age; refactor (un peu) wiki; misc

2022-06-09 22:13:12 +02:00 · 2022-06-09 22:13:12 +02:00 · 9680562642
parent 87545d9e8b
commit 9680562642
7 changed files with 22 additions and 7 deletions
--- a/hosts/hackens-org/configuration.nix
+++ b/hosts/hackens-org/configuration.nix
@ -10,7 +10,7 @@
      ./hardware-configuration.nix
      ./physical.nix
      ../../profiles/core-hackens
-      ./wiki.nix
+      ./wiki
      ./webpass.nix
      ./mosquitto.nix
      ./monitoring
--- a/hosts/hackens-org/kfet2mqtt.nix
+++ b/hosts/hackens-org/kfet2mqtt.nix
@ -6,8 +6,8 @@ let
  ]);
  script = pkgs.fetchgit {
    url = "https://git.eleves.ens.fr/hackens/kfet2mqtt.git";
-    rev = "30d948dc2f7b4a0b440445ef578b6ed718a53273";
-    sha256 = "0d93jc0cwx1a8rhq9m0lwzqp53jsffr9qyswdkwydji14f3kwd4d";
+    rev = "4a9ca954fd4405ccbabdb0793f1a2f76c7561a8e";
+    sha256 = "1g4gv2mc0kd108yw8y6gbskg8zhnrlwdnza8mhii2n8jidh63485";
  };
 in
 {
--- a/hosts/hackens-org/mosquitto.nix
+++ b/hosts/hackens-org/mosquitto.nix
@ -5,7 +5,7 @@ in
 {
  services.mosquitto = {
    enable = true;
-    logType = [ "all" ];
+    #logType = [ "all" ];
    listeners = [
      {
        address = "0.0.0.0";
--- a/hosts/hackens-org/wiki/default.nix
+++ b/hosts/hackens-org/wiki/default.nix
@ -1,18 +1,20 @@
 { pkgs, config, ... }:
 let
-  hostname = "new.hackens.org"; #config.my.subZone;
-  debug = false; #config.my.debug;
+  hostname = "new.hackens.org";
 in
 {
  imports = [
-    modules/custom-dokuwiki.nix
+    ../modules/custom-dokuwiki.nix
  ];
  disabledModules = [ "services/web-apps/dokuwiki.nix" ];
+
  networking.firewall.allowedTCPPorts = [ 80 443 ];
+
  services.nginx.virtualHosts."${hostname}" = {
    enableACME = true;
    forceSSL = true;
  };
+
  services.dokuwiki.sites."${hostname}" = {
    enable = true;

--- a/pubkeys/hackens-host.keys
+++ b/pubkeys/hackens-host.keys
@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO3EvmAE38YNp2pNfGbyyywInEDBpTz4yseOAqmnZS1m
--- a/secrets/default.nix
+++ b/secrets/default.nix
@ -0,0 +1,5 @@
+{ ... }:
+{
+  imports = [ <agenix/modules/age.nix> ];
+  age.secrets."wikiOpenID".file = ./wiki-openID.age
+}
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@ -0,0 +1,7 @@
+let
+  lib = (import <nixpkgs> {}).lib;
+  readPubkeys = user: builtins.filter (k: k != "") (lib.splitString "\n" (builtins.readFile (./pubkeys + "/${user}.keys")));
+in
+{
+  "wiki-openID.age".publicKeys = (readPubkeys "sinavir") ++ (readPubkeys "hackens-host") ++ (readPubkeys "raito") ++ (readPubkeys "gdd") ++ (readPubkeys "backslash");
+}
				`@ -0,0 +1 @@`
				`ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO3EvmAE38YNp2pNfGbyyywInEDBpTz4yseOAqmnZS1m`