ringofstorms/dotfiles
ringofstorms/dotfiles
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

pinchflat vpn, testbed random, virt-manager

Browse source
This commit is contained in:
RingOfStorms (Joshua Bell) 2025-08-12 17:01:21 -05:00
parent d2eaec6860
commit db6d5161ff
13 changed files with 1645 additions and 64 deletions
Download patch file Download diff file Expand all files Collapse all files

62
common/_home_manager/mods/ssh.nix
View file

@ -1,6 +1,16 @@
{ osConfig, ... }:
{
osConfig,
lib,
...
}:
let
inherit (osConfig) age;
hasSecret =
secret:
let
secrets = age.secrets or { };
in
secrets ? secret && secrets.${secret} != null;
in
{
# TODO can I put all IP's in the flake.nix top level settings and pull them in here instead?
@ -12,43 +22,43 @@ in
'';
matchBlocks = {
# EXTERNAL
"github.com" = {
"github.com" = lib.mkIf (hasSecret "nix2github") {
identityFile = age.secrets.nix2github.path;
};
"bitbucket.org" = {
"bitbucket.org" = lib.mkIf (hasSecret "nix2bitbucket") {
identityFile = age.secrets.nix2bitbucket.path;
};
# "git.joshuabell.xyz" = {
# "git.joshuabell.xyz" = lib.mkIf (hasSecret "nix2gitjosh") { # TODO remove old
# identityFile = age.secrets.nix2gitjosh.path;
# user = "git";
# };
"git.joshuabell.xyz" = {
"git.joshuabell.xyz" = lib.mkIf (hasSecret "nix2gitforgejo") {
identityFile = age.secrets.nix2gitforgejo.path;
user = "git";
};
# PERSONAL DEVICES
"lio" = {
"lio" = lib.mkIf (hasSecret "nix2lio") {
identityFile = age.secrets.nix2lio.path;
user = "josh";
};
"lio_" = {
"lio_" = lib.mkIf (hasSecret "nix2lio") {
identityFile = age.secrets.nix2lio.path;
hostname = "10.12.14.116";
user = "josh";
};
"oren" = {
"oren" = lib.mkIf (hasSecret "nix2oren") {
identityFile = age.secrets.nix2oren.path;
user = "josh";
};
"joe" = {
"joe" = lib.mkIf (hasSecret "nix2joe") {
identityFile = age.secrets.nix2joe.path;
user = "ringo";
};
"gp3" = {
"gp3" = lib.mkIf (hasSecret "nix2gpdPocket3") {
identityFile = age.secrets.nix2gpdPocket3.path;
user = "josh";
};
"t" = {
"t" = lib.mkIf (hasSecret "nix2t") {
identityFile = age.secrets.nix2t.path;
user = "joshua.bell";
localForwards = [
@ -67,7 +77,7 @@ in
TERM = "vt100";
};
};
"t_" = {
"t_" = lib.mkIf (hasSecret "nix2t") {
identityFile = age.secrets.nix2t.path;
hostname = "10.12.14.103";
user = "joshua.bell";
@ -75,14 +85,14 @@ in
TERM = "vt100";
};
};
"mbptv" = {
"mbptv" = lib.mkIf (hasSecret "nix2gpdPocket3") {
identityFile = age.secrets.nix2gpdPocket3.path;
user = "waka";
setEnv = {
TERM = "vt100";
};
};
"mbptv_" = {
"mbptv_" = lib.mkIf (hasSecret "nix2gpdPocket3") {
identityFile = age.secrets.nix2gpdPocket3.path;
hostname = "10.12.14.101";
user = "waka";
@ -90,57 +100,57 @@ in
TERM = "vt100";
};
};
"nothing1" = {
"nothing1" = lib.mkIf (hasSecret "nix2gpdPocket3") {
identityFile = age.secrets.nix2gpdPocket3.path;
user = "TODO";
};
"tab1" = {
"tab1" = lib.mkIf (hasSecret "nix2gpdPocket3") {
identityFile = age.secrets.nix2gpdPocket3.path;
user = "TODO";
};
"pixel6" = {
"pixel6" = lib.mkIf (hasSecret "nix2gpdPocket3") {
identityFile = age.secrets.nix2gpdPocket3.path;
user = "TODO";
};
# HOME SERVERS
"h001" = {
"h001" = lib.mkIf (hasSecret "nix2h001") {
identityFile = age.secrets.nix2h001.path;
user = "luser";
};
"h001_" = {
"h001_" = lib.mkIf (hasSecret "nix2h001") {
identityFile = age.secrets.nix2h001.path;
hostname = "10.12.14.2";
user = "luser";
};
"h002" = {
"h002" = lib.mkIf (hasSecret "nix2h002") {
identityFile = age.secrets.nix2h002.path;
user = "luser";
};
"h003" = {
"h003" = lib.mkIf (hasSecret "nix2h003") {
identityFile = age.secrets.nix2h003.path;
user = "luser";
};
# LINODE SERVERS
"l001" = {
"l001" = lib.mkIf (hasSecret "nix2linode") {
identityFile = age.secrets.nix2linode.path;
hostname = "172.236.111.33"; # Not on the tailscale network it is the primary host
user = "root";
};
"l002_" = {
"l002_" = lib.mkIf (hasSecret "nix2linode") {
identityFile = age.secrets.nix2linode.path;
hostname = "172.234.26.141";
user = "root";
};
"l002" = {
"l002" = lib.mkIf (hasSecret "nix2linode") {
identityFile = age.secrets.nix2linode.path;
user = "root";
};
# ORACLE SERVERS
"o001" = {
"o001" = lib.mkIf (hasSecret "nix2oracle") {
identityFile = age.secrets.nix2oracle.path;
user = "root";
};
"o001_" = {
"o001_" = lib.mkIf (hasSecret "nix2oracle") {
identityFile = age.secrets.nix2oracle.path;
hostname = "64.181.210.7";
user = "root";

2
common/flake.nix
View file

@ -28,6 +28,7 @@
lib,
...
}:
{
imports = [
(
@ -64,7 +65,6 @@
./secrets
];
config = {
_module.args = {
inherit ragenix;
};

1
common/programs/default.nix
View file

@ -15,6 +15,7 @@ in
./incus.nix
./flatpaks.nix
./opencode.nix
./virt-manager.nix
];
config = {
assertions = [

42
common/programs/virt-manager.nix Normal file
View file

@ -0,0 +1,42 @@
{
config,
lib,
...
}:
let
ccfg = import ../config.nix;
cfg_path = [
ccfg.custom_config_key
"programs"
"virt-manager"
];
cfg = lib.attrsets.getAttrFromPath cfg_path config;
users_cfg = config.${ccfg.custom_config_key}.users;
in
{
options =
{ }
// lib.attrsets.setAttrByPath cfg_path {
enable = lib.mkEnableOption "Enable virt manager/quemu";
users = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = builtins.attrNames users_cfg;
description = "Users to configure for virt-manager.";
};
};
config = lib.mkIf cfg.enable {
services.qemuGuest.enable = true;
services.spice-vdagentd.enable = true;
programs.virt-manager = {
enable = true;
};
virtualisation = {
libvirtd.enable = true;
spiceUSBRedirection.enable = true;
};
users.groups.libvirtd.members = cfg.users;
};
}