genebean/dots
1
0
Fork 0
mirror of https://github.com/genebean/dots.git synced 2026-03-27 01:17:42 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Tandoor the nix way

Browse source
This commit is contained in:
Gene Liverman 2024-07-07 19:42:04 -04:00
parent 94c68ba9b2
commit cb67bc6a28
2 changed files with 34 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

30
modules/hosts/nixos/nixnuc/default.nix
View file

@ -350,6 +350,32 @@ in {
"/orico/jellyfin/staging/downloaded-files" "/orico/jellyfin/staging/downloaded-files"
"/var/backup/postgresql" "/var/backup/postgresql"
]; ];
tandoor-recipes = {
enable = true;
address = "0.0.0.0";
extraConfig = {
#ALLOWED_HOSTS=*
#COMMENT_PREF_DEFAULT=1
DB_ENGINE = "django.db.backends.postgresql";
#DEBUG=0
#DEBUG_TOOLBAR=0
#FRACTION_PREF_DEFAULT=0
#GUNICORN_MEDIA=0
POSTGRES_DB = "tandoor";
POSTGRES_HOST = "127.0.0.1";
# This sucks, but this module doesn't support pulling the password from a file
POSTGRES_PASSWORD = "yummy-flat-bread-with-garlic";
POSTGRES_PORT = 5432;
POSTGRES_USER = "tandoor";
#REMOTE_USER_AUTH=0
SECRET_KEY_FILE = config.sops.secrets.tandoor_secret_key.path;
#SHOPPING_MIN_AUTOSYNC_INTERVAL=5
#SQL_DEBUG=0
MEDIA_ROOT = "/orico/tandoor-recipes/mediafiles";
};
port = 8080;
};
zfs.autoScrub.enable = true; zfs.autoScrub.enable = true;
}; };
@ -366,6 +392,10 @@ in {
path = "/home/${username}/.private-env"; path = "/home/${username}/.private-env";
}; };
nextcloud_admin_pass.owner = config.users.users.nextcloud.name; nextcloud_admin_pass.owner = config.users.users.nextcloud.name;
tandoor_db_pass.mode = "0444";
tandoor_db_pass.path = "/orico/tandoor-recipes/.dbpass";
tandoor_secret_key.mode = "0444";
tandoor_secret_key.path = "/orico/tandoor-recipes/.skey";
}; };
}; };

6
modules/hosts/nixos/nixnuc/secrets.yaml
View file

@ -3,6 +3,8 @@ local_git_config: ENC[AES256_GCM,data:Nqwog5C4wnRzNoS4oqaYQ4J1DIj7fUL1y/nXESquR0
local_private_env: ENC[AES256_GCM,data:qOPXTS2uo/1jyVEKCtBvuK/dzZaPf1K5tHuSVF2hBg4fdPYIsDPkM108cGVxJviebB3xVZejn/JVOdUDXQj6,iv:TtyMTOJXaPUrbSaAdtMaGPBlwLl/Y/IBYVCzhhiZozY=,tag:hUyVL8xk3w1iMwNAZw5QUw==,type:str] local_private_env: ENC[AES256_GCM,data:qOPXTS2uo/1jyVEKCtBvuK/dzZaPf1K5tHuSVF2hBg4fdPYIsDPkM108cGVxJviebB3xVZejn/JVOdUDXQj6,iv:TtyMTOJXaPUrbSaAdtMaGPBlwLl/Y/IBYVCzhhiZozY=,tag:hUyVL8xk3w1iMwNAZw5QUw==,type:str]
nextcloud_admin_pass: ENC[AES256_GCM,data:KztB3Tkqlt73PEO41lthGYElrbwVdfqQgT6f,iv:kRwXqGJO4AUOMq+uYzndGhscaJiyvG4ANKabHHd78YM=,tag:dP3PgKafDTv8x7huKJGDqA==,type:str] nextcloud_admin_pass: ENC[AES256_GCM,data:KztB3Tkqlt73PEO41lthGYElrbwVdfqQgT6f,iv:kRwXqGJO4AUOMq+uYzndGhscaJiyvG4ANKabHHd78YM=,tag:dP3PgKafDTv8x7huKJGDqA==,type:str]
psitransfer_dot_env: ENC[AES256_GCM,data:bhvU0AOCjecZ62BtLw4H1DdkLeatI+uUl6L7UkdDRkBF3sayO45Z1eR4q60tflXucyTGhT8WgKFz53I+C2dn265wzojIRc3Xr4TBLyWpfJ7/dct40SckgUiRvOnrefiriWQ=,iv:DGMhDkzgeupzzTJnCdVWDPUSo2wxI3MAypKQwVfHExE=,tag:KbteGqrkqgj2XB1lvlk/yQ==,type:str] psitransfer_dot_env: ENC[AES256_GCM,data:bhvU0AOCjecZ62BtLw4H1DdkLeatI+uUl6L7UkdDRkBF3sayO45Z1eR4q60tflXucyTGhT8WgKFz53I+C2dn265wzojIRc3Xr4TBLyWpfJ7/dct40SckgUiRvOnrefiriWQ=,iv:DGMhDkzgeupzzTJnCdVWDPUSo2wxI3MAypKQwVfHExE=,tag:KbteGqrkqgj2XB1lvlk/yQ==,type:str]
tandoor_db_pass: ENC[AES256_GCM,data:X0unx5jquLsUXadbF6xLjjeGY+f8Ec4kdc15JQ==,iv:XptlJHfAkF+3jbgJTqxhVReYjuVVdk3NzfPepP78DRI=,tag:3RG5P9QGCJ/fjdxWpY1xWA==,type:str]
tandoor_secret_key: ENC[AES256_GCM,data:aSQRdtWUZQzy5rvQBPAvYFvwTqyu16UGrvUayxqi2WdsTOfqOyxQ7ywNEy/g/qPqSbwM,iv:kbct/gvfYhU6GOhkomY80o/Sx5mr9FY9SAFJGNrj3Ow=,tag:v+LKQ9UM5nzzd77By7TnGg==,type:str]
sops: sops:
kms: [] kms: []
gcp_kms: [] gcp_kms: []
@ -18,8 +20,8 @@ sops:
bHZlNTZDV2NYU1hQQy9mem80SFF6TFkKfmjkJBfTdh0vTtGaVx1t3tHJvSsAwdYD bHZlNTZDV2NYU1hQQy9mem80SFF6TFkKfmjkJBfTdh0vTtGaVx1t3tHJvSsAwdYD
PF025X9U+yG2oIopwXEVBkxcD70eyuJn3OqH0xoVLBkbhNM9i8LHrA== PF025X9U+yG2oIopwXEVBkxcD70eyuJn3OqH0xoVLBkbhNM9i8LHrA==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2024-06-30T17:57:48Z" lastmodified: "2024-07-04T21:34:21Z"
mac: ENC[AES256_GCM,data:FqpNhClCyAjZvxt0bXOULwr9GqpR+vMg7l0wTdqGUllGUffsb/IO2rnP3J8KNhsnVVyHWndYwVTv3u7lzkKfgSIFJ1Qi5q05w6Hy1fPkPw5ycxz7H1Tq0Ck1mOmkQfM459+lue4QJAqPI0OOBZ/15MB2NH3++7rdltmBwlsRfSI=,iv:9mMKldTd5zhZX7iX/M2MRzHq7fbVPzRIbiMFLdjTowY=,tag:zKUsu9k72E+hmQ0TFC4cbw==,type:str] mac: ENC[AES256_GCM,data:gL7TbCjZNu3yF8oyEcFr367XymzSYRvltGJPG5jK/nbztKFV72Fl2gpdprch+P67dDxDFoJL1NvDDmHt6yM0WfdDPJS/ivMlgi9Sg5ZG2S5OyBBUxDbkp/6BXwJQ9eY72ee3SmufE+cTjUNF0ANxueznHpFhXLp/1Fj9TixgHM4=,iv:s2cE9lrjNvuYT96WXOJZaAomt3VWIzHFQqPncZyydhk=,tag:MGI4OmNfEDSB8jE7wxDamQ==,type:str]
pgp: [] pgp: []
unencrypted_suffix: _unencrypted unencrypted_suffix: _unencrypted
version: 3.8.1 version: 3.8.1