federez/nix
7
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

add some secrets & asyncnomi key to sysadmin

Browse source
This commit is contained in:
asyncnomi 2025-06-22 01:15:31 +02:00
parent 9b61f7e9b5
commit 1ce8f529ee
4 changed files with 17 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

11
profiles/gitlab.nix
View file

@ -12,6 +12,9 @@ in
gitlab-otp-secret = ../secrets/gitlab-otp-secret.age;
gitlab-db-secret = ../secrets/gitlab-db-secret.age;
gitlab-jws-secret = ../secrets/gitlab-jws-secret.age;
gitlab-arpk-secret = ../secrets/gitlab-arpk-secret.age;
gitlab-ardk-secret = ../secrets/gitlab-ardk-secret.age;
gitlab-ars-secret = ../secrets/gitlab-ars-secret.age;
gitlab-db-password = ../secrets/gitlab-db-password.age;
gitlab-initial-root-password = ../secrets/gitlab-initial-root-password.age;
gitlab-ldap-password = ../secrets/gitlab-ldap-password.age;
@ -33,6 +36,9 @@ in
otpFile = secrets.gitlab-otp-secret.path;
dbFile = secrets.gitlab-db-secret.path;
jwsFile = secrets.gitlab-jws-secret.path;
activeRecordPrimaryKeyFile = secrets.gitlab-arpk-secret.path;
activeRecordDeterministicKeyFile = secrets.gitlab-ardk-secret.path;
activeRecordSaltFile = secrets.gitlab-ars-secret.path;
};
extraConfig.ldap = {
enabled = true;
@ -55,6 +61,11 @@ in
};
};
services.postgresql = {
enable = true;
package = pkgs.postgresql_16;
};
services.nginx = {
enable = true;
recommendedProxySettings = true;