Add worf keys and zfs-exporter
This commit is contained in:
parent
8ce458e2d3
commit
881a54f445
|
@ -1,5 +1,6 @@
|
||||||
keys:
|
keys:
|
||||||
- &user_felixalb age1n6j9umxfn5ekvmsrqngdhux0y994yh72sd5xdt6sxec86k4dyu9shsgjkw
|
- &user_felixalb_old age1n6j9umxfn5ekvmsrqngdhux0y994yh72sd5xdt6sxec86k4dyu9shsgjkw
|
||||||
|
- &user_felixalb age1nj7ju6f3jfvzw4c0sxywthjmztwp7rwqceun8xw2tlfrt7qymatser4vqf
|
||||||
- &host_voyager age14jzavfeg47pgnrstea6yzvh3s3a578nj8hkk8g79vxyzpn86gslscp23qu
|
- &host_voyager age14jzavfeg47pgnrstea6yzvh3s3a578nj8hkk8g79vxyzpn86gslscp23qu
|
||||||
|
|
||||||
creation_rules:
|
creation_rules:
|
||||||
|
@ -7,6 +8,7 @@ creation_rules:
|
||||||
- path_regex: secrets/[^/]+\.yaml$
|
- path_regex: secrets/[^/]+\.yaml$
|
||||||
key_groups:
|
key_groups:
|
||||||
- age:
|
- age:
|
||||||
|
- *user_felixalb_old
|
||||||
- *user_felixalb
|
- *user_felixalb
|
||||||
|
|
||||||
# Host specific secrets
|
# Host specific secrets
|
||||||
|
@ -14,4 +16,5 @@ creation_rules:
|
||||||
key_groups:
|
key_groups:
|
||||||
- age:
|
- age:
|
||||||
- *host_voyager
|
- *host_voyager
|
||||||
|
- *user_felixalb_old
|
||||||
- *user_felixalb
|
- *user_felixalb
|
||||||
|
|
1
base.nix
1
base.nix
|
@ -66,6 +66,7 @@
|
||||||
uid = 1000;
|
uid = 1000;
|
||||||
openssh.authorizedKeys.keys = [
|
openssh.authorizedKeys.keys = [
|
||||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDKzPICGew7uN0cmvRmbwkwTCodTBUgEhkoftQnZuO4Q felixalbrigtsen@gmail.com"
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDKzPICGew7uN0cmvRmbwkwTCodTBUgEhkoftQnZuO4Q felixalbrigtsen@gmail.com"
|
||||||
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBTXSL0w7OUcz1LzEt1T3I3K5RgyNV+MYz0x/1RbpDHQ felixalb@worf"
|
||||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHkLmJIkBM6AMbYM/hYm27Flgya81UiGqh9/owYWmrbZ home.feal.no"
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHkLmJIkBM6AMbYM/hYm27Flgya81UiGqh9/owYWmrbZ home.feal.no"
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
|
@ -11,6 +11,7 @@
|
||||||
kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages;
|
kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages;
|
||||||
};
|
};
|
||||||
services.zfs.autoScrub.enable = true;
|
services.zfs.autoScrub.enable = true;
|
||||||
|
services.prometheus.exporters.zfs.enable = true;
|
||||||
|
|
||||||
# Network mounts (import)
|
# Network mounts (import)
|
||||||
fileSystems = {
|
fileSystems = {
|
||||||
|
|
|
@ -55,6 +55,12 @@ in {
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
{
|
||||||
|
job_name = "zfs";
|
||||||
|
static_configs = [
|
||||||
|
{ targets = ["127.0.0.1:${toString config.services.prometheus.exporters.zfs.port}"]; }
|
||||||
|
];
|
||||||
|
}
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -30,20 +30,29 @@ sops:
|
||||||
- recipient: age14jzavfeg47pgnrstea6yzvh3s3a578nj8hkk8g79vxyzpn86gslscp23qu
|
- recipient: age14jzavfeg47pgnrstea6yzvh3s3a578nj8hkk8g79vxyzpn86gslscp23qu
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBOZml2bXBjSUYrMW5RcnFl
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBCOUxoemtPaURCdGdhSmc4
|
||||||
MTRzM1p2L1JMTGJCamk1RHczOStQUjlFSDFzCmdGTDYrYUhJUjAyYWdkclgwazNt
|
RWZKNlduSVQxTmJPQ29YVDFIUHQ0bTkvdVJJCjgySTFKd1kvVk1pbnJCbi9JWENW
|
||||||
UWVqY0JxYXh3cXVyNjlSZ2h6c0R4REEKLS0tIDZHY0F6M0lOZ1JRelp3Umx0aW4x
|
MmxhVGVtanNWNGppZ1dPcjJSdmhYdXcKLS0tIGRTSGxvelZwbE9sR0JpeExSaStE
|
||||||
cjRUa2szZGZuSnhjd3hCNmYvV0tXTmMKlYuaUIvwTv8NpaoBYVva4jbRemkFTdfU
|
dytwYnN5bkt5b0lla0ljcW15bU1NMWsKimYSeyPLuqVE2hTh8PNZwI1+Rq/cR10i
|
||||||
yP4J5RyUry83aVlHFQ2f7neBpWc6A2rePl3XuEQxSggl13hh71H+nw==
|
nJuRRCuL01ACJVypn57k6/wakLO84/+dyjazrjleUsEpQB2K3wBAkg==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age1n6j9umxfn5ekvmsrqngdhux0y994yh72sd5xdt6sxec86k4dyu9shsgjkw
|
- recipient: age1n6j9umxfn5ekvmsrqngdhux0y994yh72sd5xdt6sxec86k4dyu9shsgjkw
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBOOG5GSDd4R09mZ2QvT0dy
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXZ1RDeDE3UytQWlhJcStD
|
||||||
YnIxMWNBL3huMXNmcjV0a1VlS0FxS1JtSFVjCmthenVlYytjZklxNk43YlR5NExG
|
djVTM09UK3FBQThhc1BvWVhBeEVPU2RTdUcwCnNQcnlScnhUUmpSV2tnWGZSam1H
|
||||||
aVQ2K1ZsbHdWTm91d1JvNDVsYW1FSEkKLS0tIFpTeG1zcVRpWWlWUE1abllKR1BW
|
cTdIZ0tiR3lvaWUzSVE2OUI0Q1FGYVEKLS0tIDlRdkpmSGk2UFRxclQ5b2lJRG5y
|
||||||
THFRNjZXc0RsS0xKK1BkeEU1UzA4MW8KgOIQyL6A9u+Ii8zYkHJDWVAG/EEc61Qh
|
b3BLS0o4WXQxdW1PR0dPa0NLamJOTEEKY66UiTF6+hJtfMB8tPge8Xaz9riB2veK
|
||||||
u+VFyGB7esTG56G19u1aCHB/NUxG5HYMG/DEqH/SyCyKUvHrXjEF4g==
|
WEsq72StufeZDjGxkhAGOTZHg9poG6YgBFnt+PMbe9DACfVbAfPP2Q==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
- recipient: age1nj7ju6f3jfvzw4c0sxywthjmztwp7rwqceun8xw2tlfrt7qymatser4vqf
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB1NXBlZk5DbW1VSHBPZVBq
|
||||||
|
UmVDNU9tMkdHMW04aloyQlpCUHdCS1JYcWpzCmRXNnFzSnFNZ2ZIVXJRMGJvaVV6
|
||||||
|
WitBeGorNU5Mb2VWRE5WTkx6dzQ5QUkKLS0tIHhVM1lmbkNBWXExUlBXd0pzTHVD
|
||||||
|
NENEM2VLRDBzTWM0ckdPVThaeE0xL2MKTAvsDKgaoj0Fz9CoNbP6s1kROlDbbXtB
|
||||||
|
4rFRGN+WZJrBioz5nN4kR7mVFKa4w6z6Pu3D5WLyK7UQQkZJ64avdw==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
lastmodified: "2023-06-08T21:22:10Z"
|
lastmodified: "2023-06-08T21:22:10Z"
|
||||||
mac: ENC[AES256_GCM,data:l7sZPbR3pihdoWEtfAB8yHAVtGfvnz+7dFos6b3TyBRhJmKlnd/zux9Lpw+KFh7y16KQDwE0rJlGf4+gkwM5SyMSHl3L4U430DeXhbcTLTGSFq7WLk5bnJgOYHv9t8zqHI8qsHJKarYca0KhtzLUFQG8U4wbJCzAJajGp9bVEyE=,iv:2xm1vi+GPt1Of5t9iWeyzcuzqFWiFjDk8juL+AnsiM8=,tag:BHLjw12RzORzUL2jI8+kdw==,type:str]
|
mac: ENC[AES256_GCM,data:l7sZPbR3pihdoWEtfAB8yHAVtGfvnz+7dFos6b3TyBRhJmKlnd/zux9Lpw+KFh7y16KQDwE0rJlGf4+gkwM5SyMSHl3L4U430DeXhbcTLTGSFq7WLk5bnJgOYHv9t8zqHI8qsHJKarYca0KhtzLUFQG8U4wbJCzAJajGp9bVEyE=,iv:2xm1vi+GPt1Of5t9iWeyzcuzqFWiFjDk8juL+AnsiM8=,tag:BHLjw12RzORzUL2jI8+kdw==,type:str]
|
||||||
|
|
Loading…
Reference in New Issue