From 8c58ff78fe60159c57bcc2f464dcc11389d57215 Mon Sep 17 00:00:00 2001 From: Swarsel Date: Fri, 18 Oct 2024 21:34:09 +0200 Subject: [PATCH] feat: add packer env wars for work --- SwarselSystems.org | 17 +++++++++++ profiles/nbl-imba-2/default.nix | 1 + profiles/optional/home/work.nix | 14 +++++++++ profiles/optional/nixos/work.nix | 2 ++ profiles/server/common/monitoring.nix | 43 +++++++++++++++++++++++++++ 5 files changed, 77 insertions(+) create mode 100644 profiles/server/common/monitoring.nix diff --git a/SwarselSystems.org b/SwarselSystems.org index 3b2f8e6..52e42e6 100644 --- a/SwarselSystems.org +++ b/SwarselSystems.org @@ -1807,6 +1807,7 @@ My work machine. Built for more security, this is the gold standard of my config { command = "nm-applet"; } { command = "teams-for-linux"; } { command = "1password"; } + { command = "feishin"; } ]; sharescreen = "eDP-2"; monitors = { @@ -6731,6 +6732,8 @@ Options that I need specifically at work. There are more options at [[#h:f0b2ea9 export DCAD="$(cat ${config.sops.secrets.dcad.path})" export WSAD="$(cat ${config.sops.secrets.wsad.path})" export IMBAD="$(cat ${config.sops.secrets.imbad.path})" + export DCUSER="dc_adm_schwarzaeugl@IMP.UNIVIE.AC.AT" + export PACKER_SSH_EXTRA_ARGS='"--scp-extra-args"',"\"'-O'\"" ''; browserpass.enable = true; @@ -9258,6 +9261,20 @@ The rest of the settings is at [[#h:bbf2ecb6-c8ff-4462-b5d5-d45b28604ddf][work]] programs = { git.userEmail = "leon.schwarzaeugl@imba.oeaw.ac.at"; + zsh = { + cdpath = [ + "~/Documents/Work" + ]; + dirHashes = { + d = "$HOME/.dotfiles"; + w = "$HOME/Documents/Work"; + s = "$HOME/.dotfiles/secrets"; + pr = "$HOME/Documents/Private"; + ac = "$HOME/.ansible/collections/ansible_collections/vbc/linux/roles"; + }; + }; + + ssh = { matchBlocks = { "uc" = { diff --git a/profiles/nbl-imba-2/default.nix b/profiles/nbl-imba-2/default.nix index 581642f..175aeb7 100644 --- a/profiles/nbl-imba-2/default.nix +++ b/profiles/nbl-imba-2/default.nix @@ -94,6 +94,7 @@ { command = "nm-applet"; } { command = "teams-for-linux"; } { command = "1password"; } + { command = "feishin"; } ]; sharescreen = "eDP-2"; monitors = { diff --git a/profiles/optional/home/work.nix b/profiles/optional/home/work.nix index 4f3599d..898f53e 100644 --- a/profiles/optional/home/work.nix +++ b/profiles/optional/home/work.nix @@ -12,6 +12,20 @@ programs = { git.userEmail = "leon.schwarzaeugl@imba.oeaw.ac.at"; + zsh = { + cdpath = [ + "~/Documents/Work" + ]; + dirHashes = { + d = "$HOME/.dotfiles"; + w = "$HOME/Documents/Work"; + s = "$HOME/.dotfiles/secrets"; + pr = "$HOME/Documents/Private"; + ac = "$HOME/.ansible/collections/ansible_collections/vbc/linux/roles"; + }; + }; + + ssh = { matchBlocks = { "uc" = { diff --git a/profiles/optional/nixos/work.nix b/profiles/optional/nixos/work.nix index 7b59611..7049fcc 100644 --- a/profiles/optional/nixos/work.nix +++ b/profiles/optional/nixos/work.nix @@ -28,6 +28,8 @@ export DCAD="$(cat ${config.sops.secrets.dcad.path})" export WSAD="$(cat ${config.sops.secrets.wsad.path})" export IMBAD="$(cat ${config.sops.secrets.imbad.path})" + export DCUSER="dc_adm_schwarzaeugl@IMP.UNIVIE.AC.AT" + export PACKER_SSH_EXTRA_ARGS='"--scp-extra-args"',"\"'-O'\"" ''; browserpass.enable = true; diff --git a/profiles/server/common/monitoring.nix b/profiles/server/common/monitoring.nix new file mode 100644 index 0000000..b5a7d7e --- /dev/null +++ b/profiles/server/common/monitoring.nix @@ -0,0 +1,43 @@ +{ pkgs, lib, config, ... }: +{ + config = lib.mkIf config.swarselsystems.server.monitoring { + + sops.secrets = { + grafanaadminpass = { + owner = "grafana"; + } + } + users.users.grafana = { + extraGroups = [ "users" ]; + }; + + services.grafana = { + enable = true; + dataDir = "/Vault/data/grafana"; + admin_password = "$__file{/run/secrets/grafanaadminpass}"; + settings = { + http_port = 3000; + http_addr = "127.0.0.1"; + }; + }; + + services.nginx = { + virtualHosts = { + "status.swarsel.win" = { + enableACME = true; + forceSSL = true; + acmeRoot = null; + locations = { + "/" = { + proxyPass = "http://localhost:3000/"; + extraConfig = '' + client_max_body_size 0; + ''; + }; + }; + }; + }; + }; + }; + +}