From f6e96617df639a224b5007180b96bb84347696ab Mon Sep 17 00:00:00 2001 From: Lauren Lagarde Date: Thu, 21 Aug 2025 22:25:10 -0500 Subject: [PATCH] Major refactor of dotspace config --- dotspace/configuration.nix | 20 +++++++ dotspace/home.nix | 30 ++++++++++ dotspace/parts/cifs.nix | 50 +++++++++++++++++ dotspace/parts/tinc.nix | 52 ++++++++++++++++++ flake.nix | 3 +- home-manager/.gitignore | 1 - home-manager/assets/resetbluetooth.sh | 2 - secrets.tar.zst.gpg | Bin 6318 -> 3724 bytes systems/bastion/configuration.nix | 5 +- systems/blockhouse/configuration.nix | 5 +- systems/fortress/configuration.nix | 7 ++- systems/living-room-nixos.nix | 19 ------- systems/living-room/configuration.nix | 11 ++-- systems/ll-latitude-e5591/configuration.nix | 5 +- systems/ll-nixos-base.nix | 27 --------- systems/ll-nixos-full.nix | 37 ------------- systems/ll-nixos-live/configuration.nix | 13 ++--- systems/ll-nixos-xmrig-worker.nix | 47 ---------------- systems/outpost.nix | 7 ++- systems/redoubt/configuration.nix | 4 +- systems/stronghold/configuration.nix | 8 +-- .../vm-docker-host/vm-docker-host-base.nix | 10 ++-- .../{lauren_lagarde.nix => configuration.nix} | 0 users/lauren_lagarde/home.nix | 7 +++ 24 files changed, 198 insertions(+), 172 deletions(-) create mode 100644 dotspace/configuration.nix create mode 100644 dotspace/home.nix create mode 100644 dotspace/parts/cifs.nix create mode 100644 dotspace/parts/tinc.nix delete mode 100644 home-manager/.gitignore delete mode 100644 home-manager/assets/resetbluetooth.sh delete mode 100644 systems/living-room-nixos.nix delete mode 100644 systems/ll-nixos-base.nix delete mode 100644 systems/ll-nixos-full.nix delete mode 100644 systems/ll-nixos-xmrig-worker.nix rename users/lauren_lagarde/{lauren_lagarde.nix => configuration.nix} (100%) create mode 100644 users/lauren_lagarde/home.nix diff --git a/dotspace/configuration.nix b/dotspace/configuration.nix new file mode 100644 index 0000000..c3d7709 --- /dev/null +++ b/dotspace/configuration.nix @@ -0,0 +1,20 @@ +{ ... }: { + security.pki.certificates = ['' + -----BEGIN CERTIFICATE----- + MIIBqzCCAVGgAwIBAgIQRC/rocbzjexwYz5mWw/YYDAKBggqhkjOPQQDAjA0MRQw + EgYDVQQKDAtEb3RzcGFjZV92MTEcMBoGA1UEAwwTRG90c3BhY2VfdjEgUm9vdCBD + QTAeFw0yNDEwMTgxNjI4NDRaFw0zNDEwMTYxNjI4NDRaMDQxFDASBgNVBAoMC0Rv + dHNwYWNlX3YxMRwwGgYDVQQDDBNEb3RzcGFjZV92MSBSb290IENBMFkwEwYHKoZI + zj0CAQYIKoZIzj0DAQcDQgAEJA1QxB0h6Hvp/0sjxZ+wedEaC0v8ODGb7TOQFNOR + vutG6AeH8F5yRuFmpUjTIXB6nfCn7Ruu1BjL6tjvcAgULqNFMEMwDgYDVR0PAQH/ + BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQEwHQYDVR0OBBYEFPzRcD8OgMChBACO + jN+KyAth49ZjMAoGCCqGSM49BAMCA0gAMEUCIAy+GTFir9N8Xldw0YjQIRZOrM81 + mbpG5txU7FzqEOc0AiEA28/SOnR7hSQEslzfeiDbVk1FCIi9AL64cqv1J+0iJc8= + -----END CERTIFICATE----- + '']; + + imports = [ + ./parts/cifs.nix + ./parts/tinc.nix + ]; +} diff --git a/dotspace/home.nix b/dotspace/home.nix new file mode 100644 index 0000000..3bf0012 --- /dev/null +++ b/dotspace/home.nix @@ -0,0 +1,30 @@ +{ ... }: { + programs.ssh = { + enable = true; + userKnownHostsFile = "~/.ssh/known_hosts ~/.ssh/dotspace_known_hosts"; + matchBlocks = { + "git.mlaga97.space" = { + hostname = "10.86.84.150"; + port = 2222; + proxyJump = "fortress.mlaga97.space"; + }; + }; + }; + + + home.file.".ssh/dotspace_known_hosts".text = '' + [10.86.84.150]:2222 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGeO5P0YXb11gWpu+9Zj8qulnOeEHxFVIq/d4hfV6KAM + + fortress.mlaga97.space ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINzNlalnh/cgosa5Vw85YEET9rwcEmfRGTFlNFqSo/53 + + bastion.mlaga97.space ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFtmSrFZNFWFUH7ajyaFQSE85RC5Y5TdlZ0U/C863Zg9 + blockhouse.mlaga97.space ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILGKN+xPvC+o9f5vlItdytZfKbsQyN/7XODU2jexL1TV + drawbridge.mlaga97.space ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOphVdDU4YpAc+5JiwarKVk32kfFtVCmQUIJaXc3XqJA + + vm-docker-0.mlaga97.space ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH4bp3QlO6M2dfPvjzdTfcEXEsaJ1fcIxyx8aRZRzekq + vm-docker-1.mlaga97.space ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINolzmDBmxUIpR/pcvmQ91gydyty4HlrDyZcz78NYC9C + vm-docker-2.mlaga97.space ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEm4WfWSfqmVGF6VwyLjxGcjn4YtqlWa2zS3eKxDJOCo + + ll-latitude-e5591.mlaga97.space ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKiyCBH4WDsmkbsncWbEtzKcBh7t8dKFtWbGtp70lvGm + ''; +} diff --git a/dotspace/parts/cifs.nix b/dotspace/parts/cifs.nix new file mode 100644 index 0000000..1e73d48 --- /dev/null +++ b/dotspace/parts/cifs.nix @@ -0,0 +1,50 @@ +{ config, ... }: let + SMBShares = [ + { + host = "bastion.mlaga97.space"; + share = "MyBook"; + } + { + host = "bastion.mlaga97.space"; + share = "Frigate"; + } + { + host = "blockhouse.mlaga97.space"; + share = "Parlor"; + } + { + host = "blockhouse.mlaga97.space"; + share = "Archive"; + } + ]; +in { + sops.secrets = builtins.listToAttrs( + map ( + x: { + name = "dotspace/smb/${x.share}"; + value = {}; + } + ) SMBShares + ); + + systemd.mounts = map ( + x: { + type = "cifs"; + options = "rw,vers=3,credentials=${config.sops.secrets."dotspace/smb/${x.share}".path},uid=1000,gid=100,dir_mode=0775,file_mode=0775"; + what = "//${x.host}.mlaga97.space/${x.share}"; + where = "/${x.share}"; + } + ) SMBShares; + + systemd.automounts = map ( + x: { + wantedBy = [ "multi-user.target" ]; + automountConfig = { + TimeoutIdleSec = "60"; + DeviceTimeout = "5"; + MountTimeout = "5"; + }; + where = "/${x.share}"; + } + ) SMBShares; +} diff --git a/dotspace/parts/tinc.nix b/dotspace/parts/tinc.nix new file mode 100644 index 0000000..6f48427 --- /dev/null +++ b/dotspace/parts/tinc.nix @@ -0,0 +1,52 @@ +{ ... }: { + services.tinc.networks.dotspace.hosts = { + # Public Endpoints + fortress = '' + Subnet = 10.86.84.1/32 + Ed25519PublicKey = y+7rtFhl2gIt2ziIqs8+Qo80ENde5vzO6yKSXCF3PLE + Address = 68.183.54.8 + ''; + + # Hosts + casemate = '' + Subnet = 10.86.84.103/32 + Ed25519PublicKey = OgHDM9ps4lOqEGLEexuaFLp/HkhkwAPbPKGifrxeOYK + ''; + blockhouse = '' + Subnet = 10.86.84.104/32 + Ed25519PublicKey = mHWGyv/sVAuozd456AnTuSWZCJ45NtStEiPh3xQGakF + ''; + bastion = '' + Subnet = 10.86.84.105/32 + Ed25519PublicKey = VzuBoJYWD/AhXUAbeWsLbJMqhJQCRn8E6sNqkJJej1G + ''; + outpost = '' + Subnet = 10.86.84.106/32 + Ed25519PublicKey = pYWNeHVj6nfcmmHmTTtsAnykbqDxZ+uhlPrDBOjvWzL + ''; + redoubt = '' + Subnet = 10.86.84.107/32 + Ed25519PublicKey = 9m4yRBs4JsYcx5kmPfH4NlKj1ybCZ6gmnVwUDH0vBKA + ''; + + # VMs + vm_docker_0 = '' + Ed25519PublicKey = ttOHxNuWov0mA5bDBaiujZF/sfieflx8+mcn5LVxCkD + Subnet = 10.86.84.150/32 + ''; + vm_docker_1 = '' + Ed25519PublicKey = ly74/CAQIEDFa+HPMJhWikIHAwm4P0X1L8EpdmI7lGD + Subnet = 10.86.84.151/32 + ''; + vm_docker_2 = '' + Ed25519PublicKey = jfgIkB4PcU04Evs3W/ySyxb7NIxosnmRqJ3vMqI4+kC + Subnet = 10.86.84.152/32 + ''; + + # Clients + ll_latitude_e5591 = '' + Ed25519PublicKey = zlht9xdE9gUKON5MUshN07B6deMz3nRYnOnufi6ATGP + Subnet = 10.86.84.250/32 + ''; + }; +} diff --git a/flake.nix b/flake.nix index 9b82bb3..dd248c8 100644 --- a/flake.nix +++ b/flake.nix @@ -69,7 +69,8 @@ ]; "lauren_lagarde@tui.mlaga97.space" = self.homeManagerModules."lauren_lagarde" ++ [ - ./secrets/mlaga97.nix + ./dotspace/home.nix + ./users/lauren_lagarde/home.nix ]; "lauren_lagarde@gui.mlaga97.space" = self.homeManagerModules."lauren_lagarde@tui.mlaga97.space" ++ [ diff --git a/home-manager/.gitignore b/home-manager/.gitignore deleted file mode 100644 index 1377554..0000000 --- a/home-manager/.gitignore +++ /dev/null @@ -1 +0,0 @@ -*.swp diff --git a/home-manager/assets/resetbluetooth.sh b/home-manager/assets/resetbluetooth.sh deleted file mode 100644 index 4533f4f..0000000 --- a/home-manager/assets/resetbluetooth.sh +++ /dev/null @@ -1,2 +0,0 @@ -systemctl --user restart pipewire && sudo systemctl restart bluetooth -i3-msg restart diff --git a/secrets.tar.zst.gpg b/secrets.tar.zst.gpg index dbac6b9249570c0bb7c4028c31d28178173035e7..ad39a3f1da4eda8d6ada88cb4bcb4a6bbbfa05ab 100644 GIT binary patch literal 3724 zcmV;74s-E^0t^GtQPoXEkO}7j5B(c-^O%=Y_ewX6Nq~`V$+MqatOi5vnO2c~_Jq0h zFpitTS&b^YW=sh+XcCT&WNQ&kI#KB>M{YDt^qC{k18kuQBz_SuiwyVYem6&OB$yTs zG*T4B;`jc2>62z^XGQ%5+%360Q6iS zV&B;d4P_E;8ee_E$<^W$@M+YlWId{LRIA??EN9@#*>v0ZxX=zvFQzobXLyj@T>x(< zT;{>ut$aW^dt29}nJE;sT@XdS)N7~;r7gr_!r}&b$hH^uel6OKE41K02a+icSm%1t z(6?dmp9iy7B^bMSn~WVgkHvm|qv*?9tmh&)PAF8`s=P>0$IV{SOu4+%>ku;OJ|jx| zhsj3wC=_U;Z10Ly{`0PJ7z=Ay#S(xhGpIo{(e+9EeqChaEa>khxlc}NIa?D-=J$7O8Ud$OC z028*PRcOg9e`;po(FLUi9t9gl2oOhBRu`ii18<8!$LqEd?@Z5rWCxwV7oNBSgGHcj z+p?1Xs^1`h_tDjog_)iH)uiAh9?Sz1g%T`^e10(vG25x*6nVXP2YT*0wY@r`Kp{7* zF`Hkgj`RvF#2e(fTYl2&0n;~J1B0utJ+Spw;o0^QTx$2${%{w(Qp_zJ)?PeAn!-!2 zX$_QO)IkX&+O3r}-uYr*As9E3QHR894AH4G)r+R4DB>jpI`4;b^)BFBQT|@2dx671 zhCE?pZr_ zE*mM*N#-tJm02F7|5z;s7Cpz2BGjHq*xU8s%sP*MkarzKUfMD2|NjmhYx!T{ko>p7 z?fDyd-J^S*(aL8&4$^`bj;(w%$egQ9Uuni?Ah>pFt<`o7QqCHC{3>*4V`!!#PZE4JE*^ z11$X$P4%8u(m&Wr#i?Hmt#&%%hGFkxrz&C?KI*XvK`?_7LXSHlYmGiohsNyNn~ zEZKQw_#BI*KO@zvOPdU09Mo>E_;aV^LbLJ?{VAxA4W^rBLl_}2Kw?C3tPW9*XugN7 zV0<4t?IQnZGaZsp){kHbjffxk0lVZ>Q?mU__?+jADxf872KJa&*bZ^P^SQAmQUR~7 z3yjuHKc~e8ZosR%rjdc~cxR|JDEvzq7L+A2AP>tU?!Ddh@xz!MiJ7;S!A4=={}M5Y z*9;kk;e?E+p^`TU5Y|+hbHOmoc>wsGf#cwcldgAAm*4A!zTx{pt!d>&v+3=twwA7g zzxc)S+!_O@SB}Sh-CGrvjLx#wSa>o zRY}N2vjA`^(~yN7lsDQ_rr@BNx;zB1zfH0dosT;R#BkBG-gz10+%d??FY}gvED|kD zrUm}Tp8&JjCa3; zYvWtR_P#UAChP;^%Xb?jq72_?&ovgKJhT5kVDSX7xO!%*l)-OJz>kl({9Myd z`p&hpso@FWszF%3c><+|bsb@~$0Y0fC4B&|!dE1rlEMP`g&z3iGOiPMXVl`O zoUf#9uP@4=x8m!;?%_j*(QJm$nf-6Kv?RDBB6jy{^v~5LyUq-n5aQ=E;FaaZEce6D z>NM2r9ks&uTOiC!=clMa2#aD3G$Sua)~Kc`GFbuiHyHeEDE;nYNNDJy%i_jxw`twvEp%UXF(9Rz3RnGhAqAg8{X;WrZlyH_g*#Q!^$2Czf&U3!wQEb*n z>3If{FvKkq^{6$#rLRce*Oo%a`(W(NNJ5?tLk&;##}W-pj6|R`UP9rFqZ)>lIoVXu zZo%@dUMkV-fD!LE$i%7W@!GWX8@O6L+9grF!46;ml}r%72(x(D_H6djT)JNAxWOeD zHYT*c#R2G7yeye(=|woGOsCS)Df`K^YK9I_;$xS^NQZWL;UHZ>*FFWLCdO`%3vSc% zm=Wt^@vOCkc2P8a@Pxxl1W?lmkjl{S& z@R%6!@*SS3w&un;1C&W@(6J9`;Ymc z`CtNp@nrQB_Z59l;BVcEVi6BWA*^Y3Xu4fJ9M9J@S zW&Kj%lL9x|aK#k+;RVRR1Q#0ktxLL19hNV5&Pme|QP`FB#_{M)`cthSqLOv1%T@p3 z`z2SrbWYt3)^PhxHC!M~B0Hxu4~u=iv#MS|u*zB@;+UL0H0ndUGlhE)lZKU0jxQXf zmq#BnL1x5oUK&WHN?~y~96o=MJKPBdtZE@#RL%A^^mYrUUtkL~q;#{N!Zv*NAF*s~ z&b@L6qQl6MDR-ecl6Y~kQvlT?2+AE`R_K9eQqU3&{za>+hIEq$;8(wWz(1J=F6w59 z#DF4*$l95ftHXX#8CHrL59+MnvtftKzu=e9K6Zqe>0JIlLa+oc$7U1i$0OkEPNOU+ygtfS_5gP{}S1`n! zgn%NA#0N@Dkg-Um0>Qa+EzU3vj3?gPMo-fUr~s-(;G z%~bR~E25H1$EUuRQ;H7t_Icv^L?t+`VNME+2h6KH&3 zENI7+sx35Nq~lkn#eqJhJuW1u^i4A?Vm#6xF+jQE=<89{pwma=u`>KyPxeFj^#3q} zYJjvg;+)kNcmyoAgYms`Fb*ver7?O5mGKqL8`=Oro*E#k@Q0Q;A$}Mg8_T`Hq*fqr zJ>Me3b^d=ehM?=dP!deiaghK34#G{sA2u|R0%9?W7x|ASZ?+&koh{)TR_9yfA^b#6 zqtVj{qB#9&2t1YH{NbK(5Ga>!JkUWzg4Q2rV_hnc=BY0pXIJrB?LqvNSCJgRW}GfP z4EpkI_TY`OmR7FDF%QPt^zD5b$Xi)7@4^MmZWS?$v^zy=tr2h{960EMU?mFh$$+69 zs2zv0p)RYbXH~goiw#j~lbLujdBBY#6NU2>_gA+Z*YW@6h70O#EzZ>GEp7J z9e;UJHS9 q61+tSEzv%!*nK+PVA@0gmfJ5c+SRKQX+pC(_Kk!D3?;Y_xZ)*_RXZR6 literal 6318 zcmV;f7*Xei0t^GtQPoXEkO}7j5BdX_0dz58q&FO2w3>)*UzdU5RoN?lZY@hwo$~r) z%(Bmr&F;8T1b~d`nio|nXdi48rJjoO&Ww-v#RO$64@)@l$lx&!W`ihl|OVd+A?aIAh`FDEZlNg26td94%pLI?nP0mWRzS>#kr)#{AYrs6 z&co!wf*zQdG#jdrVwZrIx29-`V=@&O+d~_3>KdHi>X^gZBP8wd*r*o%; z0%B~5Zqjrk z-vyD*7Lvk6S5&(@F*#vNYC16`kTE_>W`bJ4@FgD(f4j|(eQ7`k}0!`w^Ndd z!dRqT!4O;OO??AVn{LwT0aM_hp!t=9A0H=`h8UBmkQO>#Q4!dLrdt;@qi3w!V( z<4|jS=wg;O4>VZj36i9b?u@q&%9ifcfeZjh1+J6!q9*)H-B< zpKe)#oCCSE;#}Bt0*?-Qvq0n?X_uIksntwPdMlL&Qc>}Cd}@q;T~6hoGO;n__Dbbe z=^&5b%m+D0c#{S;lU8sHzF!qi=~heAn1MD%E}sn5oq_PVRkD%9W;$r#J=D%F`xPt>ZLNJ-o*$SQQH)4sUufS#Jz{PB@rLoM@c}mAR!yTlnVN*y&gQQ zpXK>^{;C}W9^Ktc6jhrbg`J=%@PU9hld~RuGdwA~a80ppX`c>dYq&4>?IWeICR9>d22-nOH;fUuo0AuhpL}+Ss#FEBBIrsK# zG56-isJ88!?mXL$9aP9X=yt+xn zXvD=&tij|Y(BDS(;BnupkRf=_sA);ll9N6JiUQ-eG+bue=S>|}sCX`;rM>d!S5kQ7{GkCK#fh(^3}X!`K|bz*y%nc-Kc)hv>ATaiEB~auNWZoR z7Nk4apiNYuT-H$w#>(~lx!$$Pm?BOb?Ngi9m=bS+!GDb`P`IKH%lb?U4DwaJNNDPO zF71{5BUgJ$)oh$RSeNiVvPkG!1#qK$p=+3ghW6Q$E+c_5gBzF=XLk*m#BQ>Do zLT#1Vj0oL@i=usC4K(M-THh+&?eBTGUbj7{$y|Z2HvSTlZRu-EMrpQuH{B6u$K_O{ z_;5We@yYH|U9cj!XAMXObc^PGJN_9q)hR!kK}JUI{jk@*nF_GnD4wi+>f|T0;{ueh zcY7vp42~-gi^`;U2(EAL^S&PC?pfe%372jRJbhuu;_$;TP)*;7_90}C$JU>Yc*4XT zoHRKw%j9FeD1Mr_oto}r#7FuD&If4{k7f*nn(~uAgGJ?2z4&~71(Gs_^-13?m>zk` zu~6KqgeGL%RSab75~QbrN6+frwK2@P+&kOF29+%iy}A7+yoE1n=ns)F^@hHk6K!Io zH3ObipDkq9jmt)Mwm}i~D`sC+s}nZ%Df^RmmXp+^UWA)=rNJc8l~Ito0>NgfL0f{USBH>yYS3qR`<$jF5gcLn5$Jp;N0j#zX~FNOe}?tvmvHn&&2*i zXDejJj?#tlY`rW6$uq`{X9N62GAY8EY%J(oQwE5h80URDCbmv~720KIA^hnMEdf;Aw#7RaOa_JIE*UgM46>+iVuQ zejCUU^eC2&`~VT$#$|K}N-HnJ1#6hF(Iqvqk-Hg>8QX};N}4B0HlAdU zmA7oys9iaZC9J1J-6Hm0h`Y&)vD;B4cO@we3LD04^cKE66Y2xEig8sz8-~KOj(y^@ zem&I1@d#bgRW^PN0}k8ojolw?h6l+Bb}q7zUGT0sG^v{&uIt8U1UWe1jALWBF3xu1 zc?ShubG&0z9T|(Egyjn%mSGtk@SHBoXDF4XcdN6H>zv9X{a)KEd}%!@&v7AEes=|^ zo85OoqgOMN&0*(5ywABH&n!uO11Z5ef6l`xXoJTjqL>b}x7FfyWY%MN7)LId37iiT z*Mh<2lcE7*82V%a;NpvVV918(_5U6)w{G5InBQ;9m)d4YxsxE@L zSfW({DvYb_-qZm`K_j12V7TZ&;UmORZEOj!ixDIy3odqn@rT`Elhl{%5KvYIUP_yBt)naL*zHIaA1mJv{=6 zQTm4tON_c(Fv;uw2{5-dKWl3 zdnij_5g|%|EBfbxdZD3EV@ZE>81ofJGUKAw=D%Tm(ev3g++w7l+YTkJt_}wzHT?Jt zp@0{lESu1}U+K5$R0CTFadWNvf2(Z{c8OXtK{Y866ZuNmtT z?A_$h(t{0_C2jGea`g1Q{uJPs+wi}xx~%R)i9+09ZKX7?N2e;2le5UUvq+%fnx`0Q z6%sJFP?9TY4|b~HPx9Cm$l5fKrfD?BtoUG6!Dxa2nV4Y}HP~x9xKAlhOF2ng3pCib z2ni@d>hPiegp!#t;i%kcW2SY3ZE2nXN^OQ%xa{jWJ9br6&;(<52(}%pCy*kH<|B2- zwD6eM6v4Z#>lJ$kTEgjkasQfS^4TOd67+59VQxL1QsjR zzkgZZ(FVJm%_rSrQ07W(@LoGMgpio{M9*V(lZR+ab2k}5csk}Cm4V1%)JrZ%J03Qk zz_cH8L@axtN!L*bg%%kcPi}r1pj!4!Ok0t*%1HRYF<|pob{##fFl~b~T}pA+;8*Oz zrW`-D<+~WOzTmzjdRZml^_XXm=!fgt`WoT;ABZJ#)N2ybovo$Ku+8Z-5GeAB$~n?k zB;^SGAufycO<`wiKlI*`*}fr6zv3JrncrU?=zHhxX~Lr!bA%^w#i8>~tI9H+IKmmR zUM+p4eGn=EO;~r{3y~#&C*0bS5GnraH8aIiy_UMu$E&mjYw4_10p%TNdP#3BtQ5=; zXf=yXYnH@y(-1@ZCXD{RT`~sevp0tOhM1U()a8_C3Nv!2Kc9W;Qc><2_zh9|16>Q= zwTJ0iD)9*S-j<&-*XTVJ2EZNh_;}@hhAm{h5?!)I)$L&x93FQM0x|h2^kte7#O`R# z`8*mx5(=Fl4^Ew;h;A}hs9sQhJhNq+?qkY>&&PGMNsYBnO+ESGtZBV9OWWYUT#&GY zb_`qyUhoe|wnX;^vzdL{0c3Bh>7O0%bLh<1Cv6^E0uMkbIX#FRESOef9$ec3M_vt9 z%E_#VYzKhcTIc&^O}#eMKIRSVORR>CyY!Hv4#ImG&A?CQC5LUcQ`%g@LN%GfSq3J{ zM#u}*M!U>28#hvb%aAFNH>H32=_;}XKY|w`hvSXpubNIxGCYXHK#Yni`i(b z6+&e(@3A*k^FOg0nWT?Pz-C1={5BQj;?qzYrbT?wQc}h15eZ=|eA^y4t(UTq>UN?G zfnn@i(-Hi^`XY6b{s2;6k$+U9M2(vhB zKl#nty|-2+7yx<@!tVe1F=a66c=m$9b}8?6uri9Z$6=q}w#@Y-!~$4R zWZ`@{N)ASBm;gWfhddzFg-Y^W(_lho84+YE_U57}F3mELlW4vWSV~T*s?b-aHO6=T z?Rt`U9{pPeUj-FgSQ*+;f%pu_CPS`yyWNZ?5?r}L8V1}%RB3vhw)CcG^-J-ggO70H zryMboM6g#n*bClvxM$$PX$w*YS%@lOJ_=76Z6sJ46Q3B)Zm)tS_E?#%AO<|mZoQuz|rL<7&ahDlz^X|T2I~>Wro@LJ1N7oXLUq`d0nVGl;Q+F{Hjzj=K zsJF-&O|?Pm-TwLah_SwO?Iir*$Ke2pQwDVXH4Z8bRIZqeeHsNy;)YNn0Ydf?4*jJi zp*-j=j#eT8(Xf!lvzvd^7+}OiuC9qVl0Qi88pq&526WyzO-mtk<^2QJNuy-?v)FOXo(8SPV24rr07w#S$bE; zclo?mZ)phe!w^2}YB6!*a9HKvnSLFpu6#PLxawUp$oh z727INQJ>4(TYCf%^i&2s#Zv<;7)TtA+zM;7glpGOF~pD>SvknOH{B;!>O{wmBS-yb z3F|H_x1w$po;Lo%jzB7F*)>aQ+&jzRIJZv`ZyP=Vt{!+a0(R~RDVC4kG{*j9iIKC=+? z&&xy(x2VICTXsM!bW2==6ph^u9m{KmtmieZY}{tyvTcmB!FDIE%N$9Ac?s@{BB4A1paD?1Xy4m`!ICh z>})vndb5Pu0%ek~IqHYA$Oqd%fI`LcA4_$_IR91n?vs4<5jPG9nbX&ipOT~2MS)}Q zBGeNoc*#ZLrEno$aHliFtYTJ(FK&eo;_E%8$H6B-xt#K+H~38`_9PqOiF)qHQ&gT+ zsiRN1T#&^SN-<@#xzrjn*6=;`00P>1BW5si6N}FWDf4N8Q7Td+K`T8B9;hXD;ELiqqyRibb_4L&Z9~pIv8NKY&zX#@niiD{9M%Io49~F*+5iUn zKrrUX;-ilUxy1yq9%l`dzQ}WE=Y*TnK7+g_V^~Q1-+Xp&oTqlh)7jTsr@raGf_N8N z&O^2`^`X@^W_j^SAy}c`WLd@ayiw!8I8E_mQLe-GV+Jz7)e@zwz=zT(&e?0n+usE8 z6x9A^In&s( zCdAiono2!G8QuJG7O>l=P(VFSW?(v_9La1z36V{{5=%zOPIt^xOfatIieBd0%JR5f z$1sko&F7}sOG8YA8$v7M&i8FOGa$oDCUNg*h`BdTuL0XBe#fmMDkSdK2Up0)+5}M4 zH!9W)HmEomOvL^O(E$MM{BDS#4{_eMK(EsD4ZmGV&ia5k>xx`hG2dNG$ff+|r3RWkBbdw)uH9s;RMZS6U{8jfZ4KlsxKTIiu&5hz6^`@ z*L!i9C2m=;Luh76eV|1U{|c$41i^ph45TFLCDOY}`s>vs9~IG=7zHX9koi(vi>MUf zLRT0%|J3iXt~-W1zXvhJ|CCJ!>wz}K8J*;%5b_)nuU+5Gm^)j*cI(K7I)_~fXi3bV zVIoy~#{q4A1`V+N4)Z>oaWopw8RwNC0!UmbJtKl9>i(O`UhX!EBCn|humT~D)2ho8 z9S_8>`sg93%@oRm&sp7RzcK4^GQS7?pD}d$o5vY{k&-)_U_*H* k4sS)f#y)dB+|wC-eNm|`$}9)7gJjH{AbPx^1(u(d?bLxOcK`qY diff --git a/systems/bastion/configuration.nix b/systems/bastion/configuration.nix index 5f5b1be..180dafb 100644 --- a/systems/bastion/configuration.nix +++ b/systems/bastion/configuration.nix @@ -45,12 +45,11 @@ ../../nixos/tweaks/systemd-resolved_nonsense.nix # Dotspace - ../../secrets/dotspace.nix - ../../secrets/dotspace_shares.nix + ../../dotspace/configuration.nix ../../nixos/features/stronghold-binary-cache.nix # Users - ../../users/lauren_lagarde/lauren_lagarde.nix + ../../users/lauren_lagarde/configuration.nix ../../users/ashley_funkhouser/ashley_funkhouser.nix # Bastion Features diff --git a/systems/blockhouse/configuration.nix b/systems/blockhouse/configuration.nix index 30768d5..6c26cf5 100755 --- a/systems/blockhouse/configuration.nix +++ b/systems/blockhouse/configuration.nix @@ -38,12 +38,11 @@ ../../nixos/tweaks/systemd-resolved_nonsense.nix # Dotspace - ../../secrets/dotspace.nix - ../../secrets/dotspace_shares.nix + ../../dotspace/configuration.nix ../../nixos/features/stronghold-binary-cache.nix # Users - ../../users/lauren_lagarde/lauren_lagarde.nix + ../../users/lauren_lagarde/configuration.nix ../../users/ashley_funkhouser/ashley_funkhouser.nix # Blockhouse Features diff --git a/systems/fortress/configuration.nix b/systems/fortress/configuration.nix index 307a40b..c69fd75 100644 --- a/systems/fortress/configuration.nix +++ b/systems/fortress/configuration.nix @@ -41,16 +41,17 @@ ../../nixos/tweaks/enable_flakes.nix ../../nixos/tweaks/systemd-resolved_nonsense.nix + # Dotspace + ../../dotspace/configuration.nix + # Users - ../../users/lauren_lagarde/lauren_lagarde.nix + ../../users/lauren_lagarde/configuration.nix # Additional Software ../../nixos/tweaks/disable_firewall.nix #../../nixos/features/virtualization/dockge.nix ../../nixos/features/virtualization/docker.nix - ../../secrets/dotspace.nix - # Local Config ./gatus.nix ./coturn.nix diff --git a/systems/living-room-nixos.nix b/systems/living-room-nixos.nix deleted file mode 100644 index 135a3a6..0000000 --- a/systems/living-room-nixos.nix +++ /dev/null @@ -1,19 +0,0 @@ -{ ... }: { - imports = [ - ../ll-nixos-base.nix - ../features/gpu/intel.nix - ]; - - home-manager.users.lauren_lagarde = { - imports = [ - ../../modules/mlaga97-home-manager/programs/firefox.nix - ]; - - # Fix issue with HDMI passthrough - xsession.windowManager.i3 = { - config.startup = [ - { command = "xrandr --output HDMI-1 --mode 1920x1080 --rate 60 --primary"; } - ]; - }; - }; -} diff --git a/systems/living-room/configuration.nix b/systems/living-room/configuration.nix index 77f3200..b051f88 100644 --- a/systems/living-room/configuration.nix +++ b/systems/living-room/configuration.nix @@ -40,18 +40,17 @@ ../../nixos/tweaks/disable_nixos_user.nix ../../nixos/tweaks/systemd-resolved_nonsense.nix + # Dotspace + ../../dotspace/configuration.nix + ../../nixos/features/stronghold-binary-cache.nix + # Users ../../users/lauren_lagarde/autologin.nix - ../../users/lauren_lagarde/lauren_lagarde.nix + ../../users/lauren_lagarde/configuration.nix # i3wm ../../nixos/features/i3wm.nix - # Dotspace - ../../secrets/dotspace.nix - ../../secrets/dotspace_shares.nix - ../../nixos/features/stronghold-binary-cache.nix - # living-room ../../nixos/features/gpu/intel.nix ../../nixos/features/systemd-boot.nix diff --git a/systems/ll-latitude-e5591/configuration.nix b/systems/ll-latitude-e5591/configuration.nix index 0223b0e..9220b6f 100644 --- a/systems/ll-latitude-e5591/configuration.nix +++ b/systems/ll-latitude-e5591/configuration.nix @@ -32,7 +32,7 @@ ../../nixos/tweaks/systemd-resolved_nonsense.nix # Lauren Base - ../../users/lauren_lagarde/lauren_lagarde.nix + ../../users/lauren_lagarde/configuration.nix # i3wm ../../nixos/features/i3wm.nix @@ -41,8 +41,7 @@ ../../nixos/tweaks/intel_igpu_screen_tearing.nix # Dotspace - ../../secrets/dotspace.nix - ../../secrets/dotspace_shares.nix + ../../dotspace/configuration.nix ../../nixos/features/stronghold-binary-cache.nix # Additional Software diff --git a/systems/ll-nixos-base.nix b/systems/ll-nixos-base.nix deleted file mode 100644 index 100daa4..0000000 --- a/systems/ll-nixos-base.nix +++ /dev/null @@ -1,27 +0,0 @@ -{ pkgs, ... }: { - imports = [ - # Core Features - ../features/base.nix - ../features/tui-apps.nix - ../features/openssh-server.nix - - # Core Tweaks - ../tweaks/zram.nix - ../tweaks/enable_flakes.nix - ../tweaks/disable_nixos_user.nix - ../tweaks/systemd-resolved_nonsense.nix - - # Lauren Base - ../users/lauren_lagarde/lauren_lagarde.nix - - # i3wm - ../features/i3wm.nix - ../features/hardware/yubikey.nix - ../tweaks/bluetooth.nix - ../tweaks/intel_igpu_screen_tearing.nix - - # Dotspace - ../secrets/dotspace.nix - ../features/stronghold-binary-cache.nix - ]; -} diff --git a/systems/ll-nixos-full.nix b/systems/ll-nixos-full.nix deleted file mode 100644 index 4de9729..0000000 --- a/systems/ll-nixos-full.nix +++ /dev/null @@ -1,37 +0,0 @@ -{ pkgs, ... }: { - imports = [ - # Core Features - ../features/base.nix - ../features/tui-apps.nix - ../features/openssh-server.nix - - # Core Tweaks - ../tweaks/zram.nix - ../tweaks/enable_flakes.nix - ../tweaks/disable_nixos_user.nix - ../tweaks/systemd-resolved_nonsense.nix - - # Lauren Base - ../users/lauren_lagarde/lauren_lagarde.nix - - # i3wm - ../features/i3wm.nix - ../features/hardware/yubikey.nix - ../tweaks/bluetooth.nix - ../tweaks/intel_igpu_screen_tearing.nix - - # Dotspace - ../secrets/dotspace.nix - ../features/stronghold-binary-cache.nix - - # Assume Intel GPU - ../features/gpu/intel.nix - - # Additional Software - ../features/embedded.nix - ../features/hardware/rtl-sdr.nix - ../features/hardware/printing.nix - ../features/virtualization/docker.nix - ../features/virtualization/libvirt-host.nix - ]; -} diff --git a/systems/ll-nixos-live/configuration.nix b/systems/ll-nixos-live/configuration.nix index 4320f8a..3e4a0dd 100644 --- a/systems/ll-nixos-live/configuration.nix +++ b/systems/ll-nixos-live/configuration.nix @@ -31,8 +31,12 @@ ../../nixos/tweaks/disable_nixos_user.nix ../../nixos/tweaks/systemd-resolved_nonsense.nix - # Lauren Base - ../../users/lauren_lagarde/lauren_lagarde.nix + # Dotspace + ../../dotspace/configuration.nix + ../../nixos/features/stronghold-binary-cache.nix + + # Users + ../../users/lauren_lagarde/configuration.nix # i3wm ../../nixos/features/i3wm.nix @@ -40,11 +44,6 @@ ../../nixos/tweaks/bluetooth.nix ../../nixos/tweaks/intel_igpu_screen_tearing.nix - # Dotspace - ../../secrets/dotspace.nix - ../../secrets/dotspace_shares.nix - ../../nixos/features/stronghold-binary-cache.nix - # Additional Software ../../nixos/features/embedded.nix ../../nixos/features/hardware/rtl-sdr.nix diff --git a/systems/ll-nixos-xmrig-worker.nix b/systems/ll-nixos-xmrig-worker.nix deleted file mode 100644 index c628fa1..0000000 --- a/systems/ll-nixos-xmrig-worker.nix +++ /dev/null @@ -1,47 +0,0 @@ -{ pkgs, ... }: { - imports = [ - # Core Features - ../features/base.nix - ../features/tui-apps.nix - ../features/openssh-server.nix - - # Core Tweaks - ../tweaks/zram.nix - ../tweaks/enable_flakes.nix - ]; - - networking.networkmanager.enable = true; - powerManagement.cpuFreqGovernor = "performance"; - - environment.systemPackages = with pkgs; [ - xmrig - ]; - - # Improve xmrig performance - hardware.cpu.x86.msr.enable = true; - hardware.cpu.x86.msr.settings.allow-writes = "on"; - - # Helper Scripts - home-manager.users.nixos.home = { - stateVersion = "24.11"; - file = { - "stronghold" = { - executable = true; - text = '' - sudo nmtui-connect Stronghold - ''; - }; - "mine" = { - executable = true; - text = '' - sudo xmrig --randomx-1gb-pages -o vm-docker-2.mlaga97.space:3333 - ''; - }; - }; - }; - - # SSH Config - users.users.nixos.openssh.authorizedKeys.keys = [ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCl881A1gvgCx+4ECrmJnO2QCTiqjaOLfAegKAAkvWNFKL0rDfsj8tZULUcyn87HYsRrdmqCOQ62GOjQyK803azq7QTxwY4vjczkJxico4LnIToTobcz+JkgF6Rf/h74bs9dHk4ZU853FRBz3wi/14rI10Iwckt37B1ayJacpELuzFobKYip2FjiL1vNH3tiAFR131z+YBByvNX+uJYEhpsI0xry9zbsSUWUq5/YFpmjezblzYRokfsReYiKJeQBeROSeRC/xFBSnikECSylNI4sw5VIpGXFIxL5xhss+s+3dnb+LFQ+zInOYxkVRydYc/In9Wz6Tu7v07K8bjvE7nQwHenoGtRW590Xu0rJApS+k8Cu16sCO2QFj/aI+gCrhU0ymM0aicr0hFAME6Y7j9HcR6PxYxnXZjI7cfqhO5TG8jot25SPzJcvH3EV5oPKtAkw9XA+8+nAI9czFlUgHnuMJAqw1IGOD3qozwqZ5yn1+kG7FZJRpvaPc5pK2HtqaAKJmnRuVaWcFuNALh86gr7Qn8IEp8Q+YyKmDqrMZ4KLJUMnVqn4y0HVS1eB5nVujaJZUGJWA4q3og0FE/2kH74WEp2ZtuJAoEPcgfZ6Ns7BmmXIZU7qu4kQoQ73b3mn6hCi5xlQ/sClzwHYkRPo4tST64ED/UIRPCYe1byNUWSww== lauren@lagarde.dev" - ]; -} diff --git a/systems/outpost.nix b/systems/outpost.nix index a46fc4d..7ad1c2b 100644 --- a/systems/outpost.nix +++ b/systems/outpost.nix @@ -22,10 +22,13 @@ ../tweaks/systemd-resolved_nonsense.nix # Dotspace - ../secrets/dotspace.nix + ../../dotspace/configuration.nix # Users - ../users/lauren_lagarde/lauren_lagarde.nix + ../../users/lauren_lagarde/configuration.nix + + # Outpost + ../../nixos/tweaks/disable_firewall.nix ]; ############################################################################## diff --git a/systems/redoubt/configuration.nix b/systems/redoubt/configuration.nix index be5078e..11ea6dc 100644 --- a/systems/redoubt/configuration.nix +++ b/systems/redoubt/configuration.nix @@ -30,11 +30,11 @@ ../../nixos/tweaks/systemd-resolved_nonsense.nix # Dotspace - ../../secrets/dotspace.nix + ../../dotspace/configuration.nix ../../nixos/features/stronghold-binary-cache.nix # Users - ../../users/lauren_lagarde/lauren_lagarde.nix + ../../users/lauren_lagarde/configuration.nix ../../users/ashley_funkhouser/ashley_funkhouser.nix # Features diff --git a/systems/stronghold/configuration.nix b/systems/stronghold/configuration.nix index 426d7c9..c85cf79 100644 --- a/systems/stronghold/configuration.nix +++ b/systems/stronghold/configuration.nix @@ -18,13 +18,13 @@ ../../nixos/tweaks/disable_nixos_user.nix ../../nixos/tweaks/systemd-resolved_nonsense.nix - # Lauren Base - ../../users/lauren_lagarde/lauren_lagarde.nix - # Dotspace - ../../secrets/dotspace.nix + ../../dotspace/configuration.nix ../../nixos/features/stronghold-binary-cache.nix + # Users + ../../users/lauren_lagarde/configuration.nix + # Docker Host Stuff ../../nixos/tweaks/disable_firewall.nix ../../nixos/features/virtualization/docker.nix diff --git a/systems/vm-docker-host/vm-docker-host-base.nix b/systems/vm-docker-host/vm-docker-host-base.nix index d4bba47..306611c 100644 --- a/systems/vm-docker-host/vm-docker-host-base.nix +++ b/systems/vm-docker-host/vm-docker-host-base.nix @@ -11,12 +11,12 @@ ../../tweaks/disable_nixos_user.nix ../../tweaks/systemd-resolved_nonsense.nix - # Lauren Base - ../../users/lauren_lagarde/lauren_lagarde.nix - # Dotspace - ../../secrets/dotspace.nix - ../../features/stronghold-binary-cache.nix + ../../dotspace/configuration.nix + ../../nixos/features/stronghold-binary-cache.nix + + # Users + ../../users/lauren_lagarde/configuration.nix # Docker Host Stuff ../../tweaks/disable_firewall.nix diff --git a/users/lauren_lagarde/lauren_lagarde.nix b/users/lauren_lagarde/configuration.nix similarity index 100% rename from users/lauren_lagarde/lauren_lagarde.nix rename to users/lauren_lagarde/configuration.nix diff --git a/users/lauren_lagarde/home.nix b/users/lauren_lagarde/home.nix new file mode 100644 index 0000000..ad1cb49 --- /dev/null +++ b/users/lauren_lagarde/home.nix @@ -0,0 +1,7 @@ +{ ... }: { + programs.git = { + enable = true; + userName = "Lauren Lagarde"; + userEmail = "lauren@lagarde.dev"; + }; +}