diff --git a/.secrets/hetzner/internetbs.yaml b/.secrets/hetzner/internetbs.yaml deleted file mode 100644 index 887fd92..0000000 --- a/.secrets/hetzner/internetbs.yaml +++ /dev/null @@ -1,30 +0,0 @@ -internetbs: ENC[AES256_GCM,data:usJ/08NTnlLNcnzVyycFVe7VN2LS7gNkqQRltpTEKBHu8POjaNK2E7t0tuq3a+EcxkhxBsd7O8lw7fjFDh6ZPo7nfUQjvVQzbaI1JjMUOw==,iv:kJFbg9mt3EMSzrUWEzC4xK6ilAiRp+fktYUX+W6uwSM=,tag:tsE6qpyjA5d4egFM2IJzRA==,type:str] -sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age1qur4kh3gay9ryk3jh2snvjp6x9eq94zdrmgkrfcv4fzsu7l6lumq4tr3uy - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHT3U4dmhTTmRGRnFxMmhQ - Lzc0RWdQaThYZDhtcHFTSHNPNS9pd2RKS0N3CnVlUmx0V3BCUHhkQ1d0Nlk3NGEw - bHM1YWQySEZVV3VjZUcwcE1TSW9scDgKLS0tIFNYbnJxVzA4d2dsQTRVVXhDdFUv - OS9xVXVUSTFmbStObGdLRUl5RWlGTk0Ki6/1TMHB/BfL53qDYvQwmW6xHes27Ni4 - exk+T9OlgKsHQfdRpu3t3TrdnFIJYmAJeuU6NNdlp18juNPp9kbBEg== - -----END AGE ENCRYPTED FILE----- - - recipient: age1dwcz3fmp29ju4svy0t0wz4ylhpwlqa8xpw4l7t4gmgqr0ev37qrsfn840l - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBUY2VCS1ZtWjc3VFFLSUhl - R2EzbE5SMWlWOXZhWmVuckFzVGR1aFp2aVQ0CllkemVFaFhwYzgxNFNlL3Z1QWRP - d0Rqb2FtYXI5T2ZzUjJIMXluUWwwdnMKLS0tIEQ4Yk1vRzVpZVF4blFxVkdIRGFl - ZmMxald2NU9HSE1ZOUN5R2twMXdmVGcKAXcUXemrleTxGxkMP+4mWh8uYwN1FTDc - cHbaln4DsDOqHtqqpJheTqN0mMOmkDvTCq2jbiKIkr2sruh49acIoA== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2023-10-24T13:45:16Z" - mac: ENC[AES256_GCM,data:MOEFuQSx+SlXM7ajjQR6twCULem19A/hYKHBQhnLMb2V9o8SuYOvhmn8dz/UE558dnJt6eIB0rRKTItEbxNfyjvr6r2q+GPi7OM85ytLd0UuNPwcKUrqmlx5JPCRWt189U+qetbIDH7PXCawfccbLJmJWHBhFn+ZwqPbLs2wUnI=,iv:YUcEofcFTT8KgVVoQg/+bsCgBTdyGmmYLX7m1cqonhA=,tag:9oKLUS0eebRvC7UwEgkhew==,type:str] - pgp: [] - unencrypted_suffix: _unencrypted - version: 3.7.3 diff --git a/.secrets/hetzner/postgres.yaml b/.secrets/hetzner/postgres.yaml deleted file mode 100644 index 502eb90..0000000 --- a/.secrets/hetzner/postgres.yaml +++ /dev/null @@ -1,31 +0,0 @@ -postgres: - gitea_dbpass: ENC[AES256_GCM,data:YdouHox7M6iTygteftGMB1W/hEWUchlZ+35ofgbI0xoYGt7QzVZyPKpO8cvcVNPTgdWk6B1zWlFw6JRhXv+ovg==,iv:0EkZGv8iQkq2fcyViCJy/Rj7n3w1BSuU5NiPw5sJhr0=,tag:z3Ff2dNzJBuBqyGiqoxZcg==,type:str] -sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age1qur4kh3gay9ryk3jh2snvjp6x9eq94zdrmgkrfcv4fzsu7l6lumq4tr3uy - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBOUVxRXduVWhjNHdnZCtH - U0VLWE01VkJaWmNDUzE1bmorRDN5RWNwTnhJClRkcDNzb1U2MzZ3TDhXSnI4Z252 - a1A0dzQ5eUlScDhhYjl6WEdnYnlxUm8KLS0tIDczaXlvcDVwUzdQY1h6a01QM2p6 - T3FBVWJqaHQwVnIrNFVsWVBub2djMG8KsbZb43UkVe1Up0O15UTC/PdsEkwwOnVW - 9P4AGO097HfTLkAjKJHx5QYF02dJ+4xb6rgzUYt9Nr8h8+GD0xRAfQ== - -----END AGE ENCRYPTED FILE----- - - recipient: age1dwcz3fmp29ju4svy0t0wz4ylhpwlqa8xpw4l7t4gmgqr0ev37qrsfn840l - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBdlhZbDhqamNGU2QrZDN5 - MlY5RFgrV3NJUk1PYWJLSnpCZjhiTUF5b0RrCmRHV0JnYlBmL2p0WE9UTzJUcVhK - dkhiYlJtYWtDN0lseHRCNTUzb252TmsKLS0tIGZKbjA3dkVwcnZNK2djV1BvSkJo - a09FM1ZqSWdsdytjdVFCanVldHVoWUUKyy/LXNd/vZLdgXYXfloFkNviaddvrazw - 4Z0bJ/fqGvRPlLkTUzZlhWKVXfZFGgo5nQSEvyphkIb6UCyd9VamnA== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2023-10-24T14:02:40Z" - mac: ENC[AES256_GCM,data:7yikTQ7wsy13Hfwo5VKpUow8KW2/UYfzrWuA6Rp+21FglG3f7s6PLlrpMLooDPiaHxiPfc1fHg3u6UDcotyUljMZMQCCfvmLC1saALB6lFHEj3KoTa/NtgimYB2FeK92RcrU+EymmwZItmI/t1CuH8/qvXydWnO9zMWplMtW89Y=,iv:PEmElInahA5pPQvR9aatpKt+JhsKEtBPCPm926/59Uo=,tag:mflo6uSOh8SDKoC5JLHDIw==,type:str] - pgp: [] - unencrypted_suffix: _unencrypted - version: 3.7.3 diff --git a/.secrets/sgx/backup-s3.yaml b/.secrets/sgx/backup-s3.yaml deleted file mode 100644 index 448895a..0000000 --- a/.secrets/sgx/backup-s3.yaml +++ /dev/null @@ -1,31 +0,0 @@ -backup-s3: ENC[AES256_GCM,data:gT5yQDC/nW7INa6e+BZOiR+Ky6SvU8hsRMvCoBDw8bOJT4yWlLkeYjoZOUSAdNaWyrNuypy72TUnq4+Udhrqd9YeneR7vj+UOSsNpDdqzVaTb0kTiL0lBT3RvXZ3QYVmSqYFnjrR,iv:VVQkDUuQwxHYFgOWueYIYq9M3WSIEYycdH+j+ibeS8w=,tag:wKe5kz0HxpZOW7GCw9rctg==,type:str] -backup-pw: ENC[AES256_GCM,data:JRgZXuO1eABr4fNmWJO/WgFLirEbGssLy+Lc29FWNFfBomDlr+73AFUcj1Ln8w92msuxubOY81jgEtG15PFX/g==,iv:4i6UyGYMJE4a2L4485ywlhZAE900wjVRia/X92Xr3Yg=,tag:d2oU6tSUwj3cdLJNmDHEEQ==,type:str] -sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age149fqcw5jze00vd7jauylrp4j5xyv7amlu57jjfuzghkqtzlnxajs704uz3 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPRjFydkVQTXlCWEJCSjNl - Unk1ejJ3K0M4dFVNeFFHK1c4ZjhwTG93b1cwCnJkN3BQZE1Na3VyZkc5SU1PNVkv - b3hVNzNIRStnemZ2RUlxSDJxRWtGTDAKLS0tIGVmK0d0Y2twMTE0U0hoRmRVR2R0 - cjhYNlJZdG1QVzYyRzhoUm1wLzdGY1kK0QNSItqjmwLTxQaMEC1bYrtlpE8EGlHb - hkWADj/Qw8m7Hbi1YCL6YWalHfoHM80VlfGGV6oAH4KH7l2mykqfzQ== - -----END AGE ENCRYPTED FILE----- - - recipient: age1dwcz3fmp29ju4svy0t0wz4ylhpwlqa8xpw4l7t4gmgqr0ev37qrsfn840l - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNcHc0NXY1YVhiREJ6ZFBz - cGVqM2ZvZVBYSnlZZ00vS2ZjeUZHeEVrelJ3CnhQRWhWcFRHeUJrcE9OaU9sQ21n - bDJBdnMrRTRKdEtMcWpDQTdqc0R4dDAKLS0tIGZPeTdGOFBSMjhTOEk5TEVnS2tm - QVZ6UEU3eFBEZ2RBRFdMd0sraVl4Z2cKOxGZrvhamIKuYubd6xvHS5VgFuXw7i+x - JvB7Wuu1+GTKk3VM7n66tjZrcZId4W8N9kYtl7w/mE4l5Wg9zIK6ig== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2023-12-06T12:32:28Z" - mac: ENC[AES256_GCM,data:wkR3Z6WuR2h2MuA9vPwcr1Lw0xJrNRIa5REUYT8j4Fhxd+zLghzemp7CoSBxzYaVeD5xIS4FYYvjAxkAV9FZMMWznjkFI+RkBMvlA6O7cUrUtTwh7YJ4ZTfh0iNcihuBXH9XWA7Ku0C9SwGUjGj+uaKPW4JCaVaNxDg0VzdyFeg=,iv:BdI68VoQlPF+eT7FglGyMgtgUT+3okSp9KIZQsIZSZo=,tag:hzQ9I/WXdtqwYjQyeD9XcA==,type:str] - pgp: [] - unencrypted_suffix: _unencrypted - version: 3.8.1 diff --git a/.secrets/sgx/pccs.yaml b/.secrets/sgx/pccs.yaml deleted file mode 100644 index be1c54c..0000000 --- a/.secrets/sgx/pccs.yaml +++ /dev/null @@ -1,30 +0,0 @@ -pccs: ENC[AES256_GCM,data:gsew4gI/i9vGt0X9pKeGed1ItbKEwL/OuYi7W4kti421V2Lor5QGXWsfw89408mPBP68d1qI6Q5BIUvCJdw7c3NJRH/W5UMF7c5ZlVtwrPK2q2v98LiwoeZ1KRDVrGSrchqVw00PClWIKkvh69s7iD10G3Wm8Ctr8ownLVaJnPPn2GQBtX1KJFXz8ikqKf5dUw3aQh7RGxkoLjzgrMx+7jW/t3R9MnPB1eMIUrsXrC40WXuxPaFDRdgvkCZG3KY0RGxR9ndvdDixunYheeKCt8norFrE4GG5Zj9/SHL40JVOTp53lu2IqkroxvDCiANCvVmKiwhLBcPwblgJ8gB9/6+ofNZqKunnBsJ6HNQczqHWFG1p7YNXAkCeZF4R6+TGHEfCmtrzoV0sPPv43peQX5Ibp84iHggCHAaDvOMtDz6zdKFmNC08jqPVC393IkP5KeHDK3hyoa8sVm6PhqCDG5QR8NmySGoXDDdOx1aj0b0xUPHviEQbegn6LlwmXA==,iv:7m5Y0h6apbtOHufVnV/uoK3sEzj5mPvk4eHd1/XCpKs=,tag:K4JmlbXlFzQHlJSYoFasww==,type:str] -sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age149fqcw5jze00vd7jauylrp4j5xyv7amlu57jjfuzghkqtzlnxajs704uz3 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3VXloZWZoWFpPcm9KMnJp - c00vZDM3d01PWXpnVy9tb3NXZkZ0a0JlaVhVCmx6dXZwaUNWY3FzbTdBMlJNTEVB - MlNHa1Q3VmlrUnhNSlpFYmc4Qm5mNFkKLS0tIHlzY2VMVXBZYW9kaUdRakZUNlk3 - SXBoeEZxNktZSDc3aUh2b2g2OXpZQ3cKLNHjYAAHR5LwoSKfaFT8eLJxYNmk/f1S - xNaGpR+sS/6xNSHtkz2w++crcPa/mt9qlQja1kLSGB3PFURSqfUjRQ== - -----END AGE ENCRYPTED FILE----- - - recipient: age1dwcz3fmp29ju4svy0t0wz4ylhpwlqa8xpw4l7t4gmgqr0ev37qrsfn840l - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2anNCTitMRzh0dmt3M1pa - REs5SmhJdExtS2lubXd3ZzY0OGxrTEtnVnlJCmRQNTQ1Rnh6aVpVdTZyYzl4aGJY - OVFiMHNTR090UkRqWDAxS0wwMEhDREkKLS0tIHVDU1A3Y3dKZGh6YlVud3FWNDJj - NW1jNlNVd2cwYXZyY3ZZQTJPM3ZRUlEK8/MXSxDhEo/P2NlZT8IrgwuWRAM/75XA - vrnlknbGJI9bto7O5j77O4OKSuniGat1/ZA5xG/o8YhumSbDtk5ZTA== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2023-12-06T11:31:45Z" - mac: ENC[AES256_GCM,data:5nHxMRjWM8OQ1eyU5KtaC7m74Ss/L4/FF5Bn/zKCfX/x0GS/Q01lwGmHk/4Loyj66pt8wJCtK8mzL67RKPARAiX/9BS9pENYgfRwRk4cEmo/OdjSTOKkr7BO8Q9vAd1beMbDkX1pY/MJpmqvsYdK1yd5yNioAh8IC/PvSh2wu7s=,iv:a7cM8dpm+LMUysaQRT6odCChuLPM1biPHQOFTilH1o8=,tag:f330s/P+rlFVgr0CMc5Jjg==,type:str] - pgp: [] - unencrypted_suffix: _unencrypted - version: 3.8.1 diff --git a/.secrets/t15/backup-s3.yaml b/.secrets/t15/backup-s3.yaml deleted file mode 100644 index ccf1a76..0000000 --- a/.secrets/t15/backup-s3.yaml +++ /dev/null @@ -1,31 +0,0 @@ -backup-s3: ENC[AES256_GCM,data:VsEBUFu2QekSxaBTik4pfnmDKmW68x/R0H90sRVPLyup3MRs0PBk7Qk0hCJGbxzShjlLYcDQcHe0nHyhqmrbNz9U9/cu7hyOKa9QKZvvBcpGApfd8ngdgNnrNdQs4X8No/l66T3w,iv:ylNxJncjVQ6EamgMYbbsoDOcjSocZDV/C/lZTnoX4x0=,tag:SPMFr9cOKyuDhSZaXoUuTg==,type:str] -backup-pw: ENC[AES256_GCM,data:9hF0rxhktvZ/WSY3/AypZ4FBv0c8Ny2XGKXR647LkAbxWgGsP9iMBMOse/RT/ysgBoOvew2i8/8BPt8xtaMHhw==,iv:H/skkAgZOQCKQZ1a8MnuiFDjsNYlfZafbmYxH38EIv4=,tag:Zs231HOXzxCP2KsLgD7rew==,type:str] -sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age1f2yu0cc826ej7hs4g865y29zy9uqfy0yp32f2m80typpk2pxqp7sfcffj4 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBheng3clhCbklBZkM3RTdI - Sm5ld1Y4R3VEdjFLV0hMMVNWVXFKK21vRG5nClptb1ZXckQ1YmJQVSt2VVNFOFVq - RUo0ait0eWl6dXBwd3UzUjNBTWNDZzAKLS0tIGlwSnhpTTFIRUVNVUxnNWxnNTlh - VW5ka2c1dzFBSFFqaHJKWXBUL0RBbTgKwdvyBXOa8B2K1VezacEuO0sYX2ApzGt6 - JUHUiIOTEWL703FGnkv+hRAtItePYHXmmotpysc1bA25F8Pl4obrqA== - -----END AGE ENCRYPTED FILE----- - - recipient: age1dwcz3fmp29ju4svy0t0wz4ylhpwlqa8xpw4l7t4gmgqr0ev37qrsfn840l - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5ODhLMzNqVm9DMTJ4Sm1p - bXNZMTZreUNPUVdCelJyWGhlUGVYai9hOFVnCkIzM1Vrcjd4YVJhM1hKQ200b3FT - cDJyK3FqTGNHSEtKc3U4bVltS252WEEKLS0tIHViSXB6a1dHZlQrbjB4N2FEcjhh - YktVSFdCempHOTVvL1kxbG44c1RpejAKSMeyP6ayLajIvDKGcG7s5JwIvVXiKaFU - VDDj3eTOEKNBZYCyOoq4IA82G8AvRWaacefAgqBk5dE25LbD2xYHLg== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2023-12-18T13:32:35Z" - mac: ENC[AES256_GCM,data:c4Jum1uWOOsYORM5c3Woo/rjKII4femGBDfc4YPxl8BSKR9oo6Z9R+88lO5egrxT7CoKdJz+izuPgT2EjU7C4OvQ+7aDwpMV2X/lHgvB54V5Lq6I+lLKL5gXG8lt1Bm2YcDrFIWsa+RfInwO9S8yBjkCVbdTnOZZGwNlAYrI31o=,iv:dGK1WmLKryXpjEHvmFXkXYOESTLOIS6ovaunlreVhmI=,tag:W88dYlb2cJ61m7JWYJQIJA==,type:str] - pgp: [] - unencrypted_suffix: _unencrypted - version: 3.8.1 diff --git a/.sops.yaml b/.sops.yaml deleted file mode 100644 index 7449b04..0000000 --- a/.sops.yaml +++ /dev/null @@ -1,21 +0,0 @@ -keys: - - &server_hetzner age1qur4kh3gay9ryk3jh2snvjp6x9eq94zdrmgkrfcv4fzsu7l6lumq4tr3uy - - &server_sgx age149fqcw5jze00vd7jauylrp4j5xyv7amlu57jjfuzghkqtzlnxajs704uz3 - - &server_t15 age1f2yu0cc826ej7hs4g865y29zy9uqfy0yp32f2m80typpk2pxqp7sfcffj4 - - &harald age1dwcz3fmp29ju4svy0t0wz4ylhpwlqa8xpw4l7t4gmgqr0ev37qrsfn840l -creation_rules: - - path_regex: .secrets/hetzner/[^/]+\.(yaml|json|env|ini)$ - key_groups: - - age: - - *server_hetzner - - *harald - - path_regex: .secrets/sgx/[^/]+\.(yaml|json|env|ini)$ - key_groups: - - age: - - *server_sgx - - *harald - - path_regex: .secrets/t15/[^/]+\.(yaml|json|env|ini)$ - key_groups: - - age: - - *server_t15 - - *harald diff --git a/flake.lock b/flake.lock index 8c19496..2368844 100644 --- a/flake.lock +++ b/flake.lock @@ -1223,22 +1223,6 @@ "type": "github" } }, - "nixpkgs-stable_2": { - "locked": { - "lastModified": 1709428628, - "narHash": "sha256-//ZCCnpVai/ShtO2vPjh3AWgo8riXCaret6V9s7Hew4=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "66d65cb00b82ffa04ee03347595aa20e41fe3555", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "release-23.11", - "repo": "nixpkgs", - "type": "github" - } - }, "nixpkgs_2": { "locked": { "lastModified": 1655400192, @@ -1891,7 +1875,6 @@ "neovim-flake": "neovim-flake", "nixpkgs": "nixpkgs_4", "snowfall-lib": "snowfall-lib", - "sops-nix": "sops-nix", "unstable": "unstable" } }, @@ -2017,27 +2000,6 @@ "type": "github" } }, - "sops-nix": { - "inputs": { - "nixpkgs": [ - "nixpkgs" - ], - "nixpkgs-stable": "nixpkgs-stable_2" - }, - "locked": { - "lastModified": 1709711091, - "narHash": "sha256-L0rSIU9IguTG4YqSj4B/02SyTEz55ACq5t8gXpzteYc=", - "owner": "Mic92", - "repo": "sops-nix", - "rev": "25dd60fdd08fcacee2567a26ba6b91fe098941dc", - "type": "github" - }, - "original": { - "owner": "Mic92", - "repo": "sops-nix", - "type": "github" - } - }, "sqls-nvim": { "flake": false, "locked": { diff --git a/flake.nix b/flake.nix index 5386a2b..1d24835 100644 --- a/flake.nix +++ b/flake.nix @@ -25,9 +25,6 @@ disko.url = "github:nix-community/disko"; disko.inputs.nixpkgs.follows = "nixpkgs"; - - sops-nix.url = "github:Mic92/sops-nix"; - sops-nix.inputs.nixpkgs.follows = "nixpkgs"; }; outputs = inputs: @@ -78,8 +75,6 @@ systems.modules.nixos = with inputs; [ lanzaboote.nixosModules.lanzaboote home-manager.nixosModules.home-manager - sops-nix.nixosModules.sops - disko.nixosModules.disko ]; outputs-builder = channels: { diff --git a/modules/home/cli-apps/bash/default.nix b/modules/home/cli-apps/bash/default.nix index 11c923b..d6d316e 100644 --- a/modules/home/cli-apps/bash/default.nix +++ b/modules/home/cli-apps/bash/default.nix @@ -21,7 +21,6 @@ in enable = true; initExtra = '' function msh() { mosh "$@" -- bash -c 'if type -f tmux; then tmux new-session -A -s 0; else screen -R; fi;' ; }; - function tsh() { ssh -t "$@" -- bash -c 'if type -f tmux; then tmux new-session -A -s 0; else screen -R; fi;' ; }; ''; }; }; diff --git a/modules/home/cli-apps/fish/default.nix b/modules/home/cli-apps/fish/default.nix index a6f2354..ca22cdc 100644 --- a/modules/home/cli-apps/fish/default.nix +++ b/modules/home/cli-apps/fish/default.nix @@ -24,13 +24,6 @@ in ${pkgs.mosh}/bin/mosh $argv -- tmux new-session -A -s 0 end end - function tsh --wraps ssh --description 'ssh with tmux' - if not set -q argv[1] - echo 'Usage: tsh [user@]host [command]' - else - ${pkgs.openssh}/bin/ssh -t $argv -- tmux new-session -A -s 0 - end - end ''; plugins = [{ diff --git a/systems/x86_64-linux/sgx-nixos/default.nix b/systems/x86_64-linux/sgx-nixos/default.nix index 68f45d7..e6a9b29 100644 --- a/systems/x86_64-linux/sgx-nixos/default.nix +++ b/systems/x86_64-linux/sgx-nixos/default.nix @@ -17,6 +17,7 @@ with lib.plusultra; nix.settings.trusted-users = [ "@wheel" ]; + plusultra.user.extraGroups = [ "docker" ]; programs = { diff --git a/systems/x86_64-linux/sgx/default.nix b/systems/x86_64-linux/sgx/default.nix index f212e98..c9579ec 100644 --- a/systems/x86_64-linux/sgx/default.nix +++ b/systems/x86_64-linux/sgx/default.nix @@ -13,7 +13,7 @@ with lib.plusultra; system.autoUpgrade = { enable = true; operation = "boot"; - allowReboot = true; + allowReboot = false; flags = [ "--update-input" "nixpkgs" @@ -114,6 +114,7 @@ with lib.plusultra; services = { dbus.implementation = "broker"; dbus.packages = [ pkgs.gcr ]; + fail2ban.enable = false; fwupd.enable = true; openssh = { enable = true; diff --git a/systems/x86_64-linux/x1/default.nix b/systems/x86_64-linux/x1/default.nix index f643648..2e14fb2 100644 --- a/systems/x86_64-linux/x1/default.nix +++ b/systems/x86_64-linux/x1/default.nix @@ -112,6 +112,7 @@ with lib.plusultra; services = { dbus.implementation = "broker"; dbus.packages = [ pkgs.gcr ]; + fail2ban.enable = true; fwupd.enable = true; openssh = { enable = true; @@ -129,6 +130,14 @@ with lib.plusultra; }; }; + # Auto system update + # https://search.nixos.org/options?channel=23.11&show=system.autoUpgrade + #system.autoUpgrade = { + #enable = true; + #operation = "boot"; + #flags = [ "--update-input" "nixpkgs" "--commit-lock-file" ] + # flake = "??"; + # }; system.stateVersion = "23.11"; time.timeZone = "Europe/Berlin";