nix/machines
1
0
Fork 0
Code Issues Releases Packages Activity Actions

Fix a bug with opentofu credentials
Some checks failed
/ dev-shell (push) Successful in 2m59s
Details
/ rust-packages (push) Successful in 10m40s
Details
/ terraform-providers (push) Successful in 8m29s
Details
/ check (push) Failing after 11m2s
Details
/ systems (push) Successful in 52m25s
Details

Browse source 
and add zfs support to openstack and add it to monitoring
This commit is contained in:
Kaare Hoff Skovgaard 2025-08-14 00:26:01 +02:00
parent 973eb085c4
commit 1bf63cc735
Signed by: khs
GPG key ID: C7D890804F01E9F0
6 changed files with 204 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

16
rust/program/infrastructure/src/secrets/endpoints.rs
View file

@ -109,6 +109,19 @@ impl Endpoint for MxKaareskovgaardNet {
const BITWARDEN_KEYS: &'static [BitwardenKey] = &[BitwardenKey::Field("ZROOT_ENCRYPTION_KEY")];
}
pub struct MonitoringKaareskovgaardNet;
impl Endpoint for MonitoringKaareskovgaardNet {
const NAME: &'static str = "monitoring.kaareskovgaard.net";
const BITWARDEN_KEY: &'static str = "monitoring.kaareskovgaard.net";
const ENV_KEYS: &'static [&'static str] =
&["MONITORING_KAARESKOVGAARD_NET_ZROOT_ENCRYPTION_KEY"];
const BITWARDEN_KEYS: &'static [BitwardenKey] = &[BitwardenKey::Field("ZROOT_ENCRYPTION_KEY")];
}
#[derive(Clone, Copy, Debug, Deserialize, PartialEq, Eq, PartialOrd, Ord, clap::ValueEnum)]
pub enum CliEndpoint {
#[serde(rename = "openstack")]
@ -155,7 +168,7 @@ impl CliEndpoint {
Self::Cloudflare => Cloudflare.read_from_openbao(map),
Self::Hcloud => Hcloud.read_from_openbao(map),
Self::Openstack => Openstack.read_from_openbao(map),
Self::Unifi => Openstack.read_from_openbao(map),
Self::Unifi => Unifi.read_from_openbao(map),
// We don't transfer the root token to openbao itself, but relies on the user being authenticated
// through oauth.
Self::Vault => Ok(()),
@ -173,6 +186,7 @@ pub fn transfer_from_bitwarden_to_vault(session: &mut BitwardenSession) -> anyho
transfer_endpoint(Aws, session, &mut all_entries)?;
transfer_endpoint(Cloudflare, session, &mut all_entries)?;
transfer_endpoint(MxKaareskovgaardNet, session, &mut all_entries)?;
transfer_endpoint(MonitoringKaareskovgaardNet, session, &mut all_entries)?;
for entry in all_entries {
let mut delete_entry_proc = common::proc::Command::new("bao");

4
rust/program/infrastructure/src/secrets/openbao.rs
View file

@ -19,10 +19,6 @@ impl<T: Endpoint> EnvEntry<T> {
fn new_from_values(values: Vec<(&'static str, String)>) -> Self {
Self(values, PhantomData)
}
pub fn read_from_bao() -> anyhow::Result<Self> {
read_bao_data::<T>()
}
}
impl<T> From<EnvEntry<T>> for Vec<(&'static str, String)> {