newedge/infra
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: newedge/infra:nix-openwrt
Branches Tags
newedge/infra:main newedge/infra:mob/prometheus-monitor newedge/infra:mob/phonebox-multi-clients newedge/infra:phonebox-multi-clients newedge/infra:prometheus-monitor newedge/infra:flint2-nixos newedge/infra:mob/flint2-nixos newedge/infra:mob/thailand-erp-pkgs newedge/infra:thailand-erp-pkgs newedge/infra:mob/nix-openwrt newedge/infra:nix-openwrt newedge/infra:emmie-separate-home newedge/infra:mob/phone-eris newedge/infra:phone-eris newedge/infra:mob/inventree-nixpkgs-test newedge/infra:inventree-nixpkgs-test newedge/infra:buna-machine newedge/infra:whitehouse-router newedge/infra:mob/vega-backup newedge/infra:mob/router-device newedge/infra:router-device newedge/infra:vega-backup newedge/infra:mob/noreply-mailer newedge/infra:noreply-mailer newedge/infra:mob/vega-ups newedge/infra:vega-ups newedge/infra:mob/gitea newedge/infra:gitea
...
compare: newedge/infra:759be87cf65bf1c9abda01a6845605e31f1b41f3
Branches Tags
newedge/infra:mob/prometheus-monitor newedge/infra:mob/phonebox-multi-clients newedge/infra:main newedge/infra:phonebox-multi-clients newedge/infra:prometheus-monitor newedge/infra:flint2-nixos newedge/infra:mob/flint2-nixos newedge/infra:mob/thailand-erp-pkgs newedge/infra:thailand-erp-pkgs newedge/infra:mob/nix-openwrt newedge/infra:nix-openwrt newedge/infra:emmie-separate-home newedge/infra:mob/phone-eris newedge/infra:phone-eris newedge/infra:mob/inventree-nixpkgs-test newedge/infra:inventree-nixpkgs-test newedge/infra:buna-machine newedge/infra:whitehouse-router newedge/infra:mob/vega-backup newedge/infra:mob/router-device newedge/infra:router-device newedge/infra:vega-backup newedge/infra:mob/noreply-mailer newedge/infra:noreply-mailer newedge/infra:mob/vega-ups newedge/infra:vega-ups newedge/infra:mob/gitea newedge/infra:gitea

24 Commits
nix-openwrt ... 759be87cf6

Author SHA1 Message Date
kurogeek 759be87cf6 mob next [ci-skip] [ci skip] [skip ci] 
lastFile:inventories/default.nix
 2026-06-17 17:46:08 +07:00
kurogeek e92735ab1a mob next [ci-skip] [ci skip] [skip ci] 
lastFile:inventories/default.nix
 2026-06-17 16:05:41 +07:00
kurogeek a761370215 vars: update prometheus/matrix-alertmanager-token for machine rigel 2026-06-17 15:48:49 +07:00
kurogeek 2c69f36a3d vars: update via generator prometheus (machine: rigel) 2026-06-17 15:48:13 +07:00
kurogeek 32a2778c4a mob next [ci-skip] [ci skip] [skip ci] 
lastFile:machines/rigel/configuration.nix
 2026-06-17 15:47:49 +07:00
kurogeek abb6ab95c8 mob next [ci-skip] [ci skip] [skip ci] 
lastFile:inventories/default.nix
 2026-06-17 15:45:09 +07:00
kurogeek baecd1e332 mob next [ci-skip] [ci skip] [skip ci] 
lastFile:inventories/default.nix
 2026-06-16 16:29:52 +07:00
kurogeek 57aa5b774a mob next [ci-skip] [ci skip] [skip ci] 
lastFile:vars/per-machine/vega/yggdrasil/privateKey/secret
 2026-06-16 15:11:51 +07:00
kurogeek 77b487a709 clancore bumped, zerotier migration 2026-06-16 15:01:21 +07:00
kurogeek 2b239eb162 hm/emmie: use hunspell dictionary with systemd user session variables, libreoffice -> libreoffice-qt 2026-06-16 11:20:05 +07:00
kurogeek 8e64e88d8f inputs: bump home-manager 2026-06-16 11:18:34 +07:00
kurogeek 6276d9aee0 inputs: bump nixpkgs, frappix. migrate inventree 2026-06-15 16:36:18 +07:00
kurogeek 9471d1a4e6 machines/bosona: nix fmt 2026-06-15 15:55:04 +07:00
kurogeek 77d8e42ec2 hm/emmie: add hunspellDicts en and th 2026-06-15 13:28:58 +07:00
kurogeek 0dafb8cd52 clanService/wordpress: nginx clientMaxBodySize is 128m 2026-06-12 12:22:27 +07:00
kurogeek 8b12656149 clanService/wordpress: phpfpm options and wp-config.php are configurable from inventory interface 2026-06-12 12:09:56 +07:00
kurogeek d622040d30 hm/emmie: rm DnsOverHttpsMode and DnsOverHttpsTemplates 2026-06-11 13:54:17 +07:00
kurogeek 2bc05c2d6d clanService/wordpress: test vars 2026-06-10 18:59:30 +07:00
kurogeek 5fa8444112 clanService/wordpress: security.acme.acceptTerms = true and nginx is in acme group 2026-06-10 18:59:01 +07:00
kurogeek 8874b33a5d greaterchiangmai: nodejs_20 -> nodejs 2026-06-10 18:56:48 +07:00
kurogeek 521ccdc886 clanService/personal-computer: rm services.displayManager.gdm.wayland 2026-06-10 18:53:46 +07:00
kurogeek 07b648db9a clanService/headscale: magic_dns is disabled 2026-06-10 15:11:26 +07:00
kurogeek da6be4946f machines/tangra: poyfestival.com website 2026-06-01 10:42:03 +07:00
kurogeek bc16c72707 machines/canopus: localhost -> sitename 2026-05-25 14:20:44 +07:00
186 changed files with 4233 additions and 1597 deletions
Expand all files Collapse all files
.nixos-test-history
+3
View File
@@ -0,0 +1,3 @@
# 2026-06-05 17:00:31.237121
+start_all()
flake.lock
Generated
+33 -32
View File
@@ -72,11 +72,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1772411144, "lastModified": 1781517972,
"narHash": "sha256-WhXudztwPNnKXaqGX4DOqNfHzHdBSiGCvKGHM20pscw=", "narHash": "sha256-G8bIXFqifs/y62GNPwg20Ksf71raYwzmyN99gf1tXak=",
"ref": "refs/heads/main", "ref": "refs/heads/main",
"rev": "92cc85bc24eb31ce5725e1e72753129810ce3fe9", "rev": "7fc62d0c25c7a97d7027a9c248e21c97c9b3acc1",
"revCount": 13201, "revCount": 14604,
"type": "git", "type": "git",
"url": "https://git.clan.lol/clan/clan-core" "url": "https://git.clan.lol/clan/clan-core"
}, },
@@ -101,11 +101,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1772273147, "lastModified": 1778718524,
"narHash": "sha256-Wzhoc6ifjTDZi8aVRH3fuLJPdd4ouNTTwwVhgoMcMek=", "narHash": "sha256-pXLoI6Ax0EnUK6r34UM1vibVC7CfTu6j72R2692ZzPs=",
"rev": "d5de7a8d9e5726e678c94e62fe8ac3a809fee5da", "rev": "12c552ad547d87254f33f33bddd1a2cdbeac754d",
"type": "tarball", "type": "tarball",
"url": "https://git.clan.lol/api/v1/repos/clan/data-mesher/archive/d5de7a8d9e5726e678c94e62fe8ac3a809fee5da.tar.gz" "url": "https://git.clan.lol/api/v1/repos/clan/data-mesher/archive/12c552ad547d87254f33f33bddd1a2cdbeac754d.tar.gz"
}, },
"original": { "original": {
"type": "tarball", "type": "tarball",
@@ -140,11 +140,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1771881364, "lastModified": 1781152676,
"narHash": "sha256-A5uE/hMium5of/QGC6JwF5TGoDAfpNtW00T0s9u/PN8=", "narHash": "sha256-RxWs5ND31KzTG7wvMM+PMfUjyNpmIEr999lqNARaM5o=",
"owner": "nix-community", "owner": "nix-community",
"repo": "disko", "repo": "disko",
"rev": "a4cb7bf73f264d40560ba527f9280469f1f081c6", "rev": "ff8702b4de27f72b4c78573dfb89ec74e36abdf1",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -294,11 +294,11 @@
"std": "std" "std": "std"
}, },
"locked": { "locked": {
"lastModified": 1779175997, "lastModified": 1780907315,
"narHash": "sha256-Ps/4s3jwaZdLVEpO+1cRs54VbPbgMeXJUqa4CWSPJSY=", "narHash": "sha256-MR859lKVKeItsC5wnd1oniBar2lBTA+FJ7Bx4xN1Wpk=",
"owner": "kurogeek", "owner": "kurogeek",
"repo": "frappix", "repo": "frappix",
"rev": "0f1b4bcfb8c3b976e808a57e491d10857a1a45ac", "rev": "9c2bc4152bce6d91305bcf0563a8a715860c405d",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -353,11 +353,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1768068402, "lastModified": 1781557312,
"narHash": "sha256-bAXnnJZKJiF7Xr6eNW6+PhBf1lg2P1aFUO9+xgWkXfA=", "narHash": "sha256-QOIRYSUFSq7L5mY3dZymaVhcnne3tPgoR9riB0WocjA=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "8bc5473b6bc2b6e1529a9c4040411e1199c43b4c", "rev": "c03e4752899e55705dfa63979abd885c582a5c48",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -484,11 +484,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1772379624, "lastModified": 1781242433,
"narHash": "sha256-NG9LLTWlz4YiaTAiRGChbrzbVxBfX+Auq4Ab/SWmk4A=", "narHash": "sha256-bchLZZ3sRn740zyvD2icZSnNoTaanN0nw7l6fjVXO+E=",
"owner": "nix-darwin", "owner": "nix-darwin",
"repo": "nix-darwin", "repo": "nix-darwin",
"rev": "52d061516108769656a8bd9c6e811c677ec5b462", "rev": "aabb2037edfc0f210723b72cd5f528aab5dd3f0b",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -522,11 +522,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1714086354, "lastModified": 1746801636,
"narHash": "sha256-yKVQMxL9p7zCWUhnGhDzRVT8sDgHoI3V595lBK0C2YA=", "narHash": "sha256-dlcKfIXp/eqFHzFm+DzseXAWWlpVwyk9cTvCKGtVKkw=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nixago", "repo": "nixago",
"rev": "5133633e9fe6b144c8e00e3b212cdbd5a173b63d", "rev": "8cc33f973ab3a891d8a41391e73ef451a783960b",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -552,11 +552,11 @@
}, },
"nixpkgs_2": { "nixpkgs_2": {
"locked": { "locked": {
"lastModified": 1778458615, "lastModified": 1781359544,
"narHash": "sha256-cY07EsdhBJ8tFXPzDYevgqxRev9ZLxFonuq9wmq5kwg=", "narHash": "sha256-iUuzKQcyXvopYDDzFpMK5eQKP3WIJExYny2kJtbgUcE=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "c6e5ca3c836a5f4dd9af9f2c1fc1c38f0fac988a", "rev": "9f11f828c213641c2369a9f1fa31fe31557e3156",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -673,11 +673,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1772340640, "lastModified": 1780547341,
"narHash": "sha256-1nq7+Kt5IUBD8Hu3nptVPbMf+22rNJoHT0t9L1X+GKA=", "narHash": "sha256-Gq8KNx5A7hBB3uGJaj6eQfLDIz5YdLu92gqBcvHvoUo=",
"owner": "Mic92", "owner": "Mic92",
"repo": "sops-nix", "repo": "sops-nix",
"rev": "dec4d8eac700dcd2fe3c020857d3ee220ec147f1", "rev": "9ed65852b6257fbeae4355bc24ecfea307ca759a",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -764,15 +764,16 @@
}, },
"systems": { "systems": {
"locked": { "locked": {
"lastModified": 1681028828, "lastModified": 1774449309,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", "narHash": "sha256-brhZ8DmuGtzkCYHJg4HEd602amKm89Y9ytsFZ5uWD1w=",
"owner": "nix-systems", "owner": "nix-systems",
"repo": "default", "repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", "rev": "c29398b59d2048c4ab79345812849c9bd15e9150",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nix-systems", "owner": "nix-systems",
"ref": "future-26.11",
"repo": "default", "repo": "default",
"type": "github" "type": "github"
} }
flake.nix
-1
View File
@@ -56,7 +56,6 @@
./shell.nix ./shell.nix
./overlays ./overlays
./modules/nixos
./machines ./machines
./routers ./routers
./inventories ./inventories
inventories/default.nix
+135 -2
View File
@@ -39,6 +39,8 @@
"hadar" "hadar"
"procyon" "procyon"
"alasia" "alasia"
"rigel"
"vega"
]; ];
}; };
@@ -102,7 +104,13 @@
name = "zerotier"; name = "zerotier";
input = "clan-core"; input = "clan-core";
}; };
roles.controller.machines."vega" = { }; roles.controller.machines."vega" = {
settings.allowedIds = [
"dbe44c0287" # Alex-gateway
"b0e0b84fd3" # Alex
"2bd36db8cc" # kurogeek-thinkpad
];
};
roles.peer.tags.glom = { }; roles.peer.tags.glom = { };
}; };
@@ -111,7 +119,13 @@
name = "zerotier"; name = "zerotier";
input = "clan-core"; input = "clan-core";
}; };
roles.controller.machines."rigel" = { }; roles.controller.machines."rigel" = {
settings.allowedIds = [
"dbe44c0287" # Alex-gateway
"b0e0b84fd3" # Alex
"2bd36db8cc" # kurogeek-thinkpad
];
};
roles.peer.tags.b4l = { }; roles.peer.tags.b4l = { };
}; };
@@ -277,6 +291,125 @@
dataDir = "/mnt/hdd/samba"; dataDir = "/mnt/hdd/samba";
}; };
}; };
wordpress = {
module = {
name = "wordpress";
input = "self";
};
roles.server.machines."tangra".settings = {
tenants = [
"poyfestival.com"
];
phpfpmOptions = ''
upload_max_filesize=64M
post_max_size=128M
'';
wpExtraConfig = ''
define('WP_MEMORY_LIMIT', '256M');
define('WP_DEBUG', false);
define('WP_DEBUG_DISPLAY', false);
define('WP_DEBUG_LOG', false);
'';
};
};
prometheus-monitoring = {
module = {
name = "prometheus";
input = "self";
};
roles.server.machines."rigel".settings = { };
roles.server.extraModules = [
{
services.matrix-alertmanager = {
enable = true;
homeserverUrl = "https://matrix.org";
matrixUser = "@kuroiris:matrix.org";
tokenFile = "";
matrixRooms = [
{
receivers = [
"default"
"matrix"
];
roomId = "!rqIrWqPvsXqMgYpcNZ:matrix.org";
}
];
};
services.prometheus = {
rules = [
(builtins.toJSON {
groups = [
{
name = "default";
rules = [
{
alert = "test";
expr = ''up{instance!~"(nerr-.*|theatnerr-.*)",job!~"lab-.*|snmp-.*"} == 1'';
for = "1m";
annotations.summary = "{{ $labels.instance }} of job {{ $labels.job }} has been down for more than 5 minutes.";
}
];
}
];
})
];
alertmanager = {
enable = true;
configuration = {
global = {
resolve_timeout = "5m";
};
route = {
receiver = "default-receiver";
routes = [
{ receiver = "matrix"; }
];
};
receivers = [
{
name = "uptime-kuma";
webhook_configs = [
{
url = "https://uptime.b4l.co.th/api/push/$${KUMA_TOKEN}?status=up&msg=OK&ping=";
send_resolved = true;
}
];
}
{
name = "matrix";
webhook_configs = [
{
url = "http://localhost:3000";
send_resolved = true;
}
];
}
];
};
};
alertmanagers = [
{
scheme = "http";
path_prefix = "/";
static_configs = [ { targets = [ "localhost:9093" ]; } ];
}
];
};
}
];
roles.nodes.machines = {
vega.settings = {
exporters.smartctl = { };
};
};
};
}; };
}; };
}; };
inventory.json
+3
View File
@@ -47,6 +47,9 @@
}, },
"bosona": { "bosona": {
"installedAt": 1779098893 "installedAt": 1779098893
},
"tangra": {
"installedAt": 1779958921
} }
} }
} }
machines/bosona/facter.json
+64 -215
View File
@@ -25,10 +25,7 @@
{ {
"index": 8, "index": 8,
"attached_to": 0, "attached_to": 0,
"class_list": [ "class_list": ["pci", "bridge"],
"pci",
"bridge"
],
"bus_type": { "bus_type": {
"hex": "0004", "hex": "0004",
"name": "PCI", "name": "PCI",
@@ -76,10 +73,7 @@
{ {
"index": 9, "index": 9,
"attached_to": 0, "attached_to": 0,
"class_list": [ "class_list": ["pci", "bridge"],
"pci",
"bridge"
],
"bus_type": { "bus_type": {
"hex": "0004", "hex": "0004",
"name": "PCI", "name": "PCI",
@@ -131,10 +125,7 @@
{ {
"index": 10, "index": 10,
"attached_to": 0, "attached_to": 0,
"class_list": [ "class_list": ["pci", "bridge"],
"pci",
"bridge"
],
"bus_type": { "bus_type": {
"hex": "0004", "hex": "0004",
"name": "PCI", "name": "PCI",
@@ -182,10 +173,7 @@
{ {
"index": 11, "index": 11,
"attached_to": 0, "attached_to": 0,
"class_list": [ "class_list": ["pci", "bridge"],
"pci",
"bridge"
],
"bus_type": { "bus_type": {
"hex": "0004", "hex": "0004",
"name": "PCI", "name": "PCI",
@@ -241,10 +229,7 @@
{ {
"index": 12, "index": 12,
"attached_to": 0, "attached_to": 0,
"class_list": [ "class_list": ["pci", "bridge"],
"pci",
"bridge"
],
"bus_type": { "bus_type": {
"hex": "0004", "hex": "0004",
"name": "PCI", "name": "PCI",
@@ -297,21 +282,14 @@
}, },
"driver": "piix4_smbus", "driver": "piix4_smbus",
"driver_module": "i2c_piix4", "driver_module": "i2c_piix4",
"drivers": [ "drivers": ["piix4_smbus"],
"piix4_smbus" "driver_modules": ["i2c_piix4"],
],
"driver_modules": [
"i2c_piix4"
],
"module_alias": "pci:v00008086d00007113sv00001AF4sd00001100bc06sc80i00" "module_alias": "pci:v00008086d00007113sv00001AF4sd00001100bc06sc80i00"
}, },
{ {
"index": 17, "index": 17,
"attached_to": 0, "attached_to": 0,
"class_list": [ "class_list": ["pci", "bridge"],
"pci",
"bridge"
],
"bus_type": { "bus_type": {
"hex": "0004", "hex": "0004",
"name": "PCI", "name": "PCI",
@@ -361,11 +339,7 @@
{ {
"index": 22, "index": 22,
"attached_to": 15, "attached_to": 15,
"class_list": [ "class_list": ["cdrom", "scsi", "block_device"],
"cdrom",
"scsi",
"block_device"
],
"bus_type": { "bus_type": {
"hex": "0084", "hex": "0084",
"name": "SCSI", "name": "SCSI",
@@ -422,14 +396,8 @@
"unix_device_name2": "/dev/sg1", "unix_device_name2": "/dev/sg1",
"driver": "ata_piix", "driver": "ata_piix",
"driver_module": "ata_piix", "driver_module": "ata_piix",
"drivers": [ "drivers": ["ata_piix", "sr"],
"ata_piix", "driver_modules": ["ata_piix", "sr_mod"]
"sr"
],
"driver_modules": [
"ata_piix",
"sr_mod"
]
} }
], ],
"cpu": [ "cpu": [
@@ -496,9 +464,7 @@
"spectre_v2_user", "spectre_v2_user",
"its" "its"
], ],
"power_management": [ "power_management": [""],
""
],
"bogo": 4224, "bogo": 4224,
"cache": 16384, "cache": 16384,
"page_size": 4096, "page_size": 4096,
@@ -580,9 +546,7 @@
"spectre_v2_user", "spectre_v2_user",
"its" "its"
], ],
"power_management": [ "power_management": [""],
""
],
"bogo": 4224, "bogo": 4224,
"cache": 16384, "cache": 16384,
"page_size": 4096, "page_size": 4096,
@@ -606,11 +570,7 @@
{ {
"index": 23, "index": 23,
"attached_to": 19, "attached_to": 19,
"class_list": [ "class_list": ["disk", "scsi", "block_device"],
"disk",
"scsi",
"block_device"
],
"bus_type": { "bus_type": {
"hex": "0084", "hex": "0084",
"name": "SCSI", "name": "SCSI",
@@ -674,24 +634,15 @@
], ],
"driver": "virtio_scsi", "driver": "virtio_scsi",
"driver_module": "virtio_scsi", "driver_module": "virtio_scsi",
"drivers": [ "drivers": ["sd", "virtio_scsi"],
"sd", "driver_modules": ["sd_mod", "virtio_scsi"]
"virtio_scsi"
],
"driver_modules": [
"sd_mod",
"virtio_scsi"
]
} }
], ],
"graphics_card": [ "graphics_card": [
{ {
"index": 16, "index": 16,
"attached_to": 0, "attached_to": 0,
"class_list": [ "class_list": ["graphics_card", "pci"],
"graphics_card",
"pci"
],
"bus_type": { "bus_type": {
"hex": "0004", "hex": "0004",
"name": "PCI", "name": "PCI",
@@ -748,12 +699,8 @@
}, },
"driver": "bochs-drm", "driver": "bochs-drm",
"driver_module": "bochs", "driver_module": "bochs",
"drivers": [ "drivers": ["bochs-drm"],
"bochs-drm" "driver_modules": ["bochs"],
],
"driver_modules": [
"bochs"
],
"module_alias": "pci:v00001234d00001111sv00001AF4sd00001100bc03sc00i00" "module_alias": "pci:v00001234d00001111sv00001AF4sd00001100bc03sc00i00"
} }
], ],
@@ -761,10 +708,7 @@
{ {
"index": 24, "index": 24,
"attached_to": 7, "attached_to": 7,
"class_list": [ "class_list": ["usb", "hub"],
"usb",
"hub"
],
"bus_type": { "bus_type": {
"hex": "0086", "hex": "0086",
"name": "USB", "name": "USB",
@@ -837,12 +781,8 @@
"hotplug": "usb", "hotplug": "usb",
"driver": "hub", "driver": "hub",
"driver_module": "usbcore", "driver_module": "usbcore",
"drivers": [ "drivers": ["hub"],
"hub" "driver_modules": ["usbcore"],
],
"driver_modules": [
"usbcore"
],
"module_alias": "usb:v1D6Bp0001d0618dc09dsc00dp00ic09isc00ip00in00" "module_alias": "usb:v1D6Bp0001d0618dc09dsc00dp00ic09isc00ip00in00"
} }
], ],
@@ -850,9 +790,7 @@
{ {
"index": 5, "index": 5,
"attached_to": 0, "attached_to": 0,
"class_list": [ "class_list": ["memory"],
"memory"
],
"base_class": { "base_class": {
"hex": "0101", "hex": "0101",
"name": "Internally Used Class", "name": "Internally Used Class",
@@ -876,9 +814,7 @@
{ {
"index": 21, "index": 21,
"attached_to": 16, "attached_to": 16,
"class_list": [ "class_list": ["monitor"],
"monitor"
],
"base_class": { "base_class": {
"hex": "0100", "hex": "0100",
"name": "Monitor", "name": "Monitor",
@@ -1024,10 +960,7 @@
{ {
"index": 25, "index": 25,
"attached_to": 24, "attached_to": 24,
"class_list": [ "class_list": ["mouse", "usb"],
"mouse",
"usb"
],
"bus_type": { "bus_type": {
"hex": "0086", "hex": "0086",
"name": "USB", "name": "USB",
@@ -1063,9 +996,7 @@
"model": "QEMU USB Tablet", "model": "QEMU USB Tablet",
"sysfs_id": "/devices/pci0000:00/0000:00:01.2/usb1/1-1/1-1:1.0", "sysfs_id": "/devices/pci0000:00/0000:00:01.2/usb1/1-1/1-1:1.0",
"sysfs_bus_id": "1-1:1.0", "sysfs_bus_id": "1-1:1.0",
"unix_device_names": [ "unix_device_names": ["/dev/input/mice"],
"/dev/input/mice"
],
"unix_device_name2": "/dev/input/mouse0", "unix_device_name2": "/dev/input/mouse0",
"resources": [ "resources": [
{ {
@@ -1106,18 +1037,11 @@
"hotplug": "usb", "hotplug": "usb",
"driver": "usbhid", "driver": "usbhid",
"driver_module": "usbhid", "driver_module": "usbhid",
"drivers": [ "drivers": ["usbhid"],
"usbhid" "driver_modules": ["usbhid"],
],
"driver_modules": [
"usbhid"
],
"driver_info": { "driver_info": {
"type": "mouse", "type": "mouse",
"db_entry_0": [ "db_entry_0": ["explorerps/2", "exps2"],
"explorerps/2",
"exps2"
],
"xf86": "explorerps/2", "xf86": "explorerps/2",
"gpm": "exps2", "gpm": "exps2",
"buttons": -1, "buttons": -1,
@@ -1130,9 +1054,7 @@
{ {
"index": 18, "index": 18,
"attached_to": 13, "attached_to": 13,
"class_list": [ "class_list": ["network_controller"],
"network_controller"
],
"bus_type": { "bus_type": {
"hex": "008f", "hex": "008f",
"name": "Virtio", "name": "Virtio",
@@ -1157,9 +1079,7 @@
"model": "Virtio Ethernet Card 0", "model": "Virtio Ethernet Card 0",
"sysfs_id": "/devices/pci0000:00/0000:00:12.0/virtio1", "sysfs_id": "/devices/pci0000:00/0000:00:12.0/virtio1",
"sysfs_bus_id": "virtio1", "sysfs_bus_id": "virtio1",
"unix_device_names": [ "unix_device_names": ["ens18"],
"ens18"
],
"resources": [ "resources": [
{ {
"type": "hwaddr", "type": "hwaddr",
@@ -1172,12 +1092,8 @@
], ],
"driver": "virtio_net", "driver": "virtio_net",
"driver_module": "virtio_net", "driver_module": "virtio_net",
"drivers": [ "drivers": ["virtio_net"],
"virtio_net" "driver_modules": ["virtio_net"],
],
"driver_modules": [
"virtio_net"
],
"module_alias": "virtio:d00000001v00001AF4" "module_alias": "virtio:d00000001v00001AF4"
} }
], ],
@@ -1185,9 +1101,7 @@
{ {
"index": 26, "index": 26,
"attached_to": 18, "attached_to": 18,
"class_list": [ "class_list": ["network_interface"],
"network_interface"
],
"base_class": { "base_class": {
"hex": "0107", "hex": "0107",
"name": "Network Interface", "name": "Network Interface",
@@ -1201,9 +1115,7 @@
"model": "Ethernet network interface", "model": "Ethernet network interface",
"sysfs_id": "/class/net/ens18", "sysfs_id": "/class/net/ens18",
"sysfs_device_link": "/devices/pci0000:00/0000:00:12.0/virtio1", "sysfs_device_link": "/devices/pci0000:00/0000:00:12.0/virtio1",
"unix_device_names": [ "unix_device_names": ["ens18"],
"ens18"
],
"resources": [ "resources": [
{ {
"type": "hwaddr", "type": "hwaddr",
@@ -1216,19 +1128,13 @@
], ],
"driver": "virtio_net", "driver": "virtio_net",
"driver_module": "virtio_net", "driver_module": "virtio_net",
"drivers": [ "drivers": ["virtio_net"],
"virtio_net" "driver_modules": ["virtio_net"]
],
"driver_modules": [
"virtio_net"
]
}, },
{ {
"index": 27, "index": 27,
"attached_to": 0, "attached_to": 0,
"class_list": [ "class_list": ["network_interface"],
"network_interface"
],
"base_class": { "base_class": {
"hex": "0107", "hex": "0107",
"name": "Network Interface", "name": "Network Interface",
@@ -1241,19 +1147,14 @@
}, },
"model": "Loopback network interface", "model": "Loopback network interface",
"sysfs_id": "/class/net/lo", "sysfs_id": "/class/net/lo",
"unix_device_names": [ "unix_device_names": ["lo"]
"lo"
]
} }
], ],
"pci": [ "pci": [
{ {
"index": 13, "index": 13,
"attached_to": 0, "attached_to": 0,
"class_list": [ "class_list": ["pci", "unknown"],
"pci",
"unknown"
],
"bus_type": { "bus_type": {
"hex": "0004", "hex": "0004",
"name": "PCI", "name": "PCI",
@@ -1310,21 +1211,14 @@
}, },
"driver": "virtio-pci", "driver": "virtio-pci",
"driver_module": "virtio_pci", "driver_module": "virtio_pci",
"drivers": [ "drivers": ["virtio-pci"],
"virtio-pci" "driver_modules": ["virtio_pci"],
],
"driver_modules": [
"virtio_pci"
],
"module_alias": "pci:v00001AF4d00001000sv00001AF4sd00000001bc02sc00i00" "module_alias": "pci:v00001AF4d00001000sv00001AF4sd00000001bc02sc00i00"
}, },
{ {
"index": 14, "index": 14,
"attached_to": 0, "attached_to": 0,
"class_list": [ "class_list": ["pci", "unknown"],
"pci",
"unknown"
],
"bus_type": { "bus_type": {
"hex": "0004", "hex": "0004",
"name": "PCI", "name": "PCI",
@@ -1380,12 +1274,8 @@
}, },
"driver": "virtio-pci", "driver": "virtio-pci",
"driver_module": "virtio_pci", "driver_module": "virtio_pci",
"drivers": [ "drivers": ["virtio-pci"],
"virtio-pci" "driver_modules": ["virtio_pci"],
],
"driver_modules": [
"virtio_pci"
],
"module_alias": "pci:v00001AF4d00001002sv00001AF4sd00000005bc00scFFi00" "module_alias": "pci:v00001AF4d00001002sv00001AF4sd00000005bc00scFFi00"
} }
], ],
@@ -1393,10 +1283,7 @@
{ {
"index": 6, "index": 6,
"attached_to": 17, "attached_to": 17,
"class_list": [ "class_list": ["storage_controller", "pci"],
"storage_controller",
"pci"
],
"bus_type": { "bus_type": {
"hex": "0004", "hex": "0004",
"name": "PCI", "name": "PCI",
@@ -1453,21 +1340,14 @@
}, },
"driver": "virtio-pci", "driver": "virtio-pci",
"driver_module": "virtio_pci", "driver_module": "virtio_pci",
"drivers": [ "drivers": ["virtio-pci"],
"virtio-pci" "driver_modules": ["virtio_pci"],
],
"driver_modules": [
"virtio_pci"
],
"module_alias": "pci:v00001AF4d00001004sv00001AF4sd00000008bc01sc00i00" "module_alias": "pci:v00001AF4d00001004sv00001AF4sd00000008bc01sc00i00"
}, },
{ {
"index": 15, "index": 15,
"attached_to": 0, "attached_to": 0,
"class_list": [ "class_list": ["storage_controller", "pci"],
"storage_controller",
"pci"
],
"bus_type": { "bus_type": {
"hex": "0004", "hex": "0004",
"name": "PCI", "name": "PCI",
@@ -1557,12 +1437,8 @@
}, },
"driver": "ata_piix", "driver": "ata_piix",
"driver_module": "ata_piix", "driver_module": "ata_piix",
"drivers": [ "drivers": ["ata_piix"],
"ata_piix" "driver_modules": ["ata_piix"],
],
"driver_modules": [
"ata_piix"
],
"module_alias": "pci:v00008086d00007010sv00001AF4sd00001100bc01sc01i80" "module_alias": "pci:v00008086d00007010sv00001AF4sd00001100bc01sc01i80"
} }
], ],
@@ -1573,9 +1449,7 @@
{ {
"index": 19, "index": 19,
"attached_to": 6, "attached_to": 6,
"class_list": [ "class_list": ["unknown"],
"unknown"
],
"base_class": { "base_class": {
"hex": "0000", "hex": "0000",
"name": "Unclassified device", "name": "Unclassified device",
@@ -1593,20 +1467,14 @@
"sysfs_bus_id": "virtio2", "sysfs_bus_id": "virtio2",
"driver": "virtio_scsi", "driver": "virtio_scsi",
"driver_module": "virtio_scsi", "driver_module": "virtio_scsi",
"drivers": [ "drivers": ["virtio_scsi"],
"virtio_scsi" "driver_modules": ["virtio_scsi"],
],
"driver_modules": [
"virtio_scsi"
],
"module_alias": "virtio:d00000008v00001AF4" "module_alias": "virtio:d00000008v00001AF4"
}, },
{ {
"index": 20, "index": 20,
"attached_to": 14, "attached_to": 14,
"class_list": [ "class_list": ["unknown"],
"unknown"
],
"base_class": { "base_class": {
"hex": "0000", "hex": "0000",
"name": "Unclassified device", "name": "Unclassified device",
@@ -1624,12 +1492,8 @@
"sysfs_bus_id": "virtio0", "sysfs_bus_id": "virtio0",
"driver": "virtio_balloon", "driver": "virtio_balloon",
"driver_module": "virtio_balloon", "driver_module": "virtio_balloon",
"drivers": [ "drivers": ["virtio_balloon"],
"virtio_balloon" "driver_modules": ["virtio_balloon"],
],
"driver_modules": [
"virtio_balloon"
],
"module_alias": "virtio:d00000005v00001AF4" "module_alias": "virtio:d00000005v00001AF4"
} }
], ],
@@ -1637,10 +1501,7 @@
{ {
"index": 7, "index": 7,
"attached_to": 0, "attached_to": 0,
"class_list": [ "class_list": ["usb_controller", "pci"],
"usb_controller",
"pci"
],
"bus_type": { "bus_type": {
"hex": "0004", "hex": "0004",
"name": "PCI", "name": "PCI",
@@ -1707,25 +1568,15 @@
}, },
"driver": "uhci_hcd", "driver": "uhci_hcd",
"driver_module": "uhci_hcd", "driver_module": "uhci_hcd",
"drivers": [ "drivers": ["uhci_hcd"],
"uhci_hcd" "driver_modules": ["uhci_hcd"],
],
"driver_modules": [
"uhci_hcd"
],
"driver_info": { "driver_info": {
"type": "module", "type": "module",
"db_entry_0": [ "db_entry_0": ["uhci-hcd"],
"uhci-hcd"
],
"active": true, "active": true,
"modprobe": true, "modprobe": true,
"names": [ "names": ["uhci-hcd"],
"uhci-hcd" "module_args": [""],
],
"module_args": [
""
],
"conf": "" "conf": ""
}, },
"module_alias": "pci:v00008086d00007020sv00001AF4sd00001100bc0Csc03i00" "module_alias": "pci:v00008086d00007020sv00001AF4sd00001100bc0Csc03i00"
@@ -1838,9 +1689,7 @@
"name": "RAM", "name": "RAM",
"value": 7 "value": 7
}, },
"memory_type_details": [ "memory_type_details": ["Other"],
"Other"
],
"speed": 0 "speed": 0
} }
], ],
machines/canopus/configuration.nix
+1 -1
View File
@@ -50,7 +50,7 @@ in
]; ];
sites = { sites = {
"${sitename}" = { "${sitename}" = {
domains = [ "localhost" ]; domains = [ sitename ];
apps = [ apps = [
"frappe" "frappe"
"erpnext" "erpnext"
machines/hadar/configuration.nix
+3 -17
View File
@@ -9,13 +9,6 @@ let
in in
{ {
clan.core.settings.machine.description = "VM machine that host Inventree system for Poy"; clan.core.settings.machine.description = "VM machine that host Inventree system for Poy";
imports = [
inputs.self.nixosModules.inventree
];
nixpkgs.overlays = [
inputs.self.overlays.packagesOverlay
];
nixpkgs.hostPlatform = { nixpkgs.hostPlatform = {
system = "x86_64-linux"; system = "x86_64-linux";
@@ -82,19 +75,12 @@ in
services.inventree = { services.inventree = {
enable = true; enable = true;
hostName = "${domain}"; inherit domain;
config.site_url = "https://${config.services.inventree.hostName}";
secretKeyFile = config.clan.core.vars.generators.inventree.files.secret-key.path; secretKeyFile = config.clan.core.vars.generators.inventree.files.secret-key.path;
config.oidc_private_key_file = config.clan.core.vars.generators.inventree.files.oidc-key.path; adminPasswordFile = config.clan.core.vars.generators.inventree.files.admin-password.path;
config.adminPasswordFile = config.clan.core.vars.generators.inventree.files.admin-password.path; settings.INVENTREE_SITE_URL = "https://${domain}";
}; };
# services.nginx.virtualHosts."${domain}" = {
# forceSSL = true;
# sslCertificate = config.clan.core.vars.generators.nginx.files.sslCert.path;
# sslCertificateKey = config.clan.core.vars.generators.nginx.files.sslKey.path;
# };
system.stateVersion = "25.11"; system.stateVersion = "25.11";
clan.core.sops.defaultGroups = [ "admins" ]; clan.core.sops.defaultGroups = [ "admins" ];
} }
machines/neptune/configuration.nix
-1
View File
@@ -10,7 +10,6 @@
}; };
system.stateVersion = "25.11"; system.stateVersion = "25.11";
clan.core.sops.defaultGroups = [ "admins" ]; clan.core.sops.defaultGroups = [ "admins" ];
clan.core.networking.targetHost = "root@[${config.clan.core.vars.generators.zerotier.files.zerotier-ip.value}]";
networking.interfaces.enx00e04c106368.useDHCP = true; # recovery networking.interfaces.enx00e04c106368.useDHCP = true; # recovery
machines/procyon/configuration.nix
+3 -17
View File
@@ -9,13 +9,6 @@ let
in in
{ {
clan.core.settings.machine.description = "VM machine that host Inventree system for Glom"; clan.core.settings.machine.description = "VM machine that host Inventree system for Glom";
imports = [
inputs.self.nixosModules.inventree
];
nixpkgs.overlays = [
inputs.self.overlays.packagesOverlay
];
nixpkgs.hostPlatform = { nixpkgs.hostPlatform = {
system = "x86_64-linux"; system = "x86_64-linux";
@@ -82,19 +75,12 @@ in
services.inventree = { services.inventree = {
enable = true; enable = true;
hostName = "${domain}"; inherit domain;
config.site_url = "https://${config.services.inventree.hostName}";
secretKeyFile = config.clan.core.vars.generators.inventree.files.secret-key.path; secretKeyFile = config.clan.core.vars.generators.inventree.files.secret-key.path;
config.oidc_private_key_file = config.clan.core.vars.generators.inventree.files.oidc-key.path; adminPasswordFile = config.clan.core.vars.generators.inventree.files.admin-password.path;
config.adminPasswordFile = config.clan.core.vars.generators.inventree.files.admin-password.path; settings.INVENTREE_SITE_URL = "https://${domain}";
}; };
# services.nginx.virtualHosts."${domain}" = {
# forceSSL = true;
# sslCertificate = config.clan.core.vars.generators.nginx.files.sslCert.path;
# sslCertificateKey = config.clan.core.vars.generators.nginx.files.sslKey.path;
# };
system.stateVersion = "25.11"; system.stateVersion = "25.11";
clan.core.sops.defaultGroups = [ "admins" ]; clan.core.sops.defaultGroups = [ "admins" ];
} }
machines/ramus/configuration.nix
-1
View File
@@ -9,7 +9,6 @@
clan.core.settings.machine.description = "A Hetzner VPS machine own by Alex."; clan.core.settings.machine.description = "A Hetzner VPS machine own by Alex.";
clan.core.sops.defaultGroups = [ "admins" ]; clan.core.sops.defaultGroups = [ "admins" ];
clan.core.networking.targetHost = "root@[${config.clan.core.vars.generators.zerotier.files.zerotier-ip.value}]";
clan.core.vars.generators.acme = { clan.core.vars.generators.acme = {
share = true; share = true;
machines/rigel/configuration.nix
+12 -11
View File
@@ -1,18 +1,19 @@
{ config, ... }: { config, ... }:
{ {
imports = [
(import ../../lib/auto-accept-zerotier-members.nix {
memberIds = [
"dbe44c0287" # Alex-gateway
"b0e0b84fd3" # Alex
"2bd36db8cc" # kurogeek-thinkpad
];
})
];
system.stateVersion = "25.11"; system.stateVersion = "25.11";
clan.core.sops.defaultGroups = [ "admins" ]; clan.core.sops.defaultGroups = [ "admins" ];
clan.core.networking.targetHost = "root@[${config.clan.core.vars.generators.zerotier.files.zerotier-ip.value}]";
clan.core.settings.machine.description = "Zima board computer for testing in B4L"; clan.core.settings.machine.description = "Zima board computer for testing in B4L";
clan.core.vars.generators.prometheus = {
files.envFile.secret = true;
files.matrix-alertmanager-token.secret = true;
script = ''
echo "" > $out/envFile
echo "" > $out/matrix-alertmanager-token
'';
};
services.prometheus.alertmanager.environmentFile =
config.clan.core.vars.generators.prometheus.files.envFile.path;
} }
machines/tangra/configuration.nix
+32
View File
@@ -0,0 +1,32 @@
{
system.stateVersion = "25.11";
nixpkgs.hostPlatform = {
system = "x86_64-linux";
};
clan.core.settings.name = "tangra";
clan.core.settings.machine.description =
"A Hetzner VPS machine own by Alex. This is a machine for poyfestival.com";
clan.core.sops.defaultGroups = [ "admins" ];
clan.core.vars.generators.acme = {
share = true;
files.email.secret = false;
prompts.email = {
type = "line";
description = "Email for ACME registeration";
};
script = ''
cat $prompts/email > $out/email
'';
};
users.users.nginx.extraGroups = [ "acme" ];
security.acme.acceptTerms = true;
imports = [ ];
}
machines/tangra/disko.nix
+86
View File
@@ -0,0 +1,86 @@
{ ... }:
let
hashDisk = disk: "os-${builtins.substring 0 5 (builtins.hashString "sha256" disk)}";
os = "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_119349241";
in
{
boot.loader = {
systemd-boot = {
enable = true;
};
efi = {
canTouchEfiVariables = true;
};
};
boot.zfs.forceImportRoot = true;
disko.devices = {
disk = {
"os-${hashDisk os}" = {
type = "disk";
device = os;
content = {
type = "gpt";
partitions = {
ESP = {
size = "1G";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [ "nofail" ];
};
};
system = {
size = "100%";
content = {
type = "zfs";
pool = "zroot";
};
};
};
};
};
};
zpool = {
zroot = {
type = "zpool";
rootFsOptions = {
mountpoint = "none";
compression = "lz4";
acltype = "posixacl";
xattr = "sa";
"com.sun:auto-snapshot" = "true";
};
options.ashift = "12";
datasets = {
"root" = {
type = "zfs_fs";
options.mountpoint = "none";
};
"root/nixos" = {
type = "zfs_fs";
options.mountpoint = "/";
mountpoint = "/";
};
"root/home" = {
type = "zfs_fs";
options.mountpoint = "/home";
mountpoint = "/home";
};
"root/tmp" = {
type = "zfs_fs";
mountpoint = "/tmp";
options = {
mountpoint = "/tmp";
sync = "disabled";
};
};
};
};
};
};
}
machines/tangra/facter.json
+2789
View File
File diff suppressed because it is too large Load Diff
machines/vega/configuration.nix
-8
View File
@@ -10,17 +10,9 @@
(inputs.import-tree ./services) (inputs.import-tree ./services)
(import ../../lib/auto-accept-zerotier-members.nix {
memberIds = [
"dbe44c0287" # Alex-gateway
"b0e0b84fd3" # Alex
"2bd36db8cc" # kurogeek-thinkpad
];
})
]; ];
clan.core.sops.defaultGroups = [ "admins" ]; clan.core.sops.defaultGroups = [ "admins" ];
clan.core.networking.targetHost = "root@[${config.clan.core.vars.generators.zerotier.files.zerotier-ip.value}]";
clan.core.settings.machine.description = "Glom NAS"; clan.core.settings.machine.description = "Glom NAS";
modules/clan/headscale/default.nix
+1
View File
@@ -173,6 +173,7 @@
base_domain = settings.base_domain; base_domain = settings.base_domain;
override_local_dns = true; override_local_dns = true;
nameservers.global = settings.nameservers; nameservers.global = settings.nameservers;
magic_dns = false;
}; };
}; };
modules/clan/home-profiles/home-user/emmie.nix
+19 -3
View File
@@ -66,8 +66,6 @@
"AutofillAddressEnabled" = false; "AutofillAddressEnabled" = false;
"AutofillCreditCardEnabled" = false; "AutofillCreditCardEnabled" = false;
"TranslateEnabled" = false; "TranslateEnabled" = false;
"DnsOverHttpsMode" = "secure";
"DnsOverHttpsTemplates" = "https://dns.adguard-dns.com/dns-query";
}; };
}; };
@@ -81,14 +79,32 @@
inputs, inputs,
... ...
}: }:
let
dictionaries =
with pkgs;
(hunspellWithDicts (
with hunspellDicts;
[
en-us-large
th-th
]
));
in
{ {
imports = [ inputs.plasma-manager.homeModules.plasma-manager ]; imports = [ inputs.plasma-manager.homeModules.plasma-manager ];
systemd.user.sessionVariables = {
DICPATH = "${dictionaries}/share/hunspell";
};
home = { home = {
homeDirectory = lib.mkForce "/home/${username}"; homeDirectory = lib.mkForce "/home/${username}";
stateVersion = osConfig.system.stateVersion; stateVersion = osConfig.system.stateVersion;
packages = with pkgs; [ packages = with pkgs; [
libreoffice-fresh libreoffice-qt6
dictionaries
element-desktop element-desktop
signal-desktop signal-desktop
brave brave
modules/clan/personal-computer/desktop-environment.nix
-1
View File
@@ -5,5 +5,4 @@
services.displayManager.sddm.enable = lib.mkForce false; services.displayManager.sddm.enable = lib.mkForce false;
services.displayManager.gdm.enable = true; services.displayManager.gdm.enable = true;
services.displayManager.gdm.wayland = true;
} }
modules/clan/prometheus/README.md
View File
modules/clan/prometheus/default.nix
+123
View File
@@ -0,0 +1,123 @@
{ clanLib, ... }:
{
_class = "clan.service";
manifest.name = "prometheus";
manifest.description = "The Prometheus monitoring system and time series database.";
manifest.readme = builtins.readFile ./README.md;
manifest.categories = [ "System" ];
roles.server = {
description = "Prometheus server that scraps all data from nodes";
interface =
{ lib, ... }:
{
options = {
scrape_interval = lib.mkOption {
type = with lib.types; nullOr str;
default = "5m";
description = "How often to scrape targets. Default is 5 minutes";
};
};
};
perInstance =
{
settings,
roles,
...
}:
{
nixosModule =
{
config,
lib,
...
}:
let
getYggdrasilIP =
machineName:
if config.clan.core.vars.generators.yggdrasil.files.address ? value then
clanLib.getPublicValue {
flake = config.clan.core.settings.directory;
machine = machineName;
generator = "yggdrasil";
file = "address";
default = null;
}
else
throw "clanService/yggdrasil is required";
in
{
networking.firewall.allowedTCPPorts = [
9090
];
services.prometheus = {
enable = true;
globalConfig = {
scrape_interval = settings.scrape_interval;
};
scrapeConfigs = lib.mapAttrsToList (machineName: machineVal: {
tls_config.insecure_skip_verify = true;
job_name = "${machineName}";
static_configs = lib.mapAttrsToList (
exporterName: exporterVal:
let
targetPort =
if exporterVal ? port then
exporterVal.port
else
config.services.prometheus.exporters."${exporterName}".port;
targetHost = getYggdrasilIP machineName;
in
{
targets = [ "[${targetHost}]:${lib.toString targetPort}" ];
}
) machineVal.settings.exporters;
}) roles.nodes.machines;
};
};
};
};
roles.nodes = {
description = "A node will expose metrics for server to harvest";
interface =
{ lib, ... }:
{
options = {
exporters = lib.mkOption {
type = lib.types.attrsOf (lib.types.submodule { });
default = { };
description = "Mirror of services.prometheus.exporters";
};
};
};
perInstance =
{ settings, ... }:
let
enabledExporters = builtins.mapAttrs (
name: value:
value
// {
enable = true;
openFirewall = true;
}
) settings.exporters;
in
{
nixosModule =
{ ... }:
{
services.prometheus.exporters = enabledExporters;
};
};
};
}
modules/clan/prometheus/flake-module.nix
+19
View File
@@ -0,0 +1,19 @@
{ self, inputs, ... }:
let
module = ./default.nix;
in
{
clan.modules = {
prometheus = module;
};
perSystem =
{ ... }:
{
clan.nixosTests.service-prometheus = {
imports = [ ./tests/vm/default.nix ];
_module.args = { inherit self inputs; };
clan.modules."@clan/prometheus" = module;
};
};
}
modules/clan/prometheus/tests/vm/default.nix
+74
View File
@@ -0,0 +1,74 @@
{
self,
hostPkgs,
config,
lib,
...
}:
{
name = "service-prometheus";
result.update-vars =
let
relativeDir = lib.removePrefix "${self}/" (toString config.clan.directory);
in
hostPkgs.writeShellScriptBin "update-vars" ''
set -x
export PRJ_ROOT=$(git rev-parse --show-toplevel)
${
self.inputs.clan-core.packages.${hostPkgs.system}.clan-cli
}/bin/clan-generate-test-vars $PRJ_ROOT/${relativeDir} ${config.name}
'';
clan = {
test.useContainers = false;
directory = ./.;
inventory = {
machines.server = { };
machines.nodeA = { };
instances = {
yggdrasil = {
module.name = "yggdrasil";
roles.default.machines.server = { };
roles.default.machines.nodeA = { };
};
prometheus = {
module.name = "@clan/prometheus";
module.input = "self";
roles.nodes.machines."nodeA".settings = {
exporters.smartctl = { };
};
roles.server.machines."server".settings = { };
};
};
};
};
nodes = {
server = { };
nodeA = { };
};
testScript =
{ nodes, ... }:
''
start_all()
server.wait_for_unit("prometheus.service")
nodeA.wait_for_unit("prometheus-smartctl-exporter.service")
nodeA.wait_for_open_port(9633)
nodeA.succeed("systemctl status prometheus-smartctl-exporter.service")
nodeA.succeed("curl http://localhost:9633/metrics")
server_ip = server.succeed("ip -4 addr show eth1 | grep -oP '(?<=inet\s)\d+(\.\d+){3}'").strip()
nodeA_ip = nodeA.succeed("ip -4 addr show eth1 | grep -oP '(?<=inet\s)\d+(\.\d+){3}'").strip()
server.succeed(f"ping -c 3 {nodeA_ip}")
server.succeed(f"curl -v http://{nodeA_ip}:9633/metrics")
'';
}
modules/clan/prometheus/tests/vm/sops/machines/nodeA/key.json
Executable
+6
View File
@@ -0,0 +1,6 @@
[
{
"publickey": "age1kxsp8pa8am6k333nxs4akjqkhht8gspznmlqz4pxn35h5dj4uv5qj6q6fl",
"type": "age"
}
]
modules/clan/prometheus/tests/vm/sops/machines/server/key.json
Executable
+6
View File
@@ -0,0 +1,6 @@
[
{
"publickey": "age1dkrf438z3337d2qnc7ugkggua99xkh55wuf9zgun35fjrxdpnf5qkg4z6j",
"type": "age"
}
]
modules/clan/prometheus/tests/vm/sops/secrets/nodeA-age.key/secret
+14
View File
@@ -0,0 +1,14 @@
{
"data": "ENC[AES256_GCM,data:Z8I3ecNV2N2jed1sPBU+tI5r5qB2nVTO7aNyMxvp0ztujn8kXjw+thSvLGtRygL2V9rSmPJalHQf1IYUriXgCmYtfg5InPDCAqk=,iv:O4rSyg2G6PJWHURZ/BTBKmn1AVekbNBdg5137sOPL/U=,tag:4/CLfO50laZ8ljWkr6o4qA==,type:str]",
"sops": {
"age": [
{
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTSWxnekYvREdZMTBMVlRq\nRmtCemFYZDhLYU93azc5czdoTVUydFFUL1JzCmo4ZHlrNi8yeW15N2JxTytWeCtk\nbjRwWUVlazUwTlMwc1RZVU8xYlVlckEKLS0tIFVPeU5KMVFwdExFT0wzeXZka2Jo\nSmxEM2RPTWdoZXJxK0dpemUzVkNzdGcKfXdiSeAcNwEZi7kh9c89ss5K+dYG0lhq\nFsf2I0A1csxqqnYJqXPmwlVGMzuWDrWRU0uc+hQLndP3TbadVux64w==\n-----END AGE ENCRYPTED FILE-----\n",
"recipient": "age1qm0p4vf9jvcnn43s6l4prk8zn6cx0ep9gzvevxecv729xz540v8qa742eg"
}
],
"lastmodified": "2026-06-11T07:43:55Z",
"mac": "ENC[AES256_GCM,data:OCPR2tkbN72MdaczO47UNCJBb1KjABHQH9q7dtVEwoAhKg4QWFtsDaMwBTVE9qe48nlaWQbxT1mM7uztm6RXLkc5y2c3danPUYFj/FK/ffqpaxv3oReyxWqMoGayT23kFbB0TWEx1K8Jp3gOkwCPg+ZRClvhV1dXrfnwIwZHrBY=,iv:3puPIWFIxRF1KtrmyG54LqCc7Zg4/AOMD65QjYdN970=,tag:RoIVltMKw7WUvgW6sNk6mA==,type:str]",
"version": "3.13.0"
}
}
modules/clan/prometheus/tests/vm/sops/secrets/nodeA-age.key/users/admin
Symlink
+1
View File
@@ -0,0 +1 @@
../../../users/admin
modules/clan/prometheus/tests/vm/sops/secrets/server-age.key/secret
+14
View File
@@ -0,0 +1,14 @@
{
"data": "ENC[AES256_GCM,data:Nuq6ege3HJOxpRgA6fnxdD2Wj+KCw+3PaJCxmZirJl3mkRVLnZgUUhr+gOVEup9Ifjl1ZnP+PqV7b9pPR/WQg0LARYtxIC1QGJ8=,iv:v9p9lsefP5V9McAJCzS7v9sl8XHr9/hAL41XwFbwMOA=,tag:ETK+CFFJAAzGTpowQNAZMQ==,type:str]",
"sops": {
"age": [
{
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSArN0NEWFZoZWlyeUtZc3hi\ndnVNcHl4eVVHckRLeFhPYUt4a3BwMElFMVZZCklkU1NEWVVmSGw1NmJmWWkrVHFH\nVTN5U0x3NXdiQUJCc095TElzMWZCMXMKLS0tIHRXQkJNREFYUFFvMXM1Sk53VW5z\naTRjMXozZXZiNU8zSkF5d2hhdklBY1EKWwsPi6YiHKFfAyqWH2u75hw47gzcQOz/\n95Im0FgadhqGDCeZhTDfEAc4b1VWQULInsjeRapzf5OJOwekbz6guA==\n-----END AGE ENCRYPTED FILE-----\n",
"recipient": "age1qm0p4vf9jvcnn43s6l4prk8zn6cx0ep9gzvevxecv729xz540v8qa742eg"
}
],
"lastmodified": "2026-06-11T07:45:26Z",
"mac": "ENC[AES256_GCM,data:mTKFSBFnUzu3rldQCHPZHoyzDdwPzBWPIAhemC1XyG5PiQ/OczStjYaLzZQGCpPvOjBb5Ntqrc+dnaOedZgKlOdaPjZs1U2ZDWadoeWQ2TAKWYA6+kN7PXomsxtHhntiaujMy3502eh06VyiutpVuCdzK2cfEwuno8nyIcHgtXk=,iv:/5DRvFVDQA+yd8m/+Cyxb+aIsfwoaFcV6KRQ/7ISHnU=,tag:z31P6CL0NNRlQThqwapVNA==,type:str]",
"version": "3.13.0"
}
}
modules/clan/prometheus/tests/vm/sops/secrets/server-age.key/users/admin
Symlink
+1
View File
@@ -0,0 +1 @@
../../../users/admin
modules/clan/prometheus/tests/vm/sops/users/admin/key.json
+4
View File
@@ -0,0 +1,4 @@
{
"publickey": "age1qm0p4vf9jvcnn43s6l4prk8zn6cx0ep9gzvevxecv729xz540v8qa742eg",
"type": "age"
}
modules/clan/prometheus/tests/vm/vars/per-machine/nodeA/state-version/version/value
+1
View File
@@ -0,0 +1 @@
26.05
modules/clan/prometheus/tests/vm/vars/per-machine/nodeA/yggdrasil/address/value
+1
View File
@@ -0,0 +1 @@
204:b10b:6057:4bbe:2b44:fc58:c6fd:90ad
modules/clan/prometheus/tests/vm/vars/per-machine/nodeA/yggdrasil/privateKey/machines/nodeA
Symlink
+1
View File
@@ -0,0 +1 @@
../../../../../../sops/machines/nodeA
modules/clan/prometheus/tests/vm/vars/per-machine/nodeA/yggdrasil/privateKey/secret
+18
View File
@@ -0,0 +1,18 @@
{
"data": "ENC[AES256_GCM,data:JkuciSmL5nmSjcYn22W7iHKzuRxWMJ5dixYllm0aSM7DsyAp9mQzIYJJmalepp7sEhSJ5As3vQW6ZpOQ3G8ZheG06++1GlM8lvVV2FKmYvKHQpI+V7WyUJl7dpfu+5A6BzWES0GbC1g8l/a8sb/+jjEoqUTAj/4=,iv:tehdHsdm2uSRAAzImHhwBSnSBF6lzjLzF9HIPnoi9s0=,tag:dWnQhAiJeCkcssjko+dUpw==,type:str]",
"sops": {
"age": [
{
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBOVmRSR2xDNmdPYW5MNUVH\nYWVpaTc0TjdOZFBTSEJDL1Z3VG9vVHkrZUFjCklUMUU1bnVmZFJYbzVPd09oZm1U\nNHY0R1hNQnBBc2V4Y2RWQ1ZZRjdOK0kKLS0tIEJkSWFaTDJzMDNJR3QwQzRVdld4\ndDA5ZmZSeTYyVUE5Y1Z1T1l5QmpHRTQKSaN+MIazA8RXhRSyFSkDTyXEp43COpbf\nXOzAhTXja+ut/akUuKadDS4xycZ+ZXAreVmdsF4SWvwZkmPeew+hKQ==\n-----END AGE ENCRYPTED FILE-----\n",
"recipient": "age1kxsp8pa8am6k333nxs4akjqkhht8gspznmlqz4pxn35h5dj4uv5qj6q6fl"
},
{
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBMNmZkTHlaRWl1V3UvcGxk\nR0hhL1lNekNzb0REaEc4bitBZkcwYmRDb2hjCnloQTZUL3ZneWZQZk9NTEc1bGNB\nY3ljdFRMMUhLeDdyblhVY3lSOFBXc1UKLS0tIEJUc1ZpQmtuNlRUUEVmajY5TGdP\ncSs2RkZXcnJYRlEvcEtYSWxIWmkrVEkKgQnfxuZuxl1OpZDUPVuqseSN89WnBGFw\nx2PI3cqN67R2tV/FEjOZo+GFgxW93SYdMvxzg2aG2q/7xOQxfj9sjg==\n-----END AGE ENCRYPTED FILE-----\n",
"recipient": "age1qm0p4vf9jvcnn43s6l4prk8zn6cx0ep9gzvevxecv729xz540v8qa742eg"
}
],
"lastmodified": "2026-06-11T07:44:25Z",
"mac": "ENC[AES256_GCM,data:gRk1t7xFxXSTUcZQw0DCH3QtRnQJF4Mc4kZeeckhuQdc/VATj+cq+ugicrcGJWbbXzAscQLG6g72+Qiane5nFfzmjNoO6JMe181wm7pY/5St+2MjXZEzwAaYjn6ZAm+U7aiUVcp8RBjFIL9HCvBF8qFl7rqqTvYHnTOU0V6TIIo=,iv:eUvZFDKl8PX5QaQPmwJXaokawQMNP0TGOklTAMgB/sg=,tag:3cHICox8bKWkPKMUgvLuXA==,type:str]",
"version": "3.13.0"
}
}
modules/clan/prometheus/tests/vm/vars/per-machine/nodeA/yggdrasil/privateKey/users/admin
Symlink
+1
View File
@@ -0,0 +1 @@
../../../../../../sops/users/admin
modules/clan/prometheus/tests/vm/vars/per-machine/nodeA/yggdrasil/publicKey/value
+1
View File
@@ -0,0 +1 @@
0a77a4fd45a20ea5d81d39c8137a97dd4988c692ce4263959559b8c3f966c1de
modules/clan/prometheus/tests/vm/vars/per-machine/server/state-version/version/value
+1
View File
@@ -0,0 +1 @@
26.05
modules/clan/prometheus/tests/vm/vars/per-machine/server/yggdrasil/address/value
+1
View File
@@ -0,0 +1 @@
202:8a70:e215:f822:c67a:f191:b04a:a8f
modules/clan/prometheus/tests/vm/vars/per-machine/server/yggdrasil/privateKey/machines/server
Symlink
+1
View File
@@ -0,0 +1 @@
../../../../../../sops/machines/server
modules/clan/prometheus/tests/vm/vars/per-machine/server/yggdrasil/privateKey/secret
+18
View File
@@ -0,0 +1,18 @@
{
"data": "ENC[AES256_GCM,data:JcxiDqZDX3J3ooSeN0pQ28uvI86mtHUf2BEcOQdFIDhJZODGCc+BhZvBQmu2mabV8Jf4skrTWqD+60c1fkRcsM+MMXfoyNsrRyQ2K39mG4kl8jJKVKDs+BqXa+CvZ96kesOMgi9vdc3YUKo5cCLY4bQ9VwymqH8=,iv:W3z8Pbyo2IMzkxI4k14FlirLa28qgZ3rnTAWuusiw/0=,tag:EQc8mo/UvACbt8hQv3zPEw==,type:str]",
"sops": {
"age": [
{
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkRDNOSU81alN2THNQQ3ZW\nbHVjMmxaYWpzak1NZHplNTVzZzQvMHg4azAwCkExb0VLYlZUd2JjVGNlcXUyR0p1\nWHk5cXpOeGZ0VFRFTGllQWpxRlBTRk0KLS0tIDhKeUc4RHQvb0o0ZXFXZUNCanVY\nYm04TVBoWjlLT0tFOHRnLzd3RHV2ZzAKVpLtENDySGC6UDgAwhDb+7KJiHXOZF6n\nIaeIQWQqiB+45h72NE3yh02boPK8pl6IoJFcK3e4zSO7/G8jGUp0MQ==\n-----END AGE ENCRYPTED FILE-----\n",
"recipient": "age1dkrf438z3337d2qnc7ugkggua99xkh55wuf9zgun35fjrxdpnf5qkg4z6j"
},
{
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGSUZXVzJwVHdwZGtxOVRu\nN1hMZkltdVM0cnNRL2tSNENkSGV2VzFIU1VBCmRZWlJTODNPMVRjVWY1V1VZcFln\nTDE3N0xsMXdMWityRUNUYWlQOXBMMTgKLS0tIGViTzBrQk5wQXBYQitIb1ZPUitC\nLysyUER0UjFlZm95c3ZGK3hEMEtrNUEKABpoKBUnvzQKSrgsdnU+uyDyED0Tlr7D\nnSsf12c84cvdt0OeCWwf2WvBANZL26XTcFq1fBYOFTJqNLs1ZfO2kg==\n-----END AGE ENCRYPTED FILE-----\n",
"recipient": "age1qm0p4vf9jvcnn43s6l4prk8zn6cx0ep9gzvevxecv729xz540v8qa742eg"
}
],
"lastmodified": "2026-06-11T07:45:55Z",
"mac": "ENC[AES256_GCM,data:jjhkZB9NdpvV2R0k9yS/AcUqeMr1RLv1UZwGCemlKSwhBfs8E5NxTXLhtmJeQ+hltOTYpz51BIporVtlaH6ElVnh7khOrG3Lb5cLBrL41QM59y3Tbfu6TjNOE3NyMiWuxZnwuqUGWQjsjrIIhE0ftKnpSpkGHMie+BC3iNSB1tY=,iv:onOVK9eJxWOaIjChQD54tz8lY+r/jpp6AArsBIuoRUM=,tag:2Oas1C5D2kZOe4iiD5huyw==,type:str]",
"version": "3.13.0"
}
}
modules/clan/prometheus/tests/vm/vars/per-machine/server/yggdrasil/privateKey/users/admin
Symlink
+1
View File
@@ -0,0 +1 @@
../../../../../../sops/users/admin
modules/clan/prometheus/tests/vm/vars/per-machine/server/yggdrasil/publicKey/value
+1
View File
@@ -0,0 +1 @@
2eb1e3bd40fba730a1cdc9f6beae1848e4b965e37f18a61593327964108fe6a8
modules/clan/wordpress/default.nix
+168
View File
@@ -0,0 +1,168 @@
{ ... }:
{
_class = "clan.service";
manifest.name = "wordpress";
manifest.description = "wordpress with multi-tenant support and state of plugins and themes are allowed";
manifest.readme = "wordpress with multi-tenant support and state of plugins and themes are allowed";
manifest.categories = [ "System" ];
roles.server = {
description = "A default server role";
interface =
{ lib, ... }:
{
options = {
tenants = lib.mkOption {
type = with lib.types; listOf str;
default = [ "localhost" ];
description = "List of tenants website to host on the instance";
example = [ "example.com" ];
};
phpfpmOptions = lib.mkOption {
type = with lib.types; lines;
default = "";
description = "options appended to the PHP configuration file";
};
wpExtraConfig = lib.mkOption {
type = with lib.types; lines;
default = "";
description = "Any additional text to be appended to the wp-config.php";
};
};
};
perInstance =
{ settings, ... }:
{
nixosModule =
{
pkgs,
lib,
config,
...
}:
let
user = "wordpress";
mkSafeDBName = domain: "wp_${builtins.replaceStrings [ "." ] [ "_" ] domain}";
mkWordpressSite = domain: {
database = {
name = mkSafeDBName domain;
user = user;
};
package = wp-pkg domain;
extraConfig = ''
define('FS_METHOD', 'direct');
''
+ settings.wpExtraConfig;
themes = { };
};
stateDir = hostName: "/var/lib/wordpress/${hostName}";
wp-pkg =
hostName:
let
upStreamSrc = pkgs.wordpress;
in
pkgs.stdenv.mkDerivation {
pname = "wordpress-custom";
version = upStreamSrc.version;
src = upStreamSrc;
installPhase = ''
mkdir -p $out
cp -r * $out/
rm -rf $out/share/wordpress/wp-content/plugins
rm -rf $out/share/wordpress/wp-content/themes
# symlink uploads directory
ln -s "${stateDir hostName}"/wp-content/themes $out/share/wordpress/wp-content/themes
ln -s "${stateDir hostName}"/wp-content/plugins $out/share/wordpress/wp-content/plugins
ln -s "${stateDir hostName}"/wp-content/upgrade $out/share/wordpress/wp-content/upgrade
'';
};
webserver = config.services.${config.services.wordpress.webserver};
in
{
services.wordpress.webserver = "nginx";
services.wordpress.sites = builtins.listToAttrs (
map (tenant: {
name = tenant;
value = mkWordpressSite tenant;
}) settings.tenants
);
systemd.tmpfiles.rules = lib.flatten (
map (tenant: [
"d '${stateDir tenant}/wp-content' 0750 ${user} ${webserver.group} - -"
"d '${stateDir tenant}/wp-content/themes' 0750 ${user} ${webserver.group} - -"
"Z '${stateDir tenant}/wp-content/themes' 0750 ${user} ${webserver.group} - -"
"d '${stateDir tenant}/wp-content/plugins' 0750 ${user} ${webserver.group} - -"
"Z '${stateDir tenant}/wp-content/plugins' 0750 ${user} ${webserver.group} - -"
"d '${stateDir tenant}/wp-content/upgrade' 0750 ${user} ${webserver.group} - -"
"Z '${stateDir tenant}/wp-content/upgrade' 0750 ${user} ${webserver.group} - -"
]) settings.tenants
);
networking.firewall.allowedTCPPorts = [
80
443
];
services.phpfpm.pools = builtins.listToAttrs (
map (
tenant: lib.nameValuePair "wordpress-${tenant}" { phpOptions = settings.phpfpmOptions; }
) settings.tenants
);
security.acme.acceptTerms = true;
users.users.nginx.extraGroups = [ "acme" ];
security.acme.certs = lib.listToAttrs (
map (
tenant:
(lib.nameValuePair tenant {
email = config.clan.core.vars.generators.acme.files.email.value;
webroot = "/var/lib/acme/acme-challenge/${tenant}";
})
) settings.tenants
);
services.nginx.clientMaxBodySize = "128m";
services.nginx.virtualHosts = lib.listToAttrs (
map (
tenant:
(lib.nameValuePair tenant {
forceSSL = true;
useACMEHost = tenant;
acmeRoot = config.security.acme.certs.${tenant}.webroot;
})
) settings.tenants
);
clan.core.vars.generators.acme = {
share = true;
files.email.secret = false;
prompts.email = {
type = "line";
description = "Email for ACME registeration";
};
script = ''
cat $prompts/email > $out/email
'';
};
};
};
};
}
modules/clan/wordpress/flake-module.nix
+19
View File
@@ -0,0 +1,19 @@
{ self, inputs, ... }:
let
module = ./default.nix;
in
{
clan.modules = {
wordpress = module;
};
perSystem =
{ ... }:
{
clan.nixosTests.service-wordpress = {
imports = [ ./tests/vm/default.nix ];
_module.args = { inherit self inputs; };
clan.modules."@clan/wordpress" = module;
};
};
}
modules/clan/wordpress/tests/vm/default.nix
+59
View File
@@ -0,0 +1,59 @@
{
self,
config,
lib,
hostPkgs,
...
}:
{
name = "service-wordpress";
result.update-vars =
let
relativeDir = lib.removePrefix "${self}/" (toString config.clan.directory);
in
hostPkgs.writeShellScriptBin "update-vars" ''
set -x
export PRJ_ROOT=$(git rev-parse --show-toplevel)
${
self.inputs.clan-core.packages.${hostPkgs.system}.clan-cli
}/bin/clan-generate-test-vars $PRJ_ROOT/${relativeDir} ${config.name}
'';
clan = {
test.useContainers = false;
directory = ./.;
inventory = {
machines.server = { };
instances = {
wordpress-test = {
module.name = "@clan/wordpress";
module.input = "self";
roles.server.machines."server".settings = {
tenants = [
"localhost"
"site2.localhost"
];
};
};
};
};
};
nodes = {
server = { };
};
testScript = ''
start_all()
server.wait_for_unit("phpfpm-wordpress-localhost.service")
server.wait_for_unit("phpfpm-wordpress-site2.localhost.service")
server.succeed("systemctl status phpfpm-wordpress-localhost.service")
server.succeed("systemctl status phpfpm-wordpress-site2.localhost.service")
server.wait_for_open_port(80)
server.succeed("curl -H \"Host: localhost\" http://127.0.0.1:80 ")
server.succeed("curl -H \"Host: site2.localhost\" http://127.0.0.1:80 ")
'';
}
modules/clan/wordpress/tests/vm/sops/users/admin/key.json
+4
View File
@@ -0,0 +1,4 @@
{
"publickey": "age1qm0p4vf9jvcnn43s6l4prk8zn6cx0ep9gzvevxecv729xz540v8qa742eg",
"type": "age"
}
modules/clan/wordpress/tests/vm/vars/per-machine/server/state-version/version/value
+1
View File
@@ -0,0 +1 @@
26.11
modules/clan/wordpress/tests/vm/vars/shared/acme/email/value
+1
View File
@@ -0,0 +1 @@
fake_line_value
modules/nixos/default.nix
-5
View File
@@ -1,5 +0,0 @@
{
flake.nixosModules = {
inventree = import ../nixos/inventree;
};
}
modules/nixos/inventree/default.nix
-334
View File
@@ -1,334 +0,0 @@
{
lib,
config,
pkgs,
...
}:
let
inherit (lib)
mkEnableOption
mkOption
types
mkIf
;
configFormat = pkgs.formats.json { };
cfg = config.services.inventree;
pkg = cfg.package;
configFile = "${cfg.dataDir}/config.json";
env = {
INVENTREE_CONFIG_FILE = configFile;
INVENTREE_SECRET_KEY_FILE = cfg.secretKeyFile;
INVENTREE_AUTO_UPDATE = "1";
INVENTREE_PLUGINS_ENABLED = "1";
INVENTREE_PLUGIN_NOINSTALL = "0";
INVENTREE_STATIC_ROOT = cfg.config.static_root;
INVENTREE_MEDIA_ROOT = cfg.config.media_root;
INVENTREE_BACKUP_DIR = cfg.config.backup_dir;
INVENTREE_OIDC_PRIVATE_KEY_FILE = cfg.config.oidc_private_key_file;
INVENTREE_DB_ENGINE = cfg.config.database.ENGINE;
INVENTREE_DB_NAME = cfg.config.database.NAME;
INVENTREE_DB_HOST = cfg.config.database.HOST;
INVENTREE_DB_USER = "inventree";
INVENTREE_ADMIN_USER = cfg.config.adminUser;
INVENTREE_ADMIN_PASSWORD_FILE = cfg.config.adminPasswordFile;
INVENTREE_USE_X_FORWARDED_HOST = "1";
INVENTREE_CORS_ORIGIN_ALLOW_ALL = "1";
INVENTREE_FRONTEND_SETTINGS = ''{"mobile_mode":"allow-always"}'';
INVENTREE_SITE_URL = cfg.config.site_url;
PYTHONPATH = pkg.pythonPath;
};
inventree-invoke = pkgs.writeShellApplication {
name = "inventree-invoke";
text = ''
export INVENTREE_CONFIG_FILE=${configFile}
export INVENTREE_SECRET_KEY_FILE=${cfg.secretKeyFile}
export PYTHONPATH=${pkg.pythonPath}
exec -a "$0" ${pkgs.python3Packages.invoke}/bin/invoke -r ${cfg.package}/opt/inventree "$@"
'';
};
in
{
options.services.inventree = {
enable = mkEnableOption "InvenTree parts manager";
package = lib.mkOption {
type = types.package;
default = pkgs.inventree;
description = ''
InvenTree package to use
'';
};
hostName = mkOption {
type = types.str;
description = "FQDN for the InvenTree instance.";
};
dataDir = mkOption {
type = types.path;
default = "/var/lib/inventree";
example = "/var/lib/inventree";
description = ''
The default path for all inventree data.
'';
};
secretKeyFile = mkOption {
type = types.path;
default = "${cfg.dataDir}/secret_key.txt";
description = ''
Path to a file containing the secret key
'';
};
config = mkOption {
type = types.submodule ({
freeformType = configFormat.type;
options = {
adminUser = mkOption {
type = types.str;
default = "admin";
};
adminPasswordFile = mkOption {
type = types.path;
description = "Path to password file for user `admin`";
};
site_url = mkOption {
type = types.str;
default = "https://${cfg.hostName}";
};
static_root = mkOption {
type = types.path;
default = "${cfg.dataDir}/static";
description = ''
Static file storage
'';
};
media_root = mkOption {
type = types.path;
default = "${cfg.dataDir}/media_root";
description = "Media root directory";
};
backup_dir = mkOption {
type = types.path;
default = "${cfg.dataDir}/backups";
description = "Backup directory";
};
oidc_private_key_file = mkOption {
type = types.path;
default = "${cfg.dataDir}/oidc.key";
};
};
});
default = { };
description = ''
Config options, see https://docs.inventree.org/en/stable/start/config/
for details
'';
};
serverStartTimeout = mkOption {
type = types.str;
default = "10min";
description = ''
TimeoutStartSec for the server systemd service.
See https://www.freedesktop.org/software/systemd/man/latest/systemd.service.html#TimeoutStartSec=
for more details
'';
};
serverStopTimeout = mkOption {
type = types.str;
default = "5min";
description = ''
TimeoutStopSec for the server systemd service.
See https://www.freedesktop.org/software/systemd/man/latest/systemd.service.html#TimeoutStopSec=
for more details
'';
};
};
config = mkIf cfg.enable {
environment.systemPackages = [ inventree-invoke ];
systemd.tmpfiles.rules = (
map (dir: "d ${dir} 0755 inventree inventree") [
"${cfg.dataDir}"
"${cfg.dataDir}/static"
"${cfg.dataDir}/media_root"
"${cfg.dataDir}/backups"
]
);
services.inventree.config = {
plugins_enabled = false;
plugin_file = "${cfg.dataDir}/plugins.txt";
plugin_dir = "${cfg.dataDir}/plugins";
database = {
ENGINE = "postgresql";
NAME = "inventree";
HOST = "/run/postgresql";
};
};
services.postgresql = {
enable = true;
ensureDatabases = [ "inventree" ];
ensureUsers = [
{
name = "inventree";
ensureDBOwnership = true;
}
];
};
users.users.inventree = {
group = "inventree";
isSystemUser = true;
description = "InvenTree daemon user";
};
users.groups.inventree = { };
services.nginx.enable = true;
services.nginx.virtualHosts.${cfg.hostName} = {
locations =
let
unixPath = config.systemd.sockets.inventree-gunicorn.socketConfig.ListenStream;
in
{
"/" = {
extraConfig = ''
client_max_body_size 100M;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
'';
proxyPass = "http://unix:${unixPath}";
};
"/static/" = {
alias = "${cfg.config.static_root}/";
extraConfig = ''
expires 30d;
'';
};
"/media/" = {
alias = "${cfg.config.media_root}/";
extraConfig = ''
auth_request /auth;
'';
};
"/auth" = {
extraConfig = ''
internal;
'';
proxyPass = "http://unix:${unixPath}:/auth/";
};
};
};
systemd.targets.inventree = {
description = "Target for all InvenTree services";
wantedBy = [ "multi-user.target" ];
wants = [ "network-online.target" ];
after = [ "network-online.target" ];
};
systemd.services.inventree-config = {
description = "Inventree config generation";
wantedBy = [ "inventree.target" ];
partOf = [ "inventree.target" ];
before = [
"inventree-static.service"
"inventree-gunicorn.service"
"inventree-qcluster.service"
];
serviceConfig = {
# User = "root";
# Group = "root";
User = "inventree";
Group = "inventree";
Type = "oneshot";
RemainAfterExit = true;
PrivateTmp = true;
};
environment = env;
script = ''
set -euo pipefail
umask u=rwx,g=,o=
# chown inventree:inventree ${configFile}
${pkg}/opt/inventree/src/backend/InvenTree/manage.py migrate
'';
};
systemd.services.inventree-static = {
description = "InvenTree static migration";
wantedBy = [ "inventree.target" ];
partOf = [ "inventree.target" ];
before = [ "inventree-gunicorn.service" ];
environment = env;
serviceConfig = {
User = "inventree";
Group = "inventree";
StateDirectory = "inventree";
#RuntimeDirectory = "inventree";
PrivateTmp = true;
ExecStart = ''
${pkg}/opt/inventree/src/backend/InvenTree/manage.py collectstatic --no-input
'';
};
};
systemd.services.inventree-gunicorn = {
description = "InvenTree Gunicorn server";
requiredBy = [ "inventree.target" ];
partOf = [ "inventree.target" ];
#wantedBy = [ "inventree.target" ];
environment = env;
serviceConfig = {
User = "inventree";
Group = "inventree";
StateDirectory = "inventree";
#RuntimeDirectory = "inventree";
PrivateTmp = true;
ExecStart = ''
${pkg.gunicorn}/bin/gunicorn InvenTree.wsgi \
--pythonpath ${pkg}/opt/inventree/src/backend/InvenTree
'';
};
};
systemd.sockets.inventree-gunicorn = {
wantedBy = [ "sockets.target" ];
partOf = [ "inventree.target" ];
socketConfig.ListenStream = "/run/inventree/gunicorn.socket";
};
systemd.services.inventree-qcluster = {
description = "InvenTree qcluster server";
requiredBy = [ "inventree.target" ];
wantedBy = [ "inventree.target" ];
partOf = [ "inventree.target" ];
environment = env;
serviceConfig = {
User = "inventree";
Group = "inventree";
StateDirectory = "inventree";
#RuntimeDirectory = "inventree";
PrivateTmp = true;
ExecStart = ''
${pkg}/opt/inventree/src/backend/InvenTree/manage.py qcluster
'';
};
};
};
}
modules/nixos/think-backend-gtcm.nix
+2 -2
View File
@@ -173,10 +173,10 @@ in
serviceConfig = { serviceConfig = {
User = cfg.user; User = cfg.user;
WorkingDirectory = "${file-uploader}"; WorkingDirectory = "${file-uploader}";
ExecStart = "${lib.getExe pkgs.nodejs_20} ${file-uploader}/src/be/index.js"; ExecStart = "${lib.getExe pkgs.nodejs} ${file-uploader}/src/be/index.js";
Restart = "on-failure"; Restart = "on-failure";
}; };
path = [ pkgs.nodejs_20 ]; path = [ pkgs.nodejs ];
}; };
environment.systemPackages = [ environment.systemPackages = [
pkgs/gtcm-file-uploader.nix
+1 -1
View File
@@ -17,7 +17,7 @@ buildNpmPackage {
version = "1.0.0"; version = "1.0.0";
nativeBuildInputs = with pkgs; [ nativeBuildInputs = with pkgs; [
nodejs_20 nodejs
breakpointHook breakpointHook
]; ];
pkgs/inventree/default.nix
-161
View File
@@ -1,161 +0,0 @@
{
stdenvNoCC,
python3,
fetchFromGitHub,
fetchYarnDeps,
yarnConfigHook,
nodejs,
}:
let
version = "1.1.0";
src = fetchFromGitHub {
owner = "inventree";
repo = "InvenTree";
tag = "${version}";
hash = "sha256-GAATo5zkkNCes9fCQsYUsZ9auhgYEUnevN4obWj3ZRA=";
};
frontend = stdenvNoCC.mkDerivation {
name = "inventree-frontend";
inherit version src;
yarnOfflineCache = fetchYarnDeps {
yarnLock = "${src}/src/frontend/yarn.lock";
hash = "sha256-Ijbkx+INZgsvMhkzo8h/FUY75W3UHnKAdUjQRD8kJZw=";
};
nativeBuildInputs = [
yarnConfigHook
nodejs
];
patchPhase = ''
runHook prePatch
cd src/frontend
runHook postPatch
'';
buildPhase = ''
echo "Running lingui"
./node_modules/.bin/lingui compile --typescript
echo building lib
./node_modules/.bin/tsc --p ./tsconfig.lib.json
./node_modules/.bin/vite --config vite.lib.config.ts build
echo "Running tsc"
./node_modules/.bin/tsc
echo "Running vite"
./node_modules/.bin/vite build --emptyOutDir --outDir $out
'';
};
in
python3.pkgs.buildPythonApplication rec {
pname = "InvenTree";
inherit version src;
format = "other";
dependencies =
with python3.pkgs;
[
coreapi
cryptography
distutils
dj-rest-auth
django
django-allauth
django-allauth.optional-dependencies.openid
django-allauth.optional-dependencies.mfa
django-allauth.optional-dependencies.socialaccount
django-cleanup
django-cors-headers
django-dbbackup
django-error-report-2
django-filter
django-flags
django-formtools
django-ical
django-js-asset
django-maintenance-mode
django-markdownify
django-money
django-mptt
django-mailbox
django-anymail
django-redis
django-oauth-toolkit
django-otp
django-q-sentry
django-q2
django-redis
django-sesame
django-sql-utils
django-structlog
django-stdimage
django-taggit
django-user-sessions
django-weasyprint
djangorestframework
djangorestframework-simplejwt
djangorestframework-simplejwt.optional-dependencies.crypto
django-xforwardedfor-middleware
django-storages
drf-spectacular
dulwich
feedparser
gunicorn
pdf2image
pillow
pint
pip-licenses
pypdf
python-barcode
python-barcode.optional-dependencies.images
python-dotenv
pyyaml
qrcode
qrcode.optional-dependencies.pil
rapidfuzz
sentry-sdk
tablib
tablib.optional-dependencies.xls
tablib.optional-dependencies.xlsx
tablib.optional-dependencies.yaml
weasyprint
whitenoise
psycopg2
fido2
opentelemetry-api
opentelemetry-sdk
opentelemetry-exporter-otlp
opentelemetry-instrumentation-django
opentelemetry-instrumentation-requests
opentelemetry-instrumentation-redis
opentelemetry-instrumentation-sqlite3
opentelemetry-instrumentation-system-metrics
opentelemetry-instrumentation-wsgi
]
++ django-anymail.optional-dependencies.amazon-ses;
installPhase = ''
substituteInPlace src/backend/InvenTree/InvenTree/settings.py --replace-fail "django_slowtests.testrunner.DiscoverSlowestTestsRunner" "django.test.runner.DiscoverRunner"
mkdir -p $out/opt/inventree
cp -r . $out/opt/inventree
echo "Installing frontend"
mkdir -p $out/opt/inventree/src/backend/InvenTree/web/static/web
cp -r ${frontend}/* $out/opt/inventree/src/backend/InvenTree/web/static/web/
cp -r ${frontend}/.* $out/opt/inventree/src/backend/InvenTree/web/static/web/
'';
passthru = {
pythonPath = python3.pkgs.makePythonPath dependencies;
gunicorn = python3.pkgs.gunicorn;
inherit frontend;
};
}
pkgs/overlay.nix
-24
View File
@@ -2,28 +2,4 @@ final: prev: {
think-gtcm = final.callPackage ./think-gtcm.nix { }; think-gtcm = final.callPackage ./think-gtcm.nix { };
think-backend-gtcm = final.callPackage ./think-backend-gtcm.nix { php = final.php83; }; think-backend-gtcm = final.callPackage ./think-backend-gtcm.nix { php = final.php83; };
gtcm-file-uploader = final.callPackage ./gtcm-file-uploader.nix { }; gtcm-file-uploader = final.callPackage ./gtcm-file-uploader.nix { };
pythonPackagesExtensions = prev.pythonPackagesExtensions ++ [
(py-final: py-prev: {
django-dbbackup = py-final.callPackage ./python/django-dbbackup { };
django-error-report-2 = py-final.callPackage ./python/django-error-report-2 { };
django-flags = py-final.callPackage ./python/django-flags { };
django-ical = py-final.callPackage ./python/django-ical { };
django-markdownify = py-final.callPackage ./python/django-markdownify { };
django-money = py-final.callPackage ./python/django-money { };
django-q-sentry = py-final.callPackage ./python/django-q-sentry { };
django-recurrence = py-final.callPackage ./python/django-recurrence { };
django-slowtests = py-final.callPackage ./python/django-slowtests { };
django-structlog = py-final.callPackage ./python/django-structlog { };
django-stdimage = py-final.callPackage ./python/django-stdimage { };
django-user-sessions = py-final.callPackage ./python/django-user-sessions { };
django-weasyprint = py-final.callPackage ./python/django-weasyprint { };
django-xforwardedfor-middleware = py-final.callPackage ./python/django-xforwardedfor-middleware { };
pip-licenses = py-final.callPackage ./python/pip-licenses { };
py-moneyed = py-final.callPackage ./python/py-moneyed { };
pytest-pycodestyle = py-final.callPackage ./python/pytest-codestyle { };
sentry-sdk = py-final.callPackage ./python/sentry-sdk { };
})
];
inventree = final.callPackage ./inventree { python3 = final.python312; };
} }
pkgs/python/django-dbbackup/default.nix
-42
View File
@@ -1,42 +0,0 @@
{
lib,
buildPythonPackage,
fetchFromGitHub,
setuptools,
wheel,
django,
pytz,
}:
buildPythonPackage rec {
pname = "django-dbbackup";
version = "4.2.1";
pyproject = true;
src = fetchFromGitHub {
owner = "jazzband";
repo = "django-dbbackup";
rev = version;
hash = "sha256-GD+f9mbImGPQ6MOUK3ftHqiGv7TT39jNQsFvd0dnnWU=";
};
build-system = [
setuptools
wheel
];
dependencies = [
django
pytz
];
pythonImportsCheck = [ "dbbackup" ];
meta = {
description = "Management commands to help backup and restore your project database and media files";
homepage = "https://github.com/jazzband/django-dbbackup";
license = lib.licenses.bsd3;
maintainers = with lib.maintainers; [ ];
mainProgram = "django-dbbackup";
};
}
pkgs/python/django-error-report-2/default.nix
-37
View File
@@ -1,37 +0,0 @@
{
lib,
buildPythonPackage,
fetchFromGitHub,
setuptools,
wheel,
django,
}:
buildPythonPackage rec {
pname = "django-error-report-2";
version = "0.4.2";
pyproject = true;
src = fetchFromGitHub {
owner = "matmair";
repo = "django-error-report-2";
rev = version;
hash = "sha256-ZCaslqgruJxM8345/jSlZGruM+27H9hvwL0wtPkUzc0=";
};
build-system = [
setuptools
wheel
];
dependencies = [ django ];
pythonImportsCheck = [ "error_report" ];
meta = {
description = "Log/View Django server errors";
homepage = "https://github.com/matmair/django-error-report-2";
license = lib.licenses.mit;
maintainers = with lib.maintainers; [ ];
};
}
pkgs/python/django-flags/default.nix
-37
View File
@@ -1,37 +0,0 @@
{
lib,
buildPythonPackage,
fetchFromGitHub,
setuptools,
wheel,
django,
}:
buildPythonPackage rec {
pname = "django-flags";
version = "5.0.13";
pyproject = true;
src = fetchFromGitHub {
owner = "cfpb";
repo = "django-flags";
rev = version;
hash = "sha256-WPMfFYoP6WaVzZmVtqAz4LlY761aCRyPhd5npc8bOOI=";
};
build-system = [
setuptools
wheel
];
dependencies = [ django ];
pythonImportsCheck = [ "flags" ];
meta = {
description = "Feature flags for Django projects";
homepage = "https://github.com/cfpb/django-flags";
license = lib.licenses.cc0;
maintainers = with lib.maintainers; [ ];
};
}
pkgs/python/django-ical/default.nix
-46
View File
@@ -1,46 +0,0 @@
{
lib,
buildPythonPackage,
fetchFromGitHub,
setuptools,
setuptools-scm,
wheel,
django,
django-recurrence,
icalendar,
}:
buildPythonPackage rec {
pname = "django-ical";
version = "1.9.2";
pyproject = true;
src = fetchFromGitHub {
owner = "jazzband";
repo = "django-ical";
rev = version;
hash = "sha256-DUe0loayGcUS7MTyLn+g0KBxbIY7VsaoQNHGSMbMI3U=";
};
build-system = [
setuptools
setuptools-scm
wheel
];
dependencies = [
django
django-recurrence
icalendar
];
pythonImportsCheck = [ "django_ical" ];
meta = {
description = "ICal feeds for Django based on Django's syndication feed framework";
homepage = "https://github.com/jazzband/django-ical";
changelog = "https://github.com/jazzband/django-ical/blob/${src.rev}/CHANGES.rst";
license = lib.licenses.mit;
maintainers = with lib.maintainers; [ ];
};
}
pkgs/python/django-markdownify/default.nix
-39
View File
@@ -1,39 +0,0 @@
{
lib,
buildPythonPackage,
fetchFromGitHub,
setuptools,
bleach,
django,
markdown,
}:
buildPythonPackage rec {
pname = "django-markdownify";
version = "0.9.5";
pyproject = true;
src = fetchFromGitHub {
owner = "erwinmatijsen";
repo = "django-markdownify";
rev = version;
hash = "sha256-KYU8p8NRD4EIS/KhOk9nvmXCf0RWEc+IFZ57YtsDSWE=";
};
build-system = [ setuptools ];
dependencies = [
bleach
django
markdown
];
pythonImportsCheck = [ "markdownify" ];
meta = {
description = "Markdown template filter for Django";
homepage = "https://github.com/erwinmatijsen/django-markdownify";
license = lib.licenses.mit;
maintainers = with lib.maintainers; [ ];
};
}
pkgs/python/django-money/default.nix
-41
View File
@@ -1,41 +0,0 @@
{
lib,
buildPythonPackage,
fetchFromGitHub,
setuptools,
wheel,
django,
py-moneyed,
}:
buildPythonPackage rec {
pname = "django-money";
version = "3.2";
pyproject = true;
src = fetchFromGitHub {
owner = "django-money";
repo = "django-money";
rev = version;
hash = "sha256-eL26NsreUqtMJ26TmvmB53EJI4Sjs7qjFDnnt4N0vdI=";
};
build-system = [
setuptools
wheel
];
dependencies = [
django
py-moneyed
];
pythonImportsCheck = [ "djmoney" ];
meta = {
description = "Money fields for Django forms and models";
homepage = "https://github.com/django-money/django-money";
license = lib.licenses.bsd3;
maintainers = with lib.maintainers; [ ];
};
}
pkgs/python/django-q-sentry/default.nix
-37
View File
@@ -1,37 +0,0 @@
{
lib,
buildPythonPackage,
fetchFromGitHub,
poetry-core,
setuptools,
sentry-sdk,
}:
buildPythonPackage rec {
pname = "django-q-sentry";
version = "0.1.6";
pyproject = true;
src = fetchFromGitHub {
owner = "danielwelch";
repo = "django-q-sentry";
rev = "d3a43a90c82734244d5ebf3295652223053f1354";
hash = "sha256-3C7A+X18c7p19HWD/uPRtAMf29VjmrfXXh2z5PPOREY=";
};
build-system = [
poetry-core
setuptools
];
dependencies = [ sentry-sdk ];
pythonImportsCheck = [ "django_q_sentry" ];
meta = {
description = "Bringing Sentry error tracking to Django Q";
homepage = "https://github.com/danielwelch/django-q-sentry";
license = lib.licenses.mit;
maintainers = with lib.maintainers; [ ];
};
}
pkgs/python/django-recurrence/default.nix
-56
View File
@@ -1,56 +0,0 @@
{
lib,
buildPythonPackage,
fetchFromGitHub,
pdm-backend,
django,
flake8,
pytest,
pytest-cov,
pytest-django,
pytest-sugar,
python-dateutil,
sphinx,
sphinx-rtd-theme,
tox,
}:
buildPythonPackage rec {
pname = "django-recurrence";
version = "1.12.1";
pyproject = true;
src = fetchFromGitHub {
owner = "jazzband";
repo = "django-recurrence";
rev = version;
hash = "sha256-Q33zyMa1wI13RNLxynGAJHlagahpnFHCmZbHp0aPC/w=";
};
build-system = [ pdm-backend ];
dependencies = [
django
flake8
pytest
pytest-cov
pytest-django
pytest-sugar
python-dateutil
sphinx
sphinx-rtd-theme
tox
];
pythonRelaxDeps = true;
pythonImportsCheck = [ "recurrence" ];
meta = {
description = "Utility for working with recurring dates in Django";
homepage = "https://github.com/django-recurrence/django-recurrence";
changelog = "https://github.com/django-recurrence/django-recurrence/blob/${src.rev}/CHANGES.rst";
license = lib.licenses.bsd3;
maintainers = with lib.maintainers; [ ];
};
}
pkgs/python/django-slowtests/default.nix
-38
View File
@@ -1,38 +0,0 @@
{
lib,
buildPythonPackage,
fetchFromGitHub,
setuptools,
wheel,
django,
}:
buildPythonPackage rec {
pname = "django-slowtests";
version = "1.1.1";
pyproject = true;
src = fetchFromGitHub {
owner = "realpython";
repo = "django-slow-tests";
rev = version;
hash = "sha256-gW9AZiMpXJp1m2X1cbm6GdZ9cH+TFqjNLQJFmsvGjB0=";
};
build-system = [
setuptools
wheel
];
dependencies = [ django ];
pythonImportsCheck = [ "django_slowtests" ];
meta = {
description = "Locate your slowest tests";
homepage = "https://github.com/realpython/django-slow-tests";
changelog = "https://github.com/realpython/django-slow-tests/blob/${src.rev}/CHANGELOG.rst";
license = lib.licenses.mit;
maintainers = with lib.maintainers; [ ];
};
}
pkgs/python/django-stdimage/default.nix
-51
View File
@@ -1,51 +0,0 @@
{
lib,
buildPythonPackage,
fetchFromGitHub,
setuptools,
setuptools-scm,
wheel,
django,
pillow,
gettext,
}:
buildPythonPackage rec {
pname = "django-stdimage";
version = "6.0.2";
pyproject = true;
src = fetchFromGitHub {
owner = "codingjoe";
repo = "django-stdimage";
rev = version;
hash = "sha256-uwVU3Huc5fitAweShJjcMW//GBeIpJcxqKKLGo/EdIs=";
};
build-system = [
setuptools
setuptools-scm
wheel
];
dependencies = [
django
pillow
];
nativeBuildInputs = [ gettext ];
preBuild = ''
echo "bla bla"
echo $PATH
'';
pythonImportsCheck = [ "stdimage" ];
meta = {
description = "";
homepage = "https://github.com/codingjoe/django-stdimage";
license = lib.licenses.mit;
maintainers = with lib.maintainers; [ ];
};
}
pkgs/python/django-structlog/default.nix
-48
View File
@@ -1,48 +0,0 @@
{
lib,
buildPythonPackage,
fetchFromGitHub,
setuptools,
asgiref,
django,
django-ipware,
structlog,
celery,
django-extensions,
}:
buildPythonPackage rec {
pname = "django-structlog";
version = "9.1.1";
pyproject = true;
src = fetchFromGitHub {
owner = "jrobichaud";
repo = "django-structlog";
rev = version;
hash = "sha256-SEigOdlXZtfLAgRgGkv/eDNDAiiHd7YthRJ/H6e1v5U=";
};
build-system = [ setuptools ];
dependencies = [
asgiref
django
django-ipware
structlog
];
optional-dependencies = {
celery = [ celery ];
commands = [ django-extensions ];
};
pythonImportsCheck = [ "django_structlog" ];
meta = {
description = "";
homepage = "https://github.com/jrobichaud/django-structlog";
license = lib.licenses.mit;
maintainers = with lib.maintainers; [ ];
};
}
pkgs/python/django-user-sessions/default.nix
-39
View File
@@ -1,39 +0,0 @@
{
lib,
buildPythonPackage,
fetchFromGitHub,
setuptools,
setuptools-scm,
wheel,
django,
}:
buildPythonPackage rec {
pname = "django-user-sessions";
version = "2.0.0";
pyproject = true;
src = fetchFromGitHub {
owner = "jazzband";
repo = "django-user-sessions";
rev = version;
hash = "sha256-Wexy6G2pZ8LTnqtJkBZIePV7qhQW8gu/mKiQfZtgf/o=";
};
build-system = [
setuptools
setuptools-scm
wheel
];
dependencies = [ django ];
pythonImportsCheck = [ "user_sessions" ];
meta = {
description = "Extend Django sessions with a foreign key back to the user, allowing enumerating all user's sessions";
homepage = "http://github.com/jazzband/django-user-sessions";
license = lib.licenses.mit;
maintainers = with lib.maintainers; [ ];
};
}
pkgs/python/django-weasyprint/default.nix
-38
View File
@@ -1,38 +0,0 @@
{
lib,
buildPythonPackage,
fetchFromGitHub,
setuptools,
django,
weasyprint,
}:
buildPythonPackage rec {
pname = "django-weasyprint";
version = "2.4.0";
pyproject = true;
src = fetchFromGitHub {
owner = "fdemmer";
repo = "django-weasyprint";
rev = "v${version}";
hash = "sha256-eSh1p+5MyYb6GIEgSdlFxPzVCenlkwSCTkTzgKjezIg=";
};
build-system = [ setuptools ];
dependencies = [
django
weasyprint
];
pythonImportsCheck = [ "django_weasyprint" ];
meta = {
description = "A Django class-based view generating PDF resposes using WeasyPrint";
homepage = "https://github.com/fdemmer/django-weasyprint";
changelog = "https://github.com/fdemmer/django-weasyprint/blob/${src.rev}/CHANGELOG.md";
license = lib.licenses.asl20;
maintainers = with lib.maintainers; [ ];
};
}
pkgs/python/django-xforwardedfor-middleware/default.nix
-37
View File
@@ -1,37 +0,0 @@
{
lib,
buildPythonPackage,
fetchFromGitHub,
setuptools,
wheel,
django,
}:
buildPythonPackage rec {
pname = "django-xforwardedfor-middleware";
version = "2.0";
pyproject = true;
src = fetchFromGitHub {
owner = "allo-";
repo = "django-xforwardedfor-middleware";
rev = "v${version}";
hash = "sha256-dDXSb17kXOSeIgY6wid1QFHhUjrapasWgCEb/El51eA=";
};
build-system = [
setuptools
wheel
];
dependencies = [ django ];
pythonImportsCheck = [ "x_forwarded_for" ];
meta = {
description = "Use the X-Forwarded-For header to get the real ip of a request";
homepage = "https://github.com/allo-/django-xforwardedfor-middleware";
license = lib.licenses.publicDomain;
maintainers = with lib.maintainers; [ ];
};
}
pkgs/python/pip-licenses/default.nix
-74
View File
@@ -1,74 +0,0 @@
{
lib,
buildPythonPackage,
fetchFromGitHub,
setuptools,
setuptools-scm,
wheel,
prettytable,
tomli,
autopep8,
black,
docutils,
isort,
mypy,
pip-tools,
pypandoc,
pytest-cov,
pytest-pycodestyle,
pytestrunner,
tomli-w,
twine,
}:
buildPythonPackage rec {
pname = "pip-licenses";
version = "5.0.0";
pyproject = true;
src = fetchFromGitHub {
owner = "raimon49";
repo = "pip-licenses";
rev = "v-${version}";
hash = "sha256-6xw6BCuXSzNcwkpHaEFC5UPpubPUwhx/pg6vZq2er7A=";
};
build-system = [
setuptools
setuptools-scm
wheel
];
dependencies = [
prettytable
tomli
];
optional-dependencies = {
dev = [
autopep8
black
docutils
isort
mypy
pip-tools
pypandoc
pytest-cov
pytest-pycodestyle
pytestrunner
tomli-w
twine
wheel
];
};
pythonImportsCheck = [ "piplicenses" ];
meta = {
description = "Dump the license list of packages installed with pip";
homepage = "https://github.com/raimon49/pip-licenses";
changelog = "https://github.com/raimon49/pip-licenses/blob/${src.rev}/CHANGELOG.md";
license = lib.licenses.mit;
maintainers = with lib.maintainers; [ ];
};
}
pkgs/python/py-moneyed/default.nix
-42
View File
@@ -1,42 +0,0 @@
{
lib,
buildPythonPackage,
fetchFromGitHub,
setuptools,
wheel,
babel,
typing-extensions,
}:
buildPythonPackage rec {
pname = "py-moneyed";
version = "3.0";
pyproject = true;
src = fetchFromGitHub {
owner = "py-moneyed";
repo = "py-moneyed";
rev = "v${version}";
hash = "sha256-k0ZbLwog6TYxKDLZV7eH1Br8buMPfpOkgp+pMN/qdB8=";
};
build-system = [
setuptools
wheel
];
dependencies = [
babel
typing-extensions
];
pythonImportsCheck = [ "moneyed" ];
meta = {
description = "Provides Currency and Money classes for use in your Python code";
homepage = "http://github.com/py-moneyed/py-moneyed";
changelog = "https://github.com/py-moneyed/py-moneyed/blob/${src.rev}/CHANGES.rst";
license = lib.licenses.bsd3;
maintainers = with lib.maintainers; [ ];
};
}
pkgs/python/sentry-sdk/default.nix
-43
View File
@@ -1,43 +0,0 @@
{
lib,
buildPythonPackage,
fetchFromGitHub,
setuptools,
wheel,
certifi,
urllib3,
}:
buildPythonPackage rec {
pname = "sentry-sdk";
version = "2.26.1";
pyproject = true;
src = fetchFromGitHub {
owner = "getsentry";
repo = "sentry-python";
rev = version;
hash = "sha256-Wl8yq2X9GuPcqaS93hkKXs2cDzz282Xceaai4NjbVZY=";
fetchSubmodules = true;
};
build-system = [
setuptools
wheel
];
dependencies = [
certifi
urllib3
];
pythonImportsCheck = [ "sentry_sdk" ];
meta = {
description = "The official Python SDK for Sentry.io";
homepage = "https://github.com/getsentry/sentry-python";
changelog = "https://github.com/getsentry/sentry-python/blob/${src.rev}/CHANGELOG.md";
license = lib.licenses.mit;
maintainers = with lib.maintainers; [ ];
};
}
sops/machines/tangra/key.json
Executable
+6
View File
@@ -0,0 +1,6 @@
[
{
"publickey": "age14pdszyzzu9lwzhxs7xz7k94knvgensay9qr4p6j9z8qnqnvqup8qpvk6ra",
"type": "age"
}
]
sops/secrets/tangra-age.key/groups/admins
Symlink
+1
View File
@@ -0,0 +1 @@
../../../groups/admins
sops/secrets/tangra-age.key/secret
+46
View File
@@ -0,0 +1,46 @@
{
"data": "ENC[AES256_GCM,data:H6zKr5xrPfHM7L1PAA3yHY2T9K6/IPfPshUncIldSW/9mMFMbLz0d4E+hp5IZCm50fLl5PHFOjIK5h390knrH3fz0zzmCgE3kn4=,iv:5XiZsewvqB8Z5v+0IDrdHl2YjrpwX9BVOg63U5ME6Zc=,tag:L1S/TgS3Rq8Pp5EC1VITgQ==,type:str]",
"sops": {
"age": [
{
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBYZ1NobkZOY3V3bm5JNHdx\nZjhTbXkzVXNvUkE4UnNJRjFhc1dGc1loMndJCnBkWkZxM0Y2TDZORFVxek8zZWdG\nQ1h3Qy9pZmpWSzdmcE5RZlRaY3hBNWcKLS0tIG0wK01ya2pnT0NrMWdTRnp2WTI4\neFA3Ujk3N3VaNVpOQzNiSDVpNThGdWMKii698kqkazUHyoFmRogEAOuTwcjeQS/c\nhU2Hm4AAzb41G6KqH2LKxDhF3j4TZaKennSkC2bH5ruTbMHxNup7CQ==\n-----END AGE ENCRYPTED FILE-----\n",
"recipient": "age134vt63pjqpd0m7702fyn8vhdlzyj2deqc2q78sp9uw9052kxsgwq6d25ez"
},
{
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5R1lURmRWOTVyTU00SktX\nb1RaYWtpZHRleDdObC90VWhMemp0MDBBRmtVCi9iQ0dpaGFPQm9sUURwS2JGL1gr\nYmEzdHp4S0VNaHpVMFBwUmxweGE4RGsKLS0tIHFhUDh5QjFaVktzRloxMkhQVmk4\nbXNTczhoVmpZY28rRjZqbXBOYjNXcDgKGxmMonIfC9kgzIrkL3SQkiAPSPloZIDM\nT1+f4ydepFm0hPYn+/Bv/tdKkgpErRIT5xU+EE/Rt2WrxiyJzRSZyQ==\n-----END AGE ENCRYPTED FILE-----\n",
"recipient": "age17d4qt0n9edq57tgcqyk8eu5mrendl59yt6z2y3a4vkq7el8krqtq6lq28g"
},
{
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIEZZa044T252\nUXdGMVhTRzBxVGd1U1c4WktXeDRwQnRaNndOWUZKNUJ6eXcgQVEgd0l6SlBCVW1v\neDl5N0lHYmVrajZzVzVTYjd4WVdNVjZoZVlkUEtmVXlMdyBIdmtoczF0dmhxL1py\nS1hsc0ErckdoVVB0bE02RGdCNW5raERXT1ZJMTkzNjRGNHd2T3ZSTVYrKzZlbEll\nVTZKc2JVN1B2SzRuNkpaekhwSWJQaFZVQQpTMlZOeklYYUxVNERvQktxM29DMkVE\nd3NIRUpDcUpicVhnVEtKaXM1RU1nCi0tLSBFelMyYTVxaU40K0FKMXUzbGdvWUxH\nMUFyQkxNT0N5RE0zdHRxR2RkanZvCvyZswq45eIaE2IKLtx1Z2ayjAKthvmc9uQ/\nO5lIEaC44kgxrLXPJqk93fY2q1d0FaJMdBPRmQ5n5Y+T6yaqF0Y=\n-----END AGE ENCRYPTED FILE-----\n",
"recipient": "age1fido2-hmac1qqpf43tgcfjm048lsqskvq34w2t4uvrm5qy6m2eg6zjj82ctca8wctgpczxvj0q4y6337uhvsxdh5j86k9h9ymautpvv2759ucwnef75ez7pa7fpkddklp40mxk2tedsp74359g0kefn5rsq0x0yss6cu4yd0h06up0rp08t6yc4l0hfa9y8jn5fkx6nk0hjhz06ykwv0fyxe7z42q683jy0"
},
{
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIGVKUWM4dXY2\nNW5QK1VmN1I2dDhINnNDUXpMUmFsbDZXazlyZEI4WC9JVHMgQVEgZlFBRFNyWkNS\nRDJQaUJ3WWowTEcwaTk0Z0tiRHpQNmhkMTJZUlZHbHlEMCBtMzE5bzVQb1JmZkpy\nY0orbEs2RzBSVXA3UmZYZkRRanNnc2pHSnJjK1pLVmZOWGR4d0IwZjh1YXlkakRx\nTm5EMXR3ZjNHWGl0Ty8rcHpQbkcxRTZmZwpwSTN4TEdXQzJ6Q3pQLzA0VFV3YThy\nc0xQM2FKT2RkckNqRXFNRzZVU29rCi0tLSBOUEhTTWpmcy9TelE0YWZuM2RGdER1\nRi9EQXkrd2krUGNyc3drNXJsSnE4Cmyrlx1n0/TGV3ebUYYe/7zB0tpmAGyaTLER\nUshbqgbybtLAfiEyq9ZAolHhVmkQ1GCJbOaIzZUneOi5NYem1+k=\n-----END AGE ENCRYPTED FILE-----\n",
"recipient": "age1fido2-hmac1qqprw0vfpc8wzsu78quc777kmee54ln6nnsjrnrhl7nr33eh4kvkksqp05qqxj4kgfzrmrugrsvg7skx6ghh3q9xc0x0agthtkvy25d9eq7eklta5wf7s30hexkuyl5546rdz9ffa5tawlp5yweqkgccntw0ny540n2am3cqw3luhxkfmrp63kwr6mwplhr9u26wll48x0n3k5f60c7hg9a3"
},
{
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIHNJSVlBQXAw\nQWdDUVRuNUdhdkxORXFGc050Y3pKVWRuTlVTbURROS9wMTggQVEgZUh4S2o1R2RE\nV0svbnErTmxodXE2bUxJK3lla2lvajB3OXVwZHJtcHU5dyBKU3I4WFJnK3BOQXl0\nZDh5NTB5ZFlteFJIM2FVTVp5cmNyRXZqL1V0c0l6L0tSb0c5ZU9jbmRXMTIwb2c1\nQjZsREgzWUxaOXBUd2pQK2NncDZuUmZkZwpWNGllcTZtdmVoY2lTSHhOMkNtam9w\nb2dmOWlGdWsvcWZXN2pRMUJEcGZvCi0tLSBPTFA3OVdPK2hLd0pIZVJkbW50WkIw\nSmtPZXFkcTNoazVnTXYrR0NxVnA0Cu++kUfu1nrTWaa+p4KaRUpVa16L9xXkubQS\ntiRwmxYBhXgZn+jLPvDWqkBwNbbezD8QoY5bJsOaCoFvPoAB3sI=\n-----END AGE ENCRYPTED FILE-----\n",
"recipient": "age1fido2-hmac1qqpyewum3q8dfcumfgec8nn958aec9f4q9aqy0k06kw5kq27d6fdqdgp0p7y4ru3n5xk90u747xevxa2af3v37e85j9g3axrmw5hdwdfh0wz22hut5vrafxsx26a7vh8fjwkymz3ramfgvvu4detztu075kmpr8l9ydqda0rnjwatdwmfgswg849p37astvld98s3nleeq575azlwc2hhpuh"
},
{
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB0Ry9uaE04UzNLc2Mxbmgy\nRDFNNEtnTVh3U2xoZ08wVmxPSUV1cXpSTERZCjlEL1R0UWUyd0FiN1FtbnRuYnpV\nUUVoT0JzUDUwTzNvWVNic0hvaTFCZzQKLS0tIDF2UVp5WTJFRUxZN1B5SU5Uc3h6\neTBiMFo4ZnBSMFJBSHE4ejMwMFp5SzQKzaGWhdQJ70djvkOv0CMCyzBpWtgoyNog\nfXlSb1nEnx0S4n7BbQeUMcbNZR0Gz8BzfovJIokGeN2VI/CNc9NijA==\n-----END AGE ENCRYPTED FILE-----\n",
"recipient": "age1hlzrpqqgndcthq5m5yj9egfgyet2fzrxwa6ynjzwx2r22uy6m3hqr3rd06"
},
{
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5UGJSY0VEa01BVitIeTdu\ndGFXajF4WU5GUTFTT0hrL1B5RWtSTG9JSXp3Ck5SMFZFUDV1ZXNhNGRIenNFQU9N\ndlR1OVMyNnA0eC9RaVN5K0hGdVRXbjgKLS0tIDBsdFpnZGF2cWN3MEptN0M1TWhS\nUFdDbHVEWDhzYmUwRlRYWVMza0kreWMKpwl8k1XM+6czx+zWG5A2dTy6BIb6AxTw\nr04mzDlMG4M8KZAQ9n/ZhVJgAEIdyMckahQThpLDKPTY2PJvJF5/FQ==\n-----END AGE ENCRYPTED FILE-----\n",
"recipient": "age1sg0rvgyetdcqw7j2x983fh69kdkvqsngpe5x36e5920qa7fze3cqhj4wgx"
},
{
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBMZnQ0NjRQUExUVmpUekl3\nMk9HS2VDOU5FS0drZGZocTZNc3VRZmpEMnlJCmJ4S1cvY3RoRHErcUpxYUdaZmJn\nYlAwQ3c4VGV0MGkxT2NVMjJ2eUNEYncKLS0tIDNTVDRNN0NZaWJiMDk2WTR2aWov\nSzRsQm9wcWx3R2ZmZnZ4bnlmNmhtR0EK7KHcKUBvAEFB/65Pv/55POguBOOMw+t+\nFwlvTxPo5Ec94XAc/lqvOz/RfYF73Os4qiGzkZ8WXft7FHl9kkqfBg==\n-----END AGE ENCRYPTED FILE-----\n",
"recipient": "age1swlyyk2rzvevqawyeekv75nx2dz34zpe3xqhkqme26gcgeavy4dqrfpcd8"
},
{
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBIOFpnZWltdWIrRU1LblNt\nQ21xRE92a1FXQThkVkI4bk9WWFB6dzhkeFJVCnVjK2cxdUlyS2xYTTFKVm5mc3Fv\ndHVHQXBVRzJqQTBDMUxTVFkvczNnMlUKLS0tIEU1ZlFvcmFtdDJKcDJHYnRiMnZv\naHlCOEJKNmh3bHFhcHFMM2lhRC9GcDgK1vvGk+P2/DriuNi9pdwgsr99GAvZdPAp\nDWBG6cH9pSbLGu2+rsrOGPdQ+kgp7pz/XNEDFMMzL3Nh5LNk6+r3uQ==\n-----END AGE ENCRYPTED FILE-----\n",
"recipient": "age1vphy2sr6uw4ptsua3gh9khrm2cqyt65t46tusmt44z98qa7q6ymq6prrdl"
}
],
"lastmodified": "2026-05-28T06:47:03Z",
"mac": "ENC[AES256_GCM,data:XZLMRmecN1YpFNph8UgUzztJaKN71udV8bBsiTc+eyRD0BOdFBbCQ13sVf7YzGXthlyTG6jWSJRRWSQ0G+0B88GGIMzGDnxXafbQdd0swF6Ff41KftKvKtxAsUg3nMErUo+oQ7JM4RzOFsowi5qmdM/ANZokCc6c4xzVR6DZTAo=,iv:gwuk9sbxuWdKUyRE/rUcQ1WnoqKFfZFvCDwxxPQpQL8=,tag:Qqcmc354g7DuU4q0SSEiFw==,type:str]",
"version": "3.13.0"
}
}
sops/secrets/tangra-age.key/users/kurogeek
Symlink
+1
View File
@@ -0,0 +1 @@
../../../users/kurogeek
vars/per-machine/alasia/zerotier/zerotier-identity-secret/machines/alasia
-1
View File
@@ -1 +0,0 @@
../../../../../../sops/machines/alasia
vars/per-machine/bosona/zerotier/zerotier-identity-secret/machines/bosona
-1
View File
@@ -1 +0,0 @@
../../../../../../sops/machines/bosona
vars/per-machine/canopus/zerotier/zerotier-identity-secret/machines/canopus
-1
View File
@@ -1 +0,0 @@
../../../../../../sops/machines/canopus
vars/per-machine/deneb/zerotier/zerotier-identity-secret/machines/deneb
-1
View File
@@ -1 +0,0 @@
../../../../../../sops/machines/deneb
vars/per-machine/neptune/zerotier/zerotier-identity-secret/machines/neptune
-1
View File
@@ -1 +0,0 @@
../../../../../../sops/machines/neptune
vars/per-machine/petra/zerotier/zerotier-identity-secret/machines/petra
-1
View File
@@ -1 +0,0 @@
../../../../../../sops/machines/petra
vars/per-machine/ramus/zerotier/zerotier-identity-secret/machines/ramus
-1
View File
@@ -1 +0,0 @@
../../../../../../sops/machines/ramus
vars/per-machine/rana/zerotier/zerotier-identity-secret/machines/rana
-1
View File
@@ -1 +0,0 @@
../../../../../../sops/machines/rana
vars/per-machine/alasia/zerotier/zerotier-identity-secret/groups/admins → vars/per-machine/rigel/prometheus/envFile/groups/admins
View File
vars/per-machine/rigel/zerotier/zerotier-identity-secret/machines/rigel → vars/per-machine/rigel/prometheus/envFile/machines/rigel
View File
vars/per-machine/rigel/prometheus/envFile/secret
+46
View File
@@ -0,0 +1,46 @@
{
"data": "ENC[AES256_GCM,data:4A==,iv:puWqe9wemaf4LWrceRlgJ2V8UwU/QyUjJ1fVZV2d3AY=,tag:0YhPKSP8bAiAmy5oNMryDQ==,type:str]",
"sops": {
"age": [
{
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBLa1UyRzE5SHE0WEJjRmJP\nQ0dkc2hjR25QZUl1c1BUay83ZkRvbVd3Q0FJCngzUGNUKzVHTzdjUWdYWkhKdGR3\nSkRsRmdYVGlHVHdOcGI4RjBrc3JPWk0KLS0tIC9GNjMzZG91cHlWd0V0VU1Dc1BS\nTCtqS3RGa0pmTS9DU0J0ODVnNjJoU0EK7lKa6CcLw/GZl+/MDJvWZwDR07P1OHJM\n+Puxhvx/LsJrdqIsJhe/fWRMSQKGC9fKKFKmWaLw4gg373HGJgAFqA==\n-----END AGE ENCRYPTED FILE-----\n",
"recipient": "age134vt63pjqpd0m7702fyn8vhdlzyj2deqc2q78sp9uw9052kxsgwq6d25ez"
},
{
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBuOHJaenlveWVmMVFQNTFa\nZ29zODdQSGhsdU56NzFXeW1pakgwSWVYQVcwCmRjZ2dDWXBiQ3ZhZ2ZHcmxHWUhI\nTmJyRUNFRVlVTkl5d3Z4NmFBQUMvbzQKLS0tIFl5dzNBK0twSEpobUVXcTlpU0dl\nTWk2YitOU014dUlzK0swMUx4RDY0TFkKx6tVWtaN/hK+SwYwb6pZxfl0TnK9NSaK\nGuatmfVh0Uq+ZAkt2JplG4vkgn89TH2K5Pcp6ZtsSCEI0TbLgTzJoA==\n-----END AGE ENCRYPTED FILE-----\n",
"recipient": "age17d4qt0n9edq57tgcqyk8eu5mrendl59yt6z2y3a4vkq7el8krqtq6lq28g"
},
{
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIDZPN2kwZEhB\nK2VxVFVtNHRMOTFDLzRuQmo4bjZEZmV2S3RtQ3ZkT1c3Q2sgQVEgd0l6SlBCVW1v\neDl5N0lHYmVrajZzVzVTYjd4WVdNVjZoZVlkUEtmVXlMdyBIdmtoczF0dmhxL1py\nS1hsc0ErckdoVVB0bE02RGdCNW5raERXT1ZJMTkzNjRGNHd2T3ZSTVYrKzZlbEll\nVTZKc2JVN1B2SzRuNkpaekhwSWJQaFZVQQpxWVNacnFZcUYzcERwR2Q3VVFNSkNy\nN2tQSzdWd1hrcE5YdmtIeGJibFFNCi0tLSA4RXdKUEtmTEF6Q0V1UG4wbzVnZ0ty\nUktoN1p4Q2E3Yld0SUxnem4xRTRBCppRvqglk50LmlM3fVbzZr5OJPbFK4Y6oNuR\nWdhlYzruot4GSZioSdjEGYKgwZnMH6V+brA3G7PljxCJ9E6z5Q4=\n-----END AGE ENCRYPTED FILE-----\n",
"recipient": "age1fido2-hmac1qqpf43tgcfjm048lsqskvq34w2t4uvrm5qy6m2eg6zjj82ctca8wctgpczxvj0q4y6337uhvsxdh5j86k9h9ymautpvv2759ucwnef75ez7pa7fpkddklp40mxk2tedsp74359g0kefn5rsq0x0yss6cu4yd0h06up0rp08t6yc4l0hfa9y8jn5fkx6nk0hjhz06ykwv0fyxe7z42q683jy0"
},
{
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIDZwbEVySUV0\nTHdsSlFDZXJxSnF2WVVacThPTUlQSDhoL25nOS9ZN2p4amMgQVEgZlFBRFNyWkNS\nRDJQaUJ3WWowTEcwaTk0Z0tiRHpQNmhkMTJZUlZHbHlEMCBtMzE5bzVQb1JmZkpy\nY0orbEs2RzBSVXA3UmZYZkRRanNnc2pHSnJjK1pLVmZOWGR4d0IwZjh1YXlkakRx\nTm5EMXR3ZjNHWGl0Ty8rcHpQbkcxRTZmZwpzQTg2djRnYnlSaEhWQnNIeGtKMm5t\nc044alVDaXlKOGlGK0pFWlRucGFRCi0tLSBTeVJlYUdoYzU0KzRPd1A0aFNOZmtO\nckRydGFrR2lDeHUrREphcG9ZYVN3Cgl3xqfwOtFtBtmDgBIeaAJ0kbq2bFxTajh/\nOYl5VB+uNzzJiTb3+ZQWRm0zk13KEv1vtyxJ2GytVk26TVZb7PM=\n-----END AGE ENCRYPTED FILE-----\n",
"recipient": "age1fido2-hmac1qqprw0vfpc8wzsu78quc777kmee54ln6nnsjrnrhl7nr33eh4kvkksqp05qqxj4kgfzrmrugrsvg7skx6ghh3q9xc0x0agthtkvy25d9eq7eklta5wf7s30hexkuyl5546rdz9ffa5tawlp5yweqkgccntw0ny540n2am3cqw3luhxkfmrp63kwr6mwplhr9u26wll48x0n3k5f60c7hg9a3"
},
{
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIDBFSmMydm9Y\nSGovWFlqVFhFMzlmT3FyM1FkUXB4REF0UFFjbldHR1h2SG8gQVEgZUh4S2o1R2RE\nV0svbnErTmxodXE2bUxJK3lla2lvajB3OXVwZHJtcHU5dyBKU3I4WFJnK3BOQXl0\nZDh5NTB5ZFlteFJIM2FVTVp5cmNyRXZqL1V0c0l6L0tSb0c5ZU9jbmRXMTIwb2c1\nQjZsREgzWUxaOXBUd2pQK2NncDZuUmZkZwpsN1lORFVQc3Bwb29KM2xnMWRWRXJH\nK1lIajZieG5INjFpeCtWeEdoZGU4Ci0tLSA0SjcvVStLclRwR1R3S1dUdGI0S1NW\nRzEwWE5iWE9rMVRoRWYyc2RvSE0wCjtoHS/koa1ZqZdd5o3UhsD1JpoVZKntJUU2\nfOyAmuiARDbZZ3HFdlhXqJXg7BKO4xIzXbQbulJLHw7h2y9cxyU=\n-----END AGE ENCRYPTED FILE-----\n",
"recipient": "age1fido2-hmac1qqpyewum3q8dfcumfgec8nn958aec9f4q9aqy0k06kw5kq27d6fdqdgp0p7y4ru3n5xk90u747xevxa2af3v37e85j9g3axrmw5hdwdfh0wz22hut5vrafxsx26a7vh8fjwkymz3ramfgvvu4detztu075kmpr8l9ydqda0rnjwatdwmfgswg849p37astvld98s3nleeq575azlwc2hhpuh"
},
{
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBuQTJVVWpoNUhRTE1xZzRD\nYkc0QnB1WVpvUkV4Y0dVd3pkbmF5MWhLZERzCktOdnJ0a2J3NlJDSHdwamdMQXJW\nOTR6YlJTYm91Y0pnL2pIMDlrTlZYdFkKLS0tIExhbFhvTHdTWTlna2NJa3FJaHVY\nSjZoMmZiMFdRNXI5clk4K0YxWEYyWE0K2/ZweC6e80AANco8vk0gRjyw79CbIiM/\nWomvWTXMmABqeXqy+xQ5HKIhm8U2gYh+3VhmygAcGlDGE4Vha9j1Ng==\n-----END AGE ENCRYPTED FILE-----\n",
"recipient": "age1hlzrpqqgndcthq5m5yj9egfgyet2fzrxwa6ynjzwx2r22uy6m3hqr3rd06"
},
{
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBIUmh5bFFGWENhcUppdDFn\nQldUcURkYlgwOTZ1VE9OTGh2N3lCQW5OdVNZClg0NEtYRDlLNHI3S3hZa050Njdj\nOCtiQXdUaTFvL3p3a1U5K2FVU2pabWsKLS0tIDRVcDYvSkhqNFBZTjNTZmRpdjB5\nQVFCTFl2cC9qZTFpTjJzeGhyZ2JnYlUK1wKll+dXPHYBWtPKIbQ/yK0kjdnoRZy9\nRV2PYn5AiPhm+fdOrRxgn4NQxWfW7JEqSOXoUzh5wMy/6KUcVcYgRQ==\n-----END AGE ENCRYPTED FILE-----\n",
"recipient": "age1sg0rvgyetdcqw7j2x983fh69kdkvqsngpe5x36e5920qa7fze3cqhj4wgx"
},
{
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHaFBXRFNIY0JQZ0RZcC9s\nMkhmaDBEcVhMelRBcEVHbENOcmdNcUtUcFgwClFlR29qdGw5VUQ4c3ByZlhjTjRZ\ndUgxZHNsMTFIU0w4NVM0ODlsb2N3cXMKLS0tIG1uYTkyRkdzT0RKWitXVU1IdWdk\nNEZ1aUs3dDVEL1dMdVBPelJTUE1kbTQKrTamJfbqjhaIEWrp4s3eAbiYFCu+Yg3h\nS8nfEg+q8Yx/GDF3khhC76jrmh5SuPH6Mk3lB+1AGDAhVfOJd6IDaw==\n-----END AGE ENCRYPTED FILE-----\n",
"recipient": "age1swlyyk2rzvevqawyeekv75nx2dz34zpe3xqhkqme26gcgeavy4dqrfpcd8"
},
{
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSUDVWclhWQXA1N3prSzRR\nczFhMkJWL1E2V3JDYzJDK2p4UGlPMjhoRGt3Cm4xUkJVazAzaG8rS2dhT2xzWmdG\nSjV2K1RneU9kbVREMWVyZVU0bTNhMFkKLS0tIGRnNUJWM0lHaGdTZXUyMmpWT1Ur\nWWM2dWwvSmhtaGFjOEdpL21ueUlLZU0KCVGKuwrzz5EDRV5AGV2VyeEoNGy9D/k9\nHR1ppeL1dRJJ95jTv9rhMQ6/75EE4HL2d6WB92xY9RJwWe+D1JVadw==\n-----END AGE ENCRYPTED FILE-----\n",
"recipient": "age1vphy2sr6uw4ptsua3gh9khrm2cqyt65t46tusmt44z98qa7q6ymq6prrdl"
}
],
"lastmodified": "2026-06-17T08:48:13Z",
"mac": "ENC[AES256_GCM,data:7re9y/kZ6PxyTdBG0+i5eOJRPNqwGiOtZ6lP/sVq5wG8Z5XtavLLCnup5AL1yIh+Tx5z7a/lvsbKIIi/K9yV9Cq/9K3GUoTeP9V5CSTCMgBoOkgiyR7nnq8T4dvlU+YQdgPmivtUE9GhcuAn40NqvhgeCLOIzuek3Ndj/OSQ1DU=,iv:uCy1xuA0IyV3zx3ICvbHRpEaNLWP0MGwwcsbZub4anc=,tag:FU2KN3ThBUOVP+PW5fewnw==,type:str]",
"version": "3.13.1"
}
}
vars/per-machine/alasia/zerotier/zerotier-identity-secret/users/kurogeek → vars/per-machine/rigel/prometheus/envFile/users/kurogeek
View File
vars/per-machine/bosona/zerotier/zerotier-identity-secret/groups/admins → vars/per-machine/rigel/prometheus/matrix-alertmanager-token/groups/admins
View File
vars/per-machine/rigel/prometheus/matrix-alertmanager-token/machines/rigel
Symlink
+1
View File
@@ -0,0 +1 @@
../../../../../../sops/machines/rigel
vars/per-machine/rigel/prometheus/matrix-alertmanager-token/secret
+46
View File
@@ -0,0 +1,46 @@
{
"data": "ENC[AES256_GCM,data:o0SsURiJwWJuQR7WJBsVkAZJRWfMTuJjBM/1j9P2LXS56WzZxkOm1MY=,iv:FIy+Phvk1EkXdXJqkh/sLPK9JhswjVHasf2Itvj6iVg=,tag:KvdtWOMvxwnIGkIIM9hxJA==,type:str]",
"sops": {
"age": [
{
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTSXc4RU5CL0RsenZTS1FU\nTWcxSWNjN0xyTEFkK1FBZCtSQzRtWmtGMFZnCndDcnVPV1V6UFkwcXJzNCtLWElz\nKzZzYmhGVTVyYW9OcURkUnNiaTVsTEEKLS0tIDJqOEpGRzJlTlg0UGZGYUIzV2k0\nNTRSM3dSUTdSSjZIT0lxeERKeEIzbHMK37+rk7rxhzU8TAGdbWS7dGpHqYg7jf3e\nW13aGti/SPsb6MbBWLsZl8tUo6clsaG8liGPTN9dgGwOmxmzMOf1Zg==\n-----END AGE ENCRYPTED FILE-----\n",
"recipient": "age134vt63pjqpd0m7702fyn8vhdlzyj2deqc2q78sp9uw9052kxsgwq6d25ez"
},
{
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPTm04Y2o3VHM3elM5WG9h\nZVh5RWZncjFIWWVhczR6aFFqUlB4K2RGN2lRClByU09vWmNuOVVCTVYwNmwxdmRL\nUGJsS3AzbmJXeEZzZElLS1ZGTExoMTQKLS0tIHY5NmgzRWx0Wk8ybGlyRHBLZUlq\nUExjWHc3dmJ3OVV5bVgramltMGlidlUKXScM1IFNre3FUV0MksN1doRkwMzRyASw\nZuq+khDl7fVkKzdInJmjXqxySL1UdnB3jkDVu+71byWba96OuPxEwQ==\n-----END AGE ENCRYPTED FILE-----\n",
"recipient": "age17d4qt0n9edq57tgcqyk8eu5mrendl59yt6z2y3a4vkq7el8krqtq6lq28g"
},
{
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIG9POTQyMWRx\nNDFqM0M3TkxqMXE2RWRPRWVqRHdSNDdQRVVrWjJRakZ6RzAgQVEgd0l6SlBCVW1v\neDl5N0lHYmVrajZzVzVTYjd4WVdNVjZoZVlkUEtmVXlMdyBIdmtoczF0dmhxL1py\nS1hsc0ErckdoVVB0bE02RGdCNW5raERXT1ZJMTkzNjRGNHd2T3ZSTVYrKzZlbEll\nVTZKc2JVN1B2SzRuNkpaekhwSWJQaFZVQQpENnhsa0xQODZpOElmckk3UDZtY1BR\nS2NrdmJIQnk2RUMvYmM3NVJZQ3RFCi0tLSBsZE0xdjdkUFJhSVpWSjhOQkdnM1FR\nMVBvY3pDcko1SW5NK09pZ1FtQXB3Cgpa9CfThquMn+CwG83LFDoFjn5xJMDxmGgY\nAKhzHtV3jPsz7M15MyO/bxBNNEnUCBV6h3R9hFglty+hat+YwSU=\n-----END AGE ENCRYPTED FILE-----\n",
"recipient": "age1fido2-hmac1qqpf43tgcfjm048lsqskvq34w2t4uvrm5qy6m2eg6zjj82ctca8wctgpczxvj0q4y6337uhvsxdh5j86k9h9ymautpvv2759ucwnef75ez7pa7fpkddklp40mxk2tedsp74359g0kefn5rsq0x0yss6cu4yd0h06up0rp08t6yc4l0hfa9y8jn5fkx6nk0hjhz06ykwv0fyxe7z42q683jy0"
},
{
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIFh6b0NyZ1Ay\nSVRFbVBvc1EyMkI1VStOU2RJRDhtSWF2dkd1NGczcFh0blEgQVEgZlFBRFNyWkNS\nRDJQaUJ3WWowTEcwaTk0Z0tiRHpQNmhkMTJZUlZHbHlEMCBtMzE5bzVQb1JmZkpy\nY0orbEs2RzBSVXA3UmZYZkRRanNnc2pHSnJjK1pLVmZOWGR4d0IwZjh1YXlkakRx\nTm5EMXR3ZjNHWGl0Ty8rcHpQbkcxRTZmZwpOT0JMV2kvR203Z3dYUTU5akxCeUJt\nQ0dBY2ozRyttdExuNHVUSExlVzNrCi0tLSBVaG5hNUR0RHltelpYVGJVYThTdnZ3\ncXJDUklGOVZvenkrSy9ybWZOZzFFCnY6lJ/D2WGmwFDS+PqBSc2Lc52CeDDGrJvf\nZ+VEuQ5TjewREeG+AciA9yDmA05FwCCJXg3QYYM3zphv/YCNse4=\n-----END AGE ENCRYPTED FILE-----\n",
"recipient": "age1fido2-hmac1qqprw0vfpc8wzsu78quc777kmee54ln6nnsjrnrhl7nr33eh4kvkksqp05qqxj4kgfzrmrugrsvg7skx6ghh3q9xc0x0agthtkvy25d9eq7eklta5wf7s30hexkuyl5546rdz9ffa5tawlp5yweqkgccntw0ny540n2am3cqw3luhxkfmrp63kwr6mwplhr9u26wll48x0n3k5f60c7hg9a3"
},
{
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIEh0UThpMmRP\nM3RrNEVsd0xyaWU1SWk3bmVUVUFzSzlRYndFc09GZFRIQm8gQVEgZUh4S2o1R2RE\nV0svbnErTmxodXE2bUxJK3lla2lvajB3OXVwZHJtcHU5dyBKU3I4WFJnK3BOQXl0\nZDh5NTB5ZFlteFJIM2FVTVp5cmNyRXZqL1V0c0l6L0tSb0c5ZU9jbmRXMTIwb2c1\nQjZsREgzWUxaOXBUd2pQK2NncDZuUmZkZwp2b21oZzdSV1NKYzRXZ1FFNlJ6TzBo\ndDlmZ1RId25pNm9qNW44Rk4xd2NVCi0tLSBoMlhkSmZKUTJyeHF3ZUlibkNQc3J4\nTFgxMTRrUGt2RU8vc3JwL3hBYVprChOQYE+mm1xX1yDYTeGAB24+d3vOMu4hhrWz\nF+WxNFbJ2z4/fMx9hz7ZRN+ucgdBQbnp+ponpU30sv4a6GccYwA=\n-----END AGE ENCRYPTED FILE-----\n",
"recipient": "age1fido2-hmac1qqpyewum3q8dfcumfgec8nn958aec9f4q9aqy0k06kw5kq27d6fdqdgp0p7y4ru3n5xk90u747xevxa2af3v37e85j9g3axrmw5hdwdfh0wz22hut5vrafxsx26a7vh8fjwkymz3ramfgvvu4detztu075kmpr8l9ydqda0rnjwatdwmfgswg849p37astvld98s3nleeq575azlwc2hhpuh"
},
{
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB2YWRpNnpsQ1I2TFhmWjFQ\nQk0xa2lrSDAwQ2UyWkg1eVZZUUQ5eVFNYUdZClYyMEwrcVhraWQrUU0xTVRQQ3VH\nQy9nK0x1WDBnckVGRFdXMks3V2ROSWMKLS0tIGI5ZUg1aG9CeEJsbDhIVDFiTjlr\nTDF1OEJ4Mnhxd2VXL1JaL0dZOEpkQ00KcUXjwHmwEFE4zvkKGDCk+/VzV+INSJGa\n+E2EDdl8f1TJtahscnVSNMeuLSNoGjhTduis1vU6W9iapPK/RrV0sA==\n-----END AGE ENCRYPTED FILE-----\n",
"recipient": "age1hlzrpqqgndcthq5m5yj9egfgyet2fzrxwa6ynjzwx2r22uy6m3hqr3rd06"
},
{
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxREI3aXpiUCtaN1g2VWE2\ndENNdWVmOERVMVA2bUpqclNNQVdzUS9VYTFNCmszYXo2U0lRakg4Z2hiUVpDZ1RK\nVGV1QVJwMHpIM21JdStFcGJJTWluYW8KLS0tIGtRMW5qOVhzOWpGMUx1V1VpV1pm\nQ3h0UDhHUTQ0QWpMdDZsYXdMZVRkL2MKt3x8Z1Ue09IIKkWQ3yE57pSK5BCyFwjM\nitxSGpxr7xFE4npqIomkoTBvW2zx2KXpNqWBKTcC3hCu6cXYYjkQZw==\n-----END AGE ENCRYPTED FILE-----\n",
"recipient": "age1sg0rvgyetdcqw7j2x983fh69kdkvqsngpe5x36e5920qa7fze3cqhj4wgx"
},
{
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBCYzVxY1NPbHZZNTZXQjZp\nVkdtUmwydmMyb000OHN3cWpDWmxQZzVrMEZnCjQ4Y21KNEZteWxoYjhBYlZyZXdl\nTlpRZVpkRnlYbys2SnRJTVJ6L2kwN3cKLS0tIDBGWnNScGRSUUNoMHdEczlyNmQz\naE1QTU13aGxRMXFrNEo4UGpXWTBDMXcKFIbilE60GjX4F1UMn0vjZVsCK+bRUdp+\nvk5BhcTxeBR/sTmwIupPhCR169ChAch55tze1PrGiSnvTLy5sZ3mxg==\n-----END AGE ENCRYPTED FILE-----\n",
"recipient": "age1swlyyk2rzvevqawyeekv75nx2dz34zpe3xqhkqme26gcgeavy4dqrfpcd8"
},
{
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBU0UvM01penUyN3RrRWt2\nU1Q4UkowclUrSXFYa1orOVliYzNkMWVPa2trCm9kcmVIc1dySTBHL3pyam5NbVox\nV2t4dGVrWlh3WG0rK0xuNGVFeTc5ZU0KLS0tIGNIdVhVWSt2ZjB4TFIzR1RMUHBF\nZjVwNE80VUhjbGhmcWFyWkRGd0xoZXcK6WhrAUsXfExGYT0i6s8Zx/9+NrvloOoa\nuFg13x79D6gkWW0thDv+b/G/K4QcimwqITwe+4bhSpt/0sADs5BcXg==\n-----END AGE ENCRYPTED FILE-----\n",
"recipient": "age1vphy2sr6uw4ptsua3gh9khrm2cqyt65t46tusmt44z98qa7q6ymq6prrdl"
}
],
"lastmodified": "2026-06-17T08:48:49Z",
"mac": "ENC[AES256_GCM,data:2HzQ5vupFUjDPjXQYnPZdnZXFCLqV47f92UnBxWEne27XoAUocHTiaLL0rqkdDmALdB6TX4uDqCPUyVF0MlAQXTAnRd1hDRSZG3XtkB6zTVYnDpU3wDdOKyqFgb812Va/o/RqX1ZX+b4CUAOB5+iXrP6PvfjgeY1vUlQCOAPxn0=,iv:8x/WzjklBp9nba+LRPhzie+0NNUDKnqBa7WLO2m7oqI=,tag:+FS5AxBx18aGlZgJfdw6MA==,type:str]",
"version": "3.13.1"
}
}
vars/per-machine/bosona/zerotier/zerotier-identity-secret/users/kurogeek → vars/per-machine/rigel/prometheus/matrix-alertmanager-token/users/kurogeek
View File
vars/per-machine/rigel/zerotier/zerotier-identity-secret/groups/admins
-1
View File
@@ -1 +0,0 @@
../../../../../../sops/groups/admins
vars/per-machine/rigel/zerotier/zerotier-identity-secret/users/kurogeek
-1
View File
@@ -1 +0,0 @@
../../../../../../sops/users/kurogeek
vars/per-machine/sirius/zerotier/zerotier-identity-secret/groups/admins
-1
View File
@@ -1 +0,0 @@
../../../../../../sops/groups/admins
vars/per-machine/sirius/zerotier/zerotier-identity-secret/machines/sirius
-1
View File
@@ -1 +0,0 @@
../../../../../../sops/machines/sirius
vars/per-machine/sirius/zerotier/zerotier-identity-secret/users/kurogeek
-1
View File
@@ -1 +0,0 @@
../../../../../../sops/users/kurogeek
vars/per-machine/tangra/openssh-cert/.validation-hash
+1
View File
@@ -0,0 +1 @@
9c6a25028e3d8c9821d2af3ee592080d0fa152d38346930c1f04951787d2e734
vars/per-machine/tangra/openssh-cert/ssh.id_ed25519-cert.pub/value
+1
View File
@@ -0,0 +1 @@
ssh-ed25519-cert-v01@openssh.com AAAAIHNzaC1lZDI1NTE5LWNlcnQtdjAxQG9wZW5zc2guY29tAAAAIDKzbKyaQywfgti9trDJGnnCptpuA8ayfxZHE6ST3TMjAAAAIDxgNyEJ7VktnhHLiISIeJn5j0mTzgRrKK+aZJBIImxHAAAAAAAAAAAAAAACAAAABnRhbmdyYQAAAA8AAAALdGFuZ3JhLmNsYW4AAAAAAAAAAP//////////AAAAAAAAAAAAAAAAAAAAMwAAAAtzc2gtZWQyNTUxOQAAACCH0ihJXtD/Ff8S+ANZV8eZbgwjI6/H3sfP3NZdzzJ6sAAAAFMAAAALc3NoLWVkMjU1MTkAAABA1LI0WlRoj0pARALAKV5sfOdqZ0BPcbQ/DOdvAKMtHr+s4j1AZRHVB/kh7SrZFoXf1UBechTbVTVcXF5IZjUPDQ== /tmp/vars-i3mdwzkm/in/openssh/ssh.id_ed25519.pub
vars/per-machine/tangra/openssh/ssh.id_ed25519.pub/value
+1
View File
@@ -0,0 +1 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDxgNyEJ7VktnhHLiISIeJn5j0mTzgRrKK+aZJBIImxH
vars/per-machine/canopus/zerotier/zerotier-identity-secret/groups/admins → vars/per-machine/tangra/openssh/ssh.id_ed25519/groups/admins
View File

Some files were not shown because too many files have changed in this diff Show More