diff --git a/.git-age.yaml b/.git-age.yaml index 36c769f..1ed230c 100644 --- a/.git-age.yaml +++ b/.git-age.yaml @@ -1,7 +1,3 @@ -apps/gui/firefox/work.nix: - - age105cm5awxxegyrqthh4vhnxzr0tdy86q8uq52wkkjacfkutp2vprqwseak7 -machines/common/cifs.nix: - - age105cm5awxxegyrqthh4vhnxzr0tdy86q8uq52wkkjacfkutp2vprqwseak7 machines/dragonwell/dex.nix: - age105cm5awxxegyrqthh4vhnxzr0tdy86q8uq52wkkjacfkutp2vprqwseak7 machines/dragonwell/tandoor.nix: diff --git a/.gitattributes b/.gitattributes index ff02440..c835046 100644 --- a/.gitattributes +++ b/.gitattributes @@ -1,6 +1,4 @@ # Age -apps/gui/firefox/work.nix filter=git-age diff=git-age -machines/common/cifs.nix filter=git-age diff=git-age machines/dragonwell/dex.nix filter=git-age diff=git-age machines/dragonwell/vikunja.nix filter=git-age diff=git-age machines/dragonwell/tandoor.nix filter=git-age diff=git-age diff --git a/apps/gui/firefox/work.nix b/apps/gui/firefox/work.nix deleted file mode 100644 index fc2c871..0000000 Binary files a/apps/gui/firefox/work.nix and /dev/null differ diff --git a/apps/gui/tiny.nix b/apps/gui/tiny.nix index 4abf728..e6113b5 100644 --- a/apps/gui/tiny.nix +++ b/apps/gui/tiny.nix @@ -1,4 +1,4 @@ -{ +{config, ...}: { programs.tiny = { enable = true; settings = { @@ -14,7 +14,7 @@ sasl = { username = "jolheiser"; password = { - command = "cat /run/agenix/irc-pw"; + command = "cat ${config.age.secrets.irc-pw.path}"; }; }; } diff --git a/apps/nogui/default.nix b/apps/nogui/default.nix index a9d66d8..577b920 100644 --- a/apps/nogui/default.nix +++ b/apps/nogui/default.nix @@ -61,7 +61,7 @@ xdg.configFile."gist/config.yaml".text = '' username: jolheiser - password-file: /run/agenix/gist-pw + password-file: ${config.age.secrets.gist-pw.path} domain: gist.jojodev.com ''; diff --git a/apps/nogui/git.nix b/apps/nogui/git.nix index d0f0bf6..1778e59 100644 --- a/apps/nogui/git.nix +++ b/apps/nogui/git.nix @@ -64,7 +64,7 @@ in { }; includes = [ { - path = "/run/agenix/git-send-email"; + path = config.age.secrets.git-send-email.path; } { condition = "gitdir:~/ndlegis/"; diff --git a/apps/nogui/ssh.nix b/apps/nogui/ssh.nix index ddfd17d..86c957d 100644 --- a/apps/nogui/ssh.nix +++ b/apps/nogui/ssh.nix @@ -1,9 +1,8 @@ -{ +{config, ...}: { programs.ssh = { enable = true; includes = [ - "/run/agenix/ssh-config" - "/run/agenix/ssh-config-work" + config.age.secrets.ssh-config.path ]; }; } diff --git a/flake.lock b/flake.lock index 2b25d24..e7a8533 100644 --- a/flake.lock +++ b/flake.lock @@ -6,14 +6,15 @@ "home-manager": [], "nixpkgs": [ "nixpkgs" - ] + ], + "systems": "systems" }, "locked": { - "lastModified": 1701216516, - "narHash": "sha256-jKSeJn+7hZ1dZdiH1L+NWUGT2i/BGomKAJ54B9kT06Q=", + "lastModified": 1712079060, + "narHash": "sha256-/JdiT9t+zzjChc5qQiF+jhrVhRt8figYH29rZO7pFe4=", "owner": "ryantm", "repo": "agenix", - "rev": "13ac9ac6d68b9a0896e3d43a082947233189e247", + "rev": "1381a759b205dff7a6818733118d02253340fd5e", "type": "github" }, "original": { @@ -40,7 +41,7 @@ }, "flake-utils": { "inputs": { - "systems": "systems" + "systems": "systems_2" }, "locked": { "lastModified": 1694529238, @@ -210,11 +211,11 @@ ] }, "locked": { - "lastModified": 1699390779, - "narHash": "sha256-KOeRnuJm+iUpY16+ahJeePw0Bwxov7bZYwOOgNgZmOs=", + "lastModified": 1712265168, + "narHash": "sha256-Ax5PlgIre37jgpSbzzeSOXxjc4hZGXvyDhhlzmcsNwA=", "ref": "refs/heads/main", - "rev": "20a5d8a2ee8a8f5b6a8d0212a2eb5c9fb623750c", - "revCount": 12, + "rev": "b0c9047f739a25ec23969d2dfb4882aaf24b0ab5", + "revCount": 16, "type": "git", "url": "https://git.jolheiser.com/helix.drv.git" }, @@ -230,11 +231,11 @@ ] }, "locked": { - "lastModified": 1711122977, - "narHash": "sha256-EnHux7wf7/7r+YMv8d/Ym1OTllp4sqqq0Bws1a4s2Zo=", + "lastModified": 1712212014, + "narHash": "sha256-s+lbaf3nLRn1++/X2eXwY9mYCA/m9l8AvyG8beeOaXE=", "owner": "nix-community", "repo": "home-manager", - "rev": "19b87b9ae6ecfd81104a2a36ef8364f1de1b54b1", + "rev": "7e91f2a0ba4b62b88591279d54f741a13e36245b", "type": "github" }, "original": { @@ -281,11 +282,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1710827359, - "narHash": "sha256-/KY8hffTh9SN/tTcDn/FrEiYwTXnU8NKnr4D7/stmmA=", + "lastModified": 1712192574, + "narHash": "sha256-LbbVOliJKTF4Zl2b9salumvdMXuQBr2kuKP5+ZwbYq4=", "owner": "nixos", "repo": "nixpkgs", - "rev": "5710127d9693421e78cca4f74fac2db6d67162b1", + "rev": "f480f9d09e4b4cf87ee6151eba068197125714de", "type": "github" }, "original": { @@ -295,22 +296,6 @@ "type": "github" } }, - "nixpkgs-py39": { - "locked": { - "lastModified": 1681648924, - "narHash": "sha256-pzi3HISK8+7mpEtv08Yr80wswyHKsz+RP1CROG1Qf6s=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "f294325aed382b66c7a188482101b0f336d1d7db", - "type": "github" - }, - "original": { - "owner": "nixos", - "repo": "nixpkgs", - "rev": "f294325aed382b66c7a188482101b0f336d1d7db", - "type": "github" - } - }, "nur": { "locked": { "lastModified": 1701441860, @@ -362,7 +347,6 @@ "jolheiser-nur": "jolheiser-nur", "nixos-hardware": "nixos-hardware", "nixpkgs": "nixpkgs", - "nixpkgs-py39": "nixpkgs-py39", "nur": "nur", "resume": "resume", "tclip": "tclip", @@ -388,6 +372,21 @@ "type": "github" } }, + "systems_2": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, "tailwind-ctp": { "inputs": { "nixpkgs": [ diff --git a/flake.nix b/flake.nix index 5a9af83..ddaf734 100644 --- a/flake.nix +++ b/flake.nix @@ -4,7 +4,6 @@ inputs = { nixpkgs.url = "github:nixos/nixpkgs/nixpkgs-unstable"; flake-utils.url = "github:numtide/flake-utils"; # Only expressed here to use for followers - nixpkgs-py39.url = "github:nixos/nixpkgs/f294325aed382b66c7a188482101b0f336d1d7db"; home-manager = { url = "github:nix-community/home-manager"; @@ -99,7 +98,6 @@ home-manager, nixos-hardware, agenix, - nixpkgs-py39, wsl, ... } @ inputs: let @@ -128,10 +126,6 @@ inherit overlays system; config.allowUnfree = true; }; - userSecret = path: { - file = path; - owner = username; - }; commonConfig = {config, ...}: { config = { nixpkgs.overlays = overlays; @@ -139,123 +133,49 @@ nixpkgs.config.permittedInsecurePackages = [ "electron-25.9.0" ]; - age.secrets = { - ssh-config = userSecret ./secrets/shared/ssh-config.age; - ssh-config-work = userSecret ./secrets/shared/ssh-config-work.age; - spotify = { - file = ./secrets/shared/spotify.age; - owner = username; - path = "/home/${username}/.cache/spotify-player/credentials.json"; - }; - irc-pw = userSecret ./secrets/shared/irc-pw.age; - gist-pw = userSecret ./secrets/shared/gist-pw.age; - git-send-email = userSecret ./secrets/shared/git-send-email.age; - cachix = { - file = ./secrets/shared/cachix.age; - owner = username; - path = "/home/${username}/.config/cachix/cachix.dhall"; - }; - }; }; }; - workModules = [ - agenix.nixosModules.default - commonConfig - ({pkgs, ...}: { - config = { - nixpkgs.overlays = [ - (_: _: { - py39 = import nixpkgs-py39 {inherit (pkgs) system;}; - }) - ]; - age.secrets = { - netrc = { - file = ./secrets/work/netrc.age; - owner = username; - path = "/home/${username}/.netrc"; - }; - pipconf = { - file = ./secrets/work/pip.conf.age; - owner = username; - path = "/home/${username}/.config/pip/pip.conf"; - }; - pypirc = { - file = ./secrets/work/pypirc.age; - owner = username; - path = "/home/${username}/.pypirc"; - }; - cifs = userSecret ./secrets/work/cifs.age; - }; - }; - }) - ]; username = "jolheiser"; system = "x86_64-linux"; in { - homeConfigurations = let - commonModules = [ - { - home = { - inherit username; - homeDirectory = "/home/${username}"; - }; - } - ./apps/gui - ]; - in { + homeConfigurations = { "jolheiser" = home-manager.lib.homeManagerConfiguration { inherit pkgs; - modules = commonModules; - }; - "work" = home-manager.lib.homeManagerConfiguration { - inherit pkgs; - modules = - commonModules - ++ [ - { - nixpkgs.overlays = [ - (_: _: { - py39 = import nixpkgs-py39 {inherit (pkgs) system;}; - }) - ]; - programs = { - git.package = pkgs.gitSVN; - firefox.profiles.default.bookmarks = [(import ./apps/gui/firefox/work.nix)]; + modules = [ + agenix.homeManagerModules.age + { + home = { + inherit username; + homeDirectory = "/home/${username}"; + }; + age = { + secretsDir = "/home/${username}/.agenix/agenix"; + secretsMountPoint = "/home/${username}/.agenix/agenix.d"; + identityPaths = ["/home/${username}/.ssh/nix"]; + secrets = { + ssh-config.file = ./secrets/shared/ssh-config.age; + spotify = { + file = ./secrets/shared/spotify.age; + path = "/home/${username}/.cache/spotify-player/credentials.json"; + }; + irc-pw.file = ./secrets/shared/irc-pw.age; + gist-pw.file = ./secrets/shared/gist-pw.age; + git-send-email.file = ./secrets/shared/git-send-email.age; + cachix = { + file = ./secrets/shared/cachix.age; + path = "/home/${username}/.config/cachix/cachix.dhall"; + }; }; - } - ]; + }; + } + ./apps/gui + ]; }; }; nixosConfigurations = { - "chai" = nixpkgs.lib.nixosSystem { - inherit system; - modules = - workModules - ++ [ - ./machines/chai - ]; - }; - "earlgrey" = nixpkgs.lib.nixosSystem { - inherit system; - modules = - workModules - ++ [ - ./machines/earlgrey - ]; - }; - "masala" = nixpkgs.lib.nixosSystem { - inherit system; - modules = - workModules - ++ [ - wsl.nixosModules.wsl - ./machines/masala - ]; - }; "matcha" = nixpkgs.lib.nixosSystem { inherit system; modules = [ - agenix.nixosModules.default ./machines/matcha commonConfig ]; @@ -264,7 +184,6 @@ inherit system; modules = [ nixos-hardware.nixosModules.framework-13-7040-amd - agenix.nixosModules.default ./machines/genmaicha commonConfig ]; @@ -272,7 +191,6 @@ "sencha" = nixpkgs.lib.nixosSystem { inherit system; modules = [ - agenix.nixosModules.default ./machines/sencha commonConfig ]; diff --git a/justfile b/justfile index 1638805..b51e32c 100644 --- a/justfile +++ b/justfile @@ -13,9 +13,7 @@ switch *args: hm: @home-manager switch --flake . - -work: - @home-manager switch --flake '.#work' + @systemctl --user start agenix.service # Rebuild the current machine for next boot boot *args: diff --git a/machines/chai/default.nix b/machines/chai/default.nix deleted file mode 100644 index 40565d5..0000000 --- a/machines/chai/default.nix +++ /dev/null @@ -1,72 +0,0 @@ -{pkgs, ...}: let - username = "jolheiser"; -in { - imports = [./hardware.nix ../common/gui]; - - boot = { - kernelPackages = pkgs.linuxPackages_latest; - kernelParams = ["quiet" "splash"]; - loader.efi.canTouchEfiVariables = true; - loader.systemd-boot.enable = true; - initrd.systemd.enable = true; - }; - - hardware = {bluetooth.enable = true;}; - - networking = { - hostName = "chai"; - networkmanager.enable = true; - firewall.enable = true; - }; - - boot.initrd.luks.devices = { - "luks-83586073-35f8-438d-9203-99f1e966c2ca" = { - device = "/dev/disk/by-uuid/83586073-35f8-438d-9203-99f1e966c2ca"; - keyFile = "/crypto_keyfile.bin"; - }; - }; - - services = { - blueman.enable = true; - pcscd.enable = true; - openssh = { - enable = true; - settings = {X11Forwarding = true;}; - }; - globalprotect.enable = true; - printing = { - enable = true; - drivers = [pkgs.hplip]; - }; - }; - - virtualisation.docker.enable = true; - - users.users."${username}" = { - extraGroups = ["wheel" "docker"]; - isNormalUser = true; - }; - - environment.systemPackages = with pkgs; [ - globalprotect-openconnect - jetbrains.pycharm-professional - jetbrains.idea-ultimate - jetbrains.datagrip - libxcrypt - py39.python39 - py39.python39Packages.virtualenv - py39.python39Packages.psycopg2 - py39.python39Packages.wheel - py39.python39Packages.setuptools - py39.python39Packages.pip - python3Packages.twine - subversion - teams-for-linux - xorg.xauth - - # Flake overlay - jolheiser.nur.prospect-mail - ]; - - system.stateVersion = "22.11"; -} diff --git a/machines/chai/hardware.nix b/machines/chai/hardware.nix deleted file mode 100644 index d6aaec7..0000000 --- a/machines/chai/hardware.nix +++ /dev/null @@ -1,34 +0,0 @@ -{ - config, - lib, - modulesPath, - ... -}: { - imports = [(modulesPath + "/installer/scan/not-detected.nix") ../common/cifs.nix]; - - boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod"]; - boot.initrd.kernelModules = []; - boot.kernelModules = ["kvm-intel"]; - boot.extraModulePackages = []; - - fileSystems."/" = { - device = "/dev/disk/by-uuid/b8a0cc98-5882-4b69-a8cb-375726767606"; - fsType = "ext4"; - }; - - boot.initrd.luks.devices."luks-bd0a4998-266e-4aae-8f20-89561a2fa169".device = "/dev/disk/by-uuid/bd0a4998-266e-4aae-8f20-89561a2fa169"; - - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/5531-69DC"; - fsType = "vfat"; - }; - - swapDevices = [{device = "/dev/disk/by-uuid/eb7acf5d-e5db-45fa-8691-8ef5641cde68";}]; - - networking.useDHCP = lib.mkDefault true; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; - hardware.cpu.intel.updateMicrocode = - lib.mkDefault config.hardware.enableRedistributableFirmware; -} diff --git a/machines/common/cifs.nix b/machines/common/cifs.nix deleted file mode 100644 index 49f834c..0000000 Binary files a/machines/common/cifs.nix and /dev/null differ diff --git a/machines/earlgrey/default.nix b/machines/earlgrey/default.nix deleted file mode 100644 index 5cba399..0000000 --- a/machines/earlgrey/default.nix +++ /dev/null @@ -1,65 +0,0 @@ -{pkgs, ...}: let - username = "jolheiser"; -in { - imports = [./hardware.nix ../common/gui]; - - boot = { - kernelPackages = pkgs.linuxPackages_latest; - kernelParams = ["quiet" "splash"]; - loader.efi.canTouchEfiVariables = true; - loader.systemd-boot.enable = true; - initrd.systemd.enable = true; - }; - - hardware = {bluetooth.enable = true;}; - - networking = { - hostName = "earlgrey"; - networkmanager.enable = true; - firewall.enable = true; - }; - - services = { - blueman.enable = true; - pcscd.enable = true; - openssh = { - enable = true; - settings = {X11Forwarding = true;}; - }; - globalprotect.enable = true; - printing = { - enable = true; - drivers = [pkgs.hplip]; - }; - }; - - virtualisation.docker.enable = true; - - users.users."${username}" = { - extraGroups = ["wheel" "docker"]; - isNormalUser = true; - }; - - environment.systemPackages = with pkgs; [ - globalprotect-openconnect - jetbrains.pycharm-professional - jetbrains.idea-ultimate - jetbrains.datagrip - libxcrypt - py39.python39 - py39.python39Packages.virtualenv - py39.python39Packages.psycopg2 - py39.python39Packages.wheel - py39.python39Packages.setuptools - py39.python39Packages.pip - python3Packages.twine - subversion - teams-for-linux - xorg.xauth - - # Flake overlay - jolheiser.nur.prospect-mail - ]; - - system.stateVersion = "22.11"; -} diff --git a/machines/earlgrey/hardware.nix b/machines/earlgrey/hardware.nix deleted file mode 100644 index 956ce78..0000000 --- a/machines/earlgrey/hardware.nix +++ /dev/null @@ -1,44 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ - config, - lib, - modulesPath, - ... -}: { - imports = [ - (modulesPath + "/installer/scan/not-detected.nix") - ../common/cifs.nix - ]; - - boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "thunderbolt" "usb_storage" "sd_mod"]; - boot.initrd.kernelModules = []; - boot.kernelModules = ["kvm-amd"]; - boot.extraModulePackages = []; - - fileSystems."/" = { - device = "/dev/disk/by-uuid/e2274508-9989-4f6b-9bcf-a0d246f292f9"; - fsType = "ext4"; - }; - - boot.initrd.luks.devices."luks-1121cd25-7c4c-47ee-b04a-2cab0cd251ea".device = "/dev/disk/by-uuid/1121cd25-7c4c-47ee-b04a-2cab0cd251ea"; - - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/86CA-6DF6"; - fsType = "vfat"; - }; - - swapDevices = []; - - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.enp197s0f4u1u4.useDHCP = lib.mkDefault true; - # networking.interfaces.wlp1s0.useDHCP = lib.mkDefault true; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; -} diff --git a/machines/masala/default.nix b/machines/masala/default.nix deleted file mode 100644 index 71862f6..0000000 --- a/machines/masala/default.nix +++ /dev/null @@ -1,34 +0,0 @@ -{pkgs, ...}: let - username = "jolheiser"; -in { - imports = [../common/gui]; - - networking.hostName = "masala"; - - wsl = { - enable = true; - defaultUser = username; - startMenuLaunchers = true; - }; - - users.users."${username}" = { - extraGroups = ["wheel" "docker"]; - isNormalUser = true; - }; - - services.openssh.enable = true; - - environment.systemPackages = with pkgs; [ - libxcrypt - py39.python39 - py39.python39Packages.virtualenv - py39.python39Packages.psycopg2 - py39.python39Packages.wheel - py39.python39Packages.setuptools - py39.python39Packages.pip - python3Packages.twine - subversion - ]; - - system.stateVersion = "23.11"; -} diff --git a/secrets/personal/dex-tailscale.age b/secrets/personal/dex-tailscale.age index 1f45c0f..126c2e8 100644 --- a/secrets/personal/dex-tailscale.age +++ b/secrets/personal/dex-tailscale.age @@ -1,10 +1,8 @@ age-encryption.org/v1 --> ssh-ed25519 E8j6/g HFKa0iZ+3BjzgXcWImvZ8pDxqSXaU3ArmfUzHSDWUAc -LcyBupbwCAdyLLoDDpGSSUvTwVsl6dfWKsWuG58FKR4 --> ssh-ed25519 f31uNA en9whJKk3OymAdjK4t6cAK9ll1rOw0H+MFyJ459zNQk -GcTcl5Dv66eP85q5ckECROc9KlWLoL/q1BppeeMtnIA --> lDpUBe<-grease )|9 T3 [E/3N_c- -tONI1/ErGae8xx/kGH/5GGjQ1Wft/pWkmeql/hWYhkvHuaJiIZsHcNYdPa3QWdA9 -gajB9zwiEB9k ---- GVU3qkwpyhO1Lb+l/c9VNedBZir5u4TQwHESpMzWnv4 -2 2 #h]`C B,e44=\C Ne ~)6 \ No newline at end of file +-> ssh-ed25519 E8j6/g QWZGgeu5+89wRzWH31D1GdNuhrNyyKsKqv/b4Kkyn2s +3vYwTYDVOMyiNeE+NtNPyplmGiknjyTQvln2DRxUPg0 +-> ssh-ed25519 f31uNA NVB2C1IjxvB25uA+PdB9lmNgmPQ16wSRl8lS0Wp4Tzg +Fe7BCcnb+1HzJ43Iq+YtHCI/i2m7TT5xO1rZwb9yZ70 +--- 4Fmm3sQzE/funn3yI79REu1SVRzgUMQ1r8bUaNgVYZE +΍ +,F/~ŔTDِۨt`)9+xy~+ \ No newline at end of file diff --git a/secrets/personal/dex-tandoor.age b/secrets/personal/dex-tandoor.age index f93a15f..764061e 100644 --- a/secrets/personal/dex-tandoor.age +++ b/secrets/personal/dex-tandoor.age @@ -1,11 +1,7 @@ age-encryption.org/v1 --> ssh-ed25519 E8j6/g KP8adYt7yepYjV1WCWB2k37H11nZS0syTPO6PVucDQ4 -nd9usbx1lF7W2NoRyBmdU+TkYw42yPc5+YLHPvFgf1U --> ssh-ed25519 f31uNA 7VqN325Bduh25YchTA9x4fTSRd41a2YaVvDdLpwLpDQ -CqwaGdHTEgYBMAPu90iepQ49xYaWHG0FgstoW26nvx8 --> =8c+@%-grease w_5b {U1m1b74 pok2 2(-Tc:-s -rOOI5rguWr1j4qgZ2pU46+aeXkrO4nj98K5haK31Cxa8dpWpX9griaZZY2yK9t90 -gREWgA+FELyBNadX ---- UsjsNVNstM008feyUFwjzDmO99vtJLO6V2/LjjErUX8 -om-`w*q+G :?{܄ -IV Ne~+ \ No newline at end of file +-> ssh-ed25519 E8j6/g npvjWOaLtdQ8shF6rkXfUlXXf1MAe/pvPBPIPY9R1XY +gO6lr8kHN7fOQb5NXaybFqhghx5VqcK0LaHCVvlsdvs +-> ssh-ed25519 f31uNA qrbvpL4AuM1wPSR2Qc9VKSpO4Ho0WgpmOIThWvotBCQ +Q1oMS4SAxzqb1vQffM4dpsnlXP1M2fZ5nYYIpyB9uoA +--- ESb6mxdTZnHs053UowTuWZRn+W+QlOeVM8/kL1VWSgw + HDݭD֢wokGEJ-_up!!B \ No newline at end of file diff --git a/secrets/personal/dex-vikunja.age b/secrets/personal/dex-vikunja.age index f759582..fdcdfa1 100644 Binary files a/secrets/personal/dex-vikunja.age and b/secrets/personal/dex-vikunja.age differ diff --git a/secrets/personal/dex.age b/secrets/personal/dex.age index 72bd5e5..afde76e 100644 Binary files a/secrets/personal/dex.age and b/secrets/personal/dex.age differ diff --git a/secrets/personal/restic-env.age b/secrets/personal/restic-env.age index 52128ca..8ca40dc 100644 Binary files a/secrets/personal/restic-env.age and b/secrets/personal/restic-env.age differ diff --git a/secrets/personal/restic-pass.age b/secrets/personal/restic-pass.age index 50ed461..1a2664a 100644 --- a/secrets/personal/restic-pass.age +++ b/secrets/personal/restic-pass.age @@ -1,10 +1,7 @@ age-encryption.org/v1 --> ssh-ed25519 E8j6/g 8G6eRsnRs0V6UU0haRdsrDTdIPPkCs4Za28QPIggNDo -MUrKL5W5C+jp3Wf9YTqcTnPlDPd6K1ehOQpvistc9FA --> ssh-ed25519 f31uNA WbcuiNfaVxct1uZnMi9ZLcmNkTrcovcnrnRn4P1wHm8 -IWwi8uZjA5k0kr07/SlC1GOzV85XjvHJqeTzWX4CWA8 --> gnOdn-grease ]2DTmO^ N6 q=f%DXM -B0OfIBLLfNo30z1AqfUBNoH6WryEUdkTFEQDllC1wFX/gZrEcjBRHzR6Onmh9LUx -0VmEMsacAXgdQS4d4/zZNeeHc4Gm7AjfirsWUUD9aoc ---- 9IyFn99ehW6OUklLg5B+pZDoVCEEKu5/nXehgIlZlJ4 -"_"+10C͆pbPvfB tb4zP \ No newline at end of file +-> ssh-ed25519 E8j6/g c3mP+3muM3Nk+CR8X2GRdVDgc88Y5FHblV7EzxaYF08 +dVEE+rQ6Y7ki9Uyr+8B3xYRZtO9VeGWwFboasp5ycqg +-> ssh-ed25519 f31uNA Xq8QkBgX9mpIkenoJQCt+hyg/AVf/kwkVMJnOxqEARM +tkte19pOr+Lb2lk1BVQibsC8d8k38oKwllx6cySVtt0 +--- geKlgkUKw/FYhJNqGSZmXoTSTfRQR+dlz7fq5WzL7SU +l,ٗWL4VEb6Y8 \ No newline at end of file diff --git a/secrets/personal/restic-repo.age b/secrets/personal/restic-repo.age index 82a027c..08d2997 100644 --- a/secrets/personal/restic-repo.age +++ b/secrets/personal/restic-repo.age @@ -1,9 +1,7 @@ age-encryption.org/v1 --> ssh-ed25519 E8j6/g L2TQVwvaNnDgtoMP2klK3Pm1onPHkrUcVyDPeazf40E -m+2GyVEhMUpTjjr32XQ8yDHqYXH0RkcfgBDabJOhlvs --> ssh-ed25519 f31uNA pM1tWU+3vVjkA/ybV+iafuuddC0eC3LbXIA2igUleXg -FRsEBdFUufRg3VFvlUfb8BYlUVvwo30y3ran/2XnuEw --> L>E[-grease -TWtOWZjPPdrL ---- dZkRd6wFs9DH+TwVKovzP69fmHjnfFtqIITq0a5HaBg -{)}M}#kU sNv(c7oxFl靫n1k$R `E{O)YhIu-4n \ No newline at end of file +-> ssh-ed25519 E8j6/g vLXo/gyZOwGUJyLHIqcrpCmvLmbFpgrFHBRLmqzyiwg +ha7V1vSM3r5Y0PQyeNL01wqqvSuMOWfwbdZjJSMpzhk +-> ssh-ed25519 f31uNA NGUshv3FTRw4kARWfLgSqp2EbLvPnm638rKAULFLZlY +3owquk+she5gB+cjdpPYdIFlz+RtA25RbwxIGftD6BI +--- MZfK5Wquy6pyOWuQdRYa9y46X8lD1ndOeXqkImvIDpM +e7kUWsm7ߨ㗛Dd\(1ܪdj$$N^Јi.b*}(2$%B[5So1A徱+#c \ No newline at end of file diff --git a/secrets/secrets.nix b/secrets/secrets.nix index 1b7aeb0..c093580 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -3,24 +3,16 @@ let matcha = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILZxjkZLj/9xvmg1enK+B7k8qf6Px0j4kTZ2caQfYmB1"; genmaicha = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKhyzwMV0eoS8RSAcUvLkPhbXoR9/06cLoBmUVyb9DTw"; sencha = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJurjAMu4IXgpBwgUP0QvE2ySE5/Orn/yflkdWVvy6Am"; - chai = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA7PS9SJ+OVrUku9dPUQZigioy+r3VlFHVntsa/F7AdM"; - earlgrey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEJDcKxHqsnW9IMTfMQLPR2113acjm5Zi3IbZWfEDb7f"; - masala = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEDltwsOkqNsP0Gia32jzUUzohzMYpE9uSwxBqJoG2Vd"; dragonwell = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN32Cwxer2AOGvEqSqXSPp49gj1VtR7G2XmPnmXj6o53"; - all = [jolheiser matcha genmaicha sencha chai earlgrey masala dragonwell]; + all = [jolheiser matcha genmaicha sencha dragonwell]; in { "shared/cachix.age".publicKeys = all; "shared/ssh-config.age".publicKeys = all; - "shared/ssh-config-work.age".publicKeys = all; "shared/spotify.age".publicKeys = all; "shared/irc-pw.age".publicKeys = all; "shared/gist-pw.age".publicKeys = all; "shared/git-send-email.age".publicKeys = all; - "work/netrc.age".publicKeys = [jolheiser chai earlgrey masala]; - "work/pip.conf.age".publicKeys = [jolheiser chai earlgrey masala]; - "work/pypirc.age".publicKeys = [jolheiser chai earlgrey masala]; - "work/cifs.age".publicKeys = [jolheiser chai earlgrey masala]; "personal/restic-env.age".publicKeys = [jolheiser dragonwell]; "personal/restic-pass.age".publicKeys = [jolheiser dragonwell]; "personal/restic-repo.age".publicKeys = [jolheiser dragonwell]; diff --git a/secrets/shared/cachix.age b/secrets/shared/cachix.age index 36c7b49..d8429a8 100644 Binary files a/secrets/shared/cachix.age and b/secrets/shared/cachix.age differ diff --git a/secrets/shared/gist-pw.age b/secrets/shared/gist-pw.age index 33346f0..6e0eb99 100644 Binary files a/secrets/shared/gist-pw.age and b/secrets/shared/gist-pw.age differ diff --git a/secrets/shared/git-send-email.age b/secrets/shared/git-send-email.age index 65f9ad9..f51619e 100644 --- a/secrets/shared/git-send-email.age +++ b/secrets/shared/git-send-email.age @@ -1,22 +1,14 @@ age-encryption.org/v1 --> ssh-ed25519 E8j6/g ZO1sXWN09kkwwq7W1RacMU1i+pHnqJPn+0zzt8xOijo -zeB0CTfvqWBaAGBHsedgSjZInCazJy0Wls69gfnewus --> ssh-ed25519 xUMv2w qIl3oCXCQduMPUnIogNh/9LxvLsfNvAH5OsIjrYX+ik -vmE8/Ga6UE76RofNRV5Uh3DZNq3wLEg1GPWBfZcd1vk --> ssh-ed25519 ph+d2g hMZORq51DcIMrXZjY6CIhj8lmb7HvWX1Xl55PDJldHE -YAikbcYPeVb1kEntShgdBaeccMAvujw71NdWi4ylBPk --> ssh-ed25519 Cuo7gw YKT3pk32+aQaNHrY1hH7EOv1HHLCkDtepdUY3eiKfTc -9n9zV9bQ7DC+92IzAXXCDbt1UKBY5hOnCCUFcpYiTQ0 --> ssh-ed25519 jo1MPA 2E1eq46N5rgmmhs5V9TyuouaQA1bgBDzN+WdJf+1OWo -JMMQ7Y48hxT1KV3pI46NrCjoxYmv2xfnsCPbTZoQSQ8 --> ssh-ed25519 RqjBDA AplEizOgnn80y3EGlWMJok1r2tkCmU/k7LpcU4prV2M -8+Kca/RFDJKaFIMNcIQVhEWjIu9pUYxhxzlEO6CHIy8 --> ssh-ed25519 eyVEZQ 8U/whFLVQN+R+Qt2o7y2yFk3HVveVeVx7CTVCWPboSo -dRVEqe1GfoxOMluJInHTr1HEdB2FXPl18b0DH2/+A84 --> ssh-ed25519 f31uNA JraMdDnWdCJtejFZnwc8k1H5MSDTZwZnkalEaC/H5D8 -oG8m0brM3PM3rP3j/GBrOP0DcHcvE7KV1JDc4qLONMw --> UCv##pe-grease .wA {!|{5 `Q,{ HT?gn~ -/w ---- o/ktNNgWsYyUGm7tLLPOqHe081c8xO8xfFtMl9UcAIs -2.s^R(,7D0gW]}rtQSBFfc]h .8)䚚 u9>" ~ -™N=PKڈaX+ |7%{ҵ4 ssh-ed25519 E8j6/g EKCyCihc4z2NLVAiBRbZ1uH1FwPUAeGW68XhfXpJGF8 +GD7M0zuA9hChzMmk2JEv+QX3MKQJFJZiv51xtLr+gtQ +-> ssh-ed25519 xUMv2w bhsKkj43DxtvK3NaEZK65fBdS+xnc1DqiiE0PIUQTnI +RPe/s7Mp1d+Lw3bLJZb6BRYW/NiOEy2AYwFHaWo621s +-> ssh-ed25519 ph+d2g k8XRPSnnoGUSv9XwJuak/58OKkM5YU02z5gqqaTeHFc +HCavoYTWGtwpa4ks4lbmDXlUgMW/1UAJD11DDAIpUH8 +-> ssh-ed25519 Cuo7gw Jafczm8V39xIZY3nS9OMNLnVnTvbB1D/P1mK07FSiQc +2ifBGz9HTrXGEj8fsfVwlo+2p5vguPfHImpmDvlnNqs +-> ssh-ed25519 f31uNA XEICU4Q3ZffuH5qImvpmrtTZGkOxJKBVufMpkOoVZCI +9p23bQyXY3PPjNoGRiWeXRVrJ/RRqVXNvj+fTcGDxdw +--- /ZxBUSYTe77GXFvpEof5OoVmL9ranjJrtYYrJ2Ye5IM ++4?uMaK3l'|Gi@݈321Z~5Ȥz:h1P}2[ + a" eyb҅.ڄOH^u1G$)<[9R>Vr͝o҂p:E;~|ky`Yj܍&M( \ No newline at end of file diff --git a/secrets/shared/irc-pw.age b/secrets/shared/irc-pw.age index b19da76..d1d3c76 100644 Binary files a/secrets/shared/irc-pw.age and b/secrets/shared/irc-pw.age differ diff --git a/secrets/shared/spotify.age b/secrets/shared/spotify.age index 1e06b23..f798927 100644 Binary files a/secrets/shared/spotify.age and b/secrets/shared/spotify.age differ diff --git a/secrets/shared/ssh-config-work.age b/secrets/shared/ssh-config-work.age deleted file mode 100644 index 0642407..0000000 Binary files a/secrets/shared/ssh-config-work.age and /dev/null differ diff --git a/secrets/shared/ssh-config.age b/secrets/shared/ssh-config.age index 5e8bc36..6a0445b 100644 Binary files a/secrets/shared/ssh-config.age and b/secrets/shared/ssh-config.age differ diff --git a/secrets/work/cifs.age b/secrets/work/cifs.age deleted file mode 100644 index 1685bd9..0000000 --- a/secrets/work/cifs.age +++ /dev/null @@ -1,14 +0,0 @@ -age-encryption.org/v1 --> ssh-ed25519 E8j6/g KsxAe6APMEcXUPMbuRxbdnZOwI9RYZfGtcsjBa1Zw1w -PUD5yWZhyDKglSKqQI2naYyWghNHCAX1+6zFtFm3rbU --> ssh-ed25519 jo1MPA n/47VcYbxc8PXWp9ojHqndHZx9+lGX+ZYzyBn5johQ4 -VLlK88iztE78ZyAXctkxebOYQaIsR5YR2XAXTVTDfIg --> ssh-ed25519 RqjBDA QEBalTZhf7bYvjKup5rjIMdbzarQ/KxPPznCr1OGr1I -IQ82Z/0AlZkdTG3XUEiLEKJ9acUAp3LGRj9Xihf7oZg --> ssh-ed25519 eyVEZQ XIeYz+BBM3Xrjup2DtpcebrH2OA4EkhVgR097RCANS8 -NST1VSTdhHHbE1Jv4A/rMQ/X9hvEam+E/5iAjVpHDSo --> D[-grease q& k' OC(uVqZ 2 -PFO2wKgnpoqhBVE6w19l1puBQrZ+8p6ial3KyTAlL0Cp1S+zv2PXEdvtpOTEh8EN -F6qSPDT95Vw3ZSiPuxyiViYCM50frQ ---- KQLcya1WW6duDWve9dwU/0JWr2+0soL8EUDIEjUBaSE -cй1"ɭ=g: .+wb^AOd u"6\^o ,$X]q*[xE \ No newline at end of file diff --git a/secrets/work/netrc.age b/secrets/work/netrc.age deleted file mode 100644 index 9db4c57..0000000 --- a/secrets/work/netrc.age +++ /dev/null @@ -1,14 +0,0 @@ -age-encryption.org/v1 --> ssh-ed25519 E8j6/g XNekqB8IluL0bwSKawwWZLM9xPgDXXvFGFImXhxupic -+LBspn84xqRv9Jsa+H3gLJZNGWE9lsFhVcoUllIGtYI --> ssh-ed25519 jo1MPA PEcjnR7QhqcjARicpeMagvQMRX1Xhc4puGn07bmkMwE -0rIMuM1McW6lO9mt00krt3+OxpRv0+HXltHzkBBKP2A --> ssh-ed25519 RqjBDA bMrSJvi7XfsNdEbTM4Qz38xB1ydx10EEyXGThqqRUiQ -FJQwSRYGx7ZcuynYl7Rebb52EtDrdZP6sQIfB9pMfx0 --> ssh-ed25519 eyVEZQ zG+7GBK66PMEzhpuovR0sRPsTxW5RwRfQchmlZSTZXQ -4PeSJavY8qloTKkAxKeyj5CJ3V1T9ZHErIiKrIkFFMk --> h=Z`uj-grease kB `'Rp -wX/7XK6SQm9T ---- FHh1BPVtevPq9TPDYpMPf2Kr2qhToYzwlqFgc7mW3is -+sq{JV Yb̌% UI4/pA~ *MVsƝHRIWFj#ԩ+70+ -q|}Ua?!EKr581 [2ծtf/h27V6M߹8F<~ \ No newline at end of file diff --git a/secrets/work/pip.conf.age b/secrets/work/pip.conf.age deleted file mode 100644 index c7758d4..0000000 Binary files a/secrets/work/pip.conf.age and /dev/null differ diff --git a/secrets/work/pypirc.age b/secrets/work/pypirc.age deleted file mode 100644 index 67d3fc7..0000000 --- a/secrets/work/pypirc.age +++ /dev/null @@ -1,15 +0,0 @@ -age-encryption.org/v1 --> ssh-ed25519 E8j6/g CKfTTzFK5Pjb/DrVL7ulcrp62ti7ESLGWbBEol8ponQ -b4MRznI24V6rB+oUlM+B7Ke3h51fFr86GmxbMLcA/tE --> ssh-ed25519 jo1MPA iT7/rm3cLhdXlXNY/xOCyTtDDDrtzpk3a3pRaoDl5x8 -CNrJkpi7x+Cb74qzvZtQkChuCReBTN0SIzlfk8OwAkI --> ssh-ed25519 RqjBDA OafDrW17YQuLmKUckM4E8SKzt5PjFsXkxEq8EwtR7TQ -+G61h1ZNG6MC1sspSeMqQ4m0o+u/oAAZgHd03iy6IW4 --> ssh-ed25519 eyVEZQ /HBYk64o3PIfwcHXXcMpEhOIPbACk6g+Kv7lGlEAsUY -VjTaG1LJzdUVZuH9tAgPsMbbt+6etGXiGqrokZ18QdY --> lP10'%iD-grease 41plOv (&H]Y: 9\2_oD -expQamj2QeknWnGY ---- i6/+l0strfGNFzXHIPlOhfWgZFMRSnXZNjzauiXzEtc -24Oh kEE$4 4Mc&.dS9?K 9Vy^s\X0.˗wNkL+baݟQRś8BP]mV -VW~ܕgE|AbŲSk F+?wYUĤҮ9yKZt6OʏMsDˑB[ ->H4Wjxa Eߊ`T8b9 \ No newline at end of file