Toast/nix-stuff
1
0
Fork 0
Code Issues Pull requests Projects 1 Wiki Activity

Compare commits

base: Toast:436c1785a8a03316d19d7b2118b0fbf60d31330c
Branches Tags
Toast:main
Toast:plasma-refactor
Toast:headscale
Toast:plasma6
Toast:catppuccin
Toast:kde-stuff
Toast:firefox
Toast:upgrade-to-23.05
..
compare: Toast:8d1b7584f3346be030f5654ecf81104317adcbfb
Branches Tags
Toast:main
Toast:plasma-refactor
Toast:headscale
Toast:plasma6
Toast:catppuccin
Toast:kde-stuff
Toast:firefox
Toast:upgrade-to-23.05

No commits in common. "436c1785a8a03316d19d7b2118b0fbf60d31330c" and "8d1b7584f3346be030f5654ecf81104317adcbfb" have entirely different histories.
436c1785a8 ... 8d1b7584f3

5 changed files with 10 additions and 39 deletions
Download patch file Download diff file Expand all files Collapse all files

17
flake.lock generated
View file

@ -411,26 +411,9 @@
"nixpkgs-unstable-raw": "nixpkgs-unstable-raw",
"nur": "nur",
"plasma-manager": "plasma-manager",
"secrets": "secrets",
"vscode-extensions": "vscode-extensions"
}
},
"secrets": {
"flake": false,
"locked": {
"lastModified": 1708347322,
"narHash": "sha256-30rLLNMGvVz8xbklqRpA3uE6UDneAUGFz7dCmH9YbA8=",
"ref": "refs/heads/main",
"rev": "409536f1d2b8ffe741fe47b8701ba28137f9de38",
"revCount": 3,
"type": "git",
"url": "http://git.everest.sable-pancake.ts.net/Toast/nix-secrets"
},
"original": {
"type": "git",
"url": "http://git.everest.sable-pancake.ts.net/Toast/nix-secrets"
}
},
"systems": {
"locked": {
"lastModified": 1681028828,

4
flake.nix
View file

@ -2,10 +2,6 @@
description = "Configuration for Everest";
inputs = {
secrets = {
url = "git+http://git.everest.sable-pancake.ts.net/Toast/nix-secrets";
flake = false;
};
nixpkgs-raw.url = "nixpkgs/nixos-23.11";
nixpkgs-unstable-raw.url = "nixpkgs/nixos-unstable";

8
machines/WinMax2/hardware-configuration.nix
View file

@ -43,12 +43,12 @@ in
fsType = "btrfs";
options = [ "subvol=@" ];
};
"btrfs_persist" = {
mountPoint = "/persist";
/*"btrfs_boot" = {
mountPoint = "/boot";
label = ssdLabel;
fsType = "btrfs";
options = [ "subvol=@persist" ];
};
options = [ "subvol=@boot" ];
};*/
"btrfs_home" = {
mountPoint = "/home";
label = ssdLabel;

6
roles/common/configuration.nix
View file

@ -105,7 +105,11 @@
# Set up secrets
age = {
identityPaths = [
"/persist/id_host"
"/etc/ssh/ssh_host_rsa_key"
"/etc/ssh/ssh_host_ed25519_key"
# This key has a passcode, so if you need to use it you'll have to
# enter the password A LOT of times. Only on the first setup tho
"/tmp/id_ed25519_bootstrap"
];
};

14
roles/common/services/syncthing.nix
View file

@ -1,19 +1,7 @@
{ config, flakeSelf, ... }:
let
hostSecrets = "${flakeSelf.inputs.secrets}/" + config.networking.hostName;
in
{ config, ... }:
{
# Get secrets
age.secrets = {
syncthingKey.file = hostSecrets + "/syncthingKey.age";
syncthingCert.file = hostSecrets + "/syncthingCert.age";
};
services.syncthing = {
key = config.age.secrets.syncthingKey.path;
cert = config.age.secrets.syncthingCert.path;
overrideDevices = true;
overrideFolders = true;
openDefaultPorts = true;