diff --git a/.sops.yaml b/.sops.yaml index 7b3ae50..4f59156 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -7,13 +7,12 @@ keys: - &mcserver age1v98yggaarelrp7z8rljzpf3gm70up4q8460trejmptdpv7gjucrqssjz9h - &zammad age14ukkn4plvnjacvjux929qwpeynxk4cfxw285vlwddqakm43kfyysfdg02c - &forgejo age1vd33efsea2509hm0dwmhkuu7mm2kgw6tsss6lmzsqfg7gat06qyqys3qfh - - &mastodon age19efecaur72d92g452zpe4uxjtwev2ktjtaezascxg9l2p8544s8s05d93r creation_rules: - path_regex: secrets\/all\/* key_groups: - pgp: [*clara] - age: [*wireguard, *mcserver, *zammad, *forgejo, *mastodon] + age: [*wireguard, *mcserver, *zammad, *forgejo] - path_regex: secrets\/wireguard\/* key_groups: - pgp: [*clara] diff --git a/configs/containers/mastodon_container.nix b/configs/containers/mastodon_container.nix deleted file mode 100644 index 4551e91..0000000 --- a/configs/containers/mastodon_container.nix +++ /dev/null @@ -1,19 +0,0 @@ -{ lib, pkgs, config, ... }: { - - deployment = { - targetHost = "192.168.178.80"; - targetPort = 22; - targetUser = "root"; - }; - networking.hostName = "mastodon"; - networking.interfaces.wgbr.ipv4.addresses = [ - { - address = "10.8.1.6"; - prefixLength = 24; - } - ]; - imports = [ - ../container_config.nix - ../services/mastodon.nix - ]; -} diff --git a/configs/services/mastodon.nix b/configs/services/mastodon.nix deleted file mode 100644 index b41e0e0..0000000 --- a/configs/services/mastodon.nix +++ /dev/null @@ -1,44 +0,0 @@ -{ lib, pkgs, config, ... }: -let - http_port = 3000; - dbuname = "misskey"; - dbport = 5432; -in -{ - services = { - misskey = { - enable = true; - settings = { - url = "https://puppyplaypissparty.de"; - port = http_port; - }; - settings = { - db = { - user = dbuname; - port = dbport; - }; - setupPassword = "VMoV33ov$C6JxVVXHffuVxHaqf^Cbmr9V1GSNgkyF6pq939Wr@c1hgfN7iD9%$De"; - }; - }; - - postgresql = { - enable = true; - ensureUsers = [ - { - name = dbuname; - ensureDBOwnership = true; - } - ]; - ensureDatabases = [ - dbuname - ]; - settings.port = dbport; - }; - redis = { - servers."" = { - enable = true; - }; - }; - }; - networking.firewall.allowedTCPPorts = [ http_port ]; -} diff --git a/flake.nix b/flake.nix index e1bcb2c..3633fa9 100644 --- a/flake.nix +++ b/flake.nix @@ -19,8 +19,6 @@ zammad = import ./configs/containers/zammad_container.nix; forgejo = import ./configs/containers/forgejo_container.nix; - - mastodon = import ./configs/containers/mastodon_container.nix; }; }; } diff --git a/secrets/all/secrets.yaml b/secrets/all/secrets.yaml index 496a58f..f4d7cba 100644 --- a/secrets/all/secrets.yaml +++ b/secrets/all/secrets.yaml @@ -1,73 +1,64 @@ -initial_password_clara: ENC[AES256_GCM,data:TUXb6axbRcIL3IGk1JfvpAMNl03vR5IZuvcrYUKpbp2SS2vhVBtMOCff4lR1VZLoJG/0wskRKaMeiJWWJhq/WYwRi/Xzr+zOlD4c,iv:9vIt760Y6pv7S/EIrsy7KtTG1rtTSInCGHz0Rj3iIZk=,tag:levJuPx04XNX3saDfc61Mw==,type:str] +initial_password_clara: ENC[AES256_GCM,data:ux8zKQbsw52SDMjX4wyXFp445vbCV4eFdvAJNzYSb3YMxbVWlBTV3KaEFYW0dKFwUvvserHPfyXmFgXJJ5Lx+D+49b8s8mVZqwVs,iv:2c8I40749+bXnwHJ2Gnjkv8a/AtV1P30sCE113jZcH4=,tag:b8kmLLZ80lytRH4dAl6tpg==,type:str] sops: age: - recipient: age12d8mxwnt0a7gl4uu0uwdqaxuqdf5j7zm50qy5qrhj0kd4ny7luaqv7rj4e enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvMG44OXJHQndpZjBubmRp - VDZGTldneFZzMEpUOWxmM1R6MGJnVkgxK0RVClNpTXFJeHd2NjdPOVdxa1RWLyth - bXROcEJ0cWlidDBuYmZNZGt5d3RocmMKLS0tIEhCWFJaUmo2MXlYMHpkS1pETmlW - cTJwbzZOaEJaQ0szcnlKeXZFaTBvdHMKM8nuq1/HG0Zo4XKQZcmGqnomDZFysrG2 - yiJZ1SMo9l6bxU94omee3SJbgWtmNzD0IH3YqgOuFwMDszcq1GpFxA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAweHFOQWNaTGxLTTVNWlpw + UUdZYklScktnL3QvM0xLMTkrTmpYTG1ocXdzCnlPNVdkQ1FwZ21wUlhiOXpCSmV2 + R0Q4RGlTNWRybTFRU1ZnK3VEU0NWUVkKLS0tIGFNRzVDMnkvRXhLTzMwVEpONGFr + RGFIVDZyL0dSTWNDMDZEWEJIamxRMDgKBeRdsbub+XhYKyCkpo9x1yXXqha7PP/s + /nzUyMNqDB7Fh5K9xY2BRxwpxIKYWpzFPjybt5mHL1NxbYheGle5hA== -----END AGE ENCRYPTED FILE----- - recipient: age1v98yggaarelrp7z8rljzpf3gm70up4q8460trejmptdpv7gjucrqssjz9h enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBlQXQ1WHNkc2hqVWxzTGYz - UE9Ib3I2cUVRclpMdHEwdDQ5V2lXT20zNm53CmZONis1RmR1eU5BWkxWb09palFn - UlJoTkpLTmJtZHJvYkdIK3QwWXAxZmcKLS0tIFM1endNSkJBck15ZnRHUmxsSVht - VHZtWUV1ZFpQYjZ5T3dJR0o0QWt0akkK0TfTUe9syCY+oQcRztB0fDTqIQ3M364w - sEjx4wmpbJR/ommgybUla56CV58bvs/da6eJdJBqnTxBe9c3tTxkGg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzaWxRVVd3bU84bGwrZk5F + blgyRnd3MmdSdGtaWHdnVVVIeUs5dGNkVDJVCmo1MU9PeVRrNEZzcHhKUVk1OXlG + MDNCRCtCOERnQmtmUmt4YXlWTVl1dmcKLS0tIGZiYnlveWlKd2VZaVhNaUtlWlVK + UXkzL3k4YW5ESGRza0hURC9wR0o3RGMKsvc9zCQ323d/eSP9vVDiYTNgZrNmVvfE + +GfDEc/4+OpG+RRmMrXvlvCYRof56ywWZJr9tpAlunZ/t8vHRCUJow== -----END AGE ENCRYPTED FILE----- - recipient: age14ukkn4plvnjacvjux929qwpeynxk4cfxw285vlwddqakm43kfyysfdg02c enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBweGR1YlBWRElhV2ZqM2ww - SGlMWTByenVzY3hGTVc3OS9EMUFEekNIUlFvCmVxREZGUnMxNDNWajdCRXdlSkRK - WTVUWXBiT2JXNTMweXNCK2NPSUIwZEEKLS0tIHNXSkliOW1xRDcrOWVjSFNkYnhM - VkxDRHpKejdQSzhYSzIydDVsRkJTMTQKKrJAz4VllTLj1r+uLbUIUaeZUbxMMpBX - z7/zISKBKVBxc6Qs7md06QzGnMVKZ1QBGwNY3Mzhb/i7XKzT216X+A== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB0YjhORkRmWk9pOVV6cUpo + RVRpNmhzWS9pZDMxTXViMDFLSVNYR1F5NkZZCnFCb0Q3QjMzNk5WVkM3K1JYYjJ4 + c1VER25FVUtyWHFpcVpKdUJ0YlhSTEEKLS0tIEF6a1dJY2JmelQyVzd4Mk9SK0R2 + WFZHdVZiMVdaNHFhTVZGMzdYRTl3ZU0K6yMpKKXKIaYHxR1cAHam7jogZShH5xsK + c43sMBz/WxHjvmI9TCNyxnkvgwC6kJUpV9vABduJg2INjkLltjNc/Q== -----END AGE ENCRYPTED FILE----- - recipient: age1vd33efsea2509hm0dwmhkuu7mm2kgw6tsss6lmzsqfg7gat06qyqys3qfh enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWM0lxV3JaRUwvSmtnOGJW - UXdqczl5WlJ4SjhGbEF0elV1ZWxEaGYxVGx3CmdQZXVIYzVDWlkxN0NTcU5sZHVQ - M3hERm1WQmhrSE82ZHRza1lXSEtZcGMKLS0tIHNBb21oUXJmR2pqdWMyTjhUUGdX - c0U5TXFaTm5yYzhQZkNkenpTcWxiUFEK7eOsxRmOBMAABZGaafnl/wA18Xch2Jik - B0xXWfZ1ZGtWxtmLigFQidZuwhkI2fXRV1h8N+wHGw17rwPyHy/vUQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPelBOdktOV3Naa1ZWdlFv + N1c1clFsZTlkbVlpYU81L3Y3L2UxTTJMaUdNCnJYd3Y0YWpRNTRsTkt4Q0ppblVB + K01HSzgvQ1lIaUNSR2lJZWY4NG1tL28KLS0tIGVjZ0svVlFrK1h1NFViVmV0bk5Q + MW5ZTWQwZy9iQnFNL2dRalM3VSswVkEKcE2M6Ph8d+7BafgjlARITRbxivOajQ3H + 7evjNzFDqga/AZ1rLG+5anuD2giAKVZGok10NvDroCKkobUpsXd6jQ== -----END AGE ENCRYPTED FILE----- - - recipient: age19efecaur72d92g452zpe4uxjtwev2ktjtaezascxg9l2p8544s8s05d93r - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBrZEFIVU8vY3JUVFg0RlB1 - d3pDbkNGZVhQQ0g2cnpTbnpkZm5McmkzMGpZClNIR3FlWjdNMXN6cW1SZUc5RmlN - THBTN3pRaFRWZ2ZaRVhScTBCeGZZWlEKLS0tIG5BaStoZ0J5L3hLQ1AvSzRpZHZI - YnVQM0FPV3g1M3dvbEhGRlhKU3hqd0EK/1qGFQ/WN/Fl4apNps+40aBErOCUOuug - 8YbBwmZDcCFupa6mSeqy4xim2fRw5AjSNMlG5cZthLBiT+HRfcBPww== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-07-19T17:07:16Z" - mac: ENC[AES256_GCM,data:rXQlQVI6SOo5HXgZhCJAoMKqzmqwvAZdC9McZTaB6BAlAqBUkxmvNt0TsxfO/BngXUix/yIPZCmdWMiPoKuui0SnuZR/cutN4gZa9mwA7/LSqIuBUNdvOWrJCRQMPla3hrQEHPI//pAsAPlrzpYPhxi89fumGDcYSHW/tohJ0kA=,iv:s+l85/wml+uOEnz/yoJzsucj9tziHtpBamasVN2jG/g=,tag:z54uFmtOQw+Gs8nHbJ5Ovw==,type:str] + lastmodified: "2025-04-17T14:15:59Z" + mac: ENC[AES256_GCM,data:QBoeoWS2eoUjbXm40OLk8vxpdZRUkLgVLPQ6AX9JaYVLl4+reefFw269yngF2ZATBniuYLBHNhkSjOYttC+J7M2Zt8cQhhj4G2TFt7JkYHQRtkbuoa9ZiP3Oi3Jaj6z0w3cHsyMT+fBBdr02winxf8QggYHGmvcK8QXoayccyl8=,iv:lG94yszjtq1tDYrNM+xt5ehdrNYO6M+oqZg/Qg/cO4g=,tag:K3Cr7DySQ02fgHOaVtYmDA==,type:str] pgp: - - created_at: "2025-07-19T17:07:09Z" + - created_at: "2025-04-17T14:15:33Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAzwtBoBqH5ZOAQ//ZhD72QA+bliRW0pWpMKe++KTkSmqu8Xc/e42FGGtT/JT - cUhA2KOuUGt4qjK7tCgvC6eTQsPWk224UG8gx5PsXreYzzxeAn6tHmxJd9ckJ63n - dOFN0yoo0JMwu6AJ2V+oaSZWgg4jFC6E/fJ+L8juWGVYwtfVIPF3PmZ94425Gxam - RftfePcEJPTMSCIZY81DAVpJkewwfl0AspprMJi9fjvsrV+1y6naQApsbcPoXjmQ - C8l7w4K79G9bdPFmeYE3O9nkwgDaFw/17XGZBg59KtawJqFg/tzDKOCwUretPafV - 11fNJs4pit83Z++8Nb4+QtyruK0LXrEkgAt1lFTN5EqoRVQ/iqp/bYokybJ2tltu - A7B5zTffazGvHUT3iMBLVYI7ICCC8a/LoroUA1ZOomfXn6zDgDpf5SCIi9SYTSHm - iYQ/EV+3dRU1byV87hHBfIRkcsHHo1wNU6rjIFIsGMt68uXCIltt2wetZPTWI0+A - /fOHKY7ouBj0+aPiA1lXQ19dvIX4AIYnCrnYAHVrJEqscWHw3uXjnESS3L9awZ5M - xFNWGO2Jb++h9xQ3IB8t/SwL1BG/qhPaN9ixdHjWrxg3O9cM5/PIOz9To4+46j7K - YxVB9d8Cay2uw1Hbm1bmJOHZWK47PZbBkAdnJIws6nWJVtzdEpOH3C/M1ISIKRfS - XgGhM3HvrPDEbrrlKD6ilUbOwNqRpN1jsWoGqfvSY9KPm46+E+iq9XzpCfo4YC23 - KBxKgMOe45Qf2llvF+bt9gNoQscG2lrxJCgmgNq/87zdz+zr9MB5MpMXY7ZaYUI= - =o3ND + hQIMAzwtBoBqH5ZOAQ/9Gx1uySXuafWQT/xz2b4yY37t3ZKE5SE4LxKoyOPXRhWR + yVISxG9MBrYeDe7DR4QYJ5KVpKUui/TMKv5+SFiDvlxgQdWVA2PZ2KXgGK0KDDEk + cOn3YNGLHpZL4ZHwAlbgeNWFjT/A99logCnv7D4VocAX9k+AMSh5ZQqI5HLmBHfO + ZQOugRfGDI28D/iH/8LUXoK+l6VDX3CLt0xfQmNN81q2IQzb2NK9GZvj5qyILR3c + MMzGDMU1pw0OWCZWZDRCE5YA71mrvflGOQPo3/JPsVg1Qr8l6TbGjbFwKlYUgGDU + JTSsZ1ATKjzbWg7KSdrBgztWHcSDdrCW1yytUh9uoJks2UHGdfb060k9DH99IYXk + +u5DutiPqiz8xwn5YHetO3SaJjJA9uIODQ+Em7ElZ+XbY81NIlhbdT8DZKdDHmOx + ozFIs5r1glRaojo8Yc9fym0j8cZ6Dr6rkD+nbgwzRCuUucuzOILIPrutdUSgdpbp + LnK8ScJnOBsF3AhKuOB4Qhnb6Q0ooT8Zt+R2uDdezfACFMa6nW95MP4sPYPqy7ee + ZGuWOaMGQ1Cn9Ck3nBCn8hROzHwp9pv56mqVIKu+oWCGsFm9GUZ5XFvZxez6Kq// + SVhH/qbV3RElBj/Q8u4Xcbl3ZNnHbMhvi/Xe2Ji64orZkzjHrsViB6KXR6uzY/7S + XAF4UTbjzSVkqbZ+IKQbkhoM62YQpT1bOgMk9djNFilauKRqD5x3eKTyuooOnMGh + jVjxulE755eSO6qvATN/P7OIXzaPKI+HSPcdm0WH8ZXVTXrZjkeO7D7gCfh/ + =qTot -----END PGP MESSAGE----- fp: 58EF8D71114EF548DEE3320DE6F04916B6EEBD83 unencrypted_suffix: _unencrypted - version: 3.10.2 + version: 3.10.1