forked from the-distro/infra
fix: update paths to floral secrets to secrets/floral/
This commit is contained in:
parent
2001012325
commit
de085155a6
|
@ -121,7 +121,7 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
age.secrets.s3-channel-staging-keys.file = ../../secrets/s3-channel-staging-keys.age;
|
age.secrets.s3-channel-staging-keys.file = ../../secrets/floral/s3-channel-staging-keys.age;
|
||||||
bagel.nixpkgs.channel-scripts = {
|
bagel.nixpkgs.channel-scripts = {
|
||||||
enable = true;
|
enable = true;
|
||||||
otlp.enable = true;
|
otlp.enable = true;
|
||||||
|
|
|
@ -326,7 +326,7 @@ in
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
age.secrets.gerrit-prometheus-bearer-token.file = ../../secrets/gerrit-prometheus-bearer-token.age;
|
age.secrets.gerrit-prometheus-bearer-token.file = ../../secrets/floral/gerrit-prometheus-bearer-token.age;
|
||||||
bagel.monitoring.grafana-agent.exporters.gerrit = {
|
bagel.monitoring.grafana-agent.exporters.gerrit = {
|
||||||
port = 4778; # grrt
|
port = 4778; # grrt
|
||||||
bearerTokenFile = config.age.secrets.gerrit-prometheus-bearer-token.path;
|
bearerTokenFile = config.age.secrets.gerrit-prometheus-bearer-token.path;
|
||||||
|
|
|
@ -17,7 +17,7 @@ in
|
||||||
|
|
||||||
config = mkIf cfg.enable {
|
config = mkIf cfg.enable {
|
||||||
age.secrets.grafana-oauth-secret = {
|
age.secrets.grafana-oauth-secret = {
|
||||||
file = ../../../secrets/grafana-oauth-secret.age;
|
file = ../../../secrets/floral/grafana-oauth-secret.age;
|
||||||
owner = "grafana";
|
owner = "grafana";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -13,10 +13,10 @@ in
|
||||||
config = mkIf cfg.enable {
|
config = mkIf cfg.enable {
|
||||||
age.secrets = {
|
age.secrets = {
|
||||||
metrics-push-htpasswd = {
|
metrics-push-htpasswd = {
|
||||||
file = ../../../secrets/metrics-push-htpasswd.age;
|
file = ../../../secrets/floral/metrics-push-htpasswd.age;
|
||||||
owner = "nginx";
|
owner = "nginx";
|
||||||
};
|
};
|
||||||
loki-environment.file = ../../../secrets/loki-environment.age;
|
loki-environment.file = ../../../secrets/floral/loki-environment.age;
|
||||||
};
|
};
|
||||||
|
|
||||||
services.loki = {
|
services.loki = {
|
||||||
|
|
|
@ -16,11 +16,11 @@ in
|
||||||
config = mkIf cfg.enable {
|
config = mkIf cfg.enable {
|
||||||
age.secrets = {
|
age.secrets = {
|
||||||
metrics-push-htpasswd = {
|
metrics-push-htpasswd = {
|
||||||
file = ../../../secrets/metrics-push-htpasswd.age;
|
file = ../../../secrets/floral/metrics-push-htpasswd.age;
|
||||||
owner = "nginx";
|
owner = "nginx";
|
||||||
};
|
};
|
||||||
mimir-environment.file = ../../../secrets/mimir-environment.age;
|
mimir-environment.file = ../../../secrets/floral/mimir-environment.age;
|
||||||
mimir-webhook-url.file = ../../../secrets/mimir-webhook-url.age;
|
mimir-webhook-url.file = ../../../secrets/floral/mimir-webhook-url.age;
|
||||||
};
|
};
|
||||||
|
|
||||||
services.mimir = {
|
services.mimir = {
|
||||||
|
|
|
@ -13,10 +13,10 @@ in
|
||||||
config = mkIf cfg.enable {
|
config = mkIf cfg.enable {
|
||||||
age.secrets = {
|
age.secrets = {
|
||||||
metrics-push-htpasswd = {
|
metrics-push-htpasswd = {
|
||||||
file = ../../../secrets/metrics-push-htpasswd.age;
|
file = ../../../secrets/floral/metrics-push-htpasswd.age;
|
||||||
owner = "nginx";
|
owner = "nginx";
|
||||||
};
|
};
|
||||||
tempo-environment.file = ../../../secrets/tempo-environment.age;
|
tempo-environment.file = ../../../secrets/floral/tempo-environment.age;
|
||||||
};
|
};
|
||||||
|
|
||||||
services.tempo = {
|
services.tempo = {
|
||||||
|
|
|
@ -20,7 +20,7 @@ in
|
||||||
};
|
};
|
||||||
|
|
||||||
config = mkIf cfg.enable {
|
config = mkIf cfg.enable {
|
||||||
age.secrets.netbox-environment.file = ../../secrets/netbox-environment.age;
|
age.secrets.netbox-environment.file = ../../secrets/floral/netbox-environment.age;
|
||||||
services = {
|
services = {
|
||||||
netbox = {
|
netbox = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
|
@ -70,7 +70,7 @@ in
|
||||||
];
|
];
|
||||||
|
|
||||||
config = mkIf cfg.enable {
|
config = mkIf cfg.enable {
|
||||||
age.secrets.s3-revproxy-api-keys.file = ../../secrets/s3-revproxy-api-keys.age;
|
age.secrets.s3-revproxy-api-keys.file = ../../secrets/floral/s3-revproxy-api-keys.age;
|
||||||
# For each target, generate an entry that passes it to the s3-revproxy.
|
# For each target, generate an entry that passes it to the s3-revproxy.
|
||||||
services.nginx.virtualHosts = mapAttrs' (subdomain: _: nameValuePair "${subdomain}.${cfg.domain}" (mkProxiedSubdomain subdomain)) cfg.targets;
|
services.nginx.virtualHosts = mapAttrs' (subdomain: _: nameValuePair "${subdomain}.${cfg.domain}" (mkProxiedSubdomain subdomain)) cfg.targets;
|
||||||
# this solves garage supporting neither anonymous access nor automatic
|
# this solves garage supporting neither anonymous access nor automatic
|
||||||
|
|
|
@ -59,7 +59,7 @@ in
|
||||||
443
|
443
|
||||||
];
|
];
|
||||||
|
|
||||||
age.secrets.stateless-uptime-kuma-password.file = ../../secrets/stateless-uptime-kuma-password.age;
|
age.secrets.stateless-uptime-kuma-password.file = ../../secrets/floral/stateless-uptime-kuma-password.age;
|
||||||
statelessUptimeKuma = {
|
statelessUptimeKuma = {
|
||||||
probesConfig = {
|
probesConfig = {
|
||||||
monitors = lib.genAttrs subdomains (name: {
|
monitors = lib.genAttrs subdomains (name: {
|
||||||
|
|
Loading…
Reference in a new issue