oqyude/nixos
1
0
Fork 0
mirror of https://github.com/oqyude/nixos.git synced 2026-06-11 04:30:41 +03:00
Code Issues Packages Projects Releases Wiki Activity

123

Browse Source
This commit is contained in:
Jor Oqyude
2025-07-26 21:30:13 +03:00
parent d90d5483e1
commit 97d406fe7e
5 changed files with 35 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.sops.yaml
+1 -1
View File
@@ -3,5 +3,5 @@ keys:
creation_rules:
- path_regex: secrets/[^/]+\.(yaml|json|env|ini)$
key_groups:
age:
- age:
- *oqyude
devices/mini-pc.nix
+5
View File
@@ -24,6 +24,11 @@ let
self.homeConfigurations.root.nixosModule
];
sops = {
defaultSopsFile = ./secrets/example.yaml;
age.keyFile = "/var/lib/sops-nix/key.txt";
};
fileSystems = {
"${inputs.zeroq.dirs.therima-drive}" = {
device = "/dev/disk/by-uuid/C0A2DDEFA2DDEA44";
devices/server.nix
+5 -1
View File
@@ -8,7 +8,6 @@ let
...
}:
let
last-stable = import inputs.nixpkgs-last-unstable { system = "x86_64-linux"; };
in
{
@@ -26,6 +25,11 @@ let
self.homeConfigurations.server.nixosModule # home-manager configuration module
];
sops = {
defaultSopsFile = ./secrets/example.yaml;
age.keyFile = "/var/lib/sops-nix/key.txt";
};
boot = {
kernelPackages = pkgs.linuxPackages_xanmod_stable;
hardwareScan = true;
modules/server/nextcloud.nix
+5 -1
View File
@@ -6,6 +6,10 @@
...
}:
{
environment.etc."/sops-secrets/nextcloud/admin-pass" = {
text = sops.secrets.services.nextcloud.admin-pass;
mode = "0640"; # Права доступа к файлу (опционально)
};
services = {
# nextcloud-whiteboard-server = {
# enable = true;
@@ -26,7 +30,7 @@
#dbhost = "/run/postgresql";
dbname = "nextcloud";
adminuser = "oqyude";
adminpassFile = "${inputs.zeroq-credentials}/services/nextcloud/admin-pass.txt";
adminpassFile = "/etc/sops-nix/nextcloud/admin-pass"; # "${inputs.zeroq-credentials}/services/nextcloud/admin-pass.txt";
};
settings = {
appstoreEnable = false;
secrets/example.yaml
+18
View File
@@ -0,0 +1,18 @@
services:
nextcloud:
admin-pass: ENC[AES256_GCM,data:24E1tKwHxY94Cf+edRbvhL5J9G4=,iv:EbzcCdHnBvdW5CEapb/yGBE6lIi80BEp8HB2tMCM9oU=,tag:L5WthzTT5vNZim6n3DNOnQ==,type:str]
sops:
age:
- recipient: age13l2gtk0nzr484zprp7e0pkrt0ne0j4asyn2pjmlaw73nte7t7d8q4sqtxm
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzK0gvNnVtdUZjdWtZZ0Nq
M3lsbUEzQnl1NGNWQjJxaVlhU3VFRzEzdFdrCnpTSks3V3lxck12MnR4anlUOWpu
eGpFWVJ2WHhqQXlKNEZvU1RqS2VGUlUKLS0tIEZaTktZZWpPbmdaSDg2cGk5b2FS
MVpCNWpoUG9TdHBLUk9YZW05WXlCWm8K0he5wgWY21Csk1LlVbEVIe5x2hmYjUAb
5JpaydRfVjGZ9JBkn3GTEPhZwnK6tkZ9S7LWHL3/di3w0Js2DJ2OvQ==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-07-26T18:22:44Z"
mac: ENC[AES256_GCM,data:j8X6Q0SrCGRHZkNqZpEB5AMbjK1FLFH7/6/teYcQ+qwRNyeUkN4KZmQk2Xb/wZe9oFYpBqIKE+RxSf6E26WFVpLlUV9yEB4RnEapGRIXQz23hqRyiLvLtXcc0APJhF87tQw6VCghXv0j4x7c7EuOQm+wkfgI4p0OXwmTTazNero=,iv:inWHL4wEO4UXHDWkiFaTdzf8Uky2P2fJYaRXUURBrAA=,tag:3qgo38OYqE/d8OpzxUM2ww==,type:str]
unencrypted_suffix: _unencrypted
version: 3.10.2