diff --git a/assets/ssh.nix b/assets/ssh.nix
index afdc92c..fb8a04d 100644
--- a/assets/ssh.nix
+++ b/assets/ssh.nix
@@ -15,7 +15,6 @@
kogata = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGK7H4Z29d72HJlI69Vt0YLOyuPcn9XxYjvMZfql80z0 nikodem@rabulinski.com";
hijiri = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFXVPUBYAMn9H3efG/ldWl/ySmZV0CXleyH7E5nKf/N7 nikodem@rabulinski.com";
tsukasa = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILPKXcihNVgsStMstnZYvh+Ai+JsydX3vu4O0yhlN+zw niko@tsukasa";
- youko = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKAGBazVVFr1+beFxpC701IPz4JwdPIyFJybVVZ9kTkr niko@youko";
};
system = {
@@ -26,6 +25,5 @@
kogata = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICPN/SXBcIB1WN8GIhYrQrqzFGuVkEP4o0E+x0uQ4f2l";
hijiri = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILsTkICNuUwGqrToisTViFCBoql39+DFYVZSWj7vfbXK";
tsukasa = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDKy32XGCkB0KOUm4f0ybrutfAzR7+baifM2yv5KuYV7 root@tsukasa";
- youko = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPSbIjEo28aB2TACkvLY+VRKElZEdH9qFlTTfxCrblGZ root@youko";
};
}
diff --git a/hosts/default.nix b/hosts/default.nix
index 03d464d..a245e1c 100644
--- a/hosts/default.nix
+++ b/hosts/default.nix
@@ -14,7 +14,6 @@
# ./installer
./ude
./kogata
- ./youko
];
builders =
diff --git a/hosts/youko/default.nix b/hosts/youko/default.nix
deleted file mode 100644
index 3a2fe49..0000000
--- a/hosts/youko/default.nix
+++ /dev/null
@@ -1,48 +0,0 @@
-{
- configurations.nixos.youko =
- {
- config,
- lib,
- username,
- ...
- }:
- {
- imports = [
- ./disks.nix
- ./hardware.nix
- ./sway.nix
- ./msmtp.nix
- ./nas.nix
- ];
-
- nixpkgs.hostPlatform = "x86_64-linux";
-
- boot = {
- loader.systemd-boot.enable = true;
- loader.efi.canTouchEfiVariables = true;
- };
-
- networking.networkmanager.enable = true;
-
- age.secrets.niko-pass.file = ../../secrets/youko-niko-pass.age;
- users.users.${username}.hashedPasswordFile = config.age.secrets.niko-pass.path;
-
- settei.user.config = {
- settei.desktop.enable = true;
- };
-
- services.udisks2.enable = true;
- settei.incus.enable = true;
- virtualisation.podman.enable = true;
- hardware.keyboard.qmk.enable = true;
-
- settei.unfree.allowedPackages = [ "vmware-workstation" ];
- virtualisation.vmware.host.enable = true;
- environment.etc."vmware/config" = lib.mkForce {
- source = "${config.virtualisation.vmware.host.package}/etc/vmware/config";
- text = null;
- };
-
- networking.hostId = "b49ee8de";
- };
-}
diff --git a/hosts/youko/disks.nix b/hosts/youko/disks.nix
deleted file mode 100644
index 3156235..0000000
--- a/hosts/youko/disks.nix
+++ /dev/null
@@ -1,58 +0,0 @@
-{
- disko.devices.disk.main = {
- type = "disk";
- device = "/dev/nvme0n1";
- content = {
- type = "gpt";
- partitions = {
- esp = {
- size = "512M";
- type = "EF00";
- content = {
- type = "filesystem";
- format = "vfat";
- mountpoint = "/boot";
- mountOptions = [ "umask=0077" ];
- };
- };
- luks = {
- size = "100%";
- content = {
- type = "luks";
- name = "crypted";
- settings.allowDiscards = true;
- content = {
- type = "btrfs";
- extraArgs = [ "-f" ];
- subvolumes =
- let
- mountOptions = [
- "noatime"
- "compress=zstd"
- ];
- in
- {
- "/root" = {
- inherit mountOptions;
- mountpoint = "/";
- };
- "/home" = {
- inherit mountOptions;
- mountpoint = "/home";
- };
- "/nix" = {
- inherit mountOptions;
- mountpoint = "/nix";
- };
- "/swap" = {
- mountpoint = "/.swapvol";
- swap.swapfile.size = "16G";
- };
- };
- };
- };
- };
- };
- };
- };
-}
diff --git a/hosts/youko/hardware.nix b/hosts/youko/hardware.nix
deleted file mode 100644
index 0f1386d..0000000
--- a/hosts/youko/hardware.nix
+++ /dev/null
@@ -1,25 +0,0 @@
-{ config, ... }:
-{
- boot = {
- extraModulePackages = with config.boot.kernelPackages; [ it87 ];
- initrd.availableKernelModules = [
- "nvme"
- "xhci_pci"
- "ahci"
- "usb_storage"
- "usbhid"
- "sd_mod"
- ];
- kernelModules = [
- "kvm-amd"
- "i2c-dev"
- "it87"
- ];
- extraModprobeConfig = ''
- options it87 ignore_resource_conflict=1
- '';
- };
-
- services.smartd.enable = true;
- hardware.cpu.amd.updateMicrocode = true;
-}
diff --git a/hosts/youko/msmtp.nix b/hosts/youko/msmtp.nix
deleted file mode 100644
index dc51c15..0000000
--- a/hosts/youko/msmtp.nix
+++ /dev/null
@@ -1,36 +0,0 @@
-# TODO: Potentially make this a common module?
-{
- pkgs,
- config,
- username,
- ...
-}:
-let
- mail = "alert@nrab.lol";
- aliases = pkgs.writeText "mail-aliases" ''
- ${username}: nikodem@rabulinski.com
- root: ${mail}
- '';
-in
-{
- age.secrets.alert-plaintext.file = ../../secrets/alert-plain-pass.age;
-
- programs.msmtp = {
- enable = true;
- setSendmail = true;
- defaults = {
- inherit aliases;
- tls = "on";
- auth = "login";
- tls_starttls = "off";
- };
- accounts = {
- default = {
- host = "mail.nrab.lol";
- passwordeval = "cat ${config.age.secrets.alert-plaintext.path}";
- user = mail;
- from = mail;
- };
- };
- };
-}
diff --git a/hosts/youko/nas.nix b/hosts/youko/nas.nix
deleted file mode 100644
index 2e83912..0000000
--- a/hosts/youko/nas.nix
+++ /dev/null
@@ -1,122 +0,0 @@
-{
- username,
- lib,
- pkgs,
- ...
-}:
-{
- boot = {
- supportedFilesystems = [ "zfs" ];
- zfs.extraPools = [ "yottapool" ];
- };
-
- services.zfs = {
- autoScrub.enable = true;
- zed.settings = {
- ZED_DEBUG_LOG = "/tmp/zed.debug.log";
- ZED_EMAIL_ADDR = [ username ];
- ZED_EMAIL_PROG = lib.getExe pkgs.msmtp;
- ZED_EMAIL_OPTS = "@ADDRESS@";
-
- ZED_NOTIFY_INTERVAL_SECS = 3600;
- ZED_NOTIFY_VERBOSE = true;
-
- ZED_USE_ENCLOSURE_LEDS = true;
- ZED_SCRUB_AFTER_RESILVER = true;
- };
- };
-
- services.samba-wsdd = {
- enable = true;
- openFirewall = true;
- };
-
- # TODO: Clean up. Potentially make it a separate module
- services.avahi = {
- publish.enable = true;
- publish.userServices = true;
- nssmdns4 = true;
- enable = true;
- openFirewall = true;
- extraServiceFiles = {
- timemachine = ''
-
-
-
- %h
-
- _smb._tcp
- 445
-
-
- _device-info._tcp
- 0
- model=TimeCapsule8,119
-
-
- _adisk._tcp
- dk0=adVN=tm_share,adVF=0x82
- sys=waMa=0,adVF=0x100
-
-
- '';
- };
- };
-
- services.samba = {
- enable = true;
- openFirewall = true;
- settings = {
- global = {
- "workgroup" = "WORKGROUP";
- "hosts allow" = "0.0.0.0/0";
- "guest account" = "nobody";
- "map to guest" = "bad user";
- "getwd cache" = "true";
- "strict sync" = "no";
- "use sendfile" = "true";
- };
- "tm_share" = {
- "path" = "/media/data/tm_share";
- "valid users" = "niko";
- "public" = "no";
- "writeable" = "yes";
- "force user" = "niko";
- "fruit:aapl" = "yes";
- "fruit:time machine" = "yes";
- "vfs objects" = "catia fruit streams_xattr";
- };
- };
- };
-
- services.jellyfin = {
- enable = true;
- openFirewall = true;
- };
- services.radarr.enable = true;
- # TODO: Remove once https://github.com/Sonarr/Sonarr/pull/7443 is merged
- nixpkgs.config.permittedInsecurePackages = [
- "dotnet-sdk-6.0.428"
- "aspnetcore-runtime-6.0.36"
- ];
- services.sonarr.enable = true;
- services.prowlarr.enable = true;
- services.jellyseerr.enable = true;
- services.deluge = {
- enable = true;
- web.enable = true;
- config.download_location = "/media/deluge";
- };
-
- users = {
- users = {
- jellyfin.extraGroups = [
- "radarr"
- "sonarr"
- ];
- radarr.extraGroups = [ "deluge" ];
- sonarr.extraGroups = [ "deluge" ];
- ${username}.extraGroups = [ "deluge" ];
- };
- };
-}
diff --git a/hosts/youko/sway.nix b/hosts/youko/sway.nix
deleted file mode 100644
index 9402602..0000000
--- a/hosts/youko/sway.nix
+++ /dev/null
@@ -1,137 +0,0 @@
-{
- config,
- lib,
- pkgs,
- ...
-}:
-{
- services.greetd = {
- enable = true;
- vt = 2;
- settings.default_session =
- let
- swayWrapper = pkgs.writeShellScript "sway-wrapper" ''
- export XCURSOR_THEME=volantes_cursors
- exec ${lib.getExe config.programs.sway.package}
- '';
- in
- {
- command = "${lib.getExe pkgs.greetd.tuigreet} --time --cmd ${swayWrapper}";
- user = "niko";
- };
- };
-
- programs.sway = {
- enable = true;
- wrapperFeatures.base = true;
- wrapperFeatures.gtk = true;
- };
-
- security.pam.services.swaylock = { };
- xdg.portal.config.common.default = "*";
-
- settei.user.config =
- { config, ... }:
- {
- home.pointerCursor = {
- name = "volantes_cursors";
- package = pkgs.volantes-cursors;
- };
-
- home.packages = with pkgs; [
- (writeShellApplication {
- name = "lock";
- text = ''
- swaymsg output '*' power off
- swaylock -c 000000
- swaymsg output '*' power on
- '';
- })
- (writeShellApplication {
- name = "screenshot";
- runtimeInputs = [
- slurp
- grim
- wl-clipboard
- ];
- text = ''
- grim -g "$(slurp)" - | \
- wl-copy -t image/png
- '';
- })
- # Bitwarden stuff, move to separate module or properly package?
- # Maybe use some other input method?
- (rofi-rbw.override { waylandSupport = true; })
- rbw
- pinentry-rofi
- ];
-
- wayland.windowManager.sway =
- let
- mod = config.wayland.windowManager.sway.config.modifier;
- in
- {
- enable = true;
- package = null;
- config.workspaceAutoBackAndForth = true;
- config.terminal = "wezterm";
- config.modifier = "Mod4";
- config.fonts.names = [ "IosevkaTerm Nerd Font" ];
- config.keybindings = lib.mkOptionDefault {
- "${mod}+b" = "exec rofi-rbw --selector rofi";
- "${mod}+d" = "exec rofi -show drun";
- "${mod}+Shift+s" = "exec screenshot";
- };
- config.keycodebindings = {
- "${mod}+Shift+60" = "exec lock";
- };
- config.window.commands =
- let
- alwaysFloating = [
- { window_role = "pop-up"; }
- { window_role = "bubble"; }
- { window_role = "dialog"; }
- { window_type = "dialog"; }
- { window_role = "task_dialog"; }
- { window_type = "menu"; }
- { app_id = "floating"; }
- { app_id = "floating_update"; }
- { class = "(?i)pinentry"; }
- { title = "Administrator privileges required"; }
- { title = "About Mozilla Firefox"; }
- { window_role = "About"; }
- {
- app_id = "firefox";
- title = "Library";
- }
- ];
- in
- map (criteria: {
- inherit criteria;
- command = "floating enable";
- }) alwaysFloating;
- config.input = {
- "type:pointer" = {
- accel_profile = "flat";
- pointer_accel = "0.2";
- };
- "type:keyboard" = {
- xkb_layout = "pl";
- };
- };
- config.seat."*" = {
- xcursor_theme = "volantes_cursors 24";
- };
- config.startup = [
- {
- command = "${lib.getExe' pkgs.glib "gsettings"} set org.gnome.desktop.interface cursor-theme 'volantes_cursors'";
- always = true;
- }
- ];
- };
- programs.rofi = {
- enable = true;
- package = pkgs.rofi-wayland;
- };
- };
-}
diff --git a/modules/system/incus.nix b/modules/system/incus.nix
index b46ab37..4313573 100644
--- a/modules/system/incus.nix
+++ b/modules/system/incus.nix
@@ -49,23 +49,6 @@ let
};
}
];
- profiles = [
- {
- devices = {
- eth0 = {
- name = "eth0";
- network = "incusbr0";
- type = "nic";
- };
- root = {
- path = "/";
- pool = "default";
- type = "disk";
- };
- };
- name = "default";
- }
- ];
};
};
networking = {
diff --git a/modules/system/sane-defaults.nix b/modules/system/sane-defaults.nix
index 918b34d..fcd1cde 100644
--- a/modules/system/sane-defaults.nix
+++ b/modules/system/sane-defaults.nix
@@ -92,10 +92,7 @@ let
isNormalUser = true;
home = "/home/${username}";
group = username;
- extraGroups = lib.mkMerge [
- [ "wheel" ]
- (lib.mkIf config.networking.networkmanager.enable [ "networkmanager" ])
- ];
+ extraGroups = [ "wheel" ];
};
groups.${username} = { };
};
diff --git a/secrets/alert-nrab-lol-pass.age b/secrets/alert-nrab-lol-pass.age
index 85d17ab..4e34281 100644
Binary files a/secrets/alert-nrab-lol-pass.age and b/secrets/alert-nrab-lol-pass.age differ
diff --git a/secrets/alert-plain-pass.age b/secrets/alert-plain-pass.age
index 032dbb2..0204c32 100644
Binary files a/secrets/alert-plain-pass.age and b/secrets/alert-plain-pass.age differ
diff --git a/secrets/attic-creds.age b/secrets/attic-creds.age
index 6d72b95..557c86a 100644
Binary files a/secrets/attic-creds.age and b/secrets/attic-creds.age differ
diff --git a/secrets/github-token.age b/secrets/github-token.age
index 03ad19e..25e333e 100644
--- a/secrets/github-token.age
+++ b/secrets/github-token.age
@@ -1,13 +1,13 @@
age-encryption.org/v1
--> ssh-ed25519 IFuY+w hrfVBxFIiDTvbm7OMYbme2+97WI3nqxYbjBNRXRS9H4
-SaKftmSA+8LitXnkqaw67xw378sNeGs/ENxmMsOVdvQ
--> ssh-ed25519 84j9mw opGXl7a35TsSj2/ADgdbS5bp6/EDTsUDkS/IjIgjUBA
-Cw5O6wt9vzqCgbWxxCrzmXJQH+/Ae1wwyHCcHLfpEck
--> ssh-ed25519 ioPMHA 5fAg0NsD/KlXSAJg1UQYsJEzZMy/wCHfwmv19cbWRyQ
-OhDaO75k9xEdCE0GdyJ6iK6B11ie/l4yCfVKp6py31I
--> ssh-ed25519 5A7peQ pqvZetDuRh5pesWPZ9725h7i+XuvSNMn7810ukhNjyM
-96JlWRIyIZ07siNa1kk0HtHhiB4NQbSKQ4KXsDJGGdE
--> ssh-ed25519 GKhvwg Ba5tOdWUlE9qs1tPb7t+0ZtHN82a6RmMHP1tzGe/VSg
-wLWBaFUkWkB5lMEKX0ISEQTGx/RDTF1vbvuGo9w8Qm4
---- yVc69z1O1UOM+93dnjV0wkeqb4StW4HcBYi00z+0dIQ
-"�49�bW5v WjsUڲoO��#S%\qn[hAjEhޢtjC
\ No newline at end of file
+-> ssh-ed25519 IFuY+w nyBEszEusqQE6jM7y9G4KCyzNHawdyy+hTfm9LsuRCY
+1bbg4kmmv9m2Gwp+3x8zvqFOkmTKt898/sGCUK9rpGE
+-> ssh-ed25519 84j9mw 5s2PNoIOMWf2gBwzmRHmssMOuvu2kv43316E20McKh8
+FyA+VjPgPynvMQfxm3d2+SOEpsJFIKJE8pbXeIkOfGI
+-> ssh-ed25519 ioPMHA 4N9PsYYaeqJDbxpQpyCgvR/JWwLPDCAi65YB6M0uT0U
+mFCqo1htPi2WRKiJz/t8Y7TMD/p7X81HsHGG0KIsROQ
+-> ssh-ed25519 5A7peQ ZjRTqjDou2xS638dR8AWKCv5uKTSmOSJ/4rkfFckhjY
+yUJABvMDLN0C15XBmnZJZ88khXAXLUP+aEqH5DlJcKY
+-> ssh-ed25519 GKhvwg w1OKhVPY89J/pbrrXIHVifV++5e1tLqlSL9yM/2rqX0
+VF0cvmdtCZAlPgIqcNZYp7ANPhvDqlFE7h018lCbWyg
+--- YWa0wXlaYVF+g06+w/u/h+NURlfMY8lauf5ZtrrhrF4
+3��ͅ�P׆?4)�mf.�²�`aFCj"Jwd鱇Bƌ+{dK
\ No newline at end of file
diff --git a/secrets/hercules-cache.age b/secrets/hercules-cache.age
index 783c7f3..615b2c2 100644
Binary files a/secrets/hercules-cache.age and b/secrets/hercules-cache.age differ
diff --git a/secrets/hercules-secrets.age b/secrets/hercules-secrets.age
index 8b55761..f63b958 100644
--- a/secrets/hercules-secrets.age
+++ b/secrets/hercules-secrets.age
@@ -1,16 +1,13 @@
age-encryption.org/v1
--> ssh-ed25519 84j9mw qVTbaORT1Ouwq1uA0cWQ3Q85tLYcq6xuZ9UhcMOTTSk
-PE0VZp1P9K4IAnm/BIDusGsp4dtLvaN0/m9q9gNnfx4
--> ssh-ed25519 ioPMHA +m127XNN1vH6Tg6XGuHDbND0giQgGsMLE7YUKagZbXk
-tKyYRNLt1UgnQR//64yAunpHjE7JyB/Mkdmc4gkMTWw
--> ssh-ed25519 IFuY+w x4WynTbStig1Ay9gyaplDcNlLQT0kMOFOJwVvcco1i0
-i8M7n2tfBJoFNmQHs5jEaZdfKc1UmjL5y6oBCos1mDk
--> ssh-ed25519 5A7peQ +XJDHQntGS+FcrFgy9X/9RDOrBMNCI8rHsicV4Z5sBo
-i6xfceBN4DE9EYF8Q4PaJjX7qbELJaJ5dxMGoAIE8xU
--> ssh-ed25519 GKhvwg fzJcotOtNhVeNwOdMQIwPT9GmgbE13HYmCkwbFlCCkQ
-mNtYtoX8IUDgHKAQRA5e7HLZgYVI9wCF8QMm530eFEo
---- EIWU+anFU1NSYiu3O+xncDnVvJVrwHzwaAX1YhsaOj4
-%DJ#��0A�D
-q�z�,3sH����V�b��Tުˇ8[ �?VgNVd
-ĝȗL=̵g%ι[md�6oqE4ŏ�F3�@P\(MDM;%^ܫ�px��p�):O9,iBT
-s�ǚ-�JWE\0£y>0;y�L{t.g%W,X} JJdg3\�#�)�0h=lhBB�Xb$^
�BM[~�u? hl��c;zk
\ No newline at end of file
+-> ssh-ed25519 84j9mw P7StDsdpmJLp0ni5ZwdhVy2lx5TSfVlIqFAF9y4Zn34
+UksAEE1WWb2xWgHM8h4lhTW2pwqF8ydgGtFnqcp1KUo
+-> ssh-ed25519 ioPMHA roPhy0I+dRtPuWsnFSxl2m7Uh7GgXkupwHSgL+LHrzs
+8rUE3mr9dukcAeR1213wjSm6Bme9ExpGX6TjEhHRYnc
+-> ssh-ed25519 IFuY+w crwMCw/ElBMNFhUMHLAg+ZxpsutBwV7hhG79bXEmCDE
+7rnOVAVI/HgGbaswauWxCqB7Tkzx3hCxB2RZOi4aIpQ
+-> ssh-ed25519 5A7peQ bcqPb+IVrI8BKlcpIrZ/qnbnG3p/mLsk/iSCVYlvwmY
+2q9KmMmyeYey9txiYrmxM5T86qXw7arKZSAbxszgxVo
+-> ssh-ed25519 GKhvwg H9Pka72t6kmmxGcoAaRtyn8m9xlP9DJSeBrE6jVtRh4
+w/lcxBFd5w9mMn/sarr+7yCY+IGJzMJUgvi+KrQA4s4
+--- wO1f52ZjrCtOdgOrnkKWPao5ZS2BhmWFQmvLGliosyM
+S]luG �c�U LHb/(f� $&XmݒFPt�.n,)t8 �9g~3.h`0i|Zi�9S�߫��ޔ~vf,~\;�IۮF�V�O)uj:u[&��6�`OZ|y�V�ɥ_Pe��K.vꪹ^2�-�Ҁ<\^m!.y��s���
l
��K`fbDcdb�D��<_6zR?g̮`H ,5�h$\Xl
\ No newline at end of file
diff --git a/secrets/hercules-token.age b/secrets/hercules-token.age
index 54dd108..66500a1 100644
Binary files a/secrets/hercules-token.age and b/secrets/hercules-token.age differ
diff --git a/secrets/leet-nrab-lol-pass.age b/secrets/leet-nrab-lol-pass.age
index fbf07ad..28c300e 100644
--- a/secrets/leet-nrab-lol-pass.age
+++ b/secrets/leet-nrab-lol-pass.age
@@ -1,7 +1,8 @@
age-encryption.org/v1
--> ssh-ed25519 84j9mw qRlII1WyhanH2pNwSnl01iMlPWQ7tsyiNNOHPLNMflo
-ZMtYsPCDsgcbN1qoAYWTBQtfBWGHzi4WKbGtpJSzKRA
--> ssh-ed25519 GKhvwg Fck+71BDUxko70r43pDKCYaa5OKZipR4iNveNrJaiC0
-uZZhlsckmE+mi7Oq8+gtisDFmLEoy0Pm/9BKgRi9VHo
---- i/jgJHw3pEnMDGSjdK47mOkt87oI8szIHiIqimXVyXY
-ߵSAѶ��Bzwg@"PY^+E['����,K[X~Xg{��2c4
\ No newline at end of file
+-> ssh-ed25519 84j9mw ZuGILSHnMIMy/GDEjkAriTBKBykkytcIVo63DPd4MhA
+aa/sGLpf+GrLzo8Jf3JWAPI0Uk96SH/CvGhynNJVx6E
+-> ssh-ed25519 GKhvwg STHVqp1zYhQzu73INk2Cmkuf8X8kJPLtGSY8LJze/Tc
+Ny1C5CAnqSCcunIbM8if8oQ2VlerIIW5Dqds/Ztektw
+--- gaHP+odPfw8A4f5NJkYOuvvYRWwo5EzRZVkXp6E7dfI
+N�fO=�+T3T 0w ssh-ed25519 g2vRWw Pdv9mU1heeteeLbLFVUAIyZxmCWHNmhnw0TphSVMczg
-xks6yrF0BziJFp1QHSJdv5Svo1bCu9DF6s3wa2h0Xmg
--> ssh-ed25519 GKhvwg H2DeS0HP/vWKRrBszwCffNgIZo8nVymGSkWEH26Y/2k
-2y9DCIwpFsFXpgOwOrrD9+HpRzEuno1fW2upd2FLbZc
---- LNHsLxE4XBziNhnXmARcxB7UWhcKNvon1sDdX6mfZaw
--�1dm
-���fR,[#[-;M}vi4x�~=)o��N^n"X���B}W583惍f�v:��uZ�ɶ
\ No newline at end of file
+-> ssh-ed25519 g2vRWw //TMaNWwTNS5wE3Hg/SEwqriIaOiOUE5remdVF449Vk
+8K3isM05ep9HJ58TlNE9bmiIuqJPoq3lI/3AbUrLw8Q
+-> ssh-ed25519 GKhvwg GANoFnELye0945KaMuS7xw6CGPhI5vigD+vScnpbQxI
+CSx0E7fOB8A5MSc1ySywNFj5mkkdi6DDUc+ObaW/kew
+--- +BiFZI/o5loCYZ95bkY4zQYr2y6SYc2bmnRuAMg2MPM
+"D1Mh��`dclU;�]Puռ /?�5\\D�1l6ø�zNS
+N;<+^Bpm՚���y���
��sZ;�Vj
\ No newline at end of file
diff --git a/secrets/nrab-lol-cf.age b/secrets/nrab-lol-cf.age
index d3b9015..d1672d7 100644
Binary files a/secrets/nrab-lol-cf.age and b/secrets/nrab-lol-cf.age differ
diff --git a/secrets/ntfy-alert-pass.age b/secrets/ntfy-alert-pass.age
index 27558ca..7819217 100644
Binary files a/secrets/ntfy-alert-pass.age and b/secrets/ntfy-alert-pass.age differ
diff --git a/secrets/ntfy-niko-pass.age b/secrets/ntfy-niko-pass.age
index 276c72f..cca1985 100644
--- a/secrets/ntfy-niko-pass.age
+++ b/secrets/ntfy-niko-pass.age
@@ -1,7 +1,7 @@
age-encryption.org/v1
--> ssh-ed25519 84j9mw VodL+EHOjoXj8R/F0vMQzEcnnCFzzes0QByGCDCgVQw
-tZLaDA1FLFwbK0AGo8lpTJjMUnPhJh1czYVLIYjkcEc
--> ssh-ed25519 GKhvwg gHaR4I4l0I+/XrbjTMp/mevEzxPJXNLB1eHs33WKwGw
-GTAzrhyyDylZgExteDGpGbcS/TFX1q+NhF1FWHzNV0s
---- QS1dAgdS96KwIprDjzz6OD4qSIZs4/m9JEIsi3+kgPk
-�zPCSx�f �-��i�c7_2��~�jA
\ No newline at end of file
+-> ssh-ed25519 84j9mw tR4gg/XeVdS8xCIuHxN25uaRKu6a09DSW26SI3AWDlM
+uC2gJ9UWDE6uVXkUDlaVZlWAH5iLDgagkN+54msvyoY
+-> ssh-ed25519 GKhvwg q27QskTYhI5gjIKKpNHn5V2FRmhIg8QFJ8m0TPZiwSY
+/0RIbiG/nwxKDJ613BLoCNvjej6f65mr1xwCN7/aueI
+--- XU82wFZVE+zTZ/mGhnoxqWrdUOv3n6VOwQizZSHPLfw
+"�1KĽ.� �J'!nlO]>�Y
E�X
\ No newline at end of file
diff --git a/secrets/rab-lol-cf.age b/secrets/rab-lol-cf.age
index 4b5734a..00a6556 100644
--- a/secrets/rab-lol-cf.age
+++ b/secrets/rab-lol-cf.age
@@ -1,9 +1,10 @@
age-encryption.org/v1
--> ssh-ed25519 ioPMHA ftS+6CMGsySkp/KbDBLPKeWNDK83bZ2VB8ZKMRijkkY
-U+2wopG3G2AvI4KUD9tZGIrHZSM3UdyDdYmbbkllWPo
--> ssh-ed25519 84j9mw xek41MX1ETVgRZa24I7n5U/XkJOqItQWK3Qz1FfkDCc
-40CWzCUmxsjgmiObbqKuSieifZ2vNo965jOeTrZ8hT8
--> ssh-ed25519 GKhvwg X2YSREIPjoaWaku9qrVu04hOlZjUF3LFEUZaIMgg02s
-jbjT6qoIFGXRv2wrkzf2GHx3tcku/tgWfK6Sns3uFVc
---- B/FIIz8dDg9YXbtDxfAQFZj9PCLHwI/mboBJQBuFmJg
-4�L�7H3F
�̈́"fU(�L~%sbԀ~Z}Z>2KO�'Q�\W[�όe1�^I���
\ No newline at end of file
+-> ssh-ed25519 ioPMHA efHpBvtB+mXXa7RoRdqePHGOmsY5BXVOgGsfOhPm30w
+2GvumVVuuLGEarpdauTCrB61aLtVtrkM3/pPlWIODnk
+-> ssh-ed25519 84j9mw rqj6xvESlvrfcjhVEWCbpd//vvdKjrTjt3ZDPeLHowQ
+dcUD131zvVQGiUYQWt9A51CnIpLGNSGinSZk7HSGHoc
+-> ssh-ed25519 GKhvwg cIji8zRSGWEbC/xxS8C4jyDCpQsFv05j2Yo8UjaHSAk
++c/tIYPigZdPQWKvGYaoA6AYRAB83XlEEdfucihB984
+--- TEQTQ/lm/JqyyWU2sC10qHl4AL/2IP9yCUfhXG4LdP4
+�ȮS�F-dcD�\?h Qg@��W
+xA|M*rt0ű�~ѰXa{y/WUѸ�Y렬�{װ}TA�xD
\ No newline at end of file
diff --git a/secrets/rabulinski-com-cf.age b/secrets/rabulinski-com-cf.age
index 6e80a30..2a15532 100644
--- a/secrets/rabulinski-com-cf.age
+++ b/secrets/rabulinski-com-cf.age
@@ -1,7 +1,7 @@
age-encryption.org/v1
--> ssh-ed25519 84j9mw d9KZV9S1hRXBvVcFe40S0NqWKlQ/AdRgAqdYXKicXR8
-SgTn9MXrft+sRr4I96fqQHzAdm0b21Bd0eSoYFfq7/4
--> ssh-ed25519 GKhvwg B9qTfegTwDH/X0nQMGvTKCsK2GyzJ7yWgFIo+nKhsGc
-Is4Hi8B2/9s0pz/quvNER2hTkabPbr7qeILL4PhQO1c
---- 1BhfbNEwYq0ra5slik651qbC8jffR2FmnDHV3FDtom0
--�oSԐ-?�{r�]5;+0
G�oE9tHX�jqj2@�3�@� mmkyQ;_�W϶Q~
\ No newline at end of file
+-> ssh-ed25519 84j9mw LuZiZnebklpoXQ6RPZSrELwY4CzwY+Qb/LrlVPFiSC4
+QVi6XyetJxwvOB+v+CyKEdcq96ykcK3wfWh3i75Dq1o
+-> ssh-ed25519 GKhvwg V3iEXNodDDKKKrHSfNYVKTphsMQfgl3Z/LUwTyArx3A
+FQJLg7uHWzc6/U+/QOCYwrkwvvw8rQNG+h+PJ1rRKXA
+--- FVExbzlz8e7moZFIkpMR+sj4Kurv+Ge6yMW/uJLr5H4
+ѠI-iO�Jbzk1"KxI{Bƚd#71ܮm-�0D��f\y}���=ڸ
4�ݣ
\ No newline at end of file
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index ef3acb5..fc8ce14 100644
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -33,8 +33,9 @@ in
keys.other.bootstrap
];
"alert-plain-pass.age".publicKeys = [
+ keys.system.legion
keys.other.bootstrap
- ] ++ builtins.attrValues keys.system;
+ ];
"legion-niko-pass.age".publicKeys = [
keys.system.legion
keys.other.bootstrap
@@ -88,8 +89,4 @@ in
keys.system.ude
keys.other.bootstrap
];
- "youko-niko-pass.age".publicKeys = [
- keys.system.youko
- keys.other.bootstrap
- ];
}
diff --git a/secrets/storage-box-creds.age b/secrets/storage-box-creds.age
index 8b0a272..02e128e 100644
--- a/secrets/storage-box-creds.age
+++ b/secrets/storage-box-creds.age
@@ -1,7 +1,9 @@
age-encryption.org/v1
--> ssh-ed25519 84j9mw auP2WgwsaWjyocQkSzoYShO2kSLjn2UArvAVEhKgDiY
-4Uh423ZjS7/Xo6TxLJzWqXgHZAu0xouH0UvFZuJuEz4
--> ssh-ed25519 GKhvwg JHtyTS12OXspSKP9r/a61cfp+ubYbsAXFmEijMTex3Q
-wZYrJ8yIZ3v5cdBzpiI9ocaTpHbtmebEpbr59Bz3rhc
---- koWJ57H+ErMJDxW6JDNL2ImmZb6o9v2BJtaFi2OL+dc
-I��o5q&CU*�[T.HɊʺ��kkpOY�s,g49ʼn$^l-A/�QX�
\ No newline at end of file
+-> ssh-ed25519 84j9mw voingQjX/CjAjo63KLaRPFaG74IpxcRb0qv+r2b5wzo
+ccWzQQSJW7cc8RiS9PzN2U5Xj0+Z7804tPsaGrq09KA
+-> ssh-ed25519 GKhvwg 2z8J0YRxQ4WP1G/W7DxRK7z1b6UBjodvN8ECP4fLg1U
+wRG4U9oAJ2KtPUHg5l0yDmmHatmwXOrn2nJlOQJMlpE
+--- qs7kR5AIkwQ8NtDjYnmKZmCl4+1G6MFBNB3Mu3J9Y1M
+
+8[WѕS��]&Zaؼu��EB��!pϴ��4pYݱ"
+QYqSƬ`
\ No newline at end of file
diff --git a/secrets/storage-box-webdav.age b/secrets/storage-box-webdav.age
index 93a739a..8a7f3b8 100644
Binary files a/secrets/storage-box-webdav.age and b/secrets/storage-box-webdav.age differ
diff --git a/secrets/ude-deluge.age b/secrets/ude-deluge.age
index f9cdd04..f0269c2 100644
--- a/secrets/ude-deluge.age
+++ b/secrets/ude-deluge.age
@@ -1,7 +1,7 @@
age-encryption.org/v1
--> ssh-ed25519 IFuY+w EOJQpXxn+NL/BJjpdo8mIGfOYxcMElkVIiGx7KftrQ4
-OcglvGhSgb1mxH8M19ZMf3m6lSF0clzH7Mjikf7cilM
--> ssh-ed25519 GKhvwg cr+0J59wCjYBONBcDulN8lpvZiCvULHqnwDu+eKQRAo
-9q87PSfr4kq8lCDrw5Od3D1xJjSSmVv2/TXBWEBtBpU
---- FmVR9tb8wjYFb/FBTrblXMCUAMw5KQ7sX8WojcxCrbk
-C<\}J�f|6�G@WXc-"ϐ�A�GZ'x�_�Ԡz�,@n"�3[?
Lb@e
\ No newline at end of file
+-> ssh-ed25519 IFuY+w +zbPYKlvvfaIQl+PnnZlEai/TAgzsQ7s/1bLXNXnXEw
+BTQQRxlaRFbWnV6e+QBPDfN+lyg9URj+2h85tDKZ19k
+-> ssh-ed25519 GKhvwg DzWYIGY0CNdA5wp7PkV1gpWmtYG28or8XeNZ7DkLz1c
+ELQVeuyaIOWVH6+oMDDlI3CikDLe5jijwVPbaRBL2NQ
+--- vCU0PryisDG8cOKr6CmPcUwjIdThsRjrty/fowZNwOk
+h�+Ѯ>�HV�`w|e/]k�yS�~dm�&9Y))�T
n��S8@ۿzsS�g'
\ No newline at end of file
diff --git a/secrets/youko-niko-pass.age b/secrets/youko-niko-pass.age
deleted file mode 100644
index 4c85947..0000000
--- a/secrets/youko-niko-pass.age
+++ /dev/null
@@ -1,7 +0,0 @@
-age-encryption.org/v1
--> ssh-ed25519 rA7dkQ etmPKjKz102knTx/qQAihC9bFvRENB0Q1DtnaQyjfm4
-GPt9OCIwT+/Q/UUDtkHB8d7T6znHy1y1NEUeI+SCeMg
--> ssh-ed25519 GKhvwg qdCxGyXrdD+WQa/il8fIlV7OKdREqd40Qk0PKITHxlk
-OBJ9gg+KBHi2s1HYLazy3K+yh8tvnUvmuH+riWU7K8c
---- V3FRy0/TcUdUaBDUK+93r5rH26Is/KVuNJC+1vFMsOI
-wO�.➌a�A�&ޝz [�oXĂu������,ajxGƜu/������eL̛/6S[SU
\ No newline at end of file
diff --git a/secrets/zitadel-master.age b/secrets/zitadel-master.age
index 6dbbbf4..68a374a 100644
Binary files a/secrets/zitadel-master.age and b/secrets/zitadel-master.age differ