From f7ecb901db46ef37ba5c445fc6636ce6228d708c Mon Sep 17 00:00:00 2001 From: mjallen18 Date: Fri, 13 Feb 2026 20:38:19 -0600 Subject: [PATCH] nebula --- modules/nixos/services/nextcloud/default.nix | 1 + secrets/nas-secrets.yaml | 8 +++--- systems/x86_64-linux/jallen-nas/sops.nix | 28 +++++++++++--------- 3 files changed, 20 insertions(+), 17 deletions(-) diff --git a/modules/nixos/services/nextcloud/default.nix b/modules/nixos/services/nextcloud/default.nix index 90c3790..27415e5 100644 --- a/modules/nixos/services/nextcloud/default.nix +++ b/modules/nixos/services/nextcloud/default.nix @@ -74,6 +74,7 @@ let https = false; settings = { + installed = true; overwrite.cli.url = "https://cloud.mjallen.dev"; log_type = "file"; default_phone_region = "US"; diff --git a/secrets/nas-secrets.yaml b/secrets/nas-secrets.yaml index 88ad274..b63269a 100644 --- a/secrets/nas-secrets.yaml +++ b/secrets/nas-secrets.yaml @@ -35,8 +35,8 @@ jallen-nas: open-webui: ENC[AES256_GCM,data:Th2WQmGPCqd2lsSCvl0NhnHT2/dVoV5k1DM0IhrewEc=,iv:rNEYe/nZAz1Bex/Eb8z8T70z2CV4+nTpzjzTX7Nz0Uo=,tag:yh3ID15I1ZrBYjnCgeo44A==,type:str] paperless: secret: ENC[AES256_GCM,data:b/7MEdo3BQ0v8vaBnfNMamo5NKIA,iv:op2/RA6+HwmmVK2QVkfJUBQjPpvce6716U066YaUehM=,tag:66eEjU68GYZi5bBXtEojWg==,type:str] - authentik-client-id: ENC[AES256_GCM,data:b8XMIBa71HuT22sd/CRSctq7dZwna85WcPYAJRPZLSWWpZENMx03bw==,iv:4DQjjF4TiL3xQltVC+GyzWjoCXJr/w8DLRZxf/636Dk=,tag:FUAzJg1Jj27p/C3RwgOrGA==,type:str] - authentik-client-secret: ENC[AES256_GCM,data:IroyLoiv8TT7+bG43bnThsz+b4vAdKc3+uLQWbtiag9+NAIMH/yDRdcyoag+PZIF3BjUJHClbnNHFZmSOlT+rymv9q9Ja+WDdSHD6jc4KAtPakshh+WfwSzdMhegbV3EWbxNcRb02eCZifnpYFH8aUqHDpbeU9K7lx5XBMe/bNA=,iv:08rzurhosfME0FtTEOdcSxbiq3dq9sc6Bm+OXvVyn8M=,tag:RnY57cWBr+jBqlVUSYaP3Q==,type:str] + authentik-client-id: ENC[AES256_GCM,data:O5pRds1oOPYiYHGhGKli/jV5PSfCV+ugHbkVn5gmKTy8dv3HMY/umw==,iv:tGoRVIVyuA+3clO2JTMBVvpjvYLiUCQrssZIzq25xHA=,tag:EGlY4sq66c8yS9UTkFp6cQ==,type:str] + authentik-client-secret: ENC[AES256_GCM,data:f4UWXg9QYGeEJhOHOxhDeWu7lV8eyU4LAPpnGsmPO6eJjvT60gcuCkg3Wc76fU24ImSbLNgXJXre5FsTA1ZlyLjVrDr9BCpVB4bqBiMtdYn+eS6tudKyS42ndzykTGkqBJg4yn5MtDbo5R9qX3fS1GHVf8qlNuBIHJFlXpdzQJg=,iv:Z735YVxRN4KEwAonKB05oyRT5WiRkIg7sjyl3OOv3xQ=,tag:UG0/E6aMoEHb5sCG1lwC/g==,type:str] wireguard: private: ENC[AES256_GCM,data:xcv4eH8WggS/05MkcL96MpJVqwsFp7AzFoYVoQmOhNC32oy+g3vEibmYCNc=,iv:LWBA3UKqEKs7NISVWxAT9zZ2OMM/1Em+fchZKlrMLIw=,tag:pZkNHc7CGV10X2pfT16djA==,type:str] public: ENC[AES256_GCM,data:HP/vP2bVp26cGyP1rJuXSX9BnUeauOVx1c9y48FakuQ+lMr8jymYGFm0vUA=,iv:h/FuDPaTQfGRGqA1H0+kz/kQyJ+2eIWoi7zObaIJPjE=,tag:zrjbq7S6DEbE9O+JAZr/4Q==,type:str] @@ -230,8 +230,8 @@ sops: L0gwQm5takNjMkVGNzVlSStJYlUwWDAKP8QA3rRUHYbyyhPC/k0Eq2EIKfjyc7Co 7BkHH3msC6h9g42BB5iIYe6KQ+UGxMQBFvp+qSB27jaIfajN5MP0BA== -----END AGE ENCRYPTED FILE----- - lastmodified: "2026-02-13T19:37:06Z" - mac: ENC[AES256_GCM,data:kQKGHsXwGD/bswj5ZShjoKCmrjINjcDigxYe+DOwbI2xED6NTtYP5on+D40APlqDGE8VFSQekePpsy5KZxpqcdJjR1hY5c8Gin8OGysYnjM5repMhhbIkkL5hnTcwaobh4JN6eFFNJZvl2U6cuu3UR8bENdvAtsODq9X2GNVpfU=,iv:Q6lWs0aP9ktGqpcZi1G5QIW1w696zZsNKgLtDxKv19A=,tag:NTZthEXLOAA/KVeFswlKEA==,type:str] + lastmodified: "2026-02-14T01:45:47Z" + mac: ENC[AES256_GCM,data:16hCppIAbjg6OWhF2kdIUSb67yffIHtQ32PY/R3tvZjGnU3FyX/ew1NRaF8XtMhFWJ3McE5riu7ctWP6ET1/k9anDDMHAreTibmxbPeur1Cc5p8HM0d9A+mofdR/bqSQZxlaWnkqd+odbo0wv5tR4WO+Cs8Yp6hqS3UkpgqM55w=,iv:0s4vlNYwLeUDx7hySofPp7UgbvJG51FLUpcUvmcJrPg=,tag:kfC/jrhKt3dht+oZqa9Wgg==,type:str] pgp: - created_at: "2026-02-06T15:34:30Z" enc: |- diff --git a/systems/x86_64-linux/jallen-nas/sops.nix b/systems/x86_64-linux/jallen-nas/sops.nix index 7658dcf..d65b320 100755 --- a/systems/x86_64-linux/jallen-nas/sops.nix +++ b/systems/x86_64-linux/jallen-nas/sops.nix @@ -91,7 +91,7 @@ in "jallen-nas/collabora" = { sopsFile = defaultSops; - restartUnits = [ "podman-collabora.service" ]; + restartUnits = [ "coolwsd.service" ]; }; # ------------------------------ @@ -115,11 +115,11 @@ in "jallen-nas/mariadb/db_pass" = { sopsFile = defaultSops; - restartUnits = [ "podman-mariadb.service" ]; + restartUnits = [ "mysql.service" ]; }; "jallen-nas/mariadb/root_pass" = { sopsFile = defaultSops; - restartUnits = [ "podman-mariadb.service" ]; + restartUnits = [ "mysql.service" ]; }; # ------------------------------ @@ -131,21 +131,21 @@ in mode = "0650"; owner = config.users.users."${user}".name; group = config.users.users."${user}".group; - restartUnits = [ "container@nextcloud.service" ]; + restartUnits = [ "nextcloud.service" ]; }; "jallen-nas/nextcloud/adminpassword" = { sopsFile = defaultSops; mode = "0650"; owner = config.users.users."${user}".name; group = config.users.users."${user}".group; - restartUnits = [ "container@nextcloud.service" ]; + restartUnits = [ "nextcloud.service" ]; }; "jallen-nas/nextcloud/smtp_settings" = { sopsFile = defaultSops; mode = "0650"; owner = config.users.users."${user}".name; group = config.users.users."${user}".group; - restartUnits = [ "container@nextcloud.service" ]; + restartUnits = [ "nextcloud.service" ]; }; # ------------------------------ @@ -157,7 +157,7 @@ in mode = "0655"; owner = config.users.users."${user}".name; group = config.users.users."${user}".group; - restartUnits = [ "container@nextcloud.service" ]; + restartUnits = [ "nextcloud.service" ]; }; # ------------------------------ @@ -177,7 +177,7 @@ in sopsFile = defaultSops; mode = "0440"; group = "keys"; - restartUnits = [ "container@immich.service" ]; + restartUnits = [ "immich.service" ]; }; # ------------------------------ @@ -195,15 +195,15 @@ in "jallen-nas/paperless/secret" = { sopsFile = defaultSops; - restartUnits = [ "container@paperless.service" ]; + restartUnits = [ "paperless.service" ]; }; "jallen-nas/paperless/authentik-client-id" = { sopsFile = defaultSops; - restartUnits = [ "container@paperless.service" ]; + restartUnits = [ "paperless.service" ]; }; "jallen-nas/paperless/authentik-client-secret" = { sopsFile = defaultSops; - restartUnits = [ "container@paperless.service" ]; + restartUnits = [ "paperless.service" ]; }; # ------------------------------ @@ -215,14 +215,14 @@ in owner = "root"; group = "keys"; mode = "0440"; - restartUnits = [ "container@gitea.service" ]; + restartUnits = [ "gitea.service" ]; }; "jallen-nas/gitea/metrics-key" = { sopsFile = defaultSops; owner = "root"; group = "keys"; mode = "0440"; - restartUnits = [ "container@gitea.service" ]; + restartUnits = [ "gitea.service" ]; }; # ------------------------------ @@ -280,6 +280,8 @@ in "paperless.env" = { content = '' + PAPERLESS_ADMIN_USER = "mjallen" + PAPERLESS_ADMIN_PASSWORD = ${config.sops.placeholder."matt_password"} PAPERLESS_URL = "https://paperless.jallen.dev" PAPERLESS_SECRET = ${config.sops.placeholder."jallen-nas/paperless/secret"} PAPERLESS_ENABLE_ALLAUTH = true