felix/nixos
1
0
Fork 0
mirror of https://github.com/Stunkymonkey/nixos.git synced 2025-05-25 02:14:41 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

flake: update nix

Browse source
This commit is contained in:
Felix Buehler 2022-06-06 11:47:50 +02:00
parent eecea5c20e
commit 2850c5a861
9 changed files with 42 additions and 40 deletions
Download patch file Download diff file Expand all files Collapse all files

6
nixos/.sops.yaml
View file

@ -1,10 +1,6 @@
# This example uses YAML anchors which allows reuse of multiple keys
# without having to repeat yourself.
# Also see https://github.com/Mic92/dotfiles/blob/master/nixos/.sops.yaml
# for a more complex example.
keys:
- &admin_felix age1hf8m9upp00dr7qv2kmqdr50fpvd9ejzkfu8yknqnuda2aas2tvrs4l3u7m
- &thinkman age1t485hyawp2zfddetpa7ss2qn8zjk6fh2rjwjs3mcqq7u9lwh9eaqe9244x
- &thinkman age1spt854cdscqs757a8kazth52rv4p9udh54suw9lpzlqg5savyapq2u0c03
- &serverle age14nt7qcsrye0vrpk0xcgcfmhkxwwumna39fpn83g3x0zml62skatqpnmhk4
creation_rules:
- path_regex: secrets.yaml$

1
nixos/thinkman/backup.nix → nixos/modules/backup.nix
View file

@ -28,7 +28,6 @@ in
borgbackupMonitor
];
sops.defaultSopsFile = ./secrets.yaml;
sops.secrets.borgbackup_password = { };
sops.secrets.borgbackup_private_ssh_key = { };

5
nixos/modules/users.nix
View file

@ -1,5 +1,9 @@
{ config, pkgs, lib, ... }:
{
#sops.defaultSopsFile = ../secrets + "/${config.networking.hostName}/secrets.yaml";
sops.secrets.felix-password.neededForUsers = true;
sops.secrets.felix-password = { };
users.users.felix = {
isNormalUser = true;
home = "/home/felix";
@ -15,6 +19,7 @@
"networkmanager"
"video"
];
passwordFile = config.sops.secrets.felix-password.path;
openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOFx6OLwL9MbkD3mnMsv+xrzZHN/rwCTgVs758SCLG0h felix@thinkman" ];
};

0
nixos/secrets/keys/disasm.asc
View file

2
nixos/serverle/configuration.nix
View file

@ -13,8 +13,8 @@
../modules/networkdecrypt.nix
../modules/nix.nix
../modules/ssh.nix
../modules/webapps/config.nix
../modules/webapps/bazarr.nix
../modules/webapps/config.nix
../modules/webapps/homer.nix
../modules/webapps/jellyfin.nix
../modules/webapps/navidrome.nix

8
nixos/thinkman/configuration.nix
View file

@ -3,16 +3,15 @@
imports = [
./disks.nix
./hardware-configuration.nix
../modules/sway.nix
./backup.nix
../modules/3d-design.nix
../modules/android.nix
../modules/avahi.nix
../modules/backup.nix
../modules/bluetooth-audio.nix
../modules/clean.nix
../modules/compression.nix
../modules/desktop-development.nix
../modules/desktop-default.nix
../modules/desktop-development.nix
../modules/development.nix
../modules/docker.nix
../modules/filesystem.nix
@ -30,6 +29,7 @@
../modules/printer.nix
../modules/screen-sharing.nix
../modules/sound.nix
../modules/sway.nix
../modules/sync.nix
../modules/systemd-user.nix
../modules/systemduefi.nix
@ -42,7 +42,7 @@
networking.hostName = "thinkman";
sops.defaultSopsFile = ./secrets.yaml;
sops.age.sshKeyPaths = [ "/home/felix/.ssh/keys/local_ed25519" ];
#sops.age.keyFile = "/var/lib/sops-nix/key.txt";
# Use latest kernel
boot.kernelPackages = pkgs.linuxPackages_latest;

5
nixos/thinkman/secrets.yaml
View file

@ -1,3 +1,4 @@
felix-password: ENC[AES256_GCM,data:xISAZHKQgH4DcKTl,iv:Q9TbDnVz6dBquPLgXfFYcpDeFOQfGBTbuCOOWKNhXX8=,tag:Eq7EGOv5mZrtaET6h2eEwg==,type:str]
borgbackup_password: ENC[AES256_GCM,data:+LCiZ3ttCR4lsy3vJPPUdhbSKxbghoT3lg==,iv:FaIJoZggZNCRuHyfWUQ+DDSBFzbP8Nh90nn7+gUlRak=,tag:7FysidMti7NBkLyHvoYZtw==,type:str]
borgbackup_private_ssh_key: ENC[AES256_GCM,data:XO43VMaX0T0OlImTZWvmrKl5Ph48TMXVWNHcP0Ez9whJLTArnySImh5Tv5i9v7c4ASDypBuUarZYwbdcYbOBwJV3PQxD4RR7QSuP/nB3QVha7ytgGYPbH3CZ3+uHCCyf1f5ZUoZMxTrJRDGURJNKpfkCySizXvEHhrDiO1mLZzuHq7kRujNR/+ymDp9gooacMPwGunj3fd8P3QQ3t7EM844Q02tLVy5og82qDePw0h/S9CTjnJkt5Rjl/CCc/pKn9oZ9XYOG57RUOcWyyF0PTc4wlZiBnG1H/m0LvKt3ThnLNRrOrOyulven35gMbr0cfs1UeBcAj6OnmrFeWIa72d/JTSMCa+KtUuIWrG3H2InqVLan9rMrQpQl92onb6vEnCIlhZdgWfRjRotplcxCFlLKpAgUo+bIIuWpb5hIoTKjAuHmz2byNbEgeYxIMSty93aj1BEbMIuzmTjWabsd0vqkKKouzlCN+9avT1TBoOG2anOEHWmYs44wsJN30z4px5c7pEP3qWpXkPhf1ecz,iv:v73n2tYZ2b4NF0xjeBvC3rKijkchb93xZA+Z9LUzBqE=,tag:6yhSJH3UB3Rajr36WdcXfA==,type:str]
sops:
@ -24,8 +25,8 @@ sops:
V0RYMTRlSmtxQXgxeURDTWoxNW40MEUKsAaewEOrlH3XFXLs4vGt62J3uU9hlbkN
a+3MDTcPzwTdT46q7cRp/vLFvEtWj1alwY+wzF8m3H4aLy2pdKz7+g==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2022-06-03T20:28:28Z"
mac: ENC[AES256_GCM,data:a0K63CIODtYkzE/ewcT3mBe9xqY1pOp5VZmlmLiQKo7MtC0FNHdgBA0fyvvhqtDK9qf6CiKOY3UgkZ9kzSBkZh6Cm5wih5d+Ga7NFkhtBCfimaBi5tCjWlOnE4veU501fcieO3rmelj13D33cFfQjVzUHpJcm+3/bZEkbViIMiU=,iv:cZyb56UV370QojhMslbfwPv3Fxqs1hrkmay5bJ/gEr0=,tag:XDTaVUEz10/gBpvzy0ERDA==,type:str]
lastmodified: "2022-06-05T10:38:15Z"
mac: ENC[AES256_GCM,data:CYINKjObzXgBDTjvkIOzvOzi+MuSnlcRGrD931CS+s+Cezp6wI0PnDa4hRtLgZpVsz3Q8D4gVDuSvT77w4EeU/FNWWJglYvB8gVP0/a6yGokn3KGpT6XGSvUJkvjpX4PAPrUSS6Eoqm16AEQFsqAST8cV/nHugDzXe7vgtv560U=,iv:/AZOg1/y8WFiZladDscVF5wo8olnAaCnMao5mcuEPi0=,tag:D0atRcbRZCboxr42mXAtrw==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.7.3