Organize bits better, add OwnTracks

2026-03-27 01:17:42 -04:00 · 2024-06-15 20:42:25 -04:00 · 2024-06-15 20:42:25 -04:00 · c68680eff4
commit c68680eff4
parent eb53309c33
7 changed files with 139 additions and 82 deletions
--- a/modules/hosts/nixos/hetznix01/post-install-general.nix
+++ b/modules/hosts/nixos/hetznix01/post-install-general.nix
@ -0,0 +1,40 @@
+{ config, username, ... }: {
+  imports = [
+    ../../../system/common/linux/restic.nix
+  ];
+
+  services = {
+    restic.backups.daily.paths = [
+      "/var/lib/uptime-kuma"
+    ];
+    tailscale = {
+      enable = true;
+      authKeyFile = config.sops.secrets.tailscale_key.path;
+      extraUpFlags = [
+        "--advertise-exit-node"
+        "--operator"
+        "${username}"
+        "--ssh"
+      ];
+      useRoutingFeatures = "both";
+    };
+  };
+
+  sops = {
+    age.keyFile = /home/${username}/.config/sops/age/keys.txt;
+    defaultSopsFile = ./secrets.yaml;
+    secrets = {
+      local_git_config = {
+        owner = "${username}";
+        path = "/home/${username}/.gitconfig-local";
+      };
+      local_private_env = {
+        owner = "${username}";
+        path = "/home/${username}/.private-env";
+      };
+      tailscale_key = {
+        restartUnits = [ "tailscaled-autoconnect.service" ];
+      };
+    };
+  };
+}