modules/nixos: add cachix deploy
This commit is contained in:
zowoq
parent
a16ea9eb24
commit
0181aa2a10
3 changed files with 105 additions and 0 deletions
|
|
@ -150,6 +150,7 @@
|
||||||
flake.nixosModules = {
|
flake.nixosModules = {
|
||||||
common = ./modules/nixos/common;
|
common = ./modules/nixos/common;
|
||||||
|
|
||||||
|
cachix-deploy = ./modules/nixos/cachix-deploy;
|
||||||
community-builder = ./modules/nixos/community-builder;
|
community-builder = ./modules/nixos/community-builder;
|
||||||
hercules-ci = ./modules/nixos/hercules-ci;
|
hercules-ci = ./modules/nixos/hercules-ci;
|
||||||
hydra = ./modules/nixos/hydra.nix;
|
hydra = ./modules/nixos/hydra.nix;
|
||||||
|
|
|
||||||
11
modules/nixos/cachix-deploy/default.nix
Normal file
11
modules/nixos/cachix-deploy/default.nix
Normal file
|
|
@ -0,0 +1,11 @@
|
||||||
|
{ config, lib, ... }:
|
||||||
|
{
|
||||||
|
sops.secrets.cachix-agent-token.sopsFile = ./secrets.yaml;
|
||||||
|
|
||||||
|
services.cachix-agent = {
|
||||||
|
enable = true;
|
||||||
|
credentialsFile = config.sops.secrets.cachix-agent-token.path;
|
||||||
|
};
|
||||||
|
|
||||||
|
system.autoUpgrade.enable = lib.mkForce false;
|
||||||
|
}
|
||||||
93
modules/nixos/cachix-deploy/secrets.yaml
Normal file
93
modules/nixos/cachix-deploy/secrets.yaml
Normal file
|
|
@ -0,0 +1,93 @@
|
||||||
|
cachix-agent-token: ENC[AES256_GCM,data:jqX0aET3/BpGiogJ8kmJ4fXhocdPIrZOFpzjf1ewAy23CR0xwPA12dIIKaRu90418qPRW5M8Cq/xzaSpkh3NThOlvT4RTQtP5UgCQt/rzvfzhMorq338fzv/cx+xSw/um0z0r5MqaLqGtOLbXeKDQvccXtJZuyyol1coBSwCfo0uBNLBiQzHshrLHxkjMLP4N488Hu7oVuCwp9ux6JISpj4tepccWehjgUoa,iv:omqsgGKITrAA6Y6wH1gEGM2bkWq40vhzzy1phE2ijkk=,tag:O6ip4qSmhBHPdzT7nHMU6A==,type:str]
|
||||||
|
sops:
|
||||||
|
kms: []
|
||||||
|
gcp_kms: []
|
||||||
|
azure_kv: []
|
||||||
|
hc_vault: []
|
||||||
|
age:
|
||||||
|
- recipient: age17jtyn2y4fpey6q7ers9gtnh4580xj89zdjuew9nqhxywmsaw94fs5udupc
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBab2Zzb2dmeFBvdi81VTg2
|
||||||
|
NHlBQVlkYkZFTVVhQks5YnhFTXJFMjk0c21zCjlvOVVFRTZKQzBvc3dTL2JOQ2JJ
|
||||||
|
aTlrTVkwNnRSMWtmcEk3T2c2RndNU1UKLS0tIFBIWUhwK1E5WGUybXgzWWZwWmZD
|
||||||
|
NldGaUc1WCtFa3FxMlVFckRmNDZHTzQKNvUdXqY3cRmAZlW9AjjgiouRccFp42yx
|
||||||
|
nm//1njoCvdPAkw5LbINOetoisK3qNe2QcTYEu7pdyhsbRn188f0CA==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
- recipient: age1kh6yvgxz9ys74as7aufdy8je7gmqjtguhnjuxvj79qdjswk2r3xqxf2n6d
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBOSjU3SHhHalk2ZVE1TkZD
|
||||||
|
RmRVUGdyb1h2VlIwQi9XVkYvTVRVZWFZUng0CloyZW1VTFZRTkFpYjlTSFFSVFhl
|
||||||
|
K0p3Vzh0T2N0TUhCQy9IVzZiUXNWUmMKLS0tIEs5TTg2YUN4SndzRy8yM21JMU55
|
||||||
|
dytuV0xZRUUvaGR5YWdza3lRM1JSbEkKoMwb32NvO7hYSctoliXX/WOYHauiVb+w
|
||||||
|
U3XOu17kd6A4cCJfKTMBTPr/v81lcUvbtfHwrXsXYy6ImD3CZlC65g==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
- recipient: age1qg7tfjwzp6dxwkw9vej6knkhdvqre3fu7ryzsdk5ggvtdx854ycqevlwnq
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtWDgxTk9VTGhmckxZeWNP
|
||||||
|
K20zd3hDa3dwT0JOTnZDaHQzUkNBeFZ1VGtNCmxyaTArNzN1UzhjdUZCSnozSnVj
|
||||||
|
RXBDUzlFTmdvWUMrOHprNEtFSkltMHcKLS0tIGdUclROcE9wYlJrYVRCVlZlZGNk
|
||||||
|
T0VPcmRKKzhrYjdTTW9vU3AzMnkwc1kKsXjBdQToTIvt/0pCTNz+K2HdO/jZJhcB
|
||||||
|
aM7PnKW+3Ko5zjAhTyI53/80Zkfh/4v3lIh83vGmpZtkRk9WKyLb9A==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
- recipient: age1r464z5e2shvnh9ekzapgghevr9wy7spd4d7pt5a89ucdk6kr6yhqzv5gkj
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBFZm5KQy9YRXhycnM2Rzhz
|
||||||
|
UDBvTDRYVGdCRXAxQXZZWnJBZ29Da3Nvc1YwCjQ5bHdrdUZDajNhaTE4K0FiTFBj
|
||||||
|
WnptTXBWc1lacEpldElQRmYwUkdSQUkKLS0tIFBtejgyUGN6bzlLQ09QbHN4Tyt3
|
||||||
|
MzUxcytmY1JoaGxGS1ZTdjNjaXZxTEkK5TCBWPmLtxDKsBSOr2c92O4KnKZsXB3u
|
||||||
|
m+cBKctT8ZVr25dJ/TJNnesG2EXtkNHVCl/szVBYLRHBPpJ2RIJ7Yw==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
- recipient: age17n64ahe3wesh8l8lj0zylf4nljdmqn28hvqns2g7hgm9mdkhlsvsjuvkxz
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtNXFHeEh5WEd4M3dSMWRn
|
||||||
|
aUNNL0J1cFYwZWt6OHVmTmlFNlVJNzJoL1ZBCkpsdHVnQlJTa0N2enpibWpKcUV4
|
||||||
|
SENHUnMwUEdxZzd1WWU3UDZCSUorclkKLS0tIGRyTGEvNEcwTkJHYU5vMTFBeGs0
|
||||||
|
ald4UFd0NXlDWXdRZnQyZjhyNjU2a1kKKUHRBKDA5HiqI0Rr1/MIPLZIDUJMyQG0
|
||||||
|
bCNSg7QuFssNaIBfpxO5CEbrWvqL6W00jQi2uZQqlb+vRm4jJzAqLw==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
- recipient: age1d87z3zqlv6ullnzyng8l722xzxwqr677csacf3zf3l28dau7avfs6pc7ay
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1Qmh2Y3BMNndVWFd0cjFM
|
||||||
|
bjN1UXE3N3V4Qi8rMGRDMm9RNmdZQU15SGg4CnM2T1hWcVVEeFJ3aDUyYjBZYXZj
|
||||||
|
bkV6Rjc3Y1BleVdncXhqNjF1dTZkYnMKLS0tIDF5V0k0TU1GZ1JUeUdEVWxWbElU
|
||||||
|
VWVlV1k4SnpMU25DN01MNFpRdW1BQ1EKbnW8O2e0b+DA26QhiezmNf/Ut4x/CeGl
|
||||||
|
42aaJfwC8dRJGM+GSy5ROWMdO1tPXFz9TT1Kd2gDNMvQLspAbE7Tow==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
- recipient: age1jrh8yyq3swjru09s75s4mspu0mphh7h6z54z946raa9wx3pcdegq0x8t4h
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwMVdXWitXdUdvelVFQzc5
|
||||||
|
cjJBMm8zNTRCTzRjNUlIK2dVYllxN0FBbkRZCjNOeTg2Mm8rVnU5ampNYjh2TTQ5
|
||||||
|
NWhVUDRjWVhuL0VlWE1iaGpoVFNTOU0KLS0tIGI4QXgzQ1UxRmNpR2RDaGNSWFBK
|
||||||
|
b0hLT0pNNXVNemhRMlVTTGQxVDFlRG8KsPKQlOUZiJTHZxXcOHynjAeriqWg44Of
|
||||||
|
ALwKuh4wEnnsiuGrBYIQMMNyXHkUpF2puwEAGbi7DwyVjw60grd5NA==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
- recipient: age1m7xhem3qll35d539f364pm6txexvnp6k0tk34d8jxu4ry3pptv7smm0k5n
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkd0kxMDRwbEwzYUlXRjV2
|
||||||
|
d2l1T3EwS2F5T0V6R0lhS0M5OG5wY2J5Z0M4CmhSMzhaTTlNc1lJeEpnM3V1OUpk
|
||||||
|
MWU0cnUrR01wUS8zVG51QTI1ekg5MDAKLS0tIDkrVnBnSWViL0VNN2pBcTZ3blVI
|
||||||
|
RlNlcVBSZ2VsWnVRWW1DekQvZmVWY0kKJGw93A6HpFPqhpe6jwYJE+Cgxr7/KAdy
|
||||||
|
9uE3iWCIzKc37ggSJ6w4Ei6GWjiFRsSkqW+CvtrQ2lPp6fGpKjM9gg==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
- recipient: age1dzvjjum2p240qtdt2qcxpm7pl2s5w36mh4fs3q9dhhq0uezvdqaq9vrgfy
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBEaVgxR0ZHSGp2RVh0dTZ3
|
||||||
|
RUNJV0NiZ2RCbjkydlRJU0tUdHVkVkxPSEhFClhUczVPcmx5NnlIY25tT0YwaFhW
|
||||||
|
YUZNUUdWRFJ5Z0diVUJsSmxoTjU2S1kKLS0tIGZZNGZyYy9LcXZFci9PazdWUlFn
|
||||||
|
MXVibEJhUmpYajJ6V0xyd2YxWXpFQmMK3pAgww2itIm3/xnoiO2zMmaUcfc2083Y
|
||||||
|
xuprImh/pfGOzNpR20wczrjuiPRVXvc83TR1SawWXsLgVwgF3k/VMg==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
lastmodified: "2023-07-21T06:15:03Z"
|
||||||
|
mac: ENC[AES256_GCM,data:fL+CskuON7oZmfj+yWztmTt6bJVyGQDiDRgzKMotycvSQuY3WFiwwHBg1CXwykXyjjlvoX9vL2DJhBxL/+fc/GDcC+gDd1QtZqCJbppC2bk6OLYx8a2gCtd/ql+Ma6GY+JkcDApi8R2nr2+QK3jrOo1xXK18Mht6RdIjdPvOdP0=,iv:jD/4Jy4SVrFXENc+Zr7woPoW14Eij0ZEkSRRHVNt6vk=,tag:J3FSNztymCnGfb/aLYTsEA==,type:str]
|
||||||
|
pgp: []
|
||||||
|
unencrypted_suffix: _unencrypted
|
||||||
|
version: 3.7.3
|
||||||
Loading…
Add table
Add a link
Reference in a new issue