diff --git a/config/services/forgejo.nix b/config/services/forgejo.nix index f466057..b3f1bd5 100644 --- a/config/services/forgejo.nix +++ b/config/services/forgejo.nix @@ -68,20 +68,27 @@ in mode = "0700"; } ]; - age.secrets.maddyPasswd = { + + age.secrets.mailnix-passwd = { generator.script = "alnum"; group = "git"; - mode = "0750"; }; - nodes.maddy = { - age.secrets.forgejoPasswd = { - inherit (config.age.secrets.maddyPasswd) rekeyFile; - inherit (nodes.maddy.config.services.maddy) group; - mode = "640"; + + age.secrets.mailnix-passwd-hash = { + generator.dependencies = [ config.age.secrets.mailnix-passwd ]; + generator.script = "argon2id"; + mode = "440"; + intermediary = true; + }; + nodes.mailnix = { + age.secrets.idmail-forgejo-passwd-hash = { + inherit (config.age.secrets.mailnix-passwd-hash) rekeyFile; + group = "stalwart-mail"; + mode = "440"; }; - services.maddy.ensureCredentials = { - "forge@${config.secrets.secrets.global.domains.mail_public}".passwordFile = - nodes.maddy.config.age.secrets.forgejoPasswd.path; + services.idmail.provision.mailboxes."forge@${config.secrets.secrets.global.domains.mail_public}" = { + password_hash = "%{file:${nodes.mailnix.config.age.secrets.idmail-forgejo-passwd-hash.path}}%"; + owner = "admin"; }; }; @@ -92,7 +99,7 @@ in user = "git"; group = "git"; lfs.enable = true; - secrets.mailer.PASSWD = config.age.secrets.maddyPasswd.path; + secrets.mailer.PASSWD = config.age.secrets.mailnix-passwd.path; settings = { DEFAULT.APP_NAME = "Patricks tolles git"; actions = { diff --git a/config/services/immich.nix b/config/services/immich.nix index 84bb31e..eb95b5f 100644 --- a/config/services/immich.nix +++ b/config/services/immich.nix @@ -146,23 +146,29 @@ let processedConfigFile = "/run/agenix/immich.config.json"; in { - age.secrets.maddyPasswd = { + age.secrets.mailnix-passwd = { generator.script = "alnum"; - mode = "440"; group = "root"; }; - nodes.maddy = { - age.secrets.immichPasswd = { - inherit (config.age.secrets.maddyPasswd) rekeyFile; - inherit (nodes.maddy.config.services.maddy) group; - mode = "640"; + age.secrets.mailnix-passwd-hash = { + generator.dependencies = [ config.age.secrets.mailnix-passwd ]; + generator.script = "argon2id"; + mode = "440"; + intermediary = true; + }; + nodes.mailnix = { + age.secrets.idmail-immich-passwd-hash = { + inherit (config.age.secrets.mailnix-passwd-hash) rekeyFile; + group = "stalwart-mail"; + mode = "440"; }; - services.maddy.ensureCredentials = { - "immich@${config.secrets.secrets.global.domains.mail_public}".passwordFile = - nodes.maddy.config.age.secrets.immichPasswd.path; + services.idmail.provision.mailboxes."immich@${config.secrets.secrets.global.domains.mail_public}" = { + password_hash = "%{file:${nodes.mailnix.config.age.secrets.idmail-immich-passwd-hash.path}}%"; + owner = "admin"; }; }; + age.secrets.resticpasswd = { generator.script = "alnum"; }; @@ -221,7 +227,7 @@ in deps = [ "agenix" ]; text = '' immichClientSecret=$(< ${config.age.secrets.immich-oauth2-client-secret.path}) - immichEmailSecret=$(< ${config.age.secrets.maddyPasswd.path}) + immichEmailSecret=$(< ${config.age.secrets.mailnix-passwd.path}) ${pkgs.jq}/bin/jq \ --arg immichClientSecret "$immichClientSecret" \ --arg immichEmailSecret "$immichEmailSecret" \ diff --git a/config/services/nextcloud.nix b/config/services/nextcloud.nix index 2b04dfd..41b3c9f 100644 --- a/config/services/nextcloud.nix +++ b/config/services/nextcloud.nix @@ -9,21 +9,27 @@ let hostName = "nc.${config.secrets.secrets.global.domains.web}"; in { - age.secrets.maddyPasswd = { + + age.secrets.mailnix-passwd = { generator.script = "alnum"; - mode = "440"; - owner = "nextcloud"; + group = "nextcloud"; }; - nodes.maddy = { - age.secrets.nextcloudPasswd = { - inherit (config.age.secrets.maddyPasswd) rekeyFile; - inherit (nodes.maddy.config.services.maddy) group; - mode = "640"; + age.secrets.mailnix-passwd-hash = { + generator.dependencies = [ config.age.secrets.mailnix-passwd ]; + generator.script = "argon2id"; + mode = "440"; + intermediary = true; + }; + nodes.mailnix = { + age.secrets.idmail-nextcloud-passwd-hash = { + inherit (config.age.secrets.mailnix-passwd-hash) rekeyFile; + group = "stalwart-mail"; + mode = "440"; }; - services.maddy.ensureCredentials = { - "nextcloud@${config.secrets.secrets.global.domains.mail_public}".passwordFile = - nodes.maddy.config.age.secrets.nextcloudPasswd.path; + services.idmail.provision.mailboxes."nextcloud@${config.secrets.secrets.global.domains.mail_public}" = { + password_hash = "%{file:${nodes.mailnix.config.age.secrets.idmail-nextcloud-passwd-hash.path}}%"; + owner = "admin"; }; }; environment.persistence."/persist".directories = [ @@ -108,7 +114,7 @@ in mailer-passwd-conf = pkgs.writeText "nextcloud-config.php" '' trim(file_get_contents('${config.age.secrets.maddyPasswd.path}')), + 'mail_smtppassword' => trim(file_get_contents('${config.age.secrets.mailnix-passwd.path}')), ]; ''; in diff --git a/config/services/vaultwarden.nix b/config/services/vaultwarden.nix index 5ea1d75..ad54fcd 100644 --- a/config/services/vaultwarden.nix +++ b/config/services/vaultwarden.nix @@ -54,25 +54,31 @@ in #]; }; }; - age.secrets.maddyPasswd = { + age.secrets.mailnix-passwd = { generator.script = "alnum"; group = "vaultwarden"; }; - nodes.maddy = { - age.secrets.vaultwardenPasswd = { - inherit (config.age.secrets.maddyPasswd) rekeyFile; - inherit (nodes.maddy.config.services.maddy) group; - mode = "640"; + age.secrets.mailnix-passwd-hash = { + generator.dependencies = [ config.age.secrets.mailnix-passwd ]; + generator.script = "argon2id"; + mode = "440"; + intermediary = true; + }; + nodes.mailnix = { + age.secrets.idmail-vaultwarden-passwd-hash = { + inherit (config.age.secrets.mailnix-passwd-hash) rekeyFile; + group = "stalwart-mail"; + mode = "440"; }; - services.maddy.ensureCredentials = { - "vaultwarden@${config.secrets.secrets.global.domains.mail_public}".passwordFile = - nodes.maddy.config.age.secrets.vaultwardenPasswd.path; + services.idmail.provision.mailboxes."vaultwarden@${config.secrets.secrets.global.domains.mail_public}" = { + password_hash = "%{file:${nodes.mailnix.config.age.secrets.idmail-vaultwarden-passwd-hash.path}}%"; + owner = "admin"; }; }; system.activationScripts.systemd_env_smtp_passwd = { text = '' - echo "SMTP_PASSWORD=$(< ${lib.escapeShellArg config.age.secrets.maddyPasswd.path})" > /run/vaultwarden_smtp_passwd + echo "SMTP_PASSWORD=$(< ${lib.escapeShellArg config.age.secrets.mailnix-passwd.path})" > /run/vaultwarden_smtp_passwd ''; deps = [ "agenix" ]; }; diff --git a/hosts/elisabeth/default.nix b/hosts/elisabeth/default.nix index 35e5d93..2b56f16 100644 --- a/hosts/elisabeth/default.nix +++ b/hosts/elisabeth/default.nix @@ -47,10 +47,6 @@ # that we can hopefully still access it remotely. systemd.enableEmergencyMode = false; - # Restrict the number of boot entries to prevent full /boot partition. - # Servers don't need too many generations. - boot.loader.systemd-boot.configurationLimit = 5; - documentation.nixos.enable = false; # No need for fonts on a server diff --git a/hosts/elisabeth/secrets/forgejo/generated/maddyPasswd.age b/hosts/elisabeth/secrets/forgejo/generated/maddyPasswd.age deleted file mode 100644 index 4d31eca..0000000 Binary files a/hosts/elisabeth/secrets/forgejo/generated/maddyPasswd.age and /dev/null differ diff --git a/hosts/elisabeth/secrets/forgejo/generated/mailnix-passwd-hash.age b/hosts/elisabeth/secrets/forgejo/generated/mailnix-passwd-hash.age new file mode 100644 index 0000000..2622801 --- /dev/null +++ b/hosts/elisabeth/secrets/forgejo/generated/mailnix-passwd-hash.age @@ -0,0 +1,16 @@ +age-encryption.org/v1 +-> X25519 NSKas0yQJIKMH80e9ee65Ut4hbtlejBYBaLtcMigqF0 +jiRJ3/xGyON70MpZnoynC0HWfJvESEB/co72aU3y77M +-> piv-p256 ZFgiIw A/ijcJapI7SDL81WdHQANxasOcNliuiwN6uZCzXbyCob +MMarsh+2PY8a0ktSvZUBHV00DvhWipRUp1/akEvi9BQ +-> piv-p256 XTQkUA AiK7kP0qYQr7Qd/UUsTCjoFQlD9vCS+HZdgnBlSJqQ+G +fFRQnlT+TQZIXBY5Q0xRCTbis3EShg8cvJNVT/mIe7Y +-> piv-p256 ZFgiIw AvzUQ4CbyVhzqbp1TSEVCKPbt6dVBGhb5Cij+HfGnw1m +2gpjHGtZNpARPevqo5DHNF/JWWu4on2LskMJ0YkX2S0 +-> piv-p256 5vmPtQ A5sFqFEQu8NiiKJ78Yh511NZgCd3A7euA+aCQr72RrHS +XDPgfnEcE8DFG/SQVAmuszFCvhYGog4LBKGYMFLj+3k +-> 7I{,$-grease j^h s0 Dpi4e $( +/m1bIeL3IcQ7JfnjxEbtr0Gt +--- Qt3cG/DozZPfy/gCeliGZw/eqirw8swiKy8gY+tzsIg + X25519 g3LlHabzfphEEd+5PaUbPF6Fb+g2p8OIWbrB5CEi9hk +ECSVhYx9NcKV0te+0B8Zn+yB7En7NvfRl4/FrLAAPOU +-> piv-p256 ZFgiIw A6+Nxauet7Cj41sxIvsB1iLtZebofS5YHyynYTFmwpzd +nU2Eu+6ULJCiu66HfxkGMyF/k7nk2LaR+Zcocj3mfoM +-> piv-p256 XTQkUA AuvixGrxA4BZbkfwEqSm2dmMl/kIrQ3gAsHguc7KzJYs +4ExBwltlaK84sZQvu1tOdaDYfOvHefp81juEWxHQAvw +-> piv-p256 ZFgiIw AgGalIM4HXMCs4i27UTuLo2eF9Xwucvu3kaIk95KNeX2 +GTiehyN3S6oINV5VsdhwSMM2Zdu2eLTx9rDqyPvKTu8 +-> piv-p256 5vmPtQ A4N99PpJZ0wl6VtrHvUmP/MTZwuJreLvqplCkOHWBvM8 +bSt6oCFQ/PUKQZ3YIEEyQzZ6JGKm76lzi05ZQUPuvjg +-> Vh@JV.jk-grease t'iZAz# +Y34EKQFc26w8PEcvqqQcg8XRD2iYM2TQPXtS5zz3CKWFv6ktAn6Hdlcxd1E/xVKj +5A8RiwXymi72nZf6D1c7VH8bxp4OmhL6/6xo +--- HpDzasHd9zah/iCmIHXrm2kUvVep9bFQViDsTBd6o40 +v&/-{)[%? И+2[cK]qu +L~) +-=W{? *N \ No newline at end of file diff --git a/hosts/elisabeth/secrets/immich/generated/maddyPasswd.age b/hosts/elisabeth/secrets/immich/generated/maddyPasswd.age deleted file mode 100644 index 7c30180..0000000 --- a/hosts/elisabeth/secrets/immich/generated/maddyPasswd.age +++ /dev/null @@ -1,16 +0,0 @@ -age-encryption.org/v1 --> X25519 26LQ7M/ohpGhCF5KSGOKGPleQS14YEUbLX3TkuJhA1c -molDQC1NjtUmgR4awiPa6s3Ps9FidC6ztupTCcaW7vY --> piv-p256 ZFgiIw AsgqJFOJqktxrbSJRXASEB/drg6GMy5Ugg7wDc4zy8MI -2LRO6PpWRJ48WK6e/zWnfSgu7W4TKiXZHm/KxGw8dro --> piv-p256 XTQkUA A2rw+YxP75H2isyxzWfofyBkV+PQsU5GQjv/Yf/CDdRQ -BCgHzAzkV6yICyq1Qeb7rXrBDhGwda0cXRCC4SfIsJ0 --> piv-p256 ZFgiIw Alc99i8iND+M1dgqWyW829TiYZbCkYF9RQ9ZS/jbjSV7 -7TePYT/aGOAekGSbL62SeDUAycMFC1/+K14UmBWRwyE --> piv-p256 5vmPtQ AgeVBqU8vdbgsJ5im3cDvXPCUsp/iGm9JwZ190fLZnuF -8S+xFyUGrLfXc+rmAHy4Mvk9QvybOk0EozTj46aCUW0 --> 5-grease %",T b5 -lhY8pdELxc7fr1hpxyTC9Cxn6QxiDmvxsKaVpwxC6g9aBTl0g1cdGoF3QdLvRkZj -F4fkyUTP0R9CrzBICabil1EzEw ---- plFbkh1yLnDN0yTuS+g0RuYlA0OLW4UUL4B2G5aDA+k -c]XuW(){a<ޡP#e~HGZ'L0io\E%GP=ron(*[; aB5y \ No newline at end of file diff --git a/hosts/elisabeth/secrets/immich/generated/mailnix-passwd-hash.age b/hosts/elisabeth/secrets/immich/generated/mailnix-passwd-hash.age new file mode 100644 index 0000000..a4bbad3 --- /dev/null +++ b/hosts/elisabeth/secrets/immich/generated/mailnix-passwd-hash.age @@ -0,0 +1,18 @@ +age-encryption.org/v1 +-> X25519 q7lf99LvDplL59CyLeW8kUzyXrqnbe0NqSAK8wJpmls +6bJpwdP47BhZJE0e1bxOXfKA6evrVwAc5YqNoxE0wQI +-> piv-p256 ZFgiIw AlcM1z0Y6fwRh7O6yxrjRiVjcSzptsUNCeJj0yKHOH0w +DQDaTmOfp2rS2VCZHIwuaLSMSsH4wk6dY9zgmgE0ZR4 +-> piv-p256 XTQkUA Ax/oNeJCU4gMWELvy8RvzsA6M5B9BWEAhxbWQ1oPYX4K +P5ZkqxgBe2K8wpXUE1dYVJhFwmDMcryb8TOSRfuqVNc +-> piv-p256 ZFgiIw AveRVCoPcjW87z5cdHKJVUsdlGqucq8UE9UEmbH4BSLx +K43x1yu6Ut/Zug1M+vSckCHR48KIcymkjVj9Ro6FiyE +-> piv-p256 5vmPtQ Ak6KZhc8GK6Z1rlnIRv9kPmTTXvE7OF3v2Z6JenutZQ3 +x6ggE1fhps2j1shDLX9jpm6eVv9RGQ+/sHlmOg6fLbs +-> i"k9a-grease 6(o_ODH &2 +6KpGlcoEM37+YbEc3KS2xXjThr57VLsa7kn/DGMWJTo245+yJYYoCvRGkBmyM9Ms +K0zPzZnXrJaLkfEtDH/YrwY853TRUPooFKcfqHw1AbcugSKgqH26o62v +--- v4XB4SH5aGZHGb8zshn5aFw079tfRPyUXKi9+IXx7Qo +lw4'MV``w%+RCJsuqK +m.bJ :yL> af K'vJ +e)84Ыt!#Gڎ%ɜzЊ& \ No newline at end of file diff --git a/hosts/elisabeth/secrets/immich/generated/mailnix-passwd.age b/hosts/elisabeth/secrets/immich/generated/mailnix-passwd.age new file mode 100644 index 0000000..5159d29 --- /dev/null +++ b/hosts/elisabeth/secrets/immich/generated/mailnix-passwd.age @@ -0,0 +1,15 @@ +age-encryption.org/v1 +-> X25519 xAW2QkHB1Xm6ZI6DYPH1BzeqMB8Ite91t2t4PLSrQS4 +P5HluE0UOm5PmyW4E63mDFUdAhJhrjzwt8rsBi/sEN0 +-> piv-p256 ZFgiIw A2NG1n8n1LSY++Gc+75qJP4UrKlD1mNAL95eRuJmFmDE +mlh5bTicdUtrpruqqsYzu1RbyoceXof3UL1Xcwbk34M +-> piv-p256 XTQkUA A8utmjuXowkLXjYNoZnbrks3YfxJ4ILjaFfd755qcipM +uWmtrPJrweC5Q3UI0ldI8kul4uvR5IqA1b6KNF0k9sA +-> piv-p256 ZFgiIw A3y2t6S5GBhOlkXA0C0LK00reORm0Z67oxDVFfZsC3y5 +FrIMzHmNlvgdkrsr1wATFWxXcLpIfc0H5k+yAUWmhg0 +-> piv-p256 5vmPtQ AzPbAB8LXiJvkUwbnSIwMZZ4VBtco4uYXN4nZ0sCc6J2 +BfI5zd97fRt1rDi5kZpmvNO8HzzL9X9zd/23aQCVaL8 +-> >]CB~fh-grease +IJi7Ibh4WGvLfZJ/9Rf5wxKum9JmXpzsxUI9dRamAOLwiLDpWsLnarxk4AzI +--- oqfBZx6P//rbHJFy4GAwAgmokdCB3eE2i/NWAuCE+UA +)sC#D 19E6^-d׹.:)ZU tkgIW=yluqlW) \ No newline at end of file diff --git a/hosts/elisabeth/secrets/nextcloud/generated/maddyPasswd.age b/hosts/elisabeth/secrets/nextcloud/generated/maddyPasswd.age deleted file mode 100644 index 319375e..0000000 --- a/hosts/elisabeth/secrets/nextcloud/generated/maddyPasswd.age +++ /dev/null @@ -1,15 +0,0 @@ -age-encryption.org/v1 --> X25519 59/M7sZBQrBQPAcEOVz6Wx4JAa2KDr7uuvWujXw0UQ4 -F0xyN4XaRsUxWeWw8D/iMeG5Ae5q9O7E+aIAy4H6o1Y --> piv-p256 XTQkUA A9Ebcz93AXKtJGec/q8lhai+HlW6wMcfvexN71l0G3Fh -AJMEfVRsd0FhYk4gRQxls5pNP8g2yNSQDTXz0ZFg1Zo --> piv-p256 ZFgiIw AoEfBUMaCAqv250jrjBNSm/JKGvYOazanHBss6kHmAmt -N4Bu8uLMqwqbu7D6d57hlVYmt95NXSJjFY8biU6vs58 --> piv-p256 5vmPtQ ApQ9mIcmf88Z22mBr1IMSJ1dgoDADRB+Jj48HpKFiAbD -rEcWLXh8oCPQRuKTQpTjqlDME2Rw2zkWk+1X4BTtgts --> piv-p256 ZFgiIw Asa1oVWehCSqG0JVPtLrngOJiFMYyWcmCYnlyxGbH5DF -nIWn2OQkBAgwPlLExo5eG6GwEdB+zmSrSD88/XrTsiU --> W5<$HY5Y-grease kIKLXr B( 8<}qd -jcKYwwiWM/CGNodKYwOT ---- 41dZQpbgiDIVRmiBMyO9u76SNI350z+LPHjYNW5LyOc -0̿ 3k`EEߵep~n?gV9U#t5;εО;-a9jrK".%y@뀦 \ No newline at end of file diff --git a/hosts/elisabeth/secrets/nextcloud/generated/mailnix-passwd-hash.age b/hosts/elisabeth/secrets/nextcloud/generated/mailnix-passwd-hash.age new file mode 100644 index 0000000..bdd76f4 --- /dev/null +++ b/hosts/elisabeth/secrets/nextcloud/generated/mailnix-passwd-hash.age @@ -0,0 +1,18 @@ +age-encryption.org/v1 +-> X25519 bN5c/vaBlrq40FL+ux1n1owfVG1pYQJTkl5U0Va7bkA +blqeJmUBmJy9u6V1PgTCFp4khTztI9bOObPPs1meIy0 +-> piv-p256 ZFgiIw A46Lqw4Z3Cy8+TctELeSxF8c5lUP0YV5M3+xfD69ptTz +Yh46Tx9EEqoehidulMf7ilPwZ96E1lJdi0w/aDIS6no +-> piv-p256 XTQkUA A+3Jc+pHAIxwN2fmDp2gBWiOFCGSXdFWEjlxbcuAmDOV +tcsOZuHAAax5TUViyMBXdK8gNnxrysHMkY5i9mbozOI +-> piv-p256 ZFgiIw AyXKhoe9lSwLFEYkf5Z5b+71LupCWNC1eU2ArSN0jNPS +88bRtwzaFLofIxUL5pvOz/YIeZvF3Ocx892UNqEELe8 +-> piv-p256 5vmPtQ A9TMmparTynhyRM8JkGr7qPvOp+DbzX6frvPPynp/5Hl +MLokBQrpPQxUFhvBWuG0vDwIa1Ri6ZpsUQubkk9kYCc +-> ",%-grease T>0e|* LG8V} )6pli J} +AvaS7pySsUr0pjLWumfPYLmLSH0mom8Nq0xm31e0Aw6AjtJe/mEBF9O6e9u+P/KI +mI9Fjvq0LnN51BmJmkD9WuXjAOXfe/Q/WDIIvIlHxMYfKBmgPd0pH6pd7+9A8rLS +wUM +--- aw59UXUi8f+ZV2aPayu24QWw9H54XW4YJ85oRodoYDo +Q v!ZďFt`!CC$V@o9 |==[F|+)E3js!=P1]8w +IdK]b,<v X25519 qvTSINNBzbu/7OH/g4n9ETe98nT1t2zBoei68prbkDU +WaaXddl5e/RlpxAReHy2blcJkc290SUr/z+ACHI/Jiw +-> piv-p256 ZFgiIw Azi6q88y1v4cOOmR1/4lYdiURMe/n598ia0eauZa4K6y +CpnBjH0k4I+QjUHIPE6kDEw7c7SGkCET8pNP3cvAmZU +-> piv-p256 XTQkUA AvfagUvm4BzADnddB3I0OpicQOfFurHoGIguwmkGxsPz +qkzQ03q4E9E/UFE/ORKtqjNPUh7o0tQ1vqxvhzXIyWU +-> piv-p256 ZFgiIw A74E+KymB4ehEXwRYjqlSDts9qTxZZspUxk4S+DU6ugd +07oPVX8giMmYGVjsYCnJumpQDXv59YOCZY/QZc8KfD8 +-> piv-p256 5vmPtQ A06iMGTqX/nLWjAKPeegMO83mh0c+TlpAneNQjJTYB5A +nIyWD56QpDeolYppODnadLnY3fEpF/PDLLcxvydWXNw +-> I9.OC X25519 SKT/EQ9Moyj1FbNd6wlq+XWZzNi4ZJimPLSb57Vmlzw +8qYP9TskOc1OsTsLXajuyv4fsPJzZJaU6cLtlqbiyVo +-> piv-p256 ZFgiIw AsGZmoxY9hBPpAeOK/HYSLu93UvrjtSeIxVsP7YXZz6Z +gNFpXSITLpFBybA+W2Oo+qW+2c/Rrz+G3uABXdPdh5Q +-> piv-p256 XTQkUA AscDXlRhgTNduIeMfMnP5DOaggHIjLoS2y0FkGlOdR9/ +I+uuFxR/z/qCfqcCWhBJssc7F/lWyt5lOqptXycMTrQ +-> piv-p256 ZFgiIw AmWtcTCJpra65HmVC0t930lodIHCahUIQCdtxYXy4s9q +qU0KHz/pk/spJg6Bd7vI5jxuz2I1t2iKSVOprGOnrOE +-> piv-p256 5vmPtQ A4u6lgIVdEEGC9W75AgulvzoR3Tnyrx0s2qdnWXOtISQ +eiy2qNX5B2XZ18kXM5RbvoFAtFewr+b+0b2lX/22qa4 +-> 6m7l[c-grease +Z9mhVSOF0Kyi9jvU8NH6CQLXkfI5a2dZ +--- I+gjdIwsub9gtoJBW0XzeiiXaeLje7UfTWQIybPoWoQ + Tokj%j[X:o A Cܝq~=5(>)a\FR1EV$WOZ \ No newline at end of file diff --git a/hosts/maddy/secrets/generated/maddyHetznerSsh.age b/hosts/maddy/secrets/generated/maddyHetznerSsh.age deleted file mode 100644 index dfee89d..0000000 Binary files a/hosts/maddy/secrets/generated/maddyHetznerSsh.age and /dev/null differ diff --git a/hosts/maddy/secrets/generated/patrickPasswd.age b/hosts/maddy/secrets/generated/patrickPasswd.age deleted file mode 100644 index 8096a79..0000000 Binary files a/hosts/maddy/secrets/generated/patrickPasswd.age and /dev/null differ diff --git a/hosts/maddy/secrets/generated/resticpasswd.age b/hosts/maddy/secrets/generated/resticpasswd.age deleted file mode 100644 index 1490c4b..0000000 Binary files a/hosts/maddy/secrets/generated/resticpasswd.age and /dev/null differ diff --git a/modules/distributed-config.nix b/modules/distributed-config.nix index 6e98b6b..4c7c492 100644 --- a/modules/distributed-config.nix +++ b/modules/distributed-config.nix @@ -49,8 +49,9 @@ let ] [ "services" - "maddy" - "ensureCredentials" + "idmail" + "provision" + "mailboxes" ] ]; diff --git a/users/patrick/programs/kitty.nix b/users/patrick/programs/kitty.nix index 86d95e4..f9f3a6e 100644 --- a/users/patrick/programs/kitty.nix +++ b/users/patrick/programs/kitty.nix @@ -1,12 +1,14 @@ { pkgs, lib, ... }: { hm.stylix.targets.kitty.enable = true; + hm.home.sessionVariables = { + TERMINFO_DIRS = "${pkgs.kitty.terminfo.outPath}/share/terminfo"; + }; hm.programs.kitty = { enable = true; - package = pkgs.kitty.overrideAttrs (_finalAttrs: _prevAttrs: { doCheck = false; }); settings = { - # Use xterm-256color because copying terminfo-kitty is painful. - term = "xterm-256color"; + # Add nerd font symbol map. Not sure why it is suddenly needed since 0.32.0 (https://github.com/kovidgoyal/kitty/issues/7081) + symbol_map = "U+23FB-U+23FE,U+2665,U+26A1,U+2B58,U+E000-U+E00A,U+E0A0-U+E0A2,U+E0A3,U+E0B0-U+E0B3,U+E0B4-U+E0C8,U+E0CA,U+E0CC-U+E0D4,U+E200-U+E2A9,U+E300-U+E3E3,U+E5FA-U+E6B1,U+E700-U+E7C5,U+EA60-U+EBEB,U+F000-U+F2E0,U+F300-U+F372,U+F400-U+F532,U+F500-U+FD46,U+F0001-U+F1AF0 Symbols Nerd Font Mono"; # make kitty go brrrr repaint_delay = 8; @@ -49,6 +51,7 @@ "shift+page_down" = "scroll_page_down"; "ctrl+shift+." = "change_font_size all -2.0"; "ctrl+shift+," = "change_font_size all +2.0"; + "ctrl+shift+w" = "no_op"; }; extraConfig = lib.mkAfter '' # Use nvim as scrollback pager