diff --git a/.forgejo/workflows/build.yaml b/.forgejo/workflows/build.yaml
deleted file mode 100644
index 89693ab..0000000
--- a/.forgejo/workflows/build.yaml
+++ /dev/null
@@ -1,11 +0,0 @@
-on:
- push:
- pull_request:
- types: [opened, synchronize, reopened]
-
-jobs:
- check:
- runs-on: native
- steps:
- - uses: actions/checkout@v4
- - run: nix flake check --all-systems
diff --git a/assets/ssh.nix b/assets/ssh.nix
index afdc92c..fb8a04d 100644
--- a/assets/ssh.nix
+++ b/assets/ssh.nix
@@ -15,7 +15,6 @@
kogata = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGK7H4Z29d72HJlI69Vt0YLOyuPcn9XxYjvMZfql80z0 nikodem@rabulinski.com";
hijiri = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFXVPUBYAMn9H3efG/ldWl/ySmZV0CXleyH7E5nKf/N7 nikodem@rabulinski.com";
tsukasa = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILPKXcihNVgsStMstnZYvh+Ai+JsydX3vu4O0yhlN+zw niko@tsukasa";
- youko = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKAGBazVVFr1+beFxpC701IPz4JwdPIyFJybVVZ9kTkr niko@youko";
};
system = {
@@ -26,6 +25,5 @@
kogata = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICPN/SXBcIB1WN8GIhYrQrqzFGuVkEP4o0E+x0uQ4f2l";
hijiri = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILsTkICNuUwGqrToisTViFCBoql39+DFYVZSWj7vfbXK";
tsukasa = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDKy32XGCkB0KOUm4f0ybrutfAzR7+baifM2yv5KuYV7 root@tsukasa";
- youko = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPSbIjEo28aB2TACkvLY+VRKElZEdH9qFlTTfxCrblGZ root@youko";
};
}
diff --git a/flake.lock b/flake.lock
index c260a9c..f409834 100644
--- a/flake.lock
+++ b/flake.lock
@@ -47,11 +47,11 @@
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
- "lastModified": 1742497754,
- "narHash": "sha256-fCM/cnenyg+HQ3Ek7uXu04UX/aXrHBD6BW93/rYWZHE=",
+ "lastModified": 1738514772,
+ "narHash": "sha256-ng38xM+7MfmoWYcQj6/Ejgt732nbFIDx14QvWVpG0d4=",
"ref": "refs/heads/main",
- "rev": "af9d18efe24894a63c39d37bc0d2ddbea413aaa8",
- "revCount": 366,
+ "rev": "b691dd3a7746afd73e944db98c0b000c1424cd5e",
+ "revCount": 362,
"type": "git",
"url": "https://git.lix.systems/nrabulinski/attic.git"
},
@@ -79,11 +79,11 @@
"conduit-src": {
"flake": false,
"locked": {
- "lastModified": 1742005420,
- "narHash": "sha256-v4LCx7VUZ+8Hy1+6ziREVY/QEADjZbo8c0h9eU7nMVY=",
+ "lastModified": 1730678249,
+ "narHash": "sha256-Xn1BnCbwbRFhqcFJ4GvSmB+H509fiHFhTJcpi4G+2oo=",
"owner": "famedly",
"repo": "conduit",
- "rev": "063d13a0e10619f17bc21f0dd291c5a733581394",
+ "rev": "e952522a39883e4431e74c42cef3d9bc562752f8",
"type": "gitlab"
},
"original": {
@@ -95,11 +95,11 @@
},
"crane": {
"locked": {
- "lastModified": 1742394900,
- "narHash": "sha256-vVOAp9ahvnU+fQoKd4SEXB2JG2wbENkpqcwlkIXgUC0=",
+ "lastModified": 1737689766,
+ "narHash": "sha256-ivVXYaYlShxYoKfSo5+y5930qMKKJ8CLcAoIBPQfJ6s=",
"owner": "ipetkov",
"repo": "crane",
- "rev": "70947c1908108c0c551ddfd73d4f750ff2ea67cd",
+ "rev": "6fe74265bbb6d016d663b1091f015e2976c4a527",
"type": "github"
},
"original": {
@@ -115,16 +115,15 @@
]
},
"locked": {
- "lastModified": 1742382197,
- "narHash": "sha256-5OtFbbdKAkWDVuzjs1J9KwdFuDxsEvz0FZX3xR2jEUM=",
+ "lastModified": 1738277753,
+ "narHash": "sha256-iyFcCOk0mmDiv4ut9mBEuMxMZIym3++0qN1rQBg8FW0=",
"owner": "lnl7",
"repo": "nix-darwin",
- "rev": "643b57fd32135769f809913663130a95fe6db49e",
+ "rev": "49b807fa7c37568d7fbe2aeaafb9255c185412f9",
"type": "github"
},
"original": {
"owner": "lnl7",
- "ref": "refs/pull/1335/merge",
"repo": "nix-darwin",
"type": "github"
}
@@ -136,11 +135,11 @@
]
},
"locked": {
- "lastModified": 1741786315,
- "narHash": "sha256-VT65AE2syHVj6v/DGB496bqBnu1PXrrzwlw07/Zpllc=",
+ "lastModified": 1738148035,
+ "narHash": "sha256-KYOATYEwaKysL3HdHdS5kbQMXvzS4iPJzJrML+3TKAo=",
"owner": "nix-community",
"repo": "disko",
- "rev": "0d8c6ad4a43906d14abd5c60e0ffe7b587b213de",
+ "rev": "18d0a984cc2bc82cf61df19523a34ad463aa7f54",
"type": "github"
},
"original": {
@@ -157,11 +156,11 @@
"rust-analyzer-src": "rust-analyzer-src"
},
"locked": {
- "lastModified": 1742452566,
- "narHash": "sha256-sVuLDQ2UIWfXUBbctzrZrXM2X05YjX08K7XHMztt36E=",
+ "lastModified": 1738564312,
+ "narHash": "sha256-awAp1Qe+c95PQxP7v+Zfse+w3URaP3UQLCRlaPMzYtE=",
"owner": "nix-community",
"repo": "fenix",
- "rev": "7d9ba794daf5e8cc7ee728859bc688d8e26d5f06",
+ "rev": "d99d2a562b9c9d5f0e4399e5bb677b37a791c7eb",
"type": "github"
},
"original": {
@@ -177,11 +176,11 @@
]
},
"locked": {
- "lastModified": 1742432361,
- "narHash": "sha256-FlqTrkzSn6oPR5iJTPsCQDd0ioMGzzxnPB+2wve9W2w=",
+ "lastModified": 1738544198,
+ "narHash": "sha256-bdGeUx6SBs37wQ6gHo5m+apn5Uze2fVz/oYfkD6DKUA=",
"owner": "bandithedoge",
"repo": "nixpkgs-firefox-darwin",
- "rev": "c868ff433ea5123e837a62ae689543045187d7a4",
+ "rev": "6a14fbdbc697c7f1c93376ecbed4b095ccc55f00",
"type": "github"
},
"original": {
@@ -246,11 +245,11 @@
]
},
"locked": {
- "lastModified": 1741352980,
- "narHash": "sha256-+u2UunDA4Cl5Fci3m7S643HzKmIDAe+fiXrLqYsR2fs=",
+ "lastModified": 1738453229,
+ "narHash": "sha256-7H9XgNiGLKN1G1CgRh0vUL4AheZSYzPm+zmZ7vxbJdo=",
"owner": "hercules-ci",
"repo": "flake-parts",
- "rev": "f4330d22f1c5d2ba72d3d22df5597d123fdb60a9",
+ "rev": "32ea77a06711b758da0ad9bd6a844c5740a87abd",
"type": "github"
},
"original": {
@@ -266,11 +265,11 @@
]
},
"locked": {
- "lastModified": 1741352980,
- "narHash": "sha256-+u2UunDA4Cl5Fci3m7S643HzKmIDAe+fiXrLqYsR2fs=",
+ "lastModified": 1738453229,
+ "narHash": "sha256-7H9XgNiGLKN1G1CgRh0vUL4AheZSYzPm+zmZ7vxbJdo=",
"owner": "hercules-ci",
"repo": "flake-parts",
- "rev": "f4330d22f1c5d2ba72d3d22df5597d123fdb60a9",
+ "rev": "32ea77a06711b758da0ad9bd6a844c5740a87abd",
"type": "github"
},
"original": {
@@ -387,6 +386,9 @@
},
"helix": {
"inputs": {
+ "crane": [
+ "crane"
+ ],
"flake-utils": "flake-utils",
"nixpkgs": [
"nixpkgs"
@@ -394,11 +396,11 @@
"rust-overlay": "rust-overlay"
},
"locked": {
- "lastModified": 1742479163,
- "narHash": "sha256-YC0zdGyZMu7seA2Jm1mxtcxE4lSeVwvCPMfWzJ8+o/c=",
+ "lastModified": 1738547365,
+ "narHash": "sha256-4GrVwyIZKx14eVG8TZMKmgyw8v3TuETPrLvYkFNqlyc=",
"owner": "helix-editor",
"repo": "helix",
- "rev": "b7d735ffe66a03ab5970e5f860923aada50d4e4c",
+ "rev": "066e938ba083c0259ff411b681eca7bad30980df",
"type": "github"
},
"original": {
@@ -414,11 +416,11 @@
]
},
"locked": {
- "lastModified": 1742501496,
- "narHash": "sha256-LYwyZmhckDKK7i4avmbcs1pBROpOaHi98lbjX1fmVpU=",
+ "lastModified": 1738448366,
+ "narHash": "sha256-4ATtQqBlgsGqkHTemta0ydY6f7JBRXz4Hf574NHQpkg=",
"owner": "nix-community",
"repo": "home-manager",
- "rev": "d725df5ad8cee60e61ee6fe3afb735e4fbc1ff41",
+ "rev": "18fa9f323d8adbb0b7b8b98a8488db308210ed93",
"type": "github"
},
"original": {
@@ -430,11 +432,11 @@
"lix": {
"flake": false,
"locked": {
- "lastModified": 1742411066,
- "narHash": "sha256-8vXOKPQFRzTjapsRnTJ1nuFjUfC+AGI2ybdK5cAEHZ8=",
+ "lastModified": 1738446528,
+ "narHash": "sha256-NYL/r7EXSyYP7nXuYGvGYMI9QtztGjVaKKofBt/pCv8=",
"ref": "refs/heads/main",
- "rev": "2491b7cc2128ee440d24768c4521c38b1859fc28",
- "revCount": 17705,
+ "rev": "a51380645f61b33d37a536b596d16c481f7b84a6",
+ "revCount": 17342,
"type": "git",
"url": "https://git.lix.systems/lix-project/lix.git"
},
@@ -455,11 +457,11 @@
]
},
"locked": {
- "lastModified": 1741894565,
- "narHash": "sha256-2FD0NDJbEjUHloVrtEIms5miJsj1tvQCc/0YK5ambyc=",
+ "lastModified": 1738176840,
+ "narHash": "sha256-NG3IRvRs3u3btVCN861FqHvgOwqcNT/Oy6PBG86F5/E=",
"ref": "refs/heads/main",
- "rev": "a6da43f8193d9e329bba1795c42590c27966082e",
- "revCount": 136,
+ "rev": "621aae0f3cceaffa6d73a4fb0f89c08d338d729e",
+ "revCount": 133,
"type": "git",
"url": "https://git.lix.systems/lix-project/nixos-module.git"
},
@@ -478,11 +480,11 @@
"nixpkgs-24_11": "nixpkgs-24_11"
},
"locked": {
- "lastModified": 1742413977,
- "narHash": "sha256-NkhM9GVu3HL+MiXtGD0TjuPCQ4GFVJPBZ8KyI2cFDGU=",
+ "lastModified": 1737736848,
+ "narHash": "sha256-VrUfCXBXYV+YmQ2OvVTeML9EnmaPRtH+POrNIcJp6yo=",
"owner": "simple-nixos-mailserver",
"repo": "nixos-mailserver",
- "rev": "b4fbffe79c00f19be94b86b4144ff67541613659",
+ "rev": "6b425d13f5a9d73cb63973d3609acacef4d1e261",
"type": "gitlab"
},
"original": {
@@ -607,11 +609,11 @@
},
"nixpkgs_2": {
"locked": {
- "lastModified": 1742395137,
- "narHash": "sha256-WWNNjCSzQCtATpCFEijm81NNG1xqlLMVbIzXAiZysbs=",
+ "lastModified": 1738452225,
+ "narHash": "sha256-Qmwx3FXM0x0pdjibwTk/uRbayqDrs3EwmRJe7tQWu48=",
"owner": "nixos",
"repo": "nixpkgs",
- "rev": "2a725d40de138714db4872dc7405d86457aa17ad",
+ "rev": "6c4e0724e0a785a20679b1bca3a46bfce60f05b6",
"type": "github"
},
"original": {
@@ -630,11 +632,11 @@
"nvidia-patch-src": "nvidia-patch-src"
},
"locked": {
- "lastModified": 1742460640,
- "narHash": "sha256-Qks0TRMOiuVKjcSPkg251Q2/wdU5ooMt4b2f2numPzg=",
+ "lastModified": 1736930913,
+ "narHash": "sha256-f7v5s924/CiDCW7j/SEvefwm6Jb07zQWYShJ+FIYS0A=",
"owner": "arcnmx",
"repo": "nvidia-patch.nix",
- "rev": "c85990250376300fe11413e22458911f408f64d0",
+ "rev": "6ca6f8dd2139b9c01049de29979c1c0db157a647",
"type": "github"
},
"original": {
@@ -646,11 +648,11 @@
"nvidia-patch-src": {
"flake": false,
"locked": {
- "lastModified": 1742384429,
- "narHash": "sha256-5O0TXVrLsFrULXli2vB2iJ7TECUckMHKvJZYmdkcnGE=",
+ "lastModified": 1736882949,
+ "narHash": "sha256-s1qtdm0UGd4uImNts42W5hT6W1nOVz8eTyBF37QlUfc=",
"owner": "keylase",
"repo": "nvidia-patch",
- "rev": "07080317245ac30c38001d2149810b2dee3cce1f",
+ "rev": "0837f46dfe25b6e750abc7e601032bdd12c70be0",
"type": "github"
},
"original": {
@@ -708,11 +710,11 @@
"rust-analyzer-src": {
"flake": false,
"locked": {
- "lastModified": 1742296961,
- "narHash": "sha256-gCpvEQOrugHWLimD1wTFOJHagnSEP6VYBDspq96Idu0=",
+ "lastModified": 1738488035,
+ "narHash": "sha256-sLLW0S7OGlFYgNvAQnqWK1Ws5V1YNGvfXHdWoZ91CeI=",
"owner": "rust-lang",
"repo": "rust-analyzer",
- "rev": "15d87419f1a123d8f888d608129c3ce3ff8f13d4",
+ "rev": "f3998f7f8a197596c5edf72e937996e6674b423b",
"type": "github"
},
"original": {
@@ -730,11 +732,11 @@
]
},
"locked": {
- "lastModified": 1740623427,
- "narHash": "sha256-3SdPQrZoa4odlScFDUHd4CUPQ/R1gtH4Mq9u8CBiK8M=",
+ "lastModified": 1737599167,
+ "narHash": "sha256-S2rHCrQWCDVp63XxL/AQbGr1g5M8Zx14C7Jooa4oM8o=",
"owner": "oxalica",
"repo": "rust-overlay",
- "rev": "d342e8b5fd88421ff982f383c853f0fc78a847ab",
+ "rev": "38374302ae9edf819eac666d1f276d62c712dd06",
"type": "github"
},
"original": {
@@ -751,11 +753,11 @@
]
},
"locked": {
- "lastModified": 1739240901,
- "narHash": "sha256-YDtl/9w71m5WcZvbEroYoWrjECDhzJZLZ8E68S3BYok=",
+ "lastModified": 1737166965,
+ "narHash": "sha256-vlDROBAgq+7PEVM0vaS2zboY6DXs3oKK0qW/1dVuFs4=",
"owner": "oxalica",
"repo": "rust-overlay",
- "rev": "03473e2af8a4b490f4d2cdb2e4d3b75f82c8197c",
+ "rev": "fc839c9d5d1ebc789b4657c43c4d54838c7c01de",
"type": "github"
},
"original": {
@@ -849,11 +851,11 @@
]
},
"locked": {
- "lastModified": 1742370146,
- "narHash": "sha256-XRE8hL4vKIQyVMDXykFh4ceo3KSpuJF3ts8GKwh5bIU=",
+ "lastModified": 1738070913,
+ "narHash": "sha256-j6jC12vCFsTGDmY2u1H12lMr62fnclNjuCtAdF1a4Nk=",
"owner": "numtide",
"repo": "treefmt-nix",
- "rev": "adc195eef5da3606891cedf80c0d9ce2d3190808",
+ "rev": "bebf27d00f7d10ba75332a0541ac43676985dea3",
"type": "github"
},
"original": {
@@ -921,11 +923,11 @@
"rust-overlay": "rust-overlay_2"
},
"locked": {
- "lastModified": 1741803511,
- "narHash": "sha256-DcCGBWvAvt+OWI+EcPRO+/IXZHkFgPxZUmxf2VLl8no=",
+ "lastModified": 1738084440,
+ "narHash": "sha256-sARyUquyuNapFbICL/PJEhcDgBzpxTcHUNw8R/xL1iA=",
"owner": "dj95",
"repo": "zjstatus",
- "rev": "df9c77718f7023de8406e593eda6b5b0bc09cddd",
+ "rev": "096dc72a909fd0fb34768a98354aad6207002671",
"type": "github"
},
"original": {
diff --git a/flake.nix b/flake.nix
index 217b7cc..f2007c6 100644
--- a/flake.nix
+++ b/flake.nix
@@ -86,9 +86,7 @@
inputs.nixpkgs.follows = "nixpkgs";
};
darwin = {
- # TODO: Move back once https://github.com/LnL7/nix-darwin/issues/1392 is resolved
- # url = "github:lnl7/nix-darwin";
- url = "github:lnl7/nix-darwin?ref=refs/pull/1335/merge";
+ url = "github:lnl7/nix-darwin";
inputs.nixpkgs.follows = "nixpkgs";
};
agenix = {
@@ -149,6 +147,7 @@
helix = {
url = "github:helix-editor/helix";
inputs.nixpkgs.follows = "nixpkgs";
+ inputs.crane.follows = "crane";
};
zjstatus = {
url = "github:dj95/zjstatus";
diff --git a/hosts/default.nix b/hosts/default.nix
index 03d464d..a245e1c 100644
--- a/hosts/default.nix
+++ b/hosts/default.nix
@@ -14,7 +14,6 @@
# ./installer
./ude
./kogata
- ./youko
];
builders =
diff --git a/hosts/youko/default.nix b/hosts/youko/default.nix
deleted file mode 100644
index 3a2fe49..0000000
--- a/hosts/youko/default.nix
+++ /dev/null
@@ -1,48 +0,0 @@
-{
- configurations.nixos.youko =
- {
- config,
- lib,
- username,
- ...
- }:
- {
- imports = [
- ./disks.nix
- ./hardware.nix
- ./sway.nix
- ./msmtp.nix
- ./nas.nix
- ];
-
- nixpkgs.hostPlatform = "x86_64-linux";
-
- boot = {
- loader.systemd-boot.enable = true;
- loader.efi.canTouchEfiVariables = true;
- };
-
- networking.networkmanager.enable = true;
-
- age.secrets.niko-pass.file = ../../secrets/youko-niko-pass.age;
- users.users.${username}.hashedPasswordFile = config.age.secrets.niko-pass.path;
-
- settei.user.config = {
- settei.desktop.enable = true;
- };
-
- services.udisks2.enable = true;
- settei.incus.enable = true;
- virtualisation.podman.enable = true;
- hardware.keyboard.qmk.enable = true;
-
- settei.unfree.allowedPackages = [ "vmware-workstation" ];
- virtualisation.vmware.host.enable = true;
- environment.etc."vmware/config" = lib.mkForce {
- source = "${config.virtualisation.vmware.host.package}/etc/vmware/config";
- text = null;
- };
-
- networking.hostId = "b49ee8de";
- };
-}
diff --git a/hosts/youko/disks.nix b/hosts/youko/disks.nix
deleted file mode 100644
index 3156235..0000000
--- a/hosts/youko/disks.nix
+++ /dev/null
@@ -1,58 +0,0 @@
-{
- disko.devices.disk.main = {
- type = "disk";
- device = "/dev/nvme0n1";
- content = {
- type = "gpt";
- partitions = {
- esp = {
- size = "512M";
- type = "EF00";
- content = {
- type = "filesystem";
- format = "vfat";
- mountpoint = "/boot";
- mountOptions = [ "umask=0077" ];
- };
- };
- luks = {
- size = "100%";
- content = {
- type = "luks";
- name = "crypted";
- settings.allowDiscards = true;
- content = {
- type = "btrfs";
- extraArgs = [ "-f" ];
- subvolumes =
- let
- mountOptions = [
- "noatime"
- "compress=zstd"
- ];
- in
- {
- "/root" = {
- inherit mountOptions;
- mountpoint = "/";
- };
- "/home" = {
- inherit mountOptions;
- mountpoint = "/home";
- };
- "/nix" = {
- inherit mountOptions;
- mountpoint = "/nix";
- };
- "/swap" = {
- mountpoint = "/.swapvol";
- swap.swapfile.size = "16G";
- };
- };
- };
- };
- };
- };
- };
- };
-}
diff --git a/hosts/youko/hardware.nix b/hosts/youko/hardware.nix
deleted file mode 100644
index 0f1386d..0000000
--- a/hosts/youko/hardware.nix
+++ /dev/null
@@ -1,25 +0,0 @@
-{ config, ... }:
-{
- boot = {
- extraModulePackages = with config.boot.kernelPackages; [ it87 ];
- initrd.availableKernelModules = [
- "nvme"
- "xhci_pci"
- "ahci"
- "usb_storage"
- "usbhid"
- "sd_mod"
- ];
- kernelModules = [
- "kvm-amd"
- "i2c-dev"
- "it87"
- ];
- extraModprobeConfig = ''
- options it87 ignore_resource_conflict=1
- '';
- };
-
- services.smartd.enable = true;
- hardware.cpu.amd.updateMicrocode = true;
-}
diff --git a/hosts/youko/msmtp.nix b/hosts/youko/msmtp.nix
deleted file mode 100644
index dc51c15..0000000
--- a/hosts/youko/msmtp.nix
+++ /dev/null
@@ -1,36 +0,0 @@
-# TODO: Potentially make this a common module?
-{
- pkgs,
- config,
- username,
- ...
-}:
-let
- mail = "alert@nrab.lol";
- aliases = pkgs.writeText "mail-aliases" ''
- ${username}: nikodem@rabulinski.com
- root: ${mail}
- '';
-in
-{
- age.secrets.alert-plaintext.file = ../../secrets/alert-plain-pass.age;
-
- programs.msmtp = {
- enable = true;
- setSendmail = true;
- defaults = {
- inherit aliases;
- tls = "on";
- auth = "login";
- tls_starttls = "off";
- };
- accounts = {
- default = {
- host = "mail.nrab.lol";
- passwordeval = "cat ${config.age.secrets.alert-plaintext.path}";
- user = mail;
- from = mail;
- };
- };
- };
-}
diff --git a/hosts/youko/nas.nix b/hosts/youko/nas.nix
deleted file mode 100644
index 2e83912..0000000
--- a/hosts/youko/nas.nix
+++ /dev/null
@@ -1,122 +0,0 @@
-{
- username,
- lib,
- pkgs,
- ...
-}:
-{
- boot = {
- supportedFilesystems = [ "zfs" ];
- zfs.extraPools = [ "yottapool" ];
- };
-
- services.zfs = {
- autoScrub.enable = true;
- zed.settings = {
- ZED_DEBUG_LOG = "/tmp/zed.debug.log";
- ZED_EMAIL_ADDR = [ username ];
- ZED_EMAIL_PROG = lib.getExe pkgs.msmtp;
- ZED_EMAIL_OPTS = "@ADDRESS@";
-
- ZED_NOTIFY_INTERVAL_SECS = 3600;
- ZED_NOTIFY_VERBOSE = true;
-
- ZED_USE_ENCLOSURE_LEDS = true;
- ZED_SCRUB_AFTER_RESILVER = true;
- };
- };
-
- services.samba-wsdd = {
- enable = true;
- openFirewall = true;
- };
-
- # TODO: Clean up. Potentially make it a separate module
- services.avahi = {
- publish.enable = true;
- publish.userServices = true;
- nssmdns4 = true;
- enable = true;
- openFirewall = true;
- extraServiceFiles = {
- timemachine = ''
-
-
-
- %h
-
- _smb._tcp
- 445
-
-
- _device-info._tcp
- 0
- model=TimeCapsule8,119
-
-
- _adisk._tcp
- dk0=adVN=tm_share,adVF=0x82
- sys=waMa=0,adVF=0x100
-
-
- '';
- };
- };
-
- services.samba = {
- enable = true;
- openFirewall = true;
- settings = {
- global = {
- "workgroup" = "WORKGROUP";
- "hosts allow" = "0.0.0.0/0";
- "guest account" = "nobody";
- "map to guest" = "bad user";
- "getwd cache" = "true";
- "strict sync" = "no";
- "use sendfile" = "true";
- };
- "tm_share" = {
- "path" = "/media/data/tm_share";
- "valid users" = "niko";
- "public" = "no";
- "writeable" = "yes";
- "force user" = "niko";
- "fruit:aapl" = "yes";
- "fruit:time machine" = "yes";
- "vfs objects" = "catia fruit streams_xattr";
- };
- };
- };
-
- services.jellyfin = {
- enable = true;
- openFirewall = true;
- };
- services.radarr.enable = true;
- # TODO: Remove once https://github.com/Sonarr/Sonarr/pull/7443 is merged
- nixpkgs.config.permittedInsecurePackages = [
- "dotnet-sdk-6.0.428"
- "aspnetcore-runtime-6.0.36"
- ];
- services.sonarr.enable = true;
- services.prowlarr.enable = true;
- services.jellyseerr.enable = true;
- services.deluge = {
- enable = true;
- web.enable = true;
- config.download_location = "/media/deluge";
- };
-
- users = {
- users = {
- jellyfin.extraGroups = [
- "radarr"
- "sonarr"
- ];
- radarr.extraGroups = [ "deluge" ];
- sonarr.extraGroups = [ "deluge" ];
- ${username}.extraGroups = [ "deluge" ];
- };
- };
-}
diff --git a/hosts/youko/sway.nix b/hosts/youko/sway.nix
deleted file mode 100644
index 9402602..0000000
--- a/hosts/youko/sway.nix
+++ /dev/null
@@ -1,137 +0,0 @@
-{
- config,
- lib,
- pkgs,
- ...
-}:
-{
- services.greetd = {
- enable = true;
- vt = 2;
- settings.default_session =
- let
- swayWrapper = pkgs.writeShellScript "sway-wrapper" ''
- export XCURSOR_THEME=volantes_cursors
- exec ${lib.getExe config.programs.sway.package}
- '';
- in
- {
- command = "${lib.getExe pkgs.greetd.tuigreet} --time --cmd ${swayWrapper}";
- user = "niko";
- };
- };
-
- programs.sway = {
- enable = true;
- wrapperFeatures.base = true;
- wrapperFeatures.gtk = true;
- };
-
- security.pam.services.swaylock = { };
- xdg.portal.config.common.default = "*";
-
- settei.user.config =
- { config, ... }:
- {
- home.pointerCursor = {
- name = "volantes_cursors";
- package = pkgs.volantes-cursors;
- };
-
- home.packages = with pkgs; [
- (writeShellApplication {
- name = "lock";
- text = ''
- swaymsg output '*' power off
- swaylock -c 000000
- swaymsg output '*' power on
- '';
- })
- (writeShellApplication {
- name = "screenshot";
- runtimeInputs = [
- slurp
- grim
- wl-clipboard
- ];
- text = ''
- grim -g "$(slurp)" - | \
- wl-copy -t image/png
- '';
- })
- # Bitwarden stuff, move to separate module or properly package?
- # Maybe use some other input method?
- (rofi-rbw.override { waylandSupport = true; })
- rbw
- pinentry-rofi
- ];
-
- wayland.windowManager.sway =
- let
- mod = config.wayland.windowManager.sway.config.modifier;
- in
- {
- enable = true;
- package = null;
- config.workspaceAutoBackAndForth = true;
- config.terminal = "wezterm";
- config.modifier = "Mod4";
- config.fonts.names = [ "IosevkaTerm Nerd Font" ];
- config.keybindings = lib.mkOptionDefault {
- "${mod}+b" = "exec rofi-rbw --selector rofi";
- "${mod}+d" = "exec rofi -show drun";
- "${mod}+Shift+s" = "exec screenshot";
- };
- config.keycodebindings = {
- "${mod}+Shift+60" = "exec lock";
- };
- config.window.commands =
- let
- alwaysFloating = [
- { window_role = "pop-up"; }
- { window_role = "bubble"; }
- { window_role = "dialog"; }
- { window_type = "dialog"; }
- { window_role = "task_dialog"; }
- { window_type = "menu"; }
- { app_id = "floating"; }
- { app_id = "floating_update"; }
- { class = "(?i)pinentry"; }
- { title = "Administrator privileges required"; }
- { title = "About Mozilla Firefox"; }
- { window_role = "About"; }
- {
- app_id = "firefox";
- title = "Library";
- }
- ];
- in
- map (criteria: {
- inherit criteria;
- command = "floating enable";
- }) alwaysFloating;
- config.input = {
- "type:pointer" = {
- accel_profile = "flat";
- pointer_accel = "0.2";
- };
- "type:keyboard" = {
- xkb_layout = "pl";
- };
- };
- config.seat."*" = {
- xcursor_theme = "volantes_cursors 24";
- };
- config.startup = [
- {
- command = "${lib.getExe' pkgs.glib "gsettings"} set org.gnome.desktop.interface cursor-theme 'volantes_cursors'";
- always = true;
- }
- ];
- };
- programs.rofi = {
- enable = true;
- package = pkgs.rofi-wayland;
- };
- };
-}
diff --git a/modules/home/desktop/zellij.nix b/modules/home/desktop/zellij.nix
index 3a4a025..b5c34d0 100644
--- a/modules/home/desktop/zellij.nix
+++ b/modules/home/desktop/zellij.nix
@@ -3,12 +3,7 @@
# TODO: Move zellij to a wrapper
programs.zellij = {
enable = true;
- enableBashIntegration = false;
- enableFishIntegration = false;
- enableZshIntegration = false;
settings = {
- default_layout = "compacter";
- show_startup_tips = false;
keybinds = {
shared_except = {
_args = [ "locked" ];
diff --git a/modules/home/unfree.nix b/modules/home/unfree.nix
index b551f32..cd2060c 100644
--- a/modules/home/unfree.nix
+++ b/modules/home/unfree.nix
@@ -1,5 +1,5 @@
# Copy of modules/system/unfree.nix
-args@{ config, lib, ... }:
+{ config, lib, ... }:
{
_file = ./unfree.nix;
@@ -11,7 +11,7 @@ args@{ config, lib, ... }:
};
};
- config = lib.mkIf (!args ? osConfig) {
+ config = {
nixpkgs.config.allowUnfreePredicate = lib.mkForce (
pkg: builtins.elem (lib.getName pkg) config.settei.unfree.allowedPackages
);
diff --git a/modules/system/incus.nix b/modules/system/incus.nix
index b46ab37..4313573 100644
--- a/modules/system/incus.nix
+++ b/modules/system/incus.nix
@@ -49,23 +49,6 @@ let
};
}
];
- profiles = [
- {
- devices = {
- eth0 = {
- name = "eth0";
- network = "incusbr0";
- type = "nic";
- };
- root = {
- path = "/";
- pool = "default";
- type = "disk";
- };
- };
- name = "default";
- }
- ];
};
};
networking = {
diff --git a/modules/system/sane-defaults.nix b/modules/system/sane-defaults.nix
index ae4a097..fcd1cde 100644
--- a/modules/system/sane-defaults.nix
+++ b/modules/system/sane-defaults.nix
@@ -52,6 +52,7 @@ let
experimental-features = [
"nix-command"
"flakes"
+ "repl-flake"
"auto-allocate-uids"
];
trusted-users = lib.optionals (!adminNeedsPassword) [ username ];
@@ -91,10 +92,7 @@ let
isNormalUser = true;
home = "/home/${username}";
group = username;
- extraGroups = lib.mkMerge [
- [ "wheel" ]
- (lib.mkIf config.networking.networkmanager.enable [ "networkmanager" ])
- ];
+ extraGroups = [ "wheel" ];
};
groups.${username} = { };
};
@@ -116,8 +114,9 @@ let
darwinConfig = lib.optionalAttrs (!isLinux) {
system.stateVersion = 4;
+ services.nix-daemon.enable = true;
- security.pam.services.sudo_local.touchIdAuth = true;
+ security.pam.enableSudoTouchIdAuth = true;
users.users.${username}.home = "/Users/${username}";
# Every macOS ARM machine can emulate x86.
diff --git a/secrets/alert-nrab-lol-pass.age b/secrets/alert-nrab-lol-pass.age
index 85d17ab..4e34281 100644
Binary files a/secrets/alert-nrab-lol-pass.age and b/secrets/alert-nrab-lol-pass.age differ
diff --git a/secrets/alert-plain-pass.age b/secrets/alert-plain-pass.age
index 032dbb2..0204c32 100644
Binary files a/secrets/alert-plain-pass.age and b/secrets/alert-plain-pass.age differ
diff --git a/secrets/attic-creds.age b/secrets/attic-creds.age
index 6d72b95..557c86a 100644
Binary files a/secrets/attic-creds.age and b/secrets/attic-creds.age differ
diff --git a/secrets/forgejo-token.age b/secrets/forgejo-token.age
deleted file mode 100644
index 13f30a6..0000000
--- a/secrets/forgejo-token.age
+++ /dev/null
@@ -1,9 +0,0 @@
-age-encryption.org/v1
--> ssh-ed25519 rA7dkQ tnp92QTb/uXAEizZuUrnaGcJCCkCSjIcE4RiQiYVdw8
-HXsRlqJSrDYaAeYslcR+g5KIQC1SUxFp+QdSHpKT61s
--> ssh-ed25519 IFuY+w LI7kx/XwfF0JU8tSmW75nxpeLTUkEfY8NunAZljafCc
-f+WEjASZzP9ISv+7kPIMVNgEjdHUxVnLzUkqFHo4byY
--> ssh-ed25519 GKhvwg EZDwzHfhaY0iHHeIDvm6BIY64kPPUgKjZnNuuwwqoAw
-FvZEeIqnsFA1fQka4R7sax1O13UZWoVbksSMLP3eEaA
---- XBBcs7w5J7w01fKGoAXVTgOffS9ajheUMz3vDsxHgTo
-�gؤRnlgÒ�A*%Yr
�9�}=L~f7Zg��x
>��R�}hQz`r�Z�
\ No newline at end of file
diff --git a/secrets/github-token.age b/secrets/github-token.age
index 03ad19e..25e333e 100644
--- a/secrets/github-token.age
+++ b/secrets/github-token.age
@@ -1,13 +1,13 @@
age-encryption.org/v1
--> ssh-ed25519 IFuY+w hrfVBxFIiDTvbm7OMYbme2+97WI3nqxYbjBNRXRS9H4
-SaKftmSA+8LitXnkqaw67xw378sNeGs/ENxmMsOVdvQ
--> ssh-ed25519 84j9mw opGXl7a35TsSj2/ADgdbS5bp6/EDTsUDkS/IjIgjUBA
-Cw5O6wt9vzqCgbWxxCrzmXJQH+/Ae1wwyHCcHLfpEck
--> ssh-ed25519 ioPMHA 5fAg0NsD/KlXSAJg1UQYsJEzZMy/wCHfwmv19cbWRyQ
-OhDaO75k9xEdCE0GdyJ6iK6B11ie/l4yCfVKp6py31I
--> ssh-ed25519 5A7peQ pqvZetDuRh5pesWPZ9725h7i+XuvSNMn7810ukhNjyM
-96JlWRIyIZ07siNa1kk0HtHhiB4NQbSKQ4KXsDJGGdE
--> ssh-ed25519 GKhvwg Ba5tOdWUlE9qs1tPb7t+0ZtHN82a6RmMHP1tzGe/VSg
-wLWBaFUkWkB5lMEKX0ISEQTGx/RDTF1vbvuGo9w8Qm4
---- yVc69z1O1UOM+93dnjV0wkeqb4StW4HcBYi00z+0dIQ
-"�49�bW5v WjsUڲoO��#S%\qn[hAjEhޢtjC
\ No newline at end of file
+-> ssh-ed25519 IFuY+w nyBEszEusqQE6jM7y9G4KCyzNHawdyy+hTfm9LsuRCY
+1bbg4kmmv9m2Gwp+3x8zvqFOkmTKt898/sGCUK9rpGE
+-> ssh-ed25519 84j9mw 5s2PNoIOMWf2gBwzmRHmssMOuvu2kv43316E20McKh8
+FyA+VjPgPynvMQfxm3d2+SOEpsJFIKJE8pbXeIkOfGI
+-> ssh-ed25519 ioPMHA 4N9PsYYaeqJDbxpQpyCgvR/JWwLPDCAi65YB6M0uT0U
+mFCqo1htPi2WRKiJz/t8Y7TMD/p7X81HsHGG0KIsROQ
+-> ssh-ed25519 5A7peQ ZjRTqjDou2xS638dR8AWKCv5uKTSmOSJ/4rkfFckhjY
+yUJABvMDLN0C15XBmnZJZ88khXAXLUP+aEqH5DlJcKY
+-> ssh-ed25519 GKhvwg w1OKhVPY89J/pbrrXIHVifV++5e1tLqlSL9yM/2rqX0
+VF0cvmdtCZAlPgIqcNZYp7ANPhvDqlFE7h018lCbWyg
+--- YWa0wXlaYVF+g06+w/u/h+NURlfMY8lauf5ZtrrhrF4
+3��ͅ�P׆?4)�mf.�²�`aFCj"Jwd鱇Bƌ+{dK
\ No newline at end of file
diff --git a/secrets/hercules-cache.age b/secrets/hercules-cache.age
index 783c7f3..615b2c2 100644
Binary files a/secrets/hercules-cache.age and b/secrets/hercules-cache.age differ
diff --git a/secrets/hercules-secrets.age b/secrets/hercules-secrets.age
index 8b55761..f63b958 100644
--- a/secrets/hercules-secrets.age
+++ b/secrets/hercules-secrets.age
@@ -1,16 +1,13 @@
age-encryption.org/v1
--> ssh-ed25519 84j9mw qVTbaORT1Ouwq1uA0cWQ3Q85tLYcq6xuZ9UhcMOTTSk
-PE0VZp1P9K4IAnm/BIDusGsp4dtLvaN0/m9q9gNnfx4
--> ssh-ed25519 ioPMHA +m127XNN1vH6Tg6XGuHDbND0giQgGsMLE7YUKagZbXk
-tKyYRNLt1UgnQR//64yAunpHjE7JyB/Mkdmc4gkMTWw
--> ssh-ed25519 IFuY+w x4WynTbStig1Ay9gyaplDcNlLQT0kMOFOJwVvcco1i0
-i8M7n2tfBJoFNmQHs5jEaZdfKc1UmjL5y6oBCos1mDk
--> ssh-ed25519 5A7peQ +XJDHQntGS+FcrFgy9X/9RDOrBMNCI8rHsicV4Z5sBo
-i6xfceBN4DE9EYF8Q4PaJjX7qbELJaJ5dxMGoAIE8xU
--> ssh-ed25519 GKhvwg fzJcotOtNhVeNwOdMQIwPT9GmgbE13HYmCkwbFlCCkQ
-mNtYtoX8IUDgHKAQRA5e7HLZgYVI9wCF8QMm530eFEo
---- EIWU+anFU1NSYiu3O+xncDnVvJVrwHzwaAX1YhsaOj4
-%DJ#��0A�D
-q�z�,3sH����V�b��Tުˇ8[ �?VgNVd
-ĝȗL=̵g%ι[md�6oqE4ŏ�F3�@P\(MDM;%^ܫ�px��p�):O9,iBT
-s�ǚ-�JWE\0£y>0;y�L{t.g%W,X} JJdg3\�#�)�0h=lhBB�Xb$^
�BM[~�u? hl��c;zk
\ No newline at end of file
+-> ssh-ed25519 84j9mw P7StDsdpmJLp0ni5ZwdhVy2lx5TSfVlIqFAF9y4Zn34
+UksAEE1WWb2xWgHM8h4lhTW2pwqF8ydgGtFnqcp1KUo
+-> ssh-ed25519 ioPMHA roPhy0I+dRtPuWsnFSxl2m7Uh7GgXkupwHSgL+LHrzs
+8rUE3mr9dukcAeR1213wjSm6Bme9ExpGX6TjEhHRYnc
+-> ssh-ed25519 IFuY+w crwMCw/ElBMNFhUMHLAg+ZxpsutBwV7hhG79bXEmCDE
+7rnOVAVI/HgGbaswauWxCqB7Tkzx3hCxB2RZOi4aIpQ
+-> ssh-ed25519 5A7peQ bcqPb+IVrI8BKlcpIrZ/qnbnG3p/mLsk/iSCVYlvwmY
+2q9KmMmyeYey9txiYrmxM5T86qXw7arKZSAbxszgxVo
+-> ssh-ed25519 GKhvwg H9Pka72t6kmmxGcoAaRtyn8m9xlP9DJSeBrE6jVtRh4
+w/lcxBFd5w9mMn/sarr+7yCY+IGJzMJUgvi+KrQA4s4
+--- wO1f52ZjrCtOdgOrnkKWPao5ZS2BhmWFQmvLGliosyM
+S]luG �c�U LHb/(f� $&XmݒFPt�.n,)t8 �9g~3.h`0i|Zi�9S�߫��ޔ~vf,~\;�IۮF�V�O)uj:u[&��6�`OZ|y�V�ɥ_Pe��K.vꪹ^2�-�Ҁ<\^m!.y��s���
l
��K`fbDcdb�D��<_6zR?g̮`H ,5�h$\Xl
\ No newline at end of file
diff --git a/secrets/hercules-token.age b/secrets/hercules-token.age
index 54dd108..66500a1 100644
Binary files a/secrets/hercules-token.age and b/secrets/hercules-token.age differ
diff --git a/secrets/leet-nrab-lol-pass.age b/secrets/leet-nrab-lol-pass.age
index fbf07ad..28c300e 100644
--- a/secrets/leet-nrab-lol-pass.age
+++ b/secrets/leet-nrab-lol-pass.age
@@ -1,7 +1,8 @@
age-encryption.org/v1
--> ssh-ed25519 84j9mw qRlII1WyhanH2pNwSnl01iMlPWQ7tsyiNNOHPLNMflo
-ZMtYsPCDsgcbN1qoAYWTBQtfBWGHzi4WKbGtpJSzKRA
--> ssh-ed25519 GKhvwg Fck+71BDUxko70r43pDKCYaa5OKZipR4iNveNrJaiC0
-uZZhlsckmE+mi7Oq8+gtisDFmLEoy0Pm/9BKgRi9VHo
---- i/jgJHw3pEnMDGSjdK47mOkt87oI8szIHiIqimXVyXY
-ߵSAѶ��Bzwg@"PY^+E['����,K[X~Xg{��2c4
\ No newline at end of file
+-> ssh-ed25519 84j9mw ZuGILSHnMIMy/GDEjkAriTBKBykkytcIVo63DPd4MhA
+aa/sGLpf+GrLzo8Jf3JWAPI0Uk96SH/CvGhynNJVx6E
+-> ssh-ed25519 GKhvwg STHVqp1zYhQzu73INk2Cmkuf8X8kJPLtGSY8LJze/Tc
+Ny1C5CAnqSCcunIbM8if8oQ2VlerIIW5Dqds/Ztektw
+--- gaHP+odPfw8A4f5NJkYOuvvYRWwo5EzRZVkXp6E7dfI
+N�fO=�+T3T 0w ssh-ed25519 g2vRWw Pdv9mU1heeteeLbLFVUAIyZxmCWHNmhnw0TphSVMczg
-xks6yrF0BziJFp1QHSJdv5Svo1bCu9DF6s3wa2h0Xmg
--> ssh-ed25519 GKhvwg H2DeS0HP/vWKRrBszwCffNgIZo8nVymGSkWEH26Y/2k
-2y9DCIwpFsFXpgOwOrrD9+HpRzEuno1fW2upd2FLbZc
---- LNHsLxE4XBziNhnXmARcxB7UWhcKNvon1sDdX6mfZaw
--�1dm
-���fR,[#[-;M}vi4x�~=)o��N^n"X���B}W583惍f�v:��uZ�ɶ
\ No newline at end of file
+-> ssh-ed25519 g2vRWw //TMaNWwTNS5wE3Hg/SEwqriIaOiOUE5remdVF449Vk
+8K3isM05ep9HJ58TlNE9bmiIuqJPoq3lI/3AbUrLw8Q
+-> ssh-ed25519 GKhvwg GANoFnELye0945KaMuS7xw6CGPhI5vigD+vScnpbQxI
+CSx0E7fOB8A5MSc1ySywNFj5mkkdi6DDUc+ObaW/kew
+--- +BiFZI/o5loCYZ95bkY4zQYr2y6SYc2bmnRuAMg2MPM
+"D1Mh��`dclU;�]Puռ /?�5\\D�1l6ø�zNS
+N;<+^Bpm՚���y���
��sZ;�Vj
\ No newline at end of file
diff --git a/secrets/nrab-lol-cf.age b/secrets/nrab-lol-cf.age
index d3b9015..d1672d7 100644
Binary files a/secrets/nrab-lol-cf.age and b/secrets/nrab-lol-cf.age differ
diff --git a/secrets/ntfy-alert-pass.age b/secrets/ntfy-alert-pass.age
index 27558ca..7819217 100644
Binary files a/secrets/ntfy-alert-pass.age and b/secrets/ntfy-alert-pass.age differ
diff --git a/secrets/ntfy-niko-pass.age b/secrets/ntfy-niko-pass.age
index 276c72f..cca1985 100644
--- a/secrets/ntfy-niko-pass.age
+++ b/secrets/ntfy-niko-pass.age
@@ -1,7 +1,7 @@
age-encryption.org/v1
--> ssh-ed25519 84j9mw VodL+EHOjoXj8R/F0vMQzEcnnCFzzes0QByGCDCgVQw
-tZLaDA1FLFwbK0AGo8lpTJjMUnPhJh1czYVLIYjkcEc
--> ssh-ed25519 GKhvwg gHaR4I4l0I+/XrbjTMp/mevEzxPJXNLB1eHs33WKwGw
-GTAzrhyyDylZgExteDGpGbcS/TFX1q+NhF1FWHzNV0s
---- QS1dAgdS96KwIprDjzz6OD4qSIZs4/m9JEIsi3+kgPk
-�zPCSx�f �-��i�c7_2��~�jA
\ No newline at end of file
+-> ssh-ed25519 84j9mw tR4gg/XeVdS8xCIuHxN25uaRKu6a09DSW26SI3AWDlM
+uC2gJ9UWDE6uVXkUDlaVZlWAH5iLDgagkN+54msvyoY
+-> ssh-ed25519 GKhvwg q27QskTYhI5gjIKKpNHn5V2FRmhIg8QFJ8m0TPZiwSY
+/0RIbiG/nwxKDJ613BLoCNvjej6f65mr1xwCN7/aueI
+--- XU82wFZVE+zTZ/mGhnoxqWrdUOv3n6VOwQizZSHPLfw
+"�1KĽ.� �J'!nlO]>�Y
E�X
\ No newline at end of file
diff --git a/secrets/rab-lol-cf.age b/secrets/rab-lol-cf.age
index 4b5734a..00a6556 100644
--- a/secrets/rab-lol-cf.age
+++ b/secrets/rab-lol-cf.age
@@ -1,9 +1,10 @@
age-encryption.org/v1
--> ssh-ed25519 ioPMHA ftS+6CMGsySkp/KbDBLPKeWNDK83bZ2VB8ZKMRijkkY
-U+2wopG3G2AvI4KUD9tZGIrHZSM3UdyDdYmbbkllWPo
--> ssh-ed25519 84j9mw xek41MX1ETVgRZa24I7n5U/XkJOqItQWK3Qz1FfkDCc
-40CWzCUmxsjgmiObbqKuSieifZ2vNo965jOeTrZ8hT8
--> ssh-ed25519 GKhvwg X2YSREIPjoaWaku9qrVu04hOlZjUF3LFEUZaIMgg02s
-jbjT6qoIFGXRv2wrkzf2GHx3tcku/tgWfK6Sns3uFVc
---- B/FIIz8dDg9YXbtDxfAQFZj9PCLHwI/mboBJQBuFmJg
-4�L�7H3F
�̈́"fU(�L~%sbԀ~Z}Z>2KO�'Q�\W[�όe1�^I���
\ No newline at end of file
+-> ssh-ed25519 ioPMHA efHpBvtB+mXXa7RoRdqePHGOmsY5BXVOgGsfOhPm30w
+2GvumVVuuLGEarpdauTCrB61aLtVtrkM3/pPlWIODnk
+-> ssh-ed25519 84j9mw rqj6xvESlvrfcjhVEWCbpd//vvdKjrTjt3ZDPeLHowQ
+dcUD131zvVQGiUYQWt9A51CnIpLGNSGinSZk7HSGHoc
+-> ssh-ed25519 GKhvwg cIji8zRSGWEbC/xxS8C4jyDCpQsFv05j2Yo8UjaHSAk
++c/tIYPigZdPQWKvGYaoA6AYRAB83XlEEdfucihB984
+--- TEQTQ/lm/JqyyWU2sC10qHl4AL/2IP9yCUfhXG4LdP4
+�ȮS�F-dcD�\?h Qg@��W
+xA|M*rt0ű�~ѰXa{y/WUѸ�Y렬�{װ}TA�xD
\ No newline at end of file
diff --git a/secrets/rabulinski-com-cf.age b/secrets/rabulinski-com-cf.age
index 6e80a30..2a15532 100644
--- a/secrets/rabulinski-com-cf.age
+++ b/secrets/rabulinski-com-cf.age
@@ -1,7 +1,7 @@
age-encryption.org/v1
--> ssh-ed25519 84j9mw d9KZV9S1hRXBvVcFe40S0NqWKlQ/AdRgAqdYXKicXR8
-SgTn9MXrft+sRr4I96fqQHzAdm0b21Bd0eSoYFfq7/4
--> ssh-ed25519 GKhvwg B9qTfegTwDH/X0nQMGvTKCsK2GyzJ7yWgFIo+nKhsGc
-Is4Hi8B2/9s0pz/quvNER2hTkabPbr7qeILL4PhQO1c
---- 1BhfbNEwYq0ra5slik651qbC8jffR2FmnDHV3FDtom0
--�oSԐ-?�{r�]5;+0
G�oE9tHX�jqj2@�3�@� mmkyQ;_�W϶Q~
\ No newline at end of file
+-> ssh-ed25519 84j9mw LuZiZnebklpoXQ6RPZSrELwY4CzwY+Qb/LrlVPFiSC4
+QVi6XyetJxwvOB+v+CyKEdcq96ykcK3wfWh3i75Dq1o
+-> ssh-ed25519 GKhvwg V3iEXNodDDKKKrHSfNYVKTphsMQfgl3Z/LUwTyArx3A
+FQJLg7uHWzc6/U+/QOCYwrkwvvw8rQNG+h+PJ1rRKXA
+--- FVExbzlz8e7moZFIkpMR+sj4Kurv+Ge6yMW/uJLr5H4
+ѠI-iO�Jbzk1"KxI{Bƚd#71ܮm-�0D��f\y}���=ڸ
4�ݣ
\ No newline at end of file
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index 552e4e3..551c4cd 100644
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -33,8 +33,9 @@ in
keys.other.bootstrap
];
"alert-plain-pass.age".publicKeys = [
+ keys.system.legion
keys.other.bootstrap
- ] ++ builtins.attrValues keys.system;
+ ];
"legion-niko-pass.age".publicKeys = [
keys.system.legion
keys.other.bootstrap
@@ -88,15 +89,6 @@ in
keys.system.ude
keys.other.bootstrap
];
- "youko-niko-pass.age".publicKeys = [
- keys.system.youko
- keys.other.bootstrap
- ];
- "forgejo-token.age".publicKeys = [
- keys.system.youko
- keys.system.ude
- keys.other.bootstrap
- ];
"kanidm-admin-pass.age".publicKeys = [
keys.system.kazuki
keys.other.bootstrap
diff --git a/secrets/storage-box-creds.age b/secrets/storage-box-creds.age
index 8b0a272..02e128e 100644
--- a/secrets/storage-box-creds.age
+++ b/secrets/storage-box-creds.age
@@ -1,7 +1,9 @@
age-encryption.org/v1
--> ssh-ed25519 84j9mw auP2WgwsaWjyocQkSzoYShO2kSLjn2UArvAVEhKgDiY
-4Uh423ZjS7/Xo6TxLJzWqXgHZAu0xouH0UvFZuJuEz4
--> ssh-ed25519 GKhvwg JHtyTS12OXspSKP9r/a61cfp+ubYbsAXFmEijMTex3Q
-wZYrJ8yIZ3v5cdBzpiI9ocaTpHbtmebEpbr59Bz3rhc
---- koWJ57H+ErMJDxW6JDNL2ImmZb6o9v2BJtaFi2OL+dc
-I��o5q&CU*�[T.HɊʺ��kkpOY�s,g49ʼn$^l-A/�QX�
\ No newline at end of file
+-> ssh-ed25519 84j9mw voingQjX/CjAjo63KLaRPFaG74IpxcRb0qv+r2b5wzo
+ccWzQQSJW7cc8RiS9PzN2U5Xj0+Z7804tPsaGrq09KA
+-> ssh-ed25519 GKhvwg 2z8J0YRxQ4WP1G/W7DxRK7z1b6UBjodvN8ECP4fLg1U
+wRG4U9oAJ2KtPUHg5l0yDmmHatmwXOrn2nJlOQJMlpE
+--- qs7kR5AIkwQ8NtDjYnmKZmCl4+1G6MFBNB3Mu3J9Y1M
+
+8[WѕS��]&Zaؼu��EB��!pϴ��4pYݱ"
+QYqSƬ`
\ No newline at end of file
diff --git a/secrets/storage-box-webdav.age b/secrets/storage-box-webdav.age
index 93a739a..8a7f3b8 100644
Binary files a/secrets/storage-box-webdav.age and b/secrets/storage-box-webdav.age differ
diff --git a/secrets/ude-deluge.age b/secrets/ude-deluge.age
index f9cdd04..f0269c2 100644
--- a/secrets/ude-deluge.age
+++ b/secrets/ude-deluge.age
@@ -1,7 +1,7 @@
age-encryption.org/v1
--> ssh-ed25519 IFuY+w EOJQpXxn+NL/BJjpdo8mIGfOYxcMElkVIiGx7KftrQ4
-OcglvGhSgb1mxH8M19ZMf3m6lSF0clzH7Mjikf7cilM
--> ssh-ed25519 GKhvwg cr+0J59wCjYBONBcDulN8lpvZiCvULHqnwDu+eKQRAo
-9q87PSfr4kq8lCDrw5Od3D1xJjSSmVv2/TXBWEBtBpU
---- FmVR9tb8wjYFb/FBTrblXMCUAMw5KQ7sX8WojcxCrbk
-C<\}J�f|6�G@WXc-"ϐ�A�GZ'x�_�Ԡz�,@n"�3[?
Lb@e
\ No newline at end of file
+-> ssh-ed25519 IFuY+w +zbPYKlvvfaIQl+PnnZlEai/TAgzsQ7s/1bLXNXnXEw
+BTQQRxlaRFbWnV6e+QBPDfN+lyg9URj+2h85tDKZ19k
+-> ssh-ed25519 GKhvwg DzWYIGY0CNdA5wp7PkV1gpWmtYG28or8XeNZ7DkLz1c
+ELQVeuyaIOWVH6+oMDDlI3CikDLe5jijwVPbaRBL2NQ
+--- vCU0PryisDG8cOKr6CmPcUwjIdThsRjrty/fowZNwOk
+h�+Ѯ>�HV�`w|e/]k�yS�~dm�&9Y))�T
n��S8@ۿzsS�g'
\ No newline at end of file
diff --git a/secrets/youko-niko-pass.age b/secrets/youko-niko-pass.age
deleted file mode 100644
index 4c85947..0000000
--- a/secrets/youko-niko-pass.age
+++ /dev/null
@@ -1,7 +0,0 @@
-age-encryption.org/v1
--> ssh-ed25519 rA7dkQ etmPKjKz102knTx/qQAihC9bFvRENB0Q1DtnaQyjfm4
-GPt9OCIwT+/Q/UUDtkHB8d7T6znHy1y1NEUeI+SCeMg
--> ssh-ed25519 GKhvwg qdCxGyXrdD+WQa/il8fIlV7OKdREqd40Qk0PKITHxlk
-OBJ9gg+KBHi2s1HYLazy3K+yh8tvnUvmuH+riWU7K8c
---- V3FRy0/TcUdUaBDUK+93r5rH26Is/KVuNJC+1vFMsOI
-wO�.➌a�A�&ޝz [�oXĂu������,ajxGƜu/������eL̛/6S[SU
\ No newline at end of file
diff --git a/secrets/zitadel-master.age b/secrets/zitadel-master.age
index 6dbbbf4..68a374a 100644
Binary files a/secrets/zitadel-master.age and b/secrets/zitadel-master.age differ
diff --git a/services/default.nix b/services/default.nix
index 6da3b28..7ff2aaf 100644
--- a/services/default.nix
+++ b/services/default.nix
@@ -1,7 +1,6 @@
{
imports = [
./attic.nix
- ./forgejo-runner.nix
./kanidm.nix
./forgejo.nix
];
diff --git a/services/forgejo-runner.nix b/services/forgejo-runner.nix
deleted file mode 100644
index 693d1d1..0000000
--- a/services/forgejo-runner.nix
+++ /dev/null
@@ -1,49 +0,0 @@
-{
- services.forgejo-runner = {
- hosts = [
- "ude"
- "youko"
- ];
- config =
- {
- config,
- lib,
- pkgs,
- ...
- }:
- {
- age.secrets.forgejo-runner-token.file = ../secrets/forgejo-token.age;
-
- services.gitea-actions-runner = {
- package = pkgs.forgejo-actions-runner;
- instances.default = {
- enable = true;
- name = config.networking.hostName;
- url = "https://git.rab.lol";
- tokenFile = config.age.secrets.forgejo-runner-token.path;
- settings = {
- container.network = "bridge";
- };
- hostPackages = lib.mkOptionDefault [
- pkgs.nix
- ];
- labels = [
- "ubuntu-latest:docker://node:16-bullseye"
- "ubuntu-22.04:docker://node:16-bullseye"
- "ubuntu-20.04:docker://node:16-bullseye"
- "ubuntu-18.04:docker://node:16-buster"
- "native:host"
- "native-${pkgs.system}:host"
- ];
- };
- };
-
- virtualisation.podman = {
- enable = true;
- defaultNetwork.settings.dns_enabled = true;
- };
-
- networking.firewall.trustedInterfaces = [ "podman+" ];
- };
- };
-}