mjallen/nix-config
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

some sops

Browse Source
This commit is contained in:
mjallen18
2025-12-19 13:32:07 -06:00
parent ba446f408a
commit 479ac18f20
7 changed files with 39 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
modules/nixos/services/glance/default.nix
View File

@@ -13,9 +13,31 @@ let
description = "glance";
options = { };
moduleConfig = {
sops = {
secrets = {
"jallen-nas/glance/arr-username" = {
sopsFile = (lib.snowfall.fs.get-file "secrets/nas-secrets.yaml");
};
"jallen-nas/glance/arr-password" = {
sopsFile = (lib.snowfall.fs.get-file "secrets/nas-secrets.yaml");
};
};
templates = {
"glance.env" = {
mode = "660";
restartUnits = [ "glance.service" ];
content = ''
ARR_USER=${config.sops.placeholder."jallen-nas/glance/arr-username"}
ARR_PASS=${config.sops.placeholder."jallen-nas/glance/arr-password"}
'';
};
};
};
services.glance = {
enable = true;
openFirewall = true;
environmentFile = config.sops.templates."glance.env".path;
settings = {
server = {
host = "0.0.0.0";
@@ -47,7 +69,7 @@ let
{
type = "local";
name = "Jallen-NAS";
cpu-temp-sensor = "/sys/class/hwmon/hwmon2/temp2_input"; # TODO
cpu-temp-sensor = "/sys/devices/pci0000:00/0000:00:08.1/0000:cd:00.0/hwmon/hwmon*/temp1_input"; # Tctl
mountpoints = {
"/home" = {
name = "Home";
@@ -129,8 +151,8 @@ let
icon = "si:sonarr";
allow-insecure = true;
basic-auth = {
username = "mjallen";
password = "BogieDudie1"; # todo
username = "\${ARR_USER}";
password = "\${ARR_PASS}";
};
}
{
@@ -139,8 +161,8 @@ let
icon = "si:radarr";
allow-insecure = true;
basic-auth = {
username = "mjallen";
password = "BogieDudie1";
username = "\${ARR_USER}";
password = "\${ARR_PASS}";
};
}
# {