ringofstorms/dotfiles
ringofstorms/dotfiles
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: ringofstorms:fe7a1ac82d1c4ae225556977806be8bd2726b9af
Branches Tags
ringofstorms:master
..
compare: ringofstorms:07d87070f183b40e179404250148e4ad1257bd73
Branches Tags
ringofstorms:master

No commits in common. "fe7a1ac82d1c4ae225556977806be8bd2726b9af" and "07d87070f183b40e179404250148e4ad1257bd73" have entirely different histories.
fe7a1ac82d ... 07d87070f1

4 changed files with 50 additions and 51 deletions
Download patch file Download diff file Expand all files Collapse all files

45
flakes/common/hm_modules/ssh.nix
View file

@ -4,10 +4,11 @@
... ...
}: }:
let let
inherit (osConfig) age;
hasSecret = hasSecret =
secret: secret:
let let
secrets = osConfig.age.secrets or { }; secrets = age.secrets or { };
in in
secrets ? ${secret} && secrets.${secret} != null; secrets ? ${secret} && secrets.${secret} != null;
in in
@ -38,39 +39,39 @@ in
# EXTERNAL # EXTERNAL
"github.com" = lib.mkIf (hasSecret "nix2github") { "github.com" = lib.mkIf (hasSecret "nix2github") {
identityFile = osConfig.age.secrets.nix2github.path; identityFile = age.secrets.nix2github.path;
}; };
"bitbucket.org" = lib.mkIf (hasSecret "nix2bitbucket") { "bitbucket.org" = lib.mkIf (hasSecret "nix2bitbucket") {
identityFile = osConfig.age.secrets.nix2bitbucket.path; identityFile = age.secrets.nix2bitbucket.path;
}; };
"git.joshuabell.xyz" = { "git.joshuabell.xyz" = {
identityFile = lib.mkIf (hasSecret "nix2gitforgejo") osConfig.age.secrets.nix2gitforgejo.path; identityFile = lib.mkIf (hasSecret "nix2gitforgejo") age.secrets.nix2gitforgejo.path;
user = "git"; user = "git";
}; };
# PERSONAL DEVICES # PERSONAL DEVICES
"lio" = { "lio" = {
identityFile = lib.mkIf (hasSecret "nix2lio") osConfig.age.secrets.nix2lio.path; identityFile = lib.mkIf (hasSecret "nix2lio") age.secrets.nix2lio.path;
user = "josh"; user = "josh";
}; };
"lio_" = { "lio_" = {
identityFile = lib.mkIf (hasSecret "nix2lio") osConfig.age.secrets.nix2lio.path; identityFile = lib.mkIf (hasSecret "nix2lio") age.secrets.nix2lio.path;
hostname = "10.12.14.116"; hostname = "10.12.14.116";
user = "josh"; user = "josh";
}; };
"oren" = { "oren" = {
identityFile = lib.mkIf (hasSecret "nix2oren") osConfig.age.secrets.nix2oren.path; identityFile = lib.mkIf (hasSecret "nix2oren") age.secrets.nix2oren.path;
user = "josh"; user = "josh";
}; };
"juni" = { "juni" = {
identityFile = lib.mkIf (hasSecret "nix2nix") osConfig.age.secrets.nix2nix.path; identityFile = lib.mkIf (hasSecret "nix2nix") age.secrets.nix2nix.path;
user = "josh"; user = "josh";
}; };
"gp3" = { "gp3" = {
identityFile = lib.mkIf (hasSecret "nix2gpdPocket3") osConfig.age.secrets.nix2gpdPocket3.path; identityFile = lib.mkIf (hasSecret "nix2gpdPocket3") age.secrets.nix2gpdPocket3.path;
user = "josh"; user = "josh";
}; };
"t" = { "t" = {
identityFile = lib.mkIf (hasSecret "nix2t") osConfig.age.secrets.nix2t.path; identityFile = lib.mkIf (hasSecret "nix2t") age.secrets.nix2t.path;
user = "joshua.bell"; user = "joshua.bell";
localForwards = [ localForwards = [
{ {
@ -84,7 +85,7 @@ in
}; };
}; };
"t_" = { "t_" = {
identityFile = lib.mkIf (hasSecret "nix2t") osConfig.age.secrets.nix2t.path; identityFile = lib.mkIf (hasSecret "nix2t") age.secrets.nix2t.path;
hostname = "10.12.14.181"; hostname = "10.12.14.181";
user = "joshua.bell"; user = "joshua.bell";
localForwards = [ localForwards = [
@ -100,54 +101,54 @@ in
}; };
# HOME SERVERS # HOME SERVERS
"h001" = { "h001" = {
identityFile = lib.mkIf (hasSecret "nix2h001") osConfig.age.secrets.nix2h001.path; identityFile = lib.mkIf (hasSecret "nix2h001") age.secrets.nix2h001.path;
user = "luser"; user = "luser";
}; };
"h001_" = { "h001_" = {
identityFile = lib.mkIf (hasSecret "nix2h001") osConfig.age.secrets.nix2h001.path; identityFile = lib.mkIf (hasSecret "nix2h001") age.secrets.nix2h001.path;
hostname = "10.12.14.10"; hostname = "10.12.14.10";
user = "luser"; user = "luser";
}; };
"h002" = { "h002" = {
identityFile = lib.mkIf (hasSecret "nix2nix") osConfig.age.secrets.nix2nix.path; identityFile = lib.mkIf (hasSecret "nix2nix") age.secrets.nix2nix.path;
user = "luser"; user = "luser";
}; };
"h002_" = { "h002_" = {
identityFile = lib.mkIf (hasSecret "nix2nix") osConfig.age.secrets.nix2nix.path; identityFile = lib.mkIf (hasSecret "nix2nix") age.secrets.nix2nix.path;
hostname = "10.12.14.183"; hostname = "10.12.14.183";
user = "luser"; user = "luser";
}; };
"h003" = { "h003" = {
identityFile = lib.mkIf (hasSecret "nix2h003") osConfig.age.secrets.nix2h003.path; identityFile = lib.mkIf (hasSecret "nix2h003") age.secrets.nix2h003.path;
hostname = "10.12.14.1"; hostname = "10.12.14.1";
user = "luser"; user = "luser";
}; };
"h003_" = { "h003_" = {
identityFile = lib.mkIf (hasSecret "nix2h003") osConfig.age.secrets.nix2h003.path; identityFile = lib.mkIf (hasSecret "nix2h003") age.secrets.nix2h003.path;
user = "luser"; user = "luser";
}; };
# LINODE SERVERS # LINODE SERVERS
"l001" = { "l001" = {
identityFile = lib.mkIf (hasSecret "nix2linode") osConfig.age.secrets.nix2linode.path; identityFile = lib.mkIf (hasSecret "nix2linode") age.secrets.nix2linode.path;
hostname = "172.236.111.33"; # Not on the tailscale network it is the primary host hostname = "172.236.111.33"; # Not on the tailscale network it is the primary host
user = "root"; user = "root";
}; };
"l002_" = { "l002_" = {
identityFile = lib.mkIf (hasSecret "nix2linode") osConfig.age.secrets.nix2linode.path; identityFile = lib.mkIf (hasSecret "nix2linode") age.secrets.nix2linode.path;
hostname = "172.234.26.141"; hostname = "172.234.26.141";
user = "root"; user = "root";
}; };
"l002" = { "l002" = {
identityFile = lib.mkIf (hasSecret "nix2linode") osConfig.age.secrets.nix2linode.path; identityFile = lib.mkIf (hasSecret "nix2linode") age.secrets.nix2linode.path;
user = "root"; user = "root";
}; };
# ORACLE SERVERS # ORACLE SERVERS
"o001" = { "o001" = {
identityFile = lib.mkIf (hasSecret "nix2oracle") osConfig.age.secrets.nix2oracle.path; identityFile = lib.mkIf (hasSecret "nix2oracle") age.secrets.nix2oracle.path;
user = "root"; user = "root";
}; };
"o001_" = { "o001_" = {
identityFile = lib.mkIf (hasSecret "nix2oracle") osConfig.age.secrets.nix2oracle.path; identityFile = lib.mkIf (hasSecret "nix2oracle") age.secrets.nix2oracle.path;
hostname = "64.181.210.7"; hostname = "64.181.210.7";
user = "root"; user = "root";
}; };

10
flakes/common/nix_modules/tailnet.nix
View file

@ -4,14 +4,6 @@
lib, lib,
... ...
}: }:
let
hasSecret =
secret:
let
secrets = config.age.secrets or { };
in
secrets ? ${secret} && secrets.${secret} != null;
in
{ {
environment.systemPackages = with pkgs; [ tailscale ]; environment.systemPackages = with pkgs; [ tailscale ];
boot.kernelModules = [ "tun" ]; boot.kernelModules = [ "tun" ];
@ -20,7 +12,7 @@ in
enable = true; enable = true;
openFirewall = true; openFirewall = true;
useRoutingFeatures = "client"; useRoutingFeatures = "client";
authKeyFile = lib.mkIf (hasSecret "headscale_auth") config.age.secrets.headscale_auth.path; authKeyFile = config.age.secrets.headscale_auth.path;
extraUpFlags = [ extraUpFlags = [
"--login-server=https://headscale.joshuabell.xyz" "--login-server=https://headscale.joshuabell.xyz"
]; ];

42
hosts/juni/flake.lock generated
View file

@ -6,11 +6,11 @@
}, },
"locked": { "locked": {
"dir": "flakes/beszel", "dir": "flakes/beszel",
"lastModified": 1767743368, "lastModified": 1767737541,
"narHash": "sha256-mdCzyG8OHo7XNaqN9fKQjoZO8/w6/grgisexOsUcrKI=", "narHash": "sha256-7e8xFdNxTJpP8X85gJ/l5czveU3qKw8VUK889BYHsP8=",
"ref": "refs/heads/master", "ref": "refs/heads/master",
"rev": "c223dedb701601f1b19e1c347396d19ca7aeb418", "rev": "abf8f5381d683a3968239206d69b0a5ad6852799",
"revCount": 1086, "revCount": 1078,
"type": "git", "type": "git",
"url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles"
}, },
@ -38,14 +38,20 @@
}, },
"common": { "common": {
"locked": { "locked": {
"path": "../../flakes/common", "dir": "flakes/common",
"type": "path" "lastModified": 1767737953,
"narHash": "sha256-rHqjhsGc8iInvJ7tw3jqS6H3U0Z6TTYU6fMyiErNnNs=",
"ref": "refs/heads/master",
"rev": "8cd92aaba4d4db2d605f597eb68f501b9069efee",
"revCount": 1080,
"type": "git",
"url": "https://git.joshuabell.xyz/ringofstorms/dotfiles"
}, },
"original": { "original": {
"path": "../../flakes/common", "dir": "flakes/common",
"type": "path" "type": "git",
}, "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles"
"parent": [] }
}, },
"de_plasma": { "de_plasma": {
"inputs": { "inputs": {
@ -67,11 +73,11 @@
}, },
"locked": { "locked": {
"dir": "flakes/flatpaks", "dir": "flakes/flatpaks",
"lastModified": 1767743368, "lastModified": 1767737541,
"narHash": "sha256-mdCzyG8OHo7XNaqN9fKQjoZO8/w6/grgisexOsUcrKI=", "narHash": "sha256-7e8xFdNxTJpP8X85gJ/l5czveU3qKw8VUK889BYHsP8=",
"ref": "refs/heads/master", "ref": "refs/heads/master",
"rev": "c223dedb701601f1b19e1c347396d19ca7aeb418", "rev": "abf8f5381d683a3968239206d69b0a5ad6852799",
"revCount": 1086, "revCount": 1078,
"type": "git", "type": "git",
"url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles"
}, },
@ -1135,11 +1141,11 @@
}, },
"locked": { "locked": {
"dir": "flakes/opencode", "dir": "flakes/opencode",
"lastModified": 1767743368, "lastModified": 1767737541,
"narHash": "sha256-mdCzyG8OHo7XNaqN9fKQjoZO8/w6/grgisexOsUcrKI=", "narHash": "sha256-7e8xFdNxTJpP8X85gJ/l5czveU3qKw8VUK889BYHsP8=",
"ref": "refs/heads/master", "ref": "refs/heads/master",
"rev": "c223dedb701601f1b19e1c347396d19ca7aeb418", "rev": "abf8f5381d683a3968239206d69b0a5ad6852799",
"revCount": 1086, "revCount": 1078,
"type": "git", "type": "git",
"url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles"
}, },

4
hosts/juni/flake.nix
View file

@ -9,8 +9,8 @@
impermanence.url = "github:nix-community/impermanence"; impermanence.url = "github:nix-community/impermanence";
# Use relative to get current version for testin # Use relative to get current version for testin
common.url = "path:../../flakes/common"; # common.url = "path:../../flakes/common";
# common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles?dir=flakes/common"; common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles?dir=flakes/common";
# secrets-bao.url = "path:../../flakes/secrets-bao"; # secrets-bao.url = "path:../../flakes/secrets-bao";
# NOTE: using an absolute path so this works before you commit/push. # NOTE: using an absolute path so this works before you commit/push.
# After you add `flakes/secrets-bao` to the repo, switch to a git URL like your other flakes. # After you add `flakes/secrets-bao` to the repo, switch to a git URL like your other flakes.