Jimbo/NixOS-Config
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Prepare to upload encrypted secrets file

Browse source
This commit is contained in:
Jimbo 2024-08-24 23:09:23 -04:00
parent ba5d5260b3
commit f61fa33b7e
23 changed files with 35 additions and 25 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
.gitattributes vendored Normal file
View file

@ -0,0 +1 @@
nixos/modules/secrets.nix filter=git-crypt diff=git-crypt

4
home-manager/jimbo_desktop.nix
View file

@ -44,8 +44,8 @@
auth = import ./common/auth.nix; auth = import ./common/auth.nix;
in { in {
nixdate = '' nixdate = ''
${auth.method} nixos-rebuild switch --flake /etc/nixos/.#JimNixDesktop; ${auth.method} nixos-rebuild switch --flake /etc/nixos/NixOS-Config/.#JimNixDesktop;
home-manager switch --flake /etc/nixos/.#jimbo@JimNixDesktop; home-manager switch --flake /etc/nixos/NixOS-Config/.#jimbo@JimNixDesktop;
notify-send "NixOS switch finished." notify-send "NixOS switch finished."
''; '';
}; };

4
home-manager/jimbo_server.nix
View file

@ -12,8 +12,8 @@
auth = import ./common/auth.nix; auth = import ./common/auth.nix;
in { in {
nixdate = '' nixdate = ''
${auth.method} nixos-rebuild switch --flake /etc/nixos/.#JimNixServer; ${auth.method} nixos-rebuild switch --flake /etc/nixos/NixOS-Config/.#JimNixServer;
home-manager switch --flake /etc/nixos/.#jimbo@JimNixServer; home-manager switch --flake /etc/nixos/NixOS-Config/.#jimbo@JimNixServer;
''; '';
}; };
}; };

8
home-manager/tuiapps/git.nix
View file

@ -1,11 +1,15 @@
{ {pkgs, ...}: {
# Enable git and config # Enable git and config
programs.git = let programs.git = let
secrets = import ../../../secrets.nix; secrets = import ../../nixos/modules/secrets.nix;
in { in {
enable = true; enable = true;
lfs.enable = true; lfs.enable = true;
userName = secrets.jimUsername; userName = secrets.jimUsername;
userEmail = secrets.jimEmail; userEmail = secrets.jimEmail;
}; };
home.packages = with pkgs; [
git-crypt
];
} }

1
nixos/desktop.nix
View file

@ -16,7 +16,6 @@
# Modules # Modules
./modules/security.nix ./modules/security.nix
./modules/networking.nix
# Hardware # Hardware
./hardware/machines/desktop.nix ./hardware/machines/desktop.nix

5
nixos/modules/base.nix
View file

@ -10,7 +10,8 @@
}: { }: {
# You can import other NixOS modules here # You can import other NixOS modules here
imports = [ imports = [
# My modules ./networking.nix
./gpg.nix
]; ];
nixpkgs = { nixpkgs = {
@ -60,7 +61,7 @@
# Set timezone # Set timezone
time.timeZone = let time.timeZone = let
secrets = import ../common/secrets.nix; secrets = import ../modules/secrets.nix;
in secrets.timeZone; in secrets.timeZone;
# Select internationalisation properties. # Select internationalisation properties.

6
nixos/modules/gpg.nix Normal file
View file

@ -0,0 +1,6 @@
{
programs.gnupg.agent = {
enable = true;
enableSSHSupport = true;
};
}

2
nixos/modules/networking.nix
View file

@ -7,7 +7,7 @@
# Set hostnames # Set hostnames
hosts = let hosts = let
ips = import ../common/ips.nix; ips = import ../modules/ips.nix;
in { in {
"${ips.server}" = ["server"]; "${ips.server}" = ["server"];
"${ips.pc}" = ["pc"]; "${ips.pc}" = ["pc"];

1
nixos/server.nix
View file

@ -10,7 +10,6 @@
# Modules # Modules
./modules/security.nix ./modules/security.nix
./modules/networking.nix
# Hardware # Hardware
./hardware/machines/server.nix ./hardware/machines/server.nix

2
nixos/server/acme.nix
View file

@ -1,6 +1,6 @@
{ {
security.acme = let security.acme = let
secrets = import ../../../secrets.nix; secrets = import ../modules/secrets.nix;
in { in {
acceptTerms = true; acceptTerms = true;
defaults.email = secrets.jimEmail; defaults.email = secrets.jimEmail;

2
nixos/server/ddclient.nix
View file

@ -1,7 +1,7 @@
{pkgs, ...}: { {pkgs, ...}: {
# DDClient for Dynamic IPs # DDClient for Dynamic IPs
services.ddclient = let services.ddclient = let
secrets = import ../../../secrets.nix; secrets = import ../modules/secrets.nix;
in { in {
enable = true; enable = true;
protocol = "cloudflare"; protocol = "cloudflare";

2
nixos/server/element.nix
View file

@ -1,7 +1,7 @@
{ {
# Configure the Element web server # Configure the Element web server
nixpkgs.config.element-web.conf = let nixpkgs.config.element-web.conf = let
secrets = import ../../../secrets.nix; secrets = import ../modules/secrets.nix;
in { in {
default_server_config = { default_server_config = {
"m.homeserver" = { "m.homeserver" = {

2
nixos/server/firewall.nix
View file

@ -5,7 +5,7 @@
# Configure firewall # Configure firewall
networking = let networking = let
ips = import ../modules/ips.nix; ips = import ../modules/ips.nix;
secrets = import ../../../secrets.nix; secrets = import ../modules/secrets.nix;
in { in {
firewall = { firewall = {
allowPing = false; allowPing = false;

2
nixos/server/gitea.nix
View file

@ -1,6 +1,6 @@
{ {
services.gitea = let services.gitea = let
secrets = import ../../../secrets.nix; secrets = import ../modules/secrets.nix;
in { in {
enable = true; enable = true;
settings = { settings = {

2
nixos/server/lemmy.nix
View file

@ -1,6 +1,6 @@
{ {
services.lemmy = let services.lemmy = let
secrets = import ../../../secrets.nix; secrets = import ../modules/secrets.nix;
in { in {
enable = true; enable = true;
nginx.enable = true; nginx.enable = true;

2
nixos/server/mailserver.nix
View file

@ -1,5 +1,5 @@
{pkgs, ...}: let {pkgs, ...}: let
secrets = import ../../../secrets.nix; secrets = import ../modules/secrets.nix;
in rec { in rec {
# Mail server # Mail server
mailserver = rec { mailserver = rec {

2
nixos/server/mastodon.nix
View file

@ -1,6 +1,6 @@
{pkgs, ...}: { {pkgs, ...}: {
services.mastodon = let services.mastodon = let
secrets = import ../../../secrets.nix; secrets = import ../modules/secrets.nix;
in { in {
enable = true; enable = true;
localDomain = "social.${secrets.jimDomain}"; localDomain = "social.${secrets.jimDomain}";

2
nixos/server/nextcloud.nix
View file

@ -1,5 +1,5 @@
{pkgs, ...}: let {pkgs, ...}: let
secrets = import ../../../secrets.nix; secrets = import ../modules/secrets.nix;
in { in {
services.nextcloud = { services.nextcloud = {
enable = true; enable = true;

2
nixos/server/nginx.nix
View file

@ -1,6 +1,6 @@
{pkgs, ...}: { {pkgs, ...}: {
services.nginx = let services.nginx = let
secrets = import ../../../secrets.nix; secrets = import ../modules/secrets.nix;
in { in {
enable = true; enable = true;
package = (pkgs.nginx.override { package = (pkgs.nginx.override {

2
nixos/server/pufferpanel.nix
View file

@ -1,6 +1,6 @@
{pkgs, lib, ...}: { {pkgs, lib, ...}: {
services.pufferpanel = let services.pufferpanel = let
secrets = import ../../../secrets.nix; secrets = import ../modules/secrets.nix;
in { in {
enable = true; enable = true;
environment = { environment = {

2
nixos/server/synapse.nix
View file

@ -1,6 +1,6 @@
{pkgs, config, ...}: { {pkgs, config, ...}: {
services = let services = let
secrets = import ../../../secrets.nix; secrets = import ../modules/secrets.nix;
in { in {
# Synapse Matrix server # Synapse Matrix server
matrix-synapse = with config.services.coturn; { matrix-synapse = with config.services.coturn; {

2
nixos/server/vaultwarden.nix
View file

@ -1,6 +1,6 @@
{ {
services.vaultwarden = let services.vaultwarden = let
secrets = import ../../../secrets.nix; secrets = import ../modules/secrets.nix;
in { in {
enable = true; enable = true;
config = { config = {

2
nixos/users/jimbo.nix
View file

@ -1,7 +1,7 @@
{pkgs, ...}: { {pkgs, ...}: {
users.users = { users.users = {
jimbo = let jimbo = let
secrets = import ../common/secrets.nix; secrets = import ../modules/secrets.nix;
in { in {
description = "Jimbo"; description = "Jimbo";
hashedPassword = secrets.jimboAccPass; hashedPassword = secrets.jimboAccPass;