ctucx.git: nixfiles

machines/osterei/git: move to machine `trabbi`

diff --git a/configurations/common/programs/ssh.nix b/configurations/common/programs/ssh.nix
@@ -26,7 +26,7 @@
 
           "ctucx-git" = {
             user     = "git";
-            hostname = "osterei.ctu.cx";
+            hostname = "trabbi.ctu.cx";
           };
         };
       };

diff --git a/machines/osterei/configuration.nix b/machines/osterei/configuration.nix
@@ -17,9 +17,6 @@
     # monitoring
     ../../configurations/linux/services/prometheus-node-exporter.nix
 
-    # git server (gitolite+stagit)
-    ./git
-
     # communication
     ./matrix-synapse.nix
     ./pleroma

diff --git a/machines/osterei/git/default.nix b/machines/osterei/git/default.nix
@@ -1,32 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-{
-
-  imports = [
-#    ./cgit.nix
-    ./stagit.nix
-  ];
-
-  age.secrets.restic-gitolite.file = ../../../secrets/osterei/restic/gitolite.age;
-
-  restic-backups.gitolite = {
-    user         = "git";
-    passwordFile = config.age.secrets.restic-gitolite.path;
-    paths        = [ "/var/lib/gitolite" ];
-  };
-
-  services = {
-    gitolite = {
-      enable      = true;
-      user        = "git";
-      group       = "git";
-      adminPubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDb2eZ2ymt+Zsf0eTlmjW2jPdS013lbde1+EGkgu6bz9lVTR8aawshF2HcoaWp5a5dJr3SKyihDM8hbWSYB3qyTHihNGyCArqSvAtZRw301ailRVHGqiwUITTfcg1533TtmWvlJZgOIFM1VvSAfdueDRRRzbygmn749fS9nhUTDzLtjqX5LvhpqhzsD+eOqPrV6Ne8E1e42JxQb5AJPY1gj9mk6eAarvtEHQYEe+/hp9ERjtCdN5DfuOJnqfaKS0ytPj/NbQskbX/TMgeUVio11iC2NbXsnAtzMmtbLX4mxlDQrR6aZmU/rHQ4aeJqI/Tj2rrF46icri7s0tnnit1OjT5PSxXgifcOtn06qoxYZMT1x+Dyrt40vNkGmxmxCnirm8B+6MKXgd/Ys+7tnOm1ht8TmLm96x6KdOiF3Zq/tMxhPAzp8JriTKSo7k7U9XxStFghTbhhBNc7OX89ZbpalLEnvbQiz87gZxhcx8cLvzIjslOHmZOSWC5Pgr4wwuj3Akq63i4ya6/BzM6v4UoBuDAB6fz3NHKL4R5X20la7Pvt7OBysQkGClWfj6ipMR1bFE2mfYtlMioXNgTjC+NCpEl1+81MH7dv2565Hk8CLV8FMxv6GujbAZGjjcM47lpWM1cBQvpBMUA/lLkyiCPK0YxNWAB7Co+jYDl6CR0Ubew== cardno:6445161";
-      extraGitoliteRc = ''
-        $RC{UMASK} = 0027;
-        $RC{GIT_CONFIG_KEYS} = ".*";
-        push( @{$RC{ENABLE}}, 'cgit' );
-      '';
-    };
-  };
-
-}

diff --git a/machines/trabbi/configuration.nix b/machines/trabbi/configuration.nix
@@ -8,6 +8,9 @@
     # dns server
     ../../configurations/linux/services/dns.nix
 
+    # git server (gitolite+stagit)
+    ./git
+
     # monitoring
     ../../configurations/linux/services/prometheus-node-exporter.nix
     ./prometheus.nix

diff --git a/machines/osterei/git/cgit-assets/cgit.css b/machines/trabbi/git/cgit-assets/cgit.css

diff --git a/machines/osterei/git/cgit.nix b/machines/trabbi/git/cgit.nix

diff --git a/machines/trabbi/git/default.nix b/machines/trabbi/git/default.nix
@@ -0,0 +1,32 @@
+{ config, lib, pkgs, ... }:
+
+{
+
+  imports = [
+#    ./cgit.nix
+    ./stagit.nix
+  ];
+
+  age.secrets.restic-gitolite.file = ../../../secrets/trabbi/restic/gitolite.age;
+
+  restic-backups.gitolite = {
+    user         = "git";
+    passwordFile = config.age.secrets.restic-gitolite.path;
+    paths        = [ "/var/lib/gitolite" ];
+  };
+
+  services = {
+    gitolite = {
+      enable      = true;
+      user        = "git";
+      group       = "git";
+      adminPubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDb2eZ2ymt+Zsf0eTlmjW2jPdS013lbde1+EGkgu6bz9lVTR8aawshF2HcoaWp5a5dJr3SKyihDM8hbWSYB3qyTHihNGyCArqSvAtZRw301ailRVHGqiwUITTfcg1533TtmWvlJZgOIFM1VvSAfdueDRRRzbygmn749fS9nhUTDzLtjqX5LvhpqhzsD+eOqPrV6Ne8E1e42JxQb5AJPY1gj9mk6eAarvtEHQYEe+/hp9ERjtCdN5DfuOJnqfaKS0ytPj/NbQskbX/TMgeUVio11iC2NbXsnAtzMmtbLX4mxlDQrR6aZmU/rHQ4aeJqI/Tj2rrF46icri7s0tnnit1OjT5PSxXgifcOtn06qoxYZMT1x+Dyrt40vNkGmxmxCnirm8B+6MKXgd/Ys+7tnOm1ht8TmLm96x6KdOiF3Zq/tMxhPAzp8JriTKSo7k7U9XxStFghTbhhBNc7OX89ZbpalLEnvbQiz87gZxhcx8cLvzIjslOHmZOSWC5Pgr4wwuj3Akq63i4ya6/BzM6v4UoBuDAB6fz3NHKL4R5X20la7Pvt7OBysQkGClWfj6ipMR1bFE2mfYtlMioXNgTjC+NCpEl1+81MH7dv2565Hk8CLV8FMxv6GujbAZGjjcM47lpWM1cBQvpBMUA/lLkyiCPK0YxNWAB7Co+jYDl6CR0Ubew== cardno:6445161";
+      extraGitoliteRc = ''
+        $RC{UMASK} = 0027;
+        $RC{GIT_CONFIG_KEYS} = ".*";
+        push( @{$RC{ENABLE}}, 'cgit' );
+      '';
+    };
+  };
+
+}

diff --git a/machines/osterei/git/stagit.nix b/machines/trabbi/git/stagit.nix

diff --git a/secrets/osterei/restic/gitolite.age b/secrets/osterei/restic/gitolite.age  Binary files differ.

diff --git a/secrets/secrets.nix b/secrets/secrets.nix
@@ -78,7 +78,6 @@ in {
   "osterei/mail/password-leah-ctu.cx.age".publicKeys          = [ leah osterei ];
   "osterei/mail/password-mail-zug.network.age".publicKeys     = [ leah osterei ];
 
-  "osterei/restic/gitolite.age".publicKeys                    = [ leah osterei ];
   "osterei/restic/pleroma.age".publicKeys                     = [ leah osterei ];
   "osterei/restic/matrix-synapse.age".publicKeys              = [ leah osterei ];
   "osterei/restic/maddy.age".publicKeys                       = [ leah osterei ];

@@ -94,4 +93,7 @@ in {
 
   "hector/restic-server-htpasswd.age".publicKeys              = [ leah hector ];
 
+
+  "trabbi/restic/gitolite.age".publicKeys                     = [ leah trabbi ];
+
 }

diff --git a/secrets/trabbi/restic/gitolite.age b/secrets/trabbi/restic/gitolite.age
@@ -0,0 +1,10 @@
+age-encryption.org/v1
+-> X25519 jrxGxKCsMjgqHYwTjvovskC3fnIRQOB/H+afwc0+ATo
+ktsjZa6HnvpD8nD9fTYuS/58MzWszdk25+xfwtCO//Y
+-> ssh-ed25519 V0uUrw oh7EZrHJfmJmpCyuqzSSjgLgyNq1GqOu9YPmtu2YimY
+Yj6uI98i8qB6C+2pO0LQtAkaOqI+jpH9QCgdp6KO/ko
+-> D:]6-grease M*YIW[Z U+zH 5Jeo65Ej
+DyfdbZAefCWMbympH+L8TSaQj1yJOZfZS0da/R6mvZ0zanLLpOqAIqzJLjNqnd5C
+
+--- dZMO7mJC7fFgox3jOta+28g6cNvKXd+b2CTAQIMxs5I
+Z�Ή=C�^?`Q������Cp5A�L�#��2��Ԑ��앧~DL!��3���,+
\ No newline at end of file