Compare commits
No commits in common. "fe7a1ac82d1c4ae225556977806be8bd2726b9af" and "07d87070f183b40e179404250148e4ad1257bd73" have entirely different histories.
fe7a1ac82d
...
07d87070f1
4 changed files with 50 additions and 51 deletions
|
|
@ -4,10 +4,11 @@
|
|||
...
|
||||
}:
|
||||
let
|
||||
inherit (osConfig) age;
|
||||
hasSecret =
|
||||
secret:
|
||||
let
|
||||
secrets = osConfig.age.secrets or { };
|
||||
secrets = age.secrets or { };
|
||||
in
|
||||
secrets ? ${secret} && secrets.${secret} != null;
|
||||
in
|
||||
|
|
@ -38,39 +39,39 @@ in
|
|||
|
||||
# EXTERNAL
|
||||
"github.com" = lib.mkIf (hasSecret "nix2github") {
|
||||
identityFile = osConfig.age.secrets.nix2github.path;
|
||||
identityFile = age.secrets.nix2github.path;
|
||||
};
|
||||
"bitbucket.org" = lib.mkIf (hasSecret "nix2bitbucket") {
|
||||
identityFile = osConfig.age.secrets.nix2bitbucket.path;
|
||||
identityFile = age.secrets.nix2bitbucket.path;
|
||||
};
|
||||
"git.joshuabell.xyz" = {
|
||||
identityFile = lib.mkIf (hasSecret "nix2gitforgejo") osConfig.age.secrets.nix2gitforgejo.path;
|
||||
identityFile = lib.mkIf (hasSecret "nix2gitforgejo") age.secrets.nix2gitforgejo.path;
|
||||
user = "git";
|
||||
};
|
||||
# PERSONAL DEVICES
|
||||
"lio" = {
|
||||
identityFile = lib.mkIf (hasSecret "nix2lio") osConfig.age.secrets.nix2lio.path;
|
||||
identityFile = lib.mkIf (hasSecret "nix2lio") age.secrets.nix2lio.path;
|
||||
user = "josh";
|
||||
};
|
||||
"lio_" = {
|
||||
identityFile = lib.mkIf (hasSecret "nix2lio") osConfig.age.secrets.nix2lio.path;
|
||||
identityFile = lib.mkIf (hasSecret "nix2lio") age.secrets.nix2lio.path;
|
||||
hostname = "10.12.14.116";
|
||||
user = "josh";
|
||||
};
|
||||
"oren" = {
|
||||
identityFile = lib.mkIf (hasSecret "nix2oren") osConfig.age.secrets.nix2oren.path;
|
||||
identityFile = lib.mkIf (hasSecret "nix2oren") age.secrets.nix2oren.path;
|
||||
user = "josh";
|
||||
};
|
||||
"juni" = {
|
||||
identityFile = lib.mkIf (hasSecret "nix2nix") osConfig.age.secrets.nix2nix.path;
|
||||
identityFile = lib.mkIf (hasSecret "nix2nix") age.secrets.nix2nix.path;
|
||||
user = "josh";
|
||||
};
|
||||
"gp3" = {
|
||||
identityFile = lib.mkIf (hasSecret "nix2gpdPocket3") osConfig.age.secrets.nix2gpdPocket3.path;
|
||||
identityFile = lib.mkIf (hasSecret "nix2gpdPocket3") age.secrets.nix2gpdPocket3.path;
|
||||
user = "josh";
|
||||
};
|
||||
"t" = {
|
||||
identityFile = lib.mkIf (hasSecret "nix2t") osConfig.age.secrets.nix2t.path;
|
||||
identityFile = lib.mkIf (hasSecret "nix2t") age.secrets.nix2t.path;
|
||||
user = "joshua.bell";
|
||||
localForwards = [
|
||||
{
|
||||
|
|
@ -84,7 +85,7 @@ in
|
|||
};
|
||||
};
|
||||
"t_" = {
|
||||
identityFile = lib.mkIf (hasSecret "nix2t") osConfig.age.secrets.nix2t.path;
|
||||
identityFile = lib.mkIf (hasSecret "nix2t") age.secrets.nix2t.path;
|
||||
hostname = "10.12.14.181";
|
||||
user = "joshua.bell";
|
||||
localForwards = [
|
||||
|
|
@ -100,54 +101,54 @@ in
|
|||
};
|
||||
# HOME SERVERS
|
||||
"h001" = {
|
||||
identityFile = lib.mkIf (hasSecret "nix2h001") osConfig.age.secrets.nix2h001.path;
|
||||
identityFile = lib.mkIf (hasSecret "nix2h001") age.secrets.nix2h001.path;
|
||||
user = "luser";
|
||||
};
|
||||
"h001_" = {
|
||||
identityFile = lib.mkIf (hasSecret "nix2h001") osConfig.age.secrets.nix2h001.path;
|
||||
identityFile = lib.mkIf (hasSecret "nix2h001") age.secrets.nix2h001.path;
|
||||
hostname = "10.12.14.10";
|
||||
user = "luser";
|
||||
};
|
||||
"h002" = {
|
||||
identityFile = lib.mkIf (hasSecret "nix2nix") osConfig.age.secrets.nix2nix.path;
|
||||
identityFile = lib.mkIf (hasSecret "nix2nix") age.secrets.nix2nix.path;
|
||||
user = "luser";
|
||||
};
|
||||
"h002_" = {
|
||||
identityFile = lib.mkIf (hasSecret "nix2nix") osConfig.age.secrets.nix2nix.path;
|
||||
identityFile = lib.mkIf (hasSecret "nix2nix") age.secrets.nix2nix.path;
|
||||
hostname = "10.12.14.183";
|
||||
user = "luser";
|
||||
};
|
||||
"h003" = {
|
||||
identityFile = lib.mkIf (hasSecret "nix2h003") osConfig.age.secrets.nix2h003.path;
|
||||
identityFile = lib.mkIf (hasSecret "nix2h003") age.secrets.nix2h003.path;
|
||||
hostname = "10.12.14.1";
|
||||
user = "luser";
|
||||
};
|
||||
"h003_" = {
|
||||
identityFile = lib.mkIf (hasSecret "nix2h003") osConfig.age.secrets.nix2h003.path;
|
||||
identityFile = lib.mkIf (hasSecret "nix2h003") age.secrets.nix2h003.path;
|
||||
user = "luser";
|
||||
};
|
||||
# LINODE SERVERS
|
||||
"l001" = {
|
||||
identityFile = lib.mkIf (hasSecret "nix2linode") osConfig.age.secrets.nix2linode.path;
|
||||
identityFile = lib.mkIf (hasSecret "nix2linode") age.secrets.nix2linode.path;
|
||||
hostname = "172.236.111.33"; # Not on the tailscale network it is the primary host
|
||||
user = "root";
|
||||
};
|
||||
"l002_" = {
|
||||
identityFile = lib.mkIf (hasSecret "nix2linode") osConfig.age.secrets.nix2linode.path;
|
||||
identityFile = lib.mkIf (hasSecret "nix2linode") age.secrets.nix2linode.path;
|
||||
hostname = "172.234.26.141";
|
||||
user = "root";
|
||||
};
|
||||
"l002" = {
|
||||
identityFile = lib.mkIf (hasSecret "nix2linode") osConfig.age.secrets.nix2linode.path;
|
||||
identityFile = lib.mkIf (hasSecret "nix2linode") age.secrets.nix2linode.path;
|
||||
user = "root";
|
||||
};
|
||||
# ORACLE SERVERS
|
||||
"o001" = {
|
||||
identityFile = lib.mkIf (hasSecret "nix2oracle") osConfig.age.secrets.nix2oracle.path;
|
||||
identityFile = lib.mkIf (hasSecret "nix2oracle") age.secrets.nix2oracle.path;
|
||||
user = "root";
|
||||
};
|
||||
"o001_" = {
|
||||
identityFile = lib.mkIf (hasSecret "nix2oracle") osConfig.age.secrets.nix2oracle.path;
|
||||
identityFile = lib.mkIf (hasSecret "nix2oracle") age.secrets.nix2oracle.path;
|
||||
hostname = "64.181.210.7";
|
||||
user = "root";
|
||||
};
|
||||
|
|
|
|||
|
|
@ -4,14 +4,6 @@
|
|||
lib,
|
||||
...
|
||||
}:
|
||||
let
|
||||
hasSecret =
|
||||
secret:
|
||||
let
|
||||
secrets = config.age.secrets or { };
|
||||
in
|
||||
secrets ? ${secret} && secrets.${secret} != null;
|
||||
in
|
||||
{
|
||||
environment.systemPackages = with pkgs; [ tailscale ];
|
||||
boot.kernelModules = [ "tun" ];
|
||||
|
|
@ -20,7 +12,7 @@ in
|
|||
enable = true;
|
||||
openFirewall = true;
|
||||
useRoutingFeatures = "client";
|
||||
authKeyFile = lib.mkIf (hasSecret "headscale_auth") config.age.secrets.headscale_auth.path;
|
||||
authKeyFile = config.age.secrets.headscale_auth.path;
|
||||
extraUpFlags = [
|
||||
"--login-server=https://headscale.joshuabell.xyz"
|
||||
];
|
||||
|
|
|
|||
42
hosts/juni/flake.lock
generated
42
hosts/juni/flake.lock
generated
|
|
@ -6,11 +6,11 @@
|
|||
},
|
||||
"locked": {
|
||||
"dir": "flakes/beszel",
|
||||
"lastModified": 1767743368,
|
||||
"narHash": "sha256-mdCzyG8OHo7XNaqN9fKQjoZO8/w6/grgisexOsUcrKI=",
|
||||
"lastModified": 1767737541,
|
||||
"narHash": "sha256-7e8xFdNxTJpP8X85gJ/l5czveU3qKw8VUK889BYHsP8=",
|
||||
"ref": "refs/heads/master",
|
||||
"rev": "c223dedb701601f1b19e1c347396d19ca7aeb418",
|
||||
"revCount": 1086,
|
||||
"rev": "abf8f5381d683a3968239206d69b0a5ad6852799",
|
||||
"revCount": 1078,
|
||||
"type": "git",
|
||||
"url": "https://git.joshuabell.xyz/ringofstorms/dotfiles"
|
||||
},
|
||||
|
|
@ -38,14 +38,20 @@
|
|||
},
|
||||
"common": {
|
||||
"locked": {
|
||||
"path": "../../flakes/common",
|
||||
"type": "path"
|
||||
"dir": "flakes/common",
|
||||
"lastModified": 1767737953,
|
||||
"narHash": "sha256-rHqjhsGc8iInvJ7tw3jqS6H3U0Z6TTYU6fMyiErNnNs=",
|
||||
"ref": "refs/heads/master",
|
||||
"rev": "8cd92aaba4d4db2d605f597eb68f501b9069efee",
|
||||
"revCount": 1080,
|
||||
"type": "git",
|
||||
"url": "https://git.joshuabell.xyz/ringofstorms/dotfiles"
|
||||
},
|
||||
"original": {
|
||||
"path": "../../flakes/common",
|
||||
"type": "path"
|
||||
},
|
||||
"parent": []
|
||||
"dir": "flakes/common",
|
||||
"type": "git",
|
||||
"url": "https://git.joshuabell.xyz/ringofstorms/dotfiles"
|
||||
}
|
||||
},
|
||||
"de_plasma": {
|
||||
"inputs": {
|
||||
|
|
@ -67,11 +73,11 @@
|
|||
},
|
||||
"locked": {
|
||||
"dir": "flakes/flatpaks",
|
||||
"lastModified": 1767743368,
|
||||
"narHash": "sha256-mdCzyG8OHo7XNaqN9fKQjoZO8/w6/grgisexOsUcrKI=",
|
||||
"lastModified": 1767737541,
|
||||
"narHash": "sha256-7e8xFdNxTJpP8X85gJ/l5czveU3qKw8VUK889BYHsP8=",
|
||||
"ref": "refs/heads/master",
|
||||
"rev": "c223dedb701601f1b19e1c347396d19ca7aeb418",
|
||||
"revCount": 1086,
|
||||
"rev": "abf8f5381d683a3968239206d69b0a5ad6852799",
|
||||
"revCount": 1078,
|
||||
"type": "git",
|
||||
"url": "https://git.joshuabell.xyz/ringofstorms/dotfiles"
|
||||
},
|
||||
|
|
@ -1135,11 +1141,11 @@
|
|||
},
|
||||
"locked": {
|
||||
"dir": "flakes/opencode",
|
||||
"lastModified": 1767743368,
|
||||
"narHash": "sha256-mdCzyG8OHo7XNaqN9fKQjoZO8/w6/grgisexOsUcrKI=",
|
||||
"lastModified": 1767737541,
|
||||
"narHash": "sha256-7e8xFdNxTJpP8X85gJ/l5czveU3qKw8VUK889BYHsP8=",
|
||||
"ref": "refs/heads/master",
|
||||
"rev": "c223dedb701601f1b19e1c347396d19ca7aeb418",
|
||||
"revCount": 1086,
|
||||
"rev": "abf8f5381d683a3968239206d69b0a5ad6852799",
|
||||
"revCount": 1078,
|
||||
"type": "git",
|
||||
"url": "https://git.joshuabell.xyz/ringofstorms/dotfiles"
|
||||
},
|
||||
|
|
|
|||
|
|
@ -9,8 +9,8 @@
|
|||
impermanence.url = "github:nix-community/impermanence";
|
||||
|
||||
# Use relative to get current version for testin
|
||||
common.url = "path:../../flakes/common";
|
||||
# common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles?dir=flakes/common";
|
||||
# common.url = "path:../../flakes/common";
|
||||
common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles?dir=flakes/common";
|
||||
# secrets-bao.url = "path:../../flakes/secrets-bao";
|
||||
# NOTE: using an absolute path so this works before you commit/push.
|
||||
# After you add `flakes/secrets-bao` to the repo, switch to a git URL like your other flakes.
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue