dev/nixfiles
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

nixos/estuary: Re-organise secrets

Browse Source
This commit is contained in:
Jack O'Sullivan 2022-06-18 02:26:27 +01:00
parent 8c57e77382
commit 49e80e0ce0
5 changed files with 15 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
nixos/boxes/colony/vms/estuary/dns.nix
View File

@ -15,20 +15,23 @@ in
config = { config = {
my = { my = {
secrets.files = { secrets.files = {
"pdns.conf" = { "estuary/pdns/auth.conf" = {
name = "pdns.conf";
owner = "pdns"; owner = "pdns";
group = "pdns"; group = "pdns";
}; };
"colony-netdata-powerdns.conf" = { "estuary/pdns/recursor.conf" = {
owner = "netdata";
group = "netdata";
};
"colony-pdns-recursor.conf" = {
owner = "pdns-recursor"; owner = "pdns-recursor";
group = "pdns-recursor"; group = "pdns-recursor";
}; };
"colony-netdata-powerdns_recursor.conf" = {
"estuary/netdata/powerdns.conf" = {
name = "netdata-powerdns.conf";
owner = "netdata";
group = "netdata";
};
"estuary/netdata/powerdns_recursor.conf" = {
name = "netdata-powerdns_recursor.conf";
owner = "netdata"; owner = "netdata";
group = "netdata"; group = "netdata";
}; };
@ -36,15 +39,15 @@ in
pdns.recursor = { pdns.recursor = {
enable = true; enable = true;
extraSettingsFile = config.age.secrets."colony-pdns-recursor.conf".path; extraSettingsFile = config.age.secrets."estuary/pdns/recursor.conf".path;
}; };
}; };
services = { services = {
netdata = { netdata = {
configDir = { configDir = {
"go.d/powerdns.conf" = config.age.secrets."colony-netdata-powerdns.conf".path; "go.d/powerdns.conf" = config.age.secrets."estuary/netdata/powerdns.conf".path;
"go.d/powerdns_recursor.conf" = config.age.secrets."colony-netdata-powerdns_recursor.conf".path; "go.d/powerdns_recursor.conf" = config.age.secrets."estuary/netdata/powerdns_recursor.conf".path;
}; };
}; };
@ -82,7 +85,7 @@ in
my.pdns.auth = { my.pdns.auth = {
enable = true; enable = true;
extraSettingsFile = config.age.secrets."pdns.conf".path; extraSettingsFile = config.age.secrets."estuary/pdns/auth.conf".path;
settings = { settings = {
primary = true; primary = true;
resolver = "127.0.0.1"; resolver = "127.0.0.1";

0
secrets/colony-netdata-powerdns.conf.age → secrets/estuary/netdata/powerdns.conf.age
View File

0
secrets/colony-netdata-powerdns_recursor.conf.age → secrets/estuary/netdata/powerdns_recursor.conf.age
View File

0
secrets/pdns.conf.age → secrets/estuary/pdns/auth.conf.age
View File

0
secrets/colony-pdns-recursor.conf.age → secrets/estuary/pdns/recursor.conf.age
View File