Simmer/nixos
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add secrets for laptop

Browse Source
This commit is contained in:
Ethan Simmons
2024-06-23 20:03:33 -05:00
parent 16fa1884e9
commit 10e08a1fd8
6 changed files with 93 additions and 59 deletions
Download Patch File Download Diff File Expand all files Collapse all files

74
hosts/alpheratz/dotfiles/fish/config.fish
View File

@@ -1,13 +1,41 @@
if status is-interactive
### Local environment variables
fish_add_path "/home/eesim/.cargo/bin/"
set fish_greeting
set fish_cursor_default block
set fish_cursor_insert line
set fish_cursor_replace_one underscore
set fish_cursor_replace underscore
set fish_cursor_external line
set fish_cursor_visual block
function fish_mode_prompt
end
### Local environment variables
set -x DENO_INSTALL "/home/eesim/.deno"
direnv hook fish | source
end
if status is-login
# SSH settings
eval (ssh-agent -c)
ssh-add /home/eesim/.ssh/id_ed25519
# Set environment variables in /etc/profile.d/
# exec bash -c "test -e /etc/profile && source /etc/profile"
# Disable GTK portal
set -x GTK_USE_PORTAL "0"
# Java fix
set -x _JAVA_AWT_WM_NONREPARENTING "1"
set -g fish_greeting
set -g fish_cursor_default block
set -g fish_cursor_insert line
set -g fish_cursor_replace_one underscore
set -g fish_cursor_replace underscore
set -g fish_cursor_external line
set -g fish_cursor_visual block
end
@@ -15,33 +43,3 @@ if test (tty) = "/dev/tty1"
sway
end
if status is-login
### Environment Variables
# Set nvim to default editor
set -x SUDO_EDITOR = "/usr/bin/nvim"
# Set R library location
set -x R_LIBS_USER = "/home/eesim/.local/lib/R"
# Disable GTK portal
set -x GTK_USE_PORTAL=0
# Wayland environment variables
set -x XDG_CURRENT_DESKTOP = "sway"
set -x XDG_CURRENT_SESSION = "sway"
set -x XDG_SESSION_TYPE = "wayland"
set -x ELECTRON_OZONE_PLATFORM_HINT = "auto"
set -x QT_QPA_PLATFORM = "wayland;xcb"
set -x SDL_VIDEODRIVER = "wayland,x11"
# Java fix
set -x _JAVA_AWT_WM_NONREPARENTING = "1"
### Themes
set -x QT_QPA_PLATFORMTHEME = "qt5ct"
### Start fish
exec fish
end

44
hosts/alpheratz/system.nix
View File

@@ -22,6 +22,14 @@
};
};
sops = {
defaultSopsFile = ../../secrets/alpheratz/secrets.yaml;
age.keyFile = "/home/eesim/.config/sops/age/keys.txt";
secrets."wireguard/private" = {};
secrets."wireguard/preshared" = {};
};
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.systemd-boot.xbootldrMountPoint = "/boot";
@@ -30,30 +38,32 @@
powerManagement.powertop.enable = true;
hardware.graphics.enable = true;
fileSystems = {
"/".options = [ "compress=zstd" ];
"/home".options = [ "compress=zstd" ];
"/nix".options = [ "compress=zstd" "noatime" ];
};
# networking.wg-quick.interfaces = {
# wg0 = {
# address = [ "10.6.0.5" ];
# listenPort = 51820;
# privateKeyFile = "/root/wireguard-keys/wg0/private";
# dns = [ "10.2.0.100" ];
networking.wg-quick.interfaces = {
wg0 = {
address = [ "10.0.0.2/32" ];
listenPort = 51820;
privateKeyFile = "/run/secrets/wireguard/private";
dns = [ "192.168.1.1" ];
autostart = false;
# peers = [
# {
# publicKey = "pEWHugUnnhWXkJzCIhXryRRZMoCAuvAITDeP4ItenQk=";
# presharedKeyFile = "/root/wireguard-keys/wg0/preshared";
# allowedIPs = [ "10.2.0.0/24" "192.168.0.0/24" ];
# endpoint = "simmer505.com:51820";
# persistentKeepalive = 25;
# }
# ];
# };
# };
peers = [
{
publicKey = "sWdXHlBqH+tAgSl0Tqr46sfKvgFN/vMDiuN08HjzaSg=";
presharedKeyFile = "/run/secrets/wireguard/preshared";
allowedIPs = [ "0.0.0.0/0" "::/0" ];
endpoint = "simmer505.com:51820";
}
];
};
};
# Set your time zone.
time.timeZone = "America/Chicago";