Compare commits
2 commits
b7118475bc
...
ff577ae5a2
| Author | SHA1 | Date | |
|---|---|---|---|
ff577ae5a2
|
|||
|
1566fc21d1
|
5 changed files with 115 additions and 40 deletions
|
|
@ -7,12 +7,13 @@ keys:
|
||||||
- &mcserver age1v98yggaarelrp7z8rljzpf3gm70up4q8460trejmptdpv7gjucrqssjz9h
|
- &mcserver age1v98yggaarelrp7z8rljzpf3gm70up4q8460trejmptdpv7gjucrqssjz9h
|
||||||
- &zammad age14ukkn4plvnjacvjux929qwpeynxk4cfxw285vlwddqakm43kfyysfdg02c
|
- &zammad age14ukkn4plvnjacvjux929qwpeynxk4cfxw285vlwddqakm43kfyysfdg02c
|
||||||
- &forgejo age1vd33efsea2509hm0dwmhkuu7mm2kgw6tsss6lmzsqfg7gat06qyqys3qfh
|
- &forgejo age1vd33efsea2509hm0dwmhkuu7mm2kgw6tsss6lmzsqfg7gat06qyqys3qfh
|
||||||
|
- &mastodon age19efecaur72d92g452zpe4uxjtwev2ktjtaezascxg9l2p8544s8s05d93r
|
||||||
|
|
||||||
creation_rules:
|
creation_rules:
|
||||||
- path_regex: secrets\/all\/*
|
- path_regex: secrets\/all\/*
|
||||||
key_groups:
|
key_groups:
|
||||||
- pgp: [*clara]
|
- pgp: [*clara]
|
||||||
age: [*wireguard, *mcserver, *zammad, *forgejo]
|
age: [*wireguard, *mcserver, *zammad, *forgejo, *mastodon]
|
||||||
- path_regex: secrets\/wireguard\/*
|
- path_regex: secrets\/wireguard\/*
|
||||||
key_groups:
|
key_groups:
|
||||||
- pgp: [*clara]
|
- pgp: [*clara]
|
||||||
|
|
|
||||||
19
configs/containers/mastodon_container.nix
Normal file
19
configs/containers/mastodon_container.nix
Normal file
|
|
@ -0,0 +1,19 @@
|
||||||
|
{ lib, pkgs, config, ... }: {
|
||||||
|
|
||||||
|
deployment = {
|
||||||
|
targetHost = "192.168.178.80";
|
||||||
|
targetPort = 22;
|
||||||
|
targetUser = "root";
|
||||||
|
};
|
||||||
|
networking.hostName = "mastodon";
|
||||||
|
networking.interfaces.wgbr.ipv4.addresses = [
|
||||||
|
{
|
||||||
|
address = "10.8.1.6";
|
||||||
|
prefixLength = 24;
|
||||||
|
}
|
||||||
|
];
|
||||||
|
imports = [
|
||||||
|
../container_config.nix
|
||||||
|
../services/mastodon.nix
|
||||||
|
];
|
||||||
|
}
|
||||||
44
configs/services/mastodon.nix
Normal file
44
configs/services/mastodon.nix
Normal file
|
|
@ -0,0 +1,44 @@
|
||||||
|
{ lib, pkgs, config, ... }:
|
||||||
|
let
|
||||||
|
http_port = 3000;
|
||||||
|
dbuname = "misskey";
|
||||||
|
dbport = 5432;
|
||||||
|
in
|
||||||
|
{
|
||||||
|
services = {
|
||||||
|
misskey = {
|
||||||
|
enable = true;
|
||||||
|
settings = {
|
||||||
|
url = "https://puppyplaypissparty.de";
|
||||||
|
port = http_port;
|
||||||
|
};
|
||||||
|
settings = {
|
||||||
|
db = {
|
||||||
|
user = dbuname;
|
||||||
|
port = dbport;
|
||||||
|
};
|
||||||
|
setupPassword = "VMoV33ov$C6JxVVXHffuVxHaqf^Cbmr9V1GSNgkyF6pq939Wr@c1hgfN7iD9%$De";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
postgresql = {
|
||||||
|
enable = true;
|
||||||
|
ensureUsers = [
|
||||||
|
{
|
||||||
|
name = dbuname;
|
||||||
|
ensureDBOwnership = true;
|
||||||
|
}
|
||||||
|
];
|
||||||
|
ensureDatabases = [
|
||||||
|
dbuname
|
||||||
|
];
|
||||||
|
settings.port = dbport;
|
||||||
|
};
|
||||||
|
redis = {
|
||||||
|
servers."" = {
|
||||||
|
enable = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
networking.firewall.allowedTCPPorts = [ http_port ];
|
||||||
|
}
|
||||||
|
|
@ -19,6 +19,8 @@
|
||||||
zammad = import ./configs/containers/zammad_container.nix;
|
zammad = import ./configs/containers/zammad_container.nix;
|
||||||
|
|
||||||
forgejo = import ./configs/containers/forgejo_container.nix;
|
forgejo = import ./configs/containers/forgejo_container.nix;
|
||||||
|
|
||||||
|
mastodon = import ./configs/containers/mastodon_container.nix;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1,64 +1,73 @@
|
||||||
initial_password_clara: ENC[AES256_GCM,data:ux8zKQbsw52SDMjX4wyXFp445vbCV4eFdvAJNzYSb3YMxbVWlBTV3KaEFYW0dKFwUvvserHPfyXmFgXJJ5Lx+D+49b8s8mVZqwVs,iv:2c8I40749+bXnwHJ2Gnjkv8a/AtV1P30sCE113jZcH4=,tag:b8kmLLZ80lytRH4dAl6tpg==,type:str]
|
initial_password_clara: ENC[AES256_GCM,data:TUXb6axbRcIL3IGk1JfvpAMNl03vR5IZuvcrYUKpbp2SS2vhVBtMOCff4lR1VZLoJG/0wskRKaMeiJWWJhq/WYwRi/Xzr+zOlD4c,iv:9vIt760Y6pv7S/EIrsy7KtTG1rtTSInCGHz0Rj3iIZk=,tag:levJuPx04XNX3saDfc61Mw==,type:str]
|
||||||
sops:
|
sops:
|
||||||
age:
|
age:
|
||||||
- recipient: age12d8mxwnt0a7gl4uu0uwdqaxuqdf5j7zm50qy5qrhj0kd4ny7luaqv7rj4e
|
- recipient: age12d8mxwnt0a7gl4uu0uwdqaxuqdf5j7zm50qy5qrhj0kd4ny7luaqv7rj4e
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAweHFOQWNaTGxLTTVNWlpw
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvMG44OXJHQndpZjBubmRp
|
||||||
UUdZYklScktnL3QvM0xLMTkrTmpYTG1ocXdzCnlPNVdkQ1FwZ21wUlhiOXpCSmV2
|
VDZGTldneFZzMEpUOWxmM1R6MGJnVkgxK0RVClNpTXFJeHd2NjdPOVdxa1RWLyth
|
||||||
R0Q4RGlTNWRybTFRU1ZnK3VEU0NWUVkKLS0tIGFNRzVDMnkvRXhLTzMwVEpONGFr
|
bXROcEJ0cWlidDBuYmZNZGt5d3RocmMKLS0tIEhCWFJaUmo2MXlYMHpkS1pETmlW
|
||||||
RGFIVDZyL0dSTWNDMDZEWEJIamxRMDgKBeRdsbub+XhYKyCkpo9x1yXXqha7PP/s
|
cTJwbzZOaEJaQ0szcnlKeXZFaTBvdHMKM8nuq1/HG0Zo4XKQZcmGqnomDZFysrG2
|
||||||
/nzUyMNqDB7Fh5K9xY2BRxwpxIKYWpzFPjybt5mHL1NxbYheGle5hA==
|
yiJZ1SMo9l6bxU94omee3SJbgWtmNzD0IH3YqgOuFwMDszcq1GpFxA==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age1v98yggaarelrp7z8rljzpf3gm70up4q8460trejmptdpv7gjucrqssjz9h
|
- recipient: age1v98yggaarelrp7z8rljzpf3gm70up4q8460trejmptdpv7gjucrqssjz9h
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzaWxRVVd3bU84bGwrZk5F
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBlQXQ1WHNkc2hqVWxzTGYz
|
||||||
blgyRnd3MmdSdGtaWHdnVVVIeUs5dGNkVDJVCmo1MU9PeVRrNEZzcHhKUVk1OXlG
|
UE9Ib3I2cUVRclpMdHEwdDQ5V2lXT20zNm53CmZONis1RmR1eU5BWkxWb09palFn
|
||||||
MDNCRCtCOERnQmtmUmt4YXlWTVl1dmcKLS0tIGZiYnlveWlKd2VZaVhNaUtlWlVK
|
UlJoTkpLTmJtZHJvYkdIK3QwWXAxZmcKLS0tIFM1endNSkJBck15ZnRHUmxsSVht
|
||||||
UXkzL3k4YW5ESGRza0hURC9wR0o3RGMKsvc9zCQ323d/eSP9vVDiYTNgZrNmVvfE
|
VHZtWUV1ZFpQYjZ5T3dJR0o0QWt0akkK0TfTUe9syCY+oQcRztB0fDTqIQ3M364w
|
||||||
+GfDEc/4+OpG+RRmMrXvlvCYRof56ywWZJr9tpAlunZ/t8vHRCUJow==
|
sEjx4wmpbJR/ommgybUla56CV58bvs/da6eJdJBqnTxBe9c3tTxkGg==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age14ukkn4plvnjacvjux929qwpeynxk4cfxw285vlwddqakm43kfyysfdg02c
|
- recipient: age14ukkn4plvnjacvjux929qwpeynxk4cfxw285vlwddqakm43kfyysfdg02c
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB0YjhORkRmWk9pOVV6cUpo
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBweGR1YlBWRElhV2ZqM2ww
|
||||||
RVRpNmhzWS9pZDMxTXViMDFLSVNYR1F5NkZZCnFCb0Q3QjMzNk5WVkM3K1JYYjJ4
|
SGlMWTByenVzY3hGTVc3OS9EMUFEekNIUlFvCmVxREZGUnMxNDNWajdCRXdlSkRK
|
||||||
c1VER25FVUtyWHFpcVpKdUJ0YlhSTEEKLS0tIEF6a1dJY2JmelQyVzd4Mk9SK0R2
|
WTVUWXBiT2JXNTMweXNCK2NPSUIwZEEKLS0tIHNXSkliOW1xRDcrOWVjSFNkYnhM
|
||||||
WFZHdVZiMVdaNHFhTVZGMzdYRTl3ZU0K6yMpKKXKIaYHxR1cAHam7jogZShH5xsK
|
VkxDRHpKejdQSzhYSzIydDVsRkJTMTQKKrJAz4VllTLj1r+uLbUIUaeZUbxMMpBX
|
||||||
c43sMBz/WxHjvmI9TCNyxnkvgwC6kJUpV9vABduJg2INjkLltjNc/Q==
|
z7/zISKBKVBxc6Qs7md06QzGnMVKZ1QBGwNY3Mzhb/i7XKzT216X+A==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age1vd33efsea2509hm0dwmhkuu7mm2kgw6tsss6lmzsqfg7gat06qyqys3qfh
|
- recipient: age1vd33efsea2509hm0dwmhkuu7mm2kgw6tsss6lmzsqfg7gat06qyqys3qfh
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPelBOdktOV3Naa1ZWdlFv
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWM0lxV3JaRUwvSmtnOGJW
|
||||||
N1c1clFsZTlkbVlpYU81L3Y3L2UxTTJMaUdNCnJYd3Y0YWpRNTRsTkt4Q0ppblVB
|
UXdqczl5WlJ4SjhGbEF0elV1ZWxEaGYxVGx3CmdQZXVIYzVDWlkxN0NTcU5sZHVQ
|
||||||
K01HSzgvQ1lIaUNSR2lJZWY4NG1tL28KLS0tIGVjZ0svVlFrK1h1NFViVmV0bk5Q
|
M3hERm1WQmhrSE82ZHRza1lXSEtZcGMKLS0tIHNBb21oUXJmR2pqdWMyTjhUUGdX
|
||||||
MW5ZTWQwZy9iQnFNL2dRalM3VSswVkEKcE2M6Ph8d+7BafgjlARITRbxivOajQ3H
|
c0U5TXFaTm5yYzhQZkNkenpTcWxiUFEK7eOsxRmOBMAABZGaafnl/wA18Xch2Jik
|
||||||
7evjNzFDqga/AZ1rLG+5anuD2giAKVZGok10NvDroCKkobUpsXd6jQ==
|
B0xXWfZ1ZGtWxtmLigFQidZuwhkI2fXRV1h8N+wHGw17rwPyHy/vUQ==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
lastmodified: "2025-04-17T14:15:59Z"
|
- recipient: age19efecaur72d92g452zpe4uxjtwev2ktjtaezascxg9l2p8544s8s05d93r
|
||||||
mac: ENC[AES256_GCM,data:QBoeoWS2eoUjbXm40OLk8vxpdZRUkLgVLPQ6AX9JaYVLl4+reefFw269yngF2ZATBniuYLBHNhkSjOYttC+J7M2Zt8cQhhj4G2TFt7JkYHQRtkbuoa9ZiP3Oi3Jaj6z0w3cHsyMT+fBBdr02winxf8QggYHGmvcK8QXoayccyl8=,iv:lG94yszjtq1tDYrNM+xt5ehdrNYO6M+oqZg/Qg/cO4g=,tag:K3Cr7DySQ02fgHOaVtYmDA==,type:str]
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBrZEFIVU8vY3JUVFg0RlB1
|
||||||
|
d3pDbkNGZVhQQ0g2cnpTbnpkZm5McmkzMGpZClNIR3FlWjdNMXN6cW1SZUc5RmlN
|
||||||
|
THBTN3pRaFRWZ2ZaRVhScTBCeGZZWlEKLS0tIG5BaStoZ0J5L3hLQ1AvSzRpZHZI
|
||||||
|
YnVQM0FPV3g1M3dvbEhGRlhKU3hqd0EK/1qGFQ/WN/Fl4apNps+40aBErOCUOuug
|
||||||
|
8YbBwmZDcCFupa6mSeqy4xim2fRw5AjSNMlG5cZthLBiT+HRfcBPww==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
lastmodified: "2025-07-19T17:07:16Z"
|
||||||
|
mac: ENC[AES256_GCM,data:rXQlQVI6SOo5HXgZhCJAoMKqzmqwvAZdC9McZTaB6BAlAqBUkxmvNt0TsxfO/BngXUix/yIPZCmdWMiPoKuui0SnuZR/cutN4gZa9mwA7/LSqIuBUNdvOWrJCRQMPla3hrQEHPI//pAsAPlrzpYPhxi89fumGDcYSHW/tohJ0kA=,iv:s+l85/wml+uOEnz/yoJzsucj9tziHtpBamasVN2jG/g=,tag:z54uFmtOQw+Gs8nHbJ5Ovw==,type:str]
|
||||||
pgp:
|
pgp:
|
||||||
- created_at: "2025-04-17T14:15:33Z"
|
- created_at: "2025-07-19T17:07:09Z"
|
||||||
enc: |-
|
enc: |-
|
||||||
-----BEGIN PGP MESSAGE-----
|
-----BEGIN PGP MESSAGE-----
|
||||||
|
|
||||||
hQIMAzwtBoBqH5ZOAQ/9Gx1uySXuafWQT/xz2b4yY37t3ZKE5SE4LxKoyOPXRhWR
|
hQIMAzwtBoBqH5ZOAQ//ZhD72QA+bliRW0pWpMKe++KTkSmqu8Xc/e42FGGtT/JT
|
||||||
yVISxG9MBrYeDe7DR4QYJ5KVpKUui/TMKv5+SFiDvlxgQdWVA2PZ2KXgGK0KDDEk
|
cUhA2KOuUGt4qjK7tCgvC6eTQsPWk224UG8gx5PsXreYzzxeAn6tHmxJd9ckJ63n
|
||||||
cOn3YNGLHpZL4ZHwAlbgeNWFjT/A99logCnv7D4VocAX9k+AMSh5ZQqI5HLmBHfO
|
dOFN0yoo0JMwu6AJ2V+oaSZWgg4jFC6E/fJ+L8juWGVYwtfVIPF3PmZ94425Gxam
|
||||||
ZQOugRfGDI28D/iH/8LUXoK+l6VDX3CLt0xfQmNN81q2IQzb2NK9GZvj5qyILR3c
|
RftfePcEJPTMSCIZY81DAVpJkewwfl0AspprMJi9fjvsrV+1y6naQApsbcPoXjmQ
|
||||||
MMzGDMU1pw0OWCZWZDRCE5YA71mrvflGOQPo3/JPsVg1Qr8l6TbGjbFwKlYUgGDU
|
C8l7w4K79G9bdPFmeYE3O9nkwgDaFw/17XGZBg59KtawJqFg/tzDKOCwUretPafV
|
||||||
JTSsZ1ATKjzbWg7KSdrBgztWHcSDdrCW1yytUh9uoJks2UHGdfb060k9DH99IYXk
|
11fNJs4pit83Z++8Nb4+QtyruK0LXrEkgAt1lFTN5EqoRVQ/iqp/bYokybJ2tltu
|
||||||
+u5DutiPqiz8xwn5YHetO3SaJjJA9uIODQ+Em7ElZ+XbY81NIlhbdT8DZKdDHmOx
|
A7B5zTffazGvHUT3iMBLVYI7ICCC8a/LoroUA1ZOomfXn6zDgDpf5SCIi9SYTSHm
|
||||||
ozFIs5r1glRaojo8Yc9fym0j8cZ6Dr6rkD+nbgwzRCuUucuzOILIPrutdUSgdpbp
|
iYQ/EV+3dRU1byV87hHBfIRkcsHHo1wNU6rjIFIsGMt68uXCIltt2wetZPTWI0+A
|
||||||
LnK8ScJnOBsF3AhKuOB4Qhnb6Q0ooT8Zt+R2uDdezfACFMa6nW95MP4sPYPqy7ee
|
/fOHKY7ouBj0+aPiA1lXQ19dvIX4AIYnCrnYAHVrJEqscWHw3uXjnESS3L9awZ5M
|
||||||
ZGuWOaMGQ1Cn9Ck3nBCn8hROzHwp9pv56mqVIKu+oWCGsFm9GUZ5XFvZxez6Kq//
|
xFNWGO2Jb++h9xQ3IB8t/SwL1BG/qhPaN9ixdHjWrxg3O9cM5/PIOz9To4+46j7K
|
||||||
SVhH/qbV3RElBj/Q8u4Xcbl3ZNnHbMhvi/Xe2Ji64orZkzjHrsViB6KXR6uzY/7S
|
YxVB9d8Cay2uw1Hbm1bmJOHZWK47PZbBkAdnJIws6nWJVtzdEpOH3C/M1ISIKRfS
|
||||||
XAF4UTbjzSVkqbZ+IKQbkhoM62YQpT1bOgMk9djNFilauKRqD5x3eKTyuooOnMGh
|
XgGhM3HvrPDEbrrlKD6ilUbOwNqRpN1jsWoGqfvSY9KPm46+E+iq9XzpCfo4YC23
|
||||||
jVjxulE755eSO6qvATN/P7OIXzaPKI+HSPcdm0WH8ZXVTXrZjkeO7D7gCfh/
|
KBxKgMOe45Qf2llvF+bt9gNoQscG2lrxJCgmgNq/87zdz+zr9MB5MpMXY7ZaYUI=
|
||||||
=qTot
|
=o3ND
|
||||||
-----END PGP MESSAGE-----
|
-----END PGP MESSAGE-----
|
||||||
fp: 58EF8D71114EF548DEE3320DE6F04916B6EEBD83
|
fp: 58EF8D71114EF548DEE3320DE6F04916B6EEBD83
|
||||||
unencrypted_suffix: _unencrypted
|
unencrypted_suffix: _unencrypted
|
||||||
version: 3.10.1
|
version: 3.10.2
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue