From 2d0bc89b69c42e15c8c46a2758238f79526e7197 Mon Sep 17 00:00:00 2001 From: Lillian-Violet Date: Thu, 4 Apr 2024 18:44:53 +0200 Subject: [PATCH] Add firefox sync to server --- nixos/hosts/queen/secrets/sops.yaml | 5 +++-- nixos/server/package-configs/default.nix | 1 + .../package-configs/firefox-sync/default.nix | 21 +++++++++++++++++++ 3 files changed, 25 insertions(+), 2 deletions(-) create mode 100644 nixos/server/package-configs/firefox-sync/default.nix diff --git a/nixos/hosts/queen/secrets/sops.yaml b/nixos/hosts/queen/secrets/sops.yaml index 28ef94f..d8c5ab7 100644 --- a/nixos/hosts/queen/secrets/sops.yaml +++ b/nixos/hosts/queen/secrets/sops.yaml @@ -10,6 +10,7 @@ wg-private: ENC[AES256_GCM,data:6BEuNqqG//p5UhRmQ4RPEze6jZdvzK4PEXxlbX2ANYIhFpac lillian-password: ENC[AES256_GCM,data:tc+Romv2fL+tdqLLmbwqaF4IHrNZ0VEpnECmW/66FW7IUpjHMyS7YP+pmmvDCzM9afIXMxyPFHGNRwiCmxqstiiNeSeLdo6rDw==,iv:sGeu9aNTgdpThv+0Z/nZKIrat1xNgM0t/KTGPaFbsdI=,tag:kZBHF4X0KO9znog61NwU+Q==,type:str] coturn-auth-secret: ENC[AES256_GCM,data:RYxyATuYIcrGd8h8Gc4CP9ZQ80ekuuwHehnOPYisHejmycgT8a2mWpk+5r3HkFmBNcLDeNlfnhIif5oLHGuHyw==,iv:M2GdNDxP4xpP35FJPTgljbcKpOm6DmEEnIYRItAxDVI=,tag:IiiNXeTi6Yja5PrnKRkhdA==,type:str] grafana-telegraf-key: ENC[AES256_GCM,data:agpUzG1/n2NAKDt45IgelmDf0CUlC82fmD4f7JdcszNuUg7uCNA7XeaJ6PZtHQ==,iv:keo3i+qSbtXkA5fyCr2S5z9nJS9bXUn5WDiPgWocPU8=,tag:p/nDff10PRhi9pOszp1PnA==,type:str] +sync-secrets: ENC[AES256_GCM,data:AwCgqfSXmYVGnCV5PJ5Ql44IiutTS76F1H7Ow7gB4mQQ8PtiAsmArzpAXd7LzsXedm55X04U+GvkcbM9cwPcF+psyb3Zi8EnI/mjnI9MgFyySSEcosJZVAtCpXGIMyYgRXtF5OBh5CzupAG059d1TDAqrSpLXMuSDdypTaOMHxnlq5q1swfpzhhY3PVgUKVFXdjZLX8aF3JTE9ceVxFsB+traLzOQsl+QKty0x0mpuqR97zkMCchX7bTwgUgbl7phzTvmwV8Qw==,iv:gkZs5NB9+CLfz4kfV4ha2llZQPP81uuXRKqUlASgpiA=,tag:DXkiG0ZFHLHlVhwLwtv/XQ==,type:str] sops: kms: [] gcp_kms: [] @@ -25,8 +26,8 @@ sops: KzNBMCtUaS9sU21Xc1JUd1FSR29tSkEKyqaDM/WUWjK2l+ahE6sIFYsQ6Qtkf7yz NWFTzsDZBmm9kpSIjchf+PuBuoRHeEKbEH8jnMlYB3J8boEnUnXMlw== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-03-28T10:35:21Z" - mac: ENC[AES256_GCM,data:LAcaqwQ3GjFSFNVMfg84ljcB4Lb4Kzqgs9WFdi2sXJWeIs+G1/2/Ij4mMSfplirftG6uhU0DJyfP0IEgRvG0oxFOnidsrueWMQ5q1tHmxuOEus7wGeNbvKlNPzb8bMeeVnhTUyvJkeFMb2HPlEIaND15RCF4WoLz56egnPYt0Jg=,iv:8NfgonzySTn+h3c7OCZYWBvfk2TxE5QCNjeSUIUTLi4=,tag:xhbPJkFpxXUn2TpAVrU6Mw==,type:str] + lastmodified: "2024-04-04T16:38:10Z" + mac: ENC[AES256_GCM,data:KqkNjZe/rMhiWNS3SeYHm+b23u1LD1jq3f0+jB/BVmy6pDQDTNgA/wWHF/HcorU2Z7TOdjofJPuvRuF6C8ec4RCtTxX2ubIYWV4H3BynYxrEuEsIN8EnPJDcFFc92n9PKzoWnHo2NK1a4ZX+DxYVjDDdjhOMWj/kqWRWZRU+qEw=,iv:rarq3mCSfDFzbIdSIe+3mTNTnoZwFZ2uPkYMGt/xqos=,tag:rCD6SUpwOktRo7fM3Irv7g==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.8.1 diff --git a/nixos/server/package-configs/default.nix b/nixos/server/package-configs/default.nix index 4263264..39f76ab 100644 --- a/nixos/server/package-configs/default.nix +++ b/nixos/server/package-configs/default.nix @@ -17,5 +17,6 @@ ./coturn ./dashboard ./cinny + ./firefox-sync ]; } diff --git a/nixos/server/package-configs/firefox-sync/default.nix b/nixos/server/package-configs/firefox-sync/default.nix new file mode 100644 index 0000000..3d8f71e --- /dev/null +++ b/nixos/server/package-configs/firefox-sync/default.nix @@ -0,0 +1,21 @@ +{ + config, + pkgs, + ... +}: let + port = 5126; +in { + sops.secrets."sync-secrets".mode = "0440"; + sops.secrets."sync-secrets".owner = config.users.users.firefox-syncserver.name; + services.firefox-syncserver = { + enable = true; + secrets = config.sops.secrets."sync-secrets".path; + singleNode = { + enable = true; + hostname = "sync.gladtherescake.eu"; + url = "http://localhost:${toString port}"; + enableNginx = true; + enableTLS = true; + }; + }; +}