ahuston-0/nix-dotfiles
1
0
Fork 0
Code Issues Pull Requests 2 Actions Packages Projects Releases Wiki Activity

Compare commits

base: ahuston-0:feature/overseerr
Branches Tags
ahuston-0:main ahuston-0:feature/home-config ahuston-0:feature/add-parthenon ahuston-0:ahuston-0-patch-2 ahuston-0:feature/add-pc ahuston-0:feature/add-jessica ahuston-0:feature/gitea-minio ahuston-0:feature/ftb-app ahuston-0:feature/hetzner-bridge ahuston-0:feature/setting-up-greylog ahuston-0:feature/build-cache ahuston-0:hotfix/zfs-import ahuston-0:feature/add-unpackerr ahuston-0:feature/pscsd-yubikey ahuston-0:feature/overseerr ahuston-0:feature/onboarding-kubernetes
..
compare: ahuston-0:hotfix/zfs-import
Branches Tags
ahuston-0:feature/home-config ahuston-0:main ahuston-0:feature/add-parthenon ahuston-0:ahuston-0-patch-2 ahuston-0:feature/add-pc ahuston-0:feature/add-jessica ahuston-0:feature/gitea-minio ahuston-0:feature/ftb-app ahuston-0:feature/hetzner-bridge ahuston-0:feature/setting-up-greylog ahuston-0:feature/build-cache ahuston-0:hotfix/zfs-import ahuston-0:feature/add-unpackerr ahuston-0:feature/pscsd-yubikey ahuston-0:feature/overseerr ahuston-0:feature/onboarding-kubernetes

74 Commits
feature/ov ... hotfix/zfs

Author SHA1 Message Date
ahuston-0
3e094a0a4f fix ordering on postResumeCommands 
ZFS moved import from postDeviceCommands to postResumeCommands and now
my key import doesnt work :(

Signed-off-by: ahuston-0 <aliceghuston@gmail.com>
 2024-10-20 18:38:40 -04:00
ahuston-0
f024f7e49a enable ADB on artemision 
Signed-off-by: ahuston-0 <aliceghuston@gmail.com>
 2024-10-19 16:17:31 -04:00
ahuston-0
5a6975bfd8 update flake lock 2024-10-15 01:45:58 -04:00
ahuston-0
cff3cd30dd update flake lock 2024-10-12 14:53:25 -04:00
ahuston-0
8c1762a28d update flake lock 2024-10-10 13:57:03 -04:00
ahuston-0
30291209bd flip back to unstable, fix kernel warning 2024-10-08 23:39:17 -04:00
ahuston-0
a34e4e2485 add gh 2024-10-03 23:02:22 -04:00
ahuston-0
588ea886ac add zathura 2024-10-03 23:02:22 -04:00
ahuston-0
38b05e905c fix psk -> pskRaw 2024-09-20 14:11:45 -04:00
ahuston-0
46fcbccdd8 test patch 2024-09-20 09:52:50 -04:00
ahuston-0
b43144cc17 update flake 2024-09-15 15:11:04 -04:00
ahuston-0
a575773145 add manual update script 2024-09-09 19:52:52 -04:00
ahuston-0
3b48708e15 remove bitwarden-rofi 2024-09-09 19:52:30 -04:00
ahuston-0
6bdb3fac83 remove bitwarden-rofi 2024-09-09 19:50:47 -04:00
ahuston-0
8bfe103cc1 fix inputs 2024-09-09 19:49:56 -04:00
ahuston-0
a86bec551a update flake lock 2024-09-09 19:49:33 -04:00
ahuston-0
6e23a0b499 update flake lock 2024-09-06 12:06:42 -04:00
ahuston-0
9ce801e144 finish gpg rotation 2024-09-05 02:11:06 -04:00
ahuston-0
4e7ff1e02e update signing key in git 2024-09-05 02:04:28 -04:00
ahuston-0
92c47c6f31 cycle gpg keys 2024-09-05 02:04:27 -04:00
ahuston-0
6784cfe871 revert previous update 2024-09-05 02:03:52 -04:00
ahuston-0
f2bc6ad584 revert previous update 2024-09-05 02:03:35 -04:00
ahuston-0
0d9752b738 add onefetch 2024-09-05 01:30:33 -04:00
ahuston-0
cda8f4abd4 fix networking warning on palatine-hill 2024-09-05 01:29:48 -04:00
ahuston-0
945674b284 update flake, remove grapejuice, remove system_tools 
also temporarily removes hydra jobs
 2024-09-05 01:28:01 -04:00
ahuston-0
81caeef4f0 zsh changes, k8s, disable cache 2024-09-05 01:19:07 -04:00
ahuston-0
b62c64796f disable kub_net 
Signed-off-by: ahuston-0 <aliceghuston@gmail.com>
 2024-08-24 01:56:58 -04:00
ahuston-0
56c5deceb9 update flake lock 
Signed-off-by: ahuston-0 <aliceghuston@gmail.com>
 2024-08-24 01:54:33 -04:00
ahuston-0
ce7ced5b6e duplicate value cleanup 
Signed-off-by: ahuston-0 <aliceghuston@gmail.com>
 2024-08-24 01:53:50 -04:00
ahuston-0
d230b39dd3 fix attic-watch-store (refactor) 
Signed-off-by: ahuston-0 <aliceghuston@gmail.com>
 2024-08-24 01:34:41 -04:00
ahuston-0
94f0d55d85 refactoring woop 
Signed-off-by: ahuston-0 <aliceghuston@gmail.com>
 2024-08-24 01:34:05 -04:00
ahuston-0
df83fa864c fix ref to firewall 
Signed-off-by: ahuston-0 <aliceghuston@gmail.com>
 2024-08-24 01:16:09 -04:00
ahuston-0
72c617619c little firewalls everywhere 
Signed-off-by: ahuston-0 <aliceghuston@gmail.com>
 2024-08-24 01:07:27 -04:00
ahuston-0
d140f77246 remove attic 
Signed-off-by: ahuston-0 <aliceghuston@gmail.com>
 2024-08-24 00:53:43 -04:00
ahuston-0
164e86468d import all the keys 
Signed-off-by: ahuston-0 <aliceghuston@gmail.com>
 2024-08-24 00:48:40 -04:00
ahuston-0
12555ebc3a and palatine-hill is booting! 
Signed-off-by: ahuston-0 <aliceghuston@gmail.com>
 2024-08-24 00:34:09 -04:00
ahuston-0
f780780523 remove richie machines 2024-08-22 10:09:10 -04:00
ahuston-0
6402e70d23 add bitwarden-rofi 2024-08-22 10:08:28 -04:00
ahuston-0
384964759c lvm stage 1, bwmenu 2024-08-22 09:35:39 -04:00
ahuston-0
0db3f9b6d1 enable lvm in stage 1 2024-08-22 03:04:31 -04:00
ahuston-0
31542edb86 fix uuid 2024-08-22 02:41:08 -04:00
ahuston-0
15b4ae0a39 add bwm 2024-08-22 02:40:56 -04:00
ahuston-0
e3d18ef142 fix hardware 2024-08-22 01:37:20 -04:00
ahuston-0
b43e9054fb move to luks 2024-08-22 01:21:49 -04:00
ahuston-0
b03e1ea9c2 sops rotation 2024-08-22 00:54:52 -04:00
ahuston-0
ab6af4eae3 palatine-hill revamp 2024-08-22 00:50:54 -04:00
ahuston-0
83a4fa2e67 remove richie from palatine-hill 2024-08-22 00:48:36 -04:00
ahuston-0
cadfdc62ab reduce number of keys 2024-08-22 00:47:02 -04:00
ahuston-0
080a382242 add wifi, remove richie pub key, disable auto-pull/update 2024-08-21 18:59:20 -04:00
ahuston-0
d07bc4ea19 remove richie 2024-08-20 20:13:59 -04:00
ahuston-0
4e489a8145 rotate 2024-08-20 19:17:08 -04:00
ahuston-0
44839aece5 add a yubikey module 2024-08-14 16:35:35 +00:00
Richie Cahill
9f722be8c9 adding pacage and updating vscode seting 2024-08-12 22:44:55 +00:00
Richie Cahill
0bbb592ff5 adding integrations to homeassistant 2024-08-12 22:40:56 +00:00
Richie Cahill
4c1465811a fixed typo in sync_mirror ExecStart 2024-08-12 00:27:23 +00:00
Richie Cahill
69f9a5a820 adding homeassistant to tmmworkshop.com 2024-08-11 23:20:47 +00:00
Richie Cahill
b514504178 adding ioit vlan to jeeves-jr 2024-08-11 23:20:47 +00:00
Richie Cahill
73448e7949 adding overseerr to haproxy 2024-08-11 23:20:28 +00:00
Richie Cahill
a5dfa34fa4 missed a server_tools reference 2024-08-11 16:13:49 +00:00
Richie Cahill
d3d397f930 renaming server_tools to system_tools 2024-08-11 15:29:23 +00:00
Richie Cahill
db9c636678 adding palatine-hill to ssh config 2024-08-11 13:35:56 +00:00
Richie Cahill
b25f3c2f32 removed useDHCP from jeeves-jr 2024-08-11 03:15:57 +00:00
Richie Cahill
95547074ef jeeves conversion 2024-08-11 03:15:57 +00:00
Richie Cahill
bc44ead6f3 jeeves-jr conversion 2024-08-11 03:15:57 +00:00
Richie Cahill
622317ca46 moving overseerr to internal.nix 2024-08-10 00:54:26 +00:00
ahuston-0
fde746b94d update params based on recent docker changes 
Signed-off-by: ahuston-0 <aliceghuston@gmail.com>
 2024-08-10 00:54:26 +00:00
ahuston-0
2bfc7e6320 formatting 
Signed-off-by: ahuston-0 <aliceghuston@gmail.com>
 2024-08-10 00:54:26 +00:00
ahuston-0
9e0591a695 fix ports 
Signed-off-by: ahuston-0 <aliceghuston@gmail.com>
 2024-08-10 00:54:26 +00:00
ahuston-0
74d814147a move overseerr to web 
Signed-off-by: ahuston-0 <aliceghuston@gmail.com>
 2024-08-10 00:54:26 +00:00
ahuston-0
a772dcba03 add comment for overseerr port 
Signed-off-by: ahuston-0 <aliceghuston@gmail.com>
 2024-08-10 00:54:26 +00:00
ahuston-0
1be01f2f9d add overseerr container 
Signed-off-by: ahuston-0 <aliceghuston@gmail.com>
 2024-08-10 00:54:26 +00:00
ahuston-0
2581d0162f update statix 2024-08-10 00:23:17 +00:00
ahuston-0
ba20cdffe3 removes cinnamon namespace from packages, as per recent nix warning. 
Closes #274

Signed-off-by: ahuston-0 <aliceghuston@gmail.com>
 2024-08-10 00:21:27 +00:00
ahuston-0
50d8a60b50 removes several unneeded flake inputs 2024-08-10 00:21:06 +00:00
112 changed files with 695 additions and 3583 deletions
Expand all files Collapse all files

49
.sops.yaml
View File

@ -1,7 +1,6 @@
keys:
# The PGP keys in keys/
- &admin_alice F63832C3080D6E1AC77EECF80B4245FFE305BC82
- &admin_richie 29F5017C95D9E60B1B1E8407072B0E0B8312DFE3
- &admin_alice 5EFFB75F7C9B74EAA5C4637547940175096C1330
# Generate AGE keys from SSH keys with:
# ssh-keygen -A
@ -9,20 +8,11 @@ keys:
# cspell:disable
- &artemision age1jd2dcpykagz20kpk2kkchte3augqncwfn6nywursx0dkfyze6feqdzxkq2
- &artemision-home age1t29a6z6cfy8m3cnc8uva0ey833vhcppue8psyumts7mtyf0zufcqvfshuc
- &bob age13jg97cvy63fzd2ccthcwvfyyxzw5vmwun8s0afq5l4xm0mhl6pjqhne063
- &jeeves age128ehc0ssgwnuv4r8ayfyu7r80e82xrkmv63g7h9y9q4mhk4w9dyqfymc2w
- &jeeves-jr age1lffr5f5nz0nrenv3ekgy27e8sztsx4gfp3hfymkz77mqaa5a4gts0ncrrh
- &palatine-hill age1z8q02wdp0a2ep5uuffgfeqlfam4ztl95frhw5qhnn6knn0rrmcnqk5evej
- &rhapsody-in-green age1c7adjulcrma0m7l5ur8efxdjzyskrqcwssfkt77a9rmma7gzss5q02pgmy
#- &palatine-hill age1z8q02wdp0a2ep5uuffgfeqlfam4ztl95frhw5qhnn6knn0rrmcnqk5evej
- &palatine-hill age1qw5k8h72k3fjg5gmlxx8q8gwlc2k6n6u08d8hdzpm2pk9r0fnfxsmw33nh
# cspell:enable
admins: &admins
- *admin_alice
- *admin_richie
servers: &servers
- *jeeves
- *jeeves-jr
- *palatine-hill
# add new users by executing: sops users/<user>/secrets.yaml
@ -31,38 +21,19 @@ servers: &servers
# update keys by executing: sops updatekeys secrets.yaml
# note: add .* before \.yaml if you'd like to use the mergetool config
creation_rules:
- path_regex: systems/jeeves/secrets\.yaml$
key_groups:
- pgp: *admins
age:
- *jeeves
- path_regex: systems/jeeves-jr/secrets\.yaml$
key_groups:
- pgp: *admins
age:
- *jeeves-jr
- path_regex: users/alice/secrets.*\.yaml$
key_groups:
- pgp:
- *admin_alice
age:
- *palatine-hill
- *jeeves
- *jeeves-jr
- *artemision
- *artemision-home
- path_regex: systems/palatine-hill/secrets.*\.yaml$
key_groups:
- pgp: *admins
age:
- *palatine-hill
- path_regex: systems/palatine-hill/keys/zfs-.*-key$
key_groups:
- pgp: *admins
- pgp:
- *admin_alice
age:
- *palatine-hill
@ -73,13 +44,3 @@ creation_rules:
age:
- *artemision
- path_regex: users/richie/secrets\.yaml$
key_groups:
- pgp:
- *admin_richie
age:
- *palatine-hill
- *jeeves
- *jeeves-jr
- *rhapsody-in-green
- *bob

10
.vscode/settings.json vendored
View File

@ -8,6 +8,7 @@
"acpid",
"adbusers",
"ahci",
"aioesphomeapi",
"alicehuston",
"alsa",
"amdgpu",
@ -66,6 +67,7 @@
"enableemail",
"errorlens",
"esbenp",
"esphome",
"extest",
"fastforwardteam",
"FASTFOX",
@ -90,6 +92,7 @@
"gamescope",
"globalprivacycontrol",
"gparted",
"gtts",
"healthreport",
"hexeditor",
"hicolor",
@ -104,7 +107,9 @@
"hyprland",
"hyprwm",
"INITDB",
"ioit",
"iperf",
"isal",
"jmgilman",
"jnoortheen",
"jobset",
@ -165,6 +170,7 @@
"optimumwifi",
"optoutstudies",
"overscroll",
"overseerr",
"oxalica",
"pavucontrol",
"pbmode",
@ -182,11 +188,13 @@
"PRIVOXY",
"prowlarr",
"proxychains",
"prusa",
"psycopg",
"PUID",
"pulseaudio",
"punycode",
"pylance",
"pymetno",
"qbit",
"qbittorrent",
"qbittorrentvpn",
@ -224,6 +232,7 @@
"sponsorblock",
"spotifyd",
"sqltools",
"ssdp",
"sshconfig",
"stdenv",
"subresource",
@ -270,6 +279,7 @@
"xhci",
"xwayland",
"yzhang",
"zeroconf",
"zerotier",
"zerotierone",
"zhaofengli",

505
flake.lock generated
View File

@ -1,35 +1,13 @@
{
"nodes": {
"arch_mirror": {
"inputs": {
"flake-utils": "flake-utils",
"nixpkgs": [
"nixpkgs"
],
"poetry2nix": "poetry2nix"
},
"locked": {
"lastModified": 1722708775,
"narHash": "sha256-z+8+fB0/8G9ScnDmgHKzR6BMxuTiK8mu0HDdp2y0dqQ=",
"owner": "RichieCahill",
"repo": "arch_mirror",
"rev": "ce97f5f7e7382f6cb36e464c0f18a3177396990d",
"type": "github"
},
"original": {
"owner": "RichieCahill",
"repo": "arch_mirror",
"type": "github"
}
},
"attic": {
"inputs": {
"crane": "crane",
"flake-compat": [
"flake-compat"
],
"flake-utils": [
"flake-utils"
"flake-parts": [
"flake-parts"
],
"nixpkgs": [
"nixpkgs"
@ -39,11 +17,11 @@
]
},
"locked": {
"lastModified": 1722472866,
"narHash": "sha256-GJIz4M5HDB948Ex/8cPvbkrNzl/eKUE7/c21JBu4lb8=",
"lastModified": 1728577371,
"narHash": "sha256-f3bKclEV5t1eP1OH7kTGv/tLzlToSRIe0ktkdl1jihw=",
"owner": "zhaofengli",
"repo": "attic",
"rev": "e127acbf9a71ebc0c26bc8e28346822e0a6e16ba",
"rev": "e5c8d2d50981a34602358d917e7be011b2c397a8",
"type": "github"
},
"original": {
@ -60,11 +38,11 @@
]
},
"locked": {
"lastModified": 1717025063,
"narHash": "sha256-dIubLa56W9sNNz0e8jGxrX3CAkPXsq7snuFA/Ie6dn8=",
"lastModified": 1722960479,
"narHash": "sha256-NhCkJJQhD5GUib8zN9JrmYGMwt4lCRp6ZVNzIiYCl0Y=",
"owner": "ipetkov",
"repo": "crane",
"rev": "480dff0be03dac0e51a8dfc26e882b0d123a450e",
"rev": "4c6c77920b8d44cd6660c1621dea6b3fc4b4c4f4",
"type": "github"
},
"original": {
@ -73,27 +51,6 @@
"type": "github"
}
},
"fenix": {
"inputs": {
"nixpkgs": [
"nixpkgs"
],
"rust-analyzer-src": "rust-analyzer-src"
},
"locked": {
"lastModified": 1722925878,
"narHash": "sha256-/wuVEbsqQnaNAYKqe/7CXm8cQXMAfsQYg9Mtkm2Aetg=",
"owner": "nix-community",
"repo": "fenix",
"rev": "aefb786b6a2924f684ba9ecd8fcad4628b214ffe",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "fenix",
"type": "github"
}
},
"firefox-addons": {
"inputs": {
"flake-utils": [
@ -105,11 +62,11 @@
},
"locked": {
"dir": "pkgs/firefox-addons",
"lastModified": 1722917006,
"narHash": "sha256-29qBs5HlcegrLP8oQe8T9hHx7u94TEz9ivPwZlorAJU=",
"lastModified": 1728965006,
"narHash": "sha256-TXBxJMGC6P+cn5La/lIgVzb9ETutsOI3A3urHihB7FA=",
"owner": "rycee",
"repo": "nur-expressions",
"rev": "8552abe55a4f364d94efb84502a550c2c9c3101c",
"rev": "f4947cf2d1a469b23fee54ad948c539f6aa431a7",
"type": "gitlab"
},
"original": {
@ -138,11 +95,11 @@
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
"lastModified": 1722555600,
"narHash": "sha256-XOQkdLafnb/p9ij77byFQjDf5m5QYl9b2REiVClC+x4=",
"lastModified": 1727826117,
"narHash": "sha256-K5ZLCyfO/Zj9mPFldf3iwS6oZStJcU4tSpiXTMYaaL0=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "8471fe90ad337a8074e957b69ca4d0089218391d",
"rev": "3d04084d54bedc3d6b8b736c70ef449225c361b1",
"type": "github"
},
"original": {
@ -152,35 +109,17 @@
}
},
"flake-utils": {
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1710146030,
"narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_2": {
"inputs": {
"systems": [
"systems"
]
},
"locked": {
"lastModified": 1710146030,
"narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
"lastModified": 1726560853,
"narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
"rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a",
"type": "github"
},
"original": {
@ -217,11 +156,11 @@
]
},
"locked": {
"lastModified": 1722936497,
"narHash": "sha256-UBst8PkhY0kqTgdKiR8MtTBt4c1XmjJoOV11efjsC/o=",
"lastModified": 1728903686,
"narHash": "sha256-ZHFrGNWDDriZ4m8CA/5kDa250SG1LiiLPApv1p/JF0o=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "a6c743980e23f4cef6c2a377f9ffab506568413a",
"rev": "e1aec543f5caf643ca0d94b6a633101942fd065f",
"type": "github"
},
"original": {
@ -237,11 +176,11 @@
]
},
"locked": {
"lastModified": 1722636442,
"narHash": "sha256-+7IS0n3/F0I5j6ZbrVlLcIIPHY3o+/vLAqg/G48sG+w=",
"lastModified": 1725551787,
"narHash": "sha256-6LgsZHz8w3g4c9bRUwRAR+WIMwFGGf3P1VZQcKNRf2o=",
"owner": "hyprwm",
"repo": "contrib",
"rev": "9d67858b437d4a1299be496d371b66fc0d3e01f6",
"rev": "1e531dc49ad36c88b45bf836081a7a2c8927e072",
"type": "github"
},
"original": {
@ -250,100 +189,6 @@
"type": "github"
}
},
"libgit2": {
"flake": false,
"locked": {
"lastModified": 1715853528,
"narHash": "sha256-J2rCxTecyLbbDdsyBWn9w7r3pbKRMkI9E7RvRgAqBdY=",
"owner": "libgit2",
"repo": "libgit2",
"rev": "36f7e21ad757a3dacc58cf7944329da6bc1d6e96",
"type": "github"
},
"original": {
"owner": "libgit2",
"ref": "v1.8.1",
"repo": "libgit2",
"type": "github"
}
},
"nix": {
"inputs": {
"flake-compat": [
"flake-compat"
],
"flake-parts": [
"flake-parts"
],
"git-hooks-nix": [
"pre-commit-hooks"
],
"libgit2": "libgit2",
"nixpkgs": [
"nixpkgs"
],
"nixpkgs-23-11": "nixpkgs-23-11",
"nixpkgs-regression": "nixpkgs-regression"
},
"locked": {
"lastModified": 1722501671,
"narHash": "sha256-3yFEvUDPB7GlCMI9I5VV+HXMVOT38h3lnw01nIXU2F4=",
"owner": "NixOS",
"repo": "nix",
"rev": "0a167ffd1f57864ce042d83f9d1f17ef5126c442",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "latest-release",
"repo": "nix",
"type": "github"
}
},
"nix-github-actions": {
"inputs": {
"nixpkgs": [
"arch_mirror",
"poetry2nix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1703863825,
"narHash": "sha256-rXwqjtwiGKJheXB43ybM8NwWB8rO2dSRrEqes0S7F5Y=",
"owner": "nix-community",
"repo": "nix-github-actions",
"rev": "5163432afc817cf8bd1f031418d1869e4c9d5547",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nix-github-actions",
"type": "github"
}
},
"nix-github-actions_2": {
"inputs": {
"nixpkgs": [
"server_tools",
"poetry2nix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1703863825,
"narHash": "sha256-rXwqjtwiGKJheXB43ybM8NwWB8rO2dSRrEqes0S7F5Y=",
"owner": "nix-community",
"repo": "nix-github-actions",
"rev": "5163432afc817cf8bd1f031418d1869e4c9d5547",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nix-github-actions",
"type": "github"
}
},
"nix-index-database": {
"inputs": {
"nixpkgs": [
@ -351,11 +196,11 @@
]
},
"locked": {
"lastModified": 1722740924,
"narHash": "sha256-UQPgA5d8azLZuDHZMPmvDszhuKF1Ek89SrTRtqsQ4Ss=",
"lastModified": 1728790083,
"narHash": "sha256-grMdAd4KSU6uPqsfLzA1B/3pb9GtGI9o8qb0qFzEU/Y=",
"owner": "Mic92",
"repo": "nix-index-database",
"rev": "97ca0a0fca0391de835f57e44f369a283e37890f",
"rev": "5c54c33aa04df5dd4b0984b7eb861d1981009b22",
"type": "github"
},
"original": {
@ -366,11 +211,11 @@
},
"nixlib": {
"locked": {
"lastModified": 1722732880,
"narHash": "sha256-do2Mfm3T6SR7a5A804RhjQ+JTsF5hk4JTPGjCTRM/m8=",
"lastModified": 1728781282,
"narHash": "sha256-hUP9oxmnOmNnKcDOf5Y55HQ+NnoT0+bLWHLQWLLw9Ks=",
"owner": "nix-community",
"repo": "nixpkgs.lib",
"rev": "8bebd4c74f368aacb047f0141db09ec6b339733c",
"rev": "16340f605f4e8e5cf07fd74dcbe692eee2d4f51b",
"type": "github"
},
"original": {
@ -387,11 +232,11 @@
]
},
"locked": {
"lastModified": 1722819251,
"narHash": "sha256-f99it92NQSZsrZ8AYbiwAUfrtb/ZpZRqUsl4q6rMA5s=",
"lastModified": 1728867876,
"narHash": "sha256-NCyOA8WZNoojmXH+kBDrQj3LwvakYNzSc0h+LTXkmPE=",
"owner": "nix-community",
"repo": "nixos-generators",
"rev": "c8c3a20b8191819219dba1af79388aa6d555f634",
"rev": "fdf142111597f6c6283cf5ffe092b6293a3911d0",
"type": "github"
},
"original": {
@ -402,11 +247,11 @@
},
"nixos-hardware": {
"locked": {
"lastModified": 1722332872,
"narHash": "sha256-2xLM4sc5QBfi0U/AANJAW21Bj4ZX479MHPMPkB+eKBU=",
"lastModified": 1728729581,
"narHash": "sha256-oazkQ/z7r43YkDLLQdMg8oIB3CwWNb+2ZrYOxtLEWTQ=",
"owner": "NixOS",
"repo": "nixos-hardware",
"rev": "14c333162ba53c02853add87a0000cbd7aa230c2",
"rev": "a8dd1b21995964b115b1e3ec639dd6ce24ab9806",
"type": "github"
},
"original": {
@ -426,11 +271,11 @@
"search": "search"
},
"locked": {
"lastModified": 1722894082,
"narHash": "sha256-TEJNZ/8er454mMv+YyLjWpz3yTPuSi6Nq+Tg0N8E80M=",
"lastModified": 1728919967,
"narHash": "sha256-zQl8z8iagvrekF4tFK1au7mGH8x0zoGppo6geLPioQk=",
"owner": "SuperSandro2000",
"repo": "nixos-modules",
"rev": "b871b68e76b092dfbc6fad38a8ebea99893be498",
"rev": "1aba521c9cd2cd97490846ac83fd73ae84625c8a",
"type": "github"
},
"original": {
@ -441,11 +286,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1722813957,
"narHash": "sha256-IAoYyYnED7P8zrBFMnmp7ydaJfwTnwcnqxUElC1I26Y=",
"lastModified": 1728492678,
"narHash": "sha256-9UTxR8eukdg+XZeHgxW5hQA9fIKHsKCdOIUycTryeVw=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "cb9a96f23c491c081b38eab96d22fa958043c9fa",
"rev": "5633bcff0c6162b9e4b5f1264264611e950c8ec7",
"type": "github"
},
"original": {
@ -455,57 +300,25 @@
"type": "github"
}
},
"nixpkgs-23-11": {
"locked": {
"lastModified": 1717159533,
"narHash": "sha256-oamiKNfr2MS6yH64rUn99mIZjc45nGJlj9eGth/3Xuw=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "a62e6edd6d5e1fa0329b8653c801147986f8d446",
"type": "github"
},
"original": {
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "a62e6edd6d5e1fa0329b8653c801147986f8d446",
"type": "github"
}
},
"nixpkgs-lib": {
"locked": {
"lastModified": 1722555339,
"narHash": "sha256-uFf2QeW7eAHlYXuDktm9c25OxOyCoUOQmh5SZ9amE5Q=",
"lastModified": 1727825735,
"narHash": "sha256-0xHYkMkeLVQAMa7gvkddbPqpxph+hDzdu1XdGPJR+Os=",
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/a5d394176e64ab29c852d03346c1fc9b0b7d33eb.tar.gz"
"url": "https://github.com/NixOS/nixpkgs/archive/fb192fec7cc7a4c26d51779e9bab07ce6fa5597a.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/a5d394176e64ab29c852d03346c1fc9b0b7d33eb.tar.gz"
}
},
"nixpkgs-regression": {
"locked": {
"lastModified": 1643052045,
"narHash": "sha256-uGJ0VXIhWKGXxkeNnq4TvV3CIOkUJ3PAoLZ3HMzNVMw=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2",
"type": "github"
},
"original": {
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2",
"type": "github"
"url": "https://github.com/NixOS/nixpkgs/archive/fb192fec7cc7a4c26d51779e9bab07ce6fa5597a.tar.gz"
}
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1722869614,
"narHash": "sha256-7ojM1KSk3mzutD7SkrdSflHXEujPvW1u7QuqWoTLXQU=",
"lastModified": 1728740863,
"narHash": "sha256-u+rxA79a0lyhG+u+oPBRtTDtzz8kvkc9a6SWSt9ekVc=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "883180e6550c1723395a3a342f830bfc5c371f6b",
"rev": "a3f9ad65a0bf298ed5847629a57808b97e6e8077",
"type": "github"
},
"original": {
@ -515,62 +328,6 @@
"type": "github"
}
},
"poetry2nix": {
"inputs": {
"flake-utils": [
"arch_mirror",
"flake-utils"
],
"nix-github-actions": "nix-github-actions",
"nixpkgs": [
"arch_mirror",
"nixpkgs"
],
"systems": "systems_2",
"treefmt-nix": "treefmt-nix"
},
"locked": {
"lastModified": 1722515463,
"narHash": "sha256-6FVPz1WzHak65xJQg8tRjVyFEWMesGxfskKaCxDUnRk=",
"owner": "nix-community",
"repo": "poetry2nix",
"rev": "8c25e871bba3f472e1569bbf6c0f52dcc34bf2a4",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "poetry2nix",
"type": "github"
}
},
"poetry2nix_2": {
"inputs": {
"flake-utils": [
"server_tools",
"flake-utils"
],
"nix-github-actions": "nix-github-actions_2",
"nixpkgs": [
"server_tools",
"nixpkgs"
],
"systems": "systems_3",
"treefmt-nix": "treefmt-nix_2"
},
"locked": {
"lastModified": 1721039874,
"narHash": "sha256-XANsG9GYHip8pxZpbqKf/YGv8tIa0xTh289Y+WNBNfw=",
"owner": "nix-community",
"repo": "poetry2nix",
"rev": "d11c01e58587e5f21037ed6477465a7f26a32e27",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "poetry2nix",
"type": "github"
}
},
"pre-commit-hooks": {
"inputs": {
"flake-compat": [
@ -585,11 +342,11 @@
]
},
"locked": {
"lastModified": 1722857853,
"narHash": "sha256-3Zx53oz/MSIyevuWO/SumxABkrIvojnB7g9cimxkhiE=",
"lastModified": 1728778939,
"narHash": "sha256-WybK5E3hpGxtCYtBwpRj1E9JoiVxe+8kX83snTNaFHE=",
"owner": "cachix",
"repo": "git-hooks.nix",
"rev": "06939f6b7ec4d4f465bf3132a05367cccbbf64da",
"rev": "ff68f91754be6f3427e4986d7949e6273659be1d",
"type": "github"
},
"original": {
@ -600,16 +357,13 @@
},
"root": {
"inputs": {
"arch_mirror": "arch_mirror",
"attic": "attic",
"fenix": "fenix",
"firefox-addons": "firefox-addons",
"flake-compat": "flake-compat",
"flake-parts": "flake-parts",
"flake-utils": "flake-utils_2",
"flake-utils": "flake-utils",
"home-manager": "home-manager",
"hyprland-contrib": "hyprland-contrib",
"nix": "nix",
"nix-index-database": "nix-index-database",
"nixos-generators": "nixos-generators",
"nixos-hardware": "nixos-hardware",
@ -618,29 +372,11 @@
"nixpkgs-stable": "nixpkgs-stable",
"pre-commit-hooks": "pre-commit-hooks",
"rust-overlay": "rust-overlay",
"server_tools": "server_tools",
"sops-nix": "sops-nix",
"systems": "systems_4",
"systems": "systems",
"wired-notify": "wired-notify"
}
},
"rust-analyzer-src": {
"flake": false,
"locked": {
"lastModified": 1722868550,
"narHash": "sha256-Z708uZsfcP6IprVtw1AwjN0zjUX5+6lbneYiin58umc=",
"owner": "rust-lang",
"repo": "rust-analyzer",
"rev": "4a99d795d06970accb46bd594f473999818b2fa8",
"type": "github"
},
"original": {
"owner": "rust-lang",
"ref": "nightly",
"repo": "rust-analyzer",
"type": "github"
}
},
"rust-overlay": {
"inputs": {
"nixpkgs": [
@ -648,11 +384,11 @@
]
},
"locked": {
"lastModified": 1722910815,
"narHash": "sha256-v6Vk/xlABhw2QzOa6xh3Jx/IvmlbKbOazFM+bDFQlWU=",
"lastModified": 1728959392,
"narHash": "sha256-fp4he1QQjE+vasDMspZYeXrwTm9otwEqLwEN6FKZ5v0=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "7df2ac544c203d21b63aac23bfaec7f9b919a733",
"rev": "4c6e317300f05b8871f585b826b6f583e7dc4a9b",
"type": "github"
},
"original": {
@ -673,11 +409,11 @@
]
},
"locked": {
"lastModified": 1722493084,
"narHash": "sha256-ktjl908zZKWcGdMyz6kX1kHSg7LFFGPYBvTi9FgQleM=",
"lastModified": 1728423244,
"narHash": "sha256-+YwNsyIFj3dXyLVQd1ry4pCNmtOpbceKUrkNS8wp9Ho=",
"owner": "nuschtos",
"repo": "search",
"rev": "3f5abffa5f28b4ac3c9212c81c5e8d2d22876071",
"rev": "f276cc3b391493ba3a8b30170776860f9520b7fa",
"type": "github"
},
"original": {
@ -686,30 +422,6 @@
"type": "github"
}
},
"server_tools": {
"inputs": {
"flake-utils": [
"flake-utils"
],
"nixpkgs": [
"nixpkgs"
],
"poetry2nix": "poetry2nix_2"
},
"locked": {
"lastModified": 1722726877,
"narHash": "sha256-VEfypyflLdxL3hjtURbpfRv9dyc3Z/CvvZ76bAad8l8=",
"owner": "RAD-Development",
"repo": "server_tools",
"rev": "16f24eddcb117c5560582c42c120ba84360c7f1f",
"type": "github"
},
"original": {
"owner": "RAD-Development",
"repo": "server_tools",
"type": "github"
}
},
"sops-nix": {
"inputs": {
"nixpkgs": [
@ -720,11 +432,11 @@
]
},
"locked": {
"lastModified": 1722897572,
"narHash": "sha256-3m/iyyjCdRBF8xyehf59QlckIcmShyTesymSb+N4Ap4=",
"lastModified": 1728345710,
"narHash": "sha256-lpunY1+bf90ts+sA2/FgxVNIegPDKCpEoWwOPu4ITTQ=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "8ae477955dfd9cbf5fa4eb82a8db8ddbb94e79d9",
"rev": "06535d0e3d0201e6a8080dd32dbfde339b94f01b",
"type": "github"
},
"original": {
@ -748,93 +460,6 @@
"type": "github"
}
},
"systems_2": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"id": "systems",
"type": "indirect"
}
},
"systems_3": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"id": "systems",
"type": "indirect"
}
},
"systems_4": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"treefmt-nix": {
"inputs": {
"nixpkgs": [
"arch_mirror",
"poetry2nix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1719749022,
"narHash": "sha256-ddPKHcqaKCIFSFc/cvxS14goUhCOAwsM1PbMr0ZtHMg=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "8df5ff62195d4e67e2264df0b7f5e8c9995fd0bd",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
},
"treefmt-nix_2": {
"inputs": {
"nixpkgs": [
"server_tools",
"poetry2nix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1719749022,
"narHash": "sha256-ddPKHcqaKCIFSFc/cvxS14goUhCOAwsM1PbMr0ZtHMg=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "8df5ff62195d4e67e2264df0b7f5e8c9995fd0bd",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
},
"wired-notify": {
"inputs": {
"flake-parts": [
@ -848,11 +473,11 @@
]
},
"locked": {
"lastModified": 1721535277,
"narHash": "sha256-A6qIy2n3aomj5XooUmqz0s3G/A44Y3+GoFrGxIOolIM=",
"lastModified": 1727849733,
"narHash": "sha256-mqxs/nyzOEKiBHa94OtcOLYBXd65P8tO4DUVTHWHn6o=",
"owner": "Toqozz",
"repo": "wired-notify",
"rev": "d079126c43f22179650f3d4c59f580c5993b9217",
"rev": "a1f6965737754e7424f9468f6befef885a9ee0ad",
"type": "github"
},
"original": {

41
flake.nix
View File

@ -1,10 +1,9 @@
{
description = "NixOS configuration for RAD-Development Servers";
description = "NixOS configuration for my machines";
nixConfig = {
substituters = [
"https://cache.nixos.org/?priority=1&want-mass-query=true"
"https://attic.alicehuston.xyz/cache-nix-dot?priority=4&want-mass-query=true"
"https://nix-community.cachix.org/?priority=10&want-mass-query=true"
];
trusted-substituters = [
@ -14,8 +13,6 @@
];
trusted-public-keys = [
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
"cache.alicehuston.xyz:SJAm8HJVTWUjwcTTLAoi/5E1gUOJ0GWum2suPPv7CUo=%"
"cache-nix-dot:Od9KN34LXc6Lu7y1ozzV1kIXZa8coClozgth/SYE7dU="
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
];
trusted-users = [ "root" ];
@ -29,26 +26,16 @@
nixpkgs-stable.url = "github:nixos/nixpkgs/nixos-24.05";
systems.url = "github:nix-systems/default";
arch_mirror = {
url = "github:RichieCahill/arch_mirror";
inputs.nixpkgs.follows = "nixpkgs";
};
attic = {
url = "github:zhaofengli/attic";
inputs = {
nixpkgs.follows = "nixpkgs";
nixpkgs-stable.follows = "nixpkgs-stable";
flake-compat.follows = "flake-compat";
flake-utils.follows = "flake-utils";
flake-parts.follows = "flake-parts";
};
};
fenix = {
url = "github:nix-community/fenix";
inputs.nixpkgs.follows = "nixpkgs";
};
firefox-addons = {
url = "gitlab:rycee/nur-expressions?dir=pkgs/firefox-addons";
inputs = {
@ -72,20 +59,11 @@
inputs.nixpkgs.follows = "nixpkgs";
};
nix = {
url = "github:NixOS/nix/latest-release";
inputs = {
nixpkgs.follows = "nixpkgs";
flake-compat.follows = "flake-compat";
flake-parts.follows = "flake-parts";
git-hooks-nix.follows = "pre-commit-hooks";
};
};
nix-index-database = {
url = "github:Mic92/nix-index-database";
inputs.nixpkgs.follows = "nixpkgs";
};
nixos-generators = {
url = "github:nix-community/nixos-generators";
inputs.nixpkgs.follows = "nixpkgs";
@ -123,14 +101,6 @@
};
};
server_tools = {
url = "github:RAD-Development/server_tools";
inputs = {
nixpkgs.follows = "nixpkgs";
flake-utils.follows = "flake-utils";
};
};
wired-notify = {
url = "github:Toqozz/wired-notify";
inputs = {
@ -169,10 +139,10 @@
rec {
inherit lib; # for allowing use of custom functions in nix repl
hydraJobs = import ./hydra/jobs.nix { inherit inputs outputs systems; };
#hydraJobs = import ./hydra/jobs.nix { inherit inputs outputs systems; };
formatter = forEachSystem (system: nixpkgs.legacyPackages.${system}.nixfmt-rfc-style);
nixosConfigurations = genSystems inputs src (src + "/systems");
nixosConfigurations = genSystems inputs outputs src (src + "/systems");
images = {
install-iso = getImages nixosConfigurations "install-iso";
iso = getImages nixosConfigurations "iso";
@ -181,5 +151,6 @@
checks = import ./checks.nix { inherit inputs forEachSystem formatter; };
devShells = import ./shell.nix { inherit inputs forEachSystem checks; };
};
}

67
keys/richie.asc
View File

@ -1,67 +0,0 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBGQ4gGgBEAC2s0Q4nQ5aTlpTg4u/Hl9gq56IAGoUW9wlgEoStHXyA1WziY2s
1pt45l4Q6kORswXoXv0ULTWBQAGponjY3l+HNm+B0XMr6EogjV/EP/UCyEi8zpqs
PaoJiB95s8rTsh+E7GzWR8KDhazOrGFY+QQOsTWEhLF8jkISd9aC05pf+WnKyxLC
wFjNFXRWUgPKyKPWIUd3SJP2IH6rSSkp7SMCAUiteQx2c43thnr4c/wcfGANKbFO
PhYrkTJKSqt38NoFtNB/Eo/MaVwdEnTMmeovF9sA2s0SLat8+FngSEcIXvL5UpA4
K73+lOQUROWFju7LrIyOhksSZXyQvP+64PxfpbtHadH6wQ4Ckz0GYIYnDQ1q66dh
OKQq9efIlxb7ky47qXRMY8u6d2d4bceLM4a24lYajZ70HZTEF4hy5KCMd8DAmAzU
WLCkaz6SQVDsme60jH3Mavd18B8HZ1d5Vi75hNaylMRtq7o6IA60NnVXh07U+Zto
n8QOze0JqO/GaM7FzfijfsW670j//FSu5wUGnBYprBz7SFh2nCy/XPZYThtHtPbI
YeESs8WZtqkfs4RpmMkOKcTLNiTFXIsCqHIhR8lDnJl+skEMxg7L8FF2txph4ssU
BZ6dAbFy8KsH+2Sr2qfK0yHOVs37ymv+/WaxC0d+QpLAupRhzL+s2kIYGQARAQAB
tB9SaWNoaWUgPFJpY2hpZUB0bW13b3Jrc2hvcC5jb20+iQJOBBMBCAA4FiEEKfUB
fJXZ5gsbHoQHBysOC4MS3+MFAmQ4gGgCGwMFCwkIBwIGFQoJCAsCBBYCAwECHgEC
F4AACgkQBysOC4MS3+PnKA//YUDZbuaas5MIWRqZsh02GEXVX4n727JP4iqZU4R0
Cndq7KCl+8XJ9RqmpRZab1FhEj/DQZYisKvloMvBop4q1XLLkabaQF5NsbDvIQG6
5TgbeSUmVWP6JS4Ka05FKIEwjKFS6ogbd1tscVs50zFWW+veewWMwwQF1mw+N5wx
LsnHRDIBPOj8Z+p07fyYlP2RMtqdjUqHOtDBiAvbFaXd1huEHd6H2bhnVLaxsJUf
EEGu92ND0GgW2tDrJIL+bNhZfsnHZEZPyruLZXcwW0JIyLf+sgob/iY0duDH1JDS
ty5tS3ke9O3Q56mPogHP7jlMwtVHzQQPlviVtNvYhRamb5hUDc9Qu9uXNM0HOWdg
MI5KE1xbdjz1OmymakfcfbVcSz1vu3k4XpqChiKt+psw8BnHGcguPchetkroCJcM
OLwnCoKH3TFxZfaZQGPDhHCGU484Nj1M/wHo9RcoWtrPWz+Y7W0U+47EdmGM1Vpl
9hIoXqjEWENz6Ph5DD0vxMptQPrRfmtLiJsWxAJRS9MH+ZWXxjJ2byKXiEHdR7la
Xgj8ejtzaZB04Ow9+zptFH6nwTygGGodcRkYYFtYSS7C46aihvMRLj68uHB2yC2b
zYutMtU6eregDaWiAeGycZcanGnU36JDifjaCF84oty6a3EpfdGCc9KkHk1Is+sR
TVe5Ag0EZDiAaAEQANy3ekveJexjqdhWmGjqF1rp90uWYJeVwg0Dlc621SNEzrfu
suC1BEHC2xdZz85yPbfdUPThAn/AmaMYlNIvzXmsGJdfIIsL7ZT+K6K+9ClbFhR8
eIZZjhpSOMwLEfNroyZPcOwEua9bSr3mwU+i2ED+dCKcxG4/wAtmeK2PNOz0t0/F
umLHW9Zk8YZBVSq7sGZ77TBi7GHOVzR/3wWy0qXgVMSQXtmOoDCmd1B1pD/BOkBA
2iI4spRLiDPW3XVDeAGydYPPEIXtFax7ZCs4BhjT4witJ2110fddrAh6e48yU4Hn
ca5F+QD6hVvUgHmdM/9GMqYf2mMC8tqNQf33Ib148zIhtQN5OtDz/sce5Xj8rk0j
HUuZ3E0jViK72ZRnZD46CyIc99ZcLCAhsHZDaMTEDfWX8ToQzA+Ahyth0RMykwhX
6NPKvOw2VqRK+j6iyYvtDXLmcsR890dzHDJLfrJWCJ0scpeWFvlLkVhQaT3NEqEK
oUENBFf8zxfTQ7BksyV2ESTwu5xqfYeJ1g1FoTfL30+/W0003K7hoPQuU3ebj3wY
3mMrG0hgo0iM9wHk83WWt+fDYj09yptGWAgBQNOpRR/0EbwEd74C3UxZQtUmxwPz
YW2g1GWyEgtA76UJ00TuQHBGklcKtY0IbHKwjn7NwHbYWu67R7Le3+cj3LOVABEB
AAGJAjYEGAEIACAWIQQp9QF8ldnmCxsehAcHKw4LgxLf4wUCZDiAaAIbDAAKCRAH
Kw4LgxLf462sEACDweQr1ik35sbw3qlPn3b/d2UYBK+r8G3Pk1RhNra2rFtkRY8Y
rEAlFeYOCBplsyg8swIClPjKpqIEehMV4X2E0N6WpyPzuOgNP4OPAmJngUYM9uxr
kcVhYubgp2Hcxk5TkbvHIc31P5ItCl7UUYC3bXf32K5GVeOAxsZBS6elwdxlFteY
WKjkwoZklPPfce4ctG/phy8dnn+pFMFnyisFFp81R2P+ztdSDLm/U27d8g9cjcWK
mhZtGox4zf7250p+gIUnlnBdtXIWBaUFidha5qql0/iSsMrhu2m12XaLc5HiubYY
RNIHcCRitG0Qc/pWVjZAD/bqOTl4/M1AeN7qZ/8Y1II1tCdBZ1MGinKS/3aGjTn5
RzvYrQeP7YTInyah7MpUTYoxI+VHHeD7hTy/y0GPZBtZ24B/s3ICuMemejILeI8M
aHj8FmBSXJ3dD8195QyONuQB5hNB3qGhc995KsDK3leCwJc3+MFLZPaEZnB+f+uo
+pdngVsKH2IAVOtJN+QULmuEFmiEGRAghJwxfA4M92Bn0jSa9KMyTsM41b3zdSVU
ipnn9FVX7RemSdF/z2SXAczwMLwVjai4j8b/U9O3oc0wrDF4QgrKKKIESlID/0Jf
QLwhRYHy03r2yENO9lEeTBaSF94HsN1UjrZtzpGx6QTGBohA2RrztXkosLgzBGWP
FicWCSsGAQQB2kcPAQEHQBlJ0lXDQnpcV7nR/MWPifi0WVTDPe0njjVIHNq/Z/xI
iQKtBBgBCAAgFiEEKfUBfJXZ5gsbHoQHBysOC4MS3+MFAmWPFicCGwIAgQkQBysO
C4MS3+N2IAQZFgoAHRYhBAA/2xaaamErUuSen5+R1096JyceBQJljxYnAAoJEJ+R
1096Jycejy0A/2BmBatOihlxnO1G0U5qy3eiFkzmYKhm9WEW+w461hjuAP40cTMS
xgnpUzUrsEs6+3Om7TLAa0VAqYLjA8NTVJs6AiPGEACuGgYn4uBzeXGLgHHUmLsY
25rOajs/zAZnQkMz1epMKJDZ658cIDKyjJ6mLkkBwHwARrMhb38AEphXgyuAtHMN
mEPRzABZutleW33KCk6zzVLyYVFBDWEI7hIFdNfJcJjXsDX0oGKB/oT5vlU25YgN
cBAC7q9PGfq/XkeFOz9j3UOXMuzTKmtrX28IiSPqk+IkzeL35otzrG1wsUPLDLRS
nlmwtnP4oQ50cUvTiDesk3QqPQn+2wPYakMydq7bvUcv/jakCADJq8Lsg4AmUxpQ
bZNj2Zu/j8g+0KYUTriuQpZHf+mjVoNzwxiDKobMvKNzyNrZwMnZhAcDnCXSHpZL
KnBcQGpsOjZicA9HodVRdU80DM46MSsncxAN+jwdHUOtCtONP059kF8JegwyevFS
1hY/6ZTMETtKckWbs2gMTEK48SXF3EQ2jMq8lbD9SccuEi6R19R5qiLwQBgUHawT
PcirlASclpR2zjLH1/MovxMFykCUUaQgGH0TjCe5X95Y7QdVgw6ocHkSFUsLN8V1
L3UfOIobFFW6EuRg5urKpljoi20dYsAyorqye9q825RyuWa5oLDtqXshCuOzLy6O
BgnM2FIvUpxAFmlXlC9eG8bUChfqEakio68Iwl6LUQouDR9gprWcookZV716YBVC
/IKQxyKTQK+nas4pfaUhYw==
=in5n
-----END PGP PUBLIC KEY BLOCK-----

17
lib/systems.nix
View File

@ -149,6 +149,7 @@ rec {
configPath,
hostname,
inputs,
outputs,
src,
users,
home ? true,
@ -160,7 +161,12 @@ rec {
lib.nixosSystem {
inherit system;
specialArgs = {
inherit inputs server system;
inherit
inputs
outputs
server
system
;
};
modules =
[
@ -194,7 +200,7 @@ rec {
# type:
# genSystems :: AttrSet -> Path -> Path -> AttrSet
genSystems =
inputs: src: path:
inputs: outputs: src: path:
builtins.listToAttrs (
map (
name:
@ -205,7 +211,12 @@ rec {
inherit name;
value = constructSystem (
{
inherit inputs src configPath;
inherit
inputs
outputs
src
configPath
;
hostname = name;
}
// import configPath { inherit inputs; }

5
modules/base.nix
View File

@ -1,6 +1,7 @@
{
lib,
inputs,
outputs,
server,
system,
...
@ -26,10 +27,12 @@
useUserPackages = true;
sharedModules = [ inputs.sops-nix.homeManagerModules.sops ];
extraSpecialArgs = {
inherit inputs;
inherit inputs outputs;
machineConfig = {
inherit server system;
};
};
};
networking.firewall.enable = lib.mkDefault true;
}

3
modules/boot.nix
View File

@ -2,6 +2,7 @@
config,
lib,
libS,
pkgs,
...
}:
@ -34,7 +35,7 @@ in
config.boot = lib.mkIf cfg.default {
supportedFilesystems = [ cfg.filesystem ];
tmp.useTmpfs = true;
kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages;
kernelPackages = pkgs.linuxPackages_6_10;
kernelParams =
[ "nordrand" ]
++ lib.optional (cfg.cpuType == "amd") "kvm-amd"

2
modules/kub_net.nix
View File

@ -6,7 +6,7 @@ in
options = {
services.rad-dev.k3s-net = {
enable = lib.mkOption {
default = true;
default = false;
example = true;
description = "Whether to enable k3s-net.";
type = lib.types.bool;

4
modules/nix.nix
View File

@ -13,19 +13,15 @@
connect-timeout = 20;
substituters = [
"https://cache.nixos.org/?priority=1&want-mass-query=true"
"https://attic.alicehuston.xyz/cache-nix-dot?priority=4&want-mass-query=true"
"https://nix-community.cachix.org/?priority=10&want-mass-query=true"
];
trusted-substituters = [
"https://cache.nixos.org"
"https://attic.alicehuston.xyz/cache-nix-dot"
"https://nix-community.cachix.org"
];
trusted-public-keys = [
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
"cache.alicehuston.xyz:SJAm8HJVTWUjwcTTLAoi/5E1gUOJ0GWum2suPPv7CUo=%"
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
"cache-nix-dot:Od9KN34LXc6Lu7y1ozzV1kIXZa8coClozgth/SYE7dU="
];
trusted-users = [
"root"

1
modules/openssh.nix
View File

@ -2,6 +2,7 @@
{
services.openssh = {
enable = lib.mkDefault true;
openFirewall = lib.mkDefault true;
fixPermissions = true;
extraConfig = "StreamLocalBindUnlink yes";

6
modules/update.nix
View File

@ -1,16 +1,16 @@
{ lib, ... }:
{
services.autopull = {
enable = lib.mkDefault true;
enable = lib.mkDefault false;
repo.dotfiles = {
enable = lib.mkDefault true;
enable = lib.mkDefault false;
ssh-key = lib.mkDefault "/root/.ssh/id_ed25519_ghdeploy";
path = lib.mkDefault /root/dotfiles;
};
};
system.autoUpgrade = {
enable = lib.mkDefault true;
enable = lib.mkDefault false;
flags = [ "--accept-flake-config" ];
randomizedDelaySec = "1h";
persistent = true;

24
modules/yubikey.nix Normal file
View File

@ -0,0 +1,24 @@
{
config,
lib,
pkgs,
...
}:
let
cfg = config.services.rad-dev.yubikey;
in
{
options = {
services.rad-dev.yubikey = {
enable = lib.mkEnableOption "enable yubikey defaults";
enable-desktop-app = lib.mkEnableOption "installs desktop application";
};
};
config = lib.mkIf cfg.enable {
# enable the smart card daemon for certain yubikey operations
services.pcscd.enable = true;
environment.systemPackages = lib.optionals cfg.enable-desktop-app [ pkgs.yubioath-flutter ];
};
}

70
pkgs/bitwarden-rofi/default.nix Normal file
View File

@ -0,0 +1,70 @@
# source: https://github.com/kylesferrazza/nix/blob/288edcd1d34884b9b7083c6d718fbe10febe0623/overlay/bitwarden-rofi.nix
# TODO https://github.com/mattydebie/bitwarden-rofi/issues/34
{
stdenv,
lib,
fetchFromGitHub,
makeWrapper,
unixtools,
xsel,
xclip,
wl-clipboard,
xdotool,
ydotool,
bitwarden-cli,
rofi,
jq,
keyutils,
libnotify,
}:
let
bins = [
jq
bitwarden-cli
unixtools.getopt
rofi
xsel
xclip
wl-clipboard
xdotool
ydotool
keyutils
libnotify
];
in
stdenv.mkDerivation {
pname = "bitwarden-rofi";
version = "git-2024-08-22";
src = fetchFromGitHub {
owner = "mattydebie";
repo = "bitwarden-rofi";
rev = "8be76fdd647c2bdee064e52603331d8e6ed5e8e2";
sha256 = "1h5d21kv8g5g725chn3n0i1frvmsrk3pm67lfxqcg50kympg0wwd";
};
buildInputs = [ makeWrapper ];
installPhase = ''
mkdir -p "$out/bin"
install -Dm755 "bwmenu" "$out/bin/bwmenu"
install -Dm755 "lib-bwmenu" "$out/bin/lib-bwmenu" # TODO don't put this in bin
install -Dm755 -d "$out/usr/share/doc/bitwarden-rofi"
install -Dm755 -d "$out/usr/share/doc/bitwarden-rofi/img"
install -Dm644 "README.md" "$out/usr/share/doc/bitwarden-rofi/README.md"
install -Dm644 img/* "$out/usr/share/doc/bitwarden-rofi/img/"
wrapProgram "$out/bin/bwmenu" --prefix PATH : ${lib.makeBinPath bins}
'';
meta = with lib; {
description = "Wrapper for Bitwarden and Rofi";
homepage = "https://github.com/mattydebie/bitwarden-rofi";
license = licenses.gpl3;
platforms = platforms.linux;
};
}

2
statix.toml
View File

@ -1,4 +1,4 @@
disabled = ["empty_pattern"]
nix_version = '2.4'
nix_version = '2.23'
ignore = ['.direnv']

8
systems/artemision/configuration.nix
View File

@ -70,7 +70,7 @@
}) { inherit (pkgs) system; }).fwupd;
};
fprintd.enable = true;
fprintd.enable = lib.mkForce false;
openssh.enable = lib.mkForce false;
spotifyd = {
@ -84,6 +84,10 @@
};
#systemd.services.spotifyd.serviceConfig = systemd.services.spotifyd.
};
rad-dev.yubikey = {
enable = true;
enable-desktop-app = true;
};
};
users.users.alice.extraGroups = [ "calibre-web" ];
@ -91,6 +95,8 @@
system.autoUpgrade.enable = false;
system.stateVersion = "24.05";
programs.adb.enable = true;
sops = {
defaultSopsFile = ./secrets.yaml;
secrets = {

41
systems/artemision/desktop.nix
View File

@ -3,9 +3,28 @@
{
# installs hyprland, and its dependencies
programs.hyprland = {
enable = true;
xwayland.enable = true;
programs = {
hyprland = {
enable = true;
xwayland.enable = true;
};
gnupg.agent = {
enable = true;
#pinentryPackage = pkgs.pinentry-rofi;
pinentryPackage = pkgs.pinentry-gnome3;
#settings = {
# keyserver-options = "auto-key-retrieve";
# auto-key-locate = "hkps://keys.openpgp.org";
# keyserver = "hkps://keys.openpgp.org";
#keyserver = "hkp://pgp.mit.edu";
# "na.pool.sks-keyservers.net"
# "ipv4.pool.sks-keyservers.net"
# "p80.pool.sks-keyservers.net"
# ];
#};
};
ydotool.enable = true;
};
# Optional, hint electron apps to use wayland:
environment.sessionVariables.NIXOS_OZONE_WL = "1";
@ -35,22 +54,6 @@
};
};
programs.gnupg.agent = {
enable = true;
#pinentryPackage = pkgs.pinentry-rofi;
pinentryPackage = pkgs.pinentry-gnome3;
#settings = {
# keyserver-options = "auto-key-retrieve";
# auto-key-locate = "hkps://keys.openpgp.org";
# keyserver = "hkps://keys.openpgp.org";
#keyserver = "hkp://pgp.mit.edu";
# "na.pool.sks-keyservers.net"
# "ipv4.pool.sks-keyservers.net"
# "p80.pool.sks-keyservers.net"
# ];
#};
};
environment.systemPackages = with pkgs; [
libsForQt5.qt5.qtwayland
qt6.qtwayland

7
systems/artemision/hardware.nix
View File

@ -20,6 +20,9 @@
"usb_storage"
"usbhid"
"sd_mod"
"ip_vs"
"ip_vs_rr"
"nf_conntrack"
];
initrd.kernelModules = [
"dm-snapshot"
@ -52,7 +55,6 @@
options = [
"noatime"
"nodiratime"
"discard"
];
};
@ -62,7 +64,6 @@
options = [
"noatime"
"nodiratime"
"discard"
];
};
@ -72,7 +73,6 @@
options = [
"noatime"
"nodiratime"
"discard"
];
};
@ -82,7 +82,6 @@
options = [
"noatime"
"nodiratime"
"discard"
];
};
};

11
systems/artemision/programs.nix
View File

@ -12,7 +12,7 @@
calibre
# calibre dedrm?
candy-icons
cinnamon.nemo-with-extensions
nemo-with-extensions
croc
deadnix
direnv
@ -29,7 +29,6 @@
glances
gpu-viewer
grim
headsetcontrol
htop
hwloc
ipmiview
@ -37,11 +36,15 @@
ipscan
jp2a
jq
kdenlive
kitty
kubectl
kubernetes-helm
libtool
lsof
lynis
masterpdfeditor4
minikube
mons
# nbt explorer?
ncdu
@ -53,6 +56,7 @@
nix-tree
nixpkgs-fmt
nmap
obs-studio
ocrmypdf
pciutils
#disabled until wxpython compat with python3.12
@ -70,6 +74,7 @@
# signal in tray?
siji
simple-mtpfs
skaffold
slack
slurp
smartmontools
@ -93,7 +98,7 @@
wget
wl-clipboard
xboxdrv
yubioath-flutter
yt-dlp
zoom-us
zoxide
zoom

40
systems/artemision/secrets.yaml
View File

@ -10,7 +10,7 @@ example_booleans:
- ENC[AES256_GCM,data:gEvfi+Q=,iv:0DrXoZk8OkdUShc7WAKOL8xG26RFZp3M3qYFAb1hDAs=,tag:uemBrdF87nrfLpfnQ8bD8g==,type:bool]
apps:
spotify: ENC[AES256_GCM,data:bp1pdOfS+VGWLtepUjg7KFWw8Fk=,iv:twGO3CjzRxAU81C93mX8qIEZ/FYIQRJnMd2HIuvP9q8=,tag:AJgs0QGFH30E8+ZpaB02TQ==,type:str]
wifi-env: ENC[AES256_GCM,data:NGI090aVGojJ7+lvcknJfZBQKb0b/tUrd2AqEl5IWQWCJdqqaO4pCrs3C+IW06/pz9FWgMxx9tPu32xmMZaPnnlLD+XyVJ71L2P22U6YufRPRfvyv6swOlihscOZ5tsFFYShjXpow0PfmYS+tP9mYLb2RYFLGQmvI4fa4LaVjuwPXAMg3RN/gVXR6bMEpd/7OIr+tIxC5sTE7V7fIbyzcn4=,iv:VbtgvwMHo1iLuTKCA7KjEXC1d1MY4aHfmXI6yuCGZVI=,tag:dGmw+icLKL9dJQExy83m1A==,type:str]
wifi-env: ENC[AES256_GCM,data:6+fHf25fx/PuutOXhMZqx2JVVSDTW7fQU8XOCc2vyUpg7HiRpOKFu5PIZoJQexvJoBNNciiQkju17+xuxnQ48dsRgsdS+wfH86Af55MfqDjG1el/htEOER9f9sTpMwGjIKD1zalkMp7oX17UlIqiCQg7HfcZFb8T4eHzu9w48umiC3WpwlKLykF5W600gYbXx1E1FjwgCwxJ1zRmBTXoz6WHvQ==,iv:DmUyn3/Q7jwqHrK7wSCqIRO1jJsOHNbmG6a/l1YdMmQ=,tag:S3CtTdFyn2Lg5nGlHVU66g==,type:str]
#ENC[AES256_GCM,data:pC2Kdy7wNc0=,iv:J7Ggfv6K3dCzL42j5MGd+BjQGseoAoYs4k6+yc3FSiA=,tag:9MriduP9SEIi+c1q4tfzlQ==,type:comment]
sops:
kms: []
@ -21,34 +21,26 @@ sops:
- recipient: age1jd2dcpykagz20kpk2kkchte3augqncwfn6nywursx0dkfyze6feqdzxkq2
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBRZUNHeDdqaGt0QnFIejdM
MU5uaDNiN2xOeVlZNzQyZXZ0R2NYUU83ZWxrCmNDL3J6ZjNmejBuUXk3cldwZUEz
UWVqMTVPelN1MTJDNzc0UU9XNWkralUKLS0tIDU2b053Uk5VZGlWUk9XMXZ5Wllk
UlhhNzNjTHdVaXlPOFJhc0EyZGh3RDQK1c7nctmrorze4Kr0Grmcmx3N/UYXPwJc
FfClOoGxO+4ZDtxG61SDU1UdYae4loQ8roM8jDIPFMfoEum2bT8oXw==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGZC9aczBZekVGMVRBYlFV
MUpDZFFPRTIzL1hpR25vd2pjZzJnRE12TkhRCjdiV3VxVnJpL2l2OU1rNVE3K2kv
akF1UFNtdDFYdUNIMjVwWitOUDJ1UUEKLS0tIFJkSGU1MC90ZlM0TXJOeWlWTnJT
RFVEMjg4bjd4SUF2SjVWZVNDWlpiR1EKmWM9G8/vb1+GX4zGiIj/So4apfi3wzyp
yGi0T3fen3jzfU38xFZ25Tn0pDTQaSG7PkVKQn9YBJ4pGb9JDPfTjw==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-08-03T02:45:15Z"
mac: ENC[AES256_GCM,data:PsEeb2leFb500YYHg+5YHwGVHKUPB7qVqaJY66hnkmCa5MKAZkHqSgtVvh+Ai4fN9E+WFtjlso2a4oasQMNwVXsmt54+q1/Mz5zF2D/1nvaNL76fEod2YXp2jlGxNniyPfRaZXDu+QQLhoz2PBoe6OQ9E5WRDV88j7gksy6GePw=,iv:H7Q9fbvdgh+NZNyyupByQETWsgpXVXn0blQV1Ww7eQM=,tag:cpWykzgH9/mWTKxmEDZ9PA==,type:str]
lastmodified: "2024-09-20T13:52:31Z"
mac: ENC[AES256_GCM,data:IT/GEdJtQHSjzVRdIBIRq1y0Lby4k6gGVDfeg3/bjdDNWkPCnGOc5Uerz3TJ95M3oKMgFiQW2Sa4m/8QX9qhtVfH7gleMhJbzkz1DGKozoCxqWX71BBfiwcAuLG1fzDwfpT4DcRK1ppfC/9kMZ3g7r9Ug6EceXUKXP3uaUgfNjg=,iv:WpEhLffmICyR7bbe0cnT9fjqyL59gVxumz/lsE3oBfU=,tag:k0GSSZeQC9bJ1TWRwhaGQA==,type:str]
pgp:
- created_at: "2024-03-23T05:46:35Z"
- created_at: "2024-09-05T06:10:45Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA84hNUGIgI/nAQ/+IwyPDjs/jDCBlnYFboHh6TXx8ulysESst4hz5crM4L0u
wylKyfEIBx0eLy0mLLA4DhcpYza0Nry5RLdwDNfimhATErfQxnwqlZ6RnYKnh3Hk
93L66+BEKPd3EZOH+RC/wb0qiTDmU0yna8jtVO0uU7s6//hm/g7bdmQAK0YIJLcb
sd83n99R4oHVrq7iFc74/AV5isW9GcfmvLI94eodFpaE1dpqm4KzNpLueDCOvA/1
vPo5Lgtp9WM4FhXUqMiplCNqMIt+Hyj3F+p+9jgQ2dLfHuVkI8pzd47gOHyMDYPy
fn6SVKZtOyfNDwhs7L5piiarSXISBGtx36ISDvtvtr/vgMydTdvILIOo9pkSGVtN
4W7+ywMaFjfAeShTVtUJNJqmp/8agt2WtaUX4kPPha4SxlNSOMpeTQ31bs89gBtc
g2325afL2WPK4NSAOmU8VMXqmFc2A10aFlx5nsfT4S1wkoNbitTWgoAcCa7kGRPW
xZca225cwLUzkggv74cfYT3YnQL40AMSOMqSRS8pbTFEENG1BtsB5A++Jji2i4tO
xoGIL8LRCEfiHpTC7eBwDDVmKb5StgKsXs6yYbQG5XW2W+/Jgum64Sb7+LviQ9Mq
WHNiu5MZPeKyHFu9jI9Ne1HpYJnb7/X9AxFw2e/vFwVn+kjaXcH/PhsYuPUyqkzS
XgG3tFbcgNtMWyoLU2EL1Qvwq1pHVrwmeNXHidESx23HeJtnIwoKkdopl4qqqNle
uQYP89bvb6zFWlqOSwLORZmj1W1wVTYV9eXplDbJob8agBKIcIuhtwri5e96gf4=
=XdJo
hF4DQWNzDMjrP2ISAQdAVPGTjbrJcO6UTQ9bYOqiVqJMehxGkfNMtgnQQL36mQsw
CznpGVos/aNWRKmt0nkfjHuI0y71foFWt7BB/acKspE5YUu831wgrRbB8TyN69DK
1GgBCQIQjanvxCPgcaSWLqw2oXXPzTJ1PRJc2UA4kayYIzvOUP9QBoEruDki0GVi
5n+ZiGGtvx7bihZ1WeJiHcOArPr3xrrrPv6nuAxP05HbSRYhaAU79eOTT1p7MtSO
A0BHgVYuL00FHg==
=Luz2
-----END PGP MESSAGE-----
fp: F63832C3080D6E1AC77EECF80B4245FFE305BC82
fp: 5EFFB75F7C9B74EAA5C4637547940175096C1330
unencrypted_suffix: _unencrypted
version: 3.9.0

19
systems/artemision/wifi.nix
View File

@ -6,25 +6,26 @@ in
{
networking.wireless = {
enable = true;
environmentFile = config.sops.secrets."wifi-env".path;
secretsFile = config.sops.secrets."wifi-env".path;
userControlled.enable = true;
networks = {
"taetaethegae-2.0" = {
psk = "@PASS_taetaethegae_20@";
pskRaw = "ext:PASS_taetaethegae_20";
priority = home;
};
"k" = {
psk = "@PASS_k@";
pskRaw = "ext:PASS_k";
priority = always;
};
"Bloomfield".psk = "@PASS_bloomfield@";
"9872441500".psk = "@PASS_longboat_home@";
"9872441561".psk = "@PASS_longboat_home@";
"5HuFios".psk = "@PASS_longboat_home@";
"24HuFios".psk = "@PASS_longboat_home@";
"Verizon_ZLHQ3H".psk = "@PASS_angie@";
"Bloomfield".pskRaw = "ext:PASS_bloomfield";
"9872441500".pskRaw = "ext:PASS_longboat_home";
"9872441561".pskRaw = "ext:PASS_longboat_home";
"5HuFios".pskRaw = "ext:PASS_longboat_home";
"24HuFios".pskRaw = "ext:PASS_longboat_home";
"Verizon_ZLHQ3H".pskRaw = "ext:PASS_angie";
"optimumwifi" = { };
"CableWiFi" = { };
"JPMCVisitor" = { };
};
};

106
systems/bob/configuration.nix
View File

@ -1,106 +0,0 @@
{
imports = [
../../users/richie/global/desktop.nix
../../users/richie/global/ssh.nix
../../users/richie/global/syncthing_base.nix
../../users/richie/global/zerotier.nix
./hardware.nix
./nvidia.nix
./steam.nix
];
boot = {
useSystemdBoot = true;
default = true;
};
networking = {
networkmanager.enable = true;
hostId = "9ab3b18e";
};
hardware = {
pulseaudio.enable = false;
bluetooth = {
enable = true;
powerOnBoot = true;
};
};
security.rtkit.enable = true;
services = {
autopull.enable = false;
displayManager.sddm.enable = true;
openssh.ports = [ 262 ];
printing.enable = true;
pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
};
rad-dev.k3s-net.enable = false;
syncthing.settings.folders = {
"notes" = {
id = "l62ul-lpweo"; # cspell:disable-line
path = "/home/richie/notes";
devices = [
"phone"
"jeeves"
"rhapsody-in-green"
];
fsWatcherEnabled = true;
};
"books" = {
id = "6uppx-vadmy"; # cspell:disable-line
path = "/home/richie/books";
devices = [
"phone"
"jeeves"
"rhapsody-in-green"
];
fsWatcherEnabled = true;
};
"important" = {
id = "4ckma-gtshs"; # cspell:disable-line
path = "/home/richie/important";
devices = [
"phone"
"jeeves"
"rhapsody-in-green"
];
fsWatcherEnabled = true;
};
"music" = {
id = "vprc5-3azqc"; # cspell:disable-line
path = "/home/richie/music";
devices = [
"phone"
"jeeves"
"rhapsody-in-green"
];
fsWatcherEnabled = true;
};
"projects" = {
id = "vyma6-lqqrz"; # cspell:disable-line
path = "/home/richie/projects";
devices = [
"jeeves"
"rhapsody-in-green"
];
fsWatcherEnabled = true;
};
};
};
system.autoUpgrade.enable = false;
system.stateVersion = "23.11";
}

8
systems/bob/default.nix
View File

@ -1,8 +0,0 @@
{ ... }:
{
users = [ "richie" ];
system = "x86_64-linux";
home = true;
sops = true;
server = false;
}

66
systems/bob/hardware.nix
View File

@ -1,66 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
modulesPath,
...
}:
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot = {
initrd = {
availableKernelModules = [
"nvme"
"xhci_pci"
"ahci"
"usb_storage"
"sd_mod"
];
kernelModules = [ ];
luks.devices = {
"luks-rpool-nvme-Samsung_SSD_970_EVO_Plus_1TB_S6S1NS0T617615W-part2".device = "/dev/disk/by-id/nvme-Samsung_SSD_970_EVO_Plus_1TB_S6S1NS0T617615W-part2";
};
};
kernelModules = [ "kvm-amd" ];
extraModulePackages = [ ];
};
fileSystems = {
"/" = lib.mkDefault {
device = "rpool/root";
fsType = "zfs";
};
"/home" = {
device = "rpool/home";
fsType = "zfs";
};
"/boot" = {
device = "/dev/disk/by-uuid/8AE6-270D";
fsType = "vfat";
options = [
"fmask=0077"
"dmask=0077"
];
};
};
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.eno1.useDHCP = lib.mkDefault true;
# networking.interfaces.enp5s0.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp11s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

13
systems/bob/nvidia.nix
View File

@ -1,13 +0,0 @@
{ config, ... }:
{
services.xserver.videoDrivers = [ "nvidia" ];
hardware = {
nvidia = {
modesetting.enable = true;
powerManagement.enable = true;
package = config.boot.kernelPackages.nvidiaPackages.production;
nvidiaSettings = true;
};
nvidia-container-toolkit.enable = true;
};
}

15
systems/bob/steam.nix
View File

@ -1,15 +0,0 @@
{ pkgs, ... }:
{
environment.systemPackages = [ pkgs.steam-run ];
hardware.steam-hardware.enable = true;
programs = {
steam = {
enable = true;
remotePlay.openFirewall = true;
localNetworkGameTransfers.openFirewall = true;
extraCompatPackages = with pkgs; [ proton-ge-bin ];
extest.enable = true;
};
};
}

29
systems/jeeves-jr/arch_mirror.nix
View File

@ -1,29 +0,0 @@
{ inputs, pkgs, ... }:
let
vars = import ./vars.nix;
in
{
virtualisation.oci-containers.containers.arch_mirror = {
image = "ubuntu/apache2:latest";
volumes = [
"${../../users/richie/global/docker_templates}/file_server/sites/:/etc/apache2/sites-enabled/"
"${vars.main_mirror}:/data"
];
ports = [ "800:80" ];
extraOptions = [ "--network=web" ];
autoStart = true;
};
systemd.services.sync_mirror = {
requires = [ "network-online.target" ];
after = [ "network-online.target" ];
wantedBy = [ "multi-user.target" ];
description = "validates startup";
path = [ pkgs.rsync ];
serviceConfig = {
Environment = "MIRROR_DIR=${vars.main_mirror}/archlinux/";
Type = "simple";
ExecStart = "${inputs.arch_mirror.packages.x86_64-linux.default}/bin/sync_mirror";
};
};
}

68
systems/jeeves-jr/configuration.nix
View File

@ -1,68 +0,0 @@
{ pkgs, ... }:
{
imports = [
../../users/richie/global/ssh.nix
../../users/richie/global/zerotier.nix
./arch_mirror.nix
./docker
./home_assistant.nix
./services.nix
];
networking = {
hostId = "1beb3026";
firewall.enable = false;
};
boot = {
zfs.extraPools = [ "Main" ];
filesystem = "zfs";
useSystemdBoot = true;
};
environment = {
systemPackages = with pkgs; [ docker-compose ];
etc = {
# Creates /etc/lynis/custom.prf
"lynis/custom.prf" = {
text = ''
skip-test=BANN-7126
skip-test=BANN-7130
skip-test=DEB-0520
skip-test=DEB-0810
skip-test=FIRE-4513
skip-test=HRDN-7222
skip-test=KRNL-5820
skip-test=LOGG-2190
skip-test=LYNIS
skip-test=TOOL-5002
'';
mode = "0440";
};
};
};
services = {
nfs.server.enable = true;
openssh.ports = [ 352 ];
smartd.enable = true;
sysstat.enable = true;
usbguard = {
enable = true;
rules = ''
allow id 1532:0241
'';
};
zfs = {
trim.enable = true;
autoScrub.enable = true;
};
};
system.stateVersion = "23.05";
}

7
systems/jeeves-jr/default.nix
View File

@ -1,7 +0,0 @@
{ ... }:
{
users = [
"alice"
"richie"
];
}

11
systems/jeeves-jr/docker/default.nix
View File

@ -1,11 +0,0 @@
{ lib, ... }:
{
imports =
let
files = builtins.attrNames (builtins.readDir ./.);
nixFiles = builtins.filter (name: lib.hasSuffix ".nix" name && name != "default.nix") files;
in
map (file: ./. + "/${file}") nixFiles;
virtualisation.oci-containers.backend = "docker";
}

40
systems/jeeves-jr/docker/haproxy.cfg
View File

@ -1,40 +0,0 @@
global
log stdout format raw local0
defaults
log global
mode http
retries 3
maxconn 2000
timeout connect 5s
timeout client 50s
timeout server 50s
timeout http-request 10s
timeout http-keep-alive 2s
timeout queue 5s
timeout tunnel 2m
timeout client-fin 1s
timeout server-fin 1s
#Application Setup
frontend ContentSwitching
bind *:80
bind *:443 ssl crt /etc/ssl/certs/cloudflare.pem
mode http
# tmmworkshop.com
acl host_mirror hdr(host) -i mirror.tmmworkshop.com jeeves
acl host_uptime_kuma hdr(host) -i uptimekuma-jeevesjr.tmmworkshop.com
use_backend mirror_nodes if host_mirror
use_backend uptime_kuma_nodes if host_uptime_kuma
# tmmworkshop.com
backend mirror_nodes
mode http
server server arch_mirror:80
backend uptime_kuma_nodes
mode http
server server uptime_kuma:3001

16
systems/jeeves-jr/docker/uptime_kuma.nix
View File

@ -1,16 +0,0 @@
let
vars = import ../vars.nix;
in
{
virtualisation.oci-containers.containers = {
uptime_kuma = {
image = "louislam/uptime-kuma:latest";
volumes = [
"${vars.main_docker_configs}/uptime_kuma:/app/data"
"/var/run/docker.sock:/var/run/docker.sock"
];
extraOptions = [ "--network=web" ];
autoStart = true;
};
};
}

41
systems/jeeves-jr/docker/web.nix
View File

@ -1,41 +0,0 @@
{ config, ... }:
{
virtualisation.oci-containers.containers = {
haproxy = {
image = "haproxy:latest";
user = "600:600";
environment = {
TZ = "Etc/EST";
};
volumes = [
"${config.sops.secrets."docker/haproxy_cert".path}:/etc/ssl/certs/cloudflare.pem"
"${./haproxy.cfg}:/usr/local/etc/haproxy/haproxy.cfg"
];
dependsOn = [
"arch_mirror"
"uptime_kuma"
];
extraOptions = [ "--network=web" ];
autoStart = true;
};
cloud_flare_tunnel = {
image = "cloudflare/cloudflared:latest";
cmd = [
"tunnel"
"run"
];
environmentFiles = [ config.sops.secrets."docker/cloud_flare_tunnel".path ];
dependsOn = [ "haproxy" ];
extraOptions = [ "--network=web" ];
autoStart = true;
};
};
sops = {
defaultSopsFile = ../secrets.yaml;
secrets = {
"docker/cloud_flare_tunnel".owner = "docker-service";
"docker/haproxy_cert".owner = "docker-service";
};
};
}

41
systems/jeeves-jr/hardware.nix
View File

@ -1,41 +0,0 @@
{
config,
lib,
modulesPath,
...
}:
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
networking.useDHCP = lib.mkDefault true;
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
swapDevices = [ { device = "/dev/disk/by-uuid/9d4ef549-d426-489d-8332-0a49589c6aed"; } ];
boot = {
kernelModules = [ "kvm-amd" ];
extraModulePackages = [ ];
initrd = {
kernelModules = [ ];
availableKernelModules = [
"xhci_pci"
"ahci"
"nvme"
"usbhid"
"usb_storage"
"sd_mod"
];
};
};
fileSystems = {
"/" = lib.mkDefault {
device = "/dev/disk/by-uuid/c59f7261-ebab-4cc9-8f1d-3f4c2e4b1971";
fsType = "ext4";
};
"/boot" = {
device = "/dev/disk/by-uuid/7295-A442";
fsType = "vfat";
};
};
}

17
systems/jeeves-jr/home_assistant.nix
View File

@ -1,17 +0,0 @@
{
services.home-assistant = {
enable = true;
openFirewall = true;
config = {
server_port = 8123;
homeassistant = {
time_zone = "America/New_York";
unit_system = "imperial";
temperature_unit = "F";
longitude = 40.74;
latitude = 74.03;
};
};
extraPackages = python3Packages: with python3Packages; [ psycopg2 ];
};
}

65
systems/jeeves-jr/secrets.yaml
View File

@ -1,65 +0,0 @@
docker:
cloud_flare_tunnel: ENC[AES256_GCM,data:E+XYu5AxS8Ew9OVIfbH5gLkMk+rZ4yT96tSGAwL4smedkddoevRnqil78LtFNYKV8Zo3MpuA8q/c4Me0KrrlSAvwJz1T2cev0dKnuTei3MHZxK7RwWYo9UMJH+aV+l343OY9nvGBj6ryTM3wKyUIoqSmOnRCAbYmhkkqN0wFO+Mxxqjw6nf5UEeeKb36k2NwlhjjnscOKe+wo3sXhjjzVXrE3IOUQJM3hWWukMElcYewVgJmstRidKiNCRMi1/UYMk/Nfhk=,iv:yFJ5SbHB3wZ0FEF0k9KrWye55ref7OqbQPd8oMLTmH4=,tag:p3K4yGR6X2+uKIj4H6rZ+g==,type:str]
haproxy_cert: ENC[AES256_GCM,data:1n2BurHeWI+j7CMQ7qk3DUl+8MgqRsgtYQ1TxJKcPXuz0YBkg6SUp95lPZv6Jo+2OIaVxCoWpiuoLp8YgtJgnZo4S9QVG2qi60sWCSf4acMRSg0hIA/pdcslogZc5LrsBOTINZCODE4mz7Bya42f+RfVfwPGT7Buz8MniW6kfT9cr3iuq+BQc6513sHhDHgZJgwdfP5x9XrwEtaBl41Db7ejGTrza9jtsHqkrD8j3Pf1XJDhACrTeB7Uqh68sjwc2giAc/2bInDayvnKFHqHaLFTUMAbCeMPOiEZSK4UaWrSMk5I5wDVu8Ya8nBostHlPOBT06gFxT13aEe3Ox3/ctBm/83BXhFfjEaYy6AbMhbp29nxUogVjMICs3FiHG3XBz7vsVxxcBvLXp1Bw3ml5Vd7ACKQPe+r1T54aIdYMoab8DhKPMqb/6TQwrhWD3je4wwOHzzQq9psE1hlB2lJsRnAsVAy9a7M5aBpj0v2pCPVjxjkGHqUUgN+w4hzPPf10A0dWiaXc3k8bWcwc1SlJwHvYxphyZEjNQAzXrAkUPcuy4+9c7LwniMdu5qoUL/oZPW5VHWgtrUO9IlAgduiEujrAW96zfz4jfM0UBqJHT58l/WHHmBM8bMsRDHTnc43uvdoU+VgjtTiFERBi+Xm5mXCqWd4d5Y5P8ozIwGho8UdLqmR9Y2nth1mrs//FIh9mZ7i7QQGHBzoR7ICRDX2ghK98J4RMfF2ph0I+nhWpoCq056xItoVZyAEWQSR4ptpAaKMX4Crd3hrK6tZmyvaTrk5IsNaf5hrS+Fw8uTYUAM+3E6kb1TJwFvUH1plkwU83iBRlboRO5d1ahESp5nifZIVz+KBStLjUVWfXnelPCkH55LVnobgk0zekoEeNLKq+Q5wOBmR28rYXVp/q+FNCgxEW+tXIswmC72jbsDxM/oMHBQnYsmEy5dTxU2X/IzmrZfWod07fRblkWRplzLGyEjsY7CquHlG119LuHcWFOUGxYm3bgn1pGnIV3cBLvbInEAPK0apqSXMBSJw0mk/ihtdx8ANidMn8nhkHVjo/Bo9orH3tJdw8l7x+Cei347CkiQZz21jHvL1qcV/EAAxBnT4c5WtOljo13ntk8RiARdye4hcUXpORIUhH8zq88RNquOkF5QjV8C/u2EaUhQYqy3Xts49v7S9I8LLzjrrfY/IDQVqlJsAgkNuwvheTlya5JoeTasscLfLt3iJ7LsbzWWqQrfn3KQJp3H4Gxh/uqak/V5ROBahHQ4KpXzsDG++XLE0o7W4BFQbrBYV99mlGzB1blmX30C8S+b8n1u+oMXfH8oY20Jm5UQcV5/JNK8WG69ihonRDXdX7fy2WGzylql2hj+3aoYYdYpFAeHVLNzj9vAIxPHzvK0JmwdynsFLo4Hpyn7KN+6L3MSACjAOc3SxY20XxjmqJSWVEM0tq4Zbe/VdhOF1L4pyIBMKQC2XwrWyturTboh86qAfyxtYzEQXGLzz585nVnwj9PLmXQw98M8JWwsFq58ZsOdQZKhN3e0aSY2opSigmXQ9ZJeCF+6KbwElOSz4pDfkZIXqZc+LCzEl5IO1CxLWCTIIfN3Gx60W3vz8QohydoCBt2FLHH3lBiAEitWxYQhsfdlFExQa1/+0WSk3wK5dEA7SPaBWKq+xtPR0yUmuT/JN4VPX+hqqkVHigk8+XfqE/H1as9JbYo92N6xBd2ZrNzhFIkMykUOT+0etVtyOdXLkxdV9lwaBX9ARPHJV7g35e52UspX335aLGE0GtCaIbHRwJuENCIixo7sbdmB9i9xSTeg+7RBQAWpuR7O6firAEKWOGBaYzDUBnqt++Q2wUuMnQBJE/9bh,iv:3FuXEQxbTvbdnBnwPxF+T8QZvQoWX/WXx3lpDBXML1k=,tag:g1Y4qY+XoSA6K/LCKbllOw==,type:str]
server-validation:
webhook: ENC[AES256_GCM,data:/6QI+KKKJkbVO7YsxcU/gnjgp9scNzqzq56wnqAU88YdYYNU7FaRifzH00RlEb9VYvNBlT0FggnZSSX1rNN5W63tLaiYFn/GVfjlUSnwrgueTVG8Sor6HtYTIfMOdPm9B7jflpECk7ByguoDlimH0J1QrcWd+Kqx772sH63bKV1GbCaYSkRHQp9QbvbO,iv:p5W/xniUe75RqJA9PtMcNRnsY4kUBeD0p6iQDLbkSSc=,tag:dh2a8/Doyznjd1hswmXMuQ==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1lffr5f5nz0nrenv3ekgy27e8sztsx4gfp3hfymkz77mqaa5a4gts0ncrrh
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2NXJJMjBjeU9XQS9YZGxQ
V1h5RlNUVTA5Mkx3M3ZobGs5WFA0NXFGakR3CnIxVk9nYU1aWkNoZ0F0WGd0ck5Q
VWpSU0ZRdENTWnFVOVNQY0Z4ems4MEUKLS0tIFVqcGJtZWRxSTZwZWhjYm56bnkr
QmcxMmhaaGZXU1VFN0pvT1VDN3hpcGsKXUlVytBrz8sUorTSHXZaOMYA5U6qUpas
ZJiHtVGxRVwCpraHWLmQTRkO6pT36cEVsfsMnFH6NLOMOvA3vLX8/g==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-07-07T23:09:51Z"
mac: ENC[AES256_GCM,data:nZPpOrOSKc+7dcbpBdZRH5FLih6o5Ii5bLWgzZ7xP/BZ36vp7ypdncE/jS0/Rz2AiOOrK0G9ovEOoL7jOMrqaUBAJNPzXTX/IdOcFrsxPL47saZKWQHqXkGXrX49nafeea7VtEvoM4qK2AiyYl2ogir+Mw304mhDIUqHhPNNvQs=,iv:ykOg2Pxpp+Sap648UZaiaRVMutWTdUXvP+Pi2cWy86g=,tag:AARw0YmjcesHLdS31i+B3g==,type:str]
pgp:
- created_at: "2024-03-23T05:49:12Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA84hNUGIgI/nARAAgcuMhO3nmxYY8KiW6AYxU2rFo2OQnpzZVtbMJB43wDQX
0UAOVmUyhGM2wd3tJgnvyfnguy6p3LfjZrXdTkTzrv5yCJVvKXhORcLisjaXLS8H
TCe9Fa4I9CvKo/yyRsRYS59niql0ocTs1Eb7cLiKuX19RIuQ7TjMPnjkdj5xXooa
kPJXfwL1SpUU3kjhuTHqWlD0m5t0RPiTpDym8fExMSvbTWyMY0BPA+qD1atMeUik
i3x2boqfoyD1GZ64Z5NrxRD0dN6TQvJLX1K1XTzanUhvfsy/PvDftCHKQc2n2Opk
btnKZa1mfiiLUQly+njSvH8ERYg27j5ACEQ0V9rtGPa3xnVYZm6Z5h0v68aqsotJ
aOzJa7/k0ZV/tBD1pT+9T2a/W9v4U+KdKKL19ebNvMtFxy50jN8SQsrTtxv5G5fA
sc+HkrcnLezFHYtGG85PfbTGsKMWpwu+4BrcmuW6dBcADZ1fZdkqgi+GcYGL2xy1
bddjuOWnzXb93t1pSIkaHcVWc6s5Atf3IB/liyNEux4kdquOHZQJi0WBi0l8GEmG
/ggJN4shRqtMqEkomaZkyZMsHnkmenusjbIlKJrwolhZSyDP8Kk5iPYXMxG21vrr
YpWHr388q8H7+ksnxYiNFXyY2cQKtOsD3UMIV8edMc/lHjTOi0BFNMHmU3WDsajS
XAGXsys00baAzcQHIS0jijU4mJQAqYL3S7FrcDGW8qhTGFpQ8ngVLvwLfqMvUn8v
LB3M5/7+Ld8xV4AZWr8mvv+7ZNNnnZzImETCLnekfvLEV9F2pTCH2Z21RPEL
=XWl7
-----END PGP MESSAGE-----
fp: F63832C3080D6E1AC77EECF80B4245FFE305BC82
- created_at: "2024-03-23T05:49:12Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA29thaGx06tOARAAoI93A3cy3V2dJo8HBIrLC2RK3SKBkPiPFjWO/Zvnv8Q0
IhfzjusX+3f8HIa3CxJjTbOktcq+A2a4EyBes2Rd4bX9H2Fs2VVrSmUf3S/dO1b5
GiZamHnC+1zsXUB5IFcfjMSzeKKsOWYu9DmUcalsseo/XVJjxw9DzRnPUesI/aMs
y5kKKtNDcvAK4AWidME6LTP9FgiMx09sQfuAl4YCJv1trOvxt+dN932fbAkHVAq0
Lc90rG6LDLT1w/8i9evBRRX/ZexAI3vTGn/nTqKi+B9BdFA4dY0KiHtGIS+UNtNo
vL6PTKIRejGfqt13DwUWRobKnezcpJkTkdz+Pa+cQhdwSL2tFjr0hEbZL3e76YEx
CNsgbB9h0pIm/2YvhG1k0f0skWfjXLAtR6PQPKu1OycppX02fbK9XRShb+Fik7P+
GfFLxf4JYAMMOHsxP30EVQONiR9XsITH149GSZ3nTBX7vUsk3b7Z+ou1Ma27EhiW
iPWTqpDgLQ/VZW+027h/l8iwv52L8eE6Y+LE32jNUTQjMW3OWKw9zknX4wciNR07
EPAy8eC9rfhUVnTB7RJlTOY03yyEiBjowJn/0e0g8+AUMKC4mAuasPUwPhptQ6pH
8up/75WglUAg04eni0p5g6X7rGj+09OEDNMtvYVt7HglX7T86O2sBcVKa/j095jS
XAGIy2HXf+By9BFKM4q6uuAh4QceHn2QaQ/ckhYGMrHulzAeORPxYaYdXoeEj18k
auBqSPzj8E9yPi4jl+miEO9BgVhRW45cxBbn2XV2KE08PIP9mZ2jxK9Ne4HQ
=jkZ+
-----END PGP MESSAGE-----
fp: 29F5017C95D9E60B1B1E8407072B0E0B8312DFE3
unencrypted_suffix: _unencrypted
version: 3.8.1

33
systems/jeeves-jr/services.nix
View File

@ -1,33 +0,0 @@
{
config,
inputs,
pkgs,
...
}:
{
systemd = {
services.startup_validation = {
requires = [ "network-online.target" ];
after = [ "network-online.target" ];
wantedBy = [ "multi-user.target" ];
description = "validates startup";
path = [ pkgs.zfs ];
serviceConfig = {
Type = "oneshot";
EnvironmentFile = config.sops.secrets."server-validation/webhook".path;
ExecStart = "${inputs.server_tools.packages.x86_64-linux.default}/bin/validate_jeevesjr";
};
};
timers.startup_validation = {
wantedBy = [ "timers.target" ];
timerConfig = {
OnBootSec = "10min";
Unit = "startup_validation.service";
};
};
};
sops = {
defaultSopsFile = ./secrets.yaml;
secrets."server-validation/webhook".owner = "root";
};
}

10
systems/jeeves-jr/vars.nix
View File

@ -1,10 +0,0 @@
let
zfs_main = "/ZFS/Main";
in
{
inherit zfs_main;
# main
main_docker = "${zfs_main}/Docker";
main_docker_configs = "${zfs_main}/Docker/configs";
main_mirror = "${zfs_main}/Mirror";
}

29
systems/jeeves/arch_mirror.nix
View File

@ -1,29 +0,0 @@
{ inputs, pkgs, ... }:
let
vars = import ./vars.nix;
in
{
virtualisation.oci-containers.containers.arch_mirror = {
image = "ubuntu/apache2:latest";
volumes = [
"${../../users/richie/global/docker_templates}/file_server/sites/:/etc/apache2/sites-enabled/"
"${vars.media_mirror}:/data"
];
ports = [ "800:80" ];
extraOptions = [ "--network=web" ];
autoStart = true;
};
systemd.services.sync_mirror = {
requires = [ "network-online.target" ];
after = [ "network-online.target" ];
wantedBy = [ "multi-user.target" ];
description = "validates startup";
path = [ pkgs.rsync ];
serviceConfig = {
Environment = "MIRROR_DIR=${vars.media_mirror}/archlinux/";
Type = "simple";
ExecStart = "${inputs.arch_mirror.packages.x86_64-linux.default}/bin/sync_mirror";
};
};
}

170
systems/jeeves/configuration.nix
View File

@ -1,170 +0,0 @@
{ pkgs, ... }:
let
vars = import ./vars.nix;
in
{
imports = [
../../users/richie/global/ssh.nix
../../users/richie/global/syncthing_base.nix
../../users/richie/global/zerotier.nix
./arch_mirror.nix
./docker
./programs.nix
./services.nix
];
networking = {
hostId = "1beb3027";
firewall.enable = false;
};
boot = {
zfs.extraPools = [
"media"
"storage"
"torrenting"
];
filesystem = "zfs";
useSystemdBoot = true;
};
environment = {
systemPackages = with pkgs; [ docker-compose ];
etc = {
# Creates /etc/lynis/custom.prf
"lynis/custom.prf" = {
text = ''
skip-test=BANN-7126
skip-test=BANN-7130
skip-test=DEB-0520
skip-test=DEB-0810
skip-test=FIRE-4513
skip-test=HRDN-7222
skip-test=KRNL-5820
skip-test=LOGG-2190
skip-test=LYNIS
skip-test=TOOL-5002
'';
mode = "0440";
};
};
};
services = {
nfs.server.enable = true;
openssh.ports = [ 629 ];
plex = {
enable = true;
dataDir = vars.media_plex;
};
smartd.enable = true;
sysstat.enable = true;
syncthing.guiAddress = "192.168.90.40:8384";
syncthing.settings.folders = {
"notes" = {
id = "l62ul-lpweo"; # cspell:disable-line
path = vars.media_notes;
devices = [
"bob"
"phone"
"rhapsody-in-green"
];
fsWatcherEnabled = true;
};
"books" = {
id = "6uppx-vadmy"; # cspell:disable-line
path = "${vars.storage_syncthing}/books";
devices = [
"bob"
"phone"
"rhapsody-in-green"
];
fsWatcherEnabled = true;
};
"important" = {
id = "4ckma-gtshs"; # cspell:disable-line
path = "${vars.storage_syncthing}/important";
devices = [
"bob"
"phone"
"rhapsody-in-green"
];
fsWatcherEnabled = true;
};
"music" = {
id = "vprc5-3azqc"; # cspell:disable-line
path = "${vars.storage_syncthing}/music";
devices = [
"bob"
"phone"
"rhapsody-in-green"
];
fsWatcherEnabled = true;
};
"projects" = {
id = "vyma6-lqqrz"; # cspell:disable-line
path = "${vars.storage_syncthing}/projects";
devices = [
"bob"
"rhapsody-in-green"
];
fsWatcherEnabled = true;
};
};
usbguard = {
enable = false;
rules = ''
allow id 1532:0241
'';
};
zfs = {
trim.enable = true;
autoScrub.enable = true;
};
};
systemd = {
services."snapshot_manager" = {
description = "ZFS Snapshot Manager";
requires = [ "zfs-import.target" ];
after = [ "zfs-import.target" ];
serviceConfig = {
Environment = "ZFS_BIN=${pkgs.zfs}/bin/zfs";
Type = "oneshot";
ExecStart = "${pkgs.python3}/bin/python3 ${vars.media_scripts}/ZFS/snapshot_manager.py --config-file='${./snapshot_config.toml}'";
};
};
timers."snapshot_manager" = {
wantedBy = [ "timers.target" ];
timerConfig = {
OnBootSec = "15m";
OnUnitActiveSec = "15m";
Unit = "snapshot_manager.service";
};
};
};
sops = {
defaultSopsFile = ./secrets.yaml;
secrets = {
"zfs/backup_key".path = "/root/zfs/backup_key";
"zfs/docker_key".path = "/root/zfs/docker_key";
"zfs/main_key".path = "/root/zfs/main_key";
"zfs/notes_key".path = "/root/zfs/notes_key";
"zfs/plex_key".path = "/root/zfs/plex_key";
"zfs/postgres_key".path = "/root/zfs/postgres_key";
"zfs/qbit_key".path = "/root/zfs/qbit_key";
"zfs/scripts_key".path = "/root/zfs/scripts_key";
"zfs/syncthing_key".path = "/root/zfs/syncthing_key";
"zfs/vault_key".path = "/root/zfs/vault_key";
};
};
system.stateVersion = "23.11";
}

7
systems/jeeves/default.nix
View File

@ -1,7 +0,0 @@
{ ... }:
{
users = [
"alice"
"richie"
];
}

11
systems/jeeves/docker/default.nix
View File

@ -1,11 +0,0 @@
{ lib, ... }:
{
imports =
let
files = builtins.attrNames (builtins.readDir ./.);
nixFiles = builtins.filter (name: lib.hasSuffix ".nix" name && name != "default.nix") files;
in
map (file: ./. + "/${file}") nixFiles;
virtualisation.oci-containers.backend = "docker";
}

15
systems/jeeves/docker/filebrowser.nix
View File

@ -1,15 +0,0 @@
let
vars = import ../vars.nix;
in
{
virtualisation.oci-containers.containers.filebrowser = {
image = "hurlenko/filebrowser:latest";
extraOptions = [ "--network=web" ];
volumes = [
"/zfs:/data"
"${vars.media_docker_configs}/filebrowser:/config"
];
autoStart = true;
user = "1000:users";
};
}

62
systems/jeeves/docker/haproxy.cfg
View File

@ -1,62 +0,0 @@
global
log stdout format raw local0
# stats socket /run/haproxy/admin.sock mode 660 level admin expose-fd listeners
stats timeout 30s
defaults
log global
mode http
retries 3
maxconn 2000
timeout connect 5s
timeout client 50s
timeout server 50s
timeout http-request 10s
timeout http-keep-alive 2s
timeout queue 5s
timeout tunnel 2m
timeout client-fin 1s
timeout server-fin 1s
#Application Setup
frontend ContentSwitching
bind *:80
bind *:443 ssl crt /etc/ssl/certs/cloudflare.pem
mode http
# tmmworkshop.com
acl host_mirror hdr(host) -i mirror.tmmworkshop.com
acl host_dndrules hdr(host) -i dndrules.tmmworkshop.com
acl host_grafana hdr(host) -i grafana.tmmworkshop.com
acl host_filebrowser hdr(host) -i filebrowser.tmmworkshop.com
acl host_uptime_kuma hdr(host) -i uptimekuma-jeeves.tmmworkshop.com
use_backend mirror_nodes if host_mirror
use_backend dndrules_nodes if host_dndrules
use_backend grafana_nodes if host_grafana
use_backend filebrowser_nodes if host_filebrowser
use_backend uptime_kuma_nodes if host_uptime_kuma
backend mirror_nodes
mode http
server server arch_mirror:80
backend mirror_rsync
mode http
server server arch_mirror:873
backend grafana_nodes
mode http
server server grafana:3000
backend dndrules_nodes
mode http
server server dnd_file_server:80
backend filebrowser_nodes
mode http
server server filebrowser:8080
backend uptime_kuma_nodes
mode http
server server uptime_kuma:3001

134
systems/jeeves/docker/internal.nix
View File

@ -1,134 +0,0 @@
{ config, ... }:
let
vars = import ../vars.nix;
in
{
virtualisation.oci-containers.containers = {
qbit = {
image = "ghcr.io/linuxserver/qbittorrent:latest";
ports = [
"6881:6881"
"6881:6881/udp"
"8082:8082"
"29432:29432"
];
volumes = [
"${vars.media_docker_configs}/qbit:/config"
"${vars.torrenting_qbit}:/data"
];
environment = {
PUID = "600";
PGID = "100";
TZ = "America/New_York";
WEBUI_PORT = "8082";
};
autoStart = true;
};
qbitvpn = {
image = "binhex/arch-qbittorrentvpn:latest";
extraOptions = [ "--cap-add=NET_ADMIN" ];
ports = [
"6882:6881"
"6882:6881/udp"
"8081:8081"
"8118:8118"
];
volumes = [
"${vars.media_docker_configs}/qbitvpn:/config"
"${vars.torrenting_qbitvpn}:/data"
"/etc/localtime:/etc/localtime:ro"
];
environment = {
WEBUI_PORT = "8081";
PUID = "600";
PGID = "100";
VPN_ENABLED = "yes";
VPN_CLIENT = "openvpn";
STRICT_PORT_FORWARD = "yes";
ENABLE_PRIVOXY = "yes";
LAN_NETWORK = "192.168.90.0/24";
NAME_SERVERS = "1.1.1.1,1.0.0.1";
UMASK = "000";
DEBUG = "false";
DELUGE_DAEMON_LOG_LEVEL = "debug";
DELUGE_WEB_LOG_LEVEL = "debug";
};
environmentFiles = [ config.sops.secrets."docker/qbit_vpn".path ];
autoStart = true;
};
bazarr = {
image = "ghcr.io/linuxserver/bazarr:latest";
ports = [ "6767:6767" ];
environment = {
PUID = "600";
PGID = "100";
TZ = "America/New_York";
};
volumes = [
"${vars.media_docker_configs}/bazarr:/config"
"${vars.storage_plex}/movies:/movies"
"${vars.storage_plex}/tv:/tv"
];
autoStart = true;
};
prowlarr = {
image = "ghcr.io/linuxserver/prowlarr:latest";
ports = [ "9696:9696" ];
environment = {
PUID = "600";
PGID = "100";
TZ = "America/New_York";
};
volumes = [ "${vars.media_docker_configs}/prowlarr:/config" ];
autoStart = true;
};
radarr = {
image = "ghcr.io/linuxserver/radarr:latest";
ports = [ "7878:7878" ];
environment = {
PUID = "600";
PGID = "100";
TZ = "America/New_York";
};
volumes = [
"${vars.media_docker_configs}/radarr:/config"
"${vars.storage_plex}/movies:/movies"
"${vars.torrenting_qbitvpn}:/data"
];
autoStart = true;
};
sonarr = {
image = "ghcr.io/linuxserver/sonarr:latest";
ports = [ "8989:8989" ];
environment = {
PUID = "600";
PGID = "100";
TZ = "America/New_York";
};
volumes = [
"${vars.media_docker_configs}/sonarr:/config"
"${vars.storage_plex}/tv:/tv"
"${vars.torrenting_qbitvpn}:/data"
];
autoStart = true;
};
whisper = {
image = "ghcr.io/linuxserver/faster-whisper:latest";
ports = [ "10300:10300" ];
environment = {
PUID = "600";
PGID = "100";
TZ = "America/New_York";
WHISPER_MODEL = "tiny-int8";
WHISPER_LANG = "en";
WHISPER_BEAM = "1";
};
volumes = [ "${vars.media_docker_configs}/whisper:/config" ];
autoStart = true;
};
};
sops = {
defaultSopsFile = ../secrets.yaml;
secrets."docker/qbit_vpn".owner = "docker-service";
};
}

37
systems/jeeves/docker/postgresql.nix
View File

@ -1,37 +0,0 @@
{ config, ... }:
let
vars = import ../vars.nix;
in
{
users = {
users.postgres = {
isSystemUser = true;
group = "postgres";
uid = 999;
};
groups.postgres = {
gid = 999;
};
};
virtualisation.oci-containers.containers = {
postgres = {
image = "postgres:16";
ports = [ "5432:5432" ];
volumes = [ "${vars.media_database}/postgres:/var/lib/postgresql/data" ];
environment = {
POSTGRES_USER = "admin";
POSTGRES_DB = "archive";
POSTGRES_INITDB_ARGS = "--auth-host=scram-sha-256";
};
environmentFiles = [ config.sops.secrets."docker/postgres".path ];
autoStart = true;
user = "postgres:postgres";
};
};
sops = {
defaultSopsFile = ../secrets.yaml;
secrets."docker/postgres".owner = "postgres";
};
}

16
systems/jeeves/docker/uptime_kuma.nix
View File

@ -1,16 +0,0 @@
let
vars = import ../vars.nix;
in
{
virtualisation.oci-containers.containers = {
uptime_kuma = {
image = "louislam/uptime-kuma:latest";
volumes = [
"${vars.media_docker_configs}/uptime_kuma:/app/data"
"/var/run/docker.sock:/var/run/docker.sock"
];
extraOptions = [ "--network=web" ];
autoStart = true;
};
};
}

81
systems/jeeves/docker/web.nix
View File

@ -1,81 +0,0 @@
{ config, ... }:
let
vars = import ../vars.nix;
in
{
virtualisation.oci-containers.containers = {
grafana = {
image = "grafana/grafana-enterprise:latest";
volumes = [ "${vars.media_docker_configs}/grafana:/var/lib/grafana" ];
user = "600:600";
extraOptions = [ "--network=web" ];
autoStart = true;
};
dnd_file_server = {
image = "ubuntu/apache2:latest";
volumes = [
"${../../../users/richie/global/docker_templates}/file_server/sites/:/etc/apache2/sites-enabled/"
"${vars.storage_main}/Table_Top/:/data"
];
extraOptions = [ "--network=web" ];
autoStart = true;
};
haproxy = {
image = "haproxy:latest";
user = "600:600";
environment = {
TZ = "Etc/EST";
};
volumes = [
"${config.sops.secrets."docker/haproxy_cert".path}:/etc/ssl/certs/cloudflare.pem"
"${./haproxy.cfg}:/usr/local/etc/haproxy/haproxy.cfg"
];
dependsOn = [
"arch_mirror"
"dnd_file_server"
"filebrowser"
"grafana"
"uptime_kuma"
];
extraOptions = [ "--network=web" ];
autoStart = true;
};
cloud_flare_tunnel = {
image = "cloudflare/cloudflared:latest";
user = "600:600";
cmd = [
"tunnel"
"run"
];
environmentFiles = [ config.sops.secrets."docker/cloud_flare_tunnel".path ];
dependsOn = [ "haproxy" ];
extraOptions = [ "--network=web" ];
autoStart = true;
};
overseerr = {
image = "lscr.io/linuxserver/overseerr";
environment = {
PUID = "600";
PGID = "100";
TZ = "America/New_York";
};
volumes = [ "${vars.media_docker_configs}/overseerr:/config" ];
# TODO: remove ports later since this is going through web
ports = [ "5055:5055" ]; # Web UI port
dependsOn = [
"radarr"
"sonarr"
];
extraOptions = [ "--network=web" ];
autoStart = true;
};
};
sops = {
defaultSopsFile = ../secrets.yaml;
secrets = {
"docker/cloud_flare_tunnel".owner = "docker-service";
"docker/haproxy_cert".owner = "docker-service";
};
};
}

56
systems/jeeves/hardware.nix
View File

@ -1,56 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
modulesPath,
...
}:
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot = {
initrd.availableKernelModules = [
"mpt3sas"
"nvme"
"xhci_pci"
"ahci"
"uas"
"usb_storage"
"usbhid"
"sd_mod"
"sr_mod"
];
initrd.kernelModules = [ "dm-snapshot" ];
kernelModules = [ "kvm-amd" ];
extraModulePackages = [ ];
};
fileSystems."/" = lib.mkDefault {
device = "/dev/disk/by-uuid/0f78fa87-30be-4173-b0fa-eaa956cf83aa";
fsType = "ext4";
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/BB77-2647";
fsType = "vfat";
};
swapDevices = [ { device = "/dev/disk/by-uuid/4c797a94-be32-43d3-89ac-7f02912c7cf5"; } ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp38s0f3u2u2c2.useDHCP = lib.mkDefault true;
# networking.interfaces.enp97s0f0np0.useDHCP = lib.mkDefault true;
# networking.interfaces.enp97s0f1np1.useDHCP = lib.mkDefault true;
# networking.interfaces.enp98s0f0.useDHCP = lib.mkDefault true;
# networking.interfaces.enp98s0f1.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

4
systems/jeeves/programs.nix
View File

@ -1,4 +0,0 @@
{ pkgs, ... }:
{
environment.systemPackages = with pkgs; [ filebot ];
}

7
systems/jeeves/scripts/plex_permission.sh
View File

@ -1,7 +0,0 @@
#!/bin/bash
plex_dir="/zfs/storage/plex/"
chown docker-service:users -R "$plex_dir"
find "$plex_dir" -type f -exec chmod 664 {} \;
find "$plex_dir" -type d -exec chmod 775 {} \;

78
systems/jeeves/secrets.yaml
View File

@ -1,78 +0,0 @@
docker:
postgres: ENC[AES256_GCM,data:IpXIrRDzyGFjDz908w1NNb0GBna/ce9lCtOkXrpUfyllsTWca6AeqaRo23bL4jfFGfHn0Zf9okLO,iv:IwO7vJJHFfm0SGcJETpWtdhr41jPddN9nuVAH/Ooa7Y=,tag:xstwPvpvkNOZucxvzq2+ag==,type:str]
cloud_flare_tunnel: ENC[AES256_GCM,data:Qx7g0tNSfVs9VnkuYw47XJjfF+RS9B5gvpBliGL93X8K/7iiyt0NxwWyAkmmaLat5h/Yu7C71rwBIIZsKf7Ke3YS0PfEpga76ftKt3h7VKMQNT7yAcU3LY4v2h3Molnzw2fnAhxfHkogJuAsZeJW9dIjo9H2QpSh/tn9kpC+PGb/T9dcqMm4fJPqP+rIcFCfhJl9iDOKOMQ9+xVNnKZ2HQlAwPMCz29BgGCxh0cYYk9ftXPK7ZnhjwUj4bfnaKfByIPpAtk=,iv:8yz2vXanGZfOkZF/D0RP2LPqHebbOM/XBPg2eCCGs8g=,tag:67da31iZTQaMURKf9dfiJw==,type:str]
qbit_vpn: ENC[AES256_GCM,data:SRkcWb2wTTfWlgkbDSN6j5+dXnG670qFGtG2x4fajkE8eK4U30DTxrlbzta5ZMtm0Y9bquy3DcaSMF/u9CBrLbBS8mhcJw==,iv:LpkS7O+eutPUDpY5NlYjgafK6UuFsS+18yNpB+JmzcM=,tag:0Y+vj80MAbh2U+UsyH3MEA==,type:str]
haproxy_cert: ENC[AES256_GCM,data:6yRv0cz/vBVguAPOsENhmH2uwwgL5AkOkkDQQ+PVPEEiOTIn1WPONhnG0UqR3FsWJal8qECH/zTF1XMmdK4VHQXwMA8gGScpIrgeWuhdCbXsJ7RxZBzVESOCo8ZOcR43w3Qih+0iz3SsNmX262/D7DIzKYlLovyoJDGZa5jo0n2zCZiRfbdal8m02dplaFHMsGy6+Gn3Uijo9MnnuWvgihBh1ekRnpSzVM4/IyyvUunK0vEapVsgOq+brdW2x0BQFgL3PLGaJbAbzFhXYI1MmD+D7RzOGSzNmrj1ezea+b2Lb/p8CATh05i+lz6530U6iwun0lcREDxPrJgU0TsI/JZGSq3blHn9lZuHmnwBp05LsliBO+yoxgqnC45/xTZwiSdlyqqnXHlXPuBS7UoJFlll93aIpULfNZMyqx/FO5ckmV0nuNVMCrF7JfsE+t/XNs077kB4FKYNk4TDodKyn2scfypQFK7qprW9JKJwx0Se8FWU2fMKsuMszElMLudRHagyDVO+LJ+/ta6Qj68CRU1g8cQANh4Q6PwI0HABX3J5n3ERQUxZvVeCq9FRMJ7JE0was3QfBGGPROHksK+rP9y8g8CFRgGjwzDoxslaYO+tIiIsaDcqbTiOQDTiDh4/ioqX9EENrA8qIEtKSn6m35+4pwY0xvKToAnI7vhwQ93A1mZrwKXgoNSShA4Q+MfSEIuJd6LJihLh5IFvl595iOpGDWCJsXZnDL3K8B6oofPTtLnOOQC4sy9wGiNshdgfv6aVwpdPKvOtFwHmu1n8eZInfSZgUdwUaHHMXjrXHboBQ6ZPsrdZBt9ADSUpz+uN6+TgXq6HLWHSqtmrWS6jABQfbpHH7pLZAXuii4MsnTEr1rOEbtgZTH6Sedd57Pp5MpNXDg950vd9plCkGPiRfDUWXHnRw8frWfoTS+eOqkVwJ0+v48IskuYLZSCAF0/kumtbySDQStNowF+cAp7lk24Cp8W8PXw/LqI8U8FijVxMPtgzLwRKKd10zRI+Jrsi9E8YXSKCaFMIBLottRHwdvWA7aIYnuVTxzCmHt1jhJN349bjC/yTIuIS4gW+XlriFqip17Eq/878+Uduwf1+Fxqdpv8kDleyqix0SO/JmhQijgIUhc3Im3whXicEu6vlivzJGyjA/ljFyJvV/irRK/VrIWEoA5nLX74fmF9Ku/O94pDIPaKCsCP+N/fOPLG5ucw6lPxllZS9qg2cNsl9ajXGPu8GBB4FaZUt/Ufid6xjC5YloictI3Bp5x2glhpxzQ8zAbv5vpBA0h6xhkt4NSmxWurvBmRoRnBdYIvEaeoehj10yLpiY4DsZYLTU5IrLV/aYlb2q4K2OKRvYOBQgeDtEkIMqHYWsddfKHi+1KjQ/176DDIbUoYb4XtPJmNOcIeRM2oiaCcTzerU5TXL5qBl213buTcIPaV0sVVxoH+2RYBM28mjQoj8sHwQLLuFve0MeUZzfJ8MqMM+Guhn25aw4R0tGkiRBUL5d8l86awOpqXtFiK2QTh3S7QeZoCA80YVH5r6FdqMz34UgwEFo0nfBcH2nSnDwpcBrbwzV6/Xahck4nVaIn6znJPqlIKntfeXJuXl/9ulpwx7D4mL7hLcal9WY62KZ1PQ+NHz5WjaPbgLMdeNFFr6CKGGqSPkTOhjgQ1y4ChuYfbVn+yZRqUwhFWtKuuouAZXH55KkVlsB39H+oNYp0hqAUiVkeawHqbTgOHb+llz0uF7r0TGD23aMXeV58n0i3xsDET9mhxSyj5vUo5iqY8eEqgn4mOvsdp6rkpC4c91drgV/gFJu2jgCvVVdG/mHFVnZEv5+/rA2reqdqMTBOpLQNEbL5Ih1LKG,iv:PUp78PWvy+lmcLiR295BGiVTLnAPX+du4lcw/Pvq/KE=,tag:k/3H2+jF9no751mvO5S5WQ==,type:str]
zfs:
backup_key: ENC[AES256_GCM,data:sJzR/DfM6+tmmcewZT+NAJk0gj8wmU43QfFCRCj9+2GITOS8suRL7E5rHTherCZgRe79T90ikM97bYf9RbZdtQ==,iv:j8F3BG/hh7UK3kC+pB6WO0OHlSSHn0jo90AgaTdpyNY=,tag:5hraDn8YqS/q57y26AXwjw==,type:str]
docker_key: ENC[AES256_GCM,data:HiW+3IYJCgqg9HJmPYQinhb6kWJouORABKniryY5e35tf8BQGKn1ldgj4Dw+79SYmvIUbf4ZSja0Ziz1isKTWA==,iv:6vBtbIlTHC+PUgyXYb92SnMTuWd8jCaEzZ3Vmv2QHhA=,tag:izKWtAQWRfn5tAYKyOO+ZQ==,type:str]
main_key: ENC[AES256_GCM,data:6ZZQc7TSAuK4PrxQxegPrFMjT1SZlRGgg5VgVg1e6ZM1RO9ZDjhcmpFRd1pkbm5DEJKq1VpUxTvxXGQDrMYO9A==,iv:Yp2jTtBd8gjB8Sdfb06ZBLpVd/KCjs/pfnBRT2ll/0c=,tag:F0HSbkZ8Z45WkUY/VNwvHg==,type:str]
notes_key: ENC[AES256_GCM,data:y3fTl3aNl8RaZwBR2thy7qfxilw+wGEj8+tTuRr+z+A6ol9N6droFNBHQcK3yWDWP8MhMKe1efWhgbZ0Raz17A==,iv:BbBjMtsb2ZDJjgbgkXP3SYl3xklI5xWmW3X9mlLlvdI=,tag:Ic3rLP30wApmOeLGFEYgVA==,type:str]
plex_key: ENC[AES256_GCM,data:fWzTSKkVCkWmZ9ZDv1/OYYZPsQKV54Ib98Bq4A+4ibT9mk28Zp7XeczOJVj6+K4+04EQgQj8RyP2x70tuFp3Xg==,iv:pyHzIo4ws4Lyd5zVflUa7yjNVefTTpEdkjCVmXDuucE=,tag:msn0NFXuq3zKGY5vE1nR1Q==,type:str]
postgres_key: ENC[AES256_GCM,data:mLa0A6pJXZ7BX9bYat9mQ30Dx/KWU9KHjiApuapBUbRtH+gtAJRGwLeXJPyMTOirFwuWWTdOts8dTMESWp7eOg==,iv:MFyo2LbdsYeoUyhWEv0EWKXNFhxoLjNs5M7ar6dlrjw=,tag:KpaatId8TdVzAEelD1tlzQ==,type:str]
qbit_key: ENC[AES256_GCM,data:19XIzi4waSOLdfgKo8z6NMX9Ee4Xw1/JqbjQEvKwWh+ar2r5P3sFJMHI394ebx4vITO0lOzl/EwcUiWt7LB6uw==,iv:s+TWyb5SzeCFZAZdKs28o7s8So++eLqR1Qc9ZWjUGwY=,tag:teHdPEhWkzDWizJD/czA6w==,type:str]
scripts_key: ENC[AES256_GCM,data:2htMEDCByUbCQ1loPEDCVNtXXqffCRHMpiobEDHI506hdEk6d/N7lmlUIqLa5YCNB6ozt0y6EEKBxnbouEHIWQ==,iv:eUYmsliDF49BNSpF+KSiT1rlPtzQpmhNC8Cy2tahMX8=,tag:8xCvm1LwDPArJ/woIO23Bg==,type:str]
syncthing_key: ENC[AES256_GCM,data:36zfmVuCEHFED3ODeoGuAxJvySY1SxWT9ml+DFvb01KdUqIGZDZj1cKoZCH+GsgYJMsQF6t+uqZJOGeyNmzMlg==,iv:17tLW4ytRpUmmltA4UIZGhsrNAGRjvucxxt9zLM3C54=,tag:YWirDB0fYSpu1evqVaoa+Q==,type:str]
vault_key: ENC[AES256_GCM,data:kFZa5oRVXuSp7W7311i0d8b7I0Y3P8bZbBoaaICuH1IlMLBVd6SUhL8cfFU66yj91W6uUJU/Oy7NpP3rM9mhGw==,iv:neRhOqW/b2DpUqoA5JJxLS4fSqj8ZGxRXv4pEPm7Wtc=,tag:bfAD3GAO6F2hBCZy7P7KUA==,type:str]
server-validation:
webhook: ENC[AES256_GCM,data:54MQzwEOf6uS6cgnPeJizRXMvGTGxLf6q1N3tGDxxpXKmSJedW+kpY2GoV91SxeeTWUyDKQcWp2fs5SwrdfDFHID9JN4wWJM0JjADggZ6u+BMEH01nnXpCJlhGq6cxDkI6gNSVgNVQW/eYNHDhnVmwwGpse4q62G1TmKlziBCv1Qahn4c3O+bOOEssio,iv:2Rcg7XSCmQeFd2oaX4GxSGXwgE3Ep1WsoPRRYo0dvH0=,tag:rPjDghxdcpME5SwoPKWv2w==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age128ehc0ssgwnuv4r8ayfyu7r80e82xrkmv63g7h9y9q4mhk4w9dyqfymc2w
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTREhIRUd1K3JCM29mVHVv
d2Q4eFBLWnRUTGEzelZOMS9ScXNyV3ZGbHpNCjNCSEhmTDQ4VUtta0RXdXJUY0da
Vld5WDlJS3oyWkk5KzUzam9PYXZSa1kKLS0tIHJuaktpU3hnUWEwZzc4eHNjSitI
bVhXamJyMWMvODUvajk2aDZnQ1k1blEKoNIYxUA+k+DA+1WYq5BSa0iXuQ2Lctuy
9W7OO2m+QGzjdLLM0uS7WWGXWP2cDDgUGcqozTqM0Oqi2/OY0Bo3Jg==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-07-07T23:09:43Z"
mac: ENC[AES256_GCM,data:36CZLl3+VSFTSTj9jDT9972XZMXjaY5jo9FZ7I7L0sOSBRH8vQ+tFww7hVHe5M2w/+YA0SRGH3r8WCbie6GeRjmY+BZu42H656K0WrpRN8ERFv+io8geACdqUsLo1VLjhDrfXaGnNOHLpmMC5dqyPXlOphiolt+ArKOBLuqtrnY=,iv:jaL/l1zwYusThKeR9C62fEGHwiv4fEvCarSiavjxQ0U=,tag:xgygx6KM/J4w55CzdLeCUg==,type:str]
pgp:
- created_at: "2024-03-02T20:52:17Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA84hNUGIgI/nARAAxQSkqnR75Rd1htAv7esbpmXlrZH+frTL6V4jGoAiqTeF
TSA46E2nl7rVqPTws74OOb+O5bN3OkHSmmWzIbj6Pc8YnqY4t9N69zoCHtsbI1kn
FQ4WwUdzofIUMKwF+E31/knyKbf/IjSKTZKcDQmn6QErOdDmsN9/z6+ixLt+rdsz
lKwMX8axgmwgRsWI1Xhlb1qs4TZxheQQ4A4WYYNB1NhH0ZTIehI+FGe+wHh36UXf
cY/Z7KRLdozoLsuuAIAoXx/dr3KpwuyKHfp9MdZLzO/tvS9vA1i+tKRXmiDs2uuv
itCOTrt1H7LEpUfdBYD9ll2mdiRnVzR4DxNnGLPkxsyAglejTxR897DcYFC9xhie
X6UfKTOIeAGXVUqphp8HB0CEFBW982246kDSKdOI/R3+X4T5fvMpLTb5XvkOlCIi
JUwXxoq3SA06a8WCS6QH8jLnXrcCKzX1TJh0RzT7/RUvKDN6uxxccxOksMExvgBG
nqfOcLiCXBzluCseDgmjcW0/arm1d88Kd7ayMv25CX1Py5uRRQOkqqnCdNIk5Yy5
0R+KyOPeZPThVTE1DhJ3QyF499XMoFjerHyanwIlvkAQtet1k8EKih1KSD9N38ga
K1HRowhoPMkszsU6+LZYL3MD0aUkfz53b7JvzIxYsfJgztwg3ki0qteEXUNyLMTS
XgG9xHF63wa7IwBtKgQKX/CVCwpg5EuNfwbACbIQAC9QZ/F6z+Ud2UJkSs94UUF4
aOGb2P1QFvLbP7m+7TNmvuLT5BDcS2XE0IWRDilkeiFU6ijGW8+iQ5oTzv+TmA0=
=JbRX
-----END PGP MESSAGE-----
fp: F63832C3080D6E1AC77EECF80B4245FFE305BC82
- created_at: "2024-03-02T20:52:17Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA29thaGx06tOARAAm8GMWZxxY1UBYK7p60Hlw2qCOH7KZ5cby8vm9dWz3Tnt
+YKW2SsRniwY6KaSVvnUuRBY75BF6jahW6+h9Nvhsrsvq680UIaQtO6l6KmtnxHV
S6vEDmvoFZVWG1xOEGYHVQ+GF9elIwuYrzST1OU3vATMstMxrm0WQJ2lOq7YpuGi
hNoMK3nMxpmTlT49CYn2sGX3PlNA4qDOVo/fwL5m3lV5mKzJNs7q8IakbPZm6yqR
wGjfkHq3ZlKnTUC66sBX8yvSoZ2cM6vrYhxgb1Um8z9BKLpAb7Rr9AXB5IUWxSkz
jXyEi9aDySDxv2HkjP3fE4D5wtC1neS8YsYDBcSsqoXt5sKAs1DOvzLbIOkObH3Y
uSxozoGJu5CVnBrOpxXdNf1RMnww85uxSAupiLQ2fsC/0AaeGB8dPYIZr/WekWAR
RF3igqZX7KVRuomUOt9fwJoHnRr1GWCHqYTB3P7/e52JcmCggBRLcnhC/1MKgMtN
RJh8Uuu9aXCBfR148W+s76xIdVwypPWbk8l911TdL1eRKx+d+kxAa1ugIqihvkBQ
sGjZltEe0ogAsDpS0Cy/HRH8Yz1Qk2gTh1QZiv865aVVfWu0OTU27TlfCyMQQCkO
LtBfOWylV6pJG3aaO2QA+4f4ab8flxdg8DrmBlhudzYY2goHIcfe+CdPygrKB/nS
XgEx1HFw47B1YJxY7FiFgEwnI6/AJuf136u1i484nVYXAr5PtnyaXH7kqVozHouT
sPkE1v7+EpOIbhEdXQxbSG0AXKomUwu4SJgxSitdTajAQYfHHfTVjdnUqyl8QHw=
=wX5X
-----END PGP MESSAGE-----
fp: 29F5017C95D9E60B1B1E8407072B0E0B8312DFE3
unencrypted_suffix: _unencrypted
version: 3.8.1

52
systems/jeeves/services.nix
View File

@ -1,52 +0,0 @@
{
config,
inputs,
pkgs,
...
}:
{
systemd = {
services = {
plex_permission = {
description = "maintains /zfs/storage/plex permissions";
serviceConfig = {
Type = "oneshot";
ExecStart = "${pkgs.bash}/bin/bash ${./scripts/plex_permission.sh}";
};
};
startup_validation = {
requires = [ "network-online.target" ];
after = [ "network-online.target" ];
wantedBy = [ "multi-user.target" ];
description = "validates startup";
path = [ pkgs.zfs ];
serviceConfig = {
EnvironmentFile = config.sops.secrets."server-validation/webhook".path;
Type = "oneshot";
ExecStart = "${inputs.server_tools.packages.x86_64-linux.default}/bin/validate_jeeves";
};
};
};
timers = {
plex_permission = {
wantedBy = [ "timers.target" ];
timerConfig = {
OnBootSec = "1h";
OnCalendar = "daily 03:00";
Unit = "plex_permission.service";
};
};
startup_validation = {
wantedBy = [ "timers.target" ];
timerConfig = {
OnBootSec = "10min";
Unit = "startup_validation.service";
};
};
};
};
sops = {
defaultSopsFile = ./secrets.yaml;
secrets."server-validation/webhook".owner = "root";
};
}

29
systems/jeeves/snapshot_config.toml
View File

@ -1,29 +0,0 @@
["media/Notes"]
15_min = 8
hourly = 24
daily = 30
monthly = 12
["storage/plex"]
15_min = 6
hourly = 2
daily = 1
monthly = 0
["media/plex"]
15_min = 6
hourly = 2
daily = 1
monthly = 0
["media/notes"]
15_min = 8
hourly = 24
daily = 30
monthly = 12
["media/docker"]
15_min = 3
hourly = 12
daily = 14
monthly = 2

23
systems/jeeves/vars.nix
View File

@ -1,23 +0,0 @@
let
zfs_media = "/zfs/media";
zfs_storage = "/zfs/storage";
zfs_torrenting = "/zfs/torrenting";
in
{
inherit zfs_media zfs_storage zfs_torrenting;
# media
media_database = "${zfs_media}/syncthing/database";
media_docker = "${zfs_media}/docker";
media_docker_configs = "${zfs_media}/docker/configs";
media_mirror = "${zfs_media}/mirror";
media_notes = "${zfs_media}/notes";
media_plex = "${zfs_media}/plex/";
media_scripts = "${zfs_media}/scripts";
# storage
storage_main = "${zfs_storage}/main";
storage_plex = "${zfs_storage}/plex";
storage_syncthing = "${zfs_storage}/syncthing";
# torrenting
torrenting_qbit = "${zfs_torrenting}/qbit";
torrenting_qbitvpn = "${zfs_torrenting}/qbitvpn";
}

3
systems/palatine-hill/attic.nix → systems/palatine-hill/attic/default.nix
View File

@ -114,7 +114,7 @@
serviceConfig = {
Type = "oneshot";
User = "root";
ExecStart = "${config.nix.package}/bin/nix ${./attic/sync-attic.bash}";
ExecStart = "${config.nix.package}/bin/nix ${./sync-attic.bash}";
};
};
};
@ -132,7 +132,6 @@
};
sops = {
defaultSopsFile = ./secrets.yaml;
secrets = {
"attic/secret-key".owner = "root";
"attic/database-url".owner = "root";

5
systems/palatine-hill/configuration.nix
View File

@ -6,13 +6,14 @@
}:
{
imports = [
./attic.nix
./attic
./docker.nix
./haproxy
./hardware-changes.nix
./hydra.nix
./minio.nix
./networking.nix
./nextcloud.nix
./services.nix
./zfs.nix
];

5
systems/palatine-hill/default.nix
View File

@ -1,8 +1,5 @@
{ inputs, ... }:
{
users = [
"alice"
"richie"
];
users = [ "alice" ];
modules = [ inputs.attic.nixosModules.atticd ];
}

1
systems/palatine-hill/haproxy/default.nix Normal file
View File

@ -0,0 +1 @@
{ ... }: { }

46
systems/palatine-hill/hardware-changes.nix Normal file
View File

@ -0,0 +1,46 @@
{ lib, pkgs, ... }:
{
boot = {
zfs.requestEncryptionCredentials = lib.mkForce false;
postBootCommands = ''
${pkgs.zfs}/bin/zfs load-key -a
'';
initrd = {
services.lvm.enable = true;
luks.devices = {
"nixos-pv" = {
device = "/dev/disk/by-uuid/614787a6-784a-4932-b787-cb6424725444";
preLVM = true;
allowDiscards = true;
};
};
};
};
fileSystems = {
"/".options = [
"noatime"
"nodiratime"
];
"/home".options = [
"noatime"
"nodiratime"
];
"/boot".options = [
"noatime"
"nodiratime"
"fmask=0077"
"dmask=0077"
];
"/nix".depends = [
"/"
"/crypto"
];
};
}

63
systems/palatine-hill/hardware.nix
View File

@ -1,48 +1,65 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}:
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
swapDevices = [ { device = "/dev/disk/by-uuid/2b01e592-2297-4eb1-854b-17a63f1d4cf6"; } ];
boot = {
initrd.availableKernelModules = [
"xhci_pci"
"mpt3sas"
"ahci"
"nvme"
"usb_storage"
"usbhid"
"sd_mod"
];
initrd.kernelModules = [ "dm-snapshot" ];
kernelModules = [ "kvm-amd" ];
extraModulePackages = [ ];
initrd = {
kernelModules = [ ];
availableKernelModules = [
"ahci"
"mpt3sas"
"nvme"
"sd_mod"
"usb_storage"
"usbhid"
"xhci_pci"
];
};
};
fileSystems = {
"/" = lib.mkDefault {
device = "/dev/disk/by-uuid/b3b709ce-fe88-4267-be47-bf991a512cbe";
"/" = {
device = "/dev/disk/by-uuid/8bfaa32b-09dd-45c8-831e-05e80be82f9e";
fsType = "ext4";
};
"/boot" = {
device = "/dev/disk/by-uuid/4CBA-2451";
fsType = "vfat";
"/home" = {
device = "/dev/disk/by-uuid/4f1e4cc5-b0e1-402c-895c-b28368905ccc";
fsType = "ext4";
};
"/nix" = {
device = "ZFS-primary/nix";
fsType = "zfs";
depends = [ "/crypto/keys" ];
neededForBoot = true;
options = [ "noatime" ];
};
"/boot" = {
device = "/dev/disk/by-uuid/F774-5A2D";
fsType = "vfat";
};
};
swapDevices = [ { device = "/dev/disk/by-uuid/96f3107b-db94-47b3-963e-6a2cb8b4e66a"; } ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.eno1.useDHCP = lib.mkDefault true;
# networking.interfaces.eno2.useDHCP = lib.mkDefault true;
# networking.interfaces.enp72s0f3u1u2c2.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

1
systems/palatine-hill/hydra.nix
View File

@ -132,7 +132,6 @@ in
];
sops = {
defaultSopsFile = ./secrets.yaml;
secrets = {
"hydra/environment".owner = "hydra";
"nix-serve/secret-key".owner = "root";

31
systems/palatine-hill/keys/zfs-attic-key
View File

@ -1,31 +0,0 @@
{
"data": "ENC[AES256_GCM,data:WoJfZqlMPpb3ub0HGOyZvIlte5F6T7OIwJ3aFYe1tuM=,iv:2VivO2x6lIrYOHUTg3bi1p2iRSvm7J/zyL7f09bmSLo=,tag:NFRSIsp1LvupCEMuTQS/nw==,type:str]",
"sops": {
"kms": null,
"gcp_kms": null,
"azure_kv": null,
"hc_vault": null,
"age": [
{
"recipient": "age1z8q02wdp0a2ep5uuffgfeqlfam4ztl95frhw5qhnn6knn0rrmcnqk5evej",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBqeVhwUmNyN256YnowRHJa\nQldwZmpQZWR1dFJoZzF6blo3NWR6WFJhT1dVCmtnb3BPTW5NeEk5Y0FWVXFDUUR6\nV3kyaHpscWc4U1pFVDBFSE9qZCtaakkKLS0tIHF0QVZTazdVQWk3Sk5wTjYvOFNQ\ndTNUbW1UMnQ0RkYydmVQbzVwVG93TzQKSeg+Z2tFmrIAmg9Noit0hcmii6DTI0fu\nqCZCk/+WZrf53kxgpDHXlWhOKIyxiVgQyb/LwPWe3kOS8oOpiPhO5g==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2024-04-13T21:15:26Z",
"mac": "ENC[AES256_GCM,data:3eJM5AKZRHweMxDq7NE3zLTGpPrVfAeCw8xwv0s8s7/ooILuel/vfGaqYi/12dtFiK1+Ag5nhxp4fOiLRGpgT6W02Y5FOnxv4YBQT9Tuv+/Ypr1WlMTFp4S3SWdO+6iVRJrnJYZz0QC831hxnQ/PNiH7DvKXeZjqfZGotCRpv0E=,iv:CmzxWWpkT1lLevki8ZygCnXLXwkprWJG6giCzKWZtmQ=,tag:6DESpuEhSH1dKlxZnelikw==,type:str]",
"pgp": [
{
"created_at": "2024-06-19T16:27:36Z",
"enc": "-----BEGIN PGP MESSAGE-----\n\nhQIMA84hNUGIgI/nAQ//RxBt9UJcnb5rVsV0XRhrt6CQ1bEXGTR/b5r+QRglCYQQ\nL1n5NXlNKPRk2vrRXcQE3q39dcc6xkg0LeVGSBKZKuE+9TG97KZQ6xfPUucWRQEj\nwaxgzHkZUZfZYlojFiHLIto39K63LjEYCq8KYQDMfOgx1uY2vEGHDdfpQt46zmhF\nSsMkCEDHAW5JPa+8JxP9K39xTXpz1r+M8+VyOacx4f5j8u0qdR24Lf5cPrGIOylh\n4YNS0MPxMAuXR27mblijVITUDhH4I8Zpr+hM8xa1k+1I4EjRtO8c5ADnjQ67I5kR\nE2ZrSaki+dubRYZ1XkfVrWVAmSs3kE/x3LSF9Kw5kQBIYtpZoP/cuRZX0F0OXwor\n8SDZCS8LYq3z9/zUK3Mi3A+Rfai1/eI5WJqhYMN8lSvOP73SLN3jFHkgUSILgE1q\nMapn3MVmQEtayM/CHDWzHuKhfMJje4mCpRHbr5PHzX99jsOKxpO4tTI8Cw7eCnFm\n1q9T51pSH+YsEX6lRZ1H+kz2s4DYcLBK4M5YWbAdm32X+MRi1kZnFeDyZo1d99sY\nd7seb7ITAb7lOB0qM5ZgoRczx25BbT94KEILIlpL94QtMUenuIxOA0lww/JScsja\nnphB1nvyT0wSsZlcPSHdV41Tjqk6FKQy/V96SHSQwZ7yz6SGJIDCUH3Rp1EwWg7S\nXAEY31iLhOLFv+C+8K7gWnm4kH/MFOx7f2DlyNWLAV+dzP7bo7G3YgRnJrG08mRP\nQiXwIK06/Vn3nBcW8NyDa7p1WZ6V3t9TfWOLA7iiEoz4EQYlCFIr6ELog/fm\n=FsHJ\n-----END PGP MESSAGE-----",
"fp": "F63832C3080D6E1AC77EECF80B4245FFE305BC82"
},
{
"created_at": "2024-06-19T16:27:36Z",
"enc": "-----BEGIN PGP MESSAGE-----\n\nhQIMA29thaGx06tOAQ//fWq7EbsGD12yyZb6e7+BPcWJ6nNYmnb0E0eurtV5pBG1\nt/tvn6ZPT4noUyzOk4bhyBTiHaLQMMnrRNhp3wIpQrW4AlhvURU4shLrkRWmOPQ6\nXItYNm9REO40EHaxDC9YIt3j5HLEeNqRwgiq8m8kxIHZIWw12x6tct6TEgH+FmtI\nNIZyuPPW/jkMOcU8a49KlgGfDYIr78gZGYQYuFxNbCc38uyRAXa6udM5079bAhzf\nfn5qZcdriomQq5r5dhB10MbllNkxP9f2p/ia3vPKOz+hS3GB3IScgvzJrpkdnDEa\nVmNEWm3bN+fpxA8E43LSuR9u9BJHIQjacHrqDI3Hl6lvuvKgcJvrxK0dxYwAxbPE\nvFdA18kn4HxUbRxwH7WrA4weozQDFamEtIyO8MqtGgz4MAOf3A4cMbbodSww2OGJ\nWjjwtEf5KB1R5dpNqJcFJ0OGQINAp5+TFrOOPFYcPsTBVvxiKToT0XUITbcZILcy\nhnH2Jgu8yngQaSlqLHcwaTUUmQFMxqtp9mntjAfirH3ZjEessr7b+Wj0XETBMr96\nRR/dxUAysXcr0RtKct0enpUgeuXpxPwULBsczQCkP1wULQX2VOtbkXZPWUy5AkWV\ne8X9ElcbqiVCgVQKpAjjGT/seTuo6e18/pa2a6cKLTtgOXzz56A3fK0zAu0QKArS\nXAHa2408UsGWmHTVVMFJRR9KorLX6wcuRDST0VneQnCMpLKKrE73sxi2GLES9Ddu\n9/P8AnBg9MZYv58sYie1mcJFQr/EugKWhgkolzz1/l6KOHDhWpu8i0ME6ogH\n=5eLP\n-----END PGP MESSAGE-----",
"fp": "29F5017C95D9E60B1B1E8407072B0E0B8312DFE3"
}
],
"unencrypted_suffix": "_unencrypted",
"version": "3.8.1"
}
}

31
systems/palatine-hill/keys/zfs-backup-key
View File

@ -1,31 +0,0 @@
{
"data": "ENC[AES256_GCM,data:ZIEsrztgVYaYJU93rNUuoaVLalV7ZeSIqVtkl9SZtWs=,iv:27ulcGcA8QZ/uOrvwmanwTfbSAk/dEDEIq3aDJy9an4=,tag:8hf4qaPh3LwDUhkQA2XXXQ==,type:str]",
"sops": {
"kms": null,
"gcp_kms": null,
"azure_kv": null,
"hc_vault": null,
"age": [
{
"recipient": "age1z8q02wdp0a2ep5uuffgfeqlfam4ztl95frhw5qhnn6knn0rrmcnqk5evej",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2WVBxTW13SmtNOElrMlRZ\nUUtBNStOUGpiVUJrYWF4QTVRYjdyMkdpNzM0CmpTeUhzRXJxSlc2T1ZNMk9HS1dF\nbVRTdEZ3WmxVbTdNYWE1bm9QT203MFkKLS0tIGVmcGdlbjg2OVVJUTNKZXdKQzFL\nWHllVS9mRDZiOUtEYk5BTTJha2EyVncKMMRWiiUDqiIIUStreYUg71gUk1/qvsqd\n6Vohxao7nF5/rzwAhVJWle+niz0GaxJxQpYCR48HsmDqg/y4ilRepg==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2024-04-13T21:15:26Z",
"mac": "ENC[AES256_GCM,data:xIuwEx95QQw21edo37cj852AQXEDZlCqhLQZ5hs/kZHfi4E6IyRgw0EomRHhQMyMOygu57dYo29XHDH4RDfF/2pES7uMx5CufcE8qfoSNtN8JSXpyeJESPBnA8aUKafSkySx0Xc1pIVah0TGxeGhwJY2XiLLOjozl0xLXLZ6xQk=,iv:v9Ql+ERhovaON6yP3goUioz99Eso4St1MyuFxV+x51s=,tag:u6mw6IABsiVYskGpa5oRvg==,type:str]",
"pgp": [
{
"created_at": "2024-06-19T16:29:56Z",
"enc": "-----BEGIN PGP MESSAGE-----\n\nhQIMA84hNUGIgI/nAQ/+OLIrOqbanYmBf6kvOxFyEYtHFFPJ/JKLj6/sgN10S+oK\nlCU2n0VTONx2T2ZqPlUix+Yg11FAjcK9GxwauoO6EDyYtIGh104frTgET5RUanIk\ndL+kh3u+IIv9CFtJC05TxHok5gz0ArNo3SurUuMMZ08ttD4+XXa6SzrDjkEWDbKT\nIdSngRwXHaMxekRbVqt/kbwBiBwlKSomRDgQXF2F8iGE/zN694T3r6lFHC2xY4Ec\nMIeKRw3Ye1y6M/p/w8iwb5uphi1mT8+JO5pZAE/z95WvwUDOBfliGZkVeYbx9JtM\n1cDhy0Bf18KkTDCb3/Ik5wqQZ+mDGhyx4QeH6yMO7zgO7axzAzyuG8RvupwBNZzW\nlhOqOSpSpD8xg0fpJmjehbgJMFIgk+jOApsud4aYtPUN0S4m/42SUPYrForPK3ih\n5oJXJYghJjlm+ZlB6BG/fTcNRaw1qhtxF1RCz9T3LWGUDUh79m9wKMC3AkbGeEiO\nqCMr4X+vEc8UvMAjm9Mr7eHgNq5OHq0z3J4XZOX/hYZA/l9qN3y7fRye23yaL2qx\nIUOIDLZJXlnFNc/UQ7w0rZRlne0iaQj6Fr85QRsHTppjMEmJnxg3D5VcU9TDvU7o\nbcDsjP+wtRHi8l4aQztsdCeD+3AbnVF+nhru8Gn+3XWmmK6H9vWjH+Mk0p+N9rnS\nXgEhKQpcKidjyNNaVf62JHlFT031rMq3kkE6DY4omypTKegNbX7BOKCGncw0Wsd+\n/RupIZOL/UMgxYs7wcFpx+herEpfTLDtItbOJAPm0I4Hj/RL0WlzFJT6d3sWL1A=\n=0+3w\n-----END PGP MESSAGE-----",
"fp": "F63832C3080D6E1AC77EECF80B4245FFE305BC82"
},
{
"created_at": "2024-06-19T16:29:56Z",
"enc": "-----BEGIN PGP MESSAGE-----\n\nhQIMA29thaGx06tOARAAtpvA2X2ncC9NPCldlBC3ym7p0i0cQIWFNw75NXCk+ebS\nENpVLcpYxR7Vs9jcHV/7hvDUKw/G56IKvAUa158+jruSA4XdwPOQ4d5AwBMqa6MU\nQNShO4b8EjHLCEiWQTbl6EEuL6SHXoNSbrD63SF6stlgpAAJKBJIj21IDPUVERJh\nfkK5plyhv0vnuyL3/Ot/CCQ71ShEnVb4ebzsXGSXq1oktzzmxRIFkzJMiGfvdl+5\nm8OEge/hP3BL2l8GsVnUftC2tjd3WNwVUvD4zXTa31vHVHdrEj5UaDgySmLL0LJG\nOXuRncXaBFK9yeakrQHB7mxnzz9SSf42RGP4JXIOB6f8f+2TzPcuMF9EPDuzoxEv\nL4DDoWl7rtZ5DY+lHV73243QpExwLhanksUfTA7zMpMPi0vP0j7ZZ9emMJ9Q7/22\nxKnTKiTdrUUZHfaUa5UsEz1tqV0M+A5lU4oZ6Djk5j1ny+CKYKq6bH8qoRpGSQGp\nYlq+aZiganOCxXcvGPS4zf1U5HUEP+f64TNs0i2zLUeRd3zssM8rV/CJj3hLYryn\n3SGyrtwDHIj2nEktEDXUTgn42YH6fdlh99nCfx6L/AhLS0Lp2bj32VnjUgBwfY+4\nB0C6Jm7XZvaWhlMmE/KaoOY3RffuibPZo26wCKub3iendzdLcYiC/zlNVlirsJvS\nXgGUhxwvAbpSHLurcEcXQWhr8JHtmIotucHQ4iaEkZDU73+udL9FMf2K9M1JklgV\njCu/2m7EXFTg5XbsQU/++GX4gGWDzmpSNWSwRBhtdKH1qJZftD2ROg27odP0VCA=\n=GPkM\n-----END PGP MESSAGE-----",
"fp": "29F5017C95D9E60B1B1E8407072B0E0B8312DFE3"
}
],
"unencrypted_suffix": "_unencrypted",
"version": "3.8.1"
}
}

31
systems/palatine-hill/keys/zfs-calibre-key
View File

@ -1,31 +0,0 @@
{
"data": "ENC[AES256_GCM,data:ENcfyj4fd8zfTbXWvMSJ0xa5wRmJzplr7bDsfce5eQk=,iv:DLDA6nJGvE+TatE2aO1zGnAc0lZmpE0oQD7ggzJC8PA=,tag:vunvPA3J/Zy73q51wW049Q==,type:str]",
"sops": {
"kms": null,
"gcp_kms": null,
"azure_kv": null,
"hc_vault": null,
"age": [
{
"recipient": "age1z8q02wdp0a2ep5uuffgfeqlfam4ztl95frhw5qhnn6knn0rrmcnqk5evej",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0S0syeVdzcUxLSE5tRy9r\neG81QmpQWFJZNkVid3JmMHc2T3RYNUdSa2lJCkdFbnd1cHdzVzdjY0lhQ2oxNUxo\nMTh1STJEYWlyMEtCZ0dXWWtHZUtWTm8KLS0tIHpDZmYwT3cvWmZMclhxUXVUSHph\nR2F4Ty9kQnNwUkNYNXErSGQwMmhMek0KYwORT5ZfQbvyuMupijK4neUgql1cYLri\nPGbKWMeUNXcXrOtTGoMpXoXcwqirSB0+5baIII0cxmWSnSvchmiZgQ==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2024-04-13T21:15:26Z",
"mac": "ENC[AES256_GCM,data:tqQfihnPZgB6jn2VXoRxrjcWGnIy7BpRWQVnAGoP1UvfcWsS5H0D5tB3zIHvLqe/yTIPE5iUUuBfeDOybexjl16es1SZr0qyOf+9vf489TOd02LW/33tv+jDfw8qIwuMGlfr94ZEh910SWOrFbYQbvWEH7nymKUkEANCnlu8KpY=,iv:y/kd67yhHcSJFXFN0MAx+10QXtpVz+g4O+PYNsoSwYc=,tag:muhrK1jpcTDapSPTnSBfGw==,type:str]",
"pgp": [
{
"created_at": "2024-06-19T16:29:57Z",
"enc": "-----BEGIN PGP MESSAGE-----\n\nhQIMA84hNUGIgI/nARAAsN8UTiNCUeoggyeiPKGTeAmOjqxn6zk4HD1Y9WIIBivO\nsCCpUmxMuyuWsmYgwZXSJhx8ognDBU5YS2/SzoD2Cs4k01kgZqACVJQEmc5w8YYS\npczeG15SjxKVLgi8zan6u9FuJLnhkiiGAHt7byRz5RKUpSQ+KOjyFCLnN5qwbZsr\nKqdDCBiLvba02D+oXRqBjpBQe1mSdRXRrufFqdNZ2QEP/Ws3H1t5qgFZgeAmKnhU\n3tFDvN6Kad27VtPFcspHetf81c0UeAMtO5inzu/9kdCwD95IoAtU56+WS/5RTLEi\n+qglLz3A9kHO5hLigw2ywH+epyDpxAW9dd93XObtlRUggoOynQSLtNkFOXm5bJGe\no9p1LjpB19vdk2mpVt/J/+IQhYS2OZuFtIlBz4hRPe0XsHhY0jHtB2WT+CKsiUxz\nQyVcLmMiVhaJDXS6ixGmSTlfb+pmfo0JIUsiBTUeyi6J9CIHWHRQi29c3B+HAHG5\ncrkzdVcvOnNMu4M/QbxJuQswTpmA+TNLgYa2Ap7DzWIMKdtazwPDL+Dfr5VQ9UCw\nJJqIuTCtOcBNeX7oyzMKSKPad7g8SG4AuZyaC1bE+dRP/FQaD6Rnubh19C6MIBVT\nUlObImcW+03/cKddMthyepja2gzpkMhJ89EdavgFDBd+BrVuYc/eMDkFZSU/QZvS\nXgEnVaLeYquJAMmZkfXme7RNBIrlD9OY/vzdvXXmGm983RAVpSk8HLCoJirQAc+B\nfJZiwlnxZKj1KMwCBytCTrN4yCwCF9kH7D1QW0Z6IME6I45naDLo6l/fdl5s9nQ=\n=tGYu\n-----END PGP MESSAGE-----",
"fp": "F63832C3080D6E1AC77EECF80B4245FFE305BC82"
},
{
"created_at": "2024-06-19T16:29:57Z",
"enc": "-----BEGIN PGP MESSAGE-----\n\nhQIMA29thaGx06tOAQ/+O5+c2BeGAmeiI1JQbfWeLNA3bvniHgQ3tyhcYYmyADIP\nlMIxjbzYQRR7dxixHP9Eh7d4cAq8+i2JbxsZmm6xP2YTckNH+MAA1tzFmwiLMc6l\nABwmU8fSRMef00f533yqPYWSjvt0dtvOch8ILa1Yjy/hHiCACZhHUiz28ra7uUGJ\n12XaiKgUNPWD+ImHMwfEExPQTXc4/vMWnCydmLA73SizyzvRzn0GRnhtK3ydq8jo\nDK6BTIFCOKPHdcbgm/dN2HHFyj2xLwm6ciy8+Q0BmPYP1xFLWztl5ypLqNEiOEgO\n9akgwZyA4l1dzPhWNFgETL0MsdNuSaxVmU/QsgHBn9LTeAfpTPazFxZGiuNUlJdU\nLO3HJWLwVTv/9UuLSRB6wfOmIWVGIISFPFv4TbGoBdbo/41yYVtnXaPH4eEW/vZK\nlon0HhkJtG3emOWj/Urwz0lhLA1Svp2aqVC0ebpeNnsYfFEPcRemRnCf8phXzjaP\nqlSVrEp+fveIU9SOzZMELiOD2LdLmj+a/pQLmTtAFq/e2x34wSdfebwxYpzn0r3f\nz0Zl9hAOvM/dB+sU1sNMv9pS4wksVoLlMDbjaT11VeA5Kkgz2KpZCgyt/duWF0PV\nFMHIww6uvldW21GDD9S4z/feZpaotC7x4OwwxPXolOact9t3uZt23Ct08/8l1LrS\nXgE3dY6kzMOXpEyalNgEprF2P3r0Kh/av6mGtuMw71YWvvNEzC9QUHP9EzEgtfuG\nDAzDGii8BeoA/vjw8u89ffqEK839ULCg3SYdjnCtXpmyVgConLshia3b2iyTwcs=\n=VRVx\n-----END PGP MESSAGE-----",
"fp": "29F5017C95D9E60B1B1E8407072B0E0B8312DFE3"
}
],
"unencrypted_suffix": "_unencrypted",
"version": "3.8.1"
}
}

31
systems/palatine-hill/keys/zfs-db-key
View File

@ -1,31 +0,0 @@
{
"data": "ENC[AES256_GCM,data:yV9jh7yJlXhPApTiY6ktREqVUebyYuQiVWkzf3J/Oww=,iv:U1DM2CTxjV4h31BdXpTKyFnY5bepqsCYzUDGW8k/G8s=,tag:MZQzI5Acy8XGTIyCrUwtCA==,type:str]",
"sops": {
"kms": null,
"gcp_kms": null,
"azure_kv": null,
"hc_vault": null,
"age": [
{
"recipient": "age1z8q02wdp0a2ep5uuffgfeqlfam4ztl95frhw5qhnn6knn0rrmcnqk5evej",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVYjlCVTVZanEzVnl3QjFS\nOUZFcGt1TzJpa2lMN1ZBYlZHT0xKQW1ZdXlvCmhTRjVHTCtER0tSQXNDYlhJM0Vv\nQ3VheXg1WWl0NmkrZUYwWm1YaHpzVXMKLS0tIE4yK0NXOFF3dDJ3YUdHbE5OcS9z\nUVFFLzhYMGV2c29VMityNEVJNVl0bUUKNyquKj+Ufk5l6gQ2UYcqHFsqjjNpfbW+\nROpTpKjmI4EuOyAV4VwLaO1EQfLDyWMbBgBXOq+HgsrWA7AGXDwA2g==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2024-04-13T21:15:26Z",
"mac": "ENC[AES256_GCM,data:Dq+wdw3yP7dnvNJz+JfwqZosfRpKrfuWF/q6EdTsGeVsM+zPI/6Snl/sV6N8oShv5nDKWFV/My+WJiOW4CwdsSwvXOKtBfB3P7tAPfDI8Snba2v2hGyaxg7PVVLb6G7M+PXY9UNmIM1MyHcce9Bk2i++7fP8cGdx0szggeTduNo=,iv:qIoZBHm3WPn7Q0S4uE9a7+AI0kKLc54yig4++srb7UI=,tag:UpeF3yToPj5Yu1sQ6i3Waw==,type:str]",
"pgp": [
{
"created_at": "2024-06-19T16:29:59Z",
"enc": "-----BEGIN PGP MESSAGE-----\n\nhQIMA84hNUGIgI/nAQ//cyWCmjseIDy93aDPEseKQL/m/q3yf8ZJTaxUMS3YNNTc\n5Xqhx4G3ns2oRF5x3aTi/XN3w//CVxvsMHyXFjtp3kj6Qas8/sUE1Zk7oMQiyPNC\nXjGgAT+QBGI9E60kYA3Bj7uU/0DwRmUqBORntMreChCHhThkEYCTO4Whg616GzbM\nU41Y7uFdBVB/1+cN+jJbZvkDGoKmN/NawNumVZeFNAQA8NEAoemrl4FvPK6ap6dM\nT8Zp50pa7MPPKWfLICMQXOE6+7diayOMHgmD6cJALcakdi0KG4d8vKDfecrqojR9\nF+LS2/QyBKhbWMH5ydc0MkbviVbnwz3DOQ6UOi+1aUdd3XgxwS4bauIAjsqyYJwy\nKLAhbd388Y77EhCq7LquH9WDyKgpE4y+2tA1Gykutr9h6wuGLDCNcTE7ftoTnpRF\nuBtEpvtrSIdlo/ssBcH8DfWmDCvFonJlNv+3W9QgWdHKRfIOvX43LknJmVkfw+FR\nehUEszKxR5QmSf4iIQu4+Bv+iDdOHe/U8jS3Ma3V0mPPk7u8vkknE6jz85fKIjII\nGbzacQnNBWnKXg+A7bWjZi2fFxxiyEb3rtocAo7Ya2ApBQ7KLf8qTnLcuHkUYa24\nW2FRLbcqs2s/1pi/xqf4plD7pAqy+QEE5SdLyXJs/163cImcLOEOx0Y2gI5wUdHS\nUQEXI1+L8KrDWS1fMzhiFm6UQ36BvmW0A0tbLfN6QPI4Giq18onc0VPPX6Ro4SA3\nB9PpEkr0+DHVPcysLjgrPfal/NHeD+12C3bx5/WuLMb2qg==\n=rTsu\n-----END PGP MESSAGE-----",
"fp": "F63832C3080D6E1AC77EECF80B4245FFE305BC82"
},
{
"created_at": "2024-06-19T16:29:59Z",
"enc": "-----BEGIN PGP MESSAGE-----\n\nhQIMA29thaGx06tOARAAo9rHyIZiD809kZIPDKnuJO82BQ2njhpH/vsK4T1ZI0oj\noU1+B4IGBhtZxozluZCvXDNa0UN6w9AFsl+//lVG8PByw2tGDBCW25TiVueSq17g\n4xW7dZLnMJwxleK8wPhMcmyruDJJ8alrHnhHNX26KxP6W9jnVP3OcttN8eAam2n5\n2K6GdSqsEAEJfDGtA6an8b+e5TMAhfHVrMnkvvovMpA+WQnO9RPyIz/81HcsNaVx\nNBDMyIi6WzMHI4cN8x9wxN/cGX4dhvG3gSqGwhxLDL9XqAj/YMYt8uMxyfQ2W8S7\nkK0tjmEteQNnwGy8+JPW//WhscmHaUC/u2HvfhS9LQYaqImve0X4qSQbz4vZmiZX\nHVBTZQPFmYMOMPr2zyWqOlXtxNa05E4X+IMnEPT2QbiFE5uEWMHB+7W7u6QIaUPr\n4SN7im5oEJl+ztj4m1rEysb08xIFMdsvzg+BWR5LvvaISllOSyr510dWMt7anakR\nol9Pf5mnnRuQbjPOJxRkIfcZHUhiEloPJQbTZSOjqpdPVw6fVPNZ0ffdtB9FNrLz\ncXJDaWL2ytl1EVoLs11IatXdpucJs2o2Yu4Ifdws8Hg46/bXuxcj1/Vzhw8jVPcN\nTn3qUhqPytt4mAxt7w9LuIgOBsCSXUV1JH7mRUqJ84Nrx9S4fbkdVt7CkammGD7S\nUQE+hC9aYbHKJRHClWoIEkIxjRmDjRGAGbM+KN0i4yRcfYRT2bgKYrtODDtBrz9W\nQO3vB77EDMExtrEUt7ojSzmQGY47ydycPqPmh/8WvEXLow==\n=PSVh\n-----END PGP MESSAGE-----",
"fp": "29F5017C95D9E60B1B1E8407072B0E0B8312DFE3"
}
],
"unencrypted_suffix": "_unencrypted",
"version": "3.8.1"
}
}

31
systems/palatine-hill/keys/zfs-docker-key
View File

@ -1,31 +0,0 @@
{
"data": "ENC[AES256_GCM,data:HTOTPrSNnEbjiNJ2bQa51ugJJAfWwNciFS49PuvmEtI=,iv:Z+hlvZ0YuXDDfrE8UyLin/xL+CKVrkj5trReox95oGE=,tag:Opx9PL2GxTUOCmeAOK4bgQ==,type:str]",
"sops": {
"kms": null,
"gcp_kms": null,
"azure_kv": null,
"hc_vault": null,
"age": [
{
"recipient": "age1z8q02wdp0a2ep5uuffgfeqlfam4ztl95frhw5qhnn6knn0rrmcnqk5evej",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzVytGMmFsby9pRXI5SlBW\nNWJnanphcGVwcHRXWTNyY2Rjd0dsMkJUV2pvClZNY2dDUmxjYSswNGZjYkRyN1Ur\neGdudGlQN0o2Sk1jL1Zsc0N5Q2FnNlUKLS0tIFlCN0I0dUxQWHRDTHBDVGVwaVRG\nZkRPWG5pV084bG5hdm1pL2w2Mi81ZTAKWfIHu1sPLzucNGsudu/MP2nn9YAPkk5l\nxZNfK1+a4dQaEI6YaurqoVgZ8tes3ZFy4XWCtw8AjcoI3WTPJEFYmQ==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2024-04-13T21:15:26Z",
"mac": "ENC[AES256_GCM,data:ZvXM90ik5qjK8QnNRUZex5yQ7EUxk0WyDfNAKLqu4fFZuS9O+V7KX5ShaFMrilHIQt/Ab2G/s5zwbgxE6Pi9mi91g8MA5y4vtEQr8V07xEgPmKWCu+rIcQdp0ssUbiapo29XRmlwvaRFiHJaESYpYzjsNL37TLpTpIfIUp9YC0o=,iv:dXI4YUSh8yhLYLWdek73bzHFhgj0J1K4Wql0CLedepw=,tag:WZwhN5H9o3S5zZqENQ7N9w==,type:str]",
"pgp": [
{
"created_at": "2024-06-19T16:29:59Z",
"enc": "-----BEGIN PGP MESSAGE-----\n\nhQIMA84hNUGIgI/nARAAmpJUl5LDm8K2KeKLxgpPFCCo4kal64ZPy7iBx2xV7jzo\n6+S7yFqoVNcA5Xz5iIQD9eokh2mj2HBfoJwrLHxXKzzPST70yk/eAU7ggAM3IPVy\nPeTSSXNQLOB3Htp6zcBdMJpudwtx7hJ6NF0zRfA5GEODPwC1Tq6QXGMg6YhnbS6y\ngXj02Cyi/AS3PyFAfCdlMZ8v5KJcQF80Mdqoqi9oEt9J8kgKmMg7weQsUar9kkv4\n72FnKCadAPnmCOP7So0Ijtz530IKKwwy89CUQJ8Zyw3QEDU/cO8pp2qlel+uU8cC\nRscV1eV5UUHrRNhffjwmd9PG27ixXduGvUKx3IQBvVUpPQ8CKNuuXCgYfD063czI\nSa/YvdKWwGk3moNmGgXxLrCckt6aD6zbjqLPARYKypdiw4Gk4XkOx5X/9oth3H4M\nIor/hJgY+6feXENJwqkEM8ovjWchQwG8PMRgdRZPDJUgv38Dsd6SEvcAxaXS3cHB\n0hG6CueUj+kTLgyEekq8HITJ1figZpdf6Xe24Rxu5bpKH5m5yHb/dZrW7i3J4W9u\n2NPaTotnALgfs75JXbfYPtXbkgILsFcixw5Gqa8M44yjs4TrdwLVgjMEcIjnIFuD\nP5Qq6z7TTpq2r+W7/XafdSK5KZ+ptE2TASKdJNzOeep7iGE/6ILjaOr+M/6XbDjS\nXAE6prh+v/qx6U/tiTLCY0+1E44CtMc+5ECUr/5QN1mbAyEV+zV0tk6BHyPhK1st\nZRSigQV5r6ui417ObecvNNSvk+7UQVyO3KOCcO8aMWFS7g5BGtQuCQZaT8YK\n=bxEL\n-----END PGP MESSAGE-----",
"fp": "F63832C3080D6E1AC77EECF80B4245FFE305BC82"
},
{
"created_at": "2024-06-19T16:29:59Z",
"enc": "-----BEGIN PGP MESSAGE-----\n\nhQIMA29thaGx06tOARAAgYWvxwpxPfQfGaJb/MWoDnZ3SUI85C8mOFv0FnWNyuMN\n3k9tiQIejplecxdIjs9+DEG9VIkS8l2HR18fWFsoZQmVTgJJiPSBdQuIhTc3j+8V\nIdA5VMKW4DSuOYbpDUlDTaOHfg6ah2NXOuOZbgiaGSn0ikw6RU/QYreKKGKiZ4Ya\niFpftA1jRI/tQuJRn68/O9WoytEK3c7tXM9nNZyU1FnBmyPuOqKypn9nWdNFqrIJ\nWA5ktQvaX1PW0c8F07G5YwnATN9haH6u0dDUmho51p/1PNGCFRyj5HazOV3Eueep\nRPwncz69Kb+Cu5gubUfKZTTogAVqmvzR4fqycIVwsTXY5K7Pmy5PEYuT08Kr+jQZ\nMaIrEJctWxOSAoAqwsHzVVPrrEkSyv57XXyMCYYR0gVPxKMqcUvZ+npb3JM+XY4V\nptWK6KCC3wZPaVjkhjfxIGwQttVmz9wWOD/jKjmhGhHYZRdoGNyWOIFiUnRF/cV9\n2PMhc9z40L712sud3fMe+TnUgzBe2WTOjZ+VYKkYqcfVs0qKxQiNMXRuesg7J4gV\nM4QE8YqMx0bVf9rV2uusPY72uGTcUkFLklFbx/VFFxRjX7sUeV+VedR6xKUcJIYu\n1wsrL4xQClwWvvqKZJmKr+wTImifI4RWFIu5/mJrkcFFJ5ox9sBdnPmwtnUosDrS\nXAEQ1mAZ4+U4G7jyJYLsEANQCo2bjdqKSuY28LlVh6HKcsodWlawMWmWKWQW6v8s\nt3k591+Q4Kdr1YCXC+tFf/VCFLYx/yJhoDS1erwmz498SNWxCmkbAWmuoPCZ\n=tNv2\n-----END PGP MESSAGE-----",
"fp": "29F5017C95D9E60B1B1E8407072B0E0B8312DFE3"
}
],
"unencrypted_suffix": "_unencrypted",
"version": "3.8.1"
}
}

31
systems/palatine-hill/keys/zfs-games-key
View File

@ -1,31 +0,0 @@
{
"data": "ENC[AES256_GCM,data:BjADYlVY1GEGULf1p07IJPdXoxrUk4+ILv4ZST0UFLY=,iv:tw0Tbq1gXREHtPcWzSrSbP6vct41qi8LxYRqaPGO4zA=,tag:cazaZkhebxTIiBthWKWWYQ==,type:str]",
"sops": {
"kms": null,
"gcp_kms": null,
"azure_kv": null,
"hc_vault": null,
"age": [
{
"recipient": "age1z8q02wdp0a2ep5uuffgfeqlfam4ztl95frhw5qhnn6knn0rrmcnqk5evej",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWdlU3WlJWeWFSWHcrRGh2\nUHAwNWdBSE14YTRDYkc0TTZVQnpFWGp3WFFnCk5RUm9hTDJPSVl6cE9ud0tzeHE4\nUkhKS3o5UUlDaFpTVnRycGovc3MrZkUKLS0tIEx6d3lkUHdjQ080L1hzUE41S3Zx\nL1ZPbE95SUZuZ0xHVTJHN01SR0tmZXcKIdPA9UPq9+ZUjncwjIgEuBJlQk5iOjsv\nq7U4ebqdqeioiDyDl6cJE9gaBOIClhKYe1yy4mHYvOJ49HtWnEjanQ==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2024-04-13T21:15:26Z",
"mac": "ENC[AES256_GCM,data:8Y6goZP1qpuj+JBSfqNFkyZFMdZxnaE+ifOQjAOmkPL9cY3gVkXOoDUftsQSWyNyqbMwjYXYqar2/jtaOwAs0P557rcQp2736gVulzGi3VMJJXegEgsmg7DV+Rrfys77ZkaArbyT5sbkWAHS4xyWsS7j5sjjIs2Yngcxt+2TCaw=,iv:GubeHP/WhsUg25LwNyZvOJrsf8wSwDZK/fmmkyIHWL4=,tag:s3ojA55TMVO183kdzj89WA==,type:str]",
"pgp": [
{
"created_at": "2024-06-19T16:30:00Z",
"enc": "-----BEGIN PGP MESSAGE-----\n\nhQIMA84hNUGIgI/nARAAjlz7eeBGESXrW9f1xEUrhI3z27Q2T32cGRxgecrRcrv5\ns0VQj1TAgAQbTJ+GQh6CF8K0wZMb0TQkO+A//A+suEaSeIpW2vPFAcnysvikoekJ\nOR8Y6xG0BV+PQ074J3n/VxyL/PqcztpNHdUS4QEcXO1lBvfEeTBq+FyFRrUUusAu\nZm7U8kUKXT1/l3Q5kRiEkjAWLfJCtfNl9vh+tTWoXUKP4Xa7X7Z8aWfcKT3jxOcz\nIBPh9fRHwZGr3jHRoiqZs/QnER2xJgRgAch91aPwbEnx69QRUuSECHHKnT5N60Di\ngarN2GZrI5PSlUJ/hFz8+NE1m8/0B/WPnOJc6oRMblCftOc0E+ESHoxVuxsaE1qf\n7/gPS3A+9D0NgclnPnV8SJNcSNZzLJb/a/gmC4cmEmvceS+vAPWy2op8U1mJCbEz\nzIEADtp+m65x5Fxwtj9GbR3MRScd2dOJMeEj72qxkfdlY1fxV1g/08Mg8eE45Bcc\nIUg06IW6/TeJQsB3oWEngGTlWJKHWmZS+TL8jCBVSqJ/yvjrLwb8fm0lLvZUYLky\n6HAsswLVfcMQV4s4RGbSgOmSjxLoEmxOleES2r/9G5vPFMwYsGLnqnD8YG5fGCH6\nPpHu/pav2QGW/tOIGclieJXB8Kc4DrGgR4FQKqk/s0OU5KJqLvxKu7oE0R+gqFvS\nXgFklhtMvK9cnOqFpecermG6LUNsm0KfzpdehmFWFNkOLWpBP3I36kvLdZRiSTUA\nFgApol/tAuB8JXX+OiJ0/c1dr9czKI4vI4X3YYgKqysLcmGCSGtZ79NS4OLPI7Q=\n=JXLW\n-----END PGP MESSAGE-----",
"fp": "F63832C3080D6E1AC77EECF80B4245FFE305BC82"
},
{
"created_at": "2024-06-19T16:30:00Z",
"enc": "-----BEGIN PGP MESSAGE-----\n\nhQIMA29thaGx06tOARAAlzr+nEfpGy5g5GuOjzSTubqouSrN1GuFMeEp8NMkkTrX\n397QqCQs78ekWaRMVFTtWMWfDmAvaf21p/vBkLkdtZTJEtjnPdpbrWt5b5q+3/Yy\nUkq8pcKXhd+mBHFrEy810GRsPEvCR3gDS3agsfxZyTy2te//St87rsuqwagdhzZN\ntqzc3gB3AtZZq++RNuHofvWtFb6B9aAQ84pL1gduTBQaQiQuw7F6BhhgBIozKRfa\n3p5F+et4beilMzyWMAZgWSg1S8WUU5dHp2FyQg5o/FlPJPFXzODQsMrJ1TIatKje\nJDO7C33pC7CSfxNXAAMzBbjNW2SrU296Lu0sYnkNNx55KEW2MjNRTJ8/NssuuGWC\nrUxx3rdGWb0zetZF17Sm+555Yn8Ro6fhWyDdzDYkoYOMwkcHR+mG605kCmohRad2\n8dm+ghcuwSkNhA9QmFtV7dLXJYDrH4FLaQVIbHicVhiN1vaIBKCgCu1cXTpCrVa0\nWRowf8WOl8rlmo/kQbEqAktrc09YhBS/EhRd0izD8/YHiK89RCaA+d//tfN8eh/D\nCTsca/flHxIuqYWitzbXrFmCmxTtTRWBpQMCgEpBlHDLke2/ctvJPDFcpaG9+jl6\nIoWE3/XGU71AL7u5u1Vfg1O4jM9W5V9mkd13wAxzeod5pFssMDvJJji6WEC2eQPS\nXgHK48pLy6lGzaRcLTOwSRugItj2KMHVRYpo3CG1QE+vCXwsz7DQcjzAwBALWotw\nKtVMgowaLWyJ8ulIOeN2SezKuObPZwBgAviYz1yYX0OFfX+KlBTFmH4Dv73Y6Xo=\n=Xu0R\n-----END PGP MESSAGE-----",
"fp": "29F5017C95D9E60B1B1E8407072B0E0B8312DFE3"
}
],
"unencrypted_suffix": "_unencrypted",
"version": "3.8.1"
}
}

31
systems/palatine-hill/keys/zfs-hydra-key
View File

@ -1,31 +0,0 @@
{
"data": "ENC[AES256_GCM,data:/SvY3GhriSgW/nFjDcCXq3pkVYOZwBwO37P73CL9Uv4=,iv:nS27ev29GRCDcAhMkBqb58O+JeYz5IT1UFDMWDaRW/I=,tag:c8MsgCoamwH6If3XZ8OchQ==,type:str]",
"sops": {
"kms": null,
"gcp_kms": null,
"azure_kv": null,
"hc_vault": null,
"age": [
{
"recipient": "age1z8q02wdp0a2ep5uuffgfeqlfam4ztl95frhw5qhnn6knn0rrmcnqk5evej",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB6THR2a2NvcVZVajhxWDVv\nN2NEV0crUjRtVnNGL2U1YUhPbDFUVmQ3UVNvCnphRm5KRnp3RDdoczM2L3dDSWM4\nb09aSUc0RWMxY0ZaampHRnQ1dnBFUzAKLS0tIDJKeHJ4RnpCNzZpN2RKK3Z5Q2x0\nRWlIdEtMbXJDb01hQmNmWklCQjM4QXcKOHu7SUn+9wujSwlpLFzvpqYycLj5LXCX\nN/WSW7udTs7lS0250MpY3JQBhfs5kcx4CL65YdlSUagR17zP5OA33w==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2024-04-13T21:15:26Z",
"mac": "ENC[AES256_GCM,data:VtRQXx0skfx8/x+2o5O25JC5xwgdEpjN+Q4YJ+/n30N4Hqi2qD7xslWzANtE87YEa1KvjDosHMjPNcAf7AHL8Tj6Ue0AaexqWBfYh8sDSIJBkCVMLIebAFs/Vv3NG/eiUbWOQwS27mV6kM+z/UTudWSEuQaDOfZLjlYkIwl78l0=,iv:xbzt98QY0CraJr3yA9OS5v+SGGMOtsfnpMu3gr4gkp4=,tag:txzNe1DHdbCky+td+XQ6gA==,type:str]",
"pgp": [
{
"created_at": "2024-06-19T16:30:01Z",
"enc": "-----BEGIN PGP MESSAGE-----\n\nhQIMA84hNUGIgI/nAQ//dVWN6XugkTMxu6xqGCnKWs9qnxWnTc0dm0Cy4t8KkM+R\nB4PfXNwyPFyiE7ftxhxvvbSl5GrxdTvUY2uCxeI14e2VmmbPOxSzoRQoNL3VADrS\n4NqRT1YCnwsN30vMdN71NKzk1wdcOxl2Kxb70T0xYRbn/SubBDIEW7f0CgyONAEI\nL/LEzLtUcms/Hc5WCZzOCHHPwefuyy7ggiEOHyDKWQWD6AnDKCdEtboF7bGmTaqy\nJoZXopix+zBAKx2JNfZRsi5zJ60jTj5ask8rCThhgJxh3+GGxqpPoT3Mrv0r2IwM\nv0pePeqiMit93+hWexNlsefQhFwcgtCVwqWL1taESxHS8bt6ShrrXSoZJZDhHDC9\nSJLdg274end4XtUGeEUEGUnRCmeke+w5QFVUgJP9YjDguFAZqtSFHP/DG+1sv38a\nT3dZ1DGjPYoa7APjdSHxpJfG913oAhrVsYn0nVDRfTygzl8JjsGydp0azHqbhI27\nWwd1CuyCyswd1h46mvP1HkGmeIGEFcASu5cFrrBQkochWSBn1yasJ/1qbM5zetOF\n12RsYCeyyr7IrBJ5QU0fNhZMqDRVh4Bo5G2H4EP1AjFiDtt13tDH8fUirlmF9s9S\nyRsG/mV/TJkPcayMUlJMRdoAvIY6KBCXcruS/brYtxfToH5qSGwt158MGlhYgHnS\nXgEJf4RwzqgMcvvKI5q5OAZdFIk6cFcoRZVfbihb77yGeXmLHS8aLD6yiC4kidm1\niIp7uZFSPqmguQB8+bj2Q8ZpHfqD5iWGhUEea4BThr1MyCHbhosSsB6LkV1WbzA=\n=7tpx\n-----END PGP MESSAGE-----",
"fp": "F63832C3080D6E1AC77EECF80B4245FFE305BC82"
},
{
"created_at": "2024-06-19T16:30:01Z",
"enc": "-----BEGIN PGP MESSAGE-----\n\nhQIMA29thaGx06tOAQ/9H6DtFfWX3yxcIZxWGqYOJNIpR6THeTw6yFhlgXtX3LHx\n+exbLPTJzST3sgTJRtCdUnCkiD83D7rS+rWE2hGog7O2i82S5ciLW6v7AsbQIXzR\nFbS03hJKJ+QzXERT+dEqAT3PkKe9cWlQ0EiIQb6iNMFmgbTo8GdEZkQpW5A3Jggd\nhmBvQwIrMHh8ViTxHptVsWRUNrL+bdqyGsnutlngRPP9yt1mSEujLcob1Ha21RuS\nJcclcg93zTLfTZ8dp3KebVx61PYtcNIzJxJO4/7TCuoOa7qIvLu85nO0w/hEk9dS\nU8iJ8Lj2c4Yv9hKXaul/3tS491qWzOHVN+bu4Z0bAnOioCcRS7mb+Y6cZYITB7+r\ny3lsyUJMyzpQUmgm9zvOTdK+t002rnjGtiyT/Jf9BMtBsl6UN3x5m8DtFFeMpr6/\nQXg14tvvaXHVfRM41xTACDQmu35hE8MPJxB/MIg7q8FXQb/ll+Qu4yE2kEfwPio4\nc3+5uOiTrHNe5LFIL3u2HRqPuIXZq0UnChkY79WH5OBr/6upcXOhm4gFZzqKAlHt\nZqRXArKMqJFxe5DglOCCuLYSxtZUcdQbdJQLgyrq62yzeMhUJoBo5lxVH7v82/ZA\nUh3KOCrCCEQyjvaJ0LkopkUEPTEhtw1Z+NhPZBMYdM5tajbiPmMdg3D1zHiKRX/S\nXgEexql78jtc2gLNF+5/wX1nJRkVVSuxuoluFcdO+jEzYG8cDldVKhigNJ078EPs\nS7tPft7EtpMm2MB6DWrkfNjejj4fQ67SDlDJ1xER40WrKWYpvnCL2la3BCpkxvU=\n=b+Bf\n-----END PGP MESSAGE-----",
"fp": "29F5017C95D9E60B1B1E8407072B0E0B8312DFE3"
}
],
"unencrypted_suffix": "_unencrypted",
"version": "3.8.1"
}
}

31
systems/palatine-hill/keys/zfs-libvirt-key
View File

@ -1,31 +0,0 @@
{
"data": "ENC[AES256_GCM,data:dBSXePTzwsVsWBylfht3q2MWf9tP1IK5PeOIK3BStWo=,iv:x7R9qhOEcNeA9Gq1WF0qkQpUOAo03/nPQRqcXuy0PnQ=,tag:1nQZlFRUiueJqfFEQj2kvw==,type:str]",
"sops": {
"kms": null,
"gcp_kms": null,
"azure_kv": null,
"hc_vault": null,
"age": [
{
"recipient": "age1z8q02wdp0a2ep5uuffgfeqlfam4ztl95frhw5qhnn6knn0rrmcnqk5evej",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzaWsvU1ZVY3U2MXJRaDFY\nKzNqOEtIWWlyd3JuMjM3ZDlSVHZnbFVXZ2lNCkpvY3E3aTVRdTY1SERGNHZHb0NC\nSk1abCtNZzNpYThzdTZqNmYycTJRbDQKLS0tIFQ5OEVQcnltUmpRaXV1UWlEQUpj\nZjVCRG5ZRW1kVTZvdG9ySmt1N1paOXcK7+H5ndruGiFg8ECF7BWgKoC4zb1zUCcX\njN6wMHl7mPhy4x3QU4mpSqdPeC74bbd8yilUyf+ttGC8JfbdBvmcqA==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2024-04-13T21:15:26Z",
"mac": "ENC[AES256_GCM,data:rg6j+TfDftrBJ5ZoIybMTEkL4X2IyXe1MctENCUEBhj5sjUHecOcF7ZVHsFUU37rcgfL+7zZKtlRvZWws7FCaMayBSbsUsesfM8NrehoOT/eXKHj7BmsIDeGVaVOknXcNyF0o/snbCHdgLIshkNEPI2HTTfBmF62RViWZaRjLkQ=,iv:Y1prLF9n2Tl7aMRW2aXsG1adns0PAoSQQlRIci37Fns=,tag:PsDeq1r5Bs7CryBShaQhbQ==,type:str]",
"pgp": [
{
"created_at": "2024-06-19T16:30:02Z",
"enc": "-----BEGIN PGP MESSAGE-----\n\nhQIMA84hNUGIgI/nAQ//WZs3SywuWraaxwJRA0pf12uZhKp/IFPxXDvnDW74r5sT\nhrL2BOo06FRNYuChuoUMdu3E3ahdGAKdW8IxmXDcvl7b+cQchZ23ZRpdMwT5fsI6\nZTaoYN1X08KYqgWZMMJg07KYDoZTFYyoXkNr0KchqaE3SOPJmuXTiKQHoMDpTQqs\nL7y2iiXCUQRyiaG8pZJF16mkVRTiyOnUgAvOeGBe+rh88NrwX92E8IvRxfDdiq/0\ni+GpovaKUW7a4NKTLkYyCQrX1aulq/DbASfkVU/NYlsSvUlMk27LSe2di4Hkg/cz\nN1NhzN/UNd1P0HfBDHLBa8S1CfJU8t/XY1atfyBWGkZ03L3N7HaezX/3SXpty1R/\n722gu7XiN17qYbkNl8uheaGGa3Z/c3fdmd+P4Bt+j9zkXRQFGriNfqBR2cJ2bprK\nLGg7xIzHDW/TO/ilR/HUoNYX6dKgyal5HK8laESNjvjSXh+LZwHBWAddPVzuc739\nKsRTZSWjADx+IiwQHACla4Epl1rgUemG/nEIbLiZYIiQGH1XM9e4lgySTbB/0bup\nCDUoZDtE0GLJefeWbWPGwQs+WnzvAKGOpO/aYS4f2sBNmKVpHVUiuX/0+ubkU8ab\ndI7q1+k1t5SMl3UqNQ+N7o5Ah88tSWNWbRXUa/iQPUYCJwrDHqaKoCSoGJo3rBXS\nXAEtxJ/ZhBlwMDb8VbqFnltaVeKbzAWvPLhYo99ofZVV2HdkszMHU4otvyQFBpnR\nH/qF/LbFc4UbXSlFjNJYgOCGlVEQK/TYboIQEanBY0d0/zwQHrGJI1wXHSN5\n=lg9L\n-----END PGP MESSAGE-----",
"fp": "F63832C3080D6E1AC77EECF80B4245FFE305BC82"
},
{
"created_at": "2024-06-19T16:30:02Z",
"enc": "-----BEGIN PGP MESSAGE-----\n\nhQIMA29thaGx06tOARAAwDW18irq2aB9gcSpg4RbSZY4iHoN9+SvDoX12Z6cO5KU\nb8nPJbExfrOqI+lANfbdln/sDoHUYImG8SF8fdsfkKHb047K/rrnrSzOrACbpEsk\nGds1VQfB/IG5WKW3HlNnQS4wKuegGgZOUWTa923lizWT4E8S4o3K6R/z/LRz4Rd2\nNNMvyInVyuGVEQG6GjZipTjj7MQtHGjXQSVDdzl9xJ3PIui803H4X9pSWMkWrf/D\n2r0C2BEJQxssKQ7rgMSSA+08lE31ZPLJ/wBcoa8yDbEmCvYZWXO5ibqANn2Xnh4L\noVa+1TAErZZ7a0xozmDbDo6ABhjMzoh1QZ/TYS1zxOV8e9tfi49XDCBSC+lHUEhc\nPCgERsZDTJf5xbStuK2jL5LNDSeRvoYkoEMDCGULaept8wftc7mfwwrd9zmfJ4rm\n4K6I68m0NGo6BvwGnSb8phGs5QLus4n5c9gcd/V1Ky/3tQ7HJCTX4IguA2YNKGx2\nAm+EDJn6MGVdJmWnfCo2WL+baXhEK5lXGA3w2VJ9HrwwFjKwQE3afpYukaH/ckCA\nt/gCQoKTVszB5pIpRzrF98W3+zrxLlrUeQEuBBBt3ZxhlUaVPS15lx8B1FXh8HPp\n8o5DFNW8CiybeIn8LZYes5c/FBBjcfHqlfJ0TkPaFUIg7wDExgx+DJDQkCA/zr3S\nXAEHgHGLfE9TNMcXlQVADHsQZICaAqmtNicXyoHvSCNpJj2+HlB8nD7Ptuvtzz1g\nac0sd90GeRdfpOz1XRDFXS9F+J6+g8LRpT2ZZEH6Nw/nqUVADp1V51qBr/dd\n=VKRn\n-----END PGP MESSAGE-----",
"fp": "29F5017C95D9E60B1B1E8407072B0E0B8312DFE3"
}
],
"unencrypted_suffix": "_unencrypted",
"version": "3.8.1"
}
}

31
systems/palatine-hill/keys/zfs-main-key
View File

@ -1,31 +0,0 @@
{
"data": "ENC[AES256_GCM,data:sv6mzmqfecjwqSwRBELFx0sGD1rVJDydFTHG3NItNuM=,iv:Wl+PiYmV8UoAKA8d+AZhR1xR6EV9gJSA3dBsshNE7bA=,tag:46Ejkd/Ne5bRuRbnDNZeKw==,type:str]",
"sops": {
"kms": null,
"gcp_kms": null,
"azure_kv": null,
"hc_vault": null,
"age": [
{
"recipient": "age1z8q02wdp0a2ep5uuffgfeqlfam4ztl95frhw5qhnn6knn0rrmcnqk5evej",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzcjVZYmxwNFpPdlhXOTJN\nZjJ2VkNRMVBGMGdPQ09mb1g0ekR6MS9hdFJrCmp0QVdFSmlwN3lCWTAxSVVnM21q\nY2J0c2ZWL3Fmd1FhL1M3YmgyUTVtR0UKLS0tIG4wVStNT0lGTUplUC8rOGxLT3Fj\nRVBkZTFwRXg0TnpMTUF5MDEyclBLZ00KebvF9q/bPQnbSjgfbMNJ+qZwFu4M1BrA\n7jImUpxIrFw8wqoF9XiDdZER72+wFzxgTX9MeUiVjt7C93u8iRVObg==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2024-04-13T21:15:26Z",
"mac": "ENC[AES256_GCM,data:XJjbpp3QI7/ecRgtFlh9DN/4FQcT+1H0NqPEANCzKDpYBAQkCy46+DMVlQZvlEbUDGpfgT8ZXdQezWJHypeuu7a6h+51Lv2PFr75LXtp35LjOy7luutTknOq2d7BOK2Ki5ZiXZDq9ixQ1aFJHsKDuYz/djrG90ZTOgw4AYctB1o=,iv:u5n3YrZ6tU08Ahz4T/gnJOd2G53nGXp5KKWBxV+UnLA=,tag:pqKexgsFnKTBtHbOMJyPyQ==,type:str]",
"pgp": [
{
"created_at": "2024-06-19T16:30:03Z",
"enc": "-----BEGIN PGP MESSAGE-----\n\nhQIMA84hNUGIgI/nARAAgmxze3jr3KEophEQnNerXjW9SblQ8bSqbn335Wy5hsRY\nPQF9cExZiVbAxyfCpmFxikSMDfxcnCdbdHMcUFKveY8bLCk822c2yl5xRecxmeWc\n4jmzWLpPymrjTA9xbcZKxjlTKUDKDgXUBJ6I/+X1kCHCNqDx+wrRj3sgXPybeFLk\n1BhnXglDYicAAn/8c50vFLnYJvHggmPI3/dJJpL1ayIXtnId1smG3SnpNMyl1h/d\nBU6ss42evPqlFod5Km/q9p/ld2oHg224WrKBwKxqRm+SEIjVfi1HQ4/SXVqnOMdV\nHxEVKbfqQwRJf0ToOa82oNyP28ZRdveXp6TZmd88Q/hwaGo7soLXx4l9wA4p3mk5\nd2/UVnhpFkOvkdBBdijfYWh8hwyHlovzuTv5eRimVW9RWdHHTLScsANTBfPHC5Qd\nZg7/J6+iKIjZWfInOpYH/IlNtRuhXqOM7cyApbx1hzhUB4j4eTSQxeLGjV2f/EWm\nZcANKDfzz1wwQdT6MJm1z2F62Gp7TH/k2YKwEAksUIpuUxTG86wvPmdOxpgp5K3b\nGzn3TQPDXvSr0ejdS2sEcfewBCVxZyfNTCGGxnh+xQ804PnkVK6U5MggHNTMaJ0M\ndfDUacz1MN+6ST/vAlqM3rlzPgz6nZHlVCzw0BSbCOibpvTXpS+34LlSwl2wEg/S\nXgHDWu94k1NXAFSg5SqzRQtfWujAsXnRDpOlbSMIjzM0UtI0rvGsgzKP3Wfi7lZw\nM+XOZq7KKXhEpcge9pFGIsNM65NZnnCqj/R8kI/KyQt4Sbn84ms7814Z1xyKLhc=\n=n9vs\n-----END PGP MESSAGE-----",
"fp": "F63832C3080D6E1AC77EECF80B4245FFE305BC82"
},
{
"created_at": "2024-06-19T16:30:03Z",
"enc": "-----BEGIN PGP MESSAGE-----\n\nhQIMA29thaGx06tOARAAqgAXb/ohCDW1KPgWOxjC/apQT/OUToWmf7sd9LLLyhXe\nLlYF+RKhC3/ECxjc0EJQI6/lrrvpqMhksZ2If9z8LMpTAuAUHai7gqW8DGCxqWJO\ndB93Lnls+Gr9HahnsM7YazejK6FPEQZgMIM4u7t0kyhiuedcOZgZiB0iXDfYnue6\nZz1mEokmzzgGGi2xD+EMp5PVE4vR1Gd+i+b94QX/bG8EUl3wvVVeyjb3I7b7JaIn\n3s3ZEbIg1HSRzNHN2KnlMk/LYl/lPO3a7i1mA+z+tNbCKc8lNDa8WCCCwsx1Yg9E\n0ApxVSIfMwQtVCLBhv6A3DMwSoIHUb8MP2Eku2kV0ugMcUMnefF8hR2gzBTGOBiH\nmBGRTSvX880aJzwOFo2xO/SkDl8vR4G9VBacRKT0OYb3XzvoM3ESGXof8lzG5+c+\nTv0OIFdLDMWEwSi5lreuG7Tg6dInrW83cguOJfXQ35rMGTmG0IVmszbEU3p+dAoy\n7Jp2ujPKwN9bsLHMV5ufRaYXkoXSOWEZLXeL3T0lQ7/8FCCIKP1VgMth36phz8iJ\nYqmXGMBKrZigA55hEYsj9vL7ujFcALgzyXpqrGeJkK30sPqASfhuOO41t32waKse\nXe8QWDFBt7hKEcGX+9Fa/DzeVwele723m2hro7uKaofORxtEfkAbOgCg+I9i1PrS\nXgEAtRIMg2ZJnjQpDenqf6KrHWKWx9EzUAMc9TlGesOaAegXb9FjNKmB7qQp7Obj\nV8dWedC2wTbwjmF9E2DOEk4VHFxct1ezGgLBXrQUH5EY0n/LPSejsysyIn6hGuk=\n=9akX\n-----END PGP MESSAGE-----",
"fp": "29F5017C95D9E60B1B1E8407072B0E0B8312DFE3"
}
],
"unencrypted_suffix": "_unencrypted",
"version": "3.8.1"
}
}

31
systems/palatine-hill/keys/zfs-nxtcld-key
View File

@ -1,31 +0,0 @@
{
"data": "ENC[AES256_GCM,data:MXw/3UwBlYqr4vKvfSYUvC1EGPAQVXV31VSv94B310Q=,iv:mnVUKs3AE6qwtJtnWcNfpQ46hkq4xduvNrOeOkGrVF4=,tag:SrlfFUvQamllD6Jp3zCMMQ==,type:str]",
"sops": {
"kms": null,
"gcp_kms": null,
"azure_kv": null,
"hc_vault": null,
"age": [
{
"recipient": "age1z8q02wdp0a2ep5uuffgfeqlfam4ztl95frhw5qhnn6knn0rrmcnqk5evej",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwcTlIaTNDQ21YZ1Y2Y1pW\nVkhPUDNqdFhRYk1maDBaY0xCVnBkMDAwd1gwCnhNTjVvQ3VuUGQ5WTE1eXd4NktH\nSVBab3ZQUzFVQ1phWThsTkcvUTFxMncKLS0tIHF2Zyt2OFhpeElHUFdpSVZuS3Qy\nN2hIb3F1Y3Q1d25jb2dpTm80N3JJZ0EKc9RfRBoYNj8EDJYbbPQ9Nm5eXqDvXJUE\nAgoZAR/2i+v8M2xqvyVAib/BM7FxGhHOZzo/yJYZuE4Uv2hnRwW0Dg==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2024-04-13T21:15:27Z",
"mac": "ENC[AES256_GCM,data:NT0uO66v5lvkH60CfZYpw3xPy/x4AHzHEd5nTI/IBHJmQJlT83Zp6Q9PveBfv3qxn8+7mBZoE720B4mYG9zjT3W1kjFV9uzpQx92UuLGJHrbEZ/VNTJiewhHB22lLq8wbaJ6I8DvwA+Ig6xJ0KViEbywQCwxlmYSG5vS2Miu8M0=,iv:dxwtH5VNs4WguiLXChx9JgXrTRCiW4Z1Gd5fJlr75AU=,tag:A5Sx7cDFOo/aSHY06JfsiQ==,type:str]",
"pgp": [
{
"created_at": "2024-06-19T16:30:03Z",
"enc": "-----BEGIN PGP MESSAGE-----\n\nhQIMA84hNUGIgI/nAQ//SLsvAWVXl1XyoKgS36czZh4Oy0doCHJ3NVgM7Cath9iK\nxJywK2AKPmaUT8PPyebL5ejf+p3Fy3ZdoNvEYEoLuFjKaVLzZHRY+g6psoCuHE07\nW6mJ2YQPA29TRmOr9EgHv7sJhN962jl6R28GtA6eYYXyADAGdzWpZTKbjHJojJ4F\n54Ai8GyRjv9CaYcWKh7tw5DvKXMo/uWIDLox1PqfkCzkVvwcQAfg4BooGEtcPfXs\n4HvgLntmuo/6bmiGY90yHHaDKkX110E+nmQzCm840ikpZmYQx0fu2mif08VjaTEZ\n1mspK++049wPP1DfgwCtvqF6xaZHIhsseuCaaMGzGLCyRyvjtd5BWZWUXKnybIAl\n4X52ZNERo3p8begm7gx0ZiH5FBB0mxmg0TJMM5BZzfqtJPgPewO7NfJdVi6TYS3m\nCywyygA2bl0TfjVVmoeaYwmP/TQNpUjn6G5akXyhm58AoihAX4INS8PSecSE65ie\nwzTfODdSK0e+Hm0ZkbPTEMEsICK/AAlz/zls0F4GDn+VTxyOsvYk0YhAjW8rjiSt\n9KT5lvVeZAint8msmeWhqpeexVJ9gtpVaLo7q4GyfzIudy4OrqraX5x399fdOJ0D\nt82cSsP2VnIeV9OiWbE/9XdBr3n7iJW0a/uGKpPn7mxlCAbTFw9eJ1VK2Nvk7+TS\nXgEQEtFvPvca9Uz6mjH9PY5kh1iru/351KSZ6fj4nbHMAg/OI8V3DXnvfrXcUUPt\nuSgIt2RLuUgiyNhXkcuu9qFz9dB5Lp38a0dAczAcudyK6y2zkL/QKdtnNWdvOHg=\n=1mZu\n-----END PGP MESSAGE-----",
"fp": "F63832C3080D6E1AC77EECF80B4245FFE305BC82"
},
{
"created_at": "2024-06-19T16:30:03Z",
"enc": "-----BEGIN PGP MESSAGE-----\n\nhQIMA29thaGx06tOAQ/+L9EBljfcWvSi8Z3xo+iqPSuDWcArBswAFUwbJPaAU/Ou\nTWvBChUyxvlMZq3hLGMscT7MtoSz1NLHOkc1kaSXL/5O8bjAYl0H80UUghBvtxFJ\n5bjXt3XTs7xnCdsz6BwxrbgjGva8nkcSpkBBLyyPG514OYr4Eakakbq9gIRbHrsf\n+R52BJDGjuccahF6sx6yhM+wZBlEz6pBmen7EuUBiOYGzGFNyl1U7kAiarUZL7+F\n3yF9nb8tLG+kVcmJQbjOLtxguB/V4yfTit0r7NimAufhp4XLCXnZQrOw2oime0vO\nIgrziC4+RsDuGLrAaMV19qonXp+RzaZEgztiujIY0CcHk6XOwKtABQHGMiVgS/1m\nCi2iZKtJ6f3g/v/Q6Zt33ItoJ9MNAFgQwOdiWCvXlTKLHLErKXs/hrSrTzAAQvkt\nrA8QDBQIWz29Xmv7WOQ6dgsV7c/VrDKLuOJNHprimcYMI1lp4QKtt25Avly3APQA\nVq7MLIx+XfY1QOTTCgRGjPA5NlxVfs0IE4L+Ap9rrtVd6zMW/2oVRrbNJL5Trcgz\nNuEs88SKGQdF6W2Fb9ed3fZGX4EPsSET46oAr+qJaGKHC2otrh3Qa3p+M6kkMB+E\nVm/pN+47pz844/JDnieQ4dPTIJ3tgBd3MqkcV3onCH422jYYb63C4/EJFEJq6nHS\nXgEXTv8S0UnePWLwwFGzlPsUTzRaQIG5Bx9ROydkC0Nw7KtuaZ8Yy5/XhCKftxDg\nZ8a/Vvy0n+icrl4vDypuHuPVQ5oF71ia6zZewWj3Iu1TaEJXV1Sst9oW8kEEFTA=\n=Bs2C\n-----END PGP MESSAGE-----",
"fp": "29F5017C95D9E60B1B1E8407072B0E0B8312DFE3"
}
],
"unencrypted_suffix": "_unencrypted",
"version": "3.8.1"
}
}

31
systems/palatine-hill/keys/zfs-torr-key
View File

@ -1,31 +0,0 @@
{
"data": "ENC[AES256_GCM,data:4kEKyga4w14ZEJODrGRLYE3/QNXdfwE5waX3XCacGyI=,iv:MdkharxcHgKIqY3PuxidrCfgilr3krERTzZ5AP0k4GA=,tag:IRu+J4uKmoFwUK9h03cmLg==,type:str]",
"sops": {
"kms": null,
"gcp_kms": null,
"azure_kv": null,
"hc_vault": null,
"age": [
{
"recipient": "age1z8q02wdp0a2ep5uuffgfeqlfam4ztl95frhw5qhnn6knn0rrmcnqk5evej",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXM2tWV2FacS9KbkZwQ3JH\nZ3RyL0ZhTVBkeGkwYm5pTTVZeGY3dXRBdnlRClVxQ3krOC9SZ2V5MkQybFVteWZ4\nSG1wM2NaOXo0Q2FQd3EzNVVYUTdURDAKLS0tIHhQYlBKTDVXZXFlZStwWUJKTkhN\nWENYMUp6emdNdDVUdjJXVGdVMkNMTWcK1yhjh3bKjg5B6FhqzeeJ4u7IMxctUgLb\n8GRJDg1d7PALxu0+pmN7gxYRXaNu11b3UXciNh8i/EBJydxrsGV0pQ==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2024-04-13T21:15:27Z",
"mac": "ENC[AES256_GCM,data:+jEfFy/TYSIPjEtBlx3YuRG+g6zNQq2CBGb/4sQO98lQuY+0fWjGhj0KxYwJmzclwvu89YS7q/dFBD9pbCRcwYk+W+v7LcA2CQuPmmrJC0WzlfZLx9RiSeXW44Xzl04MdMPyVW6i4p8+oxrmyNanV+T/uXNOH9Baz3vfvzfSy7M=,iv:7RWvMp5hTawt3+TTx+rf7E4Bc6KErxae5BGVPr2hsq4=,tag:cCK2CuBWKVpPY7gvdboaKA==,type:str]",
"pgp": [
{
"created_at": "2024-06-19T16:30:04Z",
"enc": "-----BEGIN PGP MESSAGE-----\n\nhQIMA84hNUGIgI/nARAAm32EsBGEgvvnjAVKnD+PQIE1BUNBkxbw6Tr5Ac+chanu\nxvNbvZsCvWjMl0CyU9p3nkmAMXCJQ0dEwEXJRctLJefNX4ZXefBWMhOOKpsN6o68\npwUYpHCtEdT4mJHGG6y/3ZH6HGmQ/eSH/I0YigimNBuqlJuKY2cXxlEvdpy/12tc\nFAnIBh5RcjMEwR9s+vC5DZsTyUuLdAbsBJ2bUn25SK5fYe83LPYRFrJ9vpFijdYu\nn/dqbb9PlIydkBwPpuD50GZEtpfQJKQDFwAhrw5A8J5snyeJVnEijFmQsM7n2DZl\n9l8t/Qm1Yl0cHBtRjKPXwMYL5FTXn2MUTK7rgSA2+h8OxNxikWKv8DqtB3ZHaEnV\nRotm4Q6HS4QdaGIjC3wq1PoDD9lQQ/b5G0zfD8UsOXmG4UwAAtgYCTnGpNYtFAt5\noOJbS4n5teJ+nr2bYHMrWNHQxXD6MQj2xeP2BYBnK+zBQQuXEjFmCExdpo6aq2Tt\nVc44Co7+/F0Ct8lJw0HyQa96RMmHGZV5R3go7HeRhwDGJQsaGKLDuK9fvZPGJ7yD\nS0bUox1rK0bRqaMHa7TWPktN5rqvyYa+cCZKSu/WiToyfjFKsWz58DyxbSXoNewJ\nfppDrILA7SRLU9IO0irdlRktuhYiWZXVinb+Qe2VgMZ3U/50de4klyCPocrrBRrS\nXAEQe4oG2cd6T0lDpQFwjz5oO+9u3p9ulfWpRupighhICSP6c2OO838ZLJ3F8zJZ\nRxvX5JGxrh33orViJugjKauiYLxgf4E9dn2svY3ICEk9391LNTsTL785lvK4\n=ddWM\n-----END PGP MESSAGE-----",
"fp": "F63832C3080D6E1AC77EECF80B4245FFE305BC82"
},
{
"created_at": "2024-06-19T16:30:04Z",
"enc": "-----BEGIN PGP MESSAGE-----\n\nhQIMA29thaGx06tOARAA20lKyRAc5dLXSxzsS1nNUAWnsy3hNcsQWtR93Sgglh8g\n3PJy68lw9ADkWmVP6H3hwhsyUofmVqbDnb3MRel9QlDGTgcj0gW+5g8IyeYmzDjZ\ncEgZ3g6Q1ZpJOcfFB3DrcC5qTcaMyGMP2Kl/8JYpXbDJ18i8FSrnNuxc7kGif6oq\nP/XnZnh3wPHS9KimcTmtBRg1ZzqYbIz+wrsYxvkZF4GCj5SS02kkvFNMwkAElpq8\nsVSYENMIyD+vYCTBMDaed0btUyMtzOyCk33mGStmXf3oV8z5gUJCIoFJ9K9YRY2j\n0PVxBxf76Bp1kSemNvsi3d2/7oZyYn2vMz8Qbi7rLKZZCQV66jxSQB536D86KJlh\nb1tLwtsSIMdY+IiCM1EJ6zAVys/MHUxXXi8kLqa94m90C5ocFa2XOWIA7JsIdV91\nNzXcDMeF4jDgCDNXiuI5wZzfI5lufJOhi6oanPzjM3ueFZKlY84StQxcAFSu3CA1\nRYGWTn7ybBQQ4fvaYqQf9IGTnibZ4/w/hATOL+xGsutok7vm00B6B2q9/JtBdAsW\n3uqC+ZBiOPCSUzIDQA2K1nm6BrGnNbEKpxYp8itfO73mSGBfHA22gRElXlEE6r1N\nt05OekpzR17WKtnCFytP++2GMX0IlInznaBeKdUlqwMcAHtSxGUIV8YtFN1Lu+zS\nXAHNWs7ARPeL2ORhDNQV0O+JMxMx08hkwb8ZLzemtqqy8FB6Z95HGKjxXNtOzl4w\nqletmbAYwjK+rTaEt/DqO2LaVHQENLzZSb+sJceQkT+PIcQqt4LxU7ukzhdY\n=Vx1G\n-----END PGP MESSAGE-----",
"fp": "29F5017C95D9E60B1B1E8407072B0E0B8312DFE3"
}
],
"unencrypted_suffix": "_unencrypted",
"version": "3.8.1"
}
}

31
systems/palatine-hill/keys/zfs-var-docker-key
View File

@ -1,31 +0,0 @@
{
"data": "ENC[AES256_GCM,data:enImcuxScby8hnET/8031kdP27BhZwWHKjpYvWsyVc0=,iv:RZ+Etysb0QTQpOmuFULaOFTi1o+v8zOldI36DNNQcEI=,tag:tqtC7fkKbY8nnoUlkqFgAA==,type:str]",
"sops": {
"kms": null,
"gcp_kms": null,
"azure_kv": null,
"hc_vault": null,
"age": [
{
"recipient": "age1z8q02wdp0a2ep5uuffgfeqlfam4ztl95frhw5qhnn6knn0rrmcnqk5evej",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBCVHpybzFCYVlnSjRTWEtY\nUzJpcStjM0U5Mktld3dVeEpYRExKQ2hGbkVFClRoL3hycWhURXJiUmsxckVMdlMx\nbDZ1S3JhWTZwdEdYWGdVbndmaDluN2cKLS0tIFRqZGo0WTFUUmxCNEczbysrNEcr\ncWczYWNHdmZxMnJPOGNRZUNZbnNZaDQKW3qh1qk1nVmytZv0SrZHfAXc9lw3CXrh\ni7b7O/jrODlgjb5Ji6qquLkTS1PFr61tl735U9Aao5uY62ZAC7Fdag==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2024-04-13T21:15:27Z",
"mac": "ENC[AES256_GCM,data:aDxxjyyupxK0P3/ZpkEkfCVoFJQcjDNV0w5xe9P97hJvqJlf3zgOvdcTkcMvcQiZv2P0jY0NpR8z2jX9VhrZn4OXKxlcPnEmXA81lJkpjsZkRj55Lygm+/9su3eJpjcVOoFyikK74qs/NMcR5yjslcgpJxt2/3cIHXD8SFyBjbA=,iv:6nGCEOQhWAQdjQAR8AaF9huHhIx8WyCO57hvwx8VjVs=,tag:LWcQkNZMu/8tGTEmkxjdMA==,type:str]",
"pgp": [
{
"created_at": "2024-06-19T16:30:04Z",
"enc": "-----BEGIN PGP MESSAGE-----\n\nhQIMA84hNUGIgI/nAQ/+P5IweGMw2kjASZtbYI6l0jMbtuP3m4JpQ9fsbOCNEb6G\nqjVS/qgQS8QHzwkCR9en40FOIY1aqrd8BbGiUh+Zdghse3Ovdo3oeXD93I69nWS/\nzPSepCZkWjK8cmj+99uYwprmjz/bPWXrc/rOlLcZ7SB5Cdfmc0c9qRtZvj0R/zO9\nlR6Z0f2y3ZOx/pCsMb6Iie17GbDhBGXbi2v3IpVLo7uuxPRzXiWajiz1wRDeZOAd\nDMLYUmmvyGlDewZVJ5+6qE+JM8tNuV4NmIg76dFq2x/k63w9Ju7uFotY5jdOf8gJ\n6xlFnSb75xepbzujQhKzEXqVZxYpNiBIZJsHfC7wwiFYaBRFZ2G8nnshrlOMRBmP\nrihVG3pxNEF+CcMMkoSnD3mewHt94G3DP1+Ym69YrYOtqmP3J2xBUMXFnx6ZjRTR\nbvL1JFFNnmtXzITRQKLxwm07hwYKUzEV4GBlh1Q4QNsHR7hloufT2NJQYoA6lmYG\nO2IkJk5xgKDieD5GCfbZXcPIf5wymRMrWECqOUe4c1yF72XLmLDVvqvfGKRbHIea\n78+nsSlJqeHIJL1rHM8ufYs7nQ0M7prJVIHOruZFCxNKTN1fkuRBWEwX2xtSnTle\n3he6La1K9qvKsZSjI19xLiNuNgPR6IadSDnYiXXS1oJogHi5pFbLbUysp30aqtbS\nXAFudzN0Igd0Emfkn/UcpHd4Ixda5KQAXnW4grcvva1xiWyyTjTdtCbMMeMsZMvG\nVDvHbT9vjQdHOhcJp9kgGI8hd1Y5PNnuig+GZgekhCf2o3adZg/ojvWAsDTn\n=eyl2\n-----END PGP MESSAGE-----",
"fp": "F63832C3080D6E1AC77EECF80B4245FFE305BC82"
},
{
"created_at": "2024-06-19T16:30:04Z",
"enc": "-----BEGIN PGP MESSAGE-----\n\nhQIMA29thaGx06tOAQ//XsDBTXGCR3Tq/0gorXDc33ZF7M3J4tQQzK1MpkAhIEKr\nWcn5FOuYEPqJ/hgyCN8xHvd8TVS7B3XjesL/CouQVXlUH2fgY/kP5nhza+hALirj\nbeN5qDm7KThz/KWM/pZus2DEQ8Lf+So1iUvR6Fe30hgkmqzDpklRWqDPpcmE6iEU\nkiu9/pweivYOhgqZgeyaJRIDRXRYyAKKfgqQcKY7xH563TkqoIoQvqaayZ43kf57\nvFytIHdzUBFhesOvK+T1kCGO+Jby8MAhnNPCysOGYYIxEQzCzpq47SqfhTadd467\nYOl0pNHP4+8Ve049WpTfwQUs5LXk0/isbVGpwbA2/zt+9YW9kJfBW78jZZZXWtp/\n4h7N5BvABGyEaupGSWzYITJdOW+t1+IFalJGBEcjCs87FU6d2/QWg80Wat8YabhY\nkocOZzLNupXREV1BKxynOnYtT974/pjtbpIptthQ3x4aN/DHBj58mioPdxkWW+5i\n37OFndG35OCyGBvin19AZjzSAXgy3w1d2H/Qif+LLwd3OCS2PsEQWL22KIqP+Zbe\nA4nB0movV4YqyN1aWLEpLGlKwLYnNSOIvalCFOUBel09W2obhLE9eiUGyOA5U3BU\nT2s0Idfkletz9jz8vkNq4JVQ+ENv8ooFFwHMoya9gHvYRfrcT7m9VM/8ellOaZbS\nXAGo7Ob3GuweaH4AFS2iu4eKBnAyEdkZg20Hr4PJ6sNuHwO5KTXiyPBMuRsRmpkh\nlhTIAhqR+xGAS4klowlLUKaDr2UnqB6d2Ktm4AFHTbRPgfsAtL6BkaitTv9v\n=JRy4\n-----END PGP MESSAGE-----",
"fp": "29F5017C95D9E60B1B1E8407072B0E0B8312DFE3"
}
],
"unencrypted_suffix": "_unencrypted",
"version": "3.8.1"
}
}

1
systems/palatine-hill/minio.nix
View File

@ -14,7 +14,6 @@ in
};
sops = {
defaultSopsFile = ./secrets.yaml;
secrets = {
"minio/credentials" = {
owner = "minio";

2
systems/palatine-hill/networking.nix
View File

@ -9,7 +9,7 @@
networking = {
hostId = "dc2f9781";
firewall.enable = false;
useDHCP = false;
};
systemd.network = {

56
systems/palatine-hill/secrets.yaml
View File

@ -20,57 +20,29 @@ sops:
azure_kv: []
hc_vault: []
age:
- recipient: age1z8q02wdp0a2ep5uuffgfeqlfam4ztl95frhw5qhnn6knn0rrmcnqk5evej
- recipient: age1qw5k8h72k3fjg5gmlxx8q8gwlc2k6n6u08d8hdzpm2pk9r0fnfxsmw33nh
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPWmM1Q0NMQytCaW5vZWhT
M0JQajhHc1Z0RXBoSnBBMlZGZ3dhajNkcEY0CjBMeDNIS0RhUUxxUDY0ZXNyb0Rj
NHhUNFVPSjVScC96Tnl2R1FmWGNQa1EKLS0tIE5iRUpPUEtWMW9nUllzT1ZEZDE1
bTdhU1VVMWdWVzBkTDB4MkxFcWtQSTQKsASNOoF5NjJLIedaBUWCMx1uJziEZZSx
AlaF0gp4bNP4G58rndIe8XtsM10BseGvM512kMGWd3XbQPz3firk5w==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzcTQ4SVM3dVN4UWZCSXBs
dFo1S0ZyOEM3c3ZtYTcvZlVNYStDdXd0NjB3CjY0NWc4UkVGUk1ZdTBBLyt2L0lX
M0lRbXFwRzFWSTNndC92SU5kSkowb28KLS0tIFhjMnJzZHRoTmJONDk1RjVsRVZq
d241ZnZ2MWg3YVNBbkh2S0NqeE5PdFEKWqnQH4kZszkKZTSgur0c5hGMoMx9zBdz
tSvUbe2+WKX7q6y7XqsD1KjFI+POVDF+YN7H9ja96+JqvKRteXNhCg==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-07-07T23:09:33Z"
mac: ENC[AES256_GCM,data:nr1JAEr2FGrYtiUhrQFsBPbiR+toxzYRZVPqq7zYBMeNy70a5jMgw6qm37M8Hmt7omO/KePE+Ol27FI9Aqn8OP3CQZoSWZbul+TTItV5UWC84G3MebaesnIiFQwbpM9hz08VoQ1zxUiUFnUY4bBr6okNSyJeqq/QmkkyqhK4Wlo=,iv:0MR7AiQEX2Cl7FUtRlxaY+R2oqSbanIhwaXAN/UnHH0=,tag:RpQCtsuelu3VQVB9HzJE+g==,type:str]
pgp:
- created_at: "2024-06-19T16:27:11Z"
- created_at: "2024-09-05T06:10:49Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQILA84hNUGIgI/nAQ/3dupmdOAwhgOEF7K5s8+KxlXlmz7POXkO3zDXbFQrZrKR
JNncfi22Nri57Jlud5ku2W/0jJ5B812/1oIpClHFkdWqg4b3ZIrOpg1239IJX7Gg
rvacIsgejrAMA/aT4F7a8QAwWdBy33aB8AgquGRYo6STn9fLssQ78Q1P3ps1oT7R
639EF7Sb+I47yO9rq6YDA1391rHrkS5PvW3ztW485f3nKJ5o7gD1fK4ghZPuoyy9
VppgkzpaaMXUBSJNglsBy6uReq/aupgRnhcmZu+vFdgxY2R4Ff6M/AhpJLOz9B6G
4QGb9uj3nBKT/D9PFqbSCn/oreSJzxd6DTOdM7NOMu+CgPsdJ5FoivH1Um990vfB
V7y3eWvJ4HMHHIr0QdWYUpr7Wd48m+fhWFI6SQB1kRWCY9rgb1SOmsvDKDmzGd78
H2tdweS9Bjdvwedn24IpPJh90do50HOnFVa5zlGj8AA43IOOhXwxvEhelgY+xoNK
kTLmARqLAHYqq9MwjBZhiIGwuLemyXP7TU2U9jXUIsXPMejdaInrCt2gHkjkI9Wy
FollcgzeBG3WqNAGZ+rnfmNN1rAela7P7MCUqroVsXIDi+4C1nbnMlRnQTu6e5nn
VLP9VEJqYobLwm+kZVHG6SJM+yOmyAU14YKOYGWsZkjnNPeNb6tUCs/Ml4Ob6NJe
ARVQKVwy0wP/sCkeYjWTRrWcITpEOzwn/SVbiDMlnh05/jLtKXzm0FVXtutiYQZ/
SjBYpYARV6pZhbjA4DjnPba6uwFca0UnWk4coM+i2doFsJKQJe0iHwzgyyy+/Q==
=XzRR
hF4DQWNzDMjrP2ISAQdAA1DGmMjNYHKHtel++ftsHqmQGqrjfL4VJTe62bEMfXcw
EQmF0itX7ns+GogeYeYaqxa0qraWzzGwsEDJOp+VJMmLPtw5999kdO1PikgyGkcV
1GgBCQIQd5DwJiXbQ7bFPYPGg8xxEBeDsHYtKo0tv9uQi9Is0nYYHbI8+TuFUv2o
Av5c+/hAX/1D4F8JDTnz7WbEO3X2H7VXNMQKQkYR1Ndds6ueyx1V4kFqQTD5qLG/
BpnwAmW4i9XVMg==
=2NK4
-----END PGP MESSAGE-----
fp: F63832C3080D6E1AC77EECF80B4245FFE305BC82
- created_at: "2024-06-19T16:27:11Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA29thaGx06tOAQ//Thyg4cyx5/r+wrU0TVspF3zVRLNHcwHmuaaXGebOUMxd
UuL3usmi5lC1/otK9XshTg9ODRsTtZ8qjoj2oHOYgZHhRZRsWMNMnZGY2P9iVC6p
ZwzIcDaBwDqaw6nEjXqR6eSB+P7XzHGMVqa/EhmwBrEwa4qtv8R4huUl9G2CY2RM
eWuTSgD5MEb3mPveemkvVvE+gquBseZ8wfkMA5eBZZYvEBhb2nKlSoqWRKv0Sp/a
V5MQSWZrkFfbA92g9S8AJZcwMuNJHf//N5Z9UofK4yfC+dC5PnL52iU0/M58HeXu
w7X+cvcYfEHlQF4b1v/W4C3YnMhaEoKDuSAE+PdM5TeZfZYnGglVDxNogYAAfdIP
l5gkSWhl5Dzu+lNg+k+kIVngHr0XDZ4IrTgXqrl/wtWtBf+xrjnlnhPMoRfTvUD5
2TRRyr9gwu6t+bIW1kSjcpouYhnSXtiCGb/5DN8W8Nw7sdOXQyeMfTI3oGhUKKrU
Qa4ogWFIS9GN1wYo18CfdXiBtfVnRIH485iu7d0bdvbkCXyweAoNTmIbBLNfzg2R
m4eN5Z8sXWjSpFOGiWf82IlF86xvulDxeuUy+synoHsD+WQg5rB5MZfhCwXoB0Cn
c+yCr6Ocv/KjoNDn3TdI6hkW5Inv0eYqx5sVRKbita3eAY60VRz5BqAC6MeKGHrS
XgH3doi5V8HoZOMfHtxhYk9/wUQO6ABB0Z3N05DlugtaRER6DdNLw9zrIqWQhFA8
YyR50KJPlC7+3PFxfWVg3iWCZ1gvyXMyC/HoTmC5uYY3avUZ43QqsnepXJgBBz4=
=+84s
-----END PGP MESSAGE-----
fp: 29F5017C95D9E60B1B1E8407072B0E0B8312DFE3
fp: 5EFFB75F7C9B74EAA5C4637547940175096C1330
unencrypted_suffix: _unencrypted
version: 3.8.1

33
systems/palatine-hill/services.nix
View File

@ -1,33 +0,0 @@
{
config,
inputs,
pkgs,
...
}:
{
systemd = {
services.startup_validation = {
requires = [ "network-online.target" ];
after = [ "network-online.target" ];
wantedBy = [ "multi-user.target" ];
description = "validates startup";
path = [ pkgs.zfs ];
serviceConfig = {
Type = "oneshot";
EnvironmentFile = config.sops.secrets."server-validation/webhook".path;
ExecStart = "${inputs.server_tools.packages.x86_64-linux.default}/bin/validate_palatine_hill";
};
};
timers.startup_validation = {
wantedBy = [ "timers.target" ];
timerConfig = {
OnBootSec = "10min";
Unit = "startup_validation.service";
};
};
};
sops = {
defaultSopsFile = ./secrets.yaml;
secrets."server-validation/webhook".owner = "root";
};
}

87
systems/palatine-hill/zfs.nix
View File

@ -4,31 +4,10 @@
pkgs,
...
}:
let
bootkey = key: { "/crypto/keys/${key}" = /crypto/keys/${key}; };
zfskeys = [
"zfs-attic-key"
"zfs-backup-key"
"zfs-calibre-key"
"zfs-db-key"
"zfs-docker-key"
"zfs-games-key"
"zfs-hydra-key"
"zfs-libvirt-key"
"zfs-main-key"
"zfs-nxtcld-key"
"zfs-torr-key"
"zfs-var-docker-key"
"zfs-nix-store-key"
"zfs-archiveteam-key"
"zfs-minio-key"
];
in
{
boot = {
zfs.extraPools = [ "ZFS-primary" ];
filesystem = "zfs";
initrd.secrets = lib.mergeAttrsList (map bootkey zfskeys);
extraModprobeConfig = ''
options zfs zfs_arc_min=82463372083
options zfs zfs_arc_max=192414534860
@ -101,4 +80,70 @@ in
};
};
};
# hack to make sure pool is imported before keys are loaded,
# and also keys are imported before things get mounted
# note to self: move zfs encryption over to luks lol
boot.initrd.postResumeCommands = ''
ZFS_FORCE="-f"
for o in $(cat /proc/cmdline); do
case $o in
zfs_force|zfs_force=1|zfs_force=y)
ZFS_FORCE="-f"
;;
esac
done
poolReady() {
pool="$1"
state="$("zpool" import -d "/dev/disk/by-id/" 2>/dev/null | "awk" "/pool: $pool/ { found = 1 }; /state:/ { if (found == 1) { print \$2; exit } }; END { if (found == 0) { print \"MISSING\" } }")"
if [[ "$state" = "ONLINE" ]]; then
return 0
else
echo "Pool $pool in state $state, waiting"
return 1
fi
}
poolImported() {
pool="$1"
"zpool" list "$pool" >/dev/null 2>/dev/null
}
poolImport() {
pool="$1"
"zpool" import -d "/dev/disk/by-id/" -N $ZFS_FORCE "$pool"
}
echo -n "importing root ZFS pool \"ZFS-primary\"..."
# Loop across the import until it succeeds, because the devices needed may not be discovered yet.
if ! poolImported "ZFS-primary"; then
for trial in `seq 1 60`; do
poolReady "ZFS-primary" > /dev/null && msg="$(poolImport "ZFS-primary" 2>&1)" && break
sleep 1
echo -n .
done
echo
if [[ -n "$msg" ]]; then
echo "$msg";
fi
poolImported "ZFS-primary" || poolImport "ZFS-primary" # Try one last time, e.g. to import a degraded pool.
fi
# let root mount and everything, then manually unlock stuff
load_zfs_nix() {
local device="/dev/disk/by-uuid/8bfaa32b-09dd-45c8-831e-05e80be82f9e"
local mountPoint="/"
local options="x-initrd.mount,noatime,nodiratime"
local fsType="ext4"
echo "manually mounting key location, then unmounting"
udevadm settle
mountFS "$device" "$(escapeFstab "$mountPoint")" "$(escapeFstab "$options")" "$fsType"
zfs load-key -L "file://$targetRoot/crypto/keys/zfs-nix-store-key" "ZFS-primary/nix"
umount "$targetRoot/"
}
load_zfs_nix
'';
}

100
systems/rhapsody-in-green/configuration.nix
View File

@ -1,100 +0,0 @@
{
imports = [
../../users/richie/global/desktop.nix
../../users/richie/global/syncthing_base.nix
../../users/richie/global/zerotier.nix
./hardware.nix
];
boot = {
useSystemdBoot = true;
default = true;
};
networking = {
networkmanager.enable = true;
hostId = "9b68eb32";
};
hardware = {
pulseaudio.enable = false;
bluetooth = {
enable = true;
powerOnBoot = true;
};
};
security.rtkit.enable = true;
services = {
autopull.enable = false;
displayManager.sddm.enable = true;
openssh.ports = [ 922 ];
printing.enable = true;
pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
};
syncthing.settings.folders = {
"notes" = {
id = "l62ul-lpweo"; # cspell:disable-line
path = "/home/richie/notes";
devices = [
"bob"
"phone"
"jeeves"
];
fsWatcherEnabled = true;
};
"books" = {
id = "6uppx-vadmy"; # cspell:disable-line
path = "/home/richie/books";
devices = [
"bob"
"phone"
"jeeves"
];
fsWatcherEnabled = true;
};
"important" = {
id = "4ckma-gtshs"; # cspell:disable-line
path = "/home/richie/important";
devices = [
"bob"
"phone"
"jeeves"
];
fsWatcherEnabled = true;
};
"music" = {
id = "vprc5-3azqc"; # cspell:disable-line
path = "/home/richie/music";
devices = [
"bob"
"phone"
"jeeves"
];
fsWatcherEnabled = true;
};
"projects" = {
id = "vyma6-lqqrz"; # cspell:disable-line
path = "/home/richie/projects";
devices = [
"bob"
"jeeves"
];
fsWatcherEnabled = true;
};
};
};
system.autoUpgrade.enable = false;
system.stateVersion = "23.11";
}

9
systems/rhapsody-in-green/default.nix
View File

@ -1,9 +0,0 @@
{ inputs, ... }:
{
users = [ "richie" ];
system = "x86_64-linux";
home = true;
sops = true;
server = false;
modules = [ inputs.nixos-hardware.nixosModules.framework-13-7040-amd ];
}

50
systems/rhapsody-in-green/hardware.nix
View File

@ -1,50 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
modulesPath,
...
}:
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot = {
initrd.availableKernelModules = [
"nvme"
"xhci_pci"
"thunderbolt"
"usbhid"
];
initrd.kernelModules = [ ];
kernelModules = [ "kvm-amd" ];
extraModulePackages = [ ];
};
fileSystems."/" = lib.mkDefault {
device = "/dev/disk/by-uuid/c5cc486b-0076-40b0-9402-7ddb2b4a7fdf";
fsType = "ext4";
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/D571-3949";
fsType = "vfat";
};
swapDevices = [ { device = "/dev/disk/by-uuid/57a25825-69a9-41ac-999e-5137a01edc9e"; } ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.docker0.useDHCP = lib.mkDefault true;
# networking.interfaces.enp195s0f3u1u3.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp1s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

11
users/alice/default.nix
View File

@ -13,15 +13,6 @@ import ../default.nix {
name
;
publicKeys = [
# photon
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOGcqhLaKsjwAnb6plDavAhEyQHNvFS9Uh5lMTuwMhGF alice@parthenon-7588"
# gh
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGoaEmzaS9vANckvBmqrYSHdFR0sPL4Xgeonbh9KcgFe gitlab keypair"
# janus
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAfcO9p5opG8Tym6tcLkat6YGCcE6vwg0+V4MTC5WKop alice@parthenon-7588"
# palatine
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP59pDsx34k2ikrKa0eVacj0APSGivaij3lP9L0Zd9au alice@parthenon-7588"
# jeeves
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJDgkUndkfns6f779T5ckHOVhyOKP8GttQ9RfaO9uJdx alice@parthenon-7588"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP7oJjIYNRCRrUlhdGJgst6bzqubbKH0gjZYulQ1eVcZ alice@artemision"
];
}

1
users/alice/home.nix
View File

@ -57,6 +57,7 @@
wget
glances
obsidian
onefetch
# Rust packages
bat

191
users/alice/home/doom/init-new.el Normal file
View File

@ -0,0 +1,191 @@
;;; init.el -*- lexical-binding: t; -*-
;; This file controls what Doom modules are enabled and what order they load
;; in. Remember to run 'doom sync' after modifying it!
;; NOTE Press 'SPC h d h' (or 'C-h d h' for non-vim users) to access Doom's
;; documentation. There you'll find a link to Doom's Module Index where all
;; of our modules are listed, including what flags they support.
;; NOTE Move your cursor over a module's name (or its flags) and press 'K' (or
;; 'C-c c k' for non-vim users) to view its documentation. This works on
;; flags as well (those symbols that start with a plus).
;;
;; Alternatively, press 'gd' (or 'C-c c d') on a module to browse its
;; directory (for easy access to its source code).
(doom! :input
;;bidi ; (tfel ot) thgir etirw uoy gnipleh
;;chinese
;;japanese
;;layout ; auie,ctsrnm is the superior home row
:completion
;;company ; the ultimate code completion backend
(corfu +orderless) ; complete with cap(f), cape and a flying feather!
;;helm ; the *other* search engine for love and life
;;ido ; the other *other* search engine...
;;ivy ; a search engine for love and life
vertico ; the search engine of the future
:ui
;;deft ; notational velocity for Emacs
doom ; what makes DOOM look the way it does
doom-dashboard ; a nifty splash screen for Emacs
;;doom-quit ; DOOM quit-message prompts when you quit Emacs
;;(emoji +unicode) ; 🙂
hl-todo ; highlight TODO/FIXME/NOTE/DEPRECATED/HACK/REVIEW
;;indent-guides ; highlighted indent columns
;;ligatures ; ligatures and symbols to make your code pretty again
;;minimap ; show a map of the code on the side
modeline ; snazzy, Atom-inspired modeline, plus API
;;nav-flash ; blink cursor line after big motions
;;neotree ; a project drawer, like NERDTree for vim
ophints ; highlight the region an operation acts on
(popup +defaults) ; tame sudden yet inevitable temporary windows
;;tabs ; a tab bar for Emacs
;;treemacs ; a project drawer, like neotree but cooler
;;unicode ; extended unicode support for various languages
(vc-gutter +pretty) ; vcs diff in the fringe
vi-tilde-fringe ; fringe tildes to mark beyond EOB
;;window-select ; visually switch windows
workspaces ; tab emulation, persistence & separate workspaces
;;zen ; distraction-free coding or writing
:editor
(evil +everywhere); come to the dark side, we have cookies
file-templates ; auto-snippets for empty files
fold ; (nigh) universal code folding
;;(format +onsave) ; automated prettiness
;;god ; run Emacs commands without modifier keys
;;lispy ; vim for lisp, for people who don't like vim
;;multiple-cursors ; editing in many places at once
;;objed ; text object editing for the innocent
;;parinfer ; turn lisp into python, sort of
;;rotate-text ; cycle region at point between text candidates
snippets ; my elves. They type so I don't have to
;;word-wrap ; soft wrapping with language-aware indent
:emacs
dired ; making dired pretty [functional]
electric ; smarter, keyword-based electric-indent
;;ibuffer ; interactive buffer management
undo ; persistent, smarter undo for your inevitable mistakes
vc ; version-control and Emacs, sitting in a tree
:term
;;eshell ; the elisp shell that works everywhere
;;shell ; simple shell REPL for Emacs
;;term ; basic terminal emulator for Emacs
;;vterm ; the best terminal emulation in Emacs
:checkers
syntax ; tasing you for every semicolon you forget
;;(spell +flyspell) ; tasing you for misspelling mispelling
;;grammar ; tasing grammar mistake every you make
:tools
;;ansible
;;biblio ; Writes a PhD for you (citation needed)
;;collab ; buffers with friends
;;debugger ; FIXME stepping through code, to help you add bugs
;;direnv
;;docker
;;editorconfig ; let someone else argue about tabs vs spaces
;;ein ; tame Jupyter notebooks with emacs
(eval +overlay) ; run code, run (also, repls)
lookup ; navigate your code and its documentation
;;lsp ; M-x vscode
magit ; a git porcelain for Emacs
;;make ; run make tasks from Emacs
;;pass ; password manager for nerds
;;pdf ; pdf enhancements
;;prodigy ; FIXME managing external services & code builders
;;terraform ; infrastructure as code
;;tmux ; an API for interacting with tmux
;;tree-sitter ; syntax and parsing, sitting in a tree...
;;upload ; map local to remote projects via ssh/ftp
:os
(:if (featurep :system 'macos) macos) ; improve compatibility with macOS
;;tty ; improve the terminal Emacs experience
:lang
;;agda ; types of types of types of types...
;;beancount ; mind the GAAP
;;(cc +lsp) ; C > C++ == 1
;;clojure ; java with a lisp
;;common-lisp ; if you've seen one lisp, you've seen them all
;;coq ; proofs-as-programs
;;crystal ; ruby at the speed of c
;;csharp ; unity, .NET, and mono shenanigans
;;data ; config/data formats
;;(dart +flutter) ; paint ui and not much else
;;dhall
;;elixir ; erlang done right
;;elm ; care for a cup of TEA?
emacs-lisp ; drown in parentheses
;;erlang ; an elegant language for a more civilized age
;;ess ; emacs speaks statistics
;;factor
;;faust ; dsp, but you get to keep your soul
;;fortran ; in FORTRAN, GOD is REAL (unless declared INTEGER)
;;fsharp ; ML stands for Microsoft's Language
;;fstar ; (dependent) types and (monadic) effects and Z3
;;gdscript ; the language you waited for
;;(go +lsp) ; the hipster dialect
;;(graphql +lsp) ; Give queries a REST
;;(haskell +lsp) ; a language that's lazier than I am
;;hy ; readability of scheme w/ speed of python
;;idris ; a language you can depend on
;;json ; At least it ain't XML
;;(java +lsp) ; the poster child for carpal tunnel syndrome
;;javascript ; all(hope(abandon(ye(who(enter(here))))))
;;julia ; a better, faster MATLAB
;;kotlin ; a better, slicker Java(Script)
;;latex ; writing papers in Emacs has never been so fun
;;lean ; for folks with too much to prove
;;ledger ; be audit you can be
;;lua ; one-based indices? one-based indices
markdown ; writing docs for people to ignore
;;nim ; python + lisp at the speed of c
;;nix ; I hereby declare "nix geht mehr!"
;;ocaml ; an objective camel
org ; organize your plain life in plain text
;;php ; perl's insecure younger brother
;;plantuml ; diagrams for confusing people more
;;purescript ; javascript, but functional
;;python ; beautiful is better than ugly
;;qt ; the 'cutest' gui framework ever
;;racket ; a DSL for DSLs
;;raku ; the artist formerly known as perl6
;;rest ; Emacs as a REST client
;;rst ; ReST in peace
;;(ruby +rails) ; 1.step {|i| p "Ruby is #{i.even? ? 'love' : 'life'}"}
;;(rust +lsp) ; Fe2O3.unwrap().unwrap().unwrap().unwrap()
;;scala ; java, but good
;;(scheme +guile) ; a fully conniving family of lisps
sh ; she sells {ba,z,fi}sh shells on the C xor
;;sml
;;solidity ; do you need a blockchain? No.
;;swift ; who asked for emoji variables?
;;terra ; Earth and Moon in alignment for performance.
;;web ; the tubes
;;yaml ; JSON, but readable
;;zig ; C, but simpler
:email
;;(mu4e +org +gmail)
;;notmuch
;;(wanderlust +gmail)
:app
;;calendar
;;emms
;;everywhere ; *leave* Emacs!? You must be joking
;;irc ; how neckbeards socialize
;;(rss +org) ; emacs as an RSS reader
:config
;;literate
(default +bindings +smartparens))

3
users/alice/home/git.nix
View File

@ -4,7 +4,7 @@
programs.git = {
enable = true;
signing = {
key = "F63832C3080D6E1AC77EECF80B4245FFE305BC82";
key = "5EFFB75F7C9B74EAA5C4637547940175096C1330";
signByDefault = true;
};
userEmail = "aliceghuston@gmail.com";
@ -26,6 +26,7 @@
push.autosetupremote = true;
pull.rebase = true;
color.ui = true;
init.defaultBranch = "main";
};
};
}

5
users/alice/home/hypr/hyprland.conf
View File

@ -144,7 +144,7 @@ bind = $mainMod, W, killactive,
bind = $mainMod, E, exec, $fileManager
bind = $mainMod, V, togglefloating,
bind = $mainMod, SPACE, exec, $menu
bind = $mainMod, P, pseudo, # dwindle
bind = $mainMod, O, pseudo, # dwindle
bind = $mainMod, J, togglesplit, # dwindle
# Move focus with mainMod + arrow keys
@ -198,3 +198,6 @@ bind = $mainMod, K, exec, pkill zoom; zoom
# reload hyprland config
bind = $mainMod, escape, exec, hyprctl reload
# open bwm
bind = $mainMod, P, exec, bwm

6
users/alice/home/zsh.nix
View File

@ -12,7 +12,11 @@
"docker"
"docker-compose"
"colored-man-pages"
"helm"
"kubectl"
"minikube"
"rust"
"skaffold"
"systemd"
"tmux"
"ufw"
@ -48,7 +52,7 @@
shellAliases = {
"sgc" = "sudo git -C /root/dotfiles";
## SSH
"ssh-init" = "ssh-add -t 24h ~/.ssh/id_ed25519_janus ~/.ssh/id_ed25519_dennis ~/.ssh/id_ed25519_hetzner ~/.ssh/id_rsa_tails ~/.ssh/id_ed25519_tails ~/.ssh/id_ed25519_gl ~/.ssh/id_ed25519_jeeves2 ~/.ssh/id_ed25519_jeeves ~/.ssh/id_rsa_palatine ~/.ssh/id_ed25519_palatine";
"ssh-init" = "ssh-add -t 2h ~/.ssh/id_rsa_tails ~/.ssh/id_ed25519_tails ~/.ssh/id_rsa_palatine ~/.ssh/id_ed25519_palatine ~/.ssh/id_ed25519_rota ~/.ssh/id_ed25519_gh";
## Backups
"borgmatic-backup-quick" = "sudo borgmatic --log-file-verbosity 2 -v1 --progress --log-file=/var/log/borgmatic.log -c /etc/borgmatic/config_checkless.yaml";

7
users/alice/non-server.nix
View File

@ -1,4 +1,4 @@
{ pkgs, ... }:
{ pkgs, outputs, ... }:
{
programs.emacs = {
@ -55,5 +55,10 @@
treefmt
nextcloud-client
bitwarden-cli
bitwarden-menu
wtype
zathura
];
}

81
users/alice/secrets.yaml
View File

@ -1,5 +1,6 @@
alice:
user-password: ENC[AES256_GCM,data:ew2R77T02LYby9fclYYqYXQBgDtKf7miFYMeS70/hj30fFw580qRCPeVicILB5UTnZCIoPf24ZCr2DGJ3UBrk8cvYQ285i0FWD/OfLAqZ/Tosi36MJKv6Nob/Z/vAltHIVqBJA5UiAU58UohbBos1lfZMWGFsg==,iv:mpIf9n4MgbbjD2jFkVGAL/lGNh5VW81FIzvmb1x/H1I=,tag:MVZRrHxxyDwu2mbRQMz9VA==,type:str]
user-password: ENC[AES256_GCM,data:+cM85X1vapqfQdJ+Dv6YvT5qHlvsmaXPRbvKRHtCkPT3wdw4f7tLHLFmvWnak7CRezI00PxVEtCZL5mqLyN2HaU4OqIk/9fgqczIzemwBlMGJt+ndwG4oqBqE0ymtzmy8MA59wonRqoxzYKQfAGQsprdCIovrg==,iv:BtSDBgvQeZdTY1KUClnt9V8qHcS/gouaaQw342tk4Sg=,tag:T7tzyKuCo83s78ca7f4KDQ==,type:str]
#ENC[AES256_GCM,data:6+dLs8opC27IrHJCPfL2c7KiLbaQTqI6oRKpIZLR4+P9gTupziAhCm/G7RY01gVPSgxdBpJ6L4xVbcMEg9hDKBMI4naF9arNrFsV6WXNc+LA5BYyT9L9G1nDea8fPFYDSF2537eLgLqWNE1WSsUOrz/WOxbE6g==,iv:AxsdKmGz6qEYlWY08q/2hqsm0EXaqodwD/7OJg4FAIY=,tag:EgfL3I1VBXtFgIdTOW5eBA==,type:comment]
#ENC[AES256_GCM,data:vUMcowHjlQA0RWflfaQhZKkalO39epYi6N9PPW8=,iv:6DFqHlQR+mi+ZkfMUhlhwvpMwnxXNfQV6+sYgPzSj4I=,tag:Pz1zJayscGckPO8Q2ZVb4g==,type:comment]
gha-hydra-token: ENC[AES256_GCM,data:rYDYIn7MAF4pSZQj+Nln2z9J+AxvuSzumthL86njpKETutArrw+9iX2hHJt5t513NHH03tMtZOFqM60/pzWg4YXVQOSpQmq8QOelD7qCdfCr4Z2QSeOHqXqwKy21iWtoVbxOXWunVxLzkWMJrpHkpVsiBA75Nv66ftKEjN80QNGik6xQE1iPsCB2JHeqYNIr8gtPkCr7H5Pt4yBBO/1rsyONrbNlwmzVX78eqXxmc43XOiNVjEsk8ekJxJ9mn5S6JcPNehBcnZA0kWAIxvtDIPYKnz4YBIXoilBbjgytXL8nw3PkEX27x5yeg9KfxPxO/4CGoi5wfKsYuEynBdWbHtj6a3H0AvA9KIZzktTRNJFU3ZW8UveSCXY4YHl0NREJ8kbIUgkkE7PWeyzGenGFTPMahTA0rKSa+tWPQ1c00lvo9VS3/7pfeJfZEKS7R2xBaEDZrfffHyB5PLTQOGpWl5y40wTn4HdBlyQwoREvobOaKVZEyWtVvJcUeHDPepgEHGVDzwyTelX8Btb6ZNA0Fur8xvpkLZcLmMhbvCdkjq84ztJ36nQQ5JZthecyqcZTWPyfWtPeoUPVIaxn31oLjwsriDwdQmID6twTjC9PT8nBZD/u0JebOCdeYf8fm9q49SaN2w/ZMdSRWucHUsRXeN9O149vYoOqR28H+8v/tYJdqofJpHKrIBs=,iv:GcEV6f4rqkrpCafeaLNMqqU/vBNE0xHbqokL2gMXHYw=,tag:sCHvUgq1w8npedjIAninrA==,type:str]
wakatime-api-key: ENC[AES256_GCM,data:ITu5pRySYGCJ6q9IQ35NfpGX2FyIJRYHGDeBiq0btzIrqitxcFox1Vc=,iv:HsXpyFHV7dG5qORk26BtD+kFo4Jdq2c4fozMpoqyDfU=,tag:uaQoXvvYqNfmRXVDVH8AoQ==,type:str]
@ -9,73 +10,47 @@ sops:
azure_kv: []
hc_vault: []
age:
- recipient: age1z8q02wdp0a2ep5uuffgfeqlfam4ztl95frhw5qhnn6knn0rrmcnqk5evej
- recipient: age1qw5k8h72k3fjg5gmlxx8q8gwlc2k6n6u08d8hdzpm2pk9r0fnfxsmw33nh
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0Y2tHVVRBZXdjSVpQSTZa
Sm9aMitGSXYwakRKRGgyeHM1bE9RTnRnblc4ClhNV3NoUTlmZ0NNYXF1a2dqbi9E
NjFtbXFUS3VYSW5waFR2L2QraW0yd2cKLS0tIEsxNTArMlVKcGN5K3V2OVpsWHhu
MTNjb2UrWlQ4bHFOT0hkYTd5eUNXOE0KLA9Lp7jnjJkEksOPTOmJ4BK4aF1vKwIp
Smz5rz0aIlK8PyYxWgye1Pe3/pHSgmQBN//r59h+G0Y+MuNUhQoCWg==
-----END AGE ENCRYPTED FILE-----
- recipient: age128ehc0ssgwnuv4r8ayfyu7r80e82xrkmv63g7h9y9q4mhk4w9dyqfymc2w
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSdEpLTGN2Y1d0RnpxL2wz
VWZjcHo5Q1JJbVlPbU9NOW9pVjZMWEVUajBJCndnbVp3Uk9TVm9oUlhhdjJhNkUz
QVpUYmpUZnYxYStYbXRVZWFVTExwS0EKLS0tIGNYK0lHb0dndXBnczJiMW9pdTV5
SDBncjNVaWIxOExPemdqTGF6OXZqeEEKZz3TuV/Hh6DzwU2Ln3HGv7q88XRTwi+D
Yji5RmjUm/1xUqfHwnQBrHhFuDlg/N3daYBjjihgM6znYrgpYV0m3Q==
-----END AGE ENCRYPTED FILE-----
- recipient: age1lffr5f5nz0nrenv3ekgy27e8sztsx4gfp3hfymkz77mqaa5a4gts0ncrrh
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwMmpqUk1BV1pKN3JNODBi
UmNYTkV5STNWMWxsTVZpcXRSWGhpbC8wU2pnCm10S25iNm1RYlZYV0pTQmJHSnhG
NHVUSXB1eUNBalAwU055ZUp4ZDkvcFUKLS0tIHViL3liRFdjS1U0VElZUlAvTkdK
SFRvTC90L3QvL0YyRXp3QmFxRkt6aHMKs1ZSLYmRjoJiDJMbzA9nY7YM1jCfwlH8
qK1/cedXWGRdoreKSoHwQhU/6NRhU+gszUos+ol2f5xRqCaHXf5mnQ==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4MktuVFpreWpSQ3htUjRa
akM2WTZQL0F5QWNhVkUxVVA1ampWcktyTkdBCjdoZEo5Y3ZmT0lseENZQ2doL3lW
UlFzcDRMSUxsVWF2OUpPdk5keG5oM0UKLS0tIGZOODA4RE9oZ2dnQ1JOK3NrckFY
UFRHcXVwNE5Qd21QU2loWWsyREU2YUUK+W9PpahNvMMvm5ODP/2zSq9OLlUSaZwL
DF3VrtlWLvT0q+YPCBt1rIGrVRx9T8BgMfjqw1cU5H42JTMqgnFf4Q==
-----END AGE ENCRYPTED FILE-----
- recipient: age1jd2dcpykagz20kpk2kkchte3augqncwfn6nywursx0dkfyze6feqdzxkq2
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0cC9sUzVqekRsYW5pd2hk
bitqZHZJM3pUbkYzenlvdkdFKytMN2kyUkZjCndmZ01jRnJTeGxYUnI2MlA3c2ZZ
M3RyQ1FXM3djQ09raU1haXBtSkxhMkEKLS0tIHlnQUpzeUE1S0pMYU5tSmV2TnZm
MmVwc0dWbzhTalFpcVlaMEM5Wno2S1EKz5lsEy/OvJoZxQdUzRoqkoIyvW7/tnrn
TDQlbkYGoVKd27d8CkohGIXtdmVBtf+Q4W/eGQ0y0aNPzOZ3EY2xRg==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1RWtXK2xkczZoRGhuOHFv
RzhveW5mZVNGUjhkb3M2YkYvc0FzemZJa0VFCjVvRnJBZEQ5dTNOeGhUY3RwQmVF
UHk2SGpJbUk3SC92TFpMcGVEUFdNdlEKLS0tIDdKTWpSQllDWXJmQTRTNkJwNUN6
TDVKMWd2T3EyR2FRbWdkN0IxZU1aUDgKAr/wWRwHL4ozrjwe2WxSsDWMcjoRvOxb
Dak2g6hcDa5CdHFXNen7BP7v+AX15JMWhAFkpnbJD6ZzWdsWG01GOA==
-----END AGE ENCRYPTED FILE-----
- recipient: age1t29a6z6cfy8m3cnc8uva0ey833vhcppue8psyumts7mtyf0zufcqvfshuc
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBoWnkzSWd0aTkxSTFBd0hH
YVRXMWhnWlRINFpNV2hlaFlsMTdSbGhOM1VzCjh0QzM3T0ovY0o2RUZCUHJ4b0VM
VTNmbllyQzdJNWNwOHpidGNtaWJRbnMKLS0tIEp3VVBHZE4wR1NZVWljNTVPQzJv
cGtqTDlOYzhpTEFuZlpvL0c2QmpWWGcKbTQUBfg4yEtTPx8srahWcJyZ3C2w9qZV
Jd9406qhXOXDKS/zlNXofYC00TWRFBR85gbZIqBq/VQd0lD93Xue6A==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSByUk5JUEN5cGFvQXlSbWlM
UW55c0ZXWGUrYzlkOG5vTExDbWxkcVp0emdrCnV4VW56YTFDa21YYkdsblRhODNH
NU5TS2Q5K0lQc1dIT2U1RUdBVjM0WDQKLS0tIFRSUld1NnRvSzRQUGdoRUdyRDhh
ZERFTlFyNjhOb3VCaW43ZXFHT1Vxc0UK7YV+BU7dCEOZxpqkQA394eDsnthvorj6
7bqrCdeU+6DU7DmFs6++BrNO2tx8vvOa1im+ZGrM/gZAJdv/7R2d6Q==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-07-28T03:34:45Z"
mac: ENC[AES256_GCM,data:Un+CZxIrsY/z529dbbmnbumgg8NYQHACYRCh9y6y86tfO4GN6wN9w8xpXYCaOtndMPiTxo9KmHlu0jsESbdJJhW2+z/lbxT+1wfcQRggu79xu6UYYZcxNWcYhDzPA87tc05dZfFTDjQHYS8uVHCjU0DrG7FhgSURqPmQjuUeKdA=,iv:W3DRJAyGR+IAG4uTqj/OjQhXYCa53BmK9F2+zp/MPEw=,tag:exhtk4PZBO8m+RdFTIIwQQ==,type:str]
lastmodified: "2024-08-20T23:15:03Z"
mac: ENC[AES256_GCM,data:VnLd4N2l7JTKA7f4eh9EKilW2f8mmEmLc06WbHASOn6N+MIGPHwyLjLbPVECuXiVl95cs0+uWsFOPEbLiS6XTB/gZE1OZMYqk0x7FVkQNxMdWwcVAQnncC6i/cdBTAx+GW1iF6Cf2eLY1wNNiASk/Bz8u3r4UJ4QFXuMovPsfxw=,iv:Cr1bAYrwlK+ClRFDsiUdEIqXDU7onubthDEQDlTM3S4=,tag:EyfcNB0xKrFRjbp517akpg==,type:str]
pgp:
- created_at: "2024-05-26T22:56:17Z"
- created_at: "2024-09-05T06:10:22Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA84hNUGIgI/nAQ/8CHUIO/T7MGRtbkJ/GLRd7wm99g2gQmurGTQd+eQY4YEa
mGdR/UKfvXTHVwrHRlmOb2GqtuNBBX5R2I4JTA9Yg/sWk8KNTIW4lJRHahQaxZte
bTWwsMleXriJhshf61NjX7kHpi79vFiRqr/M8jQpC+bgxpk9yXV7CdCHtU1RUCdf
xG3Nb509/E7LhBqwkfmPqmDQGaoRuMtZNwjgq8VoCtcEf6vnLuiSSxi9ASoqdmgL
CiVNcDNGyWDZvYkS6Pd07TnE3ldNnfjJeZoWtCRoBafKaMYJ6CCeKBq+whVCwPm4
K2phOZ6i1v2XBTjmC5jpCyERNsFr4EKoNrQRQwt0jXpQ5T1kUG5O0ek/KYondEzY
cso3MqPlQgOJTLyeYLg8xd6ECGDMh4E7UhtEEcIxByT7E5othIJT11Eao2LukNYq
MWAaYcl2gVc4S8ervN5BdU1/+wEMRu57py8DwWw9Cw8VqUJFbuxWSx86bTaRIaqs
UV0dxmH9bJ00/g0f9wWau1wgzshvzj6nHGOQArjTxLJvgulMmBhlWt4MrHEeYuRI
Gj7N9QV7Nu1e6vn+M2/2qVXAbyyrQDPG7PhHS1A4wJEEs3zjmMTnHK0zo5yBw+Qo
t8cUEN4L95p4A2tKHtJZCHS42D05aP1koHWcXxf/6b+ZFtgL8pqBelWo/ddEImTS
XgEK6oUHm3FzRGMfDeyn3sowy2IpBriYZjKASEo/Z7lt3A6esSESxrVV0x7Oc/Mr
qNhLsDbcL2yQKHhfQw7tIvTgVO1HNISQ2cKnXqAJsSZnFwwA2iRjgfulsyFV3uc=
=luT0
hF4DQWNzDMjrP2ISAQdAsKZuBCB8RlxBmAlEjm9E+SClVYtlKlGEwxpp/rXZJhMw
yUKONA7CFw9RIfhyOCEQIMUK1v4zOofJ+KwDDOCySg7inWQwt9MRmNzT/eSvBpzk
1GgBCQIQzP1qxZbFdqNpVLuW6f6MplUSIRrtIXk55oExkldT2QEaltetRbTf7mwc
KO4l5rUhQBYrGrFWs+HSNJKU3039lYfoTmDyvBYsirYyG7WpPKSlVHjW2Tg93itY
qeyGv1rFUVAanQ==
=PM4s
-----END PGP MESSAGE-----
fp: F63832C3080D6E1AC77EECF80B4245FFE305BC82
fp: 5EFFB75F7C9B74EAA5C4637547940175096C1330
unencrypted_suffix: _unencrypted
version: 3.9.0

1
users/default.nix
View File

@ -25,5 +25,6 @@
"dialout"
"plugdev"
"uaccess"
"ydotool"
];
}

19
users/richie/default.nix
View File

@ -1,19 +0,0 @@
{
pkgs,
lib,
config,
name,
...
}:
import ../default.nix {
inherit
pkgs
lib
config
name
;
publicKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMtRuAqeERMet9sFh1NEkG+pHLq/JRAAGDtv29flXF59 Richie@tmmworkshop.com Desktop" # cspell:disable-line
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHJSlv8ujrMpr8qjpX2V+UBXSP5FGhM1l+/5aGnfb2MV Richie@tmmworkshop.com Laptop" # cspell:disable-line
];
}

12
users/richie/global/desktop.nix
View File

@ -1,12 +0,0 @@
{
services = {
desktopManager.plasma6.enable = true;
xserver = {
enable = true;
xkb = {
layout = "us";
variant = "";
};
};
};
}

17
users/richie/global/docker_templates/file_server/sites/000-default.conf
View File

@ -1,17 +0,0 @@
<VirtualHost *:80>
ServerAdmin admin@domain.com
DocumentRoot /data/
<Directory /data/>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit, alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

1
users/richie/global/ssh.nix
View File

@ -1 +0,0 @@
{ services.openssh.settings.AllowTcpForwarding = "yes"; }

18
users/richie/global/syncthing_base.nix
View File

@ -1,18 +0,0 @@
{
services.syncthing = {
enable = true;
user = "richie";
overrideDevices = true;
overrideFolders = true;
dataDir = "/home/richie/Syncthing";
configDir = "/home/richie/.config/syncthing";
settings = {
devices = {
phone.id = "LTGPLAE-M4ZDJTM-TZ3DJGY-SLLAVWF-CQDVEVS-RGCS75T-GAPZYK3-KUM6LA5"; # cspell:disable-line
jeeves.id = "7YQ4UEW-OPQEBH4-6YKJH4B-ZCE3SAX-5EIK5JL-WJDIWUA-WA2N3D5-MNK6GAV"; # cspell:disable-line
rhapsody-in-green.id = "INKUNKN-KILXGL5-2TQ5JTH-ORJOLOM-WYD2PYO-YRDLQIX-3AKZFWT-ZN7OJAE"; # cspell:disable-line
bob.id = "YP6UYKF-KFZ3FG3-5XM3XM3-5Q24AZS-LZK67PN-LAERKU2-K4WMYBH-N57ZBA5"; # cspell:disable-line
};
};
};
}

6
users/richie/global/zerotier.nix
View File

@ -1,6 +0,0 @@
{
services.zerotierone = {
enable = true;
joinNetworks = [ "e4da7455b2ae64ca" ];
};
}

17
users/richie/home.nix
View File

@ -1,17 +0,0 @@
{ lib, machineConfig, ... }:
{
imports = [
./home/programs.nix
./home/sshconfig.nix
./home/cli
] ++ lib.optionals (!machineConfig.server) [ ./home/gui ];
nixpkgs.config.allowUnfree = true;
home = {
username = "richie";
homeDirectory = "/home/richie";
};
home.stateVersion = "23.11";
}

9
users/richie/home/cli/default.nix
View File

@ -1,9 +0,0 @@
{
imports = [
./git.nix
./zsh.nix
./direnv.nix
];
programs.starship.enable = true;
}

8
users/richie/home/cli/direnv.nix
View File

@ -1,8 +0,0 @@
{
programs.direnv = {
enable = true;
enableZshIntegration = true;
nix-direnv.enable = true;
};
}

Some files were not shown because too many files have changed in this diff Show More