commit 592893fbaf380f6cdaf8b28b090e8a97abd265a6 · ptr.pet/ark

+7 -3

hosts/wolumonde/modules/webhook.disabled/default.nix hosts/wolumonde/modules/webhook.nix/default.nix

···

       1
       1
       -
       { config, tlib, ... }:

     

       2
       2
       -
       {

     

       1
       1
       +
       { config, tlib, ... }: let

     

       2
       2
       +
         domain = "webhook.gaze.systems";

     

       3
       3
       +
       in {

     

       3
       4
        
         imports = tlib.importFolder ./.;

     

       4
       5
        
       

     

       5
       6
        
         services.webhook = {

     
···

       14
       15
        
           group = "nginx";

     

       15
       16
        
         };

     

       16
       17
        
       

     

       17
       17
       -
         services.nginx.virtualHosts."webhook.gaze.systems" = {

     

       18
       18
       +
         security.acme.certs."gaze.systems".extraDomainNames = [domain];

     

       19
       19
       +
         services.nginx.virtualHosts.${domain} = {

     

       18
       20
        
           useACMEHost = "gaze.systems";

     

       19
       21
        
           forceSSL = true;

     

       22
       22
       +
           kTLS = true;

     

       23
       23
       +
           quic = true;

     

       20
       24
        
           basicAuthFile = config.age.secrets.webhookAuth.path;

     

       21
       25
        
           locations."/" = {

     

       22
       26
        
             proxyPass = "http://localhost:${toString config.services.webhook.port}";

-10

hosts/wolumonde/modules/webhook.disabled/deploy-wolumonde.nix

···

       1
       1
       -
       { pkgs, ... }:

     

       2
       2
       -
       {

     

       3
       3
       -
         services.webhook.hooks."deploy-wolumonde" = {

     

       4
       4
       -
           execute-command = "${pkgs.curl}/bin/curl";

     

       5
       5
       -
           pass-arguments-to-command = builtins.map (n: {

     

       6
       6
       -
             source = "string";

     

       7
       7
       -
             name = n;

     

       8
       8
       -
           }) [ "http://higashi:9000/hooks/deploy-wolumonde" ];

     

       9
       9
       -
         };

     

       10
       10
       -
       }

+13

hosts/wolumonde/modules/webhook.nix/deploy-wolumonde.nix

···

       1
       1
       +
       { pkgs, ... }:

     

       2
       2
       +
       {

     

       3
       3
       +
         services.webhook.hooks."deploy-wolumonde" = {

     

       4
       4
       +
           execute-command = "${pkgs.curl}/bin/curl";

     

       5
       5
       +
           pass-arguments-to-command =

     

       6
       6
       +
             builtins.map

     

       7
       7
       +
             (n: {

     

       8
       8
       +
               source = "string";

     

       9
       9
       +
               name = n;

     

       10
       10
       +
             })

     

       11
       11
       +
             [ "http://higashi:9000/hooks/deploy-wolumonde" ];

     

       12
       12
       +
         };

     

       13
       13
       +
       }

+15 -15

secrets/webhookAuth.age

···

       1
       1
        
       age-encryption.org/v1

     

       2
       2
        
       -> ssh-rsa Abmvag

     

       3
       3
       -
       yAzk1FDMr4p5HwJ5x0sFA5/bSyq5pWzrSo3NJTLkXsrQC/1gMCdT4scPnjxnuJBs

     

       4
       4
       -
       q52MGu8qzBAdKpoVw88JHs51gYSoOnP8Is0eHiR1VpEOzu2/j5cdwzurrkvMxC/D

     

       5
       5
       -
       N66ELc4nZWX3u4opqyIKKfEMADv6W9QDU8fWldOhh8pR5dX0j69ifOyFsC9M6xWB

     

       6
       6
       -
       wt6OHfQq/E89LiaenWxl4bJJLq0Mv2Oqoz3gzxZkaBscwj55sGxT1KRYXoPMXKxT

     

       7
       7
       -
       c+Mr7X0vH2+998JP7Wc1LAmOz+YAQtNs5LzaiaNPEtrmIcxVKuDcL1AFpYvskPZ1

     

       8
       8
       -
       rxRtZqYJV3HjTHtfhYyFr0qK4SGTiGL8CaNO/cPTs2oiLbtpS8SK8TJ7J3rnD1mh

     

       9
       9
       -
       A+o9fEppSGuGOgEl4SVEexPkv5vZYcnwrNK4Ymm4jxUx/aGIxPpUBcHP1fFhB3ux

     

       10
       10
       -
       80pkJItXb5vgOZN1NGu/Csh3BqPhh1golhvoQPlRN8vNDmIUwN0ZzzYM91egEHs9

     

       11
       11
       -
       rjyoGEcfiDbO27F196ycVAj34GJvIWvzQU/XiJ0O0B1xigzq4wNkeCXDoccT7BGC

     

       12
       12
       -
       b8Rz0h7WzXSKC0EJ9hW1YpTfT1igzDpYOpIDncPTwixV0bH9F3gZYj6ZdMa/qqKM

     

       13
       13
       -
       h2TGmjbwjQoZF/GM9srKBn73dxA0U5TXLDpRiWtkq94

     

       14
       14
       -
       -> ssh-ed25519 KjIL7g mbpMiqqe3B5jTeboKSdirFLPRv8NwNCL9CJgL/s3NBE

     

       15
       15
       -
       p+iUXKjIEB2kjltx8Y0OafGdLshcPO7uLEsG1qa7yCc

     

       16
       16
       -
       --- 73pC0uFLSJvcUIdTwTOwVwXEPzxuA5mmiD5SKJiJmeM

     

       17
       17
       -
       ��[}&K*g�j�;�V�:��~�6�\q�m>'�X |�2�̻�@��I�PΒqɋݦ^�C�~8�щ6e�=��O���X|Ȱ�T����v��ckD�
     

       3
       3
       +
       tZQpEZGaxBAguq42O3bbAm/n0HIvQpSUGI7WG+EK1saehatjvCKz943/w3p2Fg6q

     

       4
       4
       +
       XlrW6du6PkD6dx+IRilU9gxRkUbQ980Fe7YkGMLpQpg8VtbDgvarcF4wqiheCRYR

     

       5
       5
       +
       jwjdg3NpxP1N9lF6GDeHzKveKQlsk4zlDFSqQm/Z7MfZ0FCUata5KF6O3R03jnqP

     

       6
       6
       +
       3eUI4g5PawwR0ifAIgXfLOtqdWMBOUYGVwHxSPCl9Ej9T64YAA2MAl0v4H0l/8Up

     

       7
       7
       +
       YIZQeHXCrwu8GedSKB/5Txycfh7VKaEPEW4Gmq9XuOYzxTjE7//SaHqa3mTFOzWL

     

       8
       8
       +
       sXAJUf5zivQ4rmCw/kxhRTi1fGgbJ4tHggkqx5+pQmFh/5YLngPeYenkMgwfllDK

     

       9
       9
       +
       eGKpTvr7OhmIUD9P4NuU3iIMQNF1PyQQjTBKHmTS0jXt7C29LfVT6gJ12j3v4N4H

     

       10
       10
       +
       Tp7Saqe6I43J1/dnp4ia7rOnztHJdEadZu9IvEooeQ/RTl8sOCyis3dbHUZtCBYZ

     

       11
       11
       +
       +qxsGEqa66XoooofMrD9o3NExcNe+xSan/1q/H0qp5jCZlWfmYdafYzoKmv8Ww45

     

       12
       12
       +
       k7bktFrleFzjc0hVchx4N/Rb+JgrHCxewwB60UtND7texaNYby6VTO/m8A3je1Uo

     

       13
       13
       +
       wLmIkpyOMhjaW+qvnYH7agWCBd1bTLOD1RvzGTEY5gE

     

       14
       14
       +
       -> ssh-ed25519 KjIL7g 2V4ItOmfSsbtLZp00Gm/r9H0f+k+mAr+5GUbkKsUHyU

     

       15
       15
       +
       k9jKx7HBmXnDFkJk5fCccs6KbQQE7cd3KQDq4yeutQU

     

       16
       16
       +
       --- t5dl05mvDzgKtCxG4ATzeoVm8PySg3WvGBPkFxWFyrw

     

       17
       17
       +
       �.�3&?�����l�^F�n,�>��5΄B�V�����)@���X�[�G}���G���v�n�������t4-F�q��9#¿�&2ڋщC�ɡ