From aa96c92aa8bf1c4f62f379767f632a2fd62fda0e Mon Sep 17 00:00:00 2001 From: Patrick Date: Sat, 7 Dec 2024 15:06:07 +0100 Subject: [PATCH] feat: switch mails --- config/services/forgejo.nix | 29 ++++++++++------- config/services/immich.nix | 28 +++++++++------- config/services/nextcloud.nix | 30 +++++++++++------- config/services/vaultwarden.nix | 26 +++++++++------ hosts/elisabeth/default.nix | 4 --- .../secrets/forgejo/generated/maddyPasswd.age | Bin 743 -> 0 bytes .../forgejo/generated/mailnix-passwd-hash.age | 16 ++++++++++ .../forgejo/generated/mailnix-passwd.age | 18 +++++++++++ .../secrets/immich/generated/maddyPasswd.age | 16 ---------- .../immich/generated/mailnix-passwd-hash.age | 18 +++++++++++ .../immich/generated/mailnix-passwd.age | 15 +++++++++ .../nextcloud/generated/maddyPasswd.age | 15 --------- .../generated/mailnix-passwd-hash.age | 18 +++++++++++ .../nextcloud/generated/mailnix-passwd.age | Bin 0 -> 798 bytes .../vaultwarden/generated/maddyPasswd.age | Bin 725 -> 0 bytes .../generated/mailnix-passwd-hash.age | 16 ++++++++++ .../vaultwarden/generated/mailnix-passwd.age | 15 +++++++++ .../secrets/generated/maddyHetznerSsh.age | Bin 1159 -> 0 bytes .../maddy/secrets/generated/patrickPasswd.age | Bin 717 -> 0 bytes .../maddy/secrets/generated/resticpasswd.age | Bin 845 -> 0 bytes modules/distributed-config.nix | 5 +-- users/patrick/programs/kitty.nix | 9 ++++-- 22 files changed, 194 insertions(+), 84 deletions(-) delete mode 100644 hosts/elisabeth/secrets/forgejo/generated/maddyPasswd.age create mode 100644 hosts/elisabeth/secrets/forgejo/generated/mailnix-passwd-hash.age create mode 100644 hosts/elisabeth/secrets/forgejo/generated/mailnix-passwd.age delete mode 100644 hosts/elisabeth/secrets/immich/generated/maddyPasswd.age create mode 100644 hosts/elisabeth/secrets/immich/generated/mailnix-passwd-hash.age create mode 100644 hosts/elisabeth/secrets/immich/generated/mailnix-passwd.age delete mode 100644 hosts/elisabeth/secrets/nextcloud/generated/maddyPasswd.age create mode 100644 hosts/elisabeth/secrets/nextcloud/generated/mailnix-passwd-hash.age create mode 100644 hosts/elisabeth/secrets/nextcloud/generated/mailnix-passwd.age delete mode 100644 hosts/elisabeth/secrets/vaultwarden/generated/maddyPasswd.age create mode 100644 hosts/elisabeth/secrets/vaultwarden/generated/mailnix-passwd-hash.age create mode 100644 hosts/elisabeth/secrets/vaultwarden/generated/mailnix-passwd.age delete mode 100644 hosts/maddy/secrets/generated/maddyHetznerSsh.age delete mode 100644 hosts/maddy/secrets/generated/patrickPasswd.age delete mode 100644 hosts/maddy/secrets/generated/resticpasswd.age diff --git a/config/services/forgejo.nix b/config/services/forgejo.nix index f466057..b3f1bd5 100644 --- a/config/services/forgejo.nix +++ b/config/services/forgejo.nix @@ -68,20 +68,27 @@ in mode = "0700"; } ]; - age.secrets.maddyPasswd = { + + age.secrets.mailnix-passwd = { generator.script = "alnum"; group = "git"; - mode = "0750"; }; - nodes.maddy = { - age.secrets.forgejoPasswd = { - inherit (config.age.secrets.maddyPasswd) rekeyFile; - inherit (nodes.maddy.config.services.maddy) group; - mode = "640"; + + age.secrets.mailnix-passwd-hash = { + generator.dependencies = [ config.age.secrets.mailnix-passwd ]; + generator.script = "argon2id"; + mode = "440"; + intermediary = true; + }; + nodes.mailnix = { + age.secrets.idmail-forgejo-passwd-hash = { + inherit (config.age.secrets.mailnix-passwd-hash) rekeyFile; + group = "stalwart-mail"; + mode = "440"; }; - services.maddy.ensureCredentials = { - "forge@${config.secrets.secrets.global.domains.mail_public}".passwordFile = - nodes.maddy.config.age.secrets.forgejoPasswd.path; + services.idmail.provision.mailboxes."forge@${config.secrets.secrets.global.domains.mail_public}" = { + password_hash = "%{file:${nodes.mailnix.config.age.secrets.idmail-forgejo-passwd-hash.path}}%"; + owner = "admin"; }; }; @@ -92,7 +99,7 @@ in user = "git"; group = "git"; lfs.enable = true; - secrets.mailer.PASSWD = config.age.secrets.maddyPasswd.path; + secrets.mailer.PASSWD = config.age.secrets.mailnix-passwd.path; settings = { DEFAULT.APP_NAME = "Patricks tolles git"; actions = { diff --git a/config/services/immich.nix b/config/services/immich.nix index 84bb31e..eb95b5f 100644 --- a/config/services/immich.nix +++ b/config/services/immich.nix @@ -146,23 +146,29 @@ let processedConfigFile = "/run/agenix/immich.config.json"; in { - age.secrets.maddyPasswd = { + age.secrets.mailnix-passwd = { generator.script = "alnum"; - mode = "440"; group = "root"; }; - nodes.maddy = { - age.secrets.immichPasswd = { - inherit (config.age.secrets.maddyPasswd) rekeyFile; - inherit (nodes.maddy.config.services.maddy) group; - mode = "640"; + age.secrets.mailnix-passwd-hash = { + generator.dependencies = [ config.age.secrets.mailnix-passwd ]; + generator.script = "argon2id"; + mode = "440"; + intermediary = true; + }; + nodes.mailnix = { + age.secrets.idmail-immich-passwd-hash = { + inherit (config.age.secrets.mailnix-passwd-hash) rekeyFile; + group = "stalwart-mail"; + mode = "440"; }; - services.maddy.ensureCredentials = { - "immich@${config.secrets.secrets.global.domains.mail_public}".passwordFile = - nodes.maddy.config.age.secrets.immichPasswd.path; + services.idmail.provision.mailboxes."immich@${config.secrets.secrets.global.domains.mail_public}" = { + password_hash = "%{file:${nodes.mailnix.config.age.secrets.idmail-immich-passwd-hash.path}}%"; + owner = "admin"; }; }; + age.secrets.resticpasswd = { generator.script = "alnum"; }; @@ -221,7 +227,7 @@ in deps = [ "agenix" ]; text = '' immichClientSecret=$(< ${config.age.secrets.immich-oauth2-client-secret.path}) - immichEmailSecret=$(< ${config.age.secrets.maddyPasswd.path}) + immichEmailSecret=$(< ${config.age.secrets.mailnix-passwd.path}) ${pkgs.jq}/bin/jq \ --arg immichClientSecret "$immichClientSecret" \ --arg immichEmailSecret "$immichEmailSecret" \ diff --git a/config/services/nextcloud.nix b/config/services/nextcloud.nix index 2b04dfd..41b3c9f 100644 --- a/config/services/nextcloud.nix +++ b/config/services/nextcloud.nix @@ -9,21 +9,27 @@ let hostName = "nc.${config.secrets.secrets.global.domains.web}"; in { - age.secrets.maddyPasswd = { + + age.secrets.mailnix-passwd = { generator.script = "alnum"; - mode = "440"; - owner = "nextcloud"; + group = "nextcloud"; }; - nodes.maddy = { - age.secrets.nextcloudPasswd = { - inherit (config.age.secrets.maddyPasswd) rekeyFile; - inherit (nodes.maddy.config.services.maddy) group; - mode = "640"; + age.secrets.mailnix-passwd-hash = { + generator.dependencies = [ config.age.secrets.mailnix-passwd ]; + generator.script = "argon2id"; + mode = "440"; + intermediary = true; + }; + nodes.mailnix = { + age.secrets.idmail-nextcloud-passwd-hash = { + inherit (config.age.secrets.mailnix-passwd-hash) rekeyFile; + group = "stalwart-mail"; + mode = "440"; }; - services.maddy.ensureCredentials = { - "nextcloud@${config.secrets.secrets.global.domains.mail_public}".passwordFile = - nodes.maddy.config.age.secrets.nextcloudPasswd.path; + services.idmail.provision.mailboxes."nextcloud@${config.secrets.secrets.global.domains.mail_public}" = { + password_hash = "%{file:${nodes.mailnix.config.age.secrets.idmail-nextcloud-passwd-hash.path}}%"; + owner = "admin"; }; }; environment.persistence."/persist".directories = [ @@ -108,7 +114,7 @@ in mailer-passwd-conf = pkgs.writeText "nextcloud-config.php" '' trim(file_get_contents('${config.age.secrets.maddyPasswd.path}')), + 'mail_smtppassword' => trim(file_get_contents('${config.age.secrets.mailnix-passwd.path}')), ]; ''; in diff --git a/config/services/vaultwarden.nix b/config/services/vaultwarden.nix index 5ea1d75..ad54fcd 100644 --- a/config/services/vaultwarden.nix +++ b/config/services/vaultwarden.nix @@ -54,25 +54,31 @@ in #]; }; }; - age.secrets.maddyPasswd = { + age.secrets.mailnix-passwd = { generator.script = "alnum"; group = "vaultwarden"; }; - nodes.maddy = { - age.secrets.vaultwardenPasswd = { - inherit (config.age.secrets.maddyPasswd) rekeyFile; - inherit (nodes.maddy.config.services.maddy) group; - mode = "640"; + age.secrets.mailnix-passwd-hash = { + generator.dependencies = [ config.age.secrets.mailnix-passwd ]; + generator.script = "argon2id"; + mode = "440"; + intermediary = true; + }; + nodes.mailnix = { + age.secrets.idmail-vaultwarden-passwd-hash = { + inherit (config.age.secrets.mailnix-passwd-hash) rekeyFile; + group = "stalwart-mail"; + mode = "440"; }; - services.maddy.ensureCredentials = { - "vaultwarden@${config.secrets.secrets.global.domains.mail_public}".passwordFile = - nodes.maddy.config.age.secrets.vaultwardenPasswd.path; + services.idmail.provision.mailboxes."vaultwarden@${config.secrets.secrets.global.domains.mail_public}" = { + password_hash = "%{file:${nodes.mailnix.config.age.secrets.idmail-vaultwarden-passwd-hash.path}}%"; + owner = "admin"; }; }; system.activationScripts.systemd_env_smtp_passwd = { text = '' - echo "SMTP_PASSWORD=$(< ${lib.escapeShellArg config.age.secrets.maddyPasswd.path})" > /run/vaultwarden_smtp_passwd + echo "SMTP_PASSWORD=$(< ${lib.escapeShellArg config.age.secrets.mailnix-passwd.path})" > /run/vaultwarden_smtp_passwd ''; deps = [ "agenix" ]; }; diff --git a/hosts/elisabeth/default.nix b/hosts/elisabeth/default.nix index 35e5d93..2b56f16 100644 --- a/hosts/elisabeth/default.nix +++ b/hosts/elisabeth/default.nix @@ -47,10 +47,6 @@ # that we can hopefully still access it remotely. systemd.enableEmergencyMode = false; - # Restrict the number of boot entries to prevent full /boot partition. - # Servers don't need too many generations. - boot.loader.systemd-boot.configurationLimit = 5; - documentation.nixos.enable = false; # No need for fonts on a server diff --git a/hosts/elisabeth/secrets/forgejo/generated/maddyPasswd.age b/hosts/elisabeth/secrets/forgejo/generated/maddyPasswd.age deleted file mode 100644 index 4d31ecac7b0422755ea173545e618d21e9533746..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 743 zcmY+MSQ} zSrUY^sAT4<<#U-Ww_T})q`6+pG7F};S$2HWBZhz)sGU(r27g=KOkDQ#bvFozI(5u4 zH945jC{4PI&XIh>N%*oU5~EDt5{1hNRNtFV)4ZtjS`Dr>VSqzquDKZn)nVKw3^UBI zio$wnFdC*%h^5+8msvKzcP!NL^)c)JS9_hVOH678?5r?Xu_imdL{|z1P({;{T_EL{ zRbXarcrn6FV~?Cm8V{L`;j4v~jAIUrJYHy!pdt(9K(wZUF!dYFV-~TAq)bNXhNCM2 zbUS&|Z4NC)n&m}81%wSkGg~d_Vbd@uw&#y!pG5i?iL=3Y23vrxftffFNGOLfJ@>@`4T_qvQ;n#-uYS4w+Gv~`P~t>ZjK;M-MbY(h>S zs7Ag5OcuETQmt0eS-mm0)OfehTQjBthw~n#SEN}jZS?pxGoY1;Njtb1Ik1PkeN?_; zUp&2V_qnzI`d9nl-kr~r+t0on{WzU09}eGt{1)$@Ij@{Z-W{Bb58r%Uo?|~$?uVy- de-D$#pRQg!`{X6{;79?D!^=ONsduHk`3Ksm{N(@u diff --git a/hosts/elisabeth/secrets/forgejo/generated/mailnix-passwd-hash.age b/hosts/elisabeth/secrets/forgejo/generated/mailnix-passwd-hash.age new file mode 100644 index 0000000..2622801 --- /dev/null +++ b/hosts/elisabeth/secrets/forgejo/generated/mailnix-passwd-hash.age @@ -0,0 +1,16 @@ +age-encryption.org/v1 +-> X25519 NSKas0yQJIKMH80e9ee65Ut4hbtlejBYBaLtcMigqF0 +jiRJ3/xGyON70MpZnoynC0HWfJvESEB/co72aU3y77M +-> piv-p256 ZFgiIw A/ijcJapI7SDL81WdHQANxasOcNliuiwN6uZCzXbyCob +MMarsh+2PY8a0ktSvZUBHV00DvhWipRUp1/akEvi9BQ +-> piv-p256 XTQkUA AiK7kP0qYQr7Qd/UUsTCjoFQlD9vCS+HZdgnBlSJqQ+G +fFRQnlT+TQZIXBY5Q0xRCTbis3EShg8cvJNVT/mIe7Y +-> piv-p256 ZFgiIw AvzUQ4CbyVhzqbp1TSEVCKPbt6dVBGhb5Cij+HfGnw1m +2gpjHGtZNpARPevqo5DHNF/JWWu4on2LskMJ0YkX2S0 +-> piv-p256 5vmPtQ A5sFqFEQu8NiiKJ78Yh511NZgCd3A7euA+aCQr72RrHS +XDPgfnEcE8DFG/SQVAmuszFCvhYGog4LBKGYMFLj+3k +-> 7I{,$-grease j^h s0 Dpi4e $( +/m1bIeL3IcQ7JfnjxEbtr0Gt +--- Qt3cG/DozZPfy/gCeliGZw/eqirw8swiKy8gY+tzsIg + X25519 g3LlHabzfphEEd+5PaUbPF6Fb+g2p8OIWbrB5CEi9hk +ECSVhYx9NcKV0te+0B8Zn+yB7En7NvfRl4/FrLAAPOU +-> piv-p256 ZFgiIw A6+Nxauet7Cj41sxIvsB1iLtZebofS5YHyynYTFmwpzd +nU2Eu+6ULJCiu66HfxkGMyF/k7nk2LaR+Zcocj3mfoM +-> piv-p256 XTQkUA AuvixGrxA4BZbkfwEqSm2dmMl/kIrQ3gAsHguc7KzJYs +4ExBwltlaK84sZQvu1tOdaDYfOvHefp81juEWxHQAvw +-> piv-p256 ZFgiIw AgGalIM4HXMCs4i27UTuLo2eF9Xwucvu3kaIk95KNeX2 +GTiehyN3S6oINV5VsdhwSMM2Zdu2eLTx9rDqyPvKTu8 +-> piv-p256 5vmPtQ A4N99PpJZ0wl6VtrHvUmP/MTZwuJreLvqplCkOHWBvM8 +bSt6oCFQ/PUKQZ3YIEEyQzZ6JGKm76lzi05ZQUPuvjg +-> Vh@JV.jk-grease t'iZAz# +Y34EKQFc26w8PEcvqqQcg8XRD2iYM2TQPXtS5zz3CKWFv6ktAn6Hdlcxd1E/xVKj +5A8RiwXymi72nZf6D1c7VH8bxp4OmhL6/6xo +--- HpDzasHd9zah/iCmIHXrm2kUvVep9bFQViDsTBd6o40 +v&/-{)[%? И+2[cK]qu +L~) +-=W{? *N \ No newline at end of file diff --git a/hosts/elisabeth/secrets/immich/generated/maddyPasswd.age b/hosts/elisabeth/secrets/immich/generated/maddyPasswd.age deleted file mode 100644 index 7c30180..0000000 --- a/hosts/elisabeth/secrets/immich/generated/maddyPasswd.age +++ /dev/null @@ -1,16 +0,0 @@ -age-encryption.org/v1 --> X25519 26LQ7M/ohpGhCF5KSGOKGPleQS14YEUbLX3TkuJhA1c -molDQC1NjtUmgR4awiPa6s3Ps9FidC6ztupTCcaW7vY --> piv-p256 ZFgiIw AsgqJFOJqktxrbSJRXASEB/drg6GMy5Ugg7wDc4zy8MI -2LRO6PpWRJ48WK6e/zWnfSgu7W4TKiXZHm/KxGw8dro --> piv-p256 XTQkUA A2rw+YxP75H2isyxzWfofyBkV+PQsU5GQjv/Yf/CDdRQ -BCgHzAzkV6yICyq1Qeb7rXrBDhGwda0cXRCC4SfIsJ0 --> piv-p256 ZFgiIw Alc99i8iND+M1dgqWyW829TiYZbCkYF9RQ9ZS/jbjSV7 -7TePYT/aGOAekGSbL62SeDUAycMFC1/+K14UmBWRwyE --> piv-p256 5vmPtQ AgeVBqU8vdbgsJ5im3cDvXPCUsp/iGm9JwZ190fLZnuF -8S+xFyUGrLfXc+rmAHy4Mvk9QvybOk0EozTj46aCUW0 --> 5-grease %",T b5 -lhY8pdELxc7fr1hpxyTC9Cxn6QxiDmvxsKaVpwxC6g9aBTl0g1cdGoF3QdLvRkZj -F4fkyUTP0R9CrzBICabil1EzEw ---- plFbkh1yLnDN0yTuS+g0RuYlA0OLW4UUL4B2G5aDA+k -c]XuW(){a<ޡP#e~HGZ'L0io\E%GP=ron(*[; aB5y \ No newline at end of file diff --git a/hosts/elisabeth/secrets/immich/generated/mailnix-passwd-hash.age b/hosts/elisabeth/secrets/immich/generated/mailnix-passwd-hash.age new file mode 100644 index 0000000..a4bbad3 --- /dev/null +++ b/hosts/elisabeth/secrets/immich/generated/mailnix-passwd-hash.age @@ -0,0 +1,18 @@ +age-encryption.org/v1 +-> X25519 q7lf99LvDplL59CyLeW8kUzyXrqnbe0NqSAK8wJpmls +6bJpwdP47BhZJE0e1bxOXfKA6evrVwAc5YqNoxE0wQI +-> piv-p256 ZFgiIw AlcM1z0Y6fwRh7O6yxrjRiVjcSzptsUNCeJj0yKHOH0w +DQDaTmOfp2rS2VCZHIwuaLSMSsH4wk6dY9zgmgE0ZR4 +-> piv-p256 XTQkUA Ax/oNeJCU4gMWELvy8RvzsA6M5B9BWEAhxbWQ1oPYX4K +P5ZkqxgBe2K8wpXUE1dYVJhFwmDMcryb8TOSRfuqVNc +-> piv-p256 ZFgiIw AveRVCoPcjW87z5cdHKJVUsdlGqucq8UE9UEmbH4BSLx +K43x1yu6Ut/Zug1M+vSckCHR48KIcymkjVj9Ro6FiyE +-> piv-p256 5vmPtQ Ak6KZhc8GK6Z1rlnIRv9kPmTTXvE7OF3v2Z6JenutZQ3 +x6ggE1fhps2j1shDLX9jpm6eVv9RGQ+/sHlmOg6fLbs +-> i"k9a-grease 6(o_ODH &2 +6KpGlcoEM37+YbEc3KS2xXjThr57VLsa7kn/DGMWJTo245+yJYYoCvRGkBmyM9Ms +K0zPzZnXrJaLkfEtDH/YrwY853TRUPooFKcfqHw1AbcugSKgqH26o62v +--- v4XB4SH5aGZHGb8zshn5aFw079tfRPyUXKi9+IXx7Qo +lw4'MV``w%+RCJsuqK +m.bJ :yL> af K'vJ +e)84Ыt!#Gڎ%ɜzЊ& \ No newline at end of file diff --git a/hosts/elisabeth/secrets/immich/generated/mailnix-passwd.age b/hosts/elisabeth/secrets/immich/generated/mailnix-passwd.age new file mode 100644 index 0000000..5159d29 --- /dev/null +++ b/hosts/elisabeth/secrets/immich/generated/mailnix-passwd.age @@ -0,0 +1,15 @@ +age-encryption.org/v1 +-> X25519 xAW2QkHB1Xm6ZI6DYPH1BzeqMB8Ite91t2t4PLSrQS4 +P5HluE0UOm5PmyW4E63mDFUdAhJhrjzwt8rsBi/sEN0 +-> piv-p256 ZFgiIw A2NG1n8n1LSY++Gc+75qJP4UrKlD1mNAL95eRuJmFmDE +mlh5bTicdUtrpruqqsYzu1RbyoceXof3UL1Xcwbk34M +-> piv-p256 XTQkUA A8utmjuXowkLXjYNoZnbrks3YfxJ4ILjaFfd755qcipM +uWmtrPJrweC5Q3UI0ldI8kul4uvR5IqA1b6KNF0k9sA +-> piv-p256 ZFgiIw A3y2t6S5GBhOlkXA0C0LK00reORm0Z67oxDVFfZsC3y5 +FrIMzHmNlvgdkrsr1wATFWxXcLpIfc0H5k+yAUWmhg0 +-> piv-p256 5vmPtQ AzPbAB8LXiJvkUwbnSIwMZZ4VBtco4uYXN4nZ0sCc6J2 +BfI5zd97fRt1rDi5kZpmvNO8HzzL9X9zd/23aQCVaL8 +-> >]CB~fh-grease +IJi7Ibh4WGvLfZJ/9Rf5wxKum9JmXpzsxUI9dRamAOLwiLDpWsLnarxk4AzI +--- oqfBZx6P//rbHJFy4GAwAgmokdCB3eE2i/NWAuCE+UA +)sC#D 19E6^-d׹.:)ZU tkgIW=yluqlW) \ No newline at end of file diff --git a/hosts/elisabeth/secrets/nextcloud/generated/maddyPasswd.age b/hosts/elisabeth/secrets/nextcloud/generated/maddyPasswd.age deleted file mode 100644 index 319375e..0000000 --- a/hosts/elisabeth/secrets/nextcloud/generated/maddyPasswd.age +++ /dev/null @@ -1,15 +0,0 @@ -age-encryption.org/v1 --> X25519 59/M7sZBQrBQPAcEOVz6Wx4JAa2KDr7uuvWujXw0UQ4 -F0xyN4XaRsUxWeWw8D/iMeG5Ae5q9O7E+aIAy4H6o1Y --> piv-p256 XTQkUA A9Ebcz93AXKtJGec/q8lhai+HlW6wMcfvexN71l0G3Fh -AJMEfVRsd0FhYk4gRQxls5pNP8g2yNSQDTXz0ZFg1Zo --> piv-p256 ZFgiIw AoEfBUMaCAqv250jrjBNSm/JKGvYOazanHBss6kHmAmt -N4Bu8uLMqwqbu7D6d57hlVYmt95NXSJjFY8biU6vs58 --> piv-p256 5vmPtQ ApQ9mIcmf88Z22mBr1IMSJ1dgoDADRB+Jj48HpKFiAbD -rEcWLXh8oCPQRuKTQpTjqlDME2Rw2zkWk+1X4BTtgts --> piv-p256 ZFgiIw Asa1oVWehCSqG0JVPtLrngOJiFMYyWcmCYnlyxGbH5DF -nIWn2OQkBAgwPlLExo5eG6GwEdB+zmSrSD88/XrTsiU --> W5<$HY5Y-grease kIKLXr B( 8<}qd -jcKYwwiWM/CGNodKYwOT ---- 41dZQpbgiDIVRmiBMyO9u76SNI350z+LPHjYNW5LyOc -0̿ 3k`EEߵep~n?gV9U#t5;εО;-a9jrK".%y@뀦 \ No newline at end of file diff --git a/hosts/elisabeth/secrets/nextcloud/generated/mailnix-passwd-hash.age b/hosts/elisabeth/secrets/nextcloud/generated/mailnix-passwd-hash.age new file mode 100644 index 0000000..bdd76f4 --- /dev/null +++ b/hosts/elisabeth/secrets/nextcloud/generated/mailnix-passwd-hash.age @@ -0,0 +1,18 @@ +age-encryption.org/v1 +-> X25519 bN5c/vaBlrq40FL+ux1n1owfVG1pYQJTkl5U0Va7bkA +blqeJmUBmJy9u6V1PgTCFp4khTztI9bOObPPs1meIy0 +-> piv-p256 ZFgiIw A46Lqw4Z3Cy8+TctELeSxF8c5lUP0YV5M3+xfD69ptTz +Yh46Tx9EEqoehidulMf7ilPwZ96E1lJdi0w/aDIS6no +-> piv-p256 XTQkUA A+3Jc+pHAIxwN2fmDp2gBWiOFCGSXdFWEjlxbcuAmDOV +tcsOZuHAAax5TUViyMBXdK8gNnxrysHMkY5i9mbozOI +-> piv-p256 ZFgiIw AyXKhoe9lSwLFEYkf5Z5b+71LupCWNC1eU2ArSN0jNPS +88bRtwzaFLofIxUL5pvOz/YIeZvF3Ocx892UNqEELe8 +-> piv-p256 5vmPtQ A9TMmparTynhyRM8JkGr7qPvOp+DbzX6frvPPynp/5Hl +MLokBQrpPQxUFhvBWuG0vDwIa1Ri6ZpsUQubkk9kYCc +-> ",%-grease T>0e|* LG8V} )6pli J} +AvaS7pySsUr0pjLWumfPYLmLSH0mom8Nq0xm31e0Aw6AjtJe/mEBF9O6e9u+P/KI +mI9Fjvq0LnN51BmJmkD9WuXjAOXfe/Q/WDIIvIlHxMYfKBmgPd0pH6pd7+9A8rLS +wUM +--- aw59UXUi8f+ZV2aPayu24QWw9H54XW4YJ85oRodoYDo +Q v!ZďFt`!CC$V@o9 |==[F|+)E3js!=P1]8w +IdK]b,<vInUd40Dy6Z4qz6hstc+&gsjwe5)XiU$M@fMoH&*$h!bClkNC{?a~r zEX*RgIHG1S07~OqtB(O&#j~;7nxdR@#Ok7??PzaC$EC86&L$GlW5JTt?22{89Z?uM>6XK@yMXH zz|;mbrRD%wb1swGp!Y<&Pe_Yq)P_68Dy7Ru-*!fxr7L7-+_LC%0XqAiE)-nmY1zf$ zQ0#}ZwrckRGXvF-raFo_%fJ)Y#eTnbWdTwv+nV*j5|i^$vN+u<$GNGpu&L? zrUXG@w(S4+%bX-lv~44J))pyb#=Rkhlx<>zB05OGC({BgLQbgFjcDrGxv|8B6X3S! z64TBzo5&kA5GS>+dIM&cP@SnA722WBxKyCo!N#I-DlXL2UTqen?>j6snM`21&LgBUH|f|zW(I#dp|rR>zD6dz8l}pp1<=^eDC4SpLbroQQ-Hj P-=F>!!#{ug!S(!a*G&t) literal 0 HcmV?d00001 diff --git a/hosts/elisabeth/secrets/vaultwarden/generated/maddyPasswd.age b/hosts/elisabeth/secrets/vaultwarden/generated/maddyPasswd.age deleted file mode 100644 index cd92789c9f54bb1271b925a501fdca08f3573623..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 725 zcmY+8v=jl>VG*Jk69KVfQ2(D8IGP+NmZ7^`qevUVpkJa(Lo zsJy_zs;uUcKD9U$sz@5fhFpMh)6ghO0ZUVv&|%u+)e_anfk3C8kCtuCZGh1U%M=_J z6g8$AP>!7$Ql1XY0K?1~=CfWyx3CehlfAC1pj0DL6>cl5NNd6M&7u@+-V{@4R_oO` zB<3qN(@39Xx4uM0ydk@!+=eGCG7pE_QH_ZSN}VtKWY?7JJOfs1>KRAuX=OWdkczQo4S^%ln>oskvbwn9e z!6?#HX=PJ-Z` X25519 qvTSINNBzbu/7OH/g4n9ETe98nT1t2zBoei68prbkDU +WaaXddl5e/RlpxAReHy2blcJkc290SUr/z+ACHI/Jiw +-> piv-p256 ZFgiIw Azi6q88y1v4cOOmR1/4lYdiURMe/n598ia0eauZa4K6y +CpnBjH0k4I+QjUHIPE6kDEw7c7SGkCET8pNP3cvAmZU +-> piv-p256 XTQkUA AvfagUvm4BzADnddB3I0OpicQOfFurHoGIguwmkGxsPz +qkzQ03q4E9E/UFE/ORKtqjNPUh7o0tQ1vqxvhzXIyWU +-> piv-p256 ZFgiIw A74E+KymB4ehEXwRYjqlSDts9qTxZZspUxk4S+DU6ugd +07oPVX8giMmYGVjsYCnJumpQDXv59YOCZY/QZc8KfD8 +-> piv-p256 5vmPtQ A06iMGTqX/nLWjAKPeegMO83mh0c+TlpAneNQjJTYB5A +nIyWD56QpDeolYppODnadLnY3fEpF/PDLLcxvydWXNw +-> I9.OC X25519 SKT/EQ9Moyj1FbNd6wlq+XWZzNi4ZJimPLSb57Vmlzw +8qYP9TskOc1OsTsLXajuyv4fsPJzZJaU6cLtlqbiyVo +-> piv-p256 ZFgiIw AsGZmoxY9hBPpAeOK/HYSLu93UvrjtSeIxVsP7YXZz6Z +gNFpXSITLpFBybA+W2Oo+qW+2c/Rrz+G3uABXdPdh5Q +-> piv-p256 XTQkUA AscDXlRhgTNduIeMfMnP5DOaggHIjLoS2y0FkGlOdR9/ +I+uuFxR/z/qCfqcCWhBJssc7F/lWyt5lOqptXycMTrQ +-> piv-p256 ZFgiIw AmWtcTCJpra65HmVC0t930lodIHCahUIQCdtxYXy4s9q +qU0KHz/pk/spJg6Bd7vI5jxuz2I1t2iKSVOprGOnrOE +-> piv-p256 5vmPtQ A4u6lgIVdEEGC9W75AgulvzoR3Tnyrx0s2qdnWXOtISQ +eiy2qNX5B2XZ18kXM5RbvoFAtFewr+b+0b2lX/22qa4 +-> 6m7l[c-grease +Z9mhVSOF0Kyi9jvU8NH6CQLXkfI5a2dZ +--- I+gjdIwsub9gtoJBW0XzeiiXaeLje7UfTWQIybPoWoQ + Tokj%j[X:o A Cܝq~=5(>)a\FR1EV$WOZ \ No newline at end of file diff --git a/hosts/maddy/secrets/generated/maddyHetznerSsh.age b/hosts/maddy/secrets/generated/maddyHetznerSsh.age deleted file mode 100644 index dfee89de84cbdb354ef8a45e756985e56febbfa7..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 1159 zcmZwC`)?Bk003a!gpG>R0fNy5JDg5-l(yGi+d~Df*Sq%GU3Yz4d#lWOeO;e-?Ol7< zs~RF3M4}i#g@6H>z<4<2rSi&PK!BhGA;1Jwf=*))jo~qs7{u@+iGRVDkL41&1RoRC zLMbiqGX;^;%SMfEww3`Q$OvnF{;J*O1qB~gaEWDB#l&h6bD(T4EhiIUI)FPlnXbl6 zHY1|RdeO8cWrT}rQpo@YOz5nnFsn+IT`5II@`jKnTtelblLdvlLLn{d3Ls?BGC^OK zMzn~r!y52_O3~x&NHOuMEnPGRq7uuY{+tpKrMNxlb+TzYSqaI)sj8qE9P009I*zvNIG%rfa5MP(@d>lOnf&6m zUCoaVfBVVovolt*#0C%4}7CxO>86TNN z|5(3j{Do6%TK1;CZxo6>)yr*PuiCI;)7&BRjP8%d{pxdQf=e!RU)}%2z+=uS`f0D# zY;_#i)VjHW9Nw|-4*KAfm!7&j`u@E6)4O+e>FS%-_gvf6x5#2$e*S}HS1$bX#+uvI zt>2c7dHA#CH4{&L{`0{|G^chq71}=h zSJZ{%^+($#4Y$=#ZJ4Z_tAOjkOdn4!Iq^%hb;0g;*8T;wEqq?sHf!um)gHQ4icj~y zbzkqbF-I;c^>5A#?sJUvDU(KKe9`sgqwnEYdbjjwqXX?TM-LA)-hWUTACyK4_MWXe zdE=tY()82dzi%()TN}^1w@(hmYR@+`4qnn<-23k8IsC?X)f=mCEUfJ*ZntJe{y53S b4xD+Ym-oKVf6m=x8{I1DgqCM+HXr*BtOC5e diff --git a/hosts/maddy/secrets/generated/patrickPasswd.age b/hosts/maddy/secrets/generated/patrickPasswd.age deleted file mode 100644 index 8096a79087313db8e0f49fe2d6b4aa8aab1addd1..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 717 zcmY+L6kIJv zHA-6ikdy;V3Y&>o@J7?C> zl8CMQONYjl+}X)_S(@iU5>|}_BigVrRihaV)8$kGU2VxG7^C&gYJoa|%($`4PrckL z%obpCA!vs{B?t(SCvzKB8(rU#;W*?}6+NCgzutJRPs9c2E7c7hOLtzWk z`=Y$8@m?#y*9=X1^^Pe+l{9nCzjZ%a}?84hP{b4|jBg6m*NoAEP z#VkUsa4AT;M)G*flmX_3Z+Tg7gL z)8RnH+pP&z(AsU>Y{Dy9IC{85Rva=Xxce0=L~y;65UciLCHV>l&5pB<7CY ziblPjk#>~`rZienFsTu%9dIx=iWAwe=8kOBVACyW`I^=lx%5L}E0|8h&&{KEyk)IH zv6~-JfvI^LCOF8s@=_!X)250JRwvO}mT?CNSL#L$r|RCArpS(sYA&c!3b@f?E}P-` z($tI!4ZO6@E+vR?Vu<>6O%wDjiy2G1cTk}kL|O@}(d4N?^y^MN9Y&RNY?r!{mAr`) ze+rT)*Mkj>RN9c#9=V%EfufC-y$xHDikLy0r%u|l-Z%|;&e3Otyt-vQdmWjrHy?cS=kM5uZ+x`; zZFn>OV|YTmdh=Nu{CxBI4-fDD^8A;7zxM9;vtJ**_apTFGVZ+a(?8$7^a=aqtH)p5 HpFR2?Uq~3} diff --git a/modules/distributed-config.nix b/modules/distributed-config.nix index 6e98b6b..4c7c492 100644 --- a/modules/distributed-config.nix +++ b/modules/distributed-config.nix @@ -49,8 +49,9 @@ let ] [ "services" - "maddy" - "ensureCredentials" + "idmail" + "provision" + "mailboxes" ] ]; diff --git a/users/patrick/programs/kitty.nix b/users/patrick/programs/kitty.nix index 86d95e4..f9f3a6e 100644 --- a/users/patrick/programs/kitty.nix +++ b/users/patrick/programs/kitty.nix @@ -1,12 +1,14 @@ { pkgs, lib, ... }: { hm.stylix.targets.kitty.enable = true; + hm.home.sessionVariables = { + TERMINFO_DIRS = "${pkgs.kitty.terminfo.outPath}/share/terminfo"; + }; hm.programs.kitty = { enable = true; - package = pkgs.kitty.overrideAttrs (_finalAttrs: _prevAttrs: { doCheck = false; }); settings = { - # Use xterm-256color because copying terminfo-kitty is painful. - term = "xterm-256color"; + # Add nerd font symbol map. Not sure why it is suddenly needed since 0.32.0 (https://github.com/kovidgoyal/kitty/issues/7081) + symbol_map = "U+23FB-U+23FE,U+2665,U+26A1,U+2B58,U+E000-U+E00A,U+E0A0-U+E0A2,U+E0A3,U+E0B0-U+E0B3,U+E0B4-U+E0C8,U+E0CA,U+E0CC-U+E0D4,U+E200-U+E2A9,U+E300-U+E3E3,U+E5FA-U+E6B1,U+E700-U+E7C5,U+EA60-U+EBEB,U+F000-U+F2E0,U+F300-U+F372,U+F400-U+F532,U+F500-U+FD46,U+F0001-U+F1AF0 Symbols Nerd Font Mono"; # make kitty go brrrr repaint_delay = 8; @@ -49,6 +51,7 @@ "shift+page_down" = "scroll_page_down"; "ctrl+shift+." = "change_font_size all -2.0"; "ctrl+shift+," = "change_font_size all +2.0"; + "ctrl+shift+w" = "no_op"; }; extraConfig = lib.mkAfter '' # Use nvim as scrollback pager