jawz/NixOS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

nix-serve

Browse Source
This commit is contained in:
Danilo Reyes 2024-11-12 14:08:55 -06:00
parent f67726b3ad
commit 63fa3236b1
2 changed files with 35 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
modules/servers/nix-serve.nix Normal file
View File

@ -0,0 +1,28 @@
{
lib,
config,
pkgs,
...
}:
let
cfg = config.my.servers.nix-serve;
setup = import ./setup.nix { inherit lib config; };
in
{
options.my.servers.nix-serve = setup.mkOptions "nix-serve" "cache" 5000;
config = lib.mkIf cfg.enable {
sops.secrets."private_cache_keys/miniserver".sopsFile = ../../secrets/keys.yaml;
services = {
nix-serve = {
enable = true;
openFirewall = true;
package = pkgs.nix-serve-ng;
port = cfg.port;
secretKeyFile = config.sops.secrets."private_cache_keys/miniserver".path;
};
nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (
setup.proxyReverse cfg.hostName cfg.port // { }
);
};
};
}

10
secrets/keys.yaml
View File

@ -1,3 +1,7 @@
private_cache_keys:
miniserver: ENC[AES256_GCM,data:Qr7TFZodQKUK/v2IcvVtjk2hv7JlPHbztn7pEgxBHeo55Kzj/Dme+iNcF5nt/nrO2kooKPHdXkB6JpcyUh4/1Uv63VDgZ4S10VZaT9ZuretA0uODagaAo12HaKDPn/j6kVCmEKLDqBXZCoI=,iv:Dq6fpnJRRWub1CHAvBcvmtrhE2qglzuhBjsfAEgxpIM=,tag:WF4fXIqm3iVipnJk6fIzFQ==,type:str]
public_cache_keys:
miniserver: ENC[AES256_GCM,data:HttfFZyf+Cs+mMlsF43Kel0Kvivw/ONH8SQukPzPMz/ehdalXS3h4YxExUO+2UYv85DoddSEn5PFRgTwlCX4,iv:9M2/NkRQZII0v1ljlpu3AEZSNRaWv+444EMiex6dums=,tag:l+zHv94Fd2VB2/+KhQ74lQ==,type:str]
public_keys: public_keys:
age: ENC[AES256_GCM,data:zHxSM0lMbOFgxR0zV/byXg1qfZ2fz+coAEnUg64HCYTir6Fbf4lKKLJPuN7md42IsCgzBkE2aR6EXfDxRNZk59kYqZw4GZtOQV9FWmeB5JsUwGP1TapRebmR/zcjgbwQ,iv:ispmW1I50n8WKn/34V+gdicEb7396SK7OcTLQWKq4+4=,tag:8PivakR8Mo/w2j0rLt/dUA==,type:str] age: ENC[AES256_GCM,data:zHxSM0lMbOFgxR0zV/byXg1qfZ2fz+coAEnUg64HCYTir6Fbf4lKKLJPuN7md42IsCgzBkE2aR6EXfDxRNZk59kYqZw4GZtOQV9FWmeB5JsUwGP1TapRebmR/zcjgbwQ,iv:ispmW1I50n8WKn/34V+gdicEb7396SK7OcTLQWKq4+4=,tag:8PivakR8Mo/w2j0rLt/dUA==,type:str]
workstation: ENC[AES256_GCM,data:g1qejAegE2WLQ8pW868ZOuCzxIeKAPnSTl1tfMS5WEZCI1iwFA8L5N/nEwPWpzr1AhnKAP2CxnguBes7AgR9qzaFf56fVByfA4Zc5LqYBiSyCpZ7mF/nGrcQzMiqttJq5g==,iv:58/tWUjNdLzOHrliAlyhtZSNEakA1sphYrrqcWRTIMY=,tag:1fY94k11cvNploDtbglQ/w==,type:str] workstation: ENC[AES256_GCM,data:g1qejAegE2WLQ8pW868ZOuCzxIeKAPnSTl1tfMS5WEZCI1iwFA8L5N/nEwPWpzr1AhnKAP2CxnguBes7AgR9qzaFf56fVByfA4Zc5LqYBiSyCpZ7mF/nGrcQzMiqttJq5g==,iv:58/tWUjNdLzOHrliAlyhtZSNEakA1sphYrrqcWRTIMY=,tag:1fY94k11cvNploDtbglQ/w==,type:str]
@ -74,8 +78,8 @@ sops:
dklwODNxYVo4a2FaWDJFM0FnV1l3SlUKMnq/MAJRwR7iEri2KomPrMj0gTkMyhzH dklwODNxYVo4a2FaWDJFM0FnV1l3SlUKMnq/MAJRwR7iEri2KomPrMj0gTkMyhzH
P5E4zheU7chJTAz5jf6iecyOvKAt6q5g9Q1MU0D6dkOcv2gzWSNAAw== P5E4zheU7chJTAz5jf6iecyOvKAt6q5g9Q1MU0D6dkOcv2gzWSNAAw==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2024-10-22T07:14:18Z" lastmodified: "2024-11-12T19:33:07Z"
mac: ENC[AES256_GCM,data:K3oC/OqRJyTZiCuTz/elzUjSl4sxjlkk3l9ePZ8ozTQQkXsbv/8f0uKFQwVnsErIxoKnpRhrxiQbeYFvXOIUH1ve3Bv6TDcGbFwmKZb9PTFaa/BT79+WYWkFNGk+WzExfOGf2lsSThtgqNUJhCPsdXOSbe1VLPYuKteo7/u55ys=,iv:kF1Yus8eXjkcQFy+sl3M01nJq4lWmNUyPB3Mxb37wGU=,tag:VkByqvYVmZVUXTEeHYorzA==,type:str] mac: ENC[AES256_GCM,data:qTNxQX0G3JleBKt1+ki6weEzYlyuLT0xz70gVxHFgnJbJdFbS0H/wHhLkE5P/AHwjgvX/Ol1zRCYrR7piNmvBA2Kn6R9gCzACZDWpupvrSOrRaA5sz2u42omQAs2mlWxtAzcysUobx4gwHb/qZo2k/2+UFQRU2CfLuzyxN+Znw4=,iv:ocdRnrgvKwliFo75Al5JCGvhp2UVTgZJjrVSswK02pA=,tag:fYB6gLeD9VQ2lklepVMNtA==,type:str]
pgp: [] pgp: []
unencrypted_suffix: _unencrypted unencrypted_suffix: _unencrypted
version: 3.8.1 version: 3.9.1