Compare commits
4 commits
f2a664275b
...
47b956331a
| Author | SHA1 | Date | |
|---|---|---|---|
 Harald Hoyer
|
47b956331a | ||
|
Harald Hoyer
|
93e8e0fd4a | ||
|
Harald Hoyer
|
4827a3e325 | ||
|
Harald Hoyer
|
b063d7719e |
30
.secrets/hetzner/internetbs.yaml
Normal file
30
.secrets/hetzner/internetbs.yaml
Normal file
|
|
@ -0,0 +1,30 @@
|
|||
internetbs: ENC[AES256_GCM,data:usJ/08NTnlLNcnzVyycFVe7VN2LS7gNkqQRltpTEKBHu8POjaNK2E7t0tuq3a+EcxkhxBsd7O8lw7fjFDh6ZPo7nfUQjvVQzbaI1JjMUOw==,iv:kJFbg9mt3EMSzrUWEzC4xK6ilAiRp+fktYUX+W6uwSM=,tag:tsE6qpyjA5d4egFM2IJzRA==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1qur4kh3gay9ryk3jh2snvjp6x9eq94zdrmgkrfcv4fzsu7l6lumq4tr3uy
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHT3U4dmhTTmRGRnFxMmhQ
|
||||
Lzc0RWdQaThYZDhtcHFTSHNPNS9pd2RKS0N3CnVlUmx0V3BCUHhkQ1d0Nlk3NGEw
|
||||
bHM1YWQySEZVV3VjZUcwcE1TSW9scDgKLS0tIFNYbnJxVzA4d2dsQTRVVXhDdFUv
|
||||
OS9xVXVUSTFmbStObGdLRUl5RWlGTk0Ki6/1TMHB/BfL53qDYvQwmW6xHes27Ni4
|
||||
exk+T9OlgKsHQfdRpu3t3TrdnFIJYmAJeuU6NNdlp18juNPp9kbBEg==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
- recipient: age1dwcz3fmp29ju4svy0t0wz4ylhpwlqa8xpw4l7t4gmgqr0ev37qrsfn840l
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBUY2VCS1ZtWjc3VFFLSUhl
|
||||
R2EzbE5SMWlWOXZhWmVuckFzVGR1aFp2aVQ0CllkemVFaFhwYzgxNFNlL3Z1QWRP
|
||||
d0Rqb2FtYXI5T2ZzUjJIMXluUWwwdnMKLS0tIEQ4Yk1vRzVpZVF4blFxVkdIRGFl
|
||||
ZmMxald2NU9HSE1ZOUN5R2twMXdmVGcKAXcUXemrleTxGxkMP+4mWh8uYwN1FTDc
|
||||
cHbaln4DsDOqHtqqpJheTqN0mMOmkDvTCq2jbiKIkr2sruh49acIoA==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2023-10-24T13:45:16Z"
|
||||
mac: ENC[AES256_GCM,data:MOEFuQSx+SlXM7ajjQR6twCULem19A/hYKHBQhnLMb2V9o8SuYOvhmn8dz/UE558dnJt6eIB0rRKTItEbxNfyjvr6r2q+GPi7OM85ytLd0UuNPwcKUrqmlx5JPCRWt189U+qetbIDH7PXCawfccbLJmJWHBhFn+ZwqPbLs2wUnI=,iv:YUcEofcFTT8KgVVoQg/+bsCgBTdyGmmYLX7m1cqonhA=,tag:9oKLUS0eebRvC7UwEgkhew==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.7.3
|
||||
31
.secrets/hetzner/postgres.yaml
Normal file
31
.secrets/hetzner/postgres.yaml
Normal file
|
|
@ -0,0 +1,31 @@
|
|||
postgres:
|
||||
gitea_dbpass: ENC[AES256_GCM,data:YdouHox7M6iTygteftGMB1W/hEWUchlZ+35ofgbI0xoYGt7QzVZyPKpO8cvcVNPTgdWk6B1zWlFw6JRhXv+ovg==,iv:0EkZGv8iQkq2fcyViCJy/Rj7n3w1BSuU5NiPw5sJhr0=,tag:z3Ff2dNzJBuBqyGiqoxZcg==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1qur4kh3gay9ryk3jh2snvjp6x9eq94zdrmgkrfcv4fzsu7l6lumq4tr3uy
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBOUVxRXduVWhjNHdnZCtH
|
||||
U0VLWE01VkJaWmNDUzE1bmorRDN5RWNwTnhJClRkcDNzb1U2MzZ3TDhXSnI4Z252
|
||||
a1A0dzQ5eUlScDhhYjl6WEdnYnlxUm8KLS0tIDczaXlvcDVwUzdQY1h6a01QM2p6
|
||||
T3FBVWJqaHQwVnIrNFVsWVBub2djMG8KsbZb43UkVe1Up0O15UTC/PdsEkwwOnVW
|
||||
9P4AGO097HfTLkAjKJHx5QYF02dJ+4xb6rgzUYt9Nr8h8+GD0xRAfQ==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
- recipient: age1dwcz3fmp29ju4svy0t0wz4ylhpwlqa8xpw4l7t4gmgqr0ev37qrsfn840l
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBdlhZbDhqamNGU2QrZDN5
|
||||
MlY5RFgrV3NJUk1PYWJLSnpCZjhiTUF5b0RrCmRHV0JnYlBmL2p0WE9UTzJUcVhK
|
||||
dkhiYlJtYWtDN0lseHRCNTUzb252TmsKLS0tIGZKbjA3dkVwcnZNK2djV1BvSkJo
|
||||
a09FM1ZqSWdsdytjdVFCanVldHVoWUUKyy/LXNd/vZLdgXYXfloFkNviaddvrazw
|
||||
4Z0bJ/fqGvRPlLkTUzZlhWKVXfZFGgo5nQSEvyphkIb6UCyd9VamnA==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2023-10-24T14:02:40Z"
|
||||
mac: ENC[AES256_GCM,data:7yikTQ7wsy13Hfwo5VKpUow8KW2/UYfzrWuA6Rp+21FglG3f7s6PLlrpMLooDPiaHxiPfc1fHg3u6UDcotyUljMZMQCCfvmLC1saALB6lFHEj3KoTa/NtgimYB2FeK92RcrU+EymmwZItmI/t1CuH8/qvXydWnO9zMWplMtW89Y=,iv:PEmElInahA5pPQvR9aatpKt+JhsKEtBPCPm926/59Uo=,tag:mflo6uSOh8SDKoC5JLHDIw==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.7.3
|
||||
31
.secrets/sgx/backup-s3.yaml
Normal file
31
.secrets/sgx/backup-s3.yaml
Normal file
|
|
@ -0,0 +1,31 @@
|
|||
backup-s3: ENC[AES256_GCM,data:gT5yQDC/nW7INa6e+BZOiR+Ky6SvU8hsRMvCoBDw8bOJT4yWlLkeYjoZOUSAdNaWyrNuypy72TUnq4+Udhrqd9YeneR7vj+UOSsNpDdqzVaTb0kTiL0lBT3RvXZ3QYVmSqYFnjrR,iv:VVQkDUuQwxHYFgOWueYIYq9M3WSIEYycdH+j+ibeS8w=,tag:wKe5kz0HxpZOW7GCw9rctg==,type:str]
|
||||
backup-pw: ENC[AES256_GCM,data:JRgZXuO1eABr4fNmWJO/WgFLirEbGssLy+Lc29FWNFfBomDlr+73AFUcj1Ln8w92msuxubOY81jgEtG15PFX/g==,iv:4i6UyGYMJE4a2L4485ywlhZAE900wjVRia/X92Xr3Yg=,tag:d2oU6tSUwj3cdLJNmDHEEQ==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age149fqcw5jze00vd7jauylrp4j5xyv7amlu57jjfuzghkqtzlnxajs704uz3
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPRjFydkVQTXlCWEJCSjNl
|
||||
Unk1ejJ3K0M4dFVNeFFHK1c4ZjhwTG93b1cwCnJkN3BQZE1Na3VyZkc5SU1PNVkv
|
||||
b3hVNzNIRStnemZ2RUlxSDJxRWtGTDAKLS0tIGVmK0d0Y2twMTE0U0hoRmRVR2R0
|
||||
cjhYNlJZdG1QVzYyRzhoUm1wLzdGY1kK0QNSItqjmwLTxQaMEC1bYrtlpE8EGlHb
|
||||
hkWADj/Qw8m7Hbi1YCL6YWalHfoHM80VlfGGV6oAH4KH7l2mykqfzQ==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
- recipient: age1dwcz3fmp29ju4svy0t0wz4ylhpwlqa8xpw4l7t4gmgqr0ev37qrsfn840l
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNcHc0NXY1YVhiREJ6ZFBz
|
||||
cGVqM2ZvZVBYSnlZZ00vS2ZjeUZHeEVrelJ3CnhQRWhWcFRHeUJrcE9OaU9sQ21n
|
||||
bDJBdnMrRTRKdEtMcWpDQTdqc0R4dDAKLS0tIGZPeTdGOFBSMjhTOEk5TEVnS2tm
|
||||
QVZ6UEU3eFBEZ2RBRFdMd0sraVl4Z2cKOxGZrvhamIKuYubd6xvHS5VgFuXw7i+x
|
||||
JvB7Wuu1+GTKk3VM7n66tjZrcZId4W8N9kYtl7w/mE4l5Wg9zIK6ig==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2023-12-06T12:32:28Z"
|
||||
mac: ENC[AES256_GCM,data:wkR3Z6WuR2h2MuA9vPwcr1Lw0xJrNRIa5REUYT8j4Fhxd+zLghzemp7CoSBxzYaVeD5xIS4FYYvjAxkAV9FZMMWznjkFI+RkBMvlA6O7cUrUtTwh7YJ4ZTfh0iNcihuBXH9XWA7Ku0C9SwGUjGj+uaKPW4JCaVaNxDg0VzdyFeg=,iv:BdI68VoQlPF+eT7FglGyMgtgUT+3okSp9KIZQsIZSZo=,tag:hzQ9I/WXdtqwYjQyeD9XcA==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.8.1
|
||||
30
.secrets/sgx/pccs.yaml
Normal file
30
.secrets/sgx/pccs.yaml
Normal file
|
|
@ -0,0 +1,30 @@
|
|||
pccs: ENC[AES256_GCM,data:gsew4gI/i9vGt0X9pKeGed1ItbKEwL/OuYi7W4kti421V2Lor5QGXWsfw89408mPBP68d1qI6Q5BIUvCJdw7c3NJRH/W5UMF7c5ZlVtwrPK2q2v98LiwoeZ1KRDVrGSrchqVw00PClWIKkvh69s7iD10G3Wm8Ctr8ownLVaJnPPn2GQBtX1KJFXz8ikqKf5dUw3aQh7RGxkoLjzgrMx+7jW/t3R9MnPB1eMIUrsXrC40WXuxPaFDRdgvkCZG3KY0RGxR9ndvdDixunYheeKCt8norFrE4GG5Zj9/SHL40JVOTp53lu2IqkroxvDCiANCvVmKiwhLBcPwblgJ8gB9/6+ofNZqKunnBsJ6HNQczqHWFG1p7YNXAkCeZF4R6+TGHEfCmtrzoV0sPPv43peQX5Ibp84iHggCHAaDvOMtDz6zdKFmNC08jqPVC393IkP5KeHDK3hyoa8sVm6PhqCDG5QR8NmySGoXDDdOx1aj0b0xUPHviEQbegn6LlwmXA==,iv:7m5Y0h6apbtOHufVnV/uoK3sEzj5mPvk4eHd1/XCpKs=,tag:K4JmlbXlFzQHlJSYoFasww==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age149fqcw5jze00vd7jauylrp4j5xyv7amlu57jjfuzghkqtzlnxajs704uz3
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3VXloZWZoWFpPcm9KMnJp
|
||||
c00vZDM3d01PWXpnVy9tb3NXZkZ0a0JlaVhVCmx6dXZwaUNWY3FzbTdBMlJNTEVB
|
||||
MlNHa1Q3VmlrUnhNSlpFYmc4Qm5mNFkKLS0tIHlzY2VMVXBZYW9kaUdRakZUNlk3
|
||||
SXBoeEZxNktZSDc3aUh2b2g2OXpZQ3cKLNHjYAAHR5LwoSKfaFT8eLJxYNmk/f1S
|
||||
xNaGpR+sS/6xNSHtkz2w++crcPa/mt9qlQja1kLSGB3PFURSqfUjRQ==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
- recipient: age1dwcz3fmp29ju4svy0t0wz4ylhpwlqa8xpw4l7t4gmgqr0ev37qrsfn840l
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2anNCTitMRzh0dmt3M1pa
|
||||
REs5SmhJdExtS2lubXd3ZzY0OGxrTEtnVnlJCmRQNTQ1Rnh6aVpVdTZyYzl4aGJY
|
||||
OVFiMHNTR090UkRqWDAxS0wwMEhDREkKLS0tIHVDU1A3Y3dKZGh6YlVud3FWNDJj
|
||||
NW1jNlNVd2cwYXZyY3ZZQTJPM3ZRUlEK8/MXSxDhEo/P2NlZT8IrgwuWRAM/75XA
|
||||
vrnlknbGJI9bto7O5j77O4OKSuniGat1/ZA5xG/o8YhumSbDtk5ZTA==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2023-12-06T11:31:45Z"
|
||||
mac: ENC[AES256_GCM,data:5nHxMRjWM8OQ1eyU5KtaC7m74Ss/L4/FF5Bn/zKCfX/x0GS/Q01lwGmHk/4Loyj66pt8wJCtK8mzL67RKPARAiX/9BS9pENYgfRwRk4cEmo/OdjSTOKkr7BO8Q9vAd1beMbDkX1pY/MJpmqvsYdK1yd5yNioAh8IC/PvSh2wu7s=,iv:a7cM8dpm+LMUysaQRT6odCChuLPM1biPHQOFTilH1o8=,tag:f330s/P+rlFVgr0CMc5Jjg==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.8.1
|
||||
31
.secrets/t15/backup-s3.yaml
Normal file
31
.secrets/t15/backup-s3.yaml
Normal file
|
|
@ -0,0 +1,31 @@
|
|||
backup-s3: ENC[AES256_GCM,data:VsEBUFu2QekSxaBTik4pfnmDKmW68x/R0H90sRVPLyup3MRs0PBk7Qk0hCJGbxzShjlLYcDQcHe0nHyhqmrbNz9U9/cu7hyOKa9QKZvvBcpGApfd8ngdgNnrNdQs4X8No/l66T3w,iv:ylNxJncjVQ6EamgMYbbsoDOcjSocZDV/C/lZTnoX4x0=,tag:SPMFr9cOKyuDhSZaXoUuTg==,type:str]
|
||||
backup-pw: ENC[AES256_GCM,data:9hF0rxhktvZ/WSY3/AypZ4FBv0c8Ny2XGKXR647LkAbxWgGsP9iMBMOse/RT/ysgBoOvew2i8/8BPt8xtaMHhw==,iv:H/skkAgZOQCKQZ1a8MnuiFDjsNYlfZafbmYxH38EIv4=,tag:Zs231HOXzxCP2KsLgD7rew==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1f2yu0cc826ej7hs4g865y29zy9uqfy0yp32f2m80typpk2pxqp7sfcffj4
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBheng3clhCbklBZkM3RTdI
|
||||
Sm5ld1Y4R3VEdjFLV0hMMVNWVXFKK21vRG5nClptb1ZXckQ1YmJQVSt2VVNFOFVq
|
||||
RUo0ait0eWl6dXBwd3UzUjNBTWNDZzAKLS0tIGlwSnhpTTFIRUVNVUxnNWxnNTlh
|
||||
VW5ka2c1dzFBSFFqaHJKWXBUL0RBbTgKwdvyBXOa8B2K1VezacEuO0sYX2ApzGt6
|
||||
JUHUiIOTEWL703FGnkv+hRAtItePYHXmmotpysc1bA25F8Pl4obrqA==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
- recipient: age1dwcz3fmp29ju4svy0t0wz4ylhpwlqa8xpw4l7t4gmgqr0ev37qrsfn840l
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5ODhLMzNqVm9DMTJ4Sm1p
|
||||
bXNZMTZreUNPUVdCelJyWGhlUGVYai9hOFVnCkIzM1Vrcjd4YVJhM1hKQ200b3FT
|
||||
cDJyK3FqTGNHSEtKc3U4bVltS252WEEKLS0tIHViSXB6a1dHZlQrbjB4N2FEcjhh
|
||||
YktVSFdCempHOTVvL1kxbG44c1RpejAKSMeyP6ayLajIvDKGcG7s5JwIvVXiKaFU
|
||||
VDDj3eTOEKNBZYCyOoq4IA82G8AvRWaacefAgqBk5dE25LbD2xYHLg==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2023-12-18T13:32:35Z"
|
||||
mac: ENC[AES256_GCM,data:c4Jum1uWOOsYORM5c3Woo/rjKII4femGBDfc4YPxl8BSKR9oo6Z9R+88lO5egrxT7CoKdJz+izuPgT2EjU7C4OvQ+7aDwpMV2X/lHgvB54V5Lq6I+lLKL5gXG8lt1Bm2YcDrFIWsa+RfInwO9S8yBjkCVbdTnOZZGwNlAYrI31o=,iv:dGK1WmLKryXpjEHvmFXkXYOESTLOIS6ovaunlreVhmI=,tag:W88dYlb2cJ61m7JWYJQIJA==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.8.1
|
||||
21
.sops.yaml
Normal file
21
.sops.yaml
Normal file
|
|
@ -0,0 +1,21 @@
|
|||
keys:
|
||||
- &server_hetzner age1qur4kh3gay9ryk3jh2snvjp6x9eq94zdrmgkrfcv4fzsu7l6lumq4tr3uy
|
||||
- &server_sgx age149fqcw5jze00vd7jauylrp4j5xyv7amlu57jjfuzghkqtzlnxajs704uz3
|
||||
- &server_t15 age1f2yu0cc826ej7hs4g865y29zy9uqfy0yp32f2m80typpk2pxqp7sfcffj4
|
||||
- &harald age1dwcz3fmp29ju4svy0t0wz4ylhpwlqa8xpw4l7t4gmgqr0ev37qrsfn840l
|
||||
creation_rules:
|
||||
- path_regex: .secrets/hetzner/[^/]+\.(yaml|json|env|ini)$
|
||||
key_groups:
|
||||
- age:
|
||||
- *server_hetzner
|
||||
- *harald
|
||||
- path_regex: .secrets/sgx/[^/]+\.(yaml|json|env|ini)$
|
||||
key_groups:
|
||||
- age:
|
||||
- *server_sgx
|
||||
- *harald
|
||||
- path_regex: .secrets/t15/[^/]+\.(yaml|json|env|ini)$
|
||||
key_groups:
|
||||
- age:
|
||||
- *server_t15
|
||||
- *harald
|
||||
38
flake.lock
38
flake.lock
|
|
@ -1223,6 +1223,22 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs-stable_2": {
|
||||
"locked": {
|
||||
"lastModified": 1709428628,
|
||||
"narHash": "sha256-//ZCCnpVai/ShtO2vPjh3AWgo8riXCaret6V9s7Hew4=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "66d65cb00b82ffa04ee03347595aa20e41fe3555",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"ref": "release-23.11",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs_2": {
|
||||
"locked": {
|
||||
"lastModified": 1655400192,
|
||||
|
|
@ -1875,6 +1891,7 @@
|
|||
"neovim-flake": "neovim-flake",
|
||||
"nixpkgs": "nixpkgs_4",
|
||||
"snowfall-lib": "snowfall-lib",
|
||||
"sops-nix": "sops-nix",
|
||||
"unstable": "unstable"
|
||||
}
|
||||
},
|
||||
|
|
@ -2000,6 +2017,27 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"sops-nix": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
],
|
||||
"nixpkgs-stable": "nixpkgs-stable_2"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1709711091,
|
||||
"narHash": "sha256-L0rSIU9IguTG4YqSj4B/02SyTEz55ACq5t8gXpzteYc=",
|
||||
"owner": "Mic92",
|
||||
"repo": "sops-nix",
|
||||
"rev": "25dd60fdd08fcacee2567a26ba6b91fe098941dc",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "Mic92",
|
||||
"repo": "sops-nix",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"sqls-nvim": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
|
|
|
|||
|
|
@ -25,6 +25,9 @@
|
|||
|
||||
disko.url = "github:nix-community/disko";
|
||||
disko.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
||||
sops-nix.url = "github:Mic92/sops-nix";
|
||||
sops-nix.inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
|
||||
outputs = inputs:
|
||||
|
|
@ -75,6 +78,8 @@
|
|||
systems.modules.nixos = with inputs; [
|
||||
lanzaboote.nixosModules.lanzaboote
|
||||
home-manager.nixosModules.home-manager
|
||||
sops-nix.nixosModules.sops
|
||||
disko.nixosModules.disko
|
||||
];
|
||||
|
||||
outputs-builder = channels: {
|
||||
|
|
|
|||
|
|
@ -21,6 +21,7 @@ in
|
|||
enable = true;
|
||||
initExtra = ''
|
||||
function msh() { mosh "$@" -- bash -c 'if type -f tmux; then tmux new-session -A -s 0; else screen -R; fi;' ; };
|
||||
function tsh() { ssh -t "$@" -- bash -c 'if type -f tmux; then tmux new-session -A -s 0; else screen -R; fi;' ; };
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
|
|
|||
|
|
@ -24,6 +24,13 @@ in
|
|||
${pkgs.mosh}/bin/mosh $argv -- tmux new-session -A -s 0
|
||||
end
|
||||
end
|
||||
function tsh --wraps ssh --description 'ssh with tmux'
|
||||
if not set -q argv[1]
|
||||
echo 'Usage: tsh [user@]host [command]'
|
||||
else
|
||||
${pkgs.openssh}/bin/ssh -t $argv -- tmux new-session -A -s 0
|
||||
end
|
||||
end
|
||||
'';
|
||||
|
||||
plugins = [{
|
||||
|
|
|
|||
|
|
@ -17,7 +17,6 @@ with lib.plusultra;
|
|||
|
||||
nix.settings.trusted-users = [ "@wheel" ];
|
||||
|
||||
|
||||
plusultra.user.extraGroups = [ "docker" ];
|
||||
|
||||
programs = {
|
||||
|
|
|
|||
|
|
@ -13,7 +13,7 @@ with lib.plusultra;
|
|||
system.autoUpgrade = {
|
||||
enable = true;
|
||||
operation = "boot";
|
||||
allowReboot = false;
|
||||
allowReboot = true;
|
||||
flags = [
|
||||
"--update-input"
|
||||
"nixpkgs"
|
||||
|
|
@ -114,7 +114,6 @@ with lib.plusultra;
|
|||
services = {
|
||||
dbus.implementation = "broker";
|
||||
dbus.packages = [ pkgs.gcr ];
|
||||
fail2ban.enable = false;
|
||||
fwupd.enable = true;
|
||||
openssh = {
|
||||
enable = true;
|
||||
|
|
|
|||
|
|
@ -112,7 +112,6 @@ with lib.plusultra;
|
|||
services = {
|
||||
dbus.implementation = "broker";
|
||||
dbus.packages = [ pkgs.gcr ];
|
||||
fail2ban.enable = true;
|
||||
fwupd.enable = true;
|
||||
openssh = {
|
||||
enable = true;
|
||||
|
|
@ -130,14 +129,6 @@ with lib.plusultra;
|
|||
};
|
||||
};
|
||||
|
||||
# Auto system update
|
||||
# https://search.nixos.org/options?channel=23.11&show=system.autoUpgrade
|
||||
#system.autoUpgrade = {
|
||||
#enable = true;
|
||||
#operation = "boot";
|
||||
#flags = [ "--update-input" "nixpkgs" "--commit-lock-file" ]
|
||||
# flake = "??";
|
||||
# };
|
||||
system.stateVersion = "23.11";
|
||||
|
||||
time.timeZone = "Europe/Berlin";
|
||||
|
|
|
|||
Loading…
Reference in a new issue