diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..87c7f63 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,3 @@ +#pattern filter=crypt diff=crypt merge=crypt +features/server/services/forgejo-smtp.nix filter=crypt diff=crypt +features/server/services/nextcloud-network.nix filter=crypt diff=crypt diff --git a/.sops.yaml b/.sops.yaml new file mode 100644 index 0000000..952f4ac --- /dev/null +++ b/.sops.yaml @@ -0,0 +1,9 @@ +keys: + - &homelab_serv age17pq9xyrcv6tlms9sznnhql6pejue33r0aukn72hzpcn4jykrg33q4u0a3m + - &admin_homelab age1c8kr95dc7cqq34qyjgpnsgfgyntqnt5rlrq2c025ehp32f8h3sjqkf8k3s +creation_rules: + - path_regex: secrets/[^/]+\.(yaml|json|env)$ + key_groups: + - age: + - *admin_homelab + - *homelab_serv diff --git a/features/client/default.nix b/features/client/default.nix deleted file mode 100644 index d38c516..0000000 --- a/features/client/default.nix +++ /dev/null @@ -1,6 +0,0 @@ -{config, pkgs, ...}: -{ - imports = [ - ./tailscale.nix - ] -} diff --git a/features/client/games.nix b/features/client/games.nix deleted file mode 100644 index 90d44c1..0000000 --- a/features/client/games.nix +++ /dev/null @@ -1,18 +0,0 @@ -{config, pkgs, ...}: -{ - programs.steam = { - enable = true; - remotePlay.openFirewall = true; - dedicatedServer.openFirewall = true; - - nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [ - "steam" - "steam-original" - "steam-run" - ]; - - environment.systemPackages = with pkgs; [ - lutris - ]; - }; -} diff --git a/features/client/tailscale.nix b/features/client/tailscale.nix deleted file mode 100644 index 79c4112..0000000 --- a/features/client/tailscale.nix +++ /dev/null @@ -1,5 +0,0 @@ -{config, pkgs, ...}: -{ - services.tailscale.enable = true; -} - diff --git a/features/client/udisks2.nix b/features/client/udisks2.nix deleted file mode 100644 index e69de29..0000000 diff --git a/flake.lock b/flake.lock index e872fff..70b9e13 100644 --- a/flake.lock +++ b/flake.lock @@ -1,66 +1,5 @@ { "nodes": { - "alejandra": { - "inputs": { - "fenix": "fenix", - "flakeCompat": "flakeCompat", - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1660592437, - "narHash": "sha256-xFumnivtVwu5fFBOrTxrv6fv3geHKF04RGP23EsDVaI=", - "owner": "kamadorueda", - "repo": "alejandra", - "rev": "e7eac49074b70814b542fee987af2987dd0520b5", - "type": "github" - }, - "original": { - "owner": "kamadorueda", - "ref": "3.0.0", - "repo": "alejandra", - "type": "github" - } - }, - "fenix": { - "inputs": { - "nixpkgs": [ - "alejandra", - "nixpkgs" - ], - "rust-analyzer-src": "rust-analyzer-src" - }, - "locked": { - "lastModified": 1657607339, - "narHash": "sha256-HaqoAwlbVVZH2n4P3jN2FFPMpVuhxDy1poNOR7kzODc=", - "owner": "nix-community", - "repo": "fenix", - "rev": "b814c83d9e6aa5a28d0cf356ecfdafb2505ad37d", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "fenix", - "type": "github" - } - }, - "flakeCompat": { - "flake": false, - "locked": { - "lastModified": 1650374568, - "narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "b4a34015c698c7793d592d66adbab377907a2be8", - "type": "github" - }, - "original": { - "owner": "edolstra", - "repo": "flake-compat", - "type": "github" - } - }, "nixpkgs": { "locked": { "lastModified": 1723688146, @@ -111,28 +50,10 @@ }, "root": { "inputs": { - "alejandra": "alejandra", "nixpkgs": "nixpkgs", "sops-nix": "sops-nix" } }, - "rust-analyzer-src": { - "flake": false, - "locked": { - "lastModified": 1657557289, - "narHash": "sha256-PRW+nUwuqNTRAEa83SfX+7g+g8nQ+2MMbasQ9nt6+UM=", - "owner": "rust-lang", - "repo": "rust-analyzer", - "rev": "caf23f29144b371035b864a1017dbc32573ad56d", - "type": "github" - }, - "original": { - "owner": "rust-lang", - "ref": "nightly", - "repo": "rust-analyzer", - "type": "github" - } - }, "sops-nix": { "inputs": { "nixpkgs": "nixpkgs_2", diff --git a/flake.nix b/flake.nix index 804996d..2e95514 100644 --- a/flake.nix +++ b/flake.nix @@ -4,9 +4,6 @@ inputs = { nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.05"; sops-nix.url = "github:Mic92/sops-nix"; - - alejandra.url = "github:kamadorueda/alejandra/3.0.0"; - alejandra.inputs.nixpkgs.follows = "nixpkgs"; }; outputs = diff --git a/hosts/labouse/configuration.nix b/hosts/labouse/configuration.nix index d274f97..c09a9a3 100644 --- a/hosts/labouse/configuration.nix +++ b/hosts/labouse/configuration.nix @@ -7,7 +7,7 @@ { imports = [ # Include the results of the hardware scan. - ./hardware-configuration.nix + ./x75s.nix ]; # Use the GRUB 2 boot loader.