moved syncthing key/cert hosts -> nixosModules

This commit is contained in:
Aly Raffauf 2024-06-09 21:39:35 -04:00
parent 819ea712fe
commit d772abff12
7 changed files with 10 additions and 54 deletions

View file

@ -96,6 +96,7 @@
specialArgs = {inherit inputs self;}; specialArgs = {inherit inputs self;};
modules = [ modules = [
./hosts/${host} ./hosts/${host}
self.nixosModules.default
inputs.agenix.nixosModules.default inputs.agenix.nixosModules.default
]; ];
} }

View file

@ -11,7 +11,6 @@
./disko.nix ./disko.nix
./hardware.nix ./hardware.nix
./home.nix ./home.nix
self.nixosModules.default
]; ];
boot = { boot = {
@ -25,17 +24,8 @@
networking.hostName = "fallarbor"; # Define your hostname. networking.hostName = "fallarbor"; # Define your hostname.
age.secrets = {
syncthingCert.file = ../../secrets/hosts + "/${config.networking.hostName}/syncthing/cert.age";
syncthingKey.file = ../../secrets/hosts + "/${config.networking.hostName}/syncthing/key.age";
};
services = { services = {
fwupd.enable = true; fwupd.enable = true;
syncthing = {
cert = config.age.secrets.syncthingCert.path;
key = config.age.secrets.syncthingKey.path;
};
}; };
alyraffauf = { alyraffauf = {

View file

@ -11,7 +11,6 @@
./disko.nix ./disko.nix
./hardware.nix ./hardware.nix
./home.nix ./home.nix
self.nixosModules.default
]; ];
boot = { boot = {
@ -25,17 +24,8 @@
networking.hostName = "lavaridge"; # Define your hostname. networking.hostName = "lavaridge"; # Define your hostname.
age.secrets = {
syncthingCert.file = ../../secrets/hosts + "/${config.networking.hostName}/syncthing/cert.age";
syncthingKey.file = ../../secrets/hosts + "/${config.networking.hostName}/syncthing/key.age";
};
services = { services = {
fwupd.enable = true; fwupd.enable = true;
syncthing = {
cert = config.age.secrets.syncthingCert.path;
key = config.age.secrets.syncthingKey.path;
};
}; };
alyraffauf = { alyraffauf = {

View file

@ -16,7 +16,6 @@ in {
imports = [ imports = [
./hardware.nix ./hardware.nix
./home.nix ./home.nix
self.nixosModules.default
]; ];
# Bootloader. # Bootloader.
@ -25,16 +24,6 @@ in {
networking.hostName = hostName; # Define your hostname. networking.hostName = hostName; # Define your hostname.
age.secrets = {
syncthingCert.file = ../../secrets/hosts + "/${config.networking.hostName}/syncthing/cert.age";
syncthingKey.file = ../../secrets/hosts + "/${config.networking.hostName}/syncthing/key.age";
};
services.syncthing = {
cert = config.age.secrets.syncthingCert.path;
key = config.age.secrets.syncthingKey.path;
};
alyraffauf = { alyraffauf = {
apps = { apps = {
nicotine-plus.enable = true; nicotine-plus.enable = true;

View file

@ -11,7 +11,6 @@
./disko.nix ./disko.nix
./hardware.nix ./hardware.nix
./home.nix ./home.nix
self.nixosModules.default
]; ];
boot = { boot = {
@ -25,16 +24,6 @@
networking.hostName = "petalburg"; # Define your hostname. networking.hostName = "petalburg"; # Define your hostname.
age.secrets = {
syncthingCert.file = ../../secrets/hosts + "/${config.networking.hostName}/syncthing/cert.age";
syncthingKey.file = ../../secrets/hosts + "/${config.networking.hostName}/syncthing/key.age";
};
services.syncthing = {
cert = config.age.secrets.syncthingCert.path;
key = config.age.secrets.syncthingKey.path;
};
alyraffauf = { alyraffauf = {
system = { system = {
plymouth.enable = true; plymouth.enable = true;

View file

@ -11,7 +11,6 @@
./disko.nix ./disko.nix
./hardware.nix ./hardware.nix
./home.nix ./home.nix
self.nixosModules.default
]; ];
boot = { boot = {
@ -22,16 +21,6 @@
networking.hostName = "rustboro"; # Define your hostname. networking.hostName = "rustboro"; # Define your hostname.
age.secrets = {
syncthingCert.file = ../../secrets/hosts + "/${config.networking.hostName}/syncthing/cert.age";
syncthingKey.file = ../../secrets/hosts + "/${config.networking.hostName}/syncthing/key.age";
};
services.syncthing = {
cert = config.age.secrets.syncthingCert.path;
key = config.age.secrets.syncthingKey.path;
};
alyraffauf = { alyraffauf = {
system = { system = {
plymouth.enable = true; plymouth.enable = true;

View file

@ -28,12 +28,20 @@
}; };
config = lib.mkIf config.alyraffauf.services.syncthing.enable { config = lib.mkIf config.alyraffauf.services.syncthing.enable {
age.secrets = {
syncthingCert.file = ../../../secrets/hosts + "/${config.networking.hostName}/syncthing/cert.age";
syncthingKey.file = ../../../secrets/hosts + "/${config.networking.hostName}/syncthing/key.age";
};
systemd.services.syncthing.environment.STNODEFAULTFOLDER = "true"; systemd.services.syncthing.environment.STNODEFAULTFOLDER = "true";
services.syncthing = { services.syncthing = {
enable = true; enable = true;
cert = config.age.secrets.syncthingCert.path;
dataDir = "/home/${config.alyraffauf.services.syncthing.user}";
key = config.age.secrets.syncthingKey.path;
openDefaultPorts = true; openDefaultPorts = true;
user = config.alyraffauf.services.syncthing.user; user = config.alyraffauf.services.syncthing.user;
dataDir = "/home/${config.alyraffauf.services.syncthing.user}";
settings = { settings = {
options = { options = {
localAnnounceEnabled = true; localAnnounceEnabled = true;