Maybe this sets up the exchange idk....
This commit is contained in:
parent
761385fe8b
commit
d4d7927b54
@ -13,6 +13,7 @@ keys:
|
||||
- &host_ildkule age1x28hmzvuv6f2n66c0jtqcca3h9rput8d7j5uek6jcpx8n9egd52sqpejq0
|
||||
- &host_bekkalokk age12nj59tguy9wg882updc2vjdusx5srnxmjyfaqve4zx6jnnsaw3qsyjq6zd
|
||||
- &host_bicep age1sl43gc9cw939z5tgha2lpwf0xxxgcnlw7w4xem4sqgmt2pt264vq0dmwx2
|
||||
- &host_kvernberg age19rlntxt0m27waa0n288g9wgpksa6ndlzz8eneeqya7w3zd7may0sqzhcvz
|
||||
|
||||
creation_rules:
|
||||
# Global secrets
|
||||
@ -78,3 +79,9 @@ creation_rules:
|
||||
- *user_pederbs_bjarte
|
||||
pgp:
|
||||
- *user_oysteikt
|
||||
|
||||
- path_regex: secrets/kvernberg/[^/]+$
|
||||
key_groups:
|
||||
- age:
|
||||
- *host_kvernberg
|
||||
- *user_danio
|
||||
|
8
flake.lock
generated
8
flake.lock
generated
@ -119,16 +119,16 @@
|
||||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1731663789,
|
||||
"narHash": "sha256-x07g4NcqGP6mQn6AISXJaks9sQYDjZmTMBlKIvajvyc=",
|
||||
"lastModified": 1731779898,
|
||||
"narHash": "sha256-oxxCrYZM0WNRoaokDyVXcPIlTc8Z2yX4QjKbgXGI3IM=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "035d434d48f4375ac5d3a620954cf5fda7dd7c36",
|
||||
"rev": "9972661139e27eed0237df4dde34839e09028cd5",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"ref": "nixos-24.05-small",
|
||||
"ref": "refs/pull/332699/merge",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
|
@ -5,8 +5,9 @@
|
||||
./hardware-configuration.nix
|
||||
(fp /base)
|
||||
(fp /misc/metrics-exporters.nix)
|
||||
|
||||
./disks.nix
|
||||
|
||||
./services/pvvvvvv
|
||||
];
|
||||
|
||||
sops.defaultSopsFile = fp /secrets/kvernberg/kvernberg.yaml;
|
||||
|
11
hosts/kvernberg/services/pvvvvvv/default.nix
Normal file
11
hosts/kvernberg/services/pvvvvvv/default.nix
Normal file
@ -0,0 +1,11 @@
|
||||
{
|
||||
imports = [
|
||||
./exchange.nix
|
||||
];
|
||||
|
||||
services.taler = {
|
||||
settings = {
|
||||
taler.CURRENCY = "SCHPENN";
|
||||
};
|
||||
};
|
||||
}
|
38
hosts/kvernberg/services/pvvvvvv/exchange.nix
Normal file
38
hosts/kvernberg/services/pvvvvvv/exchange.nix
Normal file
@ -0,0 +1,38 @@
|
||||
{ config, lib, fp, pkgs, ... }:
|
||||
let
|
||||
cfg = config.services.taler;
|
||||
inherit (cfg.settings.taler) CURRENCY;
|
||||
in {
|
||||
sops.secrets.exchange-offline-master = {
|
||||
format = "binary";
|
||||
sopsFile = fp /secrets/kvernberg/exhange-offline-master.priv;
|
||||
};
|
||||
|
||||
services.taler.exchange = {
|
||||
enable = true;
|
||||
debug = true;
|
||||
openFierwall = true;
|
||||
denominationConfig = ''
|
||||
[COIN-${CURRENCY}-k1-1-0]
|
||||
VALUE = ${CURRENCY}:1
|
||||
DURATION_WITHDRAW = 7 days
|
||||
DURATION_SPEND = 1 years
|
||||
DURATION_LEGAL = 3 years
|
||||
FEE_WITHDRAW = ${CURRENCY}:0
|
||||
FEE_DEPOSIT = ${CURRENCY}:0
|
||||
FEE_REFRESH = ${CURRENCY}:0
|
||||
FEE_REFUND = ${CURRENCY}:0
|
||||
RSA_KEYSIZE = 2048
|
||||
CIPHER = RSA
|
||||
'';
|
||||
settings = {
|
||||
exchange = {
|
||||
MASTER_PUBLIC_KEY = "J331T37C8E58P9CVE686P1JFH11DWSRJ3RE4GVDTXKES9M24ERZG";
|
||||
BASE_URL = "http://kvernberg.pvv.ntnu.no:8081/";
|
||||
};
|
||||
exchange-offline = {
|
||||
MASTER_PRIV_FILE = config.sops.secrets.exchange-offline-master.path;
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
24
secrets/kvernberg/exhange-offline-master.priv
Normal file
24
secrets/kvernberg/exhange-offline-master.priv
Normal file
@ -0,0 +1,24 @@
|
||||
{
|
||||
"data": "ENC[AES256_GCM,data:dhVo1B+ZG1B6s0bTLgph4ipPmi0mveaObbJAffDQbpY=,iv:P5plvu4DQYa99cQZQ6B/gEFcSffu3lTY3+Z80Cfoj94=,tag:4xcqCbn6fFSmCbYmmEgQEg==,type:str]",
|
||||
"sops": {
|
||||
"kms": null,
|
||||
"gcp_kms": null,
|
||||
"azure_kv": null,
|
||||
"hc_vault": null,
|
||||
"age": [
|
||||
{
|
||||
"recipient": "age19rlntxt0m27waa0n288g9wgpksa6ndlzz8eneeqya7w3zd7may0sqzhcvz",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5MzVHSE15Nk9MODQxc2g0\nbHlqNmFKclBYbUNKQTNUOGo0VThiaEZTVzJFCmU2YkYwMXlyeHM3ZzAxOWZpa3k4\nUUJLanVFbkNMa25RcGZmOTBsVmtzazQKLS0tIE1sTTBqT3VJMDFOYXl0T1JvcDRV\nRFpsZGNOZzFzMFc3YzcxeXdIK1d6QUUKzy0n7DJsOmrNvU03Tn6Zcj/l/kAylzzP\nhNnFLXfStdKl3A/qrzBPhTVbYD73yFkZuQ+bDr7/IMsHAmDsztuA9g==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
},
|
||||
{
|
||||
"recipient": "age17tagmpwqjk3mdy45rfesrfey6h863x8wfq38wh33tkrlrywxducs0k6tpq",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBnbEdBWjdEbmtNYWJHQnFj\nSU1yb0NYVG4xVlZkYTdUWUpDcGdmbFF6U1NrCjBlWFZkcC9FMVJLYUtDNlBTUWcw\nNHBwWFNESDBQQmJNb3NDN2tDekM4eUUKLS0tICtMVGc1L2JFQ1BqKzM3eWFPRmRQ\nWXlQUWpvdUdOUlZ1OFhtS0ErL0JKSlUKzxLKbsnXvEqnR2HVsTxNqmM7YPjWfCjG\nZ4Bf046NdseomkNuTvWuPzjzPTe4GvjudMYc4ODchkIMOo6hXyf5kw==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
}
|
||||
],
|
||||
"lastmodified": "2024-11-17T01:12:23Z",
|
||||
"mac": "ENC[AES256_GCM,data:aXIM/pmgVmfNSa+PwpfK6Efh/kCWXUqZNcKLkyhRwl++vaIBQUIQgQjv09hWHOF77V3ZjRQjh2E1uNe2baBLEmrDT5Au+7VABW+j49KX/vKMd+1l4w47l3DukOVnoo50bsOQFtH+amSl2P2imxpO15sjVDu9/nUeu2qXrtbIUh8=,iv:BQVs3P9p86uzTH2BfuSOxycpE6di4ZIwSz7OTZdcQPg=,tag:mT4Ek8dDbVINGp4Odt62zw==,type:str]",
|
||||
"pgp": null,
|
||||
"unencrypted_suffix": "_unencrypted",
|
||||
"version": "3.9.1"
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue
Block a user