fix cache issues

2024-05-12 09:46:41 +02:00 · 2024-05-12 09:46:41 +02:00 · 8c97d5daf5
commit 8c97d5daf5
parent fad8e51f94
4 changed files with 27 additions and 17 deletions
--- a/fake_flake.nix
+++ b/fake_flake.nix
@ -43,7 +43,7 @@ in
    "${nivSources.agenix}/modules/age.nix"
    "${nivSources.nixos-mailserver}/default.nix"
    "${nivSources.nixos-matrix-modules}/module.nix"
-    "${nivSources.authentik-nix}/module.nix"
+    (import nivSources.authentik-nix).nixosModules.default

    # fixme: ideally we'd not rely on the flake syntax to load the module
    (builtins.getFlake (asGithubRef nivSources.chaotic)).nixosModules.default
@ -134,13 +134,11 @@ in
  nix.settings.extra-substituters = [
    "https://cache.lix.systems"
    "https://nyx.chaotic.cx/"
-    "https://nixcache.grimmauld.de"
  ];

  nix.settings.trusted-public-keys = [
    "cache.lix.systems:aBnZUw8zA7H35Cz2RyKFVs3H4PlGTLawyY5KRbvJR8o="
    "nyx.chaotic.cx-1:HfnXSw4pj95iI/n17rIDy40agHj12WfF+Gqk6SonIT8="
    "chaotic-nyx.cachix.org-1:HfnXSw4pj95iI/n17rIDy40agHj12WfF+Gqk6SonIT8="
-    "nixcache.grimmauld.de:LFBlakr8RYIuVb9I1S0+L9JGyB2THcfbPa0W6srghqo="
  ];
 }
--- a/modules/auth.nix
+++ b/modules/auth.nix
@ -1,25 +1,27 @@
-{ config, ... }:
+<<<<<<< HEAD
+{ config, pkgs ... }:
 let
  inherit (config.serverConfig) vhosts;
  inherit (config.networking) domain;
 in
-{
-
-  services.authentik = {
-    enable = true;
-    # The environmentFile needs to be on the target host!
-    # Best use something like sops-nix or agenix to manage it
-    environmentFile = "/run/secrets/authentik/authentik-env";
-
-    # authentik_env.age
-
+in {
  age.secrets.authentik_env = {
      file = ../secrets/authentik_env.age;
-      owner = "authentik";
-      group = "authentik";
+#      owner = "authentik";
+#      group = "authentik";
      mode = "0600";
    };

+  services.authentik = {
+#    enable = true;
+    # The environmentFile needs to be on the target host!
+    # Best use something like sops-nix or agenix to manage it
+    environmentFile = config.age.secrets.authentik_env.path;
+
+#    authentikComponents = {
+#      staticWorkdirDeps = pkgs.authentikComponents.staticWorkdirDeps;
+ #   };
+
    settings = {
      email = rec {
        host = vhosts.mail_host.host;
--- a/modules/default.nix
+++ b/modules/default.nix
@ -17,6 +17,7 @@ in
    ./discord-matrix-bridge.nix
    ./mastodon.nix
    ./nix_cache.nix
+    ./auth.nix
  ];

  options.serverConfig =
@ -182,6 +183,7 @@ in
        nix_cache_host = {
          host = "nixcache.${domain}";
          port = 5000;
+          accessType = "proxy"; 
        };
        auth_host = {
          host = "auth.${domain}";
--- a/specific/grimm-nixos-laptop/configuration.nix
+++ b/specific/grimm-nixos-laptop/configuration.nix
@ -52,4 +52,12 @@
  networking.hostName = "grimmauld-nixos";

  system.stateVersion = "23.05";
+
+  nix.settings.extra-substituters = [
+    "https://nixcache.grimmauld.de"
+  ];
+
+  nix.settings.trusted-public-keys = [
+    "nixcache.grimmauld.de:LFBlakr8RYIuVb9I1S0+L9JGyB2THcfbPa0W6srghqo="
+  ];
 }