jawz/NixOS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

wip emacs output

Browse Source
This commit is contained in:
Danilo Reyes
2025-09-28 01:58:34 -06:00
parent eee3e2dfea
commit 7b1c061c9d
11 changed files with 86 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
config/jawz.nix
View File

@@ -9,7 +9,7 @@ let
nixosHostsMatch = lib.concatStringsSep " " nixosHosts;
in
{
sops.secrets =
sops.secrets = lib.mkIf config.my.secureHost (
let
baseDir = ".ssh/ed25519";
keyConfig = file: {
@@ -26,10 +26,11 @@ in
"syncthing_keys/${hostName}" = keyConfig ".config/syncthing/key.pem";
"syncthing_certs/${hostName}" = keyConfig ".config/syncthing/cert.pem";
"syncthing_password".sopsFile = ../secrets/keys.yaml;
};
}
);
home-manager.users.jawz = {
home.file.".librewolf/.stignore".source = ../dotfiles/stignore;
programs.ssh = {
programs.ssh = lib.mkIf config.my.secureHost {
enable = true;
matchBlocks = {
vps = {
@@ -47,7 +48,7 @@ in
};
};
};
services.syncthing = {
services.syncthing = lib.mkIf config.my.secureHost {
enable = true;
user = "jawz";
group = "users";
@@ -148,7 +149,10 @@ in
uid = 1000;
linger = true;
isNormalUser = true;
hashedPasswordFile = config.sops.secrets.jawz-password.path;
hashedPasswordFile = lib.mkIf config.my.secureHost config.sops.secrets.jawz-password.path;
hashedPassword =
lib.mkIf (!config.my.secureHost)
"$6$s4kbia4u7xVwCmyo$LCN7.Ki2n3xQOqPKnTwa5idwOWYeMNTieQYbLkiiKcMFkFmK76BjtNofJk3U7yRmLGnW3oFT433.nTRq1aoN.1";
extraGroups = [
"wheel"
"networkmanager"