From d19a485c54dd394804385110e6c154698dbca955 Mon Sep 17 00:00:00 2001
From: Richie Cahill <Richie@tmmworkshop.com>
Date: Sat, 14 Sep 2024 16:05:53 -0400
Subject: [PATCH] removed sops dependency fixed syncthing

---
 systems/common/optional/syncthing_base.nix |  6 +++---
 systems/jeeves/default.nix                 | 10 +---------
 systems/jeeves/docker/internal.nix         |  3 +--
 systems/jeeves/docker/postgresql.nix       |  3 +--
 systems/jeeves/docker/web.nix              |  4 ++--
 systems/jeeves/services.nix                |  2 +-
 6 files changed, 9 insertions(+), 19 deletions(-)

diff --git a/systems/common/optional/syncthing_base.nix b/systems/common/optional/syncthing_base.nix
index bd1e78e..30becc1 100644
--- a/systems/common/optional/syncthing_base.nix
+++ b/systems/common/optional/syncthing_base.nix
@@ -9,9 +9,9 @@
     settings = {
       devices = {
         phone.id = "LTGPLAE-M4ZDJTM-TZ3DJGY-SLLAVWF-CQDVEVS-RGCS75T-GAPZYK3-KUM6LA5"; # cspell:disable-line
-        jeeves.id = "7YQ4UEW-OPQEBH4-6YKJH4B-ZCE3SAX-5EIK5JL-WJDIWUA-WA2N3D5-MNK6GAV"; # cspell:disable-line
-        rhapsody-in-green.id = "INKUNKN-KILXGL5-2TQ5JTH-ORJOLOM-WYD2PYO-YRDLQIX-3AKZFWT-ZN7OJAE"; # cspell:disable-line
-        bob.id = "YP6UYKF-KFZ3FG3-5XM3XM3-5Q24AZS-LZK67PN-LAERKU2-K4WMYBH-N57ZBA5"; # cspell:disable-line
+        jeeves.id = "RCDU465-AIQRBEJ-VWC4EZF-2AMXABC-F3S4NFW-QA4ZUAQ-OVNUBLI-BUJJTA2"; # cspell:disable-line
+        ipad.id = "KI76T3X-SFUGV2L-VSNYTKR-TSIUV5L-SHWD3HE-GQRGRCN-GY4UFMD-CW6Z6AX"; # cspell:disable-line
+        bob.id = "CJIAPEJ-VO74RR4-F75VU6M-QNZAMYG-FYUJG7Y-6AT62HJ-355PRPL-PJFETAZ"; # cspell:disable-line
       };
     };
   };
diff --git a/systems/jeeves/default.nix b/systems/jeeves/default.nix
index fcbdaf8..600a7c0 100644
--- a/systems/jeeves/default.nix
+++ b/systems/jeeves/default.nix
@@ -10,7 +10,7 @@ in
     ../common/optional/systemd-boot.nix
     ../common/optional/zerotier.nix
     ./arch_mirror.nix
-    # ./docker
+    ./docker
     ./hardware.nix
     ./networking.nix
     ./programs.nix
@@ -24,8 +24,6 @@ in
   ];
 
 
-  # services.openssh.settings.PermitRootLogin = "yes";
-
   services = {
     openssh.ports = [ 629 ];
 
@@ -45,8 +43,6 @@ in
         path = vars.media_notes;
         devices = [
           "bob"
-          "phone"
-          "rhapsody-in-green"
         ];
         fsWatcherEnabled = true;
       };
@@ -56,7 +52,6 @@ in
         devices = [
           "bob"
           "phone"
-          "rhapsody-in-green"
         ];
         fsWatcherEnabled = true;
       };
@@ -66,7 +61,6 @@ in
         devices = [
           "bob"
           "phone"
-          "rhapsody-in-green"
         ];
         fsWatcherEnabled = true;
       };
@@ -76,7 +70,6 @@ in
         devices = [
           "bob"
           "phone"
-          "rhapsody-in-green"
         ];
         fsWatcherEnabled = true;
       };
@@ -85,7 +78,6 @@ in
         path = "${vars.storage_syncthing}/projects";
         devices = [
           "bob"
-          "rhapsody-in-green"
         ];
         fsWatcherEnabled = true;
       };
diff --git a/systems/jeeves/docker/internal.nix b/systems/jeeves/docker/internal.nix
index 4e8cb96..8b22044 100644
--- a/systems/jeeves/docker/internal.nix
+++ b/systems/jeeves/docker/internal.nix
@@ -1,4 +1,3 @@
-{ config, ... }:
 let
   vars = import ../vars.nix;
 in
@@ -53,7 +52,7 @@ in
         DELUGE_DAEMON_LOG_LEVEL = "debug";
         DELUGE_WEB_LOG_LEVEL = "debug";
       };
-      # environmentFiles = [ config.sops.secrets."docker/qbit_vpn".path ];
+      environmentFiles = /root/secrets/docker/qbit_vpn;
       autoStart = true;
     };
     bazarr = {
diff --git a/systems/jeeves/docker/postgresql.nix b/systems/jeeves/docker/postgresql.nix
index 9298f16..657320a 100644
--- a/systems/jeeves/docker/postgresql.nix
+++ b/systems/jeeves/docker/postgresql.nix
@@ -1,4 +1,3 @@
-{ config, ... }:
 let
   vars = import ../vars.nix;
 in
@@ -24,7 +23,7 @@ in
         POSTGRES_DB = "archive";
         POSTGRES_INITDB_ARGS = "--auth-host=scram-sha-256";
       };
-      # environmentFiles = [ config.sops.secrets."docker/postgres".path ];
+      environmentFiles = /root/secrets/docker/postgres;
       autoStart = true;
       user = "postgres:postgres";
     };
diff --git a/systems/jeeves/docker/web.nix b/systems/jeeves/docker/web.nix
index 2dde2b5..96982bf 100644
--- a/systems/jeeves/docker/web.nix
+++ b/systems/jeeves/docker/web.nix
@@ -26,7 +26,7 @@ in
         TZ = "Etc/EST";
       };
       volumes = [
-        # "${config.sops.secrets."docker/haproxy_cert".path}:/etc/ssl/certs/cloudflare.pem"
+        "/root/secrets/docker/cloudflare.pem:/etc/ssl/certs/cloudflare.pem"
         "${./haproxy.cfg}:/usr/local/etc/haproxy/haproxy.cfg"
       ];
       dependsOn = [
@@ -47,7 +47,7 @@ in
         "tunnel"
         "run"
       ];
-      # environmentFiles = [ config.sops.secrets."docker/cloud_flare_tunnel".path ];
+      environmentFiles = /root/secrets/docker/cloud_flare_tunnel;
       dependsOn = [ "haproxy" ];
       extraOptions = [ "--network=web" ];
       autoStart = true;
diff --git a/systems/jeeves/services.nix b/systems/jeeves/services.nix
index 81a6ae7..021e598 100644
--- a/systems/jeeves/services.nix
+++ b/systems/jeeves/services.nix
@@ -20,7 +20,7 @@
         description = "validates startup";
         path = [ pkgs.zfs ];
         serviceConfig = {
-          # EnvironmentFile = config.sops.secrets."server-validation/webhook".path;
+          EnvironmentFile = "/root/secrets/services/server-validation";
           Type = "oneshot";
           ExecStart = "${inputs.system_tools.packages.x86_64-linux.default}/bin/validate_jeeves";
         };