tacocatgirl/nix-config
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

no more secrets

Browse source
This commit is contained in:
Aria Nolan 2023-11-24 19:19:48 -05:00
parent 219a94ddfa
commit 7b09f1b79a
10 changed files with 70 additions and 146 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
.sops.yaml
View file

@ -1,9 +0,0 @@
# .sops.yaml
keys:
- age13dpyswy6ezqr2gyty75waanpc9lhjs073vt56z6tvjyzh9mkydaqwsystl
creation_rules:
- path_regex: secrets/secrets.yaml$
key_groups:
- age:
- age13dpyswy6ezqr2gyty75waanpc9lhjs073vt56z6tvjyzh9mkydaqwsystl

54
flake.lock
View file

@ -138,22 +138,6 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs-stable": {
"locked": {
"lastModified": 1700342017,
"narHash": "sha256-HaibwlWH5LuqsaibW3sIVjZQtEM/jWtOHX4Nk93abGE=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "decdf666c833a325cb4417041a90681499e06a41",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "release-23.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": { "nixpkgs_2": {
"locked": { "locked": {
"lastModified": 1700390070, "lastModified": 1700390070,
@ -170,22 +154,6 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs_3": {
"locked": {
"lastModified": 1700108881,
"narHash": "sha256-+Lqybl8kj0+nD/IlAWPPG/RDTa47gff9nbei0u7BntE=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "7414e9ee0b3e9903c24d3379f577a417f0aae5f1",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nur": { "nur": {
"locked": { "locked": {
"lastModified": 1700712715, "lastModified": 1700712715,
@ -207,8 +175,7 @@
"home-manager": "home-manager", "home-manager": "home-manager",
"nixos-hardware": "nixos-hardware", "nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs_2", "nixpkgs": "nixpkgs_2",
"nur": "nur", "nur": "nur"
"sops-nix": "sops-nix"
} }
}, },
"rust-overlay": { "rust-overlay": {
@ -236,25 +203,6 @@
"type": "github" "type": "github"
} }
}, },
"sops-nix": {
"inputs": {
"nixpkgs": "nixpkgs_3",
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
"lastModified": 1700362823,
"narHash": "sha256-/H7XgvrYM0IbkpWkcdfkOH0XyBM5ewSWT1UtaLvOgKY=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "49a87c6c827ccd21c225531e30745a9a6464775c",
"type": "github"
},
"original": {
"owner": "Mic92",
"repo": "sops-nix",
"type": "github"
}
},
"systems": { "systems": {
"locked": { "locked": {
"lastModified": 1681028828, "lastModified": 1681028828,

4
flake.nix
View file

@ -23,7 +23,6 @@
}; };
nixos-hardware.url = "github:NixOs/nixos-hardware/master"; nixos-hardware.url = "github:NixOs/nixos-hardware/master";
nur.url = "github:nix-community/nur"; nur.url = "github:nix-community/nur";
sops-nix.url = "github:Mic92/sops-nix";
}; };
# pass in the urls defined above # pass in the urls defined above
@ -35,7 +34,6 @@
helix, helix,
nixos-hardware, nixos-hardware,
nur, nur,
sops-nix,
... ...
} @ inputs: let } @ inputs: let
system = "x86_64-linux"; system = "x86_64-linux";
@ -63,7 +61,6 @@
specialArgs = {inherit inputs;}; specialArgs = {inherit inputs;};
modules = [ modules = [
./hosts/JWST/configuration.nix ./hosts/JWST/configuration.nix
sops-nix.nixosModules.sops
nixos-hardware.nixosModules.dell-xps-15-9520 nixos-hardware.nixosModules.dell-xps-15-9520
{nixpkgs.overlays = overlays;} {nixpkgs.overlays = overlays;}
home-manager.nixosModules.home-manager home-manager.nixosModules.home-manager
@ -73,7 +70,6 @@
home-manager.users."tacocat" = { home-manager.users."tacocat" = {
imports = [ imports = [
./users/tacocat/home.nix ./users/tacocat/home.nix
sops-nix.homeManagerModules.sops
]; ];
_module.args.theme = import ./modules/themes; _module.args.theme = import ./modules/themes;
}; };

19
hosts/JWST/configuration.nix
View file

@ -102,7 +102,6 @@
exfat exfat
encfs encfs
ntfs3g ntfs3g
sops
]; ];
# remove nano # remove nano
defaultPackages = with pkgs; [ defaultPackages = with pkgs; [
@ -112,15 +111,6 @@
]; ];
}; };
# sops = {
# defaultSopsFile = ../../secrets/secrets.yaml;
# defaultSopsFormat = "yaml";
# age.keyFile = "/home/tacocat/.config/sops/age/keys.txt";
# secrets.email-personal = {};
# secrets.email-spam = {};
# secrets.email-school = {};
# };
programs.sway = { programs.sway = {
enable = true; enable = true;
wrapperFeatures.gtk = true; wrapperFeatures.gtk = true;
@ -134,6 +124,15 @@
programs.waybar.enable = true; programs.waybar.enable = true;
programs.steam.enable = true; programs.steam.enable = true;
programs.steam.gamescopeSession = {
enable = true;
# args = [
# "-f"
# "--expose-wayland"
# ];
};
programs.gamemode.enable = true;
programs.gamescope.enable = true;
xdg.portal = { xdg.portal = {
enable = true; enable = true;

34
secrets/secrets.yaml
View file

@ -1,34 +0,0 @@
#ENC[AES256_GCM,data:JjngdEl24lzivXSGGtT+BmiEgJv9CYFGoshMp341WTVhGZb0CfJw/INV5Hds4It+b5VdKwsq,iv:z7QQf9jHo/UnOeFL5Xr+Gigvumj5oeCw+qbuDDvC05k=,tag:E76DCMWb0jJtNpjVEY7Tiw==,type:comment]
#ENC[AES256_GCM,data:HICA26c4UzeSp1IhNUkoFukr14zNLQ6PRzXa,iv:Ai2VRUy4F0l58M+zP8UTJ+HwpnnntvhXqRGDFKgfxoc=,tag:u3Z1J+6jjDStKsPVcdQ48w==,type:comment]
#ENC[AES256_GCM,data:91rUTDQieSAoP34dVPhUVQ==,iv:yiCh0c97u0FcofOfTkvJG0kee12GyObDQWiV2cLeN8g=,tag:RxtR8qSFw/U3NdKJl/6q3g==,type:comment]
#ENC[AES256_GCM,data:fBniAj/OEUphfzuouN4V,iv:oDvxL66JaHok1Bmd4gVc85/5bHpVPgixT/DM92eeqwI=,tag:ZQsqpszjmPThhkFaeI3hfg==,type:comment]
#ENC[AES256_GCM,data:5vniSSqRnOLyiyV6ylKevv8AZsJw,iv:Z5mefVGn9jSCPJZRkwjPZ2alkUwao0bCJVS3aRY3egE=,tag:aHZcDJWmHx1MEux6bKuWFg==,type:comment]
#ENC[AES256_GCM,data:al064LOcqMiJljtxOtEkYPiTFanG,iv:mqO28HpExCICHRPbmyo3LK7QFysAOzf8Mn666QgC/9Q=,tag:Pcb0VSAJ3TkQLbDoobJTkA==,type:comment]
#ENC[AES256_GCM,data:tMg+HbmZGZLzc3WZJVrwmOi7JjCBbkJdWRwm,iv:3pDsdJX2OSactrP9CQeNvQR7q01qXo/BR4FKLhcaiyQ=,tag:Wxlf6SuGWgGEVvG7Sjcojw==,type:comment]
#ENC[AES256_GCM,data:Qs7LdUYBaoCLtlu+VdIHrIsA,iv:lWJsId1PA6mc+E0+mP55EfoCk5rixb+Z91XtUg6ivCw=,tag:XVDzTi/poTsRT6m3dbcLZA==,type:comment]
#ENC[AES256_GCM,data:73KcTxpT6YfRex8=,iv:3pLvjR/BOayKYUvCaZbW4JbCpbNqJ0QrcO+GvAAZauo=,tag:y4HM5xLSAzaEBrSqWUlpsQ==,type:comment]
#ENC[AES256_GCM,data:OiGD0S0aKU15hDKi,iv:dIFoxlFYv2dbQFTk1O/pJld30sVNOFpq83z8YqFdruE=,tag:PRat5Zkn5MBfgAt0voPuNg==,type:comment]
email-school: ENC[AES256_GCM,data:z2M4ydGtR/Bds7zdCWt8,iv:kVY1tUdNXeoQDbRj+fbVc8mot0dJQ969vOzS482l5wM=,tag:oFFKuGUIIh/cRc25Te5qdQ==,type:str]
email-personal: ENC[AES256_GCM,data:x0lXf2n/swR2w//g00K0ig==,iv:NOaSBKh1z4JvuFG1dGn3+08jdJWx0GJgqin/gAhTvP0=,tag:0VYDzr6lyviEnwxBHACa1g==,type:str]
email-spam: ENC[AES256_GCM,data:1+L6ehJYOIPxSTfG579buGN/Hg==,iv:eB9xBowS4TkdaVdJcdJP5MKCGvzc1IBZhJN2CDmgl2c=,tag:c/0kspr28VxN8hPSlQ8c8Q==,type:str]
email-proton: ENC[AES256_GCM,data:Ts6E0gGQs7LOuQRINSddeFXymg==,iv:/JFD2vHgcH8oaxSNfRm6pbcz31r4dIfAb1+KZJPdrEA=,tag:zTbDKlD3PZXr5g7PI+oMxA==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age13dpyswy6ezqr2gyty75waanpc9lhjs073vt56z6tvjyzh9mkydaqwsystl
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBiNnpRZXBwaXk0aDZhMDBy
cThMNGdWaE9GZlpFN3RTLzhaYVJUKzFORkNjCmtuakFIczhVNXltQk42RWxjUnlz
dTdkUmJOdjBCZXZNZjE4QURGVW5wUGsKLS0tIGhkclA1M3dKZzUxZWpLZDlsRHZR
VTlua3pQRTZGUGw4OEVQSUhsMHZoVncKm0+J++ZOflbTjfb0Q/nC/LnwKXOq5XEE
CvRQmjp4sWgmnP8wrcPvtInPrkVYBHluI9DD9DRoQ+PTYsz8xSIRig==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-11-24T03:00:02Z"
mac: ENC[AES256_GCM,data:6I3f44NOaf8AX6nrcr20yIgUbXRYPutalYY4HqL5sfgz6l6el4coc2jFRkbHJIjm3zx8F+PvsekM1A6VYKRUt5Ph+8P02pP0dmfrWx6GlD/0YNUJVVn7S51+yNNlJQGUPWFatKVsNpV0ZmkQZedQWz+2+JXfjJKw6kAcNQUuujI=,iv:7E2PBrLp9vHUUEfLqPgDsTfWfCebklmcL9sAcVIbrWg=,tag:iEq2WhC9wScoHwOYbI1llg==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.8.1

64
users/tacocat/email.nix
View file

@ -1,20 +1,46 @@
{config, ...}: { {...}: {
# accounts.email.accounts = { accounts.email.accounts = {
# "aria" = { "aria" = {
# address = "${config.sops.secrets.email-personal}"; address = "aria@chytrid.org";
# realName = "Aria Nolan"; userName = "aria@chytrid.org";
# primary = true; realName = "Aria Nolan";
# # thunderbird.enable = true; primary = true;
# }; thunderbird.enable = true;
# "tacocat" = { smtp = {
# address = "${config.sops.secrets.email-spam}"; host = "mail.nordhost.no";
# # thunderbird.enable = true; port = 465;
# }; };
# "school" = { imap = {
# address = "${config.sops.secrets.email-school}"; host = "mail.nordhost.no";
# realName = "Aria Nolan"; port = 993;
# flavor = "gmail.com"; };
# # thunderbird.enable = true; };
# }; "tacocat" = {
# }; address = "tacocat@chytrid.org";
userName = "tacocat@chytrid.org";
realName = "tacocat";
thunderbird.enable = true;
smtp = {
host = "mail.nordhost.no";
port = 465;
};
imap = {
host = "mail.nordhost.no";
port = 993;
};
};
"school" = {
address = "bfn1292@g.rit.edu";
realName = "Aria Nolan";
flavor = "gmail.com";
thunderbird.enable = true;
};
};
programs.thunderbird = {
enable = true;
profiles."aria" = {
isDefault = true;
};
};
} }

10
users/tacocat/home.nix
View file

@ -14,7 +14,6 @@
]; ];
packages = with pkgs; [ packages = with pkgs; [
rnote rnote
# sops
mpv mpv
discord discord
neovim neovim
@ -59,15 +58,6 @@
news.display = "silent"; news.display = "silent";
# sops = {
# defaultSopsFile = ../../secrets/secrets.yaml;
# defaultSopsFormat = "yaml";
# age.keyFile = "/home/tacocat/.config/sops/age/keys.txt";
# secrets.email-personal = {};
# secrets.email-spam = {};
# secrets.email-school = {};
# };
imports = [ imports = [
./programs ./programs
./services ./services

6
users/tacocat/wayland/default.nix
View file

@ -20,10 +20,10 @@
]; ];
home.sessionVariables = { home.sessionVariables = {
SDL_VIDEODRIVER = "wayland"; # SDL_VIDEODRIVER = "wayland";
QT_QPA_PLATFORM = "wayland"; # QT_QPA_PLATFORM = "wayland";
QT_WAYLAND_DISABLE_WINDOWDECORATIONS = "1"; QT_WAYLAND_DISABLE_WINDOWDECORATIONS = "1";
_JAVA_AWT_WM_NONREPARENTING = "1"; # _JAVA_AWT_WM_NONREPARENTING = "1";
MOZ_ENABLE_WAYLAND = "1"; MOZ_ENABLE_WAYLAND = "1";
}; };

2
users/tacocat/wayland/sway/config
View file

@ -280,6 +280,6 @@ bindsym $mod+r mode "resize"
# SwayFX # SwayFX
# blur on # blur on
# xwayland enable xwayland enable
include ~/.config/sway/config.d/* include ~/.config/sway/config.d/*

14
users/tacocat/wayland/sway/config.d/windows
View file

@ -1,3 +1,11 @@
for_window [window_role="pop-up"] floating enable for_window {
for_window [window_role="bubble"] floating enable [window_role="pop-up"] floating enable
for_window [window_type="dialog"] floating enable [window_role="bubble"] floating enable
[window_role="dialog"] floating enable
[window_type="dialog"] floating enable
[shell="xwayland"] title_format "%title [XWayland]"
[app_id="firefox"] inhibit_idle fullscreen
[app_id="mpv"] inhibit_idle fullscreen
[app_id="Vivaldi-stable"] inhibit_idle fullscreen
[app_id="ulauncher"] floating enable, border none
}