diff --git a/apps/ssh.nix b/apps/ssh.nix index 4aa3766cae9b196c7d98faff57fedbde900b27a4..d518b98519fa221ad608056dcbf8e10040dcdad2 100644 --- a/apps/ssh.nix +++ b/apps/ssh.nix @@ -1,8 +1,6 @@ { programs.ssh = { enable = true; - includes = [ - "/run/agenix/ssh-config" - ]; + extraConfig = builtins.readFile ./ssh/config; }; } diff --git a/apps/ssh/config b/apps/ssh/config new file mode 100644 index 0000000000000000000000000000000000000000..3335133799510523867890cd2002767d79368602 --- /dev/null +++ b/apps/ssh/config @@ -0,0 +1,41 @@ +Host jolheiser + HostName jolheiser.com + User jolheiser + IdentityFile ~/.ssh/jolheiser + IdentitiesOnly yes + +Host jojodev + HostName jojodev.com + User jolheiser + IdentityFile ~/.ssh/jojodev + IdentitiesOnly yes + +Host git.jojodev.com + HostName git.jojodev.com + User git + IdentityFile ~/.ssh/github + IdentitiesOnly yes + +Host github.com + HostName github.com + User git + IdentityFile ~/.ssh/github + IdentitiesOnly yes + +Host gitea.com + HostName gitea.com + User git + IdentityFile ~/.ssh/github + IdentitiesOnly yes + +Host codeberg.org + HostName codeberg.org + User git + IdentityFile ~/.ssh/github + IdentitiesOnly yes + +Host ssh.dev.azure.com + HostName ssh.dev.azure.com + User git + IdentityFile ~/.ssh/ndlegis + IdentitiesOnly yes \ No newline at end of file diff --git a/flake.lock b/flake.lock index f072a80aa1c20f827885c6896d9410cd24cc5a81..5c0bf52164a0958173b94e59af80cf21dc93c3d9 100644 --- a/flake.lock +++ b/flake.lock @@ -1,132 +1,5 @@ { "nodes": { - "agenix": { - "inputs": { - "darwin": "darwin", - "nixpkgs": [ - "ragenix", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1682101079, - "narHash": "sha256-MdAhtjrLKnk2uiqun1FWABbKpLH090oeqCSiWemtuck=", - "owner": "ryantm", - "repo": "agenix", - "rev": "2994d002dcff5353ca1ac48ec584c7f6589fe447", - "type": "github" - }, - "original": { - "owner": "ryantm", - "repo": "agenix", - "type": "github" - } - }, - "crane": { - "inputs": { - "flake-compat": "flake-compat", - "flake-utils": [ - "ragenix", - "flake-utils" - ], - "nixpkgs": [ - "ragenix", - "nixpkgs" - ], - "rust-overlay": [ - "ragenix", - "rust-overlay" - ] - }, - "locked": { - "lastModified": 1681680516, - "narHash": "sha256-EB8Adaeg4zgcYDJn9sR6UMjN/OHdIiMMK19+3LmmXQY=", - "owner": "ipetkov", - "repo": "crane", - "rev": "54b63c8eae4c50172cb50b612946ff1d2bc1c75c", - "type": "github" - }, - "original": { - "owner": "ipetkov", - "repo": "crane", - "type": "github" - } - }, - "darwin": { - "inputs": { - "nixpkgs": [ - "ragenix", - "agenix", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1673295039, - "narHash": "sha256-AsdYgE8/GPwcelGgrntlijMg4t3hLFJFCRF3tL5WVjA=", - "owner": "lnl7", - "repo": "nix-darwin", - "rev": "87b9d090ad39b25b2400029c64825fc2a8868943", - "type": "github" - }, - "original": { - "owner": "lnl7", - "ref": "master", - "repo": "nix-darwin", - "type": "github" - } - }, - "flake-compat": { - "flake": false, - "locked": { - "lastModified": 1673956053, - "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", - "type": "github" - }, - "original": { - "owner": "edolstra", - "repo": "flake-compat", - "type": "github" - } - }, - "flake-utils": { - "inputs": { - "systems": "systems" - }, - "locked": { - "lastModified": 1687709756, - "narHash": "sha256-Y5wKlQSkgEK2weWdOu4J3riRd+kV/VCgHsqLNTTWQ/0=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "dbabf0ca0c0c4bce6ea5eaf65af5cb694d2082c7", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "flake-utils_2": { - "inputs": { - "systems": "systems_2" - }, - "locked": { - "lastModified": 1681202837, - "narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "cfacdce06f30d2b68473a46042957675eebb3401", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, "home-manager": { "inputs": { "nixpkgs": [ @@ -212,94 +85,13 @@ "repo": "nur", "type": "github" } }, - "ragenix": { - "inputs": { - "agenix": "agenix", - "crane": "crane", - "flake-utils": "flake-utils_2", - "nixpkgs": [ - "nixpkgs" - ], - "rust-overlay": "rust-overlay" - }, - "locked": { - "lastModified": 1682237245, - "narHash": "sha256-xbBR7LNK+d5Yi/D6FXQGc1R6u2VV2nwr/Df5iaEbOEQ=", - "owner": "yaxitech", - "repo": "ragenix", - "rev": "281f68c3d477904f79ff1cd5807a8c226cd80a50", - "type": "github" - }, - "original": { - "owner": "yaxitech", - "repo": "ragenix", - "type": "github" - } - }, "root": { "inputs": { - "flake-utils": "flake-utils", "home-manager": "home-manager", "jolheiser-nur": "jolheiser-nur", "nixpkgs": "nixpkgs_2", { - "ragenix", - "ragenix": "ragenix" - } "nodes": { - "rust-overlay": { - "inputs": { - "flake-utils": [ - "ragenix", - "flake-utils" - ], - "nixpkgs": [ - "ragenix", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1682129965, - "narHash": "sha256-1KRPIorEL6pLpJR04FwAqqnt4Tzcm4MqD84yhlD+XSk=", - "owner": "oxalica", - "repo": "rust-overlay", - "rev": "2c417c0460b788328220120c698630947547ee83", - "type": "github" - }, - "original": { - "owner": "oxalica", - "repo": "rust-overlay", - "type": "github" - } - }, - "systems": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, - "systems_2": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", -{ "ragenix", } } diff --git a/flake.nix b/flake.nix index bebc642c47448a99a06625fa0b07fe452bb46513..9a7841c08ed9dc35942d1469c3116e8690da3661 100644 --- a/flake.nix +++ b/flake.nix @@ -5,9 +5,6 @@ inputs = { nixpkgs.url = "github:nixos/nixpkgs/nixpkgs-unstable"; home-manager.url = "github:nix-community/home-manager"; home-manager.inputs.nixpkgs.follows = "nixpkgs"; - ragenix.url = "github:yaxitech/ragenix"; - ragenix.inputs.nixpkgs.follows = "nixpkgs"; - flake-utils.url = "github:numtide/flake-utils"; nur.url = "github:nix-community/nur"; jolheiser-nur.url = "git+https://git.jojodev.com/jolheiser/nur"; @@ -19,7 +16,6 @@ outputs = { self, nixpkgs, home-manager, - ragenix, jolheiser-nur, ... } @ inputs: let @@ -47,69 +43,47 @@ extraSpecialArgs = { flakePath = "/home/${username}/.config/nixpkgs"; }; }; - age.secrets = { - ssh-config = { - file = ./secrets/shared/ssh-config.age; - owner = "jolheiser"; - }; - }; }; }); - in - { - nixosConfigurations = { - "chai" = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - modules = [ - nixpkgs.url = "github:nixos/nixpkgs/nixpkgs-unstable"; home-manager.inputs.nixpkgs.follows = "nixpkgs"; - nixpkgs.url = "github:nixos/nixpkgs/nixpkgs-unstable"; ragenix.url = "github:yaxitech/ragenix"; - nixpkgs.url = "github:nixos/nixpkgs/nixpkgs-unstable"; + home-manager.inputs.nixpkgs.follows = "nixpkgs"; ragenix.inputs.nixpkgs.follows = "nixpkgs"; - home-manager.url = "github:nix-community/home-manager"; + ragenix.url = "github:yaxitech/ragenix"; - home-manager.url = "github:nix-community/home-manager"; + ragenix.url = "github:yaxitech/ragenix"; { - home-manager.url = "github:nix-community/home-manager"; + ragenix.url = "github:yaxitech/ragenix"; description = "jolheiser's nixos config"; - home-manager.url = "github:nix-community/home-manager"; + ragenix.url = "github:yaxitech/ragenix"; - home-manager.url = "github:nix-community/home-manager"; + ragenix.url = "github:yaxitech/ragenix"; inputs = { - home-manager.url = "github:nix-community/home-manager"; + ragenix.url = "github:yaxitech/ragenix"; nixpkgs.url = "github:nixos/nixpkgs/nixpkgs-unstable"; - }; - home-manager.url = "github:nix-community/home-manager"; + ragenix.url = "github:yaxitech/ragenix"; home-manager.url = "github:nix-community/home-manager"; - system = "x86_64-linux"; - modules = [ - nixpkgs.url = "github:nixos/nixpkgs/nixpkgs-unstable"; + ragenix.url = "github:yaxitech/ragenix"; home-manager.inputs.nixpkgs.follows = "nixpkgs"; - nixpkgs.url = "github:nixos/nixpkgs/nixpkgs-unstable"; + ragenix.url = "github:yaxitech/ragenix"; ragenix.url = "github:yaxitech/ragenix"; - nixpkgs.url = "github:nixos/nixpkgs/nixpkgs-unstable"; + ragenix.url = "github:yaxitech/ragenix"; ragenix.inputs.nixpkgs.follows = "nixpkgs"; - home-manager.url = "github:nix-community/home-manager"; home-manager.inputs.nixpkgs.follows = "nixpkgs"; home-manager.url = "github:nix-community/home-manager"; -{ - ]; - }; }; - } - home-manager.url = "github:nix-community/home-manager"; ragenix.inputs.nixpkgs.follows = "nixpkgs"; - home-manager.inputs.nixpkgs.follows = "nixpkgs"; - home-manager.inputs.nixpkgs.follows = "nixpkgs"; + ragenix.url = "github:yaxitech/ragenix"; { - home-manager.inputs.nixpkgs.follows = "nixpkgs"; + ragenix.url = "github:yaxitech/ragenix"; description = "jolheiser's nixos config"; - home-manager.inputs.nixpkgs.follows = "nixpkgs"; + ragenix.url = "github:yaxitech/ragenix"; - home-manager.inputs.nixpkgs.follows = "nixpkgs"; + ragenix.url = "github:yaxitech/ragenix"; inputs = { - ragenix.packages.${system}.ragenix + ./machines/matcha + (commonConfig {username = "jolheiser";}) ]; }; - }); + }; + }; } diff --git a/machines/chai/default.nix b/machines/chai/default.nix index 0864d6458ec23f57798c8190919eef17e94c16ce..0a3f5dad12923c5c1aeb5b1237d15d518ee9b66a 100644 --- a/machines/chai/default.nix +++ b/machines/chai/default.nix @@ -44,12 +44,10 @@ shell = pkgs.nushell; }; environment.systemPackages = with pkgs; [ - gp-saml-gui - openconnect + globalprotect-openconnect jetbrains.pycharm-professional jetbrains.idea-ultimate jetbrains.datagrip - subversion teams-for-linux xorg.xauth diff --git a/secrets/secrets.nix b/secrets/secrets.nix deleted file mode 100644 index b950f3e65125ad4709786c6def2c6df48958db9c..0000000000000000000000000000000000000000 --- a/secrets/secrets.nix +++ /dev/null @@ -1,7 +0,0 @@ -let - jolheiser = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKrPUqk9v7FE7OgMDaOMdlnItiXSDkmS+eU94RzQFiMS nix"]; - matcha = []; - chai = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA7PS9SJ+OVrUku9dPUQZigioy+r3VlFHVntsa/F7AdM root@chai"]; -in { - "shared/ssh-config.age".publicKeys = jolheiser ++ matcha ++ chai; -} diff --git a/secrets/shared/ssh-config.age b/secrets/shared/ssh-config.age deleted file mode 100644 index b2a8fa6d5227090b508eb30663b2c936ffdaff92..0000000000000000000000000000000000000000 --- a/secrets/shared/ssh-config.age +++ /dev/null @@ -1,29 +0,0 @@ ------BEGIN AGE ENCRYPTED FILE----- -YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IEU4ajYvZyAxYys2 -eHYraFR1Y2lGVlBZcklSN1lMYzF3b2xFRXdSaTgyQjFET3BXTFdvClR6cGVDQ1do -ckFObWFCRVJXSllJaFZDcU5VYWg2b1QxanFrK2l1YmhNNzgKLT4gc3NoLWVkMjU1 -MTkgam8xTVBBIFRaUDd5alpxcDVwcVdTb1hOS3hxM2JSb2ppM3dVRGpPK0FUcGx0 -ZU9LbkUKS2ZSaXpueHRBN2JVZWdJNnZ3VlpsWEhEVWFFZ0ZFTi80Q1h6YVB5Rkp6 -OAotPiBBcjBcZWgmIS1ncmVhc2Ugd0k9YXRFIFxEVDNmQ1J5IGw9KkQ2IFZvK2Be -bHsyCms5d1R1Tm0rT1pRdVBXZmhCaktKQXJFQTl3Q01US296bm53Tm45Z0UvS28x -OGNZVHJQMm5XRy84Wm9HRHViWlEKRXNtNFc0Ri9EMHpzakFrTzUvRWIwcEVlM09E -Z1VkNW81a0VhdmZEYk8vOHJRSG1OUTVET0h3Ci0tLSB6RnpoZmw3cUMyK0tSQkV4 -QnFCaXhOdEszSVRFdGJCV0hYS0hENytLT1NBCpap2Ueg9XZJh1ile34NxIu+7tAD -ACP2mrbLJk8SrJ+QJVtcfeHGTad5CwzoT/9SiZufDhSNLTCrCu8TT4ngCHuMOF1x -qVdmBrSacQ8VgVqovkFP9Sj5DZZsXj1XxJfQG5IDRwSK9d6+h4opHCsSHAJ19syg -zu/l7385EGc7+xlSt1Ifdc2HPV8Yk1ozGDTgVmsnvHSgXXkKgyGbjlHLvkrnqJJS -GMXl24N/X075L+hok62y1pzD2YxHWIOnIAs9SHwrKBXReWc4TymBHIYJQv8mSbDS -rDT8QXyKns8b4Zu9SWbWoiAcNzwF4BxUV5qM7PPzVZOlK65tiSSEB4f1Zh+1gL6V -UQqFw6RP10dAqopngNOKNP1WgQkb+Stjs8aplzCf3KBurdn63wcW2D7Z+hQouYE8 -CHMTFB5piAZ9qCWnydACF6/apOT7G7BCK9D8WhXH8mXYl+tlkA6rf4a4KOKuxJR/ -vrtSy3wCir8V4ICCdadxgWicZ+hzp9YP2nAgQxmGUT+SF+eRIDsBSueaz1py3fM1 -THsHGIt0sLJTWWKT6u8agwPpmpNrjDCCdN6wUHW8nCJ4xjXmcQyGwx0IGovLxi+g -6mhhPrg62p9vroCGEIzhkuWNK10SCSVs4WlNRMH0BH/DgFoNkM70rbT6tf2gDKtG -74+9mp5SntGQMuOL5nndscwD6G524fh5mcHFVaAdMvfTnFX6/7+iAI4/URVYrxyj -gEV9YjQrmj7Ync6jv7nKHmgQMesmRLf7lxXswb7AZ281wk5hmT+uv626sLqU9q+9 -z270Jy/7QV3jQk+dS3Y5RgflAzNI8eXmMA0SEojzydWbGT5oFbrY9/DofILQs8Qw -cPQcXtUSW0hRQjBCQPuFvwde7pY3gjfpwVeof/9hcc6usVWoT4PoPAYKr+0tRuPo -syI/Aamn1SO04n6RW51y4wbcOVrofs63pkAjwk9DAmHwO8Qe9ALTFd+n9K/bknMa -HYh+8v3yVa+xfR/9XizRgRpE6eghNGBW30ywPAkGryKchlri6lenfBhcmRwGI4b4 -mc27ZS79Rn3rjTPKXtIgCEoOQYOmGZW38PELS0LWi7h53iXr7W9apQh/ ------END AGE ENCRYPTED FILE-----