Add AWS config
This commit is contained in:
Jakob Lechner
parent
cfd3621118
commit
52f2fd30b8
5 changed files with 127 additions and 1 deletions
31
home-manager/modules/aws.nix
Normal file
31
home-manager/modules/aws.nix
Normal file
|
|
@ -0,0 +1,31 @@
|
|||
{ nixosConfig, lib, pkgs, config, ... }:
|
||||
|
||||
let
|
||||
xdg = config.xdg;
|
||||
in
|
||||
{
|
||||
config = lib.mkIf nixosConfig.myConfig.aws.enable {
|
||||
# https://github.com/aws/aws-sdk/issues/30
|
||||
home.sessionVariables = {
|
||||
AWS_CONFIG_FILE = "${xdg.configHome}/aws/config";
|
||||
AWS_CLI_HISTORY_FILE = "${xdg.dataHome}/aws/history";
|
||||
AWS_CREDENTIALS_FILE = "${xdg.dataHome}/aws/credentials";
|
||||
AWS_WEB_IDENTITY_TOKEN_FILE = "${xdg.dataHome}/aws/token";
|
||||
AWS_SHARED_CREDENTIALS_FILE = "${xdg.dataHome}/aws/shared-credentials";
|
||||
};
|
||||
|
||||
xdg.configFile."aws/config".text = lib.generators.toINI { } (
|
||||
lib.mapAttrs'
|
||||
(name: value:
|
||||
lib.attrsets.nameValuePair ("profile ${name}") (value)
|
||||
)
|
||||
nixosConfig.myConfig.aws.accounts
|
||||
//
|
||||
{
|
||||
"default" = {
|
||||
"output" = "json";
|
||||
};
|
||||
}
|
||||
);
|
||||
};
|
||||
}
|
||||
|
|
@ -3,6 +3,7 @@
|
|||
{
|
||||
imports = [
|
||||
./${nixosConfig.myConfig.terminalEmulator}.nix
|
||||
./aws.nix
|
||||
./claws-mail.nix
|
||||
./communication
|
||||
./direnv.nix
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
{ config, pkgs, ... }:
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
let
|
||||
userName = "jal";
|
||||
|
|
@ -84,6 +84,14 @@ let
|
|||
--script=${vpnc-script} \
|
||||
https://remote.tradebyte.org | grep -v '^> '
|
||||
'';
|
||||
aws_defaults = {
|
||||
sso = {
|
||||
start_url = "https://d-9967250383.awsapps.com/start";
|
||||
region = "eu-central-1";
|
||||
role_name = "AdministratorAccess";
|
||||
};
|
||||
region = "eu-central-1";
|
||||
};
|
||||
in
|
||||
{
|
||||
imports = [
|
||||
|
|
@ -99,6 +107,60 @@ in
|
|||
signByDefault = false;
|
||||
};
|
||||
gpg.defaultKey = "FE170812543DF81393EA56BA5042B8317A10617E";
|
||||
aws = {
|
||||
enable = true;
|
||||
accounts = {
|
||||
ops_testing = {
|
||||
sso_account_id = 134848648016;
|
||||
sso_start_url = aws_defaults.sso.start_url;
|
||||
sso_region = aws_defaults.sso.region;
|
||||
sso_role_name = aws_defaults.sso.role_name;
|
||||
region = aws_defaults.region;
|
||||
};
|
||||
core-production = {
|
||||
sso_account_id = 455520445575;
|
||||
sso_start_url = aws_defaults.sso.start_url;
|
||||
sso_region = aws_defaults.sso.region;
|
||||
sso_role_name = aws_defaults.sso.role_name;
|
||||
region = aws_defaults.region;
|
||||
};
|
||||
tbmeta-production = {
|
||||
sso_account_id = 696695470425;
|
||||
sso_start_url = aws_defaults.sso.start_url;
|
||||
sso_region = aws_defaults.sso.region;
|
||||
sso_role_name = aws_defaults.sso.role_name;
|
||||
region = aws_defaults.region;
|
||||
};
|
||||
abnahme = {
|
||||
sso_account_id = 837645089494;
|
||||
sso_start_url = aws_defaults.sso.start_url;
|
||||
sso_region = aws_defaults.sso.region;
|
||||
sso_role_name = aws_defaults.sso.role_name;
|
||||
region = aws_defaults.region;
|
||||
};
|
||||
core-develop = {
|
||||
sso_account_id = 934000686307;
|
||||
sso_start_url = aws_defaults.sso.start_url;
|
||||
sso_region = aws_defaults.sso.region;
|
||||
sso_role_name = aws_defaults.sso.role_name;
|
||||
region = aws_defaults.region;
|
||||
};
|
||||
infrastructure = {
|
||||
sso_account_id = 994756397773;
|
||||
sso_start_url = aws_defaults.sso.start_url;
|
||||
sso_region = aws_defaults.sso.region;
|
||||
sso_role_name = aws_defaults.sso.role_name;
|
||||
region = aws_defaults.region;
|
||||
};
|
||||
tbmeta-development = {
|
||||
sso_account_id = 730951147261;
|
||||
sso_start_url = aws_defaults.sso.start_url;
|
||||
sso_region = aws_defaults.sso.region;
|
||||
sso_role_name = aws_defaults.sso.role_name;
|
||||
region = aws_defaults.region;
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
users.users.${userName} = {
|
||||
|
|
|
|||
31
modules/aws.nix
Normal file
31
modules/aws.nix
Normal file
|
|
@ -0,0 +1,31 @@
|
|||
{ lib, ... }:
|
||||
|
||||
{
|
||||
options.myConfig.aws = {
|
||||
enable = lib.mkEnableOption "Enable AWS CLI";
|
||||
accounts = with lib; mkOption {
|
||||
type = with types; attrsOf (submodule ({ config, name, ... }: {
|
||||
options = {
|
||||
sso_account_id = mkOption {
|
||||
type = int;
|
||||
};
|
||||
sso_start_url = mkOption {
|
||||
type = str;
|
||||
};
|
||||
sso_region = mkOption {
|
||||
type = str;
|
||||
};
|
||||
sso_role_name = mkOption {
|
||||
type = str;
|
||||
};
|
||||
region = mkOption {
|
||||
type = str;
|
||||
};
|
||||
};
|
||||
}));
|
||||
default = { };
|
||||
description = "AWS CLI config";
|
||||
};
|
||||
};
|
||||
}
|
||||
|
||||
|
|
@ -8,6 +8,7 @@
|
|||
|
||||
imports = [
|
||||
./autologin.nix
|
||||
./aws.nix
|
||||
./bootloader
|
||||
./dji-goggles.nix
|
||||
./dnsmasq.nix
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue