chris/sneeuwvlok
chris/sneeuwvlok
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

check in time

Browse source
This commit is contained in:
Chris Kruining 2026-04-02 11:37:34 +02:00
parent 4dfcd5cca8
commit a8a639db6e
No known key found for this signature in database
GPG key ID: EB894A3560CCCAD2
39 changed files with 436 additions and 307 deletions
Download patch file Download diff file Expand all files Collapse all files

91
clan.nix
View file

@ -8,36 +8,8 @@
directory = ./.; directory = ./.;
exportInterfaces = { exportInterfaces = {
persistence = {lib, ...}: let persistence = import ./interfaces/persistence.nix;
inherit (lib) mkOption types; servarr = import ./interfaces/servarr.nix;
in {
options = {
main = mkOption {
type = types.str;
};
database = mkOption {
type = types.attrsOf types.anything;
};
};
};
servarr = {lib, ...}: let
inherit (lib) mkOption types;
in {
options = {
services = mkOption {
type = types.attrsOf (types.submodule {
options = {
port = mkOption {
type = types.port;
};
};
});
default = "awesome!";
};
};
};
}; };
inventory.machines = { inventory.machines = {
@ -99,8 +71,10 @@
inventory.instances = { inventory.instances = {
users-chris = { users-chris = {
module.name = "users"; module = {
module.input = "clan-core"; name = "users";
input = "clan-core";
};
roles.default.machines.mandos.settings = {}; roles.default.machines.mandos.settings = {};
roles.default.machines.manwe.settings = {}; roles.default.machines.manwe.settings = {};
@ -116,38 +90,45 @@
}; };
persistence = { persistence = {
module.name = "persistence"; module = {
module.input = "self"; name = "persistence";
input = "self";
};
# TODO :: Convert to use tags instead # TODO :: Convert to use tags instead
roles.default.machines.ulmo.settings = {}; roles.default.machines.ulmo.settings = {};
}; };
servarr = { servarr = {
module.name = "servarr"; module = {
module.input = "self"; name = "servarr";
input = "self";
};
# TODO :: Convert to use tags instead # TODO :: Convert to use tags instead
roles.default.machines.ulmo.settings = {}; roles.default = {
roles.default.settings = { machines.ulmo.settings = {};
enable = true;
services = { settings = {
sonarr = { enable = true;
rootFolders = [ services = {
"/var/media/series" sonarr = {
]; rootFolders = [
"/var/media/series"
];
};
radarr = {
rootFolders = [
"/var/media/movies"
];
};
lidarr = {
rootFolders = [
"/var/media/music"
];
};
prowlarr = {};
}; };
radarr = {
rootFolders = [
"/var/media/movies"
];
};
lidarr = {
rootFolders = [
"/var/media/music"
];
};
prowlarr = {};
}; };
}; };
}; };

153
clanServices/peristence/default.nix
View file

@ -1,4 +1,11 @@
{...}: { {
lib,
clanLib,
exports,
...
}: let
inherit (builtins) toString;
in {
_class = "clan.service"; _class = "clan.service";
manifest = { manifest = {
name = "arda/persistence"; name = "arda/persistence";
@ -7,28 +14,156 @@
(for now this means a database. and specifically it means postgres) (for now this means a database. and specifically it means postgres)
''; '';
readme = builtins.readFile ./README.md; readme = builtins.readFile ./README.md;
exports.out = ["persistence"]; exports = {
inputs = ["persistence"];
out = ["persistence"];
};
}; };
roles.default = { roles.default = {
description = ''''; description = '''';
interface = {...}: { interface = {lib, ...}: let
options = {}; inherit (lib) mkOption types;
in {
options = {
port = mkOption {
type = types.port;
default = 5432;
};
};
}; };
perInstance = {mkExports, ...}: { perInstance = {
mkExports,
machine,
settings,
...
}: let
requested_databases =
exports
|> clanLib.selectExports (_scope: true)
|> lib.mapAttrsToList (_: value: value.persistence.databases or [])
|> lib.concatLists;
in {
exports = mkExports { exports = mkExports {
persistence = { persistence = {
main = "postgresql"; main = "postgresql";
database.postgresql = { driver.postgresql = {
host = ""; host = "localhost";
port = 5432; port = settings.port;
databases = requested_databases;
}; };
}; };
}; };
nixosModule = {...}: { nixosModule = {
lib,
pkgs,
config,
...
}: {
clan.core.vars.generators.postgresql = let
password_files =
requested_databases
|> lib.map (db: [
{
name = "${db}_password";
value = {
secret = true;
deploy = false;
};
}
])
|> lib.concatLists
|> lib.listToAttrs;
in {
files =
{
"server.crt" = {
secret = true;
deploy = true;
};
"server.key" = {
secret = true;
deploy = true;
};
".pgpass" = {
secret = true;
deploy = true;
owner = "postgres";
group = "postgres";
mode = "0600";
restartUnits = ["service.postgresql"];
};
}
// password_files;
runtimeInputs = with pkgs; [openssl_3_5 pwgen];
script = ''
openssl req \
-new -x509 -days 365 -nodes -text \
-out $out/server.crt \
-keyout $out/server.key \
-subj "/CN=db.${config.networking.fqdn}"
${requested_databases
|> lib.map (db: "pwgen -s 128 1 > $out/${db}_password")
|> lib.join "\n"}
cat << EOL > $out/.pgpass
#host:port:database:user:password
${requested_databases
|> lib.map (db: "*:${toString settings.port}:${db}:${db}:$(cat $out/${db}_password)")
|> lib.join "\n"}
EOL
'';
};
systemd.services.postgresql.environment.PGPASSFILE = config.clan.core.vars.generators.postgresql.files.".pgpass".path;
services = {
postgresql = {
enable = true;
# enableTCPIP = true;
settings = {
port = settings.port;
ssl = true;
};
ensureDatabases = requested_databases;
ensureUsers =
requested_databases
|> lib.map (db: {
name = db;
ensureDBOwnership = true;
ensureClauses = {
login = true;
connection_limit = 5;
};
});
identMap = ''
#map sys user db user
superuser_map root postgres
superuser_map postgres postgres
superuser_map /^(.+)$ \1
'';
authentication = ''
# Generated file, do not edit!
# type database user auth-method optional_ident_map
local sameuser all peer map=superuser_map
# TYPE DATABASE USER ADDRESS METHOD
# local all all trust
host all all 127.0.0.1/32 scram-sha-256
host all all ::1/128 scram-sha-256
'';
};
};
}; };
}; };
}; };

31
clanServices/servarr/default.nix
View file

@ -1,6 +1,5 @@
{ {
exports, exports,
clanLib,
lib, lib,
... ...
}: { }: {
@ -11,8 +10,8 @@
categories = ["Service" "Media"]; categories = ["Service" "Media"];
readme = builtins.readFile ./README.md; readme = builtins.readFile ./README.md;
exports = { exports = {
inputs = ["persistence"]; inputs = [];
out = ["servarr"]; out = ["servarr" "persistence"];
}; };
}; };
@ -24,6 +23,16 @@
in { in {
options = { options = {
enable = mkEnableOption "Enable configured *arr services"; enable = mkEnableOption "Enable configured *arr services";
database = {
host = mkOption {
type = types.str;
};
port = mkOption {
type = types.port;
};
};
services = mkOption { services = mkOption {
type = types.attrsOf (types.submodule ({name, ...}: { type = types.attrsOf (types.submodule ({name, ...}: {
options = { options = {
@ -53,6 +62,10 @@
... ...
}: { }: {
exports = mkExports { exports = mkExports {
persistence.databases =
settings.services
|> lib.attrNames;
servarr.services = servarr.services =
settings.services settings.services
|> lib.attrNames |> lib.attrNames
@ -73,8 +86,6 @@
servarr = import ./lib.nix (args // {inherit settings;}); servarr = import ./lib.nix (args // {inherit settings;});
services = settings.services |> lib.attrNames; services = settings.services |> lib.attrNames;
service_count = services |> lib.length; service_count = services |> lib.length;
db = exports |> clanLib.getExport {serviceName = "persistence";};
in { in {
imports = [ imports = [
(import ./sabnzbd.nix (args (import ./sabnzbd.nix (args
@ -121,16 +132,6 @@
openFirewall = true; openFirewall = true;
port = 2000 + service_count + 3; port = 2000 + service_count + 3;
}; };
postgresql = {
ensureDatabases = services;
ensureUsers =
services
|> lib.map (service: {
name = service;
ensureDBOwnership = true;
});
};
}; };
}; };
}; };

28
clanServices/servarr/lib.nix
View file

@ -13,6 +13,8 @@
options, options,
... ...
}: { }: {
dependencies = ["postgresql"];
files = { files = {
api_key = { api_key = {
secret = true; secret = true;
@ -33,7 +35,10 @@
runtimeInputs = with pkgs; [pwgen]; runtimeInputs = with pkgs; [pwgen];
script = '' script = ''
pwgen -s 128 1 > $out/api_key pwgen -s 128 1 > $out/api_key
echo ${lib.toUpper service}__AUTH__APIKEY="$(cat $out/api_key)" > $out/config.env cat << EOL > $out/config.env
${lib.toUpper service}__AUTH__APIKEY="$(cat $out/api_key)"
${lib.toUpper service}__POSTGRES_PASSWORD="$(cat $in/postgresql/${service}_password)"
EOL
''; '';
}; };
@ -41,7 +46,9 @@
service, service,
options, options,
... ...
}: }: let
inherit (builtins) toString;
in
{ {
enable = true; enable = true;
openFirewall = true; openFirewall = true;
@ -58,9 +65,10 @@
port = options.port; port = options.port;
}; };
# Password provided via environment file
postgres = { postgres = {
host = "localhost"; host = settings.database.host;
port = "5432"; port = toString settings.database.port;
user = service; user = service;
maindb = service; maindb = service;
logdb = service; logdb = service;
@ -72,7 +80,7 @@
group = "media"; group = "media";
}); });
createSystemdService = { createSystemdService = args @ {
service, service,
options, options,
... ...
@ -81,7 +89,7 @@
terraformConfiguration = self.inputs.terranix.lib.terranixConfiguration { terraformConfiguration = self.inputs.terranix.lib.terranixConfiguration {
system = pkgs.stdenv.hostPlatform.system; system = pkgs.stdenv.hostPlatform.system;
modules = [ modules = [
(createInfra {inherit service options;}) (createInfra args)
]; ];
}; };
in { in {
@ -300,7 +308,7 @@
)); ));
}; };
in { in {
createModule = services: {...}: { createModule = services: args: {
config = config =
services services
|> lib.attrsToList |> lib.attrsToList
@ -311,10 +319,10 @@ in {
service = name; service = name;
options = value // {port = 2000 + i;}; options = value // {port = 2000 + i;};
in { in {
clan.core.vars.generators.${service} = createGenerator {inherit service options;}; clan.core.vars.generators.${service} = createGenerator (args // {inherit service options;});
services.${service} = createService {inherit service options;}; services.${service} = createService (args // {inherit service options;});
systemd.services."${service}-apply-infra" = lib.mkIf settings.enable (createSystemdService {inherit service options;}); systemd.services."${service}-apply-infra" = lib.mkIf settings.enable (createSystemdService (args // {inherit service options;}));
}) })
|> lib.mkMerge; |> lib.mkMerge;
}; };

20
interfaces/persistence.nix Normal file
View file

@ -0,0 +1,20 @@
{lib, ...}: let
inherit (lib) mkOption types;
in {
options = {
main = mkOption {
type = types.nullOr types.str;
default = null;
};
driver = mkOption {
type = types.attrsOf types.anything;
default = {};
};
databases = mkOption {
type = types.listOf types.str;
default = [];
};
};
}

16
interfaces/servarr.nix Normal file
View file

@ -0,0 +1,16 @@
{lib, ...}: let
inherit (lib) mkOption types;
in {
options = {
services = mkOption {
type = types.attrsOf (types.submodule {
options = {
port = mkOption {
type = types.port;
};
};
});
default = {};
};
};
}

372
machines/ulmo/configuration.nix
View file

@ -66,221 +66,221 @@
}; };
}; };
sneeuwvlok = { # sneeuwvlok = {
services = { # services = {
backup.borg.enable = true; # backup.borg.enable = true;
authentication.zitadel = { # authentication.zitadel = {
enable = true; # enable = true;
organization = { # organization = {
nix = { # nix = {
user = { # user = {
chris = { # chris = {
email = "chris@kruining.eu"; # email = "chris@kruining.eu";
firstName = "Chris"; # firstName = "Chris";
lastName = "Kruining"; # lastName = "Kruining";
roles = ["ORG_OWNER"]; # roles = ["ORG_OWNER"];
instanceRoles = ["IAM_OWNER"]; # instanceRoles = ["IAM_OWNER"];
}; # };
kaas = { # kaas = {
email = "chris+kaas@kruining.eu"; # email = "chris+kaas@kruining.eu";
firstName = "Kaas"; # firstName = "Kaas";
lastName = "Kruining"; # lastName = "Kruining";
}; # };
}; # };
project = { # project = {
ulmo = { # ulmo = {
projectRoleCheck = true; # projectRoleCheck = true;
projectRoleAssertion = true; # projectRoleAssertion = true;
hasProjectCheck = true; # hasProjectCheck = true;
role = { # role = {
jellyfin = { # jellyfin = {
group = "jellyfin"; # group = "jellyfin";
}; # };
jellyfin_admin = { # jellyfin_admin = {
group = "jellyfin"; # group = "jellyfin";
}; # };
}; # };
assign = { # assign = {
chris = ["jellyfin" "jellyfin_admin"]; # chris = ["jellyfin" "jellyfin_admin"];
kaas = ["jellyfin"]; # kaas = ["jellyfin"];
}; # };
application = { # application = {
jellyfin = { # jellyfin = {
redirectUris = ["https://jellyfin.kruining.eu/sso/OID/redirect/zitadel"]; # redirectUris = ["https://jellyfin.kruining.eu/sso/OID/redirect/zitadel"];
grantTypes = ["authorizationCode"]; # grantTypes = ["authorizationCode"];
responseTypes = ["code"]; # responseTypes = ["code"];
}; # };
forgejo = { # forgejo = {
redirectUris = ["https://git.amarth.cloud/user/oauth2/zitadel/callback"]; # redirectUris = ["https://git.amarth.cloud/user/oauth2/zitadel/callback"];
grantTypes = ["authorizationCode"]; # grantTypes = ["authorizationCode"];
responseTypes = ["code"]; # responseTypes = ["code"];
}; # };
vaultwarden = { # vaultwarden = {
redirectUris = ["https://vault.kruining.eu/identity/connect/oidc-signin"]; # redirectUris = ["https://vault.kruining.eu/identity/connect/oidc-signin"];
grantTypes = ["authorizationCode"]; # grantTypes = ["authorizationCode"];
responseTypes = ["code"]; # responseTypes = ["code"];
exportMap = { # exportMap = {
client_id = "SSO_CLIENT_ID"; # client_id = "SSO_CLIENT_ID";
client_secret = "SSO_CLIENT_SECRET"; # client_secret = "SSO_CLIENT_SECRET";
}; # };
}; # };
matrix = { # matrix = {
redirectUris = ["https://matrix.kruining.eu/_synapse/client/oidc/callback"]; # redirectUris = ["https://matrix.kruining.eu/_synapse/client/oidc/callback"];
grantTypes = ["authorizationCode"]; # grantTypes = ["authorizationCode"];
responseTypes = ["code"]; # responseTypes = ["code"];
}; # };
mydia = { # mydia = {
redirectUris = ["http://localhost:2010/auth/oidc/callback"]; # redirectUris = ["http://localhost:2010/auth/oidc/callback"];
grantTypes = ["authorizationCode"]; # grantTypes = ["authorizationCode"];
responseTypes = ["code"]; # responseTypes = ["code"];
}; # };
grafana = { # grafana = {
redirectUris = ["http://localhost:9001/login/generic_oauth"]; # redirectUris = ["http://localhost:9001/login/generic_oauth"];
grantTypes = ["authorizationCode"]; # grantTypes = ["authorizationCode"];
responseTypes = ["code"]; # responseTypes = ["code"];
}; # };
}; # };
}; # };
convex = { # convex = {
projectRoleCheck = true; # projectRoleCheck = true;
projectRoleAssertion = true; # projectRoleAssertion = true;
hasProjectCheck = true; # hasProjectCheck = true;
application = { # application = {
scry = { # scry = {
redirectUris = ["https://nautical-salamander-320.eu-west-1.convex.cloud/api/auth/callback/zitadel"]; # redirectUris = ["https://nautical-salamander-320.eu-west-1.convex.cloud/api/auth/callback/zitadel"];
grantTypes = ["authorizationCode"]; # grantTypes = ["authorizationCode"];
responseTypes = ["code"]; # responseTypes = ["code"];
}; # };
}; # };
}; # };
}; # };
action = { # action = {
flattenRoles = { # flattenRoles = {
script = '' # script = ''
(ctx, api) => { # (ctx, api) => {
if (ctx.v1.user.grants == undefined || ctx.v1.user.grants.count == 0) { # if (ctx.v1.user.grants == undefined || ctx.v1.user.grants.count == 0) {
return; # return;
} # }
const roles = ctx.v1.user.grants.grants.flatMap(({ roles, projectId }) => roles.map(role => projectId + ':' + role)); # const roles = ctx.v1.user.grants.grants.flatMap(({ roles, projectId }) => roles.map(role => projectId + ':' + role));
api.v1.claims.setClaim('nix:zitadel:custom', JSON.stringify({ roles })); # api.v1.claims.setClaim('nix:zitadel:custom', JSON.stringify({ roles }));
}; # };
''; # '';
}; # };
}; # };
triggers = [ # triggers = [
{ # {
flowType = "customiseToken"; # flowType = "customiseToken";
triggerType = "preUserinfoCreation"; # triggerType = "preUserinfoCreation";
actions = ["flattenRoles"]; # actions = ["flattenRoles"];
} # }
{ # {
flowType = "customiseToken"; # flowType = "customiseToken";
triggerType = "preAccessTokenCreation"; # triggerType = "preAccessTokenCreation";
actions = ["flattenRoles"]; # actions = ["flattenRoles"];
} # }
]; # ];
}; # };
}; # };
}; # };
communication.matrix.enable = true; # communication.matrix.enable = true;
development.forgejo.enable = true; # development.forgejo.enable = true;
networking.ssh.enable = true; # networking.ssh.enable = true;
networking.caddy.hosts = { # networking.caddy.hosts = {
# Expose amarht cloud stuff like this until I have a proper solution # # Expose amarht cloud stuff like this until I have a proper solution
"auth.amarth.cloud" = '' # "auth.amarth.cloud" = ''
reverse_proxy http://192.168.1.223:9092 # reverse_proxy http://192.168.1.223:9092
''; # '';
"amarth.cloud" = '' # "amarth.cloud" = ''
reverse_proxy http://192.168.1.223:8080 # reverse_proxy http://192.168.1.223:8080
''; # '';
}; # };
media.enable = true; # media.enable = true;
media.glance.enable = true; # media.glance.enable = true;
media.mydia.enable = true; # media.mydia.enable = true;
media.nfs.enable = true; # media.nfs.enable = true;
media.jellyfin.enable = true; # media.jellyfin.enable = true;
# media.servarr = { # # media.servarr = {
# radarr = { # # radarr = {
# enable = true; # # enable = true;
# port = 2001; # # port = 2001;
# rootFolders = [ # # rootFolders = [
# "/var/media/movies" # # "/var/media/movies"
# ]; # # ];
# }; # # };
# sonarr = { # # sonarr = {
# enable = true; # # enable = true;
# # debug = true; # # # debug = true;
# port = 2002; # # port = 2002;
# rootFolders = [ # # rootFolders = [
# "/var/media/series" # # "/var/media/series"
# ]; # # ];
# }; # # };
# lidarr = { # # lidarr = {
# enable = true; # # enable = true;
# debug = true; # # debug = true;
# port = 2003; # # port = 2003;
# rootFolders = [ # # rootFolders = [
# "/var/media/music" # # "/var/media/music"
# ]; # # ];
# }; # # };
# prowlarr = { # # prowlarr = {
# enable = true; # # enable = true;
# # debug = true; # # # debug = true;
# port = 2004; # # port = 2004;
# }; # # };
# }; # # };
observability = { # observability = {
grafana.enable = true; # grafana.enable = true;
prometheus.enable = true; # prometheus.enable = true;
loki.enable = true; # loki.enable = true;
promtail.enable = true; # promtail.enable = true;
# uptime-kuma.enable = true; # # uptime-kuma.enable = true;
}; # };
security.vaultwarden = { # security.vaultwarden = {
enable = true; # enable = true;
database = { # database = {
# type = "sqlite"; # # type = "sqlite";
# file = "/var/lib/vaultwarden/state.db"; # # file = "/var/lib/vaultwarden/state.db";
type = "postgresql"; # type = "postgresql";
host = "localhost"; # host = "localhost";
port = 5432; # port = 5432;
sslMode = "disabled"; # sslMode = "disabled";
}; # };
}; # };
}; # };
editor = { # editor = {
nano.enable = true; # nano.enable = true;
}; # };
}; # };
} }

1
vars/per-machine/ulmo/lidarr/api_key/machines/ulmo
View file

@ -1 +0,0 @@
../../../../../../sops/machines/ulmo

1
vars/per-machine/ulmo/lidarr/api_key/users/chris
View file

@ -1 +0,0 @@
../../../../../../sops/users/chris

1
vars/per-machine/ulmo/lidarr/config.env/machines/ulmo
View file

@ -1 +0,0 @@
../../../../../../sops/machines/ulmo

1
vars/per-machine/ulmo/lidarr/config.env/users/chris
View file

@ -1 +0,0 @@
../../../../../../sops/users/chris

1
vars/per-machine/ulmo/postgresql/.pgpass/machines/ulmo
View file

@ -1 +0,0 @@
../../../../../../sops/machines/ulmo

1
vars/per-machine/ulmo/postgresql/.pgpass/users/chris
View file

@ -1 +0,0 @@
../../../../../../sops/users/chris

1
vars/per-machine/ulmo/postgresql/lidarr_hash/users/chris
View file

@ -1 +0,0 @@
../../../../../../sops/users/chris

1
vars/per-machine/ulmo/postgresql/lidarr_password/users/chris
View file

@ -1 +0,0 @@
../../../../../../sops/users/chris

1
vars/per-machine/ulmo/postgresql/prowlarr_hash/users/chris
View file

@ -1 +0,0 @@
../../../../../../sops/users/chris

1
vars/per-machine/ulmo/postgresql/prowlarr_password/users/chris
View file

@ -1 +0,0 @@
../../../../../../sops/users/chris

1
vars/per-machine/ulmo/postgresql/radarr_hash/users/chris
View file

@ -1 +0,0 @@
../../../../../../sops/users/chris

1
vars/per-machine/ulmo/postgresql/radarr_password/users/chris
View file

@ -1 +0,0 @@
../../../../../../sops/users/chris

1
vars/per-machine/ulmo/postgresql/server.crt/machines/ulmo
View file

@ -1 +0,0 @@
../../../../../../sops/machines/ulmo

1
vars/per-machine/ulmo/postgresql/server.crt/users/chris
View file

@ -1 +0,0 @@
../../../../../../sops/users/chris

1
vars/per-machine/ulmo/postgresql/server.key/machines/ulmo
View file

@ -1 +0,0 @@
../../../../../../sops/machines/ulmo

1
vars/per-machine/ulmo/postgresql/server.key/users/chris
View file

@ -1 +0,0 @@
../../../../../../sops/users/chris

1
vars/per-machine/ulmo/postgresql/sonarr_hash/users/chris
View file

@ -1 +0,0 @@
../../../../../../sops/users/chris

1
vars/per-machine/ulmo/postgresql/sonarr_password/users/chris
View file

@ -1 +0,0 @@
../../../../../../sops/users/chris

1
vars/per-machine/ulmo/prowlarr/api_key/machines/ulmo
View file

@ -1 +0,0 @@
../../../../../../sops/machines/ulmo

1
vars/per-machine/ulmo/prowlarr/api_key/users/chris
View file

@ -1 +0,0 @@
../../../../../../sops/users/chris

1
vars/per-machine/ulmo/prowlarr/config.env/machines/ulmo
View file

@ -1 +0,0 @@
../../../../../../sops/machines/ulmo

1
vars/per-machine/ulmo/prowlarr/config.env/users/chris
View file

@ -1 +0,0 @@
../../../../../../sops/users/chris

1
vars/per-machine/ulmo/radarr/api_key/machines/ulmo
View file

@ -1 +0,0 @@
../../../../../../sops/machines/ulmo

1
vars/per-machine/ulmo/radarr/api_key/users/chris
View file

@ -1 +0,0 @@
../../../../../../sops/users/chris

1
vars/per-machine/ulmo/radarr/config.env/machines/ulmo
View file

@ -1 +0,0 @@
../../../../../../sops/machines/ulmo

1
vars/per-machine/ulmo/radarr/config.env/users/chris
View file

@ -1 +0,0 @@
../../../../../../sops/users/chris

1
vars/per-machine/ulmo/servarr/config.tfvars/machines/ulmo
View file

@ -1 +0,0 @@
../../../../../../sops/machines/ulmo

1
vars/per-machine/ulmo/servarr/config.tfvars/users/chris
View file

@ -1 +0,0 @@
../../../../../../sops/users/chris

1
vars/per-machine/ulmo/sonarr/api_key/machines/ulmo
View file

@ -1 +0,0 @@
../../../../../../sops/machines/ulmo

1
vars/per-machine/ulmo/sonarr/api_key/users/chris
View file

@ -1 +0,0 @@
../../../../../../sops/users/chris

1
vars/per-machine/ulmo/sonarr/config.env/machines/ulmo
View file

@ -1 +0,0 @@
../../../../../../sops/machines/ulmo

1
vars/per-machine/ulmo/sonarr/config.env/users/chris
View file

@ -1 +0,0 @@
../../../../../../sops/users/chris