From 317575461a640ddc601751741bc6da92a3edb867 Mon Sep 17 00:00:00 2001 From: sils Date: Mon, 7 Aug 2023 12:40:14 +0200 Subject: Feat(system): Add invidious --- system/secrets/invidious/passwd.tix | 16 ++++++++++++++++ system/secrets/invidious/settings.tix | 14 ++++++++++++++ 2 files changed, 30 insertions(+) create mode 100644 system/secrets/invidious/passwd.tix create mode 100644 system/secrets/invidious/settings.tix (limited to 'system/secrets/invidious') diff --git a/system/secrets/invidious/passwd.tix b/system/secrets/invidious/passwd.tix new file mode 100644 index 0000000..beaee32 --- /dev/null +++ b/system/secrets/invidious/passwd.tix @@ -0,0 +1,16 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQeHpwZFZEWXc0cGxZZ2dV +WDkvUmVFWXE5azZ1VlREM090bWJ6elgxR3hFCmhnNkhWZWVqdmxEcUJVTnFZaGw1 +YnVOYmpYOGd5YU1EaDlmc0ZrNk0zT0EKLT4gWDI1NTE5IEwyL1ptVzJ2bUdvSW1n +TzNod1BKZHQ3YXhUMkl5ZzRiT2Y3aUt0NGw4RVUKWTF3ampTMG1DYTBYTFcwNEp6 +bkFWbGl6WEVCcVdhQnVWY0piQ1VHMzk0SQotPiBzc2gtZWQyNTUxOSBPRDhUNGcg +TnFGVkQxTndPZ1l4c2J5dzNmT1YrZ0dQYytIMmtxaTN2Y01uZFdXOThqWQo2TDkv +MUJzc3BON1JwbGN3OW44WWZ5WUxWdWU2UnpJczVYVHBsdUFmdllJCi0+IHg5YmFB +eS1ncmVhc2UgYl9hXWlgIC5fIGpLaU1wWiN4ICczCkVmOHRibWptbDBxOS9Ic1VC +L0tFQXo5Sk45TDFlQlB5bnFleUF0dFlMSmdvd2dmUlZ3Ci0tLSBIN0MvMEduQVlR +bDVTQUxvZjB2TTljdjZkbGphN1l1QnZESWNZUjZzd1dVCmCWuxwFj1FyTEFasr8X +apyuQkXs6Cvfx82qMvwE1G4SLOEulJjVp/VDcICQ8RE8BE0HJGRjG64FqdtbHY2K +tPMADqfz/jt7kbXKSwB6zOHE9VNcTrGl+mx2Ki8HUG8GElj+hE2m0cWdGijcsGVW +lo2HKPa7F/d9vBUC9sLYo8U5VrnIRhBN1s4ECfAa4vj2RSsCZePCHkJMH7qFPGuC +PZST +-----END AGE ENCRYPTED FILE----- diff --git a/system/secrets/invidious/settings.tix b/system/secrets/invidious/settings.tix new file mode 100644 index 0000000..fe80a7d --- /dev/null +++ b/system/secrets/invidious/settings.tix @@ -0,0 +1,14 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkNzBJNXhlcGVJWk1nZERp +QXJrSEtxY2tyY0FwZnN6ZFB6dGVxZVVsdWtjCjI5cE85ZHhoRVBqcjdZaG9BWFJK +b09GblVERUZsR2ZPaW9aU1NCc25GM00KLT4gWDI1NTE5IHZwL3YraVBBVXVFVmpR +TENiaFoxdTJhUCtWcEFkU0ptaERpbEl1aGw3M00KWUozUTZxYm4rclN6L1IrTi9k +eEF0dVlYVEVNTnZ4Y0tUU0hwV2U0bXVCSQotPiBzc2gtZWQyNTUxOSBPRDhUNGcg +QkpGQ1RkVWhNQTFyMS9qRGYrT2s2djJHMEI0eFI5R3ZMVlRsa1JoMXIwawpRVG5z +TnZWMWhQSGxlL0VnUng1N0QvbTFuNS9WZmhnK3ZnVTdoMmtsejVJCi0+IDJNPHpY +LWdyZWFzZSBdVyBYZ3s8IG8ve0ByIHlrIkZkMwo4bmJOZU5yd3loSDlURWorZ0VZ +bWF2dHdLNkQ1ZUx5STZSa3dibVRsTCtQekdKWCtYNWlOR3BVQm5MRmQ2Z085Cmkw +OGhJU2kzR21MNk1OdkpHY29Gc21rNEh6VEZKWGkyCi0tLSBSemVvc2hlSnEyYUVM +UXRPSWtrd1hEcWtVTm95dzVFU085Y09adlFwYnhFCrbJEjFMSSaKqhW2GwuRilaw +N3U8GF22F10XHXyg+8csPFOpowRdS7ZBS52leGe/ve7oiVO5SBd3v7yWXa6ZInxo +-----END AGE ENCRYPTED FILE----- -- cgit 1.4.1 From 38c2bb6a2128215f01ede4102195c144f6dfc6ff Mon Sep 17 00:00:00 2001 From: sils Date: Mon, 7 Aug 2023 13:16:31 +0200 Subject: Fix(system/secrets/invidious): Change formatting of invidiousSettings --- system/secrets/invidious/settings.tix | 25 +++++++++++++------------ 1 file changed, 13 insertions(+), 12 deletions(-) (limited to 'system/secrets/invidious') diff --git a/system/secrets/invidious/settings.tix b/system/secrets/invidious/settings.tix index fe80a7d..1d00897 100644 --- a/system/secrets/invidious/settings.tix +++ b/system/secrets/invidious/settings.tix @@ -1,14 +1,15 @@ -----BEGIN AGE ENCRYPTED FILE----- -YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkNzBJNXhlcGVJWk1nZERp -QXJrSEtxY2tyY0FwZnN6ZFB6dGVxZVVsdWtjCjI5cE85ZHhoRVBqcjdZaG9BWFJK -b09GblVERUZsR2ZPaW9aU1NCc25GM00KLT4gWDI1NTE5IHZwL3YraVBBVXVFVmpR -TENiaFoxdTJhUCtWcEFkU0ptaERpbEl1aGw3M00KWUozUTZxYm4rclN6L1IrTi9k -eEF0dVlYVEVNTnZ4Y0tUU0hwV2U0bXVCSQotPiBzc2gtZWQyNTUxOSBPRDhUNGcg -QkpGQ1RkVWhNQTFyMS9qRGYrT2s2djJHMEI0eFI5R3ZMVlRsa1JoMXIwawpRVG5z -TnZWMWhQSGxlL0VnUng1N0QvbTFuNS9WZmhnK3ZnVTdoMmtsejVJCi0+IDJNPHpY -LWdyZWFzZSBdVyBYZ3s8IG8ve0ByIHlrIkZkMwo4bmJOZU5yd3loSDlURWorZ0VZ -bWF2dHdLNkQ1ZUx5STZSa3dibVRsTCtQekdKWCtYNWlOR3BVQm5MRmQ2Z085Cmkw -OGhJU2kzR21MNk1OdkpHY29Gc21rNEh6VEZKWGkyCi0tLSBSemVvc2hlSnEyYUVM -UXRPSWtrd1hEcWtVTm95dzVFU085Y09adlFwYnhFCrbJEjFMSSaKqhW2GwuRilaw -N3U8GF22F10XHXyg+8csPFOpowRdS7ZBS52leGe/ve7oiVO5SBd3v7yWXa6ZInxo +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBaN09yQTF6QkYzMlhYZzdT +NnpoS3Z4d1FjaWFIbjc5QS9MTmQ0UWNaOVQ0Ci9Cd0NyL3ZtdEt5d0VKVUV1dmVp +cmF3TGtOSFBTdzBEcXUxRllNSTlCam8KLT4gWDI1NTE5IG9UUy93TWM0VnlCQm5n +T2hpSUxldjV6YTFKdzBFRFQ0UHl3Rk9CWjZ2eHMKVVFqdkNReWZLT2hUeWdISUVL +aUp2RzFPZnc0K1Yrb2kwMWNGQ3FBYkVYbwotPiBzc2gtZWQyNTUxOSBPRDhUNGcg +Z211aHp4RzVUYVdMbFB1ZXFQMElaeSs2MmpBdlhIYlVOc1IxdCttRDhWNApoT2Vm +OWhVd3RzY2R4R1krVlVIQjVrYnNGT1NEVWFrVkFiVzFBOHppOFJnCi0+IERRRzNT +OFYtZ3JlYXNlIElgfkBXQGQgflN9IG0/ICQzTj4wLCUqCkZyRnN4Z2FkMGNObzBM +cXk4K1J6TUdJZXovajZKV1FMZ2Z1TjdqaENrSjJzYWpoKzNvOXhDUEt6aWdUaWVw +a2oKRU1FdDlDbjBXN3psRElWcnlhSjJDQQotLS0gYnh6QUZtSG1FSCtHWkhZNG5r +RFNrWjczLzQ0S0gxUzZPTVBhb2YwS1VVVQoMo4QpyDyp22gd0d/AcxLsxzxSP7Bv +BGVNAROHFbvNZ0hhqqXEhc819makKyDWv90wDSYQ3R3rjEyzx0jyEwl7e82ANmwZ +HQ== -----END AGE ENCRYPTED FILE----- -- cgit 1.4.1 From b6d9d9692416a9b1f566eda9a72fce5304e28220 Mon Sep 17 00:00:00 2001 From: Soispha Date: Fri, 11 Aug 2023 09:14:05 +0200 Subject: Fix(system/services/invidious): Quote attr names in json config --- system/secrets/invidious/settings.tix | 25 ++++++++++++------------- 1 file changed, 12 insertions(+), 13 deletions(-) (limited to 'system/secrets/invidious') diff --git a/system/secrets/invidious/settings.tix b/system/secrets/invidious/settings.tix index 1d00897..f760fa9 100644 --- a/system/secrets/invidious/settings.tix +++ b/system/secrets/invidious/settings.tix @@ -1,15 +1,14 @@ -----BEGIN AGE ENCRYPTED FILE----- -YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBaN09yQTF6QkYzMlhYZzdT -NnpoS3Z4d1FjaWFIbjc5QS9MTmQ0UWNaOVQ0Ci9Cd0NyL3ZtdEt5d0VKVUV1dmVp -cmF3TGtOSFBTdzBEcXUxRllNSTlCam8KLT4gWDI1NTE5IG9UUy93TWM0VnlCQm5n -T2hpSUxldjV6YTFKdzBFRFQ0UHl3Rk9CWjZ2eHMKVVFqdkNReWZLT2hUeWdISUVL -aUp2RzFPZnc0K1Yrb2kwMWNGQ3FBYkVYbwotPiBzc2gtZWQyNTUxOSBPRDhUNGcg -Z211aHp4RzVUYVdMbFB1ZXFQMElaeSs2MmpBdlhIYlVOc1IxdCttRDhWNApoT2Vm -OWhVd3RzY2R4R1krVlVIQjVrYnNGT1NEVWFrVkFiVzFBOHppOFJnCi0+IERRRzNT -OFYtZ3JlYXNlIElgfkBXQGQgflN9IG0/ICQzTj4wLCUqCkZyRnN4Z2FkMGNObzBM -cXk4K1J6TUdJZXovajZKV1FMZ2Z1TjdqaENrSjJzYWpoKzNvOXhDUEt6aWdUaWVw -a2oKRU1FdDlDbjBXN3psRElWcnlhSjJDQQotLS0gYnh6QUZtSG1FSCtHWkhZNG5r -RFNrWjczLzQ0S0gxUzZPTVBhb2YwS1VVVQoMo4QpyDyp22gd0d/AcxLsxzxSP7Bv -BGVNAROHFbvNZ0hhqqXEhc819makKyDWv90wDSYQ3R3rjEyzx0jyEwl7e82ANmwZ -HQ== +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvZGJGNzVGUWhsVTJFUGds +dFZmVnRnY1NrVTZBWEt2eFp1YU4yM0xoOUgwClZZNDNFQlp2aEx1eHVqbE5ZU29t +dVpMcStrMXd5WEFOaDJUVlVuUnJ4YkkKLT4gWDI1NTE5IEZSTVFhdk83RGRNWWdZ +bmQyd0FNTWhrUUxSRjVOQjAvWSsyU1Z4OWFvVUUKdkIraVRtRW5mUnZFbVRkcDBw +ME5NTDVkRUo1b0d1Z2xERWZnS0tMLzFhYwotPiBzc2gtZWQyNTUxOSBPRDhUNGcg +d09jY1doam1nc3B3MEVqN0grM3JWZzFwMW5WU2ZYdGh0TUZnM0VVdzJBSQppL3Qv +T0VDOTc1U3gyaTB6YVV4dDhEVU1OMzdlMnV2dC9zMVl1VkdkRmlBCi0+IGc/SEJa +aDZoLWdyZWFzZSBKPW1xOFRaIE9DUCBdfl1HXVUKL0I4MTJZT1ljOXE3cUtTR0Fv +S3E2UHcvYWxhUlU5QkdXVWZyUjU0SlcveG9GcjZZV242QXVwaDBQTjN0VldBCi0t +LSB6S0E2SWtmaXBnRkI5aFNIOU9VWkdhOHQrQ0x0MzJ3TC9aNkpJSTY5eDkwClOc +N6wSpWFX87Vbr+J8Sxn9O6uRbYAyNDmiJk5mDqYaqy/+PRPTx0gbmqRz911sW5Zx +aBKfDzSPjNx0CSKKL7ioTYlRrW0YyQ== -----END AGE ENCRYPTED FILE----- -- cgit 1.4.1 From 320cc252c1e59de8fed8993b3a527839bc0963a6 Mon Sep 17 00:00:00 2001 From: Soispha Date: Fri, 11 Aug 2023 09:28:16 +0200 Subject: Refactor(system/secrets/invidious): Remove unneeded files and improve names --- system/secrets/default.nix | 10 ++-------- system/secrets/invidious/hmac.tix | 14 ++++++++++++++ system/secrets/invidious/passwd.tix | 16 ---------------- system/secrets/invidious/settings.tix | 14 -------------- system/services/invidious/default.nix | 4 +--- 5 files changed, 17 insertions(+), 41 deletions(-) create mode 100644 system/secrets/invidious/hmac.tix delete mode 100644 system/secrets/invidious/passwd.tix delete mode 100644 system/secrets/invidious/settings.tix (limited to 'system/secrets/invidious') diff --git a/system/secrets/default.nix b/system/secrets/default.nix index 345354c..2269672 100644 --- a/system/secrets/default.nix +++ b/system/secrets/default.nix @@ -13,15 +13,9 @@ owner = "matrix-synapse"; group = "matrix-synapse"; }; - invidious = { - file = ./invidious/passwd.tix; + invidiousHmac = { + file = ./invidious/hmac.tix; mode = "700"; - owner = "invidious"; - group = "invidious"; - }; - invidiousSettings = { - file = ./invidious/settings.tix; - mode = "744"; owner = "root"; group = "root"; }; diff --git a/system/secrets/invidious/hmac.tix b/system/secrets/invidious/hmac.tix new file mode 100644 index 0000000..f760fa9 --- /dev/null +++ b/system/secrets/invidious/hmac.tix @@ -0,0 +1,14 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvZGJGNzVGUWhsVTJFUGds +dFZmVnRnY1NrVTZBWEt2eFp1YU4yM0xoOUgwClZZNDNFQlp2aEx1eHVqbE5ZU29t +dVpMcStrMXd5WEFOaDJUVlVuUnJ4YkkKLT4gWDI1NTE5IEZSTVFhdk83RGRNWWdZ +bmQyd0FNTWhrUUxSRjVOQjAvWSsyU1Z4OWFvVUUKdkIraVRtRW5mUnZFbVRkcDBw +ME5NTDVkRUo1b0d1Z2xERWZnS0tMLzFhYwotPiBzc2gtZWQyNTUxOSBPRDhUNGcg +d09jY1doam1nc3B3MEVqN0grM3JWZzFwMW5WU2ZYdGh0TUZnM0VVdzJBSQppL3Qv +T0VDOTc1U3gyaTB6YVV4dDhEVU1OMzdlMnV2dC9zMVl1VkdkRmlBCi0+IGc/SEJa +aDZoLWdyZWFzZSBKPW1xOFRaIE9DUCBdfl1HXVUKL0I4MTJZT1ljOXE3cUtTR0Fv +S3E2UHcvYWxhUlU5QkdXVWZyUjU0SlcveG9GcjZZV242QXVwaDBQTjN0VldBCi0t +LSB6S0E2SWtmaXBnRkI5aFNIOU9VWkdhOHQrQ0x0MzJ3TC9aNkpJSTY5eDkwClOc +N6wSpWFX87Vbr+J8Sxn9O6uRbYAyNDmiJk5mDqYaqy/+PRPTx0gbmqRz911sW5Zx +aBKfDzSPjNx0CSKKL7ioTYlRrW0YyQ== +-----END AGE ENCRYPTED FILE----- diff --git a/system/secrets/invidious/passwd.tix b/system/secrets/invidious/passwd.tix deleted file mode 100644 index beaee32..0000000 --- a/system/secrets/invidious/passwd.tix +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN AGE ENCRYPTED FILE----- -YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQeHpwZFZEWXc0cGxZZ2dV -WDkvUmVFWXE5azZ1VlREM090bWJ6elgxR3hFCmhnNkhWZWVqdmxEcUJVTnFZaGw1 -YnVOYmpYOGd5YU1EaDlmc0ZrNk0zT0EKLT4gWDI1NTE5IEwyL1ptVzJ2bUdvSW1n -TzNod1BKZHQ3YXhUMkl5ZzRiT2Y3aUt0NGw4RVUKWTF3ampTMG1DYTBYTFcwNEp6 -bkFWbGl6WEVCcVdhQnVWY0piQ1VHMzk0SQotPiBzc2gtZWQyNTUxOSBPRDhUNGcg -TnFGVkQxTndPZ1l4c2J5dzNmT1YrZ0dQYytIMmtxaTN2Y01uZFdXOThqWQo2TDkv -MUJzc3BON1JwbGN3OW44WWZ5WUxWdWU2UnpJczVYVHBsdUFmdllJCi0+IHg5YmFB -eS1ncmVhc2UgYl9hXWlgIC5fIGpLaU1wWiN4ICczCkVmOHRibWptbDBxOS9Ic1VC -L0tFQXo5Sk45TDFlQlB5bnFleUF0dFlMSmdvd2dmUlZ3Ci0tLSBIN0MvMEduQVlR -bDVTQUxvZjB2TTljdjZkbGphN1l1QnZESWNZUjZzd1dVCmCWuxwFj1FyTEFasr8X -apyuQkXs6Cvfx82qMvwE1G4SLOEulJjVp/VDcICQ8RE8BE0HJGRjG64FqdtbHY2K -tPMADqfz/jt7kbXKSwB6zOHE9VNcTrGl+mx2Ki8HUG8GElj+hE2m0cWdGijcsGVW -lo2HKPa7F/d9vBUC9sLYo8U5VrnIRhBN1s4ECfAa4vj2RSsCZePCHkJMH7qFPGuC -PZST ------END AGE ENCRYPTED FILE----- diff --git a/system/secrets/invidious/settings.tix b/system/secrets/invidious/settings.tix deleted file mode 100644 index f760fa9..0000000 --- a/system/secrets/invidious/settings.tix +++ /dev/null @@ -1,14 +0,0 @@ ------BEGIN AGE ENCRYPTED FILE----- -YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvZGJGNzVGUWhsVTJFUGds -dFZmVnRnY1NrVTZBWEt2eFp1YU4yM0xoOUgwClZZNDNFQlp2aEx1eHVqbE5ZU29t -dVpMcStrMXd5WEFOaDJUVlVuUnJ4YkkKLT4gWDI1NTE5IEZSTVFhdk83RGRNWWdZ -bmQyd0FNTWhrUUxSRjVOQjAvWSsyU1Z4OWFvVUUKdkIraVRtRW5mUnZFbVRkcDBw -ME5NTDVkRUo1b0d1Z2xERWZnS0tMLzFhYwotPiBzc2gtZWQyNTUxOSBPRDhUNGcg -d09jY1doam1nc3B3MEVqN0grM3JWZzFwMW5WU2ZYdGh0TUZnM0VVdzJBSQppL3Qv -T0VDOTc1U3gyaTB6YVV4dDhEVU1OMzdlMnV2dC9zMVl1VkdkRmlBCi0+IGc/SEJa -aDZoLWdyZWFzZSBKPW1xOFRaIE9DUCBdfl1HXVUKL0I4MTJZT1ljOXE3cUtTR0Fv -S3E2UHcvYWxhUlU5QkdXVWZyUjU0SlcveG9GcjZZV242QXVwaDBQTjN0VldBCi0t -LSB6S0E2SWtmaXBnRkI5aFNIOU9VWkdhOHQrQ0x0MzJ3TC9aNkpJSTY5eDkwClOc -N6wSpWFX87Vbr+J8Sxn9O6uRbYAyNDmiJk5mDqYaqy/+PRPTx0gbmqRz911sW5Zx -aBKfDzSPjNx0CSKKL7ioTYlRrW0YyQ== ------END AGE ENCRYPTED FILE----- diff --git a/system/services/invidious/default.nix b/system/services/invidious/default.nix index d03dee4..7a37f50 100644 --- a/system/services/invidious/default.nix +++ b/system/services/invidious/default.nix @@ -3,11 +3,9 @@ enable = true; database = { createLocally = true; - #passwordFile = "${config.age.secrets.invidious.path}"; - #host = "localhost"; }; domain = "invidious.vhack.eu"; nginx.enable = true; - extraSettingsFile = "${config.age.secrets.invidiousSettings.path}"; + extraSettingsFile = "${config.age.secrets.invidiousHmac.path}"; }; } -- cgit 1.4.1