kfm/niveum
1
0
Fork 0
mirror of https://github.com/kmein/niveum synced 2026-03-19 03:21:10 +01:00
Code Releases Activity

chore: get secrets via input, mock for CI

Browse Source 
this fixes CI, yay!
This commit is contained in:
Kierán Meinhardt
2023-06-27 17:57:42 +02:00
parent d0edb9c915
commit 3138fd23ef
32 changed files with 203 additions and 111 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
configs/aerc.nix
View File

@@ -2,6 +2,7 @@
pkgs,
config,
lib,
inputs,
...
}: let
defaults = {
@@ -19,43 +20,43 @@
in {
age.secrets = {
email-password-cock = {
file = ../secrets/email-password-cock.age;
file = inputs.secrets + "/email-password-cock.age";
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
email-password-fysi = {
file = ../secrets/email-password-fysi.age;
file = inputs.secrets + "/secrets/email-password-fysi.age";
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
email-password-posteo = {
file = ../secrets/email-password-posteo.age;
file = inputs.secrets + "/email-password-posteo.age";
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
email-password-meinhark = {
file = ../secrets/email-password-meinhark.age;
file = inputs.secrets + "/email-password-meinhark.age";
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
email-password-meinhaki = {
file = ../secrets/email-password-meinhaki.age;
file = inputs.secrets + "/email-password-meinhaki.age";
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
email-password-dslalewa = {
file = ../secrets/email-password-dslalewa.age;
file = inputs.secrets + "/email-password-dslalewa.age";
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
email-password-fsklassp = {
file = ../secrets/email-password-fsklassp.age;
file = inputs.secrets + "/email-password-fsklassp.age";
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";

3
configs/cloud.nix
View File

@@ -2,6 +2,7 @@
config,
lib,
pkgs,
inputs,
...
}: let
inherit (import ../lib) tmpfilesConfig;
@@ -97,7 +98,7 @@ in {
];
age.secrets.mega-password = {
file = ../secrets/mega-password.age;
file = inputs.secrets + "/mega-password.age";
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";

6
configs/default.nix
View File

@@ -37,13 +37,13 @@ in {
{
age.secrets = {
di-fm-key = {
file = ../secrets/di-fm-key.age;
file = inputs.secrets + "/di-fm-key.age";
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
restic = {
file = ../secrets/restic.age;
file = inputs.secrets + "/restic.age";
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
@@ -76,7 +76,7 @@ in {
};
age.secrets = {
kfm-password.file = ../secrets/kfm-password.age;
kfm-password.file = inputs.secrets + "/kfm-password.age";
};
home-manager.users.me.xdg.enable = true;

10
configs/hu-berlin.nix
View File

@@ -1,15 +1,9 @@
{
config,
pkgs,
lib,
inputs,
...
}: let
inherit (lib.strings) fileContents;
inherit (import ../lib) sshPort;
eduroam = {
identity = fileContents <secrets/eduroam/identity>;
password = fileContents <secrets/eduroam/password>;
};
hu-berlin-cifs-options = [
"uid=${toString config.users.users.me.uid}"
"gid=${toString config.users.groups.users.gid}"
@@ -35,7 +29,7 @@ in {
options = hu-berlin-cifs-options;
};
age.secrets.cifs-credentials-hu-berlin.file = ../secrets/cifs-credentials-hu-berlin.age;
age.secrets.cifs-credentials-hu-berlin.file = inputs.secrets + "/cifs-credentials-hu-berlin.age";
home-manager.users.me.programs.ssh = {
matchBlocks = {

5
configs/i3.nix
View File

@@ -3,6 +3,7 @@
pkgs,
lib,
niveumPackages,
inputs,
...
}: let
inherit (import ../lib) defaultApplications colours;
@@ -65,13 +66,13 @@
in {
age.secrets = {
github-token-i3status-rust = {
file = ../secrets/github-token-i3status-rust.age;
file = inputs.secrets + "/github-token-i3status-rust.age";
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
openweathermap-api-key = {
file = ../secrets/openweathermap-api-key.age;
file = inputs.secrets + "/openweathermap-api-key.age";
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";

6
configs/khal.nix
View File

@@ -1,7 +1,7 @@
{
config,
pkgs,
lib,
inputs,
...
}: let
davHome = "~/.local/share/dav";
@@ -18,13 +18,13 @@
in {
age.secrets = {
nextcloud-password-kieran = {
file = ../secrets/nextcloud-password-kieran.age;
file = inputs.secrets + "/nextcloud-password-kieran.age";
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
nextcloud-password-fysi = {
file = ../secrets/nextcloud-password-fysi.age;
file = inputs.secrets + "/nextcloud-password-fysi.age";
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";

4
configs/packages.nix
View File

@@ -1,10 +1,8 @@
{
config,
pkgs,
lib,
inputs,
niveumPackages,
unstablePackages,
...
}: let
worldradio = pkgs.callPackage ../packages/worldradio.nix {};
@@ -291,7 +289,7 @@ in {
];
age.secrets.home-assistant-token = {
file = ../secrets/home-assistant-token.age;
file = inputs.secrets + "/home-assistant-token.age";
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";

4
configs/telegram-bots/autorenkalender.nix
View File

@@ -1,6 +1,6 @@
{
pkgs,
lib,
inputs,
config,
...
}: let
@@ -22,7 +22,7 @@ in {
command = "${autorenkalender}/bin/autorenkalender";
};
age.secrets.telegram-token-kmein.file = ../../secrets/telegram-token-kmein.age;
age.secrets.telegram-token-kmein.file = inputs.secrets + "/telegram-token-kmein.age";
niveum.passport.services = [
{

7
configs/telegram-bots/default.nix
View File

@@ -1,7 +1,6 @@
{
config,
pkgs,
lib,
inputs,
...
}: let
@@ -48,9 +47,9 @@ in {
];
age.secrets = {
telegram-token-reverse.file = ../../secrets/telegram-token-reverse.age;
telegram-token-betacode.file = ../../secrets/telegram-token-betacode.age;
telegram-token-proverb.file = ../../secrets/telegram-token-proverb.age;
telegram-token-reverse.file = inputs.secrets + "/telegram-token-reverse.age";
telegram-token-betacode.file = inputs.secrets + "/telegram-token-betacode.age";
telegram-token-proverb.file = inputs.secrets + "/telegram-token-proverb.age";
};
systemd.services.telegram-reverse = {

4
configs/telegram-bots/nachtischsatan.nix
View File

@@ -1,7 +1,7 @@
{
pkgs,
config,
lib,
inputs,
...
}: let
nachtischsatan-bot = {tokenFile}:
@@ -36,7 +36,7 @@ in {
serviceConfig.Restart = "always";
};
age.secrets.telegram-token-nachtischsatan.file = ../../secrets/telegram-token-nachtischsatan.age;
age.secrets.telegram-token-nachtischsatan.file = inputs.secrets + "/telegram-token-nachtischsatan.age";
niveum.passport.services = [
{

4
configs/traadfri.nix
View File

@@ -1,7 +1,7 @@
{
config,
pkgs,
lib,
inputs,
...
}: let
inherit (import ../lib) localAddresses;
@@ -20,7 +20,7 @@ in {
];
age.secrets.traadfri-key = {
file = ../secrets/traadfri-key.age;
file = inputs.secrets + "/traadfri-key.age";
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";