homelab
/
config
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Did this work?

main
kalle 2024-12-26 20:22:43 +01:00
parent 01f88e9051
commit 31adf4f3a6
2 changed files with 10 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
roles/traefik.nix
View File

@ -37,26 +37,26 @@
in
{
sops.secrets = {
"traefik.acmeEmail" = {
"traefik/acmeEmail" = {
owner = "traefik";
format = "dotenv";
# format = "dotenv";
};
"traefik.CLOUDFLARE_EMAIL" = {
"traefik/CLOUDFLARE_EMAIL" = {
owner = "traefik";
format = "dotenv";
# format = "dotenv";
};
"traefik.CLOUDFLARE_DNS_API_TOKEN" = {
"traefik/CLOUDFLARE_DNS_API_TOKEN" = {
owner = "traefik";
format = "dotenv";
# format = "dotenv";
};
};
services.traefik = {
enable = true;
environmentFiles = [
config.sops.secrets."traefik.acmeEmail".path
config.sops.secrets."traefik.CLOUDFLARE_EMAIL".path
config.sops.secrets."traefik.CLOUDFLARE_DNS_API_TOKEN".path
config.sops.secrets."traefik/acmeEmail".path
config.sops.secrets."traefik/CLOUDFLARE_EMAIL".path
config.sops.secrets."traefik/CLOUDFLARE_DNS_API_TOKEN".path
];
staticConfigOptions = {

1
utils.nix
View File

@ -26,6 +26,7 @@
{ ... }:
{
sops.defaultSopsFile = ./secrets + "/${hostConfig.hostname}.yaml";
sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
# Disable automatic pgp key generation based on ssh keys
sops.gnupg.sshKeyPaths = [ ];