update keys
This commit is contained in:
parent
d3818a4909
commit
eb240268e4
5 changed files with 72 additions and 28 deletions
|
@ -39,6 +39,7 @@
|
|||
type ? "default",
|
||||
repo ? "nixpkgs",
|
||||
unfree ? false,
|
||||
ip ? null,
|
||||
pkgs ? import inputs.${repo}
|
||||
{ inherit system; config.allowUnfree = unfree; hostPlatform = system; },
|
||||
pkgs-unstable ? import inputs.nixpkgs-unstable
|
||||
|
@ -49,16 +50,21 @@
|
|||
( import ../nixos/containers/${hostname}/mounts.nix )
|
||||
];
|
||||
autoStart = true;
|
||||
privateNetwork = false;
|
||||
privateNetwork = true;
|
||||
localAddress = "192.168.2.${ip}/32";
|
||||
hostAddress = "192.168.2.1";
|
||||
restartIfChanged = true;
|
||||
enableTun = true;
|
||||
additionalCapabilities = [ "CAP_NET_ADMIN" "CAP_NET_RAW" ];
|
||||
specialArgs = { inherit pkgs-unstable hostname username desktop theme system repo unfree stateVersion; };
|
||||
config = { lib, config, pkgs-unstable, hostname, username, desktop, theme, system, repo, stateVersion, ... }: {
|
||||
# Choose whether to pull from stable or unstable
|
||||
nixpkgs.pkgs = import inputs.${repo} {
|
||||
inherit system;
|
||||
config.allowUnfree = unfree;
|
||||
hostPlatform = system;
|
||||
};
|
||||
# Choose whether to pull from stable or unstable
|
||||
nixpkgs.pkgs = import inputs.${repo} {
|
||||
inherit system;
|
||||
config.allowUnfree = unfree;
|
||||
hostPlatform = system;
|
||||
};
|
||||
|
||||
imports = [
|
||||
../nixos/containers
|
||||
inputs.sops-nix.nixosModules.sops
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ hostname, username, ... }: {
|
||||
{ stateVersion, hostname, username, ... }: {
|
||||
imports = [
|
||||
./${hostname}
|
||||
../users/${username}
|
||||
|
@ -20,6 +20,10 @@
|
|||
"tailscaled-autoconnect.service"
|
||||
];
|
||||
};
|
||||
|
||||
boot.isContainer = true;
|
||||
services.tailscale.authKeyFile = "/run/secrets/tailscale_key";
|
||||
networking.hostName = "${hostname}";
|
||||
networking.interfaces."eth0".useDHCP = true;
|
||||
system.stateVersion = stateVersion;
|
||||
}
|
||||
|
|
|
@ -1,7 +1,8 @@
|
|||
{ lib, desktop, ... }: {
|
||||
{ ... }: {
|
||||
imports = [
|
||||
../../common/software/packages.nix
|
||||
] ++ lib.optional (builtins.isString desktop) ../../common/desktops/${desktop};
|
||||
../../common/desktops/xfce
|
||||
];
|
||||
|
||||
networking.firewall.allowedTCPPorts = [ 3389 ];
|
||||
services.xrdp.enable = true;
|
||||
|
|
|
@ -1,9 +1,22 @@
|
|||
{ lib, self, inputs, outputs, stateVersion, hmStateVersion, pkgs, pkgs-unstable, ... }:
|
||||
{ lib, self, inputs, outputs, stateVersion, hmStateVersion, ... }:
|
||||
let
|
||||
libx = import ../../../lib { inherit lib self inputs outputs stateVersion hmStateVersion; };
|
||||
in {
|
||||
# Secrets
|
||||
containers = {
|
||||
rdesktop = libx.mkContainer { hostname = "rdesktop"; unfree = true; repo = "nixpkgs-unstable"; desktop = "xfce"; };
|
||||
rdesktop = libx.mkContainer { hostname = "rdesktop"; };
|
||||
};
|
||||
|
||||
|
||||
networking = {
|
||||
bridges.br0.interfaces = "enp0s13f0u4";
|
||||
interfaces.bro.ipv4.addresses = [{ address = "192.168.2.1"; prefixLength = 24; }];
|
||||
};
|
||||
|
||||
# networking.nat = {
|
||||
# enable = true;
|
||||
# internalInterfaces = [
|
||||
# "ve-rdesktop"
|
||||
# ];
|
||||
# externalInterface = "enp0s13f0u4";
|
||||
# };
|
||||
}
|
||||
|
|
|
@ -8,25 +8,45 @@ sops:
|
|||
lastmodified: "2024-03-25T03:46:39Z"
|
||||
mac: ENC[AES256_GCM,data:R7SWM8rB0j97ax0hCRlw/CNLwnv43DmeDBQe5UuoQfAiELn3849+mW4jGDVt/aQiJ7BF4j0LHuYXIMSQYbUJalx08SsA+deWCl2kANLHZCPbvASkmnVvDSYYRMgnBVc4Bl9/qX8wW2LhsASYUE+mXavIF5vFw2Bnz7Fyrv/KJ24=,iv:QhisO42F3fXKh3yoaVhuh4nRJG7kg/OHN8noUViMYPg=,tag:TQ6D0DlRPQJtpvOsvv6b6Q==,type:str]
|
||||
pgp:
|
||||
- created_at: "2024-03-25T02:57:12Z"
|
||||
- created_at: "2024-03-26T00:00:33Z"
|
||||
enc: |-
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
hQIMAx+imH9kwOLOARAAl+SEO7uBSKVXN9iKrHYBBohaNB5M89cgj94W8DsPNWfs
|
||||
A7lqpkJJfQGmE4GnmAuMp38UHMOu906LSleAcecCxPUDOaKwz8Lbfs8awxk+jJ5H
|
||||
OuqFkWo1ErqDZxZYQmeM0KG2+oc45gXVbIg3/B/rS26TLpOUxOrzwKIXu+4dw2ME
|
||||
v90AXEW4uRrItdm7EOU/fyzuC4sm/gsEwRyW6NMHuWQxwpLi3d/KLEyxB00Akiwg
|
||||
ct8UfyenG7XUyKRpdyo0sFvB2xxYKsjvX0In75o81AA6A5mLoyabItJSzTcIK/rr
|
||||
IsBsp2YAd2bCEwMAU9QCexgSicvh2jpczvIryAYdMIp/vVOf6+X6/z4Iyju5mfSQ
|
||||
JsNhs7tLQOQ4bjyLYZqtx7YaZjHjXWpSwBW24IfQRQ1BUjrmzZjPXuftAr2mT5fd
|
||||
KJlWfnN0yKaRgh8vtqE1RmqX15eid/0h3VJ6gGl+1juLOv4/CLtAcNkhZS2hN1wP
|
||||
SBJqZMzNIVrkj/WSnXFXIJbkvfxbX12elyvvLSChBNjpE77JddQcFLareNDLr3k1
|
||||
W+t456Ql7AGlfz1lZE7s07Nuu1XofTR/VqcN/xsgCnXl+cDUUBHox7L0C4IRneF0
|
||||
vLC+neAjGecR3oAIZuyBfFcXPxaebXBblWCw4XafiU+ppziG8TSIBy9Q3pv6KjfS
|
||||
VgE7MciCKsl3JeKKTn7rugsMcBDY54l8AKgKElKU2cg6ExAey8hINCamUj5RoF82
|
||||
r9JE7H+RAWVU4wP+VqaF7JNMyPxbfHfjv2ybwR+Bm9IFqzD01Oxl
|
||||
=xeiz
|
||||
hQIMAx+imH9kwOLOARAAiwdTa55CLbwuweRV0oxe+YK8XtX0cBQW25syfyHOlvMg
|
||||
gYDw4ADlu9sOQ4MZnoQXZiNOSBraNwInbadHeQDWBBUfoSukDK0TOXlVtKiSw2gL
|
||||
N9JhmRfiKchxJL5LX3qmqjw0I0cPiCtIxFfDBqClMO90Im5qHFvjRz24XkukARCK
|
||||
AmVbn3GjESx8kiLCT6JlOwBhZPMO9N1YZaeEPbBCdkLde85CShIFW1g9BKq1kJLY
|
||||
IyO+x1yPVswPGZKS9BiX3S2QqU7ALK2JP0YRGd+7UjT+oxZY33WMkY7ajbwfkiNv
|
||||
afGMRehZ2vXCvlDPMvGDXU2R1TGHe6C66kO4kBHawivOci8qwTXeeQx26YeyQJMK
|
||||
sMKK2Oe+IXxGO+AuGgMwQpsHTJj+B7bLbWiU401ft7W50LsFspGKfeCUBsnFfmyw
|
||||
0w3lafS/oCpBuAAQ8OgDSQDhb3UrkKfvv5zEvCj8QfspBgWiSoCEcZruMRsJkb2d
|
||||
DyNM6okmU6z+Iqh7J2awwtkbMnUDEpxc9lBDfUBwBWv3mlj17PEJZj9/c4N6Vi+/
|
||||
Y7JK7qcGoIpLbAc8VtmyfXOOKZlwn7xIBOjnQCzbqV0Iag+d0Z1fxzJMdMYAsdwL
|
||||
1/euYMJhGt195YH5/Qd+mYTIhQ9UT20yQduJoqfwwo/+c3PRDVcXKOZD9Ce/bdfS
|
||||
VgHm+ON76WFr7GEOXQxPFV/rGQ2xrlQ+jCa1iGlvZz8XGYUjGEG+pyrIbypDvKOx
|
||||
FrZH8Rr9z2xVoSf06ziV/dm+g/Uut/I+byZyAynuIeS+5EDHYJQU
|
||||
=+uVi
|
||||
-----END PGP MESSAGE-----
|
||||
fp: D98BBC6C9A27324654C2D8C464F6C4EB46C4543A
|
||||
- created_at: "2024-03-26T00:00:33Z"
|
||||
enc: |-
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
hQIMA6d9aNxyfPUrARAAhov6FXAFSZCSYSDplJp5A1a7CpWDXv4+WbeZP2qVPjHc
|
||||
fyc9jJCocbH9dL0dcrMubBil82o+ZfS5GLU4S9jir2TQ52e+wfX6VOcJ7a9TI1Vn
|
||||
KllSLLKcjHCe02zDoqWv5OZei/vwTOA1H1cq9vDdAACJ1ySmsq2HaEGggSk1StZB
|
||||
Tzj6Jm9Dqe4+S4Tot65hZwADUGA80+XL42Bq+hqYCS8na1I1Slmi/p3fkyAs/3S3
|
||||
Okhb7C2uTLnSvLCThjy3sG8YtAgsJlA39zgvbTQGj2+IlK25wD1rKBvMTJlt852D
|
||||
jX3CYgM5DYx0/El0jFItCU0RcIHoga4hS/s8x4Dnnz+6IkYK4wSk7a76ErW8nf/S
|
||||
srRpILBhUNS36FCnN9m76v2HewAf0Z2ExV6lm/Tw8AgViyAtSTAFxxkADoApl10n
|
||||
J/SorOTf/b1APPrAk3b+l9UnlDf8vgxRBjzXFbJlfEQfLWr0DoOc9zGsVdIt18zz
|
||||
Erz5WJmgILjoaj6oMX9EobsInxXRc49rbcsIMH3ghi1yT/S4CsOuSx9N42+wkWPY
|
||||
bSTs4RBwohc7b6EZf5WsTOqcktjl7zOrTOqz6Kl2nwYHWlYC5fYS0d4fMkjJoJCk
|
||||
D4t2QvjQtuGSejeiXZjhUW41V/f/gsbTrg/xw/6JJ94DYlUGLti0Phr6xDZAT0vS
|
||||
VgGxBz12bfS03iXtu0SM7LmNy/U3hYzJq8NXbk0uN0RYuxIiHoWwdWWBVlLjxttH
|
||||
s2hZE7x/qThF2lqP+CqaAjeQZ827ZdPYO9gVZAQFMO/eGwrTRNP8
|
||||
=V6sY
|
||||
-----END PGP MESSAGE-----
|
||||
fp: dfd3a496aba156fa521e82ada77d68dc727cf52b
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.8.1
|
||||
|
|
Loading…
Reference in a new issue