tsuki/services: remove some uses of secret ports

This commit is contained in:
Oystein Kristoffer Tveit 2023-10-06 18:05:38 +02:00
parent 6cd17fb71c
commit 7193a12ac2
Signed by: oysteikt
GPG Key ID: 9F2F7D8250F35146
10 changed files with 16 additions and 20 deletions

View File

@ -1,4 +1,4 @@
{ pkgs, config, lib, secrets, ... }:
{ pkgs, config, lib, ... }:
{
imports = [
./prometheus.nix

View File

@ -1,4 +1,4 @@
{ secrets, ... }: {
{ ... }: {
# TODO: Autogenerate port infrastructure
imports = [
@ -17,6 +17,6 @@
services.prometheus = {
enable = true;
port = secrets.ports.prometheus;
port = 7001;
};
}

View File

@ -1,4 +1,4 @@
{ pkgs, secrets, config, ... }:
{ config, pkgs, ... }:
{
sops.secrets."headscale/oauth2_secret" = rec {
restartUnits = [ "headscale.service" ];
@ -17,7 +17,7 @@
# TODO: make PR
# dataDir = "${config.machineVars.dataDrives.default}/var/headscale";
port = secrets.ports.headscale;
port = 39304;
settings = {
server_url = "https://vpn.nani.wtf";

View File

@ -1,4 +1,4 @@
{ config, secrets, ... }: let
{ config, ... }: let
cfg = config.services.matrix-appservice-irc;
in {
services.matrix-appservice-irc = {
@ -14,7 +14,7 @@ in {
database = {
engine = "postgres";
connectionString = "postgres://matrix-appservice-irc:@localhost:${toString secrets.ports.postgres}/matrix-appservice-irc?sslmode=disable";
connectionString = "postgres://matrix-appservice-irc:@localhost:${toString config.services.postgresql.port}/matrix-appservice-irc?sslmode=disable";
};
ircService.servers."irc.lainchan.org" = {

View File

@ -1,4 +1,4 @@
{ secrets, ... }:
{ config, ... }:
{
services.mx-puppet-discord = {
enable = false;
@ -15,11 +15,11 @@
# TODO: connect via localhost
homeserverUrl = "https://matrix.nani.wtf";
port = secrets.ports.matrix.mx-puppet-discord;
port = 8434;
enableGroupSync = true;
};
database.connString = "postgres://mx-puppet-discord:@localhost:${toString secrets.ports.postgres}/mx-puppet-discord?sslmode=disable";
database.connString = "postgres://mx-puppet-discord:@localhost:${toString config.services.postgresql.port}/mx-puppet-discord?sslmode=disable";
namePatterns = {
room = ":name";

View File

@ -1,4 +1,4 @@
{ lib, config, secrets, ... }:
{ lib, config, ... }:
{
services.postgresql = let
o = lib.optional;

View File

@ -2,9 +2,8 @@
{
services.osuchan = {
enable = true;
port = secrets.ports.osuchan;
port = 9283;
secretFile = "${config.machineVars.dataDrives.default}/keys/osuchan/envfile";
};
systemd.services.osuchan.after = [

View File

@ -1,4 +1,4 @@
{ config, secrets, ... }: let
{ config, ... }: let
cfg = config.services.plex;
in {
services.plex = {
@ -29,6 +29,4 @@ in {
# RestrictAddressFamilies = [ "AF_UNIX AF_INET AF_INET6" ];
SystemCallArchitectures = "native";
};
# networking.firewall.allowedTCPPorts = [ secrets.ports.plex ];
}

View File

@ -1,4 +1,4 @@
{ config, pkgs, lib, secrets, ... }: let
{ config, pkgs, lib, ... }: let
cfg = config.services.postgresql;
in {
services.postgresql = {
@ -10,7 +10,6 @@ in {
host all all 127.0.0.1/32 trust
host all all ::1/128 trust
'';
port = secrets.ports.postgres;
dataDir = "${config.machineVars.dataDrives.drives.postgres}/${config.services.postgresql.package.psqlSchema}";
settings = {
max_connections = 150;

View File

@ -1,4 +1,4 @@
{ pkgs, config, secrets, ... }:
{ pkgs, config, ... }:
{
security.acme.certs."tasks.nani.wtf" = {
group = config.services.taskserver.group;
@ -11,7 +11,7 @@
services.taskserver = {
enable = true;
fqdn = "todo.nani.wtf";
listenPort = secrets.ports.taskserver;
listenPort = 19233;
dataDir = "${config.machineVars.dataDrives.default}/var/taskserver";
organisations.h7x4 = {