add fuse nextcloud and age encrypted passwords
All checks were successful
Build iso when a new version is pushed / test (push) Successful in 2m8s
All checks were successful
Build iso when a new version is pushed / test (push) Successful in 2m8s
This commit is contained in:
7
.sops.yaml
Normal file
7
.sops.yaml
Normal file
@ -0,0 +1,7 @@
|
||||
keys:
|
||||
- &primary age1sjzkhwr8ycdsmuj8xg8y4v2hcpuq9vethnhytxtwzeury692dsxqf80fwv
|
||||
creation_rules:
|
||||
- path_regex: secrets/secrets.yaml$
|
||||
key_groups:
|
||||
- age:
|
||||
- *primary
|
||||
23
flake.lock
generated
23
flake.lock
generated
@ -114,7 +114,28 @@
|
||||
"firefox-addons": "firefox-addons",
|
||||
"home-manager": "home-manager",
|
||||
"nixos-hardware": "nixos-hardware",
|
||||
"nixpkgs": "nixpkgs_2"
|
||||
"nixpkgs": "nixpkgs_2",
|
||||
"sops-nix": "sops-nix"
|
||||
}
|
||||
},
|
||||
"sops-nix": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1754988908,
|
||||
"narHash": "sha256-t+voe2961vCgrzPFtZxha0/kmFSHFobzF00sT8p9h0U=",
|
||||
"owner": "Mic92",
|
||||
"repo": "sops-nix",
|
||||
"rev": "3223c7a92724b5d804e9988c6b447a0d09017d48",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "Mic92",
|
||||
"repo": "sops-nix",
|
||||
"type": "github"
|
||||
}
|
||||
}
|
||||
},
|
||||
|
||||
14
flake.nix
14
flake.nix
@ -6,7 +6,7 @@
|
||||
# By: tomoron <tomoron@student.42angouleme.fr> +#+ +:+ +#+ #
|
||||
# +#+#+#+#+#+ +#+ #
|
||||
# Created: 2024/10/17 18:15:24 by tomoron #+# #+# #
|
||||
# Updated: 2025/08/30 19:38:12 by tomoron ### ########.fr #
|
||||
# Updated: 2025/09/05 18:37:36 by tomoron ### ########.fr #
|
||||
# #
|
||||
# **************************************************************************** #
|
||||
|
||||
@ -16,6 +16,10 @@
|
||||
inputs = {
|
||||
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
|
||||
catppuccin.url = "github:catppuccin/nix";
|
||||
sops-nix = {
|
||||
url = "github:Mic92/sops-nix";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
home-manager = {
|
||||
url = "github:nix-community/home-manager";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
@ -49,7 +53,12 @@
|
||||
inherit pkgs;
|
||||
extraSpecialArgs = { inherit inputs; username = username; homeDir = homeDir; isOs = false; };
|
||||
modules = nixpkgs.lib.concatLists [
|
||||
[ ./homeConfigs/home.nix ./homeConfigs/hosts/${flakeName}.nix catppuccin.homeModules.catppuccin ]
|
||||
[
|
||||
./homeConfigs/home.nix
|
||||
./homeConfigs/hosts/${flakeName}.nix
|
||||
catppuccin.homeModules.catppuccin
|
||||
inputs.sops-nix.homeManagerModules.sops
|
||||
]
|
||||
extraModules
|
||||
];
|
||||
};
|
||||
@ -68,7 +77,6 @@
|
||||
(nixpkgs + "/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix")
|
||||
./osConfigs/hosts/iso.nix
|
||||
inputs.home-manager.nixosModules.default
|
||||
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
@ -6,11 +6,11 @@
|
||||
# By: tomoron <tomoron@student.42angouleme.fr> +#+ +:+ +#+ #
|
||||
# +#+#+#+#+#+ +#+ #
|
||||
# Created: 2024/10/17 18:15:38 by tomoron #+# #+# #
|
||||
# Updated: 2025/08/30 20:34:23 by tomoron ### ########.fr #
|
||||
# Updated: 2025/09/05 19:55:21 by tomoron ### ########.fr #
|
||||
# #
|
||||
# **************************************************************************** #
|
||||
|
||||
{lib, pkgs, username ? "tom" ,homeDir ? "/home/tom", isOs ? false, ... }:
|
||||
{lib, pkgs, config, username ? "tom" ,homeDir ? "/home/tom", isOs ? false, ... }:
|
||||
|
||||
{
|
||||
imports = lib.concatLists [
|
||||
@ -23,6 +23,28 @@
|
||||
|
||||
home.stateVersion = "24.05";
|
||||
|
||||
sops.defaultSopsFile = ../secrets/secrets.yaml;
|
||||
sops.age.keyFile = "${homeDir}/.config/sops/age/keys.txt";
|
||||
sops.secrets."nextcloud_fuse/password" = {};
|
||||
|
||||
programs.rclone.enable = true;
|
||||
programs.rclone.remotes.nextcloud = {
|
||||
config = {
|
||||
type = "webdav";
|
||||
url = "https://nc.tmoron.fr/remote.php/dav/files/tom";
|
||||
vendor = "nextcloud";
|
||||
user = "tom";
|
||||
};
|
||||
secrets.pass = config.sops.secrets."nextcloud_fuse/password".path;
|
||||
mounts = {
|
||||
"/" = {
|
||||
enable = true;
|
||||
mountPoint = "${homeDir}/nextcloud";
|
||||
options.vfs-cache-mode = "writes";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
# programs.ghostty.enable = true;
|
||||
# programs.ghostty.settings = {
|
||||
# theme = "catppuccin-mocha";
|
||||
|
||||
@ -6,7 +6,7 @@
|
||||
# By: tomoron <tomoron@student.42angouleme.fr> +#+ +:+ +#+ #
|
||||
# +#+#+#+#+#+ +#+ #
|
||||
# Created: 2025/02/09 22:01:56 by tomoron #+# #+# #
|
||||
# Updated: 2025/09/02 23:33:04 by tomoron ### ########.fr #
|
||||
# Updated: 2025/09/05 19:28:45 by tomoron ### ########.fr #
|
||||
# #
|
||||
# **************************************************************************** #
|
||||
|
||||
@ -44,5 +44,6 @@
|
||||
nerd-fonts.iosevka
|
||||
compiledb
|
||||
yubikey-personalization
|
||||
sops
|
||||
];
|
||||
}
|
||||
|
||||
@ -2,6 +2,7 @@
|
||||
|
||||
{
|
||||
boot.initrd.luks.yubikeySupport = true;
|
||||
services.udev.packages = [ pkgs.yubikey-personalization ];
|
||||
boot.initrd.kernelModules = [ "vfat" "nls_cp437" "nls_iso8859-1" "usbhid" ];
|
||||
boot.initrd.luks.devices.cryptroot = {
|
||||
device = "/dev/disk/by-uuid/a4593b01-069d-4a5d-a550-74a762b89b3f";
|
||||
@ -18,6 +19,8 @@
|
||||
};
|
||||
};
|
||||
|
||||
programs.fuse.enable = true;
|
||||
|
||||
boot.blacklistedKernelModules = [ "nvidia" "nvidia_drm" "nvidia_uvm" ];
|
||||
|
||||
mods.displayManager.enable = true;
|
||||
@ -86,6 +89,7 @@
|
||||
enable = true;
|
||||
enableUserService = true;
|
||||
};
|
||||
|
||||
services.supergfxd.enable = true;
|
||||
services.supergfxd.settings = {
|
||||
mode = "Integrated";
|
||||
@ -99,8 +103,6 @@
|
||||
|
||||
services.upower.enable = true;
|
||||
|
||||
services.udev.packages = [ pkgs.yubikey-personalization ];
|
||||
|
||||
programs.wireshark.enable = true;
|
||||
programs.wireshark.usbmon.enable = true;
|
||||
|
||||
|
||||
18
secrets/secrets.yaml
Normal file
18
secrets/secrets.yaml
Normal file
@ -0,0 +1,18 @@
|
||||
#ENC[AES256_GCM,data:1NcFm2XqZzmSSlr8wH4aXHDBhf+lOaZ/gUeK2T/U/hIBbqtfKtw=,iv:yS5iogRp6e3We/7wZnGy0XJzqLVfRVKlDhUs+tamcJ0=,tag:+z/qqF9n6/hQfv9aWXkCDQ==,type:comment]
|
||||
nextcloud_fuse:
|
||||
password: ENC[AES256_GCM,data:Rlyc9wO3rXJ97AAMzM+vJclEJ+eaSPtHkitqRL0=,iv:yuS2Tyo2HZGVb9tbWmmgOEwkyzLhlvq8iZ2YjGD0u9E=,tag:pf8n4pTvseh1pd12w8w4tw==,type:str]
|
||||
sops:
|
||||
age:
|
||||
- recipient: age1sjzkhwr8ycdsmuj8xg8y4v2hcpuq9vethnhytxtwzeury692dsxqf80fwv
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPRXNiNG9vRzJraERMSytl
|
||||
Qkc4SVluRWQ1bE5Dc2FpaHQ2WGkxeHF2TWdjCml3OXpockc0NFJ6dDJTVzNjLzNU
|
||||
cWxHTzhBVno1TlVDaXplR2tuN2wzN0kKLS0tIG5pWmcxYlhlb1lCN3RqNG5hRFJS
|
||||
clZaazZQdW5wYUhUNmM0QW91K0NLOTAKB6z7cKg54QmJo0U03u6RQkSCfJOAdeJa
|
||||
DiyPYjm02BNe8YPFbBFRpyT7G++j3h0yG+/Nr2zcQFyMMEpMv5QJvg==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2025-09-05T17:58:05Z"
|
||||
mac: ENC[AES256_GCM,data:96G7VqaG8A46tQ1L7I2asiYtNZF7K3Wf+SzbwPrNV8zQio2jInawtD4WSzHmLs4Nv7M1TBHug/ho8mfYq6auXgpathiSzvj0Tzs/IEKXiTYa86tM3szwAepavMYWOl6OYJ7S39ku6BOMo3qC2BK/gpT5iy4c84ashn2wFd1n41A=,iv:6TShIsqnhCf/3uoAaz/R+Cwr2HrorROOXodXluTKM8M=,tag:BA9rQ73scKgetW3orV0HdQ==,type:str]
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.10.2
|
||||
Reference in New Issue
Block a user