postgres credentials and dbt profiles
This commit is contained in:
parent
eda162a7ff
commit
2f3fec9e5c
44
flake.lock
44
flake.lock
|
@ -45,11 +45,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1717637172,
|
"lastModified": 1717770040,
|
||||||
"narHash": "sha256-geTO9YL1V9zYGxupuZvKFWxh6II9sH2bjI1dmEVhVYQ=",
|
"narHash": "sha256-eq9gP060TqWqRf2k4WO5FrG49rVq5Jy3Ptusg0CFdds=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "disko",
|
"repo": "disko",
|
||||||
"rev": "713aa3df481782719aed4d8c20ad31a9effe3564",
|
"rev": "398acc470f7c2d68621db01900f053e6000129c4",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -333,11 +333,11 @@
|
||||||
"nix-secrets": {
|
"nix-secrets": {
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1717760051,
|
"lastModified": 1717864759,
|
||||||
"narHash": "sha256-4yXaR3PIOJGQwTxA3eVDEu1iBlsmuvXWv3Ed0NrJgtU=",
|
"narHash": "sha256-DUtmDvpNyOZG+UDONTBfRiAdCaI7E1ngVhmUOAjj3wg=",
|
||||||
"ref": "refs/heads/master",
|
"ref": "refs/heads/master",
|
||||||
"rev": "521163d7278e71f084497910fa756bedcbfe97eb",
|
"rev": "81aff439158dc6bb21251dc3be672db671e4a519",
|
||||||
"revCount": 88,
|
"revCount": 89,
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "ssh://git@git.bitlab21.com/sam/nix-secrets.git"
|
"url": "ssh://git@git.bitlab21.com/sam/nix-secrets.git"
|
||||||
},
|
},
|
||||||
|
@ -407,11 +407,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs_2": {
|
"nixpkgs_2": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1717737457,
|
"lastModified": 1717839683,
|
||||||
"narHash": "sha256-hqHp0W7ibfdu5DFc6EG3S3c+GSAbti7VUldFXSf/WiI=",
|
"narHash": "sha256-kC0eyEsfpXbtQ2Ee5kgjmLFSVsLgnqpj10LjEi+fK+g=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "bf3faad723ca984fc4ea95c1cee1d975a8ca2a28",
|
"rev": "3f3a01219b4a1b6ee63039a3aa63948fbf37c0dd",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -435,11 +435,11 @@
|
||||||
"treefmt-nix": "treefmt-nix"
|
"treefmt-nix": "treefmt-nix"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1717681257,
|
"lastModified": 1717861394,
|
||||||
"narHash": "sha256-0PhFvfc4wDjba1cus2ALsfn0wVizeKkcuF+aqvDJivg=",
|
"narHash": "sha256-U7E1Wg5PRKUYqfeL8H6KU/5VjFo8bkxbFzigN2grkQI=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "nixvim",
|
"repo": "nixvim",
|
||||||
"rev": "36f2e51b28ee3389a67ed5e9ed5c4bd388b06918",
|
"rev": "db32ebe205111af0b74d74684df64674ffcf3b36",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -450,11 +450,11 @@
|
||||||
},
|
},
|
||||||
"nur": {
|
"nur": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1717749895,
|
"lastModified": 1717864805,
|
||||||
"narHash": "sha256-E6fEND68P37NMIhPyvgZl0jD7KlSg2QKZ1zpsXpobfQ=",
|
"narHash": "sha256-iu5gmYBncm1c+FSFmHiRkEvbcWpH/ZO/MQYe0r5ng7s=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "NUR",
|
"repo": "NUR",
|
||||||
"rev": "b93b6c0b706d78ad95d52104728fd6eed3460f80",
|
"rev": "e212541138b753c7bc5215524215e2a07403df8d",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -475,11 +475,11 @@
|
||||||
"treefmt-nix": "treefmt-nix_2"
|
"treefmt-nix": "treefmt-nix_2"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1717602370,
|
"lastModified": 1717774136,
|
||||||
"narHash": "sha256-qS/7is9JbnnycR6QmndsuTQfifWzjhgxObnXw+iHdP8=",
|
"narHash": "sha256-comOhXDFUrbVba47gPenVBKy2foM3m3qOqpcP8umWDA=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "poetry2nix",
|
"repo": "poetry2nix",
|
||||||
"rev": "81662ae1ad31491eae3bb1d976fb74c71853bc63",
|
"rev": "370da3b6fefc6c11367463b68d010f9950aaa80c",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -635,11 +635,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1717182148,
|
"lastModified": 1717278143,
|
||||||
"narHash": "sha256-Hi09/RoizxubRf3PHToT2Nm7TL8B/abSVa6q82uEgNI=",
|
"narHash": "sha256-u10aDdYrpiGOLoxzY/mJ9llST9yO8Q7K/UlROoNxzDw=",
|
||||||
"owner": "numtide",
|
"owner": "numtide",
|
||||||
"repo": "treefmt-nix",
|
"repo": "treefmt-nix",
|
||||||
"rev": "03b982b77df58d5974c61c6022085bafe780c1cf",
|
"rev": "3eb96ca1ae9edf792a8e0963cc92fddfa5a87706",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
|
@ -20,6 +20,7 @@
|
||||||
btop
|
btop
|
||||||
htop
|
htop
|
||||||
postgresql
|
postgresql
|
||||||
|
hugo
|
||||||
;
|
;
|
||||||
};
|
};
|
||||||
home.stateVersion = "23.11";
|
home.stateVersion = "23.11";
|
||||||
|
|
|
@ -35,13 +35,15 @@ in
|
||||||
mode = "0644";
|
mode = "0644";
|
||||||
owner = "${username}";
|
owner = "${username}";
|
||||||
};
|
};
|
||||||
"passwords/postgres" = { };
|
"software/postgres/btc_models/password" = { };
|
||||||
|
"software/postgres/btc_models/ip" = { };
|
||||||
|
"software/postgres/btc_models/username" = { };
|
||||||
"software/zotero/username" = { };
|
"software/zotero/username" = { };
|
||||||
"software/zotero/password" = { };
|
"software/zotero/password" = { };
|
||||||
"software/zotero/guid" = { };
|
"software/zotero/guid" = { };
|
||||||
};
|
};
|
||||||
|
|
||||||
# Setup postgres connections for db_ui
|
# Setup software specific templates for user
|
||||||
# Should be part of home-manager - waiting for templates functionality
|
# Should be part of home-manager - waiting for templates functionality
|
||||||
# See here https://github.com/Mic92/sops-nix/issues/423 and here https://github.com/Mic92/sops-nix/issues/498
|
# See here https://github.com/Mic92/sops-nix/issues/423 and here https://github.com/Mic92/sops-nix/issues/498
|
||||||
# TODO migrate db_ui connection to home-manager when issue 423 and 498 are resolved in github:Mic92/sops-nix
|
# TODO migrate db_ui connection to home-manager when issue 423 and 498 are resolved in github:Mic92/sops-nix
|
||||||
|
@ -52,14 +54,48 @@ in
|
||||||
content = ''
|
content = ''
|
||||||
[
|
[
|
||||||
{
|
{
|
||||||
"url": "postgresql://postgres:${config.sops.placeholder."passwords/postgres"}@10.0.10.100/btc_models",
|
"url": "postgresql://${config.sops.placeholder."software/postgres/btc_models/username"}:${config.sops.placeholder."software/postgres/btc_models/password"}@${config.sops.placeholder."software/postgres/btc_models/ip"}/btc_models",
|
||||||
"name": "btc_models"
|
"name": "btc_models"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"url": "postgresql://${config.sops.placeholder."software/postgres/btc_models/username"}:${config.sops.placeholder."software/postgres/btc_models/password"}@${config.sops.placeholder."software/postgres/btc_models/ip"}/dev_btc_models",
|
||||||
|
"name": "dev_btc_models"
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
# The containing folders are created as root and if this is the first entry when writing keys,
|
sops.templates."dbt_profiles.yml" = {
|
||||||
|
path = "/home/${username}/.config/dbt/profiles.yml";
|
||||||
|
owner = "${username}";
|
||||||
|
mode = "0600";
|
||||||
|
content = ''
|
||||||
|
bitcoin:
|
||||||
|
target: dev
|
||||||
|
outputs:
|
||||||
|
dev:
|
||||||
|
dbname: dev_btc_models
|
||||||
|
host: ${config.sops.placeholder."software/postgres/btc_models/ip"}
|
||||||
|
pass: '${config.sops.placeholder."software/postgres/btc_models/password"}'
|
||||||
|
port: 5432
|
||||||
|
schema: models
|
||||||
|
threads: 6
|
||||||
|
type: postgres
|
||||||
|
user: ${config.sops.placeholder."software/postgres/btc_models/username"}
|
||||||
|
prod:
|
||||||
|
dbname: btc_models
|
||||||
|
host: ${config.sops.placeholder."software/postgres/btc_models/ip"}
|
||||||
|
pass: '${config.sops.placeholder."software/postgres/btc_models/password"}'
|
||||||
|
port: 5432
|
||||||
|
schema: models
|
||||||
|
threads: 6
|
||||||
|
type: postgres
|
||||||
|
user: ${config.sops.placeholder."software/postgres/btc_models/username"}
|
||||||
|
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
# The containing folders are created as root and if this is the first entry when writing files,
|
||||||
# the ownership is busted and home-manager can't target because it can't write to these dirs...
|
# the ownership is busted and home-manager can't target because it can't write to these dirs...
|
||||||
# FIXME: We might not need this depending on how https://github.com/Mic92/sops-nix/issues/381 is fixed
|
# FIXME: We might not need this depending on how https://github.com/Mic92/sops-nix/issues/381 is fixed
|
||||||
system.activationScripts.sopsSetOwnwership =
|
system.activationScripts.sopsSetOwnwership =
|
||||||
|
|
Loading…
Reference in New Issue