soopy.moe / gensokyo
nixos config
fork atom

host(koumakan): fix garage take 3

Sophie Cheung 6bc41963 b60b4e10

options
unified split
Changed files
+11 -3
creds
sops
koumakan
default.yaml
systems
koumakan
services
storage
garage.nix
users
cassie
ephemeral
vscode
extension.json
+3 -3
creds/sops/koumakan/default.yaml 
···

       
86

       
86

       
 

       
    encryption_key: ENC[AES256_GCM,data:aSWSWrd1dR6NpwLJE3Je4j6bnBMq7QFD8VX6u4XIKqFq3shwuM/fZitblSfVX92UdDFZnsZyRiAf57rH/9PB+saoOcdSUkC/rTYO0iGFLQLcOiSMfBdyKA==,iv:ZlCrKpT8LrcqDK7uCr1m8vp+reCdwcG6KhxFQsB+KqY=,tag:+MvOEXBnUP5QleY5f6kbuA==,type:str]


     

       
87

       
87

       
 

       
    maxmind_key: ENC[AES256_GCM,data:KfGuV+GbrZhDSDovV7eHu7nffOB6j+z6wsXQxlaEB/7tvwucn2wbxA==,iv:+t5nNpRE/x1cSZ+Ee6fHj5x1vKqTP/6NGqiUlhdzTxs=,tag://rUceu5SeIpgKGiP6+Pkw==,type:str]


     

       
88

       
88

       
 

       
garage:


     

       
89

       

       
-

       
    rpc_secret: ENC[AES256_GCM,data:+H+vxo8KtnWDVB6UF/wVaw0gFQqTLJ6lkVvfCrukNnNfiO/xTNpD1nNIykbLW8Ruz0WdhAF52ucvVXQ0cebyGSHMyFoi5YUl66SMNuIKM+fVPOembQLf5iys3kTKxj5RwyS2Gqc780zRM+8a3INS7icr2fuUkywrXRdQGv00fS0=,iv:jQ2xeXcRFZxSw1kVVv4/vUD8jbK/7yTrAYi/iZU4wNY=,tag:SVMaeaXdiraok3f+FN2ecw==,type:str]


     

       

       
89

       
+

       
    rpc_secret: ENC[AES256_GCM,data:SYD8U1FLutpeX/zE8wWgUf3MPDQuS2rEx6loF8m0U1rolz6S7ynt98tUh04t1cFGon405bsCCqJeSesIgBAWjA==,iv:Vde1d+ap/hVRxPs3hgB+avS3s2cWRDGilqI7Odktgho=,tag:t9co728BfgQ78tfG8V93JA==,type:str]


     

       
90

       
90

       
 

       
    admin_token: ENC[AES256_GCM,data:in/UjRG4jehvI0kjfD3TvheWN+7NNmU4GRuXEqBZocyd1E0NqP6DKxhpG6M=,iv:yTA4dQd36ou3gs6UGrsuONJzQ8DNTIsOi765GZIIaQI=,tag:HD401PZLEOaPNszV/04jJQ==,type:str]


     

       
91

       
91

       
 

       
    metrics_token: ENC[AES256_GCM,data:BZ3TN+ubxwHNi8QZP+TmdVgcL88UzwDsv8Lema2ClxqYRZFddaQg2RIHHIM=,iv:k7xyeyzZiMK3R/Gr/f+8uN8zFOUJaaQ99AILoKMYa/c=,tag:mJhPxEjMKOjb/Z0KnGzN4w==,type:str]


     

       
92

       
92

       
 

       
sops:


     
···

       
118

       
118

       
 

       
            QUlVNExmVGd2QXJwVmRGa0JvMmtocEUK7Zo0Mtj3oZm5Etp61cGbLs+2XP97pjR6


     

       
119

       
119

       
 

       
            rtfHnuxceJj0+yBugfwgFD1TGJ+6M7z5YCwTx+GAvbPDrmSm2TGrwg==


     

       
120

       
120

       
 

       
            -----END AGE ENCRYPTED FILE-----


     

       
121

       

       
-

       
    lastmodified: "2025-10-28T07:05:28Z"


     

       
122

       

       
-

       
    mac: ENC[AES256_GCM,data:YWBAo/szJudWIWZ9zEqDQa3v4aUTYI0b574rK6MAyKBvJbjAizYuzEd5O/A/OnhC/X2bPZteTDy3VuWJUJpBFZDpbLAFCF3lSy6ZDutsZ9yj90WyFGsKhTSMJGDwBJHaCz2bafJQqQrAwGoRcP/Mk27EMVM0Y+Cb4XsxRPNM/t4=,iv:Z9q0WPdPJFAgfYBPkJ8lVFwBDQa67T8e2o0cwQY4nYI=,tag:SDkqNZbc4P8ijCLrzcZGwQ==,type:str]


     

       

       
121

       
+

       
    lastmodified: "2025-10-31T04:16:37Z"


     

       

       
122

       
+

       
    mac: ENC[AES256_GCM,data:imH+QcsJ0IL1p4E0ojym0ZRgsYoAh9RS3FKqlT3+g0TaaDNozHlnW926QnhlW3XtSQJXOzA+mLcQYz1QkiFJDcqYca65Bk1NhxPGqvRPIhlH3B9T3J3nyEaa0+ogRcMq/CncRhGTk19Mkjhxiz52KNRsBoBuk9f758qH6s4TSQo=,iv:G0oKc+Peio+MolmjSapHFooJonPKm/hTvqt50gmDoY4=,tag:btd1GB1pRxsZxdFAzhVuGw==,type:str]


     

       
123

       
123

       
 

       
    unencrypted_suffix: _unencrypted


     

       
124

       
124

       
 

       
    version: 3.11.0
+7
systems/koumakan/services/storage/garage.nix 
···

       
13

       
13

       
 

       
      "admin_token"


     

       
14

       
14

       
 

       
      "metrics_token"


     

       
15

       
15

       
 

       
    ];


     

       

       
16

       
+

       
    config.owner = "garage";


     

       
16

       
17

       
 

       
  };


     

       
17

       
18

       
 

       
in


     

       
18

       
19

       
 

       
{


     
···

       
70

       
71

       
 

       
    Group = config.users.groups.garage.name;


     

       
71

       
72

       
 

       
    Restart = "on-failure";


     

       
72

       
73

       
 

       
    StateDirectory = lib.mkForce null; # this somehow breaks mounting dirs into /var/lib; systemd complains about id-mapped mount: device or resource busy


     

       

       
74

       
+

       
    # ReadWritePaths = [


     

       

       
75

       
+

       
    #   "/var/lib/garage"


     

       

       
76

       
+

       
    #   "/var/lib/garage/data"


     

       

       
77

       
+

       
    #   "/var/lib/garage/meta"


     

       

       
78

       
+

       
    #   "/var/lib/garage/snapshots"


     

       

       
79

       
+

       
    # ];


     

       
73

       
80

       
 

       
  };


     

       
74

       
81

       
 

       



     

       
75

       
82

       
 

       
  services.nginx.virtualHosts.".s3.soopy.moe" = _utils.mkSimpleProxy {
+1
users/cassie/ephemeral/vscode/extension.json 
···

       
12

       
12

       
 

       
  "hossaini.bootstrap-intellisense",


     

       
13

       
13

       
 

       
  "inlang.vs-code-extension",


     

       
14

       
14

       
 

       
  "jnoortheen.nix-ide",


     

       

       
15

       
+

       
  "llvm-vs-code-extensions.vscode-clangd",


     

       
15

       
16

       
 

       
  "minecraftcommands.syntax-mcfunction",


     

       
16

       
17

       
 

       
  "mkhl.direnv",


     

       
17

       
18

       
 

       
  "ms-python.debugpy",