From 16d8aa3dc64030a6ae16a3bc58526d3b82409b9b Mon Sep 17 00:00:00 2001 From: James Eversole Date: Tue, 27 Jun 2023 20:36:48 -0500 Subject: [PATCH] Remove the Transmission env file content from the nix store --- application/containers.nix | 3 ++- application/nginx.nix | 13 +++++-------- secrets.nix | 1 + secrets/transmission-env.age | Bin 0 -> 646 bytes system/age.nix | 1 + 5 files changed, 9 insertions(+), 9 deletions(-) create mode 100644 secrets/transmission-env.age diff --git a/application/containers.nix b/application/containers.nix index a9238e2..2a36eed 100644 --- a/application/containers.nix +++ b/application/containers.nix @@ -1,3 +1,4 @@ +{ config, ... }: { virtualisation.oci-containers = { containers = { @@ -74,7 +75,7 @@ "/home/torrent/data:/data" ]; environmentFiles = - [ /home/sezycei/srv/containerdata/transmission/.env ]; + [ config.age.secrets.transmission-env.path ]; extraOptions = [ "--cap-add=NET_ADMIN" "--privileged" ]; }; diff --git a/application/nginx.nix b/application/nginx.nix index 90521f9..eaf8021 100644 --- a/application/nginx.nix +++ b/application/nginx.nix @@ -1,11 +1,7 @@ -{ pkgs, config, ... }: -let - containernix = import ./containers.nix; - containers = containernix.virtualisation.oci-containers.containers; -in -{ +{ pkgs, config, ... }: { services.nginx = { enable = true; + recommendedProxySettings = true; recommendedOptimisation = true; recommendedGzipSettings = true; @@ -36,6 +32,7 @@ in extraConfig = extra; }; }; + proxiedLAN = { target }: base { "/" = { proxyPass = target; @@ -58,7 +55,7 @@ in }; "eversole.co" = static { dir = "/var/www/jame.su"; }; "git.eversole.co" = proxied { target = "http://127.0.0.1:5121"; }; - "graf.eversole.co" = { root = "/var/www/graf.eversole.co"; }; # refer to /monitoring/nginx.nix + "graf.matri.cx" = { root = "/var/www/graf.matri.cx"; }; # refer to /monitoring/nginx.nix "hydra.matri.cx" = proxied { target = "http://127.0.0.1:3034"; extra = '' @@ -70,7 +67,7 @@ in "media.matri.cx" = proxied { target = "http://127.0.0.1:8096"; }; "sezycei.com" = static { dir = "/var/www/sezycei.com"; }; "snakebelmont.com" = static { dir = "/var/www/snakebelmont.com"; }; - "transmission.matri.cx" = proxiedLAN { target = "http://127.0.0.1:9001"; }; + "transmission.matri.cx" = proxiedLAN { target = "http://127.0.0.1:9091"; }; "purr.eversole.co" = proxied { target = "http://127.0.0.1:5195"; }; }; }; diff --git a/secrets.nix b/secrets.nix index 8e7d1eb..04cdd0b 100644 --- a/secrets.nix +++ b/secrets.nix @@ -11,4 +11,5 @@ in "secrets/htpasswd-dock.age" = { publicKeys = all; }; "secrets/keys.age" = { publicKeys = all; }; "secrets/sezycei.age" = { publicKeys = all; }; + "secrets/transmission-env.age" = { publicKeys = all; }; } diff --git a/secrets/transmission-env.age b/secrets/transmission-env.age new file mode 100644 index 0000000000000000000000000000000000000000..53cc046a6a2ac256117079797a460e7087376f71 GIT binary patch literal 646 zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR14F3!+RO))YxHMCSn2{bowD_02B&hyF8 z_sWkd^G{4Hvam2N3s20__p5Xb_Q_2vj0`tSj4%(Y2n;gGEau86*3ROJJzc>tz~8f~AjieeGNj1e zz%4Keb|(%c|1Cppj5Ai~4XEz%+-s3g%VGmxvY%rM`;G%2DYEh^c(+@+#8!^k^tTS*v~uCA^^K!t~8lDCs@ZgGjPb5N2= zk)^+}c1TcJWMZVVk!w_PRZ^alQ&y2zqNxd2&4+)l{&EOa+hgTc7`Nz|-`Hnf8bClTVwU**aHBfNR>XRdY9HEvkOjwmdTJl+kJR zb-Q%_edICwln}FXrE2f5Q