Laurent/infrastructure
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Compare commits

base: Laurent:d1f4ec51f099abac628d0a6a42cc9904ffb56912
Branches Tags
Laurent:master
...
compare: Laurent:511d2c337799ad723a465489ed35444c0c577be7
Branches Tags
Laurent:master

6 commits
d1f4ec51f0 ... 511d2c3377

Author SHA1 Message Date
Laureηt 511d2c3377
feat: install atuin 2023-03-14 14:16:25 +01:00
Laureηt d7ca5df76c
feat: set WORDCHARS variable to split words by "/" 2023-03-14 14:16:17 +01:00
Laureηt 3f56d32cc7
style: change exa aliases 2023-03-14 14:15:29 +01:00
Laureηt 443b888462
feat: agenix (ragenix) 
feat: borgbackup
chore: upgrade flake
 2023-03-14 14:12:21 +01:00
Laureηt 172f5c1d32
feat: install nautilus + mouting virtual filesystems through nautilus 2023-03-14 14:11:04 +01:00
Laureηt 74d6bcf111
feat: enable docker 2023-03-14 14:10:09 +01:00
5 changed files with 200 additions and 13 deletions
Show stats Expand all files Collapse all files

127
flake.lock
View file

@ -1,5 +1,50 @@
{ {
"nodes": { "nodes": {
"agenix": {
"inputs": {
"agenix": "agenix_2",
"flake-utils": "flake-utils",
"nixpkgs": [
"nixpkgs"
],
"rust-overlay": "rust-overlay"
},
"locked": {
"lastModified": 1677625082,
"narHash": "sha256-62xmRPfjZgDn8AgEhb6eRoJrTxGeM8HfhfF+PkJokok=",
"owner": "yaxitech",
"repo": "ragenix",
"rev": "6f2dacf3d6af36228a8fad3b136990a6b6dfe30b",
"type": "github"
},
"original": {
"owner": "yaxitech",
"repo": "ragenix",
"type": "github"
}
},
"agenix_2": {
"inputs": {
"darwin": "darwin",
"nixpkgs": [
"agenix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1677126346,
"narHash": "sha256-4s+PPGC1M07QsPyeye5drc2JLa1lhDnCV3XAsG8+pH4=",
"owner": "ryantm",
"repo": "agenix",
"rev": "c2a71c83c70844c5e31db69347e86af080bcdad0",
"type": "github"
},
"original": {
"owner": "ryantm",
"repo": "agenix",
"type": "github"
}
},
"alejandra": { "alejandra": {
"inputs": { "inputs": {
"fenix": "fenix", "fenix": "fenix",
@ -57,6 +102,29 @@
"type": "github" "type": "github"
} }
}, },
"darwin": {
"inputs": {
"nixpkgs": [
"agenix",
"agenix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1673295039,
"narHash": "sha256-AsdYgE8/GPwcelGgrntlijMg4t3hLFJFCRF3tL5WVjA=",
"owner": "lnl7",
"repo": "nix-darwin",
"rev": "87b9d090ad39b25b2400029c64825fc2a8868943",
"type": "github"
},
"original": {
"owner": "lnl7",
"ref": "master",
"repo": "nix-darwin",
"type": "github"
}
},
"devshell": { "devshell": {
"flake": false, "flake": false,
"locked": { "locked": {
@ -148,6 +216,21 @@
"type": "github" "type": "github"
} }
}, },
"flake-utils": {
"locked": {
"lastModified": 1676283394,
"narHash": "sha256-XX2f9c3iySLCw54rJ/CZs+ZK6IQy7GXNY4nSOyu2QG4=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "3db36a8b464d0c4532ba1c7dda728f4576d6d073",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils-pre-commit": { "flake-utils-pre-commit": {
"locked": { "locked": {
"lastModified": 1644229661, "lastModified": 1644229661,
@ -219,11 +302,11 @@
"utils": "utils" "utils": "utils"
}, },
"locked": { "locked": {
"lastModified": 1675935446, "lastModified": 1678729503,
"narHash": "sha256-WajulTn7QdwC7QuXRBavrANuIXE5z+08EdxdRw1qsNs=", "narHash": "sha256-j+h4Bdqbe+qjzhxdhkRmVgSx2lxJ8HnKeYcAhhnd1zM=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "2dce7f1a55e785a22d61668516df62899278c9e4", "rev": "24c1a6335e3da6a3ecf82f33ac50c2ad66aee346",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -265,11 +348,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1676110339, "lastModified": 1678654296,
"narHash": "sha256-kOS/L8OOL2odpCOM11IevfHxcUeE0vnZUQ74EOiwXcs=", "narHash": "sha256-aVfw3ThpY7vkUeF1rFy10NAkpKDS2imj3IakrzT0Occ=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "e5530aba13caff5a4f41713f1265b754dc2abfd8", "rev": "5a1dc8acd977ff3dccd1328b7c4a6995429a656b",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -359,6 +442,7 @@
}, },
"root": { "root": {
"inputs": { "inputs": {
"agenix": "agenix",
"home-manager": "home-manager", "home-manager": "home-manager",
"nixpkgs": "nixpkgs", "nixpkgs": "nixpkgs",
"webcord": "webcord" "webcord": "webcord"
@ -381,13 +465,38 @@
"type": "github" "type": "github"
} }
}, },
"rust-overlay": {
"inputs": {
"flake-utils": [
"agenix",
"flake-utils"
],
"nixpkgs": [
"agenix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1676687290,
"narHash": "sha256-DP0CJ7qtUXf+mmMglJL1yANizzV1O4UfQ9NrKgy7O04=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "bdccd5e973d45159f7d13f7c65a4271dc02cf6d4",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"type": "github"
}
},
"utils": { "utils": {
"locked": { "locked": {
"lastModified": 1667395993, "lastModified": 1676283394,
"narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", "narHash": "sha256-XX2f9c3iySLCw54rJ/CZs+ZK6IQy7GXNY4nSOyu2QG4=",
"owner": "numtide", "owner": "numtide",
"repo": "flake-utils", "repo": "flake-utils",
"rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", "rev": "3db36a8b464d0c4532ba1c7dda728f4576d6d073",
"type": "github" "type": "github"
}, },
"original": { "original": {

8
flake.nix
View file

@ -4,6 +4,11 @@
inputs = { inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
agenix = {
url = "github:yaxitech/ragenix";
inputs.nixpkgs.follows = "nixpkgs";
};
home-manager = { home-manager = {
url = "github:nix-community/home-manager"; url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
@ -12,7 +17,7 @@
webcord.url = "github:fufexan/webcord-flake"; webcord.url = "github:fufexan/webcord-flake";
}; };
outputs = { nixpkgs, home-manager, webcord, ... }@inputs: { outputs = { nixpkgs, agenix, home-manager, webcord, ... }@inputs: {
# colmena # colmena
colmena = { colmena = {
meta = { meta = {
@ -27,6 +32,7 @@
imports = [ imports = [
./hosts/${name}/configuration.nix ./hosts/${name}/configuration.nix
home-manager.nixosModules.home-manager home-manager.nixosModules.home-manager
agenix.nixosModules.default
]; ];
home-manager = { home-manager = {
useGlobalPkgs = true; useGlobalPkgs = true;

66
hosts/neodymium/configuration.nix
View file

@ -124,7 +124,7 @@ in {
users.users.laurent = { users.users.laurent = {
isNormalUser = true; isNormalUser = true;
initialPassword = "laurent"; initialPassword = "laurent";
extraGroups = [ "wheel" "video" ]; extraGroups = [ "wheel" "video" "docker" ];
shell = pkgs.zsh; shell = pkgs.zsh;
}; };
home-manager.users.laurent = { home-manager.users.laurent = {
@ -154,6 +154,13 @@ in {
nixfmt nixfmt
borgbackup
atuin
gnome.nautilus
jmtpfs
mpv mpv
feh feh
keepassxc keepassxc
@ -199,6 +206,7 @@ in {
MANPAGER = "nvim +Man!"; MANPAGER = "nvim +Man!";
VISUAL = "nvim"; VISUAL = "nvim";
EDITOR = "nvim"; EDITOR = "nvim";
WORDCHARS = "*?_-.[]~=&;!#$%^(){}<>";
}; };
# shellAliases = { # shellAliases = {
# cat = "bat"; # cat = "bat";
@ -223,6 +231,7 @@ in {
bindkey '^H' backward-kill-word bindkey '^H' backward-kill-word
bindkey '5~' kill-word bindkey '5~' kill-word
eval "$(direnv hook zsh)" eval "$(direnv hook zsh)"
eval "$(atuin init zsh)"
''; '';
plugins = [ plugins = [
{ {
@ -287,8 +296,9 @@ in {
programs.exa = { enable = true; }; programs.exa = { enable = true; };
programs.zsh.shellAliases = { programs.zsh.shellAliases = {
l = "exa -l -h -g --icons --git --time-style=long-iso"; l =
ll = "exa -l -h -g --icons --grid --git --time-style=long-iso -a"; "exa -lahg --icons --git --time-style=long-iso --group-directories-first --color=always";
ll = "l --grid";
}; };
programs.alacritty = { programs.alacritty = {
@ -621,6 +631,17 @@ in {
}; };
}; };
# enable docker
virtualisation.docker = {
enable = true;
storageDriver = "btrfs";
enableOnBoot = false;
autoPrune.enable = true;
};
# enable gnome virtual file system
services.gvfs.enable = true;
# enable ssh agent # enable ssh agent
programs.ssh.startAgent = true; programs.ssh.startAgent = true;
@ -644,6 +665,45 @@ in {
options = "--delete-older-than 30d"; options = "--delete-older-than 30d";
}; };
age.secrets.borgbackup = {
file = "/home/laurent/infrastructure/secrets/borgbackup.age";
owner = "laurent";
group = "users";
};
age.identityPaths = [ "/home/laurent/.ssh/id_ed25519" ];
services.borgbackup.jobs.home = {
paths = "/home/laurent/";
repo = "/mnt/home_backup";
exclude = [
# Largest cache dirs
".cache"
".compose-cache"
"*/cache"
"*/cache2" # firefox
"*/Cache"
"*/Code Cache"
".config/Slack/logs"
".config/Code/CachedData"
".container-diff"
".npm/_cacache"
# Work related dirs
"*/node_modules"
"*/bower_components"
"*/build"
"*/_build"
"*/.tox"
"*/venv"
"*/.venv"
];
encryption = {
mode = "repokey";
passCommand = "cat ${config.age.secrets.borgbackup.path}";
};
compression = "auto,zstd";
startAt = [ ];
};
# This value determines the NixOS release from which the default # This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions # settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave # on your system were taken. Its perfectly fine and recommended to leave

8
secrets/borgbackup.age Normal file
View file

@ -0,0 +1,8 @@
age-encryption.org/v1
-> ssh-ed25519 kZEpWw OQ8zlnVzqIh3FSryVBmqKzPDOatKrzDSR1Zm3BGL60E
FtbNNvnoskcgLO4XIREMmV+HY1YNgmavSKCKiVpLtUw
-> ;MI-grease
ArHYI+eu0R2GQyabN2Mr8nHC4LBU0xNZSl0hljMagNBtUGlwsTHvRBzTSVm6kcak
c2Rbqz9/Zg
--- t1Xtn3Wg7yC30usQ+dSbwBlBcd0mMiWUeraj2HTZ9PQ
„±BÌ<EFBFBD>q«¤Kr‡Ž¤D±1ZßË6½x:IèáVàÿêúø÷¯ÀÃÕ˜)Ê\YÝtI(˜†bÍ1JŸ¡QÀR”eVó}êÖv˜fn(°U½|ÔiB>ýºAXÈ€v\X,²†¹&3 OnleÞ4îpá"ä-{ÁÞ;þ°®

4
secrets/secrets.nix Normal file
View file

@ -0,0 +1,4 @@
let
neodymium =
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINTvwXCT99s1EwOCeGQ28jyCAH/RBoLZza9k5I7wWdEu laurent@neodymium";
in { "borgbackup.age".publicKeys = [ neodymium ]; }