From f123d2a78d467e9db9fdea52764c8c9581357e1d Mon Sep 17 00:00:00 2001 From: Glen Goodwin Date: Fri, 15 Dec 2023 00:55:10 -0500 Subject: [PATCH 1/7] add nix-sops input --- flake.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/flake.nix b/flake.nix index c00ef9f..972350c 100644 --- a/flake.nix +++ b/flake.nix @@ -36,6 +36,8 @@ }; neovim-config.url = "github:gwg313/nvim-nix"; + + sops-nix.url = "github:Mic92/sops-nix"; }; outputs = { From 24c2e88e89282976268e41374c9ba9f2e6cd7aee Mon Sep 17 00:00:00 2001 From: Glen Goodwin Date: Tue, 12 Dec 2023 13:20:11 -0500 Subject: [PATCH 2/7] chore: flake update --- flake.lock | 68 +++++++++++++++++++++++++++--------------------------- 1 file changed, 34 insertions(+), 34 deletions(-) diff --git a/flake.lock b/flake.lock index eb79b41..98e9819 100644 --- a/flake.lock +++ b/flake.lock @@ -164,11 +164,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1701187605, - "narHash": "sha256-NctguPdUeDVLXFsv6vI1RlEiHLsXkeW3pgZe/mwn1BU=", + "lastModified": 1702239828, + "narHash": "sha256-H+z5LY1XslLLIlsh0pirHmveD7Eh6QQUT96VNSRJW9w=", "owner": "cachix", "repo": "devenv", - "rev": "a7c4dd8f4eb1f98a6b8f04bf08364954e1e73e4f", + "rev": "895e8403410c3ec14d1e8cae94e88b4e7e2e8c2f", "type": "github" }, "original": { @@ -404,11 +404,11 @@ ] }, "locked": { - "lastModified": 1700553346, - "narHash": "sha256-kW7uWsCv/lxuA824Ng6EYD9hlVYRyjuFn0xBbYltAeQ=", + "lastModified": 1702203126, + "narHash": "sha256-4BhN2Vji19MzRC7SUfPZGmtZ2WZydQeUk/ogfRBIZMs=", "owner": "nix-community", "repo": "home-manager", - "rev": "1aabb0a31b25ad83cfaa37c3fe29053417cd9a0f", + "rev": "defbb9c5857e157703e8fc7cf3c2ceb01cb95883", "type": "github" }, "original": { @@ -426,11 +426,11 @@ ] }, "locked": { - "lastModified": 1691882297, - "narHash": "sha256-e1/LAQSGLnBywfA1TfMl0Vj3tvYka73XOZ/D2/CJowE=", + "lastModified": 1700847865, + "narHash": "sha256-uWaOIemGl9LF813MW0AEgCBpKwFo2t1Wv3BZc6e5Frw=", "owner": "nix-community", "repo": "home-manager", - "rev": "c3ab5ea047e6dc73df530948f7367455749d8906", + "rev": "8cedd63eede4c22deb192f1721dd67e7460e1ebe", "type": "github" }, "original": { @@ -448,11 +448,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1700592218, - "narHash": "sha256-vHzDbBrZ5EsfVUMLgjuugf6OqB+iOLjKLO9O5n2occ4=", + "lastModified": 1702399471, + "narHash": "sha256-yJCaB6uCMTvw4bBRbIAtDbfTgjeNrWVrogkChW2HBH4=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "472926528428cd714c90f157e639fc0466611c8b", + "rev": "4de986072c12af8081f877f4792d57b4a11a0a6a", "type": "github" }, "original": { @@ -553,11 +553,11 @@ ] }, "locked": { - "lastModified": 1700363379, - "narHash": "sha256-fBEVPFwSZ6AmBE1s1oT7E9WVuqRghruxTnSQ8UUlMkw=", + "lastModified": 1702291765, + "narHash": "sha256-kfxavgLKPIZdYVPUPcoDZyr5lleymrqbr5G9PVfQ2NY=", "owner": "Mic92", "repo": "nix-index-database", - "rev": "27920146e671a0d565aaa7452907383be14d8d82", + "rev": "45d82e0a8b9dd6c5dd9da835ac0c072239af7785", "type": "github" }, "original": { @@ -568,11 +568,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1698134075, - "narHash": "sha256-foCD+nuKzfh49bIoiCBur4+Fx1nozo+4C/6k8BYk4sg=", + "lastModified": 1700612854, + "narHash": "sha256-yrQ8osMD+vDLGFX7pcwsY/Qr5PUd6OmDMYJZzZi0+zc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "8efd5d1e283604f75a808a20e6cde0ef313d07d4", + "rev": "19cbff58383a4ae384dea4d1d0c823d72b49d614", "type": "github" }, "original": { @@ -648,11 +648,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1700390070, - "narHash": "sha256-de9KYi8rSJpqvBfNwscWdalIJXPo8NjdIZcEJum1mH0=", + "lastModified": 1702151865, + "narHash": "sha256-9VAt19t6yQa7pHZLDbil/QctAgVsA66DLnzdRGqDisg=", "owner": "nixos", "repo": "nixpkgs", - "rev": "e4ad989506ec7d71f7302cc3067abd82730a4beb", + "rev": "666fc80e7b2afb570462423cb0e1cf1a3a34fedd", "type": "github" }, "original": { @@ -696,11 +696,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1700390070, - "narHash": "sha256-de9KYi8rSJpqvBfNwscWdalIJXPo8NjdIZcEJum1mH0=", + "lastModified": 1702151865, + "narHash": "sha256-9VAt19t6yQa7pHZLDbil/QctAgVsA66DLnzdRGqDisg=", "owner": "nixos", "repo": "nixpkgs", - "rev": "e4ad989506ec7d71f7302cc3067abd82730a4beb", + "rev": "666fc80e7b2afb570462423cb0e1cf1a3a34fedd", "type": "github" }, "original": { @@ -868,11 +868,11 @@ ] }, "locked": { - "lastModified": 1700302760, - "narHash": "sha256-JpOJf9Nj260rTrVuYonP9CiGzj+43AGPOfhF72XkQvU=", + "lastModified": 1702242258, + "narHash": "sha256-DSiwYD1DZY+YJALahnCVKacWk2AGy+s1pd3Z07tEF/U=", "owner": "danth", "repo": "stylix", - "rev": "a15c3196c1d620c18cbee8229092598384a89fef", + "rev": "b5ad31b710294038f9ed70efdf787db6a82d7327", "type": "github" }, "original": { @@ -975,18 +975,18 @@ "flake": false, "locked": { "host": "gitlab.freedesktop.org", - "lastModified": 1699292815, - "narHash": "sha256-HXu98PyBMKEWLqiTb8viuLDznud/SdkdJsx5A5CWx7I=", + "lastModified": 1701368958, + "narHash": "sha256-7kvyoA91etzVEl9mkA/EJfB6z/PltxX7Xc4gcr7/xlo=", "owner": "wlroots", "repo": "wlroots", - "rev": "5de9e1a99d6642c2d09d589aa37ff0a8945dcee1", + "rev": "5d639394f3e83b01596dcd166a44a9a1a2583350", "type": "gitlab" }, "original": { "host": "gitlab.freedesktop.org", "owner": "wlroots", "repo": "wlroots", - "rev": "5de9e1a99d6642c2d09d589aa37ff0a8945dcee1", + "rev": "5d639394f3e83b01596dcd166a44a9a1a2583350", "type": "gitlab" } }, @@ -1006,11 +1006,11 @@ ] }, "locked": { - "lastModified": 1697981233, - "narHash": "sha256-y8q4XUwx+gVK7i2eLjfR32lVo7TYvEslyzrmzYEaPZU=", + "lastModified": 1700508250, + "narHash": "sha256-X4o/mifI7Nhu0UKYlxx53wIC+gYDo3pVM9L2u3PE2bE=", "owner": "hyprwm", "repo": "xdg-desktop-portal-hyprland", - "rev": "22e7a65ff9633e1dedfa5317fdffc49f68de2ff2", + "rev": "eb120ff25265ecacd0fc13d7dab12131b60d0f47", "type": "github" }, "original": { From b2bb9e3d7f08f5240cce4030ee4b968a44aa648e Mon Sep 17 00:00:00 2001 From: Glen Goodwin Date: Fri, 15 Dec 2023 13:05:28 -0500 Subject: [PATCH 3/7] feat: add nfs mounts --- common/nixos/nfs.nix | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 common/nixos/nfs.nix diff --git a/common/nixos/nfs.nix b/common/nixos/nfs.nix new file mode 100644 index 0000000..21f70e5 --- /dev/null +++ b/common/nixos/nfs.nix @@ -0,0 +1,33 @@ +{...}: { + fileSystems = { + "/media" = { + device = "192.168.10.2:/mnt/tank/media"; + fsType = "nfs"; + options = ["x-systemd.automount" "noauto" "x-systemd.after=network-online.target" "x-systemd.mount-timeout=90"]; + }; + + "/books" = { + device = "192.168.10.2:/mnt/tank/books"; + fsType = "nfs"; + options = ["x-systemd.automount" "noauto" "x-systemd.after=network-online.target" "x-systemd.mount-timeout=90"]; + }; + + "/music" = { + device = "192.168.10.2:/mnt/tank/music"; + fsType = "nfs"; + options = ["x-systemd.automount" "noauto" "x-systemd.after=network-online.target" "x-systemd.mount-timeout=90"]; + }; + + "/projects" = { + device = "192.168.10.2:/mnt/tank/projects"; + fsType = "nfs"; + options = ["x-systemd.automount" "noauto" "x-systemd.after=network-online.target" "x-systemd.mount-timeout=90"]; + }; + + "/backups" = { + device = "192.168.10.2:/mnt/tank/backups"; + fsType = "nfs"; + options = ["x-systemd.automount" "noauto" "x-systemd.after=network-online.target" "x-systemd.mount-timeout=90"]; + }; + }; +} From b9ecca6ea8d65894a19810df066efc7634a34215 Mon Sep 17 00:00:00 2001 From: Glen Goodwin Date: Fri, 15 Dec 2023 16:41:00 -0500 Subject: [PATCH 4/7] fix: update tmux project path --- home-manager/modules/tmux/tmux.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/home-manager/modules/tmux/tmux.nix b/home-manager/modules/tmux/tmux.nix index 4e9ecfc..58fdb2b 100644 --- a/home-manager/modules/tmux/tmux.nix +++ b/home-manager/modules/tmux/tmux.nix @@ -55,7 +55,7 @@ bind-key g display-popup -h 95% -w 95% -E 'lazygit' bind-key t display-popup -h 95% -w 95% -E "${pkgs.htop}/bin/htop" - bind C-g display-popup -E "tat ~/gallery" + bind C-g display-popup -E "tat ~/Projects" bind -n M-g display-popup -E "tmux new-session -A -s scratch" From 93b4a445917acc32f0e8a596634e101d6793cb62 Mon Sep 17 00:00:00 2001 From: Glen Goodwin Date: Fri, 15 Dec 2023 16:41:26 -0500 Subject: [PATCH 5/7] chore: update flake --- flake.lock | 159 ++++++++--------------------- home-manager/modules/linux-gui.nix | 1 - 2 files changed, 45 insertions(+), 115 deletions(-) diff --git a/flake.lock b/flake.lock index 98e9819..a651e24 100644 --- a/flake.lock +++ b/flake.lock @@ -130,30 +130,6 @@ "type": "github" } }, - "beautysh": { - "inputs": { - "nixpkgs": [ - "neovim-config", - "nixvim", - "nixpkgs" - ], - "poetry2nix": "poetry2nix", - "utils": "utils" - }, - "locked": { - "lastModified": 1680308980, - "narHash": "sha256-aUEHV0jk2qIFP3jlsWYWhBbm+w/N9gzH3e4I5DcdB5s=", - "owner": "lovesegfault", - "repo": "beautysh", - "rev": "9845efc3ea3e86cc0d41465d720a47f521b2799c", - "type": "github" - }, - "original": { - "owner": "lovesegfault", - "repo": "beautysh", - "type": "github" - } - }, "devenv": { "inputs": { "flake-compat": "flake-compat", @@ -164,11 +140,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1702239828, - "narHash": "sha256-H+z5LY1XslLLIlsh0pirHmveD7Eh6QQUT96VNSRJW9w=", + "lastModified": 1702549996, + "narHash": "sha256-mEN+8gjWUXRxBCcixeth+jlDNuzxbpFwZNOEc4K22vw=", "owner": "cachix", "repo": "devenv", - "rev": "895e8403410c3ec14d1e8cae94e88b4e7e2e8c2f", + "rev": "e681a99ffe2d2882f413a5d771129223c838ddce", "type": "github" }, "original": { @@ -265,11 +241,11 @@ "systems": "systems_3" }, "locked": { - "lastModified": 1694529238, - "narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=", + "lastModified": 1701680307, + "narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=", "owner": "numtide", "repo": "flake-utils", - "rev": "ff7b65b44d01cf9ba6a71320833626af21126384", + "rev": "4022d587cbbfd70fe950c1e2083a02621806a725", "type": "github" }, "original": { @@ -404,11 +380,11 @@ ] }, "locked": { - "lastModified": 1702203126, - "narHash": "sha256-4BhN2Vji19MzRC7SUfPZGmtZ2WZydQeUk/ogfRBIZMs=", + "lastModified": 1702538064, + "narHash": "sha256-At5GwJPu2tzvS9dllhBoZmqK6lkkh/sOp2YefWRlaL8=", "owner": "nix-community", "repo": "home-manager", - "rev": "defbb9c5857e157703e8fc7cf3c2ceb01cb95883", + "rev": "0e2e443ff24f9d75925e91b89d1da44b863734af", "type": "github" }, "original": { @@ -448,11 +424,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1702399471, - "narHash": "sha256-yJCaB6uCMTvw4bBRbIAtDbfTgjeNrWVrogkChW2HBH4=", + "lastModified": 1702675213, + "narHash": "sha256-Sl5gAPzCvYmXw7jo7ISzz/djhprOstFLRyznfxq2JIw=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "4de986072c12af8081f877f4792d57b4a11a0a6a", + "rev": "b1b8d732e64ecf527baef010ad2f28ed3b8c4ac1", "type": "github" }, "original": { @@ -509,11 +485,11 @@ "pre-commit-hooks": "pre-commit-hooks_3" }, "locked": { - "lastModified": 1700503498, - "narHash": "sha256-93Lw2/JJaDCfG2TscRd3qLNLI1QWpVk+nA2CVniwRlo=", + "lastModified": 1702676034, + "narHash": "sha256-2Tyru4/iQOmRw3xl9ixkiNpaV3yXUQgi9MglKFvBb04=", "owner": "gwg313", "repo": "nvim-nix", - "rev": "157cf0b0150ea8095d559d9a6a6ca0e2962d476d", + "rev": "eb9f17e9d6212aabf18b7b9e00fe35f5c1b78af7", "type": "github" }, "original": { @@ -568,11 +544,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1700612854, - "narHash": "sha256-yrQ8osMD+vDLGFX7pcwsY/Qr5PUd6OmDMYJZzZi0+zc=", + "lastModified": 1702312524, + "narHash": "sha256-gkZJRDBUCpTPBvQk25G0B7vfbpEYM5s5OZqghkjZsnE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "19cbff58383a4ae384dea4d1d0c823d72b49d614", + "rev": "a9bf124c46ef298113270b1f84a164865987a91c", "type": "github" }, "original": { @@ -648,11 +624,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1702151865, - "narHash": "sha256-9VAt19t6yQa7pHZLDbil/QctAgVsA66DLnzdRGqDisg=", + "lastModified": 1702312524, + "narHash": "sha256-gkZJRDBUCpTPBvQk25G0B7vfbpEYM5s5OZqghkjZsnE=", "owner": "nixos", "repo": "nixpkgs", - "rev": "666fc80e7b2afb570462423cb0e1cf1a3a34fedd", + "rev": "a9bf124c46ef298113270b1f84a164865987a91c", "type": "github" }, "original": { @@ -664,11 +640,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1699099776, - "narHash": "sha256-X09iKJ27mGsGambGfkKzqvw5esP1L/Rf8H3u3fCqIiU=", + "lastModified": 1702312524, + "narHash": "sha256-gkZJRDBUCpTPBvQk25G0B7vfbpEYM5s5OZqghkjZsnE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "85f1ba3e51676fa8cc604a3d863d729026a6b8eb", + "rev": "a9bf124c46ef298113270b1f84a164865987a91c", "type": "github" }, "original": { @@ -680,11 +656,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1698924604, - "narHash": "sha256-GCFbkl2tj8fEZBZCw3Tc0AkGo0v+YrQlohhEGJ/X4s0=", + "lastModified": 1702312524, + "narHash": "sha256-gkZJRDBUCpTPBvQk25G0B7vfbpEYM5s5OZqghkjZsnE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "fa804edfb7869c9fb230e174182a8a1a7e512c40", + "rev": "a9bf124c46ef298113270b1f84a164865987a91c", "type": "github" }, "original": { @@ -696,11 +672,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1702151865, - "narHash": "sha256-9VAt19t6yQa7pHZLDbil/QctAgVsA66DLnzdRGqDisg=", + "lastModified": 1702312524, + "narHash": "sha256-gkZJRDBUCpTPBvQk25G0B7vfbpEYM5s5OZqghkjZsnE=", "owner": "nixos", "repo": "nixpkgs", - "rev": "666fc80e7b2afb570462423cb0e1cf1a3a34fedd", + "rev": "a9bf124c46ef298113270b1f84a164865987a91c", "type": "github" }, "original": { @@ -712,17 +688,16 @@ }, "nixvim": { "inputs": { - "beautysh": "beautysh", "flake-utils": "flake-utils_2", "nixpkgs": "nixpkgs_3", "pre-commit-hooks": "pre-commit-hooks_2" }, "locked": { - "lastModified": 1699308475, - "narHash": "sha256-sFHOFiE+GV1JkwDmHi0LLJLSRyggdIK1Yra02oj2eZg=", + "lastModified": 1702653568, + "narHash": "sha256-SwrNBw/1/oMURAa9/8MdvC4b3UYohoMAvSazeIt3hkg=", "owner": "nix-community", "repo": "nixvim", - "rev": "6b93c8fa6db999320d53f13e0ebd555e33f86577", + "rev": "b3fb1c4c8189bc873911da3f31d18082a0721fa9", "type": "github" }, "original": { @@ -731,35 +706,6 @@ "type": "github" } }, - "poetry2nix": { - "inputs": { - "flake-utils": [ - "neovim-config", - "nixvim", - "beautysh", - "utils" - ], - "nixpkgs": [ - "neovim-config", - "nixvim", - "beautysh", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1658665240, - "narHash": "sha256-/wkx7D7enyBPRjIkK0w7QxLQhzEkb3UxNQnjyc3FTUI=", - "owner": "nix-community", - "repo": "poetry2nix", - "rev": "8b8edc85d24661d5a6d0d71d6a7011f3e699780f", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "poetry2nix", - "type": "github" - } - }, "pre-commit-hooks": { "inputs": { "flake-compat": [ @@ -801,11 +747,11 @@ "nixpkgs-stable": "nixpkgs-stable_2" }, "locked": { - "lastModified": 1698852633, - "narHash": "sha256-Hsc/cCHud8ZXLvmm8pxrXpuaPEeNaaUttaCvtdX/Wug=", + "lastModified": 1702456155, + "narHash": "sha256-I2XhXGAecdGlqi6hPWYT83AQtMgL+aa3ulA85RAEgOk=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "dec10399e5b56aa95fcd530e0338be72ad6462a0", + "rev": "007a45d064c1c32d04e1b8a0de5ef00984c419bc", "type": "github" }, "original": { @@ -826,11 +772,11 @@ "nixpkgs-stable": "nixpkgs-stable_3" }, "locked": { - "lastModified": 1699271226, - "narHash": "sha256-8Jt1KW3xTjolD6c6OjJm9USx/jmL+VVmbooADCkdDfU=", + "lastModified": 1702456155, + "narHash": "sha256-I2XhXGAecdGlqi6hPWYT83AQtMgL+aa3ulA85RAEgOk=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "ea758da1a6dcde6dc36db348ed690d09b9864128", + "rev": "007a45d064c1c32d04e1b8a0de5ef00984c419bc", "type": "github" }, "original": { @@ -868,11 +814,11 @@ ] }, "locked": { - "lastModified": 1702242258, - "narHash": "sha256-DSiwYD1DZY+YJALahnCVKacWk2AGy+s1pd3Z07tEF/U=", + "lastModified": 1702559747, + "narHash": "sha256-d6AmQp3M00WMPJquNfGVzIol5iojD1pi9slek+4N9VY=", "owner": "danth", "repo": "stylix", - "rev": "b5ad31b710294038f9ed70efdf787db6a82d7327", + "rev": "41d218597590a89324a4b7c50cf0bf088a7214ba", "type": "github" }, "original": { @@ -956,21 +902,6 @@ "type": "github" } }, - "utils": { - "locked": { - "lastModified": 1678901627, - "narHash": "sha256-U02riOqrKKzwjsxc/400XnElV+UtPUQWpANPlyazjH0=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "93a2b84fc4b70d9e089d029deacc3583435c2ed6", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, "wlroots": { "flake": false, "locked": { @@ -1006,11 +937,11 @@ ] }, "locked": { - "lastModified": 1700508250, - "narHash": "sha256-X4o/mifI7Nhu0UKYlxx53wIC+gYDo3pVM9L2u3PE2bE=", + "lastModified": 1702334919, + "narHash": "sha256-ibOZ3TLjqndGMcj2f+07NFwDWoum4IbzF58byZuJJNg=", "owner": "hyprwm", "repo": "xdg-desktop-portal-hyprland", - "rev": "eb120ff25265ecacd0fc13d7dab12131b60d0f47", + "rev": "f5c3576c3b6cb1c31a8dfa3e4113f59bfe40cd71", "type": "github" }, "original": { diff --git a/home-manager/modules/linux-gui.nix b/home-manager/modules/linux-gui.nix index 88dc5a9..e3b243a 100644 --- a/home-manager/modules/linux-gui.nix +++ b/home-manager/modules/linux-gui.nix @@ -16,7 +16,6 @@ kicad # An open-source electronic design automation (EDA) suite for creating schematics, PCB layouts, and 3D models. kodi # An open-source media center, providing a versatile platform for streaming and organizing media content. pavucontrol # PulseAudio Volume Control, a feature-rich GUI for controlling and configuring the PulseAudio sound system. - schildichat-desktop-wayland # A desktop client for SchildiChat, designed to work with the Wayland display server. sublime-music # A modern and feature-rich music player with a clean user interface and advanced playback options. thunderbird # Mozilla Thunderbird, a powerful and customizable email client with integrated calendaring and chat features. wireshark # Open-source network protocol analyzer for real-time packet inspection and analysis. From ad81a35f71b9f2ba643fdb664d4e9d6fc0bbbb32 Mon Sep 17 00:00:00 2001 From: Glen Goodwin Date: Sat, 16 Dec 2023 01:02:14 -0500 Subject: [PATCH 6/7] feat: enable nfs --- hosts/candlekeep/hardware-configuration.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/hosts/candlekeep/hardware-configuration.nix b/hosts/candlekeep/hardware-configuration.nix index 1bb5e31..f9a3acb 100644 --- a/hosts/candlekeep/hardware-configuration.nix +++ b/hosts/candlekeep/hardware-configuration.nix @@ -10,6 +10,7 @@ }: { imports = [ (modulesPath + "/installer/scan/not-detected.nix") + ../../common/nixos/nfs.nix ]; boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "usb_storage" "sd_mod" "rtsx_pci_sdmmc"]; From 0739aa0b5e4e419a8232e0c032dc8e45b187b7d4 Mon Sep 17 00:00:00 2001 From: Glen Goodwin Date: Sat, 16 Dec 2023 12:56:02 -0500 Subject: [PATCH 7/7] feat: add sops-nix --- .sops.yaml | 7 ++++ flake.lock | 52 ++++++++++++++++++++++++++++++ flake.nix | 1 + hosts/candlekeep/configuration.nix | 3 ++ secrets/secrets.yaml | 21 ++++++++++++ 5 files changed, 84 insertions(+) create mode 100644 .sops.yaml create mode 100644 secrets/secrets.yaml diff --git a/.sops.yaml b/.sops.yaml new file mode 100644 index 0000000..971379a --- /dev/null +++ b/.sops.yaml @@ -0,0 +1,7 @@ +keys: + - &primary age1k3hs0gyzrmsdyqh9lpret46q3xaayxxntruzc4euy6h3slqn4u6q36h7rg +creation_rules: + - path_regex: secrets/secrets.yaml$ + key_groups: + - age: + - *primary diff --git a/flake.lock b/flake.lock index a651e24..8b4a54a 100644 --- a/flake.lock +++ b/flake.lock @@ -622,6 +622,22 @@ "type": "github" } }, + "nixpkgs-stable_4": { + "locked": { + "lastModified": 1702148972, + "narHash": "sha256-h2jODFP6n+ABrUWcGRSVPRFfLOkM9TJ2pO+h+9JcaL0=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "b8f33c044e51de6dde3ad80a9676945e0e4e3227", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "release-23.05", + "repo": "nixpkgs", + "type": "github" + } + }, "nixpkgs-unstable": { "locked": { "lastModified": 1702312524, @@ -686,6 +702,22 @@ "type": "github" } }, + "nixpkgs_5": { + "locked": { + "lastModified": 1702029940, + "narHash": "sha256-qM3Du0perpLesh5hr87mVPZ79McMUKIWUH7EQMh2kWo=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "e9ef8a102c555da4f8f417fe5cf5bd539d8a38b7", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, "nixvim": { "inputs": { "flake-utils": "flake-utils_2", @@ -794,9 +826,29 @@ "nix-index-database": "nix-index-database", "nixpkgs": "nixpkgs_4", "nixpkgs-unstable": "nixpkgs-unstable", + "sops-nix": "sops-nix", "stylix": "stylix" } }, + "sops-nix": { + "inputs": { + "nixpkgs": "nixpkgs_5", + "nixpkgs-stable": "nixpkgs-stable_4" + }, + "locked": { + "lastModified": 1702177193, + "narHash": "sha256-J2409SyXROoUHYXVy9h4Pj0VU8ReLuy/mzBc9iK4DBg=", + "owner": "Mic92", + "repo": "sops-nix", + "rev": "d806e546f96c88cd9f7d91c1c19ebc99ba6277d9", + "type": "github" + }, + "original": { + "owner": "Mic92", + "repo": "sops-nix", + "type": "github" + } + }, "stylix": { "inputs": { "base16": "base16", diff --git a/flake.nix b/flake.nix index 972350c..97e956a 100644 --- a/flake.nix +++ b/flake.nix @@ -84,6 +84,7 @@ modules = [ # > Our main nixos configuration file < ./hosts/candlekeep/configuration.nix + inputs.sops-nix.nixosModules.sops ]; }; }; diff --git a/hosts/candlekeep/configuration.nix b/hosts/candlekeep/configuration.nix index abc8dc4..724a76a 100644 --- a/hosts/candlekeep/configuration.nix +++ b/hosts/candlekeep/configuration.nix @@ -41,6 +41,9 @@ ./hardware-configuration.nix ]; + sops.defaultSopsFile = ../../secrets/secrets.yaml; + sops.defaultSopsFormat = "yaml"; + nixpkgs = { # You can add overlays here overlays = [ diff --git a/secrets/secrets.yaml b/secrets/secrets.yaml new file mode 100644 index 0000000..1143195 --- /dev/null +++ b/secrets/secrets.yaml @@ -0,0 +1,21 @@ +restic_key: ENC[AES256_GCM,data:DzpWvFP5gyhrnLVIYgu9ouotWqkOAHehihSKf/TqJE+sHTD4vnIScfhzoKzdkoDoWfkcmQ==,iv:q83qNYuP/3mngvg+kUfOVToogL8VTvZ6HiGIztpnP/s=,tag:YNWwbma0HmPKqYCS1L5kQQ==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1k3hs0gyzrmsdyqh9lpret46q3xaayxxntruzc4euy6h3slqn4u6q36h7rg + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAyaTI1ZEhwbDJobnVPTlpm + OHRiYklTejE5dFJQaVE1V2xpOHcyRnVwd0MwCjJhQnpOTmdxSk1md0pNbS85L2tC + UVpnaUpPY0paaXFkOHZEOS9ZVUkySWsKLS0tIGp4UnZ6b3hXNDAyaHlXaUhMSzBi + US9oa0pORXRVWWlyYlZZTGhXdTdOaWsKClqIK/YNJIIGFqOO0t4oni8dRTTXQniG + ioIwAOdEgE/n0vcYhHXxLxWlTeqGZF076g7EFfIqiSNqrDtacRnazg== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2023-12-16T17:19:46Z" + mac: ENC[AES256_GCM,data:6nDxe2yQZswjX7LAry3DAfOpVUoQvZ52iIp8F7/Z1r69acXT2Eif/pEtyQ3KXBPl4ape15FrDyzpr0FW2Gmrj7vwITC2xBV68SmTuBp5Ou4QHftVpO6s4Y6ucXcdpkFx+UQ/lpkvNibrV+K6yPB7QfIP+sTpjhREJColwD7Meeo=,iv:WWpmoDXF6yiRsRase2O3HZwixxO9IPwkWLDPwlxNRdo=,tag:KPR5NreED05GK3uCHK5kXg==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.8.1