diff --git a/configuration.nix b/configuration.nix index dff6eec..d12e96e 100644 --- a/configuration.nix +++ b/configuration.nix @@ -5,7 +5,8 @@ { config, lib, nixpkgs, pkgs, home-manager, ... }: let - + my_python = (pkgs.python3.withPackages (ps: with ps; [ + git_plan])); in { imports = @@ -30,6 +31,14 @@ in owner = config.users.users.knazarov.name; group = config.users.users.knazarov.group; }; + git_plan_config = { + owner = config.users.users.knazarov.name; + group = config.users.users.knazarov.group; + }; + git_plan_credentials = { + owner = config.users.users.knazarov.name; + group = config.users.users.knazarov.group; + }; mullvad_account = {}; }; }; @@ -162,8 +171,7 @@ in ]; }) # wget - (python3.withPackages (ps: with ps; [ - git_plan])) + my_python ]; services.mullvad-vpn = { @@ -346,7 +354,10 @@ in programs.gpg = { enable = true; package = pkgs.gnupg; - publicKeys = [{source = ./gpg_public_key.asc; trust="ultimate"; }]; + publicKeys = [ + {source = ./gpg_public_key.asc; trust="ultimate"; } + {source = ./pgp_keys/FB4809DC51A4F483.asc; trust= "ultimate"; } + ]; settings = { default-key = "0x0560020C9C577C1B"; }; @@ -587,4 +598,45 @@ in services.udev.extraRules = '' ACTION=="add", SUBSYSTEMS=="usb", SUBSYSTEM=="block", ENV{ID_FS_USAGE}=="filesystem", ENV{ID_SERIAL_SHORT}=="Hidizs_AP80PRO", RUN{program}+="${pkgs.systemd}/bin/systemd-mount --owner knazarov --no-block --automount=yes --collect $devnode /media" ''; + + systemd.timers."git_plan" = { + wantedBy = [ "timers.target" ]; + timerConfig = { + OnBootSec="1h"; + OnUnitActiveSec="1h"; + Unit = "git_plan.service"; + }; + }; + + systemd.services."git_plan" = { + script = '' + ${my_python}/bin/python3 -m git_plan -c /var/run/secrets/git_plan_config -r /var/run/secrets/git_plan_credentials oneshot + ''; + serviceConfig = { + Type = "oneshot"; + User = "knazarov"; + StateDirectory="git_plan"; + Environment="PYTHONUNBUFFERED=1"; + }; + }; + + systemd.timers."git_plan_pr" = { + wantedBy = [ "timers.target" ]; + timerConfig = { + OnCalendar= "Mon,Tue,Wed,Thu,Fri *-*-* 10:00:00"; + Unit = "git_plan_pr.service"; + }; + }; + + systemd.services."git_plan_pr" = { + script = '' + ${my_python}/bin/python3 -m git_plan -c /var/run/secrets/git_plan_config -r /var/run/secrets/git_plan_credentials pr + ''; + serviceConfig = { + Type = "oneshot"; + User = "knazarov"; + StateDirectory="git_plan"; + Environment="PYTHONUNBUFFERED=1"; + }; + }; } diff --git a/flake.lock b/flake.lock index 086aa23..fcfe14c 100755 --- a/flake.lock +++ b/flake.lock @@ -49,11 +49,11 @@ ] }, "locked": { - "lastModified": 1692049717, - "narHash": "sha256-Htsfis2u/WdjqW5l8n5cx9Ai+GdOd+GRqQAssBfLQp4=", + "lastModified": 1692109167, + "narHash": "sha256-2GkXwsPfoPM1zdqMnyRArItgcTINhxR6aiKvzonz+Uo=", "owner": "~knazarov", "repo": "git-plan", - "rev": "569d267cd4f15b55618c965b868a7361b5901c86", + "rev": "b10514e4bab6d935da3a7441014fd37ea1d7e5fd", "type": "sourcehut" }, "original": { diff --git a/pgp_keys/FB4809DC51A4F483.asc b/pgp_keys/FB4809DC51A4F483.asc new file mode 100644 index 0000000..ccf6a2b --- /dev/null +++ b/pgp_keys/FB4809DC51A4F483.asc @@ -0,0 +1,14 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mDMEYUXnihYJKwYBBAHaRw8BAQdAk94cAXqZCdyDCswhtJr7kzJatc9/keC58/Fj +cuXfKtG0JktvbnN0YW50aW4gTmF6YXJvdiA8bWFpbEBrbmF6YXJvdi5jb20+iJoE +ExYKAEIWIQSKYaGWpjisvxzCNS9FkhIy7XLNWAUCYUXnigIbAwUJA8JnAAULCQgH +AgMiAgEGFQoJCAsCBBYCAwECHgcCF4AACgkQRZISMu1yzVg+KgD6AvJL+v9wLaLZ +WnPZ6KiqXgBma7LEWF/7PVgkLpfAxAMA/0U0hijNecloglBplxCBM35DVNRCtqYN +m3RqB6+kcEUEuDgEYUXnihIKKwYBBAGXVQEFAQEHQNFcVwoYkJ1L9K8SUU42Xp0C +TxULo2PSIG0RwI73smEMAwEIB4h+BBgWCgAmFiEEimGhlqY4rL8cwjUvRZISMu1y +zVgFAmFF54oCGwwFCQPCZwAACgkQRZISMu1yzViZYgEAyeNDqB3a7lbvFnnMuc6S +IJiuaXjcErscD5elqqK/0zUA/3Dot37BnhVKBxfHBmqEJk/Ub0vIK6GBhm3S9eNJ +gt0P +=RprX +-----END PGP PUBLIC KEY BLOCK----- diff --git a/secrets.yaml b/secrets.yaml index 4293836..8f723d0 100644 --- a/secrets.yaml +++ b/secrets.yaml @@ -2,6 +2,8 @@ hello: ENC[AES256_GCM,data:+LPt8J+Ks1m10+zZ2Q96r3K2W6Yeng7M7+c2TYDQ+/4AJl6Xc6hVn fastmail_password: ENC[AES256_GCM,data:tHr8PqIg9DigRBu2bgjUeg==,iv:NI9bENFPuKcOt1cd2kg2DKU22J1dJ+3mK7UoceZagR4=,tag:oEgeQb1iLKisOqHi9Ds7xg==,type:str] github_token: ENC[AES256_GCM,data:E1+wrI5VUlnsqfKNH6fY7IXqHIiagAByLYCfIfdd2+HcvniAvZzaIyKB3nma5eks3csN5A9XgYXRb09lELroW00obmIWbWZPdFhDccHRtVOqFq/r+x27O/3MAkDqID5mc8xD8SqWUibr9UZfXjFcXC4bx7+a4pyy45akz9RLIJRVKDzxMBGmZ/wQcuFS9uy2Pv2yWRL7q4olzvc/kzNFRWCLU7ThIAJSIx//NluOE8xjsA==,iv:Cdc2wwGdXprch1hHd0CwJM6vUAYmfhI4FpcKjcoIZYY=,tag:so8BJtjHGcGzayPqMwy43A==,type:str] mullvad_account: ENC[AES256_GCM,data:CO4wl2vNAMEC9oy37nIrpw==,iv:a3w64u8XQ/tihIDxIPPtdZ6F7dldLPvRzGUs1MpVe4M=,tag:HQxJVuGEvI0fVj8yGptbdA==,type:str] +git_plan_config: ENC[AES256_GCM,data:45B89I6+mK4GkgeitNiizLmJUyIsOBNbmTPKOSIbMgpbqgR1QjuRNaJViOkQKFS8oZXFIEPbnoub1mDkMzMTB8KOvqnxUE4vnKwCzudepaO7f3WAJC8VlUORn6tX/Ujs4HeD4P8ozoh4bbAm8iT3VCiHZ28TurBqOtA3G/LVxtZ9NB87/BIu8/e8S10aZ2MGNORdEW2Rtbl0Tn0JjEiDZp8jrUm+pWQHhDdcvMtxyzoBqQsTU5eiea0qZOJP4Z5XK6/iWYss/vlGDwjD6S3rHFrHIJ22kq3pRezA0U42i6Uq8eTcVkzXlO7XvWsyA5CPsNbiEbbBvVkPvE4SUN3xVEpPHsSO0a/q3/0C2G1txvP9dd4CcVeuwqznBt25EYG9O3TQHt4h6GmjsgIWZaS7bSCmgANJTGmamFMJ4SdXzjTxXBXuTa64JceMQjmlykDwABJhThPRzMxMT1NFeHrc2OjuZ0NJHa28S/eoLUUq50QsiUD5E+wwkuxgXt9/DsBeirXf9dNjA58Z24nbxSQvq24Lp7Zlb15VP9FpoZIZb88kxNiJwT/4Uj4Px4pFdFVBZmCGiSXnBSxbypFapA+6AQ89z5ZMxdH6FP7EvsF7aDToLa0Q2Xovzd8Nt57w2j4YkS3Mc067KXkusbCzZ8C9DzkiYUDM9+ouSjIgXHL1JEBX+B4z17UTcSgNpsSztCScnjESaaI1xZ8JCKU9Zq53yiwRtYbhTTrpmA3xPI2Un3kvGCxYNtO5sWcLvzRKs6JP4o2WN40DvVJ7SgbSWWOA6cXMxLifEuiX8olgjsKP4tmaxXpiLE5b8xnXSHjzce23cEt9uN8R1hGdJak7iQWp/KZXov7fSA==,iv:Qdjmv27fsSXAQ6LCXdZtNVTbZlU9zFsRLor1BKJNHNE=,tag:5G5gk8JEHRx0CY48al5rvA==,type:str] +git_plan_credentials: ENC[AES256_GCM,data:d4egK2w4TGIDNaI2Wc3ViOBnH7/WpdeS1EoYe4/oaM4iayBXOEQMvT9qIgu/Hml34gvbBN9lRmlNkESVh7YpwO5wACkkRcO/0ZTyP8XzFUUo0IfUh1iHPjEQOF7vygW/woqBiQgFPRws9F+g6BW8aSQrBgvBF5IeNLhFBvSJUvTft1xEsNwFnkWnfZ2JWmYqLjEggoUEqtXMRw9KKcqm4DNXIzxmA8wSzDriIzeCVuSEV8sJD21saFPPaLw/jupLTLdWp5F8rAxLGa6e9coCNu8vSuqUgfv0jFET71bNw28xPrN38A/PIlUcR9MXe1SGqKAFxEv134ZkJr78g1PIWNoVDrmIlMpV6dYRLKM1FOcpAhJorIXooIl6quCdg2/U5onP8cQ7lt2LsEG5APKj7pz7huatdwM/CgxrcqPVb0E2Lk5c+wi3Rf9/Jz3BqcWQm3bwkHwivWyCD1Nw+qRXLFSfXGTovSBsxX0j4LbdP0o4iPuj068DGawpYC/AfcKfOCmh8aInQhGCQtIq14QGffU9GbW37gHu,iv:ZzOUYu3s+kfwbKajA+6fdu2EysipjoKD49muLNFBZ58=,tag:e0RI7rA8eLQI8h5L4pvS1A==,type:str] sops: kms: [] gcp_kms: [] @@ -26,8 +28,8 @@ sops: U3loV2xDMkM5SWNXRDJobDloL0FVUUkK3OP7KvcKkE8mJ880dm6LMFZUxELjl8/P 6+q8qAYiAvl0Cbd4GzkNpUuBbLlFFWfFmC0vbgg8gyZ6xI5AFhHAPw== -----END AGE ENCRYPTED FILE----- - lastmodified: "2023-07-09T20:32:29Z" - mac: ENC[AES256_GCM,data:c9+qPvLsiCgZPZ2vguQGCb+5LEr8cg32VGCyUvqiqICq5xtMZeDK7Uj8n0yLj0USaZ7bttUiI2CBpEl6anRSrXUGoJwmvJboXVi9/Xex5tv45hvdGA4Hd3P88K8kVRankOVhpogBRzcOpp4JsrtgxDTKabekpnaEr2l7H+5sXDU=,iv:no7t2FUwUaQWiuDDHe3Z5C5zoG5rnMeD9ar8PhtxyE4=,tag:AJYWdPdRGhG5epTsiD+cTw==,type:str] + lastmodified: "2023-08-14T22:29:46Z" + mac: ENC[AES256_GCM,data:RrVV1xSuXU9cm1dja2EBQFU4FxyU1agGNCDuCbWNxD/xJo4U6e2Zg74rNfc8BrFatnCp47eMM37eGy2PKScbit05R3+CGdCpGlqb/6ULQNUC/rxWKavhoGnF9WaWQEDsKAP1zEVDgWtZFWkocWJAmB0KNQhSiBXxy/fwZv+eQAM=,iv:X39LvJ15Hl+scJyF19vnTGTRImPf1JLepFdamL0Cz/I=,tag:8d6v6ZiZiPukmbUOi3NOrQ==,type:str] pgp: - created_at: "2023-06-10T01:03:11Z" enc: |-