postgres credentials and dbt profiles
This commit is contained in:
parent
eda162a7ff
commit
2f3fec9e5c
44
flake.lock
44
flake.lock
|
@ -45,11 +45,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1717637172,
|
||||
"narHash": "sha256-geTO9YL1V9zYGxupuZvKFWxh6II9sH2bjI1dmEVhVYQ=",
|
||||
"lastModified": 1717770040,
|
||||
"narHash": "sha256-eq9gP060TqWqRf2k4WO5FrG49rVq5Jy3Ptusg0CFdds=",
|
||||
"owner": "nix-community",
|
||||
"repo": "disko",
|
||||
"rev": "713aa3df481782719aed4d8c20ad31a9effe3564",
|
||||
"rev": "398acc470f7c2d68621db01900f053e6000129c4",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -333,11 +333,11 @@
|
|||
"nix-secrets": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1717760051,
|
||||
"narHash": "sha256-4yXaR3PIOJGQwTxA3eVDEu1iBlsmuvXWv3Ed0NrJgtU=",
|
||||
"lastModified": 1717864759,
|
||||
"narHash": "sha256-DUtmDvpNyOZG+UDONTBfRiAdCaI7E1ngVhmUOAjj3wg=",
|
||||
"ref": "refs/heads/master",
|
||||
"rev": "521163d7278e71f084497910fa756bedcbfe97eb",
|
||||
"revCount": 88,
|
||||
"rev": "81aff439158dc6bb21251dc3be672db671e4a519",
|
||||
"revCount": 89,
|
||||
"type": "git",
|
||||
"url": "ssh://git@git.bitlab21.com/sam/nix-secrets.git"
|
||||
},
|
||||
|
@ -407,11 +407,11 @@
|
|||
},
|
||||
"nixpkgs_2": {
|
||||
"locked": {
|
||||
"lastModified": 1717737457,
|
||||
"narHash": "sha256-hqHp0W7ibfdu5DFc6EG3S3c+GSAbti7VUldFXSf/WiI=",
|
||||
"lastModified": 1717839683,
|
||||
"narHash": "sha256-kC0eyEsfpXbtQ2Ee5kgjmLFSVsLgnqpj10LjEi+fK+g=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "bf3faad723ca984fc4ea95c1cee1d975a8ca2a28",
|
||||
"rev": "3f3a01219b4a1b6ee63039a3aa63948fbf37c0dd",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -435,11 +435,11 @@
|
|||
"treefmt-nix": "treefmt-nix"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1717681257,
|
||||
"narHash": "sha256-0PhFvfc4wDjba1cus2ALsfn0wVizeKkcuF+aqvDJivg=",
|
||||
"lastModified": 1717861394,
|
||||
"narHash": "sha256-U7E1Wg5PRKUYqfeL8H6KU/5VjFo8bkxbFzigN2grkQI=",
|
||||
"owner": "nix-community",
|
||||
"repo": "nixvim",
|
||||
"rev": "36f2e51b28ee3389a67ed5e9ed5c4bd388b06918",
|
||||
"rev": "db32ebe205111af0b74d74684df64674ffcf3b36",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -450,11 +450,11 @@
|
|||
},
|
||||
"nur": {
|
||||
"locked": {
|
||||
"lastModified": 1717749895,
|
||||
"narHash": "sha256-E6fEND68P37NMIhPyvgZl0jD7KlSg2QKZ1zpsXpobfQ=",
|
||||
"lastModified": 1717864805,
|
||||
"narHash": "sha256-iu5gmYBncm1c+FSFmHiRkEvbcWpH/ZO/MQYe0r5ng7s=",
|
||||
"owner": "nix-community",
|
||||
"repo": "NUR",
|
||||
"rev": "b93b6c0b706d78ad95d52104728fd6eed3460f80",
|
||||
"rev": "e212541138b753c7bc5215524215e2a07403df8d",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -475,11 +475,11 @@
|
|||
"treefmt-nix": "treefmt-nix_2"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1717602370,
|
||||
"narHash": "sha256-qS/7is9JbnnycR6QmndsuTQfifWzjhgxObnXw+iHdP8=",
|
||||
"lastModified": 1717774136,
|
||||
"narHash": "sha256-comOhXDFUrbVba47gPenVBKy2foM3m3qOqpcP8umWDA=",
|
||||
"owner": "nix-community",
|
||||
"repo": "poetry2nix",
|
||||
"rev": "81662ae1ad31491eae3bb1d976fb74c71853bc63",
|
||||
"rev": "370da3b6fefc6c11367463b68d010f9950aaa80c",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -635,11 +635,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1717182148,
|
||||
"narHash": "sha256-Hi09/RoizxubRf3PHToT2Nm7TL8B/abSVa6q82uEgNI=",
|
||||
"lastModified": 1717278143,
|
||||
"narHash": "sha256-u10aDdYrpiGOLoxzY/mJ9llST9yO8Q7K/UlROoNxzDw=",
|
||||
"owner": "numtide",
|
||||
"repo": "treefmt-nix",
|
||||
"rev": "03b982b77df58d5974c61c6022085bafe780c1cf",
|
||||
"rev": "3eb96ca1ae9edf792a8e0963cc92fddfa5a87706",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
|
@ -20,6 +20,7 @@
|
|||
btop
|
||||
htop
|
||||
postgresql
|
||||
hugo
|
||||
;
|
||||
};
|
||||
home.stateVersion = "23.11";
|
||||
|
|
|
@ -35,13 +35,15 @@ in
|
|||
mode = "0644";
|
||||
owner = "${username}";
|
||||
};
|
||||
"passwords/postgres" = { };
|
||||
"software/postgres/btc_models/password" = { };
|
||||
"software/postgres/btc_models/ip" = { };
|
||||
"software/postgres/btc_models/username" = { };
|
||||
"software/zotero/username" = { };
|
||||
"software/zotero/password" = { };
|
||||
"software/zotero/guid" = { };
|
||||
};
|
||||
|
||||
# Setup postgres connections for db_ui
|
||||
# Setup software specific templates for user
|
||||
# Should be part of home-manager - waiting for templates functionality
|
||||
# See here https://github.com/Mic92/sops-nix/issues/423 and here https://github.com/Mic92/sops-nix/issues/498
|
||||
# TODO migrate db_ui connection to home-manager when issue 423 and 498 are resolved in github:Mic92/sops-nix
|
||||
|
@ -52,14 +54,48 @@ in
|
|||
content = ''
|
||||
[
|
||||
{
|
||||
"url": "postgresql://postgres:${config.sops.placeholder."passwords/postgres"}@10.0.10.100/btc_models",
|
||||
"url": "postgresql://${config.sops.placeholder."software/postgres/btc_models/username"}:${config.sops.placeholder."software/postgres/btc_models/password"}@${config.sops.placeholder."software/postgres/btc_models/ip"}/btc_models",
|
||||
"name": "btc_models"
|
||||
},
|
||||
{
|
||||
"url": "postgresql://${config.sops.placeholder."software/postgres/btc_models/username"}:${config.sops.placeholder."software/postgres/btc_models/password"}@${config.sops.placeholder."software/postgres/btc_models/ip"}/dev_btc_models",
|
||||
"name": "dev_btc_models"
|
||||
}
|
||||
]
|
||||
'';
|
||||
};
|
||||
|
||||
# The containing folders are created as root and if this is the first entry when writing keys,
|
||||
sops.templates."dbt_profiles.yml" = {
|
||||
path = "/home/${username}/.config/dbt/profiles.yml";
|
||||
owner = "${username}";
|
||||
mode = "0600";
|
||||
content = ''
|
||||
bitcoin:
|
||||
target: dev
|
||||
outputs:
|
||||
dev:
|
||||
dbname: dev_btc_models
|
||||
host: ${config.sops.placeholder."software/postgres/btc_models/ip"}
|
||||
pass: '${config.sops.placeholder."software/postgres/btc_models/password"}'
|
||||
port: 5432
|
||||
schema: models
|
||||
threads: 6
|
||||
type: postgres
|
||||
user: ${config.sops.placeholder."software/postgres/btc_models/username"}
|
||||
prod:
|
||||
dbname: btc_models
|
||||
host: ${config.sops.placeholder."software/postgres/btc_models/ip"}
|
||||
pass: '${config.sops.placeholder."software/postgres/btc_models/password"}'
|
||||
port: 5432
|
||||
schema: models
|
||||
threads: 6
|
||||
type: postgres
|
||||
user: ${config.sops.placeholder."software/postgres/btc_models/username"}
|
||||
|
||||
'';
|
||||
};
|
||||
|
||||
# The containing folders are created as root and if this is the first entry when writing files,
|
||||
# the ownership is busted and home-manager can't target because it can't write to these dirs...
|
||||
# FIXME: We might not need this depending on how https://github.com/Mic92/sops-nix/issues/381 is fixed
|
||||
system.activationScripts.sopsSetOwnwership =
|
||||
|
|
Loading…
Reference in New Issue