diff --git a/flake.lock b/flake.lock index 5f0c66a..8adbe27 100644 --- a/flake.lock +++ b/flake.lock @@ -22,6 +22,91 @@ "type": "github" } }, + "attic": { + "inputs": { + "crane": "crane", + "flake-compat": "flake-compat", + "flake-utils": "flake-utils", + "nixpkgs": [ + "nixpkgs" + ], + "nixpkgs-stable": "nixpkgs-stable" + }, + "locked": { + "lastModified": 1686620679, + "narHash": "sha256-Ck/r3f+W9mOn3cHn5ii/fogBiJtosFnDaOQveaJ0zVU=", + "owner": "zhaofengli", + "repo": "attic", + "rev": "4fedffe6a1020edfcfa7bef18d21321d4983b3a7", + "type": "github" + }, + "original": { + "owner": "zhaofengli", + "repo": "attic", + "type": "github" + } + }, + "crane": { + "inputs": { + "flake-compat": [ + "attic", + "flake-compat" + ], + "flake-utils": [ + "attic", + "flake-utils" + ], + "nixpkgs": [ + "attic", + "nixpkgs" + ], + "rust-overlay": "rust-overlay" + }, + "locked": { + "lastModified": 1677892403, + "narHash": "sha256-/Wi0L1spSWLFj+UQxN3j0mPYMoc7ZoAujpUF/juFVII=", + "owner": "ipetkov", + "repo": "crane", + "rev": "105e27adb70a9890986b6d543a67761cbc1964a2", + "type": "github" + }, + "original": { + "owner": "ipetkov", + "repo": "crane", + "type": "github" + } + }, + "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1673956053, + "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-utils": { + "locked": { + "lastModified": 1667395993, + "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, "home-manager": { "inputs": { "nixpkgs": [ @@ -58,11 +143,55 @@ "type": "indirect" } }, + "nixpkgs-stable": { + "locked": { + "lastModified": 1685004253, + "narHash": "sha256-AbVL1nN/TDicUQ5wXZ8xdLERxz/eJr7+o8lqkIOVuaE=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "3e01645c40b92d29f3ae76344a6d654986a91a91", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-23.05", + "repo": "nixpkgs", + "type": "github" + } + }, "root": { "inputs": { "agenix": "agenix", + "attic": "attic", "nixpkgs": "nixpkgs" } + }, + "rust-overlay": { + "inputs": { + "flake-utils": [ + "attic", + "crane", + "flake-utils" + ], + "nixpkgs": [ + "attic", + "crane", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1675391458, + "narHash": "sha256-ukDKZw922BnK5ohL9LhwtaDAdCsJL7L6ScNEyF1lO9w=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "383a4acfd11d778d5c2efcf28376cbd845eeaedf", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "rust-overlay", + "type": "github" + } } }, "root": "root", diff --git a/flake.nix b/flake.nix index 648a79b..e8f83db 100644 --- a/flake.nix +++ b/flake.nix @@ -107,6 +107,13 @@ notificationSender = "hydra@matri.cx"; buildMachinesFiles = [ ]; }; + + minio = { + enable = true; + listenAddress = ":9000"; + rootCredentialsFile = + self.nixosConfigurations.eve-psr-nix0.config.age.secrets.minio_root.path; + }; }; virtualisation = { @@ -139,6 +146,7 @@ secrets = { attic_token.file = ./secrets/attic_token.age; keys.file = ./secrets/keys.age; + minio_root.file = ./secrets/minio_root.age; sezycei.file = ./secrets/sezycei.age; }; }; diff --git a/secrets.nix b/secrets.nix index 6374f72..fb2ed5b 100644 --- a/secrets.nix +++ b/secrets.nix @@ -10,6 +10,9 @@ in "secrets/keys.age" = { publicKeys = all; }; + "secrets/minio_root.age" = { + publicKeys = all; + }; "secrets/sezycei.age" = { publicKeys = all; }; diff --git a/secrets/minio_root.age b/secrets/minio_root.age new file mode 100644 index 0000000..9d3d9ee Binary files /dev/null and b/secrets/minio_root.age differ