From caf51025357a05385447d8340f5973302203fe5e Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sat, 5 Nov 2022 16:15:33 +0100 Subject: [PATCH] poseidon: move paperless to hades --- hosts/hades/default.nix | 7 +++++++ hosts/hades/secrets.nix | 3 +++ hosts/poseidon/default.nix | 7 ------- hosts/poseidon/secrets.nix | 3 --- modules/secrets/paperless/admin-password.age | Bin 466 -> 554 bytes modules/secrets/paperless/secret-key.age | 19 ++++++++----------- modules/secrets/secrets.nix | 4 ++-- services/paperless.nix | 4 ++-- 8 files changed, 22 insertions(+), 25 deletions(-) diff --git a/hosts/hades/default.nix b/hosts/hades/default.nix index 27e0673..c44a4a1 100644 --- a/hosts/hades/default.nix +++ b/hosts/hades/default.nix @@ -87,6 +87,13 @@ in { adminpassFile = config.age.secrets."nextcloud/admin-pass".path; }; + paperless = { + enable = true; + port = 8085; + passwordFile = config.age.secrets."paperless/admin-password".path; + secretKeyFile = config.age.secrets."paperless/secret-key".path; + }; + photoprism = { enable = true; port = 8084; diff --git a/hosts/hades/secrets.nix b/hosts/hades/secrets.nix index 7215825..28b5d07 100644 --- a/hosts/hades/secrets.nix +++ b/hosts/hades/secrets.nix @@ -25,6 +25,9 @@ owner = "nextcloud"; }; + "paperless/admin-password" = {}; + "paperless/secret-key" = {}; + "restic-backup/hades-credentials" = {}; "restic-backup/hades-password" = {}; diff --git a/hosts/poseidon/default.nix b/hosts/poseidon/default.nix index d3c263f..037db1e 100644 --- a/hosts/poseidon/default.nix +++ b/hosts/poseidon/default.nix @@ -81,13 +81,6 @@ in { port = 8083; }; - paperless = { - enable = true; - port = 8085; - passwordFile = config.age.secrets."paperless/admin-password".path; - secretKeyFile = config.age.secrets."paperless/secret-key".path; - }; - tailscale = { enable = true; exitNode = true; diff --git a/hosts/poseidon/secrets.nix b/hosts/poseidon/secrets.nix index 1d87c3c..238e7ea 100644 --- a/hosts/poseidon/secrets.nix +++ b/hosts/poseidon/secrets.nix @@ -17,9 +17,6 @@ "lohr/shared-secret" = {}; - "paperless/admin-password" = {}; - "paperless/secret-key" = {}; - "restic-backup/poseidon-credentials" = {}; "restic-backup/poseidon-password" = {}; diff --git a/modules/secrets/paperless/admin-password.age b/modules/secrets/paperless/admin-password.age index 4735d2984922d78ade41ec17d0f52a2ec3c9da7d..62639ad3bf46f4e138e4788df4599b50c711d555 100644 GIT binary patch delta 521 zcmW;IJ&V&|003b8;DjvKK@b-yibpk9+ayhsXcd#D?KNqxO`0ZYP%vpe+FqNceVa7t zU}r^8K|v>R)zv|7a5&JLyg?iUxgQ{i$AKKhK@@+%1JCCZuTDN%UlhGARf4M~+mSs^ z&eFq8#4mGHVx$|`COC6l*)oF#p>J^9hqZs(C`9` z6eb;xLue9mk$fo#niTF=?N(6Jov|k61Up76d{2`G5smUvjYTBI1OK_pR{+oCHq!3I zHh`T}DEbmxNhRe%Y_nOT0Bsp_tkfUlIj=VtV!<#gsJvk2TxJxLO0~sDVn=h;zK}2K zK1}wpe2mwooVTL+c+u)`oEbW3r~x%5*cF4w=5Wo!VncU2o~>k(W$J( zRA#1^c~uUpAmkZ-PFQsjg3{@9vYmG@yG{;8+RQ9mx{@n;W~3WL4K6E8(ZWIun`%xL z@%fqyZGAlT`fI`2*)3Jh1c&#c3%^#6UDLm0ZeF~){Uf!qwzjP)%jLUo=a1g+t?ZnA ze0a1T-?{7EUS&QU{JehuR!E*sJXpTjef#9apH4kRJp29drTs}ex1UXX-#bVgfBy6@ D42HH| delta 432 zcmV;h0Z;y_1kwYLEPrlyNiumcVmM1SX=6`MG*?PZMO8s$QFu!@HE%{TWJp*xH!C-6 zQcF=qSqfEiXhvCfL}XSnOgT1dc`z?9F=|tEP*^iCYjJLIRYG}eV|s3IRC;w;O$seO zAaiqQEoEdfH8n9gAbK`MbvRKVT54@$Pf0~-X>Kw_P+4p;aDOyYXHj=TK}uy%MOQ0T zIdf7rLP2gZWNA@n3P@*4c~wPKPjgpobw)8^GDS>mbW>Gncttl%dNxu~HE?T5M^sKL zaBFT^3N1b$P-k~fcP}kxa%Ew2Wgu8DK_&`fV>e`YZc}ksIYBd4LQg?=HE~*PcX(oB zac6Z-Qc-s^dVg^@ayfTUH+oT1I5bISYhyu0Gc#~=3N0-yAWbnySTS=lF-kacQcF}d zS1@IARx^1rba!V@VsBAzFi>|_GI&jKX=HRo3UFQIF&h$pk`eN4S-hq}t1;j_RuGHs z-D%^p+x5S5kIvnHRH(zIQzDH=r>23MuH%z9j%jj%30*sVwMix{{5} aB+_u ssh-ed25519 k2gHjw hTWIhs//PCC1vsJrn+UL42FtqRzIKAzfQaVF8gU9iAo -B+BnsXp6J/NLViCMTd6vqj+JbTkkahjqabVvPIU5q9g --> ssh-ed25519 z6Eu8Q YMS3Ht3/97IcTJ31XsmnHhKIo41ewzuGAbnhWJA/qWg -8oiUduRgbcjz3EaP0VEUewVirgdoc7XVogscdceE4Ew --> --grease zku kAX26^8 N0 -Z/CvenJrdHzvk/YZq06fR25xnn2plwbUW3WX86yWv1e7IBYSqnKm9snd5VRRK/R3 -1EWv55qpuPBr ---- BRKnk4UzqUkM4po7qwV3omMv2KSEl5RzujwUSIQgQOg -"Be |!ۃʤWH5wL(v]A,lN14kY1 HZP:n+p)Yq/]i5'=؆OF -E -Ξ8"=ŏs(Xr ۀ \ No newline at end of file +-> ssh-ed25519 k2gHjw CoGvifgWo1JvHjx3PKJa3jR3lKrvgvKnTTui1w6UR0I +gcadr6WbTzyrPD3h3oDifFj/pMZKIzUfDXL6e6610Is +-> ssh-ed25519 pX8y2g MBFa4xDU6CaH6amzlGTmFXIcAXLq2xykRd0WkeUEkQo +91jV5LUuhvOVKSg2cz3TMKI2SaZvCTzXL/xyUWbYJAg +-> lkH}'\W;-grease nZ K\MP7 HUsh +vWwsKxuBXKwpTBkYERd7kPo +--- xohFX48WGxRFVYQzdbSl7l2Go90FSUPH5ml6OalKJwQ +sƀh!,(QlkV~U !B0 ~A!2np`L&{}3%{[)t/njb^{1G[G0  mo :naQ\mfG;(S \ No newline at end of file diff --git a/modules/secrets/secrets.nix b/modules/secrets/secrets.nix index 81d7372..c5e3a36 100644 --- a/modules/secrets/secrets.nix +++ b/modules/secrets/secrets.nix @@ -21,8 +21,8 @@ in { "nextcloud/admin-pass.age".publicKeys = [alarsyo hades]; - "paperless/admin-password.age".publicKeys = [alarsyo poseidon]; - "paperless/secret-key.age".publicKeys = [alarsyo poseidon]; + "paperless/admin-password.age".publicKeys = [alarsyo hades]; + "paperless/secret-key.age".publicKeys = [alarsyo hades]; "restic-backup/boreal-password.age".publicKeys = [alarsyo boreal]; "restic-backup/boreal-credentials.age".publicKeys = [alarsyo boreal]; diff --git a/services/paperless.nix b/services/paperless.nix index 415d35e..8a4bd15 100644 --- a/services/paperless.nix +++ b/services/paperless.nix @@ -106,12 +106,12 @@ in { listen = [ # FIXME: hardcoded tailscale IP { - addr = "100.80.61.67"; + addr = "100.115.172.44"; port = 443; ssl = true; } { - addr = "100.80.61.67"; + addr = "100.115.172.44"; port = 80; ssl = false; }