changes maybe

2023-09-20 18:04:33 +01:00 · 2023-09-20 18:04:33 +01:00 · 5a246be433
parent 9f54e8efa0
commit 5a246be433
5 changed files with 20 additions and 9 deletions
--- a/hosts/vault/profiles/vault.nix
+++ b/hosts/vault/profiles/vault.nix
@ -12,6 +12,8 @@
  services.nginx.virtualHosts."vault.owo.monster" = {
    forceSSL = true;
    enableACME = true;
-    locations = {"/" = {proxyPass = "http://127.0.0.1:8200";};};
+    locations = {
+      "/".proxyPass = "http://127.0.0.1:8200";
+    };
  };
 }
--- a/hosts/vault/secrets.nix
+++ b/hosts/vault/secrets.nix
@ -1,7 +1,15 @@
 {...}: {
+  # Since this is the machine that hosts vault
+  systemd.services.vault = {
+    before = "auto-secrets.service";
+    partOf = "auto-secrets-service";
+  };
+
  services.secrets = {
    enable = true;

+    vaultURL = "http://127.0.0.1:8200";
+
    vaultLogin = {
      enable = true;
      loginUsername = "vault";
--- a/outputs.nix
+++ b/outputs.nix
@ -52,6 +52,7 @@ in
            inherit (pkgs) gotosocial;
            inherit (pkgs) cockroachdb;
            inherit (pkgs) piped-backend piped-frontend piped-proxy;
+            inherit (pkgs) kitty-terminfo;
          };
        }

--- a/overlay/default.nix
+++ b/overlay/default.nix
@ -10,7 +10,7 @@ final: prev: rec {

  kitty-terminfo = final.runCommand "kitty-terminfo" {} ''
    mkdir -p $out/share
-    cp -r ${./kitty-terminfo/terminfo} $out/share
+    cp -r ${./kitty-terminfo}/* $out/share
  '';

  cockroachdb-bin = final.callPackage ./cockroachdb-bin {};
--- a/presets/nixos/serverHetzner.nix
+++ b/presets/nixos/serverHetzner.nix
@ -11,10 +11,10 @@

  system = pkgs.system;

-  container-ips = import "${self}/data/serverIPs.nix";
+  serverIPs = import "${self}/data/serverIPs.nix";

  hostName = config.networking.hostName;
-  serverIPs = container-ips.${hostName};
+  hostServerIPs = serverIPs.${hostName};

  gateway = "172.31.1.1";
  netmask = "255.255.255.255";
@ -43,7 +43,7 @@ in {
  boot.kernelParams =
    [
      "console=tty0"
-      "ip=${serverIPs.ipv4}::${gateway}:${netmask}:${hostName}:enp1s0:any"
+      "ip=${hostServerIPs.ipv4}::${gateway}:${netmask}:${hostName}:enp1s0:any"
      "boot.shell_on_fail"
      "nohibernate"
      "loglevel=4"
@ -57,22 +57,22 @@ in {
      networkConfig.DHCP = "no";
      address = [
        # v4
-        "${serverIPs.ipv4}/32"
+        "${hostServerIPs.ipv4}/32"

        # v6
-        "${serverIPs.ipv6}/64"
+        "${hostServerIPs.ipv6}/64"
      ];

      routes = [
        # v4
        {
          routeConfig = {
-            Destination = "172.31.1.1";
+            Destination = gateway;
          };
        }
        {
          routeConfig = {
-            Gateway = "172.31.1.1";
+            Gateway = gateway;
            GatewayOnLink = true;
          };
        }