Compare commits

..

No commits in common. "364974f31c70e4bc177ac57e0a78f45a3ab42087" and "48c04a94fa5cac713cf94782f92461179c2a9265" have entirely different histories.

5 changed files with 18 additions and 35 deletions

Binary file not shown.

View file

@ -7,17 +7,15 @@ let
node = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIETLBnc8kJokmFiA28BaSYpeE7flY1W0SM5C1pWv/tOv"; node = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIETLBnc8kJokmFiA28BaSYpeE7flY1W0SM5C1pWv/tOv";
pi4 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK9fnNXzEmDdmtR+KWj/M9vQioFR0s/4jMnIkUFcj8As"; pi4 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK9fnNXzEmDdmtR+KWj/M9vQioFR0s/4jMnIkUFcj8As";
proxy = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAf6Z7SZEOH3H51T/GPIc/B0OpbaydM5l2PP3nMnwpFl"; proxy = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAf6Z7SZEOH3H51T/GPIc/B0OpbaydM5l2PP3nMnwpFl";
git = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN8JLy/ipBfOet3/KT7rXOXHDjjmt+VqqQb3V+ILIuDN";
}; };
in { in {
"cf_dns_kilonull.age".publicKeys = [users.me machines.node machines.gospel machines.pi4 machines.proxy]; "cf_dns_kilonull.age".publicKeys = [users.me machines.node machines.gospel machines.pi4 machines.proxy];
"gitea-runner-gospel.age".publicKeys = [users.me machines.gospel];
"hass_mqtt.age".publicKeys = [users.me machines.pi4 machines.node machines.gospel];
"hydra-aws-creds.age".publicKeys = [users.me machines.gospel];
"nextcloud_admin.age".publicKeys = [users.me machines.node machines.gospel]; "nextcloud_admin.age".publicKeys = [users.me machines.node machines.gospel];
"tailscale_git_server.age".publicKeys = [users.me machines.git]; # This key expires, might have to update
"teslamate_db.age".publicKeys = [users.me machines.node machines.gospel];
"teslamate_encryption.age".publicKeys = [users.me machines.node machines.gospel];
"teslamate_mqtt.age".publicKeys = [users.me machines.pi4 machines.node machines.gospel];
"theengs_ble_mqtt.age".publicKeys = [users.me machines.pi4 machines.gospel]; "theengs_ble_mqtt.age".publicKeys = [users.me machines.pi4 machines.gospel];
"hass_mqtt.age".publicKeys = [users.me machines.pi4 machines.node machines.gospel];
"teslamate_db.age".publicKeys = [users.me machines.node machines.gospel];
"teslamate_mqtt.age".publicKeys = [users.me machines.pi4 machines.node machines.gospel];
"teslamate_encryption.age".publicKeys = [users.me machines.node machines.gospel];
"hydra-aws-creds.age".publicKeys = [users.me machines.gospel];
"gitea-runner-gospel.age".publicKeys = [users.me machines.gospel];
} }

Binary file not shown.

View file

@ -4,12 +4,9 @@
... ...
}: let }: let
domain = "git.alejandr0angul0.dev"; domain = "git.alejandr0angul0.dev";
secrets = config.age.secrets;
in { in {
imports = ["${inputs.nixpkgs}/nixos/modules/virtualisation/digital-ocean-config.nix"]; imports = ["${inputs.nixpkgs}/nixos/modules/virtualisation/digital-ocean-config.nix"];
age.secrets.authKeyFile.file = ../../../secrets/tailscale_git_server.age;
aa = { aa = {
nix.enable = true; nix.enable = true;
@ -20,10 +17,6 @@ in {
services = { services = {
openssh.enable = true; openssh.enable = true;
tailscale = {
enable = true;
configureClientRouting = true;
};
}; };
}; };
@ -32,11 +25,6 @@ in {
enableACME = true; enableACME = true;
}; };
services.tailscale = {
authKeyFile = secrets.authKeyFile.path;
extraUpFlags = ["--ssh"];
};
security.acme = { security.acme = {
acceptTerms = true; acceptTerms = true;
defaults = { defaults = {

View file

@ -76,21 +76,18 @@
}) })
]; ];
services.gitea-actions-runner = { services.gitea-actions-runner.instances = {
package = pkgs.forgejo-runner; gospel = {
instances = { enable = true;
gospel = { name = config.networking.hostName;
enable = true; url = "https://gitea.kilonull.com";
name = config.networking.hostName; tokenFile = config.age.secrets.gitea-runner-gospel.path;
url = "https://git.alejandr0angul0.dev"; labels = [
tokenFile = config.age.secrets.gitea-runner-gospel.path; "ubuntu-latest:docker://node:16-bullseye"
labels = [ "ubuntu-22.04:docker://node:16-bullseye"
"ubuntu-latest:docker://node:16-bullseye" "ubuntu-20.04:docker://node:16-bullseye"
"ubuntu-22.04:docker://node:16-bullseye" "ubuntu-18.04:docker://node:16-buster"
"ubuntu-20.04:docker://node:16-bullseye" ];
"ubuntu-18.04:docker://node:16-buster"
];
};
}; };
}; };
virtualisation = { virtualisation = {