make yate systemd service
This commit is contained in:
parent
1ef4c1cd48
commit
fd525ee06f
17
.sops.yaml
17
.sops.yaml
|
@ -15,6 +15,7 @@ keys:
|
||||||
- &host_age_matrix age1f7ams0n2zy994pzt0u30h8tex6xdcernj59t4d70z4kjsyzrr3wsy87xzk
|
- &host_age_matrix age1f7ams0n2zy994pzt0u30h8tex6xdcernj59t4d70z4kjsyzrr3wsy87xzk
|
||||||
- &host_age_netbox age13fqs76z2vl5l84dvmmlqjj5xkfsfe85xls8uueul7re9j3ksjs0sw2xc9e
|
- &host_age_netbox age13fqs76z2vl5l84dvmmlqjj5xkfsfe85xls8uueul7re9j3ksjs0sw2xc9e
|
||||||
- &host_age_public_web_static age19s7r8sf7j6zk24x9vumawgxpd2q8epyv7p9qsjntw7v9s3v045mqhmsfp0
|
- &host_age_public_web_static age19s7r8sf7j6zk24x9vumawgxpd2q8epyv7p9qsjntw7v9s3v045mqhmsfp0
|
||||||
|
- &host_age_yate age1kxzl00cfa5v926cvtcp0l3fncwh6fgmk8jvpf4swkl4vh3hv9e5qyqsrnt
|
||||||
creation_rules:
|
creation_rules:
|
||||||
- path_regex: config/hosts/git/.*
|
- path_regex: config/hosts/git/.*
|
||||||
key_groups:
|
key_groups:
|
||||||
|
@ -96,6 +97,22 @@ creation_rules:
|
||||||
- *admin_gpg_dante
|
- *admin_gpg_dante
|
||||||
age:
|
age:
|
||||||
- *host_age_public_web_static
|
- *host_age_public_web_static
|
||||||
|
- path_regex: config/hosts/yate/.*
|
||||||
|
key_groups:
|
||||||
|
- pgp:
|
||||||
|
- *admin_gpg_djerun
|
||||||
|
- *admin_gpg_stb
|
||||||
|
- *admin_gpg_jtbx
|
||||||
|
- *admin_gpg_yuri
|
||||||
|
- *admin_gpg_june
|
||||||
|
- *admin_gpg_haegar
|
||||||
|
- *admin_gpg_dario
|
||||||
|
- *admin_gpg_echtnurich
|
||||||
|
- *admin_gpg_max
|
||||||
|
- *admin_gpg_c6ristian
|
||||||
|
- *admin_gpg_dante
|
||||||
|
age:
|
||||||
|
- *host_age_yate
|
||||||
- key_groups:
|
- key_groups:
|
||||||
- pgp:
|
- pgp:
|
||||||
- *admin_gpg_djerun
|
- *admin_gpg_djerun
|
||||||
|
|
|
@ -6,7 +6,7 @@
|
||||||
domain = "z9.ccchh.net";
|
domain = "z9.ccchh.net";
|
||||||
};
|
};
|
||||||
|
|
||||||
users.users.chaos.password = "yes";
|
# users.users.chaos.password = "yes";
|
||||||
|
|
||||||
system.stateVersion = "23.11";
|
system.stateVersion = "23.11";
|
||||||
}
|
}
|
||||||
|
|
|
@ -6,5 +6,6 @@
|
||||||
./networking.nix
|
./networking.nix
|
||||||
./yate.nix
|
./yate.nix
|
||||||
./service.nix
|
./service.nix
|
||||||
|
./sops.nix
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
233
config/hosts/yate/secrets.yaml
Normal file
233
config/hosts/yate/secrets.yaml
Normal file
|
@ -0,0 +1,233 @@
|
||||||
|
git_clone_key: ENC[AES256_GCM,data:U/Ogt05wAZsGWTcdKN/Iv2LfScrpR5PuiPU97OHYO75hHV98B5fdQ1SXOgKHa+JdmDHTyh0sDjFt1DwqzCtFmSuQzRh5vpsXHml6qjo1vmsgX2g3HNfA9jAnWQb7HiyYx1HxgEXeJBwBNHO2/O7h7mEkC17lWrdNsX2AiENcVZBPYceJ+YV5ZuhAswh6MS99co57jQhpOv520Hz76qgYwtEDtLL0FEDO2ZIuvyo4CXgS53uIMwF/aJjgKz6+C1cgL6xvNg+ZjIqadIU2sSopkDxxL9l9XTiqM/NrHCI62BAR90ixIiSPePEvkGXzMblPdJl2XL3wW2zn4Ag64jCSylOksSqJCDrqkpc10S/mHGSWDDRneqD/m90Dbyt0I8d5xUpDnRguOxVSLFXvPUjSKmLIW4EN2rmlChzDAqY3w7XaoUnWUVUgHLR4EsVxwLVjVx38Q90JIudz57N/2mvyjHphHJxvy6ye5qLbaxB8RfFkG5yfFzueoSmni5Znc6XkbaiKOPBEXGIio+7EHTgs,iv:QDPgBoFWw1ywfkdoMR15il9iPELtfgqx3p7HYo90kPk=,tag:FWEXc6nOzSE4NxlEtFt3sw==,type:str]
|
||||||
|
sops:
|
||||||
|
kms: []
|
||||||
|
gcp_kms: []
|
||||||
|
azure_kv: []
|
||||||
|
hc_vault: []
|
||||||
|
age:
|
||||||
|
- recipient: age1kxzl00cfa5v926cvtcp0l3fncwh6fgmk8jvpf4swkl4vh3hv9e5qyqsrnt
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4Rmg0UXBXcWcyRTV6ZGlP
|
||||||
|
TDY1RFBVaTlVQnJVV3NnU1ZTeEJzb2xsZXdJCnVFSGF0UjQ1OUpxcVNVb2F4K3Uw
|
||||||
|
KzZRYWtTaTJFd29zcmJENTRLMmZsUVkKLS0tIEdGaHRaOWFyeTMzSit4WFh1UGVS
|
||||||
|
bkRxanFoekdaQzZnSkFjNmhwNE1EdkUK5scD+5qe0QJvsgPHTrGQ4KrQLC8EHex1
|
||||||
|
xpImRJ0Y0R3e6p/WLwYbF236Ju2Z4f2Zg2Zw9/ErdM1McBJ8ll6yrw==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
lastmodified: "2024-08-06T20:00:59Z"
|
||||||
|
mac: ENC[AES256_GCM,data:mGhASa+NAaiiYRK74HfMKIfQxBnT/db1tpn2kmSvi0+NSZzxVZjOtsAF3zUqBf7Mjh1Fr3Bfr/MlskiKfznO9rMmwF93r7TeFURIUwAXN7/TFvdjJQGTBo2uIGoE94xZImNuwGlZmZXoZtE9/i31wH9g7al9pqRKmEyJ3oP0eCo=,iv:2Yb9ofOitYLvHC1HybQBxoRBkx8VBxTONfLt4pfp4y4=,tag:N259N6s+c2cYEjLzB+a7sg==,type:str]
|
||||||
|
pgp:
|
||||||
|
- created_at: "2024-08-05T20:33:02Z"
|
||||||
|
enc: |-
|
||||||
|
-----BEGIN PGP MESSAGE-----
|
||||||
|
|
||||||
|
hQIMAxK/JaB2/SdtAQ/8Dx0hTc0zZkd9+RXuKOXU8ZkKF54lcxfDTMH0rD2bKPhg
|
||||||
|
do/+I4VOSJxfyTvzFNjVXywSCEsws2+RyS73jF4048o4DrNQNG4P70GqXAqjDbQL
|
||||||
|
r+WCKT0if85JYPo/ho8nSRumo44BlbN2+Ftc5Z90UshW63VPU4Xm1Woqm8TOvs/0
|
||||||
|
cyhsigShwJGymnIEY4PwdT6fd/gkVVaoC9nCrkkSbaQZa1rXHud8+jLK+4TXebKl
|
||||||
|
Qk2G2cVivWBioT4wGjhZvQ6lLK4mlaqxiZF3aRYcUs1Hwgq1ZolbgiGPWG4xisFa
|
||||||
|
JgsqYRnmGnTM/33l57Cy8CpVHfprrapUXh2X2Ly/pBRQn+ns2zk1wkpTUHbwmyQi
|
||||||
|
ETLvw68PXbayoDNunMqZl2RWPjPnotNVeG5i2s+pwaEoDKAWcud2NPUWFb+gyftk
|
||||||
|
YNxMdp1CpXXOHpU4Ty+HHXAU/uLVVzLT91RLJAn+Y6rRyevg4UBSB/Y+lc5IMTfa
|
||||||
|
QPPLRPV6/P4LIWDlOdg/S3Q7ZwryNAogU/Hyuuz2xyS8LK7S7M0+BgVBrOkowazy
|
||||||
|
aGemt/BmQkyPQDpJTPxtdzsK1vvplol7uJnNou1h0krrgHlAzb++3i8+V4Z18dBg
|
||||||
|
GSeWIdSm+OD1HPDyD1054wEUAgPfRh0TZma+vDirH4RDH0tMubRGOLl17nV+/v7U
|
||||||
|
ZgEJAhCYgHEjsPDIpUoHopF1vkhxmhv6YqILLzDftbbmDQUqncs/mgnFCJPNnKVJ
|
||||||
|
ldwNj2kuAd2L5VRI0E9k0ZVzg/Aqb8B2wSTiJmQGWI3b0tNfGuC65fe7p8ceJ5vZ
|
||||||
|
et8Y1DEjVg==
|
||||||
|
=u7aP
|
||||||
|
-----END PGP MESSAGE-----
|
||||||
|
fp: EF643F59E008414882232C78FFA8331EEB7D6B70
|
||||||
|
- created_at: "2024-08-05T20:33:02Z"
|
||||||
|
enc: |-
|
||||||
|
-----BEGIN PGP MESSAGE-----
|
||||||
|
|
||||||
|
hQIMA6EyPtWBEI+2ARAAsrHbA58mnccH/oWDgoEqwJx+ZkeSWo6Arc0nMhU/Qh+9
|
||||||
|
Nl/pKdKm3LsIwkKTRVGDxI4vFRo42LFZE47nyfa70G7GiM1uJnEOx6vLTN0HpL6S
|
||||||
|
YQi8Dbb/+WA7QnGDfaEiozGQzsPMAgSVAE3A0rlcLBqQwiGsfhHr1RwEggfXqMG4
|
||||||
|
twxWIbKI/8T088b1IFs7fOKxzEB6na7+HoNaG22jlvRY0irMfgti8xeflWmZIKf2
|
||||||
|
uY6gM2rCOtCSi8vZEhJiXb5SG1NbyMmVHsz0ZXHwwGsiDACFqISqfR921B0Cuftx
|
||||||
|
Nj2pIwKbGyOOsFjlbC3ZGUMplLzYpRMx8LetLMrksWSpzypWdeI166gjF4MncUlQ
|
||||||
|
gl5hM7gL/+6k86yxIqTeexVoU24NRcsYCnQKZAK5T2fxQxX0BXppWxju6Jq1erRU
|
||||||
|
JZsggrbxELMJfcyrDC1cH/zgAM1kqOi32ZaGiO3U1WA5fxhJPUy5kxoQXSISL7Ng
|
||||||
|
mrnnMKIWK7eClQb47a/lYWEIqw1UjJhCPmKVHlcSmiH8FATfr5KjHeFlK8Zou5Ji
|
||||||
|
yMbVS7s2P9MeEzdnNC8PSFwjM9K7qXuWJYvDQtUracfxgO3X0r7Z+5g62WmLVDcp
|
||||||
|
E26DzDyTrU6Vf6WANOg/V7C7paOasnpcaU62/C65BBtGH23mgEfkJSkBYJWCea7S
|
||||||
|
XAHLeksa73OaeO28kTspM4G/Nlh65lr2p92gmcpbqkARvw8dIOUrAqPMRjJHabZq
|
||||||
|
vLbFx/uqXDPfALVXNWKGZp3vObGPLImQ1EfjVCYzOlkXXnfVdE+ih9+HIYhX
|
||||||
|
=advR
|
||||||
|
-----END PGP MESSAGE-----
|
||||||
|
fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC
|
||||||
|
- created_at: "2024-08-05T20:33:02Z"
|
||||||
|
enc: |-
|
||||||
|
-----BEGIN PGP MESSAGE-----
|
||||||
|
|
||||||
|
hQIMAz5uSgHG2iMJAQ//c9NMv/m/qGaJR+2jeu5VAbPwqIfBbrAEiV2s6TlzJRLz
|
||||||
|
7yEo9l/wh2WV+1Ew9dM5Pe8cgezjNaXgCeV8EEMu6dzOb1N++3TQJ7ET10DaOVec
|
||||||
|
ofEwDUYj8UHmV0VmhOPWLpceAod5wk4Xm4rlJTFjQ6TKN8U0dBoGS1cxHWwWw8oa
|
||||||
|
RebdNmpfSgkj0ohbeD9owxQ7JhqGlOPo1JCz7YI6c6bwQ1wuOC/XqnJt4F5ny8ty
|
||||||
|
y/qj1m9KrL5nRRc06qxNtmYODMuS+OeScfcI4grX7wMTUrqaFkCVHcboi5ZD6DzE
|
||||||
|
L49PT51/KK/lOlgKjSDfGgRRj9a9UO+7IXnMG0/5kDzRRBJDBzZH/5rujP8ffz+8
|
||||||
|
glxGBiBhsLroHbwn3a4BlDHpnuqCKa/7CmSyfGCNPp0TuMPvCVWf6muXA86wo5fQ
|
||||||
|
B/qKjvJV15qWJXdKDYyWJAg2B78/dROYbX142R9wPitP8zyj8b3jrzIcoIViAvkl
|
||||||
|
L3ZnnhqZxzkKcfc2rBsdadBEquz9+oGj6rKARyhFkT92in6zZO19fBZqTH5y/QYl
|
||||||
|
o0bDAbdQKJf36Eqh8G102z2x/Keo7gK/PWwwOi5YrFlgDVk4oBqAHWRgBiEvjSaO
|
||||||
|
Z7Ork1eeBUuZLAofzMoNNDaZS0KBfEgE3gczGpcRjjIwTDSIXM8NVtz7aXwZjUTS
|
||||||
|
XAG89qkxjGjlnJcRrE6izhiNbepWaOYYWb57VB5jL0TciQJHR7nbOGQh0T+tNKcb
|
||||||
|
fKyxZOL8IdGpoqxsRCuaPE5cEwc17XKuu53CfZo9t6hjh8SwRKWGnk7dkYhy
|
||||||
|
=vqhH
|
||||||
|
-----END PGP MESSAGE-----
|
||||||
|
fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5
|
||||||
|
- created_at: "2024-08-05T20:33:02Z"
|
||||||
|
enc: |-
|
||||||
|
-----BEGIN PGP MESSAGE-----
|
||||||
|
|
||||||
|
hQIMAw5vwmoEJHQ1ARAArape3cqNbLeWh0YdcG9fBcuzyrTGntyD6ccl9Wwc4aTd
|
||||||
|
+uNMhCl7758tETPPK4qneAYNSnbnFQcgKj0ATkVMhMuT58g15GMEyXvhUsIukpQ7
|
||||||
|
Ca5t+aVh1fmb1pvcWPd4MUUQzt8KKN99+0KfyWzvdsb2jUBKICG3TQvTWXT93+g4
|
||||||
|
LjG6TCW+wv06nTquaCEaR4IdEPJRfZEspUXDhi2Wr/AjXIlvfN/yhs2AyTjde5un
|
||||||
|
kha2iy85o2NikCYoIaqFvFaEDOGjdcT4g/jaErxXn8sSxOQo9aV/r5Ksm/mXyEI2
|
||||||
|
cSrbMfBXwrlrHNZ5VCbYZLbNjIbwFdBV04buZldDT4GYmBW/PG71NeKDrXrgnTOn
|
||||||
|
3fBkXmhFb3gLppMv2v2TY96lGk3Obbfnry1lsgLLW+SvustNe1en3mXSVciCbuEh
|
||||||
|
7bsb4AkJyJXSUFh8jQ1LWxcE9jsI6eIj9eb/tw0QmC0y8Q2fqOV927B8d7Pl2dyU
|
||||||
|
K0aryOwn+80ce7sBd/9JRL6SOHB2nK8BpmRO2blAmhrGEjX8kif9hFrXHLU2+7sb
|
||||||
|
QC0ccFjoleqhTgsnOXCHwfm0ggejvZhS3GLjABgXBp2LVVYuWZXVhCQuRLsUV2v3
|
||||||
|
Wf4fPWaGWw8tTTaW198H0NWfd/FSogzWQcsgknVWM9YS/zzqcQNYsSObwh2q2V/S
|
||||||
|
XAFWrPxSexFSi0XiXK7ahhnp7OTIMtw9dy3e0HQ/7F8guhvhwoTcK6bLY2967wyj
|
||||||
|
IPh1r+J6g090fN2QXm0oHTSJbhl+fy4bOkXVt/ATyPh6b0yRaxMgSGXWeh3C
|
||||||
|
=hGXq
|
||||||
|
-----END PGP MESSAGE-----
|
||||||
|
fp: 87AB00D45D37C9E9167B5A5A333448678B60E505
|
||||||
|
- created_at: "2024-08-05T20:33:02Z"
|
||||||
|
enc: |-
|
||||||
|
-----BEGIN PGP MESSAGE-----
|
||||||
|
|
||||||
|
hQIMA4HMJd/cQYrVARAAwAzM+dgsD/WBFbCFIXhDdsLmmWZMeVLD1AlLTmu/GfGg
|
||||||
|
YvHhW4giEaqEzUsQOuxmyND7eQd3fBKf1GcwFLXE9xrR6YD5yh7s898mnCpBi2Xi
|
||||||
|
LBPMz7nN/j7mfetPklsTazbbaoSB9hVx8AK7jzS7zvzgEGIm8Yeilx/v8OqbT1xQ
|
||||||
|
+07soWjVvqM526a24KSdRBTgvXPJvqIPt0IEZzFWtAppectcRBiZJHX4huU5wOuG
|
||||||
|
SEk0vgwCwrt3cades+dbh59cSqUc65qGhDti0tnygnSKgepOkQsFOqoZ/WvgE+io
|
||||||
|
5fNEI4g2/D+gmSelCCcQE0MFe+Uzc1FpsWwZiHnbGfnA55GO0dvoOUAsJQtwCLSq
|
||||||
|
1Lw8bpywgfIfU4QMYmZAaYsHDly4VTwluFe1WnExzf/nMxRQQmqIlg2pTmNZ6tJ1
|
||||||
|
1A9Rc6mg83//2fNWRw+JBtOJUCePw5nyJ0jTOQZd7Dl0ZzwlsgH8g/Y/Flg1kFll
|
||||||
|
CXGcJ1TMjTjzD4+Fl3UE+BqpzBjwQodzHqX3LEJ9uJ2guw0zbWzuMs10aTEoW/1U
|
||||||
|
pVGexkrcaduykd5TQmMO8yG6rW2KEKJlh68lxZslUAiG0ASTuSpY5A8leS5OZZgF
|
||||||
|
EQjs903r1epwJgBwnQGhijpTrmqiThvdE0BJ9r1jmxUy75KzWh/SZDmpCwDfsELS
|
||||||
|
XAEceOrsLsaYRqisM5D1zvNneEoGKv3GoS4cs4iuqHPyy2ZueHWK24HmAmrghRQ7
|
||||||
|
uLCmS0SmU5CY5gmVRkrKhY/0wtKWqJ10cK17Z/dQtRz6g3qmFM4JBfMy4BL9
|
||||||
|
=vZLC
|
||||||
|
-----END PGP MESSAGE-----
|
||||||
|
fp: 91213ABAA73B0B73D3C02B5B4E5F372D17BBE67C
|
||||||
|
- created_at: "2024-08-05T20:33:02Z"
|
||||||
|
enc: |-
|
||||||
|
-----BEGIN PGP MESSAGE-----
|
||||||
|
|
||||||
|
hQIMAxjNhCKPP69fARAApzEcBIVknhmysQc02ufbjFzKweB4jsCvGoPXSooMzs4x
|
||||||
|
p4keH/xaVXF1/nn+bzMHJt1/LV1/5LlyHtQNcZ30hUrziOy4LCnyfNgb5WP3VMP3
|
||||||
|
XW6ZcBiEIcUHZ1Ikl/cUNCpKazVRD6o6oKmFCwXKgE9a/l5XX/j3vizQ22vwfgfa
|
||||||
|
oziQPhMadfne8hXAJIB7fOn45ZLFNgLqYWW4Jh4L1DJflziNR8kx3NQJLWDmSqqB
|
||||||
|
SpuFBkm7DaLCkj/TpvAQs5xSI69kLlDfcaEPI4noAdhJh+jwGVLNmKyekKsYfrDS
|
||||||
|
5cQUVD3Hmn4WnpR2jLJAlwcFaEZt0muiLIxZmAxfSzJhld8G4GOcoAllfG9ze+QG
|
||||||
|
oJ3G6jWtJeoCZR5zbdk+lNcQ+iHD6bzrkN+54menxu2XGHkFKQ1es/g+cU0AI3yZ
|
||||||
|
XXgnlwNtC75TzZHwSA0kjmqcgr5XVcoLOr5XJWasQOyIXpjcHbfonnMV4NE5A/Jo
|
||||||
|
IEMLUdjLBWmjW1xeWo1CJ8hELbpfNaQf8YBzEuo5Yqvs7s0fKl8ea18jwtwYP9qc
|
||||||
|
2CbD+7GpxuK/06gMTt7LExcqt39PVGmeFAtZHNtNBMnZ6Ek5cbWqhjPOCy2MFVaa
|
||||||
|
XTH3UxD1YISZC+NZtSYLDWrTwzY3EYCttAxHzg1iFC8STaM/OR6beD0OPcPj+QLS
|
||||||
|
XAH6NdHQcUSsFJ0KR4dfOrOnuLDzX2xLsgXJvDhRVbpYwSdeG40j5oGiNpam+z8/
|
||||||
|
fDboI4SNzB7Mb4j196kSHWK90sKFsxGkoDGZM/QZh4QA2v0yke1sqkUwkK4I
|
||||||
|
=SLD4
|
||||||
|
-----END PGP MESSAGE-----
|
||||||
|
fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55
|
||||||
|
- created_at: "2024-08-05T20:33:02Z"
|
||||||
|
enc: |-
|
||||||
|
-----BEGIN PGP MESSAGE-----
|
||||||
|
|
||||||
|
hQIMA1Hthzn+T1OoAQ/+LSHRuYFtIKdxABivqoxvbirPS9Vyo+lYNXMRt9eK5oYp
|
||||||
|
8ei+fyJgsyxXIIlsW2Dg/ZrM8O4aTxkuX1Eg0BhvuWWGBx71S7IGYX+6eSqrZWb+
|
||||||
|
0zLSwKHmk3avGae/IkpKyEdFnGpHKhnILfpKEXVRWHQo5hjxFzUwzNr5N+wJcq19
|
||||||
|
sVuCsu4WSt75Ab5bTjl/AYrfYegkK5zXo2I+njIcSYqleQ6vlQ10LUiPg8QhPXqB
|
||||||
|
NvC8DVglMHN+dFDrnn5huTsd23nIJn6HRbLkqgPCezT8JUgjvEsO0tOdnM8jwRnI
|
||||||
|
K79HH53p3fbxSut+/P+u1X0gMTOT7KeLfY8URho5HQnnmymXbRxuWoQea9/Z3qIX
|
||||||
|
4tfYkcMQA3+rxXANgsfT1yHEs8NjomUxi0SmSCeqtH333iMJJwEwWgLiIKFAA6t9
|
||||||
|
SffF9liWeG88VEeAF5dM+7uQ7XrTsAlcdHdNoQCpprx3Hx331rFt1DOj3Md2moF0
|
||||||
|
TUqdNsZ7wCA9zlVPwtjkILMGEdz8ZN62an0R/h2ZM9Y/wuZcl1M6wWI9eyjx2Qva
|
||||||
|
7/Xk6LMklmNICifOZZ5Tmw1xSyxOIW8VNp7IiKXZBAjb8NiUveNUos0gjMxNQ3PR
|
||||||
|
oWv8LY3vfYiKE7AJhzrEim1PX36OcRYpB+0BAou//9PGI59tHp/Fupi2lWx7Qv3S
|
||||||
|
XAEJRUzfnCPB56PdLkNFbJAj2v11zD8zBIZqpuGh/f3fE7V0klGy/Dx9yHyAhw0t
|
||||||
|
LeXMrYUYO3zjLc4yh7qdrGPBdWUQg8BzWwIJERdHS90zQwmcTkkaX5en3GII
|
||||||
|
=MQ9C
|
||||||
|
-----END PGP MESSAGE-----
|
||||||
|
fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD
|
||||||
|
- created_at: "2024-08-05T20:33:02Z"
|
||||||
|
enc: |-
|
||||||
|
-----BEGIN PGP MESSAGE-----
|
||||||
|
|
||||||
|
hQIMA46L6MuPqfJqARAApQx98KdexUMI0KY65hv0IRvBRFouPwpTsd4VpzTsbkYF
|
||||||
|
XDBhxWVXkI9iLS8O6siQygVDDMfIDs5SadVoOicWyOpHR5sjOaW9qHA4w399w8Fe
|
||||||
|
5XoPyfUuQvVywfHMhQiznHNPj5+SgcehwUL1i1+qD3h8RZxbgGkvYKinlkkbxzh/
|
||||||
|
Tk4lYjcoNvb/10XRWDEy5KxMB2qc2BFEWZk6DrXe9ZUd0IzYh+tA07rUZVu8TRAc
|
||||||
|
abx6/0lvgIK45frzYJb17yL/9mCbAUVzSlR/+5LZ+qm73Ax4nsGcGA8nfDVGw/di
|
||||||
|
+BbbpBHdCs7/1XEHfrKzuUXOAd0V1HjeQSS6zzcwsfFLMevYMyTLmiTwo6SEoWSk
|
||||||
|
nN599ZqPutG94MVtvaKqDY47ABSOr0BZIUn4jdus34GTgDjX3TVTx8KPzemIbUv7
|
||||||
|
BQcd654NKQN0poyZegrksnJVfs6OeSULLylufj6vyFNlKbjNR+D1sHhiyKcmyrQf
|
||||||
|
T0jDnPgZIzeVbNSdrDywrme+CykRSoFs60GgGYt6p/Omuh7Vp6we05jzY8lUJL76
|
||||||
|
VsGqqyCn3JLZb6iWFe+P7JT1VXsl8xsrmn5BKoSMeXqaXctYKuJ2E20gc90a8UXm
|
||||||
|
jhnHYeG2QHW1LBgv1yeqCpUIfHxNRr+gJ3cHQLNUuchC3vubf3sBXhHzYXyzyXrS
|
||||||
|
XAFwRah/o35ETWbRhFsw+SzJGTgsyUqKAtWGmfTRPsbVvbam63IEsbTSLOdMahmY
|
||||||
|
6uSgIbsZTobna90eVPFM8w3JIx7+Mq0YtdaLgRqpHJtPC7oVgN+RnKbgEEqQ
|
||||||
|
=uyf4
|
||||||
|
-----END PGP MESSAGE-----
|
||||||
|
fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A
|
||||||
|
- created_at: "2024-08-05T20:33:02Z"
|
||||||
|
enc: |-
|
||||||
|
-----BEGIN PGP MESSAGE-----
|
||||||
|
|
||||||
|
hQIMA4EEKdYEzV0pAQ//QZwerhHFVjR/LahlgmnO/HyiR+wbvNzHEya/rVwuu+st
|
||||||
|
V8hNgBFp9N1Y9uh/GFIzZd5ETz7yq0FawRptlt5k0CqVYfsDBIB3ewxukJeyjdj2
|
||||||
|
8E84l9SSdmV5uqWK+MV+uY57C8BBcgWtUpjOTNrGkAqtEd5YrSZwcgtKGVLI2Dd/
|
||||||
|
i2I1RYdYP/VTusBtpqPk+IrpJf8jEYcEhl+S0wnG+kh/rhyCCrtda49SgRbuJE2d
|
||||||
|
V9JJlASkC6H6DRn6dVcO2BUZss3ZQB+OF9vfo7tnnuU8Mw1C2JWPy9oPiNat5UGE
|
||||||
|
zVJZf//m0xBfQVFWFDs95lvqzsBcAAg02tTsclPTtgz9buW5Pph3/OUiq4o/ZWOz
|
||||||
|
TMSXGD+Fi/mbP7jJZndtiadMtfOQC1dGC86A5H01aQliWruIMb0Wp55+Zr2Rw39p
|
||||||
|
FlhFSfCzyQHgA+uMa45XFaHCaS9pllWoT3QO3csP5ZyeUM8pLvnxwnLB2BTgg+yF
|
||||||
|
aV3BP0nzbHAUuaDeb/WtRINKRcKHCqrPPAEvb6X0OU51NvzmaWJphpdrvi3/4sEO
|
||||||
|
5+zDlqSZetaBa9WB1iCeD/u8wNNunCXageLxBucesv1uH5PvF51A/aJvXf1jRCym
|
||||||
|
NjSUQw2aSX35nWc9MIcUnO5mB8H4N5BF2FBx8Nq2XnrVgVPqqe1Sc2Ph4tE54QzS
|
||||||
|
XAG1bzAX3lHh77xsUuy/Nk3VE3kzJhaxpyz0rPIn6NQ9lVcy4hiyecKL3Jk3Ffcn
|
||||||
|
kxeKnjym5E4e3f8cMxWQlc+xtwga5QAD2dU2X9fPj6UxGEbh+gDqLv8wtzMr
|
||||||
|
=7R+0
|
||||||
|
-----END PGP MESSAGE-----
|
||||||
|
fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA
|
||||||
|
- created_at: "2024-08-05T20:33:02Z"
|
||||||
|
enc: |-
|
||||||
|
-----BEGIN PGP MESSAGE-----
|
||||||
|
|
||||||
|
hF4DQrf1tCqiJxoSAQdA4XhPBK5WnPVo84ZrCUe92HZSEKtH88GLktniZCmAczcw
|
||||||
|
cO5WYiy9D4z/aieGuMTBGg5xRk7eAMZVTbMDV+KXKLVlDwoxKybKSbT+fvhNGJ13
|
||||||
|
0lwBd0RFKYGq4YO+/nUxHZo3hG6qmv3/K06fta/D4p/C5wYefNZVcAj5VqatP3Zi
|
||||||
|
I/ktqdDszkc98/bf4fHoQmSxP25Wp65jJBEYeMZgX75M/wguGeIBfEgZB5bgww==
|
||||||
|
=0G+m
|
||||||
|
-----END PGP MESSAGE-----
|
||||||
|
fp: B71138A6A8964A3C3B8899857B4F70C356765BAB
|
||||||
|
- created_at: "2024-08-05T20:33:02Z"
|
||||||
|
enc: |-
|
||||||
|
-----BEGIN PGP MESSAGE-----
|
||||||
|
|
||||||
|
hQIMAzdAjw8ldn6CAQ//Vu9YJvMsevJAd4RJwJ5HMdB3xy3dbDG98qZb8Zoj0+qX
|
||||||
|
KT/VsR9YoOLeszmzI6BtB2PQhLeavMR2/SFJTGunxaSCvHcd/q7dnC+WAmUVun8l
|
||||||
|
MVRkIRh1I+tX1KQBqFt1IzsUm5kwJD4iThn4OWyDlS3WCDFlOLUC1iZVtdqxptzy
|
||||||
|
p4mzM4NmR/Z8r8aA+dYdTlzDHyUhVnvYCDaRTIyr2qzd6kUHmo9PMRvqUNQkNA3k
|
||||||
|
YOwLt8VR0nZIAx7YOGwSp4E32tk09o7Z+dUIYqXO71c5TxXsOoeEbVn7gj+7KQVs
|
||||||
|
yDNMF7he54zjModPJkSa4MjwTC2NKzLClux0aE9dW5Zv2eSiTEIlaAwhJjH0wt8O
|
||||||
|
oMJ5A8Y39GmNoAkadQ5NLP6WwTaUFYLacT56/AdAvsodQf7zlF399wXZlQufAgLv
|
||||||
|
3WAvL+LQKpg8TwH74pJe4te4BjnqWvYx+jkRYbRxSXD2iwqrWXk57XysizgjAAre
|
||||||
|
FJe42BeL2uyP/cMTcNFcd+W2DztUkNR54FHSYY8mqev81BYX92ExsfEugsBzUaDF
|
||||||
|
3QBnZIZZInCQKnXIIaj5+rV8XXbMKnyTNBQCxfUk92OOrUhikvYhwfPev2ejUzQm
|
||||||
|
k8RgIG9ZBWDENGX9ojmTH+ec2gWmLvKGyhrKjWvNMzzblHfuxjdSizoQ1FflYEPS
|
||||||
|
XAE9Cu/L0lwQEU8vRRPPF9kRHLoJygxdOYoD4+SggCkPJxtyiCTNWJeOBwbSnGyh
|
||||||
|
B8GnNJwNn7H8vh40se/uo2311O8NcuvdLLiBw9DxCTCcPHqS4e5hF98oiSnI
|
||||||
|
=ZgbM
|
||||||
|
-----END PGP MESSAGE-----
|
||||||
|
fp: 3D70F61E07F64EC4E4EF417BEFCD9D20F58784EF
|
||||||
|
unencrypted_suffix: _unencrypted
|
||||||
|
version: 3.9.0
|
|
@ -1,6 +1,19 @@
|
||||||
{ config, pkgs, ... }:
|
{ config, pkgs, ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
|
# systemd.managerEnvironment = {
|
||||||
|
# SYSTEMD_LOG_LEVEL = "debug";
|
||||||
|
# };
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
sops.secrets."git_clone_key" = {
|
||||||
|
mode = "0600";
|
||||||
|
owner = "root";
|
||||||
|
group = "yate-config";
|
||||||
|
restartUnits = [ "yate.service" ];
|
||||||
|
};
|
||||||
|
|
||||||
systemd.services.yate = {
|
systemd.services.yate = {
|
||||||
enable = true;
|
enable = true;
|
||||||
description = "Yate telehony engine";
|
description = "Yate telehony engine";
|
||||||
|
@ -12,6 +25,7 @@
|
||||||
ExecStart = "${pkgs.yate}/bin/yate -c /etc/yate -e /etc/yate/share -Do";
|
ExecStart = "${pkgs.yate}/bin/yate -c /etc/yate -e /etc/yate/share -Do";
|
||||||
Type="simple";
|
Type="simple";
|
||||||
Restart="always";
|
Restart="always";
|
||||||
|
User="root";
|
||||||
Group="yate-config";
|
Group="yate-config";
|
||||||
StateDirectory = "yate";
|
StateDirectory = "yate";
|
||||||
StateDirectoryMode = "0775";
|
StateDirectoryMode = "0775";
|
||||||
|
@ -19,14 +33,17 @@
|
||||||
};
|
};
|
||||||
wantedBy = [ "default.target" ];
|
wantedBy = [ "default.target" ];
|
||||||
requiredBy = [ "network.target" ];
|
requiredBy = [ "network.target" ];
|
||||||
preStart = "if ! [ -d \"/var/lib/yate/.git\" ]
|
preStart = "echo \"\n\" >> /run/secrets/git_clone_key
|
||||||
|
if ! [ -d \"/var/lib/yate/.git\" ]
|
||||||
then
|
then
|
||||||
${pkgs.git}/bin/git init /var/lib/yate
|
${pkgs.git}/bin/git init /var/lib/yate
|
||||||
${pkgs.git}/bin/git -C /var/lib/yate remote add origin forgejo@git.hamburg.ccc.de:echtnurich/yate-config.git
|
${pkgs.git}/bin/git -C /var/lib/yate remote add origin forgejo@git.hamburg.ccc.de:echtnurich/yate-config.git
|
||||||
${pkgs.git}/bin/git -C /var/lib/yate pull -f --set-upstream
|
env GIT_SSH_COMMAND=\"${pkgs.openssh}/bin/ssh -i /run/secrets/git_clone_key\" ${pkgs.git}/bin/git -C /var/lib/yate pull -f --set-upstream
|
||||||
echo \"New repo set up.\"
|
echo \"New repo set up.\"
|
||||||
fi
|
fi
|
||||||
${pkgs.git}/bin/git -C /var/lib/yate fetch --all
|
test ${pkgs.openssh}/bin/ssh
|
||||||
|
${pkgs.git}/bin/git -C /var/lib/yate config --add safe.directory \"/var/lib/yate\"
|
||||||
|
env GIT_SSH_COMMAND=\"${pkgs.openssh}/bin/ssh -i /run/secrets/git_clone_key\" ${pkgs.git}/bin/git -C /var/lib/yate fetch --all
|
||||||
${pkgs.git}/bin/git -C /var/lib/yate checkout --track -f origin/master";
|
${pkgs.git}/bin/git -C /var/lib/yate checkout --track -f origin/master";
|
||||||
# ...
|
# ...
|
||||||
};
|
};
|
||||||
|
|
7
config/hosts/yate/sops.nix
Normal file
7
config/hosts/yate/sops.nix
Normal file
|
@ -0,0 +1,7 @@
|
||||||
|
{ ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
sops = {
|
||||||
|
defaultSopsFile = ./secrets.yaml;
|
||||||
|
};
|
||||||
|
}
|
|
@ -16,6 +16,6 @@
|
||||||
|
|
||||||
environment.etc.yate.user = "root";
|
environment.etc.yate.user = "root";
|
||||||
environment.etc.yate.group = "yate-config";
|
environment.etc.yate.group = "yate-config";
|
||||||
environment.etc.yate.mode = "0775";
|
environment.etc.yate.mode = "symlink";
|
||||||
environment.etc.yate.source = "/var/lib/yate";
|
environment.etc.yate.source = "/var/lib/yate";
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue