Sadan/dotfiles
1
1
Fork 0
mirror of https://github.com/sadan4/dotfiles.git synced 2025-02-26 18:18:50 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

use systemd tmpfiles instead of sops as sops unloads files when the user logs out

Browse source
This commit is contained in:
sadan 2025-02-25 19:44:22 -05:00
parent 6e56012318
commit a1aa812cfa
No known key found for this signature in database
2 changed files with 15 additions and 32 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

35
common/users/docker/obsidian/default.nix
View file

@ -9,39 +9,18 @@
source = ./docker-compose.yaml;
target = "./src/obsidian/docker-compose.yaml";
};
# Docker is stupid and wont read a symlinked Dockerfile
# couchdb_dockerfile = {
# source = ./Dockerfile;
# target = "./src/obsidian/Dockerfile";
# };
# not only will it not load a symlinked dockerfile, it refuses to copy any symlinked file
# couchdb_vm-args = {
# source = ./vm.args;
# target = "./src/obsidian/vm.args";
# };
# couchdb_docker-default = {
# source = ./10-docker-default.ini;
# target = "./src/obsidian/10-docker-default.ini";
# };
# couchdb_docker-entrypoint-sh = {
# source = ./docker-entrypoint.sh;
# target = "./src/obsidian/docker-entrypoint.sh";
# };
};
};
systemd = {
user = {
tmpfiles = {
rules = [
"C /home/${config.home.username}/src/obsidian/Dockerfile 0444 - - - ${./Dockerfile}"
"C /home/${config.home.username}/src/obsidian/docker-entrypoint.sh 0555 - - - ${./docker-entrypoint.sh}"
"C /home/${config.home.username}/src/obsidian/10-docker-default.ini 0444 - - - ${./10-docker-default.ini}"
"C /home/${config.home.username}/src/obsidian/vm.args 0444 - - - ${./vm.args}"
# root is needed to +i
# "h /home/${config.home.username}/src/obsidian/Dockerfile - - - - i"
# "h /home/${config.home.username}/src/obsidian/docker-entrypoint.sh - - - - i"
# "h /home/${config.home.username}/src/obsidian/10-docker-default.ini - - - - i"
# "h /home/${config.home.username}/src/obsidian/vm.args - - - - i"
"C /home/${config.home.username}/src/obsidian/Dockerfile 0444 - - 0 ${./Dockerfile}"
"C /home/${config.home.username}/src/obsidian/docker-entrypoint.sh 0555 - - 0 ${./docker-entrypoint.sh}"
"C /home/${config.home.username}/src/obsidian/10-docker-default.ini 0444 - - 0 ${./10-docker-default.ini}"
"C /home/${config.home.username}/src/obsidian/vm.args 0444 - - 0 ${./vm.args}"
"C /home/${config.home.username}/src/obsidian/docker.ini 0444 - - 0 ${config.sops.secrets.couchdb_docker-ini.path}"
"C /home/${config.home.username}/src/obsidian/couchdb.env 0444 - - 0 ${config.sops.secrets.couchdb_env.path}"
];
};
};
@ -51,13 +30,11 @@
couchdb_env = {
format = "dotenv";
sopsFile = ./couchdb.env;
path = "/home/${config.home.username}/src/obsidian/couchdb.env";
};
# encrypted because it has a hashed password
couchdb_docker-ini = {
format = "ini";
sopsFile = ./docker.ini;
path = "/home/${config.home.username}/src/obsidian/docker.ini";
};
};
};

12
common/users/docker/vw/default.nix
View file

@ -11,22 +11,28 @@
};
};
};
systemd = {
tmpfiles = {
rules = [
"C /home/${config.home.username}/src/vw/rclone-config/rclone/rclone.conf 0444 - - 0 ${config.sops.secrets.rclone_config_file.path}"
"C /home/${config.home.username}/src/vw/vw.env 0444 - - 0 ${config.sops.secrets.vw.path}"
"C /home/${config.home.username}/src/vw/backup.env 0444 - - 0 ${config.sops.secrets.vw_backup.path}"
];
};
};
sops = {
secrets = {
vw = {
format = "dotenv";
sopsFile = ./vw.env;
path = "/home/${config.home.username}/src/vw/vw.env";
};
rclone_config_file = {
format = "binary";
sopsFile = ./rclone.conf;
path = "/home/${config.home.username}/src/vw/rclone-config/rclone/rclone.conf";
};
vw_backup = {
format = "dotenv";
sopsFile = ./backup.env;
path = "/home/${config.home.username}/src/vw/backup.env";
};
};
};