From f24fa6678538b7cc47b9e99932dbbf7b369c58b7 Mon Sep 17 00:00:00 2001 From: "Gustavo L de Mello (Guz)" Date: Fri, 8 Nov 2024 10:53:36 -0300 Subject: [PATCH] feat: add configuration for homelab --- capytal/caddy.nix | 14 +++++++++++++- secrets/spacestation.lesser.json | 11 ++++++----- secrets/spacestation.yaml | 6 +++--- 3 files changed, 22 insertions(+), 9 deletions(-) diff --git a/capytal/caddy.nix b/capytal/caddy.nix index 5bfff94..28b93da 100644 --- a/capytal/caddy.nix +++ b/capytal/caddy.nix @@ -19,6 +19,14 @@ in { } } } + (home_tls) { + tls { + dns cloudflare { + zone_token {env.HOME_CF_ZONE_TOKEN} + api_token {env.HOME_CF_API_TOKEN} + } + } + } ''; services.caddy.virtualHosts = let caddyCfg = secrets.capytal.caddy; @@ -38,7 +46,11 @@ in { extraConfig = '' ${reverse_proxy} ${redir} - import capytal_tls + import ${ + if c ? env + then c.env + else "capytal_tls" + } ''; }; hosts = lib.attrsets.mapAttrs (n: v: setConfig v) caddyCfg.hosts; diff --git a/secrets/spacestation.lesser.json b/secrets/spacestation.lesser.json index 99f9a45..c796390 100644 --- a/secrets/spacestation.lesser.json +++ b/secrets/spacestation.lesser.json @@ -12,9 +12,6 @@ "email": "ENC[AES256_GCM,data:OwCqxT+aiwmyoY3i4vO+i8FAyHzN/wU=,iv:8Gw0cqrW1OKyyANlmIIKXKisch1CGYaznIfTjGYyZa8=,tag:xvTKXhag6Gp0V7xmv8NBhg==,type:str]", "defaultIp": "ENC[AES256_GCM,data:u+sITdDcl9TzabF8Pg==,iv:3GEn3lERvdbyKKf2r7qTxPOjq9/Im6TJraSKnrtOzWA=,tag:7A31e17vqsgI72Aj0kZqjA==,type:str]", "hosts": { - "adguard.i.capytal.company": { - "port": "ENC[AES256_GCM,data:Y/qY2w==,iv:KnfiKlHzhZ1MYl5eJJSGE1XFoTt1N3x82WfEjy7JrNs=,tag:uHg57zxolEu/EYikYif2sw==,type:float]" - }, "forgejo.i.capytal.company": { "redir": "ENC[AES256_GCM,data:Qxo0iumZ9K2m/zFkPkDc6/7/7gkeCc8ThUzLfk+/qa7U,iv:aaaHns2oc9NDwxNQ8jKfKF5tCpNFL7mGGxsQ31WDK7w=,tag:pnvTcKsPX9ZLAcHzTwYaTQ==,type:str]" }, @@ -38,6 +35,10 @@ }, "sqld-grpc.i.capytal.company": { "port": "ENC[AES256_GCM,data:sPjt7w==,iv:JcGc6ckArrin/q7yrwfaYfCce3j+mD20wIE5yECMUUM=,tag:nFm5it3tqsm+FkBunHeWXw==,type:float]" + }, + "adguard.h.guz.one": { + "port": "ENC[AES256_GCM,data:wSRtbw==,iv:klATChefaOf+kTSiham7c3fyHb2u72qXOFTD2IPRQfg=,tag:JukmGXxwM65EB7SRGaXj/w==,type:float]", + "env": "ENC[AES256_GCM,data:xP7W2nShNU0=,iv:L6sAD6v5P1gvszgurIOndISRwAqaNpgGmwWS5EpEAy0=,tag:KmsMZYYQpaDbQGSodfTsLw==,type:str]" } } }, @@ -98,8 +99,8 @@ "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBnL3dCY1VLMmoxRFRmS0Ir\nV0ppTnI0RE5ZMjcvRGNPWkNxWFdJYTBDTG00ClRGQkh1UStGTmc0RE5aNy9nL3FI\nbHJIa3hLR0ZkTjd6WkFzOFkzeFdMNUEKLS0tIDBidk93Qy9LenFlSGZ2aEpuTUFt\nWVM2eS9UdXAvbzE4eEdKMjVEM3RLdm8KKeIhk+YOKVL9Y19lLyb6/Pxv8rbewK2e\nLm96jx+LOMOCFcQGxuFKWqQbTB4br/cPvRKSY5jFmFWqVg7pCPTAzQ==\n-----END AGE ENCRYPTED FILE-----\n" } ], - "lastmodified": "2024-11-02T21:28:14Z", - "mac": "ENC[AES256_GCM,data:jjQ7hFqMcvDa8sdarZ9wxNKHBVq9ZIKGW9nZXEuTu2u5seu+KxfdT6L0B3qNPNAwGY7/ywEsouFjxvrwPTGYdvJWAfjQ1Wk/XSRrTm7bMbjD7P/WY6BPCrFm4+7gs23pc3ph7pU5xMWET4CpQb998QRfE+oB1eTz5zxyyYksRI0=,iv:rL33TM33EP7VTlNWc3VLZdNLwkKbEIhe8jEOqCw4Zg0=,tag:bmbxGBy2vYWOXar+kFzBmw==,type:str]", + "lastmodified": "2024-11-08T13:45:54Z", + "mac": "ENC[AES256_GCM,data:B4jGOsd66wcETxULNdAcLL6rhQWkTnAJ/arjrMfdamdDS5X9Qke47v/Epg/cTfVqx7Mijn1v/YEHdzG8x0ZPRxZIVsBaEWOvJnE5Uw2Gs2It/PNef9oVtJHfiA6PntpdJkkwJYV3RIgdBlN5sS+VJuLY19MUPGN49pcHqSHqWJk=,iv:FUNX8jlXOBDmiuVHU0Q4XvPjCZDcjR/ZcL5se8BTc6k=,tag:pKpG3fDUPJyb3WAgH+HIGw==,type:str]", "pgp": null, "unencrypted_suffix": "_unencrypted", "version": "3.9.0" diff --git a/secrets/spacestation.yaml b/secrets/spacestation.yaml index 2b703df..db65a67 100644 --- a/secrets/spacestation.yaml +++ b/secrets/spacestation.yaml @@ -14,7 +14,7 @@ discord: environment: ENC[AES256_GCM,data:014h9/uoqKr6LDd4eDK/Ji91i8MR42q+p3sS4U2fx3VgjX34Xlx1KHxdXaX6BF4QBO9saQNfW2QjN/qE6qILDEGd9uZA4DiRnjoJCOYAETWyiMiK9Se6kE4QbN33IwpIphcxpRm+HP0x5R08WIbWJ+CHSoSpgEcez8iuwqTdK1sC7jrILmqQLMGPmF+yYZcxbaPfNRj0mu0jPpRt6fnhDuHvJ00wXHDC1n5bgsxi7oUdsGYJegLhFcRqAsdgq5qB/vO+d5GVJ9IkF0CsYiSUQVvUVdbOHvcA657jLjB8Fz+KIqW/AM2mMcgRdpRReOLYEsVAaS6gRdZr,iv:hdhTSfBZHgabivcAQTtL8Nfy+Pog+OD5SOJTtL8sJJA=,tag:JxUgFpiHG+55OWOb5TCnKw==,type:str] caddy: capytal: - env: ENC[AES256_GCM,data:K05kz7uUeG+7rEyIxdQf1HCmZZijFFx51IPK3MRH84A5lW++VHcogiKQZ2NBVzWQNIMNtRblwFOUo8x84OUSF10HEUTt4N/B/IQraYQ63qNvxYpXO8Trt1laKR1DBzxiOhdD4viYIh/q5Wy/TWZIJ9df9itvxqlB2iqibuM=,iv:r1ikjaVMG478/nP8NBgMletz0u4h2JLAbFOmqabr0XA=,tag:mWs6VHRguOq0SzjqgO9Gbg==,type:str] + env: ENC[AES256_GCM,data:6V7iWEKf0BT1pwqygAct2VA9HMVNAPEeZkdxsKme/HZZFpAKHvzV8hkAXYxPoMWgX+iEM6CG1VjzVEfh/AoXk9wvfpDDe+9IBKHUGvynq4l5HQFryDlpkBlncBNeWAM0wuSMo22NuTo8S3tlF37bl4H4AUjjCk89cUbrHiTXxgsi+FZoDZuNtCAQELZxWTbelSlmXBqgp4Jy2rSmurXINlMOIqUxpD6K8v5I2+Tqr3wnUCJ6fGyqNCtTeCKWNzaCMGDyeBWVvUAZ6O078+l7+5xhP0tZADoCp4RKa2Oa1Yj9NYuFffsllRmHuhxj/JQGNipsSRs=,iv:3e6nKOKKrlPpQaKvfgJCHVcJD8t8jLbmlZlm2VJVNjg=,tag:GL/gmT+pQPG82eS09ywK7g==,type:str] sops: kms: [] gcp_kms: [] @@ -30,8 +30,8 @@ sops: amRmVkVoS2RqeEs3OXZVeTlsZUVEV28K1WcbGJHT8LMah5b7NN1psiucTl1OfZYO 4T3RDSQMB3qj1TGQSdixjwRRKbMGtL3LXnvkNd+caVi5Z9OkF1O9Yg== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-11-02T21:27:39Z" - mac: ENC[AES256_GCM,data:j7TlKcPeda64G5wFFai07eulZA0OkQZhwouDHr9xCFMqEqfGVJaM0cbttC6xgJhiqyeTfKhLeM9ywK3icSO8P+hJ1yKSizAUPbKZJR/tV3f1Xqn7Acjwsitpfx7bZFvY9BoU12t+negxHM/CbVq53/drZiHpNL7Gb1V2lMSy7a4=,iv:klH6RE6N0Udn9cbXDLjaGijhiIFdyv5hXOppmChofHY=,tag:hHMbe+QY1RdyZhhGMg5yig==,type:str] + lastmodified: "2024-11-08T13:37:06Z" + mac: ENC[AES256_GCM,data:qOa5zdcTwutZvVKgrnrR66qJbWVRi36dyreqSZE5ugnGMIjAxQNewknCGk8/q9QUf22/84hHvEvO+uubm6tIIPOtmnfzUyhjk5vF+qPKDRE14lo1te0HZdgIJEi2dcjL7DyKBit4MqRBG+zQ/0eZ08/WIJtjGvMiRDl/e+Emq+I=,iv:gKMryS7SyTVKa1szEMT98gF7CCb96+6nUqQ2+j/lD0w=,tag:mn79m26+XxI2RJP989E4cw==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.9.0