aciceri/nixfleet
1
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

Compare commits

base: aciceri:8e28001eab06f7efa98c52a3980cf6eae7bc9422
Branches Tags
aciceri:master
aciceri:update-flake-lock
aciceri:aaa
aciceri:wip
aciceri:test
..
compare: aciceri:7188dbf66579fe9c443f38157cb9ba8239afad4e
Branches Tags
aciceri:update-flake-lock
aciceri:master
aciceri:aaa
aciceri:wip
aciceri:test

4 commits
8e28001eab ... 7188dbf665

Author SHA1 Message Date
Andrea Ciceri
7188dbf665
Add nix-netrc secret to picard, pike, kirk and sisko
All checks were successful
EVAL aarch64-linux.sisko
Details
/ test (push) Successful in -2s
Details
2025-05-23 21:34:13 +02:00
Andrea Ciceri
959016455f
Remove unused caches 2025-05-23 21:32:48 +02:00
Andrea Ciceri
ddfb93214f
Use netrc provided by agenix 2025-05-23 21:32:34 +02:00
Andrea Ciceri
c8e32b689b
Add netrc secret 2025-05-23 21:32:11 +02:00
4 changed files with 16 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

4
hosts/default.nix
View file

@ -59,6 +59,7 @@
"git-workspace-tokens".owner = "ccr"; "git-workspace-tokens".owner = "ccr";
"autistici-password".owner = "ccr"; "autistici-password".owner = "ccr";
"restic-hetzner-password" = { }; "restic-hetzner-password" = { };
"nix-netrc" = { };
}; };
}; };
@ -87,6 +88,7 @@
"restic-hetzner-password" = { }; "restic-hetzner-password" = { };
"forgejo-runners-token".owner = "nixuser"; "forgejo-runners-token".owner = "nixuser";
"forgejo-nix-access-tokens".owner = "nixuser"; "forgejo-nix-access-tokens".owner = "nixuser";
"nix-netrc" = { };
}; };
}; };
@ -120,6 +122,7 @@
}; };
"matrix-registration-shared-secret".owner = "matrix-synapse"; "matrix-registration-shared-secret".owner = "matrix-synapse";
"arbi-config".owner = "arbi"; "arbi-config".owner = "arbi";
"nix-netrc" = { };
}; };
}; };
@ -143,6 +146,7 @@
"cachix-personal-token".owner = "ccr"; "cachix-personal-token".owner = "ccr";
"git-workspace-tokens".owner = "ccr"; "git-workspace-tokens".owner = "ccr";
"autistici-password".owner = "ccr"; "autistici-password".owner = "ccr";
"nix-netrc" = { };
}; };
}; };

10
modules/nix/default.nix
View file

@ -20,20 +20,20 @@
"root" "root"
"@wheel" "@wheel"
]; ];
netrc-file = "/etc/nix/netrc"; netrc-file = config.age.secrets.nix-netrc.path;
substituters = [ substituters = [
# "s3://cache?profile=default&region=eu-south-1&scheme=https&endpoint=cache.aciceri.dev"
"https://cache.iog.io" "https://cache.iog.io"
"https://cache.lix.systems" "https://cache.lix.systems"
"https://nix-community.cachix.org" "https://nix-community.cachix.org"
"https://mlabs.cachix.org" # "https://mlabs.cachix.org"
"http://sisko.wg.aciceri.dev:8081/nixfleet"
]; ];
trusted-public-keys = [ trusted-public-keys = [
# "cache.aciceri.dev~1:nJMfcBnYieY2WMbYDG0s9S5qUhU+V4RPL+X9zcxXxZY="
"hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ=" "hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ="
"cache.lix.systems:aBnZUw8zA7H35Cz2RyKFVs3H4PlGTLawyY5KRbvJR8o=" "cache.lix.systems:aBnZUw8zA7H35Cz2RyKFVs3H4PlGTLawyY5KRbvJR8o="
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
"mlabs.cachix.org-1:gStKdEqNKcrlSQw5iMW6wFCj3+b+1ASpBVY2SYuNV2M=" # "mlabs.cachix.org-1:gStKdEqNKcrlSQw5iMW6wFCj3+b+1ASpBVY2SYuNV2M="
"nixfleet:Bud23440n6mMTmgq/7U+mk91zlLjnx2X3lQQrCBCCU4="
]; ];
deprecated-features = [ "url-literals" ]; deprecated-features = [ "url-literals" ];
}; };

BIN
secrets/nix-netrc.age Normal file
View file

Binary file not shown.

7
secrets/secrets.nix
View file

@ -157,6 +157,13 @@ with keys.users;
ccr-ssh ccr-ssh
sisko sisko
]; ];
"nix-netrc.age".publicKeys = [
ccr-ssh
sisko
pike
picard
kirk
];
# WireGuard # WireGuard
"picard-wireguard-private-key.age".publicKeys = [ "picard-wireguard-private-key.age".publicKeys = [