From 27c1859aced23e9150ec1dcd8f233a91bd6ef54f Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 30 Nov 2025 14:57:21 -0600 Subject: [PATCH 01/13] test: trying to fix opencloud --- .../opencloud/ceresOpenCloud/default.nix | 20 +++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-) diff --git a/modules/nixos/guests/opencloud/ceresOpenCloud/default.nix b/modules/nixos/guests/opencloud/ceresOpenCloud/default.nix index fe4cc78..f79373a 100755 --- a/modules/nixos/guests/opencloud/ceresOpenCloud/default.nix +++ b/modules/nixos/guests/opencloud/ceresOpenCloud/default.nix @@ -75,7 +75,9 @@ in }; tmpfiles.rules = [ - "Z ${serviceCfg.varPaths.path0} 0755 ${serviceCfg.name} ${serviceCfg.name} -" + "d ${serviceCfg.varPaths.path0} 0755 ${serviceCfg.name} ${serviceCfg.name} -" + "L+ /etc/opencloud/proxy.yaml - - - - /etc/static/opencloud/proxy.yaml" + "z /etc/opencloud 0700 opencloud opencloud -" ]; }; @@ -83,8 +85,8 @@ in systemd.services.systemd-networkd.wantedBy = [ "multi-user.target" ]; microvm = { - vcpu = 2; - mem = 1024 * 3; + vcpu = 1; + mem = 1024 * 1; hypervisor = "qemu"; interfaces = [ { @@ -115,9 +117,16 @@ in { mountPoint = "/var/lib/${serviceCfg.name}"; proto = "virtiofs"; - source = serviceCfg.mntPaths.path0; + source = "${serviceCfg.mntPaths.path0}/data"; tag = "${serviceCfg.name}_data"; } + { + mountPoint = "/etc/opencloud"; + proto = "virtiofs"; + source = "${serviceCfg.mntPaths.path0}/config"; + tag = "${serviceCfg.name}_config"; + } + { mountPoint = "/run/secrets"; proto = "virtiofs"; @@ -132,6 +141,7 @@ in bottom trashy fastfetch + opencloud ; }; @@ -165,8 +175,6 @@ in systemd = { tmpfiles.rules = [ "d ${serviceCfg.mntPaths.path0} 0751 microvm wheel - -" - "d ${serviceCfg.mntPaths.path0}/storage 0755 opencloud opencloud - -" - "d ${serviceCfg.mntPaths.path0}/storage/users 2775 opencloud wheel - -" ]; }; From 2d09ad63596c6d776f14b391ec89796f1270e734 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 30 Nov 2025 16:18:57 -0600 Subject: [PATCH 02/13] test: trying to fix opencloud --- .../opencloud/ceresOpenCloud/default.nix | 21 ++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) diff --git a/modules/nixos/guests/opencloud/ceresOpenCloud/default.nix b/modules/nixos/guests/opencloud/ceresOpenCloud/default.nix index f79373a..1529666 100755 --- a/modules/nixos/guests/opencloud/ceresOpenCloud/default.nix +++ b/modules/nixos/guests/opencloud/ceresOpenCloud/default.nix @@ -53,6 +53,24 @@ in opencloud = { path = [ pkgs.inotify-tools ]; }; + # opencloud-copy-secrets = { + # description = "Copy secrets from virtiofs to local filesystem"; + # before = [ ".service" ]; + # requiredBy = [ ".service" ]; + + # serviceConfig = { + # Type = "oneshot"; + # RemainAfterExit = true; + # }; + + # script = '' + # mkdir -p /etc/opencloud-secrets + # cp /run/secrets/projectenv /etc/opencloud-secrets/env + # chmod 755 /etc/opencloud-secrets + # chmod 644 /etc/opencloud-secrets/* + # ''; + # }; + }; network = { enable = true; @@ -126,7 +144,6 @@ in source = "${serviceCfg.mntPaths.path0}/config"; tag = "${serviceCfg.name}_config"; } - { mountPoint = "/run/secrets"; proto = "virtiofs"; @@ -175,6 +192,8 @@ in systemd = { tmpfiles.rules = [ "d ${serviceCfg.mntPaths.path0} 0751 microvm wheel - -" + "d ${serviceCfg.mntPaths.path0}/data 0751 microvm wheel - -" + "d ${serviceCfg.mntPaths.path0}/config 0751 microvm wheel - -" ]; }; From 3edcf0883b872d4d6dae9cd8c3e7baaa6d9dc5cd Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 30 Nov 2025 16:32:34 -0600 Subject: [PATCH 03/13] test: trying to fix opencloud --- .../opencloud/ceresOpenCloud/default.nix | 35 +++++++++---------- 1 file changed, 16 insertions(+), 19 deletions(-) diff --git a/modules/nixos/guests/opencloud/ceresOpenCloud/default.nix b/modules/nixos/guests/opencloud/ceresOpenCloud/default.nix index 1529666..d99f801 100755 --- a/modules/nixos/guests/opencloud/ceresOpenCloud/default.nix +++ b/modules/nixos/guests/opencloud/ceresOpenCloud/default.nix @@ -30,7 +30,7 @@ in port = serviceCfg.ports.port0; address = localhost; stateDir = "/var/lib/${serviceCfg.name}"; - environmentFile = "/run/secrets/projectenv"; + environmentFile = "/etc/opencloud-secrets/env"; }; openssh = { @@ -53,24 +53,21 @@ in opencloud = { path = [ pkgs.inotify-tools ]; }; - # opencloud-copy-secrets = { - # description = "Copy secrets from virtiofs to local filesystem"; - # before = [ ".service" ]; - # requiredBy = [ ".service" ]; - - # serviceConfig = { - # Type = "oneshot"; - # RemainAfterExit = true; - # }; - - # script = '' - # mkdir -p /etc/opencloud-secrets - # cp /run/secrets/projectenv /etc/opencloud-secrets/env - # chmod 755 /etc/opencloud-secrets - # chmod 644 /etc/opencloud-secrets/* - # ''; - # }; - + opencloud-copy-secrets = { + description = "Copy secrets from virtiofs to local filesystem"; + before = [ "opencloud-init-config.service" ]; + requiredBy = [ "opencloud-init-config.service" ]; + serviceConfig = { + Type = "oneshot"; + RemainAfterExit = true; + }; + script = '' + mkdir -p /etc/opencloud-secrets + cp /run/secrets/projectenv /etc/opencloud-secrets/env + chmod 755 /etc/opencloud-secrets + chmod 644 /etc/opencloud-secrets/* + ''; + }; }; network = { enable = true; From 6a7fb05c690e13af63037157b78df8ff11accf02 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 30 Nov 2025 16:59:47 -0600 Subject: [PATCH 04/13] test: trying to fix opencloud --- .../opencloud/ceresOpenCloud/default.nix | 21 ++++++++++++------- 1 file changed, 13 insertions(+), 8 deletions(-) diff --git a/modules/nixos/guests/opencloud/ceresOpenCloud/default.nix b/modules/nixos/guests/opencloud/ceresOpenCloud/default.nix index d99f801..de68f49 100755 --- a/modules/nixos/guests/opencloud/ceresOpenCloud/default.nix +++ b/modules/nixos/guests/opencloud/ceresOpenCloud/default.nix @@ -63,6 +63,7 @@ in }; script = '' mkdir -p /etc/opencloud-secrets + mkdir /etc/static/opencloud cp /run/secrets/projectenv /etc/opencloud-secrets/env chmod 755 /etc/opencloud-secrets chmod 644 /etc/opencloud-secrets/* @@ -171,16 +172,20 @@ in services.caddy.virtualHosts = { "${host}" = { - extraConfig = '' - reverse_proxy ${serviceCfg.interface.ip}:${toString serviceCfg.ports.port0} { - header_up X-Real-IP {remote_host} - } + extraConfig = + let + credPath = "/var/lib/acme/${host}"; + in + '' + reverse_proxy ${serviceCfg.interface.ip}:${toString serviceCfg.ports.port0} { + header_up X-Real-IP {remote_host} + } - redir /.well-known/carddav /remote.php/dav/ 301 - redir /.well-known/caldav /remote.php/dav/ 301 + redir /.well-known/carddav /remote.php/dav/ 301 + redir /.well-known/caldav /remote.php/dav/ 301 - tls /var/lib/acme/${host}/fullchain.pem /var/lib/acme/${host}/key.pem - ''; + tls ${credPath}/fullchain.pem ${credPath}/key.pem + ''; }; }; From ac0ba3e5d61ba402e4e03c9b2823e7ca3732dce8 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 30 Nov 2025 17:04:02 -0600 Subject: [PATCH 05/13] test: trying to fix opencloud --- modules/nixos/guests/opencloud/ceresOpenCloud/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/nixos/guests/opencloud/ceresOpenCloud/default.nix b/modules/nixos/guests/opencloud/ceresOpenCloud/default.nix index de68f49..c74420b 100755 --- a/modules/nixos/guests/opencloud/ceresOpenCloud/default.nix +++ b/modules/nixos/guests/opencloud/ceresOpenCloud/default.nix @@ -55,8 +55,8 @@ in }; opencloud-copy-secrets = { description = "Copy secrets from virtiofs to local filesystem"; - before = [ "opencloud-init-config.service" ]; - requiredBy = [ "opencloud-init-config.service" ]; + before = [ "opencloud.service" ]; + requiredBy = [ "opencloud.service" ]; serviceConfig = { Type = "oneshot"; RemainAfterExit = true; From 1fe4a86a1993bd3d2169f5b41122f75663000c18 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 30 Nov 2025 17:12:26 -0600 Subject: [PATCH 06/13] test: trying to fix opencloud --- modules/nixos/guests/opencloud/ceresOpenCloud/default.nix | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/modules/nixos/guests/opencloud/ceresOpenCloud/default.nix b/modules/nixos/guests/opencloud/ceresOpenCloud/default.nix index c74420b..54ddf1d 100755 --- a/modules/nixos/guests/opencloud/ceresOpenCloud/default.nix +++ b/modules/nixos/guests/opencloud/ceresOpenCloud/default.nix @@ -63,7 +63,6 @@ in }; script = '' mkdir -p /etc/opencloud-secrets - mkdir /etc/static/opencloud cp /run/secrets/projectenv /etc/opencloud-secrets/env chmod 755 /etc/opencloud-secrets chmod 644 /etc/opencloud-secrets/* @@ -92,8 +91,8 @@ in tmpfiles.rules = [ "d ${serviceCfg.varPaths.path0} 0755 ${serviceCfg.name} ${serviceCfg.name} -" - "L+ /etc/opencloud/proxy.yaml - - - - /etc/static/opencloud/proxy.yaml" - "z /etc/opencloud 0700 opencloud opencloud -" + "z /etc/opencloud 0700 ${serviceCfg.name} ${serviceCfg.name} -" + # "L+ /etc/opencloud/proxy.yaml - - - - /etc/static/opencloud/proxy.yaml" ]; }; From 58ce3090715e2b522df001cfb270033bc9990545 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 30 Nov 2025 17:13:44 -0600 Subject: [PATCH 07/13] test: trying to fix opencloud --- .../opencloud/ceresOpenCloud/default.nix | 23 ++++++++++++++++--- 1 file changed, 20 insertions(+), 3 deletions(-) diff --git a/modules/nixos/guests/opencloud/ceresOpenCloud/default.nix b/modules/nixos/guests/opencloud/ceresOpenCloud/default.nix index 54ddf1d..e52b7e8 100755 --- a/modules/nixos/guests/opencloud/ceresOpenCloud/default.nix +++ b/modules/nixos/guests/opencloud/ceresOpenCloud/default.nix @@ -53,19 +53,36 @@ in opencloud = { path = [ pkgs.inotify-tools ]; }; - opencloud-copy-secrets = { + systemd.services.opencloud-copy-secrets = { description = "Copy secrets from virtiofs to local filesystem"; - before = [ "opencloud.service" ]; + before = [ + "opencloud-init-config.service" + "opencloud.service" + ]; requiredBy = [ "opencloud.service" ]; + after = [ "run-secrets.mount" ]; serviceConfig = { Type = "oneshot"; RemainAfterExit = true; }; script = '' + set -e + echo "Checking for secrets..." + + if [ ! -f /run/secrets/projectenv ]; then + echo "ERROR: /run/secrets/projectenv not found!" + ls -la /run/secrets/ || true + exit 1 + fi + + echo "Copying secrets..." mkdir -p /etc/opencloud-secrets - cp /run/secrets/projectenv /etc/opencloud-secrets/env + cp -v /run/secrets/projectenv /etc/opencloud-secrets/env chmod 755 /etc/opencloud-secrets chmod 644 /etc/opencloud-secrets/* + + echo "Secrets copied successfully" + cat /etc/opencloud-secrets/env ''; }; }; From 05f1f40208fd637311d3515485d71579f5cccc22 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 30 Nov 2025 17:15:54 -0600 Subject: [PATCH 08/13] test: trying to fix opencloud --- modules/nixos/guests/opencloud/ceresOpenCloud/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/nixos/guests/opencloud/ceresOpenCloud/default.nix b/modules/nixos/guests/opencloud/ceresOpenCloud/default.nix index e52b7e8..1b953c1 100755 --- a/modules/nixos/guests/opencloud/ceresOpenCloud/default.nix +++ b/modules/nixos/guests/opencloud/ceresOpenCloud/default.nix @@ -53,7 +53,7 @@ in opencloud = { path = [ pkgs.inotify-tools ]; }; - systemd.services.opencloud-copy-secrets = { + opencloud-copy-secrets = { description = "Copy secrets from virtiofs to local filesystem"; before = [ "opencloud-init-config.service" From 8c2a56cda2c19baa676ee16b2b057a54a2c5640d Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 30 Nov 2025 17:33:57 -0600 Subject: [PATCH 09/13] test: trying to fix opencloud --- secrets/secrets.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/secrets/secrets.yaml b/secrets/secrets.yaml index 1836602..d9b77dd 100755 --- a/secrets/secrets.yaml +++ b/secrets/secrets.yaml @@ -47,7 +47,7 @@ wireguard: glance: jellyfin: ENC[AES256_GCM,data:Ddpv23kdMGTWvlemn7o5M2ARQ+NuzUfgO9eLuMnRh/kt,iv:RiMRQPoyHtQqqc3wx48g1+Ip3meuCKSOniLZq2iJ3i4=,tag:B2sZT8R4ZnLIKiUMaU3L+w==,type:str] opencloud: - projectenv: ENC[AES256_GCM,data:+XCd3xScfxCN1Zl5L+4RAOjpmMPhVLSBtqH2nkEUpXhssy5EU82qAanNmqwiIJ1VrYXYovuu3XOwRKY3Ub1nsR5h1S0KUCwav2zmFKVopxF/5jVNIk6qR8Ggz/fAa1YQSW+SAnrtRGvP0Q1SERlCgnH4isVxNvWPyWCZKIgiX2Enu7hVwsJXKLYDomRWt47zzXNUzw50aFn7xPtXE/AYbMPBa+FweCrCfkaQ6i6jPvkdc6VBYTqIanD0908wB2SJA+1xvY7bYgRVB17/4a/9DuUN5J4xU84TOW7EFkvC/hWhlhC58GqQrOFyAgTP4YJHKGbLVKPlc4fcNMh5+pENpPG2fRDElCaLoJcYe6sYhaCDSegpDR/U9bgzKirnCu/hmdG+NQ3sGK/C89JL2kZT+tVT1u5JWnKGOGvLGQm73QUmnssDZVd8ubNsnd57W7siqAXY3+DN46yLrGgmTfHTRi4x2DKF8VCD9jXOxWsyoLvKYDyz09H9dI72xlCtSmcrFAt7bY7uEAWutrPCf3Kh/gq6oFUAPBEwfqhgnpgGA1vyA6o4zhxl4Rqye5YZMx2uNkxdA4wmk9KB/e7BVR/P04TSXoAV931OX7bnlw3XjSw5NTPEPnpmwZ3VPRGGkz171RiQQp+CkwUr35+DdwFrGazuv3wlwAhM19h9SRn8jikrw6PPGVehYp8mB/FhpNgqV0nM2DfjaBqE3yMfDzXH5b92t4Q=,iv:6mlHq6yh03x/FbZNu+A9QBoV6ALX1rRWuL13ItJWriI=,tag:tK6Ek2fzgPPWT8WCeU1Frw==,type:str] + projectenv: ENC[AES256_GCM,data:4ciIjtoJJO85+MDBk81J3WWbA2IcI+zo6q+lBLdBBrfZNapHCobrMZu47ZMLbLETFtDteCzGOAxteXLHA0asjaOJME1cirAdhVPQ1OcrbP6OsQ2OSfbr6e/bB7H70T4ru/u816y/3u8IZ9difdwL0RFVMz1f8Xg043CjV90Kr811uiNNG6usA8Wq9CLZwBUqQoTL3/u2AcPXv0WB7Ws/DsPIhhQi3za+DcbuHBLqzH+f8o+5R1bfa4ZFSno9nldKJTDTB5rSeG0yV7OwiGCzpRTkP6MpEB54Eevp+IG62sMSVCb+Fq5hq0XpFtB+Yf3/mPhGdHotHqrpD4Pk9z3Ciec7aowWLjkWPDdri5oDZJiiNXaLOd/qjcUi/n32WR5y95cs8Ltr5NxDTYuNJqqA+pbu05veAIbapPgNwQoLAo0t8Hga5p1ZDh0nLWmjYvALww9NM+N5TRC3afVR+klEfCMUCAAXe+xxpZnqCQfwray5x4xsosMno33GywyU5jDdw/gn4IBX7tIlmgXyEwlQvosrfqnd/0SNAucnrQMnNQ0SdZWE8032sa/yQGvKQJNi/pb8UQUn+fTRXs9n05/Uc1tmX7X7dG7H82cEwY+RFUydqPtgMXByntGeeEUU6xdPIBHTCHLf1qkqNMfmRvPMlDdM5EkgNuJZl1gMLEzvglfxNcfL9q5eYfpEoQtqVh+ZkOJeX1FI65RFtvePQ8J9jnInN7RB3LBJlTtyjEZ5zumq5eeuDURi+dNHXQwBMnhuKEPMfi28U5FPPpVkCWm1H2PSg6MXHbE=,iv:hhry2VqyehdTjNZ2PV0p/rHCH2ZtO03uh5lHddIJrDw=,tag:7sAo8FYJRe0tpLXsDWubPg==,type:str] caddy: share-auth: ENC[AES256_GCM,data:3jY2B2GOdz5EPJeAyVsk4XCs5NMft3VquIBep7SxYtEZ9H7IDroq1U1Sch6YVQ7VcL85L4Ix/OVPm4jVDEA0sZiGkltbYXRXZ8CR34ifsHtHR35lgjXyj8ZhJLydw7LgmZCEztWO8GjLdvSY,iv:MT5sA32Djx81HGc36rqV2xS5KUHLAeTyZiOdSu8oqQY=,tag:V1dv4yS2RXf4Xqrl5+tEuA==,type:str] comfyui-auth: ENC[AES256_GCM,data:7VTXoRxnD0NyVCFRAjHaZswEUsFuQd/ZIwVfqGPmNNV87hn6CBYWvxvcPPFwe+uw7BmKMt+I66DyKx5ydYENTWxPocyT/rFdgdtWwNoenj+JwsUzegmMbEiH2HCZdiwKj0h1lo142mtA6zkc,iv:xT5XHCj8D4dyvglstE2oqo92fLdscCkaNMux43hJ7nQ=,tag:HgU9wAmjPvfoDXgnorB5yA==,type:str] @@ -78,7 +78,7 @@ sops: bXBOa1VSakoyaWxpODJEOU11QUZCaUEK8Ch9Ten3DdrPHF1DTH2qei85AlHUOaLD aNfzakake7ej+MxJYdKEU0bcWofNMKzIlZa2uM10KZSENDP8d8qlig== -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-11-29T02:32:25Z" - mac: ENC[AES256_GCM,data:DiW/akEjhRu7Bvfh3je1llcfj6ytRT5+ntWUIobdvVZA4fu7z00skzUYiAdAg/CAnepEgAJ1R8JDag/TFIrnKg+JHM4Kdv7F4Ier/qaSGURxGQ/rxG5jwsj5N9ar8nWxpt9X3Ox7alyNyGpCW5bzbLL2EWzPmHVQiHWpfrlkivc=,iv:QOWZ5uAq7eNPiJF2/YY83bCnSaCXhm3b25egDcFDczg=,tag:zSlHQvCRugSP/wxJ7P+gGw==,type:str] + lastmodified: "2025-11-30T23:33:51Z" + mac: ENC[AES256_GCM,data:nnRvdqH9nythvEWjUTwlTswY/LcbI7WvyYUGTgmaG7zqbSWnFoqlEBuDfco2PriDpktYYB4vooq8xi3EyrW6GYECEUzi/yxhtt8RvaBZjcOluMHWHTOr9G/LRN6GuGzZxhf7zOqORbmPy8Ygz94GV1mesudn/F+M6n9fe+h6Jvk=,iv:7Q8OqY+NJ/U0q335zc2BAGuZYeewc1MpaoW7eN5XaB0=,tag:Nt/7NN2ONts3kSHxCX6VBA==,type:str] unencrypted_suffix: _unencrypted version: 3.11.0 From b3b9ed430ef2e4b9f2051e12bb87d49c034b7e9f Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 30 Nov 2025 17:53:19 -0600 Subject: [PATCH 10/13] test: trying to fix opencloud --- modules/nixos/guests/opencloud/ceresOpenCloud/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/nixos/guests/opencloud/ceresOpenCloud/default.nix b/modules/nixos/guests/opencloud/ceresOpenCloud/default.nix index 1b953c1..7adadaf 100755 --- a/modules/nixos/guests/opencloud/ceresOpenCloud/default.nix +++ b/modules/nixos/guests/opencloud/ceresOpenCloud/default.nix @@ -77,7 +77,7 @@ in echo "Copying secrets..." mkdir -p /etc/opencloud-secrets - cp -v /run/secrets/projectenv /etc/opencloud-secrets/env + cp /run/secrets/projectenv /etc/opencloud-secrets/env chmod 755 /etc/opencloud-secrets chmod 644 /etc/opencloud-secrets/* From cd9522913a715e4c2b287c4f7b0ac71c742798bc Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 30 Nov 2025 17:53:28 -0600 Subject: [PATCH 11/13] test: trying to fix opencloud --- secrets/secrets.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/secrets/secrets.yaml b/secrets/secrets.yaml index d9b77dd..fdd93bf 100755 --- a/secrets/secrets.yaml +++ b/secrets/secrets.yaml @@ -47,7 +47,7 @@ wireguard: glance: jellyfin: ENC[AES256_GCM,data:Ddpv23kdMGTWvlemn7o5M2ARQ+NuzUfgO9eLuMnRh/kt,iv:RiMRQPoyHtQqqc3wx48g1+Ip3meuCKSOniLZq2iJ3i4=,tag:B2sZT8R4ZnLIKiUMaU3L+w==,type:str] opencloud: - projectenv: ENC[AES256_GCM,data:4ciIjtoJJO85+MDBk81J3WWbA2IcI+zo6q+lBLdBBrfZNapHCobrMZu47ZMLbLETFtDteCzGOAxteXLHA0asjaOJME1cirAdhVPQ1OcrbP6OsQ2OSfbr6e/bB7H70T4ru/u816y/3u8IZ9difdwL0RFVMz1f8Xg043CjV90Kr811uiNNG6usA8Wq9CLZwBUqQoTL3/u2AcPXv0WB7Ws/DsPIhhQi3za+DcbuHBLqzH+f8o+5R1bfa4ZFSno9nldKJTDTB5rSeG0yV7OwiGCzpRTkP6MpEB54Eevp+IG62sMSVCb+Fq5hq0XpFtB+Yf3/mPhGdHotHqrpD4Pk9z3Ciec7aowWLjkWPDdri5oDZJiiNXaLOd/qjcUi/n32WR5y95cs8Ltr5NxDTYuNJqqA+pbu05veAIbapPgNwQoLAo0t8Hga5p1ZDh0nLWmjYvALww9NM+N5TRC3afVR+klEfCMUCAAXe+xxpZnqCQfwray5x4xsosMno33GywyU5jDdw/gn4IBX7tIlmgXyEwlQvosrfqnd/0SNAucnrQMnNQ0SdZWE8032sa/yQGvKQJNi/pb8UQUn+fTRXs9n05/Uc1tmX7X7dG7H82cEwY+RFUydqPtgMXByntGeeEUU6xdPIBHTCHLf1qkqNMfmRvPMlDdM5EkgNuJZl1gMLEzvglfxNcfL9q5eYfpEoQtqVh+ZkOJeX1FI65RFtvePQ8J9jnInN7RB3LBJlTtyjEZ5zumq5eeuDURi+dNHXQwBMnhuKEPMfi28U5FPPpVkCWm1H2PSg6MXHbE=,iv:hhry2VqyehdTjNZ2PV0p/rHCH2ZtO03uh5lHddIJrDw=,tag:7sAo8FYJRe0tpLXsDWubPg==,type:str] + projectenv: ENC[AES256_GCM,data:mlJZ57FLbT/EEylESHXxoSO4DER2+FVA7IhPyeSxRT0UPFEOqu1P1fsN36uFr3lGrH3hq4aWF1+54qEC6+w87Q4SzOMzl1PLl+oG4yoxgUouVsJXQP3WocOmbKy+Gc6rmtiMiU5DL0Rn1tEQ+EIc1NRrM8Bs3ngvcTwXQjV6LdT3RNQiLzlbD2ySKlyPbqy7q2N4x4zQT1vr1d/4xnPwOYx6G4aDCZUXJpZO8EcZYuPKAarjb+prMqSfMIVZBP8KF7dgg0N/IMOqFI91sG3v32Fl6QD6DlEe+axqHVhe+eotxe2yfBfcZXJ7QHRsoRixPVeTdQpaQWhxNwHg0UGg4TY3O1kGjNa463BmWwJ+Uc53TrbQ+AILAetEPDvhOylUIAWjzSDsjlT/x7blEEEcdi+/x9Bb95v4QAUvdn9lfMqISqs4asvYaPr3XwPStkjkTT8TFJIJBKMjd0yOvwcVTDQ+NPMw1xN7oFw7RS67A1o7QJgJxA4hS+ImeLicMgXn6TkWjRorj0QTALczn270CS0gQceYaF2LUgLr4mrJ7c6zJU8/mNYGU9s2OXFTbR6IsmsNJRRd3SK/mb1HImn/rp0uDFsF+IwO1ivqN3SWJtPi4ecpWxEajUhpkd3ygRjOZ+/L58/UR0X8jtjhOAxuLgqQxjn2B/hKZZ3+2K9KVPrfePdJlDLz95Sd1sVMD2d3CmEojZrN/9uYGrQ21inb6LxvWiTR,iv:CATNuXqqS8B6LTw1XOCLxytm+MpQtzbIqDD5x3c+u6A=,tag:LavaPSFZN0INATfyxyOg9w==,type:str] caddy: share-auth: ENC[AES256_GCM,data:3jY2B2GOdz5EPJeAyVsk4XCs5NMft3VquIBep7SxYtEZ9H7IDroq1U1Sch6YVQ7VcL85L4Ix/OVPm4jVDEA0sZiGkltbYXRXZ8CR34ifsHtHR35lgjXyj8ZhJLydw7LgmZCEztWO8GjLdvSY,iv:MT5sA32Djx81HGc36rqV2xS5KUHLAeTyZiOdSu8oqQY=,tag:V1dv4yS2RXf4Xqrl5+tEuA==,type:str] comfyui-auth: ENC[AES256_GCM,data:7VTXoRxnD0NyVCFRAjHaZswEUsFuQd/ZIwVfqGPmNNV87hn6CBYWvxvcPPFwe+uw7BmKMt+I66DyKx5ydYENTWxPocyT/rFdgdtWwNoenj+JwsUzegmMbEiH2HCZdiwKj0h1lo142mtA6zkc,iv:xT5XHCj8D4dyvglstE2oqo92fLdscCkaNMux43hJ7nQ=,tag:HgU9wAmjPvfoDXgnorB5yA==,type:str] @@ -78,7 +78,7 @@ sops: bXBOa1VSakoyaWxpODJEOU11QUZCaUEK8Ch9Ten3DdrPHF1DTH2qei85AlHUOaLD aNfzakake7ej+MxJYdKEU0bcWofNMKzIlZa2uM10KZSENDP8d8qlig== -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-11-30T23:33:51Z" - mac: ENC[AES256_GCM,data:nnRvdqH9nythvEWjUTwlTswY/LcbI7WvyYUGTgmaG7zqbSWnFoqlEBuDfco2PriDpktYYB4vooq8xi3EyrW6GYECEUzi/yxhtt8RvaBZjcOluMHWHTOr9G/LRN6GuGzZxhf7zOqORbmPy8Ygz94GV1mesudn/F+M6n9fe+h6Jvk=,iv:7Q8OqY+NJ/U0q335zc2BAGuZYeewc1MpaoW7eN5XaB0=,tag:Nt/7NN2ONts3kSHxCX6VBA==,type:str] + lastmodified: "2025-11-30T23:53:24Z" + mac: ENC[AES256_GCM,data:AsqMYrM9rbM5QRgXRPfh/rzkmlKsavRTS9nBO0ZqAQpONE3XScd8FCDbOpIJWtTMk9c54v3Abwf+0qATmaNB5P2ziKh81GZMZ1mqJJqZfRtPQRo09b6EydJaHDvBYOs5xgS9C2dpI5/3CLaNpyzRnCU+BbePI2U+Ltf0FE4/GkU=,iv:JtyRzq0aQhdHokoe3jY5TMgmV0ndRY2P2VGgxXr9KFE=,tag:eMRdSkZTZpEDlDS4a59+Jg==,type:str] unencrypted_suffix: _unencrypted version: 3.11.0 From 6da9433ba01a9e7ad07ccb3e6cb2a01ad54d2b35 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 30 Nov 2025 18:16:08 -0600 Subject: [PATCH 12/13] test: trying to fix opencloud --- secrets/secrets.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/secrets/secrets.yaml b/secrets/secrets.yaml index fdd93bf..c00baed 100755 --- a/secrets/secrets.yaml +++ b/secrets/secrets.yaml @@ -47,7 +47,7 @@ wireguard: glance: jellyfin: ENC[AES256_GCM,data:Ddpv23kdMGTWvlemn7o5M2ARQ+NuzUfgO9eLuMnRh/kt,iv:RiMRQPoyHtQqqc3wx48g1+Ip3meuCKSOniLZq2iJ3i4=,tag:B2sZT8R4ZnLIKiUMaU3L+w==,type:str] opencloud: - projectenv: ENC[AES256_GCM,data:mlJZ57FLbT/EEylESHXxoSO4DER2+FVA7IhPyeSxRT0UPFEOqu1P1fsN36uFr3lGrH3hq4aWF1+54qEC6+w87Q4SzOMzl1PLl+oG4yoxgUouVsJXQP3WocOmbKy+Gc6rmtiMiU5DL0Rn1tEQ+EIc1NRrM8Bs3ngvcTwXQjV6LdT3RNQiLzlbD2ySKlyPbqy7q2N4x4zQT1vr1d/4xnPwOYx6G4aDCZUXJpZO8EcZYuPKAarjb+prMqSfMIVZBP8KF7dgg0N/IMOqFI91sG3v32Fl6QD6DlEe+axqHVhe+eotxe2yfBfcZXJ7QHRsoRixPVeTdQpaQWhxNwHg0UGg4TY3O1kGjNa463BmWwJ+Uc53TrbQ+AILAetEPDvhOylUIAWjzSDsjlT/x7blEEEcdi+/x9Bb95v4QAUvdn9lfMqISqs4asvYaPr3XwPStkjkTT8TFJIJBKMjd0yOvwcVTDQ+NPMw1xN7oFw7RS67A1o7QJgJxA4hS+ImeLicMgXn6TkWjRorj0QTALczn270CS0gQceYaF2LUgLr4mrJ7c6zJU8/mNYGU9s2OXFTbR6IsmsNJRRd3SK/mb1HImn/rp0uDFsF+IwO1ivqN3SWJtPi4ecpWxEajUhpkd3ygRjOZ+/L58/UR0X8jtjhOAxuLgqQxjn2B/hKZZ3+2K9KVPrfePdJlDLz95Sd1sVMD2d3CmEojZrN/9uYGrQ21inb6LxvWiTR,iv:CATNuXqqS8B6LTw1XOCLxytm+MpQtzbIqDD5x3c+u6A=,tag:LavaPSFZN0INATfyxyOg9w==,type:str] + projectenv: ENC[AES256_GCM,data:f87G2Q788X274FwZM7BlqNuSBebGXUBI790ARkTBLRg6UmmJuNGZn/m+L1aby9SNh3BNQVXBx+uwmAhaiIGXYvT2mikuXVmrjWcrI1+d4Bi8dl15t/QiCfwICLhbmr2YLWhd35moWQRugbJ4HiA3p2IHLv9NDgY0ZBGN2+c4KKNxUa1/hj6Pqp6YucNJSQDjjLEC6vhV4BP6Bd3ujpTzn/zdbxw3aVU2IEywkbpK9tEbRrfIDncmHLYfTTdSM3K9rrYsO+pIRne8b5f5jn7oI8GQVFHN5AD7u/ndsGWKosqEJQ7lr2smTbxLem0usVWD7LZVl/icnSdLYN8bFgqskqK9DP8sonv8I2eGEHb7HbKzZe9cXfDgG38cpiBikmPrSgatnvnrVqT3DPytQ/UKSPYFEQSEaNhMS2u470vTx1ZL557dSXov3SP0wIb7f69Owyl31utlMQJd8tNul2jBoYLw7Ov25+XwTe2zl8P2SBXPOpx0Bv3wneL7wJOaEuZeH4GaEqIJ2Gu6P9K/HN1LXSM17XRPTaFqKlXRWVV9FFGjrR43Xm2cG1MTWIlUE9OifjLOG50VuOPN1FeoElUYfjl/NcU+ByQz5D4d42Mu/G7oz7Oq8mdYmRdSQMReKM+NtlKN6RgtuuE7RN2u4sD4Yntd+ASMQAC/ewZQ+YOEUwRRvOWFH8CNZN7f6//AEeSD/9pkKsQ24VmsXK2lOz7W0KXxgf9qRB+OfCfiQXm9oMUsr3kq0w==,iv:EC257jdG7rU5+KhkX5zJkD8zraLzG39dO83cj1TMklc=,tag:oYzqiWbDbFddocKvisa/Jw==,type:str] caddy: share-auth: ENC[AES256_GCM,data:3jY2B2GOdz5EPJeAyVsk4XCs5NMft3VquIBep7SxYtEZ9H7IDroq1U1Sch6YVQ7VcL85L4Ix/OVPm4jVDEA0sZiGkltbYXRXZ8CR34ifsHtHR35lgjXyj8ZhJLydw7LgmZCEztWO8GjLdvSY,iv:MT5sA32Djx81HGc36rqV2xS5KUHLAeTyZiOdSu8oqQY=,tag:V1dv4yS2RXf4Xqrl5+tEuA==,type:str] comfyui-auth: ENC[AES256_GCM,data:7VTXoRxnD0NyVCFRAjHaZswEUsFuQd/ZIwVfqGPmNNV87hn6CBYWvxvcPPFwe+uw7BmKMt+I66DyKx5ydYENTWxPocyT/rFdgdtWwNoenj+JwsUzegmMbEiH2HCZdiwKj0h1lo142mtA6zkc,iv:xT5XHCj8D4dyvglstE2oqo92fLdscCkaNMux43hJ7nQ=,tag:HgU9wAmjPvfoDXgnorB5yA==,type:str] @@ -78,7 +78,7 @@ sops: bXBOa1VSakoyaWxpODJEOU11QUZCaUEK8Ch9Ten3DdrPHF1DTH2qei85AlHUOaLD aNfzakake7ej+MxJYdKEU0bcWofNMKzIlZa2uM10KZSENDP8d8qlig== -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-11-30T23:53:24Z" - mac: ENC[AES256_GCM,data:AsqMYrM9rbM5QRgXRPfh/rzkmlKsavRTS9nBO0ZqAQpONE3XScd8FCDbOpIJWtTMk9c54v3Abwf+0qATmaNB5P2ziKh81GZMZ1mqJJqZfRtPQRo09b6EydJaHDvBYOs5xgS9C2dpI5/3CLaNpyzRnCU+BbePI2U+Ltf0FE4/GkU=,iv:JtyRzq0aQhdHokoe3jY5TMgmV0ndRY2P2VGgxXr9KFE=,tag:eMRdSkZTZpEDlDS4a59+Jg==,type:str] + lastmodified: "2025-12-01T00:16:06Z" + mac: ENC[AES256_GCM,data:Yy6KPs4TOxz+fx9b7q/dGWBKnP5N6vE1A4XVyjcWCekiT3fogAbci5TG1djBIOCy0eQCFAkzyiEgd7finhc4ABntSEQZo8NgHmaasx+u44u31Vduf8tbEcWpXQF1ke4Fzhq+/05vgXhetKn7BWRM1/G1GDiyGLluJj+RAvL1O0s=,iv:XvKd2JZYvjIhUxv68jzykOIX6VH4xk9t0EtJTDlp/Ok=,tag:6EUC0BdetOCriUxmAPhQ8w==,type:str] unencrypted_suffix: _unencrypted version: 3.11.0 From dc66e0050dd9efb99a0062dd893259a41997a937 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 30 Nov 2025 18:39:54 -0600 Subject: [PATCH 13/13] test: trying to fix opencloud --- modules/nixos/guests/opencloud/ceresOpenCloud/default.nix | 2 +- secrets/secrets.yaml | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/modules/nixos/guests/opencloud/ceresOpenCloud/default.nix b/modules/nixos/guests/opencloud/ceresOpenCloud/default.nix index 7adadaf..ec3557e 100755 --- a/modules/nixos/guests/opencloud/ceresOpenCloud/default.nix +++ b/modules/nixos/guests/opencloud/ceresOpenCloud/default.nix @@ -89,7 +89,7 @@ in network = { enable = true; networks."20-lan" = { - matchConfig.Name = "enp0s5"; + matchConfig.Name = "enp0s6"; addresses = [ { Address = "${serviceCfg.interface.ip}/24"; } ]; diff --git a/secrets/secrets.yaml b/secrets/secrets.yaml index c00baed..d6f945c 100755 --- a/secrets/secrets.yaml +++ b/secrets/secrets.yaml @@ -47,7 +47,7 @@ wireguard: glance: jellyfin: ENC[AES256_GCM,data:Ddpv23kdMGTWvlemn7o5M2ARQ+NuzUfgO9eLuMnRh/kt,iv:RiMRQPoyHtQqqc3wx48g1+Ip3meuCKSOniLZq2iJ3i4=,tag:B2sZT8R4ZnLIKiUMaU3L+w==,type:str] opencloud: - projectenv: ENC[AES256_GCM,data:f87G2Q788X274FwZM7BlqNuSBebGXUBI790ARkTBLRg6UmmJuNGZn/m+L1aby9SNh3BNQVXBx+uwmAhaiIGXYvT2mikuXVmrjWcrI1+d4Bi8dl15t/QiCfwICLhbmr2YLWhd35moWQRugbJ4HiA3p2IHLv9NDgY0ZBGN2+c4KKNxUa1/hj6Pqp6YucNJSQDjjLEC6vhV4BP6Bd3ujpTzn/zdbxw3aVU2IEywkbpK9tEbRrfIDncmHLYfTTdSM3K9rrYsO+pIRne8b5f5jn7oI8GQVFHN5AD7u/ndsGWKosqEJQ7lr2smTbxLem0usVWD7LZVl/icnSdLYN8bFgqskqK9DP8sonv8I2eGEHb7HbKzZe9cXfDgG38cpiBikmPrSgatnvnrVqT3DPytQ/UKSPYFEQSEaNhMS2u470vTx1ZL557dSXov3SP0wIb7f69Owyl31utlMQJd8tNul2jBoYLw7Ov25+XwTe2zl8P2SBXPOpx0Bv3wneL7wJOaEuZeH4GaEqIJ2Gu6P9K/HN1LXSM17XRPTaFqKlXRWVV9FFGjrR43Xm2cG1MTWIlUE9OifjLOG50VuOPN1FeoElUYfjl/NcU+ByQz5D4d42Mu/G7oz7Oq8mdYmRdSQMReKM+NtlKN6RgtuuE7RN2u4sD4Yntd+ASMQAC/ewZQ+YOEUwRRvOWFH8CNZN7f6//AEeSD/9pkKsQ24VmsXK2lOz7W0KXxgf9qRB+OfCfiQXm9oMUsr3kq0w==,iv:EC257jdG7rU5+KhkX5zJkD8zraLzG39dO83cj1TMklc=,tag:oYzqiWbDbFddocKvisa/Jw==,type:str] + projectenv: ENC[AES256_GCM,data:At9x06kOIXWdKQVeoyZyER8u4cyq4rrj8jpZThTJD3jqqc4pmdY52EIGw/sdzcK2IVSesgPiHnyCpqtMXm1dpkW69JLlZDPgf0h9+ADxRvGbLNRN4AszLLa34OtoxaTY53EGAtAY8KLyR6AycxLUVINReVDZWLF45MZ7gCl7HGwo06ut8VE9MqodQuqrwJSNl3lZMmWDP+Xu2INMOYS+sw7AlX8Apxvnqx1bzH34DjBcQkKXD2OYOCZFLmP7rd5NLL9zf3dCBHzNcYg3rIcV5fiYbnvxMRQ9CtiL2JvlcPTe5nNZlsZ3A+urAy/RCB7mDCydBwSEKVzGLwcOQmx+1H/9qXsD3YIvIJCLgcigfUs7d1/dfjOYfAQ2gMNjRRmX583XCu8F2d+bgb090wVYkejYY+61h/89TwVPrp+VC2H/Lt8DNW2qlu7QezvqPBZJf+2gtAPk7KmT4/kG2a2Abnj/TB4CwO20xFEtL/LNOwTfNnAWjHXTZeTl2I3tyGI0jrMmpyzXr6HsflbB9/yGLS3gVIVScOWnsnwhD/8rKqnEv2VmORl4c6zjqHm+W38pO2ehh9Cw+yoacjvGZu54nnGDzBpJai/6tj6+XUuCH8l25AMYyBqDv6OFROkEqRXkkB1rrdmXuUKFP298vShbXk4ZJKeD3PHMpV4pCoRrMmFNlDxeo+sHC+Cf7itFe7qHNjshZHxYoKIl/977gy6urWroWlORiGR+eJXrXFw7bHD/w/atXQ==,iv:vVVUwKuTVmrvcRNNgshbl/weBes6fGcflKqVc/1zRNw=,tag:Jt1lCAnuPs1AP9LAR7BXhg==,type:str] caddy: share-auth: ENC[AES256_GCM,data:3jY2B2GOdz5EPJeAyVsk4XCs5NMft3VquIBep7SxYtEZ9H7IDroq1U1Sch6YVQ7VcL85L4Ix/OVPm4jVDEA0sZiGkltbYXRXZ8CR34ifsHtHR35lgjXyj8ZhJLydw7LgmZCEztWO8GjLdvSY,iv:MT5sA32Djx81HGc36rqV2xS5KUHLAeTyZiOdSu8oqQY=,tag:V1dv4yS2RXf4Xqrl5+tEuA==,type:str] comfyui-auth: ENC[AES256_GCM,data:7VTXoRxnD0NyVCFRAjHaZswEUsFuQd/ZIwVfqGPmNNV87hn6CBYWvxvcPPFwe+uw7BmKMt+I66DyKx5ydYENTWxPocyT/rFdgdtWwNoenj+JwsUzegmMbEiH2HCZdiwKj0h1lo142mtA6zkc,iv:xT5XHCj8D4dyvglstE2oqo92fLdscCkaNMux43hJ7nQ=,tag:HgU9wAmjPvfoDXgnorB5yA==,type:str] @@ -78,7 +78,7 @@ sops: bXBOa1VSakoyaWxpODJEOU11QUZCaUEK8Ch9Ten3DdrPHF1DTH2qei85AlHUOaLD aNfzakake7ej+MxJYdKEU0bcWofNMKzIlZa2uM10KZSENDP8d8qlig== -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-12-01T00:16:06Z" - mac: ENC[AES256_GCM,data:Yy6KPs4TOxz+fx9b7q/dGWBKnP5N6vE1A4XVyjcWCekiT3fogAbci5TG1djBIOCy0eQCFAkzyiEgd7finhc4ABntSEQZo8NgHmaasx+u44u31Vduf8tbEcWpXQF1ke4Fzhq+/05vgXhetKn7BWRM1/G1GDiyGLluJj+RAvL1O0s=,iv:XvKd2JZYvjIhUxv68jzykOIX6VH4xk9t0EtJTDlp/Ok=,tag:6EUC0BdetOCriUxmAPhQ8w==,type:str] + lastmodified: "2025-12-01T00:35:20Z" + mac: ENC[AES256_GCM,data:yLqmOp2239jXoew95D+2EDq00j9tEJuIvXT+s653rG+dTesa4oYIDYnSnlZzf+TOHKgz83Xrity2mDeqOnxpdiuLPmKIVQrh4JelgQQJ7OUvtAeJJdvMiaz6M8YLT7jwF8sUF2S0MTysXQK7EPzG/9eokgI5u1U1sp+CNH027Oc=,iv:JGpL/QkFn28wP2qjo7O59PFX3/xjlGSx8EHSavVBTec=,tag:bqmx+MlkGjrnJT0Z+vj5lw==,type:str] unencrypted_suffix: _unencrypted version: 3.11.0