diff --git a/flake.lock b/flake.lock index 044d333..5153d4c 100644 --- a/flake.lock +++ b/flake.lock @@ -171,11 +171,11 @@ ] }, "locked": { - "lastModified": 1697410455, - "narHash": "sha256-jCs/ffIP3tUPN7HWWuae4BB8+haAw2NI02z5BQvWMGM=", + "lastModified": 1697964592, + "narHash": "sha256-fua0LKNLkYYK2Dgdm9P+VPdqrVgDXUIx+EkQAQByhuc=", "owner": "nix-community", "repo": "home-manager", - "rev": "78125bc681d12364cb65524eaa887354134053d0", + "rev": "219d268a69512ff520fe8da1739ac22d95d52355", "type": "github" }, "original": { @@ -272,11 +272,11 @@ ] }, "locked": { - "lastModified": 1697340827, - "narHash": "sha256-XlrR68N7jyaZ0bs8TPrhqcWG0IPG3pbjrKzJMpYOsos=", + "lastModified": 1697946153, + "narHash": "sha256-7k7qIwWLaYPgQ4fxmEdew3yCffhK6rM4I4Jo3X/79DA=", "owner": "nix-community", "repo": "nix-index-database", - "rev": "29977d0796c058bbcfb2df5b18eb5badf1711007", + "rev": "5a2006282caaf32663cdcd582c5b18809c7d7d8d", "type": "github" }, "original": { @@ -287,11 +287,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1697100850, - "narHash": "sha256-qSAzJVzNRIo+r3kBjL8TcpJctcgcHlnZyqdzpWgtg0M=", + "lastModified": 1697748412, + "narHash": "sha256-5VSB63UE/O191cuZiGHbCJ9ipc7cGKB8cHp0cfusuyo=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "fb6af288f6cf0f00d3af60cf9d5110433b954565", + "rev": "72d53d51704295f1645d20384cd13aecc182f624", "type": "github" }, "original": { @@ -301,11 +301,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1697059129, - "narHash": "sha256-9NJcFF9CEYPvHJ5ckE8kvINvI84SZZ87PvqMbH6pro0=", + "lastModified": 1697723726, + "narHash": "sha256-SaTWPkI8a5xSHX/rrKzUe+/uVNy6zCGMXgoeMb7T9rg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "5e4c2ada4fcd54b99d56d7bd62f384511a7e2593", + "rev": "7c9cc5a6e5d38010801741ac830a3f8fd667a7a0", "type": "github" }, "original": { @@ -347,11 +347,11 @@ }, "nixpkgs-stable_2": { "locked": { - "lastModified": 1697332183, - "narHash": "sha256-ACYvYsgLETfEI2xM1jjp8ZLVNGGC0onoCGe+69VJGGE=", + "lastModified": 1697929210, + "narHash": "sha256-RkQZif6QhswEwv7484mrKfIU8XmIWm+ED6llbr4IyxM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "0e1cff585c1a85aeab059d3109f66134a8f76935", + "rev": "fb000224952bf7749a9e8b3779104ef7ea4465c8", "type": "github" }, "original": { @@ -419,11 +419,11 @@ ] }, "locked": { - "lastModified": 1696139730, - "narHash": "sha256-Y7EIcrDVm6ACc9e8rXygXJkeODy1RzvlqI33ReV5Zug=", + "lastModified": 1697981942, + "narHash": "sha256-D+2k9UubyeBaq0+L+nqmF0J9iqllhyO5gdJgg9UoGTA=", "owner": "therealr5", "repo": "purge", - "rev": "bf9d45d1ee3bec6232ddc1028a25b433df32c85a", + "rev": "7e3f832be406e1323138a6ec0e0d10347c8c9689", "type": "github" }, "original": { @@ -481,11 +481,11 @@ "nixpkgs-stable": "nixpkgs-stable_2" }, "locked": { - "lastModified": 1697339241, - "narHash": "sha256-ITsFtEtRbCBeEH9XrES1dxZBkE1fyNNUfIyQjQ2AYQs=", + "lastModified": 1697943852, + "narHash": "sha256-DaBxUPaZhQ3yLCmAATshYB7qo7NwcMvSFWz9T3bjYYY=", "owner": "Mic92", "repo": "sops-nix", - "rev": "51186b8012068c417dac7c31fb12861726577898", + "rev": "30a0ba4a20703b4bfe047fe5def1fc24978e322c", "type": "github" }, "original": { diff --git a/hosts/falkenstein-1/default.nix b/hosts/falkenstein-1/default.nix index e9e508e..c0e0320 100644 --- a/hosts/falkenstein-1/default.nix +++ b/hosts/falkenstein-1/default.nix @@ -5,7 +5,8 @@ [ # Include the results of the hardware scan. ./hardware-configuration.nix - ./modules/backup + # ./modules/backup + ./modules/fail2ban ./modules/mail ./modules/networks ./modules/nginx diff --git a/hosts/falkenstein-1/modules/backup/default.nix b/hosts/falkenstein-1/modules/backup/default.nix index b3adfda..7bf9d88 100644 --- a/hosts/falkenstein-1/modules/backup/default.nix +++ b/hosts/falkenstein-1/modules/backup/default.nix @@ -5,8 +5,6 @@ services.borgmatic = { enable = true; settings = { - # fix failing check - location = null; source_directories = [ "/var/lib" "/var/log" diff --git a/hosts/falkenstein-1/modules/fail2ban/default.nix b/hosts/falkenstein-1/modules/fail2ban/default.nix new file mode 100644 index 0000000..666bff3 --- /dev/null +++ b/hosts/falkenstein-1/modules/fail2ban/default.nix @@ -0,0 +1,25 @@ +{ ... }: +{ + services.fail2ban = { + enable = true; + bantime = "10m"; + bantime-increment = { + enable = true; + }; + jails = { + dovecot = '' + enabled = true + # aggressive mode add blocking for aborted connections + filter = dovecot[mode=aggressive] + bantime = 10m + maxretry = 3 + ''; + postfix = '' + enabled = true + filter = postfix[mode=aggressive] + maxretry = 3 + ''; + }; + }; +} + diff --git a/hosts/falkenstein-1/modules/networks/default.nix b/hosts/falkenstein-1/modules/networks/default.nix index 4972bf4..055f73a 100644 --- a/hosts/falkenstein-1/modules/networks/default.nix +++ b/hosts/falkenstein-1/modules/networks/default.nix @@ -42,8 +42,7 @@ netdevs."30-dorm" = { netdevConfig = { Kind = "wireguard"; - Name = "dorm"; - Description = "WireGuard to my Dorm Infra"; + Name = "wg0"; }; wireguardConfig = { PrivateKeyFile = config.sops.secrets."wireguard/dorm/private".path; @@ -52,29 +51,29 @@ wireguardPeers = [ { wireguardPeerConfig = { - PublicKey = "vUmworuJFHjB4KUdkucQ+nzqO2ysARLomq4UuK1n430="; + PublicKey = "Z5lwwHTCDr6OF4lfaCdSHNveunOn4RzuOQeyB+El9mQ="; PresharedKeyFile = config.sops.secrets."wireguard/dorm/preshared".path; Endpoint = "dorm.vpn.rfive.de:51820"; - AllowedIPs = "10.10.10.0/24, 192.168.10.0/24"; + AllowedIPs = "192.168.42.0/24, 192.168.43.0/24"; }; } ]; }; networks."30-dorm" = { - matchConfig.Name = "dorm"; + matchConfig.Name = "wg0"; networkConfig = { - DNS = "192.168.10.1"; + DNS = "192.168.42.1"; }; addresses = [ { addressConfig = { - Address = "10.10.10.4/24"; + Address = "192.168.43.4/24"; RouteMetric = 30; }; } ]; routes = [ - { routeConfig = { Gateway = "0.0.0.0"; Destination = "192.168.10.0/24"; Metric = 30; }; } + { routeConfig = { Gateway = "0.0.0.0"; Destination = "192.168.42.0/24"; Metric = 30; }; } ]; }; }; diff --git a/hosts/falkenstein-1/modules/purge/default.nix b/hosts/falkenstein-1/modules/purge/default.nix index 37d26f9..92c5abc 100644 --- a/hosts/falkenstein-1/modules/purge/default.nix +++ b/hosts/falkenstein-1/modules/purge/default.nix @@ -3,7 +3,7 @@ let domain = "purge.${config.networking.domain}"; in { - sops.secrets."purge/token".owner = "purge"; + sops.secrets."purge/token" = { }; services.purge = { enable = true; discord = { diff --git a/hosts/thinkpad/default.nix b/hosts/thinkpad/default.nix index 5bcf9da..03008e6 100755 --- a/hosts/thinkpad/default.nix +++ b/hosts/thinkpad/default.nix @@ -38,12 +38,12 @@ settings = { experimental-features = [ "nix-command" "flakes" ]; auto-optimise-store = true; - substituters = [ - "ssh://nuc.lan" - ]; - trusted-public-keys = [ - "nuc.lan:a9UkVw3AizAKCER1CfNGhx8UOMF4t4UGE3GJ9dmHwJc=" - ]; + # substituters = [ + # "ssh://nuc.lan" + # ]; + # trusted-public-keys = [ + # "nuc.lan:a9UkVw3AizAKCER1CfNGhx8UOMF4t4UGE3GJ9dmHwJc=" + # ]; }; # distributedBuilds = true; # extraOptions = '' @@ -231,7 +231,6 @@ deploy-rs man-pages - man-pages-posix ]; programs.java.enable = true; documentation.dev.enable = true; diff --git a/hosts/thinkpad/modules/networks/default.nix b/hosts/thinkpad/modules/networks/default.nix index a3229c0..37abe65 100644 --- a/hosts/thinkpad/modules/networks/default.nix +++ b/hosts/thinkpad/modules/networks/default.nix @@ -55,8 +55,8 @@ matchConfig.Name = "lo"; linkConfig.RequiredForOnline = false; }; - networks."10-wired" = { - matchConfig.Name = "enp0s31f6"; + networks."10-wired-default" = { + matchConfig.Name = "en*"; linkConfig.RequiredForOnline = false; networkConfig = { DHCP = "yes"; @@ -102,11 +102,10 @@ }; # some wireguard interfaces - netdevs."30-dorm" = { + netdevs."30-wg0" = { netdevConfig = { Kind = "wireguard"; - Name = "dorm"; - Description = "WireGuard to my Dorm Infra"; + Name = "wg0"; }; wireguardConfig = { PrivateKeyFile = config.sops.secrets."wireguard/dorm/private".path; @@ -118,28 +117,27 @@ PublicKey = "Z5lwwHTCDr6OF4lfaCdSHNveunOn4RzuOQeyB+El9mQ="; PresharedKeyFile = config.sops.secrets."wireguard/dorm/preshared".path; Endpoint = "141.30.227.6:51820"; - # Endpoint = "dorm.vpn.rfive.de:51820"; - AllowedIPs = "192.168.2.0/24, 192.168.1.0/24"; + AllowedIPs = "192.168.42.0/24, 192.168.43.0/24"; }; } ]; }; - networks."30-dorm" = { - matchConfig.Name = "dorm"; + networks."30-wg0" = { + matchConfig.Name = "wg0"; networkConfig = { - DNS = "192.168.1.1"; + DNS = "192.168.42.1"; }; addresses = [ { addressConfig = { - Address = "192.168.2.3/24"; + Address = "192.168.43.3/24"; RouteMetric = 30; }; } ]; routes = [ # allowedIPs is somewhat broken - { routeConfig = { Gateway = "0.0.0.0"; Destination = "192.168.1.0/24"; Metric = 30; }; } + { routeConfig = { Gateway = "0.0.0.0"; Destination = "192.168.42.0/24"; Metric = 30; }; } ]; }; }; diff --git a/hosts/thinkpad/modules/networks/uni.nix b/hosts/thinkpad/modules/networks/uni.nix index 24c3b69..f048184 100644 --- a/hosts/thinkpad/modules/networks/uni.nix +++ b/hosts/thinkpad/modules/networks/uni.nix @@ -25,6 +25,20 @@ ca_cert="/etc/ssl/certs/ca-certificates.crt" domain_suffix_match="radius.agdsn.de" identity="r5" + password="@AGDSN_WIFI_AUTH@" + phase2="auth=PAP" + ''; + authProtocols = [ "WPA-EAP" ]; + }; + agdsn-office = { + auth = '' + eap=TTLS + anonymous_identity="wifi@agdsn.de" + ca_cert="/etc/ssl/certs/ca-certificates.crt" + domain_suffix_match="radius.agdsn.de" + identity="r5" + priority=5 + proto=WPA2 password="@AGDSN_AUTH@" phase2="auth=PAP" ''; diff --git a/secrets/falkenstein-1.yaml b/secrets/falkenstein-1.yaml index 998c3c5..ad6fb68 100644 --- a/secrets/falkenstein-1.yaml +++ b/secrets/falkenstein-1.yaml @@ -4,8 +4,8 @@ pfersel: token: ENC[AES256_GCM,data:MFxzpT6sqzhDpZya4/eI77LbHXekzfTQWZrjd/aot2MzRXicaCUabEUqnR40QnW9HujOTW0+A+9Be5mDX6OqVDt2ioKVxg==,iv:UTTWL7uSVgpkLnXTkvojC/fotkDISdyBrGDiegXqMuQ=,tag:+8+Th/M9U9mJX6i2YCPBbg==,type:str] wireguard: dorm: - private: ENC[AES256_GCM,data:3DMW+sZ1qEcfithXj8/7CUbKotJ2Ld23Fa6cf9ijLRvJPk5+VZOt8j5AIVY=,iv:pY/uAkkUOyFqEmWqoP8qC418VtbbX/Ws7BMuyGbvlXE=,tag:/u2akzXjchYlKR59Skk4aA==,type:str] - preshared: ENC[AES256_GCM,data:+1O/8fW03NOqd2FJjCDvN1Ktb3mVBManB9gI8S0CensNayjFHLfPj4z64TQ=,iv:YgVsHG30XIr6lR9Is91sDW0jwxmUmmo49rD4tXknU/E=,tag:EKa1NDJIlPlU+AU0bcFu5w==,type:str] + private: ENC[AES256_GCM,data:Wk6g0UW6onEQYh2Sjoh8pXtaxzQehbYzulS32LHENombOdM3xT6fLBRuI3o=,iv:i5HqTr/WV8tiBud1BApPWC2z1Ck5LiTRJ1MP8/1AH5U=,tag:ISAHSJCNzS/MCiPkPh6CXQ==,type:str] + preshared: ENC[AES256_GCM,data:8n4LJb9EeGfYp3VV4iL9O+IadsGok9EWZESXdkGDk/LwYUvKRxkFsfIUmA0=,iv:dAY3h8U+/+Ac4t7HIjTj2LvX2g6LUT9s8U4GU4tvPV0=,tag:UI7mOiQGWVnmIYJe8C1gpw==,type:str] borg: passphrase: ENC[AES256_GCM,data:54KCMu574Uj01sqnfBX9BqFc5+dx1Se7,iv:NgodekAUw0pNddA36oIranISkvUQIxZRmZW4s1UIHdU=,tag:frep/WspsozTL1V/OfuTxw==,type:str] key: ENC[AES256_GCM,data:TGwOAKLEF/zy0PTMcdfkgypGR4/HlZ1By8cMT+sUbMQUfcw2HzvZBwbvfchx/abO9JXmbeSC1E7w6yEMIEg5bPAgGkylRdud/X5Ol/fRKZNdc61JyCWO/UT+qiI/vkikRKQxK/cpfB76+8TuTk0dElGOgJ0NTqklwjap200VdS/l5SBOpY50l338V0p4PQAJ50ry7qWlvN5+GKcHypVBTVabmvRUQCBmzK4N9yiW3zBpmA8e1MctmRiwqIBafeZVJ8YzVqC8cKLtFh4sVDd2fkrIEI4TMcGNS+E0VyHD7ZbTY8KBrNjmZPaTZz186g9PhB3rlHv6a6wAHJx3wZgijzxuXeX7yvyfM0NRz4DQaIANm1ggLdddUf6oS5i2kjKuENa2xL4ADpiO/d3U86HC9ldA8u0mHItjGlqZEL5/cBme1qKf70WsrGqN4gWLzMHZM2WkpssaIU3Ws6YksQHGP7iu5gXLIRB7/DqoY5kl2kS7vlyBVfv+G03nVO1981LVMbAWmNrstr0sOpOtGUYcxlCdGRDVOJIuUTfbRuvvuLy8NgVjL3eFHgkMi/r61iNh0e4C5rkbQVzlmwBqobDfizKJ49d4uBPbynDFYsDJwDK+W/BVtDkK4iEYYvfSbpaoKuNpBeibgZ7YOLUR7onxTCI/V5NczTjS1dezFNaF+l+XNLj6EjVWSdhd/ScRdniU0Q1lJU5hsOYPDiwHUPU9WMmaQeo9VezWYYJ2RroALnnw22XdRzfwNHICyGvUkzNqQnvDyUwZU6J2qMy8JnB6ViLWXE0VhsNZSQXFOLrKBMX+YwRm3n8jkeLN7sOnP8ejHYGxcXdKk0NLSdyNChTf9AzVvBGI2k9ky8bZPC5iB9zm2EkFvgtGgrRDpR7OpYJ4u71Xho96chGQ7B9MhnIDdKW2NYFE3ROdDQzfK2yrq18BjPxCaHXTk34JV8bf5LNellr2A80aA3TVmvYC/k2nHied4vW5RK+ngR0ev8b35+wl0HxJ1DnlYl4lSlDzzJwkS7ZlPWL4N2/205Ju8sjN7anp5KDb1jzGB3PTawDXbthiG8xLf2Dyf4ssbe1I,iv:8yl4F9+g+SfjvHVJKCTFXS9JU0Kzy7TqIX3HtQQt/n0=,tag:4r6A1K0zHSycglcZYGnkWw==,type:str] @@ -24,8 +24,8 @@ sops: NGlZbU8rcWJRbGE5OEFHdUNqZ2xUS2sK/r7qJHfTP0REcM2PYM95XT0onnCYXzam 20BgfynX3PJE2QVcgl8rr7ssuKxESi+tY/1VB0l8Tryxe6hr/p5IVg== -----END AGE ENCRYPTED FILE----- - lastmodified: "2023-09-08T08:32:30Z" - mac: ENC[AES256_GCM,data:TaU+dHkgaaI/YD15CL/n2drdYRxQ1OlfqwaZrNmCOHCiSgDoAxx90HuRBE2z1v6y0TlQQ/An6/ZwS7qpd99awlBlYEj1M63R20VGqRpsKBk+5W2ISjRWrwTZlFrHllR78PJf4cpxfDRl+RGeODTSHTmuA1D3p06EbdO+xABw0nk=,iv:O4syFBWTciV8YCFmaweihyvhwz7EKw58AyGtbsOJb0Y=,tag:eKbW8Ey3Ux6LHMMwhUk8VQ==,type:str] + lastmodified: "2023-10-19T09:45:38Z" + mac: ENC[AES256_GCM,data:b4KtXV64oYJu1VO63NQFJ16O9q509YThkJZXTbqnhgLlxmoZ3HEwQRYnsg3MgBOxj3Im9RhIj341f8p3JFnz/WM56ii9gJHPP+uaYJit4Pln6qqwa69rd+OLVUShz0NESNFCHuTYzPyREZOz5Y2N+QPIbhSE8L+2uleIsB9Lv78=,iv:qSs2R569Vp4BPuYpGedDxo19Ua4bhHzP1fFUdMtlvkk=,tag:BlWL5Dyh+AqDYDZHNglyHA==,type:str] pgp: - created_at: "2023-04-12T15:47:07Z" enc: |- @@ -48,4 +48,4 @@ sops: -----END PGP MESSAGE----- fp: 116987A8DD3F78FF8601BF4DB95E8FE6B11C4D09 unencrypted_suffix: _unencrypted - version: 3.7.3 + version: 3.8.1 diff --git a/secrets/thinkpad.yaml b/secrets/thinkpad.yaml index 1bd8708..860938e 100644 --- a/secrets/thinkpad.yaml +++ b/secrets/thinkpad.yaml @@ -1,4 +1,4 @@ -wireless-env: ENC[AES256_GCM,data:F8UA86v+sxZ2T16qCf0tqmmcl8ZX+ApN/yxU796Y7hZGxmBqIS5p6+HURhVjeODjvu7PRX5KbHrhjns3JW4vLeE1ZW3QNutJY7uwl37bz9fSHcTpd+csyz5+WfLAwmfH9hvaLINkf68LlOHGlPJtL4TsFjmHSHlHtJw4Ea0ESywMOqujEpNUSF1TCZo9JwwzIgBmdIkiAskhodlCNoyT6dbKI0SYmUMp1dJlkJbxNCP/yjfEhUtrTPiIW4YU6mpCDgB9ET3ErEaNlpq9m4t5HYfOAJlRxVKdLIuz+AZMiDCwalc0ms/MpiVyt9xmZcyuBPWVUKYGbutQew==,iv:3UiVmkoT39FScLD/m559LMdqrUJehwZ/Q8MRkju3TG4=,tag:P91YJFioMVdC3Ab6wHXoww==,type:str] +wireless-env: ENC[AES256_GCM,data:IbvDlDV5Yg4rqqo5JIzX3eyR4c37BGsqzejBHvSWjk81hfxblhL2cBZcw1hlXW7Q5zjaD0eP9akdqG1RzhdH3iaIhaIVKO8LrXsbYI7fyG3OHCxZYZZ+5QA0LnASi9QD5Olxo0b0RIdomUehnWfTegBiVi8QshrfN+G1HOWL1YxuTv67DWMnA1/XCMOgYpznYS8wzRy7VM9PQWYYISqzoFbl1QIxTJEEVKEL529NzM7TBd4YU+NpcV/TQpy5qQ7F7hSVPxXx/m4RN+Km3EbM1q8Nr0Bckjc7GeDK/P0959ofSzwBzvQyZuQ3WrALqroI21wxQHO3HgDWJlPu7+aRTxPXE2SQka7gqDK4UnZU0GBxDRFi9GKWjhAsqQyKuRH6do9b,iv:t42Gu9j+Qe9TCnjbeH6o4pz1cc1IYHZoHbWOrfIpazA=,tag:68UhGtmx3gH0n9hTO1xalQ==,type:str] uni: zih: ENC[AES256_GCM,data:KoiT/w5SsUEFAC5beCs3R5o=,iv:qQRZfdtbiAIWUAkdgrpdR8AWDdedn9yl9NcRm0ymE2A=,tag:uyhy5n40PgsWuaEofJjmog==,type:str] wireguard: @@ -23,8 +23,8 @@ sops: YW1scVZDOUFaNUJ4UkFNT2U4eFh6VGsKfv6BaEvr0ibn1cSqE9GeUe4BrYwY9RTB PNnqxnwBX01rCitKFfpNe1rBHazp+DDh9Dw2N+m/hH6gXvu7LjcwGQ== -----END AGE ENCRYPTED FILE----- - lastmodified: "2023-10-12T14:52:25Z" - mac: ENC[AES256_GCM,data:qhbViFDE+ULCCjRs1axPoVlywU5FgU9rV1dPoG4AxWyEPj33SX0fBFai3u8HTLzDYHmTcyjVwvACxT7DljCZXXVr4SZTFGoFARORMeBltu3GxLZkX0F/h1kb99CTHcRaUeKlDymtHikPfLBxce1gndHGTt8T+n5awS+sBODUbKE=,iv:Xpu6PUF8Rtkgh3uv/iy/KbSUlC47eL3esbl6UW+dq+o=,tag:FZu+h0Uq1WQIcTLyOmiGEg==,type:str] + lastmodified: "2023-10-19T19:06:17Z" + mac: ENC[AES256_GCM,data:SS7Q249lMciUL+lgHMqwDmLznzMB9NIBiO+Cn/j+o3ffmOrEhaho0dpNmoEXrDj5TTPQx4HkVkT/gypMbo3T9Z2mBOhnHY7NFWqgNatmhAfTHoqqiXJGNA6lS8xpBbUoJZ8gYIIqnBLVf/LirxM1l1KVc1sgJKPaMM2kswIytP0=,iv:JoaSBETswIdYaXdEi5qiSONuNb34EwFc1ZRPI7IEdSE=,tag:M4wd7ZTCQQBIwtKqrWjzKg==,type:str] pgp: - created_at: "2023-08-02T14:13:52Z" enc: |- @@ -47,4 +47,4 @@ sops: -----END PGP MESSAGE----- fp: 116987A8DD3F78FF8601BF4DB95E8FE6B11C4D09 unencrypted_suffix: _unencrypted - version: 3.8.0 + version: 3.8.1 diff --git a/users/rouven/modules/accounts/default.nix b/users/rouven/modules/accounts/default.nix index 7eb66d9..d5f4b0d 100644 --- a/users/rouven/modules/accounts/default.nix +++ b/users/rouven/modules/accounts/default.nix @@ -42,6 +42,9 @@ in source ${./powerline.muttrc} ''; }; + # set sidebar_indent_string = ' ' + # set sidebar_width = 80 + # set sidebar_folder_indent = yes mbsync.enable = true; }; accounts.email.accounts = { @@ -275,6 +278,10 @@ in # gpg.key = gpg-default-key; realName = "Rouven Seifert"; userName = "r5@agdsn.me"; + aliases = [ + "r5@agdsn.de" + "rouven.seifert@agdsn.de" + ]; passwordCommand = "${pkgs.coreutils}/bin/cat $XDG_RUNTIME_DIR/secrets/email/agdsn"; imap = { host = "imap.agdsn.de"; diff --git a/users/rouven/modules/packages.nix b/users/rouven/modules/packages.nix index d400d37..fce1a5c 100644 --- a/users/rouven/modules/packages.nix +++ b/users/rouven/modules/packages.nix @@ -47,6 +47,7 @@ in tdesktop element-desktop gomuks # alternative matrix client + mattermost-desktop # games # dwarf-fortress-packages.dwarf-fortress-full @@ -82,8 +83,7 @@ in gcc nodejs_20 - # tools - postman + plantuml # libs libyubikey diff --git a/users/rouven/modules/ssh/default.nix b/users/rouven/modules/ssh/default.nix index d2524fd..cadcc3e 100644 --- a/users/rouven/modules/ssh/default.nix +++ b/users/rouven/modules/ssh/default.nix @@ -29,7 +29,7 @@ in }; falkenstein-1 = matchBlocks."rfive.de"; "durian" = { - hostname = "manual.ifsr.de"; + hostname = "durian.ifsr.de"; user = "root"; }; "kaki" = { @@ -58,7 +58,7 @@ in user = "root"; }; "nuc" = { - hostname = "192.168.1.2"; + hostname = "192.168.42.2"; user = "root"; }; "router" = matchBlocks."cudy"; diff --git a/users/rouven/modules/wayland/shikane.nix b/users/rouven/modules/wayland/shikane.nix index 20ff3a7..b4d1ce6 100644 --- a/users/rouven/modules/wayland/shikane.nix +++ b/users/rouven/modules/wayland/shikane.nix @@ -4,7 +4,6 @@ settings = { profile = [ { - # TODO home vertical name = "home"; output = [ { @@ -34,7 +33,6 @@ ]; } { - # TODO home vertical name = "home-vertical"; output = [ { @@ -85,6 +83,32 @@ } ]; } + { + name = "external-monitor-usb-c"; + output = [ + { + match = "eDP-1"; + enable = true; + position = { + x = 0; + y = 1440; + }; + } + { + match = "/P24h/"; + enable = true; + mode = { + height = 1440; + width = 2560; + refresh = 60; + }; + position = { + x = 0; + y = 0; + }; + } + ]; + } { name = "external-monitor-usb-c"; output = [