flake.lock

@@ -1,50 +1,5 @@
 {
   "nodes": {
-    "agenix": {
-      "inputs": {
-        "darwin": "darwin",
-        "home-manager": "home-manager",
-        "nixpkgs": [
-          "nixpkgs"
-        ],
-        "systems": "systems"
-      },
-      "locked": {
-        "lastModified": 1770165109,
-        "narHash": "sha256-9VnK6Oqai65puVJ4WYtCTvlJeXxMzAp/69HhQuTdl/I=",
-        "owner": "ryantm",
-        "repo": "agenix",
-        "rev": "b027ee29d959fda4b60b57566d64c98a202e0feb",
-        "type": "github"
-      },
-      "original": {
-        "owner": "ryantm",
-        "repo": "agenix",
-        "type": "github"
-      }
-    },
-    "darwin": {
-      "inputs": {
-        "nixpkgs": [
-          "agenix",
-          "nixpkgs"
-        ]
-      },
-      "locked": {
-        "lastModified": 1744478979,
-        "narHash": "sha256-dyN+teG9G82G+m+PX/aSAagkC+vUv0SgUw3XkPhQodQ=",
-        "owner": "lnl7",
-        "repo": "nix-darwin",
-        "rev": "43975d782b418ebf4969e9ccba82466728c2851b",
-        "type": "github"
-      },
-      "original": {
-        "owner": "lnl7",
-        "ref": "master",
-        "repo": "nix-darwin",
-        "type": "github"
-      }
-    },
     "disko": {
       "inputs": {
         "nixpkgs": [
@@ -66,27 +21,6 @@
       }
     },
     "home-manager": {
-      "inputs": {
-        "nixpkgs": [
-          "agenix",
-          "nixpkgs"
-        ]
-      },
-      "locked": {
-        "lastModified": 1745494811,
-        "narHash": "sha256-YZCh2o9Ua1n9uCvrvi5pRxtuVNml8X2a03qIFfRKpFs=",
-        "owner": "nix-community",
-        "repo": "home-manager",
-        "rev": "abfad3d2958c9e6300a883bd443512c55dfeb1be",
-        "type": "github"
-      },
-      "original": {
-        "owner": "nix-community",
-        "repo": "home-manager",
-        "type": "github"
-      }
-    },
-    "home-manager_2": {
       "inputs": {
         "nixpkgs": [
           "nixpkgs"
@@ -124,26 +58,10 @@
     },
     "root": {
       "inputs": {
-        "agenix": "agenix",
         "disko": "disko",
-        "home-manager": "home-manager_2",
+        "home-manager": "home-manager",
         "nixpkgs": "nixpkgs"
       }
-    },
-    "systems": {
-      "locked": {
-        "lastModified": 1681028828,
-        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
-        "owner": "nix-systems",
-        "repo": "default",
-        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
-        "type": "github"
-      },
-      "original": {
-        "owner": "nix-systems",
-        "repo": "default",
-        "type": "github"
-      }
     }
   },
   "root": "root",

flake.nix

@@ -7,12 +7,9 @@
         disko.inputs.nixpkgs.follows = "nixpkgs";
         home-manager.url = "github:nix-community/home-manager";
         home-manager.inputs.nixpkgs.follows = "nixpkgs";
-        agenix.url = "github:ryantm/agenix";
-        agenix.inputs.nixpkgs.follows = "nixpkgs";
-
     };
 
-    outputs = { self, nixpkgs, disko, home-manager, agenix }:
+    outputs = { self, nixpkgs, disko, home-manager }:
     let
         # options
         system = "x86_64-linux";
@@ -25,7 +22,7 @@
         nixosConfigurations = {
             isengard = lib.nixosSystem {
                 inherit system;
-                specialArgs = { inherit release myUser disko agenix; };
+                specialArgs = { inherit release myUser disko; };
                 modules = [
                     ./modules/base.nix
                     ./hosts/isengard.nix

hosts/isengard.nix

@@ -4,13 +4,9 @@
     # Imports
     imports = [
         disko.nixosModules.disko ../disko/isengard/btrfs-legacy.nix
-        
-        # Secrets
-        ../modules/agenix.nix
 
         # Containers
         ../modules/containers/ntfy.nix
-        ../modules/containers/mindwtr.nix
 
     ];
     # Disks
@@ -42,3 +38,4 @@
 
     system.stateVersion = release;
 }
+

modules/agenix.nix

@@ -1,21 +0,0 @@
-{ config, pkgs, agenix, system, ... }:
-
-{
-
-    imports = [
-        agenix.nixosModules.default
-    ];
-    environment.systemPackages = [
-        agenix.packages.${system}.default
-    ];
-
-    # Secrets
-    age.secrets = {
-        mindwtr = {
-            file = ../secrets/mindwtr.age;
-            owner = "root";
-            group = "root";
-            mode = "0400";
-        };
-    };
-}

modules/containers/mindwtr.nix

@@ -1,54 +0,0 @@
-{ config, ... }:
-
-let
-    workDir = "/srv/containers/mindwtr";
-in
-{
-    systemd.tmpfiles.rules = [
-        "d ${workDir} 2775 root admin"
-    ];
-
-    virtualisation.oci-containers.containers.mindwtr-app = {
-
-        autoStart = true;
-
-        image = "ghcr.io/dongdongbh/mindwtr-app:latest";
-
-        ports = [
-            "10001:5173/tcp"
-        ];
-    };
-
-    virtualisation.oci-containers.containers.mindwtr-cloud = {
-
-        autoStart = true;
-
-        image = "ghcr.io/dongdongbh/mindwtr-cloud:latest";
-
-        ports = [
-            "10002:8787/tcp"
-        ];
-
-        volumes = [
-            "${workDir}:/app/cloud_data"
-        ];
-
-        extraOptions = [
-            "--health-cmd=curl -f http://localhost:8787/health || echo 'Health check failed'"
-            "--health-interval=1m30s"
-            "--health-retries=3"
-            "--health-start-period=30s"
-            "--health-timeout=10s"
-        ];
-
-        environmentFiles = [
-            config.age.secrets.mindwtr.path
-        ];
-
-        # For directory permissions
-        environment = {
-            UID = "1000";
-            GID = "10000";
-        };
-    };
-}

modules/containers/ntfy.nix

@@ -1,11 +1,11 @@
 { config, ... }:
 
 let
-    workDir = "/srv/containers/ntfy";
+    ntfyDir = "/srv/containers/ntfy";
 in
 {
     systemd.tmpfiles.rules = [
-        "d ${workDir} 2775 root admin"
+        "d ${ntfyDir} 2775 root admin"
     ];
 
     virtualisation.oci-containers.containers.ntfy = {
@@ -19,7 +19,7 @@ in
         ];
 
         volumes = [
-            "${workDir}:/var/lib/ntfy"
+            "${ntfyDir}:/var/lib/ntfy"
         ];
 
         cmd = [ "serve" ];

modules/containers/vaultwarden.nix

@@ -1,34 +0,0 @@
-{ config, ... }:
-
-let
-    workDir = "/srv/containers/vaultwarden";
-in
-{
-    systemd.tmpfiles.rules = [
-        "d ${workDir} 2775 root admin"
-    ];
-
-    virtualisation.oci-containers.containers.vaultwarden = {
-        autoStart = true;
-        image = "vaultwarden/server:latest";
-
-        ports = [
-            "0.0.0.0:10003:80"
-        ];
-
-        volumes = [
-            "${workDir}:/data"
-        ];
-        
-        environment = {
-            TZ = "Europe/Bucharest";
-            WEBSOCKET_ENABLED = "true";
-            SIGNUPS_ALLOWED = "false";
-            ROCKET_PORT = "80";
-            ROCKET_ADDRESS = "0.0.0.0";
-
-            UID = "1000";
-            GID = "10000";
-        };
-    };
-}

secrets/mindwtr.age

@@ -1,13 +0,0 @@
------BEGIN AGE ENCRYPTED FILE-----
-YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IFA5bEdnQSB1ajky
-R0RZREFKM3ZUaS9KdVN4cGJCbXhlQzBYbndyQ3NHNzlQTnBCM2dnCmpSS25CdzhR
-akxBa1hXbFAzSjNDY012cERlMHNSTlM0QlZROE9UZXFxdGMKLT4gc3NoLWVkMjU1
-MTkgS0tuNDVBIExqaWZHbDQ0Z25xYm9VK2VJYzVZZ0lQZUFqbzRQUDhlY1lnZ1Az
-VzY1aEEKR2dHZmdHeWpJR3hWbEpPckg4QzRiVDN4NG9mRURKYmxJNk54bmZlNzZ1
-MAotPiBxTiYtZ3JlYXNlIDNZISBBMnBmWFwhLSBGP2onfWsKTU5qekFBdkxnbkgw
-NzhjK2lvcnRvYUMwcGNUMStXL04yeDZyWGVnM1NCYVJhdE0KLS0tIExNbGthT1VR
-VDMxd3l1U0lIbGczaHlJQ0dxdFdBZDAzU1hPRFhxZk5jYUkK/PpI923pRhBaNIYC
-IZQJOp3ocz23sKh7Q5y+dFeVg5SVRLnPJbCvvbNdjgFIN+M/f4b/ch3T6gJVfVdM
-MlVhvJtvGRJi3HV7lV6JOa4K4XefKh4U9K6o2/Z3YEp1kAosfhGANDufyVxgnpNW
-qg==
------END AGE ENCRYPTED FILE-----

secrets/secrets.nix

@@ -1,10 +0,0 @@
-let
-  victor = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOiNyGO4RAxSdxvn2ZIBZ2Ze4iVVMrBNmu/V9JO70PoT victor@battleship";
-  users = [ victor ];
-
-  isengard = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKpsaUGNNrF8kHzmHAPOc4C15vF0SE9Nn6h+NC7nONX7 root@isengard";
-  systems = [ isengard ];
-in
-{
-  "mindwtr.age".publicKeys = [ victor isengard ];
-}