diff --git a/nixosConfigurations/catarina/default.nix b/nixosConfigurations/catarina/default.nix index f5430a5..c9f750d 100644 --- a/nixosConfigurations/catarina/default.nix +++ b/nixosConfigurations/catarina/default.nix @@ -54,6 +54,10 @@ hostPlatform = lib.mkDefault "x86_64-linux"; config.allowUnfree = true; config.cudaSupport = false; + + overlays = [ + (final: prev: {lego = bonPkgs.lego;}) + ]; }; # Services @@ -101,7 +105,7 @@ certs = { "elnafo.ru" = { extraDomainNames = ["*.elnafo.ru"]; - dnsProvider = "webnames"; + dnsProvider = "timewebcloud"; credentialsFile = config.sops.secrets."dns".path; webroot = null; }; diff --git a/nixosModules/misc/bonfire/secrets/catarina.yaml b/nixosModules/misc/bonfire/secrets/catarina.yaml index e448067..91a16a1 100644 --- a/nixosModules/misc/bonfire/secrets/catarina.yaml +++ b/nixosModules/misc/bonfire/secrets/catarina.yaml @@ -1,24 +1,24 @@ -dns: ENC[AES256_GCM,data:x2oHP6nGHnPl5WblPHRcBDQCkhj8FZnr5r+cBdaHyrPKxI71ECYmno/ItV/0opj0eGYamQjrVJkuZBGcQlXMMn9Hp4ImjByaX/zqYrdIjSY2B24h8kvnblsXjF6SlA==,iv:QRbiqpCwQ41pfmn3wwNITWdoMI9FzxShsG+fR5lAbl4=,tag:Rknw+qwLZ8No806ek+2zmQ==,type:str] +dns: ENC[AES256_GCM,data:EVetcwmmWLyshjD42bavC0SZYY331vI23z907+joXCsxwA58qSX70Nh0HTsfHiErRCEuiEb4u+VrekpcRw112F4SVCdQsC3LeDWYtI20sNqseEmJMIo70o+tfVTR+HeVqu1cFnAnhBqB8BjJYqw3tngfM6uj0s8BeXDFkNw87fwxZ/mB9Mzkgc6roRA7MY5v45kJHPAcRtVG4kuTHAkIcMstEQkipmWvHrVmXMSVV8T/Kh4ghGseHwdYPplwJXFUBJIJSP+xJPFI3gBGAy3Rhql3ME5oDORKT5W2lXZSy6gFchhvjzazzEgEUwIrH11FogkE6lTjtj0waksFch2VE3k1yMDfMCZO/CPTnU4FGGGs20WMZgdDH8+P8+zCgqp4DInHwWBAzJVUw5WywdhFowZ8B7j0/j3CiXh1CJJHPbHGR4Y13Jz6fljmAj0B7H5MgfhcW4wngI8JcNkAnN1j7sDX7YiVCUiXgVeVKm4klqNjI5c9HKEXeiUa+rHwPSNKaEFrIPzZbgoKNxaErgtPN4wAuBWcpy3O+Bcd2zcc4+5Fw4hKpuu7SJTRmcabuL5TMcI/btet+QDXF5pyBQ3FMOPzbejoOZGbArbhci7ASSPhRowUViKWwdIo02kwB3lwY7wKuum0CUvVMdDBhoR7MNlc4zclaKt/LMAhugizu0jhbbbpEqp+J+g6XMoN5lZRlGd3EyGI52ji4rupwpVYqWI9vpc3E5VW7ao2D+YZgmGiNKUGh9eO626CxnpRqbtn+uw3SqkovELldFQQEY6xlt5yK2bdZ9gNZBH1dFuYKnxsfkKcDvQi9WNqJ5qvIw4Add4WMhTLGFWdKpUQFdxcGEbGZHqXRLKc4psUb+nQkQIsEs84tjFr2pScbafj1vvbDw6AfCpVrw28y4e6lpE+qDaehu6m5Jg7VtP7ZGfDNH0IDFueeRT5bg00lmucs3DKoK2Pp1Xu2YOV0N4bJ3o82f1kNaLO9tSGOMw9HOpHIK5t64NWSQ/3MVaiEqqE579y3sRp/a4ulcS1AwAiK5MErKbGpP/HJ5oy+7oU9E1gfkfs4vXdqQPsqDsqkPqiSKFPLacxX75oTcdq2foMnL2NlO4gT/UWfGjK4FceYFrSOk/XRRh6IoZlViWXHuWRGPcSdfEc3k67gwV5VhIWP0ZIK/vVdT7vCOUsJI0vRO7jgK0C0xLFz0oPJa5XzZGVJzzOM43IBW4p0jvzg1HmoZUZTGm/TqUrVkpEecCPkuEjbA6XD5EWqCJbxcj78VoUdqvc7CXKIPCp1orWN+Q2pUfmwe8dxle3EOui7eEhiUrS9w3OjBrbWc1xd9X3htJ+mjKQoC/e7L3t6aiVRBF1YsGYsHkRk/bFkxLOcaKm8u1iqPsu4JtxiQ==,iv:wyFBv+9aW7XB7B2cziNXymdu/njW6ALaQ/rSwtHRszw=,tag:xLm9P41eHZk/sEJt/Ov6Fw==,type:str] users: - root: ENC[AES256_GCM,data:NIWAU+rCD7ShRU+ZMWw7D1XlNdhL9iwu6MP53edBFeCdSaiA91uS/n4MDgoQkao3sIE6zl5k/jht8GigZLSbjlj9iGhe3sTngg==,iv:hjimz2SsXf0nNgGhkDx97sg8iWBrne75KSbJLtJUf3k=,tag:4wfCpXew/OtTDZLIQk3cFA==,type:str] - l-nafaryus: ENC[AES256_GCM,data:xXRQH92Hi0qO31pxmlHNLG+fHJRsAFgEs1a1APwNsGRZEVV5UB+ijK1S8dThFN+gnlcLb/gLlypFiK8Vzd7/kCOMyaJYtXJChg==,iv:AgE2X3iUAA/U8YmPawcONvWcxgBDkRdVvye4dTSIBd4=,tag:kkwiaSymObztQTjcfno1DA==,type:str] + root: ENC[AES256_GCM,data:Yybgl858Dn+6ohhHFEKYm+6H7QNryXNtTd2V+qd1FucH/DdToApcCul1DuwOBwJcCk9TW7CXr09QMP27UEyDJvGb7SR/8VCE7g==,iv:IGVJcIH/9yoYtLx3lIOnioz2JS9M2N59wXrmyyEj5CQ=,tag:e/oigHds6bRHly2xNa22cA==,type:str] + l-nafaryus: ENC[AES256_GCM,data:d9z+Gqlq/eBOlbHQ65knWvYly8jmSJ4/C51xyGf9frEUUKdRyh15r3MIWpFQdeSQrVI536pV9Z4rkORY3r01nQXg3Cf2okTTvA==,iv:diGlOoy7LThYJKWJK+ITPkcqDui4MrnWod96d+5MBBs=,tag:4zgjtbvSNoYdFQTfPAv/Wg==,type:str] database: - git: ENC[AES256_GCM,data:noMvwTPWZWb79JtoEh0FLuXotVAXTX51QLcRfmjwxVg=,iv:EMiKZvMNhxpe2gARJ7BUrJFVM3ap/gMhJaRnKEJ7lX8=,tag:y+TAUHijY0NCvlwdg1fS1w==,type:str] + git: ENC[AES256_GCM,data:0q7J5OcU/PXEm+hJtBYPLqn2okDvFuQY+htJgwCcEWs=,iv:vFhRD9Z41dxOoNcgb3koiRqfmUAgC6HtIKEOb7/I2Ms=,tag:ALSHZKH6uO5N4T7ZWWWThw==,type:str] mail: - l-nafaryus: ENC[AES256_GCM,data:0PKuC3fI8gGOg99DtyF84neRRnr1P7cqKti8XSjHUurb4CyLG01+aCzABBJzcAs05oQMjiLbAj0prj6Q,iv:m4PzJ5hJqyyLmNss8/CckrBhDe3HC3HVTCbCvhZf93Y=,tag:uKiZLlmQzuO7mcGhQb3/og==,type:str] - git: ENC[AES256_GCM,data:YxU4Ws+yHgv5RsluX6BhpEnGBiDWZmIx+D8uD7oZr+v18tCSX27mI+T0t4IycPli4SLHUQR4PjGmnJao,iv:yHPkp1QmRWj4Nj4isIYtpe0ROSVLK9biBWJb81P5aew=,tag:+FJ6l4P7onUhKejYVq25Hg==,type:str] - kirill: ENC[AES256_GCM,data:erI0exQOi8JccOQVkWIt8zwvrm45Yrt1MNccBYO2oE5eEuXmeDU7uL92U4h+rDH+NojYpVjl1IaRAyU5,iv:kRvqVs70OzXLOBpZ/bfN0TQMdhqV6RAzQiszPQ4ZIwM=,tag:1whNxpchBdzOiVxCwYAzFA==,type:str] + l-nafaryus: ENC[AES256_GCM,data:tDZyma2K1zn6s3ulStxH544e9R9P5i8SPT3L2V6tPw3ayRX6n4002Km9D/3XOURi6aQq2RW7Hh/RChgQ,iv:i/B4V3epieE0aSI7BdmyyGbCJBxKw2AzuUXTbwzzm7Q=,tag:KiFw8FiiZegc/uaMPnZseA==,type:str] + git: ENC[AES256_GCM,data:7OoR1sWVvcHjzx53T7xT4PeyoEbDo2V2lSRVDyeCArR4Tz2QzPoN3ik/m33i8nZyGOLtKigA/xhK2rre,iv:qmmJch/97tBesNns799ZZcpCeQ0xauGlCdSjbipX/LQ=,tag:yHejsY3L6ZlO8XuLnSOCVw==,type:str] + kirill: ENC[AES256_GCM,data:b/P3yMOGbY3zK79a25DOJVBqEmTXagyCZZmK4xUDpSrf4/f7vkatFpTLQJgK8zxKUW71Vv5TV2AdS8+z,iv:zDa+q+01MDc9YpiU/WLIpC4sikOwYvJ6UcaJHNiYOy0=,tag:NEqX6mlaLVmB3gXkIIWqZQ==,type:str] gitea: - mail: ENC[AES256_GCM,data:RwQY3sOfcZMTWbvK5NWOprTSKTY5Fn/cECCh1MRC,iv:KjiYDiqmMO8u3m2VArdAva937cqfqNHKKMUkvnpDtkU=,tag:OpkSgrs8Rrz+XG5Q3tw+QQ==,type:str] + mail: ENC[AES256_GCM,data:HdtKGkT3o/v2yM8+abDeXPGVuLT+Nzdf1/uH5nz3,iv:JXDq0a0Q2sC5h/bO66FF//+2LFjnZDXdGrLntMbjC/k=,tag:dkKOjYL8noXHuCg1OAW8lw==,type:str] gitea-runner: - master-token: ENC[AES256_GCM,data:VbOnxgDr8Ni0NTdJvnwnppY3Q+/bev7IoVhxTpjGAphxh0tieCPfbnBJweav+l8dtQ==,iv:FzB5h/O0GSeBv1ZzE/zojWR2C6RR90NsxYddreVSmU0=,tag:c1WDgG9BlzvXaf+afzZW5g==,type:str] + master-token: ENC[AES256_GCM,data:yqcADVwBkpZ6EHW1qEm9eaGtJTf/GfrXXMf0CJcaVewbNbm0/5CccxctUrGJN3Wxwg==,iv:+Mz+Cop/Md0/rEWyABs/Fk4JyWKM0OFfM4l1TQopt+Q=,tag:MnX+EzMuBBgOHFnCbjk0UQ==,type:str] papermc: - rcon: ENC[AES256_GCM,data:h9DqMN3MAS2X,iv:M72Ku0n1BTaj9TuHmpj+xBcE/6nJvHWKB87HZ3pUKyE=,tag:QRN8e/SXKv0VGyOf9Fq49Q==,type:str] -discordToken: ENC[AES256_GCM,data:dII/1MKdUt/gjl6j+0mIyy0e03BmRwFPBle4fCx5ZYFjQ6zy9ByjFwVYKS8LlXTaPZQGknTBg0QHypRjE3XFW5uzvfp0OfTYm0o=,iv:bSkp6dKYeOuei9OkshO89ihfGMpRXE+8vb0iXEEkv0I=,tag:ICCUF/l8vJfzb/hgF9AYsg==,type:str] + rcon: ENC[AES256_GCM,data:COm1KtjKTdmo,iv:9zqs2hH65lEx6UVvfi3pmglUILmUdRZJ6nVyG1uxPvM=,tag:ou2jyfmcaRbYUAKHJnRpOQ==,type:str] +discordToken: ENC[AES256_GCM,data:nFDd+6G5AhQ+mHNUeN2Hqc7kK4St8gXqzraFjgHW+1DD1Ee8siYHqMWml83EVg1Tc9yh5C2MIjZhv7daAX92VIOrnmENEH4BL/A=,iv:N/VlgxJ0WTgToEsWuUIFNmFk6qNlz3rJz16wU+NGlo8=,tag:Tg33mzF9emJ7ZlmBujTBMw==,type:str] nix-store: - cache-key: ENC[AES256_GCM,data:wEp8XH18N5P+h8EMognt93/VwXVF5/sxvEOrGzba/iK1W4nVZM8pStGAP0wI593MEB7Vobw+slWj4I3wwRJjOpDsK4EsgROUBein84Gn9uqk/liCEqjSAqZkktv4yX5p3dETZw+Ojak=,iv:oVKBfzJP8il3N6lH4JmaPaHSaqkUfmsM6cr+xumjAdE=,tag:+Gj9CzpoQknT+i6xAPZ7dg==,type:str] + cache-key: ENC[AES256_GCM,data:+FpQ3Oxr2lSoXRNGSdMqwnUk88zXdL/s0uq6U3TirrcAormMIrnY7Uu8IYL+XL47yNdlxj54GrC/D/IehmwovrqIkfJnyqT76ZNPF7ELS84iKqBWd7IZu3/4s1sWAQvip4egBn+C8no=,iv:FhQyIir0L4NQ6w8IYKTgHebVNCtLPM6Ud35gTqCvlkc=,tag:bOdoiC0/lXfqP8C/jBFsLg==,type:str] matrix: - coturn-secret: ENC[AES256_GCM,data:BWYo08cS4oAYk7aK5yKT7xWkcxhOhxi3mZzl//xB/IqJ70x4ggGoiVudTxE=,iv:4YYWyxnwR1KcpjTNwvzrGWWVobr3LM6H6l/1/fbBQE4=,tag:qmXc+tzYKJR6hErgurx97Q==,type:str] + coturn-secret: ENC[AES256_GCM,data:VItx+e4AllJTCHLWfpscHFZIJkACypKiGbygFtm8Vd98YWMqUURN9ifmwpY=,iv:SR7w7mQ3XJyO/7l106yFIcqIaW8sp4VZFpWG+oWY9UM=,tag:H7Y7LcmeYYjGF0XNy/T5fg==,type:str] sops: kms: [] gcp_kms: [] @@ -28,23 +28,23 @@ sops: - recipient: age1u9xr3tmwskfsrxg6gus3hmh9eakjh2h22jklfmcu33kassaraues435vvc enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBnVmZiM3RqVkphSm5aV0E5 - ZW56NjEvdEFyQmI1NlEwaHNYOWN4aEp0bDN3CmcyTDY3QzJLSk5MSXZ4T0xONG5D - NXRQejQrSlRWSHBQbnhVVVY5SGdmQzAKLS0tIGJWRWlPbVVicWhXcm1wMnBjbGpB - aXFvYzkvUDV6RTZTdzViZkVmeHY1MUkKoxyI003op6VxqTNFApFoAzIA1KwvKD51 - hjBPkP9e1B3fRWZXysva51G/Y2zc6ylv17qPE5TjaVw9OS2WqTQNWA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4QkVJYzd1dnpsS3RBNHNu + cUpVd3VCeWtrV0crZ1llOHBiTCtZNlZxNEVFClNVT05mNGJvYjI1aE5sZStpQjZ2 + V2dXYXRYRDEvUnZjU0p2K2VkN2UwMTAKLS0tIDhWRUxBUzlkbjRId2pwYlp6YVps + WHZtU2RaejBWRXJ5SGJ5bHJKVG5oSU0Koxdwdl1pnbBYJ74onPPHfmCZ4os+T5rx + zms4Bhsi5oIzcPSaDEcIQx5UMG1/NBXTEEPdSaRQfW31vL3Ja09C0A== -----END AGE ENCRYPTED FILE----- - recipient: age1wyz7cfldqe9hh8qyw2qm42hkq9s7qdwqnrnv0u3s6vstv9649v0sh0z4em enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3eGVWZnVUMUdyNys4cUFv - czl4THRPOFN6RXl1d3hoUlMzVittUmtjMGl3CnlCOElNVitLdXJQbmMxNTROdHRz - MFl6NmxHWEY3anFsUkxpWGZHZ21iZ2sKLS0tIG1UT0VpaDBRNUpSY2lDcTRJMHpT - ZnlzMlFUcEx5bHltdlg5ODVMVFNHNW8K7x38gdL5sbNLqTXdCxIHuX+yIy+XX8Vi - x90Ltb5GOAMkd6qzgup3bWuQazpZ/Gj25f6ql7L2Oenlw8/8S9vbeQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBOQmJtQlVEaU1UOHJFcjhQ + bVpOVFlPa0toeFg1WTJLYS9Ec0VzNzJ0elZBCk9NY3p3T0U3MVEzSTZMNVk1YkdF + cktuak5adG1zc2dHYkk3aHUrZ2Jodk0KLS0tIEliVzg0VXVmeUZJWU5nRWc1RWIv + dngzMTF6NG8rYk43KzlFQlY0aFZuaHcK10K+BkXbL0Q4RTw5Onigdcploni5iZ4p + Mvlu5Kl5N0aKJXv2iqHyoBDRByMxBwjpknZM8WAwS6ap/uE/P8TcEA== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-10-09T07:20:47Z" - mac: ENC[AES256_GCM,data:fJ86HMwKQmbSTsAWAKC1cGxDqwkddTGHfFjQMa74RVxNh+yFlD+gEHFV2GKTRVji8kEUlp4qXqwtKnJ9Fx5zw0P1LHuCE9Q4j1Cxgs/j7XFTNMTvpt/8sVR1YC77Qp9LDwDxdDQK0GV4Z3BzoqjM20BHRbTWtCSyoNRmBP6Wcg8=,iv:BptqL9qXcyc5SaGvPMfUWDd0b22Viy5LJElbNGhpDYQ=,tag:jHMETvWq9IOCk+z63Dntpg==,type:str] + lastmodified: "2024-12-18T19:20:31Z" + mac: ENC[AES256_GCM,data:SLpOeCaid3J+vlNHBq15/9XRkNMK1vKV409xAJtua//solJ/68ibbutcVwGp/l+MWggTJ09wrd1wUGXxYqtfnrFENh7rG8IlX1rSpBWkOcNkxYiFvbm4AzFjv/kQa4l8KQ57a7AX4rKrr1Slt8anx6NXdoslKDU8Dp2oAxHbF/E=,iv:0UAIlvAQCzVga0Yjoq0JhD94Fx0J6k1vnpVt46z6b0U=,tag:Abz+YmMsGmrArco41m36Dw==,type:str] pgp: [] unencrypted_suffix: _unencrypted - version: 3.9.0 + version: 3.9.1 diff --git a/packages/lego/default.nix b/packages/lego/default.nix index f77d481..02f65a4 100644 --- a/packages/lego/default.nix +++ b/packages/lego/default.nix @@ -4,7 +4,7 @@ fetchFromGitHub, buildGoModule, nixosTests, - version ? "0bbf5ab59cda8beaedf5b1ce21a3d1bf0eb48fc5", + version ? "bfe36067932e4594d3baf01cb6545c43b8e1f79c", hash ? "sha256-j6AlA9+whDxvpbZBCnJinKTb0+bJrSqnMgCqmWWfLig=", vendorHash ? "sha256-r9R+d5H5RjwzksbAlcFPyRtCGXSH1JBVfNHr5QiHA7Y=", ... @@ -35,6 +35,7 @@ buildGoModule rec { license = licenses.mit; homepage = "https://go-acme.github.io/lego/"; maintainers = with bonLib.maintainers; [L-Nafaryus]; + mainProgram = "lego"; }; passthru.tests.lego = nixosTests.acme;