initial artemision changes (#116)

* Add artemision Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * blank config.nix for alice Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * move alice config Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * move alice config Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * fix slack (artemision) Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * fix unipicker (artemision) Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * fix vscode (artemision) Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * add wired-notify (not currently working, artemision) Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * change formatter to nixfmt-rfc-style Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * update lock Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * initial format Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * artemision settings Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * add artemision files Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * artemision initial setup * artemision initial setup * sops generation Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * sops updates Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * sops updates Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * fix breaking changes, add framework module Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * formatting and friends Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * add boot, mutable users is true * fmt * Add desktop/framework dependencies Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * enable sops * sops/ethernet fixes * update subs * cache key fix & mutable users * temp neovim * zsh changes Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * dependency fixes, zsh.nix * zsh fixes for home-manager Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * minor zsh fixes * minor zsh/home fixes * cleanup * typo from merge Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * formatting Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * remove owner Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * non-server :) Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * add display manager Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * switch to gdm Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * wayland errors Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * fix formatting Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * remove ZFS unstable Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * zsh reorg Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * wayland enable Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * add boot partition options Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * wayland agian Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * nix format Signed-off-by: ahuston-0 <aliceghuston@gmail.com> --------- Signed-off-by: ahuston-0 <aliceghuston@gmail.com> Co-authored-by: ahuston-0 <alice.huston@gmail.com>
2024-03-24 14:21:28 -04:00
parent bc7034e7e2
commit 46a605d12e
20 changed files with 1093 additions and 160 deletions
--- a/.sops.yaml
+++ b/.sops.yaml
@ -6,6 +6,7 @@ keys:
  # Generate AGE keys from SSH keys with:
  #   ssh-keygen -A
  #   nix-shell -p ssh-to-age --run 'cat /etc/ssh/ssh_host_ed25519_key.pub | ssh-to-age'
+  - &artemision age1jd2dcpykagz20kpk2kkchte3augqncwfn6nywursx0dkfyze6feqdzxkq2
  - &palatine-hill age1z8q02wdp0a2ep5uuffgfeqlfam4ztl95frhw5qhnn6knn0rrmcnqk5evej
  - &jeeves age128ehc0ssgwnuv4r8ayfyu7r80e82xrkmv63g7h9y9q4mhk4w9dyqfymc2w
  - &jeeves-jr age1lffr5f5nz0nrenv3ekgy27e8sztsx4gfp3hfymkz77mqaa5a4gts0ncrrh
@ -36,20 +37,32 @@ creation_rules:
        age:
          - *jeeves-jr

-  - path_regex: systems/palatine-hill/secrets\.yaml$
-    key_groups:
-      - pgp: *admins
-        age:
-          - *palatine-hill
-
-  - path_regex: users/alice/secrets\.yaml$
+  - path_regex: users/alice/secrets\.yaml$ 
    key_groups:
      - pgp:
          - *admin_alice
-        age: *servers
+        age:
+          - *palatine-hill
+          - *jeeves
+          - *jeeves-jr
+          - *artemision
+
+  - path_regex: systems/palatine-hill/secrets\.yaml$
+    key_groups:
+      - pgp:
+          - *admin_alice
+        age:
+          - *palatine-hill
+
+  - path_regex: users/alice/systems/artemision/secrets\.yaml$
+    key_groups:
+      - pgp:
+          - *admin_alice
+        age:
+          - *artemision
    
  - path_regex: users/richie/secrets\.yaml$
    key_groups:
      - pgp:
          - *admin_richie
-        age: *servers
+        age: *servers