From 69807265412c42d77d03b8db364f53cb81d41bb7 Mon Sep 17 00:00:00 2001 From: chaos Date: Wed, 20 Sep 2023 18:17:50 +0100 Subject: [PATCH] fix up some path names --- data/{ => drives}/raspberryExternalDrive.nix | 0 data/{ => piped}/pipedClusterConfig.nix | 4 +++- data/{ => piped}/pipedClusterPorts.nix | 0 data/{ => wireguard}/chaosInternalWireGuard.nix | 0 data/{ => wireguard}/chaosInternalWireGuardPubKeys.json | 0 extras/mk-raspberry-ext-drive.nix | 2 +- hosts/hetzner-vm/containers/social/default.nix | 2 +- .../containers/social/profiles/{backups.nix => restic.nix} | 0 hosts/raspberry/profiles/cockroachDB.nix | 2 +- hosts/raspberry/profiles/externalDrive.nix | 2 +- hosts/vault/secrets.nix | 4 +--- lib/internalWireGuardLib.nix | 2 +- outputs.nix | 2 +- presets/nixos/encryptedDrive.nix | 4 ++-- profiles/chaosInternalWireGuard/wireguard.nix | 2 +- profiles/usbAutoMount.nix | 2 +- 16 files changed, 14 insertions(+), 14 deletions(-) rename data/{ => drives}/raspberryExternalDrive.nix (100%) rename data/{ => piped}/pipedClusterConfig.nix (89%) rename data/{ => piped}/pipedClusterPorts.nix (100%) rename data/{ => wireguard}/chaosInternalWireGuard.nix (100%) rename data/{ => wireguard}/chaosInternalWireGuardPubKeys.json (100%) rename hosts/hetzner-vm/containers/social/profiles/{backups.nix => restic.nix} (100%) diff --git a/data/raspberryExternalDrive.nix b/data/drives/raspberryExternalDrive.nix similarity index 100% rename from data/raspberryExternalDrive.nix rename to data/drives/raspberryExternalDrive.nix diff --git a/data/pipedClusterConfig.nix b/data/piped/pipedClusterConfig.nix similarity index 89% rename from data/pipedClusterConfig.nix rename to data/piped/pipedClusterConfig.nix index 282bb6a..c0e3e79 100644 --- a/data/pipedClusterConfig.nix +++ b/data/piped/pipedClusterConfig.nix @@ -1,5 +1,5 @@ let - internalWireGuard = import ./chaosInternalWireGuard.nix; + internalWireGuard = import ../wireguard/chaosInternalWireGuard.nix; ports = import ./pipedClusterPorts.nix; in rec { inherit ports; @@ -27,6 +27,8 @@ in rec { joinString = "${ip}:${toString ports.cockroachDB}"; advertiseAddr = joinString; + resticBucket = "Piped-UK"; + vaultUserName = "rapsberry-container-piped-uk"; baseDomain = "piped-uk.owo.monster"; diff --git a/data/pipedClusterPorts.nix b/data/piped/pipedClusterPorts.nix similarity index 100% rename from data/pipedClusterPorts.nix rename to data/piped/pipedClusterPorts.nix diff --git a/data/chaosInternalWireGuard.nix b/data/wireguard/chaosInternalWireGuard.nix similarity index 100% rename from data/chaosInternalWireGuard.nix rename to data/wireguard/chaosInternalWireGuard.nix diff --git a/data/chaosInternalWireGuardPubKeys.json b/data/wireguard/chaosInternalWireGuardPubKeys.json similarity index 100% rename from data/chaosInternalWireGuardPubKeys.json rename to data/wireguard/chaosInternalWireGuardPubKeys.json diff --git a/extras/mk-raspberry-ext-drive.nix b/extras/mk-raspberry-ext-drive.nix index 95d5646..fbe2c0f 100644 --- a/extras/mk-raspberry-ext-drive.nix +++ b/extras/mk-raspberry-ext-drive.nix @@ -4,7 +4,7 @@ btrfs-progs, writeShellApplication, }: let - externalDriveData = import ../data/raspberryExternalDrive.nix; + externalDriveData = import ../data/drives/raspberryExternalDrive.nix; in (writeShellApplication { name = "mk-raspberry-ext-drive"; runtimeInputs = [ diff --git a/hosts/hetzner-vm/containers/social/default.nix b/hosts/hetzner-vm/containers/social/default.nix index d65deb7..cd7d08c 100644 --- a/hosts/hetzner-vm/containers/social/default.nix +++ b/hosts/hetzner-vm/containers/social/default.nix @@ -55,7 +55,7 @@ in { ] ++ (with hosts.hetzner-vm.containers.social; [ profiles.gotosocial - profiles.backups + profiles.restic ]); environment.systemPackages = with pkgs; [ diff --git a/hosts/hetzner-vm/containers/social/profiles/backups.nix b/hosts/hetzner-vm/containers/social/profiles/restic.nix similarity index 100% rename from hosts/hetzner-vm/containers/social/profiles/backups.nix rename to hosts/hetzner-vm/containers/social/profiles/restic.nix diff --git a/hosts/raspberry/profiles/cockroachDB.nix b/hosts/raspberry/profiles/cockroachDB.nix index b77dc0e..175ef20 100644 --- a/hosts/raspberry/profiles/cockroachDB.nix +++ b/hosts/raspberry/profiles/cockroachDB.nix @@ -1,5 +1,5 @@ {self, ...}: let - internalWireGuard = import "${self}/data/chaosInternalWireGuard.nix"; + internalWireGuard = import "${self}/data/wireguard/chaosInternalWireGuard.nix"; in { systemd.tmpfiles.rules = [ "d /var/lib/cockroachdb-certs - root root" diff --git a/hosts/raspberry/profiles/externalDrive.nix b/hosts/raspberry/profiles/externalDrive.nix index ecd34e8..bb1fb42 100644 --- a/hosts/raspberry/profiles/externalDrive.nix +++ b/hosts/raspberry/profiles/externalDrive.nix @@ -3,7 +3,7 @@ pkgs, ... }: let - externalDriveData = import "${self}/data/raspberryExternalDrive.nix"; + externalDriveData = import "${self}/drives/data/raspberryExternalDrive.nix"; mountExternalDrive = let jq = "${pkgs.jq}/bin/jq"; diff --git a/hosts/vault/secrets.nix b/hosts/vault/secrets.nix index 5958009..2c3d531 100644 --- a/hosts/vault/secrets.nix +++ b/hosts/vault/secrets.nix @@ -27,9 +27,7 @@ manual = true; }; - # this doesn't need to be a secret and can be generated at install time - # but it makes it easier to install. - # it's stored in /nix store anyway +r ssh_host_ed25519_key = { path = "/ssh_host_ed25519_key"; permissions = "600"; diff --git a/lib/internalWireGuardLib.nix b/lib/internalWireGuardLib.nix index dc9722c..1d80ea8 100644 --- a/lib/internalWireGuardLib.nix +++ b/lib/internalWireGuardLib.nix @@ -8,7 +8,7 @@ inherit (lib.strings) concatStringsSep; inherit (builtins) attrNames; - wireguardData = import ../data/chaosInternalWireGuard.nix; + wireguardData = import ../data/wireguard/chaosInternalWireGuard.nix; wireguardHosts = wireguardData.hosts; kvPathForHost = host: "/private-public-keys/wireguard/chaos-internal/${host}"; diff --git a/outputs.nix b/outputs.nix index ff974a9..002fae2 100644 --- a/outputs.nix +++ b/outputs.nix @@ -63,7 +63,7 @@ in inherit pkgs; }; - wireguardData = import ./data/chaosInternalWireGuard.nix; + wireguardData = import ./data/wireguard/chaosInternalWireGuard.nix; hostsWithWireGuard = builtins.attrNames wireguardData.hosts; in { packages = mergeAttrsList [ diff --git a/presets/nixos/encryptedDrive.nix b/presets/nixos/encryptedDrive.nix index 19f654b..7098d24 100644 --- a/presets/nixos/encryptedDrive.nix +++ b/presets/nixos/encryptedDrive.nix @@ -7,8 +7,8 @@ }: let inherit (lib.modules) mkBefore; - encryptedUSB = import "${self}/data/encryptedUSB.nix"; - driveData = import "${self}/data/drives/normalEncryptedDrive.nix"; + encryptedUSB = import "${self}/data/drives/encryptedUSB.nix"; + driveData = import "${self}/data/drives/encryptedDrive.nix"; in { boot = { initrd.availableKernelModules = [ diff --git a/profiles/chaosInternalWireGuard/wireguard.nix b/profiles/chaosInternalWireGuard/wireguard.nix index b8cfb63..55ab414 100644 --- a/profiles/chaosInternalWireGuard/wireguard.nix +++ b/profiles/chaosInternalWireGuard/wireguard.nix @@ -11,7 +11,7 @@ # Assume this to be set secrets = config.services.secrets.secrets; - wireguardData = import "${self}/data/chaosInternalWireGuard.nix"; + wireguardData = import "${self}/data/wireguard/chaosInternalWireGuard.nix"; wireguardHosts = wireguardData.hosts; currentHostName = config.networking.hostName; diff --git a/profiles/usbAutoMount.nix b/profiles/usbAutoMount.nix index 592c4f1..0b4db82 100644 --- a/profiles/usbAutoMount.nix +++ b/profiles/usbAutoMount.nix @@ -1,5 +1,5 @@ {pkgs, ...}: let - encryptedUSB = import ../data/encryptedUSB.nix; + encryptedUSB = import ../data/drives/encryptedUSB.nix; encUSBMount = pkgs.writeShellScriptBin "enc_usb_mount" '' set -x