removed sops dependency

fixed syncthing
2026-04-17 04:58:19 -04:00 · 2024-09-14 16:05:53 -04:00
parent 76d67502e6
commit d19a485c54
6 changed files with 9 additions and 19 deletions
--- a/systems/jeeves/default.nix
+++ b/systems/jeeves/default.nix
@@ -10,7 +10,7 @@ in
    ../common/optional/systemd-boot.nix
    ../common/optional/zerotier.nix
    ./arch_mirror.nix
-    # ./docker
+    ./docker
    ./hardware.nix
    ./networking.nix
    ./programs.nix
@@ -24,8 +24,6 @@ in
  ];


-  # services.openssh.settings.PermitRootLogin = "yes";
-
  services = {
    openssh.ports = [ 629 ];

@@ -45,8 +43,6 @@ in
        path = vars.media_notes;
        devices = [
          "bob"
-          "phone"
-          "rhapsody-in-green"
        ];
        fsWatcherEnabled = true;
      };
@@ -56,7 +52,6 @@ in
        devices = [
          "bob"
          "phone"
-          "rhapsody-in-green"
        ];
        fsWatcherEnabled = true;
      };
@@ -66,7 +61,6 @@ in
        devices = [
          "bob"
          "phone"
-          "rhapsody-in-green"
        ];
        fsWatcherEnabled = true;
      };
@@ -76,7 +70,6 @@ in
        devices = [
          "bob"
          "phone"
-          "rhapsody-in-green"
        ];
        fsWatcherEnabled = true;
      };
@@ -85,7 +78,6 @@ in
        path = "${vars.storage_syncthing}/projects";
        devices = [
          "bob"
-          "rhapsody-in-green"
        ];
        fsWatcherEnabled = true;
      };
--- a/systems/jeeves/docker/internal.nix
+++ b/systems/jeeves/docker/internal.nix
@@ -1,4 +1,3 @@
-{ config, ... }:
 let
  vars = import ../vars.nix;
 in
@@ -53,7 +52,7 @@ in
        DELUGE_DAEMON_LOG_LEVEL = "debug";
        DELUGE_WEB_LOG_LEVEL = "debug";
      };
-      # environmentFiles = [ config.sops.secrets."docker/qbit_vpn".path ];
+      environmentFiles = /root/secrets/docker/qbit_vpn;
      autoStart = true;
    };
    bazarr = {
--- a/systems/jeeves/docker/postgresql.nix
+++ b/systems/jeeves/docker/postgresql.nix
@@ -1,4 +1,3 @@
-{ config, ... }:
 let
  vars = import ../vars.nix;
 in
@@ -24,7 +23,7 @@ in
        POSTGRES_DB = "archive";
        POSTGRES_INITDB_ARGS = "--auth-host=scram-sha-256";
      };
-      # environmentFiles = [ config.sops.secrets."docker/postgres".path ];
+      environmentFiles = /root/secrets/docker/postgres;
      autoStart = true;
      user = "postgres:postgres";
    };
--- a/systems/jeeves/docker/web.nix
+++ b/systems/jeeves/docker/web.nix
@@ -26,7 +26,7 @@ in
        TZ = "Etc/EST";
      };
      volumes = [
-        # "${config.sops.secrets."docker/haproxy_cert".path}:/etc/ssl/certs/cloudflare.pem"
+        "/root/secrets/docker/cloudflare.pem:/etc/ssl/certs/cloudflare.pem"
        "${./haproxy.cfg}:/usr/local/etc/haproxy/haproxy.cfg"
      ];
      dependsOn = [
@@ -47,7 +47,7 @@ in
        "tunnel"
        "run"
      ];
-      # environmentFiles = [ config.sops.secrets."docker/cloud_flare_tunnel".path ];
+      environmentFiles = /root/secrets/docker/cloud_flare_tunnel;
      dependsOn = [ "haproxy" ];
      extraOptions = [ "--network=web" ];
      autoStart = true;
--- a/systems/jeeves/services.nix
+++ b/systems/jeeves/services.nix
@@ -20,7 +20,7 @@
        description = "validates startup";
        path = [ pkgs.zfs ];
        serviceConfig = {
-          # EnvironmentFile = config.sops.secrets."server-validation/webhook".path;
+          EnvironmentFile = "/root/secrets/services/server-validation";
          Type = "oneshot";
          ExecStart = "${inputs.system_tools.packages.x86_64-linux.default}/bin/validate_jeeves";
        };