From 7e7b5765401b7436a686bb87d8999148c1dcb568 Mon Sep 17 00:00:00 2001 From: Felix Albrigtsen Date: Sat, 24 Aug 2024 22:48:40 +0200 Subject: [PATCH] WIP: deploy pvv-doorbell-bot --- flake.lock | 20 ++++++++++++++++++++ flake.nix | 6 ++++++ hosts/bicep/configuration.nix | 5 +++-- hosts/bicep/services/doorbell-bot.nix | 16 ++++++++++++++++ secrets/bicep/bicep.yaml | 6 ++++-- 5 files changed, 49 insertions(+), 4 deletions(-) create mode 100644 hosts/bicep/services/doorbell-bot.nix diff --git a/flake.lock b/flake.lock index 4931629..249be7b 100644 --- a/flake.lock +++ b/flake.lock @@ -207,6 +207,25 @@ "url": "https://git.pvv.ntnu.no/Projects/calendar-bot.git" } }, + "pvv-doorbell-bot": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "dirtyRev": "cec320746bbf5b5bc6618a145c1a997ebd0b5196-dirty", + "dirtyShortRev": "cec3207-dirty", + "lastModified": 1724515328, + "narHash": "sha256-Vj3ZJkCaLq+6d1LJtl7Hg5f7XV4NDPeNC1xEyu9QkOI=", + "type": "git", + "url": "file:///home/felixalb/doorbell-matrix-bot" + }, + "original": { + "type": "git", + "url": "file:///home/felixalb/doorbell-matrix-bot" + } + }, "pvv-nettsiden": { "inputs": { "nixpkgs": [ @@ -237,6 +256,7 @@ "nixpkgs": "nixpkgs", "nixpkgs-unstable": "nixpkgs-unstable", "pvv-calendar-bot": "pvv-calendar-bot", + "pvv-doorbell-bot": "pvv-doorbell-bot", "pvv-nettsiden": "pvv-nettsiden", "sops-nix": "sops-nix" } diff --git a/flake.nix b/flake.nix index ac2839d..2f125bb 100644 --- a/flake.nix +++ b/flake.nix @@ -17,6 +17,10 @@ pvv-calendar-bot.url = "git+https://git.pvv.ntnu.no/Projects/calendar-bot.git"; pvv-calendar-bot.inputs.nixpkgs.follows = "nixpkgs"; + pvv-doorbell-bot.url = "git+https://git.pvv.ntnu.no/Projects/doorbell-matrix-bot.git"; + #pvv-doorbell-bot.url = "git+file:///home/felixalb/doorbell-matrix-bot"; + pvv-doorbell-bot.inputs.nixpkgs.follows = "nixpkgs"; + matrix-next.url = "github:dali99/nixos-matrix-modules/v0.6.0"; matrix-next.inputs.nixpkgs.follows = "nixpkgs"; @@ -81,9 +85,11 @@ modules = [ inputs.matrix-next.nixosModules.default inputs.pvv-calendar-bot.nixosModules.default + inputs.pvv-doorbell-bot.nixosModules.default ]; overlays = [ inputs.pvv-calendar-bot.overlays.x86_64-linux.default + inputs.pvv-doorbell-bot.overlays.x86_64-linux.default ]; }; bekkalokk = stableNixosConfig "bekkalokk" { diff --git a/hosts/bicep/configuration.nix b/hosts/bicep/configuration.nix index 2350492..33648aa 100644 --- a/hosts/bicep/configuration.nix +++ b/hosts/bicep/configuration.nix @@ -9,10 +9,11 @@ ./acmeCert.nix + ./services/calendar-bot.nix + ./services/doorbell-bot.nix + ./services/mysql.nix ./services/mysql.nix ./services/postgres.nix - ./services/mysql.nix - ./services/calendar-bot.nix ./services/matrix ]; diff --git a/hosts/bicep/services/doorbell-bot.nix b/hosts/bicep/services/doorbell-bot.nix new file mode 100644 index 0000000..3af2f71 --- /dev/null +++ b/hosts/bicep/services/doorbell-bot.nix @@ -0,0 +1,16 @@ +{ config, lib, pkgs, ... }: +let + cfg = config.services.pvv-doorbell-bot; +in { + sops.secrets."doorbell-bot/config-json" = { + owner = cfg.user; + group = cfg.group; + }; + + services.pvv-doorbell-bot = { + enable = true; + settings = { + configFile = config.sops.secrets."doorbell-bot/config-json".path; + }; + }; +} diff --git a/secrets/bicep/bicep.yaml b/secrets/bicep/bicep.yaml index e3fe480..b4dfc80 100644 --- a/secrets/bicep/bicep.yaml +++ b/secrets/bicep/bicep.yaml @@ -1,6 +1,8 @@ calendar-bot: matrix_token: ENC[AES256_GCM,data:zJv9sw6pEzb9hxKT682wsD87HC9iejbps2wl2Z5QW1XZUSBHdcqyg1pxd+jFKTeKGQ==,iv:zDbvF1H98NsECjCtGXS+Y9HIhXowzz9HF9mltqnArog=,tag:/ftcOSQ13ElkVJBxYIMUGQ==,type:str] mysql_password: ENC[AES256_GCM,data:Gqag8yOgPH3ntoT5TmaqJWv1j+si2qIyz5Ryfw5E2A==,iv:kQDcxnPfwJQcFovI4f87UDt18F8ah3z5xeY86KmdCyY=,tag:A1sCSNXJziAmtUWohqwJgg==,type:str] +doorbell-bot: + config-json: ENC[AES256_GCM,data:QNFHiUqaBWfW9ZRAkZo9M18AMbn/oSxvEMq1N1NsDcBjxJMo/OE36fz1Uf4TagGccCDkWy56wSVSFZm8KZnXVaQ/X0EgJkUK1JZyR7i5yiEW8ByLaVzThMWBwxQoj2cz48z53krzfddyl250rLFQRa7Fco74yTFfBWruf/1clN5O/iHFspeW7uJtQh/oyFIVb87YisjKU2+jpU3IeDNsO6VFWOoOJd+ACmfwsAY0wOz5lzBEIrdU2k/PMgSVzECMV4S5ipwIUmVUpGzbvgAWZQGtsUeVevAbvZ1QgyH6bhDIUheeUrOKN0cbgEMc/xIi7yZ+VWHOMBqb8LkyBvunG2TjK31B1HAGL/krBS+gvvQnW0ZN,iv:K0djdxNOGaHBkE4vyh/22fruAHVsZYVT68cdVoMmogw=,tag:3fjjzD3bghvGy3aZ7/Ienw==,type:str] mysql: password: ENC[AES256_GCM,data:KqEe0TVdeMIzPKsmFg9x0X9xWijnOk306ycyXTm2Tpqo/O0F,iv:Y+hlQ8n1ZIP9ncXBzd2kCSs/DWVTWhiEluFVwZFKRCA=,tag:xlaUk0Wftk62LpYE5pKNQw==,type:str] sops: @@ -63,8 +65,8 @@ sops: cTh5bnJ3WW90aXRCSUp6NHFYeU1tZ0kK4afdtJwGNu6wLRI0fuu+mBVeqVeB0rgX 0q5hwyzjiRnHnyjF38CmcGgydSfDRmF6P+WIMbCwXC6LwfRhAmBGPg== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-08-15T21:18:33Z" - mac: ENC[AES256_GCM,data:uR5HgeDAYqoqB9kk1V6p0T30+v6WpQJi4+qIeCDRnoUPnQKUVR10hvBhICck+E+Uh8p+tGhM6Uf3YrAJAV0ZCUiNJjtwDJQQLUDT53vdOAXN4xADCQqNuhgVwVMaruoTheEiwOswRuhFeEwy0gBj3Ze2pu47lueHYclmEzumLeQ=,iv:t0UyXN2YaR2m7M/pV2wTLJG5wVfqTIUs7wSQMmyeTVw=,tag:O7dIffzrDAXz3kGx5uazhw==,type:str] + lastmodified: "2024-08-24T16:49:06Z" + mac: ENC[AES256_GCM,data:A5pYM3yNt5GdlvpdDbRXxQwUccC/dr5JZwPBMjjx4ZRaJMbewpmGL/ySITnsCEuxOG1cagc1S28ti8k3z0bR4rfFlt/fZ93K8uwI9rT6KW5pSEAa1vPEz8Jq+7asfJIBMCpxFxN704JDSeOnBMaSHwQdICdmG4jfN/F+YbXTPIA=,iv:Y6gloFlYtnJZ3kzcUtZZZmJQ8KowQ29pwZaqo/ePrm8=,tag:r8XFLU5PGMr3U3K0N0cmlQ==,type:str] pgp: - created_at: "2024-08-04T00:03:40Z" enc: |-