Update sops
This commit is contained in:
parent
5964897509
commit
103096e85a
3 changed files with 20 additions and 8 deletions
11
.sops.yaml
11
.sops.yaml
|
@ -1,9 +1,16 @@
|
||||||
keys:
|
keys:
|
||||||
- &user-albert D98BBC6C9A27324654C2D8C464F6C4EB46C4543A
|
- &user-albert D98BBC6C9A27324654C2D8C464F6C4EB46C4543A
|
||||||
- &host-nixos-laptop ca375f85e93f5327eca3e0af996236957c887168
|
- &host-nixos-laptop ca375f85e93f5327eca3e0af996236957c887168
|
||||||
|
- &host-nixos-rpi4-01 KEY_GOES_HERE
|
||||||
creation_rules:
|
creation_rules:
|
||||||
- path_regex: secrets/[^/]+\.(yml|yaml)$
|
- path_regex: secrets/secrets.yaml
|
||||||
key_groups:
|
key_groups:
|
||||||
- pgp:
|
- pgp:
|
||||||
- *user-albert
|
- *user-albert
|
||||||
- *host-nixos-laptop
|
- *host-nixos-laptop
|
||||||
|
- *host-nixos-rpi4-01
|
||||||
|
|
||||||
|
- path_regex: secrets/tailscale.yaml
|
||||||
|
key_groups:
|
||||||
|
- pgp:
|
||||||
|
- *host-nixos-rpi4-01
|
|
@ -8,6 +8,10 @@ nixos-rebuild switch --flake '/etc/nixos#<HOSTNAME>'
|
||||||
![Gruv'd Hyprland](./screenshot.png "Hyprland with a Gruvboxy theme")
|
![Gruv'd Hyprland](./screenshot.png "Hyprland with a Gruvboxy theme")
|
||||||
---
|
---
|
||||||
# To Do List
|
# To Do List
|
||||||
|
* [ ] Raspberry Pi 1:
|
||||||
|
* [ ] Set up Tailscale with pre-auth keys (services.tailscale.authKeyFile, add the key to secrets/secrets.yaml)
|
||||||
|
* `${hostname}-tailscale-key`
|
||||||
|
* [ ] Set up sops and gpg
|
||||||
* [ ] Configure GameMode / Gamescope
|
* [ ] Configure GameMode / Gamescope
|
||||||
* [ ] Find a way to remove all default search engines in Firefox (Google, Amazon, etc)
|
* [ ] Find a way to remove all default search engines in Firefox (Google, Amazon, etc)
|
||||||
* [ ] Figure out what the home-manager `account` options are for.
|
* [ ] Figure out what the home-manager `account` options are for.
|
||||||
|
|
|
@ -1,12 +1,10 @@
|
||||||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||||
# and may be overwritten by future invocations. Please make changes
|
# and may be overwritten by future invocations. Please make changes
|
||||||
# to /etc/nixos/configuration.nix instead.
|
# to /etc/nixos/configuration.nix instead.
|
||||||
{ config, lib, pkgs, modulesPath, ... }:
|
{ config, lib, pkgs, modulesPath, ... }: {
|
||||||
|
imports = [
|
||||||
{
|
(modulesPath + "/installer/scan/not-detected.nix")
|
||||||
imports =
|
];
|
||||||
[ (modulesPath + "/installer/scan/not-detected.nix")
|
|
||||||
];
|
|
||||||
|
|
||||||
# Use the extlinux boot loader. (NixOS wants to enable GRUB by default)
|
# Use the extlinux boot loader. (NixOS wants to enable GRUB by default)
|
||||||
boot.loader.grub.enable = false;
|
boot.loader.grub.enable = false;
|
||||||
|
@ -39,4 +37,7 @@
|
||||||
powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
|
powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
|
||||||
|
|
||||||
networking.hostname = "nixos-rpi4-01";
|
networking.hostname = "nixos-rpi4-01";
|
||||||
|
|
||||||
|
# Generic Tailscale configs are in /nixos/common/services/tailscale.nix
|
||||||
|
services.tailscale.authKeyFile = "/run/secrets/nixos-rpi4-01_tailscale_key";
|
||||||
}
|
}
|
Loading…
Reference in a new issue