diff --git a/flake.lock b/flake.lock index b633cf0..dd4795c 100644 --- a/flake.lock +++ b/flake.lock @@ -45,11 +45,11 @@ ] }, "locked": { - "lastModified": 1717637172, - "narHash": "sha256-geTO9YL1V9zYGxupuZvKFWxh6II9sH2bjI1dmEVhVYQ=", + "lastModified": 1717770040, + "narHash": "sha256-eq9gP060TqWqRf2k4WO5FrG49rVq5Jy3Ptusg0CFdds=", "owner": "nix-community", "repo": "disko", - "rev": "713aa3df481782719aed4d8c20ad31a9effe3564", + "rev": "398acc470f7c2d68621db01900f053e6000129c4", "type": "github" }, "original": { @@ -333,11 +333,11 @@ "nix-secrets": { "flake": false, "locked": { - "lastModified": 1717760051, - "narHash": "sha256-4yXaR3PIOJGQwTxA3eVDEu1iBlsmuvXWv3Ed0NrJgtU=", + "lastModified": 1717864759, + "narHash": "sha256-DUtmDvpNyOZG+UDONTBfRiAdCaI7E1ngVhmUOAjj3wg=", "ref": "refs/heads/master", - "rev": "521163d7278e71f084497910fa756bedcbfe97eb", - "revCount": 88, + "rev": "81aff439158dc6bb21251dc3be672db671e4a519", + "revCount": 89, "type": "git", "url": "ssh://git@git.bitlab21.com/sam/nix-secrets.git" }, @@ -407,11 +407,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1717737457, - "narHash": "sha256-hqHp0W7ibfdu5DFc6EG3S3c+GSAbti7VUldFXSf/WiI=", + "lastModified": 1717839683, + "narHash": "sha256-kC0eyEsfpXbtQ2Ee5kgjmLFSVsLgnqpj10LjEi+fK+g=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "bf3faad723ca984fc4ea95c1cee1d975a8ca2a28", + "rev": "3f3a01219b4a1b6ee63039a3aa63948fbf37c0dd", "type": "github" }, "original": { @@ -435,11 +435,11 @@ "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1717681257, - "narHash": "sha256-0PhFvfc4wDjba1cus2ALsfn0wVizeKkcuF+aqvDJivg=", + "lastModified": 1717861394, + "narHash": "sha256-U7E1Wg5PRKUYqfeL8H6KU/5VjFo8bkxbFzigN2grkQI=", "owner": "nix-community", "repo": "nixvim", - "rev": "36f2e51b28ee3389a67ed5e9ed5c4bd388b06918", + "rev": "db32ebe205111af0b74d74684df64674ffcf3b36", "type": "github" }, "original": { @@ -450,11 +450,11 @@ }, "nur": { "locked": { - "lastModified": 1717749895, - "narHash": "sha256-E6fEND68P37NMIhPyvgZl0jD7KlSg2QKZ1zpsXpobfQ=", + "lastModified": 1717864805, + "narHash": "sha256-iu5gmYBncm1c+FSFmHiRkEvbcWpH/ZO/MQYe0r5ng7s=", "owner": "nix-community", "repo": "NUR", - "rev": "b93b6c0b706d78ad95d52104728fd6eed3460f80", + "rev": "e212541138b753c7bc5215524215e2a07403df8d", "type": "github" }, "original": { @@ -475,11 +475,11 @@ "treefmt-nix": "treefmt-nix_2" }, "locked": { - "lastModified": 1717602370, - "narHash": "sha256-qS/7is9JbnnycR6QmndsuTQfifWzjhgxObnXw+iHdP8=", + "lastModified": 1717774136, + "narHash": "sha256-comOhXDFUrbVba47gPenVBKy2foM3m3qOqpcP8umWDA=", "owner": "nix-community", "repo": "poetry2nix", - "rev": "81662ae1ad31491eae3bb1d976fb74c71853bc63", + "rev": "370da3b6fefc6c11367463b68d010f9950aaa80c", "type": "github" }, "original": { @@ -635,11 +635,11 @@ ] }, "locked": { - "lastModified": 1717182148, - "narHash": "sha256-Hi09/RoizxubRf3PHToT2Nm7TL8B/abSVa6q82uEgNI=", + "lastModified": 1717278143, + "narHash": "sha256-u10aDdYrpiGOLoxzY/mJ9llST9yO8Q7K/UlROoNxzDw=", "owner": "numtide", "repo": "treefmt-nix", - "rev": "03b982b77df58d5974c61c6022085bafe780c1cf", + "rev": "3eb96ca1ae9edf792a8e0963cc92fddfa5a87706", "type": "github" }, "original": { diff --git a/home/common/core/default.nix b/home/common/core/default.nix index 3de98b8..7338634 100644 --- a/home/common/core/default.nix +++ b/home/common/core/default.nix @@ -20,6 +20,7 @@ btop htop postgresql + hugo ; }; home.stateVersion = "23.11"; diff --git a/hosts/common/users/sam/default.nix b/hosts/common/users/sam/default.nix index 8c5c1f2..03591ff 100644 --- a/hosts/common/users/sam/default.nix +++ b/hosts/common/users/sam/default.nix @@ -35,13 +35,15 @@ in mode = "0644"; owner = "${username}"; }; - "passwords/postgres" = { }; + "software/postgres/btc_models/password" = { }; + "software/postgres/btc_models/ip" = { }; + "software/postgres/btc_models/username" = { }; "software/zotero/username" = { }; "software/zotero/password" = { }; "software/zotero/guid" = { }; }; - # Setup postgres connections for db_ui + # Setup software specific templates for user # Should be part of home-manager - waiting for templates functionality # See here https://github.com/Mic92/sops-nix/issues/423 and here https://github.com/Mic92/sops-nix/issues/498 # TODO migrate db_ui connection to home-manager when issue 423 and 498 are resolved in github:Mic92/sops-nix @@ -52,14 +54,48 @@ in content = '' [ { - "url": "postgresql://postgres:${config.sops.placeholder."passwords/postgres"}@10.0.10.100/btc_models", + "url": "postgresql://${config.sops.placeholder."software/postgres/btc_models/username"}:${config.sops.placeholder."software/postgres/btc_models/password"}@${config.sops.placeholder."software/postgres/btc_models/ip"}/btc_models", "name": "btc_models" + }, + { + "url": "postgresql://${config.sops.placeholder."software/postgres/btc_models/username"}:${config.sops.placeholder."software/postgres/btc_models/password"}@${config.sops.placeholder."software/postgres/btc_models/ip"}/dev_btc_models", + "name": "dev_btc_models" } ] ''; }; - # The containing folders are created as root and if this is the first entry when writing keys, + sops.templates."dbt_profiles.yml" = { + path = "/home/${username}/.config/dbt/profiles.yml"; + owner = "${username}"; + mode = "0600"; + content = '' + bitcoin: + target: dev + outputs: + dev: + dbname: dev_btc_models + host: ${config.sops.placeholder."software/postgres/btc_models/ip"} + pass: '${config.sops.placeholder."software/postgres/btc_models/password"}' + port: 5432 + schema: models + threads: 6 + type: postgres + user: ${config.sops.placeholder."software/postgres/btc_models/username"} + prod: + dbname: btc_models + host: ${config.sops.placeholder."software/postgres/btc_models/ip"} + pass: '${config.sops.placeholder."software/postgres/btc_models/password"}' + port: 5432 + schema: models + threads: 6 + type: postgres + user: ${config.sops.placeholder."software/postgres/btc_models/username"} + + ''; + }; + + # The containing folders are created as root and if this is the first entry when writing files, # the ownership is busted and home-manager can't target because it can't write to these dirs... # FIXME: We might not need this depending on how https://github.com/Mic92/sops-nix/issues/381 is fixed system.activationScripts.sopsSetOwnwership =