diff --git a/flake.lock b/flake.lock index d81e244..771fa48 100644 --- a/flake.lock +++ b/flake.lock @@ -57,6 +57,21 @@ "type": "github" } }, + "flake-utils": { + "locked": { + "lastModified": 1634851050, + "narHash": "sha256-N83GlSGPJJdcqhUxSCS/WwW5pksYf3VP1M13cDRTSVA=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "c91f3de5adaf1de973b797ef7485e441a65b8935", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, "home-manager-21_05": { "inputs": { "nixpkgs": "nixpkgs_2" @@ -112,6 +127,24 @@ "type": "github" } }, + "naersk_2": { + "inputs": { + "nixpkgs": "nixpkgs_7" + }, + "locked": { + "lastModified": 1635777496, + "narHash": "sha256-8y2gyBTD0CMYbiTlmpLNEtvC7c/Al4qIToHTXN0L4kU=", + "owner": "nix-community", + "repo": "naersk", + "rev": "5bed2dbf074d95627a9c35bf262eb577ade97bb9", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "naersk", + "type": "github" + } + }, "nixpkgs": { "locked": { "lastModified": 1632086102, @@ -218,6 +251,34 @@ "type": "github" } }, + "nixpkgs_7": { + "locked": { + "lastModified": 1635956637, + "narHash": "sha256-65J/mVWr0M1y/59QOGSq6jOqiYYo6zoURJqdc0EzSZA=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "e01b7650cc3e2240021f2b094d31c2ff8815b926", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "type": "indirect" + } + }, + "nixpkgs_8": { + "locked": { + "lastModified": 1635956637, + "narHash": "sha256-65J/mVWr0M1y/59QOGSq6jOqiYYo6zoURJqdc0EzSZA=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "e01b7650cc3e2240021f2b094d31c2ff8815b926", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "type": "indirect" + } + }, "nur": { "locked": { "lastModified": 1635473664, @@ -268,7 +329,8 @@ "nixpkgs-unstable": "nixpkgs-unstable", "nur": "nur", "rnix-lsp": "rnix-lsp", - "sops-nix": "sops-nix" + "sops-nix": "sops-nix", + "youmubot": "youmubot" } }, "sops-nix": { @@ -318,6 +380,27 @@ "repo": "flake-utils", "type": "github" } + }, + "youmubot": { + "inputs": { + "flake-utils": "flake-utils", + "naersk": "naersk_2", + "nixpkgs": "nixpkgs_8" + }, + "locked": { + "lastModified": 1635964639, + "narHash": "sha256-q6qKQbsFyFntIHaz7ORnCFk0b4c0Ew3wUuHKo/Ra11E=", + "owner": "natsukagami", + "repo": "youmubot", + "rev": "b254f5085aaf6ed462268ef47a9234c76cc1a894", + "type": "github" + }, + "original": { + "owner": "natsukagami", + "ref": "flake-module", + "repo": "youmubot", + "type": "github" + } } }, "root": "root", diff --git a/flake.nix b/flake.nix index 77d040c..6584926 100644 --- a/flake.nix +++ b/flake.nix @@ -18,6 +18,7 @@ rnix-lsp.url = "github:nix-community/rnix-lsp"; rnix-lsp.inputs.naersk.follows = "naersk"; rnix-lsp.inputs.nixpkgs.follows = "nixpkgs-unstable"; + youmubot.url = "github:natsukagami/youmubot/flake-module"; }; outputs = { self, darwin, nixpkgs, nixpkgs-unstable, home-manager-unstable, home-manager-21_05, deploy-rs, sops-nix, nur, ... }@inputs: @@ -62,6 +63,7 @@ system = "x86_64-linux"; modules = [ ./modules/my-tinc + inputs.youmubot.nixosModule.x86_64-linux sops-nix.nixosModules.sops ./nki-personal-do/configuration.nix (overlayForSystem "x86_64-linux") diff --git a/nki-personal-do/configuration.nix b/nki-personal-do/configuration.nix index e6f6a8b..8cc1c76 100644 --- a/nki-personal-do/configuration.nix +++ b/nki-personal-do/configuration.nix @@ -65,4 +65,11 @@ tls.keyFile = "${config.cloud.traefik.certsDumper.destination}/${config.cloud.mail.hostname}/privatekey.key"; usersFile = config.sops.secrets.mail-users.path; }; + + # Youmubot + sops.secrets.youmubot-env = {}; + services.youmubot = { + enable = true; + envFile = config.sops.secrets.youmubot-env.path; + }; } diff --git a/nki-personal-do/secrets/secrets.yaml b/nki-personal-do/secrets/secrets.yaml index d9dc3b6..8bf3e90 100644 --- a/nki-personal-do/secrets/secrets.yaml +++ b/nki-personal-do/secrets/secrets.yaml @@ -3,6 +3,7 @@ cloudflare-dns-api-token: ENC[AES256_GCM,data:2ny3JehpK30fTUDKrbzHv1QOczriChRyMQ #ENC[AES256_GCM,data:KWrVRQg+cLm5MUdfsYrh7hkI4CWkl4Z0sDj0769eebeXDy+veixrQrxh1ZW+ro3WLwoIdU/IH5DPM4TWYn2qoM5aDHjGX764pr1x,iv:uZHBsGvSHv9vd/Wragl1dYNJ+8vCcMit2K3SrMFlz7s=,tag:7z4LyADfQvXsM2vvtWru8w==,type:comment] traefik-dashboard-users: ENC[AES256_GCM,data:kviapOq+xzxhjryse+5DaZbXRS/LEYyjqqFbHymXAZVEkWlu0T5pZ2bxSNCbXN+tXnb0u+6YPgGCaRNPLW74AF1hO8W8QqlLDA==,iv:41bwPyFQcuOLILTjLWUu5Kcnct/MaIIJsMbllc+n7Y0=,tag:17HyUjfRUcLGb0FrUm1O2A==,type:str] mail-users: ENC[AES256_GCM,data:66tQo045ekEQJncnDLdJiQ6NneyRW9i0J3mr9fejo1SnB1OBRnEf++d36sL/Yi2fGhM2Mh2kObutodDGijYrx4ZtEDAxFzOuvEoLH+HpwAdHAcQ=,iv:jZ5EAEC2s0Z35uY6j4tQ8JLAOACmLAuavdMW0udhpzU=,tag:Y7dwqEiccQ8a1SwhIPAMfA==,type:str] +youmubot-env: ENC[AES256_GCM,data:m/NGN8r6Caq2tTHeVWV9y5fol9r36aKYYXLjHaa0AR+0XpVeJdXVZxPfQtzX4uo09rOGAPE4lepO05weo7mvEjI5m5QJ4FWrw0/HkLm4SUWnTnDU6BlK7l4K/2Ayz7jmD6GLWI+KcOSjEmma9GXNkVwDnxVrwaAWYOfDqDJMjMES/1S8OgCe5+74MCgNeefIwgXnmmxVMpl8fAdnOgovh1zRvcKPVrN5T0ia39IatDERwegas+q8t90Jjw==,iv:IEFvaMWzgClbHbsxGTdP5EdGayHQgggOT9CU7oAyMtE=,tag:GoEEcGCNHMimzltDit4kzA==,type:str] sops: kms: [] gcp_kms: [] @@ -18,8 +19,8 @@ sops: NUovcTZlOVpyTm5WWGkyUmdLRUVpcmMK1YIwNE/5avvplxqtUFs1JZn7f2AuTzyR lRtXUm8InT5GwV50Ot6FLdai5aVxpicafduH/J5RSAXqL8LssQi7HA== -----END AGE ENCRYPTED FILE----- - lastmodified: "2021-11-01T22:35:16Z" - mac: ENC[AES256_GCM,data:EMJWOssHLTHQ/5/7OkMex5sN0oBPnEpeWLQQnlTkMeahtdO3p5isYNPfnFGLQR/2XyfeBJ/uvVUDI7T1k/Cc5Mr6bUwPAXRhKhOm50uQxxgI7i73BsNkyDMwJGAN0ZAPy2Rw3yjPorI0sVrmarQSBKPcLNspKTn9jcn9nMLuzrI=,iv:1neuIRh5A8ODu2O+ytMoFVNo3n8w6Kru1XgrJ3YGzB4=,tag:/BLZOrWCTck8v/3QFe9vXw==,type:str] + lastmodified: "2021-11-03T17:28:33Z" + mac: ENC[AES256_GCM,data:JICFnGmMmYVJuRuEe6kxnHzJ72NYKLdquSSKW6e2DolY7SrD82kxN8SI2xUDeJficwpIO28iJ1OV7MHWRuAfdUGdwqwU9SLjpM3n6FO5VqiB+/w3SRVK4W2HlKPIB4I/VbooX+6apSnuUSOjlav2ticbS+tpxAnnsj6aLAAPfuE=,iv:2WIXd/fBqOHmVj4KrXdmKudMmr5G2pRC7H4/eGPqILQ=,tag:EQbszkEZkinbCNv3NU9t1w==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.7.1