parent
0b4c324e2d
commit
9f9d3a98ab
|
|
@ -0,0 +1,12 @@
|
|||
ADMIN_USERNAME=ENC[AES256_GCM,data:GZmtrj1lfUyt,iv:Ilz6WqwEgPz6LdPNGaXDul9j79BGsFpCE5Q5HuKZYiU=,tag:pJLPQE9+Z18/XbfgXh8IPw==,type:str]
|
||||
ADMIN_PASSWORD=ENC[AES256_GCM,data:DwxGQtGC0u2pAXloyLTzjE3lwcqA1yZ0G62w537zLnVEZlOIQMDHLZqw7WAduGef,iv:DepKsZWCDwTjos+eudFQhA4592j4hsGhgp9wf4Z2pVQ=,tag:QTF+usi1XftNYVy/lGlMdg==,type:str]
|
||||
sops_age__list_0__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwTXN3TG80U3YwVVBxV0Mz\nVks2ZHhlN1BnQ2RvUUtKSE9yV2lQelV1U0R3CjJTMCtuUlZpZ3lGRm9KTGVyNjV0\nN29RSVlVa0JOMUxncXdBdEk4WC9CNUkKLS0tIGlUZTcyZjZUYjk1VWNzMGNuZXVF\nMFRtL0t2OUNJdDZrSDJsVzdBZkU0bWcK2AkWk/SnO1LIKoYDmokoQxsnzo7py1SP\no5qKkWG9krcRQ/WEM1TUgxLZF4F9aBVRpSWZ+9BNuqAa2zm3U9M1uw==\n-----END AGE ENCRYPTED FILE-----\n
|
||||
sops_age__list_0__map_recipient=age1y7arunqzyjjdyspx46z20x6qadxpxfu5z59qe74tn4re375ctg7qtj48p3
|
||||
sops_age__list_1__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwenh6ZUJBbisxSnpWZlhv\naUlYdlp4K2dGd3V2VitiaU5HQnNWOWNnM0F3CnVMbi92SlUvTWw0RTE5RmVBczNI\nVVhvOWlYekdDQ1BranNvc3ZCb25DUDQKLS0tIFZmMG5rbDlTKzlWUkxXYjhFaXFw\nQklRa29CZ2ZIdWZGVEdubmlueE0xSEkKyZiPRWOScVFvxq7wgKhxIZZAwmDNMQIw\noFJPtlUExajX3axwQuMOcxQpDHsI4ZGFQWu006jfqjIc/H5rD6AWhA==\n-----END AGE ENCRYPTED FILE-----\n
|
||||
sops_age__list_1__map_recipient=age1dvrymsl5xk26pkznk5kljqssnkvae2ftsawx96n4r43p3cfzyv4qtr67qj
|
||||
sops_age__list_2__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzbGtxVEVLWWJrN1lKd25i\nSkhxS3pWZXdsVE11aHlvUDF1eWhaZm5pK3dvCjg0Y1RmL0hFMlMrRXAxK3U1L2Nr\nUkZ2RURoY1crS3ZhVUswNnptVXB5cEkKLS0tIDZYT3RNaDNwMlljNVdnK0xabVlI\nMWhoYk1DRmNDaUphSlZSWU56OEhlQkkK66dVkOahZrLSTZTVRLRnrSloAqWpvbAW\nc6QNBqvyV7yH/ZBXAIZJh5xfmIQkoFA6d2Ewi6XMPVaRt0mNFdUHpg==\n-----END AGE ENCRYPTED FILE-----\n
|
||||
sops_age__list_2__map_recipient=age10fy49p7faufe5533rxgshwjn9kr3aqcxjyqk6ty26j99w50dkswsvn2maq
|
||||
sops_lastmodified=2024-05-03T15:56:12Z
|
||||
sops_mac=ENC[AES256_GCM,data:756e1tpMxbLznrymN79ex9q7BK7rh53gZNj4YdoZ+gzsn3r0Dcfyt0WTdYMCv1ico/Ol55Rqa87Pm9jeZ/J2S8jp5BBW+lI5CTy/pYDbJegEjf+yGwkznl8x0F2n8mRg+PaIvJx0QlFZLUGJpsY2eX09QC1H0CKNOXh6f6uwgtw=,iv:ZtNYWqRd2d2+MatA68u9W3rrc6qakJmjiwDHr8u5hn0=,tag:c/DbQc27sgwzHg5tM6r65Q==,type:str]
|
||||
sops_unencrypted_suffix=_unencrypted
|
||||
sops_version=3.8.1
|
||||
|
|
@ -1,5 +1,4 @@
|
|||
tsauthkey: ENC[AES256_GCM,data:JhP8m5Yhhp7vKlsdWMP5J0p9hhkidQxQlsnvEcQMRv7His9uVw+Ah0CsbDBoUMlT7RfHnOP4Op1Q,iv:rdR3g+vKfuiuQQlk5bVkrwzUOnat3qOpi9glr8dAAbk=,tag:COV/2xARUCpCQaHDtQNUXw==,type:str]
|
||||
yarr-auth: ENC[AES256_GCM,data:87RhCmHa4BAQEFiolud/L+DaBvcOm+cqunuXiujknAQ+5vJCfIirki8rakiNPt/YjZxl+dDZXNTIyg==,iv:9coi5/zA3WF1QV0ZU4+uVp2fiiiWXeXe/etJfILQmtw=,tag:4kS0quGeT6SwUn8feGdTxA==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
|
|
@ -33,8 +32,8 @@ sops:
|
|||
Q3picU5aZEtjcFBybVhEMVZvVUtDME0Kp2ZMYhiPQee8BvjUqroeR42rJ6Fr9QWo
|
||||
cjRMnFdDk3YGD/34Lzbs8JVhz7aMsFLOKulU5zuXem834ZVXdzOPNA==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2024-04-04T19:51:59Z"
|
||||
mac: ENC[AES256_GCM,data:hgLN7Cta8eL6+8GK5wlCilITfGtieRyhsb7CCpQNF1a8LOfNB3WG3l1GkgHbndEcBVNx0VGRS5BrggTb2bMA4NEH9DEHTRlUuW1DCkxUKXEltglD9KtRmj/EtQ9rp1lqPpHzUKcT0/fPxE+1ZMMO9blSMiaH3Mt0k5DWwXToOrU=,iv:ODpUC8o18byWHiIyOlrwEwGjvwN8O26G7vY4JcB9nnw=,tag:2m9L7ao/3VDIppkrCNz2xA==,type:str]
|
||||
lastmodified: "2024-05-03T15:54:02Z"
|
||||
mac: ENC[AES256_GCM,data:KZiYWE5UIQiU8z7ttDIL+aVCuqnVNZ01iq4Qdshy9OaGq6u6hEM8ZGPtVNALwT08ZskAg8rH1E0Vcaox0LZY1QJ7HZlNCKv3b96bp67FE2sU92E7ABW/lwOJx4j1+d/8k2fwOOylGIHQRU4yxlehadmg6r3EVMQtsgnf5bjF6NU=,iv:3+6CGwIerF5bTw3SZ+E4a4y1BWjM8r+MjpynjB8yyz8=,tag:shBaPc6qJ8srs9EXRwTQSQ==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.8.1
|
||||
|
|
|
|||
|
|
@ -32,6 +32,7 @@
|
|||
|
||||
users = {
|
||||
mutableUsers = false;
|
||||
groups.miniflux = {};
|
||||
users = {
|
||||
msfjarvis = {
|
||||
isNormalUser = true;
|
||||
|
|
@ -42,6 +43,10 @@
|
|||
''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP3WC4HKwbfVGnJzhtrWo2Ue0dnaZH1JaPu4X6VILQL6''
|
||||
];
|
||||
};
|
||||
miniflux = {
|
||||
isSystemUser = true;
|
||||
group = config.users.groups.miniflux.name;
|
||||
};
|
||||
root.openssh.authorizedKeys.keys = [
|
||||
''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEoNv1E/D4IzNIJeJg7Rp49Jizw8aoCLSyFLcUmD1F6K''
|
||||
''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP3WC4HKwbfVGnJzhtrWo2Ue0dnaZH1JaPu4X6VILQL6''
|
||||
|
|
@ -99,7 +104,7 @@
|
|||
};
|
||||
"https://read.msfjarvis.dev" = {
|
||||
extraConfig = ''
|
||||
reverse_proxy ${toString config.services.yarr.addr}
|
||||
reverse_proxy ${toString config.services.miniflux.config.LISTEN_ADDR}
|
||||
'';
|
||||
};
|
||||
"https://til.msfjarvis.dev" = {
|
||||
|
|
@ -129,16 +134,29 @@
|
|||
};
|
||||
};
|
||||
|
||||
sops.secrets.yarr-auth = {
|
||||
owner = config.services.yarr.user;
|
||||
inherit (config.services.yarr) group;
|
||||
sops.secrets.feed-auth = {
|
||||
owner = config.users.users.miniflux.name;
|
||||
sopsFile = ../../../secrets/feed-auth.env;
|
||||
format = "dotenv";
|
||||
};
|
||||
services.yarr = {
|
||||
|
||||
services.miniflux = {
|
||||
enable = true;
|
||||
addr = "127.0.0.1:8889";
|
||||
auth-file = config.sops.secrets.yarr-auth.path;
|
||||
db = "/var/lib/yarr/database.sqlite";
|
||||
package = pkgs.jarvis.yarr-dev;
|
||||
createDatabaseLocally = true;
|
||||
config = {
|
||||
LISTEN_ADDR = "127.0.0.1:8889";
|
||||
|
||||
FETCH_ODYSEE_WATCH_TIME = 1;
|
||||
FETCH_YOUTUBE_WATCH_TIME = 1;
|
||||
LOG_DATE_TIME = 1;
|
||||
LOG_FORMAT = "json";
|
||||
WORKER_POOL_SIZE = 2;
|
||||
BASE_URL = "https://read.msfjarvis.dev/";
|
||||
HTTPS = 1;
|
||||
METRICS_COLLECTOR = 1;
|
||||
WEBAUTHN = 1;
|
||||
};
|
||||
adminCredentialsFile = config.sops.secrets.feed-auth.path;
|
||||
};
|
||||
|
||||
system.stateVersion = "23.11";
|
||||
|
|
|
|||
Loading…
Reference in New Issue