soopy.moe / gensokyo
nixos config
fork atom

host(koumakan): add wastebain

Cassie Cheung 59e01aaf f7255692

options
unified split
Changed files
+28 -2
creds
sops
koumakan
default.yaml
systems
koumakan
services
databases
default.nix
wastebin.nix
+4 -2
creds/sops/koumakan/default.yaml 
···

       
83

       
83

       
 

       
tangled:


     

       
84

       
84

       
 

       
    knot:


     

       
85

       
85

       
 

       
        key: ENC[AES256_GCM,data:c592aVa7BI0LArjgeKv2S3keUOiJw5CPCUIH/tiedeHVXbUqSQZGzNu7NfXoGdVnnkv/qW8FQGK8w5QWI0YxEw==,iv:KOePG824ljudnHk5DjFYGg6KhRXTPsw4SjXdwyx4/js=,tag:fioM69c2dTvxbIhtTM2gwA==,type:str]


     

       

       
86

       
+

       
wastebasket:


     

       

       
87

       
+

       
    key: ENC[AES256_GCM,data:tvlRsZkX+jrJWJXXxBcFnZtweaiK6V+1YV6evN2ppu14I7h4vPOOTpqav9lvzol5y8PwJ98Uw1kXFUZWTZfUda204aK1G0o4n8OS/Q403xrWzouusUI+06Jm91L75a9+/M3ql5/sQOtR0/gTMAN/10gEcTSJGnCQQVy9MDe76ppkmXnp+Bk919S8qhh3kIJ2brRnZ98RmejpJsJKG/2D10e4k9pA8uiN4vhhWg==,iv:CBzRc7Oltetqo29M29cuUr6aI/Hu5tHkbRLInDFCRzc=,tag:m7GR8ZG7ymFhQRQfQIdodw==,type:str]


     

       
86

       
88

       
 

       
sops:


     

       
87

       
89

       
 

       
    kms: []


     

       
88

       
90

       
 

       
    gcp_kms: []


     
···

       
116

       
118

       
 

       
            QUlVNExmVGd2QXJwVmRGa0JvMmtocEUK7Zo0Mtj3oZm5Etp61cGbLs+2XP97pjR6


     

       
117

       
119

       
 

       
            rtfHnuxceJj0+yBugfwgFD1TGJ+6M7z5YCwTx+GAvbPDrmSm2TGrwg==


     

       
118

       
120

       
 

       
            -----END AGE ENCRYPTED FILE-----


     

       
119

       

       
-

       
    lastmodified: "2025-03-11T17:05:46Z"


     

       
120

       

       
-

       
    mac: ENC[AES256_GCM,data:Vg4XtRaANJw34c5ExKD4IL7xRmdGA9Ax/cHVdSNlX6jFD7BCcmmDm4kKD1DfHxgsKv+E0ZrPaxvJ3gKsn9TY4nQ2bOH76wIyrfWhBi9OBAHiP8+ZuURmWs1bt2muM/lMdxF2qYdmEEbZDQOmyLRRJxhB8FJECqq0Aqwen//kad0=,iv:VamakU+pvisODZi8Evc93x3do/sflVYZECZdou1hMsg=,tag:q0hmlV/A0zwP4uMXpwWtrg==,type:str]


     

       

       
121

       
+

       
    lastmodified: "2025-03-14T08:26:40Z"


     

       

       
122

       
+

       
    mac: ENC[AES256_GCM,data:GDOnyzEGrX2csDluWpt7Pert/ONV79UoOCOELmz3Piia9wtilxEBvx5LlQiSanr9lVwYN5oEhjPj7MVXEQ1Gz6hHreT9ko6dzowZLhDflGefBmCPK+iMRXTYp3MffHjbM1r8hFJg+u8Yf+9LObIgsCAheHLrSnqsJUIJ1v6V8Yg=,iv:+ymjDQBpdWJAhEjNhxFZszsmmdwV8EXDZ/L4YmOnh6A=,tag:rEFcLm0TEm9AzIatQzzpww==,type:str]


     

       
121

       
123

       
 

       
    pgp: []


     

       
122

       
124

       
 

       
    unencrypted_suffix: _unencrypted


     

       
123

       
125

       
 

       
    version: 3.9.4
+1
systems/koumakan/services/databases/default.nix 
···

       
3

       
3

       
 

       
    ./atuin.nix


     

       
4

       
4

       
 

       
    ./postgresql.nix


     

       
5

       
5

       
 

       
    ./redis.nix


     

       

       
6

       
+

       
    ./wastebin.nix


     

       
6

       
7

       
 

       
  ];


     

       
7

       
8

       
 

       
}
+23
systems/koumakan/services/databases/wastebin.nix 
···

       

       
1

       
+

       
{_utils, config, ...}: let


     

       

       
2

       
+

       
  secrets = _utils.setupSecrets config {


     

       

       
3

       
+

       
    namespace = "wastebasket";


     

       

       
4

       
+

       
    secrets = ["key"];


     

       

       
5

       
+

       
  };


     

       

       
6

       
+

       
in {


     

       

       
7

       
+

       
  # figure out a way to disable encryption, i don't trust the impl.


     

       

       
8

       
+

       
  imports = [secrets.generate (secrets.mkTemplate "wastebin.env" ''


     

       

       
9

       
+

       
    WASTEBIN_SIGNING_KEY=${secrets.placeholder "key"}


     

       

       
10

       
+

       
  '')];


     

       

       
11

       
+

       
  services.wastebin = {


     

       

       
12

       
+

       
    enable = true;


     

       

       
13

       
+

       
    settings = {


     

       

       
14

       
+

       
      WASTEBIN_ADDRESS_PORT = "127.0.0.1:34682";


     

       

       
15

       
+

       
      WASTEBIN_BASE_URL = "https://akyuu.soopy.moe";


     

       

       
16

       
+

       
    };


     

       

       
17

       
+

       
    secretFile = secrets.getTemplate "wastebin.env";


     

       

       
18

       
+

       
  };


     

       

       
19

       
+

       



     

       

       
20

       
+

       
  services.nginx.virtualHosts."akyuu.soopy.moe" = _utils.mkSimpleProxy {


     

       

       
21

       
+

       
    port = 34682;


     

       

       
22

       
+

       
  };


     

       

       
23

       
+

       
}