From 607b2d7a35f84044f74a2c8cfe7434030f0e1878 Mon Sep 17 00:00:00 2001 From: Rouven Seifert Date: Fri, 17 Feb 2023 21:35:12 +0100 Subject: [PATCH] preparing nuc for reinstall --- .sops.yaml | 2 +- hosts/nuc/default.nix | 8 ++--- secrets/nuc.yaml | 50 ++++++++++++++-------------- users/rouven/modules/packages.nix | 4 +++ users/rouven/modules/ssh/default.nix | 2 +- 5 files changed, 33 insertions(+), 33 deletions(-) diff --git a/.sops.yaml b/.sops.yaml index 4ad122e..62edb02 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -1,7 +1,7 @@ keys: - &rouven 116987A8DD3F78FF8601BF4DB95E8FE6B11C4D09 - &thinkpad age1pwdahgk2yty9w8cw5ht90mral76h0ndp3vkp93xm4g0cttjlsvgqn8vlys - - &nuc age1930r9v2y57zkwghlxapj348c4rfnmr70de898cdhu5rue5cpagzq74wymk + - &nuc age18z4z5pgw8eluu32xe3krg4sxd2rncsnjw6e2axcun7x3vrj62vhq8eyz00 creation_rules: - path_regex: secrets/thinkpad\.yaml$ key_groups: diff --git a/hosts/nuc/default.nix b/hosts/nuc/default.nix index 0b48240..a04672c 100644 --- a/hosts/nuc/default.nix +++ b/hosts/nuc/default.nix @@ -16,13 +16,9 @@ boot = { loader.systemd-boot.enable = true; loader.efi.canTouchEfiVariables = true; - kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages; - supportedFilesystems = [ "zfs" ]; + kernelPackages = pkgs.linuxPackages_latest; }; - services.zfs.autoScrub.enable = true; - services.zfs.autoSnapshot.enable = true; - services.zfs.trim.enable = true; - + services.btrfs.autoScrub.enable = true; time.timeZone = "Europe/Berlin"; diff --git a/secrets/nuc.yaml b/secrets/nuc.yaml index edc1235..e7fa8ea 100644 --- a/secrets/nuc.yaml +++ b/secrets/nuc.yaml @@ -1,43 +1,43 @@ nextcloud: - adminpass: ENC[AES256_GCM,data:w4gkgC0wnBh2NLjKz58JBg+FU7hLLkuaJQ==,iv:5FOBhbngHccVY9WxyjC1x93vXzHlBFsF06+oVTC1vl8=,tag:8sLPIBl2/QJTk134OEtAfw==,type:str] + adminpass: ENC[AES256_GCM,data:Y7JrzfJTDEZa60r4LCU8gS+HH5eRc7UY1g==,iv:axm69xiZhIiJgz/PLshhAfMCo9B9qnENeDTdSy08WDw=,tag:wM81yqHQlQQZXIjcrJ+Ovg==,type:str] vaultwarden: - env: ENC[AES256_GCM,data:d/FTv/6O/r4HSaMBPnr6oU/VcGYzS658hP2koM1pm/Pg/oxIbw1xi7PlSb97DQprvGy/zh/M5wqWqCGzS5Dwk0TIy5NAvuzAAXYMvvQSJfOhwRnRR7KVoaTCZi7CQHWOvjp1d/N3zKcj1KD6,iv:nR0YUQ/2ZpzwZD22XLH4BiwzTU7LTAymK4lWkT05MXo=,tag:b65zfcY9N/mOn1CS/vr/DA==,type:str] + env: ENC[AES256_GCM,data:vh9dzqXDgWUH7vG1ydNS/Ly0v9lKV1Vg6TM0Z9af1/b5c3wZVpnggfHb4LN2c0M6qnBO/YlIFJApoTyo9FwAnHibuv8Yv8rSLHDRtSf78XmbeD844HhiUBthUTQ3o9ObMZDaK7NXNhDKPNmY,iv:MWJ/79kBLMPwxDr4oDPxa+ViXTzlxQsVr5s7wdsmGUk=,tag:VV0j6Xodw9+XRrfiqZwamw==,type:str] sops: kms: [] gcp_kms: [] azure_kv: [] hc_vault: [] age: - - recipient: age1930r9v2y57zkwghlxapj348c4rfnmr70de898cdhu5rue5cpagzq74wymk + - recipient: age18z4z5pgw8eluu32xe3krg4sxd2rncsnjw6e2axcun7x3vrj62vhq8eyz00 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBaS3dmRVZXV3hwbzFaYmlN - N2daRVlJalBkbU42OGNjU0puSFpjUEpNYXpJCkh6NmtSSllIVkl3NWdhTGpyelpw - VGdhcFNmQkFhcFVJUFdVa0hudXZaSTQKLS0tIExJUW9pTU9GSkltS2xqWVkzcW9i - cWdNRzdhOUdheFdaWlNNTG4rUFlaVlUKs+/IYY3/2n60+QbVkXZu9Sp57jh+7ncA - DqrjJGBo9MNXfSS7qJ+p7dVksA2kxCNwvKV7y/zbvtXKGusvs+Qe/A== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBRUHoyMk1JSURGTmRuQ1Jh + b1pGdS92dkpSMWNRQ1JvNFBzOGRUWDdiQnpBCkxFMDMvUG9CcmpKd1pYRUdMbk9W + L0U1d0d0dUloaHhtZG1TUDhUYnRiVE0KLS0tIEpycnBYYWFpWHJHaXYyNG9icDVO + VmxkWFRsK1IzaG45TmVhVXhkZTVHREUKm7EzsUBCv6/jV4Q5wg1oSLnwJ2bElxDi + tWBWzo0oCQAk9mKDKLJoJu7xoCqDnrwhXjbxuvoWPkuAJmclUcZm1w== -----END AGE ENCRYPTED FILE----- - lastmodified: "2023-01-25T14:08:48Z" - mac: ENC[AES256_GCM,data:Bf46bSKvzupG4e7Wtv2ysU4FXv4fnoOsmBk30j3y6sAbBOLhupUDNpi/3+C+JQ3tZXwByYabBDT1m7lpZcTyAu/ABcnpCss+gMpKvcphfVVwlE8W2FX9DWX/rOd3scoA/PzOo5DrWeadZi0pdc5ueXSGome+3vPjsXeJDOvK0pk=,iv:xNUIv0rGcuDF1RS8MOm6PdX1DRanoO716quhOXakJwg=,tag:CP9Y303285r4fKxz2E/KhA==,type:str] + lastmodified: "2023-02-17T20:34:58Z" + mac: ENC[AES256_GCM,data:WqW1hNH7Ug0NDYj/feA6ys/xf69R+TUCXaiCKR80nsyPYFviQh3u4ELYo8EWXHA5IO0zUZOxi7LGjDffanxIeXnpuPsoDXVdpdyGNrcJCXqAFZgRQ0yMR6n9ffK0yViYJVKDt3hBrAidhElOGNFQchKno7ozxgGS6tIPff27gvw=,iv:ED+R7Z1kA4YnLNaPPIh620BA0gfBRVQmo3C7CfLq9II=,tag:fb7eo1x7zfwJmIMP4sg3Xw==,type:str] pgp: - - created_at: "2023-01-24T10:54:00Z" + - created_at: "2023-02-17T20:34:57Z" enc: |- -----BEGIN PGP MESSAGE----- - wcFMAzUXo8ZPJwGLAQ/9FUqs5nO82fNRJeDsjTlU/J6bo3dGZo0XzuRTGCSgMAQW - CB29HXbt4PV6aXF79HEVTYFWnZj0ygsyOCheI00w9Ab2MlVqMpFDB6lSYGzsVdEU - IyLiBALNr3ag6uBWErRVz4YOR1QVe0sTeBf/K6ei6k2A6sJGesR0awZtOvwGo7r1 - wp9EaaWugNM0ewwG/lPXjzFJLHL9H0RJ62K+ccGBUuj6NielHFvRweJLbpUdK6Mm - Wji/MjZWBMIMLolGo8P7MQ4OIeCjEz8NvNCwvrwddWeSDMKB08tX+DZGtFIJm5ll - mU6qeTWV/SV0LO6LwzhFwyrxlBfKFJ/6VWZWsFQbilOKuhElIo3NZxKGWXP8BvT6 - +mez3VYlPL4ExRjgzOl8DRcy/PmBRxB563PADDlAf6LSEdT886le6t6XY87RbHCa - oX/dmXFtC8tFsEKWsb3UP7ovhh7/z9DFexvG0nSi8mT0jvl90rCiL9lr2wLvo+dN - 3K9EMUrEKqJWLRwmnXY0LhzV47RryDo69rk7vGH4FrDYEPGQIXBt+OakYNMjzdzO - v6/yYx615nw89s5whIThJ2S53SYChnWxsTZ2qgNegqWkDg2KdoQxqRT1wM6hZdBx - 6U4DhmwIQDILaYPrWHHMsh9ob+PG9+xLemyn9SK9+zwk1v2QDqFwYnVzwLBTcU7S - UQGsXzXBwjxbdF0N+O8/wI/54UEMnpJ9baqFkDgGUDUeVbMMT1Rwu2Iqm5e8qwwl - mYY9Fgqn3ewi+7NxGb40AM/saCYlrorShiohBdvklmKvYQ== - =rHpH + wcFMAzUXo8ZPJwGLAQ/9FEQtzZcyNhkXxNAW7SZdPSahcv+4iWgAZWJBEzWKRmjR + oXb/WlSM0QhqZBg7Z6VywrUVGqMHO4Gwl2j3ekyWzemED6kHoKys+zAgqlyEzy41 + 90E0RLwhwRA7grkA23tDKfB6X7aAysgpgQNcaKXe2590njqjvWGRHiRwL0/xk2b6 + 6V7CTwSqrcouUkujUbWjl5AvM2Ysr4koxNayMA3IdWeO+v6n/ZJ+7LSWGYw9aoHS + /1UnIzlkrGVAS3B24cxiOnyr4R2HK4OTAn4nTNggtl7FT1r+2tVNMkRsWr0ubzvt + 27kwZvrL8zRVlsIpL0gnPLSiw8vj3H1SdHovoXC/xe/QijMYsjCOYIowR5quKbfS + 5QOhYax+spAkqaCqn2qJha/vqisYXNY7KVNZZPJWhlRawVv1+/6NZZnlxLFddICL + aERcULiXXEEA6W6tti2VUPnkWxZpeHQl8ywaSPrVhjT+qkwgo0JHtri4VDkF5RJi + lC5bjh29qvwAUkUVwouZ/tW/x++0LFrrT2PT8dhSS/+hxI/llGMbJWknXmJ3sNlc + C+cQsRFfpYAdSsGh0qO5WQ1+HzMpRpmcnpkkclFOI1mjgncjWVZVhSU13j+fSXYO + EILl5qtVQO0PoEvYnO3bfItAI5dGjSFyfJbJjTJrtj72Goi0OHATiIYXD8UKJLvS + UQHJA77LhdPgoBIvDhWPqXeu+bG2E7gcUHydoWv/ejFojeSKI3EUqBLNqhKgh6YA + VyXQOmT6I4HTXqWkGHFfIZZl5uj1poKBmDsa2ePfg8e6XQ== + =biZV -----END PGP MESSAGE----- fp: 116987A8DD3F78FF8601BF4DB95E8FE6B11C4D09 unencrypted_suffix: _unencrypted diff --git a/users/rouven/modules/packages.nix b/users/rouven/modules/packages.nix index 0957d1d..97f0300 100644 --- a/users/rouven/modules/packages.nix +++ b/users/rouven/modules/packages.nix @@ -1,6 +1,9 @@ { config, pkgs, ... }: { home.packages = with pkgs; [ + # temp here for testing + thunderbird + # essentials wpa_supplicant_gui pcmanfm @@ -11,6 +14,7 @@ evince gimp mpv + yt-dlp ffmpeg # sound diff --git a/users/rouven/modules/ssh/default.nix b/users/rouven/modules/ssh/default.nix index 9101ce1..ab24b09 100644 --- a/users/rouven/modules/ssh/default.nix +++ b/users/rouven/modules/ssh/default.nix @@ -34,7 +34,7 @@ identityFile = "~/.ssh/git"; }; "git@ifsr.de" = { - match = "Host raspi User git"; + match = "Host ifsr.de User git"; identityFile = "~/.ssh/git"; }; };