From 5d94104678c508fc4295624ace5520c48811abc0 Mon Sep 17 00:00:00 2001 From: Rouven Seifert <rouven@rfive.de> Date: Tue, 28 Jan 2025 21:12:11 +0100 Subject: [PATCH] y --- flake.lock | 12 +++---- hosts/thinkpad/default.nix | 36 ++++++++++++++++++-- hosts/thinkpad/modules/networks/default.nix | 4 +++ secrets/thinkpad/wireless.age | Bin 692 -> 710 bytes shared/nix.nix | 2 ++ users/rouven/modules/helix/default.nix | 2 +- 6 files changed, 47 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 700345d..42e8093 100644 --- a/flake.lock +++ b/flake.lock @@ -277,11 +277,11 @@ ] }, "locked": { - "lastModified": 1737762889, - "narHash": "sha256-5HGG09bh/Yx0JA8wtBMAzt0HMCL1bYZ93x4IqzVExio=", + "lastModified": 1737968762, + "narHash": "sha256-xiPARGKwocaMtv+U/rgi+h2g56CZZEmrcl7ldRaslq8=", "owner": "nix-community", "repo": "home-manager", - "rev": "daf04c5950b676f47a794300657f1d3d14c1a120", + "rev": "e1ae908bcc30af792b0bb0a52e53b03d2577255e", "type": "github" }, "original": { @@ -499,11 +499,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1737746512, - "narHash": "sha256-nU6AezEX4EuahTO1YopzueAXfjFfmCHylYEFCagduHU=", + "lastModified": 1737885589, + "narHash": "sha256-Zf0hSrtzaM1DEz8//+Xs51k/wdSajticVrATqDrfQjg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "825479c345a7f806485b7f00dbe3abb50641b083", + "rev": "852ff1d9e153d8875a83602e03fdef8a63f0ecf8", "type": "github" }, "original": { diff --git a/hosts/thinkpad/default.nix b/hosts/thinkpad/default.nix index 8ac927b..9c68457 100755 --- a/hosts/thinkpad/default.nix +++ b/hosts/thinkpad/default.nix @@ -43,6 +43,8 @@ ]; files = [ "/etc/machine-id" + # fix for systemd v257 panicking when /usr is empty + "/usr/dummy" ]; }; @@ -71,11 +73,23 @@ # "${pkgs.openldap}/etc/schema/cosine.ldif" # "${pkgs.openldap}/etc/schema/inetorgperson.ldif" # "${pkgs.openldap}/etc/schema/nis.ldif" - # # "${pkgs.writeText "openssh.schema" '' + # # "${pkgs.writeText "openssh.ldif" '' + # # dn: cn={4}openssh + # # objectClass: olcSchemaConfig + # # cn: {4}openssh # # attributetype ( 9999.1.2 NAME 'sshPublicKey' # # DESC 'SSH public key used by this user' # # SUP name ) # # ''}" + # "${pkgs.writeText "openssh.ldif" '' + # dn: cn=openssh,cn=schema,cn=config + # objectClass: olcSchemaConfig + # cn: openssh + # olcAttributeTypes: ( 1.3.6.1.4.1.24552.500.1.1.1.13 NAME 'sshPublicKey' + # DESC 'MANDATORY: OpenSSH Public key' + # EQUALITY octetStringMatch + # SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 ) + # ''}" # ]; # "olcDatabase={1}mdb".attrs = { @@ -88,7 +102,7 @@ # /* your admin account, do not use writeText on a production system */ # olcRootDN = "cn=portunus,dc=ifsr,dc=de"; - # olcRootPW = "{CRYPT}$y$j9T$xdf4HigfhmQWXn.bw9MgH/$91evhYAV1GP7olNCkQoCpUZrghh5P8dDXcZdAtpiD32"; + # olcRootPW = "test"; # olcAccess = [ # /* custom access rules for userPassword attributes */ @@ -102,6 +116,24 @@ # by * read'' # ]; # }; + + # "olcOverlay={3}memberof,olcDatabase={1}mdb".attrs = { + # objectClass = [ "olcConfig" "olcOverlayConfig" "olcMemberOf" "top" ]; + # olcOverlay = "{3}memberof"; + # olcMemberOfRefInt = "TRUE"; + # olcMemberOfDangling = "ignore"; + # olcMemberOfGroupOC = "groupOfNames"; + # olcMemberOfMemberAD = "member"; + # olcMemberOfMemberOfAD = "memberOf"; + # }; + + # "olcOverlay={4}refint,olcDatabase={1}mdb".attrs = { + # objectClass = [ "olcOverlayConfig" "olcRefintConfig" "top" ]; + # olcOverlay = "{4}refint"; + # olcRefintAttribute = "memberof member manager owner"; + # }; + + # }; # }; # }; diff --git a/hosts/thinkpad/modules/networks/default.nix b/hosts/thinkpad/modules/networks/default.nix index f4b7af7..cd2ead1 100644 --- a/hosts/thinkpad/modules/networks/default.nix +++ b/hosts/thinkpad/modules/networks/default.nix @@ -74,6 +74,10 @@ pskRaw = "ext:PIXEL_PSK"; authProtocols = [ "WPA-PSK" ]; }; + "C3D2" = { + pskRaw = "ext:C3D2_PSK"; + authProtocols = [ "WPA-PSK" ]; + }; "WIFI@DB" = { authProtocols = [ "NONE" ]; }; diff --git a/secrets/thinkpad/wireless.age b/secrets/thinkpad/wireless.age index d9967a86ee7f69c55460042fd9fc3281a0ce62f3..cb0faba34f7d784ba97dbf91ab30457e07b8e131 100644 GIT binary patch delta 678 zcmV;X0$KgE1;z!CEPqE*L^e5YbaGNNYjjRHLuE@)c{M9FPDpWDY+71!FElw)Wp;E^ zd3ZNeI0{X1Ye++5H)(EXZf!AbWO*`5Yj<yAP)%xWdQy3DIdX4qZ&+4#L~B<=YYHts zAaiqQEoEdfH8n9gAVpSsbU9HVc1ACDQcZR*On7=oT1GH8YJXO9bTUviPg++mXi7m; zQA;x`R#s6-No7@Y3QRP5V`ecpGH6CkMr${Acr!y&QbSctbW(6rYfW)gc~ELNFfemN zYDZ6J3N0-yATUiebVXz`I8$$VF>+>6cV;&>Sw&VfY(Z^qH*#1xR8UNCZZ=tOQ%^~6 z3fCV0Sr^cQ_<xxSLWOekLpOvPty#rWL;ebc3=ke32XrKWYH9^WrUR947sOg>9xJXI z(VGin06IdXtNpx|MB$$<WIvRYrBsv8$snsB-T-*K(>~rFqjW*(xoA<-Z47C2fmiM^ z$V(jItBfDLwc6}u-Hej=Ly*#?=<s<4PlE0d1QB#J>whmUs7^aBlo!(fv^0YNhD`b8 z2OA2#O(Jw+{EDGPk*vZA$~yG}#9usFP_XYJpeKJ0N@6FDt?x+;XzoOAqb^vSsgOl1 zx)!(e$Xl(D$FsAj<U3PFagqZ~ha$ax#q5sA*l_1Bw`dAFAU}d<RJQ;UXCb?LMT&5y z;wyV^gnzfIMkG>s7ap$~Zri`d51^F^X)G63ZcKT(@rZNoCW<Atiy$$9e)`M%42i=f zj9^Rh^<vzNi#26S+j(l6v|fFZNpD;Wy=1c9pZ=8g1jy%w6q6kNmL28`OeUW$L{|%r zw%2%S_U%viX4Czfh8WF`A#CCj)+f63%LSq|{~tuVJqFCZzwY>_;{UReIy5zU5l)8e M-3wY1O24$Jld+f{o&W#< delta 660 zcmV;F0&D%o1+)c_EPqiec42mST1iD}aBeU-O+`gVX*5H1cSve*X+<zAWN&aWa57bA zK~i~lI0{mCcv4DiWl&T~W=42PaW;Bsc5QewbxS#BT0~MqSW9_Pd0J^WQFl*mQ3@?S zAaiqQEoEdfH8n9gAVpSsbU9HVWK3&Gc|ui3XJ}1lN@-><OMf(DcuF%tY)WfcZ&oo^ zcuq7kPe)~UcS1yO3RPKYD^GfHQEzxzZE!d;VsSEYNo`e1L2+6)V{LYMRcl#AZ&XP) zQ$uZM3N0-yAVX|ZO)_ahOh;LGX>3YiLUm(FHbHhlR%>Q@F>^^tHc&%tT5L3EOm%Hl z3i%|m2EjVLIe&XWMnRN~w?-KiIbr3Us;K%(o*JT>WXP7YSHow|Tf6iPt>8OXxro0b z43vOru*J~uiB@a2$D&33*3*t6FKy&N&4H9W!lPW!fBhXE4HmzEJ(W(Bv^<uPDcEg3 z1)ZSpX~Q$(G-ioE&%V1RyX4o0+l#a#Ykb25{itStg@5v%%@j}2U@gg`PhmRZ!2Pg3 zeq57WB)-g=1CPCXvA<z)dmg4RPyyO#EUCx=9J|Z`9Ap)<p-ot<x&>&D;dr`*dDjnI z4Kq9WaTTphI!c*?IABq{@v29B-xf3CcLQ#yX^gD=RG%>hSj&YZ6)u%&&J*y}<w6;M zn2+YTPk#=7uxoQ|6;$y>Ft?KeFhJcH$-C_0mc{ucKI%|v>3?91Bm^7W*$Jg!r)G#( zpkx?^dsI<ZVer7%bIl}<dq%X_m#g`$_Zpv@j!nqcID}J@f#C*Z6e|PjW7y#`{A|%q uICO>k^kEJj(VN+`UCW4?e5VtIGw6A2r<UL6(hbS|AF(3%oQ*kuFdn5Whah<X diff --git a/shared/nix.nix b/shared/nix.nix index f85d054..885d63c 100644 --- a/shared/nix.nix +++ b/shared/nix.nix @@ -15,10 +15,12 @@ substituters = [ "https://cache.rfive.de" "https://cache.ifsr.de" + "https://nix-community.cachix.org" ]; trusted-public-keys = [ "cache.rfive.de:of5d+o6mfGXQSR3lk6ApfDBr4ampAUaNHux1O/XY3Tw=" "cache.ifsr.de:y55KBAMF4YkjIzXwYOKVk9fcQS+CZ9RM1zAAMYQJtsg=" + "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" ]; trusted-users = [ "@wheel" diff --git a/users/rouven/modules/helix/default.nix b/users/rouven/modules/helix/default.nix index c4f7814..e027ff8 100644 --- a/users/rouven/modules/helix/default.nix +++ b/users/rouven/modules/helix/default.nix @@ -6,7 +6,7 @@ rust-analyzer nil nixpkgs-fmt - typst-lsp + tinymist (python3.withPackages (ps: with ps; [ pyls-isort pylsp-mypy