diff --git a/hosts/patricknix/net.nix b/hosts/patricknix/net.nix index 19e6048..796bd1e 100644 --- a/hosts/patricknix/net.nix +++ b/hosts/patricknix/net.nix @@ -53,4 +53,8 @@ rekeyFile = ./secrets/iwd/devolo-og.psk.age; path = "/var/lib/iwd/devolo-og.psk"; }; + age.secrets.simonWlan = { + rekeyFile = ./. + "/secrets/iwd/=467269747a21426f78373539302048616e7373656e.psk.age"; + path = "/var/lib/=467269747a21426f78373539302048616e7373656e.psk"; + }; } diff --git a/hosts/patricknix/secrets/iwd/=467269747a21426f78373539302048616e7373656e.psk.age b/hosts/patricknix/secrets/iwd/=467269747a21426f78373539302048616e7373656e.psk.age new file mode 100644 index 0000000..60ac439 Binary files /dev/null and b/hosts/patricknix/secrets/iwd/=467269747a21426f78373539302048616e7373656e.psk.age differ diff --git a/modules/config/usbguard.nix b/modules/config/usbguard.nix index 6ba64fb..d8f04e1 100644 --- a/modules/config/usbguard.nix +++ b/modules/config/usbguard.nix @@ -1,7 +1,7 @@ {config, ...}: { - agenix.secrets.usbguard.rekeyFile = ../../secrets/usbguard.rules.age; + age.secrets.usbguard.rekeyFile = ../../secrets/usbguard.rules.age; services.usbguard = { - rules = builtins.readFile config.age.secrets.usbguard.path; + ruleFile = config.age.secrets.usbguard.path; enable = true; }; } diff --git a/secrets/secrets.nix.age b/secrets/secrets.nix.age index a270e00..732f732 100644 Binary files a/secrets/secrets.nix.age and b/secrets/secrets.nix.age differ diff --git a/secrets/usbguard.rules.age b/secrets/usbguard.rules.age index 8bbcc67..c348ff0 100644 Binary files a/secrets/usbguard.rules.age and b/secrets/usbguard.rules.age differ diff --git a/users/common/graphical/wayland/sway.nix b/users/common/graphical/wayland/sway.nix index d32c8ee..96c64bc 100644 --- a/users/common/graphical/wayland/sway.nix +++ b/users/common/graphical/wayland/sway.nix @@ -42,6 +42,9 @@ "type:touch" = { map_to_output = "eDP-1"; }; + "type:tablet_tool" = { + map_to_output = "eDP-1"; + }; }; keybindings = let cfg = config.wayland.windowManager.sway.config; diff --git a/users/patrick/ssh.nix b/users/patrick/ssh.nix index 990564b..e5badc6 100644 --- a/users/patrick/ssh.nix +++ b/users/patrick/ssh.nix @@ -19,7 +19,7 @@ }; "gojo" = { - hostname = "10.181.97.217"; + hostname = "gojo.local"; user = "root"; }; @@ -46,6 +46,10 @@ hostname = "lel.lol"; user = "patrick"; }; + "binex" = { + hostname = "praksrv.sec.in.tum.de"; + user = "team402"; + }; "*" = { identitiesOnly = true; inherit identityFile; diff --git a/users/simon/default.nix b/users/simon/default.nix index a51f602..7b360f9 100644 --- a/users/simon/default.nix +++ b/users/simon/default.nix @@ -39,6 +39,7 @@ lib.optionalAttrs (!minimal) { ./simon.nix ./impermanence.nix + ./ssh.nix ]; }; } diff --git a/users/simon/ssh.nix b/users/simon/ssh.nix new file mode 100644 index 0000000..373746a --- /dev/null +++ b/users/simon/ssh.nix @@ -0,0 +1,56 @@ +{ + # yubikey public key parts + home.file.".ssh/1.pub".text = '' + ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDZixkix0KfKuq7Q19whS5FQQg51/AJGB5BiNF/7h/LM cardno:15 489 049 + ''; + programs.ssh = { + enable = true; + controlMaster = "auto"; + controlPersist = "5s"; + matchBlocks = let + identityFile = ["~/.ssh/1.pub"]; + in { + "elisabeth" = { + hostname = "lel.lol"; + user = "root"; + }; + + "gojo" = { + hostname = "gojo.local"; + user = "root"; + }; + + "patricknix" = { + hostname = "patricknix.local"; + user = "root"; + }; + + "testienix" = { + hostname = "testienix.local"; + user = "root"; + }; + + "desktopnix" = { + hostname = "desktopnix.local"; + user = "root"; + }; + + "valhalla" = { + hostname = "valhalla.fs.tum.de"; + user = "hanssen"; + }; + "elisabethprivate" = { + hostname = "lel.lol"; + user = "simon"; + }; + "binex" = { + hostname = "praksrv.sec.in.tum.de"; + user = "team402"; + }; + "*" = { + identitiesOnly = true; + inherit identityFile; + }; + }; + }; +}