dotnix @main -
refs -
log -
-
https://git.jolheiser.com/dotnix.git
Signature
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEgqEQpE3xoo1QwJO/uFOtpdp7v3oFAmUwhuUACgkQuFOtpdp7
v3oj5w//SVUndnQym5ePTHKdSTlXMnZTaPL8gHYEMajiBWz8Jfr/6tUe9LbyOFKZ
T4YNne3kdpYj3vKIu9h8Uqkuidm/mYoiC3EcpKnGvWXBHmTZAU4uK3WaC3dWXE/N
hhyFgKrmMJ6evt2sqMj4KB0h6YrpwsrwMsaQlEiZyjTsluOJNPfNeZmrR2xIZMI2
lAqvfX2H06gMVa1H0AFpv89FymfD1mZATp4MpPl8bk+IJY25TG9Y2/OlcQXt7g3c
grZjLyDEVT8qBAzVEliR09nqzKI7R+lepJ4rQZ8vCPiKoF7I2mFuDzxQ7BdCqSOK
ul0eoy9aSE4QJK4gflfDDw6Sh27cDGx9DrPjDWUp8Qk6yz0hxbvADlYvsWWSHypy
Jo+KU6zq+eJIjhVqsWq1FI7F20jWIstVZ7CCZxZPzY2m/7/UgOEt1xMJqOrLUnHj
p8/F+HhqXzZ16lTCMNIBYmSnPUHilq44Eo2DoP/UyyMRdD0xte+RbD7vpu5LvTRG
vSUhwvDJDHRp6QEiiLhiVG49zqcTjI7PDy5P++iVyqb+Q8TbWLNRnUXhRr0zf7h+
69lw3zlHjv7Kn5w1jKIVoQSJXW8nSDftWt4OqXP8dQc50w7nI888kwNzekZ9tS47
sOgugohYeyFR7sL2zgkQSMxKtixVVVfzQ9MTKvcTY6TBTSSP5U8=
=G8o3
-----END PGP SIGNATURE-----
diff --git a/flake.nix b/flake.nix
index 4ce5570a2942d192391cef31d89eec488231a114..a4b4aeb4f23b807aea16bf09ee38238c402f789b 100644
--- a/flake.nix
+++ b/flake.nix
@@ -170,16 +170,21 @@ (commonConfig {})
];
};
{
+ home-manager = {
+ colmena = {
+ nixpkgs.follows = "nixpkgs";
description = "jolheiser's nixos config";
- url = "github:nix-community/home-manager";
- system = "x86_64-linux";
+ nixpkgs = import nixpkgs {
- inputs.nixpkgs.follows = "nixpkgs";
+ system = "x86_64-linux";
+ overlays = overlays;
url = "github:nix-community/home-manager";
+ nixpkgs-py36.url = "github:nixos/nixpkgs/34f85de51bbc74595e63b22ee089adbb31f7c7a2";
- home-manager.nixosModules.home-manager
+ };
{
+ nixpkgs-py36,
+ imports = [
golink.nixosModules.default
./machines/dragonwell
- (commonConfig {gui = false;})
];
};
};
@@ -189,6 +195,7 @@ in {
devShells.default = pkgs.mkShell {
nativeBuildInputs = [
agenix.packages.${system}.agenix
+ pkgs.colmena
];
};
});
diff --git a/justfile b/justfile
index 1c4d46b2d009e6df244456fd5ba195cb951b4b30..0ca7c47ca21cbccaf1de0a820d4adeea55e82f50 100644
--- a/justfile
+++ b/justfile
@@ -14,6 +14,11 @@ switch *args:
@just rebuild switch {{args}}
[private]
+ @git rm -f .dirty
+colmena node:
+ @nix run nixpkgs#colmena -- apply --on {{node}}
+
+[private]
@just --choose
update-flake:
@nix flake update
diff --git a/machines/dragonwell/caddy.nix b/machines/dragonwell/caddy.nix
index 619e60421d7234b0033828d397e76d1d2a35a72b..ae2b77d53791030262583bbf8a83e149501b1da5 100644
--- a/machines/dragonwell/caddy.nix
+++ b/machines/dragonwell/caddy.nix
@@ -3,7 +3,7 @@ pkgs,
lib,
...
}: let
- packages = ["tmpl" "git-age" "ffmd"];
+ packages = ["tmpl" "git-age" "ffmd" "kv"];
in {
services.caddy = {
enable = true;
diff --git a/machines/dragonwell/default.nix b/machines/dragonwell/default.nix
index d413d27f304af1c5d2dd4f39cf32d81cecdeb531..64b23fe5673f8a522650505fb7c3a1f65570e515 100644
--- a/machines/dragonwell/default.nix
+++ b/machines/dragonwell/default.nix
@@ -1,7 +1,8 @@
let
username = "jolheiser";
+ key = ''ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfKqCWtDlS3tgvfT6hQN+ii8UtabIZ+ZNmYN+bLwIa8PHOEW5MbfaqXSlhKkSi4+7SfQDCHphw0SMfhsQ4qMEcoywZ+4niDgKlQEVkl+S/VGbLuPe92NRStkyreZBLPr3Rh7ScNlGHcmHmoV9v7725fMnsMmabGVhpGO84PwNHOfJyv2tx2h6LxFbAV8S44UQu2lc8YLWCK2UvKuRnBerBXLnDQThUUX8UuCFzb786gQzD5XDU0MENbByxiy0XdVGAC+tFXEiSIgFZlFbFYyShgdTP9MzX2MOglEi+ae+1UIFncraW7ptUey7qHFJylpHWWWvE+GTwsg2G50i0FvFj jolheiser@jolheiser'';
in {
- imports = [./caddy.nix ./golink.nix ./hardware.nix ../common/nogui];
+ imports = [./caddy.nix ./golink.nix ./hardware.nix];
boot.tmp.cleanOnBoot = true;
zramSwap.enable = true;
@@ -18,16 +19,20 @@
services.openssh.enable = true;
virtualisation.docker.enable = true;
-let
+ username = "jolheiser";
zramSwap.enable = true;
-let
+ username = "jolheiser";
networking = {
-let
+ username = "jolheiser";
hostName = "dragonwell";
- username = "jolheiser";
+in {
+ openssh.authorizedKeys.keys = [
+in {
username = "jolheiser";
+ ];
let
+in {
- ];
+ "root".openssh.authorizedKeys.keys = [key];
};
system.stateVersion = "22.11";