diff --git a/flake.lock b/flake.lock index dabcceb..8d2e911 100644 --- a/flake.lock +++ b/flake.lock @@ -1,5 +1,48 @@ { "nodes": { + "agenix": { + "inputs": { + "darwin": "darwin", + "home-manager": "home-manager", + "nixpkgs": "nixpkgs", + "systems": "systems" + }, + "locked": { + "lastModified": 1750173260, + "narHash": "sha256-9P1FziAwl5+3edkfFcr5HeGtQUtrSdk/MksX39GieoA=", + "owner": "ryantm", + "repo": "agenix", + "rev": "531beac616433bac6f9e2a19feb8e99a22a66baf", + "type": "github" + }, + "original": { + "owner": "ryantm", + "repo": "agenix", + "type": "github" + } + }, + "darwin": { + "inputs": { + "nixpkgs": [ + "agenix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1744478979, + "narHash": "sha256-dyN+teG9G82G+m+PX/aSAagkC+vUv0SgUw3XkPhQodQ=", + "owner": "lnl7", + "repo": "nix-darwin", + "rev": "43975d782b418ebf4969e9ccba82466728c2851b", + "type": "github" + }, + "original": { + "owner": "lnl7", + "ref": "master", + "repo": "nix-darwin", + "type": "github" + } + }, "flake-compat": { "flake": false, "locked": { @@ -32,6 +75,27 @@ } }, "home-manager": { + "inputs": { + "nixpkgs": [ + "agenix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1745494811, + "narHash": "sha256-YZCh2o9Ua1n9uCvrvi5pRxtuVNml8X2a03qIFfRKpFs=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "abfad3d2958c9e6300a883bd443512c55dfeb1be", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "home-manager", + "type": "github" + } + }, + "home-manager_2": { "inputs": { "nixpkgs": [ "nixpkgs" @@ -72,7 +136,7 @@ "flake-compat": "flake-compat", "flake-utils": "flake-utils", "nix": "nix", - "nixpkgs": "nixpkgs_2" + "nixpkgs": "nixpkgs_3" }, "locked": { "lastModified": 1669478601, @@ -91,7 +155,7 @@ "nix": { "inputs": { "lowdown-src": "lowdown-src", - "nixpkgs": "nixpkgs", + "nixpkgs": "nixpkgs_2", "nixpkgs-regression": "nixpkgs-regression" }, "locked": { @@ -126,16 +190,16 @@ }, "nixpkgs": { "locked": { - "lastModified": 1657693803, - "narHash": "sha256-G++2CJ9u0E7NNTAi9n5G8TdDmGJXcIjkJ3NF8cetQB8=", + "lastModified": 1745391562, + "narHash": "sha256-sPwcCYuiEopaafePqlG826tBhctuJsLx/mhKKM5Fmjo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "365e1b3a859281cf11b94f87231adeabbdd878a2", + "rev": "8a2f738d9d1f1d986b5a4cd2fd2061a7127237d7", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-22.05-small", + "ref": "nixos-unstable", "repo": "nixpkgs", "type": "github" } @@ -173,6 +237,22 @@ } }, "nixpkgs_2": { + "locked": { + "lastModified": 1657693803, + "narHash": "sha256-G++2CJ9u0E7NNTAi9n5G8TdDmGJXcIjkJ3NF8cetQB8=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "365e1b3a859281cf11b94f87231adeabbdd878a2", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-22.05-small", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { "locked": { "lastModified": 1669378442, "narHash": "sha256-nm+4PN0A4SnV0SzEchxrMyKPvI3Ld/aoom4PnHeHucs=", @@ -188,7 +268,7 @@ "type": "github" } }, - "nixpkgs_3": { + "nixpkgs_4": { "locked": { "lastModified": 1749285348, "narHash": "sha256-frdhQvPbmDYaScPFiCnfdh3B/Vh81Uuoo0w5TkWmmjU=", @@ -204,7 +284,7 @@ "type": "github" } }, - "nixpkgs_4": { + "nixpkgs_5": { "locked": { "lastModified": 1727348695, "narHash": "sha256-J+PeFKSDV+pHL7ukkfpVzCOO7mBSrrpJ3svwBFABbhI=", @@ -222,17 +302,33 @@ }, "root": { "inputs": { - "home-manager": "home-manager", + "agenix": "agenix", + "home-manager": "home-manager_2", "mms": "mms", "nixos-hardware": "nixos-hardware", - "nixpkgs": "nixpkgs_3", + "nixpkgs": "nixpkgs_4", "nixpkgs-stable": "nixpkgs-stable", "zen-browser": "zen-browser" } }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, "zen-browser": { "inputs": { - "nixpkgs": "nixpkgs_4" + "nixpkgs": "nixpkgs_5" }, "locked": { "lastModified": 1727721329, diff --git a/hosts/goingmerry/configuration.nix b/hosts/goingmerry/configuration.nix index 623aaeb..2d9df80 100644 --- a/hosts/goingmerry/configuration.nix +++ b/hosts/goingmerry/configuration.nix @@ -105,7 +105,7 @@ environment.systemPackages = with pkgs; [ #ciscoPacketTracer8 SDL2 - agenix-cli + inputs.agenix.packages."${system}".default air alacritty anki diff --git a/hosts/hitsugibune/nextcloud.nix b/hosts/hitsugibune/nextcloud.nix index f0d8166..24a0160 100644 --- a/hosts/hitsugibune/nextcloud.nix +++ b/hosts/hitsugibune/nextcloud.nix @@ -4,8 +4,6 @@ lib, ... }: { - # This is only a temporary password and will be changed - environment.etc."nextcloud-admin-pass".text = "samcsamc11"; networking.firewall.allowedTCPPorts = [80 443]; services.nextcloud = { enable = true; @@ -21,7 +19,7 @@ package = pkgs.nextcloud31; config = { adminuser = "admin"; - adminpassFile = "/etc/nextcloud-admin-pass"; + adminpassFile = config.age.secrets.nextcloud.path; dbtype = "pgsql"; }; database.createLocally = true; diff --git a/secrets/nextcloud.age b/secrets/nextcloud.age new file mode 100644 index 0000000..7efc220 --- /dev/null +++ b/secrets/nextcloud.age @@ -0,0 +1,15 @@ +age-encryption.org/v1 +-> ssh-ed25519 7PLkJg i/qEIp1EvEYd514SwtopEhn90xR5vjBVQ4ag7KVZRwo +yYC/pnU3c4LkO/wgUkoGT8D5A9JMDwJx/m6WMQurZYg +-> ssh-rsa LgF3EQ +WUfp+l2ZcMg8+AVITMOo1CpC4r68+RTYXe0ABHBIsuYj89f3/xl70xl5y7akxlWq +mnZDRAvl7Enbedg3gs3gYP6afmpGS2993SVm3j9jqTprmNOIbjVNoX/FsFDpihtw +WDhbRLdpdwm8bVHH6oEkTRoDRXalRJWq/0cdi3xQJ2pRLT7xyvH4XQNd9EhsBA8v +vhjcFDnL4be8R67Me/4vh8jOnXdSBsWmcGo/oLDTCO+2sqW/k3S8JGsCVY460CQB +mJvnT/TbI0SR49umJoRdzSCfrNH+aV+0mNzfiUo7255RAtE0diiXmqb5lOS1HhBT +g6j1PKxceQ6KaVRWTtwiJFHZzqqpJ1RVhPo27S5e+duf+LhLO2/eMfNEbt1uC0SV +Ov4ONuwaIGY3ZPek347qtxSLKgK0cmrmhOC+Bl8+uIRU5VEUT/OUTMHPMWXmaxB5 +allblCmE2WKxlodLqpibzR2Ji0M7ycCU74NPyUoJG2zgpfcoMWlIDOteYk+q5ugc + +--- oVuuxuLmLIRKUgKfqmw7/3WD+At8lSYEN4nT9lH8SD0 +Űҹ;>pn<"C>H޺\;џ  \ No newline at end of file diff --git a/secrets/onlyoffice.age b/secrets/onlyoffice.age new file mode 100644 index 0000000..cc55b4c --- /dev/null +++ b/secrets/onlyoffice.age @@ -0,0 +1,15 @@ +age-encryption.org/v1 +-> ssh-ed25519 7PLkJg ViqmKiD8ygCmRP5jDDwWl8A00BPoeydETL+e7wTb8Do +SL7xYzWxFS2uJ7y0HETQlXE6JvZP9XWevp/gatEXwMc +-> ssh-rsa LgF3EQ +k3nfxhBBiwB18N5YO4lrkRtJkzmzw3sbD0AmsBoi9N/BbAN0RyPAguk+QUozhPaZ +0/AkNxdZl1C4hP5aas9mcyP4d/7lQwOYAENqFwdQ24wZYi3ttrwo3tukoOiUqRyH +BuZmjrPLBhERxtoUKRMTZWHgGhkiZhViT0+msER51TuwA3ga/6AnMJRnbWtIPWzc +LCHuIiMyC9VDwMcQ2HQ+66e43FWXXPwKJBV/ZAHcd9aBFIJrOtg6HphG4z0XMssx +MJW+u2rlsxU+MowF/AXSV+XpUI6B4JrYsHQgm1uDDjAwLs37QQHqBS8gp124oS7b +Xkb/I3QFrhWmG5tPLg/r57C/d80CLL1F2I3gTUQ7X+8v7bC05M7K6YXwTy37virk +/SZ24SclIzm5H1z6C/WBQeGMAi1H5ED/K1ot5AuDjS7asVXkbJk6SNx7KDjawErS +xIJlVomNnPdO4yx5UpBIsPIletqOW4y4Vb7rTjW/kxBrXtCSUvZ9KSTkTzT/Fx6j + +--- 56b6m7hN0dzWzlgBpOnfb5+sxRYrrtYR4gvFDWC3o7c +prL1 %KeޅJBl0" \ZKŇiN.5۟[3 \ No newline at end of file diff --git a/secrets/secrets.nix b/secrets/secrets.nix new file mode 100644 index 0000000..14ec1e4 --- /dev/null +++ b/secrets/secrets.nix @@ -0,0 +1,7 @@ +let + hitsugibune = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIUlhaAtSnpfDxyMy0MtplwbbO+Txgf2JuqHq2tqWh9g"; + key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDBQtMQF6NpN/tPS01LRAI1yIzfTj+tNQi+TsG7+dRSsTxxv4eXJ1EQ1HV5vSAYlCwt0FjlK2ejXUqXzGzZBdd2usPBYPHiE3n2ZfQ3bCPJVa17M/ZIgX2PB/CcewQSVMZmlNu2SoocGaOBSQ9CaGQYe8Cj2nrZxF6ArPEm7FcFTvV+nJa//nEXccM2gexEyuuPm/ESMbCB/sffz8xgeDpCgG97Hb8JDcEtw5n17ZzR0eSJlSGQ2Sv8rM0ymO9GwHIJgnvPBxLV1TTotAy8E2kQF84Z9/tPkrI2T30EPvOxCtbIHR/8ZCbasTWfyoM2+Gum63soxAdcvjbRbiQEwpO2KiEYl4Zu3n0FJqqJGnC3yVpK7zZfEw7djeX8PJOjt5xzyhTGyjkLREuO/1IwLN0vCdC9irjCWrdoPTDnYLPN4aYEbH19Ff1UiVFB/jAsIwKsMFJ66/EawrJ1MLcdhSbZv0wZgG4DByeBz148Ev7uidT7orpaqf/dCCYpHc8Kfys="; +in { + "nextcloud.age".publicKeys = [ hitsugibune key ]; + "onlyoffice.age".publicKeys = [ hitsugibune key ]; +}