weilite: add insecure dotnet required by sonarr

2024-12-03 16:39:34 +08:00 · 2024-12-03 16:39:34 +08:00 · 4169513ead
commit 4169513ead
parent bd4d7b5217
4 changed files with 17 additions and 3 deletions
--- a/machines/weilite/default.nix
+++ b/machines/weilite/default.nix
@ -56,6 +56,9 @@
          owner = "immich";
          mode = "400";
        };
+        "restic/localpass" = {
+          owner = "restic";
+        };
      };
    };

--- a/machines/weilite/secrets.yaml
+++ b/machines/weilite/secrets.yaml
@ -2,6 +2,8 @@ cloudflare_dns_token: ENC[AES256_GCM,data:m4euSkxxJmiMk9UPyeni/hwpl1W9A4MM0ssg71
 dnspod_dns_token: ENC[AES256_GCM,data:uZfr3g103amywxh3NMU+AkwuYb61svzyavvQ4rxJijIMIbfPvERrVNcyivoOrFWYXHpPWkhZFdU=,iv:mArVAcebW9i+u26GmQmfmJTsFkR4ZRMIisTqjpMYan8=,tag:Zsmv1Wzfi3+PHigjReToHQ==,type:str]
 immich:
    oauth_client_secret: ENC[AES256_GCM,data:EFs2hPjGMj0idwY3oQVIDTOIWkdwoAoAVjDQE9Z2eAKzUDH3grmYpYE+33V8d/Ux,iv:A9cjwFr/ZqltG62/N8MQ1LhdDbSIVVAqIPVB492zYJw=,tag:VTTtE697BZTVsI32UF53/w==,type:str]
+restic:
+    localpass: ENC[AES256_GCM,data:GIQAmkpDmGu4+sSG5/b5yQ==,iv:dcu6F8NnVjeQzEG2vM3fOV5owI0PWc86ts20UP3vN18=,tag:vsG8x062FG1pH5YNcAajeg==,type:str]
 sops:
    kms: []
    gcp_kms: []
@ -26,8 +28,8 @@ sops:
            V0thRjU4WGpQRGFpcnoxSjZTZHhTTkUKzNMHh9p7GUY3hL5XZ9S4x20CwaItsXFV
            RKujsFVVBd8Kuq/jyOCBTRCscuHI4LW/wYeZYHFEZFSTK2liAqspgw==
            -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2024-09-13T12:02:54Z"
-    mac: ENC[AES256_GCM,data:c5p+B2mPCDyS/Q4QH4MkzCww6jFDhP8RfHqrKLf4e/8XuNEGfNmPKaeliZG26j1YQWRvFHiGQX3AMnQ3Q+fSRUQCVi5KV+KW7fADNIB3TiTT5hAFuynhiWWQSmIrWP0GGek3GDGi7OJ1PrFbxWP9bwaf+zBegiaUcWoTorJg7No=,iv:6MohNgPpq80eTUlf3RvPKsxdx69V0jl+/hrMxAPpPQE=,tag:BtWp1FChP2hdclbGl5W+vQ==,type:str]
+    lastmodified: "2024-12-03T05:59:51Z"
+    mac: ENC[AES256_GCM,data:0dLbfkm7fJvH5Mmct0/qHulg2AtDCeeeOgWMXfeGRUaX3GlLDiLga0zW4uNPDuahVecdh6ofvYfBOxFaGUdBCHk9vq5GzrwrzBNhqObWQ3AqVuq5rjqSxEKoFM4Eb5qoqaOefFzT/9qC94NDETTsHhjiEeIgd4fgSr2dazNiFPE=,iv:Ggw0FHzkrhKh5Uzo3seHGwwHsWW/tTAgAl0iIq9PVk4=,tag:rJvUI5/wsLJ01XyKmkRghw==,type:str]
    pgp: []
    unencrypted_suffix: _unencrypted
-    version: 3.9.0
+    version: 3.9.1
--- a/machines/weilite/services/media-download.nix
+++ b/machines/weilite/services/media-download.nix
@ -13,6 +13,13 @@
    openFirewall = false;
  };

+  nixpkgs.config.permittedInsecurePackages = [
+    "aspnetcore-runtime-6.0.36"
+    "aspnetcore-runtime-wrapped-6.0.36"
+    "dotnet-sdk-6.0.428"
+    "dotnet-sdk-wrapped-6.0.428"
+  ];
+
  services.sonarr = {
    enable = true;
  };
--- a/machines/weilite/services/restic.nix
+++ b/machines/weilite/services/restic.nix
@ -35,6 +35,8 @@ in
  services.restic.backups = builtins.listToAttrs [
    (mkPrune "xin" "calcite")
    (mkPrune "xin" "massicot")
+    (mkPrune "xin" "biotite")
+    (mkPrune "xin" "thorite")
  ];

  networking.firewall.allowedTCPPorts = [ 8443 ];