Compare commits
No commits in common. "13057ecc9cb1942492c130ef6f59bb8a548ee7c2" and "4a31208f50aebc91745060752a76ff6c92543b92" have entirely different histories.
13057ecc9c
...
4a31208f50
8
.vscode/extensions.json
vendored
Normal file
8
.vscode/extensions.json
vendored
Normal file
|
@ -0,0 +1,8 @@
|
|||
{
|
||||
"recommendations": [
|
||||
"editorconfig.editorconfig",
|
||||
"kamadorueda.alejandra",
|
||||
"jnoortheen.nix-ide",
|
||||
"mkhl.direnv",
|
||||
]
|
||||
}
|
13
.vscode/settings.json
vendored
Normal file
13
.vscode/settings.json
vendored
Normal file
|
@ -0,0 +1,13 @@
|
|||
{
|
||||
"files.exclude": {
|
||||
// defaults
|
||||
"**/.git": true,
|
||||
"**/.svn": true,
|
||||
"**/.hg": true,
|
||||
"**/CVS": true,
|
||||
"**/.DS_Store": true,
|
||||
"**/Thumbs.db": true,
|
||||
// extras
|
||||
"**/.direnv": true,
|
||||
}
|
||||
}
|
11
.vscode/tasks.json
vendored
Normal file
11
.vscode/tasks.json
vendored
Normal file
|
@ -0,0 +1,11 @@
|
|||
{
|
||||
"version": "2.0.0",
|
||||
"tasks": [
|
||||
{
|
||||
"label": "flake upgrade",
|
||||
"type": "shell",
|
||||
"command": "tmux new -s flake-update .vscode/upgrade.sh",
|
||||
"problemMatcher": []
|
||||
}
|
||||
]
|
||||
}
|
26
.vscode/upgrade.sh
vendored
Executable file
26
.vscode/upgrade.sh
vendored
Executable file
|
@ -0,0 +1,26 @@
|
|||
# error handler
|
||||
handle_error() {
|
||||
echo "Upgrade failed."
|
||||
read -p "Press Enter to exit..."
|
||||
exit 1
|
||||
}
|
||||
|
||||
# stop on error
|
||||
set -euxo pipefail
|
||||
|
||||
# trap any errors and call handle_error
|
||||
trap 'handle_error "$BASH_COMMAND"' ERR
|
||||
|
||||
# update lock file
|
||||
nix flake update
|
||||
|
||||
# update systems
|
||||
sudo nixos-rebuild switch -L --flake .#silicium
|
||||
nixos-rebuild switch -L --flake .#cesium --target-host cesium
|
||||
|
||||
# commit and push lock file
|
||||
git add flake.lock
|
||||
git commit -m "⬆️ nix flake update"
|
||||
git push
|
||||
|
||||
echo "Upgrade successful"
|
|
@ -1,6 +1,9 @@
|
|||
{
|
||||
description = "Laureηt's infrastructure";
|
||||
|
||||
# TODO: luks encrypt cesium (dropbear ?)
|
||||
# TODO: setup disko sur silicium
|
||||
|
||||
inputs = {
|
||||
# core stuff
|
||||
nixpkgs = {
|
||||
|
|
|
@ -2,6 +2,7 @@
|
|||
sign_key =
|
||||
{
|
||||
"aurum" = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIItSJTtS7tO0Wz/WgHAFb3xuNFZpm8SOvr/o8uR83zzy laurent@aurum";
|
||||
"silicium" = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINTvwXCT99s1EwOCeGQ28jyCAH/RBoLZza9k5I7wWdEu laurent@silicium";
|
||||
}
|
||||
."${osConfig.networking.hostName}";
|
||||
in {
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
{...}: {
|
||||
imports = [
|
||||
./greetd.nix
|
||||
./greetd
|
||||
];
|
||||
}
|
||||
|
|
|
@ -8,7 +8,7 @@
|
|||
boot.supportedFilesystems = ["ntfs"];
|
||||
boot.loader.efi.canTouchEfiVariables = true;
|
||||
|
||||
# TODO: replace by lanzaboot
|
||||
# tmp, will be replaced by lanzaboot
|
||||
boot.loader.systemd-boot.enable = true;
|
||||
|
||||
# clean /tmp at each boot
|
||||
|
@ -20,6 +20,10 @@
|
|||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||
|
||||
# imports = [
|
||||
# ./lanzaboot.nix
|
||||
# ];
|
||||
|
||||
boot.initrd.availableKernelModules = ["xhci_pci" "thunderbolt" "nvme" "usb_storage" "sd_mod"];
|
||||
boot.initrd.kernelModules = [""];
|
||||
boot.kernelModules = ["kvm-intel"];
|
|
@ -8,19 +8,17 @@
|
|||
system.stateVersion = "24.05"; # Did you read the comment?
|
||||
|
||||
imports = [
|
||||
./audio.nix
|
||||
./boot.nix
|
||||
# ./disko.nix
|
||||
./docker.nix
|
||||
./fonts.nix
|
||||
./hardware.nix
|
||||
./i18n.nix
|
||||
# ./impermanence.nix
|
||||
# ./lanzaboot.nix
|
||||
./networking.nix
|
||||
./nix.nix
|
||||
./partitions.nix
|
||||
./security.nix
|
||||
./users.nix
|
||||
./audio
|
||||
./boot
|
||||
# ./disko
|
||||
./docker
|
||||
./fonts
|
||||
./hardware
|
||||
./i18n
|
||||
# ./impermanence
|
||||
./networking
|
||||
./nix
|
||||
./security
|
||||
./users
|
||||
];
|
||||
}
|
||||
|
|
|
@ -20,6 +20,10 @@
|
|||
# backlight intensity
|
||||
programs.light.enable = true;
|
||||
|
||||
imports = [
|
||||
./partitions.nix
|
||||
];
|
||||
|
||||
# webcam
|
||||
# hardware.firmware = [
|
||||
# pkgs.ivsc-firmware
|
|
@ -12,7 +12,7 @@
|
|||
files = [
|
||||
"/etc/machine-id"
|
||||
];
|
||||
# TODO: move this into home config
|
||||
# TODO: move this into home config, when silicium has impermanence too
|
||||
users.laurent = {
|
||||
directories = [
|
||||
"Documents"
|
|
@ -1,7 +1,7 @@
|
|||
{...}: {
|
||||
users.mutableUsers = false;
|
||||
users.users.root.openssh.authorizedKeys.keys = [
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINTvwXCT99s1EwOCeGQ28jyCAH/RBoLZza9k5I7wWdEu laurent@silicium" # TODO: remove this
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINTvwXCT99s1EwOCeGQ28jyCAH/RBoLZza9k5I7wWdEu laurent@silicium"
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIItSJTtS7tO0Wz/WgHAFb3xuNFZpm8SOvr/o8uR83zzy laurent@aurum"
|
||||
];
|
||||
}
|
||||
|
|
|
@ -14,6 +14,25 @@ in {
|
|||
# desktop would be neon
|
||||
# smartphone would be lithium
|
||||
|
||||
# personal laptop
|
||||
silicium = nixpkgs.lib.nixosSystem {
|
||||
system = "x86_64-linux";
|
||||
specialArgs = {
|
||||
inherit inputs;
|
||||
};
|
||||
modules = [
|
||||
./silicium
|
||||
inputs.home-manager.nixosModules.home-manager
|
||||
inputs.agenix.nixosModules.default
|
||||
inputs.lanzaboote.nixosModules.lanzaboote
|
||||
inputs.nixos-hardware.nixosModules.common-cpu-amd
|
||||
inputs.nixos-hardware.nixosModules.common-gpu-nvidia-disable
|
||||
inputs.nixos-hardware.nixosModules.common-pc-laptop
|
||||
inputs.nixos-hardware.nixosModules.common-pc-laptop-ssd
|
||||
{inherit home-manager;}
|
||||
];
|
||||
};
|
||||
|
||||
# work laptop
|
||||
aurum = nixpkgs.lib.nixosSystem {
|
||||
system = "x86_64-linux";
|
||||
|
|
30
hosts/silicium/default.nix
Normal file
30
hosts/silicium/default.nix
Normal file
|
@ -0,0 +1,30 @@
|
|||
{pkgs, ...}: {
|
||||
imports = [
|
||||
./system
|
||||
./services
|
||||
];
|
||||
|
||||
# shorter timeout for systemd services
|
||||
systemd.extraConfig = ''
|
||||
DefaultTimeoutStopSec=10s
|
||||
'';
|
||||
|
||||
services.dbus.enable = true;
|
||||
xdg.portal = {
|
||||
enable = true;
|
||||
wlr.enable = true;
|
||||
|
||||
config = {
|
||||
common.default = ["wlr" "gtk"];
|
||||
hyprland.default = ["hyprland"];
|
||||
};
|
||||
extraPortals = [
|
||||
pkgs.xdg-desktop-portal-gtk
|
||||
pkgs.xdg-desktop-portal-wlr
|
||||
pkgs.xdg-desktop-portal-hyprland
|
||||
];
|
||||
};
|
||||
|
||||
# enable gnome virtual file system
|
||||
services.gvfs.enable = true;
|
||||
}
|
46
hosts/silicium/services/borgbackup/default.nix
Normal file
46
hosts/silicium/services/borgbackup/default.nix
Normal file
|
@ -0,0 +1,46 @@
|
|||
{config, ...}: {
|
||||
services.borgbackup.jobs.home = {
|
||||
paths = "/home/laurent/";
|
||||
repo = "/mnt/home_backup";
|
||||
exclude = [
|
||||
# Largest cache dirs
|
||||
".cache"
|
||||
".compose-cache"
|
||||
"*/cache"
|
||||
"*/cache2" # firefox
|
||||
"*/Cache"
|
||||
"*/Code Cache"
|
||||
"*/blob_storage"
|
||||
".config/Slack/logs"
|
||||
".config/Code/CachedData"
|
||||
".container-diff"
|
||||
".npm/_cacache"
|
||||
# Work related dirs
|
||||
"*/node_modules"
|
||||
"*/bower_components"
|
||||
"*/build"
|
||||
"*/_build"
|
||||
"*/.tox"
|
||||
"*/venv"
|
||||
"*/.venv"
|
||||
"*/.direnv"
|
||||
];
|
||||
encryption = {
|
||||
mode = "repokey";
|
||||
passCommand = "cat ${config.age.secrets.borgbackup.path}";
|
||||
};
|
||||
compression = "auto,zstd";
|
||||
startAt = [];
|
||||
};
|
||||
services.borgbackup.jobs.keepass = {
|
||||
paths = "/home/laurent/Documents/db_mdp.kdbx";
|
||||
repo = "ssh://root@fainsin.bzh:624/srv/backup/keepass";
|
||||
user = "laurent";
|
||||
encryption = {
|
||||
mode = "repokey";
|
||||
passCommand = "cat ${config.age.secrets.borgbackup.path}";
|
||||
};
|
||||
compression = "auto,zstd";
|
||||
startAt = "12:00";
|
||||
};
|
||||
}
|
6
hosts/silicium/services/default.nix
Normal file
6
hosts/silicium/services/default.nix
Normal file
|
@ -0,0 +1,6 @@
|
|||
{...}: {
|
||||
imports = [
|
||||
./borgbackup
|
||||
./greetd
|
||||
];
|
||||
}
|
12
hosts/silicium/services/greetd/default.nix
Normal file
12
hosts/silicium/services/greetd/default.nix
Normal file
|
@ -0,0 +1,12 @@
|
|||
{pkgs, ...}: {
|
||||
services.greetd = {
|
||||
enable = true;
|
||||
|
||||
settings = {
|
||||
default_session = {
|
||||
command = "${pkgs.greetd.tuigreet}/bin/tuigreet --time --cmd ${pkgs.hyprland}/bin/Hyprland";
|
||||
user = "greeter";
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
7
hosts/silicium/system/adb/default.nix
Normal file
7
hosts/silicium/system/adb/default.nix
Normal file
|
@ -0,0 +1,7 @@
|
|||
{pkgs, ...}: {
|
||||
# udev rules
|
||||
services.udev.packages = [pkgs.android-udev-rules];
|
||||
|
||||
# adb users
|
||||
users.users.laurent.extraGroups = ["adbusers"];
|
||||
}
|
8
hosts/silicium/system/age/default.nix
Normal file
8
hosts/silicium/system/age/default.nix
Normal file
|
@ -0,0 +1,8 @@
|
|||
{...}: {
|
||||
age.secrets.borgbackup = {
|
||||
file = ../../../../secrets/borgbackup.age;
|
||||
owner = "laurent";
|
||||
group = "users";
|
||||
};
|
||||
age.identityPaths = ["/home/laurent/.ssh/id_ed25519"];
|
||||
}
|
7
hosts/silicium/system/audio/default.nix
Normal file
7
hosts/silicium/system/audio/default.nix
Normal file
|
@ -0,0 +1,7 @@
|
|||
{...}: {
|
||||
services.pipewire = {
|
||||
enable = true;
|
||||
alsa.enable = true;
|
||||
pulse.enable = true;
|
||||
};
|
||||
}
|
24
hosts/silicium/system/boot/default.nix
Normal file
24
hosts/silicium/system/boot/default.nix
Normal file
|
@ -0,0 +1,24 @@
|
|||
{
|
||||
pkgs,
|
||||
config,
|
||||
...
|
||||
}: {
|
||||
# support for mounting windaube partitions
|
||||
boot.supportedFilesystems = ["ntfs"];
|
||||
boot.loader.efi.canTouchEfiVariables = true;
|
||||
|
||||
# clean /tmp at each boot
|
||||
boot.tmp.cleanOnBoot = true;
|
||||
|
||||
# use latest kernel
|
||||
boot.kernelPackages = pkgs.linuxPackages_latest;
|
||||
|
||||
imports = [
|
||||
./lanzaboot.nix
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod"];
|
||||
boot.initrd.kernelModules = [];
|
||||
boot.kernelModules = ["kvm-amd" "v4l2loopback"];
|
||||
boot.extraModulePackages = with config.boot.kernelPackages; [v4l2loopback];
|
||||
}
|
16
hosts/silicium/system/boot/lanzaboot.nix
Normal file
16
hosts/silicium/system/boot/lanzaboot.nix
Normal file
|
@ -0,0 +1,16 @@
|
|||
{lib, ...}: {
|
||||
# This should already be here from switching to bootspec earlier.
|
||||
# It's not required anymore, but also doesn't do any harm.
|
||||
boot.bootspec.enable = true;
|
||||
|
||||
# Lanzaboote currently replaces the systemd-boot module.
|
||||
# This setting is usually set to true in configuration.nix
|
||||
# generated at installation time. So we force it to false
|
||||
# for now.
|
||||
boot.loader.systemd-boot.enable = lib.mkForce false;
|
||||
|
||||
boot.lanzaboote = {
|
||||
enable = true;
|
||||
pkiBundle = "/etc/secureboot";
|
||||
};
|
||||
}
|
24
hosts/silicium/system/default.nix
Normal file
24
hosts/silicium/system/default.nix
Normal file
|
@ -0,0 +1,24 @@
|
|||
{...}: {
|
||||
# This value determines the NixOS release from which the default
|
||||
# settings for stateful data, like file locations and database versions
|
||||
# on your system were taken. It‘s perfectly fine and recommended to leave
|
||||
# this value at the release version of the first install of this system.
|
||||
# Before changing this value read the documentation for this option
|
||||
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||||
system.stateVersion = "24.05"; # Did you read the comment?
|
||||
|
||||
imports = [
|
||||
./adb
|
||||
./age
|
||||
./audio
|
||||
./boot
|
||||
./docker
|
||||
./fonts
|
||||
./hardware
|
||||
./i18n
|
||||
./networking
|
||||
./nix
|
||||
./security
|
||||
./users
|
||||
];
|
||||
}
|
12
hosts/silicium/system/docker/default.nix
Normal file
12
hosts/silicium/system/docker/default.nix
Normal file
|
@ -0,0 +1,12 @@
|
|||
{...}: {
|
||||
virtualisation.docker = {
|
||||
enable = true;
|
||||
|
||||
storageDriver = "btrfs";
|
||||
enableOnBoot = false;
|
||||
autoPrune.enable = true;
|
||||
};
|
||||
|
||||
# docker users
|
||||
users.users.laurent.extraGroups = ["docker"];
|
||||
}
|
16
hosts/silicium/system/fonts/default.nix
Normal file
16
hosts/silicium/system/fonts/default.nix
Normal file
|
@ -0,0 +1,16 @@
|
|||
{pkgs, ...}: {
|
||||
fonts.packages = with pkgs; [
|
||||
# https://notofonts.github.io/
|
||||
noto-fonts # standard characters
|
||||
noto-fonts-lgc-plus # latin, greek, and cyrillic
|
||||
noto-fonts-cjk # chinese, japanese, and korean
|
||||
noto-fonts-emoji # emojis 🐢
|
||||
|
||||
# https://github.com/tonsky/FiraCode
|
||||
fira-code # standard characters
|
||||
fira-code-symbols # unicode ligature glyphs
|
||||
|
||||
# https://github.com/ryanoasis/nerd-fonts
|
||||
(nerdfonts.override {fonts = ["FiraCode"];})
|
||||
];
|
||||
}
|
33
hosts/silicium/system/hardware/default.nix
Normal file
33
hosts/silicium/system/hardware/default.nix
Normal file
|
@ -0,0 +1,33 @@
|
|||
{...}: {
|
||||
# hardware
|
||||
hardware = {
|
||||
enableRedistributableFirmware = true;
|
||||
graphics.enable = true;
|
||||
};
|
||||
|
||||
# logind configuration
|
||||
services.logind = {
|
||||
lidSwitch = "ignore";
|
||||
extraConfig = ''
|
||||
HandlePowerKey=suspend
|
||||
'';
|
||||
};
|
||||
|
||||
# tlp, power management
|
||||
services.tlp.enable = true;
|
||||
|
||||
# thermald, controls temperature
|
||||
services.thermald.enable = true;
|
||||
|
||||
# bluetooth
|
||||
hardware.bluetooth.enable = true;
|
||||
services.blueman.enable = true;
|
||||
|
||||
# backlight intensity
|
||||
programs.light.enable = true;
|
||||
|
||||
# partitions and filesystems
|
||||
imports = [
|
||||
./partitions.nix
|
||||
];
|
||||
}
|
24
hosts/silicium/system/hardware/partitions.nix
Normal file
24
hosts/silicium/system/hardware/partitions.nix
Normal file
|
@ -0,0 +1,24 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
...
|
||||
}: {
|
||||
fileSystems."/" = {
|
||||
device = "/dev/disk/by-uuid/b0ea5f1f-104f-4026-840a-4d46f3e827d1";
|
||||
fsType = "btrfs";
|
||||
options = ["subvol=nixos"];
|
||||
};
|
||||
|
||||
boot.initrd.luks.devices."nixenc".device = "/dev/disk/by-uuid/93d0b0d8-b586-48cf-acc2-025fba1eaadb";
|
||||
|
||||
fileSystems."/boot" = {
|
||||
device = "/dev/disk/by-uuid/6D10-BBAF";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
swapDevices = [];
|
||||
|
||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||
hardware.cpu.amd.updateMicrocode =
|
||||
lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||
}
|
10
hosts/silicium/system/i18n/default.nix
Normal file
10
hosts/silicium/system/i18n/default.nix
Normal file
|
@ -0,0 +1,10 @@
|
|||
{...}: {
|
||||
# FRANCE 🇫🇷 🥖 🥐
|
||||
time.timeZone = "Europe/Paris";
|
||||
|
||||
# azerty keyboard
|
||||
console.keyMap = "fr";
|
||||
|
||||
# english ISO metric system
|
||||
i18n.defaultLocale = "en_DK.UTF-8";
|
||||
}
|
18
hosts/silicium/system/networking/default.nix
Normal file
18
hosts/silicium/system/networking/default.nix
Normal file
|
@ -0,0 +1,18 @@
|
|||
{...}: {
|
||||
networking = {
|
||||
# the name of the machine
|
||||
hostName = "silicium";
|
||||
|
||||
# domain name servers, use clouflare family
|
||||
nameservers = ["1.1.1.2" "1.0.0.2"];
|
||||
|
||||
# use networkManager, see nmcli
|
||||
networkmanager.enable = true;
|
||||
|
||||
# firewall
|
||||
firewall.enable = true;
|
||||
|
||||
# https://github.com/StevenBlack/hosts
|
||||
stevenblack.enable = true;
|
||||
};
|
||||
}
|
47
hosts/silicium/system/nix/default.nix
Normal file
47
hosts/silicium/system/nix/default.nix
Normal file
|
@ -0,0 +1,47 @@
|
|||
{
|
||||
lib,
|
||||
pkgs,
|
||||
inputs,
|
||||
...
|
||||
}: {
|
||||
# restrict nix command to sudoers
|
||||
nix.settings.allowed-users = ["root" "@wheel"];
|
||||
nix.settings.trusted-users = ["root" "@wheel"];
|
||||
|
||||
# experimental features
|
||||
nix.settings.experimental-features = ["nix-command" "flakes"];
|
||||
|
||||
# limit number of cores when building
|
||||
nix.settings.max-jobs = 6;
|
||||
|
||||
# optimizations
|
||||
nix.settings.auto-optimise-store = true;
|
||||
nix.optimise = {
|
||||
automatic = true;
|
||||
dates = ["12:00"];
|
||||
};
|
||||
|
||||
# garbage collection
|
||||
nix.gc = {
|
||||
automatic = true;
|
||||
dates = "12:00";
|
||||
options = "--delete-older-than 30d";
|
||||
};
|
||||
|
||||
# pin nixpkgs registry
|
||||
nix.registry.nixpkgs.flake = inputs.nixpkgs;
|
||||
|
||||
# list of allowed unfree packages
|
||||
nixpkgs.config.allowUnfreePredicate = pkg:
|
||||
builtins.elem (lib.getName pkg) [
|
||||
"vscode"
|
||||
"vscode-extension-github-copilot"
|
||||
"vscode-extension-github-copilot-chat"
|
||||
];
|
||||
|
||||
# print diff between two generations
|
||||
system.activationScripts.nvd-report-changes = ''
|
||||
PATH=$PATH:${lib.makeBinPath [pkgs.nvd pkgs.nix]}
|
||||
nvd diff $(ls -dv /nix/var/nix/profiles/system-*-link | tail -2)
|
||||
'';
|
||||
}
|
17
hosts/silicium/system/security/default.nix
Normal file
17
hosts/silicium/system/security/default.nix
Normal file
|
@ -0,0 +1,17 @@
|
|||
{pkgs, ...}: {
|
||||
# enable polkit
|
||||
security.polkit.enable = true;
|
||||
|
||||
# enable gpg agent
|
||||
programs.gnupg.agent = {
|
||||
enable = true;
|
||||
enableSSHSupport = true;
|
||||
pinentryPackage = pkgs.pinentry-gnome3;
|
||||
};
|
||||
|
||||
# secrets keyring
|
||||
services.gnome.gnome-keyring.enable = true;
|
||||
|
||||
# allow swaylock to use pam
|
||||
security.pam.services.swaylock = {};
|
||||
}
|
13
hosts/silicium/system/users/default.nix
Normal file
13
hosts/silicium/system/users/default.nix
Normal file
|
@ -0,0 +1,13 @@
|
|||
{...}: {
|
||||
# disable user creation/deletion
|
||||
users.mutableUsers = false;
|
||||
|
||||
# configure users
|
||||
users = {
|
||||
users.laurent = {
|
||||
isNormalUser = true;
|
||||
initialPassword = "laurent";
|
||||
extraGroups = ["wheel" "video"];
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,5 +1,5 @@
|
|||
let
|
||||
silicium = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINTvwXCT99s1EwOCeGQ28jyCAH/RBoLZza9k5I7wWdEu laurent@silicium"; # TODO: remove this
|
||||
silicium = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINTvwXCT99s1EwOCeGQ28jyCAH/RBoLZza9k5I7wWdEu laurent@silicium";
|
||||
cesium = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDVxpWbNJl+OXe6YImMpsJprfuTd+9UJVTiteiuyx6oP root@cesium";
|
||||
in {
|
||||
"borgbackup.age".publicKeys = [silicium];
|
||||
|
|
Loading…
Reference in a new issue