xeovalyte/nix
1
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'main' of ssh://gitea.xeovalyte.dev:2222/xeovalyte/nix

Browse Source
This commit is contained in:
Timo Boomers 2025-05-01 18:50:20 +02:00
commit d7056e8f38
Signed by: xeovalyte
SSH Key Fingerprint: SHA256:GWI1hq+MNKR2UOcvk7n9tekASXT8vyazK7vDF9Xyciw
7 changed files with 27 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.sops.yaml
View File

@ -1,7 +1,7 @@
keys:
- &v-th-ctr-01 age1cs2p7tgk9356tjmet6526k3ghwq9we82nz6z7qggqns656paku6sx30tkg
creation_rules:
- path_regex: secrets/secrets.yaml$
- path_regex: secrets/deploy.yaml$
key_groups:
- age:
- *v-th-ctr-01

1
hosts/v-th-ctr-01/home.nix
View File

@ -49,6 +49,7 @@
pingvin-share.enable = true;
vaultwarden.enable = true;
paperless-ngx.enable = true;
beszel.enable = true;
};
};

7
modules/home/containers/beszel.nix
View File

@ -35,12 +35,17 @@ in {
image = "henrygd/beszel-agent:latest";
network = "proxy";
volumes = [
"%h/containers/beszel/beszel_socket:/beszel_socket"
"%h/containers/beszel/socket:/beszel_socket"
"/run/user/1000/podman/podman.sock:/var/run/podman.sock:ro"
"${config.sops.secrets."containers/beszel/key".path}:/run/secrets/key"
];
user = 1000;
userNS = "keep-id";
environment = {
LISTEN = "/beszel_socket/beszel.sock";
KEY_FILE = "/run/secrets/key";
DOCKER_HOST = "unix:///var/run/podman.sock";
};
};

5
modules/home/containers/caddy.nix
View File

@ -88,6 +88,11 @@ in {
handle @paperless-ngx {
reverse_proxy paperless-ngx:8000
}
@beszel host monitor.local.tbmrs.nl
handle @beszel {
reverse_proxy beszel:8090
}
}
'';
};

9
modules/home/containers/homepage.nix
View File

@ -59,6 +59,15 @@ in {
container = "uptime-kuma";
};
}
{
"Beszel" = {
href = "https://monitor.local.tbmrs.nl";
description = "Server monitoring";
icon = "beszel";
server = "podman";
container = "beszel";
};
}
];
}
{

1
modules/home/default.nix
View File

@ -35,5 +35,6 @@
./containers/pingvin-share.nix
./containers/vaultwarden.nix
./containers/paperless-ngx.nix
./containers/beszel.nix
];
}

6
secrets/deploy.yaml
View File

@ -2,6 +2,8 @@ example-key: ENC[AES256_GCM,data:zQ4Sb+IOxM/JB/0KZQ==,iv:SgpzREfqbgBgd8psV7Optl4
containers:
pingvin-share:
oidc-secret: ENC[AES256_GCM,data:jO5fvIK/1XnFweqKvedPMED0xvsqErjDP+eT7wAwXFuREbS6KakwY7pUzi20wdI0,iv:SnnmXiZoawpZV83483esQ1TIaFTACiIUcA6hcoXsw0I=,tag:cC/ftyj8jlK1re/rX4IiEw==,type:str]
beszel:
key: ENC[AES256_GCM,data:rRtx8Jx/aHOqeRa9dlyc42/62UwwqhkiLDLnZCM65rpW5nL5cQG2dS81YOMVPrE7Sa/cHlE3bvxqETaxMmsJGYukjmZph8skpF0qukCDe4Q=,iv:OS/+jF4MtwPdijXPpG2pgpJQTYyer9bms97B+kO8XhI=,tag:va7jCSGrXp2YKBlYzLI39g==,type:str]
paperless-ngx:
db-password: ENC[AES256_GCM,data:H21HVshmFuWJ5qNIrjm0VMGHEsT7cCvScgamU+CAaNZ6j5ux/r4xiF9zP7Qh40sKTOvyoWGTcHGPHE5ClpGuQA==,iv:tDIRfThBOfHr+gGRqywlHAk/x4MkhHRFsJEp5nnlGPA=,tag:XbYKD90l3u93Ur4VOqOn6w==,type:str]
secret: ENC[AES256_GCM,data:+1hriBiSbt+zUjEkBTEM90PFNlxfNwRAmz8wHyeyOnq6ThI+PtlDu83sunBFL2FUYJX0N4h3R4FvJBUkrPr0NQ==,iv:zzhFaoLnskspp1S291KABLZITgcof63cjShnsZrlAmw=,tag:+aafTLgZVBWeclQLQvVlQg==,type:str]
@ -21,8 +23,8 @@ sops:
bGpsMnpoQWlxbmlobVdVSjU2ZWp1dGMKql+6ZqtuixZ9TJgJMaTOFsB0gsLLvuqE
ZQikUHunrP8d5n/TvzL4VyIF2Oqy+cjTnjX/9fcqsjB6w3oY4qDXkg==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-04-30T09:15:42Z"
mac: ENC[AES256_GCM,data:Mxq3LnXRpnVv/U7QEGL5I3gF3y8W8IfsdTvinIsn5Qi6m04JinyJ0Vgr4JbMstB/8gh259MsAO2na7/vZ8brLuol0X8vZeIlgIoX8DazuI6dpNr284zPWsiRNr8gzBViYDRb4GVf+GF11iXcw3UlJE8uB+N4z4Y4sUbobOt402c=,iv:G86XwJp6ZRB8ioDbNDGKxLPNIcAmcusH/blT/8FKFlk=,tag:emMQZ7TAJGy7yqSpD7+1Cg==,type:str]
lastmodified: "2025-04-30T13:11:24Z"
mac: ENC[AES256_GCM,data:JA1T9q0otjshJWyb8fingvD0CmYyTKdhvNMI3RVoZaMEAwBV4AwMCftG9zWMOgof4NcG4EhdOI7KG7qhctpo25K9j5IhaY8GA/p7BStBopuowTTUZecWHxXy4OFEtuW1PXBGrkgfkupV+RZfeisoa1gGFhQ2tW+fOqtoTFFCLHA=,iv:CM5zgvA2krzLHGiVeiSTVzcswwk9+QJmNCr+3hqw+To=,tag:H0x1UasoXNb38+Cq0CP0YA==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.9.4