upRootNutrition/dotfiles
1
0
Fork 0
mirror of https://gitlab.com/upRootNutrition/dotfiles.git synced 2025-08-08 21:04:38 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat: added prompter

Browse source
This commit is contained in:
Nick 2025-07-27 14:53:26 -05:00
parent 5b6204b7af
commit 25a1884975
5 changed files with 100 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

40
modules/config/instances/config/prompter.nix Executable file
View file

@ -0,0 +1,40 @@
{ moduleFunctions }:
let
inherit (moduleFunctions.instancesFunctions)
domain0
sslPath
sopsPath
;
label = "Prompter";
name = "prompter";
subdomain = "prompter";
domain = "${subdomain}.${domain0}";
in
{
label = label;
name = name;
short = "upRoot";
sops = {
path0 = "${sopsPath}/${name}";
};
domains = {
url0 = domain;
};
tags = [
name
"blog"
];
paths = {
path0 = "/var/lib/${name}/dist";
path1 = "";
path2 = "";
};
ports = {
port0 = 1234;
};
ssl = {
cert = "${sslPath}/${domain0}/fullchain.pem";
key = "${sslPath}/${domain0}/key.pem";
};
}

1
modules/nixos/default.nix
View file

@ -65,6 +65,7 @@ in
vaultwarden vaultwarden
website website
comfyui comfyui
prompter
; ;
}; };
}; };

1
modules/nixos/services/acme/default.nix
View file

@ -42,6 +42,7 @@ in
"syncthing" "syncthing"
"vaultwarden" "vaultwarden"
"opencloud" "opencloud"
"prompter"
] ]
) )
++ (map ++ (map

54
modules/nixos/services/prompter/default.nix Normal file
View file

@ -0,0 +1,54 @@
{ config, flake, ... }:
let
inherit (flake.config.services.instances)
prompter
;
service = prompter;
host = prompter.domains.url0;
in
{
services = {
caddy = {
environmentFile = config.sops.secrets."caddy/prompter-auth".path;
virtualHosts = {
"${host}" = {
extraConfig = ''
basicauth {
{$CADDY_AUTH_USER} {$CADDY_AUTH_PASSWORD_HASH}
}
root * ${service.paths.path0}
file_server
encode gzip
try_files {path} /index.html
tls ${service.ssl.cert} ${service.ssl.key}
'';
};
};
};
};
sops =
let
sopsPath = secret: {
path = "${service.sops.path0}/${service.name}-${secret}";
owner = "caddy";
mode = "600";
};
in
{
secrets = builtins.listToAttrs (
map
(secret: {
name = "${service.name}/${secret}";
value = sopsPath secret;
})
[
"${service.name}-auth"
]
);
};
systemd.tmpfiles.rules = [
"Z ${service.paths.path0} 755 caddy caddy -"
"Z ${service.sops.path0} 755 caddy caddy -"
];
}

6
secrets/secrets.yaml
View file

@ -49,6 +49,8 @@ firefly-iii-key: ENC[AES256_GCM,data:tLJfwB8De1vdGeccr4SxifU7KYAfnasoXISvz5mSR28
firefly-iii-pass: ENC[AES256_GCM,data:eJwIM4YHnXTqTOUfU/0CKMSS534VEZIxkBviI1pd7R4=,iv:pUv8ok5nLDGeCcP2hsTculk+MPPAjkupidQO0Jkc3Wc=,tag:zq7+lFjdOr5ORpthqXW8EA==,type:str] firefly-iii-pass: ENC[AES256_GCM,data:eJwIM4YHnXTqTOUfU/0CKMSS534VEZIxkBviI1pd7R4=,iv:pUv8ok5nLDGeCcP2hsTculk+MPPAjkupidQO0Jkc3Wc=,tag:zq7+lFjdOr5ORpthqXW8EA==,type:str]
opencloud: opencloud:
env: ENC[AES256_GCM,data:JZOs+86/jhHtXuOb4fsk4ceZuFpSa6PAMN2/vmGlvlXvsx/Yk2ZXeZZU0jtwweN8Sk61A2538OdPpfKynBgwsZ2SgoxAIyJtQl3HZWdZzNZ6+/t+AFvvav/x9nUv1O5704FP5OYOMniQAmqu0ds0JIX3YV/cstoo+rNhNW2emlVhj2ABYhTxy0BFJ8A+Re9y5FN5WT4tmloF/21ZrIwtTw8ULQPCksJfTFwEE+cCN3aIWZn00/4zUuv6CEtZeKeOeLxgQL+G2pPhNrQzG+lw+AKLzXA2mJM+3Zfq0MplyXeFCLkV1GCHksrMPp2w5j2RdtfcdE9IP+tXoD/fZNfYgCK1Pk/JhkXcV9EPbz4KUL/+OpgFqh+RvKGPXH2iTV0B8t2Ag7NowxULI2jKw0c=,iv:1ClzjY1n48cQ9bdBewM5A5Lr/c13HbSSYJ7xYCwZDzA=,tag:FavwE2sX+wSgKOEpywFeMw==,type:str] env: ENC[AES256_GCM,data:JZOs+86/jhHtXuOb4fsk4ceZuFpSa6PAMN2/vmGlvlXvsx/Yk2ZXeZZU0jtwweN8Sk61A2538OdPpfKynBgwsZ2SgoxAIyJtQl3HZWdZzNZ6+/t+AFvvav/x9nUv1O5704FP5OYOMniQAmqu0ds0JIX3YV/cstoo+rNhNW2emlVhj2ABYhTxy0BFJ8A+Re9y5FN5WT4tmloF/21ZrIwtTw8ULQPCksJfTFwEE+cCN3aIWZn00/4zUuv6CEtZeKeOeLxgQL+G2pPhNrQzG+lw+AKLzXA2mJM+3Zfq0MplyXeFCLkV1GCHksrMPp2w5j2RdtfcdE9IP+tXoD/fZNfYgCK1Pk/JhkXcV9EPbz4KUL/+OpgFqh+RvKGPXH2iTV0B8t2Ag7NowxULI2jKw0c=,iv:1ClzjY1n48cQ9bdBewM5A5Lr/c13HbSSYJ7xYCwZDzA=,tag:FavwE2sX+wSgKOEpywFeMw==,type:str]
caddy:
prompter-auth: ENC[AES256_GCM,data:KsbdZqs3cTTB4gFBlwosY64axFx+Qe+Q1Ulch2YZJXr3L8Jf05luWsbd1+MS7ZxO0C1M9lryNqFTynAntyp4gXSvN3f8/saAHmiG4Y2jlT8OLaqjZULw1TOlsDXK6CeQkyD6LO6jKrtBEPjS,iv:IBbV0+/ENY/pwn5xfxVPKwn4YpwGmZnRtmA86sppabw=,tag:9YbeHqXFi2KyvuEKgQx9sQ==,type:str]
sops: sops:
age: age:
- recipient: age19dpncsdphdt2tmknjs99eghk527pvdrw0m29qjn2z2gg3et5tdtqycqhl0 - recipient: age19dpncsdphdt2tmknjs99eghk527pvdrw0m29qjn2z2gg3et5tdtqycqhl0
@ -60,7 +62,7 @@ sops:
bXBOa1VSakoyaWxpODJEOU11QUZCaUEK8Ch9Ten3DdrPHF1DTH2qei85AlHUOaLD bXBOa1VSakoyaWxpODJEOU11QUZCaUEK8Ch9Ten3DdrPHF1DTH2qei85AlHUOaLD
aNfzakake7ej+MxJYdKEU0bcWofNMKzIlZa2uM10KZSENDP8d8qlig== aNfzakake7ej+MxJYdKEU0bcWofNMKzIlZa2uM10KZSENDP8d8qlig==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2025-07-25T06:12:33Z" lastmodified: "2025-07-27T19:49:15Z"
mac: ENC[AES256_GCM,data:dpVTESsBlx5m/3zT3s6kUQOl1jP4ktEifhSFj0rhluT0WKzgHS0SCA5KuIc8vEzpleZg1rfMIm50Hvm3tu0DiM9xpJ0biyp3zUqInVXUxHBHKmBtXdLxqbYJPu67YnnY+Ue50bAH1soz9yLlWOGvMsYStFc66B5ixX14BRgyhIQ=,iv:JibGwXaCQ1qAV7Maapt0lg2pLUGDmWJKrWiJRab9wsM=,tag:wQNN+Sgbkhzj6hYm0xd2xA==,type:str] mac: ENC[AES256_GCM,data:G8wx83DyZRoq7LFazBNzBk/KCg2uYZ4XBCXH9vPDIIdycKdpKd5/Akh1LcPZg8f7bB4BfmENrFY3pG0CE/J9Xev5O+UHof/z+PNp0bTEQDses0XgCZCeeaOykERtzflibQwj0gOeMfO9a5h5wzLi8Qlk53uQXnoPn+jb3x/sE3Y=,iv:BsMg/NPCIO13bHLPtREewbthnPBk4rC4KZRyeM5yHN4=,tag:LN89FZVpF5IwdqHAjCtz8Q==,type:str]
unencrypted_suffix: _unencrypted unencrypted_suffix: _unencrypted
version: 3.10.2 version: 3.10.2