Compare commits

..

No commits in common. "4efc1d3e6143109d1f1181eb94a002eb075d3243" and "66523171c98c52fdffc450c9cca5483c501d82f8" have entirely different histories.

6 changed files with 19 additions and 33 deletions

View File

@ -182,11 +182,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1716908526, "lastModified": 1716847642,
"narHash": "sha256-Zl6e/sEVDh07K47XxDGPsXTYT4nI6llUDbQ4xMIwp7k=", "narHash": "sha256-rjEswRV0o23eBBils8lJXyIGha+l/VjV73IPg+ztxgk=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "373ead20606efa9181cd15ba19a5deac7ead1492", "rev": "10c7c219b7dae5795fb67f465a0d86cbe29f25fa",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -255,11 +255,11 @@
"nix-secrets": { "nix-secrets": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1716917146, "lastModified": 1716900655,
"narHash": "sha256-YopICr9b8EqsysVABoJAIDBPtk5PiJjqz+eRWjYHLP0=", "narHash": "sha256-YQBKCTcP+CKP0LWSjVlP+qQ4kbk8ZWjir/nTPIl4+Bs=",
"ref": "refs/heads/master", "ref": "refs/heads/master",
"rev": "1669319dcc94896a4591dc1118f90818f2591433", "rev": "c000be534d2c23315a746555e82a30b512c42f65",
"revCount": 73, "revCount": 69,
"type": "git", "type": "git",
"url": "ssh://git@git.bitlab21.com/sam/nix-secrets.git" "url": "ssh://git@git.bitlab21.com/sam/nix-secrets.git"
}, },
@ -270,12 +270,10 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1716715802, "lastModified": 0,
"narHash": "sha256-usk0vE7VlxPX8jOavrtpOqphdfqEQpf9lgedlY/r66c=", "narHash": "sha256-UlRZtrCnhPFSJlDQE7M0eyhgvuuHBTe1eJ9N9AQlJQ0=",
"owner": "NixOS", "path": "/nix/store/3pif36ks3f56py4wb1dkq6sh0nkf3ygj-source",
"repo": "nixpkgs", "type": "path"
"rev": "e2dd4e18cc1c7314e24154331bae07df76eb582f",
"type": "github"
}, },
"original": { "original": {
"id": "nixpkgs", "id": "nixpkgs",

View File

@ -17,15 +17,4 @@
./common/optional/syncthing.nix ./common/optional/syncthing.nix
]; ];
monitors = [
{
name = "HDMI-1";
width = 2560;
height = 1440;
refreshRate = 59.95;
x = 0;
workspace = "1";
primary = true;
}
];
} }

View File

@ -3,7 +3,7 @@
{ {
home.username = "media"; home.username = "media";
home.homeDirectory = "/home/media"; home.homeDirectory = "/home/media";
home.stateVersion = "23.11"; home.stateVersion = "23.11";
imports = [ imports = [
inputs.impermanence.nixosModules.home-manager.impermanence inputs.impermanence.nixosModules.home-manager.impermanence
@ -13,7 +13,6 @@
enable = true; enable = true;
matchBlocks = { matchBlocks = {
"git.bitlab21.com" = { "git.bitlab21.com" = {
user = "git";
identitiesOnly = true; identitiesOnly = true;
identityFile = [ "~/.ssh/deploy_key-ssh-ed25519" ]; identityFile = [ "~/.ssh/deploy_key-ssh-ed25519" ];
}; };
@ -47,3 +46,4 @@
programs.home-manager.enable = true; programs.home-manager.enable = true;
} }

View File

@ -7,7 +7,7 @@ let
secretsDirectory = builtins.toString inputs.nix-secrets; secretsDirectory = builtins.toString inputs.nix-secrets;
secretsFile = "${secretsDirectory}/secrets.yaml"; secretsFile = "${secretsDirectory}/secrets.yaml";
in in
{ {
users.users.${username} = { users.users.${username} = {
isNormalUser = true; isNormalUser = true;
@ -16,9 +16,9 @@ in
openssh.authorizedKeys.keys = lib.lists.forEach pubKeys (key: builtins.readFile key); openssh.authorizedKeys.keys = lib.lists.forEach pubKeys (key: builtins.readFile key);
extraGroups = extraGroups =
[ [
"wheel" "wheel"
]; ];
packages = with pkgs; [ packages = with pkgs; [
flatpak flatpak
@ -40,7 +40,6 @@ in
".local" ".local"
]; ];
files = [ files = [
".config/cinnamon-monitors.xml"
]; ];
}; };
}; };

View File

@ -2,7 +2,7 @@
let let
# Disko setup # Disko setup
fsType = "btrfs"; # one of ext4 or btrfs. Use btrfs if using impermanence fsType = "btrfs"; # one of ext4 or btrfs. Use btrfs if using impermanence
dev = "/dev/sda"; # depends on target hardware dev = "/dev/vda"; # depends on target hardware
encrypted = false; # currrently only applies to btrfs encrypted = false; # currrently only applies to btrfs
btrfsMountDevice = if encrypted then "/dev/mapper/crypted" else "/dev/root_vg/root"; btrfsMountDevice = if encrypted then "/dev/mapper/crypted" else "/dev/root_vg/root";
in in

View File

@ -25,7 +25,7 @@ edit-sops:
# update keys in secrets.yaml and push to remote # update keys in secrets.yaml and push to remote
update-sops-secrets: update-sops-secrets:
cd ../nix-secrets && (\ cd $HOME/nix-secrets && (\
nix-shell -p sops --run "sops updatekeys -y secrets.yaml" && \ nix-shell -p sops --run "sops updatekeys -y secrets.yaml" && \
git add -u && (git commit -m "updated secrets" || true) && git push \ git add -u && (git commit -m "updated secrets" || true) && git push \
) )