newedge/infra
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: newedge:mob/gitea
Branches Tags
newedge:main newedge:mob/fax-machine-relay newedge:fax-machine-relay newedge:whitehouse-router newedge:mob/vega-backup newedge:mob/router-device newedge:router-device newedge:vega-backup newedge:mob/inventree-test newedge:inventree-test newedge:mob/noreply-mailer newedge:noreply-mailer newedge:mob/vega-ups newedge:b4l-vpn newedge:vega-ups newedge:mob/gitea newedge:gitea
..
compare: newedge:a3a776722f00fe1a6b3e5cd04af0dc926aaae013
Branches Tags
newedge:mob/fax-machine-relay newedge:fax-machine-relay newedge:main newedge:whitehouse-router newedge:mob/vega-backup newedge:mob/router-device newedge:router-device newedge:vega-backup newedge:mob/inventree-test newedge:inventree-test newedge:mob/noreply-mailer newedge:noreply-mailer newedge:mob/vega-ups newedge:b4l-vpn newedge:vega-ups newedge:mob/gitea newedge:gitea

10 Commits
mob/gitea ... a3a776722f

Author SHA1 Message Date
kurogeek
a3a776722f Add berwn to secret 2025-09-22 16:11:51 +07:00
kurogeek
e182dcb248 Add berwn to secret 2025-09-22 16:11:34 +07:00
kurogeek
db5e0e55ce age-plugin-yubikey 2025-09-22 14:37:02 +07:00
kurogeek
aa19ffa9ba add matthewcroughan to admin 2025-09-22 14:36:45 +07:00
kurogeek
d344790bfe add vi to admin 2025-09-22 11:59:50 +07:00
kurogeek
3937ce27db Add user vi to secrets 2025-09-22 11:59:35 +07:00
kurogeek
c78048d53a add davhau to admin 2025-09-22 11:11:59 +07:00
kurogeek
0fb4199965 add berwn to admin 2025-09-22 11:11:16 +07:00
kurogeek
4dd06992e0 Add user davhau to secrets 2025-09-22 10:29:57 +07:00
kurogeek
dbdaa8ae22 Add user berwn to secrets 2025-09-22 10:27:37 +07:00
13 changed files with 41 additions and 106 deletions
Expand all files Collapse all files

17
inventories/default.nix
View File

@@ -21,8 +21,18 @@
};
roles.default.tags."all" = { };
roles.default.settings.allowedKeys = {
"berwn" = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAB/raxJR8gASmquP63weHelbi+da2WBJR1DgzHPNz/f";
"davhau" = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDuhpzDHBPvn8nv8RH1MRomDOaXyP4GziQm7r3MZ1Syk";
"vi" =
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAmgyEGuY/r7SDlJgrzYmQqpcWS5W+fCzRi3OS59ne4W openpgp:0xFF687387";
"kurogeek" =
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEcZ/p1Ofa9liwIzPWzNtONhJ7+FUWd2lCz33r81t8+w kurogeek@kurogeek";
"matthewcroughan" =
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIOJDRQfb1+7VK5tOe8W40iryfBWYRO6Uf1r2viDjmsJtAAAABHNzaDo=";
"matthewcroughan-1" =
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIDgsWq+G/tcr6eUQYT7+sJeBtRmOMabgFiIgIV44XNc6AAAABHNzaDo=";
"matthewcroughan-2" =
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIJMi3TAuwDtIeO4MsORlBZ31HzaV5bji1fFBPcC9/tWuAAAABHNzaDo=";
};
};
@@ -90,13 +100,6 @@
};
roles.default.machines.b4l = { };
};
gitea = {
module = {
name = "gitea";
input = "self";
};
roles.default.machines.b4l = { };
};
};
};
};

2
machines/b4l/services/gitea.nix
View File

@@ -1,2 +0,0 @@
{
}

1
machines/default.nix
View File

@@ -6,6 +6,7 @@
clan = {
meta.name = "NewEdgeClan";
machines = { };
secrets.age.plugins = [ "age-plugin-yubikey" ];
specialArgs = { inherit inputs self; };
inherit self;
};

27
modules/clan/gitea/default.nix
View File

@@ -1,27 +0,0 @@
{ ... }:
{
_class = "clan.service";
manifest.name = "gitea";
manifest.description = "Git with a cup of tea!";
manifest.categories = [ "System" ];
roles.default = {
perInstance.nixosModule =
{
config,
lib,
...
}:
{
services.gitea = {
enable = lib.mkDefault true;
dump = {
enable = lib.mkDefault true;
};
};
clan.core.state.gitea.folders = [ config.services.gitea.dump.backupDir ];
};
};
}

18
modules/clan/gitea/flake-module.nix
View File

@@ -1,18 +0,0 @@
{ lib, ... }:
let
module = lib.modules.importApply ./default.nix { };
in
{
clan.modules = {
gitea = module;
};
perSystem =
{ ... }:
{
clan.nixosTests.gitea = {
imports = [ ./tests/vm/default.nix ];
clan.modules."@clan/gitea" = module;
};
};
}

50
modules/clan/gitea/tests/vm/default.nix
View File

@@ -1,50 +0,0 @@
{
pkgs,
lib,
...
}:
{
name = "service-gitea";
clan = {
directory = ./.;
inventory = {
machines.server = { };
instances = {
gitea-test = {
module.name = "@clan/gitea";
module.input = "self";
roles.default.machines."server".settings = { };
};
};
};
};
nodes = {
server = {
services.gitea = {
dump.file = "test-dump";
};
};
};
testScript =
{ nodes, ... }:
let
gitea = nodes.server.config.services.gitea;
in
''
start_all()
server.wait_for_unit("gitea")
server.succeed("systemctl status gitea")
server.wait_for_open_port(3000)
server.succeed("curl http://127.0.0.1:3000")
server.succeed("${lib.getExe pkgs.gitea} dump -h")
server.succeed("systemctl start gitea-dump")
server.wait_for_file("${gitea.dump.backupDir}/${gitea.dump.file}")
'';
}

6
sops/secrets/b4l-age.key/secret
View File

@@ -4,7 +4,11 @@
"age": [
{
"recipient": "age1hlzrpqqgndcthq5m5yj9egfgyet2fzrxwa6ynjzwx2r22uy6m3hqr3rd06",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWQ1JCN01wWHVETDM5Q3Y0\nUDNPanFKY2pjeXZJTlFMQWtIYVluMWZCZ1U0CjNwSmEvTkNZbWdmNlRBbXE5Vzhs\nbFdxMDNUclZETlNDeFlZeHBDV0xoR0UKLS0tIGF6ZlpsRWRJajk2dlFKR25RRkdG\nL1FOQWRIcE1XNkJSWkhLSFBIRHhuWVUKEOkLKs2OFUwGMXeo9Fn/3cEZGgMLbXnO\nthqX0FRS22BE092jx2EuxK1HQYo/iTojPwg0LP692R9DZMZ1bKfqQw==\n-----END AGE ENCRYPTED FILE-----\n"
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBET0c5MlJITnkrc0xabG16\nUkozL1l5MFE4Z1VlVzhvZlBUeEJZdTVJdDI0CnM5cnpWbXBQSm1rdEFUSFZTWjND\ndElIak1lRXRKVjZIZGJXenNiRFpGZ0EKLS0tIHV2c1VNWnJ0U3RDYm01Y0UzSnpo\nckxYdCtQYytINVgxL2JETUx1cmpCQTAKKNEWaefV8YZOdMtXLYv7ZfOgDyyG3An1\neHYx0s1La/vyvCMkNWWLoU7X4Ny+GbjY5eyq/QK3bAyVVvuvrc5y6A==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1swlyyk2rzvevqawyeekv75nx2dz34zpe3xqhkqme26gcgeavy4dqrfpcd8",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBpSDYvNDlKeDlqdjVweGpZ\nMXdScXdSUnNEcVh0WlpWL294dnlKaUtVNzFRCk9wNndueEdXaHVzUmIvZHNJdFFB\neGlvUndxRllsSm42cmdTUzl4V3k0cDgKLS0tIFRFVHR0Ym01WElJWDJkNXJjajZu\nQzBBY3lwL1dKVWlsRTRMSTZhbGJzb00KReVAh4l1B9kNNinnK/qiUJDYrP/BFGAb\nh4ueWhRihaOd/YLb89nl/3GnsTFb/5HEf7TRIXdqacMOazcgEHtgjw==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2025-07-14T03:23:25Z",

1
sops/secrets/b4l-age.key/users/berwn Symbolic link
View File

@@ -0,0 +1 @@
../../../users/berwn

6
sops/secrets/rigel-age.key/secret
View File

@@ -4,7 +4,11 @@
"age": [
{
"recipient": "age1hlzrpqqgndcthq5m5yj9egfgyet2fzrxwa6ynjzwx2r22uy6m3hqr3rd06",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAyQzVPVHBBb3l6RzFtNUwv\nSGVkQ1BuMnFiREVjY0lJbnppUjRxNnNBQlZVCkdqN2lGMmp1OFZUNG1tbmFZRklk\nL0xzMEdvemtSQnNGOVNjOXEyM21NYlkKLS0tIEdwWEZpY3JZK1phRU8rSmExVENR\nWkZnRjhKZ2duNDZkVnpHQU1FakpGYzAK/wnN9n5MMUnzDJC7PWrOcO+TbiuTbSPX\n5BKJbuBLw3Qokbh8fT9VUX8UsExw+UaaPnXPcbYX4xhBhiZ0RTmyMw==\n-----END AGE ENCRYPTED FILE-----\n"
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWWk9KTEJHR0d1WTRDWGFS\naW16L3E1WEFBNFpwSVZ3T0xUMEZBcXBrSGs0Cllua20yVHV2djEzOE55Qk5zKzlp\nQmo3UVMreVFKVTJTVGl4ajdVZ0FZNk0KLS0tIGF0VWVJNGU0M05ZajF1Q1NscHpC\naG1vblk4NmY2KzIzN1V6bWVrYW01OUUKAfMKTPzIhVd0W8yfob9No53RnaNC67Fy\nMohQHZ38caz8LhqFfDzm1vm8xi1F8kcaW6ugcPH532fdDxkS6dfnoQ==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1swlyyk2rzvevqawyeekv75nx2dz34zpe3xqhkqme26gcgeavy4dqrfpcd8",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB6YnFMZ3F5cjJDa1poTGpD\nRURZYVZNLzByMzgwZytWZDhBaVFIbndmbldzCjlvYnRVTnNwRWVKRG40MWJrQXJz\naENEWWh3TFE4Uit2ODhncWJHZ1hvdk0KLS0tIFlIUmlqVWRlQzRxcFZHMFlzVmJh\nYkdBSzJlT0pnYlRacmhINFRyZzVIdVEKJJL7XFqZafNQmfzwwjVDMw/cPob830oI\nsVQe1HaUK7IujWTCbD8l0uoqsODdaWOMDVwxuiKr+yHY4iwar+rI6w==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2025-07-25T02:12:20Z",

1
sops/secrets/rigel-age.key/users/berwn Symbolic link
View File

@@ -0,0 +1 @@
../../../users/berwn

6
sops/users/berwn/key.json Executable file
View File

@@ -0,0 +1,6 @@
[
{
"publickey": "age1swlyyk2rzvevqawyeekv75nx2dz34zpe3xqhkqme26gcgeavy4dqrfpcd8",
"type": "age"
}
]

6
sops/users/davhau/key.json Executable file
View File

@@ -0,0 +1,6 @@
[
{
"publickey": "age1vphy2sr6uw4ptsua3gh9khrm2cqyt65t46tusmt44z98qa7q6ymq6prrdl",
"type": "age"
}
]

6
sops/users/vi/key.json Executable file
View File

@@ -0,0 +1,6 @@
[
{
"publickey": "age134vt63pjqpd0m7702fyn8vhdlzyj2deqc2q78sp9uw9052kxsgwq6d25ez",
"type": "age"
}
]