diff --git a/flake.lock b/flake.lock index 776b6b2..f34dba8 100644 --- a/flake.lock +++ b/flake.lock @@ -11,11 +11,11 @@ ] }, "locked": { - "lastModified": 1701216516, - "narHash": "sha256-jKSeJn+7hZ1dZdiH1L+NWUGT2i/BGomKAJ54B9kT06Q=", + "lastModified": 1703260116, + "narHash": "sha256-ipqShkBmHKC9ft1ZAsA6aeKps32k7+XZSPwfxeHLsAU=", "owner": "ryantm", "repo": "agenix", - "rev": "13ac9ac6d68b9a0896e3d43a082947233189e247", + "rev": "d0d4ad5be611da43da04321f49684ad72d705c7e", "type": "github" }, "original": { @@ -330,11 +330,11 @@ ] }, "locked": { - "lastModified": 1702569759, - "narHash": "sha256-Ze3AdEEsVZBRJ4wn13EZpV1Uubkzi59TkC4j2G9xoFI=", + "lastModified": 1703162528, + "narHash": "sha256-pQ41wN6JlStkZOhRTIHEpuwVywLdh+xzZQW1+FzdjVs=", "owner": "nix-community", "repo": "disko", - "rev": "98ab91109716871f50ea8cb0e0ac7cc1e1e14714", + "rev": "a050895e4eb06e0738680021a701ea05dc8dbfc9", "type": "github" }, "original": { @@ -791,11 +791,11 @@ ] }, "locked": { - "lastModified": 1702735279, - "narHash": "sha256-SztEzDOE/6bDNnWWvnRbSHPVrgewLwdSei1sxoZFejM=", + "lastModified": 1703178811, + "narHash": "sha256-Orbqa8DvszYZ38XGWAs43hVs++czt2N6/Y0sFRLhJms=", "owner": "nix-community", "repo": "home-manager", - "rev": "e9b9ecef4295a835ab073814f100498716b05a96", + "rev": "fb5ac0c870a1b3ffea70e02ab1720d991ce812ae", "type": "github" }, "original": { @@ -827,11 +827,11 @@ }, "impermanence": { "locked": { - "lastModified": 1697303681, - "narHash": "sha256-caJ0rXeagaih+xTgRduYtYKL1rZ9ylh06CIrt1w5B4g=", + "lastModified": 1702984171, + "narHash": "sha256-reIUBrUXibohXmvXRsgpvtlCE0QQSvWSA+qQCKohgR0=", "owner": "nix-community", "repo": "impermanence", - "rev": "0f317c2e9e56550ce12323eb39302d251618f5b5", + "rev": "123e94200f63952639492796b8878e588a4a2851", "type": "github" }, "original": { @@ -873,11 +873,11 @@ "nixpkgs-lib": "nixpkgs-lib" }, "locked": { - "lastModified": 1702210144, - "narHash": "sha256-s0IJiLUxnf9PNl+lARwCBo5UzNgfNjTrlVwJG27VsLA=", + "lastModified": 1702814943, + "narHash": "sha256-tNKSDbtoEDfCTs30dyW0Fcj4KJpjzTRASL6f2BbuSKE=", "owner": "nix-community", "repo": "lib-aggregate", - "rev": "9237b96c80c556f28d13cfa8e3e6bc4d95e437fa", + "rev": "ac8b1c4cfb2f9111e709aaf503511df354e86733", "type": "github" }, "original": { @@ -894,11 +894,11 @@ "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1702743345, - "narHash": "sha256-xvRuGxFJLPbUPrLke4zf9UiqZadeLzV/gSfFTum0K4s=", + "lastModified": 1702815315, + "narHash": "sha256-LEpv7kvB7KPj/6BoNYWMcVjRezTJe6FNmg5kCKZQxMk=", "owner": "nix-community", "repo": "nix-eval-jobs", - "rev": "4a1123c42dc9c4c07863a4bfa426f7fcc8f12b90", + "rev": "3c6e1234af3aa26fc60d0969619cf6806ec51639", "type": "github" }, "original": { @@ -936,11 +936,11 @@ ] }, "locked": { - "lastModified": 1702291765, - "narHash": "sha256-kfxavgLKPIZdYVPUPcoDZyr5lleymrqbr5G9PVfQ2NY=", + "lastModified": 1702864432, + "narHash": "sha256-xR5Igg2hnm979W3YgMDrSjErHFhHo4rbMboF6DC0mbc=", "owner": "nix-community", "repo": "nix-index-database", - "rev": "45d82e0a8b9dd6c5dd9da835ac0c072239af7785", + "rev": "4605ccd764fac78b9e4b5b058698cb9f04430b91", "type": "github" }, "original": { @@ -1025,11 +1025,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1702312524, - "narHash": "sha256-gkZJRDBUCpTPBvQk25G0B7vfbpEYM5s5OZqghkjZsnE=", + "lastModified": 1703013332, + "narHash": "sha256-+tFNwMvlXLbJZXiMHqYq77z/RfmpfpiI3yjL6o/Zo9M=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "a9bf124c46ef298113270b1f84a164865987a91c", + "rev": "54aac082a4d9bb5bbc5c4e899603abfb76a3f6d6", "type": "github" }, "original": { @@ -1041,11 +1041,11 @@ }, "nixpkgs-lib": { "locked": { - "lastModified": 1702169224, - "narHash": "sha256-aOrQq0zzEMcaxXoiA7VWWJlwp7F50cOfTj6LkU59RQg=", + "lastModified": 1702774034, + "narHash": "sha256-M0IsUA89EKHL8IDx9bf+e2W2l1kMRpaZ4h08navMXig=", "owner": "nix-community", "repo": "nixpkgs.lib", - "rev": "2be0b7c27456d30195f65eafd029074f731f1978", + "rev": "9b4f1493009b8d2f55a525a01de10addc9a0a752", "type": "github" }, "original": { @@ -1144,11 +1144,11 @@ ] }, "locked": { - "lastModified": 1702757751, - "narHash": "sha256-fDmMncKTNVVypMjv4Bv7F66MUdmMC3qZUyC+uVjsLs0=", + "lastModified": 1703261986, + "narHash": "sha256-+OPGb6fOF1wpiCNnpnDHvLkwnhbcAx6785FyNdYupkI=", "owner": "nix-community", "repo": "nixpkgs-wayland", - "rev": "13140e9610b7de62b3f3e1e9d17f779c8d9fa21c", + "rev": "e977dcdee6b4c944b6309cd7973fd27f73efa842", "type": "github" }, "original": { @@ -1159,16 +1159,16 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1702667777, - "narHash": "sha256-qpgZVpFrOEgW0DimJ24UXeFh63TI9fQFXxc58DPtG8Q=", + "lastModified": 1702539185, + "narHash": "sha256-KnIRG5NMdLIpEkZTnN5zovNYc0hhXjAgv6pfd5Z4c7U=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "203ecda835bcf69633df7183459283543dd4a874", + "rev": "aa9d4729cbc99dabacb50e3994dcefb3ea0f7447", "type": "github" }, "original": { "owner": "NixOS", - "ref": "master", + "ref": "nixpkgs-unstable", "repo": "nixpkgs", "type": "github" } @@ -1227,11 +1227,11 @@ "nixpkgs": "nixpkgs_3" }, "locked": { - "lastModified": 1701000000, - "narHash": "sha256-YclZV0n36KnkEZNcHxWqmuhdBa6eB8Wdmwcf5EMYEp4=", + "lastModified": 1703073600, + "narHash": "sha256-XSEHNoc3h21foVeR28KgfiBTRHyUh+GJ52LMD2xFHfA=", "owner": "symphorien", "repo": "nixseparatedebuginfod", - "rev": "c8e79d5b228b71686172ff6626394bed2ad7b7a3", + "rev": "c64424332b6198ed1411917232a2b0e3794dd09b", "type": "github" }, "original": { @@ -1249,11 +1249,11 @@ "pre-commit-hooks": "pre-commit-hooks_3" }, "locked": { - "lastModified": 1702653568, - "narHash": "sha256-SwrNBw/1/oMURAa9/8MdvC4b3UYohoMAvSazeIt3hkg=", + "lastModified": 1703260550, + "narHash": "sha256-wPe+0oCgzvf9Ixscme+NUS4iRX0n/alJvt3msnu9vPA=", "owner": "nix-community", "repo": "nixvim", - "rev": "b3fb1c4c8189bc873911da3f31d18082a0721fa9", + "rev": "e0521dde87825e4ed16e1ac5b6df9f1b7e60af05", "type": "github" }, "original": { @@ -1485,11 +1485,11 @@ "nixpkgs": "nixpkgs_5" }, "locked": { - "lastModified": 1702559747, - "narHash": "sha256-d6AmQp3M00WMPJquNfGVzIol5iojD1pi9slek+4N9VY=", + "lastModified": 1703004037, + "narHash": "sha256-ceYPl/ML0kQBCUaOw0gG2TxHHEl4k9xivFpsdlKidIQ=", "owner": "danth", "repo": "stylix", - "rev": "41d218597590a89324a4b7c50cf0bf088a7214ba", + "rev": "d14ac4912a9ab02f8b49b761e9e4b9ae836171af", "type": "github" }, "original": { diff --git a/hosts/testienix/net.nix b/hosts/testienix/net.nix index fe100d3..98e070e 100644 --- a/hosts/testienix/net.nix +++ b/hosts/testienix/net.nix @@ -24,6 +24,18 @@ boot.initrd.systemd.network = { enable = true; - networks = {inherit (config.systemd.network.networks) "lan01";}; + networks = { + # redo the network cause the livesystem has macvlans + "lan01" = { + address = ["192.168.178.32/24"]; + gateway = ["192.168.178.1"]; + matchConfig.MACAddress = config.secrets.secrets.local.networking.interfaces.lan01.mac; + dns = ["192.168.178.2"]; + networkConfig = { + IPv6PrivacyExtensions = "yes"; + MulticastDNS = true; + }; + }; + }; }; } diff --git a/lib/containers.nix b/lib/containers.nix index 340c8f6..dbdec8f 100644 --- a/lib/containers.nix +++ b/lib/containers.nix @@ -9,10 +9,9 @@ inputs: _self: super: { imports = [ ../modules/services/nginx.nix ../modules/config - ../modules/interface-naming.nix ]; node.name = name; - node.secretsDir = "${attrs.config.node.secretsDir}/guests/${name}"; + node.secretsDir = attrs.config.node.secretsDir + "/guests/${name}"; nixpkgs = { inherit (attrs.pkgs) overlays config; inherit (attrs.config.nixpkgs) hostPlatform; diff --git a/secrets/secrets.nix.age b/secrets/secrets.nix.age index 31c01ea..d35e92e 100644 Binary files a/secrets/secrets.nix.age and b/secrets/secrets.nix.age differ diff --git a/users/patrick/secrets.nix.age b/users/patrick/secrets.nix.age new file mode 100644 index 0000000..e813e00 --- /dev/null +++ b/users/patrick/secrets.nix.age @@ -0,0 +1,13 @@ +age-encryption.org/v1 +-> X25519 9MEBB2OoDS4OT208lJ4v9Tv9YuU/X/wx5e+mtZ3xTRc +qLuQjt7/1tjKGrnGSqZMxaAoD/9AijMATK1FcOJrkSg +-> piv-p256 XTQkUA AzB4IghZxRWJmwu0VS5H+xvTXbQXh55V0XFardmPnIgL +6hxXUJsXB0ruoMqjUNQBbKgEqO9hf3cDHqUsvKgZpnk +-> piv-p256 ZFgiIw ArGO8iI6Obq/zhr/TDx9Qv9lnlfLAH6O3urPlKGAa7Im +AN5c3qBtw3mGLlqTdsjDy9XttpGY5FCHxs3gnZn1oW0 +-> piv-p256 ZFgiIw A+XJmjPZfDHVrxFAaRNTt2Kqlx0HC8xt/vhlZpuxaefX +TxHZeRTGR35RLMtchnBInFy7qqTz/hl3bhiqQUvVYPM +-> H$}e-grease >U:d!w} ;j{MFjj }34T h +eimRsk4kJVEO7mZ5UDMEPuA7W/wo5p17ECWw+Q +--- 1jYOeELqbfUzPqpLpWe8SuktS5TnM4140U0DD5/O5aY +=-ڂKk8`qL$XMʭb]j7-M \ No newline at end of file diff --git a/users/patrick/ssh.nix b/users/patrick/ssh.nix index e5badc6..861d802 100644 --- a/users/patrick/ssh.nix +++ b/users/patrick/ssh.nix @@ -1,4 +1,4 @@ -{ +{config, ...}: { # yubikey public key parts home.file.".ssh/1.pub".text = '' ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDZixkix0KfKuq7Q19whS5FQQg51/AJGB5BiNF/7h/LM cardno:15 489 049 @@ -33,6 +33,11 @@ user = "root"; }; + "maddy" = { + hostname = config.userSecrets.hetzner_ip; + user = "root"; + }; + "desktopnix" = { hostname = "desktopnix.local"; user = "root";