diff --git a/disks/README.md b/disks/README.md deleted file mode 100644 index 43bc5dc..0000000 --- a/disks/README.md +++ /dev/null @@ -1,5 +0,0 @@ -# Disks - -These are my [disko](https://github.com/nix-community/disko) configurations, -which allow me to save desired disk formatting layouts as a declarative file so -I don't have to remember how to format my disks later on. diff --git a/private/cloudflared-flame.age b/hosts-by-platform/aarch64-linux/flame/cloudflared-flame.age similarity index 100% rename from private/cloudflared-flame.age rename to hosts-by-platform/aarch64-linux/flame/cloudflared-flame.age diff --git a/hosts-by-platform/aarch64-linux/flame/default.nix b/hosts-by-platform/aarch64-linux/flame/default.nix index 2872e12..11bc8c6 100644 --- a/hosts-by-platform/aarch64-linux/flame/default.nix +++ b/hosts-by-platform/aarch64-linux/flame/default.nix @@ -52,7 +52,7 @@ rec { nmasur.presets.services.cloudflared = { tunnel = { id = "bd250ee1-ed2e-42d2-b627-039f1eb5a4d2"; - credentialsFile = ../../../private/cloudflared-flame.age; + credentialsFile = ./cloudflared-flame.age; ca = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBK/6oyVqjFGX3Uvrc3VS8J9sphxzAnRzKC85xgkHfYgR3TK6qBGXzHrknEj21xeZrr3G2y1UsGzphWJd9ZfIcdA= open-ssh-ca@cloudflareaccess.org"; }; }; diff --git a/hosts-by-platform/default.nix b/hosts-by-platform/default.nix index dd140e9..013ce03 100644 --- a/hosts-by-platform/default.nix +++ b/hosts-by-platform/default.nix @@ -34,7 +34,7 @@ in ]; x86_64-linux-hosts = lib.pipe (lib.filesystem.listFilesRecursive ./x86_64-linux) [ # Get only files ending in default.nix - (builtins.filter (name: lib.hasSuffix ".nix" name)) + (builtins.filter (name: lib.hasSuffix "default.nix" name)) # Import each host function (map (file: { name = lib.removeSuffix ".nix" (builtins.baseNameOf file); diff --git a/hosts-by-platform/x86_64-linux/staff.nix b/hosts-by-platform/x86_64-linux/staff/default.nix similarity index 100% rename from hosts-by-platform/x86_64-linux/staff.nix rename to hosts-by-platform/x86_64-linux/staff/default.nix diff --git a/private/cloudflared-swan.age b/hosts-by-platform/x86_64-linux/swan/cloudflared-swan.age similarity index 100% rename from private/cloudflared-swan.age rename to hosts-by-platform/x86_64-linux/swan/cloudflared-swan.age diff --git a/hosts-by-platform/x86_64-linux/swan.nix b/hosts-by-platform/x86_64-linux/swan/default.nix similarity index 97% rename from hosts-by-platform/x86_64-linux/swan.nix rename to hosts-by-platform/x86_64-linux/swan/default.nix index b1b65e6..bed74d3 100644 --- a/hosts-by-platform/x86_64-linux/swan.nix +++ b/hosts-by-platform/x86_64-linux/swan/default.nix @@ -85,7 +85,7 @@ rec { nmasur.presets.services.cloudflared = { tunnel = { id = "646754ac-2149-4a58-b51a-e1d0a1f3ade2"; - credentialsFile = ../../private/cloudflared-swan.age; + credentialsFile = ./cloudflared-swan.age; ca = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCHF/UMtJqPFrf6f6GRY0ZFnkCW7b6sYgUTjTtNfRj1RdmNic1NoJZql7y6BrqQinZvy7nsr1UFDNWoHn6ah3tg= open-ssh-ca@cloudflareaccess.org"; }; }; diff --git a/disks/root.nix b/hosts-by-platform/x86_64-linux/swan/root.nix similarity index 100% rename from disks/root.nix rename to hosts-by-platform/x86_64-linux/swan/root.nix diff --git a/private/cloudflared-tempest.age b/hosts-by-platform/x86_64-linux/tempest/cloudflared-tempest.age similarity index 100% rename from private/cloudflared-tempest.age rename to hosts-by-platform/x86_64-linux/tempest/cloudflared-tempest.age diff --git a/hosts-by-platform/x86_64-linux/tempest.nix b/hosts-by-platform/x86_64-linux/tempest/default.nix similarity index 97% rename from hosts-by-platform/x86_64-linux/tempest.nix rename to hosts-by-platform/x86_64-linux/tempest/default.nix index 15f4ca6..2be123b 100644 --- a/hosts-by-platform/x86_64-linux/tempest.nix +++ b/hosts-by-platform/x86_64-linux/tempest/default.nix @@ -98,7 +98,7 @@ rec { nmasur.presets.services.cloudflared = { tunnel = { id = "ac133a82-31fb-480c-942a-cdbcd4c58173"; - credentialsFile = ../../../private/cloudflared-tempest.age; + credentialsFile = ./cloudflared-tempest.age; ca = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPY6C0HmdFCaxYtJxFr3qV4/1X4Q8KrYQ1hlme3u1hJXK+xW+lc9Y9glWHrhiTKilB7carYTB80US0O47gI5yU4= open-ssh-ca@cloudflareaccess.org"; }; }; diff --git a/hosts-old/aarch64-darwin/default.nix b/hosts-old/aarch64-darwin/default.nix deleted file mode 100644 index 94d6522..0000000 --- a/hosts-old/aarch64-darwin/default.nix +++ /dev/null @@ -1,18 +0,0 @@ -# Return a list of all nix-darwin hosts - -{ lib, ... }: - -lib.pipe (lib.filesystem.listFilesRecursive ./.) [ - # Get only files ending in default.nix - (builtins.filter (name: lib.hasSuffix "default.nix" name)) - # Remove this file - (builtins.filter (name: name != ./default.nix)) - # Import each host function - map - (file: { - name = builtins.baseNameOf (builtins.dirOf file); - value = import file; - }) - # Convert to an attrset of hostname -> host function - (builtins.listToAttrs) -] diff --git a/hosts-old/aarch64-linux/default.nix b/hosts-old/aarch64-linux/default.nix deleted file mode 100644 index 0d927f6..0000000 --- a/hosts-old/aarch64-linux/default.nix +++ /dev/null @@ -1,22 +0,0 @@ -# Return a list of all NixOS hosts - -{ nixpkgs, ... }: - -let - inherit (nixpkgs) lib; -in - -lib.pipe (lib.filesystem.listFilesRecursive ./.) [ - # Get only files ending in default.nix - (builtins.filter (name: lib.hasSuffix "default.nix" name)) - # Remove this file - (builtins.filter (name: name != ./default.nix)) - # Import each host function - map - (file: { - name = builtins.baseNameOf (builtins.dirOf file); - value = import file; - }) - # Convert to an attrset of hostname -> host function - (builtins.listToAttrs) -] diff --git a/hosts-old/x86_64-linux/arrow/aws/ec2.tf b/hosts-old/arrow/aws/ec2.tf similarity index 100% rename from hosts-old/x86_64-linux/arrow/aws/ec2.tf rename to hosts-old/arrow/aws/ec2.tf diff --git a/hosts-old/x86_64-linux/arrow/aws/image.tf b/hosts-old/arrow/aws/image.tf similarity index 100% rename from hosts-old/x86_64-linux/arrow/aws/image.tf rename to hosts-old/arrow/aws/image.tf diff --git a/hosts-old/x86_64-linux/arrow/aws/main.tf b/hosts-old/arrow/aws/main.tf similarity index 100% rename from hosts-old/x86_64-linux/arrow/aws/main.tf rename to hosts-old/arrow/aws/main.tf diff --git a/hosts-old/x86_64-linux/arrow/aws/outputs.tf b/hosts-old/arrow/aws/outputs.tf similarity index 100% rename from hosts-old/x86_64-linux/arrow/aws/outputs.tf rename to hosts-old/arrow/aws/outputs.tf diff --git a/hosts-old/x86_64-linux/arrow/aws/variables.tf b/hosts-old/arrow/aws/variables.tf similarity index 100% rename from hosts-old/x86_64-linux/arrow/aws/variables.tf rename to hosts-old/arrow/aws/variables.tf diff --git a/hosts-old/x86_64-linux/arrow/default.nix b/hosts-old/arrow/default.nix similarity index 100% rename from hosts-old/x86_64-linux/arrow/default.nix rename to hosts-old/arrow/default.nix diff --git a/hosts-old/x86_64-linux/arrow/modules.nix b/hosts-old/arrow/modules.nix similarity index 100% rename from hosts-old/x86_64-linux/arrow/modules.nix rename to hosts-old/arrow/modules.nix diff --git a/hosts-old/x86_64-linux/arrow/vultr/main.tf b/hosts-old/arrow/vultr/main.tf similarity index 100% rename from hosts-old/x86_64-linux/arrow/vultr/main.tf rename to hosts-old/arrow/vultr/main.tf diff --git a/hosts-old/x86_64-linux/hydra/default.nix b/hosts-old/hydra/default.nix similarity index 100% rename from hosts-old/x86_64-linux/hydra/default.nix rename to hosts-old/hydra/default.nix diff --git a/hosts-old/x86_64-linux/staff/default.nix b/hosts-old/staff/default.nix similarity index 100% rename from hosts-old/x86_64-linux/staff/default.nix rename to hosts-old/staff/default.nix diff --git a/hosts-old/x86_64-linux/default.nix b/hosts-old/x86_64-linux/default.nix deleted file mode 100644 index 0d927f6..0000000 --- a/hosts-old/x86_64-linux/default.nix +++ /dev/null @@ -1,22 +0,0 @@ -# Return a list of all NixOS hosts - -{ nixpkgs, ... }: - -let - inherit (nixpkgs) lib; -in - -lib.pipe (lib.filesystem.listFilesRecursive ./.) [ - # Get only files ending in default.nix - (builtins.filter (name: lib.hasSuffix "default.nix" name)) - # Remove this file - (builtins.filter (name: name != ./default.nix)) - # Import each host function - map - (file: { - name = builtins.baseNameOf (builtins.dirOf file); - value = import file; - }) - # Convert to an attrset of hostname -> host function - (builtins.listToAttrs) -] diff --git a/private/mailpass.age b/platforms/home-manager/modules/nmasur/presets/services/mbsync/mailpass.age similarity index 100% rename from private/mailpass.age rename to platforms/home-manager/modules/nmasur/presets/services/mbsync/mailpass.age diff --git a/platforms/home-manager/modules/nmasur/presets/services/mbsync.nix b/platforms/home-manager/modules/nmasur/presets/services/mbsync/mbsync.nix similarity index 98% rename from platforms/home-manager/modules/nmasur/presets/services/mbsync.nix rename to platforms/home-manager/modules/nmasur/presets/services/mbsync/mbsync.nix index 5020fa4..d00f11d 100644 --- a/platforms/home-manager/modules/nmasur/presets/services/mbsync.nix +++ b/platforms/home-manager/modules/nmasur/presets/services/mbsync/mbsync.nix @@ -112,7 +112,7 @@ in notmuch.enable = true; # Used to login and send and receive emails - passwordCommand = "${lib.getExe pkgs.age} --decrypt --identity ~/.ssh/id_ed25519 ${pkgs.writeText "mailpass.age" (builtins.readFile ../../../../../../private/mailpass.age)}"; + passwordCommand = "${lib.getExe pkgs.age} --decrypt --identity ~/.ssh/id_ed25519 ${pkgs.writeText "mailpass.age" (builtins.readFile ./mailpass.age)}"; smtp = { host = cfg.smtpHost; diff --git a/private/mailpass-system.age b/platforms/nixos/modules/nmasur/presets/programs/msmtp/mailpass-system.age similarity index 100% rename from private/mailpass-system.age rename to platforms/nixos/modules/nmasur/presets/programs/msmtp/mailpass-system.age diff --git a/platforms/nixos/modules/nmasur/presets/programs/msmtp.nix b/platforms/nixos/modules/nmasur/presets/programs/msmtp/msmtp.nix similarity index 95% rename from platforms/nixos/modules/nmasur/presets/programs/msmtp.nix rename to platforms/nixos/modules/nmasur/presets/programs/msmtp/msmtp.nix index 6efdc09..4ee6c48 100644 --- a/platforms/nixos/modules/nmasur/presets/programs/msmtp.nix +++ b/platforms/nixos/modules/nmasur/presets/programs/msmtp/msmtp.nix @@ -32,7 +32,7 @@ in passwordFile = lib.mkOption { type = lib.types.path; description = "Password file for SMTP"; - default = ../../../../../../private/mailpass-system.age; + default = ./mailpass-system.age; }; }; diff --git a/platforms/nixos/modules/nmasur/presets/services/arr.nix b/platforms/nixos/modules/nmasur/presets/services/arr/arr.nix similarity index 96% rename from platforms/nixos/modules/nmasur/presets/services/arr.nix rename to platforms/nixos/modules/nmasur/presets/services/arr/arr.nix index 3abf4a2..bf0aadc 100644 --- a/platforms/nixos/modules/nmasur/presets/services/arr.nix +++ b/platforms/nixos/modules/nmasur/presets/services/arr/arr.nix @@ -250,27 +250,27 @@ in # Secrets for Prometheus exporters secrets.radarrApiKey = { - source = ../../../private/radarr-api-key.age; + source = ./radarr-api-key.age; dest = "/var/private/radarr-api"; prefix = "API_KEY="; }; secrets.readarrApiKey = { - source = ../../../private/radarr-api-key.age; + source = ./radarr-api-key.age; dest = "/var/private/readarr-api"; prefix = "API_KEY="; }; secrets.sonarrApiKey = { - source = ../../../private/sonarr-api-key.age; + source = ./sonarr-api-key.age; dest = "/var/private/sonarr-api"; prefix = "API_KEY="; }; secrets.prowlarrApiKey = { - source = ../../../private/prowlarr-api-key.age; + source = ./prowlarr-api-key.age; dest = "/var/private/prowlarr-api"; prefix = "API_KEY="; }; secrets.sabnzbdApiKey = { - source = ../../../private/sabnzbd-api-key.age; + source = ./sabnzbd-api-key.age; dest = "/var/private/sabnzbd-api"; prefix = "API_KEY="; }; diff --git a/private/prowlarr-api-key.age b/platforms/nixos/modules/nmasur/presets/services/arr/prowlarr-api-key.age similarity index 100% rename from private/prowlarr-api-key.age rename to platforms/nixos/modules/nmasur/presets/services/arr/prowlarr-api-key.age diff --git a/private/radarr-api-key.age b/platforms/nixos/modules/nmasur/presets/services/arr/radarr-api-key.age similarity index 100% rename from private/radarr-api-key.age rename to platforms/nixos/modules/nmasur/presets/services/arr/radarr-api-key.age diff --git a/private/sabnzbd-api-key.age b/platforms/nixos/modules/nmasur/presets/services/arr/sabnzbd-api-key.age similarity index 100% rename from private/sabnzbd-api-key.age rename to platforms/nixos/modules/nmasur/presets/services/arr/sabnzbd-api-key.age diff --git a/private/sonarr-api-key.age b/platforms/nixos/modules/nmasur/presets/services/arr/sonarr-api-key.age similarity index 100% rename from private/sonarr-api-key.age rename to platforms/nixos/modules/nmasur/presets/services/arr/sonarr-api-key.age diff --git a/private/cloudflare-api.age b/platforms/nixos/modules/nmasur/presets/services/cloudflare/cloudflare-api.age similarity index 100% rename from private/cloudflare-api.age rename to platforms/nixos/modules/nmasur/presets/services/cloudflare/cloudflare-api.age diff --git a/platforms/nixos/modules/nmasur/presets/services/cloudflare.nix b/platforms/nixos/modules/nmasur/presets/services/cloudflare/cloudflare.nix similarity index 97% rename from platforms/nixos/modules/nmasur/presets/services/cloudflare.nix rename to platforms/nixos/modules/nmasur/presets/services/cloudflare/cloudflare.nix index f6ca463..41121d3 100644 --- a/platforms/nixos/modules/nmasur/presets/services/cloudflare.nix +++ b/platforms/nixos/modules/nmasur/presets/services/cloudflare/cloudflare.nix @@ -98,7 +98,7 @@ in # Private key is used for LetsEncrypt secrets.letsencrypt-key = { - source = ../../../../../../private/letsencrypt-key.age; + source = ./letsencrypt-key.age; dest = "${config.secretsDirectory}/letsencrypt-key"; owner = "caddy"; group = "caddy"; @@ -106,7 +106,7 @@ in # API key must have access to modify Cloudflare DNS records secrets.cloudflare-api = { - source = ../../../../../../private/cloudflare-api.age; + source = ./cloudflare-api.age; dest = "${config.secretsDirectory}/cloudflare-api"; owner = "caddy"; group = "caddy"; diff --git a/private/letsencrypt-key.age b/platforms/nixos/modules/nmasur/presets/services/cloudflare/letsencrypt-key.age similarity index 100% rename from private/letsencrypt-key.age rename to platforms/nixos/modules/nmasur/presets/services/cloudflare/letsencrypt-key.age diff --git a/platforms/nixos/modules/nmasur/presets/services/gitea-runner-local.nix b/platforms/nixos/modules/nmasur/presets/services/gitea-runner-local/gitea-runner-local.nix similarity index 96% rename from platforms/nixos/modules/nmasur/presets/services/gitea-runner-local.nix rename to platforms/nixos/modules/nmasur/presets/services/gitea-runner-local/gitea-runner-local.nix index da92bad..37e7def 100644 --- a/platforms/nixos/modules/nmasur/presets/services/gitea-runner-local.nix +++ b/platforms/nixos/modules/nmasur/presets/services/gitea-runner-local/gitea-runner-local.nix @@ -52,7 +52,7 @@ in # API key needed to connect to Gitea secrets.giteaRunnerToken = { - source = ../../../private/gitea-runner-token.age; # TOKEN=xyz + source = ./gitea-runner-token.age; # TOKEN=xyz dest = "${config.secretsDirectory}/gitea-runner-token"; }; systemd.services.giteaRunnerToken-secret = { diff --git a/private/gitea-runner-token.age b/platforms/nixos/modules/nmasur/presets/services/gitea-runner-local/gitea-runner-token.age similarity index 100% rename from private/gitea-runner-token.age rename to platforms/nixos/modules/nmasur/presets/services/gitea-runner-local/gitea-runner-token.age diff --git a/platforms/nixos/modules/nmasur/presets/services/grafana.nix b/platforms/nixos/modules/nmasur/presets/services/grafana/grafana.nix similarity index 99% rename from platforms/nixos/modules/nmasur/presets/services/grafana.nix rename to platforms/nixos/modules/nmasur/presets/services/grafana/grafana.nix index 90eccd8..63d9740 100644 --- a/platforms/nixos/modules/nmasur/presets/services/grafana.nix +++ b/platforms/nixos/modules/nmasur/presets/services/grafana/grafana.nix @@ -17,7 +17,7 @@ in # Allow Grafana to connect to email service secrets.mailpass-grafana = { - source = ../../../../../../private/mailpass-grafana.age; + source = ./mailpass-grafana.age; dest = "${config.secretsDirectory}/mailpass-grafana"; owner = "grafana"; group = "grafana"; diff --git a/private/mailpass-grafana.age b/platforms/nixos/modules/nmasur/presets/services/grafana/mailpass-grafana.age similarity index 100% rename from private/mailpass-grafana.age rename to platforms/nixos/modules/nmasur/presets/services/grafana/mailpass-grafana.age diff --git a/private/influxdb2-password.age b/platforms/nixos/modules/nmasur/presets/services/influxdb2/influxdb2-password.age similarity index 100% rename from private/influxdb2-password.age rename to platforms/nixos/modules/nmasur/presets/services/influxdb2/influxdb2-password.age diff --git a/private/influxdb2-token.age b/platforms/nixos/modules/nmasur/presets/services/influxdb2/influxdb2-token.age similarity index 100% rename from private/influxdb2-token.age rename to platforms/nixos/modules/nmasur/presets/services/influxdb2/influxdb2-token.age diff --git a/platforms/nixos/modules/nmasur/presets/services/influxdb2.nix b/platforms/nixos/modules/nmasur/presets/services/influxdb2/influxdb2.nix similarity index 94% rename from platforms/nixos/modules/nmasur/presets/services/influxdb2.nix rename to platforms/nixos/modules/nmasur/presets/services/influxdb2/influxdb2.nix index 1a3e374..d6e7c5d 100644 --- a/platforms/nixos/modules/nmasur/presets/services/influxdb2.nix +++ b/platforms/nixos/modules/nmasur/presets/services/influxdb2/influxdb2.nix @@ -33,7 +33,7 @@ in # Create credentials file for InfluxDB admin secrets.influxdb2Password = lib.mkIf config.services.influxdb2.enable { - source = ../../../../../../private/influxdb2-password.age; + source = ./influxdb2-password.age; dest = "${config.secretsDirectory}/influxdb2-password"; owner = "influxdb2"; group = "influxdb2"; @@ -44,7 +44,7 @@ in before = [ "influxdb2.service" ]; }; secrets.influxdb2Token = lib.mkIf config.services.influxdb2.enable { - source = ../../../../../../private/influxdb2-token.age; + source = ./influxdb2-token.age; dest = "${config.secretsDirectory}/influxdb2-token"; owner = "influxdb2"; group = "influxdb2"; diff --git a/private/backup.age b/platforms/nixos/modules/nmasur/presets/services/litestream/backup.age similarity index 100% rename from private/backup.age rename to platforms/nixos/modules/nmasur/presets/services/litestream/backup.age diff --git a/platforms/nixos/modules/nmasur/presets/services/litestream.nix b/platforms/nixos/modules/nmasur/presets/services/litestream/litestream.nix similarity index 97% rename from platforms/nixos/modules/nmasur/presets/services/litestream.nix rename to platforms/nixos/modules/nmasur/presets/services/litestream/litestream.nix index e9933b9..737ccd8 100644 --- a/platforms/nixos/modules/nmasur/presets/services/litestream.nix +++ b/platforms/nixos/modules/nmasur/presets/services/litestream/litestream.nix @@ -29,7 +29,7 @@ in accessKeySecret = lib.mkOption { type = lib.types.nullOr lib.types.path; description = "S3 secret key path for Litestream backups"; - default = ../../../../../../private/backup.age; + default = ./backup.age; }; }; }; diff --git a/platforms/nixos/modules/nmasur/presets/services/prometheus-exporters.nix b/platforms/nixos/modules/nmasur/presets/services/metrics/prometheus-exporters.nix similarity index 100% rename from platforms/nixos/modules/nmasur/presets/services/prometheus-exporters.nix rename to platforms/nixos/modules/nmasur/presets/services/metrics/prometheus-exporters.nix diff --git a/platforms/nixos/modules/nmasur/presets/services/prometheus-remote-write.nix b/platforms/nixos/modules/nmasur/presets/services/metrics/prometheus-remote-write.nix similarity index 95% rename from platforms/nixos/modules/nmasur/presets/services/prometheus-remote-write.nix rename to platforms/nixos/modules/nmasur/presets/services/metrics/prometheus-remote-write.nix index 6053121..4537e3b 100644 --- a/platforms/nixos/modules/nmasur/presets/services/prometheus-remote-write.nix +++ b/platforms/nixos/modules/nmasur/presets/services/metrics/prometheus-remote-write.nix @@ -38,7 +38,7 @@ in # Create credentials file for remote Prometheus push secrets.prometheus = { - source = ../../../../../../private/prometheus.age; + source = ./prometheus.age; dest = "${config.secretsDirectory}/prometheus"; owner = "prometheus"; group = "prometheus"; diff --git a/private/prometheus.age b/platforms/nixos/modules/nmasur/presets/services/metrics/prometheus.age similarity index 100% rename from private/prometheus.age rename to platforms/nixos/modules/nmasur/presets/services/metrics/prometheus.age diff --git a/platforms/nixos/modules/nmasur/presets/services/victoriametrics.nix b/platforms/nixos/modules/nmasur/presets/services/metrics/victoriametrics.nix similarity index 97% rename from platforms/nixos/modules/nmasur/presets/services/victoriametrics.nix rename to platforms/nixos/modules/nmasur/presets/services/metrics/victoriametrics.nix index 15364a3..e42cf59 100644 --- a/platforms/nixos/modules/nmasur/presets/services/victoriametrics.nix +++ b/platforms/nixos/modules/nmasur/presets/services/metrics/victoriametrics.nix @@ -71,7 +71,7 @@ in }; secrets.vmauth = lib.mkIf config.services.victoriametrics.enable { - source = ../../../../../../private/prometheus.age; + source = ./prometheus.age; dest = "${config.secretsDirectory}/vmauth"; prefix = "PASSWORD="; }; diff --git a/platforms/nixos/modules/nmasur/presets/services/vm-agent.nix b/platforms/nixos/modules/nmasur/presets/services/metrics/vm-agent.nix similarity index 95% rename from platforms/nixos/modules/nmasur/presets/services/vm-agent.nix rename to platforms/nixos/modules/nmasur/presets/services/metrics/vm-agent.nix index ac22d66..2035408 100644 --- a/platforms/nixos/modules/nmasur/presets/services/vm-agent.nix +++ b/platforms/nixos/modules/nmasur/presets/services/metrics/vm-agent.nix @@ -47,7 +47,7 @@ in }; secrets.vmagent = { - source = ../../../../../../private/prometheus.age; + source = ./prometheus.age; dest = "${config.secretsDirectory}/vmagent"; }; systemd.services.vmagent-secret = lib.mkIf config.services.vmagent.enable { diff --git a/private/nextcloud.age b/platforms/nixos/modules/nmasur/presets/services/nextcloud/nextcloud.age similarity index 100% rename from private/nextcloud.age rename to platforms/nixos/modules/nmasur/presets/services/nextcloud/nextcloud.age diff --git a/platforms/nixos/modules/nmasur/presets/services/nextcloud.nix b/platforms/nixos/modules/nmasur/presets/services/nextcloud/nextcloud.nix similarity index 99% rename from platforms/nixos/modules/nmasur/presets/services/nextcloud.nix rename to platforms/nixos/modules/nmasur/presets/services/nextcloud/nextcloud.nix index c8b3cdf..36e7a84 100644 --- a/platforms/nixos/modules/nmasur/presets/services/nextcloud.nix +++ b/platforms/nixos/modules/nmasur/presets/services/nextcloud/nextcloud.nix @@ -200,7 +200,7 @@ in # Create credentials file for nextcloud secrets.nextcloud = { - source = ../../../private/nextcloud.age; + source = ./nextcloud.age; dest = "${config.secretsDirectory}/nextcloud"; owner = "nextcloud"; group = "nextcloud"; diff --git a/private/paperless.age b/platforms/nixos/modules/nmasur/presets/services/paperless/paperless.age similarity index 100% rename from private/paperless.age rename to platforms/nixos/modules/nmasur/presets/services/paperless/paperless.age diff --git a/platforms/nixos/modules/nmasur/presets/services/paperless.nix b/platforms/nixos/modules/nmasur/presets/services/paperless/paperless.nix similarity index 97% rename from platforms/nixos/modules/nmasur/presets/services/paperless.nix rename to platforms/nixos/modules/nmasur/presets/services/paperless/paperless.nix index 2354006..344cc3a 100644 --- a/platforms/nixos/modules/nmasur/presets/services/paperless.nix +++ b/platforms/nixos/modules/nmasur/presets/services/paperless/paperless.nix @@ -51,7 +51,7 @@ in services.cloudflare-dyndns.domains = [ hostnames.paperless ]; secrets.paperless = { - source = ../../../../../../private/prometheus.age; + source = ./paperless.age; dest = "${config.secretsDirectory}/paperless"; owner = "paperless"; group = "paperless"; diff --git a/private/restic.age b/platforms/nixos/modules/nmasur/presets/services/restic/restic.age similarity index 100% rename from private/restic.age rename to platforms/nixos/modules/nmasur/presets/services/restic/restic.age diff --git a/platforms/nixos/modules/nmasur/presets/services/restic.nix b/platforms/nixos/modules/nmasur/presets/services/restic/restic.nix similarity index 93% rename from platforms/nixos/modules/nmasur/presets/services/restic.nix rename to platforms/nixos/modules/nmasur/presets/services/restic/restic.nix index 3f4b1b8..c36b23e 100644 --- a/platforms/nixos/modules/nmasur/presets/services/restic.nix +++ b/platforms/nixos/modules/nmasur/presets/services/restic/restic.nix @@ -10,7 +10,7 @@ in resticPassword = lib.mkOption { type = lib.types.nullOr lib.types.path; description = "Password file path for Restic backups"; - default = ../../../../../../private/restic.age; + default = ./restic.age; }; s3 = { endpoint = lib.mkOption { @@ -26,7 +26,7 @@ in accessKeySecretPair = lib.mkOption { type = lib.types.nullOr lib.types.path; description = "Path to file containing S3 access and secret key for Restic backups"; - default = ../../../../../../private/s3-glacier.age; + default = ./s3-glacier.age; }; }; }; diff --git a/private/s3-glacier.age b/platforms/nixos/modules/nmasur/presets/services/restic/s3-glacier.age similarity index 100% rename from private/s3-glacier.age rename to platforms/nixos/modules/nmasur/presets/services/restic/s3-glacier.age diff --git a/private/vaultwarden.age b/platforms/nixos/modules/nmasur/presets/services/vaultwarden/vaultwarden.age similarity index 100% rename from private/vaultwarden.age rename to platforms/nixos/modules/nmasur/presets/services/vaultwarden/vaultwarden.age diff --git a/platforms/nixos/modules/nmasur/presets/services/vaultwarden.nix b/platforms/nixos/modules/nmasur/presets/services/vaultwarden/vaultwarden.nix similarity index 98% rename from platforms/nixos/modules/nmasur/presets/services/vaultwarden.nix rename to platforms/nixos/modules/nmasur/presets/services/vaultwarden/vaultwarden.nix index 84d3b1e..c34d764 100644 --- a/platforms/nixos/modules/nmasur/presets/services/vaultwarden.nix +++ b/platforms/nixos/modules/nmasur/presets/services/vaultwarden/vaultwarden.nix @@ -43,7 +43,7 @@ in }; secrets.vaultwarden = { - source = ../../../../../../private/vaultwarden.age; + source = ./vaultwarden.age; dest = "${config.secretsDirectory}/vaultwarden"; owner = "vaultwarden"; group = "vaultwarden"; diff --git a/private/wireguard.age b/platforms/nixos/modules/nmasur/presets/services/wireguard/wireguard.age similarity index 100% rename from private/wireguard.age rename to platforms/nixos/modules/nmasur/presets/services/wireguard/wireguard.age diff --git a/platforms/nixos/modules/nmasur/presets/services/wireguard.nix b/platforms/nixos/modules/nmasur/presets/services/wireguard/wireguard.nix similarity index 96% rename from platforms/nixos/modules/nmasur/presets/services/wireguard.nix rename to platforms/nixos/modules/nmasur/presets/services/wireguard/wireguard.nix index 9cd768d..f5fd5d7 100644 --- a/platforms/nixos/modules/nmasur/presets/services/wireguard.nix +++ b/platforms/nixos/modules/nmasur/presets/services/wireguard/wireguard.nix @@ -52,7 +52,7 @@ in # Create private key file for wireguard secrets.wireguard = { - source = ../../../private/wireguard.age; + source = ./wireguard.age; dest = "${config.secretsDirectory}/wireguard"; }; };