Move the public keys out of secrets
This commit is contained in:
parent
df1532ece0
commit
00ab80d1b8
|
@ -31,7 +31,7 @@
|
||||||
let
|
let
|
||||||
mkNixos = modules: nixpkgs.lib.nixosSystem {
|
mkNixos = modules: nixpkgs.lib.nixosSystem {
|
||||||
inherit modules;
|
inherit modules;
|
||||||
specialArgs = { inherit nixpkgs unstable hardware lanzaboote mailserver minecraft; };
|
specialArgs = { inherit nixpkgs unstable hardware lanzaboote agenix mailserver minecraft; };
|
||||||
};
|
};
|
||||||
|
|
||||||
mkHome = modules: pkgs: home-manager.lib.homeManagerConfiguration {
|
mkHome = modules: pkgs: home-manager.lib.homeManagerConfiguration {
|
||||||
|
@ -51,7 +51,6 @@
|
||||||
"jimbo@firefly" = mkHome [ ./hosts/firefly/home ] nixpkgs.legacyPackages.x86_64-linux;
|
"jimbo@firefly" = mkHome [ ./hosts/firefly/home ] nixpkgs.legacyPackages.x86_64-linux;
|
||||||
"jimbo@cyberspark" = mkHome [ ./hosts/cyberspark/home ] nixpkgs.legacyPackages.x86_64-linux;
|
"jimbo@cyberspark" = mkHome [ ./hosts/cyberspark/home ] nixpkgs.legacyPackages.x86_64-linux;
|
||||||
"jimbo@shuttleworth" = mkHome [ ./hosts/shuttleworth/home ] nixpkgs.legacyPackages.aarch64-linux;
|
"jimbo@shuttleworth" = mkHome [ ./hosts/shuttleworth/home ] nixpkgs.legacyPackages.aarch64-linux;
|
||||||
"jimbo@guest" = mkHome [ ./hosts/guest/home ] nixpkgs.legacyPackages.x86_64-linux;
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
1
hosts/cyberspark/id_ed25519.pub
Normal file
1
hosts/cyberspark/id_ed25519.pub
Normal file
|
@ -0,0 +1 @@
|
||||||
|
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIKC8Uqxb09V3msBgDv6lD/nETMYr/X0OgtpDo8ldcMK
|
|
@ -3,6 +3,7 @@
|
||||||
imports = [
|
imports = [
|
||||||
./hardware
|
./hardware
|
||||||
|
|
||||||
|
# Apps and programs
|
||||||
../../../modules/system
|
../../../modules/system
|
||||||
../../../modules/system/accounts
|
../../../modules/system/accounts
|
||||||
../../../modules/system/devices/filesystems
|
../../../modules/system/devices/filesystems
|
||||||
|
@ -15,9 +16,11 @@
|
||||||
../../../modules/system/services/common
|
../../../modules/system/services/common
|
||||||
../../../modules/system/services/server
|
../../../modules/system/services/server
|
||||||
|
|
||||||
|
# Misc
|
||||||
../../../overlays
|
../../../overlays
|
||||||
../../../variables
|
../../../variables
|
||||||
|
|
||||||
|
# Imports
|
||||||
mailserver.nixosModule
|
mailserver.nixosModule
|
||||||
];
|
];
|
||||||
|
|
||||||
|
|
|
@ -12,8 +12,10 @@
|
||||||
../../../modules/home/utils
|
../../../modules/home/utils
|
||||||
|
|
||||||
# Misc
|
# Misc
|
||||||
nur.nixosModules.nur
|
|
||||||
../../../overlays
|
../../../overlays
|
||||||
../../../variables
|
../../../variables
|
||||||
|
|
||||||
|
# Imports
|
||||||
|
nur.nixosModules.nur
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
1
hosts/firefly/id_ed25519.pub
Normal file
1
hosts/firefly/id_ed25519.pub
Normal file
|
@ -0,0 +1 @@
|
||||||
|
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC2lMkUd+BbXITE5LTg94hEzmA6UKsIIbaf5YOjGoLzl
|
|
@ -1,4 +1,4 @@
|
||||||
{ lanzaboote, ... }:
|
{ agenix, lanzaboote, ... }:
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
./hardware
|
./hardware
|
||||||
|
@ -13,11 +13,14 @@
|
||||||
../../../variables
|
../../../variables
|
||||||
|
|
||||||
# Devices and hardware
|
# Devices and hardware
|
||||||
lanzaboote.nixosModules.lanzaboote
|
|
||||||
../../../modules/system/devices
|
../../../modules/system/devices
|
||||||
../../../modules/system/devices/boot/lanzaboote
|
../../../modules/system/devices/boot/lanzaboote
|
||||||
../../../modules/system/devices/video/nvidia
|
../../../modules/system/devices/video/nvidia
|
||||||
../../../modules/system/devices/networking/firewall/pc
|
../../../modules/system/devices/networking/firewall/pc
|
||||||
|
|
||||||
|
# Imports
|
||||||
|
agenix.nixosModules.default
|
||||||
|
lanzaboote.nixosModules.lanzaboote
|
||||||
];
|
];
|
||||||
|
|
||||||
networking.hostName = "firefly";
|
networking.hostName = "firefly";
|
||||||
|
|
|
@ -24,7 +24,7 @@ in {
|
||||||
];
|
];
|
||||||
|
|
||||||
boot = {
|
boot = {
|
||||||
kernelPackages = pkgs.unstable.linuxPackages_latest;
|
kernelPackages = pkgs.unstable.linuxPackages_zen;
|
||||||
blacklistedKernelModules = [
|
blacklistedKernelModules = [
|
||||||
"pcspkr"
|
"pcspkr"
|
||||||
];
|
];
|
||||||
|
|
1
hosts/shuttleworth/id_ed25519.pub
Normal file
1
hosts/shuttleworth/id_ed25519.pub
Normal file
|
@ -0,0 +1 @@
|
||||||
|
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK+L723mCLy9/9UAXwkY3+06Oq22dOj+lDnA0lMLbrsR
|
|
@ -5,7 +5,13 @@
|
||||||
description = "Jimbo";
|
description = "Jimbo";
|
||||||
hashedPassword = config.secrets.jimboAccPass;
|
hashedPassword = config.secrets.jimboAccPass;
|
||||||
isNormalUser = true;
|
isNormalUser = true;
|
||||||
openssh.authorizedKeys.keys = config.secrets.jimKeys;
|
openssh.authorizedKeys.keys = [
|
||||||
|
(builtins.readFile ../../../../../hosts/firefly/id_ed25519.pub)
|
||||||
|
(builtins.readFile ../../../../../hosts/cyberspark/id_ed25519.pub)
|
||||||
|
(builtins.readFile ../../../../../hosts/shuttleworth/id_ed25519.pub)
|
||||||
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJahAoF74BY6GCTsFkt1ADKaraFgJJozW1Y1aBTLK0j9 pixel9"
|
||||||
|
];
|
||||||
|
|
||||||
extraGroups = [
|
extraGroups = [
|
||||||
"wheel"
|
"wheel"
|
||||||
"audio"
|
"audio"
|
||||||
|
|
|
@ -2,16 +2,8 @@
|
||||||
{
|
{
|
||||||
services = {
|
services = {
|
||||||
# Configure greetd for "auto" login (single user only)
|
# Configure greetd for "auto" login (single user only)
|
||||||
greetd = {
|
greetd = let
|
||||||
enable = true;
|
startSway = pkgs.writeScript "startsway" ''
|
||||||
restart = true;
|
|
||||||
settings = {
|
|
||||||
terminal = {
|
|
||||||
vt = 2;
|
|
||||||
switch = true;
|
|
||||||
};
|
|
||||||
default_session = {
|
|
||||||
command = ''
|
|
||||||
if lspci -k | grep "Kernel driver in use: nvidia" &> /dev/null; then
|
if lspci -k | grep "Kernel driver in use: nvidia" &> /dev/null; then
|
||||||
export LIBVA_DRIVER_NAME=nvidia
|
export LIBVA_DRIVER_NAME=nvidia
|
||||||
export GBM_BACKEND=nvidia-drm
|
export GBM_BACKEND=nvidia-drm
|
||||||
|
@ -27,6 +19,16 @@
|
||||||
|
|
||||||
sway --unsupported-gpu
|
sway --unsupported-gpu
|
||||||
'';
|
'';
|
||||||
|
in {
|
||||||
|
enable = true;
|
||||||
|
restart = true;
|
||||||
|
settings = {
|
||||||
|
terminal = {
|
||||||
|
vt = 2;
|
||||||
|
switch = true;
|
||||||
|
};
|
||||||
|
default_session = {
|
||||||
|
command = "${startSway}";
|
||||||
user = "jimbo";
|
user = "jimbo";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
@ -4,7 +4,7 @@
|
||||||
hardware.nvidia = {
|
hardware.nvidia = {
|
||||||
modesetting.enable = true;
|
modesetting.enable = true;
|
||||||
nvidiaSettings = false;
|
nvidiaSettings = false;
|
||||||
package = config.boot.kernelPackages.nvidiaPackages.beta;
|
package = config.boot.kernelPackages.nvidiaPackages.latest;
|
||||||
open = false;
|
open = false;
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -10,8 +10,6 @@
|
||||||
./servers/uberbeta
|
./servers/uberbeta
|
||||||
];
|
];
|
||||||
|
|
||||||
nixpkgs.overlays = [ minecraft.overlay ];
|
|
||||||
|
|
||||||
services.minecraft-servers = {
|
services.minecraft-servers = {
|
||||||
enable = true;
|
enable = true;
|
||||||
eula = true;
|
eula = true;
|
||||||
|
|
|
@ -1,8 +1,9 @@
|
||||||
{ unstable, ... }:
|
{ unstable, minecraft, ... }:
|
||||||
{
|
{
|
||||||
nixpkgs.overlays = [
|
nixpkgs.overlays = [
|
||||||
(import ./unstable { inherit unstable; })
|
(import ./unstable { inherit unstable; })
|
||||||
(final: _prev: import ./packages { pkgs = final; })
|
(final: _prev: import ./packages { pkgs = final; })
|
||||||
(import ./mpv)
|
(import ./mpv)
|
||||||
|
minecraft.overlay
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
Binary file not shown.
Loading…
Reference in a new issue