feat: agenix (ragenix)
feat: borgbackup chore: upgrade flake
This commit is contained in:
parent
172f5c1d32
commit
443b888462
127
flake.lock
127
flake.lock
|
@ -1,5 +1,50 @@
|
||||||
{
|
{
|
||||||
"nodes": {
|
"nodes": {
|
||||||
|
"agenix": {
|
||||||
|
"inputs": {
|
||||||
|
"agenix": "agenix_2",
|
||||||
|
"flake-utils": "flake-utils",
|
||||||
|
"nixpkgs": [
|
||||||
|
"nixpkgs"
|
||||||
|
],
|
||||||
|
"rust-overlay": "rust-overlay"
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1677625082,
|
||||||
|
"narHash": "sha256-62xmRPfjZgDn8AgEhb6eRoJrTxGeM8HfhfF+PkJokok=",
|
||||||
|
"owner": "yaxitech",
|
||||||
|
"repo": "ragenix",
|
||||||
|
"rev": "6f2dacf3d6af36228a8fad3b136990a6b6dfe30b",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "yaxitech",
|
||||||
|
"repo": "ragenix",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"agenix_2": {
|
||||||
|
"inputs": {
|
||||||
|
"darwin": "darwin",
|
||||||
|
"nixpkgs": [
|
||||||
|
"agenix",
|
||||||
|
"nixpkgs"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1677126346,
|
||||||
|
"narHash": "sha256-4s+PPGC1M07QsPyeye5drc2JLa1lhDnCV3XAsG8+pH4=",
|
||||||
|
"owner": "ryantm",
|
||||||
|
"repo": "agenix",
|
||||||
|
"rev": "c2a71c83c70844c5e31db69347e86af080bcdad0",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "ryantm",
|
||||||
|
"repo": "agenix",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"alejandra": {
|
"alejandra": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"fenix": "fenix",
|
"fenix": "fenix",
|
||||||
|
@ -57,6 +102,29 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"darwin": {
|
||||||
|
"inputs": {
|
||||||
|
"nixpkgs": [
|
||||||
|
"agenix",
|
||||||
|
"agenix",
|
||||||
|
"nixpkgs"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1673295039,
|
||||||
|
"narHash": "sha256-AsdYgE8/GPwcelGgrntlijMg4t3hLFJFCRF3tL5WVjA=",
|
||||||
|
"owner": "lnl7",
|
||||||
|
"repo": "nix-darwin",
|
||||||
|
"rev": "87b9d090ad39b25b2400029c64825fc2a8868943",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "lnl7",
|
||||||
|
"ref": "master",
|
||||||
|
"repo": "nix-darwin",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"devshell": {
|
"devshell": {
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
|
@ -148,6 +216,21 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"flake-utils": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1676283394,
|
||||||
|
"narHash": "sha256-XX2f9c3iySLCw54rJ/CZs+ZK6IQy7GXNY4nSOyu2QG4=",
|
||||||
|
"owner": "numtide",
|
||||||
|
"repo": "flake-utils",
|
||||||
|
"rev": "3db36a8b464d0c4532ba1c7dda728f4576d6d073",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "numtide",
|
||||||
|
"repo": "flake-utils",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"flake-utils-pre-commit": {
|
"flake-utils-pre-commit": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1644229661,
|
"lastModified": 1644229661,
|
||||||
|
@ -219,11 +302,11 @@
|
||||||
"utils": "utils"
|
"utils": "utils"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1675935446,
|
"lastModified": 1678729503,
|
||||||
"narHash": "sha256-WajulTn7QdwC7QuXRBavrANuIXE5z+08EdxdRw1qsNs=",
|
"narHash": "sha256-j+h4Bdqbe+qjzhxdhkRmVgSx2lxJ8HnKeYcAhhnd1zM=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "home-manager",
|
"repo": "home-manager",
|
||||||
"rev": "2dce7f1a55e785a22d61668516df62899278c9e4",
|
"rev": "24c1a6335e3da6a3ecf82f33ac50c2ad66aee346",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -265,11 +348,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs": {
|
"nixpkgs": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1676110339,
|
"lastModified": 1678654296,
|
||||||
"narHash": "sha256-kOS/L8OOL2odpCOM11IevfHxcUeE0vnZUQ74EOiwXcs=",
|
"narHash": "sha256-aVfw3ThpY7vkUeF1rFy10NAkpKDS2imj3IakrzT0Occ=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "e5530aba13caff5a4f41713f1265b754dc2abfd8",
|
"rev": "5a1dc8acd977ff3dccd1328b7c4a6995429a656b",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -359,6 +442,7 @@
|
||||||
},
|
},
|
||||||
"root": {
|
"root": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
|
"agenix": "agenix",
|
||||||
"home-manager": "home-manager",
|
"home-manager": "home-manager",
|
||||||
"nixpkgs": "nixpkgs",
|
"nixpkgs": "nixpkgs",
|
||||||
"webcord": "webcord"
|
"webcord": "webcord"
|
||||||
|
@ -381,13 +465,38 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"rust-overlay": {
|
||||||
|
"inputs": {
|
||||||
|
"flake-utils": [
|
||||||
|
"agenix",
|
||||||
|
"flake-utils"
|
||||||
|
],
|
||||||
|
"nixpkgs": [
|
||||||
|
"agenix",
|
||||||
|
"nixpkgs"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1676687290,
|
||||||
|
"narHash": "sha256-DP0CJ7qtUXf+mmMglJL1yANizzV1O4UfQ9NrKgy7O04=",
|
||||||
|
"owner": "oxalica",
|
||||||
|
"repo": "rust-overlay",
|
||||||
|
"rev": "bdccd5e973d45159f7d13f7c65a4271dc02cf6d4",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "oxalica",
|
||||||
|
"repo": "rust-overlay",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"utils": {
|
"utils": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1667395993,
|
"lastModified": 1676283394,
|
||||||
"narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
|
"narHash": "sha256-XX2f9c3iySLCw54rJ/CZs+ZK6IQy7GXNY4nSOyu2QG4=",
|
||||||
"owner": "numtide",
|
"owner": "numtide",
|
||||||
"repo": "flake-utils",
|
"repo": "flake-utils",
|
||||||
"rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f",
|
"rev": "3db36a8b464d0c4532ba1c7dda728f4576d6d073",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
|
@ -4,6 +4,11 @@
|
||||||
inputs = {
|
inputs = {
|
||||||
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
|
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
|
||||||
|
|
||||||
|
agenix = {
|
||||||
|
url = "github:yaxitech/ragenix";
|
||||||
|
inputs.nixpkgs.follows = "nixpkgs";
|
||||||
|
};
|
||||||
|
|
||||||
home-manager = {
|
home-manager = {
|
||||||
url = "github:nix-community/home-manager";
|
url = "github:nix-community/home-manager";
|
||||||
inputs.nixpkgs.follows = "nixpkgs";
|
inputs.nixpkgs.follows = "nixpkgs";
|
||||||
|
@ -12,7 +17,7 @@
|
||||||
webcord.url = "github:fufexan/webcord-flake";
|
webcord.url = "github:fufexan/webcord-flake";
|
||||||
};
|
};
|
||||||
|
|
||||||
outputs = { nixpkgs, home-manager, webcord, ... }@inputs: {
|
outputs = { nixpkgs, agenix, home-manager, webcord, ... }@inputs: {
|
||||||
# colmena
|
# colmena
|
||||||
colmena = {
|
colmena = {
|
||||||
meta = {
|
meta = {
|
||||||
|
@ -27,6 +32,7 @@
|
||||||
imports = [
|
imports = [
|
||||||
./hosts/${name}/configuration.nix
|
./hosts/${name}/configuration.nix
|
||||||
home-manager.nixosModules.home-manager
|
home-manager.nixosModules.home-manager
|
||||||
|
agenix.nixosModules.default
|
||||||
];
|
];
|
||||||
home-manager = {
|
home-manager = {
|
||||||
useGlobalPkgs = true;
|
useGlobalPkgs = true;
|
||||||
|
|
|
@ -154,6 +154,8 @@ in {
|
||||||
|
|
||||||
nixfmt
|
nixfmt
|
||||||
|
|
||||||
|
borgbackup
|
||||||
|
|
||||||
gnome.nautilus
|
gnome.nautilus
|
||||||
jmtpfs
|
jmtpfs
|
||||||
|
|
||||||
|
@ -658,6 +660,45 @@ in {
|
||||||
options = "--delete-older-than 30d";
|
options = "--delete-older-than 30d";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
age.secrets.borgbackup = {
|
||||||
|
file = "/home/laurent/infrastructure/secrets/borgbackup.age";
|
||||||
|
owner = "laurent";
|
||||||
|
group = "users";
|
||||||
|
};
|
||||||
|
age.identityPaths = [ "/home/laurent/.ssh/id_ed25519" ];
|
||||||
|
|
||||||
|
services.borgbackup.jobs.home = {
|
||||||
|
paths = "/home/laurent/";
|
||||||
|
repo = "/mnt/home_backup";
|
||||||
|
exclude = [
|
||||||
|
# Largest cache dirs
|
||||||
|
".cache"
|
||||||
|
".compose-cache"
|
||||||
|
"*/cache"
|
||||||
|
"*/cache2" # firefox
|
||||||
|
"*/Cache"
|
||||||
|
"*/Code Cache"
|
||||||
|
".config/Slack/logs"
|
||||||
|
".config/Code/CachedData"
|
||||||
|
".container-diff"
|
||||||
|
".npm/_cacache"
|
||||||
|
# Work related dirs
|
||||||
|
"*/node_modules"
|
||||||
|
"*/bower_components"
|
||||||
|
"*/build"
|
||||||
|
"*/_build"
|
||||||
|
"*/.tox"
|
||||||
|
"*/venv"
|
||||||
|
"*/.venv"
|
||||||
|
];
|
||||||
|
encryption = {
|
||||||
|
mode = "repokey";
|
||||||
|
passCommand = "cat ${config.age.secrets.borgbackup.path}";
|
||||||
|
};
|
||||||
|
compression = "auto,zstd";
|
||||||
|
startAt = [ ];
|
||||||
|
};
|
||||||
|
|
||||||
# This value determines the NixOS release from which the default
|
# This value determines the NixOS release from which the default
|
||||||
# settings for stateful data, like file locations and database versions
|
# settings for stateful data, like file locations and database versions
|
||||||
# on your system were taken. It‘s perfectly fine and recommended to leave
|
# on your system were taken. It‘s perfectly fine and recommended to leave
|
||||||
|
|
8
secrets/borgbackup.age
Normal file
8
secrets/borgbackup.age
Normal file
|
@ -0,0 +1,8 @@
|
||||||
|
age-encryption.org/v1
|
||||||
|
-> ssh-ed25519 kZEpWw OQ8zlnVzqIh3FSryVBmqKzPDOatKrzDSR1Zm3BGL60E
|
||||||
|
FtbNNvnoskcgLO4XIREMmV+HY1YNgmavSKCKiVpLtUw
|
||||||
|
-> ;MI-grease
|
||||||
|
ArHYI+eu0R2GQyabN2Mr8nHC4LBU0xNZSl0hljMagNBtUGlwsTHvRBzTSVm6kcak
|
||||||
|
c2Rbqz9/Zg
|
||||||
|
--- t1Xtn3Wg7yC30usQ+dSbwBlBcd0mMiWUeraj2HTZ9PQ
|
||||||
|
„±BÌ<EFBFBD>q«¤Kr‡Ž¤D±1ZßË6‘½x:IèáVàÿêúø÷¯ÀÃÕ˜)Ê\YÝtI(=ù˜†bÍ1JŸ¡QÀR”eVó}êÖv˜›fn(°U½|ÔiB>ýºAXÈ€v\X,²†¹&3OnleÞ4›îpá"ä-{ÁÞ;þ°®
|
4
secrets/secrets.nix
Normal file
4
secrets/secrets.nix
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
let
|
||||||
|
neodymium =
|
||||||
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINTvwXCT99s1EwOCeGQ28jyCAH/RBoLZza9k5I7wWdEu laurent@neodymium";
|
||||||
|
in { "borgbackup.age".publicKeys = [ neodymium ]; }
|
Loading…
Reference in a new issue