Skip to content

Commit

Permalink
~
Browse files Browse the repository at this point in the history
  • Loading branch information
oluceps committed Oct 16, 2024
1 parent 79c4921 commit d88f885
Show file tree
Hide file tree
Showing 4 changed files with 29 additions and 28 deletions.
8 changes: 4 additions & 4 deletions hosts/nodens/spec.nix
Original file line number Diff line number Diff line change
Expand Up @@ -123,10 +123,10 @@
enable = true;
serve = true;
openFirewall = 4432;
credentials = [
"key:${config.age.secrets."nyaw.key".path}"
"cert:${config.age.secrets."nyaw.cert".path}"
];
# credentials = [
# "key:${config.age.secrets."nyaw.key".path}"
# "cert:${config.age.secrets."nyaw.cert".path}"
# ];
configFile = config.age.secrets.hyst-us.path;
};
};
Expand Down
2 changes: 1 addition & 1 deletion modules/hysteria.nix
Original file line number Diff line number Diff line change
Expand Up @@ -89,7 +89,7 @@ in
{
Type = "simple";
DynamicUser = true;
ExecStart = "${lib.getExe' opts.package "hysteria"} ${binSuffix} --disable-update-check -c $\{CREDENTIALS_DIRECTORY}/config.yaml";
ExecStart = "${lib.getExe' opts.package "hysteria"} ${binSuffix} -c $\{CREDENTIALS_DIRECTORY}/config.yaml";
LoadCredential = [ "config.yaml:${opts.configFile}" ] ++ opts.credentials;
Environment = [ "HYSTERIA_DISABLE_UPDATE_CHECK=1" ];
AmbientCapabilities = [
Expand Down
38 changes: 19 additions & 19 deletions repack/reuse-cert.nix
Original file line number Diff line number Diff line change
Expand Up @@ -45,25 +45,25 @@ reIf (
) { } nameCondPair)
// {
caddy.serviceConfig.EnvironmentFile = config.age.secrets.porkbun-api.path;
hysteria-only.serviceConfig.LoadCredential = [
"crt:${config.age.secrets."nyaw.cert".path}"
"key:${config.age.secrets."nyaw.key".path}"
];
# hysteria-only.serviceConfig.LoadCredential =
# lib.mkIf (builtins.any (i: i.serve) (lib.attrValues config.services.hysteria.instances))
# (
# map
# (
# s:
# s
# + ":"
# + "/var/lib/caddy/certificates/acme-v02.api.letsencrypt.org-directory/nyaw.xyz/nyaw.xyz.${s}"
# )
# [
# "key"
# "crt"
# ]
# );
# hysteria-only.serviceConfig.LoadCredential = [
# "crt:${config.age.secrets."nyaw.cert".path}"
# "key:${config.age.secrets."nyaw.key".path}"
# ];
hysteria-only.serviceConfig.LoadCredential =
lib.mkIf (builtins.any (i: i.serve) (lib.attrValues config.services.hysteria.instances))
(
map
(
s:
s
+ ":"
+ "/var/lib/caddy/certificates/acme-v02.api.letsencrypt.org-directory/nyaw.xyz/nyaw.xyz.${s}"
)
[
"key"
"crt"
]
);
};
}
)
9 changes: 5 additions & 4 deletions util.nu
Original file line number Diff line number Diff line change
Expand Up @@ -71,10 +71,11 @@ export def d [

log info "copy closure complete";
return [$per, $per_node_addr, $out_path];
} | par-each {|| {name: $in.0, addr: $in.1, path: $in.2}} | each {|i|
log info $'deploying ($i.path)(char newline)-> ($i.name) | ($i.addr)'
ssh -t $'ssh://($i.addr)' $'sudo ($i.path)/bin/switch-to-configuration ($mode)'
}
}
| par-each {|| {name: $in.0, addr: $in.1, path: $in.2}} | each {|i|
log info $'deploying ($i.path)(char newline)-> ($i.name) | ($i.addr)'
ssh -t $'ssh://($i.addr)' $'sudo ($i.path)/bin/switch-to-configuration ($mode)'
}
}
}

Expand Down

0 comments on commit d88f885

Please sign in to comment.