Move stuff to more appropriate places
This commit is contained in:
Lillian-Violet
parent
42e383283a
commit
f7f6882e71
|
|
@ -6,6 +6,9 @@
|
|||
pkgs,
|
||||
...
|
||||
}: {
|
||||
sops.secrets."releaseCookie".mode = "0440";
|
||||
sops.secrets."releaseCookie".owner = config.users.users.akkoma.name;
|
||||
|
||||
users.groups.akkoma = {};
|
||||
|
||||
users.users = {
|
||||
|
|
|
|||
|
|
@ -55,16 +55,6 @@
|
|||
#Set up sops config, and configure where the keyfile is, then set the mode for the unencrypted keys
|
||||
sops.defaultSopsFile = ../../secrets/queen-Lillian.yaml;
|
||||
sops.age.keyFile = ./keys.txt;
|
||||
sops.secrets."nextcloudadmin".mode = "0440";
|
||||
sops.secrets."nextcloudadmin".owner = config.users.users.nextcloud.name;
|
||||
sops.secrets."nextclouddb".mode = "0440";
|
||||
sops.secrets."nextclouddb".owner = config.users.users.nextcloud.name;
|
||||
sops.secrets."local.json".mode = "0440";
|
||||
sops.secrets."local.json".owner = config.users.users.onlyoffice.name;
|
||||
sops.secrets."mailpass".mode = "0440";
|
||||
sops.secrets."mailpass".owner = config.users.users.virtualMail.name;
|
||||
sops.secrets."releaseCookie".mode = "0440";
|
||||
sops.secrets."releaseCookie".owner = config.users.users.akkoma.name;
|
||||
|
||||
nix = {
|
||||
gc = {
|
||||
|
|
@ -165,19 +155,6 @@
|
|||
extraGroups = ["sudo" "networkmanager" "wheel" "vboxsf"];
|
||||
shell = pkgs.zsh;
|
||||
};
|
||||
|
||||
nextcloud.extraGroups = [config.users.groups.keys.name "aria2" "onlyoffice"];
|
||||
aria2.extraGroups = ["nextcloud"];
|
||||
mssql = {
|
||||
isSystemUser = true;
|
||||
group = "mssql";
|
||||
};
|
||||
|
||||
virtualMail = {
|
||||
isSystemUser = true;
|
||||
isNormalUser = false;
|
||||
group = "virtualMail";
|
||||
};
|
||||
};
|
||||
|
||||
virtualisation.oci-containers.containers = {
|
||||
|
|
|
|||
|
|
@ -16,6 +16,17 @@
|
|||
})
|
||||
];
|
||||
|
||||
sops.secrets."mailpass".mode = "0440";
|
||||
sops.secrets."mailpass".owner = config.users.users.virtualMail.name;
|
||||
|
||||
users.users = {
|
||||
virtualMail = {
|
||||
isSystemUser = true;
|
||||
isNormalUser = false;
|
||||
group = "virtualMail";
|
||||
};
|
||||
};
|
||||
|
||||
mailserver = {
|
||||
enable = true;
|
||||
enableImap = true;
|
||||
|
|
|
|||
|
|
@ -3,6 +3,22 @@
|
|||
pkgs,
|
||||
...
|
||||
}: {
|
||||
sops.secrets."nextcloudadmin".mode = "0440";
|
||||
sops.secrets."nextcloudadmin".owner = config.users.users.nextcloud.name;
|
||||
sops.secrets."nextclouddb".mode = "0440";
|
||||
sops.secrets."nextclouddb".owner = config.users.users.nextcloud.name;
|
||||
sops.secrets."local.json".mode = "0440";
|
||||
sops.secrets."local.json".owner = config.users.users.onlyoffice.name;
|
||||
|
||||
users.users = {
|
||||
nextcloud.extraGroups = [config.users.groups.keys.name "aria2" "onlyoffice"];
|
||||
aria2.extraGroups = ["nextcloud"];
|
||||
mssql = {
|
||||
isSystemUser = true;
|
||||
group = "mssql";
|
||||
};
|
||||
};
|
||||
|
||||
# Enable Nginx
|
||||
services.nginx = {
|
||||
enable = true;
|
||||
|
|
|
|||
Loading…
Reference in a new issue