b12f restructure #1
|
@ -10,6 +10,10 @@ in
|
||||||
];
|
];
|
||||||
|
|
||||||
config = {
|
config = {
|
||||||
|
pub-solar.paranoia.enable = true;
|
||||||
|
pub-solar.core.hibernation.resumeDevice = "/dev/dm-0";
|
||||||
|
pub-solar.core.hibernation.resumeOffset = 15296512;
|
||||||
|
|
||||||
hardware.cpu.intel.updateMicrocode = true;
|
hardware.cpu.intel.updateMicrocode = true;
|
||||||
|
|
||||||
networking.firewall.allowedTCPPorts = [ 5000 ];
|
networking.firewall.allowedTCPPorts = [ 5000 ];
|
||||||
|
|
|
@ -28,12 +28,12 @@ in
|
||||||
|
|
||||||
age.secrets."vnc-key.pem" = {
|
age.secrets."vnc-key.pem" = {
|
||||||
file = "${self}/secrets/vnc-key-chocolatebar.pem";
|
file = "${self}/secrets/vnc-key-chocolatebar.pem";
|
||||||
mode = "700";
|
mode = "400";
|
||||||
owner = psCfg.user.name;
|
owner = psCfg.user.name;
|
||||||
};
|
};
|
||||||
age.secrets."vnc-cert.pem" = {
|
age.secrets."vnc-cert.pem" = {
|
||||||
file = "${self}/secrets/vnc-cert-chocolatebar.pem";
|
file = "${self}/secrets/vnc-cert-chocolatebar.pem";
|
||||||
mode = "700";
|
mode = "400";
|
||||||
owner = psCfg.user.name;
|
owner = psCfg.user.name;
|
||||||
};
|
};
|
||||||
pub-solar.sway.vnc.enable = true;
|
pub-solar.sway.vnc.enable = true;
|
||||||
|
|
|
@ -6,7 +6,7 @@ let
|
||||||
createService = import ./create-service.nix;
|
createService = import ./create-service.nix;
|
||||||
|
|
||||||
isolateGPU = "rx550x";
|
isolateGPU = "rx550x";
|
||||||
handOverUSBDevices = true;
|
handOverUSBDevices = false;
|
||||||
|
|
||||||
isolateAnyGPU = isolateGPU != null;
|
isolateAnyGPU = isolateGPU != null;
|
||||||
in
|
in
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
{ config, pkgs, lib, ... }:
|
{ config, pkgs, lib, self, ... }:
|
||||||
with lib;
|
with lib;
|
||||||
let
|
let
|
||||||
psCfg = config.pub-solar;
|
psCfg = config.pub-solar;
|
||||||
|
@ -26,6 +26,10 @@ in
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
|
|
||||||
|
services.openssh.knownHosts = {
|
||||||
|
"cloud.pub.solar".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIABPJSwr9DfnqV0KoL23BcxlWtRxuOqQpnFnCv4SG/LW";
|
||||||
|
};
|
||||||
|
|
||||||
systemd.user.services.ssh-tunnel-cloud-pub-solar = {
|
systemd.user.services.ssh-tunnel-cloud-pub-solar = {
|
||||||
unitConfig = {
|
unitConfig = {
|
||||||
Description = "Reverse SSH connection to enable backups from IPv4-only to IPv6-only host";
|
Description = "Reverse SSH connection to enable backups from IPv4-only to IPv6-only host";
|
||||||
|
@ -33,10 +37,27 @@ in
|
||||||
};
|
};
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
Type = "simple";
|
Type = "simple";
|
||||||
ExecStart = "${pkgs.openssh}/bin/ssh -vvv -g -N -T -o 'ServerAliveInterval 10' -o 'ExitOnForwardFailure yes' -R 127.0.0.1:22022:localhost:22 cloud.pub.solar";
|
ExecStart = "${pkgs.openssh}/bin/ssh -vvv -g -N -T -o 'ServerAliveInterval 10' -o 'ExitOnForwardFailure yes' -R 127.0.0.1:22022:localhost:22 root@cloud.pub.solar";
|
||||||
Restart = "always";
|
Restart = "always";
|
||||||
RestartSec = "5s";
|
RestartSec = "5s";
|
||||||
};
|
};
|
||||||
|
wantedBy = [ "default.target" ];
|
||||||
|
};
|
||||||
|
|
||||||
|
services.ddclient = {
|
||||||
|
enable = true;
|
||||||
|
ipv6 = true;
|
||||||
|
domains = [ "backup.b12f.io" ];
|
||||||
|
server = "ddns.hosting.de";
|
||||||
|
username = "b12f";
|
||||||
|
use = "web, web=http://checkip6.spdyn.de/, web-skip=''";
|
||||||
|
passwordFile = "/run/agenix/dyndns-droppie.key";
|
||||||
|
};
|
||||||
|
|
||||||
|
age.secrets."dyndns-droppie.key" = {
|
||||||
|
file = "${self}/secrets/dyndns-droppie.key";
|
||||||
|
mode = "400";
|
||||||
|
owner = psCfg.user.name;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -17,24 +17,26 @@ with lib;
|
||||||
};
|
};
|
||||||
|
|
||||||
config = {
|
config = {
|
||||||
|
boot = {
|
||||||
# Enable plymouth for better experience of booting
|
# Enable plymouth for better experience of booting
|
||||||
boot.plymouth.enable = true;
|
plymouth.enable = true;
|
||||||
|
|
||||||
# Mount / luks device in initrd
|
# Mount / luks device in initrd
|
||||||
# Allow fstrim to work on it.
|
# Allow fstrim to work on it.
|
||||||
# The ! makes this enabled by default
|
# The ! makes this enabled by default
|
||||||
boot.initrd = mkIf (!cfg.iso-options.enable && cfg.disk-encryption-active) {
|
initrd = mkIf (!cfg.iso-options.enable && cfg.disk-encryption-active) {
|
||||||
luks.devices."cryptroot" = {
|
luks.devices."cryptroot" = {
|
||||||
allowDiscards = true;
|
allowDiscards = true;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
boot.loader.systemd-boot.enable = true;
|
loader.systemd-boot.enable = true;
|
||||||
|
|
||||||
# Use latest LTS linux kernel by default
|
# Use latest LTS linux kernel by default
|
||||||
boot.kernelPackages = pkgs.linuxPackages_5_15;
|
kernelPackages = pkgs.linuxPackages_5_15;
|
||||||
|
|
||||||
# Support ntfs drives
|
# Support ntfs drives
|
||||||
boot.supportedFilesystems = [ "ntfs" ];
|
supportedFilesystems = [ "ntfs" ];
|
||||||
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -8,6 +8,7 @@ in
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
./boot.nix
|
./boot.nix
|
||||||
|
./hibernation.nix
|
||||||
./fonts.nix
|
./fonts.nix
|
||||||
./i18n.nix
|
./i18n.nix
|
||||||
./networking.nix
|
./networking.nix
|
||||||
|
|
35
modules/core/hibernation.nix
Normal file
35
modules/core/hibernation.nix
Normal file
|
@ -0,0 +1,35 @@
|
||||||
|
{ config, pkgs, lib, ... }:
|
||||||
|
with lib;
|
||||||
|
let
|
||||||
|
cfg = config.pub-solar.core.hibernation;
|
||||||
|
in
|
||||||
|
{
|
||||||
|
options.pub-solar.core.hibernation = {
|
||||||
|
enable = mkOption {
|
||||||
|
type = types.bool;
|
||||||
|
default = false;
|
||||||
|
description = "Whether the device can hibernate. This creates a swapfile at /swapfile.";
|
||||||
|
};
|
||||||
|
|
||||||
|
resumeDevice = mkOption {
|
||||||
|
type = types.str;
|
||||||
|
default = "/dev/sda1";
|
||||||
|
description = "The location of the hibernation resume swap file.";
|
||||||
|
};
|
||||||
|
|
||||||
|
resumeOffset = mkOption {
|
||||||
|
type = types.nullOr types.int;
|
||||||
|
default = null;
|
||||||
|
description = "The swap file offset. Can be found by running `filefrag -v $swap_file_location`. See https://wiki.archlinux.org/title/Power_management/Suspend_and_hibernate#Hibernation_into_swap_file";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
config = {
|
||||||
|
boot = mkIf cfg.enable {
|
||||||
|
resumeDevice = cfg.resumeDevice;
|
||||||
|
kernelParams =
|
||||||
|
if (cfg.resumeOffset == null && cfg.enable) then builtins.abort "config.pub-solar.resumeOffset has to be set if config.pub-solar.enable is true."
|
||||||
|
else [ "resume_offset=${builtins.toString cfg.resumeOffset}" ];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -2,6 +2,8 @@
|
||||||
|
|
||||||
{
|
{
|
||||||
nix = {
|
nix = {
|
||||||
|
# Use default version alias for nix package
|
||||||
|
package = pkgs.nix;
|
||||||
# Improve nix store disk usage
|
# Improve nix store disk usage
|
||||||
autoOptimiseStore = true;
|
autoOptimiseStore = true;
|
||||||
gc.automatic = true;
|
gc.automatic = true;
|
||||||
|
|
24
modules/paranoia/default.nix
Normal file
24
modules/paranoia/default.nix
Normal file
|
@ -0,0 +1,24 @@
|
||||||
|
{ config, lib, ... }:
|
||||||
|
|
||||||
|
with lib;
|
||||||
|
let
|
||||||
|
psCfg = config.pub-solar;
|
||||||
|
cfg = config.pub-solar.paranoia;
|
||||||
|
in
|
||||||
|
{
|
||||||
|
options.pub-solar.paranoia = {
|
||||||
|
enable = mkOption {
|
||||||
|
description = ''
|
||||||
|
Only offer hibernation instead of screen locking and sleeping. This only makes sense
|
||||||
|
if your hard drive is encrypted, and ensures that the contents of your drive are
|
||||||
|
encrypted if you are not actively using the device.
|
||||||
|
'';
|
||||||
|
default = false;
|
||||||
|
type = types.bool;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
config = mkIf cfg.enable {
|
||||||
|
pub-solar.core.hibernation.enable = true;
|
||||||
|
};
|
||||||
|
}
|
|
@ -37,22 +37,6 @@ bindsym $mod+Ctrl+r exec record-screen
|
||||||
set $menu exec alacritty --class launcher -e env TERMINAL_COMMAND="alacritty -e" sway-launcher
|
set $menu exec alacritty --class launcher -e env TERMINAL_COMMAND="alacritty -e" sway-launcher
|
||||||
bindsym $mod+Space exec $menu
|
bindsym $mod+Space exec $menu
|
||||||
|
|
||||||
# Set shut down, restart and locking features
|
|
||||||
set $mode_system (l)ock, (e)xit, (s)uspend, (h)ibernate, (r)eboot, (Shift+s)hutdown
|
|
||||||
bindsym $mod+0 mode "$mode_system"
|
|
||||||
mode "$mode_system" {
|
|
||||||
bindsym l exec swaylock-bg, mode "default"
|
|
||||||
bindsym e exec systemctl --user stop graphical-session.target, mode "default"
|
|
||||||
bindsym s exec systemctl suspend, mode "default"
|
|
||||||
bindsym h exec systemctl hibernate, mode "default"
|
|
||||||
bindsym r exec systemctl reboot, mode "default"
|
|
||||||
bindsym Shift+s exec systemctl poweroff, mode "default"
|
|
||||||
|
|
||||||
# exit system mode: "Enter" or "Escape"
|
|
||||||
bindsym Return mode "default"
|
|
||||||
bindsym Escape mode "default"
|
|
||||||
}
|
|
||||||
|
|
||||||
set $mode_vncclient In VNCClient mode. Press $mod+Num_Lock or $mod+Shift+Escape to return.
|
set $mode_vncclient In VNCClient mode. Press $mod+Num_Lock or $mod+Shift+Escape to return.
|
||||||
bindsym $mod+Num_Lock mode "$mode_vncclient"
|
bindsym $mod+Num_Lock mode "$mode_vncclient"
|
||||||
bindsym $mod+Shift+Escape mode "$mode_vncclient"
|
bindsym $mod+Shift+Escape mode "$mode_vncclient"
|
||||||
|
|
21
modules/sway/config/config.d/mode_system.conf.nix
Normal file
21
modules/sway/config/config.d/mode_system.conf.nix
Normal file
|
@ -0,0 +1,21 @@
|
||||||
|
{ psCfg, ... }: ''
|
||||||
|
# Set shut down, restart and locking features
|
||||||
|
set $mode_system (e)xit, (h)ibernate, (r)eboot, (Shift+s)hutdown
|
||||||
|
bindsym $mod+0 mode "$mode_system"
|
||||||
|
mode "$mode_system" {
|
||||||
|
bindsym e exec swaymsg exit, mode "default"
|
||||||
|
'' + (if psCfg.core.hibernation.enable then ''
|
||||||
|
bindsym h exec systemctl hibernate, mode "default"
|
||||||
|
'' else "")
|
||||||
|
+ (if !psCfg.paranoia.enable then ''
|
||||||
|
bindsym l exec swaylock-bg, mode "default"
|
||||||
|
bindsym s exec systemctl suspend, mode "default"
|
||||||
|
'' else "") + ''
|
||||||
|
bindsym r exec systemctl reboot, mode "default"
|
||||||
|
bindsym Shift+s exec systemctl poweroff, mode "default"
|
||||||
|
|
||||||
|
# exit system mode: "Enter" or "Escape"
|
||||||
|
bindsym Return mode "default"
|
||||||
|
bindsym Escape mode "default"
|
||||||
|
}
|
||||||
|
''
|
|
@ -2,7 +2,6 @@
|
||||||
with lib;
|
with lib;
|
||||||
let
|
let
|
||||||
psCfg = config.pub-solar;
|
psCfg = config.pub-solar;
|
||||||
cfg = config.pub-solar.sway;
|
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
options.pub-solar.sway = {
|
options.pub-solar.sway = {
|
||||||
|
@ -23,8 +22,8 @@ in
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
config = mkIf cfg.enable (mkMerge [
|
config = mkIf psCfg.sway.enable (mkMerge [
|
||||||
(mkIf (cfg.v4l2loopback.enable) {
|
(mkIf (psCfg.sway.v4l2loopback.enable) {
|
||||||
boot.extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ];
|
boot.extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ];
|
||||||
boot.kernelModules = [ "v4l2loopback" ];
|
boot.kernelModules = [ "v4l2loopback" ];
|
||||||
boot.extraModprobeConfig = ''
|
boot.extraModprobeConfig = ''
|
||||||
|
@ -79,7 +78,6 @@ in
|
||||||
xsettingsd
|
xsettingsd
|
||||||
ydotool
|
ydotool
|
||||||
|
|
||||||
swaylock-bg
|
|
||||||
sway-launcher
|
sway-launcher
|
||||||
record-screen
|
record-screen
|
||||||
import-gtk-settings
|
import-gtk-settings
|
||||||
|
@ -90,20 +88,21 @@ in
|
||||||
programs.waybar.enable = true;
|
programs.waybar.enable = true;
|
||||||
#programs.waybar.systemd.enable = true;
|
#programs.waybar.systemd.enable = true;
|
||||||
|
|
||||||
systemd.user.services.mako = import ./mako.service.nix pkgs;
|
systemd.user.services.mako = import ./mako.service.nix { inherit pkgs psCfg; };
|
||||||
systemd.user.services.sway = import ./sway.service.nix pkgs;
|
systemd.user.services.sway = import ./sway.service.nix { inherit pkgs psCfg; };
|
||||||
systemd.user.services.swayidle = import ./swayidle.service.nix pkgs;
|
systemd.user.services.swayidle = import ./swayidle.service.nix { inherit pkgs psCfg; };
|
||||||
systemd.user.services.xsettingsd = import ./xsettingsd.service.nix pkgs;
|
systemd.user.services.xsettingsd = import ./xsettingsd.service.nix { inherit pkgs psCfg; };
|
||||||
systemd.user.services.waybar = import ./waybar.service.nix pkgs;
|
systemd.user.services.waybar = import ./waybar.service.nix { inherit pkgs psCfg; };
|
||||||
systemd.user.targets.sway-session = import ./sway-session.target.nix pkgs;
|
systemd.user.targets.sway-session = import ./sway-session.target.nix { inherit pkgs psCfg; };
|
||||||
|
|
||||||
systemd.user.services.wayvnc = mkIf cfg.vnc.enable (import ./wayvnc.service.nix pkgs);
|
systemd.user.services.wayvnc = mkIf psCfg.sway.vnc.enable (import ./wayvnc.service.nix pkgs);
|
||||||
|
|
||||||
xdg.configFile."sway/config".text = import ./config/config.nix { inherit config pkgs; };
|
xdg.configFile."sway/config".text = import ./config/config.nix { inherit config pkgs; };
|
||||||
xdg.configFile."sway/config.d/colorscheme.conf".source = ./config/config.d/colorscheme.conf;
|
xdg.configFile."sway/config.d/colorscheme.conf".source = ./config/config.d/colorscheme.conf;
|
||||||
xdg.configFile."sway/config.d/theme.conf".source = ./config/config.d/theme.conf;
|
xdg.configFile."sway/config.d/theme.conf".source = ./config/config.d/theme.conf;
|
||||||
xdg.configFile."sway/config.d/gaps.conf".source = ./config/config.d/gaps.conf;
|
xdg.configFile."sway/config.d/gaps.conf".source = ./config/config.d/gaps.conf;
|
||||||
xdg.configFile."sway/config.d/custom-keybindings.conf".source = ./config/config.d/custom-keybindings.conf;
|
xdg.configFile."sway/config.d/custom-keybindings.conf".source = ./config/config.d/custom-keybindings.conf;
|
||||||
|
xdg.configFile."sway/config.d/mode_system.conf".text = import ./config/config.d/mode_system.conf.nix { inherit psCfg; };
|
||||||
xdg.configFile."sway/config.d/applications.conf".source = ./config/config.d/applications.conf;
|
xdg.configFile."sway/config.d/applications.conf".source = ./config/config.d/applications.conf;
|
||||||
xdg.configFile."sway/config.d/systemd.conf".source = ./config/config.d/systemd.conf;
|
xdg.configFile."sway/config.d/systemd.conf".source = ./config/config.d/systemd.conf;
|
||||||
xdg.configFile."wayvnc/config".text = import ./config/wayvnc/config.nix { inherit psCfg; inherit pkgs; };
|
xdg.configFile."wayvnc/config".text = import ./config/wayvnc/config.nix { inherit psCfg; inherit pkgs; };
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
pkgs:
|
{ pkgs, ... }:
|
||||||
{
|
{
|
||||||
Unit = {
|
Unit = {
|
||||||
Description = "set color temperature of display according to time of day";
|
Description = "set color temperature of display according to time of day";
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
pkgs:
|
{ pkgs, ... }:
|
||||||
{
|
{
|
||||||
Unit = {
|
Unit = {
|
||||||
Description = "Actions gestures on your touchpad using libinput";
|
Description = "Actions gestures on your touchpad using libinput";
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
pkgs:
|
{ pkgs, ... }:
|
||||||
{
|
{
|
||||||
Unit = {
|
Unit = {
|
||||||
Description = "Lightweight Wayland notification daemon";
|
Description = "Lightweight Wayland notification daemon";
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
pkgs:
|
{ pkgs, ... }:
|
||||||
{
|
{
|
||||||
Unit = {
|
Unit = {
|
||||||
Description = "sway compositor session";
|
Description = "sway compositor session";
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
pkgs:
|
{ pkgs, ... }:
|
||||||
{
|
{
|
||||||
Unit = {
|
Unit = {
|
||||||
Description = "sway - SirCmpwn's Wayland window manager";
|
Description = "sway - SirCmpwn's Wayland window manager";
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
pkgs:
|
{ pkgs, psCfg, ... }:
|
||||||
{
|
{
|
||||||
Unit = {
|
Unit = {
|
||||||
Description = "Idle manager for Wayland";
|
Description = "Idle manager for Wayland";
|
||||||
|
@ -9,8 +9,14 @@ pkgs:
|
||||||
};
|
};
|
||||||
Service = {
|
Service = {
|
||||||
Type = "simple";
|
Type = "simple";
|
||||||
Environment = "PATH=/run/current-system/sw/bin:${pkgs.sway}/bin:${pkgs.swaylock}/bin:${pkgs.swaylock-bg}/bin";
|
Environment = "PATH=/run/current-system/sw/bin:${pkgs.sway}/bin";
|
||||||
ExecStart = ''${pkgs.swayidle}/bin/swayidle -w \
|
ExecStart =
|
||||||
|
if psCfg.paranoia.enable then ''
|
||||||
|
${pkgs.swayidle}/bin/swayidle -w \
|
||||||
|
timeout 120 'swaymsg "output * dpms off"' \
|
||||||
|
timeout 150 'systemctl hibernate' \
|
||||||
|
'' else ''
|
||||||
|
${pkgs.swayidle}/bin/swayidle -w \
|
||||||
timeout 600 'swaylock-bg' \
|
timeout 600 'swaylock-bg' \
|
||||||
timeout 900 'swaymsg "output * dpms off"' \
|
timeout 900 'swaymsg "output * dpms off"' \
|
||||||
resume 'swaymsg "output * dpms on"' \
|
resume 'swaymsg "output * dpms on"' \
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
pkgs:
|
{ pkgs, ... }:
|
||||||
{
|
{
|
||||||
Unit = {
|
Unit = {
|
||||||
Description = "Highly customizable Wayland bar for Sway and Wlroots based compositors.";
|
Description = "Highly customizable Wayland bar for Sway and Wlroots based compositors.";
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
pkgs:
|
{ pkgs, ... }:
|
||||||
{
|
{
|
||||||
Unit = {
|
Unit = {
|
||||||
Description = "X Settings Daemon";
|
Description = "X Settings Daemon";
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
pkgs:
|
{ pkgs, ... }:
|
||||||
{
|
{
|
||||||
Unit = {
|
Unit = {
|
||||||
Description = "ydotool - Generic command-line automation tool (no X!)";
|
Description = "ydotool - Generic command-line automation tool (no X!)";
|
||||||
|
|
|
@ -13,15 +13,11 @@ with final; {
|
||||||
s = writeShellScriptBin "s" (import ./s.nix final);
|
s = writeShellScriptBin "s" (import ./s.nix final);
|
||||||
sway-launcher = writeScriptBin "sway-launcher" (import ./sway-launcher.nix final);
|
sway-launcher = writeScriptBin "sway-launcher" (import ./sway-launcher.nix final);
|
||||||
sway-service = writeShellScriptBin "sway-service" (import ./sway-service.nix final);
|
sway-service = writeShellScriptBin "sway-service" (import ./sway-service.nix final);
|
||||||
swaylock-bg = writeScriptBin "swaylock-bg" (import ./swaylock-bg.nix final);
|
swaylock-bg = writeShellScriptBin "swaylock-bg" (import ./swaylock-bg.nix final);
|
||||||
toggle-kbd-layout = writeShellScriptBin "toggle-kbd-layout" (import ./toggle-kbd-layout.nix final);
|
toggle-kbd-layout = writeShellScriptBin "toggle-kbd-layout" (import ./toggle-kbd-layout.nix final);
|
||||||
uhk-agent = import ./uhk-agent.nix final;
|
uhk-agent = import ./uhk-agent.nix final;
|
||||||
wcwd = writeShellScriptBin "wcwd" (import ./wcwd.nix final);
|
wcwd = writeShellScriptBin "wcwd" (import ./wcwd.nix final);
|
||||||
drone-docker-runner = writeShellScriptBin "drone-docker-runner" (import ./drone-docker-runner.nix final);
|
drone-docker-runner = writeShellScriptBin "drone-docker-runner" (import ./drone-docker-runner.nix final);
|
||||||
record-screen = writeShellScriptBin "record-screen" (import ./record-screen.nix final);
|
record-screen = writeShellScriptBin "record-screen" (import ./record-screen.nix final);
|
||||||
|
|
||||||
# ps-fixes
|
|
||||||
|
|
||||||
scan2paperless = writeShellScriptBin "scan2paperless" (import ./scan2paperless.nix final);
|
scan2paperless = writeShellScriptBin "scan2paperless" (import ./scan2paperless.nix final);
|
||||||
drone-docker-runner = writeShellScriptBin "drone-docker-runner" (import ./drone-docker-runner.nix final);
|
|
||||||
}
|
}
|
||||||
|
|
27
secrets/dyndns-droppie.key
Normal file
27
secrets/dyndns-droppie.key
Normal file
|
@ -0,0 +1,27 @@
|
||||||
|
age-encryption.org/v1
|
||||||
|
-> ssh-rsa kFDS0A
|
||||||
|
lbrJzpCXpf3BJYL80d2vD/b4raoPnUKV0D9Ka9yKb72W3ATfA/Cqq7vpisHRnwyj
|
||||||
|
3pt1TfrPzti/8ZKDqY/Zw171jQbOF6zW45z4m8yJu4J1LYXh8yYrTR3YPwhPoGYm
|
||||||
|
eZJWWj2YghqCFC7vdL/wZFjkStxwBGgrJfNOxJBcXOpUX2TOzfdNAgJ/pEkvdd/L
|
||||||
|
jktiU5ITt7KXruwSEXRzHVfmntl4SaqDqYfeb0Y0q2a1oMpxTnBKcYXj6dYcZIHv
|
||||||
|
Lm8HX0JsIiThz/DXB4sP2O5GlGeYyibj2iMSCsCqadwDpUndVtJnzFgjSQD5A0gd
|
||||||
|
enNTYly3GSmC9TWt/r2VHHyneAnJ3HQKB5hUEqxPz9peemnvfTA89SIGHddmkXfY
|
||||||
|
XSeN5WJnSG0+WAOwrpJjzl9CgUg9xJS7dDqVob3CwL9oVEQP8FcuuyqCg72ppd4J
|
||||||
|
fdseq5/R+HuVnh6sEUHoaHEDidHtTrpE2Rd49Tesj/BT+YrJyQ/kQqHmy9RiLU2f
|
||||||
|
DSRwLO4/qHF6W8UfuF2N08aMxRpxqXPWTjI/vHxoSJRcSqaofF42x50OQU8lY96c
|
||||||
|
8bPlDPB7HOBg+7bVvOQCaR3+KRuOx+HYpeMwEokQTwCke+frPfXorilNbAcaFUp4
|
||||||
|
QiU1sUZia/FOZ+j47+6pkfC2DfLpiNL2TLWYcNtIzUc
|
||||||
|
-> ssh-ed25519 7Wns0A aKiZ8iw+Ub5rByBef0apOn6lG5Bv6tzFCiBu3DN6sSg
|
||||||
|
58+9kySg3ajO7E5V87b/qRu9axpu2hQUuY/cVTt2YdI
|
||||||
|
-> ssh-rsa wVtlwQ
|
||||||
|
RbrfuwS5zQzL9yMWFDSnWj9cQFLirTH37Xf79Dis2CJIDd83vmlmGNY5x1aPpZoZ
|
||||||
|
J6XDhibGTJc02DYuNVIE1IXm0x9tc6Z9PTT+WiAFt1JuKHguXTWLRMM9HmyvWWDg
|
||||||
|
bFsRDAcYup+SK5d+ME+XooDGueC822rAjkGIRHNSCimGwuLpDRKqyyVfYA+dcfiP
|
||||||
|
EoYH7x4S09jYRr1C5EkbraLbm1vijc5ikJw3b42KKbyo3wDwKga+Vk2nl2AtgjZp
|
||||||
|
KipZlyjs+IjMRXX5IBpgoRtXcvHuidsOSc+guRo0ihF9MbzRc/Tt2g0V7t3KjeT0
|
||||||
|
SJDLmHOos2RKTmx06aidDg
|
||||||
|
-> Dz(k-grease ~FF p m)E{J3E
|
||||||
|
7Igp3pclCAzAmeky5cPqlIzcITT+0jvieQe7ruSxRYRYqpYU7tMQFmHuNUahp+BP
|
||||||
|
MzOYiM+PIQmn
|
||||||
|
--- IC9SI76EjaFZxQ5odEeIv49n/O8uOdpM6LE1Z7dtHg4
|
||||||
|
l%Àu¯¯ÃE„\ÎüÔ?2\&ÚwG&@¡W£~9"úŠ^ÊƆý¼Á<>oån^šë<C5A1>㻳xšèOI‡¢uOíò‡21c*ãm¸%ô)ý#”جeõIÙ6îA/i
|
|
@ -8,6 +8,9 @@ let
|
||||||
chocolatebar-host = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINZT3QrKugNTWNOwYziQnxrT5zFqWQDafWjScDuIpMhN root@chocolatebar";
|
chocolatebar-host = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINZT3QrKugNTWNOwYziQnxrT5zFqWQDafWjScDuIpMhN root@chocolatebar";
|
||||||
chocolatebar-user = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDwyNsGCMuyI9x2IxYEbYIL6oYsEfe1wqhHaRxSnK9oc10ge1LJni5o7g6XgryoQpCD9YenImcCxwkKblmlLQ2327uoVC2PUo07li1uT0eIPk0TQoxwp6besFs7/LEzZlgWQsc3gkEXmjk/E0mu0U6z2fkqciJ/ZxWYt9fLP6jBG47U9878rSaZ7k7Ilv6oRA3suArH189k1nerk/tonS4EWXeHZxHh/Eu0tqwmxN/6+g2GicYn6b+MbFQVdQAkctqT5Yz9USm9UKzbaAuZ799u0dJzagHm9JJZOr8r11ENtAkY9kAzRzm3u/ACiSdVzyLdjAK6m0dIPhp3OhedzuHiI6/wRll60tYtQTH1XwUpVbtir3+DT+jwZgO1zH3yL4iNh79kuUo+UEg1ZmGkSZRzSS2vb5qr0J5aSJmCd5sNB7a01PTtSlQPOqSF9PB+UmcLDF7JoKFub0KT/gRZ5neZkXTYQ/Y05qtaaFVlOVISijnm+sLUvKBv6OW8oYXIHBk= ben@chocolatebar";
|
chocolatebar-user = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDwyNsGCMuyI9x2IxYEbYIL6oYsEfe1wqhHaRxSnK9oc10ge1LJni5o7g6XgryoQpCD9YenImcCxwkKblmlLQ2327uoVC2PUo07li1uT0eIPk0TQoxwp6besFs7/LEzZlgWQsc3gkEXmjk/E0mu0U6z2fkqciJ/ZxWYt9fLP6jBG47U9878rSaZ7k7Ilv6oRA3suArH189k1nerk/tonS4EWXeHZxHh/Eu0tqwmxN/6+g2GicYn6b+MbFQVdQAkctqT5Yz9USm9UKzbaAuZ799u0dJzagHm9JJZOr8r11ENtAkY9kAzRzm3u/ACiSdVzyLdjAK6m0dIPhp3OhedzuHiI6/wRll60tYtQTH1XwUpVbtir3+DT+jwZgO1zH3yL4iNh79kuUo+UEg1ZmGkSZRzSS2vb5qr0J5aSJmCd5sNB7a01PTtSlQPOqSF9PB+UmcLDF7JoKFub0KT/gRZ5neZkXTYQ/Y05qtaaFVlOVISijnm+sLUvKBv6OW8oYXIHBk= ben@chocolatebar";
|
||||||
|
|
||||||
|
droppie-host = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBDuXuPPDXTyJgy4JRwbKcPbawvVB1Il2neyRWb4O5sJ root@nixos";
|
||||||
|
droppie-user = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCnYTlTmHCl6LOkexqRR9LqjOoFgt9TQ4VzHQGRHJMzF/AGcDRoqC+pBLFSTzRb5/ikAOsb32XHyKVg4nNdJeQshO11QtDmkCB02D/XcIXxnNQ5A8CztT2az5xJtbbWSdamMnHBLcqLiwoLmXbERpdlt8jNqMHrz+bjCUGYVAFSfc/WdIs6EATJ1eF0VFxv7nUh4qhgStABSwhNsnoYOC/DOBSA9aBP1f5Fz9QHUioPTGi2hRwbTbtFUvTrymPpWVFRApa1zvGXcr4YUCm7ia1ZlZKzRpsPkwLxb8Omm4bGmR0cAVwVhVRySnhpCTwbIBLyw+H8PvKWBBba1NAKyMij root@droppie";
|
||||||
|
|
||||||
allKeys = [
|
allKeys = [
|
||||||
bbcom
|
bbcom
|
||||||
|
|
||||||
|
@ -31,6 +34,13 @@ let
|
||||||
chocolatebar-host
|
chocolatebar-host
|
||||||
chocolatebar-user
|
chocolatebar-user
|
||||||
];
|
];
|
||||||
|
|
||||||
|
droppieKeys = [
|
||||||
|
bbcom
|
||||||
|
|
||||||
|
droppie-host
|
||||||
|
droppie-user
|
||||||
|
];
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
"keyfile-biolimo.bin".publicKeys = biolimoKeys;
|
"keyfile-biolimo.bin".publicKeys = biolimoKeys;
|
||||||
|
@ -44,5 +54,7 @@ in
|
||||||
|
|
||||||
"drone-runner-exec-config".publicKeys = allKeys;
|
"drone-runner-exec-config".publicKeys = allKeys;
|
||||||
|
|
||||||
|
"dyndns-droppie.key".publicKeys = droppieKeys;
|
||||||
|
|
||||||
"mopidy.conf".publicKeys = allKeys;
|
"mopidy.conf".publicKeys = allKeys;
|
||||||
}
|
}
|
||||||
|
|
|
@ -6,7 +6,7 @@ let
|
||||||
cachix
|
cachix
|
||||||
editorconfig-checker
|
editorconfig-checker
|
||||||
mdbook
|
mdbook
|
||||||
nixUnstable
|
nix
|
||||||
nixpkgs-fmt
|
nixpkgs-fmt
|
||||||
nvfetcher
|
nvfetcher
|
||||||
;
|
;
|
||||||
|
|
|
@ -63,6 +63,12 @@ in
|
||||||
MACs = "hmac-sha2-512-etm@openssh.com";
|
MACs = "hmac-sha2-512-etm@openssh.com";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
"laurakirst.de" = {
|
||||||
|
hostname = "webj4bsux.wh.hosting.zone";
|
||||||
|
user = "webj4bsux_36qkrk";
|
||||||
|
port = 2244;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -24,6 +24,8 @@ in
|
||||||
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEST9eyAY3nzGYNnqDYfWHu+89LZsOjyKHMqCFvtP7vrgB7F7JbbECjdjAXEOfPDSCVwtMMpq8JJXeRMjpsD0rw= b12f Yubi Backup"
|
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEST9eyAY3nzGYNnqDYfWHu+89LZsOjyKHMqCFvtP7vrgB7F7JbbECjdjAXEOfPDSCVwtMMpq8JJXeRMjpsD0rw= b12f Yubi Backup"
|
||||||
|
|
||||||
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFro/k4Mgqyh8yV/7Zwjc0dv60ZM7bROBU9JNd99P/4co6fxPt1pJiU/pEz2Dax/HODxgcO+jFZfvPEuLMCeAl0= YubiKey #10593996 PIV Slot 9a teutat3s"
|
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFro/k4Mgqyh8yV/7Zwjc0dv60ZM7bROBU9JNd99P/4co6fxPt1pJiU/pEz2Dax/HODxgcO+jFZfvPEuLMCeAl0= YubiKey #10593996 PIV Slot 9a teutat3s"
|
||||||
|
|
||||||
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIKa5elEXgBc2luVBOHVWZisJgt0epFQOercPi0tZzPU root@cloud.pub.solar"
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
Loading…
Reference in a new issue