From 413d4cd4a66b1f3164c72ff18826451ceaaf2061 Mon Sep 17 00:00:00 2001 From: sefidel Date: Mon, 9 Dec 2024 01:04:20 +0900 Subject: feat(nixos/kanata): change internal domain --- nixos/kanata/configuration.nix | 56 +++++++++++++++++++-------------------- nixos/kanata/secrets/secrets.yaml | 8 +++--- 2 files changed, 32 insertions(+), 32 deletions(-) (limited to 'nixos') diff --git a/nixos/kanata/configuration.nix b/nixos/kanata/configuration.nix index 0d8dc10..ed8c21d 100644 --- a/nixos/kanata/configuration.nix +++ b/nixos/kanata/configuration.nix @@ -78,7 +78,7 @@ in sops.secrets.nextcloud-admin-pass = { owner = "nextcloud"; }; sops.secrets.acme-credentials = { owner = "acme"; }; sops.secrets.grafana-admin-pass = { owner = "grafana"; }; - sops.secrets.cf-kusanari-kanata-credentials = { owner = "cloudflared"; }; + sops.secrets.cf-kanata-credentials = { owner = "cloudflared"; }; sops.secrets.nitter-account-jsonl = { }; # sops.secrets.interlink-private-key = { }; sops.secrets.interlink-wg-config = { }; @@ -177,18 +177,18 @@ in enable = true; routes = { - "dns.kusanari.network".to = "http://localhost:4000"; - "metrics.kusanari.network".to = "http://localhost:4001"; - "nitter.kusanari.network".to = "http://localhost:4002"; - "invidious.kusanari.network".to = "http://localhost:4003"; - "hydra.kusanari.network".to = "http://localhost:4004"; - "cache.kusanari.network".to = "http://localhost:4005"; - "torrent.kusanari.network".to = "http://localhost:4006"; - "paperless.kusanari.network".to = "http://localhost:4007"; - "change.labs.kusanari.network".to = "http://localhost:4901"; + "dns.kanata.network".to = "http://localhost:4000"; + "metrics.kanata.network".to = "http://localhost:4001"; + "nitter.kanata.network".to = "http://localhost:4002"; + "invidious.kanata.network".to = "http://localhost:4003"; + "hydra.kanata.network".to = "http://localhost:4004"; + "cache.kanata.network".to = "http://localhost:4005"; + "torrent.kanata.network".to = "http://localhost:4006"; + "paperless.kanata.network".to = "http://localhost:4007"; + "change.labs.kanata.network".to = "http://localhost:4901"; # Nginx pre-configured routes - "nextcloud.kusanari.network" = { + "nextcloud.kanata.network" = { to = "http://localhost:80"; configureNginx = false; }; @@ -196,13 +196,13 @@ in ssl = { enable = true; - acmeHost = "kusanari.network"; + acmeHost = "kanata.network"; }; tailscaleIp = "100.93.1.1"; - # kusanari-kanata @ core + # kanata @ core cloudflareUUID = "bf6dcc14-d315-41c7-b798-3fe0e0e968eb"; - secrets.cloudflare-credentials = config.sops.secrets.cf-kusanari-kanata-credentials.path; + secrets.cloudflare-credentials = config.sops.secrets.cf-kanata-credentials.path; }; services.nginx.enable = true; @@ -212,7 +212,7 @@ in email = poorObfuscation "sefidel.net" "postmaster"; certs = { - "kusanari.network" = { + "kanata.network" = { subDomains = [ "*.labs" "cache" @@ -234,7 +234,7 @@ in services.metrics = { enable = true; - realHost = "metrics.kusanari.network"; + realHost = "metrics.kanata.network"; secrets.adminPassword = config.sops.secrets.grafana-admin-pass.path; }; @@ -243,7 +243,7 @@ in services.blocky = { enable = true; - realHost = "dns.kusanari.network"; + realHost = "dns.kanata.network"; }; services.nextcloud = rec { @@ -254,18 +254,18 @@ in acmeHost = domain; }; - domain = "kusanari.network"; - realHost = "nextcloud.kusanari.network"; + domain = "kanata.network"; + realHost = "nextcloud.kanata.network"; secrets.admin-pass = config.sops.secrets.nextcloud-admin-pass.path; }; services.nitter = { enable = true; - title = "Kusanari Nitter"; + title = "Kanata Nitter"; - domain = "kusanari.network"; - realHost = "nitter.kusanari.network"; + domain = "kanata.network"; + realHost = "nitter.kanata.network"; secrets.nitter-guest-accounts = config.sops.secrets.nitter-account-jsonl.path; }; @@ -283,22 +283,22 @@ in services.invidious = { enable = true; - domain = "kusanari.network"; - realHost = "invidious.kusanari.network"; + domain = "kanata.network"; + realHost = "invidious.kanata.network"; secrets.invidious-hmac-key = config.sops.secrets.invidious-hmac.path; }; services.hydra = { enable = true; - baseURL = "https://hydra.kusanari.network"; + baseURL = "https://hydra.kanata.network"; }; services.atticd = { enable = true; - hosts = [ "cache.kusanari.network" ]; - baseURL = "https://cache.kusanari.network/"; + hosts = [ "cache.kanata.network" ]; + baseURL = "https://cache.kanata.network/"; storagePath = "/smol/archive/attic"; @@ -317,7 +317,7 @@ in services.paperless = { enable = true; - realHost = "paperless.kusanari.network"; + realHost = "paperless.kanata.network"; secrets.paperless-superuser-password = config.sops.secrets.paperless-superuser-password.path; }; }; diff --git a/nixos/kanata/secrets/secrets.yaml b/nixos/kanata/secrets/secrets.yaml index daaa60e..277ddd9 100644 --- a/nixos/kanata/secrets/secrets.yaml +++ b/nixos/kanata/secrets/secrets.yaml @@ -4,7 +4,7 @@ initrd-ts-state: ENC[AES256_GCM,data:8xftKiXfuaWB4XxvP9LBAmFTbX1VbGJix6SqkIbDliU zfs-smol-key: ENC[AES256_GCM,data:M6JUsFoAvt2nqI/9bVq0slhrcQE8sGgC3s0x,iv:hZK99Veh+oMhxxA9BbBe7OBisjhF00baAb1JQ7yfMaA=,tag:30GjpPzIpgw5htoK1BcmUg==,type:str] nextcloud-admin-pass: ENC[AES256_GCM,data:Lvk/j/3fissx6Kyccp9q2gi7ahbd+pR7jFXnx5OL0JRG,iv:Y0GI/z4pFW98Ll6xpuENr+fTrm7JoE9KadDKx2O4WLI=,tag:ofln+SgrhJm8BpKnVSngoQ==,type:str] grafana-admin-pass: ENC[AES256_GCM,data:waHiV4NyatwQrvRkws8FQut49/ryh9srNSshUbvm,iv:XvU06AqljDsUk9smAak/4OCursX6U/SckPc92AkSTWk=,tag:xBcELmTUUs0mzOY+oiqidA==,type:str] -cf-kusanari-kanata-credentials: ENC[AES256_GCM,data:whwnxMT9JS3iDHbGTk2FoeDBiug26JoRWlyA3sOij861PVJZBEvQJubXD2E5hSwJhyoMIUpb8wgnvB/6GhznouwWfsNh7I39wcaxvHArTNkW+LXrAu8m7ra5dtSUHhPUQifLNYB/TsKHsB+TMhc5IMD6hAHs4uraZHmF1cej8PufTDKDLHjwVwDDJSP1ujQaUrRUvp4NUc8ImVCwnG0PYCVv,iv:umi4Yj11E6+BriksGLzvm+YW7NuARmRtvHz2cixILQA=,tag:+LQs2veOW0CmSKCUNtd9KA==,type:str] +cf-kanata-credentials: ENC[AES256_GCM,data:zOKmtTXbmkFD8QOY2dO3pIhru3+2N5DqP+CQUPdiW5guXCzxBUI9ueosoT7qbmm9Ks1KlJ372Ah5riKHT4x2qUg642bnDrjbx4IvKZgenvLsf6XIEFKuV6XKfp6XI6cMoOGF6J/HGv0s/my9jBMAWMNgLC8ilQXH8L3BzjRANJpkzrak6oEMbarTIdwsZoBOD7xDnt4nDerAANsfaYEzt2YU,iv:imseTCuMGUSR9WkDHGlUmjdqOKGBigAEX3ClckIYa9U=,tag:0of2EZxi1QWejfK8s4x7mw==,type:str] nitter-account-jsonl: ENC[AES256_GCM,data:a7nSbFcG+E5xXnY4moLAu1ULujjZ8czGGLQNqaLZtFISG5Fc/0mMwRxKdArp9pwdUrteSUWzoKlkeTfsHsoS4TmPMuna/nLKSjBV1bvPdOuBEIi6IP9o6zb9izUvcwTAcMiWPjeRYNyLy5p9tvdIQ0MmRmd5UW9WUILLs7r5dmIK/ssNgYf89jJsdhBRpzOmjOtBbzn2uTA6+3s7ldswSWhAP94654Hrbg1IKxvefAgAqm+/2aNvY1Jxh71bNlWH+/WNBtH7pC24NeNWjiNHKzGhix2UecmcQ5/CEo8DBa6mg4gpe9i+VxzHhl3NJoFrfuicFT2ebTEjv8p7ZXLF3ZRgscXXb9YJ5CjmVILiUh/yYqM2jzSLbGHKIetlNFlmNkAYXN3j+A4w4Jiu4lVA3jwFPVxk92pSHi7hhib5gP3P20Zfbr89zk9tGIBQVDWo4p1LrwumH6aCq+XaIPAHOspFheIteZUJ1q0V2vylrBfkrj+ISDQ94aWgSKC74dynGL4joH4DJ2g6xSh26FMNlvBR7Mwg1PpfmJKx0I3iROoEc3RCPdxaoPiJNL7gpRlHV2a5H+ZCgpuWxcQ=,iv:joZcbUidniBqGu9Lkg6wd+mBdmgU/inbPEOlXewU5U4=,tag:y8Uv4zxuTAsTKB+OB4S6Xw==,type:str] acme-credentials: ENC[AES256_GCM,data:6SIuFH3sRcz/Z855br7VgFKEEA1crztKmhVd3chK7ERJpfG9pTxxX0mAxG3aK5OhXwZpDMp0YkxtEphdkb5m0ZU=,iv:bUMtK0SvtrNwlhuY1k0dNVIOcJgM1OLjmbl+X+Zj01E=,tag:x6kdGrSsImZlpHrPnEAmXA==,type:str] invidious-hmac: ENC[AES256_GCM,data:uIw4aQm6oYd5heSxrJnt6Nvc+fTPLMSEDtDyZ/ayogl6qx/gPg==,iv:8AVzwO9peE0UC70nLxBxHKzTcitrzvBvy120fdQD1+c=,tag:rr7MOqgOFFxXN8W+9MKvLg==,type:str] @@ -38,8 +38,8 @@ sops: YkRGS2ZBbm1keWpUQUFOWDRtTWZVa0EKc+lKEP0L/yoFLx6p1zbWfifPWc7Y9Qqh qccODSyHqzwdriHLxXuw9SCnF+SeA721te6+pDVhJj8vqv2UqHiATw== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-06-24T14:39:04Z" - mac: ENC[AES256_GCM,data:Gnx4wfiDqSvuYt2eOzAJhvL/t5lItsPajTykw1mONpCbdv03j/7bccyayvDajXQiD110fDN+gDDkux7IVWC1Zv/Gj2M3+qRq6OHCeDxtHwLW2KVdCoine2BxKN0RuIwkyJ9xNE6GQ1P7CaIjYrT2ilztjfZvIzydAZPsxCRV3Sg=,iv:w/XrddHvz1mi+SuyWavryk9duZMQay5ICd33ZTZynIg=,tag:TV7ekS5S01MoIpr8WGczrA==,type:str] + lastmodified: "2024-12-08T16:00:13Z" + mac: ENC[AES256_GCM,data:6SjNDZWaGYObqWM9UXlxPEwbSdu74Ih21sYcUnqVDttznMtCTbsJ154bhNQXSK4LhKnfocp0IpO9Ft5ZLS4cEXJ6XqWeZKqTl+b14Y0Pw6xEq7330DxbDxwMSwk+0IEn0Xo3vMy6MisSgcOsm9R5E61vjNfWFH6EKTjE0MefbbQ=,iv:KvYvDo9GM+qimRjmE6NcGAoGfp8w+I+1YCI4gwrq9eI=,tag:96oHidSwuJdC8+HVNtD+zA==,type:str] pgp: [] unencrypted_suffix: _unencrypted - version: 3.8.1 + version: 3.9.1 -- cgit 1.4.1