update all VPS configs

2025-03-19 12:49:00 -05:00 · 2025-03-19 12:49:00 -05:00 · c781a90851
commit c781a90851
parent 138565efad
12 changed files with 1374 additions and 134 deletions
--- a/hosts/linode/l002/flake.lock
+++ b/hosts/linode/l002/flake.lock
@ -32,11 +32,11 @@
        "ragenix": "ragenix"
      },
      "locked": {
-        "lastModified": 1742335106,
-        "narHash": "sha256-NmpZH5jNuJqfx6ty+Ttnyig22R4Pfwb7iUtbujjQgYk=",
+        "lastModified": 1742406125,
+        "narHash": "sha256-+NQNj2IMJuEiymB+YrcZkxeZt7QlC+Bwe5rWgRRHKrU=",
        "ref": "refs/heads/master",
-        "rev": "aacf05e59d89836103e75345640d7b82481363c0",
-        "revCount": 366,
+        "rev": "138565efadeed6baf2a632c5dcc95a2031c77f86",
+        "revCount": 371,
        "type": "git",
        "url": "https://git.joshuabell.xyz/dotfiles"
      },
--- a/hosts/linode/l002/flake.nix
+++ b/hosts/linode/l002/flake.nix
@ -48,14 +48,18 @@
            (
              { pkgs, ... }:
              {
-                users.users.root.openssh.authorizedKeys.keys = [
-                  "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJuo6L6V52AzdQIK6fWW9s0aX1yKUUTXbPd8v8IU9p2o nix2linode"
+                environment.systemPackages = with pkgs; [
+                  bitwarden
+                  vaultwarden
                ];

                ringofstorms_common = {
                  systemName = configuration_name;
                  general = {
                    disableRemoteBuildsOnLio = true;
+                    readWindowsDrives = false;
+                    jetbrainsMonoFont = false;
+                    ttyCapsEscape = false;
                  };
                  programs = {
                    tailnet.enable = true;
@ -63,29 +67,21 @@
                    ssh.enable = true;
                  };
                  users = {
-                    # Users are all normal users and default password is password1
-                    admins = [ "luser" ]; # First admin is also the primary user owning nix config
                    users = {
-                      luser = {
-                        extraGroups = [
-                          "networkmanager"
-                        ];
+                      root = {
                        openssh.authorizedKeys.keys = [
                          "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJuo6L6V52AzdQIK6fWW9s0aX1yKUUTXbPd8v8IU9p2o nix2linode"
                        ];
                        shell = pkgs.zsh;
-                        packages = with pkgs; [
-                          bitwarden
-                          vaultwarden
-                        ];
                      };
                    };
                  };
                  homeManager = {
                    users = {
-                      luser = {
+                      root = {
                        imports = with common.homeManagerModules; [
                          tmux
+                          atuin
                          git
                          postgres
                          starship
--- a/hosts/linode/l002/linode.nix
+++ b/hosts/linode/l002/linode.nix
@ -18,7 +18,6 @@
    settings.PermitRootLogin = "yes";
    settings.PasswordAuthentication = false;
  };
-  users.users.root.openssh.authorizedKeys.keys = config.users.users.luser.openssh.authorizedKeys.keys;

  networking.usePredictableInterfaceNames = false;
  networking.useDHCP = false; # Disable DHCP globally as we will not need it.
--- a/hosts/linode/l002/nginx.nix
+++ b/hosts/linode/l002/nginx.nix
@ -1,5 +1,4 @@
 {
-  pkgs,
  ...
 }:
 {
@ -76,14 +75,6 @@
          proxyPass = "http://100.64.0.2:6610";
        };
      };
-      "vault.t.joshuabell.xyz" = {
-        enableACME = true;
-        forceSSL = true;
-        locations."/" = {
-          proxyWebsockets = true;
-          proxyPass = "http://100.64.0.2:64608";
-        };
-      };

      # Redirect self IP to domain
      "172.234.26.141" = {