSGxPVlZKak9aQ2NrOG8KLT4gWDI1NTE5IGg5OW1FZ3pKeDBraDcx +MnN0UHBmdldVeDlmK1BoYVc2TUFNNytObmlSanMKUVcxcTRVMHFaenY3UEtkVkRN +VGZ1eVh2UDBqZXJtWkplcnpQQVV5dmFSRQotPiBzc2gtZWQyNTUxOSBPRDhUNGcg +RnRMVXB2aVpkL2VTZ21wb3h4SHFhbFJqV2pKcWVQRGJ3RDJBYWZ2RkkxZwpVcnNr +WVlXQ21Nc2NaUm5QbFhxWmticDE5ZmRmS0VRS0VScm9tUGs1N2lNCi0+IEdwPStW +TVd3LWdyZWFzZSBIciBIdnBbTjI1ClUyeTNTVWhFR2VuSjN5UVpBNDZzclVySUkx +L1NCUTZjMXU3YVlOVk05bFp6YjVFCi0tLSAyeGR3V29DNGszQ0IxU0wyOUxGYmM1 +U0xnTGI5a1pVWFR3THNNRHJOMXNrCh1RrcjPUulX7f1xrZUGoMobWnN6WovrgmeY +FoTo7+JkSedoCKkaDOyP25r4SJe7yUaLrVDUv+gf0KEi2+Bvfh4BIM2N/UsyMmOU +WiFh6UkhQLsePAtfIOd7yl7cDr3adVniulgRSryS1+WDY194BvEtEE/GIbhxAfUz +0Ef90Gp2uOHi3e3dVfy3/0d51Tci3KgWXcMCOe10i+sgnI59OVh6JAT4eykpfESJ +YgBnY45Us80JK1P2lTk8gkHTdvURe2PF4jm/a21XUvXdM7hBN4naSPK7v54at2MQ +xF5C1g== +-----END AGE ENCRYPTED FILE----- diff --git a/system/services/taskserver/connected_users.nix b/system/services/taskserver/connected_users.nix deleted file mode 100644 index 3955e48..0000000 --- a/system/services/taskserver/connected_users.nix +++ /dev/null Binary files differdiff --git a/system/services/taskserver/default.nix b/system/services/taskserver/default.nix index 79ba8ab..f51e52b 100644 --- a/system/services/taskserver/default.nix +++ b/system/services/taskserver/default.nix @@ -1,9 +1,9 @@ -{...}: let +{config, ...}: let taskStore = "/var/lib/taskserver"; in { - imports = [ - ./connected_users.nix - ]; + environment.etc = { + "tmpfiles.d/taskserver.conf".source = config.age.secrets.taskserverSystemdTmpfiles.path; + }; services.taskserver = { enable = true; pki.manual = { |