diff --git a/flake.nix b/flake.nix index 5707830e70063d7a64a9240db74d44abeaf65d35..da62d063bcc5a3b86d9bc6a84d8368bcd6a35649 100644 --- a/flake.nix +++ b/flake.nix @@ -111,10 +111,6 @@ ./shincha ]; services.tclip.package = inputs.tclip.packages.${pkgs.system}.tclipd; }; - peach.imports = [ - inputs.agenix.nixosModules.default - ./peach - ]; }; nixConfig = { extra-substitutors = [ "https://jolheiser.cachix.org" ]; diff --git a/peach/default.nix b/peach/default.nix deleted file mode 100644 index 01e65c327c04506b13ec9021cde7e6fae4ad9fec..0000000000000000000000000000000000000000 --- a/peach/default.nix +++ /dev/null @@ -1,98 +0,0 @@ -{ pkgs, config, ... }: -{ - imports = [ - ./hardware.nix - ]; - - boot = { - tmp.cleanOnBoot = true; - loader = { - systemd-boot.enable = true; - efi.canTouchEfiVariables = true; - }; - }; - zramSwap.enable = true; - - networking = { - hostName = "peach"; - firewall = { - enable = true; - allowedTCPPorts = [ - 80 - 443 - ]; - }; - }; - - time.timeZone = "America/Chicago"; - i18n = { - defaultLocale = "en_US.UTF-8"; - extraLocaleSettings = { - LC_ADDRESS = "en_US.UTF-8"; - LC_IDENTIFICATION = "en_US.UTF-8"; - LC_MEASUREMENT = "en_US.UTF-8"; - LC_MONETARY = "en_US.UTF-8"; - LC_NAME = "en_US.UTF-8"; - LC_NUMERIC = "en_US.UTF-8"; - LC_PAPER = "en_US.UTF-8"; - LC_TELEPHONE = "en_US.UTF-8"; - LC_TIME = "en_US.UTF-8"; - }; - }; - - hardware.pulseaudio.enable = false; - security.rtkit.enable = true; - - services = { - openssh.enable = true; - tailscale.enable = true; - fail2ban.enable = true; - xserver = { - enable = true; - displayManager = { - lightdm.enable = true; - autoLogin = { - enable = true; - user = "beanboy"; - }; - }; - desktopManager.cinnamon.enable = true; - layout = "us"; - xkbVariant = ""; - }; - pipewire = { - enable = true; - alsa.enable = true; - alsa.support32Bit = true; - pulse.enable = true; - }; - }; - - age.secrets.beanboy.file = ../secrets/beanboy.age; - users.users = { - "beanboy" = { - isNormalUser = true; - extraGroups = [ - "networkmanager" - "wheel" - ]; - hashedPasswordFile = config.age.secrets.beanboy.path; - packages = with pkgs; [ - prismlauncher - ]; - }; - "root".openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL+uhnfFLhlyfGGsksSxh5IIY6gnIMryeQ2EiM979kZa" - ]; - }; - - nix = { - gc = { - automatic = true; - randomizedDelaySec = "15m"; - }; - optimise.automatic = true; - }; - - system.stateVersion = "22.11"; -} diff --git a/peach/hardware.nix b/peach/hardware.nix deleted file mode 100644 index 41b83f999687ebfccd2fdcbf00f1534fd549cbcc..0000000000000000000000000000000000000000 --- a/peach/hardware.nix +++ /dev/null @@ -1,54 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ - config, - lib, - pkgs, - modulesPath, - ... -}: - -{ - imports = [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; - - boot.initrd.availableKernelModules = [ - "xhci_pci" - "ahci" - "usb_storage" - "usbhid" - "sd_mod" - "sr_mod" - "rtsx_usb_sdmmc" - ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ ]; - boot.extraModulePackages = [ ]; - - fileSystems."/" = { - device = "/dev/disk/by-uuid/88901304-b017-4659-bad6-30bafb3445df"; - fsType = "ext4"; - }; - - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/EEC4-C5A5"; - fsType = "vfat"; - }; - - swapDevices = [ - { device = "/dev/disk/by-uuid/c1551c4d-9b9e-4cc7-b30e-817b6979d010"; } - ]; - - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.eno1.useDHCP = lib.mkDefault true; - # networking.interfaces.wlp2s0.useDHCP = lib.mkDefault true; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; -} diff --git a/secrets/beanboy.age b/secrets/beanboy.age deleted file mode 100644 index db06b554fd6f0b83b7d14a4737137588cc9ce784..0000000000000000000000000000000000000000 Binary files a/secrets/beanboy.age and /dev/null differ diff --git a/secrets/beszel-dragonwell.age b/secrets/beszel-dragonwell.age index f944c72001589461d583b7ae06758ac83ba16277..7706f094e23afe53b7a12d828443cfb91d32cc57 100644 --- a/secrets/beszel-dragonwell.age +++ b/secrets/beszel-dragonwell.age @@ -1,7 +1,7 @@ age-encryption.org/v1 --> ssh-ed25519 E8j6/g +swrLy8qbsI5oN1aHW8SrENIzPDaML/a02CAVGLsVxw -DAHcozFyYjPLoCni+q6Pbf+kvlfKP6z/fWjFR2Vr1LA --> ssh-ed25519 f31uNA vx2Jkf9HnN9z9Ca8B0LJ4eZ0u/neU3iuXFmC4PnvRTI -yBmLKhrUpW6IRUMoTXa4nryqEz5vutYDBcH3RQlUJq0 ---- JtWh3Ec40mDrQYdZI+Q3bIs6Fm6r9IrLwR1dtnWDFpE - U4owodSLx5YYօG5t;.æ3&U,4_ 62zDe0NPޡ )Nf?En)-,,|j.jmfsT[ \ No newline at end of file +-> ssh-ed25519 E8j6/g FULGDIRTOpsdr5BQRHJBtbarmLmG7u1pyVKuPugvShE +XaNCPPCHxPtCiquUdlAZczFlJoYvJVEbAOmsifPKg40 +-> ssh-ed25519 f31uNA 9UeFA3rkqduVCRekz9v1uSpx3Q1RmQKm/BbHxIlhumk +Pp7x9xqH9xCqvaIwjhZkXzt/qlvnunwOeTDwJogkGHs +--- yQpM58nlvx1oEhG4bHfIMMBBD86qWNOIEVTeGQbs/oc +j?-j=kI\.e3%u2aBRՑUPΐ] 'L!^SjDbwːq"V~=vڹ[! \ No newline at end of file diff --git a/secrets/beszel-gunpowder.age b/secrets/beszel-gunpowder.age index 018130e2080e0858c61df90a30c0815bed5fb3eb..342f510a49907881a399ae1ebea9c9c712595aff 100644 Binary files a/secrets/beszel-gunpowder.age and b/secrets/beszel-gunpowder.age differ diff --git a/secrets/beszel-jasmine.age b/secrets/beszel-jasmine.age index ad9e13621a3334696dcad8d0f82d32c8861fb2f4..1b3058823d78136e8eef9cf44f6d76fa08c1008b 100644 Binary files a/secrets/beszel-jasmine.age and b/secrets/beszel-jasmine.age differ diff --git a/secrets/beszel-shincha.age b/secrets/beszel-shincha.age index 440418c30347fbd8c81c16780407c0e7e361f8be..59b761c44f1b98308e5bcfc45273281ae2450054 100644 --- a/secrets/beszel-shincha.age +++ b/secrets/beszel-shincha.age @@ -1,8 +1,7 @@ age-encryption.org/v1 --> ssh-ed25519 E8j6/g WYjBtC4VjyYtTq/YCCRwl0jTq+brsvW8daocL7wgmxo -fGel/TatjSio1GDKoAmx4W46Wsi5hBhRYnC223plJjQ --> ssh-ed25519 Wq7dJg wBo+LuY6d57B/x9PseqE2vsbvnppkpA2etEl/jgYhyw -mijrmqEYGxQ6U4RtiAE0cJjrzO3VIoYV2kChPlIE9P8 ---- U2mCUsQSaVkd9ubyEKGmQpy1a6c10IbEdqIgwEolh7I -g6I<ܶ' g"pc0rՏ:hqBcjIOҎf7 8' -`X-ɢ%/cX6Lq !UE y&2 \ No newline at end of file +-> ssh-ed25519 E8j6/g ELjIQSmsbz0PK7s9RcL4vTaOBbUrpH9EGAXN998n9RY +JegzXcs//6TJ9tKXDKiP/blc+J0EhWJlXKju/p3bKcU +-> ssh-ed25519 Wq7dJg aBTNYwpqMV3tf9adr//rnwY0ehXhNd7PICsR6uOagzk +wwvEAHmBzKL3iqeBJuMDf60vaKvuSdt1cLvTVlG0OMI +--- haqhC+ktwsqN/M9FvI16J+V5a7aczQVPuQ0Z0ROXJl0 ++㤽zXنCKzj|+t$g~ +[bݸ"+6 31_D2Zv%vޢmKwWny \ No newline at end of file diff --git a/secrets/cifs.age b/secrets/cifs.age index de888cfc27b9a3366c732f8caf073987168f58d0..16bb4acf61016bcc51fab122f5600c818261c071 100644 Binary files a/secrets/cifs.age and b/secrets/cifs.age differ diff --git a/secrets/forge-lines.age b/secrets/forge-lines.age index a7848767e8af2164d5f8cd49186e9839b8d02c5b..8730fca21b7a4978c1f49fd034f15b99f5b8a172 100644 --- a/secrets/forge-lines.age +++ b/secrets/forge-lines.age @@ -1,8 +1,8 @@ age-encryption.org/v1 --> ssh-ed25519 E8j6/g d159n6EiXqVDqO8Axpg6NsQe1hUPy3qjLw1ujaMx4wY -WPSwHaPu0gkXHAW9Ggmxaa2Hg5Ydp7p7MshArJujB1c --> ssh-ed25519 f31uNA KjA6NTuhGdJNklw6v8JXcejyOS9PF09CJ5UauO4rIzE -up7TQB9QFbaAVtTVK5ZDu2RiJWYSX1JGyA7jhrV6y44 ---- IO6+bCezajDhP9MApAfwK7qHQk6j2g108w/vgPvjSU4 -(v;i)S0ZwˍGlzǭrl:Wxt=%y־SOH>l% 2\W -$G(4 \ No newline at end of file +-> ssh-ed25519 E8j6/g MOue2FWi5KIuH/YezYHaC2BhTLJyAm++9wcBfiOD21w +wzLYn3if+zWfDLmtC5x7rc8y0wTHs/ndXA+nIiDPNe0 +-> ssh-ed25519 f31uNA pUzaDSPDHD+G1hxXcEEFdWEr8pL8TnaSSxJWJaTLWiI +nQhS0G4ZpBPzbFDsNm/73UEyTWtjd+ovhHtM8T9qxXs +--- HiupunEhBca/FwNXRI3dXpNoSr/UtsIkCiHYvUi0Z5o +I"5R`q4c5/'$_z?y3NĬĐwO< ? +5~PJaѓvw$Z.(r \ No newline at end of file diff --git a/secrets/horcrux.age b/secrets/horcrux.age index a6262f23d21e94b9a3fd0ec4173f2634175bd141..f5682b987c8965ed0b1c196294a2eb51e9101330 100644 Binary files a/secrets/horcrux.age and b/secrets/horcrux.age differ diff --git a/secrets/mealie.age b/secrets/mealie.age index 6d2759f472f7d0f5ff264597e3bcf25bea93aea6..dcd57166cae09dde45239e274927e4690829f145 100644 Binary files a/secrets/mealie.age and b/secrets/mealie.age differ diff --git a/secrets/mint.age b/secrets/mint.age index f71b57b0c578745a16b8bd97b422adb033ae2607..021fc7a5a17911feeafae493fd4f5f37ceb3f864 100644 Binary files a/secrets/mint.age and b/secrets/mint.age differ diff --git a/secrets/pds.age b/secrets/pds.age index 4e89a7e07ff1a35c94ed60d3418706253cc31b7d..8e37d4edbfb04fa947829e5e8516c6ad162edc64 100644 Binary files a/secrets/pds.age and b/secrets/pds.age differ diff --git a/secrets/pocket-id.age b/secrets/pocket-id.age index 318784e282e82f32fbe091cf1f7f7e95a5001b46..5dfffbb6bef72851892640e8884a312cc344f828 100644 Binary files a/secrets/pocket-id.age and b/secrets/pocket-id.age differ diff --git a/secrets/restic-env.age b/secrets/restic-env.age index 97d32e031097ba79453c5136e93abc42acd1e9d9..87a10f7fd00877ecccd4adb80158ee8c942c00ab 100644 Binary files a/secrets/restic-env.age and b/secrets/restic-env.age differ diff --git a/secrets/restic-pass.age b/secrets/restic-pass.age index 767b375ed34369212ccff4b31495c30d0cc46642..21a8378a9894e93d41126d610c00a03ccddb5a1f 100644 Binary files a/secrets/restic-pass.age and b/secrets/restic-pass.age differ diff --git a/secrets/restic-repo.age b/secrets/restic-repo.age index db47d66966b7712ea442c1e49f8a1f2b5b38b3a4..756ef95a5d2944e4f3c2314b7f32e5af3198f61e 100644 --- a/secrets/restic-repo.age +++ b/secrets/restic-repo.age @@ -1,8 +1,7 @@ age-encryption.org/v1 --> ssh-ed25519 E8j6/g jN7IS4tY/K8FzYxykNsLZquHG+q8eH4lJyH0KkKCry0 -tz0o+QpMpiBOLXIgyyZIqXWLO1XVu1kIYYKeIw6efKw --> ssh-ed25519 f31uNA ECXdXmETbNE39IUVtV8Br+RJ1fjJwz9M3M54eqeBrg8 -3Idhaybap5hcoFnpDknz46MM1D0rR+WYf66dJ0GCmGg ---- DZ4qcxoUIkDdpDpd+Km9pBFrMui462IP0mrc0dGM0Dw -S&xrؿ]^䟖'ܧ5 -jɌlɍlqXJ\{ԌʸyxK\䙹X>Tee,7ᨄS \ No newline at end of file +-> ssh-ed25519 E8j6/g KkmTmjrxjGcfGrUdNM2/QCI81heVgv6nj0LynHz7PEw +SKj0FV/SHogJZWrilxGyDOUrCfvB9Vs+UkCYj0ijetY +-> ssh-ed25519 f31uNA O2x7fnci0jo6yEleV69RXcA04V1V2WNFgQska83VqhQ +/bpn6h0x9/Zzc1yuCqd0wy2JYJAAQZvZSy429JPTcb8 +--- a1Z9wg9rIkAj8JsAUthmbMASiLFuwonKJKDrb5YQPfE +7JeaKx41:1낻D!ѓЎ@Y miJ=urFDS!Sf;o^Uq?$5Yx:F-lJE}y \ No newline at end of file diff --git a/secrets/secrets.nix b/secrets/secrets.nix index 354ead0d1c8d2df1cf51935d29b2be6df06e4808..4817b99f97eb1491cb354baf667e54573de0653d 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -4,7 +4,6 @@ dragonwell = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN32Cwxer2AOGvEqSqXSPp49gj1VtR7G2XmPnmXj6o53"; shincha = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBikiSP5UIoHgjZejxSt/ce2FxnYk9VGDW+h12QvefJ3"; jasmine = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE4koC93ixwkFzMK+kYLk2A6+xn6xprzkk49k+avRZkn"; gunpowder = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILZxjkZLj/9xvmg1enK+B7k8qf6Px0j4kTZ2caQfYmB1"; - peach = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMD+rBcwnOnY2SPVAcHmfHgYwNCaG+PcuP+Zb/CgRA3N"; dragonwellKeys = [ jolheiser @@ -22,10 +21,6 @@ gunpowderKeys = [ jolheiser gunpowder ]; - peachKeys = [ - jolheiser - peach - ]; in { @@ -43,5 +38,4 @@ "pds.age".publicKeys = dragonwellKeys; "horcrux.age".publicKeys = dragonwellKeys; "mint.age".publicKeys = dragonwellKeys; "cifs.age".publicKeys = jasmineKeys; - "beanboy.age".publicKeys = peachKeys; }