From 17fe50e0d2d201d3740c939c2d31ed00060d5454 Mon Sep 17 00:00:00 2001 From: iFargle Date: Tue, 4 Jul 2023 14:44:25 +0900 Subject: [PATCH] Update --- README.md | 5 +++++ configuration.nix | 9 +++++---- flake.nix | 3 +-- services/openssh.nix | 3 +++ {software => services}/promtail.nix | 0 5 files changed, 14 insertions(+), 6 deletions(-) create mode 100644 services/openssh.nix rename {software => services}/promtail.nix (100%) diff --git a/README.md b/README.md index 71c277ab..834d4a51 100644 --- a/README.md +++ b/README.md @@ -38,3 +38,8 @@ Repo for nix configuration files 2. Add it to your GPG Keyring via `gpg --import albert.key` 3. Mark it as ultimately trusted via `gpg --edit-key albert@sysctl.io`, then type `trust`, then `5` 4. Repeat this step for all users who need a GPG key assigned + +# SOPS Secrets +1. To edit a file: cd to `/path/to/nix-files/` and run: + * `nix-shell -p sops --run "sops secrets/secret_file.yml` +2. Ensure your GPG keys are set up. \ No newline at end of file diff --git a/configuration.nix b/configuration.nix index d126a6e3..fa8126f4 100644 --- a/configuration.nix +++ b/configuration.nix @@ -15,10 +15,12 @@ [ # Gnome configuration file. ./desktops/gnome.nix - # Promtail logging - ./software/promtail.nix # Default configuration for Firefox ./software/firefox.nix + # Enable OpenSSH + ./services/openssh.nix + # Promtail logging + ./services/promtail.nix ]; # Keep the system up-to-date automatically @@ -52,7 +54,7 @@ # Password set via wpa_supplicant command # https://nixos.org/manual/nixos/unstable/index.html#sec-wireless - wireless.networks = { + wireless.networks = { # Use nix-sops for this copeland-5g.psk = "5b43054e4c927ecd94cf19103fa80a7ce99ca69f27cdd75026be3c261d7f78cb"; }; @@ -156,7 +158,6 @@ # Enable various system services services = { - openssh.enable = true; tailscale.enable = true; }; diff --git a/flake.nix b/flake.nix index fee147a3..32cb660b 100644 --- a/flake.nix +++ b/flake.nix @@ -25,7 +25,6 @@ # Encrypted secrets in Nix configuration files # https://github.com/Mic92/sops-nix sops-nix.url = "github:Mic92/sops-nix"; - }; outputs = { stable-nixpkgs, unstable-nixpkgs, home-manager, lanzaboote, nur, sops-nix, ... }@inputs: @@ -65,7 +64,7 @@ # Home Manager settings home-manager.nixosModules.home-manager { - home-manager.useGlobalPkgs = true; + home-manager.useGlobalPkgs = true; home-manager.useUserPackages = true; home-manager.users.albert = import ./users/albert/home.nix; home-manager.users.root = import ./users/root/home.nix; diff --git a/services/openssh.nix b/services/openssh.nix new file mode 100644 index 00000000..178fe62a --- /dev/null +++ b/services/openssh.nix @@ -0,0 +1,3 @@ +{ config, pkgs, ... }: { + services.openssh = {}; +} \ No newline at end of file diff --git a/software/promtail.nix b/services/promtail.nix similarity index 100% rename from software/promtail.nix rename to services/promtail.nix