Move stuff to more appropriate places

This commit is contained in:
Lillian-Violet 2023-11-27 14:12:18 +01:00
parent 42e383283a
commit f7f6882e71
4 changed files with 30 additions and 23 deletions

View file

@ -6,6 +6,9 @@
pkgs, pkgs,
... ...
}: { }: {
sops.secrets."releaseCookie".mode = "0440";
sops.secrets."releaseCookie".owner = config.users.users.akkoma.name;
users.groups.akkoma = {}; users.groups.akkoma = {};
users.users = { users.users = {

View file

@ -55,16 +55,6 @@
#Set up sops config, and configure where the keyfile is, then set the mode for the unencrypted keys #Set up sops config, and configure where the keyfile is, then set the mode for the unencrypted keys
sops.defaultSopsFile = ../../secrets/queen-Lillian.yaml; sops.defaultSopsFile = ../../secrets/queen-Lillian.yaml;
sops.age.keyFile = ./keys.txt; sops.age.keyFile = ./keys.txt;
sops.secrets."nextcloudadmin".mode = "0440";
sops.secrets."nextcloudadmin".owner = config.users.users.nextcloud.name;
sops.secrets."nextclouddb".mode = "0440";
sops.secrets."nextclouddb".owner = config.users.users.nextcloud.name;
sops.secrets."local.json".mode = "0440";
sops.secrets."local.json".owner = config.users.users.onlyoffice.name;
sops.secrets."mailpass".mode = "0440";
sops.secrets."mailpass".owner = config.users.users.virtualMail.name;
sops.secrets."releaseCookie".mode = "0440";
sops.secrets."releaseCookie".owner = config.users.users.akkoma.name;
nix = { nix = {
gc = { gc = {
@ -165,19 +155,6 @@
extraGroups = ["sudo" "networkmanager" "wheel" "vboxsf"]; extraGroups = ["sudo" "networkmanager" "wheel" "vboxsf"];
shell = pkgs.zsh; shell = pkgs.zsh;
}; };
nextcloud.extraGroups = [config.users.groups.keys.name "aria2" "onlyoffice"];
aria2.extraGroups = ["nextcloud"];
mssql = {
isSystemUser = true;
group = "mssql";
};
virtualMail = {
isSystemUser = true;
isNormalUser = false;
group = "virtualMail";
};
}; };
virtualisation.oci-containers.containers = { virtualisation.oci-containers.containers = {

View file

@ -16,6 +16,17 @@
}) })
]; ];
sops.secrets."mailpass".mode = "0440";
sops.secrets."mailpass".owner = config.users.users.virtualMail.name;
users.users = {
virtualMail = {
isSystemUser = true;
isNormalUser = false;
group = "virtualMail";
};
};
mailserver = { mailserver = {
enable = true; enable = true;
enableImap = true; enableImap = true;

View file

@ -3,6 +3,22 @@
pkgs, pkgs,
... ...
}: { }: {
sops.secrets."nextcloudadmin".mode = "0440";
sops.secrets."nextcloudadmin".owner = config.users.users.nextcloud.name;
sops.secrets."nextclouddb".mode = "0440";
sops.secrets."nextclouddb".owner = config.users.users.nextcloud.name;
sops.secrets."local.json".mode = "0440";
sops.secrets."local.json".owner = config.users.users.onlyoffice.name;
users.users = {
nextcloud.extraGroups = [config.users.groups.keys.name "aria2" "onlyoffice"];
aria2.extraGroups = ["nextcloud"];
mssql = {
isSystemUser = true;
group = "mssql";
};
};
# Enable Nginx # Enable Nginx
services.nginx = { services.nginx = {
enable = true; enable = true;