diff --git a/flake.lock b/flake.lock index 099dbf5..c770eb4 100644 --- a/flake.lock +++ b/flake.lock @@ -124,11 +124,11 @@ "pyproject-nix": "pyproject-nix" }, "locked": { - "lastModified": 1720605900, - "narHash": "sha256-/BTAC3gj1Ot7o/PINsHS2EGEtGUadI12WZlhowKn18c=", + "lastModified": 1720709248, + "narHash": "sha256-ThoGJ7wEcoKjE9rWVoAqplbfzPK8FCbsrqt9WjGS96w=", "owner": "nix-community", "repo": "dream2nix", - "rev": "0c6b5c8ab796f6dfb2aef1133f5b7bb25ce57cb9", + "rev": "a3751775d93d70845cdf55c00f28f0074bee7d9c", "type": "github" }, "original": { @@ -872,11 +872,11 @@ "lix": { "flake": false, "locked": { - "lastModified": 1720633647, - "narHash": "sha256-CjWvti4wFhRmIHpLduohKAVmU9+wI/PAOhQppCWziK8=", + "lastModified": 1720697958, + "narHash": "sha256-eMvynmI9MQmNPwpiVEXVMhPiC14P53HwSE1EUpEMIa4=", "ref": "refs/heads/main", - "rev": "014410cbf0bda9c0fcdaf5f894120883cdc805ce", - "revCount": 15944, + "rev": "31478c810a79403fbb670ef7c4ef1d0d48271c80", + "revCount": 15947, "type": "git", "url": "https://git@git.lix.systems/lix-project/lix" }, @@ -897,11 +897,11 @@ ] }, "locked": { - "lastModified": 1719353937, - "narHash": "sha256-86NBqDxAP20ET/UoKX0WvSItblNQ97czXb2q7lkMrwk=", + "lastModified": 1720695775, + "narHash": "sha256-8Oqzl9QPjEe/n8y0R2tC6+2v/H6xBgABHXOJwxmnBg0=", "ref": "refs/heads/main", - "rev": "5d9d94089fb1ca96222a34bfe245ef5c5ebefd37", - "revCount": 92, + "rev": "d70318fb946a0e720dfdd1fb10b0645c14e2a02a", + "revCount": 94, "type": "git", "url": "https://git.lix.systems/lix-project/nixos-module" }, diff --git a/hosts/janeway/default.nix b/hosts/janeway/default.nix index 54c0975..ecc1e54 100644 --- a/hosts/janeway/default.nix +++ b/hosts/janeway/default.nix @@ -2,18 +2,18 @@ config, lib, pkgs, + fleetFlake, ... }: let sshdTmpDirectory = "${config.user.home}/sshd-tmp"; sshdDirectory = "${config.user.home}/sshd"; - pathToPubKey = "/mnt/sdcard/Download/picard_host_key.pub"; port = 8022; in { # Backup etc files instead of failing to activate generation if a file already exists in /etc environment.etcBackupExtension = ".bak"; # Read the changelog before changing this value - system.stateVersion = "23.11"; + system.stateVersion = "24.05"; # Set up nix for flakes nix.extraOptions = '' @@ -23,9 +23,25 @@ in { # Set your time zone time.timeZone = "Europe/Rome"; - build.activation.sshd = '' + home-manager.config = {pkgs, ...}: { + home.stateVersion = "24.05"; + _module.args = { + hostname = "janeway"; + age.secrets = {}; + }; + imports = [../../hmModules/shell]; + }; + + build.activation.sshd = let + keys = (builtins.import ../../lib).keys; + inherit (keys) hosts users; + in '' $DRY_RUN_CMD mkdir $VERBOSE_ARG --parents "${config.user.home}/.ssh" - $DRY_RUN_CMD cat ${pathToPubKey} > "${config.user.home}/.ssh/authorized_keys" + $DRY_RUN_CMD echo ${hosts.picard} > "${config.user.home}/.ssh/authorized_keys" + $DRY_RUN_CMD echo ${hosts.sisko} >> "${config.user.home}/.ssh/authorized_keys" + $DRY_RUN_CMD echo ${hosts.kirk} >> "${config.user.home}/.ssh/authorized_keys" + $DRY_RUN_CMD echo ${users.ccr-ssh} >> "${config.user.home}/.ssh/authorized_keys" + $DRY_RUN_CMD echo ${users.ccr-gpg} >> "${config.user.home}/.ssh/authorized_keys" if [[ ! -d "${sshdDirectory}" ]]; then $DRY_RUN_CMD rm $VERBOSE_ARG --recursive --force "${sshdTmpDirectory}" @@ -42,12 +58,13 @@ in { ''; environment.packages = [ - pkgs.vim pkgs.bottom pkgs.helix pkgs.stress pkgs.openssh pkgs.git + pkgs.btop + fleetFlake.inputs.ccrEmacs.packages.aarch64-linux.ccrEmacs (pkgs.writeScriptBin "sshd-start" '' #!${pkgs.runtimeShell} diff --git a/hosts/module.nix b/hosts/module.nix index 9f3f4b0..3c26ae6 100644 --- a/hosts/module.nix +++ b/hosts/module.nix @@ -291,6 +291,7 @@ in { internal = true; default = hostname: config: inputs.nix-on-droid.lib.nixOnDroidConfiguration { + pkgs = inputs.nixpkgsUnstable.legacyPackages.aarch64-linux; modules = [ ({ lib, @@ -298,6 +299,7 @@ in { ... }: { nixpkgs.overlays = config.overlays; + _module.args.fleetFlake = self; }) "${self.outPath}/hosts/${hostname}" ];