kitten.sh / system
Personal Nix setup
fork atom

Upgrade tangled knot

kitten.sh d75ae13c 9257f173

options
unified split
Changed files
+10 -20
flake.lock
modules
server
encrypt
tangled-knot-secret.age
tangled.nix
secrets.nix
+4 -4
flake.lock 
···

       
1039

       
1039

       
 

       
        "sqlite-lib-src": "sqlite-lib-src"


     

       
1040

       
1040

       
 

       
      },


     

       
1041

       
1041

       
 

       
      "locked": {


     

       
1042

       

       
-

       
        "lastModified": 1755521231,


     

       
1043

       

       
-

       
        "narHash": "sha256-DmOKT1H/A+viByvtkV53YcRYlYODh5dvy7CfM/73cDs=",


     

       

       
1042

       
+

       
        "lastModified": 1756753599,


     

       

       
1043

       
+

       
        "narHash": "sha256-yD8PMlRjUI2sN5PvkDJRfGz96zCp4gejaguDVmZ4utg=",


     

       
1044

       
1044

       
 

       
        "ref": "refs/heads/master",


     

       
1045

       

       
-

       
        "rev": "12a8c093e27c5a95b281908f43982f49624f9959",


     

       
1046

       

       
-

       
        "revCount": 1174,


     

       

       
1045

       
+

       
        "rev": "da3540c0c134331c10f1a8d124ee0925e57f8112",


     

       

       
1046

       
+

       
        "revCount": 1279,


     

       
1047

       
1047

       
 

       
        "type": "git",


     

       
1048

       
1048

       
 

       
        "url": "ssh://git@tangled.sh/tangled.sh/core"


     

       
1049

       
1049

       
 

       
      },
-5
modules/server/encrypt/tangled-knot-secret.age 
···

       
1

       

       
-

       
age-encryption.org/v1


     

       
2

       

       
-

       
-> ssh-ed25519 QwbpPw 33WczOs4JEiVVA8CzFii7hWMA+N2FxeMj0ya1JHim1A


     

       
3

       

       
-

       
kfxuJo5DLQJ0vZ6P3ubiadIb0nO3YFFdiMGsTCG00N4


     

       
4

       

       
-

       
--- M5dUQ19fOQdclRb1kt0DbAv8BrFMih+Uy2dlxskeVzg


     

       
5

       

       
-

       
�S*ɀ�!Q]�T�����^�C��-X��Tҕ�r�^��D�m�잫�aD��;k�t@��/��i����A��A��A@I���Ù�8�����E=^���>����B^۰�):�
+6 -10
modules/server/tangled.nix 
···

       
13

       
13

       
 

       
      type = types.bool;


     

       
14

       
14

       
 

       
    };


     

       
15

       
15

       
 

       



     

       

       
16

       
+

       
    owner = mkOption {


     

       

       
17

       
+

       
      default = "did:plc:726afsuwa5x6qaytybar3bfs";


     

       

       
18

       
+

       
      type = types.str;


     

       

       
19

       
+

       
    };


     

       

       
20

       
+

       



     

       
16

       
21

       
 

       
    hostname = mkOption {


     

       
17

       
22

       
 

       
      default = "knot.kitten.sh";


     

       
18

       
23

       
 

       
      type = types.str;


     
···

       
20

       
25

       
 

       
  };


     

       
21

       
26

       
 

       



     

       
22

       
27

       
 

       
  config = mkIf (cfg.enable && cfg.tangled.enable) {


     

       
23

       

       
-

       
    age.secrets."tangled-knot" = let


     

       
24

       

       
-

       
      inherit (config.services.tangled-knot) gitUser;


     

       
25

       

       
-

       
    in {


     

       
26

       

       
-

       
      file = ./encrypt/tangled-knot-secret.age;


     

       
27

       

       
-

       
      owner = gitUser;


     

       
28

       

       
-

       
      group = gitUser;


     

       
29

       

       
-

       
      mode = "0440";


     

       
30

       

       
-

       
    };


     

       
31

       

       
-

       



     

       
32

       
28

       
 

       
    services.tangled-knot = {


     

       
33

       
29

       
 

       
      enable = true;


     

       
34

       
30

       
 

       
      openFirewall = true;


     

       
35

       
31

       
 

       
      server = {


     

       
36

       
32

       
 

       
        hostname = cfg.tangled.hostname;


     

       
37

       
33

       
 

       
        listenAddr = "127.0.0.1:5555";


     

       
38

       

       
-

       
        secretFile = config.age.secrets."tangled-knot".path;


     

       

       
34

       
+

       
        owner = cfg.tangled.owner;


     

       
39

       
35

       
 

       
      };


     

       
40

       
36

       
 

       
    };


     

       
41

       
37

       
 

       
  };
-1
secrets.nix 
···

       
8

       
8

       
 

       



     

       
9

       
9

       
 

       
  "./modules/server/encrypt/tailscale.age".publicKeys = keys;


     

       
10

       
10

       
 

       
  "./modules/server/encrypt/rclone.conf.age".publicKeys = keys;


     

       
11

       

       
-

       
  "./modules/server/encrypt/tangled-knot-secret.age".publicKeys = keys;


     

       
12

       
11

       
 

       
  "./modules/server/encrypt/tangled-knot-ssh.age".publicKeys = keys;


     

       
13

       
12

       
 

       



     

       
14

       
13

       
 

       
  "./home/fonts/encrypt/DankMono-Regular.otf.age".publicKeys = keys;