chore(nix): add nextcloud secrets

This commit is contained in:
Serĉanto de Scio 2024-08-24 00:18:23 +10:00
parent df59944d24
commit dbf7a334bb
Signed by: sercanto
GPG key ID: A4122FF3971B6865
4 changed files with 75 additions and 4 deletions

View file

@ -1,12 +1,11 @@
# NixOps configuration for the hosts running Nextcloud # NixOps configuration for the hosts running Nextcloud
{ {
age ? config.age,
config, config,
pkgs, pkgs,
lib, lib,
... ...
}: { }: {
imports = [../secrets/nextcloud.nix];
services.nextcloud = { services.nextcloud = {
enable = true; # Enable Nextcloud enable = true; # Enable Nextcloud
hostName = "cloud.mcwhirter.io"; # FQDN for the Nextcloud instance hostName = "cloud.mcwhirter.io"; # FQDN for the Nextcloud instance
@ -17,8 +16,8 @@
dbname = "nextcloud"; # Set the database name dbname = "nextcloud"; # Set the database name
dbhost = "/run/postgresql"; # Set the database connection dbhost = "/run/postgresql"; # Set the database connection
dbuser = "nextcloud"; # Set the database user dbuser = "nextcloud"; # Set the database user
dbpassFile = "/run/keys/nextcloud-dbpass"; # Where to find the database password dbpassFile = age.secrets.nextcloud.dbpass; # Where to find the database password
adminpassFile = "/run/keys/nextcloud-admin"; # Where to find the admin password adminpassFile = age.secrets.nextcloud.adminpass; # Where to find the admin password
adminuser = "root"; # Set the admin user name adminuser = "root"; # Set the admin user name
}; };
autoUpdateApps = { autoUpdateApps = {

View file

@ -0,0 +1,35 @@
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IEZCOVgxUSBlK2lF
RHorTEwvNGIrQjA4YmlMM3U3UTV4WGZzZ1RvZHRKT0xhN0s1TVJRCmZaaithSTZZ
QmM0RHBkZHhYelZ5dHc4OXRNMkVGM1REcGVwbi9kaVJaUHcKLT4gc3NoLWVkMjU1
MTkgSk00dDZBIGhmaGNtNDJKa2F2UWszOWZRNnpLVHpqNzZJdTkwMmZVeGtTVmpJ
YzdiUWMKT0ZtNWtidGE1UGJTTDd1R0RCNjh4aStDY09zMFZ4OGxiM1Z6RXozZDdD
SQotPiBzc2gtZWQyNTUxOSA5aEV5RFEgL2hCQnFVU0VXd3NMVHpab0dWK1ZFWGFx
TTZ1UGVmSU9ZVlU4TCtWOWRYbwo2UmtKellzYnBuYUVYZnpxdUN6bHhRSkU1UW5Q
eFBhZVFZS2oxa0N1c29ZCi0+IHNzaC1lZDI1NTE5IHU3WjNqdyBTT0REVTFEdjVS
d0dyR0N6R3J4aU9CdkhzR043UHdidUFaNlh3aFNKSW1zCjFpM0FLS292eWJidy9N
UzBtQ3Z3cUpZYWtiZzhxbU1wS2ZNeE9hTWloUE0KLT4gc3NoLWVkMjU1MTkgV2c5
M3J3IHB2RFNQYVNkdGRMUEJrZGI3bTUwTW1Wb28vV2xDamdtUGI0cnliWHUzajgK
L3RDeFBNcXk5Y2Jua1N4dGxmRktsSkFoOVowYUlVTndnbEdiNlgzRmtCdwotPiBz
c2gtZWQyNTUxOSBQeEt3alEgT3YxblhjMWphNFQzWmdhZjFhK0NZWUxsbC9PbWNt
Q1VFeTRVZU95eUJnUQpkQmRrQndoZWdBcWEvYURPR1FNWmdGcDJlc042QjF6VUNM
blR3Mm5BOGRFCi0+IHNzaC1lZDI1NTE5IEIzZFhTQSA1Vk9ObVpqZFhwOXd6azJ2
UXd3STRkZzNlNXJ4VVhGNmM4a0x2ZkR1Q1FrCndaVmNqMWRYd21OVVkxMEhhSTdo
b21TYWFKL1dSczg2eU8wTi9FUE9kUkEKLT4gc3NoLWVkMjU1MTkgUWZwS1ZnIDNL
N1J5M2tYN3cwT1piMitpRnR3dU1RbDczSldObmZLbkRlTXRMcEd0MUEKSjlselpF
WnQzbXd3aXJDbUs0QzZ5d3UzSlp0cHlGRlpTYUhsdXhXSHVFNAotPiBzc2gtZWQy
NTUxOSAwZHBkZ1EgOXJGWDk2STBqaTFFbVRqMDFvVlh3NTJDemR3N1U0c0IrT2tx
aStraGJ3NApCSHFQZVlzbWtTdkFWbytnS1dyd2Y5LzJIakMrRDZQK2pwZWpEKzlk
bDdnCi0+IHNzaC1lZDI1NTE5IHVsMGt4USAwcmFsc0xIQzVObWNDeTU3YXVuVjd4
Yy9jRnZmT09DOHhnYlJIQUtOYnpnCkYrVzcrZkFsTURkUzlYbDhNR1hCZFFZaklH
blo0TytUcFBINTRqTE5JM28KLT4gc3NoLWVkMjU1MTkgWnc1SGt3IE9pN29ic0FI
TUJlT3o0cUs1YlNOUEdWcllWZmlrVGVFRG9TTzF3OHJwaE0KTzFhVEtxb0hmVXNG
R25lZVNKbkQ3TVhoRjlWR2JlQ016ZWVNVTZKSWlnSQotPiBzc2gtZWQyNTUxOSB6
RzMrMXcgRC84ZDIyc3BId1NROVNodDNLNXJjaUN1ZDI3bTk4Q0lmelMzbUZHc1ds
awpzTjdqeXJwWTBRd2xlK3FrODVRZm9oZkdRMnJWUVgvL3luMXZEaExGYWxRCi0+
IEApTS1ncmVhc2UgQ1xxMyBeT1tDTnxPID0KWmVJdTR2all6K2t1TnZlLzhYYUtS
R1Y4YTFQb2RaZnlFQzEzT0JNMjU1VWhYYkxCVWg2K1M4RmJNUVNjUk0xMQpkckND
MzJrTXlPUjJhQUY1WFQ0UE1OaUdtRk52SmdrK0NNdU5adHkxCi0tLSA0TUU2L1J2
QkdRWmppaTI5L2twaGttUUlURE1MY3ZXVnVxZEVHNTJSK3BBCucjRXVgU2KZE8S3
P695DXvhJHlpWrKEvjZAooTzzW26s1Z2Yk4sclXQEOFQaXx+aBHkeovdxi/gUA==
-----END AGE ENCRYPTED FILE-----

View file

@ -0,0 +1,35 @@
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IEZCOVgxUSBBZ2dt
WkdZWDlDNkRRZkZZL2J0aFRUZm1ZUnBDbUNqUVhEK1I2UVBPaWg4CmoxSDVVR3RP
WmoySkcrMHBkd0dnLzZNbTgvUDlLSnZTUzRmK0FqelJtOVEKLT4gc3NoLWVkMjU1
MTkgSk00dDZBIFpzc0gvTHJUVmxLbGh5RnNWZGdtdGg2aWp3U2hncllPZm05Yi8x
YWpXeEUKM1lBMXluSDh3YXJYajlQUVJ6R3FqRWZ0UzYrNXJHd0VhUXRNVHJJK1Q0
NAotPiBzc2gtZWQyNTUxOSA5aEV5RFEgc2E0dHhWVXZUSVJSdGFrTXpxeFpHcU1u
Q2RRVXBnTHByZ2c1WlpIMTYxdwpWUkJUTWxEcGNGUGhnKzNVTk94OXN0YWRKTnJM
b3U4VFp6WEVsaXZ5d21vCi0+IHNzaC1lZDI1NTE5IHU3WjNqdyBOUFlRb3BXQ1Nu
dEhieTRwMW44NGRyVFhKVm9UNUtROWFDbWVsNWcwV2xvCnN6SzcvbWFoUWE5Mk01
ejRIU25QUTNXZWtERXJxSEpXMnV6MjJHVlVJTHcKLT4gc3NoLWVkMjU1MTkgV2c5
M3J3IEp3dEgwQkloS2c4dTBDZHdENGZvd3JwSG44aHUzdVkzMjg2SWo4SEFrRUEK
Tm1OakVtbDRLMDh6cCt4YmdxK25uaGV4UmhsWGI3MG9DOFo3bGdJNmx4WQotPiBz
c2gtZWQyNTUxOSBQeEt3alEgdWtKQVN6R2o3OXVXQTB3WWYxSWg1bmgxbnk3M1Ux
U001RGZqb2tYNjR4Zwp0MFFwVDBta2NXRmNpWlJKZSt2SXA1YVhiR1dHSWlaWFpn
TVIxck5pMjNnCi0+IHNzaC1lZDI1NTE5IEIzZFhTQSBWZGgyY0F1NjhQME5XNzdS
N0hwSmxZRnFkZmh4S0syMUdXaXhpYURMVGg0CkZpb3RvSExUNWJmVWtzL3krdzhB
U1RGVFM3SzlFengrTGFJUnBqYllTUlUKLT4gc3NoLWVkMjU1MTkgUWZwS1ZnIEtL
ZlAvM2xUTkQvTFExdmpIRWp0dDBrNjNnSitQaGFtSlVhQ0daVVJ0azgKamdJSzR0
WWxHOVVZYytkS29IbG1YY0hvdkZmTnhodXEyN3VPK0djcE1CSQotPiBzc2gtZWQy
NTUxOSAwZHBkZ1EgYmJwcHFpWmo5aXhBRjNlQnpCWUxlbStOMVA4WklqOVFpdW5X
QnNmOWl6SQpUS3l4WEsxaVo3ZjgzZmpQR0RuZ0ZoMVRzTmErZDB3L3ZESUdXS2s0
QWwwCi0+IHNzaC1lZDI1NTE5IHVsMGt4USA1ZmZiWnNTRUtwV2p5NGU2V1UwR1hG
OVdZTXAxc0dya0hXYVhjbVBzT1MwCmRzOGxzUGs4UkNSY3l5cTVZajdQV0liRjFF
UTZZaGtsdStqQ0RDdkhjOWMKLT4gc3NoLWVkMjU1MTkgWnc1SGt3IGN4OGtraWJG
ZmVsdlJOdGJEY1JQWm1BeUtyMzJFeUxtTG1HN1JFZVRoaEkKclBYNms5ZDZFMzFw
ekxVdlVzd29JOERwY1NyV3RnN0xyZVFJTXdPZU5uRQotPiBzc2gtZWQyNTUxOSB6
RzMrMXcgWXVLNE1UZGFXS2lsSXMxN2o4aXdaR2ZMY0kvTDUxN0NDSHRyandvUWFG
YwpwdnNwL01QR0VxTE9aOHkxV1VqTG56MFdxMDNEYkZFRW1VaVdnWGlRSjRBCi0+
IHc1dVV8Mn0tZ3JlYXNlIEpuNmsgclU5TQpRNVRsbmIxaU5CeVlWaDhiYnlkRzQ1
Y2lIR0l4eUFTNFFQdk5JekVFQ2N3Q0JJK2grK2IwN0M2Sy9LbUJKNHEzCmxyTHlU
VGZVbU1Edmx3QXFuR2s4VXBWcDdnazFVMVM3b0lKUmR6WQotLS0gR1k3QUFEN3JU
Z3M5RFNoeW5tRVU5U1Q3ODNKRzR0OUVHc3Z4OEN5OHNRawrkiowgC6QAagO6PpAG
1ZTfpxGEOWCMhBTN1v2TIiIGdGrTARto03jq1MocduDJQCcpZx8uGY9o0EA=
-----END AGE ENCRYPTED FILE-----

View file

@ -43,4 +43,6 @@ in {
"hamish.age".publicKeys = ops ++ systems; "hamish.age".publicKeys = ops ++ systems;
"logan.age".publicKeys = ops ++ systems; "logan.age".publicKeys = ops ++ systems;
"xander.age".publicKeys = ops ++ systems; "xander.age".publicKeys = ops ++ systems;
"nextcloud-dbpass.age".publicKeys = ops ++ systems;
"nextcloud-adminpass.age".publicKeys = ops ++ systems;
} }