Compare commits
No commits in common. "671f7b511719403b78156f5be8bcadb232bbea6d" and "dd4a80e03423c470e239e07c5f5895e20feba10b" have entirely different histories.
671f7b5117
...
dd4a80e034
7 changed files with 8 additions and 58 deletions
|
|
@ -1,32 +0,0 @@
|
||||||
#!/usr/bin/env bash
|
|
||||||
set -euo pipefail
|
|
||||||
|
|
||||||
LINUX=/root/petersweb-infra/nixos/linux.nix
|
|
||||||
|
|
||||||
usage() {
|
|
||||||
echo "Usage: $0 <sha256-digest>"
|
|
||||||
echo " e.g. $0 sha256:2e2d92abae0ba68be780fff581523480ac05444690dbf38bf4330f1dda099e2a"
|
|
||||||
exit 1
|
|
||||||
}
|
|
||||||
|
|
||||||
[[ $# -eq 1 ]] || usage
|
|
||||||
|
|
||||||
NEW_DIGEST="${1#sha256:}" # strip leading "sha256:" if provided
|
|
||||||
|
|
||||||
# Validate: hex string of the right length
|
|
||||||
if ! [[ "$NEW_DIGEST" =~ ^[0-9a-f]{64}$ ]]; then
|
|
||||||
echo "Error: digest must be a 64-character lowercase hex string (got: $NEW_DIGEST)" >&2
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
OLD_LINE=$(grep -n 'coldairnetworks-com@sha256:' "$LINUX")
|
|
||||||
echo "Current: $OLD_LINE"
|
|
||||||
|
|
||||||
sed -i -E "s|(coldairnetworks-com@sha256:)[0-9a-f]{64}|\1${NEW_DIGEST}|" "$LINUX"
|
|
||||||
|
|
||||||
NEW_LINE=$(grep -n 'coldairnetworks-com@sha256:' "$LINUX")
|
|
||||||
echo "Updated: $NEW_LINE"
|
|
||||||
|
|
||||||
echo "Applying NixOS configuration..."
|
|
||||||
nixos-rebuild switch --flake /root/petersweb-infra/nixos#mainframe
|
|
||||||
echo "Done. Tail logs with: podman logs -f coldairnetworks"
|
|
||||||
|
|
@ -7,7 +7,7 @@
|
||||||
services = {
|
services = {
|
||||||
app = {
|
app = {
|
||||||
service = {
|
service = {
|
||||||
image = "forge.quinefoundation.com/ironmagma/riverside@sha256:567483665861b5a895d4330caa03635191b6554a68f6e471c81c9ff4dbdacfa7";
|
image = "forge.quinefoundation.com/ironmagma/riverside@sha256:6ad578b0668ac91f37fc3677ce12960b5eeb23c3ba7238e1ba137d35e60fea58";
|
||||||
container_name = "riverside";
|
container_name = "riverside";
|
||||||
restart = "unless-stopped";
|
restart = "unless-stopped";
|
||||||
networks = [ "riverside" ];
|
networks = [ "riverside" ];
|
||||||
|
|
|
||||||
|
|
@ -83,11 +83,6 @@ in {
|
||||||
file = ./secrets/paperless.age;
|
file = ./secrets/paperless.age;
|
||||||
owner = "root";
|
owner = "root";
|
||||||
};
|
};
|
||||||
|
|
||||||
coldairnetworks = {
|
|
||||||
file = ./secrets/coldairnetworks.age;
|
|
||||||
owner = "root";
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
|
|
||||||
environment.systemPackages = [
|
environment.systemPackages = [
|
||||||
|
|
@ -385,15 +380,13 @@ in {
|
||||||
|
|
||||||
"coldairnetworks" = {
|
"coldairnetworks" = {
|
||||||
autoStart = true;
|
autoStart = true;
|
||||||
image = "quineglobal/coldairnetworks-com@sha256:36f16006502171d82a107b1bd67517b9d602b54de31630a4861fba1e78250857";
|
image = "quineglobal/coldairnetworks-com:latest";
|
||||||
volumes = [];
|
volumes = [];
|
||||||
environment = {
|
environment = {
|
||||||
POSTMARK_SERVER_TOKEN = "e718a146-c590-4550-a750-a3b925056e29";
|
POSTMARK_SERVER_TOKEN = "e718a146-c590-4550-a750-a3b925056e29";
|
||||||
BETTER_AUTH_URL = "https://coldairnetworks.com";
|
|
||||||
NODE_TLS_REJECT_UNAUTHORIZED = "0";
|
|
||||||
};
|
};
|
||||||
environmentFiles = [ config.age.secrets.postmark.path config.age.secrets.coldairnetworks.path ];
|
environmentFiles = [ config.age.secrets.postmark.path ];
|
||||||
ports = ["3012:3000"];
|
ports = ["3012:8081"];
|
||||||
};
|
};
|
||||||
|
|
||||||
};
|
};
|
||||||
|
|
|
||||||
|
|
@ -121,10 +121,10 @@
|
||||||
locations."/" = {
|
locations."/" = {
|
||||||
proxyPass = "http://127.0.0.1:8000/";
|
proxyPass = "http://127.0.0.1:8000/";
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
proxy_http_version 1.1;
|
proxy_set_header Host $host;
|
||||||
proxy_set_header Upgrade $http_upgrade;
|
proxy_set_header X-Real-IP $remote_addr;
|
||||||
proxy_set_header Connection "upgrade";
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
proxy_read_timeout 86400;
|
proxy_set_header X-Forwarded-Proto $scheme;
|
||||||
client_max_body_size 100M;
|
client_max_body_size 100M;
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
|
||||||
|
|
@ -1,7 +0,0 @@
|
||||||
age-encryption.org/v1
|
|
||||||
-> ssh-ed25519 NFD/vg 5yGAA19rlzC2wSX7buivwDVu6AkSz0joS9oT7gcomGk
|
|
||||||
YnrxzrNQ7rT6joa38uyz3JBs5NkZhqPOwCOyaTRHD5A
|
|
||||||
--- jeqx+rAgrPkbdKhzNsiYjGhzq3nVTBfXfl4wKbkski8
|
|
||||||
¯/ß‹P#¬!âŽ<C3A2>&Ïó`›àF¾rf9|œö~"~ð§m?+Õenw±D£KUXkS¢=;.“Ç£›m^!ÀÊ÷L6ßBä\˾†»„1S
|
|
||||||
<@Óp˜Ag¿ç˜Þ™–°°ÁwLãX…ŒÏHô¿ðôãA(%6‰/ñ©ïýt{ñªLO_‘˜üs<C3BC>!8Æ+œ“žaêX·/{fÜ›úÛ/¾çÜeNè&
|
|
||||||
rbøÉ¡Ë ~2f’G$6HÈB•Æì•â<E280A2>µ‹B`ƒs+EžË4aGǺ5370-T£æJ°„‚#m÷òe‘=˜÷
|
|
||||||
|
|
@ -30,8 +30,4 @@ in {
|
||||||
# PAPERLESS_ADMIN_PASSWORD=<password>
|
# PAPERLESS_ADMIN_PASSWORD=<password>
|
||||||
# PAPERLESS_ADMIN_EMAIL=peterson@sent.com
|
# PAPERLESS_ADMIN_EMAIL=peterson@sent.com
|
||||||
"./paperless.age".publicKeys = [mainframePublicKey];
|
"./paperless.age".publicKeys = [mainframePublicKey];
|
||||||
|
|
||||||
# DATABASE_URL=<supabase postgres dsn>
|
|
||||||
# BETTER_AUTH_SECRET=<secret>
|
|
||||||
"./coldairnetworks.age".publicKeys = [mainframePublicKey];
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Binary file not shown.
Loading…
Reference in a new issue