From 970e9edecc828bff3b2d49e14a22fa3192a21cc2 Mon Sep 17 00:00:00 2001 From: Ahwx Date: Thu, 7 Aug 2025 13:33:58 +0200 Subject: [PATCH 1/4] chore: allow port `5201` --- hosts/violet/default.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/hosts/violet/default.nix b/hosts/violet/default.nix index bc15f41..d361648 100644 --- a/hosts/violet/default.nix +++ b/hosts/violet/default.nix @@ -38,6 +38,10 @@ 80 443 25565 + 5201 + ]; + allowedUDPPorts = [ + 5201 ]; }; From 90fd076356e4bc9edc67ca83d51be287939267b1 Mon Sep 17 00:00:00 2001 From: Ahwx Date: Thu, 7 Aug 2025 13:40:41 +0200 Subject: [PATCH 2/4] chore: secrets --- secrets/violet/secrets.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/secrets/violet/secrets.yaml b/secrets/violet/secrets.yaml index 2d64eda..64f39ae 100644 --- a/secrets/violet/secrets.yaml +++ b/secrets/violet/secrets.yaml @@ -1,6 +1,7 @@ systemMailerPassword: ENC[AES256_GCM,data:b1fvCLZMiA9xDu/9BKQGnCTbwj46uixlo37qer66DK09U7CEB8ZBqe+Y+DqjcOJUHHHSo8Qk1XGvGQWypkGICxmxNP8KWvmY42Woh3677APvotUdjW5fVKTgB+Y1m/6/cvXKicJFjbw5LOzZ2/JcXP01KPSkRxWb/X4xzvawSMY=,iv:vbchTqHaH2PB9Mll/s8q4zLhN6ThAsCVvhoggOhj7H4=,tag:6b+TiV1YYHWOn0P9qJZ/bQ==,type:str] forgejoWorkerSecret: ENC[AES256_GCM,data:kmUjukTJ9SP6nJvfhIMFVTu5vAc9TIfZidUgejC7FSNBDJiP/lVlHw==,iv:jF9LpWLxtBi5i5NCC5nkLeLqJQzOAIY7H1z2NfHqUQI=,tag:3mtTcn+LQEbCESlt34nf9g==,type:str] matrixRegistrationSecret: ENC[AES256_GCM,data:xDFYVpBJa+FHWjmLlZspJAzJcoav53nWPoctQ5+gAnDYMurtSCkmoQn8r5j6fOmiy56KQyk8AD2/kT1HeFFNKA==,iv:82eIoh1ePc0VxfTbBPxpwGhYrcdRMI6WjFhlUJhxuHk=,tag:FAYUXUy0lEQU56ni2dxvbg==,type:str] +minioRootCredentials: ENC[AES256_GCM,data:/IrpspB6Puy+6scHheBSBp6zQVh8uwpu4nFPLSkueuohSUESPHbRb0w1XAp4V5HraMtOThFqlm0JeBW0XbhY4E8L1P+S3/aMLKjp2voA928l9AjF6sTaSKsO7qh6LEmo90qm9Jo0nDo=,iv:M5NOGfSsl+LggLyEjV49vcWCaYmbG0eJcgwI2v7AKcI=,tag:A+CrDTL+TkEayOqBUII4aQ==,type:str] sops: age: - recipient: age1yzapmznelujajfyrpw5mxmy86ckg377494w5ap4yej39jatewursfxls9w @@ -21,7 +22,7 @@ sops: S3pjSjlhZjZiSDBNakhLVzNKMjd3bWsKC2geLVXFp190lkjxtmZKq8aLN0XMNeAI VqbwIY3a30iuWAaxqf8h1ZuCGJvbAZZBevFZraj9yktRHc54JV3Aww== -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-07-30T12:37:11Z" - mac: ENC[AES256_GCM,data:pGnJaFRqa3sjouALSjy8+ClhqE+RNR4b5SMLKB356WtnHtALrGnd/RzPTMyLLTOht1td1Fk5jY8WoUy225qqfI1yy0Mne+qtnFqd9++XTmiY1b7ARBeNvvM/mMuZyp34Mz8WLx+imrLcX6TAlpRZ/SWtv5BE9nleHCwpNvFpqfc=,iv:q8bKIFQd6dRSDBk3qhipOK0E/4NZgIcVCo4Mwu9Ddf8=,tag:JjL3sFxSMx4dp1Swt2lbvg==,type:str] + lastmodified: "2025-08-06T12:33:06Z" + mac: ENC[AES256_GCM,data:9U5QLQrk+61pIgfWSC468m7url0GGztamVlu0D74hSOf8iyLHiL1RHIKuB9t8Dk5bIGruVQE2zN8TZIHzktMofc1arSP69Zxl41EGNCyrm2uAyEguQelxZzRb/7bNe/Kkm6oLN1fQ8TJ1t7nyiTQCdbhl/wFZwSZxGemv7t8hKI=,iv:AEvP5cdOl0dX3o/0Zoy8112rqhE0cKNX8B5lyFEe6f4=,tag:LRqM5L3DB4Tyhe++4Hcqcw==,type:str] unencrypted_suffix: _unencrypted version: 3.10.2 From 24fa9dbc9f7ccd079806cdaf64cf6151ad9b1b5f Mon Sep 17 00:00:00 2001 From: Ahwx Date: Thu, 7 Aug 2025 13:41:11 +0200 Subject: [PATCH 3/4] chore: comply with new `forgejo` namings --- modules/services/forgejo.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/services/forgejo.nix b/modules/services/forgejo.nix index 8291bcc..a2dc10e 100644 --- a/modules/services/forgejo.nix +++ b/modules/services/forgejo.nix @@ -39,7 +39,7 @@ in USER = config.liv.variables.senderEmail; }; }; - mailerPasswordFile = config.sops.secrets.systemMailerPassword.path; + secrets.mailer.PASSWD = config.sops.secrets.systemMailerPassword.path; }; gitea-actions-runner = { package = pkgs.forgejo-runner; From b9e9c239fb59ec6dea5c792a23e1bd0ce650682f Mon Sep 17 00:00:00 2001 From: Ahwx Date: Thu, 7 Aug 2025 13:41:26 +0200 Subject: [PATCH 4/4] chore: secrets --- modules/core/sops.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/core/sops.nix b/modules/core/sops.nix index 0ef4b58..e457888 100644 --- a/modules/core/sops.nix +++ b/modules/core/sops.nix @@ -18,6 +18,7 @@ { "systemMailerPassword" = { }; "forgejoWorkerSecret" = { }; + "minioRootCredentials" = { }; "matrixRegistrationSecret" = { owner = "matrix-synapse"; };