wurzel/fruitbasket
9
1
Fork 0
Code Issues 5 Pull requests Packages Projects Releases Wiki Activity

Compare commits

base: wurzel:5294cd68f86369fa07ee260afc1c8e74b9938a3a
Branches Tags
wurzel:main
wurzel:purgetunus
wurzel:upgrade-24.05
wurzel:monitoring
wurzel:nix-remote
..
compare: wurzel:7d34b4d0da3a26457ae83a35a0792163fe6415ed
Branches Tags
wurzel:main
wurzel:purgetunus
wurzel:upgrade-24.05
wurzel:monitoring
wurzel:nix-remote

1 commit
5294cd68f8 ... 7d34b4d0da

Author SHA1 Message Date
Rouven Seifert 7d34b4d0da
keycloak: init 2024-05-02 13:21:16 +02:00
6 changed files with 15 additions and 19 deletions
Show stats Expand all files Collapse all files

5
hosts/quitte/configuration.nix
View file

@ -1,4 +1,4 @@
{ pkgs, ... }: { config, pkgs, ... }:
{ {
imports = imports =
@ -53,6 +53,9 @@
value = "10000"; value = "10000";
} }
]; ];
# Enable the OpenSSH daemon.
services.openssh.enable = true;
services.openssh.settings.PermitRootLogin = "yes";
systemd = { systemd = {
services.nix-daemon.serviceConfig = { services.nix-daemon.serviceConfig = {

8
modules/core/base.nix
View file

@ -29,13 +29,7 @@
}; };
# Enable the OpenSSH daemon. # Enable the OpenSSH daemon.
services.openssh = { services.openssh.enable = true;
enable = true;
settings = {
PermitRootLogin = "yes";
PasswordAuthentication = false;
};
};
programs.mosh.enable = true; programs.mosh.enable = true;
# vs code server # vs code server

2
modules/decisions.nix
View file

@ -6,7 +6,7 @@ in
sops.secrets."decisions_env" = { }; sops.secrets."decisions_env" = { };
virtualisation.oci-containers = { virtualisation.oci-containers = {
containers.decisions = { containers.decisions = {
image = "ghcr.io/fsr/decisions"; image = "decisions";
volumes = [ volumes = [
"/var/lib/nextcloud/data/root/files/FSR/protokolle:/protokolle:ro" "/var/lib/nextcloud/data/root/files/FSR/protokolle:/protokolle:ro"
]; ];

3
modules/monitoring.nix
View file

@ -1,4 +1,4 @@
{ config, ... }: { config, pkgs, ... }:
let let
domain = "monitoring.${config.networking.domain}"; domain = "monitoring.${config.networking.domain}";
in in
@ -11,7 +11,6 @@ in
inherit domain; inherit domain;
http_addr = "127.0.0.1"; http_addr = "127.0.0.1";
http_port = 2342; http_port = 2342;
root_url = "https://monitoring.ifsr.de";
}; };
database = { database = {
type = "postgres"; type = "postgres";

2
overlays/default.nix
View file

@ -13,7 +13,7 @@ in
}; };
})); }));
# (hopefully) fix systemd journal reading # (hopefully) fix systemd journal reading
prometheus-postfix-exporter = prev.prometheus-postfix-exporter.overrideAttrs (_old: { prometheus-postfix-exporter = prev.prometheus-postfix-exporter.overrideAttrs (old: {
patches = [ patches = [
./prometheus-postfix-exporter/0001-cleanup-also-catch-milter-reject.patch ./prometheus-postfix-exporter/0001-cleanup-also-catch-milter-reject.patch
]; ];

8
secrets/quitte.yaml
View file

@ -1,5 +1,5 @@
nextcloud_adminpass: ENC[AES256_GCM,data:v6FYsO/RklPSz5uf6aYQDhdudHb0962I1WxJM3VGc0af6s/fEz2j+UTu,iv:WzS+jU7qmNQbd1RWDempdu4nv0ytWeybF/PKoc4mvTc=,tag:1CF3ZnQNDLv11j7UoyYsjg==,type:str] nextcloud_adminpass: ENC[AES256_GCM,data:v6FYsO/RklPSz5uf6aYQDhdudHb0962I1WxJM3VGc0af6s/fEz2j+UTu,iv:WzS+jU7qmNQbd1RWDempdu4nv0ytWeybF/PKoc4mvTc=,tag:1CF3ZnQNDLv11j7UoyYsjg==,type:str]
hedgedoc_session_secret: ENC[AES256_GCM,data:WO3j/Sp0LHyNC51jdzChKB46KLU7l57TBVNL3v92sjs=,iv:HVizKMCd+d9cTQEzRncRpv9scldg5Nn2fBRz0D58OOg=,tag:8HZttVgZs4Ah8JWTDaTySA==,type:str] hedgedoc_session_secret: ENC[AES256_GCM,data:WFbqr6VX12rpiPuIPlQnwOMdHM1B0yk2PYuuanbqREE=,iv:Iih4/GNs9qN+AM6fdaTJLmmPQIzxIwXHUZttP1Up6qs=,tag:IVZQId4yxbePVQqJB9+3iw==,type:str]
nix-serve: nix-serve:
key: ENC[AES256_GCM,data:GptsUgeXOOrwJctoMZ+mWXcw9DwJ0f0LOlLyMlH/877N4uA5/NtNKIaFHl3z2GWPRBnDLBzDEO1Q6EDuWbakr+Uq4zTJm2MOV6Qf4kM0BlNpXGIdjvh7tD2La7GV4ID+CT8U6p0E,iv:3A/Yy4PHsq9VdhW4SKIYdpd1enQ5cDiKLk5S9VrH0b4=,tag:WZzbct7LZmOhEvx9KVQ8WA==,type:str] key: ENC[AES256_GCM,data:GptsUgeXOOrwJctoMZ+mWXcw9DwJ0f0LOlLyMlH/877N4uA5/NtNKIaFHl3z2GWPRBnDLBzDEO1Q6EDuWbakr+Uq4zTJm2MOV6Qf4kM0BlNpXGIdjvh7tD2La7GV4ID+CT8U6p0E,iv:3A/Yy4PHsq9VdhW4SKIYdpd1enQ5cDiKLk5S9VrH0b4=,tag:WZzbct7LZmOhEvx9KVQ8WA==,type:str]
keycloak: keycloak:
@ -21,7 +21,7 @@ postfix_ldap_aliases: ENC[AES256_GCM,data:beJTXpJYlAz4vyv2rAyuMtU2gkwf4JNnsFAG0o
vaultwarden_env: ENC[AES256_GCM,data:JFySiTHahlUFsM+FcuSJPnGYMijphrnZpFFdoNe7DYxWjIgPRWdfH9WC/a5GsK2xCJXllXAASHNxgkYRrdPw2KaCiUR/QhAjtUmyv2NsIBcMYStafDUEK9emddR+ACedScsgS0FtP8f3cz1enTBi+DkYgL8lMAoCw5p8vMRyE9mVOLpTUDOO7T4=,iv:992REuXzHAxxhy2BbeCGNhTZkn8eSi8N2RyBXqqy7U0=,tag:iP5AFQqzoR66AkTGfYAUZg==,type:str] vaultwarden_env: ENC[AES256_GCM,data:JFySiTHahlUFsM+FcuSJPnGYMijphrnZpFFdoNe7DYxWjIgPRWdfH9WC/a5GsK2xCJXllXAASHNxgkYRrdPw2KaCiUR/QhAjtUmyv2NsIBcMYStafDUEK9emddR+ACedScsgS0FtP8f3cz1enTBi+DkYgL8lMAoCw5p8vMRyE9mVOLpTUDOO7T4=,iv:992REuXzHAxxhy2BbeCGNhTZkn8eSi8N2RyBXqqy7U0=,tag:iP5AFQqzoR66AkTGfYAUZg==,type:str]
directus_env: ENC[AES256_GCM,data:TzZhYDS+ix2kY6gVZj98E2W7IbqWBpwUCz4n9UUyLI2jnySnjD+AJZ8WM/r6LEGFYAdBAsuynRqui2k5OuaZhDhjm9acaH7DdCiuslvL0V7vJS70GDjBFzAQglqM3w2uqsfqDSs89FpuuvkGRBLrLeXIg5wmkx21wQA=,iv:jcLNwjbgFbgAXBlnjoLV9EXFI+il/hRpd+Cc/D/wUMo=,tag:Vp5uEqnZC6L+CfNFbxNw/w==,type:str] directus_env: ENC[AES256_GCM,data:TzZhYDS+ix2kY6gVZj98E2W7IbqWBpwUCz4n9UUyLI2jnySnjD+AJZ8WM/r6LEGFYAdBAsuynRqui2k5OuaZhDhjm9acaH7DdCiuslvL0V7vJS70GDjBFzAQglqM3w2uqsfqDSs89FpuuvkGRBLrLeXIg5wmkx21wQA=,iv:jcLNwjbgFbgAXBlnjoLV9EXFI+il/hRpd+Cc/D/wUMo=,tag:Vp5uEqnZC6L+CfNFbxNw/w==,type:str]
strukturbot_env: ENC[AES256_GCM,data:klTFgdNvdMYA++GsmqEHdhklZ5JUreP2Lh+5E0mj5iH7F8Run6/gAdHBJpCWEe2Q3o6RdZduy+kCXzJWznkLbEASxgJNcAWdFq2CU4ov0Z6rGS6i/X376Yc6I7oYLfQSd58r8Q/rhFl2qXkCiSGJYNvo6vGh6+b/TdTABwAnvj/k81n2SsSpoMOu9/1Pyop7QNVMuAtXaE/sca1KPtU/Yg3DrKczxKzKppReafIs7ICI/760N/H0Wwh6rtw51mfQxxOW9UpPXmnEFI8b+07pVsgNoSbzPCMaAoxf6LFnTnqtFRNS0N7rX3DrP6GSv2A8Bwm5of0sLhIm3gAAQ2iXp2di+BOi7uRqFVtNZ18XGPil8FVEkeIFdmhjCJAOJRyuANl3JsaqRk4lT1qMglyjHtCodP5rvVe+pALzpihNPIQPy0Tes2GOM4Q6ww4UxZrgevNHz7CnEMSEPU8Hjb63UkZTZbj2HxF8,iv:a2NyivM34Z/V/ir+NzsXNm73sp6uASYDiqDOG2ix2JE=,tag:buP1Hcvt3dEW249BWNBKkw==,type:str] strukturbot_env: ENC[AES256_GCM,data:klTFgdNvdMYA++GsmqEHdhklZ5JUreP2Lh+5E0mj5iH7F8Run6/gAdHBJpCWEe2Q3o6RdZduy+kCXzJWznkLbEASxgJNcAWdFq2CU4ov0Z6rGS6i/X376Yc6I7oYLfQSd58r8Q/rhFl2qXkCiSGJYNvo6vGh6+b/TdTABwAnvj/k81n2SsSpoMOu9/1Pyop7QNVMuAtXaE/sca1KPtU/Yg3DrKczxKzKppReafIs7ICI/760N/H0Wwh6rtw51mfQxxOW9UpPXmnEFI8b+07pVsgNoSbzPCMaAoxf6LFnTnqtFRNS0N7rX3DrP6GSv2A8Bwm5of0sLhIm3gAAQ2iXp2di+BOi7uRqFVtNZ18XGPil8FVEkeIFdmhjCJAOJRyuANl3JsaqRk4lT1qMglyjHtCodP5rvVe+pALzpihNPIQPy0Tes2GOM4Q6ww4UxZrgevNHz7CnEMSEPU8Hjb63UkZTZbj2HxF8,iv:a2NyivM34Z/V/ir+NzsXNm73sp6uASYDiqDOG2ix2JE=,tag:buP1Hcvt3dEW249BWNBKkw==,type:str]
decisions_env: ENC[AES256_GCM,data:JOi4V3TOH/qcDwcEeyrFrmfQlQpTOhX6syXOZv2K3Qo3poRLTLgNVEX0bWMIsSr5ACIvfoi8yMYOePJj2wOZoewqJw/Tr+4reGwHmMfgAxfZhD/ykFOBIGGdqEstAT335q8+T/xOkv7+9M8wWbmzFeQC7M9XdmoVBIVkTEuZb9OpCp91WEY8h1/2LTwf9+hGKNVZ4LkfbrLRed1RyWLjW0JD5kJebRJvSC5qnOhv4nz4iGAECl+1DokNWHrvFJGOm47f1uXtXoBXVnaXhhrkZ2j9r7nUpZpCITeJH5x8beJc7drmaoQs3PlLTcaKEeujNtwknYnBC4eUXx+78phYfA==,iv:pqIMRbNOIlK3ddUMpn8qDKz4tGFyAU6DyIzfuIkxSwc=,tag:ZterxIhIxeYLPiYsewVzBg==,type:str] decisions_env: ENC[AES256_GCM,data:yuxfgdEGYGAqrKqQ6TIKcRXMBluOKeCz8hMXeLxFRXKx1cKn11fGvS7LCtRoFTeHUvBjzb5VLdQkjb6OFYT35Ck7GKk5ZceN,iv:B7brAFVed1Ck5jCqp0VvnYHD/rtDbyYv9/gWx8Kwfpw=,tag:ki/dhuiK4QWxfRqOQR7Otw==,type:str]
course-management: course-management:
secret-key: ENC[AES256_GCM,data:zMoIj8gjNmLdSbQmFo8n1pDIKaUUMzPfVoKkPlqNtm4=,iv:AM5wwvAFXKVss4N2/lK6bKYHV/4Bv5EOz2MVTxAPF1w=,tag:ARzQUVVjz+HhUT+JAISHkA==,type:str] secret-key: ENC[AES256_GCM,data:zMoIj8gjNmLdSbQmFo8n1pDIKaUUMzPfVoKkPlqNtm4=,iv:AM5wwvAFXKVss4N2/lK6bKYHV/4Bv5EOz2MVTxAPF1w=,tag:ARzQUVVjz+HhUT+JAISHkA==,type:str]
adminpass: ENC[AES256_GCM,data:EariUHHtWirIXuRARj7lEneAOlKcjca9T+J0oH2xPv99w4ac1cRrvEVD,iv:cjC/+AnZdwWXkJOIAE36Hk/if4fqofVFf0H8WkHkRY8=,tag:M+s4hPzSp8eR76M/7TKXPg==,type:str] adminpass: ENC[AES256_GCM,data:EariUHHtWirIXuRARj7lEneAOlKcjca9T+J0oH2xPv99w4ac1cRrvEVD,iv:cjC/+AnZdwWXkJOIAE36Hk/if4fqofVFf0H8WkHkRY8=,tag:M+s4hPzSp8eR76M/7TKXPg==,type:str]
@ -50,8 +50,8 @@ sops:
c2lzVGV6WnVQT1pOTTVwRUxlMWZobWsK0CrDl2ELoYOTrMt3uN3mgBSyaYqOQY4I c2lzVGV6WnVQT1pOTTVwRUxlMWZobWsK0CrDl2ELoYOTrMt3uN3mgBSyaYqOQY4I
vBK12PV9FR9GFpKN4kGB03PZ0gV0N1zlcCHpnPCUuHwbCvvF2+vCag== vBK12PV9FR9GFpKN4kGB03PZ0gV0N1zlcCHpnPCUuHwbCvvF2+vCag==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2024-05-06T09:24:11Z" lastmodified: "2024-05-02T11:20:32Z"
mac: ENC[AES256_GCM,data:yfIPRbPOMLbO70u4+/BENICJL2w1PSfWTEwYx4d807ZoKJFp/urHetRgSpkZuRy+MgooetNaHqQdR9y7+hv2L4rUqn8BXRvZCLSbrsUhoeszyYUgzbWFprDDJGpkpOc5RfBjOKCFckr05gc0Gdfh0Fg77dzOOzJ15B3TflGiLqY=,iv:J5q2kGzAQoHc0fcJgyeBY+LXudW9HS5Kc59IVf1w7As=,tag:aVFQxKXi6sdwmw+P3qvY+A==,type:str] mac: ENC[AES256_GCM,data:0GUoloHyDEnX/u7SWSSwT/WA0rOJIidtYMFmVkTO3xkWHZqwILDhvW93hGoxDqTQle/MIXcN20nD3530DfhODLOWEfOuiYEJstR9Zx3LIa9MdJgjFj777zEhqfQ10oQ6VbQEmYNBX+7GvXNMbwFYQMU9xTggF0DGTCr+KPjSJ44=,iv:DHdAZQYMGLOGBN5D6hd/WCvNzkS1x9eQMFCBNJZ05zo=,tag:vNQTRueukDtg9g/Vgp0huw==,type:str]
pgp: pgp:
- created_at: "2024-02-29T15:23:23Z" - created_at: "2024-02-29T15:23:23Z"
enc: |- enc: |-