karaolidis/nix
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Refactor secrets

Browse Source 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
This commit is contained in:
Nick Karaolidis
2025-07-24 11:01:47 +01:00
parent ba55a766ec
commit 15bf209e8c
62 changed files with 214 additions and 158 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
hosts/jupiter/users/storm/configs/console/podman/media/jellyfin/default.nix
View File

@@ -17,11 +17,11 @@ in
home-manager.users.${user} = {
sops = {
secrets = {
"jellyfin/admin".sopsFile = ../../../../../../../secrets/secrets.yaml;
"jellyfin/authelia/password".sopsFile = ../../../../../../../secrets/secrets.yaml;
"jellyfin/authelia/digest".sopsFile = ../../../../../../../secrets/secrets.yaml;
"opensubtitles/username".sopsFile = ../../../../../../../../../secrets/personal/secrets.yaml;
"opensubtitles/password".sopsFile = ../../../../../../../../../secrets/personal/secrets.yaml;
"jellyfin/admin".sopsFile = "${inputs.secrets}/hosts/jupiter/secrets.yaml";
"jellyfin/authelia/password".sopsFile = "${inputs.secrets}/hosts/jupiter/secrets.yaml";
"jellyfin/authelia/digest".sopsFile = "${inputs.secrets}/hosts/jupiter/secrets.yaml";
"opensubtitles/username".sopsFile = "${inputs.secrets}/personal/secrets.yaml";
"opensubtitles/password".sopsFile = "${inputs.secrets}/personal/secrets.yaml";
};
templates = {

6
hosts/jupiter/users/storm/configs/console/podman/media/jellyseerr/default.nix
View File

@@ -24,9 +24,9 @@ in
home-manager.users.${user} = {
sops = {
secrets = {
"jellyseerr/smtp".sopsFile = ../../../../../../../secrets/secrets.yaml;
"jellyseerr/authelia/password".sopsFile = ../../../../../../../secrets/secrets.yaml;
"jellyseerr/authelia/digest".sopsFile = ../../../../../../../secrets/secrets.yaml;
"jellyseerr/smtp".sopsFile = "${inputs.secrets}/hosts/jupiter/secrets.yaml";
"jellyseerr/authelia/password".sopsFile = "${inputs.secrets}/hosts/jupiter/secrets.yaml";
"jellyseerr/authelia/digest".sopsFile = "${inputs.secrets}/hosts/jupiter/secrets.yaml";
};
templates = {

2
hosts/jupiter/users/storm/configs/console/podman/media/prowlarr/default.nix
View File

@@ -20,7 +20,7 @@ in
{
home-manager.users.${user} = {
sops = {
secrets."prowlarr/apiKey".sopsFile = ../../../../../../../secrets/secrets.yaml;
secrets."prowlarr/apiKey".sopsFile = "${inputs.secrets}/hosts/jupiter/secrets.yaml";
templates = {
prowlarr-env.content = ''

2
hosts/jupiter/users/storm/configs/console/podman/media/radarr/default.nix
View File

@@ -21,7 +21,7 @@ in
secrets = builtins.listToAttrs (
builtins.map (radarr: {
name = "${radarr.hostName}/apiKey";
value.sopsFile = ../../../../../../../secrets/secrets.yaml;
value.sopsFile = "${inputs.secrets}/hosts/jupiter/secrets.yaml";
}) radarrs
);

2
hosts/jupiter/users/storm/configs/console/podman/media/sonarr/default.nix
View File

@@ -21,7 +21,7 @@ in
secrets = builtins.listToAttrs (
builtins.map (sonarr: {
name = "${sonarr.hostName}/apiKey";
value.sopsFile = ../../../../../../../secrets/secrets.yaml;
value.sopsFile = "${inputs.secrets}/hosts/jupiter/secrets.yaml";
}) sonarrs
);

2
hosts/jupiter/users/storm/configs/console/podman/media/transmission/default.nix
View File

@@ -13,7 +13,7 @@ let
in
{
home-manager.users.${user} = {
sops.secrets."transmission/protonvpn".sopsFile = ../../../../../../../secrets/secrets.yaml;
sops.secrets."transmission/protonvpn".sopsFile = "${inputs.secrets}/hosts/jupiter/secrets.yaml";
systemd.user.tmpfiles.rules = [
"d /mnt/storage/private/storm/containers/storage/volumes/media/_data/downloads/transmission 755 storm storm"