Merge branch '#35_add_nextcloud' into 'main'

Add nextcloud

Closes #38 and #46

See merge request compsoc1/skynet/nixos!24
This commit is contained in:
silver 2023-10-25 18:53:32 +00:00
commit 633f5b4525
25 changed files with 259 additions and 67 deletions

View file

@ -11,4 +11,5 @@ SKYNET00009,gir,193.1.99.76,gir/mail/imap/pop3/smtp,80/443 25/143/993/587/465,""
SKYNET00010,wheatly,193.1.99.78,wheatly,"","","",Gitlab Runner SKYNET00010,wheatly,193.1.99.78,wheatly,"","","",Gitlab Runner
SKYNET00011,earth,193.1.99.79,earth,80/443,"",i23-06-19_525,Offical website host SKYNET00011,earth,193.1.99.79,earth,80/443,"",i23-06-19_525,Offical website host
SKYNET00012,skynet,193.1.96.165,skynet,22 80/443,"",i23-06-30_024,Skynet server. (DMZ) SKYNET00012,skynet,193.1.96.165,skynet,22 80/443,"",i23-06-30_024,Skynet server. (DMZ)
SKYNET00013,neuromancer,193.1.99.80,neuromancer,"","","",Local Backup Server SKYNET00013,neuromancer,193.1.99.80,neuromancer,"","","",Local Backup Server
SKYNET00014,cadie,193.1.99.77,cadie,"","80/443","","Services VM, has nextcloud to start with"
1 Index Name IP_Address DNS_Name Ports_Current Ports_Requested Related_Tickets Description
11 SKYNET00010 wheatly 193.1.99.78 wheatly Gitlab Runner
12 SKYNET00011 earth 193.1.99.79 earth 80/443 i23-06-19_525 Offical website host
13 SKYNET00012 skynet 193.1.96.165 skynet 22 80/443 i23-06-30_024 Skynet server. (DMZ)
14 SKYNET00013 neuromancer 193.1.99.80 neuromancer Local Backup Server
15 SKYNET00014 cadie 193.1.99.77 cadie 80/443 Services VM, has nextcloud to start with

View file

@ -0,0 +1,97 @@
{
config,
lib,
pkgs,
...
}:
with lib; let
cfg = config.services.skynet_nextcloud;
domain = "${cfg.domain.sub}.${cfg.domain.base}.${cfg.domain.tld}";
in {
imports = [
./acme.nix
./dns.nix
./nginx.nix
];
options.services.skynet_nextcloud = {
enable = mkEnableOption "Skynet Nextcloud";
host = {
ip = mkOption {
type = types.str;
};
name = mkOption {
type = types.str;
};
};
domain = {
tld = mkOption {
type = types.str;
default = "ie";
};
base = mkOption {
type = types.str;
default = "skynet";
};
sub = mkOption {
type = types.str;
default = "nextcloud";
};
};
};
config = mkIf cfg.enable {
# shove the entire config file into secrets
age.secrets.nextcloud_admin_pass = {
file = ../secrets/nextcloud/pw.age;
owner = "nextcloud";
group = "nextcloud";
};
skynet_acme.domains = [
domain
];
skynet_dns.records = [
{
record = cfg.domain.sub;
r_type = "CNAME";
value = cfg.host.name;
}
];
# /var/lib/nextcloud/data
services.nextcloud = {
enable = true;
package = pkgs.nextcloud27;
hostName = domain;
https = true;
config = {
trustedProxies = ["193.1.99.65"];
adminpassFile = config.age.secrets.nextcloud_admin_pass.path;
};
extraApps = with config.services.nextcloud.package.packages.apps; {
inherit files_markdown files_texteditor forms groupfolders mail maps news notes onlyoffice polls;
};
extraOptions = {
mail_smtpmode = "sendmail";
mail_sendmailmode = "pipe";
};
};
services.nginx.virtualHosts.${domain} = {
forceSSL = true;
useACMEHost = "skynet";
};
};
}

View file

@ -149,6 +149,9 @@
# Main skynet sites # Main skynet sites
earth = import ./machines/earth.nix; earth = import ./machines/earth.nix;
# Nextcloud
cadie = import ./machines/cadie.nix;
}; };
}; };
} }

62
machines/cadie.nix Normal file
View file

@ -0,0 +1,62 @@
/*
Name: https://en.wikipedia.org/wiki/List_of_Google_April_Fools%27_Day_jokes#CADIE
Why: CADIE is what google could have been, but they chickened out.
Type: VM
Hardware: -
From: 2023
Role: Google but better
Notes:
*/
{
pkgs,
lib,
nodes,
...
}: let
# name of the server, sets teh hostname and record for it
name = "cadie";
ip_pub = "193.1.99.77";
hostname = "${name}.skynet.ie";
in {
imports = [
../applications/nextcloud.nix
];
deployment = {
targetHost = hostname;
targetPort = 22;
targetUser = null;
tags = ["active"];
};
skynet_dns.records = [
{
record = name;
r_type = "A";
value = ip_pub;
server = true;
}
{
record = ip_pub;
r_type = "PTR";
value = hostname;
}
];
services.skynet_backup = {
host = {
ip = ip_pub;
name = name;
};
};
services.skynet_nextcloud = {
enable = true;
host = {
ip = ip_pub;
name = name;
};
};
}

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

View file

@ -1,30 +1,32 @@
age-encryption.org/v1 age-encryption.org/v1
-> ssh-ed25519 V1pwNA 7OinLTy3CHe0fv+wn4I4r7XTjFIgpqaF983xcKufp1Y -> ssh-ed25519 V1pwNA nG0AHa3H4vfygTEQoAHfY30CjOpmj1ffPOpCAJ3vmBk
PNWGUW2+ydp1SJpCmZ0bYES25NyeqMd4311C+KzQY9I Qut0rBmGYPJHaOdTWCOy5JML4NKCtlUIqTXmcXKSxZU
-> ssh-ed25519 4PzZog S3Jdr3hKEUCGd5kVmrXPzH0noDojlOLXUQztFOVKiTQ -> ssh-ed25519 4PzZog I5+i0lkVwbzG+sqGrCReuHzsU19tLi1SboqPPBD4HGY
aHvIGFTQOos0tpXydA1cK0Tl1DsZ2W4rZwmKCiGrvVo HrdFS0QOc3lOVe7iYxsm7akT768+SaligBdmCNKGL5s
-> ssh-ed25519 5Nd93w kphOQeav7SsKFG2+41oUKTmcZHLz07AKAD3hqAA7MnM -> ssh-ed25519 5Nd93w 0R8EQvW2DzhhMETLXuC0I/b3QG4FdAojUhgCjl1veBw
wTQqiV4QCofagXA1SrhWPp0s4XW/ScnwKMacQ05fc98 BpPZd7qhqZK6ERYKGnu5NMf1nPZqM9uc3T6rQaCPuwU
-> ssh-ed25519 q8eJgg JDYDwG3w/WkkxLJ88jdPxCHepmG6OlKAmsT96usBgEA -> ssh-ed25519 q8eJgg Fb8LVHNk+tqj6mI/TwfcgJndt7/L9CZoZTTGX4hCuXg
1tYSoNO/j9OfuAM3wFajwx6OeQQJ9uNRUZ51f/QJ9dE /BnYhtGfNVtrICX1Sfa2o7h8RDZm6fmL6dyNUIMLXEU
-> ssh-ed25519 XSrA6w Cfgv0AMGP22ZAf9bf7Kf/5nAQIPigaiGrywmSqEKRUI -> ssh-ed25519 XSrA6w LcEe4qfLXeWbPBHhYYhMuah0r11aviPO0tmaV/P/TzA
gn/LU1awTpRfVDsxgK4U0dzPAcS3ki5rHZutx4R4QiY UlQ62w7iYlAkV2JDZdmBHuOFt/emPOb26l45RPSNKXg
-> ssh-ed25519 DVzSig c310oeJByvipMAsbARI/1BFbYLKnLridWioi7gPsJ2w -> ssh-ed25519 DVzSig nK/TTAP8vl4Q6ltd96AJoFV78jXKqEagNrrA/SDC6l4
l8QxxrCbT9U8Tt5DqQimf9WmBGzx2BnMRHzSrEGy7bc 1lYKWXfP+LAxPRObq1VWvZqdJZi7DijikoGzjT8JEEA
-> ssh-ed25519 SqDBmA zwOw8Ga5zH5Odpq0V9l52NHXz9g/WDup/PzhG1rBnls -> ssh-ed25519 SqDBmA T9qOjPSZr44EdtGjz88G+qNwIwEkgKNtJm9lfMBu5Hk
i1GDNfHfEVEhDDUgAWLjd2Wr7Lk0bpukYg5s1qGAOgg 7+qN1Uf/a1Bs9o5YyO6OsaC+F+odkfFnn9MYo04QxPU
-> ssh-ed25519 UE6fcQ /E9VzRFwhzx2S09XzWde5xzrFJHjK55hCr5swCNgjHc -> ssh-ed25519 UE6fcQ +VsGwaWJ0QuBfSBOO9fHpYXXVJin5c/1F+ZkGN5jC0U
5H9AvVuQ028kimlAG9bFouiFeJtSpvWlbVOkhc5w/CA cUo39xNopF6goxCoSRI3C1eg6ynSOX1HmbTqH6JCzjo
-> ssh-ed25519 IzAMqA MEH4kzS264SuPMxEVDppGEYPEgzZyoUBvs15aCvDi2U -> ssh-ed25519 IzAMqA pcJ8a1soioxd/aX9a8SCyz+4ClrtUyDkQTNxUTH75U8
ATkwVOLN3MXRff1mke0RWmhbmNZpxl9jYcMN3ot7GqY iA2vSv0WroLZoRbjvwa5MxgPfFY8HTToCpLzOs1QdcQ
-> ssh-ed25519 uZzB3g LYsVL51QyyaZQybcKSvD64mYqojPgcFskY8wrsI7ZjU -> ssh-ed25519 uZzB3g srDszrjqCUdPlZR1junFInBTCcV6Pf8YZjdfI/jlymQ
z1Ccf37N9hqeRQHb3BPdqJ50qFjlpJ9xQ0dff/JsSJA ZqWkiWNCdj14yXibvJZt5kzplJYxV+FTYNSW2g/+IfM
-> ssh-ed25519 Hb0ipQ uAyvzgGdK7GwsJlGtXxAq61OibXN8d1nU8UkRRgNhgM -> ssh-ed25519 Hb0ipQ 7yV7BevtuILbQGDdzhb6xbA+1HE6gHIGBy/J5dqo2mo
cD42wDJCRQHolkGM59q2ZnyKgp24xWMezgoOzcBJlII vhZQ6RMeK7nmWVyrO2b5BRWA5UCLKKl/cmM8Qf4ywDo
-> ssh-ed25519 uZzB3g 4UzVD85xPj54K3cr6MyfZlxJ9yc92ehlLa5h3Fiz8iE -> ssh-ed25519 uZzB3g uZqAB7XXJORAr4SqRrtELzgsj8F5/7ZHqYjQBHtuWB0
4KEnQoNPuKIVscdj5JYt7s5yE1yicnIHgqeSg9+rztA hN/6oT92j0jn6TWGaPQ2GHNE57YaoYQrHz6XocOmSZw
-> ,+f+-grease -> ssh-ed25519 YFaxCg uiXU3Fi8w3hzZ4tQD0xcijmHDXK1wIFXKwCTKlZtOHo
7tQ+9yqsuvFB0QCo7Kc2oujvofdv7bWEoSCjlJpC47u1yaKqNGm6L8+abMzoYIo0 eW+0I5AFhJ/lutzftUFNjwBXbIT026qQh1iB2MyK0bo
9oiXjW9Xzi3QrMio1SKQUylZtPV/LNxPLRA -> 3-;D;-grease >yx2 }|M
--- XtEXdZjQZjat809zBeVIp9CrYi4LYuwbs1yclK5rg5U iHbl8gyGfyh72AKP2rKtBbtsOWD3zfJtXUvZmgtDr1hR++RRWE6hDOOKPeWrlTfc
€ÀÀ®å À§ôz”!|Ü—ž$ô(“ŠJ Œ£ú<xÊÅlw·\òXr&´Pn°Šiëe<C3AB>f µ¾«6ÓÛ0kj<6B>Ͳ%þû—dû7e{JÉjڥљ]GÅ[R¸÷ÛÕÒ5}Õ,䵺+bÕ¾­¡41®MSjcò´¹rÃÍeP”¶EpðºÊ×Ó¢T:É/Ñy<·ü×™}êwàu 7ÝÔ@ C.ý•Tΰ¶a(:¨Ü•Öèc”ÔPÐÚ²õømÐŒ Ý<C2A0>Nÿ\ü/(³Ï%ŽÐ·8I r80zbGItMrUtbaV6BT5g9+Ji6w
--- 0GOtCNG/Yxp0gVi4t1R7nDT6ZdAvyM9XTWmsaLYwbOo
á%órÜÔ!wŠfmòmòeæ‰UñžŽ¼pœ¼NŽ1«%oj,º°0…•ü5ÇxÕÏòµÌƒv¢U_èF· '«ôNèM“>ÀËGðçD<ŠqOV G˜µÕùä,ØÔŸ³QN:)Üöß%ç¨}I/²U47wb<1E>|(Ëà Á\ån†ÎG<C38E>ÃïFŸZ†ö°¿+[ Êók”Ï”<C38F><E2809D>ÂWm;¾’øªRab`ûž q™V(…Šj#Sjö.šczØÙ¸ÂB0ÈÞ

Binary file not shown.

View file

@ -1,21 +1,23 @@
age-encryption.org/v1 age-encryption.org/v1
-> ssh-ed25519 V1pwNA FGnpjvtMlQEUSU/Yatems68P7ggyonctkHTV0KRHyh4 -> ssh-ed25519 V1pwNA P02Xzq2IYlbZMvvBUjy6eM0FN1CfSyCinTJnQrZUUlg
HMqv4+3Gh7aQvY0t8yuQw9xIxCVjNdZKtEbkFVwrFPc QU9CrDYFL0KwDiH9T0zOzydeJBm4eS+Rp4m2ozA3FA0
-> ssh-ed25519 4PzZog sDgXstvONElzb6QVgb1elI4zYlLmnmeGPJDIvwXKuHM -> ssh-ed25519 4PzZog 0dqzbH7AY96+GFtwrkrcxYKuO/c9eBPgdxMKa1qliw0
6gTcns2FdeezbUZ3eju6T54avvL/XGwQ+RgO++/NL5s y0Kx5IG3CCzFcXM5MuS3eLij/l7QFKaHlr3VQty+gsA
-> ssh-ed25519 5Nd93w p8xCIRNHB+dI/2g3D5yYaColw5xqwnPTXRiNeZ93lgs -> ssh-ed25519 5Nd93w i9j9spcBf2ww6koxQu+802p8ua70VmQTtuLNC/v8MzY
lsuYyfyhG7AEVOvv8orux5MhtLAihN6obduWThN4vY8 wgYQc+JdSPd2cen/mQyL4NVn9fHtRsHX0E5lDW06yMs
-> ssh-ed25519 q8eJgg 9JTv63DlMKQ7oKGlYL/s6v0P3kXM0JwznNhrWjxmWGI -> ssh-ed25519 q8eJgg L55YurMQv+czgj6uwgHS3L2vX2A5VYRcUEXsGcj0r38
cC7wmksvARscQY5tRPoa5uU0Bhv1XvXHxnAmetglLyQ vLRAuYLEljcVqVXs6k0hrVQNkRIpvvpCUeMP4jWVItQ
-> ssh-ed25519 IzAMqA ZfxLgzUT+lR15YHEtB5wubQ6yrfo1jCfhXrcftC4zG4 -> ssh-ed25519 IzAMqA Q1wP64lIZtvFPa0wAD+jQZtS7NwDr4rkthZEoVtuJjo
4Me+kebp+tGcYEgoUpacJ7vc97Zx9HU3OyGJfEnOBiA EnLKgtFFpzEKpLZMatZFNTt0rINciFUryYd0GMIUSp0
-> ssh-ed25519 uZzB3g 9JjpdqrrC+I0lsTJzd85S3Ty5OzLCgk73Uy4J0W8zFI -> ssh-ed25519 uZzB3g EwOnsGci+aqHj7XR+sVCi2pNowFbTLtQimzFNHy7LTo
otD/Rhl/M/wzajFsa9/Ekh4hdgFj7U4rLIOnVl38ww8 jtl2RhtNayPr44rrZ1ESgR6p1hDJg1h70flu/0rDCjg
-> ssh-ed25519 Hb0ipQ KIHz+NlYyJr0123zY5KzP7DKIVKMZ96pkYszfm6ZZWw -> ssh-ed25519 Hb0ipQ Jmcvd8zOLb7qf2ZIY1HsBrMA3wETGJFUTicBb/Gf2n4
5otxnKJG/rlbkkg7Oq5gNpsCv0N4a7/keLgVQV+/HZE RTiE+f1N+npbnh1M20x76MJ/uj/5SDTdWKj1uMWPThM
-> ssh-ed25519 IzAMqA M3f4xVILPuTfWltc6MGbmNaJh3lHVrUUTJLewO6sths -> ssh-ed25519 IzAMqA cSzsukksm2E0coLmIXmd6DsEs/gHmIeGfcH/unNd1B4
VxyGTeZCIQ+YFQQDawnq5c/KZJJZ4XyBOkTe8ERAR5Q 6ThlGLwm5iFG/UXoNMtAup909MVxz5JTpK45HJDeYFk
-> QPWdC\-grease 6p}<3J[x -> d7'/PSOq-grease BF,
mI1KGauviXoXmMuh5wc7XnJWczUEMpzCSt1I8Uwo0tBP1WK8/WvD8A ka0OOXHqf7TrhcdP9NFMQVGlF2x+fnC5PRZba5o
--- 6qiPEiJW4DZdXJWin+F0aAIEEA/FaUDfQ7Hsuvo1QKs --- s5GXDMgktkfdge6Ndk1J8ooCdXVsryH9XzD2+TF6wC8
ÖÈD!Õ¿9{,&ØçlkÂÓ<#<23>˾—þÙqé×áÔ‡3ö)a¥aÿò]ú ÿlÄ”$»pÃ:uûI7àëëKæ+-ÿ¨¬<•…¾Þ€ññȜdz诳ó#ú0öÀb™Ž‰{ÉbQ «éGÊr2í ö y­;5¬ÿöCœ5Ö¦Z·Ä7æ A `2ÕÊÇÅöå™SÇ
•cA¥¥Ž¼2˜¦ƒÊˆ<E2809D> åw L(<28>žq\Ò0ô})€D#k)¢Yí€\&¬ûºX£"į¬06|4ù)¼Þ._vD6N”Ò½üé*+RÇ)£59†š
EñÔ}£â ~g<>©C1ÁÝðƒÀ ÷´e

Binary file not shown.

View file

@ -1,17 +1,16 @@
age-encryption.org/v1 age-encryption.org/v1
-> ssh-ed25519 V1pwNA l8bVNmtvQQYYdYbaIGbu2Zr1QIQ7foEVC+3qOjyBEBo -> ssh-ed25519 V1pwNA llgtj/hArsPrgXWLZ1PPjO7oxnsxTCDjiAk5t+AdmmY
/+XugQWU5ZtUhYs+nUXiWszSt4f2ugyKzwx74k1L5FA UMqj4tptjYBlx+H63XV2MkjhtgwqfFoOcnO/df4Cczc
-> ssh-ed25519 4PzZog uf9XS3J+yhKCUkD4OnwiWg0wyRpN/9lSc/zhbqBNYUA -> ssh-ed25519 4PzZog kFatYVb+uTFE6SQTyAAj6dKzMXayOGuNb0wJ5ROUwFE
/9FoDD5reZtMOQAuvN+ex5PWlC2RySqiCzv0mNwNTQw rFdJqLGdWtA6Zlu1HZCLZEfkWnyQJZ1YZaqKhXX3o/8
-> ssh-ed25519 5Nd93w VuooU1/tyko+EixV7mvIu4A2O5+83BvUloDJX2JTDQA -> ssh-ed25519 5Nd93w 0nz87C6yz7opimMDAaDGk/MGAxL7H/EkErURJzsewCE
DhSj04ZvbHakIkadflpwKbqiIGea+eSBsEBdzPl9OLU PosekfdTusQBT78vwUk80ifdWnwSCL1SyljKOX6Zj8c
-> ssh-ed25519 q8eJgg bEyYdnWO1Yvlgc7a8HtkZhUgXbiIfcADqrpnVG3f1Ug -> ssh-ed25519 q8eJgg aduz0eqmgJCaFIziUKytibM5B4FP0Caxz6VrXOjCmS0
Pb26M2XCByrWwY8WxqWF64tkAxLFach/VSZ1bs9Ira4 mlSOKmvZe5BbMWfC5r/Px4ppONyBD2AC3B8sHquEfJ0
-> ssh-ed25519 uZzB3g YlKcfsuCsq5B7tOcQtGuTBWoSWamTLCVHJ4T1d+Gcz8 -> ssh-ed25519 uZzB3g nxn8Ftq9gkOFnmLLSf0+rvgd8cLM/Hp/7oPNqmhzOhU
2oNqUbegU6OkPpFTrTPUwIgcxPw3FiR1Y8TOoTrT7/A KKH9PUun0S0+GA8Z4APqvrNHLe/kb9DNqSqOJDDKN70
-> HvX-grease 1gEJ iS*ti w!mB 'ztJjEI9 -> gmR|-grease
bWmaS0UnKig VIRVW2ctDBkcCBfSpnE2zgJBoo3BTXxYvyYfrs2kEEUP9tbIFtaAPqPHsUlna0BD
--- rZTDxAK0aAgxkQM/d39FIL3FF2u9ig89jYjBmNvVFIY o8MbAAgG3C94PjW/MLeurzGO81/+ZTJ/w+gnm1hqhgKn2UwkgXN/7fO3htEr
o¾jïên‡¸×ŠUeÍs7¸ú`'[ß,÷}RQâiv÷"õ×<18>´Â•£7nÔEÇ»™¥Y8 b --- e4BEq7PzBBhOqfRTq9ydLwFdTUKKoRZy77yLIrxV2Eg
û+<„F臤Œg'À¼À9PئëåF'“+(…<>@•3Â<33>çqŸ @¤©Ð@ò0ôž:AeGG¨?_Š}Å-åP€èø~M6¥Ó6‡<>”5‡%ûZ£/_º-Ѭ<˜Æç|È¿~‰Ue ºa?“ ïà y½¹¶<0E>©@·ˆJÅ@<40>9^yGn‰;Øį«_%ÁÑó oŠäo²BR„<ë+7‡ÉËØéîÿ²ÈÏÌ£;­Ú¦„°ÕÄ•!žôkÄ/Js
¯yõÜ©ïÐõƒoYµ<>T£Æ[^L÷ü‚˜l÷èaƒ²ýî4"{kŠQ<C5A0>,f“K©>îA=º

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

16
secrets/nextcloud/pw.age Normal file
View file

@ -0,0 +1,16 @@
age-encryption.org/v1
-> ssh-ed25519 V1pwNA l6kwTOi+K4xJM87fiY6U1/QMDWY/cRe1zmTjTccBC34
H3XZahYpUPHiXe5tR7kqPvHbu1SV0SN+Do5rOJpDQSA
-> ssh-ed25519 4PzZog rh4/KzXeYjbKlQ7on+cVREYcvwOSnXcFEeIXlk0lihk
hBGFOPk77prVzRJtNGho7To/V3BQT1jU5o8w2e+ZY8Q
-> ssh-ed25519 5Nd93w wWUVmanx5i/cCAL2a6MERW923Cz4t8OnzjHTk5LUowU
+z8Wbav+YRKxQim6iE/tukoj0F+9/hzhK+R+3u89wCk
-> ssh-ed25519 q8eJgg Pzxmo6b3JOk4AwzTjEOURofRsvjGVVhQ9B8BqA910k8
uZGgPtcWgKHq8snOZqPRiO6uMi9V6QzasJdJWRsO3U0
-> ssh-ed25519 YFaxCg qqIABi7lvz69HJD8raa+PsvKHUdsSgPZVngmvAJISU8
dCaLIWXsRCOqktfOSHc9jWc+OiIwfMH7SvtqgP1myeY
-> E<-grease
oF16atWxsncF3/H9K/kz73e7f1F7JtRak/DVDH52yZDzgJKXNqqB3N6PkkFATn4I
iWjxvagG8Cft80HE6xCrvjliikmLzKkPE5Aw7cn5iddQXts17NtB04f95S5Ubg
--- o5/e5NyvpgaIjUCmIuU9NH2Qc6nUloUX1zmY+6IOCh4
Ç pe7É[¬O‡§k‡:GÑÑF”úkFá´ÌÃg¦>õXÕ¨Æzë)Jr¨û‡D'ù<>ääñû/Œ‘^QæBFß3ΊªËÿKžJ<19>-

View file

@ -23,6 +23,7 @@ let
neuromancer = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID7NRDOGzSO4XVEezMS/9pI3chKbOH0fw2aikLRvea2P root@neuromancer"; neuromancer = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID7NRDOGzSO4XVEezMS/9pI3chKbOH0fw2aikLRvea2P root@neuromancer";
skynet = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAIFPXJswth8H1k8+zrg8vCnPkfG1hIIa3wR9DBmjpB5 root@skynet"; skynet = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAIFPXJswth8H1k8+zrg8vCnPkfG1hIIa3wR9DBmjpB5 root@skynet";
earth = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMpvgQcvK7iAm0QrIp5qSvUJzDhOrSBN9MJn9JUSI31I root@earth"; earth = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMpvgQcvK7iAm0QrIp5qSvUJzDhOrSBN9MJn9JUSI31I root@earth";
cadie = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIACcwg27wzzFVvzuTytcnzRmCfGkhULwlHJA/3BeVtgf root@cadie";
systems = [ systems = [
agentjones agentjones
@ -37,6 +38,7 @@ let
neuromancer neuromancer
skynet skynet
earth earth
cadie
]; ];
dns = [ dns = [
@ -77,7 +79,8 @@ let
] ]
# ldap servers are web facing # ldap servers are web facing
++ ldap ++ ldap
++ gitlab; ++ gitlab
++ nextcloud;
restic = [ restic = [
neuromancer neuromancer
@ -86,6 +89,10 @@ let
discord = [ discord = [
kitt kitt
]; ];
nextcloud = [
cadie
];
in { in {
# nix run github:ryantm/agenix -- -e secret1.age # nix run github:ryantm/agenix -- -e secret1.age
@ -120,4 +127,7 @@ in {
# email stuff # email stuff
"email/details.age".publicKeys = users ++ ldap ++ discord; "email/details.age".publicKeys = users ++ ldap ++ discord;
# nextcloud
"nextcloud/pw.age".publicKeys = users ++ nextcloud;
} }

Binary file not shown.