AZ-Intec-GmbH/AZ-NIX
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add postgres config for kestra_prm

Browse Source
This commit is contained in:
sascha.koenig
2026-03-13 06:20:57 +01:00
parent a1d5947b98
commit 57bc3b9453
7 changed files with 97 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
home/users/sascha.koenig/AZLT124-L.nix
View File

@@ -48,7 +48,7 @@ in {
wallpaper = [ wallpaper = [
"eDP-1,/home/sascha.koenig/.config/hypr/wallpapers/wallhaven-lmmo8r_2560x1600.png" "eDP-1,/home/sascha.koenig/.config/hypr/wallpapers/wallhaven-lmmo8r_2560x1600.png"
"DP-8,/home/sascha.koenig/.config/hypr/wallpapers/wallhaven-lmmo8r_2560x1600.png" "DP-8,/home/sascha.koenig/.config/hypr/wallpapers/wallhaven-lmmo8r_2560x1600.png"
"DP-9,/home/sascha.koenig/.config/hypr/wallpapers/wallhaven-lmmo8r_2560x1600.png" "DP-10,/home/sascha.koenig/.config/hypr/wallpapers/wallhaven-lmmo8r_2560x1600.png"
]; ];
}; };
@@ -81,10 +81,10 @@ in {
workspace = [ workspace = [
"1, monitor:eDP-1, default:true" "1, monitor:eDP-1, default:true"
"2, monitor:eDP-1" "2, monitor:eDP-1"
"3, monitor:DP-9" "3, monitor:DP-8"
"4, monitor:DP-9" "4, monitor:DP-8"
"5, monitor:DP-8" "5, monitor:DP-10"
"6, monitor:DP-8" "6, monitor:DP-10"
]; ];
windowrule = [ windowrule = [
"match:class com.obsproject.Studio, workspace 1" "match:class com.obsproject.Studio, workspace 1"

17
hosts/AZ-CLD-1/services/containers/baserow.nix
View File

@@ -36,5 +36,22 @@ in {
service = serviceName; service = serviceName;
entrypoints = "websecure"; entrypoints = "websecure";
}; };
routers.azubi = {
rule = "Host(`azubi.az-gruppe.com`)";
tls = {
certResolver = "ionos";
};
service = serviceName;
entrypoints = "websecure";
};
routers.ausbilder = {
rule = "Host(`ausbilder.az-gruppe.com`)";
tls = {
certResolver = "ionos";
};
service = serviceName;
entrypoints = "websecure";
};
}; };
} }

4
hosts/AZ-CLD-1/services/postgres.nix
View File

@@ -119,6 +119,9 @@
host litellm litellm 10.89.0.0/24 scram-sha-256 host litellm litellm 10.89.0.0/24 scram-sha-256
host netbird netbird 10.89.0.0/24 scram-sha-256 host netbird netbird 10.89.0.0/24 scram-sha-256
# Netbird network connections
host az_kpi_raw kestra_prm 100.91.49.26/32 scram-sha-256
# Deny all other connections # Deny all other connections
local all all reject local all all reject
host all all 0.0.0.0/0 reject host all all 0.0.0.0/0 reject
@@ -151,6 +154,7 @@
iptables -A INPUT -p tcp -s 127.0.0.1 --dport 5432 -j ACCEPT iptables -A INPUT -p tcp -s 127.0.0.1 --dport 5432 -j ACCEPT
iptables -A INPUT -p tcp -s 10.89.0.0/24 --dport 5432 -j ACCEPT iptables -A INPUT -p tcp -s 10.89.0.0/24 --dport 5432 -j ACCEPT
iptables -A INPUT -p tcp -s 10.89.1.0/24 --dport 5432 -j ACCEPT iptables -A INPUT -p tcp -s 10.89.1.0/24 --dport 5432 -j ACCEPT
iptables -A INPUT -p tcp -s 100.91.49.26/32 --dport 5432 -j ACCEPT
''; '';
}; };
} }

2
hosts/AZ-PRM-1/secrets.nix
View File

@@ -10,7 +10,7 @@
}; };
kestra-env = {file = ../../secrets/kestra-env.age;}; kestra-env = {file = ../../secrets/kestra-env.age;};
n8n-env = { n8n-env = {
file = ../../secrets/n8n-env.age; file = ../../secrets/n8n-env-prm.age;
}; };
pgadmin-pw = { pgadmin-pw = {
file = ../../secrets/pgadmin-pw.age; file = ../../secrets/pgadmin-pw.age;

1
secrets.nix
View File

@@ -25,6 +25,7 @@ in {
"secrets/litellm-env.age".publicKeys = systems ++ users; "secrets/litellm-env.age".publicKeys = systems ++ users;
"secrets/metabase-env.age".publicKeys = systems ++ users; "secrets/metabase-env.age".publicKeys = systems ++ users;
"secrets/n8n-env.age".publicKeys = systems ++ users; "secrets/n8n-env.age".publicKeys = systems ++ users;
"secrets/n8n-env-prm.age".publicKeys = systems ++ users;
"secrets/n8n-db.age".publicKeys = systems ++ users; "secrets/n8n-db.age".publicKeys = systems ++ users;
"secrets/netbird-auth-secret.age".publicKeys = systems ++ users; "secrets/netbird-auth-secret.age".publicKeys = systems ++ users;
"secrets/netbird-db-password.age".publicKeys = systems ++ users; "secrets/netbird-db-password.age".publicKeys = systems ++ users;

35
secrets/n8n-env-prm.age Normal file
View File

@@ -0,0 +1,35 @@
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IFpoVnNlZyBBbzlJ
U0xXd2RyeVJXblFzeis1NTUvTitCZmxlYVMxbWhKNTlwTEgvOFdzCjFEa3FjTm96
TTdoWWIwV0lDZUcxbDJkQ2ZpK2t6aXJPNy9aZXQzbDkvYlkKLT4gc3NoLWVkMjU1
MTkgU3JIYXFBIEU4OEt0RlhUZlRlUzNTMlRCSDUwUkhUbG8vZG9NSUJ1Q3JxVm5T
WU1FMTQKS0huejlvdkFJLytRcUw5dU9XdnkyZUR6WHl2TkFtd1FobGxZUGduRXZU
SQotPiBzc2gtZWQyNTUxOSBsR3FWWmcgZW9ZZllzOU1EdmQySHBiRWM1L1dzcjgw
L3JhWVB3dnVHSFlydEZwNFlnbwp4eWRuTWRCci92SGE5V1hJT3NQZ1lsWkpkU1R1
cVJ4SjNLTUlONWNaMERzCi0+IHNzaC1lZDI1NTE5IENTTXloZyBSSis4MWhxR3JV
RGY4V0h0NUdYMDJzd0dqOFZzRnJ0RjZIbVYyYTNSWWlJClhhVWhiNzgrQlZQaDND
VTBMNlZKRFNsaSs1N3FsM0taRFVpZ01ha2l1alkKLT4gd3FhaWNcbV4tZ3JlYXNl
IDp0ZnAKZHlLcHJSOElYTEZFNmFxdDBQTU1XZnhTRXVDZiswanp3cnkzT0dzeSta
aFNTV0ZOUEpFYk1KYUVJSGU5NlV0SwpKUQotLS0gY011RXdUbmJrOTNzVmtNOUpJ
c01UOTl4OXZkLzBjTXl2NzNQNlNBT2ptRQp7QiUkXygzzq4vn+JyEikKiO5Tlp9H
QNYQGTLaWJpkY8afT04ux3/JiAKdkEpbQA8RPNbDlHc7YYQ04UMY3iKPnWTbZpLT
PaqTamseLzubX8vKdvJnD0QsEnuUxNSDu68FGW9MNDPrQDvM4A47hmHNX7bdFl1J
cE4oH0VAHdG1yg3lcTyaRYp+dfKIv2dpzpvnPLHB/IPdpaxFSn3YVerMXCMYelR5
otSBUyqf2iY0NyEqkBDYCmNiD5tRCUuwteeMMmpvUbXpzmnpDj6U0QM/R6C7BQPB
/K8cKE23SgxamvkMqK/blgTNlUcO8/KAJrkSGqeQ37m2RrCgUVB53tVaInSFi4ds
K1PL/CmVGFTF7DCOSTsX7CzyivG+Ii0asonyVlsbURMVbf5WhWWUxBMMEvY2AMSC
l1lHij3Qbc39IHY70mezkIuU1jlGtTrb0pmoymWfSSpiCTYKKky69y1mxRB6m1Ir
kfwI0ykG6mbyHG7FfHkzwCYI+5qmbdGs6VcaK5aIiCCwz0fd/MW7z3TnKW8gikaY
hOHK5Pmse5B/JMY3lG96G6cbT3vm1YVDmutRp5lFMwX7TmiCiYBIyTdaVkekbNzg
iPryKQKTlpDNlmpGr63O4+id+fU5Qa/d6ja92D01PzweeSxRPe0Uh9Ps42oOlGzS
9k9sKuXFVaeG5TiJIcV6rukmYEuYWo/kaFRK4bq6lYhxxhQEAcxGyprC2CHkFYHl
5slXn+l2XYX0X/iltWkH9H8BW/g9rBfUnZgPYHdx0MypOzPH+S4inomdCNJYytZ1
h5wu20m/pjxmc2yLSy/psTrwIDOft0b6NQjvVfU+74ZBV7rREcY5ymAFdioEAEyw
2QleXg9ihlkeg7GSgsvyPFgh/T1GysZdo8QatBbNOS/hiEidCiUpfyytHlf7ZM3V
nQmZDKt0HRs0pHfWwLAoT1yTp2pjr9BMSJ8KItR2L2pGo0EpgAGMG+p7ssbIt9VR
QhsIyYxDQyeKasxoyFogW28KnMySr4uKBHuYEk5ht6d7spv2u5y+/FxxhSZaHqgv
fvsqtFOuyHI8Exa9QsbyF3hp0JBmj1BWGYJGLZrjFm9TDQ/2y3bG9AJXuy4CDUgS
tFIIb1wAXJnd7ndomGDVr8kdcFlR65IKcZbTlzt/2hFxgxq7QQyVGyfAeqpNRp2U
512yBw98SKYxrcvV0nFxkUPzS1E0IEnxappsnaW+kN8XcdiAG+oOAM9PIoc/vQFc
1FNOvJhUTg5wCZFbfZkCbWWKP+hk4YhoFzw56m8pwlDwMQKkc9whKuCvXX5bSb0=
-----END AGE ENCRYPTED FILE-----

66
secrets/n8n-env.age
View File

@@ -1,34 +1,36 @@
-----BEGIN AGE ENCRYPTED FILE----- -----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IFpoVnNlZyBSUVY0 YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IFpoVnNlZyBhLzMr
Y0V2Rlk0Z2ZMa3NmKzZKTnIyak1raitMcWlBbXZuTmwydTNEUjFRCm56dStWdUNF K05GUnNuQndGa2JoSm5TT2ZpU3FOTTZ6aG9SdElHREVjQm5BRERRCjBwelhQTjBi
alZSYXFka280bGRiZElEU0R1ZHloZ1REL2hXVFhGUlJRN0EKLT4gc3NoLWVkMjU1 L1JXOXhSZ1BpNDhqdGRCV3dwNFFjbXdPSzNINXVFRU9ydzQKLT4gc3NoLWVkMjU1
MTkgU3JIYXFBIEFTckw2OEtVTGtPbWpwUzNBaE0vV2M4VzF3YUFBMlZha2o2a3pq MTkgU3JIYXFBIDFFd0xzbDhEOUNxdDdudVFLeU1yM2VqR3RwOHZFM2VQMmpHNStS
c25JbEUKMHlGWlpya3I2dTYwTzNOSTQ0cXozK0pIakZ2SW9VaENYQlY3eTF6eW5Z b21NQ1kKdUtHQU5qUHlLd1ZwNWxpZ1Y2ZVN0NVZVdXlvVUkwdEdPbkdPU0UvcTB0
YwotPiBzc2gtZWQyNTUxOSBsR3FWWmcga0lVMTZIdDBEdEJxRUpuU3JHeEZOajNT MAotPiBzc2gtZWQyNTUxOSBsR3FWWmcgbE1KaFR5TmFnb1BKb3lKek5DdVNjZVk4
amtFYTFxMEFPYkFYeDdSdUl3WQpwMlF2RzlRY20xQjk3N09JQjkzMzRGYndibUpj cmF4UjRpTDU4WFJVU21penlHMApUM0YwSnU0cVhVUS85ekpzT2Y1N3Q0Y1p6THZo
ZmtXYzQ2cnpDWkhCWlFFCi0+IHNzaC1lZDI1NTE5IENTTXloZyBIQllKZzZndk4z OE5hQWZYYVVEREg1a2d3Ci0+IHNzaC1lZDI1NTE5IENTTXloZyBRL2t4d0ZvNmxm
VzJUM04zMEFHZWQzS0VtWFExY0VoNTZ0Mm56SlhVNzBvCnJLSlE1cGp5bkJ6dlMv K2tDOS82WEZOZGxXa3RGdkZKSFliS0JzOEZiK3JqY0EwCm13N1VhMUIyK1VuZm5l
QjlFbk4zZW1lU095Y1Z1OWI3aW8rSnl2R0VMMW8KLT4gd3FvLWdyZWFzZSAhXWVV TjV5bDdLYXRDWGF6eDVOQ21zTTVLQ2hIem1vT3cKLT4gM18/Lnp8SS1ncmVhc2Ug
IFIgYUthSQoyUEx2QVd5OUZKUQotLS0gMkRmbmRkTk9jRzc5Y252Z0xxRTJLN0Jm bmV+X24tbkogV3plb14KcEh4alk2V3U3ZitUZ3ZsTzJTbDdvb1VuM3JlL0FCZVl3
Nk90MGR6Q25iRE9TZk5rU2dzVQqbJeCiLsKte4eOeDIVa+ASFaDW+dg0ClDITFRU bTNCSDdkOVJTWDZMSGNqM200eEd6OWg0TS9VRWhYSwpIYlVEY1FWeTR4b25zTDZp
yrigeQCS3Fj4PGW2xWNP03l4Kk9FJrItTdm3zvHi28BOwWnx4ro3rxCDyArdDu7j Uk1NCi0tLSBqOGFrOEVmbTY0N3pCM0kzVExBcXdYam85WVpGZXZVUk1YMU9pSTdD
MvNZMi5dxNUhUVfCdxFMx31z0KGWg6LyG1E6NcWSNPKrs6YMpQSdE6z37CdwLP31 NjhBCmMGbE45ce2jAoYuG+L27X0LDsJxOrydZqA/lZ9I21J+9LTIpLIDiMlr/n7C
nQgw7yBoxZ++CPn9+olJGJS0sJ23Gfosccyic04adcMvw5XzFQJZShwsKw1DOYwo FNOW39bbaPudck8b0THImIsuu+ylzMSpt3CVXdZIzaB4hRKctLRv4zRL/UkbfMsl
HLK80jjjrK90UMsEJK6tEZJzzWYZHX9fj2rvPAYDdHahpp4+qIFQsuOrSNvDRmp+ mPFcdxNPkqmZsABgTui6b5suxdB5aWFx4EYcDIAjokZFuLXHrbIYOYNWEWBA3tVn
BHqxSBcSavhR7IcOpX0eGwc6+NJt+WJDCBUJnMysla5mJiWTQ3b5jFlNFsD36U+b ji1n8aVPw1keln8qmzYJiL9bjGxq3KB7NJEhzGrqDVcn0koXpynSJxz+dlw6jmO4
UiLSbSeO5Me+1n0fNK3qmx0CcxAr0WilOfmj6oDA8BTShXGx8GuzMe4XTzbMlamd Nk+wych9gLOq6g9agDUXjpj4Q7l1cUmuAD+Xh5CPVJIV4xpjUDm+GCBLryFWcHdH
WBwWX0Ld/pTrq4MrBwsJ4eqzV7Eg9tI/75ZLMetz2piiyClygxH3JbrdJl9n5BIE XC1MEnr/x5OuX0/XcPL7pRXvOjxAPgjSn/omisZtFNhBKzmNZZG2XLReyDJttXQ6
hPj8BFBbyABocYVvgYRQwL6uGahZKcfFG0P32ZjF0LNytYqkLP8tCax8nBOa1t38 QoNXp8DhoaPBFES6fi6NvYE2KpjSoTjHFRuJuslpmPGPC3yOSXpJlwlUI9wC6TTh
yljKC+EJ2wI8/jJGyA0JIgms71I5atlInmWFSCgvH2UVUiGS+UZmmNC1O83g6wpL 8rXYvb3mxT90KJK9SoKvSUFN5/63N15IzD8PFc1A5lP1MAL+pPUF3vX89mUGKB92
6MU3E6rCyLXPP8Id9/pyhC9VHjqrqsLqL6+qmRUduJFHiv1Lke+KByPZZP8FjRy9 +8uKs5RqhOFJSgYSqmdC10TUdg61WTsXlivbue6l54v+rfIKxaNAzxxFEvkYWIwP
V27t3HQ+FAKjwI45WF2A5LoqQ9khnucc1gdLY+b2ouHpkFnXLmA4QFqmgPCUpcEI Sl7tG7bwr+joqg2p4JnGc/nD4UU7zAwXIZGefmPMktpDple6JhsggvDy4FLebdpk
z8o1U5wFuQYYF8UG7tculizft3iAZ1O9uU0PmtxLLGFHRS9aAnGCZJTbQMxdIlsP NTjTSsYCWTLymXcW+K+syibVc3jH6RFLW9n9rVmsVDHxSXFDOcPEdjEOS2RMOMdB
9S8gCS2bWnqUzXfRKXna6FixwAzIiZRdCyk3uC3EhbpmPc+qJmF1JKsIyv0OKPnM RdDJMfx330a6lXVjM1VhCotPnVQ9j51KjfIzsduXJ39xRremTGzEsbrY8a9dmVgO
8yuN0DOh6Czz5tKPXY2vMxOups6KboW3/O61Y20TjJ7Y2gA5bpkbstXv3x+Mr4+5 T2++xCPnuH8oGqt77AozSLCUKfh2fKrUQRkuROwjRgBsx0KB2W6+lY3hNZzgvUq2
ux19JjNe0ylqCu7TV538GIFmEeITfuf8ZUcxynA2t6LzSMFmZFycQI4u3JvVF3fl VLlZSLQApl1tR+bZE+OOZFOYw6s4CjEfBToL5ovwVIZFirLVHog1iWdDN5qc8MPy
cIPi9xOAPiP4tVyoZrY79VYHEN8s4WJi2hhYyvUPYItZ6rX9R0mS2mTcZpZ7yq46 7Lr18UWWEFJ6ceaCZEaFLvOeNa36emIeqwReIkUG3IGlU6CMcbGsCpDVPKI2CKFB
2lbL2s547kgTaVeiOSGY0dA8Ene4rnXCw1Lng+vGKqPRqo2b9Ru7clKnNcwqumut WRCuYFckOKcmmvlcHxdg46c18uwAHkSwVV6wEWPrw68jPTyYaYu7UEy4p0wVYhcS
6WDYfWWEboY21xtH0iTQoQUaRaewb3dBtC8RHS7HhiZwg0fwOq9Cok4WeWi1Mk2o cOiGqb8Nkc+xkBwF7zyvkiDWx9yWSBwJHz6pLQJ2kg6W+IdIxEKgv/VrbpuzoyE9
/uHcY8B/sEMxfhe05KFeYqtY7OQ7HBiyz0qtjuKWM21HOlTaeHF7KZDlNC18lwXl PJ4QVdz5/f4aGAmw/iSrIsl48gNoScUvxGZjrE0dqBj4yu+aEy7Xj8fST7XmyZgw
wntmDt++CCcCoWyJ0zPkarWlpQrMwMGLXexf5G6vyFMAXzy+2xdn4T8= DRcOPowQD5hxdtkG63uesZvFSlNNfouoR4klRPoCkJBHNRrtIsmaPJiw+WZgr3hj
rf/MeswTbtwaFuCUM2AwrHCRTKqRenc5c9+jl7JNAB0sBnJhukumA4tK3v/8eXtK
y8wGLyS6WAgK0pptoY7ntcz7djhlyYg=
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----