diff options
| -rw-r--r-- | config/agenix.nix | 16 | ||||
| -rw-r--r-- | flake.lock | bin | 17649 -> 16678 bytes | |||
| -rw-r--r-- | flake.nix | 45 | ||||
| -rw-r--r-- | hosts/tarrel.nix | 43 | ||||
| -rw-r--r-- | hosts/work.nix | 9 |
5 files changed, 37 insertions, 76 deletions
diff --git a/config/agenix.nix b/config/agenix.nix new file mode 100644 index 0000000..aa8bd1d --- /dev/null +++ b/config/agenix.nix @@ -0,0 +1,16 @@ +{ inputs, ... }: +{ + environment.systemPackages = [ + inputs.agenix.packages."x86_64-linux".default + ]; + age.secrets.ghostnet-cert.file = ../secrets/ghostnet-cert.age; + age.secrets.ghostnet-key.file = ../secrets/ghostnet-key.age; + age.secrets.ghostnet-ca.file = ../secrets/ghostnet-ca.age; + age.secrets.ghostnet-tls-auth.file = ../secrets/ghostnet-tls-auth.age; + age.secrets.ghostnet-auth-user-pass.file = ../secrets/ghostnet-auth-user-pass.age; + + age.secrets.systems-cert.file = ../secrets/systems-cert.age; + age.secrets.systems-key.file = ../secrets/systems-key.age; + age.secrets.systems-ca.file = ../secrets/systems-ca.age; + age.secrets.systems-tls-auth.file = ../secrets/systems-tls-auth.age; +} Binary files differ@@ -9,8 +9,6 @@ hyprland.url = "github:hyprwm/Hyprland"; utils.url = "github:gytis-ivaskevicius/flake-utils-plus"; agenix.url = "github:ryantm/agenix"; - - zen-browser.url = "github:MarceColl/zen-browser-flake"; }; outputs = { self, nixpkgs, utils, home-manager, helix, hyprland, agenix, ... }@inputs: @@ -22,47 +20,12 @@ hostDefaults.modules = [ home-manager.nixosModules.home-manager agenix.nixosModules.default - { - environment.systemPackages = [ - agenix.packages."x86_64-linux".default - ]; - age.secrets.ghostnet-cert.file = ./secrets/ghostnet-cert.age; - age.secrets.ghostnet-key.file = ./secrets/ghostnet-key.age; - age.secrets.ghostnet-ca.file = ./secrets/ghostnet-ca.age; - age.secrets.ghostnet-tls-auth.file = ./secrets/ghostnet-tls-auth.age; - age.secrets.ghostnet-auth-user-pass.file = ./secrets/ghostnet-auth-user-pass.age; - - age.secrets.systems-cert.file = ./secrets/systems-cert.age; - age.secrets.systems-key.file = ./secrets/systems-key.age; - age.secrets.systems-ca.file = ./secrets/systems-ca.age; - age.secrets.systems-tls-auth.file = ./secrets/systems-tls-auth.age; - } - ./config/shared.nix - ]; - - hosts.work.modules = [ - { - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - home-manager.users.jras = import ./home-manager/entrypoints/personal.nix; - - home-manager.extraSpecialArgs = { inherit inputs; primary-monitor = "eDP-1"; }; - } - ./hosts/work.nix + ./config/shared.nix + ./config/agenix.nix ]; - hosts.tarrel.modules = [ - home-manager.nixosModules.home-manager - { - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - home-manager.users.jras = import ./home-manager/entrypoints/personal.nix; - - home-manager.extraSpecialArgs = { inherit inputs; primary-monitor = "DP-2"; }; - } - - ./hosts/tarrel.nix - ]; + hosts.work.modules = [./hosts/work.nix]; + hosts.tarrel.modules = [./hosts/tarrel.nix]; }; } diff --git a/hosts/tarrel.nix b/hosts/tarrel.nix index 8247d12..e0f1c1d 100644 --- a/hosts/tarrel.nix +++ b/hosts/tarrel.nix @@ -1,21 +1,10 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page -# and in the NixOS manual (accessible by running ‘nixos-help’). - -{ pkgs, ... }: - +{ pkgs, inputs, ... }: { - imports = - [ # Include the results of the hardware scan. - ./hardware-configuration/tarrel.nix - ]; + imports = [ ./hardware-configuration/tarrel.nix ]; - # Bootloader. boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; - networking.hostName = "tarrel"; - hardware.opengl.enable = true; services.xserver.videoDrivers = ["nvidia"]; hardware.nvidia = { @@ -28,12 +17,9 @@ security.rtkit.enable = true; - # Set your time zone. time.timeZone = "Europe/Amsterdam"; - # Select internationalisation properties. i18n.defaultLocale = "en_US.UTF-8"; - i18n.extraLocaleSettings = { LC_ADDRESS = "nl_NL.UTF-8"; LC_IDENTIFICATION = "nl_NL.UTF-8"; @@ -46,7 +32,6 @@ LC_TIME = "nl_NL.UTF-8"; }; - # Configure console keymap console.keyMap = "us-acentos"; programs.zsh.enable = true; @@ -54,7 +39,6 @@ agent.enable = true; }; - # Define a user account. Don't forget to set a password with ‘passwd’. users.users.jras = { isNormalUser = true; description = "Jasper"; @@ -65,9 +49,6 @@ security.sudo.execWheelOnly = true; security.sudo.wheelNeedsPassword = false; - # Allow unfree packages - nixpkgs.config.allowUnfree = true; - environment.sessionVariables = { TERMINAL = "alacritty"; EDITOR = "helix"; @@ -88,24 +69,18 @@ # from: https://help.ui.com/hc/en-us/articles/218506997-Required-Ports-Reference # best put it in a var somewhere + networking.hostName = "tarrel"; networking.networkmanager.enable = true; networking.firewall.allowedTCPPorts = [ 53 8080 8000 443 8443 8880 8843 6789 27117 ]; networking.firewall.allowedUDPPorts = [ 53 3478 5514 10001 1900 123]; networking.firewall.allowedUDPPortRanges = [ { from = 5656; to = 5699; } ]; - # programs.mtr.enable = true; - - # List services that you want to enable: - - # Enable the OpenSSH daemon. - # services.openssh.enable = true; + home-manager = { + useGlobalPkgs = true; + useUserPackages = true; + users.jras = import ../home-manager/entrypoints/personal.nix; + extraSpecialArgs = { inherit inputs; primary-monitor = "DP-2"; }; + }; - # This value determines the NixOS release from which the default - # settings for stateful data, like file locations and database versions - # on your system were taken. It‘s perfectly fine and recommended to leave - # this value at the release version of the first install of this system. - # Before changing this value read the documentation for this option - # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "24.05"; # Did you read the comment? - } diff --git a/hosts/work.nix b/hosts/work.nix index f4269ec..f26c99b 100644 --- a/hosts/work.nix +++ b/hosts/work.nix @@ -1,4 +1,4 @@ -{ config, pkgs, ... }: +{ config, pkgs, inputs, ... }: { imports = [ ./hardware-configuration/work.nix ]; @@ -104,5 +104,12 @@ packages = with pkgs; [ git helix ]; }; + home-manager = { + useGlobalPkgs = true; + useUserPackages = true; + users.jras = import ../home-manager/entrypoints/work.nix; + extraSpecialArgs = { inherit inputs; primary-monitor = "eDP-1"; }; + }; + system.stateVersion = "24.05"; # Do NOT change before reading configuration.nix } |