This commit is contained in:
iFargle 2023-07-04 14:44:25 +09:00
parent 70594ec874
commit 17fe50e0d2
5 changed files with 14 additions and 6 deletions

View file

@ -38,3 +38,8 @@ Repo for nix configuration files
2. Add it to your GPG Keyring via `gpg --import albert.key` 2. Add it to your GPG Keyring via `gpg --import albert.key`
3. Mark it as ultimately trusted via `gpg --edit-key albert@sysctl.io`, then type `trust`, then `5` 3. Mark it as ultimately trusted via `gpg --edit-key albert@sysctl.io`, then type `trust`, then `5`
4. Repeat this step for all users who need a GPG key assigned 4. Repeat this step for all users who need a GPG key assigned
# SOPS Secrets
1. To edit a file: cd to `/path/to/nix-files/` and run:
* `nix-shell -p sops --run "sops secrets/secret_file.yml`
2. Ensure your GPG keys are set up.

View file

@ -15,10 +15,12 @@
[ [
# Gnome configuration file. # Gnome configuration file.
./desktops/gnome.nix ./desktops/gnome.nix
# Promtail logging
./software/promtail.nix
# Default configuration for Firefox # Default configuration for Firefox
./software/firefox.nix ./software/firefox.nix
# Enable OpenSSH
./services/openssh.nix
# Promtail logging
./services/promtail.nix
]; ];
# Keep the system up-to-date automatically # Keep the system up-to-date automatically
@ -52,7 +54,7 @@
# Password set via wpa_supplicant command # Password set via wpa_supplicant command
# https://nixos.org/manual/nixos/unstable/index.html#sec-wireless # https://nixos.org/manual/nixos/unstable/index.html#sec-wireless
wireless.networks = { wireless.networks = { # Use nix-sops for this
copeland-5g.psk = "5b43054e4c927ecd94cf19103fa80a7ce99ca69f27cdd75026be3c261d7f78cb"; copeland-5g.psk = "5b43054e4c927ecd94cf19103fa80a7ce99ca69f27cdd75026be3c261d7f78cb";
}; };
@ -156,7 +158,6 @@
# Enable various system services # Enable various system services
services = { services = {
openssh.enable = true;
tailscale.enable = true; tailscale.enable = true;
}; };

View file

@ -25,7 +25,6 @@
# Encrypted secrets in Nix configuration files # Encrypted secrets in Nix configuration files
# https://github.com/Mic92/sops-nix # https://github.com/Mic92/sops-nix
sops-nix.url = "github:Mic92/sops-nix"; sops-nix.url = "github:Mic92/sops-nix";
}; };
outputs = { stable-nixpkgs, unstable-nixpkgs, home-manager, lanzaboote, nur, sops-nix, ... }@inputs: outputs = { stable-nixpkgs, unstable-nixpkgs, home-manager, lanzaboote, nur, sops-nix, ... }@inputs:
@ -65,7 +64,7 @@
# Home Manager settings # Home Manager settings
home-manager.nixosModules.home-manager { home-manager.nixosModules.home-manager {
home-manager.useGlobalPkgs = true; home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true; home-manager.useUserPackages = true;
home-manager.users.albert = import ./users/albert/home.nix; home-manager.users.albert = import ./users/albert/home.nix;
home-manager.users.root = import ./users/root/home.nix; home-manager.users.root = import ./users/root/home.nix;

3
services/openssh.nix Normal file
View file

@ -0,0 +1,3 @@
{ config, pkgs, ... }: {
services.openssh = {};
}