diff --git a/.jq/table.jq b/.jq/table.jq index 04f80c6..5c58aef 100644 --- a/.jq/table.jq +++ b/.jq/table.jq @@ -24,12 +24,13 @@ def to_cells(sizes; fn): def to_cells(sizes): to_cells(sizes; null); def to_line(left; joiner; right): - [left, .[0], (.[1:] | map([joiner, .]) ), right] | flatten | join(""); + [left, .[1], (.[1:] | map([joiner, .]) ), right] | flatten | join(""); def create(data; header_callback; cell_callback): - (data[0] | keys_unsorted) as $keys + (data[0] | to_entries | map(.key)) as $keys + | ([$keys]) as $header | (data | map(to_entries | map(.value))) as $rows - | ([$keys] + $rows) as $cells + | ($header + $rows) as $cells | ( $keys # Use keys so that we have an array of the correct size | to_entries diff --git a/.just/machine.just b/.just/machine.just index 098d879..d07986b 100644 --- a/.just/machine.just +++ b/.just/machine.just @@ -8,4 +8,4 @@ [no-exit-message] @update machine: just assert '-d "../systems/x86_64-linux/{{ machine }}"' "Machine {{ machine }} does not exist, must be one of: $(ls ../systems/x86_64-linux/ | sed ':a;N;$!ba;s/\n/, /g')" - nixos-rebuild switch -L --sudo --target-host {{ machine }} --build-host {{ machine }} --flake ..#{{ machine }} --log-format internal-json -v |& nom --json + nixos-rebuild switch -L --sudo --target-host {{ machine }} --flake ..#{{ machine }} --log-format internal-json -v |& nom --json diff --git a/.just/users.just b/.just/users.just index e798cc3..486ac67 100644 --- a/.just/users.just +++ b/.just/users.just @@ -2,9 +2,8 @@ set unstable := true set quiet := true _default: - just --list users + just --list -[doc('List available users')] [script] list: cd .. && just vars get ulmo zitadel/users | jq -r -C ' @@ -26,7 +25,6 @@ list: | join("\n\nā”„ā”„ā”„\n\n") '; -[doc('Add a new user')] [script] add: exec 5>&1 @@ -49,10 +47,10 @@ add: jq -r 'to_entries | map(.key)[]' <<< "$data" \ | gum choose --header 'Which organisation to save to?' --select-if-one ` - username=`input 'user name' ''` - email=`input 'email' ''` - first_name=`input 'first name' ''` - last_name=`input 'last name' ''` + username=`input 'user name' 'new-user'` + email=`input 'email' 'new.user@example.com'` + first_name=`input 'first name' 'John'` + last_name=`input 'last name' 'Doe'` user_exists=`jq --arg 'org' "$org" --arg 'username' "$username" '.[$org][$username]? | . != null' <<< "$data"` @@ -74,7 +72,6 @@ add: gum spin --title "saving..." -- echo "$(cd .. && just vars set ulmo 'zitadel/users' "$next")" -[doc('Remove a new user')] [script] remove: data=`cd .. && just vars get ulmo zitadel/users | jq fromjson` diff --git a/.just/vars.just b/.just/vars.just index 1ddfbfd..230f00c 100644 --- a/.just/vars.just +++ b/.just/vars.just @@ -4,17 +4,15 @@ set quiet := true base_path := invocation_directory() / "systems/x86_64-linux" _default: - just --list vars + just --list -[doc('List all vars of {machine}')] +[doc('list all vars of the target machine')] list machine: sops decrypt {{ base_path }}/{{ machine }}/secrets.yml -[doc('Edit all vars of {machine} in your editor')] edit machine: sops edit {{ base_path }}/{{ machine }}/secrets.yml -[doc('Set var {value} by {key} for {machine}')] @set machine key value: sops set {{ base_path }}/{{ machine }}/secrets.yml "$(printf '%s\n' '["{{ key }}"]' | sed -E 's#/#"]["#g; s/\["([0-9]+)"\]/[\1]/g')" "\"$(echo '{{ value }}' | sed 's/\"/\\\"/g')\"" @@ -23,11 +21,9 @@ edit machine: echo "Done" -[doc('Get var value by {key} of {machine}')] get machine key: sops decrypt {{ base_path }}/{{ machine }}/secrets.yml | yq ".$(echo "{{ key }}" | sed -E 's/\//./g')" -[doc('Remove var by {key} for {machine}')] remove machine key: sops unset {{ base_path }}/{{ machine }}/secrets.yml "$(printf '%s\n' '["{{ key }}"]' | sed -E 's#/#"]["#g; s/\["([0-9]+)"\]/[\1]/g')" @@ -35,28 +31,3 @@ remove machine key: git commit -m 'chore(secrets): removed secret "{{ key }}" from machine "{{ machine }}"' -- {{ base_path }}/{{ machine }}/secrets.yml > /dev/null echo "Done" - -[script] -check: - for machine in $(ls {{ base_path }}); do - [ -f "{{ base_path }}/$machine/secrets.yml" ] || continue - [ -f "{{ base_path }}/$machine/default.nix" ] || continue - - echo "Processing $machine" - - mapfile -t missing < <(jq -nr \ - --rawfile defined <(nix eval --json --apply 'builtins.attrNames' ..#nixosConfigurations.$machine.config.sops.secrets 2>/dev/null) \ - --rawfile configured <(sops decrypt {{ base_path }}/$machine/secrets.yml | yq '.') \ - ' - $defined | fromjson as $def - | $configured - | fromjson - | paths(scalars) - | join("/") - | select(. | IN($def[]) | not) - ') - - if (( ${#missing[@]} > 0 )); then - printf 'missing the following %d secret(s):\n%s\n\n' "${#missing[@]}" "$(printf -- '- %s\n' "${missing[@]}")" - fi - done diff --git a/flake.lock b/flake.lock index 5faa0c0..ae2abb3 100644 --- a/flake.lock +++ b/flake.lock @@ -83,11 +83,11 @@ "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1771802456, - "narHash": "sha256-Ku3vdfRr0JBcTbcu8oNSVYNLLDVrIlDXvuYv0qZaJvg=", - "rev": "e1f0211652ba266dc0ca504fe3c4775d8cad16f8", + "lastModified": 1770634898, + "narHash": "sha256-v05MDDR9Sv8adHsMTNoCHOy4DH5nqOtvaGMeKk4sC4s=", + "rev": "5edc04cc6a1183ad85322deed75a9d4824f7e9f7", "type": "tarball", - "url": "https://git.clan.lol/api/v1/repos/clan/clan-core/archive/e1f0211652ba266dc0ca504fe3c4775d8cad16f8.tar.gz" + "url": "https://git.clan.lol/api/v1/repos/clan/clan-core/archive/5edc04cc6a1183ad85322deed75a9d4824f7e9f7.tar.gz" }, "original": { "type": "tarball", @@ -125,11 +125,11 @@ ] }, "locked": { - "lastModified": 1771586574, - "narHash": "sha256-Nzay8rHhCrlFaIiDqlTpEiKZZTUOQsdZJ8wdB+lrJro=", - "rev": "17da134c02b2e92e10ffcbcb4870e5cde0a6c6f7", + "lastModified": 1770409579, + "narHash": "sha256-reWzIb3dxJnLcwBEuT6khzEDvCiBCVTiqBR9C4vH/jg=", + "rev": "5065ddc67a7009fb81a29f43aa056b2a4552ed96", "type": "tarball", - "url": "https://git.clan.lol/api/v1/repos/clan/data-mesher/archive/17da134c02b2e92e10ffcbcb4870e5cde0a6c6f7.tar.gz" + "url": "https://git.clan.lol/api/v1/repos/clan/data-mesher/archive/5065ddc67a7009fb81a29f43aa056b2a4552ed96.tar.gz" }, "original": { "type": "tarball", @@ -144,11 +144,11 @@ ] }, "locked": { - "lastModified": 1771469470, - "narHash": "sha256-GnqdqhrguKNN3HtVfl6z+zbV9R9jhHFm3Z8nu7R6ml0=", + "lastModified": 1769524058, + "narHash": "sha256-zygdD6X1PcVNR2PsyK4ptzrVEiAdbMqLos7utrMDEWE=", "owner": "nix-community", "repo": "disko", - "rev": "4707eec8d1d2db5182ea06ed48c820a86a42dc13", + "rev": "71a3fc97d80881e91710fe721f1158d3b96ae14d", "type": "github" }, "original": { @@ -164,11 +164,11 @@ "tiny-audio-player": "tiny-audio-player" }, "locked": { - "lastModified": 1771529616, - "narHash": "sha256-FiVKf4ZSHCcHOKkQAaIcjQGWiTnlepv5462Djk10BeY=", + "lastModified": 1770584961, + "narHash": "sha256-5/ZAb9j1ih+14Ma34iNOgotA3BjQpayqg1O9+e2d7jU=", "owner": "emmanuelrosa", "repo": "erosanix", - "rev": "ed5217725bf19acfb594be8a4a653e3f576a3397", + "rev": "394debf46a32b883dc572472cbda18482eb2de92", "type": "github" }, "original": { @@ -185,11 +185,11 @@ "rust-analyzer-src": "rust-analyzer-src" }, "locked": { - "lastModified": 1771743970, - "narHash": "sha256-eri4eY0fUouYxBgWxJAJzG+xTGXVI7VeNJGcJrqpEt0=", + "lastModified": 1770621632, + "narHash": "sha256-pp7visGpp5SYL1O/eF1ZyiSqk4AJ5xkEJXw7pw0f4EI=", "owner": "nix-community", "repo": "fenix", - "rev": "2af8ae8bbe91833a54bd3b9cc24c326b66972a8e", + "rev": "de681afb16166786926b05a0b528545ad511507a", "type": "github" }, "original": { @@ -205,11 +205,11 @@ "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1771811831, - "narHash": "sha256-adtW0jeSg/uZ6anL1mhK+kHAPpYR1+X5kmL6ZtDrQkw=", + "lastModified": 1770642320, + "narHash": "sha256-CgL4Y8mdt7ty4uxp4NfUXKhrSar6TMUtCgmh0M16JGo=", "owner": "nix-community", "repo": "flake-firefox-nightly", - "rev": "0cd9d065adab3b7d12747ba54cbf0e9b4154351f", + "rev": "aef5ff9c6122e50fcef4e06d73435cb6cbfbc888", "type": "github" }, "original": { @@ -363,11 +363,11 @@ ] }, "locked": { - "lastModified": 1769996383, - "narHash": "sha256-AnYjnFWgS49RlqX7LrC4uA+sCCDBj0Ry/WOJ5XWAsa0=", + "lastModified": 1768135262, + "narHash": "sha256-PVvu7OqHBGWN16zSi6tEmPwwHQ4rLPU9Plvs8/1TUBY=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "57928607ea566b5db3ad13af0e57e921e6b12381", + "rev": "80daad04eddbbf5a4d883996a73f3f542fa437ac", "type": "github" }, "original": { @@ -552,11 +552,11 @@ ] }, "locked": { - "lastModified": 1771538633, - "narHash": "sha256-MBA5xFLd4dXdNwCYintpO7yBm2xj92PagsNmYpw+tSg=", + "lastModified": 1770420941, + "narHash": "sha256-aWgduwwaVAgdbGInybYpD7zWY1WXs1ZM7vQkkpfWKyk=", "owner": "himmelblau-idm", "repo": "himmelblau", - "rev": "a734234d38833fc4d0522e79e308daf99bd5f1e1", + "rev": "a6a15bc28852010c2aaa643991123d0e4ab06692", "type": "github" }, "original": { @@ -572,11 +572,11 @@ ] }, "locked": { - "lastModified": 1771756436, - "narHash": "sha256-Tl2I0YXdhSTufGqAaD1ySh8x+cvVsEI1mJyJg12lxhI=", + "lastModified": 1770642890, + "narHash": "sha256-XWWHZEy5ZYMOx5hVuz+oeKtKDfv7syl7dwKCBx0LqzA=", "owner": "nix-community", "repo": "home-manager", - "rev": "5bd3589390b431a63072868a90c0f24771ff4cbb", + "rev": "13a1beb7c9962e0d2ba35a4d5c87546509b89b7d", "type": "github" }, "original": { @@ -593,11 +593,11 @@ ] }, "locked": { - "lastModified": 1771756436, - "narHash": "sha256-Tl2I0YXdhSTufGqAaD1ySh8x+cvVsEI1mJyJg12lxhI=", + "lastModified": 1769872935, + "narHash": "sha256-07HMIGQ/WJeAQJooA7Kkg1SDKxhAiV6eodvOwTX6WKI=", "owner": "nix-community", "repo": "home-manager", - "rev": "5bd3589390b431a63072868a90c0f24771ff4cbb", + "rev": "f4ad5068ee8e89e4a7c2e963e10dd35cd77b37b7", "type": "github" }, "original": { @@ -614,11 +614,11 @@ ] }, "locked": { - "lastModified": 1771587792, - "narHash": "sha256-XGFLdlLOez7f0rmjlF+1TLXyBguy8gx2aBHx/Q5JXxs=", + "lastModified": 1770620462, + "narHash": "sha256-6oT0qd5nRpn+smwnUWgiYgN8+PCyNxjRCiaWkqlijAc=", "owner": "Jovian-Experiments", "repo": "Jovian-NixOS", - "rev": "b49fc54950e251f166a2240799315033ab7a8916", + "rev": "d58e0f3603bca6caf57aff6bf3c7705004e46f93", "type": "github" }, "original": { @@ -633,11 +633,11 @@ "nixpkgs-lib": "nixpkgs-lib" }, "locked": { - "lastModified": 1771765102, - "narHash": "sha256-RLvOaBEoxgPnGZn9ULbb6xXs98AgiOyPZQpB44XyLvA=", + "lastModified": 1770555544, + "narHash": "sha256-ebtYu7XDrNMKgQ1ZStwHbD53uofYKVZudhuvMCXR3NA=", "owner": "nix-community", "repo": "lib-aggregate", - "rev": "55efa4ba1ddbbe046a4afd17b51867c5348bdce8", + "rev": "724c7b7f76794102b60482233a0e226056ca5b0c", "type": "github" }, "original": { @@ -667,11 +667,11 @@ }, "mnw": { "locked": { - "lastModified": 1770419553, - "narHash": "sha256-b1XqsH7AtVf2dXmq2iyRr2NC1yG7skY7Z6N2MpWHlK4=", + "lastModified": 1769981889, + "narHash": "sha256-ndI7AxL/6auelkLHngdUGVImBiHkG8w2N2fOTKZKn4k=", "owner": "Gerg-L", "repo": "mnw", - "rev": "2aaffa8030d0b262176146adbb6b0e6374ce2957", + "rev": "332fed8f43b77149c582f1782683d6aeee1f07cf", "type": "github" }, "original": { @@ -729,11 +729,11 @@ ] }, "locked": { - "lastModified": 1771520882, - "narHash": "sha256-9SeTZ4Pwr730YfT7V8Azb8GFbwk1ZwiQDAwft3qAD+o=", + "lastModified": 1770184146, + "narHash": "sha256-DsqnN6LvXmohTRaal7tVZO/AKBuZ02kPBiZKSU4qa/k=", "owner": "nix-darwin", "repo": "nix-darwin", - "rev": "6a7fdcd5839ec8b135821179eea3b58092171bcf", + "rev": "0d7874ef7e3ba02d58bebb871e6e29da36fa1b37", "type": "github" }, "original": { @@ -771,11 +771,11 @@ "systems": "systems_3" }, "locked": { - "lastModified": 1771641457, - "narHash": "sha256-TIekRGfeCwuEmYcWex40RTx0Gd46pqmyUtxdFKb5juI=", + "lastModified": 1770520993, + "narHash": "sha256-ks1ZFBYlBmQ4CAM4WSmCFUtkUJzbmJ0VJH/JkKVMPqY=", "owner": "Infinidoge", "repo": "nix-minecraft", - "rev": "c4e2b8969e09067da9d44b6b5762e1e896418f40", + "rev": "b32f4325880b4fac47b8736161a8f032dd248b70", "type": "github" }, "original": { @@ -856,11 +856,11 @@ ] }, "locked": { - "lastModified": 1771563879, - "narHash": "sha256-vA5hocvdGhr+jfBN7A7ogeZqIz2qx01EixXwdVsQcnE=", + "lastModified": 1770645108, + "narHash": "sha256-j19Q1HZNfMxoG1WOGFUF1HPZ/wHkVlLDqjvNhrq5frA=", "owner": "nix-community", "repo": "nixos-wsl", - "rev": "379d20c55f552e91fb9f3f0382e4a97d3f452943", + "rev": "7cfb408f6a5cd243a727aa3397f4c04f5bfccf28", "type": "github" }, "original": { @@ -887,11 +887,11 @@ }, "nixpkgs-lib": { "locked": { - "lastModified": 1771723719, - "narHash": "sha256-e+/T/pmEkLP6BHhYjx6GmwP5ivonQQn0bJdH9YrRB+Q=", + "lastModified": 1770515899, + "narHash": "sha256-hbmM5OSFCXIyoYvmZyQL9mjQ2mh/L1+2/4gf/BpXWNE=", "owner": "nix-community", "repo": "nixpkgs.lib", - "rev": "36b8fcb216736b0e1869740b324ae521e5df23d8", + "rev": "fd928847a8e03461e4b37699e6218539b610217d", "type": "github" }, "original": { @@ -902,11 +902,11 @@ }, "nixpkgs_10": { "locked": { - "lastModified": 1771207753, - "narHash": "sha256-b9uG8yN50DRQ6A7JdZBfzq718ryYrlmGgqkRm9OOwCE=", + "lastModified": 1770380644, + "narHash": "sha256-P7dWMHRUWG5m4G+06jDyThXO7kwSk46C1kgjEWcybkE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "d1c15b7d5806069da59e819999d70e1cec0760bf", + "rev": "ae67888ff7ef9dff69b3cf0cc0fbfbcd3a722abe", "type": "github" }, "original": { @@ -934,11 +934,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1771742218, - "narHash": "sha256-ofVOq6pFrLkIE6YanvUDElZJRwjSSJaTuilqhdnatMA=", + "lastModified": 1770625969, + "narHash": "sha256-3ESg5ra+raxilFcmJw1vihoGS7Abet1v0OpVn1MxPzU=", "owner": "nixos", "repo": "nixpkgs", - "rev": "aaf43e7c58bb8093a6325ef1d7b4af616779abc5", + "rev": "69ecaffa7deb4daa5a83cb813f8251665e3af93e", "type": "github" }, "original": { @@ -981,11 +981,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1771829251, - "narHash": "sha256-aCGm04/IRKKAy9qzvSOjSOkcYmNEjaoClo/9FygDp2Y=", + "lastModified": 1770645638, + "narHash": "sha256-O0Saxnde4K+jWBkZzM+UBknFXlcCzrDXvJkTGZumEOo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "cb31c55b2ba66c33f94d251251c37802ff5b1dab", + "rev": "3ebfe71ecd51e74346d2cf863d0ff1d4a3ff69be", "type": "github" }, "original": { @@ -1029,11 +1029,11 @@ }, "nixpkgs_8": { "locked": { - "lastModified": 1771369470, - "narHash": "sha256-0NBlEBKkN3lufyvFegY4TYv5mCNHbi5OmBDrzihbBMQ=", + "lastModified": 1770562336, + "narHash": "sha256-ub1gpAONMFsT/GU2hV6ZWJjur8rJ6kKxdm9IlCT0j84=", "owner": "nixos", "repo": "nixpkgs", - "rev": "0182a361324364ae3f436a63005877674cf45efb", + "rev": "d6c71932130818840fc8fe9509cf50be8c64634f", "type": "github" }, "original": { @@ -1045,11 +1045,11 @@ }, "nixpkgs_9": { "locked": { - "lastModified": 1771008912, - "narHash": "sha256-gf2AmWVTs8lEq7z/3ZAsgnZDhWIckkb+ZnAo5RzSxJg=", + "lastModified": 1769461804, + "narHash": "sha256-msG8SU5WsBUfVVa/9RPLaymvi5bI8edTavbIq3vRlhI=", "owner": "nixos", "repo": "nixpkgs", - "rev": "a82ccc39b39b621151d6732718e3e250109076fa", + "rev": "bfc1b8a4574108ceef22f02bafcf6611380c100d", "type": "github" }, "original": { @@ -1094,11 +1094,11 @@ "systems": "systems_4" }, "locked": { - "lastModified": 1771704400, - "narHash": "sha256-8U9xnN4HdxPfAXAft3lBsArWSv1ZTTxJci1lOA/xpno=", + "lastModified": 1770572967, + "narHash": "sha256-uQ4g+gypEXoNE6bgQq1UP3mrwUNuemhdD3A7G9tbchk=", "owner": "notashelf", "repo": "nvf", - "rev": "5c38b357da7e8c870350cd1847fb5b2602a28eb0", + "rev": "7a2c7c23966122eac80620dd503bf2b1163ed6d4", "type": "github" }, "original": { @@ -1117,11 +1117,11 @@ ] }, "locked": { - "lastModified": 1770766818, + "lastModified": 1769956244, "narHash": "sha256-12RCFLyAedyMOdenUi7cN3ioJPEGjA/ZG1BLjugfUVs=", "owner": "nix-community", "repo": "plasma-manager", - "rev": "44b928068359b7d2310a34de39555c63c93a2c90", + "rev": "fe54ea85c6e4413fba03b84d50f2b431d2f7c831", "type": "github" }, "original": { @@ -1159,11 +1159,11 @@ "rust-analyzer-src": { "flake": false, "locked": { - "lastModified": 1771639390, - "narHash": "sha256-igbphgls7JmrblWCIbgBGcL/ZWj0Iv+InySvuhLC5Ew=", + "lastModified": 1770616416, + "narHash": "sha256-S6qG5sNG76JitdRRY0dyEq9+n+4TJuqKrFrtTpripAo=", "owner": "rust-lang", "repo": "rust-analyzer", - "rev": "af68fc6e782f218c262a8e7e5718ce7276f697a2", + "rev": "c75729db6845c73605115b18d819917dbf6a8972", "type": "github" }, "original": { @@ -1203,11 +1203,11 @@ ] }, "locked": { - "lastModified": 1771735105, - "narHash": "sha256-MJuVJeszZEziquykEHh/hmgIHYxUcuoG/1aowpLiSeU=", + "lastModified": 1770526836, + "narHash": "sha256-xbvX5Ik+0inJcLJtJ/AajAt7xCk6FOCrm5ogpwwvVDg=", "owner": "Mic92", "repo": "sops-nix", - "rev": "d7755d820f5fa8acf7f223309c33e25d4f92e74f", + "rev": "d6e0e666048a5395d6ea4283143b7c9ac704720d", "type": "github" }, "original": { @@ -1221,11 +1221,11 @@ "nixpkgs": "nixpkgs_10" }, "locked": { - "lastModified": 1771735105, - "narHash": "sha256-MJuVJeszZEziquykEHh/hmgIHYxUcuoG/1aowpLiSeU=", + "lastModified": 1770526836, + "narHash": "sha256-xbvX5Ik+0inJcLJtJ/AajAt7xCk6FOCrm5ogpwwvVDg=", "owner": "Mic92", "repo": "sops-nix", - "rev": "d7755d820f5fa8acf7f223309c33e25d4f92e74f", + "rev": "d6e0e666048a5395d6ea4283143b7c9ac704720d", "type": "github" }, "original": { @@ -1253,11 +1253,11 @@ "tinted-zed": "tinted-zed" }, "locked": { - "lastModified": 1771787992, - "narHash": "sha256-Vg4bGwwenNYI8p3nJTl9FRyeIyrjATeZrZr+GyUSDrw=", + "lastModified": 1770587906, + "narHash": "sha256-N9ZTG3ia7l4iQO+9JlOj+sX4yu6gl7a3aozrlhSIJwQ=", "owner": "nix-community", "repo": "stylix", - "rev": "30054cca073b49b42a71289edec858f535b27fe9", + "rev": "72e6483a88d51471a6c55e1d43e7ed2bc47a76a4", "type": "github" }, "original": { @@ -1380,11 +1380,11 @@ "systems": "systems_7" }, "locked": { - "lastModified": 1771504637, - "narHash": "sha256-qPYBCcvws0cqVf4blYyxQ6JNxOdvUPK41s2sfqk6wL0=", + "lastModified": 1762472226, + "narHash": "sha256-iVS4sxVgGn+T74rGJjEJbzx+kjsuaP3wdQVXBNJ79A0=", "owner": "terranix", "repo": "terranix", - "rev": "f3d77064bd135823a30916a1e63b90b7fe4453ac", + "rev": "3b5947a48da5694094b301a3b1ef7b22ec8b19fc", "type": "github" }, "original": { @@ -1482,11 +1482,11 @@ ] }, "locked": { - "lastModified": 1771529133, - "narHash": "sha256-nnd13UkxEGBNCJUpSinNyoDfB1BjhSGnWN8llDM9AW8=", + "lastModified": 1770584247, + "narHash": "sha256-awRLWslBvfUSreLt0IMyFYHJkvlb3roCtyMtKA47wmk=", "owner": "emmanuelrosa", "repo": "tiny_audio_player", - "rev": "21b191dce6be77dcf0f5baa69564b7e33905c653", + "rev": "1efef4ed191f4c9589ccd397b36feb9bc906c459", "type": "github" }, "original": { @@ -1524,11 +1524,11 @@ ] }, "locked": { - "lastModified": 1771829403, - "narHash": "sha256-y6SCyTHx3mfeJphVAP9IcYwmd81l7Owv1WObibVcexw=", + "lastModified": 1770568363, + "narHash": "sha256-RJ/C24wN7LyuMmBgvIutA/PqXXceZtJtUCuZSaTjF/4=", "owner": "0xc000022070", "repo": "zen-browser-flake", - "rev": "16e6705c152f28f380aac601c705fbe905a58b44", + "rev": "2ada8a826ea88512387a5a17ee96f16369bcdd80", "type": "github" }, "original": { diff --git a/modules/nixos/services/authentication/zitadel/default.nix b/modules/nixos/services/authentication/zitadel/default.nix index aaf64f6..c0d9dc5 100644 --- a/modules/nixos/services/authentication/zitadel/default.nix +++ b/modules/nixos/services/authentication/zitadel/default.nix @@ -444,7 +444,8 @@ in |> withRef "org" org |> toResource "${org}_${name}" ) - |> append [ + |> append + [ (forEach "local.extra_users" [ "org" "name" ] { orgId = lib.tfRef "local.orgs[each.value.org]"; userName = lib.tfRef "each.value.name"; diff --git a/modules/nixos/services/persistance/postgesql/default.nix b/modules/nixos/services/persistance/postgesql/default.nix index 403c07c..dbd6604 100644 --- a/modules/nixos/services/persistance/postgesql/default.nix +++ b/modules/nixos/services/persistance/postgesql/default.nix @@ -1,19 +1,14 @@ -{ - config, - lib, - pkgs, - namespace, - ... -}: let +{ config, lib, pkgs, namespace, ... }: +let inherit (lib) mkIf mkEnableOption; cfg = config.${namespace}.services.persistance.postgresql; -in { +in +{ options.${namespace}.services.persistance.postgresql = { enable = mkEnableOption "Postgresql"; }; - # Access db with `psql -U postgres` config = mkIf cfg.enable { services = { postgresql = { diff --git a/systems/x86_64-linux/ulmo/secrets.yml b/systems/x86_64-linux/ulmo/secrets.yml index 10fa4c9..646c768 100644 --- a/systems/x86_64-linux/ulmo/secrets.yml +++ b/systems/x86_64-linux/ulmo/secrets.yml @@ -4,7 +4,7 @@ email: zitadel: masterKey: ENC[AES256_GCM,data:4MPvBo407qrS7NF4oUTf84tZoPkSRmiHdD7qpkYeHME=,iv:H2NIAN0xBUDqnyco9gA3zYAsKtSeA/JpqYrPhc1eqc0=,tag:6OFGDfsucG5gDerImgpuXA==,type:str] nix: {} - users: ENC[AES256_GCM,data:GeuYaMNy5UICpYsJs95YCzKjtZxMQDpTTKjU9BDTTBToFir9Rn04QxNi6Wj1I3h2FcS63kbHWaP/W307kDoOQPBZrvrQMi2zSc8+/ivYGmAMhzt2kYXECKt7+YDf9cn9f3D6KV0NSh5UqlpZvDfYXSc/6q2gHOMV3bPvMEf+uxxUEf06kzLH7HpnjExgmUcOM6uVNAudf7HgJ1h/JzUzHq/XLPoVAuyj2TbaHwvRCk+YqLJZw1D+8z3MkpZsdNF57quEZfDPahg371l1wzvZMH5sfFuSzUajD3lbIGRiV0o9PpmBp4qwnU63EkFy1wqhMjXjoviPqouRyZb+fDzxkDoyMuhAYjHcIuSlAs3/5htO2CzOCQL1t6cfEGaxG5U4ocHH0b0C5wvqNG5u9NDLbP7AjBS3a9TLPfmjijNBd4xwt/eYCpDkXirv/m/PVQLvbNzzf+zDWDApldxmv5rCxTLR,iv:FqShjMhe8Yzh2RiC991mVhATYZD2rdW3m0js9gQsKC4=,tag:8P7nEFVVY32IFP9C5H4cZA==,type:str] + users: ENC[AES256_GCM,data:yxdJ2PmOJXXCF2NaD1QWLSuwF9AhdIBhLiZDm4GhcTb4sA3zGTyJBw5saH6P5QAwk9ngbOgn8RH0vgeYEJ0z8VzUoCaLWK5xaqLggYgd75ewNQu7Jkh6V/oSHeVfv+6NCRoq4PckHvhBHwQQ4uToaCghUbjX6VJlFSKwSAy6laG30UMIa2Q4hTQHqgVcbjpQUJSu6/ajDz3Ap0MqhCTSOPWKZ9vWZpvRnFhLhsJrTNl0w6zlCuZcy8xqn/zZo4OEuexHr29yFFohbiD9L9CLd0N6NYDMX7eHRjjdB6Ysxfkic9JSWysma/7OwPzg/KK+pQDkNi7ciR+/cT9Gqn73IFpXPvuooe+7wxe4INfGq3iAoRIYSz8=,iv:opqL2iB3sqT+/a03tTzWphFGnwrEwdKybnj/3BNzL3U=,tag:2+CMLgKdsWpPsYrkKAP5hg==,type:str] forgejo: action_runner_token: ENC[AES256_GCM,data:yJ6OnRq5kinbuhvH06K5o3l86EafuBoojMwg/qhP+cgeH+BwPeE+Ng==,iv:IeXJahPxgLNIUFmkgp495tLVh8UyQBmJ2SnVEUhlhHs=,tag:XYQi613CxSp8AQeilJMrsg==,type:str] synapse: @@ -29,7 +29,6 @@ qbittorrent: grafana: oidc_id: ENC[AES256_GCM,data:NVdIgCQ6nz4BSUDJYCKyILtK,iv:tcljy9PzC/yyd7TSdngyJt+uh60uXi2PKu47czErbaQ=,tag:zE4q3dD4UQaHIpGeZ1L48Q==,type:str] oidc_secret: ENC[AES256_GCM,data:b7qILK9ZHW2khtM1Hl/KdjCv3Wq6eOo2Ym/cbjcMB8/3Hn2UelpP4K4lFyiV3bn1/GF6Jl5Z7A0EwMybOx0InA==,iv:3HL/7BiyObwT8DmFxzNPI9CdmCH/4j/4oc9x7qBE1k0=,tag:dBhcq1zLKy6N+jp/v42R4A==,type:str] - secret_key: ENC[AES256_GCM,data:u6IRFV1D/4g+eqQIUPW0QHlkoa+MliymThp34k+QCHqQ247er4bCdgftuWsXgPAPY7DtwFVLG7Do5eBqIiii7g==,iv:FY7LIW0O5/Cp2JvYu17ctInt0rgkzjaPHfxZBs0GTac=,tag:Gtu+ZGAgsi5vzILOKDac1g==,type:str] sabnzbd: sunnyweb: password: ENC[AES256_GCM,data:flw8AahqO1Mx,iv:Qhu8iVWMzzqy18y8dj3aHoBnSZatm74/tYvZ456l2sA=,tag:sCYBdw7kD0zJZFFr5EyPIQ==,type:str] @@ -37,8 +36,6 @@ sabnzbd: apikey: ENC[AES256_GCM,data:j5sPXKbBhMdNHOuoTfZ+c8nGu5JameOgK2z428iLdP01Hi6MvHVaN8Zs8YxMoSBtOjdtIEC8MS+3m1S1rU/P4pCRfZpK5ua1DBHq4l0xROUqokFWjDcAmJJv3pYXl0cQxQcGKQ==,iv:v5hu3gmO1Zn1FfXkHLPGN9f7JOcQjzoQahdqJwfM+xY=,tag:uI1LFcTgcyRgAaTJ1kzKow==,type:str] whisparr: apikey: ENC[AES256_GCM,data:kIGCsd4mszm90PoQMzlSEBKw9Ow0GvP1qdLtwXYKkAb6b65l89v8lMWJ2X1MyD2gJX+P+Bv1F/2BSjUFXErq/UYnp4dAjwKi/ezGCbhjMutDM1FvwFWEHRnR3gjd9uXPWJ8Xhg==,iv:98aPQlcZHJovpnzACDs6RtKblLnHg6wyi+Er5DAowj8=,tag:Tl8jz/pWYWAtBCfoztKdyw==,type:str] -coturn: - secret: ENC[AES256_GCM,data:5RmLZ7vQIAvIzvax8oNJkImQ6vXR+MZ2eqxaBJCBlccnFC1rP16/6UtausXVf0eWysw+fpMW5yEmUtAdyxQoPiBCK8lziAZBdkekQnAvFouBaWy8WIZt6XRa71P4xDCDGudpMiGwGGNt+R9yylez+azaLrLyJM3481RPohDMoOM=,iv:2P83lgxGtHwYr+ApAdHopVfRWagxWlC+nt53API/SiQ=,tag:Qv+A03BE1QvEqJMtORiQVA==,type:str] sops: age: - recipient: age19qfpf980tadguqq44zf6xwvjvl428dyrj46ha3n6aeqddwhtnuqqml7etq @@ -59,7 +56,7 @@ sops: TTRWaHhpNWlkVDFmMFN4ZTNHMUxyNVkKV693pzTKRkZboQCMPr9IyMGSgxfuHXcb Y6BNcp6Qg6PWtX5QI7wRkPNINAK1TEbRBba+b8h6gMmVU4DliQyFiQ== -----END AGE ENCRYPTED FILE----- - lastmodified: "2026-02-24T07:24:41Z" - mac: ENC[AES256_GCM,data:wmTua89j8OYC4lw5nmDgKQy2A31KbI5M8jQxqNicHUEZFnDjo2aloNrpwKz5/lM5EomPvvJEAm2eyV04EmfYqKqmAXbcj2wTl4f6Afzb1X/+uABCvlaHquTXbx6lU8IyA31nHKeBspRX0mED86wrXasOsG34YJdDTa/lAKymjzk=,iv:Qea6St+3XfoVHAuWczK/rF2lEeKQBguRGpfGybdf7lA=,tag:yFufTgb7AG5dhrQH47Y0tA==,type:str] + lastmodified: "2025-12-28T21:28:31Z" + mac: ENC[AES256_GCM,data:vkGMgBkzmA2+xRIOfgUE01XG6jvTMTpm1vWXVHdZ5xE27s2mn8i6C64t1cia0n413qlKLB3y5qcbiHdRVhdLUoZFdBgFTjfixyIXOKZeVJskjJEqg2L0wZGtYIO8Y2KrfPb925qOffr7p0NcMf4c+d6bIqxHFEGb+jR/aWDOMNo=,iv:PK1FHycgOj2wtJt1UfWEAe0mKSBVksu8KWUxljSp2oo=,tag:F/xAAxJLUDqW9Dnwgrd0Rg==,type:str] unencrypted_suffix: _unencrypted version: 3.11.0