youthlic/nixos
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: youthlic:72ffafa5d9a3e294da6fef1c8f46523ec0f7e866
Branches Tags
youthlic:dev
...
compare: youthlic:e0fa88105d61217e885a929dc44d2791a070023b
Branches Tags
youthlic:dev

10 commits
72ffafa5d9 ... e0fa88105d

Author SHA1 Message Date
ulic-youthlic
e0fa88105d
change ROOT_URL config for forgejo 2025-01-28 17:28:14 +08:00
ulic-youthlic
69876c592c
add forgejo and postgresql services and nixos-container for forgejo 2025-01-28 17:14:27 +08:00
ulic-youthlic
3746928274
add deploy-rs for remotely deploy nixos config 2025-01-27 18:35:41 +08:00
ulic-youthlic
b4777b66f2
add nixos configuration for Cape 2025-01-27 10:55:21 +08:00
ulic-youthlic
30e8310755
add thunderbird to home module 2025-01-26 15:06:26 +08:00
ulic-youthlic
2ca474b976
add cmake lsp for helix 2025-01-25 20:26:57 +08:00
ulic-youthlic
d19dc6a4e8
update flake inputs 2025-01-25 19:15:31 +08:00
ulic-youthlic
b91bda7844
change config.kdl key binds 2025-01-25 17:57:00 +08:00
ulic-youthlic
08f905123f
add kdlfmt as kdl formatter for helix, and format config.kdl 2025-01-25 17:14:03 +08:00
ulic-youthlic
52019f52ee
add just formatter for helix and format Justfile 2025-01-25 16:59:16 +08:00
38 changed files with 1338 additions and 312 deletions
Download patch file Download diff file Expand all files Collapse all files

2
.sops.yaml
View file

@ -1,9 +1,11 @@
keys:
- &master age1smmqun9h3cszaza85ty33yenyaqtat572u9r3we4l5gh85njgvws6q680g
- &machine_Akun age1emhsx2l0ell6smavzaackwkk7n2u4zf6chdp9xcds3dqp7s444ds9fcaga
- &machine_Cape age1s4zml68g0ys05tv2nlpnevz37vf0uurypfsf996wj4vytgxczumqy3utck
creation_rules:
- path_regex: secrets/[^/]+\.(yaml|json|env|ini)$
key_groups:
- age:
- *master
- *machine_Akun
- *machine_Cape

10
Justfile
View file

@ -5,12 +5,14 @@ default:
@just --list
switch specialisation=DEFAULT_SPECIALISATION:
nh os switch {{FLAKE_HOME}} {{ if specialisation == DEFAULT_SPECIALISATION { "-S" } else { "-s " + specialisation } }}
nh os switch {{ FLAKE_HOME }} {{ if specialisation == DEFAULT_SPECIALISATION { "-S" } else { "-s " + specialisation } }}
update:
nix flake update | spacer
push host target:
nixos-rebuild switch --flake {{FLAKE_HOME}}#{{host}} --target-host {{target}} | spacer
deploy host:
deploy {{ FLAKE_HOME }}#{{ host }}
alias s := switch
alias u := update
alias p := push
alias d := deploy

236
flake.lock generated
View file

@ -69,11 +69,11 @@
"bt-tracker": {
"flake": false,
"locked": {
"lastModified": 1737706116,
"narHash": "sha256-jMrl9cy/1vlJgpljPG0jGlnlGSfCdseKe14guF/EMPo=",
"lastModified": 1737792531,
"narHash": "sha256-uTnQYofhXwguCcmr+UqXUSqxu7IQ0cMGeoreAMcUVVk=",
"owner": "XIU2",
"repo": "TrackersListCollection",
"rev": "d56981366bbe7ce97655111d0b8db5b1b91d4540",
"rev": "35df14b82b2d3dc24797f0e500188ac053f7e1d4",
"type": "github"
},
"original": {
@ -84,11 +84,11 @@
},
"crane": {
"locked": {
"lastModified": 1727974419,
"narHash": "sha256-WD0//20h+2/yPGkO88d2nYbb23WMWYvnRyDQ9Dx4UHg=",
"lastModified": 1737563566,
"narHash": "sha256-GLJvkOG29XCynQm8XWPyykMRqIhxKcBARVu7Ydrz02M=",
"owner": "ipetkov",
"repo": "crane",
"rev": "37e4f9f0976cb9281cd3f0c70081e5e0ecaee93f",
"rev": "849376434956794ebc7a6b487d31aace395392ba",
"type": "github"
},
"original": {
@ -116,6 +116,26 @@
"type": "github"
}
},
"deploy-rs": {
"inputs": {
"flake-compat": "flake-compat",
"nixpkgs": "nixpkgs_2",
"utils": "utils"
},
"locked": {
"lastModified": 1727447169,
"narHash": "sha256-3KyjMPUKHkiWhwR91J1YchF6zb6gvckCAY1jOE+ne0U=",
"owner": "serokell",
"repo": "deploy-rs",
"rev": "aa07eb05537d4cd025e2310397a6adcedfe72c76",
"type": "github"
},
"original": {
"owner": "serokell",
"repo": "deploy-rs",
"type": "github"
}
},
"disko": {
"inputs": {
"nixpkgs": [
@ -140,11 +160,11 @@
"flake": false,
"locked": {
"dir": "pkgs/firefox-addons",
"lastModified": 1737630537,
"narHash": "sha256-lroOTrqUw443CfegVkfNAfE57uIsF4fjUvlUjVnB3kY=",
"lastModified": 1737777799,
"narHash": "sha256-YDDKpj1j9MqGZgrugfu8mQWjpiy4r7fZ1FMJL58NasM=",
"ref": "master",
"rev": "f3bffded7ab861654ab3be7c1e974eafe72c52b0",
"revCount": 4058,
"rev": "9a96d7b0485be4654b6f2237efeccb1144d1ba54",
"revCount": 4063,
"type": "git",
"url": "https://gitlab.com/rycee/nur-expressions.git?dir=pkgs/firefox-addons"
},
@ -188,6 +208,22 @@
}
},
"flake-compat_2": {
"flake": false,
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-compat_3": {
"flake": false,
"locked": {
"lastModified": 1717312683,
@ -203,7 +239,7 @@
"type": "github"
}
},
"flake-compat_3": {
"flake-compat_4": {
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
@ -217,7 +253,7 @@
"url": "https://flakehub.com/f/edolstra/flake-compat/1.tar.gz"
}
},
"flake-compat_4": {
"flake-compat_5": {
"flake": false,
"locked": {
"lastModified": 1733328505,
@ -307,7 +343,7 @@
},
"flake-utils": {
"inputs": {
"systems": "systems"
"systems": "systems_2"
},
"locked": {
"lastModified": 1731533236,
@ -325,7 +361,7 @@
},
"flake-utils_2": {
"inputs": {
"systems": "systems_2"
"systems": "systems_3"
},
"locked": {
"lastModified": 1705309234,
@ -343,14 +379,14 @@
},
"flake-utils_3": {
"inputs": {
"systems": "systems_3"
"systems": "systems_4"
},
"locked": {
"lastModified": 1726560853,
"narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=",
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
@ -361,7 +397,7 @@
},
"flake-utils_4": {
"inputs": {
"systems": "systems_5"
"systems": "systems_6"
},
"locked": {
"lastModified": 1710146030,
@ -416,17 +452,17 @@
},
"ghostty": {
"inputs": {
"flake-compat": "flake-compat",
"flake-compat": "flake-compat_2",
"nixpkgs-stable": "nixpkgs-stable",
"nixpkgs-unstable": "nixpkgs-unstable",
"zig": "zig"
},
"locked": {
"lastModified": 1737606723,
"narHash": "sha256-imzoApuVpFNyQbBBjTfbFBeo/elX0moFgXrxJEWFCDo=",
"lastModified": 1737779447,
"narHash": "sha256-+iVqQXAUJshUYgxOHfke54Ux4f/aggl1yub86KNx2tE=",
"owner": "ghostty-org",
"repo": "ghostty",
"rev": "eb21a58aa4dc59dd2a0fbd026cf7cd842f0f07ed",
"rev": "71e62f96fa4d286eda835048428d5be96e9f87c1",
"type": "github"
},
"original": {
@ -510,11 +546,11 @@
"rust-overlay": "rust-overlay"
},
"locked": {
"lastModified": 1737597695,
"narHash": "sha256-tkMePskjLb0xZZE9zzW+TVy4Latdin4aAEsbNutzt9w=",
"lastModified": 1737740779,
"narHash": "sha256-M4pSv4ycg6fkQmxvJ1BCdoZJvJhqLTUsw6LKoduLpE0=",
"owner": "helix-editor",
"repo": "helix",
"rev": "76a8682c4d743e8da75e46be0646393317561080",
"rev": "81708b70e685426716999e1278b7373292e797e9",
"type": "github"
},
"original": {
@ -531,11 +567,11 @@
]
},
"locked": {
"lastModified": 1737630279,
"narHash": "sha256-wJQCxyMRc4P26zDrHmZiRD5bbfcJpqPG3e2djdGG3pk=",
"lastModified": 1737762889,
"narHash": "sha256-5HGG09bh/Yx0JA8wtBMAzt0HMCL1bYZ93x4IqzVExio=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "0db5c8bfcce78583ebbde0b2abbc95ad93445f7c",
"rev": "daf04c5950b676f47a794300657f1d3d14c1a120",
"type": "github"
},
"original": {
@ -591,17 +627,17 @@
"inputs": {
"niri-stable": "niri-stable",
"niri-unstable": "niri-unstable",
"nixpkgs": "nixpkgs_2",
"nixpkgs": "nixpkgs_3",
"nixpkgs-stable": "nixpkgs-stable_2",
"xwayland-satellite-stable": "xwayland-satellite-stable",
"xwayland-satellite-unstable": "xwayland-satellite-unstable"
},
"locked": {
"lastModified": 1737627930,
"narHash": "sha256-oaAatwNVaX36xmI2AKIVu2oG07XJmHq2T+Y66hEprd8=",
"lastModified": 1737797805,
"narHash": "sha256-revbNiDQIhSwkAvGE2IVf3iSHbp1LB52KXu3nukATfE=",
"owner": "sodiboo",
"repo": "niri-flake",
"rev": "f79aa307f4bc0bfbabee404e6354fd2a1edfcb01",
"rev": "ab19f1d6bf4b38558c84df4990ec0618ec526eb5",
"type": "github"
},
"original": {
@ -630,11 +666,11 @@
"niri-unstable": {
"flake": false,
"locked": {
"lastModified": 1737623252,
"narHash": "sha256-orq/c8lOUrZfCHQhfuLEJtMZpfBYhMtGv1Xuz99Pxj0=",
"lastModified": 1737795105,
"narHash": "sha256-zQSNUKj671I9M4DdMD4iMUnIIWN5oiaWdqDHUSVcaVE=",
"owner": "YaLTeR",
"repo": "niri",
"rev": "128b01e04905d833214f52a3c6fab308bcc15ce0",
"rev": "78697d1cea20e6b53013e820999b0403c45d9f00",
"type": "github"
},
"original": {
@ -655,7 +691,7 @@
"nixpkgs"
],
"nixpkgs-wine": "nixpkgs-wine",
"systems": "systems_4",
"systems": "systems_5",
"treefmt-nix": "treefmt-nix"
},
"locked": {
@ -741,16 +777,16 @@
},
"nixos-cosmic": {
"inputs": {
"flake-compat": "flake-compat_2",
"nixpkgs": "nixpkgs_3",
"flake-compat": "flake-compat_3",
"nixpkgs": "nixpkgs_4",
"nixpkgs-stable": "nixpkgs-stable_3"
},
"locked": {
"lastModified": 1737603687,
"narHash": "sha256-/uTWz6xk/Psfl1sqCK3CTSjUVoiq1O988tHRfQpiMP8=",
"lastModified": 1737737985,
"narHash": "sha256-qQvUk3zPDV5IsnPAQAYxLm479hOj3zlZy4k+0PzzyMg=",
"owner": "lilyinstarlight",
"repo": "nixos-cosmic",
"rev": "e24740b458a5b6932b393977100964ac9e1ef2a1",
"rev": "c09628bdaecece885ee78614245a077fe3805f0a",
"type": "github"
},
"original": {
@ -761,11 +797,11 @@
},
"nixos-hardware": {
"locked": {
"lastModified": 1737590910,
"narHash": "sha256-qM/y6Dtpu9Wmf5HqeZajQdn+cS0aljdYQQQnrvx+LJE=",
"lastModified": 1737751639,
"narHash": "sha256-ZEbOJ9iT72iwqXsiEMbEa8wWjyFvRA9Ugx8utmYbpz4=",
"owner": "NixOS",
"repo": "nixos-hardware",
"rev": "9368027715d8dde4b84c79c374948b5306fdd2db",
"rev": "dfad538f751a5aa5d4436d9781ab27a6128ec9d4",
"type": "github"
},
"original": {
@ -873,11 +909,11 @@
},
"nixpkgs-stable_2": {
"locked": {
"lastModified": 1737569578,
"narHash": "sha256-6qY0pk2QmUtBT9Mywdvif0i/CLVgpCjMUn6g9vB+f3M=",
"lastModified": 1737672001,
"narHash": "sha256-YnHJJ19wqmibLQdUeq9xzE6CjrMA568KN/lFPuSVs4I=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "47addd76727f42d351590c905d9d1905ca895b82",
"rev": "035f8c0853c2977b24ffc4d0a42c74f00b182cd8",
"type": "github"
},
"original": {
@ -889,11 +925,11 @@
},
"nixpkgs-stable_3": {
"locked": {
"lastModified": 1737299813,
"narHash": "sha256-Qw2PwmkXDK8sPQ5YQ/y/icbQ+TYgbxfjhgnkNJyT1X8=",
"lastModified": 1737569578,
"narHash": "sha256-6qY0pk2QmUtBT9Mywdvif0i/CLVgpCjMUn6g9vB+f3M=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "107d5ef05c0b1119749e381451389eded30fb0d5",
"rev": "47addd76727f42d351590c905d9d1905ca895b82",
"type": "github"
},
"original": {
@ -953,27 +989,27 @@
},
"nixpkgs_2": {
"locked": {
"lastModified": 1737469691,
"narHash": "sha256-nmKOgAU48S41dTPIXAq0AHZSehWUn6ZPrUKijHAMmIk=",
"lastModified": 1702272962,
"narHash": "sha256-D+zHwkwPc6oYQ4G3A1HuadopqRwUY/JkMwHz1YF7j4Q=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "9e4d5190a9482a1fb9d18adf0bdb83c6e506eaab",
"rev": "e97b3e4186bcadf0ef1b6be22b8558eab1cdeb5d",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1737062831,
"narHash": "sha256-Tbk1MZbtV2s5aG+iM99U8FqwxU/YNArMcWAv6clcsBc=",
"lastModified": 1737632463,
"narHash": "sha256-38J9QfeGSej341ouwzqf77WIHAScihAKCt8PQJ+NH28=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "5df43628fdf08d642be8ba5b3625a6c70731c19c",
"rev": "0aa475546ed21629c4f5bbf90e38c846a99ec9e9",
"type": "github"
},
"original": {
@ -985,11 +1021,11 @@
},
"nixpkgs_4": {
"locked": {
"lastModified": 1737469691,
"narHash": "sha256-nmKOgAU48S41dTPIXAq0AHZSehWUn6ZPrUKijHAMmIk=",
"lastModified": 1737632463,
"narHash": "sha256-38J9QfeGSej341ouwzqf77WIHAScihAKCt8PQJ+NH28=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "9e4d5190a9482a1fb9d18adf0bdb83c6e506eaab",
"rev": "0aa475546ed21629c4f5bbf90e38c846a99ec9e9",
"type": "github"
},
"original": {
@ -1000,6 +1036,22 @@
}
},
"nixpkgs_5": {
"locked": {
"lastModified": 1737632463,
"narHash": "sha256-38J9QfeGSej341ouwzqf77WIHAScihAKCt8PQJ+NH28=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "0aa475546ed21629c4f5bbf90e38c846a99ec9e9",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_6": {
"locked": {
"lastModified": 1736798957,
"narHash": "sha256-qwpCtZhSsSNQtK4xYGzMiyEDhkNzOCz/Vfu4oL2ETsQ=",
@ -1034,11 +1086,11 @@
"flake": false,
"locked": {
"dir": "/pkgs/uncategorized",
"lastModified": 1737281143,
"narHash": "sha256-7LFwPv5PVcqUItQ0nyWpHMD9zIFf6TVKsv1ifoRe3NM=",
"lastModified": 1737795309,
"narHash": "sha256-rCVkkmc7166clcoCw+TV25/IOtm1opj8LjeKolRO/tg=",
"owner": "xddxdd",
"repo": "nur-packages",
"rev": "5363f9cf43dda8516c848eb80b06a7d652e42046",
"rev": "93681b73b361ddb6e1d1c7e671e5db247ecf6e0b",
"type": "github"
},
"original": {
@ -1084,6 +1136,7 @@
"inputs": {
"bt-tracker": "bt-tracker",
"dae": "dae",
"deploy-rs": "deploy-rs",
"disko": "disko",
"firefox-addons": "firefox-addons",
"flake-parts": "flake-parts_2",
@ -1094,7 +1147,7 @@
"niri-flake": "niri-flake",
"nixos-cosmic": "nixos-cosmic",
"nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs_4",
"nixpkgs": "nixpkgs_5",
"nur-xddxdd": "nur-xddxdd",
"oskars-dotfiles": "oskars-dotfiles",
"sops-nix": "sops-nix",
@ -1109,11 +1162,11 @@
]
},
"locked": {
"lastModified": 1728268235,
"narHash": "sha256-lJMFnMO4maJuNO6PQ5fZesrTmglze3UFTTBuKGwR1Nw=",
"lastModified": 1737599167,
"narHash": "sha256-S2rHCrQWCDVp63XxL/AQbGr1g5M8Zx14C7Jooa4oM8o=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "25685cc2c7054efc31351c172ae77b21814f2d42",
"rev": "38374302ae9edf819eac666d1f276d62c712dd06",
"type": "github"
},
"original": {
@ -1170,24 +1223,24 @@
"base16-helix": "base16-helix",
"base16-vim": "base16-vim",
"firefox-gnome-theme": "firefox-gnome-theme",
"flake-compat": "flake-compat_4",
"flake-compat": "flake-compat_5",
"flake-utils": "flake-utils_5",
"git-hooks": "git-hooks",
"gnome-shell": "gnome-shell",
"home-manager": "home-manager_3",
"nixpkgs": "nixpkgs_5",
"systems": "systems_6",
"nixpkgs": "nixpkgs_6",
"systems": "systems_7",
"tinted-foot": "tinted-foot",
"tinted-kitty": "tinted-kitty",
"tinted-tmux": "tinted-tmux",
"tinted-zed": "tinted-zed"
},
"locked": {
"lastModified": 1737584885,
"narHash": "sha256-9QihDPf9pglzTGY51cmmcqGpQuLiJEobJX7CWJzmXsM=",
"lastModified": 1737657729,
"narHash": "sha256-TIDR1zKoP2uaqRot/LnarugfAC9U7geycjbJqA1naVM=",
"owner": "danth",
"repo": "stylix",
"rev": "36c39ff014a8abbc682a073b2c5ba6cea77cf41e",
"rev": "e594886eb0951a0a0c28ffa333a9df6fb13857a1",
"type": "github"
},
"original": {
@ -1286,6 +1339,21 @@
"type": "github"
}
},
"systems_7": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"tinted-foot": {
"flake": false,
"locked": {
@ -1400,9 +1468,27 @@
"url": "https://github.com/Open-Wine-Components/umu-launcher/?dir=packaging/nix"
}
},
"utils": {
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1701680307,
"narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "4022d587cbbfd70fe950c1e2083a02621806a725",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"winapps": {
"inputs": {
"flake-compat": "flake-compat_3",
"flake-compat": "flake-compat_4",
"flake-utils": "flake-utils_4",
"nixpkgs": [
"oskars-dotfiles",

65
flake.nix
View file

@ -75,6 +75,10 @@
url = "github:XIU2/TrackersListCollection";
flake = false;
};
deploy-rs = {
url = "github:serokell/deploy-rs";
};
};
outputs =
{
@ -202,12 +206,17 @@
};
in
{
homeConfigurations = nixpkgs.lib.foldr (a: b: a // b) { } (
map (hostName: mkHomeConfig { inherit hostName; }) [
"Tytonidae"
"Akun"
]
);
homeConfigurations =
nixpkgs.lib.foldr (a: b: a // b) { } (
map (hostName: mkHomeConfig { inherit hostName; }) [
"Tytonidae"
"Akun"
]
)
// mkHomeConfig {
hostName = "Cape";
unixName = "alice";
};
homeManagerModules =
{
default = import ./home/modules;
@ -227,6 +236,50 @@
)
);
}
)
// (
let
mkDeployNode =
{
hostName,
unixName ? "deploy",
system ? "x86_64-linux",
sshName ? hostName,
}:
{
"${hostName}" = {
hostname = "${sshName}";
sshUser = "${unixName}";
interactiveSudo = true;
sshOpts = [
"-i"
"/home/david/.ssh/id_ed25519_deploy"
];
profiles = {
system = {
user = "${unixName}";
path =
inputs.deploy-rs.lib."${system}".activate.nixos
self.outputs.nixosConfigurations."${hostName}";
};
};
};
};
in
{
deploy.nodes = nixpkgs.lib.foldr (a: b: a // b) { } (
map
(
hostName:
mkDeployNode {
inherit hostName;
}
)
[
"Cape"
]
);
}
);
};
}

84
home/alice/configurations/Cape/default.nix Normal file
View file

@ -0,0 +1,84 @@
{
pkgs,
unixName,
config,
...
}:
{
youthlic.programs = {
helix.enable = true;
gpg.enable = true;
fish.enable = true;
bash.enable = true;
starship.enable = true;
sops.enable = true;
atuin.enable = true;
git = {
email = "ulic.youthlic@gmail.com";
name = "ulic-youthlic";
encrypt-credential = false;
};
};
xdg.userDirs = {
enable = true;
download = "${config.home.homeDirectory}/dls";
documents = "${config.home.homeDirectory}/doc";
music = "${config.home.homeDirectory}/mus";
pictures = "${config.home.homeDirectory}/pic";
videos = "${config.home.homeDirectory}/vid";
templates = "${config.home.homeDirectory}/tpl";
publicShare = "${config.home.homeDirectory}/pub";
desktop = "${config.home.homeDirectory}/dsk";
createDirectories = true;
};
home.username = "${unixName}";
home.homeDirectory = "/home/${unixName}";
home.stateVersion = "24.11";
programs.home-manager.enable = true;
home.packages = with pkgs; [
tealdeer
ripgrep
fzf
file
which
gnused
gnutar
bat
gawk
zstd
tree
ouch
dust
duf
doggo
ast-grep
dig
lazygit
dig
fend
gitoxide
viu
fd
just
];
programs.ssh = {
enable = true;
hashKnownHosts = true;
extraOptionOverrides = {
HostKeyAlgorithms = "ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,ssh-rsa,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256";
KexAlgorithms = "curve25519-sha256@libssh.org,ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256";
MACs = "hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com";
Ciphers = "chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr";
};
matchBlocks = {
"github.com" = {
hostname = "ssh.github.com";
port = 443;
user = "git";
extraOptions = {
AddKeysToAgent = "yes";
};
};
};
};
}

1
home/alice/modules/default.nix Normal file
View file

@ -0,0 +1 @@
{ ... }: { }

8
home/david/configurations/Akun/default.nix
View file

@ -123,6 +123,14 @@
mode = "0600";
path = "${config.home.homeDirectory}/.ssh/id_ed25519_akun";
};
"ssh-private-key/cape" = {
mode = "0600";
path = "${config.home.homeDirectory}/.ssh/id_ed25519_cape";
};
"ssh-private-key/deploy" = {
mode = "0600";
path = "${config.home.homeDirectory}/.ssh/id_ed25519_deploy";
};
"ssh-config" = {
mode = "0400";
format = "yaml";

9
home/david/configurations/Tytonidae/default.nix
View file

@ -32,6 +32,7 @@
mpv.enable = true;
kvm.enable = true;
atuin.enable = true;
thunderbird.enable = true;
};
david = {
@ -136,6 +137,14 @@
mode = "0600";
path = "${config.home.homeDirectory}/.ssh/id_ed25519_akun";
};
"ssh-private-key/cape" = {
mode = "0600";
path = "${config.home.homeDirectory}/.ssh/id_ed25519_cape";
};
"ssh-private-key/deploy" = {
mode = "0600";
path = "${config.home.homeDirectory}/.ssh/id_ed25519_deploy";
};
"ssh-config" = {
mode = "0400";
format = "yaml";

483
home/david/configurations/Tytonidae/niri/config.kdl
View file

@ -1,36 +1,32 @@
input {
keyboard {
xkb {
}
}
touchpad {
tap
natural-scroll
}
mouse {
}
}
trackpoint {
}
}
output "DP-1" {
mode "2560x1440@169.900"
scale 1
transform "normal"
position x=0 y=0
}
output "eDP-1" {
mode "2560x1440@165.003"
scale 1.5
transform "normal"
position x=2560 y=0
}
layout {
gaps 16
center-focused-column "never"
@ -39,12 +35,11 @@ layout {
proportion 0.5
proportion 0.66667
}
// You can also customize the heights that "switch-preset-window-height" (Mod+Shift+R) toggles between.
// preset-window-heights { }
default-column-width {
default-column-width {}
}
// By default focus ring and border are rendered as a solid background rectangle
// behind windows. That is, they will show up through semitransparent windows.
// This is because windows using client-side decorations can have an arbitrary shape.
@ -55,27 +50,21 @@ layout {
//
// Alternatively, you can override it with a window rule called
// `draw-border-with-background`.
// You can change how the focus ring looks.
focus-ring {
// Uncomment this line to disable the focus ring.
// off
// How many logical pixels the ring extends out from the windows.
width 4
// Colors can be set in a variety of ways:
// - CSS named colors: "red"
// - RGB hex: "#rgb", "#rgba", "#rrggbb", "#rrggbbaa"
// - CSS-like notation: "rgb(255, 127, 0)", rgba(), hsl() and a few others.
// Color of the ring on the active monitor.
active-color "#7fc8ff"
// Color of the ring on inactive monitors.
inactive-color "#505050"
// You can also use gradients. They take precedence over solid colors.
// You can also use gradients. They take precedence over solid colors.
// Gradients are rendered the same as CSS linear-gradient(angle, from, to).
// The angle is the same as in linear-gradient, and is optional,
// defaulting to 180 (top-to-bottom gradient).
@ -90,34 +79,30 @@ layout {
//
// inactive-gradient from="#505050" to="#808080" angle=45 relative-to="workspace-view"
}
// You can also add a border. It's similar to the focus ring, but always visible.
border {
// The settings are the same as for the focus ring.
// If you enable the border, you probably want to disable the focus ring.
off
width 4
active-color "#ffc87f"
inactive-color "#505050"
// active-gradient from="#ffbb66" to="#ffc880" angle=45 relative-to="workspace-view"
// active-gradient from="#ffbb66" to="#ffc880" angle=45 relative-to="workspace-view"
// inactive-gradient from="#505050" to="#808080" angle=45 relative-to="workspace-view"
}
// Struts shrink the area occupied by windows, similarly to layer-shell panels.
// You can think of them as a kind of outer gaps. They are set in logical pixels.
// Left and right struts will cause the next window to the side to always be visible.
// Top and bottom struts will simply add outer gaps in addition to the area occupied by
// layer-shell panels and regular gaps.
struts {
// left 64
// left 64
// right 64
// top 64
// bottom 64
}
}
// Add lines like this to spawn processes at startup.
// Note that running niri as a session supports xdg-desktop-autostart,
// which may be more convenient to use.
@ -132,165 +117,343 @@ spawn-at-startup "fcitx5" "-d" "--replace"
spawn-at-startup "xwayland-satellite" ":1"
spawn-at-startup "polkit-kde-agent"
spawn-at-startup "wl-paste" "--watch" "cliphist" "store"
// Uncomment this line to ask the clients to omit their client-side decorations if possible.
// If the client will specifically ask for CSD, the request will be honored.
// Additionally, clients will be informed that they are tiled, removing some client-side rounded corners.
// This option will also fix border/focus ring drawing behind some semitransparent windows.
// After enabling or disabling this, you need to restart the apps for this to take effect.
// prefer-no-csd
screenshot-path "~/pic/screenshot%Y-%m-%d-%H-%M-%S.png"
// You can also set this to null to disable saving screenshots to disk.
// screenshot-path null
animations {
// Slow down all animations by this factor. Values below 1 speed them up instead.
// Slow down all animations by this factor. Values below 1 speed them up instead.
// slowdown 3.0
}
window-rule {
match app-id=r#"^org\.wezfurlong\.wezterm$"#
default-column-width {}
}
window-rule {
match app-id=r#"^org\.keepassxc\.KeePassXC$"#
match app-id=r#"^org\.gnome\.World\.Secrets$"#
match app-id="^org\\.wezfurlong\\.wezterm$"
default-column-width {
}
}
window-rule {
match app-id="^org\\.keepassxc\\.KeePassXC$"
match app-id="^org\\.gnome\\.World\\.Secrets$"
block-out-from "screen-capture"
}
window-rule {
draw-border-with-background false
}
// Example: enable rounded corners for all windows.
// (This example rule is commented out with a "/-" in front.)
/-window-rule {
geometry-corner-radius 12
clip-to-geometry true
geometry-corner-radius 12
clip-to-geometry true
}
binds {
Super+V { spawn "bash" "-c" "cliphist list | fuzzel --dmenu | cliphist decode | wl-copy"; }
Super+Shift+L { spawn "bash" "-c" "swaylock --screenshots --clock --indicator --indicator-radius 100 --indicator-thickness 7 --effect-blur 7x5 --effect-vignette 0.5:0.5 --grace 2 --fade-in 0.5"; }
Mod+Shift+Slash { show-hotkey-overlay; }
Mod+T { spawn "ghostty"; }
Mod+Space { spawn "fuzzel"; }
XF86AudioRaiseVolume allow-when-locked=true { spawn "wpctl" "set-volume" "@DEFAULT_AUDIO_SINK@" "0.1+"; }
XF86AudioLowerVolume allow-when-locked=true { spawn "wpctl" "set-volume" "@DEFAULT_AUDIO_SINK@" "0.1-"; }
XF86AudioMute allow-when-locked=true { spawn "wpctl" "set-mute" "@DEFAULT_AUDIO_SINK@" "toggle"; }
XF86AudioMicMute allow-when-locked=true { spawn "wpctl" "set-mute" "@DEFAULT_AUDIO_SOURCE@" "toggle"; }
Mod+Q { close-window; }
Mod+Left { focus-column-left; }
Mod+Down { focus-window-down; }
Mod+Up { focus-window-up; }
Mod+Right { focus-column-right; }
Mod+H { focus-column-left; }
Mod+J { focus-window-or-workspace-down; }
Mod+K { focus-window-or-workspace-up; }
Mod+L { focus-column-right; }
Mod+Shift+Left { move-column-left; }
Mod+Shift+Down { move-window-down; }
Mod+Shift+Up { move-window-up; }
Mod+Shift+Right { move-column-right; }
Mod+Shift+H { move-column-left; }
Mod+Shift+J { move-window-down-or-to-workspace-down; }
Mod+Shift+K { move-window-up-or-to-workspace-up; }
Mod+Shift+L { move-column-right; }
Mod+Home { focus-column-first; }
Mod+End { focus-column-last; }
Mod+Ctrl+Home { move-column-to-first; }
Mod+Ctrl+End { move-column-to-last; }
Mod+Ctrl+Left { focus-monitor-left; }
Mod+Ctrl+Down { focus-monitor-down; }
Mod+Ctrl+Up { focus-monitor-up; }
Mod+Ctrl+Right { focus-monitor-right; }
Mod+Ctrl+H { focus-monitor-left; }
Mod+Ctrl+J { focus-monitor-down; }
Mod+Ctrl+K { focus-monitor-up; }
Mod+Ctrl+L { focus-monitor-right; }
Mod+Shift+Ctrl+Left { move-column-to-monitor-left; }
Mod+Shift+Ctrl+Down { move-column-to-monitor-down; }
Mod+Shift+Ctrl+Up { move-column-to-monitor-up; }
Mod+Shift+Ctrl+Right { move-column-to-monitor-right; }
Mod+Shift+Ctrl+H { move-column-to-monitor-left; }
Mod+Shift+Ctrl+J { move-column-to-monitor-down; }
Mod+Shift+Ctrl+K { move-column-to-monitor-up; }
Mod+Shift+Ctrl+L { move-column-to-monitor-right; }
Mod+Page_Down { focus-workspace-down; }
Mod+Page_Up { focus-workspace-up; }
Mod+U { focus-workspace-down; }
Mod+I { focus-workspace-up; }
Mod+Shift+Page_Down { move-column-to-workspace-down; }
Mod+Shift+Page_Up { move-column-to-workspace-up; }
Mod+Shift+U { move-column-to-workspace-down; }
Mod+Shift+I { move-column-to-workspace-up; }
Mod+Ctrl+Page_Down { move-workspace-down; }
Mod+Ctrl+Page_Up { move-workspace-up; }
Mod+Ctrl+U { move-workspace-down; }
Mod+Ctrl+I { move-workspace-up; }
Mod+Shift+WheelScrollDown cooldown-ms=150 { focus-workspace-down; }
Mod+Shift+WheelScrollUp cooldown-ms=150 { focus-workspace-up; }
Mod+WheelScrollDown { focus-column-right; }
Mod+WheelScrollUp { focus-column-left; }
Mod+1 { focus-workspace 1; }
Mod+2 { focus-workspace 2; }
Mod+3 { focus-workspace 3; }
Mod+4 { focus-workspace 4; }
Mod+5 { focus-workspace 5; }
Mod+6 { focus-workspace 6; }
Mod+7 { focus-workspace 7; }
Mod+8 { focus-workspace 8; }
Mod+9 { focus-workspace 9; }
Mod+Shift+1 { move-column-to-workspace 1; }
Mod+Shift+2 { move-column-to-workspace 2; }
Mod+Shift+3 { move-column-to-workspace 3; }
Mod+Shift+4 { move-column-to-workspace 4; }
Mod+Shift+5 { move-column-to-workspace 5; }
Mod+Shift+6 { move-column-to-workspace 6; }
Mod+Shift+7 { move-column-to-workspace 7; }
Mod+Shift+8 { move-column-to-workspace 8; }
Mod+Shift+9 { move-column-to-workspace 9; }
Mod+Tab { focus-workspace-previous; }
Mod+BracketLeft { consume-or-expel-window-left; }
Mod+BracketRight { consume-or-expel-window-right; }
Mod+Comma { consume-window-into-column; }
Mod+Period { expel-window-from-column; }
Mod+R { switch-preset-column-width; }
Mod+Shift+R { switch-preset-window-height; }
Mod+Ctrl+R { reset-window-height; }
Mod+M { maximize-column; }
Mod+Shift+M { fullscreen-window; }
Mod+Z { center-column; }
Mod+Minus { set-column-width "-10%"; }
Mod+Equal { set-column-width "+10%"; }
Mod+Shift+Minus { set-window-height "-10%"; }
Mod+Shift+Equal { set-window-height "+10%"; }
Print { screenshot; }
Ctrl+Print { screenshot-screen; }
Alt+Print { screenshot-window; }
Mod+Shift+E { quit; }
Mod+V {
spawn "bash" "-c" "cliphist list | fuzzel --dmenu | cliphist decode | wl-copy"
}
Mod+Shift+P {
spawn "bash" "-c" "swaylock --screenshots --clock --indicator --indicator-radius 100 --indicator-thickness 7 --effect-blur 7x5 --effect-vignette 0.5:0.5 --grace 2 --fade-in 0.5"
}
Mod+Shift+Slash {
show-hotkey-overlay
}
Mod+T {
spawn "ghostty"
}
Mod+Space {
spawn "fuzzel"
}
XF86AudioRaiseVolume allow-when-locked=true {
spawn "wpctl" "set-volume" "@DEFAULT_AUDIO_SINK@" "0.1+"
}
XF86AudioLowerVolume allow-when-locked=true {
spawn "wpctl" "set-volume" "@DEFAULT_AUDIO_SINK@" "0.1-"
}
XF86AudioMute allow-when-locked=true {
spawn "wpctl" "set-mute" "@DEFAULT_AUDIO_SINK@" "toggle"
}
XF86AudioMicMute allow-when-locked=true {
spawn "wpctl" "set-mute" "@DEFAULT_AUDIO_SOURCE@" "toggle"
}
Mod+Q {
close-window
}
Mod+Left {
focus-column-left
}
Mod+Down {
focus-window-down
}
Mod+Up {
focus-window-up
}
Mod+Right {
focus-column-right
}
Mod+H {
focus-column-or-monitor-left
}
Mod+J {
focus-window-or-workspace-down
}
Mod+K {
focus-window-or-workspace-up
}
Mod+L {
focus-column-or-monitor-right
}
Mod+Shift+Left {
move-column-left
}
Mod+Shift+Down {
move-window-down
}
Mod+Shift+Up {
move-window-up
}
Mod+Shift+Right {
move-column-right
}
Mod+Shift+H {
move-column-left-or-to-monitor-left
}
Mod+Shift+J {
move-window-down-or-to-workspace-down
}
Mod+Shift+K {
move-window-up-or-to-workspace-up
}
Mod+Shift+L {
move-column-right-or-to-monitor-right
}
Mod+Home {
focus-column-first
}
Mod+End {
focus-column-last
}
Mod+Ctrl+Home {
move-column-to-first
}
Mod+Ctrl+End {
move-column-to-last
}
Mod+Ctrl+Left {
focus-monitor-left
}
Mod+Ctrl+Down {
focus-monitor-down
}
Mod+Ctrl+Up {
focus-monitor-up
}
Mod+Ctrl+Right {
focus-monitor-right
}
Mod+Ctrl+H {
focus-monitor-left
}
Mod+Ctrl+J {
focus-monitor-down
}
Mod+Ctrl+K {
focus-monitor-up
}
Mod+Ctrl+L {
focus-monitor-right
}
Mod+Shift+Ctrl+Left {
move-column-to-monitor-left
}
Mod+Shift+Ctrl+Down {
move-column-to-monitor-down
}
Mod+Shift+Ctrl+Up {
move-column-to-monitor-up
}
Mod+Shift+Ctrl+Right {
move-column-to-monitor-right
}
Mod+Shift+Ctrl+H {
move-column-to-monitor-left
}
Mod+Shift+Ctrl+J {
move-column-to-monitor-down
}
Mod+Shift+Ctrl+K {
move-column-to-monitor-up
}
Mod+Shift+Ctrl+L {
move-column-to-monitor-right
}
Mod+Page_Down {
focus-workspace-down
}
Mod+Page_Up {
focus-workspace-up
}
Mod+U {
focus-workspace-down
}
Mod+I {
focus-workspace-up
}
Mod+Shift+Page_Down {
move-column-to-workspace-down
}
Mod+Shift+Page_Up {
move-column-to-workspace-up
}
Mod+Shift+U {
move-column-to-workspace-down
}
Mod+Shift+I {
move-column-to-workspace-up
}
Mod+Ctrl+Page_Down {
move-workspace-down
}
Mod+Ctrl+Page_Up {
move-workspace-up
}
Mod+Ctrl+U {
move-workspace-down
}
Mod+Ctrl+I {
move-workspace-up
}
Mod+Shift+WheelScrollDown cooldown-ms=150 {
focus-workspace-down
}
Mod+Shift+WheelScrollUp cooldown-ms=150 {
focus-workspace-up
}
Mod+WheelScrollDown {
focus-column-right
}
Mod+WheelScrollUp {
focus-column-left
}
Mod+1 {
focus-workspace 1
}
Mod+2 {
focus-workspace 2
}
Mod+3 {
focus-workspace 3
}
Mod+4 {
focus-workspace 4
}
Mod+5 {
focus-workspace 5
}
Mod+6 {
focus-workspace 6
}
Mod+7 {
focus-workspace 7
}
Mod+8 {
focus-workspace 8
}
Mod+9 {
focus-workspace 9
}
Mod+Shift+1 {
move-column-to-workspace 1
}
Mod+Shift+2 {
move-column-to-workspace 2
}
Mod+Shift+3 {
move-column-to-workspace 3
}
Mod+Shift+4 {
move-column-to-workspace 4
}
Mod+Shift+5 {
move-column-to-workspace 5
}
Mod+Shift+6 {
move-column-to-workspace 6
}
Mod+Shift+7 {
move-column-to-workspace 7
}
Mod+Shift+8 {
move-column-to-workspace 8
}
Mod+Shift+9 {
move-column-to-workspace 9
}
Mod+F {
toggle-window-floating
}
Mod+Tab {
focus-window-previous
}
Mod+Shift+Tab {
focus-monitor-previous
}
Mod+BracketLeft {
consume-or-expel-window-left
}
Mod+BracketRight {
consume-or-expel-window-right
}
Mod+Comma {
consume-window-into-column
}
Mod+Period {
expel-window-from-column
}
Mod+R {
switch-preset-column-width
}
Mod+Shift+R {
switch-preset-window-height
}
Mod+Ctrl+R {
reset-window-height
}
Mod+M {
maximize-column
}
Mod+Shift+M {
fullscreen-window
}
Mod+Z {
center-column
}
Mod+Minus {
set-column-width "-10%"
}
Mod+Equal {
set-column-width "+10%"
}
Mod+Shift+Minus {
set-window-height "-10%"
}
Mod+Shift+Equal {
set-window-height "+10%"
}
Print {
screenshot
}
Ctrl+Print {
screenshot-screen
}
Alt+Print {
screenshot-window
}
Mod+Shift+E {
quit
}
}

1
home/modules/default.nix
View file

@ -28,6 +28,7 @@
./atuin.nix
./swaync.nix
./swaylock.nix
./thunderbird.nix
];
options = {

60
home/modules/git.nix
View file

@ -35,22 +35,19 @@
let
cfg = config.youthlic.programs.git;
in
{
programs.lazygit = {
enable = true;
};
programs.gh = {
enable = true;
gitCredentialHelper.enable = true;
settings = {
git_protocol = "ssh";
lib.mkMerge [
{
programs.lazygit = {
enable = true;
};
};
sops.secrets."git-credential" = {
mode = "0640";
};
programs.git = lib.mkMerge [
{
programs.gh = {
enable = true;
gitCredentialHelper.enable = true;
settings = {
git_protocol = "ssh";
};
};
programs.git = {
enable = true;
userEmail = cfg.email;
userName = cfg.name;
@ -63,20 +60,23 @@
};
};
lfs.enable = true;
}
(lib.mkIf cfg.encrypt-credential {
extraConfig = {
credential = {
helper = "store --file=${config.sops.secrets."git-credential".path}";
};
};
}
(lib.mkIf (cfg.signKey != null) {
programs.git.signing = {
signByDefault = true;
key = cfg.signKey;
};
})
(lib.mkIf cfg.encrypt-credential {
programs.git.extraConfig = {
credential = {
helper = "store --file=${config.sops.secrets."git-credential".path}";
};
})
(lib.mkIf (cfg.signKey != null) {
signing = {
signByDefault = true;
key = cfg.signKey;
};
})
];
};
};
sops.secrets."git-credential" = {
mode = "0640";
};
})
];
}

32
home/modules/helix/default.nix
View file

@ -40,6 +40,12 @@
config;
languages = {
language-server = {
neocmakelsp = {
command = "neocmakelsp";
args = [
"stdio"
];
};
fish-lsp = {
command = "fish-lsp";
args = [
@ -48,6 +54,32 @@
};
};
language = [
{
name = "cmake";
language-servers = [
"neocmakelsp"
"cmake-language-server"
];
}
{
name = "kdl";
formatter = {
command = "kdlfmt";
args = [
"format"
"-"
];
};
}
{
name = "just";
formatter = {
command = "just";
args = [
"--dump"
];
};
}
{
name = "nix";
formatter = {

22
home/modules/thunderbird.nix Normal file
View file

@ -0,0 +1,22 @@
{ config, lib, ... }:
let
cfg = config.youthlic.programs.thunderbird;
in
{
options = {
youthlic.programs.thunderbird = {
enable = lib.mkEnableOption "thunderbird";
};
};
config = lib.mkIf cfg.enable {
programs.thunderbird = {
enable = true;
profiles = {
default = {
withExternalGnupg = true;
isDefault = true;
};
};
};
};
}

59
nixos/configurations/Cape/default.nix Normal file
View file

@ -0,0 +1,59 @@
{
pkgs,
...
}:
{
imports = [
./forgejo.nix
./networking.nix
./stylix.nix
./hardware-configuration.nix
./users
./disko-config.nix
];
youthlic = {
home-manager = {
enable = true;
unixName = "alice";
hostName = "Cape";
};
users.deploy.enable = true;
programs = {
openssh.enable = true;
tailscale.enable = true;
caddy = {
enable = true;
baseDomain = "youthlic.fun";
};
};
};
programs.gnupg.agent = {
enable = true;
};
networking.hostName = "Cape";
time.timeZone = "America/New_York";
services.printing.enable = true;
environment.systemPackages = with pkgs; [
nix-output-monitor
wget
git
vim
helix
btop
];
environment.variables.EDITOR = "hx";
services.dbus.implementation = "broker";
boot.loader.grub = {
enable = true;
};
system.stateVersion = "24.11";
}

37
nixos/configurations/Cape/disko-config.nix Normal file
View file

@ -0,0 +1,37 @@
{
disko.devices = {
disk = {
main = {
type = "disk";
device = "/dev/vda";
content = {
type = "gpt";
partitions = {
boot = {
size = "1M";
type = "EF02";
};
root = {
size = "100%";
content = {
type = "btrfs";
extraArgs = [ "-f" ];
subvolumes = {
"@root" = {
mountpoint = "/";
};
"@home" = {
mountpoint = "/home";
};
"@nix" = {
mountpoint = "/nix";
};
};
};
};
};
};
};
};
};
}

18
nixos/configurations/Cape/forgejo.nix Normal file
View file

@ -0,0 +1,18 @@
{ config, ... }:
{
youthlic.containers.forgejo = {
enable = true;
domain = "forgejo.youthlic.fun";
sshPort = 2222;
httpPort = 8480;
interface = "ens3";
};
networking.firewall.allowedTCPPorts = [ 2222 ];
services.caddy.virtualHosts = {
"forgejo.${config.youthlic.programs.caddy.baseDomain}" = {
extraConfig = ''
reverse_proxy 10.231.136.102:8480
'';
};
};
}

24
nixos/configurations/Cape/hardware-configuration.nix Normal file
View file

@ -0,0 +1,24 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/profiles/qemu-guest.nix")
];
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "sr_mod" "virtio_blk" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.ens3.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
}

26
nixos/configurations/Cape/networking.nix Normal file
View file

@ -0,0 +1,26 @@
{ ... }:
{
systemd.network = {
enable = true;
wait-online.enable = true;
networks = {
"ens3" = {
matchConfig.Name = "ens3";
networkConfig = {
DHCP = "yes";
IPv6AcceptRA = true;
};
};
};
};
networking = {
networkmanager.enable = false;
useNetworkd = true;
useDHCP = false;
nftables = {
enable = true;
};
firewall.enable = true;
};
}

27
nixos/configurations/Cape/stylix.nix Normal file
View file

@ -0,0 +1,27 @@
{ pkgs, rootPath, ... }:
{
stylix = {
enable = true;
image = rootPath + "/assets/wallpaper/01.png";
polarity = "dark";
base16Scheme = "${pkgs.base16-schemes}/share/themes/ayu-dark.yaml";
fonts = {
serif = {
package = pkgs.lxgw-wenkai;
name = "LXGW WenKai";
};
sansSerif = {
package = pkgs.noto-fonts-cjk-serif;
name = "Noto Serif CJK SC";
};
monospace = {
package = pkgs.nerd-fonts.fira-code;
name = "FiraCode Nerd Font";
};
emoji = {
package = pkgs.noto-fonts-emoji;
name = "Noto Color Emoji";
};
};
};
}

1
nixos/configurations/Cape/users/cape.pub Normal file
View file

@ -0,0 +1 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIH9MU2xZ175iLWcULZkU6crhocFgjcvUHXf0ttJ6Vbp david@Tytonidae

21
nixos/configurations/Cape/users/default.nix Normal file
View file

@ -0,0 +1,21 @@
{ pkgs, ... }:
{
users.users.alice = {
initialHashedPassword = "$y$j9T$eS5zCi4W.4IPpf3P8Tb/o1$xhumXY1.PJKmTguNi/zlljLbLemNGiubWoUEc878S36";
isNormalUser = true;
description = "alice";
extraGroups = [
"networkmanager"
"libvirtd"
"wheel"
"video"
];
};
users.mutableUsers = false;
programs.fish.enable = true;
users.users.alice.shell = pkgs.fish;
users.users.alice.openssh.authorizedKeys.keyFiles = [
./cape.pub
];
}

3
nixos/modules/caddy.nix
View file

@ -16,5 +16,8 @@ in
services.caddy = {
enable = true;
};
networking.firewall = {
allowedTCPPorts = [ 443 ];
};
};
}

6
nixos/modules/containers/default.nix Normal file
View file

@ -0,0 +1,6 @@
{ ... }:
{
imports = [
./forgejo.nix
];
}

120
nixos/modules/containers/forgejo.nix Normal file
View file

@ -0,0 +1,120 @@
{ config, lib, ... }:
let
cfg = config.youthlic.containers.forgejo;
in
{
options = {
youthlic.containers.forgejo = {
enable = lib.mkEnableOption "forgejo container";
domain = lib.mkOption {
type = lib.types.nonEmptyStr;
example = "forgejo.example.com";
};
sshPort = lib.mkOption {
type = lib.types.port;
default = 2222;
};
httpPort = lib.mkOption {
type = lib.types.port;
default = 8480;
};
interface = lib.mkOption {
type = lib.types.nonEmptyStr;
example = "ens3";
};
};
};
config = lib.mkIf cfg.enable {
networking.nat = {
enable = true;
internalInterfaces = [ "ve-+" ];
externalInterface = cfg.interface;
enableIPv6 = true;
};
containers."forgejo" = {
ephemeral = true;
autoStart = true;
privateNetwork = true;
hostAddress = "10.231.136.1";
localAddress = "10.231.136.102";
bindMounts = {
"/var/lib/forgejo" = {
hostPath = "/mnt/containers/forgejo/state";
isReadOnly = false;
};
"/var/lib/postgresql" = {
hostPath = "/mnt/containers/forgejo/dataset";
isReadOnly = false;
};
};
forwardPorts = [
{
containerPort = cfg.sshPort;
hostPort = 2222;
protocol = "tcp";
}
{
containerPort = cfg.sshPort;
hostPort = 2222;
protocol = "udp";
}
];
config =
{ lib, ... }:
{
imports = [
./../forgejo.nix
./../postgresql.nix
];
systemd.tmpfiles.rules = [
"d /var/lib/forgejo 770 forgejo forgejo -"
"d /var/lib/postgresql 770 postgres postgres -"
];
youthlic.programs = {
forgejo = {
enable = true;
domain = cfg.domain;
sshPort = cfg.sshPort;
httpPort = cfg.httpPort;
database = {
user = "forgejo";
};
};
postgresql = {
enable = true;
database = "forgejo";
auth_method = "peer";
version = "17";
};
};
systemd.services.forgejo = {
wants = [ "postgresql.service" ];
requires = [ "postgresql.service" ];
after = [ "postgresql.service" ];
wantedBy = [ "default.target" ];
};
networking = {
firewall = {
enable = true;
allowedTCPPorts = [
cfg.httpPort
cfg.sshPort
];
allowedUDPPorts = [
cfg.httpPort
cfg.sshPort
];
};
useHostResolvConf = lib.mkForce false;
};
services.resolved.enable = true;
system.stateVersion = "24.11";
};
};
};
}

1
nixos/modules/dae/config.dae
View file

@ -61,6 +61,7 @@ routing {
pname(mihomo) -> must_direct
# pname(systemd-resolve) -> must_direct
dip(107.174.145.140) -> must_direct
domain(full: time.windows.com) -> must_direct
domain(regex: ".*wgetcloud.*v2ray.*") -> must_direct
domain(suffix: "hit.edu.cn") -> must_direct

8
nixos/modules/default.nix
View file

@ -1,4 +1,5 @@
{
pkgs,
inputs,
outputs,
...
@ -15,6 +16,10 @@
disko.nixosModules.disko
])
++ [
./containers
./postgresql.nix
./forgejo.nix
./deploy
./nix.nix
./home.nix
./sops.nix
@ -39,5 +44,8 @@
additions
];
};
environment.systemPackages = with pkgs; [
deploy-rs
];
};
}

25
nixos/modules/deploy/default.nix Normal file
View file

@ -0,0 +1,25 @@
{ config, lib, ... }:
let
cfg = config.youthlic.users.deploy;
in
{
options = {
youthlic.users.deploy = {
enable = lib.mkEnableOption "deploy";
};
};
config = lib.mkIf cfg.enable {
users.users.deploy = {
isNormalUser = true;
hashedPassword = "$y$j9T$B/igbpUxYMx9W4hV/Uc0/.$Z9.cTGfXQ0YD03MmfvDCd6.ijEo5L9v2CbrhN8Fvkf6";
home = "/home/deploy";
extraGroups = [
"wheel"
"nix"
];
openssh.authorizedKeys.keyFiles = [
./id_ed25519_deploy.pub
];
};
};
}

1
nixos/modules/deploy/id_ed25519_deploy.pub Normal file
View file

@ -0,0 +1 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHgT+TvQDdCJXpxCvqII7sE4KR3gpCDEhIt6RdL+mIny david@Tytonidae

106
nixos/modules/forgejo.nix Normal file
View file

@ -0,0 +1,106 @@
{
pkgs,
config,
lib,
...
}:
let
cfg = config.youthlic.programs.forgejo;
in
{
options = {
youthlic.programs.forgejo = {
enable = lib.mkEnableOption "forgejo";
domain = lib.mkOption {
type = lib.types.nonEmptyStr;
example = "example.com";
description = ''
which domain does the server use
'';
};
sshPort = lib.mkOption {
type = lib.types.port;
default = 2222;
};
httpPort = lib.mkOption {
type = lib.types.port;
default = 8480;
};
database = {
user = lib.mkOption {
type = lib.types.nonEmptyStr;
example = "forgejo";
};
socket = lib.mkOption {
type = lib.types.nonEmptyStr;
default = "/run/postgresql";
};
};
};
};
config = lib.mkMerge [
(lib.mkIf cfg.enable {
services.forgejo = {
enable = true;
lfs = {
enable = true;
};
group = "postgres";
database = {
type = "postgres";
user = cfg.database.user;
socket = cfg.database.socket;
createDatabase = false;
};
settings = {
DEFAULT = {
RUN_MODE = "prod";
};
cron = {
ENABLE = true;
RUN_AT_START = true;
SCHEDULE = "@every 24h";
};
repository = {
DEFAULT_PRIVATE = "last";
DEFAULT_BRANCH = "master";
};
service = {
DISABLE_REGISTRATION = true;
};
mailer = {
ENABLED = true;
MAILER_TYPE = "sendmail";
FROM = "do-not-reply@${config.services.forgejo.settings.server.DOMAIN}";
SENDMAIL_PATH = "${pkgs.system-sendmail}/bin/sendmail";
};
other = {
SHOW_FOOTER_VERSION = false;
};
server = {
PROTOCOL = "http";
DOMAIN = "${cfg.domain}";
START_SSH_SERVER = true;
SSH_PORT = cfg.sshPort;
HTTP_PORT = cfg.httpPort;
ROOT_URL = "https://${cfg.domain}";
};
};
};
})
(
let
caddy-cfg = config.youthlic.programs.caddy;
in
lib.mkIf (cfg.enable && caddy-cfg.enable) {
services.caddy.virtualHosts = {
"forgejo.${caddy-cfg.baseDomain}" = {
extraConfig = ''
reverse_proxy 127.0.0.1:${cfg.httpPort}
'';
};
};
}
)
];
}

2
nixos/modules/open-webui.nix
View file

@ -23,7 +23,7 @@ in
let
caddy-cfg = config.youthlic.programs.caddy;
in
lib.mkIf caddy-cfg.enable {
lib.mkIf (cfg.enable && caddy-cfg.enable) {
services.caddy.virtualHosts = {
"open-webui.${caddy-cfg.baseDomain}" = {
extraConfig = ''

1
nixos/modules/openssh.nix
View file

@ -11,6 +11,7 @@ in
config = lib.mkIf cfg.enable {
services.openssh = {
enable = true;
openFirewall = true;
settings = {
PasswordAuthentication = false;
KbdInteractiveAuthentication = false;

46
nixos/modules/postgresql.nix Normal file
View file

@ -0,0 +1,46 @@
{
pkgs,
config,
lib,
...
}:
let
cfg = config.youthlic.programs.postgresql;
in
{
options = {
youthlic.programs.postgresql = {
enable = lib.mkEnableOption "postgresql";
database = lib.mkOption {
type = lib.types.nonEmptyStr;
example = "forgejo";
};
auth_method = lib.mkOption {
type = lib.types.nonEmptyStr;
example = "peer";
};
version = lib.mkOption {
type = lib.types.nonEmptyStr;
example = "17";
};
};
};
config = lib.mkIf cfg.enable {
# default socket: /var/lib/postgresql
services.postgresql = {
enable = true;
ensureDatabases = [ cfg.database ];
ensureUsers = [
{
name = "${cfg.database}";
ensureDBOwnership = true;
}
];
package = pkgs."postgresql_${cfg.version}";
authentication = ''
#type database DBuser auth-method
local sameuser all ${cfg.auth_method}
'';
};
};
}

1
nixos/modules/tailscale.nix
View file

@ -11,6 +11,7 @@ in
config = lib.mkIf cfg.enable {
services.tailscale = {
enable = true;
openFirewall = true;
};
};
}

2
nixos/modules/transmission.nix
View file

@ -41,7 +41,7 @@ in
let
caddy-cfg = config.youthlic.programs.caddy;
in
lib.mkIf caddy-cfg.enable {
lib.mkIf (cfg.enable && caddy-cfg.enable) {
services.transmission = {
openRPCPort = lib.mkForce false;
settings = {

3
pkgs/helix.nix
View file

@ -9,6 +9,8 @@ let
runtimeInputs = (
with pkgs;
[
cmake-language-server
kdlfmt
rustfmt
clang-tools
libxml2
@ -32,6 +34,7 @@ let
rust-analyzer
nil
haskell-language-server
neocmakelsp
]
);
in

35
secrets/general.yaml
View file

@ -1,7 +1,9 @@
atuin-key: ENC[AES256_GCM,data:e3K7/7BaeXuR+vHJdtO79UQp3XRvROcD8ISkuCp3KGCSlBKUM3GuCwhIeFoIl0fOUqVYOzcCAcjsH2nBRqcXhtS8jhM=,iv:Mh3jsu6mdj0VOLSIoNz/0awyydVf7q3/E7iB7CJi+UA=,tag:xuHhUmK/J2stdjRrtbhQSw==,type:str]
ssh-private-key:
deploy: ENC[AES256_GCM,data:tYCsym/IY7uE9is56Qvdm+PxouFPng5hY/nlk/Xsm2qOCjdD2G9PyBTSs4dSil8GYusOdSRAFluCf1awJIHV9CJbCDOBVdzJOeXt19VYm2LQOiU7uOtlhUJYMOyIJjedVpRUfUAI8rQNaANIJ+p40ApnUi3jQbXp66iLZhMs+F2vnWimrorV5if74P+wUCSQEkhWWNBebIlP/JQkmGlS7hSDX9RAUF2m5YzyeTTPEmz/F19Sobq7ws0bxo++v6FiM1Zw/uDPX/NT4h1X/qEu1treRk8eo4+j4ha4OWvM62mecvoPln+Rwp+1q/1Ky0WROFSmIQ0CGJHIwWP4TcDJJeazC/0L5WZAvbHQr6tR7zVeu81OboHfgbrWe4wTzpxGxaRHQVFz+8Q9jpuzYbRnaqUZEfeXQKmSxsmu1SZLIJx/3BFMy8WQnsI0aZJm7Ol/WMY17ikPjC9hFLdzZzDV7zfMIl4TjaFxKpRvWsqtGW55r1IuqnrEFL0M4x9yzGWwT2LQIKqM7AM04phF8Ot8GiNAUPzC5Cm2gwWm,iv:jnNrRZAOsgOiGayLj2mUgODrKMQ66dIYG56G2+1ypYQ=,tag:1jD+1NtWKZye21aTVLTqBw==,type:str]
tytonidae: ENC[AES256_GCM,data:I1RF/umtOGAuSVoLfwDnN2DG+w1yWqPkhZzM61y5XRSxF2Xq5C/iUJGWeCc+1Hwbw+oEMnm2e57m79Uke0LIJJrw//kRMqNOewQtx2xHkNSscWKCIANoNiDdhlOnB0r0BfXObr0xEu/69ST11lupPGIGQiWhjT1BY7c4NhAhhzfThttQCwznfrX3SfLu4p2Akg6p8QmRcU6h9kox+PK1Im+h956W0dYVnIe4ePZ3NGitQll9hxLxM+agnxF9wDDO+4pQ3i8aadbxLr8ug/boEhBy/e+sOKqzboAiWpuDjfQRUxklz0IxBihK8z6J/AHgXusxs70EdUDKf5sH7RIi95poYqJdl6bKToSCJtuM7JQ/eNTUjHvUZlRvlXSZG4iNypUYTOxSHTFGH7rA0wNeE0sMXkaTfJHD5utZDjxibICW1+BYXam8mTKWhXMUyfAL2bLMRmshxRB81bPnik08axpzJ22oSxZ1AfPz5I98zn/o0bDlAPTRetImQtSN181WrRHCCVUMe4wZIfgQvVryFgfPU06gqztgU2DB22QphXXysHn4p3jbAF3Hqvgq0f+iNXoh6NJLaUD+i7xb,iv:nSTfnDbaS9DZL2WhVgcu8qIPkYH1Zws58yvcIeSZCzk=,tag:JJV7vJylaFOYdVjyeeOt9g==,type:str]
akun: ENC[AES256_GCM,data:d04sdY1cvJuOPSq9H2lT26jrUFSA1sHz1i9jj+XtXGeagQyc4XaknTmfC3EDfvNghoizZWZ/Ma+BfIvnlWDBFqhkGhdhB7X8PnI9rySOfkMmOk2HXHtvP4GfSy2oQ4BMRfYX2N9TcViascnXA9MRsetDjD3fhiCKkZ+2H/sthxw38JgK95O74lFCze7sc4ZzK/RhXaBkLFrQpMdqnGBYpH9wuHiQSlFxBQ0jHJDUeOSxOdCanw2xfdkJnNe5dKRweoYp4Mtit2C3DRdaT3lMQ/SQjfEhUs/0TIXyunoWE7nX5tUN2F2s/FtkPMU5lpiW1x+kntMBBfY9TA+r4CyH4lkhFit+DsIkPfdUZGzSquQAHHWzDzS5vXnKTf8NFCzHIeoQzegkf4JS+CWf51Iy15FfWy+Pd6CmxLikAQnGTixGDa7LMqOV48BhZ5it/hJmrzg0FMkNFeeJW/s9YvCNMae8lMt/0K+N+pUD/Ud8VJnIxP4MmWGKRwNNFHivGuZjtKCJR9agf1N7NPBDDqV7HRDYAfxa2sPozWZ5ZGGGlsmINeymNk10aY4ovRs/6CcRWw2gPspNuxvqb9HQ7r/cQFmGhLYpkliRLpFM/skLCHA=,iv:YVPvHL4nxqJMR8PE+hraS0piboGYXqyljgGcBHqG38g=,tag:HSab+C3Xd5wMzyomF9dGMA==,type:str]
cape: ENC[AES256_GCM,data:5CD6oW9IBAjf9X3waQXMSt82ykOzUZ1D2VFZvZVLRWw+6GUDkPF1jSl9bLR6igY3cQO6164Li7gDz/yImoPgPpy7mvG4iJjaILSWVr9ZwB1dmWK30ZkHB1wpPxHbrSXo6M3t610x8I1ScqSkgh2PV5+cmMH8wd+QSgKwoL7IOoXHkuqKHxI9D+dCGSHH35MvQwWQO0jyn3vjFDhBode5+7tbMPD9dgQLDmWkiSE2xkgIh/RqsJ5x6i8qferyWZeHv9fJMYpJi9SJJe+LwmHZW/JHhaHZztAAu5sHFtC8pA0UwiUMn/ND8L28J1nuMHHNZEF3rmX1cQykPYP1VeNya8Rf+aSzNtD/LjJrU5bjBNt0IEatsnBPUDNZNFrOxgWV4k84wCbDknwqmk5tYLgMF/BsXdShbMguezTgOZS2xpX35QZ3TM+mHkThtPDR+i3ZuDvj5kvAMngCIr95TtZRilGAytABF5CCE6e7jxGG5ijCa46AHDi38/Dk4ci/2s5sY/ekUDLFjhYIkLEFQWsn9VAy9MD+Bkkr+YjHQ1rL74uuqgccxRjEqzBFvVZliq7SbYQ7Bub9qFld1o4+P/YbUGdJlmd0+//pKO9ws20AjvU=,iv:VplLC/sDztaqUiHr/3aglvqxyptZLN2MV3HQzneRk9A=,tag:/hUJjB+oxCKTPk+hPgC4rQ==,type:str]
git-credential: ENC[AES256_GCM,data:Rt6ccMJ+D/Jv1U7Ex51j4zIKp5KIyPFJdWZwJyW6liU5CHxBfrFWeNOJobhT5tFPrhzHRUI=,iv:f2SYFKpAcHoKG3dMsniKRi02EFDzwgzzli5Qzw8CWqo=,tag:hUi0FAZ7+2+mcqUsz5HtbQ==,type:str]
url: ENC[AES256_GCM,data:snv3FaeR8t30rOX9klSNdY/xqcHGXO1DnVi4GMkvyqaII9l/l8AeSlfOVM4qZq8Mqvn01FaiINOE8WPjhyUs9uYp5pfD7X5EXK+5vWwBYmE/isWlHHHNUhuz3UTV/xiSad4n4MiD8wxlF5u8cImwhDyO+SoG,iv:Tay4S5ZFMEIW6MrHnlen85FGvDJ5ZqfVBlgO5MQWufs=,tag:Njywn0i8W7g6cdDvPeJWEg==,type:str]
open-webui_env: ENC[AES256_GCM,data:HUoNzOqVuu9MtW4VZJfrh4DbzQCtVYa+FzhDs21FpvImuVz9cue0X8s2MXKqYH0LD1US/DJKL4QLLeNTKVMGxmBOCGxSIgeFejnqK5k/r0GF54SBOURWZn/TyzqxZKAym01DUvfNIe68LhvW1LOHaCDK4zsI9BnhkBVjV8/Vmsc=,iv:4aUgQ6HoLqeuUp01fg+yXQRbH6mS/dakZ1ZUdCZzvAM=,tag:GlFnN5bqIcIZadXmFBkSXA==,type:str]
@ -14,23 +16,32 @@ sops:
- recipient: age1smmqun9h3cszaza85ty33yenyaqtat572u9r3we4l5gh85njgvws6q680g
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBaQ0s4QldhbzNEcGJocGtK
aEY1ZGxMSE54U3JRUGc1aXBzQXlhb2xNZGdjCjRhbWFFeXVUZ1ExT25NMi8zWGl1
U05SOTd0OVJBZndzdkEwWEdPZnJMUlkKLS0tIFJsSUZrVSszdVozYkhTWFZpWG9s
VVBnNVNLSVkvRUJhQ1VnRXAwajFySFEKbstCqi4CmEfEEe8+NqVrEj7GWPVTC2yR
zpAX54OdHtlRBLFFOeDR8jytKOPi2yxvY49Gn1zZ82dQaqY1kvlKZg==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3MHB5OXFPbGxvYWc2TVZI
TGMrY0Vqa0hWQ05SbGJ4aEMvd2RIdzc3N0dvCjQzaGc2YU5LWkVvTzJUTHZvS3RT
bkJJZGg0ejRad2dwdVVVcXZ4K1dhZW8KLS0tIHRRUDJ4cUpFU3F3VU1CY1laM0xr
OFNxUGFXVmFlKyszNlVNb3RxbGxCL0UKPeVB78sBNluUdoloyCzh97DUPwCS6yY8
wQQrHa/RZo+dcI2+SioIheincW/lQTTKy0FvKfmx0BU+NLwyeuyPcA==
-----END AGE ENCRYPTED FILE-----
- recipient: age1emhsx2l0ell6smavzaackwkk7n2u4zf6chdp9xcds3dqp7s444ds9fcaga
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBmRVV1WFJBdWMxNmM4VXdx
dEk2ME01dWVSWFdKTHRnVWRTZ3Z0MFNaTHc0ClN4MElGejBjZ0sxNXVxSWRBL1px
dkozMzVIQjdCMktzT2U2Tnhjd1Y4N00KLS0tIFc4T3E4V3VQdk1iMW5UT1N6RUlZ
RjdOK1RiRHRzTGd1dDlUTEVRVzBtQk0K5vtopA4dhLODrVlUnegm9f5DwSvOKuIS
bIPHM5FarLGRXTXs09vKW5LFKo3BOm9N4Zc6q4cV7Pdp5+AZEEp/0Q==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBIc0FOOUVHSkFuNjVCVG1H
N3BFb2RIMHhLWU9UenRBSGNXYXRFTzJTOHk4CmRSdkVXblFGdjdtZXp5TFVhUDlX
MzNrMi83TWlvcXVIVGNaV2JtZ2o0NzAKLS0tIFBnR0xpeWZENmIwdWhDdmNhK1A3
aUNnMmpMQmtoWGtmanJJTThNZ2l1bVUKDdCnNCTsea69pJkUKIOm6WdZeL1aqwbQ
xxKbyMeJDW7VzJjMQEbf0Zr2tvn6YJFWHpWGgKeeOa8HOmqCKYlAZA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-01-23T16:39:54Z"
mac: ENC[AES256_GCM,data:aGl7qMUkmcMeU+oh9VtE6bPS9aEwxe4aqn3oJlARkUKnUJdxRxj3BCDbRlp0dMcRSKnlFq7A5PfWlOR62yL83pZrSgh7XPP8R4j8qFZ+vRnGbs8nTG/hPw0swYff8nx9xxrneMw8JuLFkYBWCQXjQsDloiUSIAW2G4tadXG51hY=,iv:eiEmGLI5NViLFkR3mf0uzz0AefA/FohES2vf4qbLB5w=,tag:GcK0K5sQF2KHZ5S07+uJIA==,type:str]
- recipient: age1s4zml68g0ys05tv2nlpnevz37vf0uurypfsf996wj4vytgxczumqy3utck
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3Q0xjeGdyWUxzdmJlaDJE
dU5ONEpDVVFpeWFJR0pLRnZuMVliamxiVXdzClFjT1JFVDlqK3Uremw0WWpVakVV
UHNFQW82V2RaZ2hYWHJsL1R3UjEzQVUKLS0tIE42VVcwNlAvOVNjcnVCUmhObXdm
a1Y1NU9CK2h1SS83VW42bzBMa01yMXMKI1DBtgNlkNCrxUQvnD6a45mQKNfg5gM4
Zb5buo9Jofj4dn/HFwng3T3gxKTrP2Dh74CAH4L0M5yrF9fzk5TCcQ==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-01-27T08:53:59Z"
mac: ENC[AES256_GCM,data:gNlAly2qCnIbyWnZHzkz5KPxK6iY4wC/kmnoodHpn0kijUB9M8+rGxzx+ZLcj8kvthmrKkoCSWlj1ymOZLVUNW4R7/zpTlR7CMN66F2BFVVts7MFBI3Qzu+iuC59wpefCZk+kmfn0V8bcMCZ1vMYq0zLvL0UBgkE2/sB5EVIY58=,iv:ZXo2WQUs8YCgFlh+8pQckVRwL0p6hJ82+43XFVDA2iQ=,tag:KQIBj2/hCQefDv+w1WV2Vg==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.9.3

35
secrets/ssh-config.yaml
View file

@ -1,4 +1,4 @@
ssh-config: ENC[AES256_GCM,data:kQe12czlvgScrtOae32PpKNrXREh1XP5n7WrFvBb4NcGLRj0j61T490D5v6vgTzppyQnU84tTNVtMBUfdLN6jjdli8cEM71qcKy4eLw=,iv:FaUEI9dYamBt7kI9quCNBXZwDzTosR4ad1JQq6IatBE=,tag:R4TTA6iMrRQPt1ApYBGfEg==,type:str]
ssh-config: ENC[AES256_GCM,data:I9j2GFdag4JpJaaKdm1oS6hHmOy+Y7w7ykPGPhEaLZk9ndUS7LRfcYuMZtUwK/5OctHJKz+UqdsA0Dcl2y1xNN4iIoNqWhShEu8e/N/ASN8UUd67xrkxC6LNjbf/WCyA1ib0jH/Dh8/frDs=,iv:G4AwOhpXpykjrTvMoHEvXFHQzUwWvTaq9id2DuK3k/E=,tag:XcpDZbPVovs5iEd3lpumcg==,type:str]
sops:
kms: []
gcp_kms: []
@ -8,23 +8,32 @@ sops:
- recipient: age1smmqun9h3cszaza85ty33yenyaqtat572u9r3we4l5gh85njgvws6q680g
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzVzEwYTNNVVV6VXJUS201
ZnU1cXJRTTdzS2pyOTBVS3hCS1ZnSzF2eERzClpXRk9DdzJPRjY4NURSSWl5TjJG
czVYUjZSS2RTT0JlSkE5NzltMzV0VTQKLS0tIGwvdE4wYjB6ZHZmV01sOXkrcUxK
ajd5bVAwYmJ6VU1XUzJwSUlrbFE3clUKANuO/gmjbzBcSJzNJbiV7hPffZ/h9Exn
KaqPaPst1oTep48OHJpqntYTTFt1TD8XidguiFTpHfKmOY7KjcOgOA==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB6cG9OdXUvUnlYRUJUc2dZ
NUJzWHJ1bXhkTTRPSXRDUUNVYTczWVllbVRFCksxWUZZWFFkNUtmTFp0V2ttazla
YmhtL2FpcmtoVWZFdXp4cE1aMTBTdmcKLS0tIGZXMXB4MkNNVTVWQjhZRnZqS1JS
RHZMRmpkYkJKeGlaTGhuNCtLNURkS3cK24p7POvcZTN6xVNN/3oVsCQcP5n/3Akj
YiVs7NFvHuHgqsZHdD6mDG8IuR6+7UbZcjdzm9b6muFrTvL7x6IVoQ==
-----END AGE ENCRYPTED FILE-----
- recipient: age1emhsx2l0ell6smavzaackwkk7n2u4zf6chdp9xcds3dqp7s444ds9fcaga
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB5REhMbm1ubkplcnpySVNQ
Q3U5V0lvZkRjSzNleGk2TFZOUENqc2xKZkVFCkFrd2hPZVNkY2dWZnNuSUNiL2Yw
Z0lvc3RlMG1ma1UweElwTHlLczBFK2sKLS0tIGl0SHJBcnVoSnZITXd3amxNOE5C
Vm9nNE9aVjNtM3dUcHVMS201aEUzWVEKsRUBRWmJH+SeySfohgygVdJWy8eGB6Kh
dFvTObd4VenTVHI6/Cz2NZAYVEYWVe7d68TeGSNTPBVaFqqgqRm/Vw==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWTDRBT2s1Q0dpTDVwOCtT
emJnYktnYUZ3WFRZOW1rN3VadDhYM0R4M0FnCmU1SGpIYldLNUkxRHpwc0JVRHBo
dC9INVBYQ0J0aGxUWHVxeHJrdEhUK1kKLS0tIElMVEFsMS9BTCs4bkJnak9Yc1k1
UHVXS0RJZnhHMUZwcFhzN2pscW85Sm8KKtXsuJG6wCG8RzCHthMBDUYRMqNHpl/n
rDtduFwsn1ItxA6R5edUaPu7AJZ6+z7Aku1cf8WHGH4LgD6clR/avw==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-01-19T15:55:21Z"
mac: ENC[AES256_GCM,data:i1/deYyKf3kkUyFZeiUH0958uDNSZoN0ykChfhr1i8pbvbUe8EYrOJNI5HShhaap9nmpc6f5XFG9xA2DT4oCF1m3RSz9lVJguSRK05L7/1U7GdK90PTaPaTrNio7o0JiLAaarD3TmaPhhpcM6pE+Hz0f0oKpNEFbVI38dMlDq7M=,iv:UXTm9X9erv+dPjSG8WdHyqbl5hyiCid1cpYfDjk2rK8=,tag:3UhJ91wnrzPxPH1Ilr6o7A==,type:str]
- recipient: age1s4zml68g0ys05tv2nlpnevz37vf0uurypfsf996wj4vytgxczumqy3utck
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwck9lZ1lVM0c1LzhiR0V4
SDcycnd3ZGtWNStnaS94bC9RZy83QnZWd2pJCmJrMVE5cXdIaFJYL21ITTNJQ3h5
NVgvQlVVaHJDYUZTUW1YK3p5VTNNRXMKLS0tIEtLQjZVRzJZQ2tuMStJOE9aWDJC
anNBRmFHN3VOVEhVdjd0QTA2aGd4OE0KCsaIBsMWZ+CDIck2a53vV+gnn2/Coc/o
HgQc5JMQbL4n957nqB/Gpj92z2nYteVl0fS7Umu9M2SbmF2Cvapafw==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-01-27T02:51:28Z"
mac: ENC[AES256_GCM,data:JIv/R2t5adjPV4h4WMITfF9wQ4OyV1Cy8TKc9IUDX6Xu/JYSiYKhCUAzV/CkjG/FGEjeXz9dzzhR5wrZefVf2FnrTErPMpdy4yxuDL28F1zMK+Uixay0FB4Z52PmDXzzNhqOrEUhC2t4ev7/SUtxmJjgJ/Q8e8Impgsi4TLvhlo=,iv:Sx8T2Acryn4d3KhIf3Of8Fo55ma4g00wBwyOsL4gVls=,tag:OUX1313d9NW5MmTq2yT2Fg==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.9.3

29
secrets/transmission.yaml
View file

@ -8,20 +8,29 @@ sops:
- recipient: age1smmqun9h3cszaza85ty33yenyaqtat572u9r3we4l5gh85njgvws6q680g
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSByNUJGTHV3Nkd3NmFkUEVm
OTJjSG00eVAwRTlQUHk3THgvczRYQlhkK1M0ClFHZDVBVWRnMytIQ1JOMDVhZWpr
QkV5YVQ1dEo1cFRBSVEySUZQNnVTQ00KLS0tIHhMTVRaY3lCL1pXL0NGbkdEVzBu
ZkVpNCtnWFdodHFYbWhFWTVsbGZ3N2cKz8+iOr5Jpg7r+fZrmEfv7GT+U9GGYFsA
uwLrJBYkyh+nS0KpgK/II3xBW+OLK//Q4qXhX2xNR3PrCEyYNepWyg==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB6WURqaWhmS0FiOGpncWRR
aTd3Z0NXZWhuY2I4amxEVFJ0WGN0MkpjVkdvCjFBM0NPenAvYTI4VlZnN0E2UGc4
NjNwa0FER29yVTJxazlxalhaQjNYS0UKLS0tIG9mSEwwUFRaQTlMVFJJN0RRekxN
WmRZM0prQWc1Y08vbUtRdkY0T3lqSjgKopjxaDG1pRQpvZG4ddkwMR2puIlIOL4D
xBo4iY7eWd7b3A1ibcMLG075aSjrlYy9qs6esl7LxTjt1bEdaIwYqw==
-----END AGE ENCRYPTED FILE-----
- recipient: age1emhsx2l0ell6smavzaackwkk7n2u4zf6chdp9xcds3dqp7s444ds9fcaga
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBUNmQxU04yYWdKdFJqaUQ1
UkE4Ykt5UmJESVB3NnZpS1d4VmlNSjZVK2xnCmo0SEJQM28vWWd3enhDRFZxRmRZ
aEpDa05vZmthY0FHR0djaGpBc2l4cTgKLS0tIHIvRUh0aTJqdFc4eHE2ZFJCRmJY
S21ySVFCWTlPQUZXci90RjY3QnhmaVkKk5et+gjlm7m/llWru16Lomx2cSLvgFBc
mUFUECsaOgTTLoCBj7fS/tPH94kXj4+vk/2OwihOWX6lSyKfkGtuRg==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzRVc0bHFJVDNWaTlsekhX
WmlnK2NheHIzSmx4WTdEK2tlVk51NktEM0Y0CkowU1p1eGdiNUxxeTIrQjFaT1NX
MCtTakpMZFN2TFdKaGt2Qzd4d09CRmsKLS0tIDllWXE3ajJ6UHMyNzFHandhMGVv
R055RDNNSUdxaXd0elJtbkpzV0hZbEEK9KSf+jd1XD/7ldvnGkLfohqbojde5VRQ
DUkvrpiKp24d6j/zBBjHC9PfRPQ5kChP0zUfmZigAIHOZTPvICf7kA==
-----END AGE ENCRYPTED FILE-----
- recipient: age1s4zml68g0ys05tv2nlpnevz37vf0uurypfsf996wj4vytgxczumqy3utck
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNRHQ0NThLb2pGVnhOMW9D
SHo3WElEcFBSTXh5VFhNTHNTS2pnMUpKSngwCnlWZTVlWVludkY1NkwzWEdWdjZU
NmFRR203Z0QyNEp1aVE2eXRzcXJyZEEKLS0tIDM4VXJZM0ZKdGsra1VnelVzWVZr
NW0reXdaZWxrN1MwTDZQS0xESjM0L0kKaEoGiIz90xs5XThiPjNd3NouVIiNbhp8
Z97Xc44lDvaqBInmYzLFjh5Y/uBQMoeeayoVe14whwsLzsoJ094CCQ==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-01-24T08:58:17Z"
mac: ENC[AES256_GCM,data:YJPmgWY0U8xEauUnVIjOqwZkSFRYWCcn/HbmS4M2ZFlblM7GkMJAqrDhZIlKUlUbsDtoUKRZH/DmUNj6jB8ejabUE1psu0eOvdP5svoMhGJf7JMkEWiLikqpw9eadt8FdidKjPjTGR0G4oSq+vdbFy2TsKjhyHuab8cLCm3MfkY=,iv:SrviiLHDTjgpr5588suDbF7Pfw3yhnCmz4x0FSvzypo=,tag:2WP8wLsT/iANcbisRmp9mA==,type:str]