vps-arm-2024-08-31-19-50-48

2024-08-31 19:50:48 +02:00
parent 0913bfdf70
commit ed4197f387
5 changed files with 16 additions and 11 deletions
--- a/machine/vps-arm/configuration.nix
+++ b/machine/vps-arm/configuration.nix
@ -47,21 +47,26 @@ in
        group = config.users.users.alex.group;
      };

-      # webdav-password = {
-      #   owner = config.users.users.alex.name;
-      #   group = config.users.users.alex.group;
-      # };
-
-      goaccess-password = {
+      goaccess-htpasswd = {
        owner = config.services.nginx.user;
        group = config.services.nginx.group;
      };

-      frigate-password = {
+      frigate-htpasswd = {
        owner = config.services.nginx.user;
        group = config.services.nginx.group;
      };

+      nextcloud-password = {
+        owner = "nextcloud";
+        group = "nextcloud";
+      };
+
+      gitea-password = {
+        owner = config.services.gitea.user;
+        group = config.services.gitea.group;
+      };
+
      hashedPassword = {
        neededForUsers = true;
        sopsFile = ../../secrets.yaml;
--- a/services/frigate.nix
+++ b/services/frigate.nix
@ -9,7 +9,7 @@ in
        "frigate.szczepan.ski" = {
          forceSSL = true;
          enableACME = true;
-          basicAuthFile = config.sops.secrets.frigate-password.path;
+          basicAuthFile = config.sops.secrets.frigate-htpasswd.path;
        };
      };
    };
--- a/services/gitea.nix
+++ b/services/gitea.nix
@ -29,7 +29,7 @@
      appName = "My awesome Gitea server"; # Give the site a name
      database = {
        type = "postgres";
-        password = "REMOVED_OLD_PASSWORD_FROM_HISTORY";
+        passwordFile = config.sops.secrets.gitea-password.path;
      };
      settings = {
        server = {
--- a/services/goaccess.nix
+++ b/services/goaccess.nix
@ -9,7 +9,7 @@ in
        "goaccess.szczepan.ski" = {
          forceSSL = true;
          enableACME = true;
-          basicAuthFile = config.sops.secrets.goaccess-password.path;
+          basicAuthFile = config.sops.secrets.goaccess-htpasswd.path;
          locations = {
            "/" = { root = "/var/www/goaccess"; };
            "/ws" = {
--- a/services/nextcloud.nix
+++ b/services/nextcloud.nix
@ -92,7 +92,7 @@
      config = {
        dbtype = "pgsql";
        adminuser = "alex";
-        adminpassFile = "/var/nextcloud-admin-pass";
+        adminpassFile = config.sops.secrets.nextcloud-password.path;
      };
    };
  };