fudosys
/
nixops
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Working encrypted sea-store

This commit is contained in:
niten 2021-10-18 08:41:11 -07:00
parent 30843aa72d
commit e8e02c906c
4 changed files with 29 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
fudo-home

@ -1 +1 @@
Subproject commit 330d0a014f14b2cf65aeb853729f779ce4edb0a7 Subproject commit 1ba24b9571aaad13bc91e27fce0096a66bdcb677

2
fudo-nixos

@ -1 +1 @@
Subproject commit 0330f6ae7806e9c7418f65bcb78ef93d634f0897 Subproject commit 3d5d7e389eceb5613b314bf084eed6667f0fa8f9

31
seattle/flake.lock
View File

@ -226,11 +226,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1634065164, "lastModified": 1634504012,
"narHash": "sha256-r32yoecnAuM1aDLtOIW89IYD9gve+HF8PEtA1s0SA5g=", "narHash": "sha256-MbU+ZDyp+sxaFMBs0QH04nieh3vvyC9lzSn9fDk1+zM=",
"ref": "flake", "ref": "flake",
"rev": "330d0a014f14b2cf65aeb853729f779ce4edb0a7", "rev": "1ba24b9571aaad13bc91e27fce0096a66bdcb677",
"revCount": 34, "revCount": 37,
"type": "git", "type": "git",
"url": "https://git.fudo.org/niten/nix-home.git" "url": "https://git.fudo.org/niten/nix-home.git"
}, },
@ -243,18 +243,13 @@
"fudo-nixos": { "fudo-nixos": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1634320727, "narHash": "sha256-CjAIAldxjdR7mmPLhUWqQwjMLYI81fFHhE8tlfw3hGc=",
"narHash": "sha256-F/6NRlObZ3MAooVsd9LWHQ0zy8ExiBph5WfBKBRnR5Q=", "path": "/state/nixops/fudo-nixos",
"ref": "nixops-flake", "type": "path"
"rev": "0330f6ae7806e9c7418f65bcb78ef93d634f0897",
"revCount": 323,
"type": "git",
"url": "ssh://fudo_git@git.fudo.org:2222/fudosys/NixOS.git"
}, },
"original": { "original": {
"ref": "nixops-flake", "path": "/state/nixops/fudo-nixos",
"type": "git", "type": "path"
"url": "ssh://fudo_git@git.fudo.org:2222/fudosys/NixOS.git"
} }
}, },
"fudo-pkgs": { "fudo-pkgs": {
@ -282,7 +277,7 @@
"ssh-keypairs": "ssh-keypairs" "ssh-keypairs": "ssh-keypairs"
}, },
"locked": { "locked": {
"narHash": "sha256-nUKoSR+Xpl+pm/iVu8vOL0MmgKDb2bBdA86P+2d8g6U=", "narHash": "sha256-m1PDoHAJ+FSB38iM2hE43w5mEKz4KyFzar5pgjrowAc=",
"path": "/state/secrets", "path": "/state/secrets",
"type": "path" "type": "path"
}, },
@ -375,11 +370,11 @@
}, },
"nixpkgs_2": { "nixpkgs_2": {
"locked": { "locked": {
"lastModified": 1634115022, "lastModified": 1634327140,
"narHash": "sha256-K9DZMQ47VRrg9gtTPwex5p0E8LnwM/dDkNe7AQW0qj0=", "narHash": "sha256-d5L7oMjUVC6VU0cQMsF0tceAPkmzuAQ51DWBFNChbEQ=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "564cb4d81d4f734dd068684adec5a60077397fe9", "rev": "83667ff60a88e22b76ef4b0bdf5334670b39c2b6",
"type": "github" "type": "github"
}, },
"original": { "original": {

17
seattle/flake.nix
View File

@ -16,8 +16,8 @@
fudo-pkgs.url = "git+https://git.fudo.org/fudo-public/fudo-pkgs.git"; fudo-pkgs.url = "git+https://git.fudo.org/fudo-public/fudo-pkgs.git";
fudo-nixos = { fudo-nixos = {
# url = "path:/state/nixops/fudo-nixos"; url = "path:/state/nixops/fudo-nixos";
url = "git+ssh://fudo_git@git.fudo.org:2222/fudosys/NixOS.git?ref=nixops-flake"; # url = "git+ssh://fudo_git@git.fudo.org:2222/fudosys/NixOS.git?ref=nixops-flake";
# Don't import it as a flake # Don't import it as a flake
flake = false; flake = false;
}; };
@ -75,7 +75,18 @@
nixpkgs.pkgs = pkgs-for system; nixpkgs.pkgs = pkgs-for system;
deployment.targetHost = network-hosts.${hostname}.ipv4-address; deployment = with lib; {
targetHost = network-hosts.${hostname}.ipv4-address;
keys = if (hasAttr hostname config.fudo.secrets.files.host-filesystem-keys)
then
mapAttrs (secret: secret-file: {
keyFile = secret-file;
user = "root";
permissions = "0400";
}) config.fudo.secrets.files.host-filesystem-keys.${hostname}
else {};
};
}) hosts); }) hosts);
}; };
} }