diff --git a/.envrc b/.envrc index 3550a30..6cb4a53 100644 --- a/.envrc +++ b/.envrc @@ -1 +1,2 @@ use flake +watch_file nilla.nix diff --git a/.forgejo/workflows/build.yaml b/.forgejo/workflows/build.yaml index 89693ab..ac6058b 100644 --- a/.forgejo/workflows/build.yaml +++ b/.forgejo/workflows/build.yaml @@ -1,5 +1,6 @@ on: push: + branches: [main] pull_request: types: [opened, synchronize, reopened] @@ -8,4 +9,5 @@ jobs: runs-on: native steps: - uses: actions/checkout@v4 - - run: nix flake check --all-systems + - run: nix-build -A ci.check + - run: ./result diff --git a/.gitignore b/.gitignore index 92b2793..2bbdbfe 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ .direnv +result diff --git a/README.md b/README.md index 8d5da60..4e21a30 100644 --- a/README.md +++ b/README.md @@ -3,7 +3,7 @@ 雪定(せってい) -Collection of my personal Nix configurations and opinionated NixOS, nix-darwin, home-manager, and flake-parts modules. +Collection of my personal Nix configurations and opinionated NixOS, nix-darwin, home-manager, and nilla modules. > [!CAUTION] > I tried to make the modules in this repository useful to others without having @@ -25,13 +25,12 @@ Collection of my personal Nix configurations and opinionated NixOS, nix-darwin, - modules - options which in principle should be reusable by others - system - my opinionated nixos/nix-darwin modules - home - my opinionated home-manager modules - - flake - flake-parts modules + - nilla - nilla modules - services - configs for services I self-host - secrets - agenix secrets - wrappers - nix packages wrapped with my configs (see: [wrapper-manager](https://github.com/viperML/wrapper-manager)) - assets - miscellaneous values reused throughout my config -- effects.nix - hercules-ci configuration ## Code guidelines @@ -55,9 +54,8 @@ clean, maintainable, and reusable. Sorted rougly by priority +- get rid of flakes completely - bring back ci (sorta done) -- hercules-ci effects for deploying machines on update (if configuration is - valid) -- fix disko +- automatic deploys (either push or pull, to be decided) - make the configuration truly declarative (to a reasonable degree) - themeing solution diff --git a/assets/default.nix b/assets/default.nix index 123d12c..4e3187c 100644 --- a/assets/default.nix +++ b/assets/default.nix @@ -1,8 +1,8 @@ -{ lib, ... }: +{ lib }: { - options.assets = lib.mkOption { - type = lib.types.unspecified; - readOnly = true; + options.assets = lib.options.create { + type = lib.types.raw; + writable = false; }; config.assets = { diff --git a/default.nix b/default.nix new file mode 100644 index 0000000..6443a49 --- /dev/null +++ b/default.nix @@ -0,0 +1,12 @@ +let + nilla = import ./nilla.nix { }; + getPackage = name: nilla.packages.${name}.result.${builtins.currentSystem}; +in +{ + ci.check = getPackage "ci-check"; + formatter = getPackage "formatter"; + systems = { + nixos = builtins.mapAttrs (_: system: system.result) nilla.systems.nixos; + darwin = builtins.mapAttrs (_: system: system.result) nilla.systems.darwin; + }; +} diff --git a/effects.nix b/effects.nix deleted file mode 100644 index aa9906a..0000000 --- a/effects.nix +++ /dev/null @@ -1,102 +0,0 @@ -{ - config, - lib, - withSystem, - self, - ... -}: -let - collectFlakeOutputs = - { config, pkgs }: - let - inherit (pkgs) lib; - collectDrvs = - prefix: attrs: - let - drvs = lib.pipe attrs [ - (lib.filterAttrs (_: lib.isDerivation)) - (lib.mapAttrsToList ( - name: drv: { - name = lib.concatStringsSep "." (prefix ++ [ name ]); - inherit drv; - } - )) - ]; - recursed = lib.pipe attrs [ - (lib.filterAttrs ( - _: val: (!lib.isDerivation val) && (lib.isAttrs val) && (val.recurseForDerivations or true) - )) - (lib.mapAttrsToList (name: collectDrvs (prefix ++ [ name ]))) - ]; - in - drvs ++ (lib.flatten recursed); - rootOutputs = builtins.removeAttrs config.onPush.default.outputs [ "effects" ]; - in - collectDrvs [ ] rootOutputs; -in -{ - defaultEffectSystem = "aarch64-linux"; - - hercules-ci = { - flake-update = { - enable = true; - when.dayOfWeek = "Mon"; - }; - }; - - herculesCI = herculesCI: { - onPush.default = { - outputs.effects = { - pin-cache = withSystem config.defaultEffectSystem ( - { pkgs, hci-effects, ... }: - let - collected = collectFlakeOutputs { - inherit (herculesCI) config; - inherit pkgs; - }; - cachixCommands = lib.concatMapStringsSep "\n" ( - { name, drv }: "cachix pin nrabulinski ${lib.escapeShellArg name} ${lib.escapeShellArg drv}" - ) collected; - in - hci-effects.runIf (herculesCI.config.repo.branch == "main") ( - hci-effects.mkEffect { - secretsMap."cachix-token" = "cachix-token"; - inputs = [ pkgs.cachix ]; - userSetupScript = '' - cachix authtoken $(readSecretString cachix-token .token) - ''; - # Discarding the context is fine here because we don't actually want to build those derivations. - # They have already been built as part of this job, - # we only want to pin them to make sure cachix doesn't GC them. - effectScript = builtins.unsafeDiscardStringContext cachixCommands; - } - ) - ); - }; - }; - }; - - perSystem = - { pkgs, lib, ... }: - rec { - legacyPackages.outputsList = - let - config = self.herculesCI { - primaryRepo = { }; - herculesCI = { }; - }; - in - collectFlakeOutputs { inherit config pkgs; }; - - legacyPackages.github-matrix = - let - systems = lib.groupBy ({ drv, ... }: drv.system) legacyPackages.outputsList; - in - lib.concatMapStringsSep "\n" ( - { name, value }: - '' - ${name}=${builtins.toJSON (map (d: d.name) value)} - '' - ) (lib.attrsToList systems); - }; -} diff --git a/flake.lock b/flake.lock index 3cd382a..af46674 100644 --- a/flake.lock +++ b/flake.lock @@ -1,5 +1,21 @@ { "nodes": { + "__flake-compat": { + "flake": false, + "locked": { + "lastModified": 1748460212, + "narHash": "sha256-RBUseGlYAKOd8hnKVujiGzpdJoZWj5e3A+Ds2mKsv28=", + "ref": "refs/heads/main", + "rev": "88e58d66efad1b3e0edf8633ea0774f7105d37c9", + "revCount": 86, + "type": "git", + "url": "https://git.lix.systems/lix-project/flake-compat.git" + }, + "original": { + "type": "git", + "url": "https://git.lix.systems/lix-project/flake-compat.git" + } + }, "agenix": { "inputs": { "darwin": [ @@ -14,11 +30,11 @@ "systems": "systems" }, "locked": { - "lastModified": 1736955230, - "narHash": "sha256-uenf8fv2eG5bKM8C/UvFaiJMZ4IpUFaQxk9OH5t/1gA=", + "lastModified": 1747575206, + "narHash": "sha256-NwmAFuDUO/PFcgaGGr4j3ozG9Pe5hZ/ogitWhY+D81k=", "owner": "ryantm", "repo": "agenix", - "rev": "e600439ec4c273cf11e06fe4d9d906fb98fa097c", + "rev": "4835b1dc898959d8547a871ef484930675cb47f1", "type": "github" }, "original": { @@ -28,30 +44,13 @@ } }, "attic": { - "inputs": { - "crane": [ - "crane" - ], - "flake-compat": "flake-compat", - "flake-parts": "flake-parts", - "lix": [ - "lix" - ], - "lix-module": [ - "lix-module" - ], - "nix-github-actions": "nix-github-actions", - "nixpkgs": [ - "nixpkgs" - ], - "nixpkgs-stable": "nixpkgs-stable" - }, + "flake": false, "locked": { - "lastModified": 1742679462, - "narHash": "sha256-L9q9KDqiJEREM/GRnSo4vB9VCvclmdRT9vXuFwBmb9Y=", + "lastModified": 1748777195, + "narHash": "sha256-j3GQS4zm4zc1yo+5hCs0kpIGNDePj7ayRkbqsy3tyYs=", "ref": "refs/heads/main", - "rev": "087bfe9234f8dc682dbf1d8f96c0b712f587c466", - "revCount": 368, + "rev": "ec24c04e345ab02ff35020d99e34f1eda0b82352", + "revCount": 373, "type": "git", "url": "https://git.lix.systems/nrabulinski/attic.git" }, @@ -79,11 +78,11 @@ "conduit-src": { "flake": false, "locked": { - "lastModified": 1742005420, - "narHash": "sha256-v4LCx7VUZ+8Hy1+6ziREVY/QEADjZbo8c0h9eU7nMVY=", + "lastModified": 1748702033, + "narHash": "sha256-W72vGS0qJow1O4jXkuE3px4eNyFJeZqjuMREs6Lb5bU=", "owner": "famedly", "repo": "conduit", - "rev": "063d13a0e10619f17bc21f0dd291c5a733581394", + "rev": "a1886a13967b0471b55428f7aed55087ad357491", "type": "gitlab" }, "original": { @@ -94,12 +93,28 @@ } }, "crane": { + "flake": false, "locked": { - "lastModified": 1742394900, - "narHash": "sha256-vVOAp9ahvnU+fQoKd4SEXB2JG2wbENkpqcwlkIXgUC0=", + "lastModified": 1748047550, + "narHash": "sha256-t0qLLqb4C1rdtiY8IFRH5KIapTY/n3Lqt57AmxEv9mk=", "owner": "ipetkov", "repo": "crane", - "rev": "70947c1908108c0c551ddfd73d4f750ff2ea67cd", + "rev": "b718a78696060df6280196a6f992d04c87a16aef", + "type": "github" + }, + "original": { + "owner": "ipetkov", + "repo": "crane", + "type": "github" + } + }, + "crane_2": { + "locked": { + "lastModified": 1743700120, + "narHash": "sha256-8BjG/P0xnuCyVOXlYRwdI1B8nVtyYLf3oDwPSimqREY=", + "owner": "ipetkov", + "repo": "crane", + "rev": "e316f19ee058e6db50075115783be57ac549c389", "type": "github" }, "original": { @@ -115,11 +130,11 @@ ] }, "locked": { - "lastModified": 1742382197, - "narHash": "sha256-5OtFbbdKAkWDVuzjs1J9KwdFuDxsEvz0FZX3xR2jEUM=", + "lastModified": 1748354048, + "narHash": "sha256-BUUifoC7bipKczvpk8fq+UYrhiK95nt/zhMuPcelzWg=", "owner": "lnl7", "repo": "nix-darwin", - "rev": "643b57fd32135769f809913663130a95fe6db49e", + "rev": "eb1b636932ba2f19522d3687ba27c6adf3fd5978", "type": "github" }, "original": { @@ -136,11 +151,11 @@ ] }, "locked": { - "lastModified": 1741786315, - "narHash": "sha256-VT65AE2syHVj6v/DGB496bqBnu1PXrrzwlw07/Zpllc=", + "lastModified": 1748225455, + "narHash": "sha256-AzlJCKaM4wbEyEpV3I/PUq5mHnib2ryEy32c+qfj6xk=", "owner": "nix-community", "repo": "disko", - "rev": "0d8c6ad4a43906d14abd5c60e0ffe7b587b213de", + "rev": "a894f2811e1ee8d10c50560551e50d6ab3c392ba", "type": "github" }, "original": { @@ -149,55 +164,14 @@ "type": "github" } }, - "fenix": { - "inputs": { - "nixpkgs": [ - "nixpkgs" - ], - "rust-analyzer-src": "rust-analyzer-src" - }, - "locked": { - "lastModified": 1742452566, - "narHash": "sha256-sVuLDQ2UIWfXUBbctzrZrXM2X05YjX08K7XHMztt36E=", - "owner": "nix-community", - "repo": "fenix", - "rev": "7d9ba794daf5e8cc7ee728859bc688d8e26d5f06", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "fenix", - "type": "github" - } - }, - "firefox-darwin": { - "inputs": { - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1742432361, - "narHash": "sha256-FlqTrkzSn6oPR5iJTPsCQDd0ioMGzzxnPB+2wve9W2w=", - "owner": "bandithedoge", - "repo": "nixpkgs-firefox-darwin", - "rev": "c868ff433ea5123e837a62ae689543045187d7a4", - "type": "github" - }, - "original": { - "owner": "bandithedoge", - "repo": "nixpkgs-firefox-darwin", - "type": "github" - } - }, "flake-compat": { "flake": false, "locked": { - "lastModified": 1733328505, - "narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=", + "lastModified": 1747046372, + "narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=", "owner": "edolstra", "repo": "flake-compat", - "rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec", + "rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885", "type": "github" }, "original": { @@ -206,81 +180,6 @@ "type": "github" } }, - "flake-compat_2": { - "flake": false, - "locked": { - "lastModified": 1696426674, - "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", - "type": "github" - }, - "original": { - "owner": "edolstra", - "repo": "flake-compat", - "type": "github" - } - }, - "flake-parts": { - "inputs": { - "nixpkgs-lib": [ - "attic", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1741352980, - "narHash": "sha256-+u2UunDA4Cl5Fci3m7S643HzKmIDAe+fiXrLqYsR2fs=", - "owner": "hercules-ci", - "repo": "flake-parts", - "rev": "f4330d22f1c5d2ba72d3d22df5597d123fdb60a9", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "flake-parts", - "type": "github" - } - }, - "flake-parts_2": { - "inputs": { - "nixpkgs-lib": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1741352980, - "narHash": "sha256-+u2UunDA4Cl5Fci3m7S643HzKmIDAe+fiXrLqYsR2fs=", - "owner": "hercules-ci", - "repo": "flake-parts", - "rev": "f4330d22f1c5d2ba72d3d22df5597d123fdb60a9", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "flake-parts", - "type": "github" - } - }, - "flake-parts_3": { - "inputs": { - "nixpkgs-lib": "nixpkgs-lib" - }, - "locked": { - "lastModified": 1722555600, - "narHash": "sha256-XOQkdLafnb/p9ij77byFQjDf5m5QYl9b2REiVClC+x4=", - "owner": "hercules-ci", - "repo": "flake-parts", - "rev": "8471fe90ad337a8074e957b69ca4d0089218391d", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "flake-parts", - "type": "github" - } - }, "flake-utils": { "inputs": { "systems": "systems_2" @@ -317,24 +216,6 @@ "type": "github" } }, - "flake-utils_3": { - "inputs": { - "systems": "systems_4" - }, - "locked": { - "lastModified": 1731533236, - "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, "flakey-profile": { "locked": { "lastModified": 1712898590, @@ -350,20 +231,67 @@ "type": "github" } }, + "git-hooks": { + "inputs": { + "flake-compat": [ + "mailserver", + "flake-compat" + ], + "gitignore": "gitignore", + "nixpkgs": [ + "mailserver", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1742649964, + "narHash": "sha256-DwOTp7nvfi8mRfuL1escHDXabVXFGT1VlPD1JHrtrco=", + "owner": "cachix", + "repo": "git-hooks.nix", + "rev": "dcf5072734cb576d2b0c59b2ac44f5050b5eac82", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "git-hooks.nix", + "type": "github" + } + }, + "gitignore": { + "inputs": { + "nixpkgs": [ + "mailserver", + "git-hooks", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1709087332, + "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", + "owner": "hercules-ci", + "repo": "gitignore.nix", + "rev": "637db329424fd7e46cf4185293b9cc8c88c95394", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "gitignore.nix", + "type": "github" + } + }, "helix": { "inputs": { - "flake-utils": "flake-utils", "nixpkgs": [ "nixpkgs" ], "rust-overlay": "rust-overlay" }, "locked": { - "lastModified": 1742479163, - "narHash": "sha256-YC0zdGyZMu7seA2Jm1mxtcxE4lSeVwvCPMfWzJ8+o/c=", + "lastModified": 1748702599, + "narHash": "sha256-cXzTGHrZsT4wSxlLvw2ZlHPVjC/MA2W0sI/KF1yStbY=", "owner": "helix-editor", "repo": "helix", - "rev": "b7d735ffe66a03ab5970e5f860923aada50d4e4c", + "rev": "2baff46b2578d78d817b9e128e8cc00345541f0b", "type": "github" }, "original": { @@ -379,11 +307,11 @@ ] }, "locked": { - "lastModified": 1742501496, - "narHash": "sha256-LYwyZmhckDKK7i4avmbcs1pBROpOaHi98lbjX1fmVpU=", + "lastModified": 1748737919, + "narHash": "sha256-5kvBbLYdp+n7Ftanjcs6Nv+UO6sBhelp6MIGJ9nWmjQ=", "owner": "nix-community", "repo": "home-manager", - "rev": "d725df5ad8cee60e61ee6fe3afb735e4fbc1ff41", + "rev": "5675a9686851d9626560052a032c4e14e533c1fa", "type": "github" }, "original": { @@ -395,11 +323,11 @@ "lix": { "flake": false, "locked": { - "lastModified": 1742411066, - "narHash": "sha256-8vXOKPQFRzTjapsRnTJ1nuFjUfC+AGI2ybdK5cAEHZ8=", + "lastModified": 1748588861, + "narHash": "sha256-bP9MHHCx/6Pi1TlO7Iq8X6AUoQHzyExQJNnSHSOqUUk=", "ref": "refs/heads/main", - "rev": "2491b7cc2128ee440d24768c4521c38b1859fc28", - "revCount": 17705, + "rev": "3815dd5e64fc374fa4dcc5064470cd7a7d77aaf3", + "revCount": 17966, "type": "git", "url": "https://git.lix.systems/lix-project/lix.git" }, @@ -410,7 +338,7 @@ }, "lix-module": { "inputs": { - "flake-utils": "flake-utils_2", + "flake-utils": "flake-utils", "flakey-profile": "flakey-profile", "lix": [ "lix" @@ -420,11 +348,11 @@ ] }, "locked": { - "lastModified": 1741894565, - "narHash": "sha256-2FD0NDJbEjUHloVrtEIms5miJsj1tvQCc/0YK5ambyc=", + "lastModified": 1747667424, + "narHash": "sha256-7EICjbmG6lApWKhFtwvZovdcdORY1CEe6/K7JwtpYfs=", "ref": "refs/heads/main", - "rev": "a6da43f8193d9e329bba1795c42590c27966082e", - "revCount": 136, + "rev": "3c23c6ae2aecc1f76ae7993efe1a78b5316f0700", + "revCount": 144, "type": "git", "url": "https://git.lix.systems/lix-project/nixos-module.git" }, @@ -436,18 +364,19 @@ "mailserver": { "inputs": { "blobs": "blobs", - "flake-compat": "flake-compat_2", + "flake-compat": "flake-compat", + "git-hooks": "git-hooks", "nixpkgs": [ "nixpkgs" ], - "nixpkgs-24_11": "nixpkgs-24_11" + "nixpkgs-25_05": "nixpkgs-25_05" }, "locked": { - "lastModified": 1742413977, - "narHash": "sha256-NkhM9GVu3HL+MiXtGD0TjuPCQ4GFVJPBZ8KyI2cFDGU=", + "lastModified": 1748689589, + "narHash": "sha256-ltwdNAsto54HMQFdrCprWXPFhNBfEuiCkj+GS7ZHvww=", "owner": "simple-nixos-mailserver", "repo": "nixos-mailserver", - "rev": "b4fbffe79c00f19be94b86b4144ff67541613659", + "rev": "c9f61e02aee97dc8c7d4f3739b012a992183508c", "type": "gitlab" }, "original": { @@ -456,53 +385,45 @@ "type": "gitlab" } }, - "niko-nur": { - "inputs": { - "flake-parts": "flake-parts_3", - "nixpkgs": "nixpkgs" - }, + "nh": { + "flake": false, "locked": { - "lastModified": 1723663703, - "narHash": "sha256-ubPcnvjRQCzZgaYTWOKd82xXwJKmOaPjStUOUkyRTSs=", - "owner": "nrabulinski", - "repo": "nur-packages", - "rev": "567fd42dc54f71ce1705180ad7f35f786f00ed9a", + "lastModified": 1748096601, + "narHash": "sha256-ji/9z1pRbosyKVVAIGBazyz6PjWV8bc2Ux2RdQrVDWY=", + "owner": "nix-community", + "repo": "nh", + "rev": "1ea27e73a3dcbc9950258e9054377ee677d12b9e", "type": "github" }, "original": { - "owner": "nrabulinski", - "repo": "nur-packages", + "owner": "nix-community", + "repo": "nh", "type": "github" } }, - "nix-github-actions": { - "inputs": { - "nixpkgs": [ - "attic", - "nixpkgs" - ] - }, + "nilla": { + "flake": false, "locked": { - "lastModified": 1737420293, - "narHash": "sha256-F1G5ifvqTpJq7fdkT34e/Jy9VCyzd5XfJ9TO8fHhJWE=", - "owner": "nix-community", - "repo": "nix-github-actions", - "rev": "f4158fa080ef4503c8f4c820967d946c2af31ec9", + "lastModified": 1748686039, + "narHash": "sha256-7iLzbTLtgdFtm9em3xxHO9BunN2YpgYquMLKXh5hEpQ=", + "owner": "nilla-nix", + "repo": "nilla", + "rev": "4e6038f4ebc89487194013af6a1e077dfeb00359", "type": "github" }, "original": { - "owner": "nix-community", - "repo": "nix-github-actions", + "owner": "nilla-nix", + "repo": "nilla", "type": "github" } }, "nixpkgs": { "locked": { - "lastModified": 1723603349, - "narHash": "sha256-VMg6N7MryOuvSJ8Sj6YydarnUCkL7cvMdrMcnsJnJCE=", + "lastModified": 1748662220, + "narHash": "sha256-7gGa49iB9nCnFk4h/g9zwjlQAyjtpgcFkODjcOQS0Es=", "owner": "nixos", "repo": "nixpkgs", - "rev": "daf7bb95821b789db24fc1ac21f613db0c1bf2cb", + "rev": "59138c7667b7970d205d6a05a8bfa2d78caa3643", "type": "github" }, "original": { @@ -512,61 +433,18 @@ "type": "github" } }, - "nixpkgs-24_11": { + "nixpkgs-25_05": { "locked": { - "lastModified": 1734083684, - "narHash": "sha256-5fNndbndxSx5d+C/D0p/VF32xDiJCJzyOqorOYW4JEo=", + "lastModified": 1747610100, + "narHash": "sha256-rpR5ZPMkWzcnCcYYo3lScqfuzEw5Uyfh+R0EKZfroAc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "314e12ba369ccdb9b352a4db26ff419f7c49fa84", - "type": "github" - }, - "original": { - "id": "nixpkgs", - "ref": "nixos-24.11", - "type": "indirect" - } - }, - "nixpkgs-lib": { - "locked": { - "lastModified": 1722555339, - "narHash": "sha256-uFf2QeW7eAHlYXuDktm9c25OxOyCoUOQmh5SZ9amE5Q=", - "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs/archive/a5d394176e64ab29c852d03346c1fc9b0b7d33eb.tar.gz" - }, - "original": { - "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs/archive/a5d394176e64ab29c852d03346c1fc9b0b7d33eb.tar.gz" - } - }, - "nixpkgs-stable": { - "locked": { - "lastModified": 1735563628, - "narHash": "sha256-OnSAY7XDSx7CtDoqNh8jwVwh4xNL/2HaJxGjryLWzX8=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "b134951a4c9f3c995fd7be05f3243f8ecd65d798", + "rev": "ca49c4304acf0973078db0a9d200fd2bae75676d", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-24.05", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_2": { - "locked": { - "lastModified": 1742395137, - "narHash": "sha256-WWNNjCSzQCtATpCFEijm81NNG1xqlLMVbIzXAiZysbs=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "2a725d40de138714db4872dc7405d86457aa17ad", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixpkgs-unstable", + "ref": "nixos-25.05", "repo": "nixpkgs", "type": "github" } @@ -593,22 +471,21 @@ }, "root": { "inputs": { + "__flake-compat": "__flake-compat", "agenix": "agenix", "attic": "attic", "conduit-src": "conduit-src", "crane": "crane", "darwin": "darwin", "disko": "disko", - "fenix": "fenix", - "firefox-darwin": "firefox-darwin", - "flake-parts": "flake-parts_2", "helix": "helix", "home-manager": "home-manager", "lix": "lix", "lix-module": "lix-module", "mailserver": "mailserver", - "niko-nur": "niko-nur", - "nixpkgs": "nixpkgs_2", + "nh": "nh", + "nilla": "nilla", + "nixpkgs": "nixpkgs", "racket": "racket", "treefmt": "treefmt", "wrapper-manager": "wrapper-manager", @@ -616,23 +493,6 @@ "zjstatus": "zjstatus" } }, - "rust-analyzer-src": { - "flake": false, - "locked": { - "lastModified": 1742296961, - "narHash": "sha256-gCpvEQOrugHWLimD1wTFOJHagnSEP6VYBDspq96Idu0=", - "owner": "rust-lang", - "repo": "rust-analyzer", - "rev": "15d87419f1a123d8f888d608129c3ce3ff8f13d4", - "type": "github" - }, - "original": { - "owner": "rust-lang", - "ref": "nightly", - "repo": "rust-analyzer", - "type": "github" - } - }, "rust-overlay": { "inputs": { "nixpkgs": [ @@ -662,11 +522,11 @@ ] }, "locked": { - "lastModified": 1739240901, - "narHash": "sha256-YDtl/9w71m5WcZvbEroYoWrjECDhzJZLZ8E68S3BYok=", + "lastModified": 1743682350, + "narHash": "sha256-S/MyKOFajCiBm5H5laoE59wB6w0NJ4wJG53iAPfYW3k=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "03473e2af8a4b490f4d2cdb2e4d3b75f82c8197c", + "rev": "c4a8327b0f25d1d81edecbb6105f74d7cf9d7382", "type": "github" }, "original": { @@ -720,21 +580,6 @@ "type": "github" } }, - "systems_4": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, "treefmt": { "inputs": { "nixpkgs": [ @@ -742,11 +587,11 @@ ] }, "locked": { - "lastModified": 1742370146, - "narHash": "sha256-XRE8hL4vKIQyVMDXykFh4ceo3KSpuJF3ts8GKwh5bIU=", + "lastModified": 1748243702, + "narHash": "sha256-9YzfeN8CB6SzNPyPm2XjRRqSixDopTapaRsnTpXUEY8=", "owner": "numtide", "repo": "treefmt-nix", - "rev": "adc195eef5da3606891cedf80c0d9ce2d3190808", + "rev": "1f3f7b784643d488ba4bf315638b2b0a4c5fb007", "type": "github" }, "original": { @@ -789,11 +634,11 @@ ] }, "locked": { - "lastModified": 1707430137, - "narHash": "sha256-QeYv+l7v5raFE5vpnxicFRK0LIRPvbpxsMKqwkRqtBc=", + "lastModified": 1748551590, + "narHash": "sha256-SwTvZHFrPUxaWm1DFOmRMDP813sMhvKpd8onQBNJIeo=", "owner": "nrabulinski", "repo": "wrapper-manager-hm-compat", - "rev": "16b0cf2e5f157ffe79114927d6006dc71dbe2210", + "rev": "f4cffb7d2f9aa5c6fc652a065bea7dfea5856fee", "type": "github" }, "original": { @@ -804,21 +649,19 @@ }, "zjstatus": { "inputs": { - "crane": [ - "crane" - ], - "flake-utils": "flake-utils_3", + "crane": "crane_2", + "flake-utils": "flake-utils_2", "nixpkgs": [ "nixpkgs" ], "rust-overlay": "rust-overlay_2" }, "locked": { - "lastModified": 1741803511, - "narHash": "sha256-DcCGBWvAvt+OWI+EcPRO+/IXZHkFgPxZUmxf2VLl8no=", + "lastModified": 1745230073, + "narHash": "sha256-OER99U7MiqQ47myvbsiljsax7OsK19NMds4NBM9XXLs=", "owner": "dj95", "repo": "zjstatus", - "rev": "df9c77718f7023de8406e593eda6b5b0bc09cddd", + "rev": "a819e3bfe6bfef0438d811cdbb1bcfdc29912c62", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 821117f..594009f 100644 --- a/flake.nix +++ b/flake.nix @@ -1,86 +1,8 @@ { - outputs = - inputs@{ flake-parts, ... }: - flake-parts.lib.mkFlake { inherit inputs; } { - systems = [ - "x86_64-linux" - "aarch64-linux" - "aarch64-darwin" - ]; - - imports = [ - inputs.treefmt.flakeModule - - ./assets - ./hosts - ./modules - ./wrappers - ./pkgs - ./services - ]; - - perSystem = - { - inputs', - self', - pkgs, - ... - }: - { - devShells.default = pkgs.mkShellNoCC { - packages = [ - inputs'.agenix.packages.agenix - self'.packages.attic-client - # TODO: Contribute darwin support to nh - pkgs.nh - ]; - }; - - packages = { - # Re-export it for convenience and for caching - inherit (inputs'.attic.packages) attic-client attic-server; - base-packages = pkgs.symlinkJoin { - name = "settei-base"; - paths = with self'.packages; [ - helix - fish - git-commit-last - git-fixup - ]; - }; - }; - - treefmt = { - programs.deadnix.enable = true; - programs.nixfmt.enable = true; - programs.statix.enable = true; - programs.fish_indent.enable = true; - programs.deno.enable = true; - programs.stylua.enable = true; - programs.shfmt.enable = true; - settings.global.excludes = [ - # agenix - "*.age" - - # racket - "*.rkt" - "**/rashrc" - - # custom assets - "*.png" - "*.svg" - ]; - settings.on-unmatched = "fatal"; - }; - }; - }; + outputs = inputs: (import ./nilla.nix { inherit inputs; }).flake; inputs = { nixpkgs.url = "github:nixos/nixpkgs?ref=nixpkgs-unstable"; - flake-parts = { - url = "github:hercules-ci/flake-parts"; - inputs.nixpkgs-lib.follows = "nixpkgs"; - }; disko = { url = "github:nix-community/disko"; inputs.nixpkgs.follows = "nixpkgs"; @@ -125,26 +47,13 @@ url = "gitlab:famedly/conduit?ref=next"; flake = false; }; - fenix = { - url = "github:nix-community/fenix"; - inputs.nixpkgs.follows = "nixpkgs"; + attic = { + url = "git+https://git.lix.systems/nrabulinski/attic.git"; + flake = false; }; crane = { url = "github:ipetkov/crane"; - }; - firefox-darwin = { - url = "github:bandithedoge/nixpkgs-firefox-darwin"; - inputs.nixpkgs.follows = "nixpkgs"; - }; - niko-nur = { - url = "github:nrabulinski/nur-packages"; - }; - attic = { - url = "git+https://git.lix.systems/nrabulinski/attic.git"; - inputs.nixpkgs.follows = "nixpkgs"; - inputs.crane.follows = "crane"; - inputs.lix.follows = "lix"; - inputs.lix-module.follows = "lix-module"; + flake = false; }; helix = { url = "github:helix-editor/helix"; @@ -153,7 +62,6 @@ zjstatus = { url = "github:dj95/zjstatus"; inputs.nixpkgs.follows = "nixpkgs"; - inputs.crane.follows = "crane"; }; lix = { url = "git+https://git.lix.systems/lix-project/lix.git"; @@ -168,27 +76,17 @@ url = "github:numtide/treefmt-nix"; inputs.nixpkgs.follows = "nixpkgs"; }; - }; - - /* - TODO: Uncomment once (if ever?) nixConfig makes sense in flakes - nixConfig = { - extra-substituters = [ - "https://hyprland.cachix.org" - "https://cache.garnix.io" - "https://nix-community.cachix.org" - "https://hercules-ci.cachix.org" - "https://nrabulinski.cachix.org" - "https://cache.nrab.lol" - ]; - extra-trusted-public-keys = [ - "hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc=" - "cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g=" - "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" - "hercules-ci.cachix.org-1:ZZeDl9Va+xe9j+KqdzoBZMFJHVQ42Uu/c/1/KMC5Lw0=" - "nrabulinski.cachix.org-1:Q5FD7+1c68uH74CQK66UWNzxhanZW8xcg1LFXxGK8ic=" - "cache.nrab.lol-1:CJl1TouOyuJ1Xh4tZSXLwm3Upt06HzUNZmeyuEB9EZg=" - ]; + __flake-compat = { + url = "git+https://git.lix.systems/lix-project/flake-compat.git"; + flake = false; }; - */ + nilla = { + url = "github:nilla-nix/nilla"; + flake = false; + }; + nh = { + url = "github:nix-community/nh"; + flake = false; + }; + }; } diff --git a/hosts/default.nix b/hosts/default.nix index d8ed8b3..5f8d069 100644 --- a/hosts/default.nix +++ b/hosts/default.nix @@ -1,11 +1,9 @@ { config, - self, inputs, - ... }: { - imports = [ + includes = [ ./kazuki ./hijiri-vm ./hijiri @@ -16,58 +14,40 @@ ./youko ]; - builders = + config.systems.builders = let sharedOptions = { _file = ./default.nix; settei.sane-defaults.allSshKeys = config.assets.sshKeys.user; settei.flake-qol.inputs = inputs // { - settei = self; + settei = inputs.self; }; }; - - baseNixos = inputs.nixpkgs.lib.nixosSystem { - modules = [ - self.nixosModules.combined - sharedOptions - ]; - specialArgs.configurationName = "base"; - }; - - baseDarwin = inputs.darwin.lib.darwinSystem { - modules = [ - self.darwinModules.combined - sharedOptions - ]; - specialArgs.configurationName = "base"; - }; in { nixos = name: module: - baseNixos.extendModules { + inputs.nixpkgs.lib.nixosSystem { modules = [ + config.nixosModules.combined + sharedOptions module - config.__extraHostConfigs.${name} or { } + config.extraHostConfigs.${name} or { } ]; specialArgs.configurationName = name; }; darwin = name: module: - let - eval = baseDarwin._module.args.extendModules { - modules = [ - module - config.__extraHostConfigs.${name} or { } - ]; - specialArgs.configurationName = name; - }; - in - eval - // { - system = eval.config.system.build.toplevel; + inputs.darwin.lib.darwinSystem { + modules = [ + config.darwinModules.combined + sharedOptions + module + config.extraHostConfigs.${name} or { } + ]; + specialArgs.configurationName = name; }; }; } diff --git a/hosts/hijiri-vm/default.nix b/hosts/hijiri-vm/default.nix index db26c63..94350be 100644 --- a/hosts/hijiri-vm/default.nix +++ b/hosts/hijiri-vm/default.nix @@ -1,5 +1,5 @@ { - configurations.nixos.hijiri-vm = + config.systems.nixos.hijiri-vm.module = { modulesPath, lib, diff --git a/hosts/hijiri/default.nix b/hosts/hijiri/default.nix index bb7db92..66defb4 100644 --- a/hosts/hijiri/default.nix +++ b/hosts/hijiri/default.nix @@ -1,5 +1,5 @@ { - configurations.darwin.hijiri = + config.systems.darwin.hijiri.module = { config, pkgs, diff --git a/hosts/hijiri/skhd.nix b/hosts/hijiri/skhd.nix index fd7f9c3..4454cad 100644 --- a/hosts/hijiri/skhd.nix +++ b/hosts/hijiri/skhd.nix @@ -4,7 +4,7 @@ enable = true; skhdConfig = let - spaceCount = 6; + spaceCount = 9; spaceBindings = lib.genList ( i: let diff --git a/hosts/installer/default.nix b/hosts/installer/default.nix index 24bdef8..a1692c6 100644 --- a/hosts/installer/default.nix +++ b/hosts/installer/default.nix @@ -1,6 +1,6 @@ { lib, ... }: { - configurations.nixos = + config.configurations.nixos = let mkInstaller = system: diff --git a/hosts/kazuki/default.nix b/hosts/kazuki/default.nix index 8464cb5..e4a51ad 100644 --- a/hosts/kazuki/default.nix +++ b/hosts/kazuki/default.nix @@ -1,5 +1,5 @@ { - configurations.nixos.kazuki = + config.systems.nixos.kazuki.module = { modulesPath, ... diff --git a/hosts/kazuki/mail.nix b/hosts/kazuki/mail.nix index 4be5d1c..122cc7f 100644 --- a/hosts/kazuki/mail.nix +++ b/hosts/kazuki/mail.nix @@ -37,6 +37,8 @@ }; certificateScheme = "acme-nginx"; + + stateVersion = 2; }; # TODO: Remove once SNM gets their shit together diff --git a/hosts/kogata/default.nix b/hosts/kogata/default.nix index 6bf9e2f..d5ac7cb 100644 --- a/hosts/kogata/default.nix +++ b/hosts/kogata/default.nix @@ -1,5 +1,5 @@ { - configurations.darwin.kogata = + config.systems.darwin.kogata.module = { pkgs, ... }: { nixpkgs.system = "aarch64-darwin"; diff --git a/hosts/ude/default.nix b/hosts/ude/default.nix index d395fbd..62ffb2e 100644 --- a/hosts/ude/default.nix +++ b/hosts/ude/default.nix @@ -1,5 +1,5 @@ { - configurations.nixos.ude = + config.systems.nixos.ude.module = { config, modulesPath, diff --git a/hosts/youko/default.nix b/hosts/youko/default.nix index 3a2fe49..456630a 100644 --- a/hosts/youko/default.nix +++ b/hosts/youko/default.nix @@ -1,5 +1,19 @@ +{ config, lib, ... }: +let + builderUsers = lib.fp.pipe [ + (lib.attrs.filter ( + name: _: + !builtins.elem name [ + "youko" + "kazuki" + "ude" + ] + )) + builtins.attrValues + ] config.assets.sshKeys.system; +in { - configurations.nixos.youko = + config.systems.nixos.youko.module = { config, lib, @@ -31,6 +45,11 @@ settei.desktop.enable = true; }; + settei.remote-builder = { + enable = true; + sshKeys = builderUsers; + }; + services.udisks2.enable = true; settei.incus.enable = true; virtualisation.podman.enable = true; diff --git a/inputs.nix b/inputs.nix new file mode 100644 index 0000000..3df77fd --- /dev/null +++ b/inputs.nix @@ -0,0 +1,16 @@ +let + lock = builtins.fromJSON (builtins.readFile ./flake.lock); + nodeName = lock.nodes.root.inputs.__flake-compat; + inherit (lock.nodes.${nodeName}.locked) narHash rev url; + flake-compat = builtins.fetchTarball { + url = "${url}/archive/${rev}.tar.gz"; + sha256 = narHash; + }; + flake = import flake-compat { + src = ./.; + copySourceTreeToStore = false; + useBuiltinsFetchTree = true; + }; +in +# Workaround for https://github.com/nilla-nix/nilla/issues/14 +builtins.mapAttrs (_: input: input // { type = "derivation"; }) flake.inputs diff --git a/modules/default.nix b/modules/default.nix index 24a8f46..4b28fee 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -1,29 +1,21 @@ { config, inputs, - ... }: let - flakeModule = import ./flake { inherit (inputs) nixpkgs darwin home-manager; }; + perInput = system: flake: { + packages = flake.packages.${system}; + }; in { - imports = [ - flakeModule - ]; - - flake.homeModules = rec { + config.homeModules = rec { settei = ./home; default = settei; }; - flake.flakeModules = rec { - settei = flakeModule; - default = settei; - }; - - flake.nixosModules = rec { + config.nixosModules = rec { settei = import ./system { - inherit (config) perInput; + inherit perInput; isLinux = true; }; combined = { @@ -33,21 +25,28 @@ in inputs.disko.nixosModules.disko inputs.mailserver.nixosModules.default inputs.home-manager.nixosModules.home-manager - inputs.attic.nixosModules.atticd + "${inputs.attic}/nixos/atticd.nix" inputs.lix-module.nixosModules.default { disabledModules = [ "services/networking/atticd.nix" ]; + services.atticd.useFlakeCompatOverlay = false; + nixpkgs.overlays = [ + (final: _: { + attic-client = config.packages.attic-client.result.${final.system}; + attic-server = config.packages.attic-server.result.${final.system}; + }) + ]; } ]; }; default = combined; }; - flake.darwinModules = rec { + config.darwinModules = rec { settei = import ./system { - inherit (config) perInput; + inherit perInput; isLinux = false; }; combined = { diff --git a/modules/flake/configurations.nix b/modules/flake/configurations.nix deleted file mode 100644 index 67ccc1b..0000000 --- a/modules/flake/configurations.nix +++ /dev/null @@ -1,54 +0,0 @@ -{ - nixpkgs, - darwin, - home-manager, -}: -{ - config, - lib, - ... -}: -with lib; -{ - _file = ./configurations.nix; - - options = { - # Those functions take the final arguments and emit a valid configuration. - # Probably should hardly ever be overriden - builders = { - nixos = mkOption { - type = types.functionTo types.unspecified; - default = _name: nixpkgs.lib.nixosSystem; - }; - darwin = mkOption { - type = types.functionTo types.unspecified; - default = _name: darwin.lib.darwinSystem; - }; - home = mkOption { - type = types.functionTo types.unspecified; - default = _name: home-manager.lib.homeManagerConfiguration; - }; - }; - - configurations = { - nixos = mkOption { - type = types.lazyAttrsOf types.deferredModule; - default = { }; - }; - darwin = mkOption { - type = types.lazyAttrsOf types.deferredModule; - default = { }; - }; - home = mkOption { - type = types.lazyAttrsOf types.deferredModule; - default = { }; - }; - }; - }; - - config.flake = { - nixosConfigurations = mapAttrs config.builders.nixos config.configurations.nixos; - darwinConfigurations = mapAttrs config.builders.darwin config.configurations.darwin; - homeConfigurations = mapAttrs config.builders.home config.configurations.home; - }; -} diff --git a/modules/flake/default.nix b/modules/flake/default.nix deleted file mode 100644 index 78bb73d..0000000 --- a/modules/flake/default.nix +++ /dev/null @@ -1,13 +0,0 @@ -{ - nixpkgs, - darwin, - home-manager, -}: -{ - _file = ./default.nix; - - imports = [ - (import ./configurations.nix { inherit nixpkgs darwin home-manager; }) - ./services.nix - ]; -} diff --git a/modules/flake/services.nix b/modules/flake/services.nix deleted file mode 100644 index f2f07d4..0000000 --- a/modules/flake/services.nix +++ /dev/null @@ -1,95 +0,0 @@ -# List of features I want this module to eventually have -# TODO: Automatic port allocation -# TODO: Making it possible to conveniently isolate services (running them in NixOS containers) -# TODO: Handling specializations -# TODO: Convenient http handling -# TODO: Automatic backup -{ config, lib, ... }: -let - serviceModule = - { config, ... }: - { - options = { - host = lib.mkOption { - type = lib.types.str; - }; - ports = lib.mkOption { - type = with lib.types; listOf port; - default = [ ]; - }; - hosts = lib.mkOption { - type = with lib.types; listOf str; - default = [ config.host ]; - }; - config = lib.mkOption { - type = lib.types.deferredModule; - default = { }; - }; - hostConfig = lib.mkOption { - type = with lib.types; attrsOf deferredModule; - default = { }; - }; - }; - }; - - moduleToHostConfigs = - cfg: - lib.genAttrs cfg.hosts (host: { - imports = [ - cfg.config - (cfg.hostConfig.${host} or { }) - ]; - }); - - maybeGetPreviousConfigs = acc: host: (acc.${host} or { imports = [ ]; }).imports; -in -{ - _file = ./services.nix; - - options = { - services = lib.mkOption { - type = with lib.types; attrsOf (submodule serviceModule); - default = { }; - }; - - __extraHostConfigs = lib.mkOption { - type = with lib.types; attrsOf deferredModule; - readOnly = true; - }; - }; - - config.__extraHostConfigs = - let - duplicatePorts = lib.pipe config.services [ - lib.attrValues - (map (cfg: cfg.ports)) - lib.flatten - (lib.groupBy' (cnt: _: cnt + 1) 0 toString) - (lib.filterAttrs (_: cnt: cnt > 1)) - lib.attrNames - ]; - assertMsg = - let - plural = lib.length duplicatePorts > 1; - in - "\nBad service config:\nThe following port${if plural then "s" else ""} ${ - if plural then "were" else "was" - } declared multiple times: ${lib.concatStringsSep ", " duplicatePorts}"; - # Here I collect all the services..config into a flat - # __extraHostConfigs..imports = [ - # ... - # ] - # so that I can easily import them in hosts/default.nix - hostConfigs = lib.pipe config.services [ - lib.attrValues - (lib.foldl' ( - acc: cfg: - acc - // lib.mapAttrs (host: c: { - imports = c.imports ++ (maybeGetPreviousConfigs acc host); - }) (moduleToHostConfigs cfg) - ) { }) - ]; - in - if duplicatePorts != [ ] then throw assertMsg else hostConfigs; -} diff --git a/modules/home/default.nix b/modules/home/default.nix index f11fcaa..cd62227 100644 --- a/modules/home/default.nix +++ b/modules/home/default.nix @@ -1,7 +1,6 @@ # TODO: Make this module not rely on OS config being present { osConfig, - pkgs, lib, inputs', machineName, @@ -59,7 +58,6 @@ in home.packages = [ inputs'.settei.packages.base-packages - pkgs.nh ]; home.sessionVariables.EDITOR = "hx"; diff --git a/modules/home/desktop/default.nix b/modules/home/desktop/default.nix index 825d69c..b25eca0 100644 --- a/modules/home/desktop/default.nix +++ b/modules/home/desktop/default.nix @@ -2,14 +2,16 @@ config, lib, pkgs, - inputs, inputs', ... }: { _file = ./default.nix; - imports = [ ./zellij.nix ]; + imports = [ + ./zellij.nix + ./qutebrowser.nix + ]; options.settei.desktop = { enable = lib.mkEnableOption "Common configuration for desktop machines"; @@ -21,56 +23,12 @@ nerd-fonts.iosevka nerd-fonts.iosevka-term fontconfig - signal-desktop + signal-desktop-bin ]; - settei.unfree.allowedPackages = [ "signal-desktop" ]; + settei.unfree.allowedPackages = [ "signal-desktop-bin" ]; fonts.fontconfig.enable = true; - programs.firefox = { - enable = true; - package = - let - firefox-pkgs = pkgs.extend inputs.firefox-darwin.overlay; - in - lib.mkIf pkgs.stdenv.isDarwin firefox-pkgs.firefox-bin; - }; - - programs.qutebrowser = { - enable = true; - package = - if pkgs.stdenv.isDarwin then inputs'.niko-nur.packages.qutebrowser-bin else pkgs.qutebrowser; - searchEngines = { - r = "https://doc.rust-lang.org/stable/std/?search={}"; - lib = "https://lib.rs/search?q={}"; - nip = "https://jisho.org/search/{}"; - }; - settings = { - tabs = { - indicator.width = 3; - }; - - fonts = { - default_family = "IosevkaTerm Nerd Font"; - default_size = "13px"; - }; - - content = { - canvas_reading = true; - blocking.method = "both"; - javascript.clipboard = "access"; - }; - }; - # Workaround because the nix module doesn't properly handle options that expect a dict - extraConfig = '' - c.tabs.padding = { 'top': 5, 'bottom': 5, 'right': 10, 'left': 10 } - c.statusbar.padding = { 'top': 5, 'bottom': 5, 'right': 10, 'left': 10 } - ''; - keyBindings = { - passthrough = { - "" = "mode-leave"; - }; - }; - }; + programs.firefox.enable = true; }; } diff --git a/modules/home/desktop/qutebrowser.nix b/modules/home/desktop/qutebrowser.nix new file mode 100644 index 0000000..569e8e1 --- /dev/null +++ b/modules/home/desktop/qutebrowser.nix @@ -0,0 +1,38 @@ +{ pkgs, ... }: +{ + programs.qutebrowser = { + # TODO: Enable again + enable = pkgs.stdenv.isLinux; + searchEngines = { + r = "https://doc.rust-lang.org/stable/std/?search={}"; + lib = "https://lib.rs/search?q={}"; + nip = "https://jisho.org/search/{}"; + }; + settings = { + tabs = { + indicator.width = 3; + }; + + fonts = { + default_family = "IosevkaTerm Nerd Font"; + default_size = "13px"; + }; + + content = { + canvas_reading = true; + blocking.method = "both"; + javascript.clipboard = "access"; + }; + }; + # Workaround because the nix module doesn't properly handle options that expect a dict + extraConfig = '' + c.tabs.padding = { 'top': 5, 'bottom': 5, 'right': 10, 'left': 10 } + c.statusbar.padding = { 'top': 5, 'bottom': 5, 'right': 10, 'left': 10 } + ''; + keyBindings = { + passthrough = { + "" = "mode-leave"; + }; + }; + }; +} diff --git a/modules/nilla/builders/custom-load.nix b/modules/nilla/builders/custom-load.nix new file mode 100644 index 0000000..b340dec --- /dev/null +++ b/modules/nilla/builders/custom-load.nix @@ -0,0 +1,8 @@ +{ lib }: +{ + config.builders.custom-load = { + settings.type = lib.types.submodule { }; + settings.default = { }; + build = pkg: lib.attrs.generate pkg.systems (system: pkg.package { inherit system; }); + }; +} diff --git a/modules/nilla/builders/default.nix b/modules/nilla/builders/default.nix new file mode 100644 index 0000000..fa73437 --- /dev/null +++ b/modules/nilla/builders/default.nix @@ -0,0 +1,6 @@ +{ + includes = [ + ./nixpkgs-flake.nix + ./custom-load.nix + ]; +} diff --git a/modules/nilla/builders/nixpkgs-flake.nix b/modules/nilla/builders/nixpkgs-flake.nix new file mode 100644 index 0000000..e0dbcea --- /dev/null +++ b/modules/nilla/builders/nixpkgs-flake.nix @@ -0,0 +1,21 @@ +{ + config, + lib, + inputs, +}: +{ + config.builders.nixpkgs-flake = { + settings.type = lib.types.submodule { + options.args = lib.options.create { + type = lib.types.any; + default.value = { }; + }; + }; + settings.default = { }; + build = + pkg: + lib.attrs.generate pkg.systems ( + system: inputs.nixpkgs.legacyPackages.${system}.callPackage pkg.package pkg.settings.args + ); + }; +} diff --git a/modules/nilla/default.nix b/modules/nilla/default.nix new file mode 100644 index 0000000..0cab965 --- /dev/null +++ b/modules/nilla/default.nix @@ -0,0 +1,9 @@ +{ + includes = [ + ./builders + ./services.nix + ./systems.nix + ./modules.nix + ./flake.nix + ]; +} diff --git a/modules/nilla/flake.nix b/modules/nilla/flake.nix new file mode 100644 index 0000000..0193f2d --- /dev/null +++ b/modules/nilla/flake.nix @@ -0,0 +1,32 @@ +{ lib, config }: +let + systems = [ + "x86_64-linux" + "aarch64-linux" + "aarch64-darwin" + ]; + transpose = + attrs: lib.attrs.generate systems (system: builtins.mapAttrs (_: pkg: pkg.result.${system}) attrs); +in +{ + options.flake = lib.options.create { + type = lib.types.attrs.of lib.types.raw; + }; + + config.flake = { + inherit (config) + nixosModules + darwinModules + homeModules + ; + + nixosConfigurations = builtins.mapAttrs (_: system: system.result) config.systems.nixos; + darwinConfigurations = builtins.mapAttrs (_: system: system.result) config.systems.darwin; + homeConfigurations = builtins.mapAttrs (_: system: system.result) config.systems.home; + + devShells = transpose config.shells; + packages = transpose config.packages; + + formatter = config.packages.formatter.result; + }; +} diff --git a/modules/nilla/modules.nix b/modules/nilla/modules.nix new file mode 100644 index 0000000..7b8a6dc --- /dev/null +++ b/modules/nilla/modules.nix @@ -0,0 +1,17 @@ +{ lib }: +{ + options = { + nixosModules = lib.options.create { + type = lib.types.attrs.of lib.types.raw; + default.value = { }; + }; + darwinModules = lib.options.create { + type = lib.types.attrs.of lib.types.raw; + default.value = { }; + }; + homeModules = lib.options.create { + type = lib.types.attrs.of lib.types.raw; + default.value = { }; + }; + }; +} diff --git a/modules/nilla/services.nix b/modules/nilla/services.nix new file mode 100644 index 0000000..1045a4a --- /dev/null +++ b/modules/nilla/services.nix @@ -0,0 +1,95 @@ +{ lib, config }: +let + inherit (builtins) + attrNames + attrValues + concatStringsSep + mapAttrs + foldl' + groupBy + length + ; + serviceModule = + { config }: + { + options = { + host = lib.options.create { + type = lib.types.string; + }; + ports = lib.options.create { + type = lib.types.list.of lib.types.port; + default.value = [ ]; + }; + hosts = lib.options.create { + type = lib.types.list.of lib.types.string; + default.value = [ config.host ]; + }; + module = lib.options.create { + type = lib.types.raw; + default.value = { }; + }; + hostModule = lib.options.create { + type = lib.types.attrs.of lib.types.raw; + default.value = { }; + }; + }; + }; + + moduleToHostConfigs = + cfg: + lib.attrs.generate cfg.hosts (host: { + imports = [ + cfg.module + (cfg.hostModule.${host} or { }) + ]; + }); + + maybeGetPreviousConfigs = acc: host: (acc.${host} or { imports = [ ]; }).imports; + + # Copied from nixpkgs/lib/lists.nix + groupBy' = + op: nul: pred: lst: + mapAttrs (_name: foldl' op nul) (groupBy pred lst); + duplicatePorts = lib.fp.pipe [ + attrValues + (map (cfg: cfg.ports)) + lib.lists.flatten + (groupBy' (cnt: _: cnt + 1) 0 toString) + (lib.attrs.filter (_: cnt: cnt > 1)) + attrNames + ] config.services; +in +{ + options.services = lib.options.create { + type = lib.types.attrs.of (lib.types.submodule serviceModule); + default.value = { }; + }; + + options.extraHostConfigs = lib.options.create { + type = lib.types.attrs.of lib.types.raw; + writable = false; + default.value = lib.fp.pipe [ + attrValues + (foldl' ( + acc: cfg: + acc + // mapAttrs (host: c: { + imports = c.imports ++ (maybeGetPreviousConfigs acc host); + }) (moduleToHostConfigs cfg) + ) { }) + ] config.services; + }; + + config.assertions = [ + { + assertion = duplicatePorts == [ ]; + message = + let + plural = length duplicatePorts > 1; + in + "\nBad service config:\nThe following port${if plural then "s" else ""} ${ + if plural then "were" else "was" + } declared multiple times: ${concatStringsSep ", " duplicatePorts}"; + } + ]; +} diff --git a/modules/nilla/systems.nix b/modules/nilla/systems.nix new file mode 100644 index 0000000..63b349a --- /dev/null +++ b/modules/nilla/systems.nix @@ -0,0 +1,52 @@ +{ config, lib }: +let + mkBuilderOption = + typ: + lib.options.create { + type = lib.types.function (lib.types.function lib.types.raw); + default.value = _name: _module: throw "Builder for systems.${typ} is not implemented"; + }; + inherit (config.systems) builders; + mkSystemModule = + typ: + { config, name }: + { + options = { + name = lib.options.create { + type = lib.types.string; + default.value = name; + }; + module = lib.options.create { + type = lib.types.raw; + default.value = { }; + }; + builder = lib.options.create { + type = lib.types.function (lib.types.function lib.types.raw); + default.value = builders.${typ}; + }; + result = lib.options.create { + type = lib.types.raw; + writable = false; + default.value = config.builder config.name config.module; + }; + }; + }; + mkSystemOption = + typ: + lib.options.create { + type = lib.types.attrs.of (lib.types.submodule (mkSystemModule typ)); + default.value = { }; + }; +in +{ + options = { + systems = { + builders.nixos = mkBuilderOption "nixos"; + builders.darwin = mkBuilderOption "darwin"; + builders.home = mkBuilderOption "home"; + nixos = mkSystemOption "nixos"; + darwin = mkSystemOption "darwin"; + home = mkSystemOption "home"; + }; + }; +} diff --git a/modules/system/builder.nix b/modules/system/builder.nix new file mode 100644 index 0000000..c19b769 --- /dev/null +++ b/modules/system/builder.nix @@ -0,0 +1,49 @@ +{ isLinux }: +{ + config, + lib, + pkgs, + ... +}: +let + cfg = config.settei.remote-builder; + + sharedConfig = { + users.users.${cfg.user} = { + shell = pkgs.bash; + openssh.authorizedKeys.keys = cfg.sshKeys; + }; + + nix.settings.trusted-users = [ cfg.user ]; + }; + + linuxConfig = lib.optionalAttrs isLinux { + users.users.${cfg.user} = { + isSystemUser = true; + group = cfg.user; + }; + users.groups.${cfg.user} = { }; + }; + + mergedConfig = lib.mkMerge [ + sharedConfig + linuxConfig + ]; +in +{ + _file = ./builder.nix; + + options.settei.remote-builder = { + enable = lib.mkEnableOption "configuring this machine as a remote builder"; + user = lib.mkOption { + type = lib.types.str; + default = "nixremote"; + }; + sshKeys = lib.mkOption { + type = lib.types.listOf lib.types.singleLineStr; + default = [ ]; + }; + }; + + config = lib.mkIf cfg.enable mergedConfig; +} diff --git a/modules/system/default.nix b/modules/system/default.nix index 4b82bd1..bb16c05 100644 --- a/modules/system/default.nix +++ b/modules/system/default.nix @@ -22,10 +22,10 @@ (import ./tailscale.nix { inherit isLinux; }) (import ./containers.nix { inherit isLinux; }) ./unfree.nix - (import ./hercules.nix { inherit isLinux; }) (import ./github-runner.nix { inherit isLinux; }) (import ./incus.nix { inherit isLinux; }) (import ./monitoring.nix { inherit isLinux; }) + (import ./builder.nix { inherit isLinux; }) ]; options.settei = with lib; { diff --git a/modules/system/flake-qol.nix b/modules/system/flake-qol.nix index 38a5228..d3e2f10 100644 --- a/modules/system/flake-qol.nix +++ b/modules/system/flake-qol.nix @@ -7,6 +7,18 @@ }: let cfg = config.settei.flake-qol; + + nixpkgsInputToFlakeRef = + input: + if input._type or "" == "flake" then + { + type = "github"; + owner = "NixOS"; + repo = "nixpkgs"; + inherit (input) lastModified narHash rev; + } + else + input; in { _file = ./flake-qol.nix; @@ -20,6 +32,12 @@ in default = true; }; inputs = mkOption { type = types.unspecified; }; + nixpkgsRef = mkOption { + type = types.unspecified; + default = cfg.inputs.nixpkgs; + apply = + ref: if builtins.isString ref then builtins.parseFlakeRef ref else nixpkgsInputToFlakeRef ref; + }; inputs-flakes = mkOption { type = types.attrs; readOnly = true; @@ -44,8 +62,8 @@ in settei.user.extraArgs = reexportedArgs; nix = { - registry = lib.mapAttrs (_: flake: { inherit flake; }) cfg.inputs-flakes; - nixPath = lib.mapAttrsToList (name: _: "${name}=flake:${name}") cfg.inputs-flakes; + registry.nixpkgs.to = cfg.nixpkgsRef; + nixPath = [ "nixpkgs=flake:nixpkgs" ]; }; }; } diff --git a/modules/system/hercules.nix b/modules/system/hercules.nix deleted file mode 100644 index a5fba52..0000000 --- a/modules/system/hercules.nix +++ /dev/null @@ -1,47 +0,0 @@ -{ isLinux }: -{ - config, - lib, - ... -}: -let - options = { - settei.hercules.enable = lib.mkEnableOption "Enables hercules-ci-agent with my configuration"; - }; - - herculesUser = - if isLinux then - config.systemd.services.hercules-ci-agent.serviceConfig.User - else - config.launchd.daemons.hercules-ci-agent.serviceConfig.UserName; -in -{ - _file = ./hercules.nix; - - inherit options; - - config = lib.mkIf config.settei.hercules.enable { - age.secrets.hercules-token = { - file = ../../../secrets/hercules-token.age; - owner = herculesUser; - }; - age.secrets.hercules-cache = { - file = ../../../secrets/hercules-cache.age; - owner = herculesUser; - }; - age.secrets.hercules-secrets = { - file = ../../../secrets/hercules-secrets.age; - owner = herculesUser; - }; - - services.hercules-ci-agent = { - enable = true; - settings = { - clusterJoinTokenPath = config.age.secrets.hercules-token.path; - concurrentTasks = lib.mkDefault 4; - binaryCachesPath = config.age.secrets.hercules-cache.path; - secretsJsonPath = config.age.secrets.hercules-secrets.path; - }; - }; - }; -} diff --git a/modules/system/sane-defaults.nix b/modules/system/sane-defaults.nix index ae4a097..2df8471 100644 --- a/modules/system/sane-defaults.nix +++ b/modules/system/sane-defaults.nix @@ -62,15 +62,11 @@ let "https://cache.nrab.lol" "https://cache.garnix.io" "https://nix-community.cachix.org" - "https://hyprland.cachix.org" - "https://hercules-ci.cachix.org" "https://nrabulinski.cachix.org" ]; extra-trusted-public-keys = [ - "hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc=" "cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g=" "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" - "hercules-ci.cachix.org-1:ZZeDl9Va+xe9j+KqdzoBZMFJHVQ42Uu/c/1/KMC5Lw0=" "nrabulinski.cachix.org-1:Q5FD7+1c68uH74CQK66UWNzxhanZW8xcg1LFXxGK8ic=" "cache.nrab.lol-1:CJl1TouOyuJ1Xh4tZSXLwm3Upt06HzUNZmeyuEB9EZg=" ]; @@ -116,6 +112,8 @@ let darwinConfig = lib.optionalAttrs (!isLinux) { system.stateVersion = 4; + # FIXME: Remove + system.primaryUser = username; security.pam.services.sudo_local.touchIdAuth = true; diff --git a/nilla.nix b/nilla.nix new file mode 100644 index 0000000..4e6423f --- /dev/null +++ b/nilla.nix @@ -0,0 +1,136 @@ +{ + inputs ? import ./inputs.nix, +}: +(import inputs.nilla).create ( + { config, lib }: + { + includes = [ + ./modules/nilla + ./pkgs + ./wrappers + ./hosts + ./assets + ./services + ./modules + ]; + + config.inputs = builtins.mapAttrs (_: src: { + inherit src; + loader = "raw"; + }) inputs; + # Add inputs argument so modules can conveniently use it + config.__module__.args.dynamic.inputs = builtins.mapAttrs ( + _name: input: input.result + ) config.inputs; + + config.packages = + let + systems = [ + "x86_64-linux" + "aarch64-linux" + "aarch64-darwin" + ]; + mkPackage = package: { + builder = "nixpkgs-flake"; + inherit systems package; + }; + mkPackageFlakeOutput = + { + input, + output ? input, + }: + { + inherit systems; + builder = "custom-load"; + package = { system }: inputs.${input}.packages.${system}.${output}; + }; + getPkgs = system: builtins.mapAttrs (_: pkg: pkg.result.${system}) config.packages; + in + { + agenix = mkPackageFlakeOutput { input = "agenix"; }; + base-packages = mkPackage ( + { symlinkJoin, system }: + symlinkJoin { + name = "settei-base"; + paths = with (getPkgs system); [ + helix + fish + git-commit-last + git-fixup + nh + ]; + } + ); + formatter = { + inherit systems; + builder = "custom-load"; + package = + { system }: + let + eval = inputs.treefmt.lib.evalModule inputs.nixpkgs.legacyPackages.${system} ./treefmt.nix; + in + eval.config.build.wrapper; + }; + __allPackages = + let + all-packages = builtins.attrValues ( + builtins.removeAttrs config.packages [ + "ci-check" + "__allPackages" + ] + ); + all-packages' = lib.lists.flatten (map (pkg: builtins.attrValues pkg.result) all-packages); + + nixos-systems = builtins.attrValues config.systems.nixos; + nixos-systems' = map (system: system.result.config.system.build.toplevel) nixos-systems; + + darwin-systems = builtins.attrValues config.systems.darwin; + darwin-systems' = map (system: system.result.config.system.build.toplevel) darwin-systems; + + all-drvs = all-packages' ++ nixos-systems' ++ darwin-systems'; + all-drvs' = builtins.concatStringsSep "\n" all-drvs; + in + mkPackage ( + { runCommand }: + runCommand "eval-check" { + allDerivations = all-drvs'; + passAsFile = [ "allDerivations" ]; + } "touch $out" + ); + ci-check = mkPackage ( + { + writeShellScript, + lib, + system, + }: + writeShellScript "ci-check" '' + nix-instantiate --strict --eval -E 'import ./nilla.nix {}' -A packages.__allPackages.result.${system}.outPath + "${lib.getExe config.packages.formatter.result.${system}}" --ci + '' + ); + }; + + config.shells.default = { + systems = [ + "x86_64-linux" + "aarch64-linux" + "aarch64-darwin" + ]; + builder = "nixpkgs-flake"; + shell = + { + mkShellNoCC, + system, + nh, + }: + mkShellNoCC { + packages = [ + config.packages.agenix.result.${system} + config.packages.attic-client.result.${system} + config.packages.nh.result.${system} + config.packages.formatter.result.${system} + ]; + }; + }; + } +) diff --git a/pkgs/conduit/default.nix b/pkgs/conduit/default.nix index c2c44b4..fee4c6f 100644 --- a/pkgs/conduit/default.nix +++ b/pkgs/conduit/default.nix @@ -1,47 +1,26 @@ { - lib, - stdenv, - fenix, - crane, src, - libiconv, rocksdb, - darwin, rustPlatform, }: let - rust = - with fenix; - combine [ - stable.cargo - stable.rustc - ]; - crane' = crane.overrideToolchain rust; - rocksdb' = rocksdb.overrideAttrs ( - final: prev: { - version = "9.1.1"; - src = prev.src.override { - rev = "v${final.version}"; - hash = "sha256-/Xf0bzNJPclH9IP80QNaABfhj4IAR5LycYET18VFCXc="; - }; - } - ); + manifest = (builtins.fromTOML (builtins.readFile "${src}/Cargo.toml")).package; in -crane'.buildPackage { +rustPlatform.buildRustPackage { + pname = manifest.name; + inherit (manifest) version; + inherit src; strictDeps = true; + useFetchCargoVendor = true; + cargoHash = "sha256-gNcpB2LMZU18RIxVu+mJfa4+lB5rNIRcZ2DJPvZCdQo="; + nativeBuildInputs = [ rustPlatform.bindgenHook ]; - buildInputs = lib.optionals stdenv.isDarwin [ - libiconv - darwin.apple_sdk.frameworks.Security - darwin.apple_sdk.frameworks.SystemConfiguration - ]; - # Use system RocksDB - ROCKSDB_INCLUDE_DIR = "${rocksdb'}/include"; - ROCKSDB_LIB_DIR = "${rocksdb'}/lib"; + ROCKSDB_INCLUDE_DIR = "${rocksdb}/include"; + ROCKSDB_LIB_DIR = "${rocksdb}/lib"; NIX_OUTPATH_USED_AS_RANDOM_SEED = "randomseed"; CONDUIT_VERSION_EXTRA = src.shortRev; } diff --git a/pkgs/default.nix b/pkgs/default.nix index 71a2d48..3efdd36 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -1,35 +1,78 @@ -{ inputs, ... }: { - perSystem = - { - pkgs, - lib, - inputs', - ... - }: - { - packages.conduit-next = pkgs.callPackage ./conduit { - src = inputs.conduit-src; - crane = inputs.crane.mkLib pkgs; - fenix = inputs'.fenix.packages; - }; - - packages.git-commit-last = pkgs.writeShellApplication { - name = "git-commit-last"; - text = '' - GITDIR="$(git rev-parse --git-dir)" - git commit -eF "$GITDIR/COMMIT_EDITMSG" - ''; - }; - - packages.git-fixup = pkgs.writeShellApplication { - name = "git-fixup"; - text = '' - git log -n 50 --pretty=format:'%h %s' --no-merges | \ - ${lib.getExe pkgs.fzf} | \ - cut -c -7 | \ - xargs -o git commit --fixup - ''; - }; + config, + lib, + inputs, +}: +let + systems = [ + "x86_64-linux" + "aarch64-linux" + "aarch64-darwin" + ]; + builder = "nixpkgs-flake"; + mkPackage = package: { + inherit systems package builder; + }; + atticPkgs = lib.attrs.generate systems ( + system: + let + pkgs = inputs.nixpkgs.legacyPackages.${system}.extend inputs.lix-module.overlays.default; + craneLib = import inputs.crane { inherit pkgs; }; + in + pkgs.callPackage "${inputs.attic}/crane.nix" { inherit craneLib; } + ); +in +{ + config.packages.conduit-next = { + inherit systems builder; + package = import ./conduit; + settings.args = { + src = inputs.conduit-src; }; + }; + + config.packages.git-commit-last = mkPackage ( + { writeShellApplication }: + writeShellApplication { + name = "git-commit-last"; + text = '' + GITDIR="$(git rev-parse --git-dir)" + git commit -eF "$GITDIR/COMMIT_EDITMSG" + ''; + } + ); + + config.packages.git-fixup = mkPackage ( + { + lib, + writeShellApplication, + fzf, + }: + writeShellApplication { + name = "git-fixup"; + text = '' + git log -n 50 --pretty=format:'%h %s' --no-merges | \ + ${lib.getExe fzf} | \ + cut -c -7 | \ + xargs -o git commit --fixup + ''; + } + ); + + config.packages.attic-client = { + inherit systems; + builder = "custom-load"; + package = { system }: atticPkgs.${system}.attic-client; + }; + config.packages.attic-server = { + inherit systems; + builder = "custom-load"; + package = { system }: atticPkgs.${system}.attic-server; + }; + + config.packages.nh = { + inherit systems builder; + package = import "${inputs.nh}/package.nix"; + settings.args.rev = inputs.nh.shortRev; + }; } diff --git a/secrets/alert-nrab-lol-pass.age b/secrets/alert-nrab-lol-pass.age index a5e31ca..3676a47 100644 Binary files a/secrets/alert-nrab-lol-pass.age and b/secrets/alert-nrab-lol-pass.age differ diff --git a/secrets/alert-plain-pass.age b/secrets/alert-plain-pass.age index 4c3882d..057dade 100644 --- a/secrets/alert-plain-pass.age +++ b/secrets/alert-plain-pass.age @@ -1,20 +1,20 @@ age-encryption.org/v1 --> ssh-ed25519 GKhvwg ZvzKWT14nrdbiVRJf4hK3Gmb7pkLA1YrzIAXi7GqUm0 -OqGUgm/4oefj+J6JrIM42FPq/2tH/evQfKYQGCSMIc4 --> ssh-ed25519 H0Rg/A ucyXgt869tI6HWLjrsg5o65HBBHnjiAyJ2T7aCps7iQ -h58tIKkuHEFM+7VRl6u+3vvV3XQ0r+XqvUo7OdLuKEg --> ssh-ed25519 84j9mw 2a5d7xIwqwF9MuAKv490mGUMYiDvZWK8+sLDjShpnmk -7CH1AzJQD7nrq7aKZJy54+74awO2MHO6RySq29/MH18 --> ssh-ed25519 5A7peQ 8h1pfClbTdBZuSZyw1LcntL6QIDXukYkJ+SBmcZMYAE -d8gix1GBYjqe8nYc/gdOxEvsYNo7+W+vhQZq/RFPeRw --> ssh-ed25519 g2vRWw E4b+U5rVKsurdddkOSeDKmhIQW5iK4hdoRePQjohM2w -+WlMZ6Yd9iCqcm/WIrzRSRU9fmqdtc2Lb79wgB945Kg --> ssh-ed25519 B2veVw 4APxbmXkGw6O319hX1rPpgCz2BNXs1fa71eopRvgsFI -AQ3FsW+H7qYg90JG8904/N0FjxjH4S70S1Gyer1BiXI --> ssh-ed25519 IFuY+w +W4IMgBS9ihPCEGWQw8DrsTkF8Ih5H1+ZjhmGdPimQE -qlMFMVpw6uvH/OqGx/fIBFcP41RlXxyXKJ3//1N7mcQ --> ssh-ed25519 rA7dkQ 1XI21LILuaiYGHbdgCllU+H8N+/YPq9FyrOUTp0AXCI -vklhN/5KOmbB0MaQ4F/iIuj5ReLiBrmFQunPtJu0o7w ---- 5T2/adM9me57EcbMcLPba1MIisFzJnXLC+inc57bJdk -Ji'6&&o -k4-hu}2|1DIl9ܦY \ No newline at end of file +-> ssh-ed25519 GKhvwg /jQLcJCNx2g7rM8udm1ZyPDeqc0pJ95VpIsWObAG/xM +0QCmRI3pXNLmzIENjDyVNQLISQd6uyA/HOyXB1W47X0 +-> ssh-ed25519 H0Rg/A r98Ge9hReVxBKmQuAfX63L8y9W2vQh2PC/VMtGnS/SE +itKOWkxTHsM/SlhW+AA037ns0XmOaLHWrEtguC5h5Pw +-> ssh-ed25519 84j9mw FlKDqV1OxbxZ3s6mtYS6hzdOrMvY+GuYrXWoBk2Xo0Q +XqYK9dQXXx8eKlYhwQ5N+62GX/48VWQ51UyNialg5/E +-> ssh-ed25519 5A7peQ MIpjM9J/7wAVGuB5eRStLAAqLEE9Ff4E6eoWqEE4lk8 +J0o+kgUBuk0odbuLvuRns699wfY/LPHc9RZydpnyVc0 +-> ssh-ed25519 g2vRWw eNdLCZX01DMm9nZgugFCXIoqANF4Um+xxKQQf8SOax0 +i7H34Lumyn5qtigixSRbaYf1bm92kQLCf+EZKJeYmlw +-> ssh-ed25519 B2veVw DvHqN4AUU1mjB++Qwz1vNYHxST/8qZTM+p9PfIyFsHw +BU+58wSWdknW6WbEr+uCenfaC1vLm3usdP1P8YBbn+8 +-> ssh-ed25519 IFuY+w d3WEXFMgaOUSo3jwkOBzmqTqYyZLkIWnINFj7FZCHlE +u7KuKcjzTvCMJqiIzE2wNxNUjQuVaCcumnkNmVIg460 +-> ssh-ed25519 rA7dkQ XjfR8WOE/ajNfI2PvtjccMWt4ZA5ZcQfRLaswf8o/BM +cjEt4pbJgoiqQYDMAeOEKO8IsGrutkbYiJt+s9v65+M +--- Itt4v03PVRtcZ+msFBO6VKi3kDuK5+mjsQ0LZXQhWTk +3qo߅n/3$? _m8 +v:mjd|wr \ No newline at end of file diff --git a/secrets/attic-creds.age b/secrets/attic-creds.age index e901eb7..327f967 100644 --- a/secrets/attic-creds.age +++ b/secrets/attic-creds.age @@ -1,7 +1,7 @@ age-encryption.org/v1 --> ssh-ed25519 84j9mw ZJAtY/6itD2g/hCRjxKrV1ZWQIzM/YgKGNa5CT71YBc -mMGp1ZjBx0qEugMAnixkVn88HqdNui/gyJt/okwRDP8 --> ssh-ed25519 GKhvwg JbvduCfwAY610WxpitcGlScY98bGeNYDqKuxHkrqZDU -4aCApDeZnE/7xA3JzxqD5awQv9N5oa2TcHQOZx+CBpE ---- nGz8lBsZ79RPshiTTFlSTVsZP7lfaNKBZFC7TtZ2ves -['!eUTRG̠1dI{aϪ+'?"ʵ&NxkāRϗ)\a~o`htΖ-WrhxE +']>r9Oa=+W t} \ No newline at end of file +-> ssh-ed25519 84j9mw NTO+6rjQ67mvDfLbkZNyuvxGXVlKjqnH5Wg0/qD8Zkk +oIrs9tsRkEqIb9lLQnF61DefTWtF60iSJEfm2b4dkLU +-> ssh-ed25519 GKhvwg 1URR/IKkYchQlxgQDK0Dh20KXTrulyJfnO3JXjECBjw +K2N7/b88tkEa8bTSRRWLChPN5GbbNip4qDx4HubEP9s +--- 4DdZ4N53a/aiMQcO0okbaeo3npYD+WrjoFYVnIMkmEk +(5/[p+&.$*Z*b~¤>"& !9RG7r?KrDmEl~1DѨCgE?q"w7:X|Dpg4Y4bĩ-.`#wC,y|["k*YF \ No newline at end of file diff --git a/secrets/forgejo-token.age b/secrets/forgejo-token.age index f16f8e1..4f8cba6 100644 Binary files a/secrets/forgejo-token.age and b/secrets/forgejo-token.age differ diff --git a/secrets/github-token.age b/secrets/github-token.age index 58d43ca..e2cb091 100644 Binary files a/secrets/github-token.age and b/secrets/github-token.age differ diff --git a/secrets/hercules-cache.age b/secrets/hercules-cache.age index 48de2e9..9ed43f7 100644 Binary files a/secrets/hercules-cache.age and b/secrets/hercules-cache.age differ diff --git a/secrets/hercules-secrets.age b/secrets/hercules-secrets.age index b192321..488a650 100644 Binary files a/secrets/hercules-secrets.age and b/secrets/hercules-secrets.age differ diff --git a/secrets/hercules-token.age b/secrets/hercules-token.age index a7a66a7..7f2f655 100644 Binary files a/secrets/hercules-token.age and b/secrets/hercules-token.age differ diff --git a/secrets/kanidm-admin-pass.age b/secrets/kanidm-admin-pass.age new file mode 100644 index 0000000..2b229b2 --- /dev/null +++ b/secrets/kanidm-admin-pass.age @@ -0,0 +1,7 @@ +age-encryption.org/v1 +-> ssh-ed25519 84j9mw W4+Z4WjOyUl4mWPqVykNWRhf2/8qfVOSM7QCFPNMZTA +0ndQjslMwjQqguN25nBQtCchpCLhoD/vrxh1yNVeTNw +-> ssh-ed25519 GKhvwg H8XcFJDZTA3IzxmK6wbB+PVM2gCZ4ysAPjL5j0LgeE0 +kehTMRIVOZ5ubtO7w8WF+gU3sjYXMQtd5hH+wcv3uSE +--- 72ntrRbWq8pdkk/GrsVupTttfY9t+w3l+2KQbQyNn/I +iyd$vVl TK$4G[MI[#tz:r9~ESA6}׵ \ No newline at end of file diff --git a/secrets/kanidm-idm-admin-pass.age b/secrets/kanidm-idm-admin-pass.age new file mode 100644 index 0000000..0eac321 --- /dev/null +++ b/secrets/kanidm-idm-admin-pass.age @@ -0,0 +1,8 @@ +age-encryption.org/v1 +-> ssh-ed25519 84j9mw 8zYeVXx36dpC8TxMdoM1GdERoNNj902KwTF4h/r4inM +n3mYra0BeM4gWsZ7Roilu14o/GajX1iWw0fcy0q31yc +-> ssh-ed25519 GKhvwg cqd7YmVpbxqZxaVluHDZ8Yw0gNfJCKMmoWa4mEoXym8 +Gbcj+PJaqyPRRGX4olr7mmJ5IoEGlQaogYbj7i9E/98 +--- LoQPWI+m8s3NjalUh0+xdW54c8lgddBmhPoIiPbmR8I +Җ܉Y +9!42DVP9N]G;?ЉS ' \ No newline at end of file diff --git a/secrets/leet-nrab-lol-pass.age b/secrets/leet-nrab-lol-pass.age index 4145d0d..93c638b 100644 --- a/secrets/leet-nrab-lol-pass.age +++ b/secrets/leet-nrab-lol-pass.age @@ -1,7 +1,7 @@ age-encryption.org/v1 --> ssh-ed25519 84j9mw 9ygN4fWQWX889zSTchiwqVwxTzHzl+3PSelEpeGx6yA -v1GTvSMdbwC6U0QZtaD7/b5QbJ9j4J3F10eCUaT5COY --> ssh-ed25519 GKhvwg 9I2sycYPtBMPZenbWLueANm46TTPzbgCa//4oKojGEQ -aEX3TQpWRAcrtJaiTMxB08L8OY/O/4JR+/zoNPl7Kxc ---- 6EB80pdWxmL1yVM+klouel5E59m2C88Dz0SH2DiT6nE -hkdJw|g~v^jq\ ' yIcdWYF?N/0+h=85# \bm~1y"qAT \ No newline at end of file +-> ssh-ed25519 84j9mw 7HLXJ0FPIlK/5skZB7HsmzyMX3S7I41wPsEPZ7Jb/28 +MJ9oeQWZ9QlL6kuB8QUHoOjdXqOqqpA3kHpr2h/6A5A +-> ssh-ed25519 GKhvwg oVRn1+ZoRU39ucM/It+cxfLEMjF0uSV1O7k0J/8DgnM +ATACnP4ASRJ1qhyrm8yhi2qtDftXMiQ91CbmuqIm2gI +--- ucDElqkYHEoTy0c+vPsy2AQ3aqJmkDSBAADiKB71k2o +.ƛLlCgs.IžR .qxL2BNjFo9]9gTqNia]eaGSkY$ ssh-ed25519 g2vRWw 8FCO/eYVK3KfOvdyk5Va3R9jXaSNzV+ArFVhJwJPDDk -zRBpyAtdJxg4TSsgUep66Yv2CMUUAI8IF3pL5+MI/88 --> ssh-ed25519 GKhvwg eMLyDK82QCKJrVjtfuy5DKTNFOc39zdJxJNFEXCO1Ac -6AamgzEBeT1018cy7N5GcvgjypGPLqF+2P14h//jTtA ---- jhq8ZEIoUjMq5PH7tktWMKQuCLMKifY/UfjjM1Qn7UE -Q8cV2 ƈ4$h+ey -0#aJ`ng{@.sIgϞc*Q'&k,CuIwɘ +rENշ@FPI?ђ \ No newline at end of file +-> ssh-ed25519 g2vRWw btMiKwz3PwvUTHhz3eQU1PkMqSPJ9gpVZ9WC7u49xmQ +jhQgjo4Vt7e6Q9uERj9UG4AM/gMhMUexBWHI4ofrx7c +-> ssh-ed25519 GKhvwg sZvZftsPUAjQ27PleicM9It+gpRjwPWOdxx85Mr5fxY +G3VOFsNg2p1/KTyACw9QlvfBsyNUG9v7LSkWJl8afrg +--- letALmlj/zH1GJl31nWXeURJHZI6UkToZiTIUgZLv8s +lbxCI_ d:@@^ o:]1s;iv"̽thTwlˠil{An.v[GU0%) \ No newline at end of file diff --git a/secrets/nrab-lol-cf.age b/secrets/nrab-lol-cf.age index bf3032b..f991709 100644 Binary files a/secrets/nrab-lol-cf.age and b/secrets/nrab-lol-cf.age differ diff --git a/secrets/ntfy-alert-pass.age b/secrets/ntfy-alert-pass.age index 4e997b6..4b28129 100644 --- a/secrets/ntfy-alert-pass.age +++ b/secrets/ntfy-alert-pass.age @@ -1,19 +1,19 @@ age-encryption.org/v1 --> ssh-ed25519 H0Rg/A Gu5zy+v+SITLh8SsiBXDnFDW007MNnWQ3Qo1XnKQVTM -0OLIB6bgEHct3n4ev0HgfaUOl8t93DM3qInsrfBn4Vw --> ssh-ed25519 84j9mw XBb71lyuXkIGxSL+VHv4To64qjGv3tqGGMa5J414uE0 -kuVmbLJ4ZyC6rmNUZOEXfrYHm89iXRqwP2Gv5lV4XSE --> ssh-ed25519 5A7peQ Zby6NTv0q8OQ9qvo7DvE4OVOpShVKE8K7QWTson0DCo -eMTfWLUUImhEfXlBl8gYoA1YK0gfpB8VyWa2L3RCA1w --> ssh-ed25519 g2vRWw W5ZMWxUBPvef4sWXhv2aMCLZKlW++4n78vjJ+UE8XFE -0J4OEvtTaffnRHQdfzGOOtBdgmq9is63uSLNFfZ59Oo --> ssh-ed25519 B2veVw tZ3sVtgqEJ5LbK3b2xcH+0z8LaNUPs4KZO9A/VLH71g -MUuolaOws9FLq5MwrGKbseG5Xaok/gad6LQ5bxhN+ss --> ssh-ed25519 IFuY+w sz83GwAlZD8Zp2kH+7pwnETPKSfXDRgSXzNteAAGXF0 -4ByeRXyTp9+XpOirDvPAfDqfxyQXXqdEtTSq/CqKP0o --> ssh-ed25519 rA7dkQ b7UcNJ+8UhrBnJieRvNxHXFBmr6uyh9q4ZtD9vpsTRI -2/jPFKnWvCwc+Ki9gWJ8sbGetH46DZMk7LyxmqSlAe8 --> ssh-ed25519 GKhvwg 1HxU3yc2MfaW6N/zOg5ZRD+imMAIhIdKCp5FYR1BXjY -LlmcWTkjbm9Ig5rECdKieEsbmPZiFenZnLZ4p8YbUbI ---- 8E31okL3vgwlYthWyy+sshdJDHWGBjawZoS/3QaqjT0 -=u\eFcHret[92#YwN~Gfӷ xG^0=W ӓE& \ No newline at end of file +-> ssh-ed25519 H0Rg/A ti8Cilk/v+91Nckt/CuYl6qRuRb3W60gvhB43FW1znI +EeLV+OccotivcRsN/aB/UdF89WiPlJ6R8PeKN6b+OQs +-> ssh-ed25519 84j9mw 5rRP84YZGBMCFStzc5aeOqBmsAmjSb3GkKl47Msuei8 +DLtAz8tWkLu3QBeR+M5ZlJH6c6+GKPwf+qy3NpdTCOo +-> ssh-ed25519 5A7peQ d6JYwhySRN6B0eHl+JiZkxawZuMYuS7RDrSKMQYHLzI +/Yg5Hx948SBDD8shA49Bnv8hooPokYG7Fn9roswNIWI +-> ssh-ed25519 g2vRWw gltJGTfV+a8BKaAkBGXkiW57ymv0vPBQnCS2BWJ6fDc ++yBjIKMdM4eUVJvjs/UedjTH6hLRs56hDUpjpLC/q84 +-> ssh-ed25519 B2veVw GeSb9ZgzHNDDDa/X+HppmefkEelg6JaQr8uaaijjzFo +LRzUrcmZAEosn0Sf4/YOLhbtdgYhWMYe9/uhvAMwcRI +-> ssh-ed25519 IFuY+w gmfb2WEjP2BVhwnL+DzFcsM/ctbihlC6wOr7Bhn8r0o +k4IEjoNZSukZtz+rkOjk/BfaZkJ7T1jNrweKpmGDRZU +-> ssh-ed25519 rA7dkQ EWcPrbtHeD6Rq0mlnoVhgVTZQ586QdRVsZa1K9YkQzk +EN5VG0U1KGdpcT64B6C7kVDwKM/h+gsiTgsKf11XP2s +-> ssh-ed25519 GKhvwg jVotsPuVgxUaZUg5U6QwZO9O6DPsYv5Mp1rfsP353hQ +c8uSgREFANKYeaafurp47MQiGnQxHXkFR5TGAQ7Ykv4 +--- unx7yN4JzSSku/QUYEEUSPxyyLrWLG4zEMB/yRqvKwg +FETAms~_'%r=KxO#Mq'M_5F%P. \ No newline at end of file diff --git a/secrets/ntfy-niko-pass.age b/secrets/ntfy-niko-pass.age index c42dcd5..5802533 100644 --- a/secrets/ntfy-niko-pass.age +++ b/secrets/ntfy-niko-pass.age @@ -1,7 +1,9 @@ age-encryption.org/v1 --> ssh-ed25519 84j9mw 5fEqoBEGZ6AZRfWuU6mej6XNl6hDrxMIMMlccp9CVzg -QvontdV2/amh/i1Ldmzup8TB+lN4b0+YuoT+UFWiPw8 --> ssh-ed25519 GKhvwg 5Qm1FPvbv0ZsJiJ0Rjm0CPm6eWKvfQ4XHAOmEUWWCiA -eu1MXEWfo425lbnq5tAOnGqpLgRVIOCkZKegTQQjw/I ---- s1g2UCKwlew0wCJSxGosBzn1K0TEbPlrIl09iZ58bMg -P$N{LrxS:=Wxc(J|48S \ No newline at end of file +-> ssh-ed25519 84j9mw ryWkCbg6qUwncq/HkEIN8qgMjPKVRv86y/gzJFtlS0U +G02X9Uacg0c5acyAmPHx5F6ImZQnjs45hH/tBFpP42I +-> ssh-ed25519 GKhvwg LcIGEajShma720zp/yMndBnEOoZV9aYSsOFmN6yG9wQ +lox/ZbORF9HCKl4lCkTrRQ240JEGljqoAf8+I5q03Z4 +--- 6a1rHleD/+yh+e+/0lm4TIvst9tjT7y6sr6ujApYuZQ +$Q~C7|A{3]&X'' +PRL6 +QYmhm \ No newline at end of file diff --git a/secrets/paperless-pass.age b/secrets/paperless-pass.age new file mode 100644 index 0000000..049b54e --- /dev/null +++ b/secrets/paperless-pass.age @@ -0,0 +1,7 @@ +age-encryption.org/v1 +-> ssh-ed25519 rA7dkQ sXPoNSctxQL6Gh1JrsMuUGp5/PW/v7zFzGzdncnVYnQ +ETOeRcPPhV+RZSZEC2cGsKm2H6eAn8eKJTn1NkJqndQ +-> ssh-ed25519 GKhvwg DWV3js/l+CYRHGgf0NCZwBCigE9U5tf8mkGxVNAIVSY +dxHnQkWKB8+02j3zuaeGVq8+A5vA2ssTccTdFSn5FCw +--- pu5uE5bsrnA7KrZSRGaD6xMKjzsx0ezXn9BbNVsrgAw +Q B ssh-ed25519 84j9mw tKQQB/cd6JHCLQLrix2WGW5hHBUNC+pqDZXvTmOlOkw -lnx4olU3W8dgMwigYga/NYcjJ/C59J/uVdYNOfWmN2I --> ssh-ed25519 GKhvwg iWTl/jvU1aBd78yAZUsOgcG6JaK+vO8Dpx61dYMjmhc -2Iu6OHlLlhJLy/cxI/zSuqRhBnoeGLXINbDyMIvDZD8 ---- eOl0sze0EOvfcAarBav7mb4B3jdBvOE+fF166oukbrk -!lxq*T,.Xk6^ ssh-ed25519 84j9mw MkIkHSzR3H+j9ul56t+CrVsoeGRgH2ocYRSBoH/z5SY +0LNQmCBPvS5NiS66HCQ1Yifr/GkIYxrDj2Kfg/ZOerM +-> ssh-ed25519 GKhvwg xp5j84RKQ56OFSak3IvHRG9TAv0XVYLmWJLImgAjmws +gx1Ke3U3ngFsDswVVOnwbQUJNOUSdFgh/LUKkDH30Ug +--- lWb3NlBy8n+NWGQ+M75RmWElXXLWWpl38aRYTVMm5GY +qA [VpH 0I *~h 6BZikʤV 9s; +Ƴ8Md٬լ= \ No newline at end of file diff --git a/secrets/storage-box-webdav.age b/secrets/storage-box-webdav.age index 6019090..782f202 100644 --- a/secrets/storage-box-webdav.age +++ b/secrets/storage-box-webdav.age @@ -1,8 +1,7 @@ age-encryption.org/v1 --> ssh-ed25519 84j9mw C3TpEZsxJIYJ3d5vsQkCcCTity80nLsyxm5zCBZOMzk -56z54taf+KUJjDugfCGKlcbeRZfDzi3+eeanKPINS6E --> ssh-ed25519 GKhvwg uUXJkGw54Q7dCnYobwV1zihOPa4R1FydJZehlFc5MA4 -6Zbym9jLykqsYjmb6rKIa6GExAKVVvEkvCQrzl6HB/M ---- QICnyH0PORBpoNgT3pjuhP1p8AHn9gD2OIae/9G23x8 -(}{Ԝ2˓i]UmiLmv>ke'6A̯Xi<:fU)~&Aˡj# -D?_E-H \ No newline at end of file +-> ssh-ed25519 84j9mw aSPnpUfj2PBYycEMzcENn30pzhrSEAatTOdoDhoPQVk +PzcdoYgIHJZqOHE36gynF7r1LgFjoX2hEfCf1Emb2gg +-> ssh-ed25519 GKhvwg HlibITP17XIxE8t8Kd9NtC6n696fQJu78lE3Yp4lFyg +hmPEscf5AzMWq7NJSX8WxuRZ3bV3nMDAZZnZ8/Xy+rg +--- gSATPThFb4g1a+5/hwps5NGAEsd3VUlYtzy0vTySXyM +gۏlw_0](t9%9aWͬ@dW@S o*&X-@c~#fox=; \ No newline at end of file diff --git a/secrets/ude-deluge.age b/secrets/ude-deluge.age index f398be0..075061e 100644 --- a/secrets/ude-deluge.age +++ b/secrets/ude-deluge.age @@ -1,7 +1,8 @@ age-encryption.org/v1 --> ssh-ed25519 IFuY+w ZigoLhwVERGG/r7uYI3DKX7jijKt+4tsiTWpbIdUTXE -k4jmQIJXr7yJOY3pkc1VnoqDgWkNr84k1AgYF7jNjRs --> ssh-ed25519 GKhvwg FMZOLDeE2Yw1Kd8V7NTL2oQtWo4IKDUoHu/Z8Su2hHI -QF+L/Qf35wkOcgGWWRGANMJCG5Vz80epjQuwa4IdYQM ---- ZUTRNDrgxdsZsNSP1Z3BLxw4EYexr873aJrbUvIgE2I -yZͪ MXd塸*5j"*ZU ф|ݕ]a8 "Zb][9SU . \ No newline at end of file +-> ssh-ed25519 IFuY+w YhrlFN7mVaYlDC0YyEYwHUw/Dn+AJS5LcdYH0CHNhHM +2Fh1Imyut/Fs3nAUQAYNHuR0DPRCnDDv0fuLI1hQc6k +-> ssh-ed25519 GKhvwg Iuw+N1SD8On8HqpoinMoXFJ+QRS7CRyjVHhI7LE83hs +yTdsv1DKQUSG1hFyxanahMiagPumuuVH1S1uLwoX3aU +--- fGCYe4oLn1ucgnXuuecwD4nHMkiqxy2kSTYp79y7sR4 +ѭ +QVCs`ʦWG#u͑+K~!:#'jQDYz'%@AO`剒> \ No newline at end of file diff --git a/secrets/youko-niko-pass.age b/secrets/youko-niko-pass.age index 6e910ff..18041a5 100644 --- a/secrets/youko-niko-pass.age +++ b/secrets/youko-niko-pass.age @@ -1,7 +1,7 @@ age-encryption.org/v1 --> ssh-ed25519 rA7dkQ ucrMqUlwttyHHFkJ/c5tYpHohefNYe6aJnxHMUjkUxU -RgsGaMLmtziGu/n6MiDJmkTZORTh2yYWoSS0eu9i6PA --> ssh-ed25519 GKhvwg u7Fjda07e17aJGV0ZFK/Mt2ZbF/3b38MLydE8WKs2gY -gO2rNP64Nkhr5GShWP8zhxeT2YUKEkqN1Oc6/3l6PKU ---- H9oqwkU/uI5fZAdy+qkCW5vw1PBaahe28FTUxhEFsds -xSmL69ʎG3<4[Z t}<OdcY}>XQ^]Ki|BwDmqHX]FeRt%`Ҥ0IV \ No newline at end of file +-> ssh-ed25519 rA7dkQ HZF6g+17SHv2P0Agh9/rJk5yQkjqxmOKF+F5dlcHkUI +WimAhXL0UU2JXUlruPnIwi7vkjQ7YDWsyK5yB006gWo +-> ssh-ed25519 GKhvwg mYJ6EJxisRlPtWzBqAsQXF4sivQP86rr03qIQvJGumY +Y+dGZb/F1jddv04tFFPSSyTTJjsBTbQUocNg+FJuX/E +--- mMUDr1Q6r/fEIejP+0yBj8D09REx3bj51XpaJiOO4ns +