Compare commits
No commits in common. "4efc1d3e6143109d1f1181eb94a002eb075d3243" and "66523171c98c52fdffc450c9cca5483c501d82f8" have entirely different histories.
4efc1d3e61
...
66523171c9
24
flake.lock
24
flake.lock
|
@ -182,11 +182,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1716908526,
|
"lastModified": 1716847642,
|
||||||
"narHash": "sha256-Zl6e/sEVDh07K47XxDGPsXTYT4nI6llUDbQ4xMIwp7k=",
|
"narHash": "sha256-rjEswRV0o23eBBils8lJXyIGha+l/VjV73IPg+ztxgk=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "home-manager",
|
"repo": "home-manager",
|
||||||
"rev": "373ead20606efa9181cd15ba19a5deac7ead1492",
|
"rev": "10c7c219b7dae5795fb67f465a0d86cbe29f25fa",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -255,11 +255,11 @@
|
||||||
"nix-secrets": {
|
"nix-secrets": {
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1716917146,
|
"lastModified": 1716900655,
|
||||||
"narHash": "sha256-YopICr9b8EqsysVABoJAIDBPtk5PiJjqz+eRWjYHLP0=",
|
"narHash": "sha256-YQBKCTcP+CKP0LWSjVlP+qQ4kbk8ZWjir/nTPIl4+Bs=",
|
||||||
"ref": "refs/heads/master",
|
"ref": "refs/heads/master",
|
||||||
"rev": "1669319dcc94896a4591dc1118f90818f2591433",
|
"rev": "c000be534d2c23315a746555e82a30b512c42f65",
|
||||||
"revCount": 73,
|
"revCount": 69,
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "ssh://git@git.bitlab21.com/sam/nix-secrets.git"
|
"url": "ssh://git@git.bitlab21.com/sam/nix-secrets.git"
|
||||||
},
|
},
|
||||||
|
@ -270,12 +270,10 @@
|
||||||
},
|
},
|
||||||
"nixpkgs": {
|
"nixpkgs": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1716715802,
|
"lastModified": 0,
|
||||||
"narHash": "sha256-usk0vE7VlxPX8jOavrtpOqphdfqEQpf9lgedlY/r66c=",
|
"narHash": "sha256-UlRZtrCnhPFSJlDQE7M0eyhgvuuHBTe1eJ9N9AQlJQ0=",
|
||||||
"owner": "NixOS",
|
"path": "/nix/store/3pif36ks3f56py4wb1dkq6sh0nkf3ygj-source",
|
||||||
"repo": "nixpkgs",
|
"type": "path"
|
||||||
"rev": "e2dd4e18cc1c7314e24154331bae07df76eb582f",
|
|
||||||
"type": "github"
|
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"id": "nixpkgs",
|
"id": "nixpkgs",
|
||||||
|
|
|
@ -17,15 +17,4 @@
|
||||||
./common/optional/syncthing.nix
|
./common/optional/syncthing.nix
|
||||||
|
|
||||||
];
|
];
|
||||||
monitors = [
|
|
||||||
{
|
|
||||||
name = "HDMI-1";
|
|
||||||
width = 2560;
|
|
||||||
height = 1440;
|
|
||||||
refreshRate = 59.95;
|
|
||||||
x = 0;
|
|
||||||
workspace = "1";
|
|
||||||
primary = true;
|
|
||||||
}
|
|
||||||
];
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -3,7 +3,7 @@
|
||||||
{
|
{
|
||||||
home.username = "media";
|
home.username = "media";
|
||||||
home.homeDirectory = "/home/media";
|
home.homeDirectory = "/home/media";
|
||||||
home.stateVersion = "23.11";
|
home.stateVersion = "23.11";
|
||||||
|
|
||||||
imports = [
|
imports = [
|
||||||
inputs.impermanence.nixosModules.home-manager.impermanence
|
inputs.impermanence.nixosModules.home-manager.impermanence
|
||||||
|
@ -13,7 +13,6 @@
|
||||||
enable = true;
|
enable = true;
|
||||||
matchBlocks = {
|
matchBlocks = {
|
||||||
"git.bitlab21.com" = {
|
"git.bitlab21.com" = {
|
||||||
user = "git";
|
|
||||||
identitiesOnly = true;
|
identitiesOnly = true;
|
||||||
identityFile = [ "~/.ssh/deploy_key-ssh-ed25519" ];
|
identityFile = [ "~/.ssh/deploy_key-ssh-ed25519" ];
|
||||||
};
|
};
|
||||||
|
@ -47,3 +46,4 @@
|
||||||
|
|
||||||
programs.home-manager.enable = true;
|
programs.home-manager.enable = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -7,7 +7,7 @@ let
|
||||||
secretsDirectory = builtins.toString inputs.nix-secrets;
|
secretsDirectory = builtins.toString inputs.nix-secrets;
|
||||||
secretsFile = "${secretsDirectory}/secrets.yaml";
|
secretsFile = "${secretsDirectory}/secrets.yaml";
|
||||||
|
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
users.users.${username} = {
|
users.users.${username} = {
|
||||||
isNormalUser = true;
|
isNormalUser = true;
|
||||||
|
@ -16,9 +16,9 @@ in
|
||||||
openssh.authorizedKeys.keys = lib.lists.forEach pubKeys (key: builtins.readFile key);
|
openssh.authorizedKeys.keys = lib.lists.forEach pubKeys (key: builtins.readFile key);
|
||||||
|
|
||||||
extraGroups =
|
extraGroups =
|
||||||
[
|
[
|
||||||
"wheel"
|
"wheel"
|
||||||
];
|
];
|
||||||
|
|
||||||
packages = with pkgs; [
|
packages = with pkgs; [
|
||||||
flatpak
|
flatpak
|
||||||
|
@ -40,7 +40,6 @@ in
|
||||||
".local"
|
".local"
|
||||||
];
|
];
|
||||||
files = [
|
files = [
|
||||||
".config/cinnamon-monitors.xml"
|
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
let
|
let
|
||||||
# Disko setup
|
# Disko setup
|
||||||
fsType = "btrfs"; # one of ext4 or btrfs. Use btrfs if using impermanence
|
fsType = "btrfs"; # one of ext4 or btrfs. Use btrfs if using impermanence
|
||||||
dev = "/dev/sda"; # depends on target hardware
|
dev = "/dev/vda"; # depends on target hardware
|
||||||
encrypted = false; # currrently only applies to btrfs
|
encrypted = false; # currrently only applies to btrfs
|
||||||
btrfsMountDevice = if encrypted then "/dev/mapper/crypted" else "/dev/root_vg/root";
|
btrfsMountDevice = if encrypted then "/dev/mapper/crypted" else "/dev/root_vg/root";
|
||||||
in
|
in
|
||||||
|
|
2
justfile
2
justfile
|
@ -25,7 +25,7 @@ edit-sops:
|
||||||
|
|
||||||
# update keys in secrets.yaml and push to remote
|
# update keys in secrets.yaml and push to remote
|
||||||
update-sops-secrets:
|
update-sops-secrets:
|
||||||
cd ../nix-secrets && (\
|
cd $HOME/nix-secrets && (\
|
||||||
nix-shell -p sops --run "sops updatekeys -y secrets.yaml" && \
|
nix-shell -p sops --run "sops updatekeys -y secrets.yaml" && \
|
||||||
git add -u && (git commit -m "updated secrets" || true) && git push \
|
git add -u && (git commit -m "updated secrets" || true) && git push \
|
||||||
)
|
)
|
||||||
|
|
Loading…
Reference in New Issue