Secrets and syncthing
This commit is contained in:
18
flake.nix
18
flake.nix
@ -29,6 +29,12 @@
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
|
||||
ragenix = {
|
||||
url = "github:yaxitech/ragenix";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
|
||||
|
||||
# baballonia = {
|
||||
# url = "github:Project-Babble/Baballonia";
|
||||
# inputs.nixpkgs.follows = "nixpkgs";
|
||||
@ -39,7 +45,7 @@
|
||||
# wayvr-dashbourd.url = "github:PassiveLemon/lemonake/master/pkgs/wayvr-dashboard"
|
||||
};
|
||||
|
||||
outputs = { self, nixpkgs, lix-module, home-manager, ...}@inputs:
|
||||
outputs = { self, nixpkgs, lix-module, ragenix, home-manager, ...}@inputs:
|
||||
{
|
||||
nixosConfigurations.pewter =
|
||||
let
|
||||
@ -54,6 +60,7 @@
|
||||
specialArgs = inputs;
|
||||
modules = [
|
||||
lix-module.nixosModules.default
|
||||
|
||||
./vr-overlay.nix
|
||||
./configuration.nix
|
||||
home-manager.nixosModules.home-manager
|
||||
@ -61,6 +68,9 @@
|
||||
home-manager.useGlobalPkgs = true;
|
||||
home-manager.useUserPackages = true;
|
||||
home-manager.users.abby = ./home.nix;
|
||||
home-manager.sharedModules = [
|
||||
ragenix.homeManagerModules.default
|
||||
];
|
||||
|
||||
home-manager.extraSpecialArgs = {
|
||||
username = "abby";
|
||||
@ -81,7 +91,8 @@
|
||||
home-manager.lib.homeManagerConfiguration {
|
||||
inherit pkgs;
|
||||
modules = [
|
||||
lix-module.nixosModules.default
|
||||
lix-module.homeManagerModules.default
|
||||
ragenix.homeManagerModules.default
|
||||
./home.nix
|
||||
];
|
||||
extraSpecialArgs = {
|
||||
@ -103,7 +114,8 @@
|
||||
inherit pkgs;
|
||||
# specialArgs = inputs;
|
||||
modules = [
|
||||
lix-module.nixosModules.default
|
||||
lix-module.homeManagerModules.default
|
||||
ragenix.homeManagerModules.default
|
||||
./home.nix
|
||||
];
|
||||
extraSpecialArgs = {
|
||||
|
||||
9
home.nix
9
home.nix
@ -30,6 +30,7 @@
|
||||
mpv
|
||||
vlc
|
||||
moonlight-qt
|
||||
#inputs.ragenix.packges.${system}.default
|
||||
|
||||
# htop
|
||||
#inputs.baballonia.${system}.default
|
||||
@ -48,6 +49,11 @@
|
||||
stardust-xr-atmosphere
|
||||
];
|
||||
|
||||
# importing secrets
|
||||
age.secrets = {
|
||||
syncthing_tin.file = ./secrets/syncthing_tin.age;
|
||||
syncthing_nicrosil.file = ./secrets/syncthing_nicrosil.age;
|
||||
};
|
||||
|
||||
# Wayvr customization
|
||||
xdg.configFile."wlxoverlay/openxr_actions.json5" = {
|
||||
@ -82,7 +88,7 @@ dashboard:
|
||||
],
|
||||
"runtime" :
|
||||
[
|
||||
"${pkgs.opencomposite}/lib/opencomposite"
|
||||
"${pkgs.xrizer}/lib/xrizer"
|
||||
],
|
||||
"version" : 1
|
||||
}
|
||||
@ -124,4 +130,5 @@ dashboard:
|
||||
xdg.configFile."kitty/kitty.conf".source = ./xdg/kitty/kitty.conf;
|
||||
home.file.".zshrc".source = xdg/zshrc;
|
||||
|
||||
services.syncthing = import ./syncthing.nix { config = config; };
|
||||
}
|
||||
|
||||
15
secrets/secrets.nix
Normal file
15
secrets/secrets.nix
Normal file
@ -0,0 +1,15 @@
|
||||
let
|
||||
pewter = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHo7gy/7ZTGPrpJO7aHNlyda5W9mDQhBm90p8Zrxe/Al";
|
||||
nicrosil = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOYmdrmGnKrC3baYXihar6PoR1r64r8SCctEy8BVv2BQ";
|
||||
copper = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK/4a7VOiTVo8g1L1cckHz+Od87lsAOaw0WaNoip2Wdv";
|
||||
users = [pewter nicrosil copper];
|
||||
|
||||
nicrosil_system = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP7A9oW3c5GGJGU1kac7BZHLrrTsxni0+vCbZsgoRF44";
|
||||
systems = [nicrosil_system];
|
||||
|
||||
everybody = users ++ systems;
|
||||
in
|
||||
{
|
||||
"syncthing_tin.age".publicKeys = everybody;
|
||||
"syncthing_nicrosil.age".publicKeys = everybody;
|
||||
}
|
||||
16
secrets/syncthing_nicrosil.age
Normal file
16
secrets/syncthing_nicrosil.age
Normal file
@ -0,0 +1,16 @@
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IG9DVi9VQSBHV1hC
|
||||
MU9qQ3JRVW1MRSsvY0tubkphZWtVa2l1ZnRUN2U4TGFTODh1UUQwCmtVVW1QSWNR
|
||||
SG1WM1Q2aWMyejhqSjM2Y2ljYUI4bUF6aSt1M28rUzNoM2MKLT4gc3NoLWVkMjU1
|
||||
MTkgRU0wcEhnIG5xc0YzNmpSRjh4eFo3dUhKQW1mRGI0YkRSeHM5S3NnK0VTUnJF
|
||||
cHpmQUUKZEhVZlJzY2lsa0ZFZTFidHBPdng4aDE5aHdqdHFSdW5yVDRoWG1NRVY0
|
||||
dwotPiBzc2gtZWQyNTUxOSBSLzFOMkEgckhKVzdwVFJiSTBVTXhTVHVUaXQzVW5k
|
||||
bkU3VklvelFWYnFFTHJDS0JTcwoyYTM4eFdidnJQMmpGT29ieXk1U0JPeDRqT2pE
|
||||
OWROS2xTOHZWdjJHQnFBCi0+IHNzaC1lZDI1NTE5IENvbk4wUSB5dE8zUlBvV1Qv
|
||||
QzIzTko0MHFmei8vWlU1bU9ra2x0elBTRkVRT2ZlRlN3CkpDeVFoeWg5U2hmYUha
|
||||
bkZwYzNxSllLSzZlUkd2T1M5WTlzZzVwTGlDRjQKLT4gUnMtZ3JlYXNlCkszeklp
|
||||
WUUKLS0tIHBQazN3NjNCT21aa1FvaitWK29yeHUvbWt2a1crSUx2SzgrRzNQRzcx
|
||||
Q2MKOYjq/4daJpvmYYh+Ctn4c4EZ77Am0xQg5BV9JqUJOYLtzmz1cSV02zBiIPzQ
|
||||
EpYZXdzp+becn+4mT7+6yVQBFXQGZlXmyuuHSk8MgBD7duSL9aUFTeNVSVDIuwJM
|
||||
+JE=
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
18
secrets/syncthing_tin.age
Normal file
18
secrets/syncthing_tin.age
Normal file
@ -0,0 +1,18 @@
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IG9DVi9VQSBIUXky
|
||||
c2RKZ2ZBS2VYNmZXdkdmZmVHa2hvalNMcnRpUDh1QUNCS0JuTGpFClNsQ0ZIYjRl
|
||||
VzFQT2JSRjRJQjdLN1JTVDRVeWRXRGo0aFJ6ZmoydHZQakEKLT4gc3NoLWVkMjU1
|
||||
MTkgRU0wcEhnIHN3SEM0anRnQXR1Wkoxd2lIMmo0VzJoNDd4V21nMUx6SWNKRFVB
|
||||
QlRsVlUKQWgxeU9VUE1aV3BQdDRCTkN1QnVaNEtvU2l4eGtpcWgzVUNLQm55R0FM
|
||||
UQotPiBzc2gtZWQyNTUxOSBSLzFOMkEgVEpIZVlmYktRbDhaZDRyQ1N4UlI2WDdi
|
||||
QmowN0x4azdxRE00QjgxeERDQQpQendFQWtMVytnV3JjS3RxcW5odVFNemJzLzFQ
|
||||
SVc5SDN4Slc5WEJYZ1BzCi0+IHNzaC1lZDI1NTE5IENvbk4wUSBiV0lHVjFGWE4v
|
||||
MDZaamZ5QUlVQTh4MnMzVHZCMGJraHZwK3R1U0pnT0drCmdQdmFaN1pRRTFlblpS
|
||||
N0RYQjlJWVF4K2NGamFUekhIQVZNOElaRk02dVEKLT4gRyZ4RDNbXGgtZ3JlYXNl
|
||||
IFx2cCUjIGRreSBDTTgnciwgaVdhUWxSKAphb0hBZDY3VEEwb0ZOS3psbEM4WXRZ
|
||||
RUVtZWhIa0NpLzM3VjAxbTR0S040OVRoQmQvUlBFTitTQ2M0TWpsVXZGCkhyUHRK
|
||||
SnFxanFWVG0zYjhGbjNnZXkyckxXd1ZoNXpuWHVIdjBRCi0tLSBUekRnZlhpRkt3
|
||||
QkZOYThKbzVTc0Y5aHFCa3RpdWRJV2ZLZUYwWEViU2lFCk0O7G9anHpP6Np2V3F1
|
||||
Y9KOK4mu5SxrFkWbulV/PRQ+/78QFoxGkUxvEeB3TtQlFnMkamMEzG73PeEjDruy
|
||||
J8V61yKSsuuT7r0hw6ZksrVnrmYI4aq0wqwDIpQrZuGG
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
43
syncthing.nix
Normal file
43
syncthing.nix
Normal file
@ -0,0 +1,43 @@
|
||||
{ config, ... }:
|
||||
|
||||
let
|
||||
secretFile = builtins.WriteFile "secrets.nix" config.age.secrets.secret.path;
|
||||
secrets = import ./secrets.nix;
|
||||
in
|
||||
{
|
||||
enable = true;
|
||||
# openDefaultPorts = true;
|
||||
|
||||
# syncthing
|
||||
|
||||
settings.gui = {
|
||||
user = "pager";
|
||||
password = "roundabout";
|
||||
};
|
||||
|
||||
settings.devices = {
|
||||
"tin" = { id = config.age.secrets.syncthing_tin.path; };
|
||||
"nicrosil" = { id = config.age.secrets.syncthing_tin.path; };
|
||||
};
|
||||
|
||||
settings.folders = {
|
||||
"VRC Pictures" = {
|
||||
path = "/home/abby/Pictures/VRChat";
|
||||
id = "7q62w-jsps5";
|
||||
type = "sendreceive";
|
||||
devices = [ "tin" "nicrosil" ];
|
||||
};
|
||||
"VRC Avatars" = {
|
||||
path = "/home/abby/projects/VRC Avatars";
|
||||
id = "jdfra-eqoig";
|
||||
type = "sendreceive";
|
||||
devices = [ "tin" "nicrosil" ];
|
||||
};
|
||||
"Basis Avatars" = {
|
||||
path = "/home/abby/projects/Basis Avatars";
|
||||
id = "qzla2-jxhox";
|
||||
type = "sendreceive";
|
||||
devices = [ "tin" "nicrosil" ];
|
||||
};
|
||||
};
|
||||
}
|
||||
Reference in New Issue
Block a user