diff --git a/flake.lock b/flake.lock index 10ad178..79af481 100644 --- a/flake.lock +++ b/flake.lock @@ -29,11 +29,11 @@ "fromYaml": "fromYaml" }, "locked": { - "lastModified": 1746562888, - "narHash": "sha256-YgNJQyB5dQiwavdDFBMNKk1wyS77AtdgDk/VtU6wEaI=", + "lastModified": 1755819240, + "narHash": "sha256-qcMhnL7aGAuFuutH4rq9fvAhCpJWVHLcHVZLtPctPlo=", "owner": "SenchoPens", "repo": "base16.nix", - "rev": "806a1777a5db2a1ef9d5d6f493ef2381047f2b89", + "rev": "75ed5e5e3fce37df22e49125181fa37899c3ccd6", "type": "github" }, "original": { @@ -62,11 +62,11 @@ "base16-helix": { "flake": false, "locked": { - "lastModified": 1748408240, - "narHash": "sha256-9M2b1rMyMzJK0eusea0x3lyh3mu5nMeEDSc4RZkGm+g=", + "lastModified": 1760703920, + "narHash": "sha256-m82fGUYns4uHd+ZTdoLX2vlHikzwzdu2s2rYM2bNwzw=", "owner": "tinted-theming", "repo": "base16-helix", - "rev": "6c711ab1a9db6f51e2f6887cc3345530b33e152e", + "rev": "d646af9b7d14bff08824538164af99d0c521b185", "type": "github" }, "original": { @@ -179,11 +179,11 @@ "rust-overlay": "rust-overlay" }, "locked": { - "lastModified": 1764351487, - "narHash": "sha256-7XJcTfz0dPhBd7nfyjcFxT1LIIctJZ2LthiI2Ltd7zY=", + "lastModified": 1764847736, + "narHash": "sha256-FMYnfCH2TMNnTJvbc/mraZpRszIL7nc5YI6w/pWNyNs=", "owner": "chaotic-cx", "repo": "nyx", - "rev": "2031f4a0507d0f7ab3e1aaff4c027a010feee447", + "rev": "e3f8349d60d5daf58951b9ccd089fecb79ea5443", "type": "github" }, "original": { @@ -285,11 +285,11 @@ "treefmt-nix": "treefmt-nix_2" }, "locked": { - "lastModified": 1764456074, - "narHash": "sha256-IQ/pkY49XwY0HayUaTNPWAxPLYQOM/npueJo/RG7wwE=", + "lastModified": 1764981950, + "narHash": "sha256-56P4hKzZhNryIgT0ZDEN3VQPhne2cxXK0ABPQJtq2Zo=", "owner": "Sveske-Juice", "repo": "declarative-jellyfin", - "rev": "bbf90ed0d03d648456ef6cc0e24f6ee23d90931f", + "rev": "b4b072adc66e67089a312003f405008d5964a06d", "type": "github" }, "original": { @@ -405,11 +405,11 @@ ] }, "locked": { - "lastModified": 1764350888, - "narHash": "sha256-6Rp18zavTlnlZzcoLoBTJMBahL2FycVkw2rAEs3cQvo=", + "lastModified": 1764627417, + "narHash": "sha256-D6xc3Rl8Ab6wucJWdvjNsGYGSxNjQHzRc2EZ6eeQ6l4=", "owner": "nix-community", "repo": "disko", - "rev": "2055a08fd0e2fd41318279a5355eb8a161accf26", + "rev": "5a88a6eceb8fd732b983e72b732f6f4b8269bef3", "type": "github" }, "original": { @@ -513,11 +513,11 @@ "firefox-gnome-theme": { "flake": false, "locked": { - "lastModified": 1748383148, - "narHash": "sha256-pGvD/RGuuPf/4oogsfeRaeMm6ipUIznI2QSILKjKzeA=", + "lastModified": 1764724327, + "narHash": "sha256-OkFLrD3pFR952TrjQi1+Vdj604KLcMnkpa7lkW7XskI=", "owner": "rafaelmardojai", "repo": "firefox-gnome-theme", - "rev": "4eb2714fbed2b80e234312611a947d6cb7d70caf", + "rev": "66b7c635763d8e6eb86bd766de5a1e1fbfcc1047", "type": "github" }, "original": { @@ -642,11 +642,11 @@ "flake-compat_6": { "flake": false, "locked": { - "lastModified": 1747046372, - "narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=", + "lastModified": 1761588595, + "narHash": "sha256-XKUZz9zewJNUj46b4AJdiRZJAvSZ0Dqj2BNfXvFlJC4=", "owner": "edolstra", "repo": "flake-compat", - "rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885", + "rev": "f387cd2afec9419c8ee37694406ca490c3f34ee5", "type": "github" }, "original": { @@ -780,11 +780,11 @@ ] }, "locked": { - "lastModified": 1749398372, - "narHash": "sha256-tYBdgS56eXYaWVW3fsnPQ/nFlgWi/Z2Ymhyu21zVM98=", + "lastModified": 1763759067, + "narHash": "sha256-LlLt2Jo/gMNYAwOgdRQBrsRoOz7BPRkzvNaI/fzXi2Q=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "9305fe4e5c2a6fcf5ba6a3ff155720fbe4076569", + "rev": "2cccadc7357c0ba201788ae99c4dfa90728ef5e0", "type": "github" }, "original": { @@ -1046,11 +1046,11 @@ "flake": false, "locked": { "host": "gitlab.gnome.org", - "lastModified": 1763992410, - "narHash": "sha256-m2eZvxpH1ne9OU5x8beHxDq2eDMYzGlsPjl52eYAams=", + "lastModified": 1764524476, + "narHash": "sha256-bTmNn3Q4tMQ0J/P0O5BfTQwqEnCiQIzOGef9/aqAZvk=", "owner": "GNOME", "repo": "gnome-shell", - "rev": "7324473f80529da82962b4459ea2e7367c7e43a2", + "rev": "c0e1ad9f0f703fd0519033b8f46c3267aab51a22", "type": "gitlab" }, "original": { @@ -1069,11 +1069,11 @@ ] }, "locked": { - "lastModified": 1764194569, - "narHash": "sha256-iUM9ktarEzThkayyZrzQ7oycPshAY2XRQqVKz0xX/L0=", + "lastModified": 1764788330, + "narHash": "sha256-hE/gXK+Z0j654T0tsW+KcndRqsgZXe8HyWchjBJgQpw=", "owner": "nix-community", "repo": "home-manager", - "rev": "9651819d75f6c7ffaf8a9227490ac704f29659f0", + "rev": "fca4cba863e76c26cfe48e5903c2ff4bac2b2d5d", "type": "github" }, "original": { @@ -1089,11 +1089,11 @@ ] }, "locked": { - "lastModified": 1764398914, - "narHash": "sha256-YPrpwlVQidzQlMh0OnquaJR+58rKe9YNnuRis293Ilo=", + "lastModified": 1764866045, + "narHash": "sha256-0GsEtXV9OquDQ1VclQfP16cU5VZh7NEVIOjSH4UaJuM=", "owner": "nix-community", "repo": "home-manager", - "rev": "d0c5fdc48db6f19471b8adc954eca09194e68036", + "rev": "f63d0fe9d81d36e5fc95497217a72e02b8b7bcab", "type": "github" }, "original": { @@ -1149,11 +1149,11 @@ ] }, "locked": { - "lastModified": 1764275117, - "narHash": "sha256-DRcv8Y0BnWm4ZhUQnaYk1dNzC6ZhA2W9Vv5Jl4n0RbE=", + "lastModified": 1764746434, + "narHash": "sha256-6ymFuw+Z1C90ezf8H0BP3c2JFZhJYwMq31px2StwWHU=", "owner": "Jovian-Experiments", "repo": "Jovian-NixOS", - "rev": "96023dcc9a0febaaa3b91f447b9ae2fbe86f2923", + "rev": "b4c0b604148adacf119b89824ed26df8926ce42c", "type": "github" }, "original": { @@ -1170,11 +1170,11 @@ "rust-overlay": "rust-overlay_2" }, "locked": { - "lastModified": 1763975256, - "narHash": "sha256-IhdDL+0YwlLz5Ty0EnAxWN/btemN9FxcQbYs/V/8jvs=", + "lastModified": 1764622702, + "narHash": "sha256-HggOVvg2U3EwT44wPHEwFKromf9qR9rTqfV1i3q7rYs=", "owner": "nix-community", "repo": "lanzaboote", - "rev": "6803b15c4ab9df2dcc478254b4adb55524746ac7", + "rev": "6242b3b2b5e5afcf329027ed4eb5fa6e2eab10f1", "type": "github" }, "original": { @@ -1201,11 +1201,11 @@ }, "master": { "locked": { - "lastModified": 1764517271, - "narHash": "sha256-Nng+8Zy+J4QwyYHZcACgvEBotcXPPUzPtMLcULf2Z/4=", + "lastModified": 1765058126, + "narHash": "sha256-Z6Ei8NkLqMZiMPgxIj1Bz+Pxq8tCHhaZ5UGDVYc9+As=", "owner": "nixos", "repo": "nixpkgs", - "rev": "c2a72b9b6a4655cc93f928359dd7d03d6dcf7de1", + "rev": "cf41a7770dad389a72911b927a192c5e2256a549", "type": "github" }, "original": { @@ -1227,11 +1227,11 @@ "xwayland-satellite-unstable": "xwayland-satellite-unstable" }, "locked": { - "lastModified": 1764488513, - "narHash": "sha256-xBUnv+ndZxRbY9mYSPEP0afaZRUVXDFcJx0WMD4ypfs=", + "lastModified": 1765008770, + "narHash": "sha256-7w2Sn3Bgk91Ly+5XJ/OYvTqNVa+8+4Rqma05YM7xnVU=", "owner": "sodiboo", "repo": "niri-flake", - "rev": "9e3bbd170669d10846bae68d23dabef11832f8f2", + "rev": "935080f54490e3e7b1eda731cbe1478744546ea8", "type": "github" }, "original": { @@ -1260,11 +1260,11 @@ "niri-unstable": { "flake": false, "locked": { - "lastModified": 1764485473, - "narHash": "sha256-RlGEcuZFB/IdvYLrYsf0RpgvNtCMyIuBLt3lS+GZvP8=", + "lastModified": 1764966114, + "narHash": "sha256-nC0Fsu4zSdabdR4tHHMCrTgqLms612eEDy5VCdQVZFk=", "owner": "YaLTeR", "repo": "niri", - "rev": "311ca6b5da19f5acd7d3e481620de57240ce8f7c", + "rev": "ba29735fbbd8cf8319c71ccb55b54a0580007c80", "type": "github" }, "original": { @@ -1463,11 +1463,11 @@ "nixpkgs": "nixpkgs_8" }, "locked": { - "lastModified": 1764072830, - "narHash": "sha256-ezkjlUCohD9o9c47Ey0/I4CamSS0QEORTqGvyGqMud0=", + "lastModified": 1764730608, + "narHash": "sha256-FxKIa3OCSRVC23qrk7VT68vExUcmSruJ8OobVlSWOxc=", "owner": "nix-community", "repo": "NixOS-WSL", - "rev": "c7832dd786175e20f2697179e0e03efadffe4201", + "rev": "10124c58674360765adcb38c9a8b081fb72904e4", "type": "github" }, "original": { @@ -1479,11 +1479,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1764242076, - "narHash": "sha256-sKoIWfnijJ0+9e4wRvIgm/HgE27bzwQxcEmo2J/gNpI=", + "lastModified": 1764667669, + "narHash": "sha256-7WUCZfmqLAssbDqwg9cUDAXrSoXN79eEEq17qhTNM/Y=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "2fad6eac6077f03fe109c4d4eb171cf96791faa4", + "rev": "418468ac9527e799809c900eda37cbff999199b6", "type": "github" }, "original": { @@ -1511,16 +1511,16 @@ }, "nixpkgs-stable_2": { "locked": { - "lastModified": 1764316264, - "narHash": "sha256-82L+EJU+40+FIdeG4gmUlOF1jeSwlf2AwMarrpdHF6o=", + "lastModified": 1764831616, + "narHash": "sha256-OtzF5wBvO0jgW1WW1rQU9cMGx7zuvkF7CAVJ1ypzkxA=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "9a7b80b6f82a71ea04270d7ba11b48855681c4b0", + "rev": "c97c47f2bac4fa59e2cbdeba289686ae615f8ed4", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-25.05", + "ref": "nixos-25.11", "repo": "nixpkgs", "type": "github" } @@ -1543,16 +1543,16 @@ }, "nixpkgs_11": { "locked": { - "lastModified": 1764242076, - "narHash": "sha256-sKoIWfnijJ0+9e4wRvIgm/HgE27bzwQxcEmo2J/gNpI=", + "lastModified": 1764522689, + "narHash": "sha256-SqUuBFjhl/kpDiVaKLQBoD8TLD+/cTUzzgVFoaHrkqY=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "2fad6eac6077f03fe109c4d4eb171cf96791faa4", + "rev": "8bb5646e0bed5dbd3ab08c7a7cc15b75ab4e1d0f", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-unstable", + "ref": "nixos-25.11", "repo": "nixpkgs", "type": "github" } @@ -1639,11 +1639,11 @@ }, "nixpkgs_7": { "locked": { - "lastModified": 1763678758, - "narHash": "sha256-+hBiJ+kG5IoffUOdlANKFflTT5nO3FrrR2CA3178Y5s=", + "lastModified": 1764242076, + "narHash": "sha256-sKoIWfnijJ0+9e4wRvIgm/HgE27bzwQxcEmo2J/gNpI=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "117cc7f94e8072499b0a7aa4c52084fa4e11cc9b", + "rev": "2fad6eac6077f03fe109c4d4eb171cf96791faa4", "type": "github" }, "original": { @@ -1655,11 +1655,11 @@ }, "nixpkgs_8": { "locked": { - "lastModified": 1763678758, - "narHash": "sha256-+hBiJ+kG5IoffUOdlANKFflTT5nO3FrrR2CA3178Y5s=", + "lastModified": 1764517877, + "narHash": "sha256-pp3uT4hHijIC8JUK5MEqeAWmParJrgBVzHLNfJDZxg4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "117cc7f94e8072499b0a7aa4c52084fa4e11cc9b", + "rev": "2d293cbfa5a793b4c50d17c05ef9e385b90edf6c", "type": "github" }, "original": { @@ -1671,11 +1671,11 @@ }, "nixpkgs_9": { "locked": { - "lastModified": 1764406085, - "narHash": "sha256-CYbMp8hwuOf4umokSNp+t1s4Hjd4vxXq4S5CD+xvgNs=", + "lastModified": 1764831616, + "narHash": "sha256-OtzF5wBvO0jgW1WW1rQU9cMGx7zuvkF7CAVJ1ypzkxA=", "owner": "nixos", "repo": "nixpkgs", - "rev": "9561691c9f450fad7c3526916e1c4f44be0d1192", + "rev": "c97c47f2bac4fa59e2cbdeba289686ae615f8ed4", "type": "github" }, "original": { @@ -1694,15 +1694,14 @@ "nixpkgs": [ "stylix", "nixpkgs" - ], - "treefmt-nix": "treefmt-nix_3" + ] }, "locked": { - "lastModified": 1751320053, - "narHash": "sha256-3m6RMw0FbbaUUa01PNaMLoO7D99aBClmY5ed9V3vz+0=", + "lastModified": 1764773531, + "narHash": "sha256-mCBl7MD1WZ7yCG6bR9MmpPO2VydpNkWFgnslJRIT1YU=", "owner": "nix-community", "repo": "NUR", - "rev": "cbde1735782f9c2bb2c63d5e05fba171a14a4670", + "rev": "1d9616689e98beded059ad0384b9951e967a17fa", "type": "github" }, "original": { @@ -1721,11 +1720,11 @@ ] }, "locked": { - "lastModified": 1763741496, - "narHash": "sha256-uIRqs/H18YEtMOn1OkbnPH+aNTwXKx+iU3qnxEkVUd0=", + "lastModified": 1763988335, + "narHash": "sha256-QlcnByMc8KBjpU37rbq5iP7Cp97HvjRP0ucfdh+M4Qc=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "20e71a403c5de9ce5bd799031440da9728c1cda1", + "rev": "50b9238891e388c9fdc6a5c49e49c42533a1b5ce", "type": "github" }, "original": { @@ -1743,11 +1742,11 @@ ] }, "locked": { - "lastModified": 1763988335, - "narHash": "sha256-QlcnByMc8KBjpU37rbq5iP7Cp97HvjRP0ucfdh+M4Qc=", + "lastModified": 1765016596, + "narHash": "sha256-rhSqPNxDVow7OQKi4qS5H8Au0P4S3AYbawBSmJNUtBQ=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "50b9238891e388c9fdc6a5c49e49c42533a1b5ce", + "rev": "548fc44fca28a5e81c5d6b846e555e6b9c2a5a3c", "type": "github" }, "original": { @@ -1763,11 +1762,11 @@ ] }, "locked": { - "lastModified": 1764482797, - "narHash": "sha256-ynV90KoBrPe38YFlKAHtPFk4Ee3IANUsIFGxRaq7H/s=", + "lastModified": 1764663772, + "narHash": "sha256-sHqLmm0wAt3PC4vczJeBozI1/f4rv9yp3IjkClHDXDs=", "ref": "refs/heads/master", - "rev": "d24e8e9736287d01ee73ef9d573d2bc316a62d5c", - "revCount": 710, + "rev": "26531fc46ef17e9365b03770edd3fb9206fcb460", + "revCount": 713, "type": "git", "url": "https://git.outfoxxed.me/outfoxxed/quickshell" }, @@ -1872,11 +1871,11 @@ ] }, "locked": { - "lastModified": 1764211126, - "narHash": "sha256-p5y13PnMZYd5WdHk+XCzyUaLGBUCwnz2n4KYKEZM0Pw=", + "lastModified": 1764729618, + "narHash": "sha256-z4RA80HCWv2los1KD346c+PwNPzMl79qgl7bCVgz8X0=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "895935bff08cfcfb663fb9c8263c43596e7cd1ed", + "rev": "52764074a85145d5001bf0aa30cb71936e9ad5b8", "type": "github" }, "original": { @@ -1893,11 +1892,11 @@ ] }, "locked": { - "lastModified": 1763865987, - "narHash": "sha256-DJpzM8Jz3B0azJcAoF+YFHr8rEbxYLJ0wy1kWZ29HOw=", + "lastModified": 1764470739, + "narHash": "sha256-sa9f81B1dWO16QtgDTWHX8DQbiHKzHndpaunY5EQtwE=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "042d905c01a6eec3bcae8530dacb19cda9758a63", + "rev": "3bfa664055e1a09c6aedab5533c5fc8d6ca5741a", "type": "github" }, "original": { @@ -2034,11 +2033,11 @@ "tinted-zed": "tinted-zed" }, "locked": { - "lastModified": 1764464945, - "narHash": "sha256-rofXPD/9TGpHveo1MTlUfpnF0MCG1/uHUB9f0rosdqc=", + "lastModified": 1764982414, + "narHash": "sha256-LqCQL0BVLQYtOIBfWSHkNbRoQ+nCeCdfj7/Ggmb4x3w=", "owner": "danth", "repo": "stylix", - "rev": "1fdde45cb0d30936839a630b98660e1579603951", + "rev": "b1c99fd9525bae86f20018e96d68176002ad18b0", "type": "github" }, "original": { @@ -2203,11 +2202,11 @@ "tinted-schemes": { "flake": false, "locked": { - "lastModified": 1750770351, - "narHash": "sha256-LI+BnRoFNRa2ffbe3dcuIRYAUcGklBx0+EcFxlHj0SY=", + "lastModified": 1763914658, + "narHash": "sha256-Hju0WtMf3iForxtOwXqGp3Ynipo0EYx1AqMKLPp9BJw=", "owner": "tinted-theming", "repo": "schemes", - "rev": "5a775c6ffd6e6125947b393872cde95867d85a2a", + "rev": "0f6be815d258e435c9b137befe5ef4ff24bea32c", "type": "github" }, "original": { @@ -2219,11 +2218,11 @@ "tinted-tmux": { "flake": false, "locked": { - "lastModified": 1751159871, - "narHash": "sha256-UOHBN1fgHIEzvPmdNMHaDvdRMgLmEJh2hNmDrp3d3LE=", + "lastModified": 1764465359, + "narHash": "sha256-lbSVPqLEk2SqMrnpvWuKYGCaAlfWFMA6MVmcOFJjdjE=", "owner": "tinted-theming", "repo": "tinted-tmux", - "rev": "bded5e24407cec9d01bd47a317d15b9223a1546c", + "rev": "edf89a780e239263cc691a987721f786ddc4f6aa", "type": "github" }, "original": { @@ -2235,11 +2234,11 @@ "tinted-zed": { "flake": false, "locked": { - "lastModified": 1751158968, - "narHash": "sha256-ksOyv7D3SRRtebpXxgpG4TK8gZSKFc4TIZpR+C98jX8=", + "lastModified": 1764464512, + "narHash": "sha256-rCD/pAhkMdCx6blsFwxIyvBJbPZZ1oL2sVFrH07lmqg=", "owner": "tinted-theming", "repo": "base16-zed", - "rev": "86a470d94204f7652b906ab0d378e4231a5b3384", + "rev": "907dbba5fb8cf69ebfd90b00813418a412d0a29a", "type": "github" }, "original": { @@ -2291,35 +2290,13 @@ "type": "github" } }, - "treefmt-nix_3": { - "inputs": { - "nixpkgs": [ - "stylix", - "nur", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1733222881, - "narHash": "sha256-JIPcz1PrpXUCbaccEnrcUS8jjEb/1vJbZz5KkobyFdM=", - "owner": "numtide", - "repo": "treefmt-nix", - "rev": "49717b5af6f80172275d47a418c9719a31a78b53", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "treefmt-nix", - "type": "github" - } - }, "unstable": { "locked": { - "lastModified": 1764242076, - "narHash": "sha256-sKoIWfnijJ0+9e4wRvIgm/HgE27bzwQxcEmo2J/gNpI=", + "lastModified": 1764950072, + "narHash": "sha256-BmPWzogsG2GsXZtlT+MTcAWeDK5hkbGRZTeZNW42fwA=", "owner": "nixos", "repo": "nixpkgs", - "rev": "2fad6eac6077f03fe109c4d4eb171cf96791faa4", + "rev": "f61125a668a320878494449750330ca58b78c557", "type": "github" }, "original": { @@ -2405,11 +2382,11 @@ "xwayland-satellite-unstable": { "flake": false, "locked": { - "lastModified": 1764366786, - "narHash": "sha256-yVCJ4Qe/JkdKDu0DddFdAQgDQVeF12nxH7zv3jtooV4=", + "lastModified": 1764721075, + "narHash": "sha256-ChH4nq0cMEEkzkHqKlQt5Z7wxrk8ybcEHuA1YKAYmV0=", "owner": "Supreeeme", "repo": "xwayland-satellite", - "rev": "b362a3873710a42f7ac2d8ba03772d8290733934", + "rev": "1b918e29b419e89910014054e8b71d54c9235ea5", "type": "github" }, "original": { diff --git a/systems/x86_64-linux/stargate/services/ente.nix b/systems/x86_64-linux/stargate/services/ente.nix index 0866392..44ec949 100644 --- a/systems/x86_64-linux/stargate/services/ente.nix +++ b/systems/x86_64-linux/stargate/services/ente.nix @@ -8,6 +8,37 @@ let domain = "ente.kylekrein.com"; in { + sops.secrets."services/minio" = {}; + services.minio = { + enable = true; + # ente's config must match this region! + region = "us-east-1"; + # Please use a file, agenix or sops-nix to securely store your root user password! + # MINIO_ROOT_USER=your_root_user + # MINIO_ROOT_PASSWORD=a_randomly_generated_long_password + rootCredentialsFile = config.sops.secrets."services/minio".path;; + }; + + systemd.services.minio.environment.MINIO_SERVER_URL = "https://s3.kylekrein.com"; + + services.nginx = { + virtualHosts."s3.kylekrein.com" = { + forceSSL = true; + useACME = true; + locations."/".proxyPass = "http://localhost:9000"; + # determine max file upload size + extraConfig = '' + client_max_body_size 16G; + proxy_buffering off; + proxy_request_buffering off; + ''; + }; + }; + sops.secrets."services/ente/minio/user" = {owner = "ente";}; + sops.secrets."services/ente/minio/password" = {owner = "ente";}; + sops.secrets."services/ente/encryption" = {owner = "ente";}; + sops.secrets."services/ente/hash" = {owner = "ente";}; + sops.secrets."services/ente/jwt" = {owner = "ente";}; services.ente = { web = { enable = true; @@ -28,6 +59,25 @@ in apps.accounts = "https://accounts.${domain}"; apps.cast = "https://cast.${domain}"; public-albums = "https://albums.${domain}"; + s3 = { + use_path_style_urls = true; + b2-eu-cen = { + endpoint = "https://s3.kylekrein.com"; + region = "us-east-1"; + bucket = "ente"; + key._secret = config.sops.secrets."services/ente/minio/user".path; + secret._secret = config.sops.secrets."services/ente/minio/password".path; + }; + }; + key = { + # generate with: openssl rand -base64 32 + encryption._secret = config.sops.secrets."services/ente/encryption".path; + # generate with: openssl rand -base64 64 + hash._secret = config.sops.secrets."services/ente/hash".path; + }; + # generate with: openssl rand -base64 32 + jwt.secret._secret = config.sops.secrets."services/ente/jwt".path; + }; }; }; }; diff --git a/systems/x86_64-linux/stargate/services/nginx.nix b/systems/x86_64-linux/stargate/services/nginx.nix index 606a275..1927867 100644 --- a/systems/x86_64-linux/stargate/services/nginx.nix +++ b/systems/x86_64-linux/stargate/services/nginx.nix @@ -41,6 +41,31 @@ in { enableACME = true; forceSSL = true; }; + + "ente.kylekrein.com" = { + enableACME = true; + forceSSL = true; + }; + "accounts.ente.kylekrein.com" = { + enableACME = true; + forceSSL = true; + }; + "api.ente.kylekrein.com" = { + enableACME = true; + forceSSL = true; + }; + "photos.ente.kylekrein.com" = { + enableACME = true; + forceSSL = true; + }; + "albums.ente.kylekrein.com" = { + enableACME = true; + forceSSL = true; + }; + "cast.ente.kylekrein.com" = { + enableACME = true; + forceSSL = true; + }; "matrix.kylekrein.com" = { enableACME = true;