diff --git a/flake.lock b/flake.lock index 4029a43..c770eb4 100644 --- a/flake.lock +++ b/flake.lock @@ -104,11 +104,11 @@ ] }, "locked": { - "lastModified": 1720402389, - "narHash": "sha256-zJv6euDOrJWMHBhxfp/ay+Dvjwpe8YtMuEI5b09bxmo=", + "lastModified": 1720661479, + "narHash": "sha256-nsGgA14vVn0GGiqEfomtVgviRJCuSR3UEopfP8ixW1I=", "owner": "nix-community", "repo": "disko", - "rev": "f1a00e7f55dc266ef286cc6fc8458fa2b5ca2414", + "rev": "786965e1b1ed3fd2018d78399984f461e2a44689", "type": "github" }, "original": { @@ -124,11 +124,11 @@ "pyproject-nix": "pyproject-nix" }, "locked": { - "lastModified": 1720605900, - "narHash": "sha256-/BTAC3gj1Ot7o/PINsHS2EGEtGUadI12WZlhowKn18c=", + "lastModified": 1720709248, + "narHash": "sha256-ThoGJ7wEcoKjE9rWVoAqplbfzPK8FCbsrqt9WjGS96w=", "owner": "nix-community", "repo": "dream2nix", - "rev": "0c6b5c8ab796f6dfb2aef1133f5b7bb25ce57cb9", + "rev": "a3751775d93d70845cdf55c00f28f0074bee7d9c", "type": "github" }, "original": { @@ -818,11 +818,11 @@ ] }, "locked": { - "lastModified": 1720470846, - "narHash": "sha256-7ftA4Bv5KfH4QdTRxqe8/Hz2YTKo+7IQ9n7vbNWgv28=", + "lastModified": 1720646128, + "narHash": "sha256-BivO5yIQukDlJL+1875Sqf3GuOPxZDdA48dYDi3PkL8=", "owner": "nix-community", "repo": "home-manager", - "rev": "2fb5c1e0a17bc6059fa09dc411a43d75f35bb192", + "rev": "c085b984ff2808bf322f375b10fea5a415a9c43d", "type": "github" }, "original": { @@ -872,11 +872,11 @@ "lix": { "flake": false, "locked": { - "lastModified": 1720582987, - "narHash": "sha256-UaYUwM4GRtimyjhmrel2H2/Q+aVkKCHCUsFJ62LS/4c=", + "lastModified": 1720697958, + "narHash": "sha256-eMvynmI9MQmNPwpiVEXVMhPiC14P53HwSE1EUpEMIa4=", "ref": "refs/heads/main", - "rev": "fa92f41a18660be33e7f15d538ae446ed33e4b71", - "revCount": 15938, + "rev": "31478c810a79403fbb670ef7c4ef1d0d48271c80", + "revCount": 15947, "type": "git", "url": "https://git@git.lix.systems/lix-project/lix" }, @@ -897,11 +897,11 @@ ] }, "locked": { - "lastModified": 1719353937, - "narHash": "sha256-86NBqDxAP20ET/UoKX0WvSItblNQ97czXb2q7lkMrwk=", + "lastModified": 1720695775, + "narHash": "sha256-8Oqzl9QPjEe/n8y0R2tC6+2v/H6xBgABHXOJwxmnBg0=", "ref": "refs/heads/main", - "rev": "5d9d94089fb1ca96222a34bfe245ef5c5ebefd37", - "revCount": 92, + "rev": "d70318fb946a0e720dfdd1fb10b0645c14e2a02a", + "revCount": 94, "type": "git", "url": "https://git.lix.systems/lix-project/nixos-module" }, @@ -913,11 +913,11 @@ "mobile-nixos": { "flake": false, "locked": { - "lastModified": 1715627339, - "narHash": "sha256-HJ6V7hc64iBqXlZ8kH4sXmUzPH+0Hn6wYURmZmL5LFk=", + "lastModified": 1720660935, + "narHash": "sha256-GnDGoVaObUjnYdCHUSIYVE1anMElis+Pq+RY30LFlIk=", "owner": "NixOS", "repo": "mobile-nixos", - "rev": "655c8830d5fe2eae79c8fc0bab8033b34c8456eb", + "rev": "31704f8a55f5773c9b4e7adb7408a142d142e1f2", "type": "github" }, "original": { @@ -1261,17 +1261,17 @@ }, "nixpkgsUnstable": { "locked": { - "lastModified": 1720418205, - "narHash": "sha256-cPJoFPXU44GlhWg4pUk9oUPqurPlCFZ11ZQPk21GTPU=", + "lastModified": 1719254875, + "narHash": "sha256-ECni+IkwXjusHsm9Sexdtq8weAq/yUyt1TWIemXt3Ko=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "655a58a72a6601292512670343087c2d75d859c1", + "rev": "2893f56de08021cffd9b6b6dfc70fd9ccd51eb60", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-unstable", "repo": "nixpkgs", + "rev": "2893f56de08021cffd9b6b6dfc70fd9ccd51eb60", "type": "github" } }, @@ -1820,11 +1820,11 @@ ] }, "locked": { - "lastModified": 1720507012, - "narHash": "sha256-QIeZ43t9IVB4dLsFaWh2f4C7JSRfK7p+Y1U9dULsLXU=", + "lastModified": 1720645794, + "narHash": "sha256-vAeYp+WH7i/DlBM5xNt9QeWiOiqzzf5abO8DYGkbUxg=", "owner": "numtide", "repo": "treefmt-nix", - "rev": "8b63fe8cf7892c59b3df27cbcab4d5644035d72f", + "rev": "750dfb555b5abdab4d3266b3f9a05dec6d205c04", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 3f4cc1d..2299602 100644 --- a/flake.nix +++ b/flake.nix @@ -3,7 +3,8 @@ inputs = { flakeParts.url = "github:hercules-ci/flake-parts"; - nixpkgsUnstable.url = "github:NixOS/nixpkgs/nixos-unstable"; + # FIXME remove constraint + nixpkgsUnstable.url = "github:NixOS/nixpkgs/2893f56de08021cffd9b6b6dfc70fd9ccd51eb60"; nixpkgsUnstableForSisko.url = "github:NixOS/nixpkgs/0e74ca98a74bc7270d28838369593635a5db3260"; nixpkgsStable.url = "github:NixOS/nixpkgs/nixos-23.11"; nixosHardware.url = "github:NixOS/nixos-hardware"; diff --git a/hosts/default.nix b/hosts/default.nix index c42de37..7ec9a15 100644 --- a/hosts/default.nix +++ b/hosts/default.nix @@ -176,17 +176,17 @@ "minio-credentials".owner = "minio"; "aws-credentials".owner = "hercules-ci-agent"; "hass-ssh-key".owner = "hass"; - "matrix-registration-shared-secret".owner = "matrix-synapse"; - "matrix-sliding-sync-secret".owner = "matrix-synapse"; + # "matrix-registration-shared-secret".owner = "matrix-synapse"; + # "matrix-sliding-sync-secret".owner = "matrix-synapse"; "autistici-password".owner = "forgejo"; }; }; }; vpnExtra = { - oneplus6t = { + oneplus8t = { ip = "10.100.0.4"; - publicKey = "cXHPaJXeA/JB7DKlZXR86zYcz1OEVPMOvAmDhBQF91E="; + publicKey = "9ccx4C4xvPC6lPgTZAHDSfK4FS2BP2i4D57u9IZjw18="; }; }; }; diff --git a/hosts/janeway/default.nix b/hosts/janeway/default.nix index 54c0975..ecc1e54 100644 --- a/hosts/janeway/default.nix +++ b/hosts/janeway/default.nix @@ -2,18 +2,18 @@ config, lib, pkgs, + fleetFlake, ... }: let sshdTmpDirectory = "${config.user.home}/sshd-tmp"; sshdDirectory = "${config.user.home}/sshd"; - pathToPubKey = "/mnt/sdcard/Download/picard_host_key.pub"; port = 8022; in { # Backup etc files instead of failing to activate generation if a file already exists in /etc environment.etcBackupExtension = ".bak"; # Read the changelog before changing this value - system.stateVersion = "23.11"; + system.stateVersion = "24.05"; # Set up nix for flakes nix.extraOptions = '' @@ -23,9 +23,25 @@ in { # Set your time zone time.timeZone = "Europe/Rome"; - build.activation.sshd = '' + home-manager.config = {pkgs, ...}: { + home.stateVersion = "24.05"; + _module.args = { + hostname = "janeway"; + age.secrets = {}; + }; + imports = [../../hmModules/shell]; + }; + + build.activation.sshd = let + keys = (builtins.import ../../lib).keys; + inherit (keys) hosts users; + in '' $DRY_RUN_CMD mkdir $VERBOSE_ARG --parents "${config.user.home}/.ssh" - $DRY_RUN_CMD cat ${pathToPubKey} > "${config.user.home}/.ssh/authorized_keys" + $DRY_RUN_CMD echo ${hosts.picard} > "${config.user.home}/.ssh/authorized_keys" + $DRY_RUN_CMD echo ${hosts.sisko} >> "${config.user.home}/.ssh/authorized_keys" + $DRY_RUN_CMD echo ${hosts.kirk} >> "${config.user.home}/.ssh/authorized_keys" + $DRY_RUN_CMD echo ${users.ccr-ssh} >> "${config.user.home}/.ssh/authorized_keys" + $DRY_RUN_CMD echo ${users.ccr-gpg} >> "${config.user.home}/.ssh/authorized_keys" if [[ ! -d "${sshdDirectory}" ]]; then $DRY_RUN_CMD rm $VERBOSE_ARG --recursive --force "${sshdTmpDirectory}" @@ -42,12 +58,13 @@ in { ''; environment.packages = [ - pkgs.vim pkgs.bottom pkgs.helix pkgs.stress pkgs.openssh pkgs.git + pkgs.btop + fleetFlake.inputs.ccrEmacs.packages.aarch64-linux.ccrEmacs (pkgs.writeScriptBin "sshd-start" '' #!${pkgs.runtimeShell} diff --git a/hosts/kirk/default.nix b/hosts/kirk/default.nix index dc8c107..4565542 100644 --- a/hosts/kirk/default.nix +++ b/hosts/kirk/default.nix @@ -32,7 +32,6 @@ "syncthing" "mount-rock5b" "adb" - "calibre" ] ++ [ ./disko.nix @@ -66,6 +65,7 @@ "discord" "remmina" "zulip" + "calibre" ]; extraGroups = []; backupPaths = []; @@ -98,7 +98,6 @@ hardware.opengl = { enable = true; - driSupport = true; driSupport32Bit = true; }; } diff --git a/hosts/module.nix b/hosts/module.nix index 9f3f4b0..3c26ae6 100644 --- a/hosts/module.nix +++ b/hosts/module.nix @@ -291,6 +291,7 @@ in { internal = true; default = hostname: config: inputs.nix-on-droid.lib.nixOnDroidConfiguration { + pkgs = inputs.nixpkgsUnstable.legacyPackages.aarch64-linux; modules = [ ({ lib, @@ -298,6 +299,7 @@ in { ... }: { nixpkgs.overlays = config.overlays; + _module.args.fleetFlake = self; }) "${self.outPath}/hosts/${hostname}" ]; diff --git a/hosts/picard/default.nix b/hosts/picard/default.nix index f60fbf1..9b63f91 100644 --- a/hosts/picard/default.nix +++ b/hosts/picard/default.nix @@ -129,7 +129,6 @@ hardware.graphics = { enable = true; - # driSupport = true; enable32Bit = true; }; diff --git a/hosts/sisko/default.nix b/hosts/sisko/default.nix index cdb4d00..760e9e4 100644 --- a/hosts/sisko/default.nix +++ b/hosts/sisko/default.nix @@ -28,7 +28,7 @@ # "matrix" "forgejo" # "jellyfin" - "immich" + # "immich" ] ++ [ ./disko.nix diff --git a/lib/default.nix b/lib/default.nix index d06c92e..7b98ca0 100644 --- a/lib/default.nix +++ b/lib/default.nix @@ -3,7 +3,7 @@ users = { ccr-gpg = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC5cEUx25pnZiH3eBrE2xNbJ92gJiKSznDUNRzcEL4ti6FlJm+75p4q0hgdqHwStR8+uCWBL6viVFCGutOVMFE5MX1Oc3A8fJdR6H9Rrwvk/1UQzqzc9tWxw1qPLKz+fnPDomjOvNofghCWQRwX3Xf1HnIqvRwELpNbR9i+/cHkDGzLJxkstbt4gol8ywMPkw02QdKk8s5MEd1vawxc+7Chs0JPW57RDqDYFErYys52JLeAViCBB9bofF+KT42LuRXKSjWlvCV9kR5TL49vUeBgzMQWMh++WQdN4m9lpqFqYyc75I49/E0HGf8LChDSS+hvRnb5MbtnVGjEA4WDHyldmJCvUNob5CUo4FjoSPRi+S/J3Ads8D4JVwaJOJEVqmMKEhiQ0Hzk4hwe3eV/VumlZj4U/QjaCrqqi4TW/iP0gNRfzcfiM+G/z5R7w1NMUpTX7oilyKjMQmGnXB857D3SSptS7dwh5OiKhVmrQMRCduooUsj236abqLU28K//RnxhOgh8kDGgoUHApnTiMZNKhgLiR42lKrubNcW1tAAqoNyFLMwwXeMLjh0iP1b5y8ntfNPNIcGb7vcwpS24z/aIjW7rQ4J7x5EBphHGhys6ne+irdhOM8c7kFr+c8+Q2oU0YAtFuMYztAFOHm1e20X00Zvys2nuee+hT9F1NungAQ== andrea.ciceri@autistici.org"; ccr-ssh = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCzCmDCtlGscpesHuoiruVWD2IjYEFtaIl9Y2JZGiOAyf3V17KPx0MikcknfmxSHi399SxppiaXQHxo/1wjGxXkXNTTv6h1fBuqwhJE6C8+ZSV+gal81vEnXX+/9w2FQqtVgnG2/mO7oJ0e3FY+6kFpOsGEhYexoGt/UxIpAZoqIN+CWNhJIASUkneaZWtgwiL8Afb59kJQ2E7WbBu+PjYZ/s5lhPobhlkz6s8rkhItvYdiSHT0DPDKvp1oEbxsxd4E4cjJFbahyS8b089NJd9gF5gs0b74H/2lUUymnl63cV37Mp4iXB4rtE69MbjqsGEBKTPumLualmc8pOGBHqWIdhAqGdZQeBajcb6VK0E3hcU0wBB+GJgm7KUzlAHGdC3azY0KlHMrLaZN0pBrgCVR6zBNWtZz2B2qMBZ8Cw+K4vut8GuspdXZscID10U578GxQvJAB9CdxNUtrzSmKX2UtZPB1udWjjIAlejzba4MG73uXgQEdv0NcuHNwaLuCWxTUT5QQF18IwlJ23Mg8aPK8ojUW5A+kGHAu9wtgZVcX1nS5cmYKSgLzcP1LA1l9fTJ1vqBSuy38GTdUzfzz7AbnkRfGPj2ALDgyx17Rc5ommjc1k0gFoeIqiLaxEs5FzDcRyo7YvZXPsGeIqNCYwQWw3+U+yUEJby8bxGb2d/6YQ== andrea.ciceri@autistici.org"; - oneplus6t = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC1xBMLABwQQGOrbFXDqJEvcBQFvTx/Fj+k/qBa+FXPobH2BcOj8NxrExliP3krPTi+srEaA0fQHBy/tFktiZQvx82KPan9dpmRlc6G970Ej9M6dNbwl4zTMAgZ3E8U5HCvoXTaFeSS2mrlRq5pyy7dZcVkPMvhgP65d+gx6fJbQhiDGBGJg2CWU8b1bUG703EkYcKAZY57Db+j/8/VoBsS3TAAJzW8CVxN1nqKeYCcgPR7y2HjZihlSUPJsdwV4D46qj1gLh+NdYh5iBUICOXBIt26hiQhRPtY+mtH2eWW1NdnCp2gk6IaMQEHKCy9t5L3VybQJzaqDZwQAyQZIbonb+X8hlkhvf9CjlrjILoroLN3RE5te/WQQzyTR4Ni8A6+Mu+1JHW5JWM3Iz9u77ceLc9/4UFkdFSALZjFUYIevQLUitVZCdJkqNxizyJmpCgjAnArhjItX6hO4Dq96TRWcHDtCsk1jJ1CCUZRwkkzZjmob86CS58zERkwWbWKGSejxSO6YQZTFsgon76r2x5Cd1GoG4vCtFMqyOQzDTHZqVxYjWJrySFg2GnCIy4wth1tpwB/uzobM9Xn01V6vdQNDI7a/4XHZ7IQWiGy2dme6R+PmAma1RgxAioPt5IZrv8nlb2YWXuoXS66RSwV9A9U+98hVfZc29KJ+2fKVy/JBQ== oneplus6t"; + oneplus8t = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO8da1Mf11vXFF0kVDgxocVoGwpHHMEs9emS9T+v8hLb oneplus8t"; hercules-ci-agent = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGPupm00BiveTIYF6CNwuMijF5VvEaPDMjvt+vMlAy+N hercules-ci-agent"; }; hosts = { diff --git a/modules/syncthing/default.nix b/modules/syncthing/default.nix index d7597c5..240e3a7 100644 --- a/modules/syncthing/default.nix +++ b/modules/syncthing/default.nix @@ -29,10 +29,10 @@ "tcp://kirk.fleet" ]; }; - onplus6t = { + onplus8t = { id = "76BJ2ZE-FPFDWUZ-3UZIENZ-TS6YBGG-EZSF6UE-GLHRBQ2-KTHTRMI-3JWNRAT"; addresses = [ - "tcp://oneplus6t.fleet" + "tcp://oneplus8t.fleet" ]; }; };