From 8cd5e390cfdd3e779cc16477cbab66aac80eea12 Mon Sep 17 00:00:00 2001 From: Danilo Reyes Date: Sat, 27 Sep 2025 15:56:36 -0600 Subject: [PATCH] ssh config --- config/home-manager.nix | 98 ++++++++++++++++++++--------------------- config/jawz.nix | 28 ++++++++++-- flake.nix | 2 +- 3 files changed, 74 insertions(+), 54 deletions(-) diff --git a/config/home-manager.nix b/config/home-manager.nix index 0a10cf6..f545ddc 100644 --- a/config/home-manager.nix +++ b/config/home-manager.nix @@ -6,45 +6,57 @@ }: { home.stateVersion = "23.05"; - programs.bash = - let - inherit (pkgs) fd fzf; - inherit (inputs.jawz-scripts.packages.x86_64-linux) pokemon-colorscripts; - in - { + programs = { + direnv = { enable = true; - historyFile = "\${XDG_STATE_HOME}/bash/history"; - historyControl = [ - "erasedups" - "ignorespace" - "ignoredups" - ]; - shellAliases = { - cp = "cp -i"; - mv = "mv -i"; - mkdir = "mkdir -p"; - mkcd = "(){ mkdir -p \"$1\" && cd \"$1\" }"; - copy = "xclip -selection clipboard"; - cdp = "pwd | copy"; - cfp = "(){ readlink -f \"$1\" | copy }"; - ".." = "cd .."; - "..." = "cd ../.."; - ".3" = "cd ../../.."; - ".4" = "cd ../../../.."; - ".5" = "cd ../../../../.."; - c = "cat"; - sc = "systemctl --user"; - jc = "journalctl --user -xefu"; - open-gallery = '' - cd /srv/pool/scrapping/JawZ/gallery-dl && - xdg-open "$(${fd}/bin/fd . ./ Husbands wikifeet -tdirectory -d 1 | ${fzf}/bin/fzf -i)"''; - }; - enableVteIntegration = true; - initExtra = '' - ${pokemon-colorscripts}/bin/pokemon-colorscripts -r --no-title - export command_timeout=60 - ''; + enableBashIntegration = true; + nix-direnv.enable = true; }; + git = { + enable = true; + userName = "Danilo Reyes"; + userEmail = "CaptainJawZ@protonmail.com"; + }; + bash = + let + inherit (pkgs) fd fzf; + inherit (inputs.jawz-scripts.packages.x86_64-linux) pokemon-colorscripts; + in + { + enable = true; + historyFile = "\${XDG_STATE_HOME}/bash/history"; + historyControl = [ + "erasedups" + "ignorespace" + "ignoredups" + ]; + shellAliases = { + cp = "cp -i"; + mv = "mv -i"; + mkdir = "mkdir -p"; + mkcd = "(){ mkdir -p \"$1\" && cd \"$1\" }"; + copy = "xclip -selection clipboard"; + cdp = "pwd | copy"; + cfp = "(){ readlink -f \"$1\" | copy }"; + ".." = "cd .."; + "..." = "cd ../.."; + ".3" = "cd ../../.."; + ".4" = "cd ../../../.."; + ".5" = "cd ../../../../.."; + c = "cat"; + sc = "systemctl --user"; + jc = "journalctl --user -xefu"; + open-gallery = '' + cd /srv/pool/scrapping/JawZ/gallery-dl && + xdg-open "$(${fd}/bin/fd . ./ Husbands wikifeet -tdirectory -d 1 | ${fzf}/bin/fzf -i)"''; + }; + enableVteIntegration = true; + initExtra = '' + ${pokemon-colorscripts}/bin/pokemon-colorscripts -r --no-title + export command_timeout=60 + ''; + }; + }; xdg = { enable = true; userDirs = { @@ -60,16 +72,4 @@ }; configFile.wgetrc.text = "hsts-file=\${XDG_CACHE_HOME}/wget-hsts"; }; - programs = { - direnv = { - enable = true; - enableBashIntegration = true; - nix-direnv.enable = true; - }; - git = { - enable = true; - userName = "Danilo Reyes"; - userEmail = "CaptainJawZ@protonmail.com"; - }; - }; } diff --git a/config/jawz.nix b/config/jawz.nix index 2003dc3..cecc749 100644 --- a/config/jawz.nix +++ b/config/jawz.nix @@ -1,6 +1,10 @@ { config, lib, ... }: let inherit (config.networking) hostName; + nixosHosts = + lib.attrNames config.my.ips + |> lib.filter (name: !(lib.hasPrefix "wg-" name) && name != "vps" && name != "router" && name != hostName); + nixosHostsMatch = lib.concatStringsSep " " nixosHosts; in { sops.secrets = @@ -15,16 +19,32 @@ in in { jawz-password.neededForUsers = true; - "private_keys/age" = keyConfig "${baseDir}_age"; - "public_keys/age" = keyConfig "${baseDir}_age.pub"; "private_keys/${hostName}" = keyConfig "${baseDir}_${hostName}"; "git_private_keys/${hostName}" = keyConfig "${baseDir}_git"; "syncthing_keys/${hostName}" = keyConfig ".config/syncthing/key.pem"; "syncthing_certs/${hostName}" = keyConfig ".config/syncthing/cert.pem"; "syncthing_password".sopsFile = ../secrets/keys.yaml; }; - - home-manager.users.jawz.home.file.".librewolf/.stignore".source = ../dotfiles/stignore; + home-manager.users.jawz = { + home.file.".librewolf/.stignore".source = ../dotfiles/stignore; + programs.ssh = { + enable = true; + matchBlocks = { + vps = { + hostname = config.my.ips.vps; + user = "fedora"; + port = 3456; + identityFile = config.sops.secrets."private_keys/${hostName}".path; + }; + "${nixosHostsMatch}" = { + user = "jawz"; + identityFile = config.sops.secrets."private_keys/${hostName}".path; + }; + "${config.my.servers.gitea.host} github.com gitlab.com bitbucket.org".identityFile = + config.sops.secrets."git_private_keys/${hostName}".path; + }; + }; + }; services.syncthing = { enable = true; user = "jawz"; diff --git a/flake.nix b/flake.nix index d2ac4fb..7cbd8bf 100644 --- a/flake.nix +++ b/flake.nix @@ -99,7 +99,7 @@ workstation = createConfig "workstation" inputs.nixpkgs; miniserver = createConfig "miniserver" inputs.nixpkgs-small; server = createConfig "server" inputs.nixpkgs-small; - galaxy = createConfig "galaxy" inputs.nixpkgs-small; + }; packages.${system} = (jawz-scripts.packages.${system} or { }); devShells.${system} = builtins.listToAttrs (