rouven.seifert/nixos-config
1
1
Fork 0
mirror of https://git.sr.ht/~rouven/nixos-config synced 2024-11-15 05:13:10 +01:00
Code Issues Packages Projects Releases Wiki Activity

wireguard and fail2ban

Browse source
This commit is contained in:
Rouven Seifert 2023-10-22 15:45:30 +02:00
parent 78a47101ac
commit 5148ff5953
Signed by: rouven.seifert
GPG key ID: B95E8FE6B11C4D09
15 changed files with 132 additions and 67 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

42
flake.lock
View file

@ -171,11 +171,11 @@
]
},
"locked": {
"lastModified": 1697410455,
"narHash": "sha256-jCs/ffIP3tUPN7HWWuae4BB8+haAw2NI02z5BQvWMGM=",
"lastModified": 1697964592,
"narHash": "sha256-fua0LKNLkYYK2Dgdm9P+VPdqrVgDXUIx+EkQAQByhuc=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "78125bc681d12364cb65524eaa887354134053d0",
"rev": "219d268a69512ff520fe8da1739ac22d95d52355",
"type": "github"
},
"original": {
@ -272,11 +272,11 @@
]
},
"locked": {
"lastModified": 1697340827,
"narHash": "sha256-XlrR68N7jyaZ0bs8TPrhqcWG0IPG3pbjrKzJMpYOsos=",
"lastModified": 1697946153,
"narHash": "sha256-7k7qIwWLaYPgQ4fxmEdew3yCffhK6rM4I4Jo3X/79DA=",
"owner": "nix-community",
"repo": "nix-index-database",
"rev": "29977d0796c058bbcfb2df5b18eb5badf1711007",
"rev": "5a2006282caaf32663cdcd582c5b18809c7d7d8d",
"type": "github"
},
"original": {
@ -287,11 +287,11 @@
},
"nixos-hardware": {
"locked": {
"lastModified": 1697100850,
"narHash": "sha256-qSAzJVzNRIo+r3kBjL8TcpJctcgcHlnZyqdzpWgtg0M=",
"lastModified": 1697748412,
"narHash": "sha256-5VSB63UE/O191cuZiGHbCJ9ipc7cGKB8cHp0cfusuyo=",
"owner": "NixOS",
"repo": "nixos-hardware",
"rev": "fb6af288f6cf0f00d3af60cf9d5110433b954565",
"rev": "72d53d51704295f1645d20384cd13aecc182f624",
"type": "github"
},
"original": {
@ -301,11 +301,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1697059129,
"narHash": "sha256-9NJcFF9CEYPvHJ5ckE8kvINvI84SZZ87PvqMbH6pro0=",
"lastModified": 1697723726,
"narHash": "sha256-SaTWPkI8a5xSHX/rrKzUe+/uVNy6zCGMXgoeMb7T9rg=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "5e4c2ada4fcd54b99d56d7bd62f384511a7e2593",
"rev": "7c9cc5a6e5d38010801741ac830a3f8fd667a7a0",
"type": "github"
},
"original": {
@ -347,11 +347,11 @@
},
"nixpkgs-stable_2": {
"locked": {
"lastModified": 1697332183,
"narHash": "sha256-ACYvYsgLETfEI2xM1jjp8ZLVNGGC0onoCGe+69VJGGE=",
"lastModified": 1697929210,
"narHash": "sha256-RkQZif6QhswEwv7484mrKfIU8XmIWm+ED6llbr4IyxM=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "0e1cff585c1a85aeab059d3109f66134a8f76935",
"rev": "fb000224952bf7749a9e8b3779104ef7ea4465c8",
"type": "github"
},
"original": {
@ -419,11 +419,11 @@
]
},
"locked": {
"lastModified": 1696139730,
"narHash": "sha256-Y7EIcrDVm6ACc9e8rXygXJkeODy1RzvlqI33ReV5Zug=",
"lastModified": 1697981942,
"narHash": "sha256-D+2k9UubyeBaq0+L+nqmF0J9iqllhyO5gdJgg9UoGTA=",
"owner": "therealr5",
"repo": "purge",
"rev": "bf9d45d1ee3bec6232ddc1028a25b433df32c85a",
"rev": "7e3f832be406e1323138a6ec0e0d10347c8c9689",
"type": "github"
},
"original": {
@ -481,11 +481,11 @@
"nixpkgs-stable": "nixpkgs-stable_2"
},
"locked": {
"lastModified": 1697339241,
"narHash": "sha256-ITsFtEtRbCBeEH9XrES1dxZBkE1fyNNUfIyQjQ2AYQs=",
"lastModified": 1697943852,
"narHash": "sha256-DaBxUPaZhQ3yLCmAATshYB7qo7NwcMvSFWz9T3bjYYY=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "51186b8012068c417dac7c31fb12861726577898",
"rev": "30a0ba4a20703b4bfe047fe5def1fc24978e322c",
"type": "github"
},
"original": {

3
hosts/falkenstein-1/default.nix
View file

@ -5,7 +5,8 @@
[
# Include the results of the hardware scan.
./hardware-configuration.nix
./modules/backup
# ./modules/backup
./modules/fail2ban
./modules/mail
./modules/networks
./modules/nginx

2
hosts/falkenstein-1/modules/backup/default.nix
View file

@ -5,8 +5,6 @@
services.borgmatic = {
enable = true;
settings = {
# fix failing check
location = null;
source_directories = [
"/var/lib"
"/var/log"

25
hosts/falkenstein-1/modules/fail2ban/default.nix Normal file
View file

@ -0,0 +1,25 @@
{ ... }:
{
services.fail2ban = {
enable = true;
bantime = "10m";
bantime-increment = {
enable = true;
};
jails = {
dovecot = ''
enabled = true
# aggressive mode add blocking for aborted connections
filter = dovecot[mode=aggressive]
bantime = 10m
maxretry = 3
'';
postfix = ''
enabled = true
filter = postfix[mode=aggressive]
maxretry = 3
'';
};
};
}

15
hosts/falkenstein-1/modules/networks/default.nix
View file

@ -42,8 +42,7 @@
netdevs."30-dorm" = {
netdevConfig = {
Kind = "wireguard";
Name = "dorm";
Description = "WireGuard to my Dorm Infra";
Name = "wg0";
};
wireguardConfig = {
PrivateKeyFile = config.sops.secrets."wireguard/dorm/private".path;
@ -52,29 +51,29 @@
wireguardPeers = [
{
wireguardPeerConfig = {
PublicKey = "vUmworuJFHjB4KUdkucQ+nzqO2ysARLomq4UuK1n430=";
PublicKey = "Z5lwwHTCDr6OF4lfaCdSHNveunOn4RzuOQeyB+El9mQ=";
PresharedKeyFile = config.sops.secrets."wireguard/dorm/preshared".path;
Endpoint = "dorm.vpn.rfive.de:51820";
AllowedIPs = "10.10.10.0/24, 192.168.10.0/24";
AllowedIPs = "192.168.42.0/24, 192.168.43.0/24";
};
}
];
};
networks."30-dorm" = {
matchConfig.Name = "dorm";
matchConfig.Name = "wg0";
networkConfig = {
DNS = "192.168.10.1";
DNS = "192.168.42.1";
};
addresses = [
{
addressConfig = {
Address = "10.10.10.4/24";
Address = "192.168.43.4/24";
RouteMetric = 30;
};
}
];
routes = [
{ routeConfig = { Gateway = "0.0.0.0"; Destination = "192.168.10.0/24"; Metric = 30; }; }
{ routeConfig = { Gateway = "0.0.0.0"; Destination = "192.168.42.0/24"; Metric = 30; }; }
];
};
};

2
hosts/falkenstein-1/modules/purge/default.nix
View file

@ -3,7 +3,7 @@ let
domain = "purge.${config.networking.domain}";
in
{
sops.secrets."purge/token".owner = "purge";
sops.secrets."purge/token" = { };
services.purge = {
enable = true;
discord = {

13
hosts/thinkpad/default.nix
View file

@ -38,12 +38,12 @@
settings = {
experimental-features = [ "nix-command" "flakes" ];
auto-optimise-store = true;
substituters = [
"ssh://nuc.lan"
];
trusted-public-keys = [
"nuc.lan:a9UkVw3AizAKCER1CfNGhx8UOMF4t4UGE3GJ9dmHwJc="
];
# substituters = [
# "ssh://nuc.lan"
# ];
# trusted-public-keys = [
# "nuc.lan:a9UkVw3AizAKCER1CfNGhx8UOMF4t4UGE3GJ9dmHwJc="
# ];
};
# distributedBuilds = true;
# extraOptions = ''
@ -231,7 +231,6 @@
deploy-rs
man-pages
man-pages-posix
];
programs.java.enable = true;
documentation.dev.enable = true;

22
hosts/thinkpad/modules/networks/default.nix
View file

@ -55,8 +55,8 @@
matchConfig.Name = "lo";
linkConfig.RequiredForOnline = false;
};
networks."10-wired" = {
matchConfig.Name = "enp0s31f6";
networks."10-wired-default" = {
matchConfig.Name = "en*";
linkConfig.RequiredForOnline = false;
networkConfig = {
DHCP = "yes";
@ -102,11 +102,10 @@
};
# some wireguard interfaces
netdevs."30-dorm" = {
netdevs."30-wg0" = {
netdevConfig = {
Kind = "wireguard";
Name = "dorm";
Description = "WireGuard to my Dorm Infra";
Name = "wg0";
};
wireguardConfig = {
PrivateKeyFile = config.sops.secrets."wireguard/dorm/private".path;
@ -118,28 +117,27 @@
PublicKey = "Z5lwwHTCDr6OF4lfaCdSHNveunOn4RzuOQeyB+El9mQ=";
PresharedKeyFile = config.sops.secrets."wireguard/dorm/preshared".path;
Endpoint = "141.30.227.6:51820";
# Endpoint = "dorm.vpn.rfive.de:51820";
AllowedIPs = "192.168.2.0/24, 192.168.1.0/24";
AllowedIPs = "192.168.42.0/24, 192.168.43.0/24";
};
}
];
};
networks."30-dorm" = {
matchConfig.Name = "dorm";
networks."30-wg0" = {
matchConfig.Name = "wg0";
networkConfig = {
DNS = "192.168.1.1";
DNS = "192.168.42.1";
};
addresses = [
{
addressConfig = {
Address = "192.168.2.3/24";
Address = "192.168.43.3/24";
RouteMetric = 30;
};
}
];
routes = [
# allowedIPs is somewhat broken
{ routeConfig = { Gateway = "0.0.0.0"; Destination = "192.168.1.0/24"; Metric = 30; }; }
{ routeConfig = { Gateway = "0.0.0.0"; Destination = "192.168.42.0/24"; Metric = 30; }; }
];
};
};

14
hosts/thinkpad/modules/networks/uni.nix
View file

@ -25,6 +25,20 @@
ca_cert="/etc/ssl/certs/ca-certificates.crt"
domain_suffix_match="radius.agdsn.de"
identity="r5"
password="@AGDSN_WIFI_AUTH@"
phase2="auth=PAP"
'';
authProtocols = [ "WPA-EAP" ];
};
agdsn-office = {
auth = ''
eap=TTLS
anonymous_identity="wifi@agdsn.de"
ca_cert="/etc/ssl/certs/ca-certificates.crt"
domain_suffix_match="radius.agdsn.de"
identity="r5"
priority=5
proto=WPA2
password="@AGDSN_AUTH@"
phase2="auth=PAP"
'';

10
secrets/falkenstein-1.yaml
View file

@ -4,8 +4,8 @@ pfersel:
token: ENC[AES256_GCM,data:MFxzpT6sqzhDpZya4/eI77LbHXekzfTQWZrjd/aot2MzRXicaCUabEUqnR40QnW9HujOTW0+A+9Be5mDX6OqVDt2ioKVxg==,iv:UTTWL7uSVgpkLnXTkvojC/fotkDISdyBrGDiegXqMuQ=,tag:+8+Th/M9U9mJX6i2YCPBbg==,type:str]
wireguard:
dorm:
private: ENC[AES256_GCM,data:3DMW+sZ1qEcfithXj8/7CUbKotJ2Ld23Fa6cf9ijLRvJPk5+VZOt8j5AIVY=,iv:pY/uAkkUOyFqEmWqoP8qC418VtbbX/Ws7BMuyGbvlXE=,tag:/u2akzXjchYlKR59Skk4aA==,type:str]
preshared: ENC[AES256_GCM,data:+1O/8fW03NOqd2FJjCDvN1Ktb3mVBManB9gI8S0CensNayjFHLfPj4z64TQ=,iv:YgVsHG30XIr6lR9Is91sDW0jwxmUmmo49rD4tXknU/E=,tag:EKa1NDJIlPlU+AU0bcFu5w==,type:str]
private: ENC[AES256_GCM,data:Wk6g0UW6onEQYh2Sjoh8pXtaxzQehbYzulS32LHENombOdM3xT6fLBRuI3o=,iv:i5HqTr/WV8tiBud1BApPWC2z1Ck5LiTRJ1MP8/1AH5U=,tag:ISAHSJCNzS/MCiPkPh6CXQ==,type:str]
preshared: ENC[AES256_GCM,data:8n4LJb9EeGfYp3VV4iL9O+IadsGok9EWZESXdkGDk/LwYUvKRxkFsfIUmA0=,iv:dAY3h8U+/+Ac4t7HIjTj2LvX2g6LUT9s8U4GU4tvPV0=,tag:UI7mOiQGWVnmIYJe8C1gpw==,type:str]
borg:
passphrase: ENC[AES256_GCM,data:54KCMu574Uj01sqnfBX9BqFc5+dx1Se7,iv:NgodekAUw0pNddA36oIranISkvUQIxZRmZW4s1UIHdU=,tag:frep/WspsozTL1V/OfuTxw==,type:str]
key: ENC[AES256_GCM,data:TGwOAKLEF/zy0PTMcdfkgypGR4/HlZ1By8cMT+sUbMQUfcw2HzvZBwbvfchx/abO9JXmbeSC1E7w6yEMIEg5bPAgGkylRdud/X5Ol/fRKZNdc61JyCWO/UT+qiI/vkikRKQxK/cpfB76+8TuTk0dElGOgJ0NTqklwjap200VdS/l5SBOpY50l338V0p4PQAJ50ry7qWlvN5+GKcHypVBTVabmvRUQCBmzK4N9yiW3zBpmA8e1MctmRiwqIBafeZVJ8YzVqC8cKLtFh4sVDd2fkrIEI4TMcGNS+E0VyHD7ZbTY8KBrNjmZPaTZz186g9PhB3rlHv6a6wAHJx3wZgijzxuXeX7yvyfM0NRz4DQaIANm1ggLdddUf6oS5i2kjKuENa2xL4ADpiO/d3U86HC9ldA8u0mHItjGlqZEL5/cBme1qKf70WsrGqN4gWLzMHZM2WkpssaIU3Ws6YksQHGP7iu5gXLIRB7/DqoY5kl2kS7vlyBVfv+G03nVO1981LVMbAWmNrstr0sOpOtGUYcxlCdGRDVOJIuUTfbRuvvuLy8NgVjL3eFHgkMi/r61iNh0e4C5rkbQVzlmwBqobDfizKJ49d4uBPbynDFYsDJwDK+W/BVtDkK4iEYYvfSbpaoKuNpBeibgZ7YOLUR7onxTCI/V5NczTjS1dezFNaF+l+XNLj6EjVWSdhd/ScRdniU0Q1lJU5hsOYPDiwHUPU9WMmaQeo9VezWYYJ2RroALnnw22XdRzfwNHICyGvUkzNqQnvDyUwZU6J2qMy8JnB6ViLWXE0VhsNZSQXFOLrKBMX+YwRm3n8jkeLN7sOnP8ejHYGxcXdKk0NLSdyNChTf9AzVvBGI2k9ky8bZPC5iB9zm2EkFvgtGgrRDpR7OpYJ4u71Xho96chGQ7B9MhnIDdKW2NYFE3ROdDQzfK2yrq18BjPxCaHXTk34JV8bf5LNellr2A80aA3TVmvYC/k2nHied4vW5RK+ngR0ev8b35+wl0HxJ1DnlYl4lSlDzzJwkS7ZlPWL4N2/205Ju8sjN7anp5KDb1jzGB3PTawDXbthiG8xLf2Dyf4ssbe1I,iv:8yl4F9+g+SfjvHVJKCTFXS9JU0Kzy7TqIX3HtQQt/n0=,tag:4r6A1K0zHSycglcZYGnkWw==,type:str]
@ -24,8 +24,8 @@ sops:
NGlZbU8rcWJRbGE5OEFHdUNqZ2xUS2sK/r7qJHfTP0REcM2PYM95XT0onnCYXzam
20BgfynX3PJE2QVcgl8rr7ssuKxESi+tY/1VB0l8Tryxe6hr/p5IVg==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-09-08T08:32:30Z"
mac: ENC[AES256_GCM,data:TaU+dHkgaaI/YD15CL/n2drdYRxQ1OlfqwaZrNmCOHCiSgDoAxx90HuRBE2z1v6y0TlQQ/An6/ZwS7qpd99awlBlYEj1M63R20VGqRpsKBk+5W2ISjRWrwTZlFrHllR78PJf4cpxfDRl+RGeODTSHTmuA1D3p06EbdO+xABw0nk=,iv:O4syFBWTciV8YCFmaweihyvhwz7EKw58AyGtbsOJb0Y=,tag:eKbW8Ey3Ux6LHMMwhUk8VQ==,type:str]
lastmodified: "2023-10-19T09:45:38Z"
mac: ENC[AES256_GCM,data:b4KtXV64oYJu1VO63NQFJ16O9q509YThkJZXTbqnhgLlxmoZ3HEwQRYnsg3MgBOxj3Im9RhIj341f8p3JFnz/WM56ii9gJHPP+uaYJit4Pln6qqwa69rd+OLVUShz0NESNFCHuTYzPyREZOz5Y2N+QPIbhSE8L+2uleIsB9Lv78=,iv:qSs2R569Vp4BPuYpGedDxo19Ua4bhHzP1fFUdMtlvkk=,tag:BlWL5Dyh+AqDYDZHNglyHA==,type:str]
pgp:
- created_at: "2023-04-12T15:47:07Z"
enc: |-
@ -48,4 +48,4 @@ sops:
-----END PGP MESSAGE-----
fp: 116987A8DD3F78FF8601BF4DB95E8FE6B11C4D09
unencrypted_suffix: _unencrypted
version: 3.7.3
version: 3.8.1

8
secrets/thinkpad.yaml
View file

@ -1,4 +1,4 @@
wireless-env: ENC[AES256_GCM,data:F8UA86v+sxZ2T16qCf0tqmmcl8ZX+ApN/yxU796Y7hZGxmBqIS5p6+HURhVjeODjvu7PRX5KbHrhjns3JW4vLeE1ZW3QNutJY7uwl37bz9fSHcTpd+csyz5+WfLAwmfH9hvaLINkf68LlOHGlPJtL4TsFjmHSHlHtJw4Ea0ESywMOqujEpNUSF1TCZo9JwwzIgBmdIkiAskhodlCNoyT6dbKI0SYmUMp1dJlkJbxNCP/yjfEhUtrTPiIW4YU6mpCDgB9ET3ErEaNlpq9m4t5HYfOAJlRxVKdLIuz+AZMiDCwalc0ms/MpiVyt9xmZcyuBPWVUKYGbutQew==,iv:3UiVmkoT39FScLD/m559LMdqrUJehwZ/Q8MRkju3TG4=,tag:P91YJFioMVdC3Ab6wHXoww==,type:str]
wireless-env: ENC[AES256_GCM,data:IbvDlDV5Yg4rqqo5JIzX3eyR4c37BGsqzejBHvSWjk81hfxblhL2cBZcw1hlXW7Q5zjaD0eP9akdqG1RzhdH3iaIhaIVKO8LrXsbYI7fyG3OHCxZYZZ+5QA0LnASi9QD5Olxo0b0RIdomUehnWfTegBiVi8QshrfN+G1HOWL1YxuTv67DWMnA1/XCMOgYpznYS8wzRy7VM9PQWYYISqzoFbl1QIxTJEEVKEL529NzM7TBd4YU+NpcV/TQpy5qQ7F7hSVPxXx/m4RN+Km3EbM1q8Nr0Bckjc7GeDK/P0959ofSzwBzvQyZuQ3WrALqroI21wxQHO3HgDWJlPu7+aRTxPXE2SQka7gqDK4UnZU0GBxDRFi9GKWjhAsqQyKuRH6do9b,iv:t42Gu9j+Qe9TCnjbeH6o4pz1cc1IYHZoHbWOrfIpazA=,tag:68UhGtmx3gH0n9hTO1xalQ==,type:str]
uni:
zih: ENC[AES256_GCM,data:KoiT/w5SsUEFAC5beCs3R5o=,iv:qQRZfdtbiAIWUAkdgrpdR8AWDdedn9yl9NcRm0ymE2A=,tag:uyhy5n40PgsWuaEofJjmog==,type:str]
wireguard:
@ -23,8 +23,8 @@ sops:
YW1scVZDOUFaNUJ4UkFNT2U4eFh6VGsKfv6BaEvr0ibn1cSqE9GeUe4BrYwY9RTB
PNnqxnwBX01rCitKFfpNe1rBHazp+DDh9Dw2N+m/hH6gXvu7LjcwGQ==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-10-12T14:52:25Z"
mac: ENC[AES256_GCM,data:qhbViFDE+ULCCjRs1axPoVlywU5FgU9rV1dPoG4AxWyEPj33SX0fBFai3u8HTLzDYHmTcyjVwvACxT7DljCZXXVr4SZTFGoFARORMeBltu3GxLZkX0F/h1kb99CTHcRaUeKlDymtHikPfLBxce1gndHGTt8T+n5awS+sBODUbKE=,iv:Xpu6PUF8Rtkgh3uv/iy/KbSUlC47eL3esbl6UW+dq+o=,tag:FZu+h0Uq1WQIcTLyOmiGEg==,type:str]
lastmodified: "2023-10-19T19:06:17Z"
mac: ENC[AES256_GCM,data:SS7Q249lMciUL+lgHMqwDmLznzMB9NIBiO+Cn/j+o3ffmOrEhaho0dpNmoEXrDj5TTPQx4HkVkT/gypMbo3T9Z2mBOhnHY7NFWqgNatmhAfTHoqqiXJGNA6lS8xpBbUoJZ8gYIIqnBLVf/LirxM1l1KVc1sgJKPaMM2kswIytP0=,iv:JoaSBETswIdYaXdEi5qiSONuNb34EwFc1ZRPI7IEdSE=,tag:M4wd7ZTCQQBIwtKqrWjzKg==,type:str]
pgp:
- created_at: "2023-08-02T14:13:52Z"
enc: |-
@ -47,4 +47,4 @@ sops:
-----END PGP MESSAGE-----
fp: 116987A8DD3F78FF8601BF4DB95E8FE6B11C4D09
unencrypted_suffix: _unencrypted
version: 3.8.0
version: 3.8.1

7
users/rouven/modules/accounts/default.nix
View file

@ -42,6 +42,9 @@ in
source ${./powerline.muttrc}
'';
};
# set sidebar_indent_string = ' '
# set sidebar_width = 80
# set sidebar_folder_indent = yes
mbsync.enable = true;
};
accounts.email.accounts = {
@ -275,6 +278,10 @@ in
# gpg.key = gpg-default-key;
realName = "Rouven Seifert";
userName = "r5@agdsn.me";
aliases = [
"r5@agdsn.de"
"rouven.seifert@agdsn.de"
];
passwordCommand = "${pkgs.coreutils}/bin/cat $XDG_RUNTIME_DIR/secrets/email/agdsn";
imap = {
host = "imap.agdsn.de";

4
users/rouven/modules/packages.nix
View file

@ -47,6 +47,7 @@ in
tdesktop
element-desktop
gomuks # alternative matrix client
mattermost-desktop
# games
# dwarf-fortress-packages.dwarf-fortress-full
@ -82,8 +83,7 @@ in
gcc
nodejs_20
# tools
postman
plantuml
# libs
libyubikey

4
users/rouven/modules/ssh/default.nix
View file

@ -29,7 +29,7 @@ in
};
falkenstein-1 = matchBlocks."rfive.de";
"durian" = {
hostname = "manual.ifsr.de";
hostname = "durian.ifsr.de";
user = "root";
};
"kaki" = {
@ -58,7 +58,7 @@ in
user = "root";
};
"nuc" = {
hostname = "192.168.1.2";
hostname = "192.168.42.2";
user = "root";
};
"router" = matchBlocks."cudy";

28
users/rouven/modules/wayland/shikane.nix
View file

@ -4,7 +4,6 @@
settings = {
profile = [
{
# TODO home vertical
name = "home";
output = [
{
@ -34,7 +33,6 @@
];
}
{
# TODO home vertical
name = "home-vertical";
output = [
{
@ -85,6 +83,32 @@
}
];
}
{
name = "external-monitor-usb-c";
output = [
{
match = "eDP-1";
enable = true;
position = {
x = 0;
y = 1440;
};
}
{
match = "/P24h/";
enable = true;
mode = {
height = 1440;
width = 2560;
refresh = 60;
};
position = {
x = 0;
y = 0;
};
}
];
}
{
name = "external-monitor-usb-c";
output = [