Compare commits
10 commits
e3992053f7
...
b5047046dc
| Author | SHA1 | Date | |
|---|---|---|---|
| b5047046dc | |||
ecd6f90005
|
|||
|
c9951e3774
|
|||
|
dc3d14fc76
|
|||
|
1d0d36659a
|
|||
|
36482dbb45
|
|||
|
bd015badf8
|
|||
|
2ecab054f9
|
|||
|
399e02b074
|
|||
|
0b5508b94d
|
10 changed files with 62 additions and 44 deletions
54
flake.lock
generated
54
flake.lock
generated
|
|
@ -104,11 +104,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1720402389,
|
||||
"narHash": "sha256-zJv6euDOrJWMHBhxfp/ay+Dvjwpe8YtMuEI5b09bxmo=",
|
||||
"lastModified": 1720661479,
|
||||
"narHash": "sha256-nsGgA14vVn0GGiqEfomtVgviRJCuSR3UEopfP8ixW1I=",
|
||||
"owner": "nix-community",
|
||||
"repo": "disko",
|
||||
"rev": "f1a00e7f55dc266ef286cc6fc8458fa2b5ca2414",
|
||||
"rev": "786965e1b1ed3fd2018d78399984f461e2a44689",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -124,11 +124,11 @@
|
|||
"pyproject-nix": "pyproject-nix"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1720605900,
|
||||
"narHash": "sha256-/BTAC3gj1Ot7o/PINsHS2EGEtGUadI12WZlhowKn18c=",
|
||||
"lastModified": 1720709248,
|
||||
"narHash": "sha256-ThoGJ7wEcoKjE9rWVoAqplbfzPK8FCbsrqt9WjGS96w=",
|
||||
"owner": "nix-community",
|
||||
"repo": "dream2nix",
|
||||
"rev": "0c6b5c8ab796f6dfb2aef1133f5b7bb25ce57cb9",
|
||||
"rev": "a3751775d93d70845cdf55c00f28f0074bee7d9c",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -818,11 +818,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1720470846,
|
||||
"narHash": "sha256-7ftA4Bv5KfH4QdTRxqe8/Hz2YTKo+7IQ9n7vbNWgv28=",
|
||||
"lastModified": 1720646128,
|
||||
"narHash": "sha256-BivO5yIQukDlJL+1875Sqf3GuOPxZDdA48dYDi3PkL8=",
|
||||
"owner": "nix-community",
|
||||
"repo": "home-manager",
|
||||
"rev": "2fb5c1e0a17bc6059fa09dc411a43d75f35bb192",
|
||||
"rev": "c085b984ff2808bf322f375b10fea5a415a9c43d",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -872,11 +872,11 @@
|
|||
"lix": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1720582987,
|
||||
"narHash": "sha256-UaYUwM4GRtimyjhmrel2H2/Q+aVkKCHCUsFJ62LS/4c=",
|
||||
"lastModified": 1720697958,
|
||||
"narHash": "sha256-eMvynmI9MQmNPwpiVEXVMhPiC14P53HwSE1EUpEMIa4=",
|
||||
"ref": "refs/heads/main",
|
||||
"rev": "fa92f41a18660be33e7f15d538ae446ed33e4b71",
|
||||
"revCount": 15938,
|
||||
"rev": "31478c810a79403fbb670ef7c4ef1d0d48271c80",
|
||||
"revCount": 15947,
|
||||
"type": "git",
|
||||
"url": "https://git@git.lix.systems/lix-project/lix"
|
||||
},
|
||||
|
|
@ -897,11 +897,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1719353937,
|
||||
"narHash": "sha256-86NBqDxAP20ET/UoKX0WvSItblNQ97czXb2q7lkMrwk=",
|
||||
"lastModified": 1720695775,
|
||||
"narHash": "sha256-8Oqzl9QPjEe/n8y0R2tC6+2v/H6xBgABHXOJwxmnBg0=",
|
||||
"ref": "refs/heads/main",
|
||||
"rev": "5d9d94089fb1ca96222a34bfe245ef5c5ebefd37",
|
||||
"revCount": 92,
|
||||
"rev": "d70318fb946a0e720dfdd1fb10b0645c14e2a02a",
|
||||
"revCount": 94,
|
||||
"type": "git",
|
||||
"url": "https://git.lix.systems/lix-project/nixos-module"
|
||||
},
|
||||
|
|
@ -913,11 +913,11 @@
|
|||
"mobile-nixos": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1715627339,
|
||||
"narHash": "sha256-HJ6V7hc64iBqXlZ8kH4sXmUzPH+0Hn6wYURmZmL5LFk=",
|
||||
"lastModified": 1720660935,
|
||||
"narHash": "sha256-GnDGoVaObUjnYdCHUSIYVE1anMElis+Pq+RY30LFlIk=",
|
||||
"owner": "NixOS",
|
||||
"repo": "mobile-nixos",
|
||||
"rev": "655c8830d5fe2eae79c8fc0bab8033b34c8456eb",
|
||||
"rev": "31704f8a55f5773c9b4e7adb7408a142d142e1f2",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -1261,17 +1261,17 @@
|
|||
},
|
||||
"nixpkgsUnstable": {
|
||||
"locked": {
|
||||
"lastModified": 1720418205,
|
||||
"narHash": "sha256-cPJoFPXU44GlhWg4pUk9oUPqurPlCFZ11ZQPk21GTPU=",
|
||||
"lastModified": 1719254875,
|
||||
"narHash": "sha256-ECni+IkwXjusHsm9Sexdtq8weAq/yUyt1TWIemXt3Ko=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "655a58a72a6601292512670343087c2d75d859c1",
|
||||
"rev": "2893f56de08021cffd9b6b6dfc70fd9ccd51eb60",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"ref": "nixos-unstable",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "2893f56de08021cffd9b6b6dfc70fd9ccd51eb60",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
|
|
@ -1820,11 +1820,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1720507012,
|
||||
"narHash": "sha256-QIeZ43t9IVB4dLsFaWh2f4C7JSRfK7p+Y1U9dULsLXU=",
|
||||
"lastModified": 1720645794,
|
||||
"narHash": "sha256-vAeYp+WH7i/DlBM5xNt9QeWiOiqzzf5abO8DYGkbUxg=",
|
||||
"owner": "numtide",
|
||||
"repo": "treefmt-nix",
|
||||
"rev": "8b63fe8cf7892c59b3df27cbcab4d5644035d72f",
|
||||
"rev": "750dfb555b5abdab4d3266b3f9a05dec6d205c04",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
|
|||
|
|
@ -3,7 +3,8 @@
|
|||
|
||||
inputs = {
|
||||
flakeParts.url = "github:hercules-ci/flake-parts";
|
||||
nixpkgsUnstable.url = "github:NixOS/nixpkgs/nixos-unstable";
|
||||
# FIXME remove constraint
|
||||
nixpkgsUnstable.url = "github:NixOS/nixpkgs/2893f56de08021cffd9b6b6dfc70fd9ccd51eb60";
|
||||
nixpkgsUnstableForSisko.url = "github:NixOS/nixpkgs/0e74ca98a74bc7270d28838369593635a5db3260";
|
||||
nixpkgsStable.url = "github:NixOS/nixpkgs/nixos-23.11";
|
||||
nixosHardware.url = "github:NixOS/nixos-hardware";
|
||||
|
|
|
|||
|
|
@ -176,17 +176,17 @@
|
|||
"minio-credentials".owner = "minio";
|
||||
"aws-credentials".owner = "hercules-ci-agent";
|
||||
"hass-ssh-key".owner = "hass";
|
||||
"matrix-registration-shared-secret".owner = "matrix-synapse";
|
||||
"matrix-sliding-sync-secret".owner = "matrix-synapse";
|
||||
# "matrix-registration-shared-secret".owner = "matrix-synapse";
|
||||
# "matrix-sliding-sync-secret".owner = "matrix-synapse";
|
||||
"autistici-password".owner = "forgejo";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
vpnExtra = {
|
||||
oneplus6t = {
|
||||
oneplus8t = {
|
||||
ip = "10.100.0.4";
|
||||
publicKey = "cXHPaJXeA/JB7DKlZXR86zYcz1OEVPMOvAmDhBQF91E=";
|
||||
publicKey = "9ccx4C4xvPC6lPgTZAHDSfK4FS2BP2i4D57u9IZjw18=";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
|
|
|||
|
|
@ -2,18 +2,18 @@
|
|||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
fleetFlake,
|
||||
...
|
||||
}: let
|
||||
sshdTmpDirectory = "${config.user.home}/sshd-tmp";
|
||||
sshdDirectory = "${config.user.home}/sshd";
|
||||
pathToPubKey = "/mnt/sdcard/Download/picard_host_key.pub";
|
||||
port = 8022;
|
||||
in {
|
||||
# Backup etc files instead of failing to activate generation if a file already exists in /etc
|
||||
environment.etcBackupExtension = ".bak";
|
||||
|
||||
# Read the changelog before changing this value
|
||||
system.stateVersion = "23.11";
|
||||
system.stateVersion = "24.05";
|
||||
|
||||
# Set up nix for flakes
|
||||
nix.extraOptions = ''
|
||||
|
|
@ -23,9 +23,25 @@ in {
|
|||
# Set your time zone
|
||||
time.timeZone = "Europe/Rome";
|
||||
|
||||
build.activation.sshd = ''
|
||||
home-manager.config = {pkgs, ...}: {
|
||||
home.stateVersion = "24.05";
|
||||
_module.args = {
|
||||
hostname = "janeway";
|
||||
age.secrets = {};
|
||||
};
|
||||
imports = [../../hmModules/shell];
|
||||
};
|
||||
|
||||
build.activation.sshd = let
|
||||
keys = (builtins.import ../../lib).keys;
|
||||
inherit (keys) hosts users;
|
||||
in ''
|
||||
$DRY_RUN_CMD mkdir $VERBOSE_ARG --parents "${config.user.home}/.ssh"
|
||||
$DRY_RUN_CMD cat ${pathToPubKey} > "${config.user.home}/.ssh/authorized_keys"
|
||||
$DRY_RUN_CMD echo ${hosts.picard} > "${config.user.home}/.ssh/authorized_keys"
|
||||
$DRY_RUN_CMD echo ${hosts.sisko} >> "${config.user.home}/.ssh/authorized_keys"
|
||||
$DRY_RUN_CMD echo ${hosts.kirk} >> "${config.user.home}/.ssh/authorized_keys"
|
||||
$DRY_RUN_CMD echo ${users.ccr-ssh} >> "${config.user.home}/.ssh/authorized_keys"
|
||||
$DRY_RUN_CMD echo ${users.ccr-gpg} >> "${config.user.home}/.ssh/authorized_keys"
|
||||
|
||||
if [[ ! -d "${sshdDirectory}" ]]; then
|
||||
$DRY_RUN_CMD rm $VERBOSE_ARG --recursive --force "${sshdTmpDirectory}"
|
||||
|
|
@ -42,12 +58,13 @@ in {
|
|||
'';
|
||||
|
||||
environment.packages = [
|
||||
pkgs.vim
|
||||
pkgs.bottom
|
||||
pkgs.helix
|
||||
pkgs.stress
|
||||
pkgs.openssh
|
||||
pkgs.git
|
||||
pkgs.btop
|
||||
fleetFlake.inputs.ccrEmacs.packages.aarch64-linux.ccrEmacs
|
||||
(pkgs.writeScriptBin "sshd-start" ''
|
||||
#!${pkgs.runtimeShell}
|
||||
|
||||
|
|
|
|||
|
|
@ -32,7 +32,6 @@
|
|||
"syncthing"
|
||||
"mount-rock5b"
|
||||
"adb"
|
||||
"calibre"
|
||||
]
|
||||
++ [
|
||||
./disko.nix
|
||||
|
|
@ -66,6 +65,7 @@
|
|||
"discord"
|
||||
"remmina"
|
||||
"zulip"
|
||||
"calibre"
|
||||
];
|
||||
extraGroups = [];
|
||||
backupPaths = [];
|
||||
|
|
@ -98,7 +98,6 @@
|
|||
|
||||
hardware.opengl = {
|
||||
enable = true;
|
||||
driSupport = true;
|
||||
driSupport32Bit = true;
|
||||
};
|
||||
}
|
||||
|
|
|
|||
|
|
@ -291,6 +291,7 @@ in {
|
|||
internal = true;
|
||||
default = hostname: config:
|
||||
inputs.nix-on-droid.lib.nixOnDroidConfiguration {
|
||||
pkgs = inputs.nixpkgsUnstable.legacyPackages.aarch64-linux;
|
||||
modules = [
|
||||
({
|
||||
lib,
|
||||
|
|
@ -298,6 +299,7 @@ in {
|
|||
...
|
||||
}: {
|
||||
nixpkgs.overlays = config.overlays;
|
||||
_module.args.fleetFlake = self;
|
||||
})
|
||||
"${self.outPath}/hosts/${hostname}"
|
||||
];
|
||||
|
|
|
|||
|
|
@ -129,7 +129,6 @@
|
|||
|
||||
hardware.graphics = {
|
||||
enable = true;
|
||||
# driSupport = true;
|
||||
enable32Bit = true;
|
||||
};
|
||||
|
||||
|
|
|
|||
|
|
@ -28,7 +28,7 @@
|
|||
# "matrix"
|
||||
"forgejo"
|
||||
# "jellyfin"
|
||||
"immich"
|
||||
# "immich"
|
||||
]
|
||||
++ [
|
||||
./disko.nix
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@
|
|||
users = {
|
||||
ccr-gpg = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC5cEUx25pnZiH3eBrE2xNbJ92gJiKSznDUNRzcEL4ti6FlJm+75p4q0hgdqHwStR8+uCWBL6viVFCGutOVMFE5MX1Oc3A8fJdR6H9Rrwvk/1UQzqzc9tWxw1qPLKz+fnPDomjOvNofghCWQRwX3Xf1HnIqvRwELpNbR9i+/cHkDGzLJxkstbt4gol8ywMPkw02QdKk8s5MEd1vawxc+7Chs0JPW57RDqDYFErYys52JLeAViCBB9bofF+KT42LuRXKSjWlvCV9kR5TL49vUeBgzMQWMh++WQdN4m9lpqFqYyc75I49/E0HGf8LChDSS+hvRnb5MbtnVGjEA4WDHyldmJCvUNob5CUo4FjoSPRi+S/J3Ads8D4JVwaJOJEVqmMKEhiQ0Hzk4hwe3eV/VumlZj4U/QjaCrqqi4TW/iP0gNRfzcfiM+G/z5R7w1NMUpTX7oilyKjMQmGnXB857D3SSptS7dwh5OiKhVmrQMRCduooUsj236abqLU28K//RnxhOgh8kDGgoUHApnTiMZNKhgLiR42lKrubNcW1tAAqoNyFLMwwXeMLjh0iP1b5y8ntfNPNIcGb7vcwpS24z/aIjW7rQ4J7x5EBphHGhys6ne+irdhOM8c7kFr+c8+Q2oU0YAtFuMYztAFOHm1e20X00Zvys2nuee+hT9F1NungAQ== andrea.ciceri@autistici.org";
|
||||
ccr-ssh = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCzCmDCtlGscpesHuoiruVWD2IjYEFtaIl9Y2JZGiOAyf3V17KPx0MikcknfmxSHi399SxppiaXQHxo/1wjGxXkXNTTv6h1fBuqwhJE6C8+ZSV+gal81vEnXX+/9w2FQqtVgnG2/mO7oJ0e3FY+6kFpOsGEhYexoGt/UxIpAZoqIN+CWNhJIASUkneaZWtgwiL8Afb59kJQ2E7WbBu+PjYZ/s5lhPobhlkz6s8rkhItvYdiSHT0DPDKvp1oEbxsxd4E4cjJFbahyS8b089NJd9gF5gs0b74H/2lUUymnl63cV37Mp4iXB4rtE69MbjqsGEBKTPumLualmc8pOGBHqWIdhAqGdZQeBajcb6VK0E3hcU0wBB+GJgm7KUzlAHGdC3azY0KlHMrLaZN0pBrgCVR6zBNWtZz2B2qMBZ8Cw+K4vut8GuspdXZscID10U578GxQvJAB9CdxNUtrzSmKX2UtZPB1udWjjIAlejzba4MG73uXgQEdv0NcuHNwaLuCWxTUT5QQF18IwlJ23Mg8aPK8ojUW5A+kGHAu9wtgZVcX1nS5cmYKSgLzcP1LA1l9fTJ1vqBSuy38GTdUzfzz7AbnkRfGPj2ALDgyx17Rc5ommjc1k0gFoeIqiLaxEs5FzDcRyo7YvZXPsGeIqNCYwQWw3+U+yUEJby8bxGb2d/6YQ== andrea.ciceri@autistici.org";
|
||||
oneplus6t = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC1xBMLABwQQGOrbFXDqJEvcBQFvTx/Fj+k/qBa+FXPobH2BcOj8NxrExliP3krPTi+srEaA0fQHBy/tFktiZQvx82KPan9dpmRlc6G970Ej9M6dNbwl4zTMAgZ3E8U5HCvoXTaFeSS2mrlRq5pyy7dZcVkPMvhgP65d+gx6fJbQhiDGBGJg2CWU8b1bUG703EkYcKAZY57Db+j/8/VoBsS3TAAJzW8CVxN1nqKeYCcgPR7y2HjZihlSUPJsdwV4D46qj1gLh+NdYh5iBUICOXBIt26hiQhRPtY+mtH2eWW1NdnCp2gk6IaMQEHKCy9t5L3VybQJzaqDZwQAyQZIbonb+X8hlkhvf9CjlrjILoroLN3RE5te/WQQzyTR4Ni8A6+Mu+1JHW5JWM3Iz9u77ceLc9/4UFkdFSALZjFUYIevQLUitVZCdJkqNxizyJmpCgjAnArhjItX6hO4Dq96TRWcHDtCsk1jJ1CCUZRwkkzZjmob86CS58zERkwWbWKGSejxSO6YQZTFsgon76r2x5Cd1GoG4vCtFMqyOQzDTHZqVxYjWJrySFg2GnCIy4wth1tpwB/uzobM9Xn01V6vdQNDI7a/4XHZ7IQWiGy2dme6R+PmAma1RgxAioPt5IZrv8nlb2YWXuoXS66RSwV9A9U+98hVfZc29KJ+2fKVy/JBQ== oneplus6t";
|
||||
oneplus8t = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO8da1Mf11vXFF0kVDgxocVoGwpHHMEs9emS9T+v8hLb oneplus8t";
|
||||
hercules-ci-agent = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGPupm00BiveTIYF6CNwuMijF5VvEaPDMjvt+vMlAy+N hercules-ci-agent";
|
||||
};
|
||||
hosts = {
|
||||
|
|
|
|||
|
|
@ -29,10 +29,10 @@
|
|||
"tcp://kirk.fleet"
|
||||
];
|
||||
};
|
||||
onplus6t = {
|
||||
onplus8t = {
|
||||
id = "76BJ2ZE-FPFDWUZ-3UZIENZ-TS6YBGG-EZSF6UE-GLHRBQ2-KTHTRMI-3JWNRAT";
|
||||
addresses = [
|
||||
"tcp://oneplus6t.fleet"
|
||||
"tcp://oneplus8t.fleet"
|
||||
];
|
||||
};
|
||||
};
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue