genebean/dots
1
0
Fork 0
mirror of https://github.com/genebean/dots.git synced 2026-03-27 09:27:44 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Adding mini-watcher

Browse source
This commit is contained in:
Gene Liverman 2024-01-26 23:57:27 -05:00
parent 79648976a5
commit 5fbfb7ed7e
5 changed files with 78 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

8
.sops.yaml
View file

@ -4,6 +4,7 @@ keys:
- &system_rainbow_planet age15xlw5vnnjdx2ypz6rq0mqcywuaj3yx8y6lrgf95satafqf7y4qus6rv6ck - &system_rainbow_planet age15xlw5vnnjdx2ypz6rq0mqcywuaj3yx8y6lrgf95satafqf7y4qus6rv6ck
- &user_airpuppet age1awdf9h0avajf57cudx0rjfmxu2wlxw8wf3sa7yvfk8rp4j6taecsu74x77 - &user_airpuppet age1awdf9h0avajf57cudx0rjfmxu2wlxw8wf3sa7yvfk8rp4j6taecsu74x77
- &user_blue_rock age1rt72txg22w8y3cdvq9w7zff0cas6xtkplpj36kxnevfnrtn82f6ss7yw7d - &user_blue_rock age1rt72txg22w8y3cdvq9w7zff0cas6xtkplpj36kxnevfnrtn82f6ss7yw7d
- &user_mini_watcher age1rpy8edlpgxuf6w75cvlqexuq2xe4c49h9t2ge6jhc3fzczp8vfasnjelwq
creation_rules: creation_rules:
- path_regex: nixnuc/secrets.yaml$ - path_regex: nixnuc/secrets.yaml$
key_groups: key_groups:
@ -21,10 +22,17 @@ creation_rules:
key_groups: key_groups:
- age: - age:
- *user_blue_rock - *user_blue_rock
- path_regex: mini-watcher/secrets.yaml$
key_groups:
- age:
- *user_mini_watcher
- path_regex: modules/system/common/secrets.yaml$ - path_regex: modules/system/common/secrets.yaml$
key_groups: key_groups:
- age: - age:
- *system_nixnuc - *system_nixnuc
- *system_rainbow_planet - *system_rainbow_planet
- *user_airpuppet
- *user_blue_rock - *user_blue_rock
- *user_mini_watcher

25
flake.nix
View file

@ -111,6 +111,27 @@
]; ];
}; # end nixosSystem }; # end nixosSystem
linuxHomeConfig = system: hostname: username: home-manager.lib.homeManagerConfiguration {
pkgs = import nixpkgs {
inherit system;
config = {
allowUnfree = true;
permittedInsecurePackages = [ "electron-21.4.4" ];
};
};
extraSpecialArgs = { inherit genebean-omp-themes hostname username; };
modules = [
./modules/home-manager/hosts/${hostname}/${username}.nix
{
home = {
username = "${username}";
homeDirectory = "/home/${username}";
};
}
sops-nix.homeManagerModules.sops
];
}; # end homeManagerConfiguration
in { in {
darwinConfigurations = { darwinConfigurations = {
AirPuppet = darwinHostConfig "x86_64-darwin" "AirPuppet" "gene"; AirPuppet = darwinHostConfig "x86_64-darwin" "AirPuppet" "gene";
@ -121,5 +142,9 @@
nixnuc = nixosHostConfig "x86_64-linux" "nixnuc" "gene"; nixnuc = nixosHostConfig "x86_64-linux" "nixnuc" "gene";
rainbow-planet = nixosHostConfig "x86_64-linux" "rainbow-planet" "gene"; rainbow-planet = nixosHostConfig "x86_64-linux" "rainbow-planet" "gene";
}; };
homeConfigurations = {
gene = linuxHomeConfig "x86_64-linux" "mini-watcher" "gene";
};
}; };
} }

15
modules/home-manager/common/hm-sops.nix Normal file
View file

@ -0,0 +1,15 @@
{ pkgs, hostname, username, ... }: {
home.packages = with pkgs; [
home-manager
];
sops = {
age.keyFile = /home/${username}/.config/sops/age/keys.txt;
defaultSopsFile = ../hosts/${hostname}/secrets.yaml;
secrets = {
local_git_config.path = "/home/${username}/.gitconfig-local";
local_private_env.path = "/home/${username}/.private-env";
};
};
}

8
modules/home-manager/hosts/mini-watcher/gene.nix Normal file
View file

@ -0,0 +1,8 @@
{ pkgs, genebean-omp-themes, ... }: {
home.stateVersion = "23.11";
imports = [
../../common/all-cli.nix
../../common/all-linux.nix
../../common/hm-sops.nix
];
}

22
modules/home-manager/hosts/mini-watcher/secrets.yaml Normal file
View file

@ -0,0 +1,22 @@
local_git_config: ENC[AES256_GCM,data:ECcO9NiS6Xo1AevHx/4tIGmhVHTG+WHIJI/RgYLe4DbptPJQFxFMBEk=,iv:xPvAfNywX7Ww3iwZDwQGTa88ZoJZqnIjdNDv4R0iAf0=,tag:bQ7rNxPniyP7SNW8Nz+1rw==,type:str]
local_private_env: ENC[AES256_GCM,data:Eg1IYFMJFysMavh1ssddpO3fzoyrKpA2dfSNSUUUsb/548IxqOktXIArR5bqbWVL//bUmnYI3N37jYRFiQSO,iv:50WBKSSy/Ea6l6kdggeoVCXhRG6lc4QxQBm1CoK2RTc=,tag:USADBcnceslCg3ueSikf+w==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1rpy8edlpgxuf6w75cvlqexuq2xe4c49h9t2ge6jhc3fzczp8vfasnjelwq
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBveXpUSFNmVXJFTy9ieWRv
a1Fpb2xic1lnYW5mZ2VaY1dyOXVUbkNGWnlNCkxKcUZVbm0rRUNydERUeC9ueloy
N3d0NGxyaTFCd1lMUmh2VklqbTZJalkKLS0tIC8xb1VnZU0xbmdObnZIUjRvU01k
bmtPb3hjTkxMaDJwSGQ0amF5ci85UXcK16fgU78H4SK8LKDyYCUgMdRE2ZTygzyE
spYcQ8w+PvQSxLUFJKW6DZdkSXLkNR0HkmVkuSmBKW0lVNWCfXbfvA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-01-28T00:59:32Z"
mac: ENC[AES256_GCM,data:Dcs3LkQtReunJGQl1aBy/fo022r0fwAdjDKRlgGsDtnWWEWZww6+n30yCkMjDrQCZm4NekDCYrEd0Dhq90nLON+vxykojxd/UTBEX86NIxUrGtO3faotP0/buVi59JgqQQqBDB14GpJttZGVr59LVlxieG1PhpmE9lFePpT8eR4=,iv:7KmeBD4Pk+guEW0nb9/W7olsF36bwfZtFkehO5u40po=,tag:PJmbdqiud4FHxbVcZv2png==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.8.1