From f83f1f35241cd71feeffc97ce49bdb928fef0b70 Mon Sep 17 00:00:00 2001 From: Philipp Hochkamp Date: Tue, 6 Sep 2022 08:34:16 +0200 Subject: [PATCH] feat: dns provider changes --- flake.lock | 60 ++++++++++++++--------------- nixos-modules/services/libvirt.nix | 1 + nixos-modules/services/nginx.nix | 2 +- secrets/cloudflareAcme.age | Bin 857 -> 863 bytes 4 files changed, 32 insertions(+), 31 deletions(-) diff --git a/flake.lock b/flake.lock index d1adada2..1be33a6e 100644 --- a/flake.lock +++ b/flake.lock @@ -7,11 +7,11 @@ ] }, "locked": { - "lastModified": 1652712410, - "narHash": "sha256-hMJ2TqLt0DleEnQFGUHK9sV2aAzJPU8pZeiZoqRozbE=", + "lastModified": 1662241716, + "narHash": "sha256-urqPvSvvGUhkwzTDxUI8N1nsdMysbAfjmBNZaTYBZRU=", "owner": "ryantm", "repo": "agenix", - "rev": "7e5e58b98c3dcbf497543ff6f22591552ebfe65b", + "rev": "c96da5835b76d3d8e8d99a0fec6fe32f8539ee2e", "type": "github" }, "original": { @@ -44,11 +44,11 @@ ] }, "locked": { - "lastModified": 1661762118, - "narHash": "sha256-+kQvys2HuLwQBkpN2AoVl4pFQx2MQ7o0jjNdGu2dIV4=", + "lastModified": 1661882940, + "narHash": "sha256-4LaVFnV22WrOA0aolqqk9dXrM8crikcrLQt29G18F7M=", "owner": "lnl7", "repo": "nix-darwin", - "rev": "157a3c3c4ea482317a4eb4ea2c41db4f16c82420", + "rev": "80cec5115aae74accc4ccfb9f84306d7863f0632", "type": "github" }, "original": { @@ -64,11 +64,11 @@ "nixpkgs": "nixpkgs" }, "locked": { - "lastModified": 1661832453, - "narHash": "sha256-dBXlnUPa9RT3gXsUboJ5bznvOXQwWmAQZ/oP3idrpMM=", + "lastModified": 1662434261, + "narHash": "sha256-+bf55NhDopbwEU9taYsfzYkyhTYDkaEkClL+eR55drg=", "owner": "nix-community", "repo": "emacs-overlay", - "rev": "c507c22745155a848b5928a5051c9aad28994d78", + "rev": "817a33003090677244ad5157d3148911e14372af", "type": "github" }, "original": { @@ -100,11 +100,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1661824092, - "narHash": "sha256-nSWLWytlXbeLrx5A+r5Pso7CvVrX5EgmIIXW/EXvPHQ=", + "lastModified": 1662396970, + "narHash": "sha256-N1LKxBqKmWSM/YFSROAmhotZVTUt0d6yF3opFc/XcN8=", "owner": "nix-community", "repo": "home-manager", - "rev": "5bd66dc6cd967033489c69d486402b75d338eeb6", + "rev": "583a99f0166e3e5df9539b972091830bb9faf6b8", "type": "github" }, "original": { @@ -115,11 +115,11 @@ }, "impermanence": { "locked": { - "lastModified": 1661590580, - "narHash": "sha256-XoPSucNvccnT50LWme/7BiENZDwr8tArEg36OGQFFnA=", + "lastModified": 1661933071, + "narHash": "sha256-RFgfzldpbCvS+H2qwH+EvNejvqs+NhPVD5j1I7HQQPY=", "owner": "nix-community", "repo": "impermanence", - "rev": "2237ad28093cb53ad2eb0fd1a9f870997287e0fa", + "rev": "def994adbdfc28974e87b0e4c949e776207d5557", "type": "github" }, "original": { @@ -167,11 +167,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1660407119, - "narHash": "sha256-04lWO0pDbhAXFdL4v2VzzwgxrZ5IefKn+TmZPiPeKxg=", + "lastModified": 1662092548, + "narHash": "sha256-nmAbyJ5+DBXcNJ2Rcy/Gx84maqtLdr6xEe82+AXCaY8=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "12620020f76b1b5d2b0e6fbbda831ed4f5fe56e1", + "rev": "786633331724f36967853b98d9100b5cfaa4d798", "type": "github" }, "original": { @@ -183,11 +183,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1661353537, - "narHash": "sha256-1E2IGPajOsrkR49mM5h55OtYnU0dGyre6gl60NXKITE=", + "lastModified": 1662096612, + "narHash": "sha256-R+Q8l5JuyJryRPdiIaYpO5O3A55rT+/pItBrKcy7LM4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "0e304ff0d9db453a4b230e9386418fd974d5804a", + "rev": "21de2b973f9fee595a7a1ac4693efff791245c34", "type": "github" }, "original": { @@ -197,11 +197,11 @@ }, "nixpkgs-master": { "locked": { - "lastModified": 1661842206, - "narHash": "sha256-6xJAFeZ9voQJ4kNYSVodNQ3VlEnj9RKJ0kpYhCSIFNQ=", + "lastModified": 1662443381, + "narHash": "sha256-ZsYmfRM2WupizlS2QgEaWmgtowEm3uVi2wD2CFt8jMI=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "5b76ccbfc320b305e7500cbd56e034ed6ba233a3", + "rev": "58db1157a7f184bc0cd2a5a5bf8cd9bc3d524402", "type": "github" }, "original": { @@ -213,11 +213,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1661720780, - "narHash": "sha256-AJNGyaB2eKZAYaPNjBZOzap87yL+F9ZLaFzzMkvega0=", + "lastModified": 1662019588, + "narHash": "sha256-oPEjHKGGVbBXqwwL+UjsveJzghWiWV0n9ogo1X6l4cw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "a63021a330d8d33d862a8e29924b42d73037dd37", + "rev": "2da64a81275b68fdad38af669afeda43d401e94b", "type": "github" }, "original": { @@ -389,11 +389,11 @@ ] }, "locked": { - "lastModified": 1661842962, - "narHash": "sha256-RQhGwEMOvpDbwDh4IH8ZlSsSKUjwu1Y/9ifiVUxFlYY=", + "lastModified": 1662445645, + "narHash": "sha256-g1+vRkxJe5wGxIOJYXO1Lg4C8h9al/tL8vQtZGXEv1A=", "owner": "thexyno", "repo": "blog", - "rev": "814412507e95f3c5348f8080fb46088878e30dc4", + "rev": "047775f2a50ac0a7c6bdb21f2493e699ed44f4cb", "type": "github" }, "original": { diff --git a/nixos-modules/services/libvirt.nix b/nixos-modules/services/libvirt.nix index ecdf0d48..25e1dcf8 100644 --- a/nixos-modules/services/libvirt.nix +++ b/nixos-modules/services/libvirt.nix @@ -10,6 +10,7 @@ in enable = true; }; ragon.user.extraGroups = [ "kvm" "libvirtd" ]; + security.polkit.enable = true; ragon.persist.extraDirectories = [ "/var/lib/libvirt" ]; diff --git a/nixos-modules/services/nginx.nix b/nixos-modules/services/nginx.nix index 37c867af..0cf37784 100644 --- a/nixos-modules/services/nginx.nix +++ b/nixos-modules/services/nginx.nix @@ -21,7 +21,7 @@ in security.acme.defaults.email = "nixosacme@phochkamp.de"; security.acme.acceptTerms = true; security.acme.certs."${cfg.domain}" = { - dnsProvider = "cloudflare"; + dnsProvider = "ionos"; dnsResolver = "1.1.1.1:53"; group = "nginx"; extraDomainNames = [ diff --git a/secrets/cloudflareAcme.age b/secrets/cloudflareAcme.age index 45c01ea5f2e713231dc94074a01a4dcdde3d0f2f..9da05dec8b776515661373eb51d54895644abfa5 100644 GIT binary patch delta 774 zcmcb~cAss6PJN!CTY0FLTSdNkaxhKflGmVZhol0t3{5FtA%%!QI&RaXr8A@QfRrhMWTE1 z#E;_P=Ghq`QGSVru7TQ7CT0FbE{Q4Gj=>=%Aw^;3-fo_uK}M#I;T4AZsTmerVP<9J zKEXbfA(>GrPTr1&#fhesE)`W}ZYH70p%LL_N&e2D;~B-n{jyDpyi<}3 z3JO!*gG15`BMZvhE4_{Mlgdm|U0q5uD%~SWa}$d~(hMEBatnQnU7~`V3d=pri$Ws; zJwh_WQnR!JlEO3JEid%nR^y4i9xQb2Uvea1JQX zHB9lZ%nCHi&MS2G4A(9O#Xv-MLTspRdQoa(ajHT^X{n{MLMB&`MPZ`3rGZy@UV2$^ zd1$?{TYyVgXsBtnXK10Pkym7ZU!ZGHkXJ#7d3LUOqPM4$Z?>5?m#(g^f^(3$xoMiQ zMXt7wca%|ixUr>AnO8_?x<#sGc#3miNr`(vW^ss7ZemI~*EWAe?M>USo(PFJE5T>P zptLpgu6Fpj1^*2-BRGX7WH!vVua7JB)Yh6?`;oUmjqQ`vzHqPbE2`xmUAgtQ=QNo; zTtD;tvOoIY8HJYH>o8`V-Xt-H^ZPfx`rf+D9>?Ua@A-C>|2A*0%K7}Z6MOgO=l(pT zTJl=?+;N$hFa3%u;)0$UTm6^&zwRCf@3%+F?+X*TOb!XF&Odq3Skrh}tg%w)lo>Cz J_cnZF1^_r^5{Uo+ delta 768 zcmcc5c9U&_PJKp|n`cCbNoja-uw#*5a6nd=U!K2nPKb7df0?UAsG(_zVRAuKZa|)E zD3_sQdQw%2PimQasDFAyo~L(sn0tw(MU|IppufAbfn`;gms7ZQc42a^1(&X!LUD11 zZfc5=si~o*LTIREP_Uyyk%>WBm7$lHk*l+-nPq^!i<^0bPlcO-r)#K5p>J`Zkylti zYI3M$fR~Fams75rX>pRXS+0M%r%AAXRZ&28P^odYcX>ovL3);Ny0dq9zC}f*c2c3| z#E;_Psa2K{PL4StIe|g?UcR0cp@DuOzS?O?Ie`@c&XrX@;cnrE2HBPtsjlf<+5x_i zW~DwZ1qEfk72&CF>3KeZ?vAF0r7ne*#crAD0r}yc*->Gc;Z-J+;~B-nJ>8Rw{Ie{} zv$LWqBBJslG9x1b-6IT=vRwR3Qv*XQ^G))Da?HH4lQROj{CzzticFof%e5`?JX13~ zBl1)7og-58opO^bJaY2%^HY7?vXiufJhL1ppJf!UH!%pW%=U=#uP_VG_AN1~@(7PW2CVGfYnlbP6rz@=FQMu!t&gx5&y%3h>TMsWMK93{KT94Xi5k z_sowhuJCm(DfTli(=K-e#XyQ}g>HILYGQFJS58!lt6^!Hx37LtcxF+6VRB+fet3AP zc0_$iNJgSTKu)oDuy#_GPiASLaf)BKS+Yltn^BdIu}g7cqI+0GSPGXNNUHe z<{f`~pOkCuyW4JaL8De7Si`(F;_0O~my}l)E`F}|tCnxaw