Update
This commit is contained in:
parent
70594ec874
commit
17fe50e0d2
5 changed files with 14 additions and 6 deletions
|
@ -38,3 +38,8 @@ Repo for nix configuration files
|
||||||
2. Add it to your GPG Keyring via `gpg --import albert.key`
|
2. Add it to your GPG Keyring via `gpg --import albert.key`
|
||||||
3. Mark it as ultimately trusted via `gpg --edit-key albert@sysctl.io`, then type `trust`, then `5`
|
3. Mark it as ultimately trusted via `gpg --edit-key albert@sysctl.io`, then type `trust`, then `5`
|
||||||
4. Repeat this step for all users who need a GPG key assigned
|
4. Repeat this step for all users who need a GPG key assigned
|
||||||
|
|
||||||
|
# SOPS Secrets
|
||||||
|
1. To edit a file: cd to `/path/to/nix-files/` and run:
|
||||||
|
* `nix-shell -p sops --run "sops secrets/secret_file.yml`
|
||||||
|
2. Ensure your GPG keys are set up.
|
|
@ -15,10 +15,12 @@
|
||||||
[
|
[
|
||||||
# Gnome configuration file.
|
# Gnome configuration file.
|
||||||
./desktops/gnome.nix
|
./desktops/gnome.nix
|
||||||
# Promtail logging
|
|
||||||
./software/promtail.nix
|
|
||||||
# Default configuration for Firefox
|
# Default configuration for Firefox
|
||||||
./software/firefox.nix
|
./software/firefox.nix
|
||||||
|
# Enable OpenSSH
|
||||||
|
./services/openssh.nix
|
||||||
|
# Promtail logging
|
||||||
|
./services/promtail.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
# Keep the system up-to-date automatically
|
# Keep the system up-to-date automatically
|
||||||
|
@ -52,7 +54,7 @@
|
||||||
|
|
||||||
# Password set via wpa_supplicant command
|
# Password set via wpa_supplicant command
|
||||||
# https://nixos.org/manual/nixos/unstable/index.html#sec-wireless
|
# https://nixos.org/manual/nixos/unstable/index.html#sec-wireless
|
||||||
wireless.networks = {
|
wireless.networks = { # Use nix-sops for this
|
||||||
copeland-5g.psk = "5b43054e4c927ecd94cf19103fa80a7ce99ca69f27cdd75026be3c261d7f78cb";
|
copeland-5g.psk = "5b43054e4c927ecd94cf19103fa80a7ce99ca69f27cdd75026be3c261d7f78cb";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -156,7 +158,6 @@
|
||||||
|
|
||||||
# Enable various system services
|
# Enable various system services
|
||||||
services = {
|
services = {
|
||||||
openssh.enable = true;
|
|
||||||
tailscale.enable = true;
|
tailscale.enable = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -25,7 +25,6 @@
|
||||||
# Encrypted secrets in Nix configuration files
|
# Encrypted secrets in Nix configuration files
|
||||||
# https://github.com/Mic92/sops-nix
|
# https://github.com/Mic92/sops-nix
|
||||||
sops-nix.url = "github:Mic92/sops-nix";
|
sops-nix.url = "github:Mic92/sops-nix";
|
||||||
|
|
||||||
};
|
};
|
||||||
|
|
||||||
outputs = { stable-nixpkgs, unstable-nixpkgs, home-manager, lanzaboote, nur, sops-nix, ... }@inputs:
|
outputs = { stable-nixpkgs, unstable-nixpkgs, home-manager, lanzaboote, nur, sops-nix, ... }@inputs:
|
||||||
|
|
3
services/openssh.nix
Normal file
3
services/openssh.nix
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
{ config, pkgs, ... }: {
|
||||||
|
services.openssh = {};
|
||||||
|
}
|
Loading…
Reference in a new issue