diff options
Diffstat (limited to 'tw/system/lud.scm')
-rw-r--r-- | tw/system/lud.scm | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/tw/system/lud.scm b/tw/system/lud.scm index 5ea47fa0..295f1739 100644 --- a/tw/system/lud.scm +++ b/tw/system/lud.scm @@ -9,6 +9,7 @@ #:use-module (tw services nextcloud) #:use-module (tw services matrix) #:use-module (tw services media) + #:use-module (tw services secrets) #:use-module (tw system)) (use-package-modules admin bash certs databases linux man php python rsync @@ -184,6 +185,35 @@ innodb_io_capacity = 4000 ;; TODO: Syncthing exporter ;; TODO: Transmission exporter + (service secrets-service-type + (secrets-configuration + (secrets + (list + (secret + (encrypted-file (local-file "files/mythic-dns.scm.enc")) + (destination "/etc/mythic-dns.scm")) + (secret + (encrypted-file (local-file "files/nextcloud-database-password.enc")) + (destination "/etc/nextcloud-database-password.enc")) + (secret + (encrypted-file (local-file "files/restic/lud-nextcloud.enc")) + (destination "/etc/restic/lud-nextcloud")) + (secret + (encrypted-file (local-file "files/wireguard/lap.key.enc")) + (destination "/etc/wireguard/private.key")) + (secret + (encrypted-file (local-file "files/wireguard/lap-fp4.psk.enc")) + (destination "/etc/wireguard/fp4.psk")) + (secret + (encrypted-file (local-file "files/wireguard/lap-lud.psk.enc")) + (destination "/etc/wireguard/lud.psk")) + (secret + (encrypted-file (local-file "files/wireguard/lap-pi3.psk.enc")) + (destination "/etc/wireguard/pi3.psk")) + (secret + (encrypted-file (local-file "files/wireguard/lap-vin.psk.enc")) + (destination "/etc/wireguard/vin.psk")))))) + ;; Only this server has SSDs, not vin. (simple-service 'fstrim mcron-service-type (list #~(job "0 4 * * *" ; after guix gc |