diff --git a/flake.lock b/flake.lock index 690a02f..a118495 100644 --- a/flake.lock +++ b/flake.lock @@ -5,15 +5,15 @@ "crane": "crane", "flake-utils": "flake-utils", "nixpkgs": [ - "nixpkgs" + "nixpkgs-unstable" ] }, "locked": { - "lastModified": 1740787854, - "narHash": "sha256-psuFa7Ilar3iJaogz6UD8fRPMIk1NFAushM74Ln/SC4=", + "lastModified": 1748064728, + "narHash": "sha256-X2XBfe+BUBWsnaLm0E8vkc6aFD4RMT1CbXII0uWsz6Q=", "ref": "refs/heads/main", - "rev": "9752430f815f27d236a26451d479fdc3a1738060", - "revCount": 69, + "rev": "471649fdec9104cad4a86efa365ab616620bf859", + "revCount": 72, "type": "git", "url": "https://git.min.rip/min/breeze.git" }, @@ -24,11 +24,11 @@ }, "crane": { "locked": { - "lastModified": 1734808813, - "narHash": "sha256-3aH/0Y6ajIlfy7j52FGZ+s4icVX0oHhqBzRdlOeztqg=", + "lastModified": 1748047550, + "narHash": "sha256-t0qLLqb4C1rdtiY8IFRH5KIapTY/n3Lqt57AmxEv9mk=", "owner": "ipetkov", "repo": "crane", - "rev": "72e2d02dbac80c8c86bf6bf3e785536acf8ee926", + "rev": "b718a78696060df6280196a6f992d04c87a16aef", "type": "github" }, "original": { @@ -81,11 +81,11 @@ ] }, "locked": { - "lastModified": 1745502102, - "narHash": "sha256-LqhRwzvIVPEjH0TaPgwzqpyhW6DtCrvz7FnUJDoUZh8=", + "lastModified": 1747742835, + "narHash": "sha256-kYL4GCwwznsypvsnA20oyvW8zB/Dvn6K5G/tgMjVMT4=", "owner": "nix-community", "repo": "disko", - "rev": "ca27b88c88948d96feeee9ed814cbd34f53d0d70", + "rev": "df522e787fdffc4f32ed3e1fca9ed0968a384d62", "type": "github" }, "original": { @@ -181,11 +181,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1746557022, - "narHash": "sha256-QkNoyEf6TbaTW5UZYX0OkwIJ/ZMeKSSoOMnSDPQuol0=", + "lastModified": 1747862697, + "narHash": "sha256-U4HaNZ1W26cbOVm0Eb5OdGSnfQVWQKbLSPrSSa78KC0=", "owner": "nixos", "repo": "nixpkgs", - "rev": "1d3aeb5a193b9ff13f63f4d9cc169fb88129f860", + "rev": "2baa12ff69913392faf0ace833bc54bba297ea95", "type": "github" }, "original": { @@ -212,11 +212,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1745526057, - "narHash": "sha256-ITSpPDwvLBZBnPRS2bUcHY3gZSwis/uTe255QgMtTLA=", + "lastModified": 1747744144, + "narHash": "sha256-W7lqHp0qZiENCDwUZ5EX/lNhxjMdNapFnbErcbnP11Q=", "owner": "nixos", "repo": "nixpkgs", - "rev": "f771eb401a46846c1aebd20552521b233dd7e18b", + "rev": "2795c506fe8fb7b03c36ccb51f75b6df0ab2553f", "type": "github" }, "original": { @@ -268,11 +268,11 @@ ] }, "locked": { - "lastModified": 1745310711, - "narHash": "sha256-ePyTpKEJTgX0gvgNQWd7tQYQ3glIkbqcW778RpHlqgA=", + "lastModified": 1747603214, + "narHash": "sha256-lAblXm0VwifYCJ/ILPXJwlz0qNY07DDYdLD+9H+Wc8o=", "owner": "Mic92", "repo": "sops-nix", - "rev": "5e3e92b16d6fdf9923425a8d4df7496b2434f39c", + "rev": "8d215e1c981be3aa37e47aeabd4e61bb069548fd", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 0c97f4b..3849953 100644 --- a/flake.nix +++ b/flake.nix @@ -19,7 +19,7 @@ impermanence.url = "github:nix-community/impermanence"; breeze.url = "git+https://git.min.rip/min/breeze.git"; - breeze.inputs.nixpkgs.follows = "nixpkgs"; + breeze.inputs.nixpkgs.follows = "nixpkgs-unstable"; sim-breeze.url = "git+ssh://git@git.min.rip/min/sim-breeze.git"; sim-breeze.inputs.nixpkgs.follows = "nixpkgs"; diff --git a/nixos/hosts/silver/services/breeze.nix b/nixos/hosts/silver/services/breeze.nix index dc54184..81f43bd 100644 --- a/nixos/hosts/silver/services/breeze.nix +++ b/nixos/hosts/silver/services/breeze.nix @@ -1,11 +1,13 @@ {config, ...}: let httpIntPort = 14010; dom = "picture.wtf"; -in { - sops.secrets."svc-breeze-upload_key" = { + breezeSecret = { owner = "breeze"; group = "breeze"; }; +in { + sops.secrets."svc-breeze-upload_key" = breezeSecret; + sops.secrets."svc-breeze-deletion_secret" = breezeSecret; services.nginx.virtualHosts.${dom} = { forceSSL = true; @@ -29,6 +31,7 @@ in { services.breeze = { enable = true; uploadKeyFile = config.sops.secrets."svc-breeze-upload_key".path; + deletionSecretFile = config.sops.secrets."svc-breeze-deletion_secret".path; settings = { engine = { diff --git a/secrets/silver/default.yaml b/secrets/silver/default.yaml index 35ea4d3..9f23b3a 100644 --- a/secrets/silver/default.yaml +++ b/secrets/silver/default.yaml @@ -3,6 +3,7 @@ user-pw: ENC[AES256_GCM,data:5qJ/TLLdHyQVTftN882UJZ/FPAbHUGQkw1eXqajCt2Aw2wca5D7 svc-nodemusicbot-env: ENC[AES256_GCM,data:XoTn7WuFbfs8P+MvoMLfwpvUJ4IGGRMhdG1HXdmXGiI9s6ZTlipnIL70MYlih5kKn/wSBR2QDd9i6AErbz3hDUAkCh0tBuiZTDuSctUU0X2PCnrBnbg=,iv:ayrHgGO0zCl7apVKjMGI1MbtkN8V3j6dT0Mv07/KoYQ=,tag:TdAussU7bBg+jxpLufR1sw==,type:str] svc-vcnotifier-env: ENC[AES256_GCM,data:8DwT17Aosvu7/Q2ecbir/t9HOtanPlFeBgLOzxtcv2BpCIGTEHqbVk9pegKQKc7lGhj5OrVg4HvNnQNEdEu5fLqB2XpMV8ltS7PL1wEz,iv:CfnXvb2wSRwQAURSLUrV4jofGnFOE6PQan7KPPhERjI=,tag:ve1Dh+63N4B6W7ZtvbDCFA==,type:str] svc-breeze-upload_key: ENC[AES256_GCM,data:qNNH4/Q0rk2lsMImzpVe54+DbSAOiGjo,iv:rX9zvcPt6qSbPs6sKYO0T8EVaHU/u9QDoT/ISHdQSV4=,tag:kivJyeJGtuBP0l54qJ0t9w==,type:str] +svc-breeze-deletion_secret: ENC[AES256_GCM,data:foilGTV7493fl7f/ZnN1bO7f4YLGapXlIzRLXUTyEkolOB9yiizhD0X5ayozWIHCBMMkFxf61hB16L2mSu+YwA==,iv:h7+UcfalppFqbDIWGHrSkPT4jYVUKPzyZwqVTwOrMoI=,tag:DAXFYBUP7keOi3ymXE+96Q==,type:str] svc-sim-breeze-upload_key: ENC[AES256_GCM,data:qm93iBzGhqp7IuZ01uZ6PyL5bL45+W0oOeDyQRGEzZw=,iv:5F7BV5Sg6GUxIGQychaEZSeG7xDFF+JdRL83PJULWJA=,tag:W/Q8vGaPoLNnj1Wyvc9Cnw==,type:str] svc-synapse-synapse-config: ENC[AES256_GCM,data:r8ZYi67CfftGheassCFiLOVcFUho+sNNe0XCkyQETHT6Q/w2jqO9eAVA2EDJyK4Vk3S4MP6ppcGxwocMmTYzkAjmtwf6a7GzUyh14+Lj5VTybvIKOze0wuLlsEUUYgU=,iv:HTnPaS5/ZvdJIMKiTfPffZmemp5IGTo/mIWrpafk/Fk=,tag:2HusbhzmxqsTMz5/78WCRA==,type:str] svc-gitea-runner-env: ENC[AES256_GCM,data:M2hV8YM03dcBcgpJqbpiW6RGlhDvkfF/ExF+J1GF+39GnOsBWwPKteM5EAUB2Wrl/zRFifgfNLLdYgSEWhJsT1cBLhI3vwE5,iv:9/nvC3sS6XcLxgeKrEg/AaFhptXCm3uvGgSUMAz4p5Y=,tag:A1MnoJP6aekXuWHhlONnkw==,type:str] @@ -42,7 +43,7 @@ sops: NVREcHJGWWIvY0Z1OGt4cGN6am1RaXMKAnlb8FOJ1wO5qtcmej57s7rhWjv5wqIn nCUJX0R7s0/KH3aj98bX/4hQg2ZAw1l+xViOOIfwfRnzLWeyaAnk5A== -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-05-11T01:03:55Z" - mac: ENC[AES256_GCM,data:QiKJfX/odDwZLH8Ds6pTBrQ5FplSMGLzDwk9jhXu8y5B6SAnahuf4X9Nj9V6rNHvYMN7MBnVQKcb5lD/nofNPOLvck9CTP6yWJ3WTK4Nd79Ffx0kRK3QY8Q1WlzjE0fDel5pJaytivf/l+BZwrWKIR20h0HmT2ETSb+lzMdYFSs=,iv:rrT6VJkf/D3tzbuysu77eUiwUmHKZCwdrbcx3oTyBUI=,tag:zsBE/r7WGQ0PIo/ZQHS4/w==,type:str] + lastmodified: "2025-05-24T05:13:41Z" + mac: ENC[AES256_GCM,data:V/auwfPc7vKI1A2H3D9ik7AhYddpIf4yQoFiaAfhUKQOe7TJNEen4/5pu8Tsy6yHb6k7O4yVYyHv8E8ZiSHAKtn07IbkoMTJRjkTm0XSNbQVXf/QORGiA1TPtd031YFtbm93EkN8U7/1WVo9v6KquSuFkHCVzlH+baeuAQsjiLw=,iv:AfDrztgtNG4KCr7WsrE2qeKiKziuCMygMLggequVhgE=,tag:53QakoBlomaR9Ex2ROJ3+w==,type:str] unencrypted_suffix: _unencrypted version: 3.10.2