1
0
mirror of https://github.com/tboerger/nixos-config synced 2024-11-22 18:21:58 +01:00

chore: even more restructuring

This commit is contained in:
Thomas Boerger 2022-10-25 09:53:40 +02:00
parent 543d2d6f90
commit 3bb742392a
No known key found for this signature in database
GPG Key ID: 09745AFF9D63C79B
57 changed files with 1263 additions and 333 deletions

15
TODO.md

@ -1,14 +1,15 @@
# Todo
## desktop
* clickup (package https://nixos.org/manual/nixpkgs/stable/#sec-pkgs-appimageTools)
* curseforge (package)
* deezer (mpd / mopidy)
* mail (thunderbird / mailspring / prospect-mail)
* assign windows to right desktop
* autostart standard tools on desktops
# Maybe
## server
* hexchat (irc client)
* irssi (irc client)
* kitty (terminal)
* mangohud (fps overlay)
* ncmpcpp (mpd client)
* coredns for private domain names
* nfs server on asgard
* mount nfs volumes on utgard

@ -20,6 +20,26 @@
"type": "github"
}
},
"arion": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1654878283,
"narHash": "sha256-JWdKBMzEibS2neY0nEs9E8kn4zRepEbwSw7HzxbEiAg=",
"owner": "hercules-ci",
"repo": "arion",
"rev": "e5fb978143240f8d293e6e5acc9691acf472928d",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "arion",
"type": "github"
}
},
"deployrs": {
"inputs": {
"flake-compat": "flake-compat",
@ -60,16 +80,15 @@
},
"hardware": {
"locked": {
"lastModified": 1664387039,
"narHash": "sha256-RlSksOo/OUwBXus7qnS84mzjNwO3cRgHbdF0KzATPlw=",
"lastModified": 1665987993,
"narHash": "sha256-MvlaIYTRiqefG4dzI5p6vVCfl+9V8A1cPniUjcn6Ngc=",
"owner": "nixos",
"repo": "nixos-hardware",
"rev": "203dd7d7b9361c92579f086581f278f2707bcd76",
"rev": "0e6593630071440eb89cd97a52921497482b22c6",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "master",
"repo": "nixos-hardware",
"type": "github"
}
@ -78,30 +97,30 @@
"inputs": {
"nixpkgs": [
"nixpkgs"
]
],
"utils": "utils_2"
},
"locked": {
"lastModified": 1656169755,
"narHash": "sha256-Nlnm4jeQWEGjYrE6hxi/7HYHjBSZ/E0RtjCYifnNsWk=",
"lastModified": 1664783440,
"narHash": "sha256-KlMwR7mUf5h8MPnzV7nGFUAt6ih/euW5xgvZ5x+hwvI=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "4a3d01fb53f52ac83194081272795aa4612c2381",
"rev": "e4e639dd4dc3e431aa5b5f95325f9a66ac7e0dd9",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "release-22.05",
"repo": "home-manager",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1664281702,
"narHash": "sha256-haixZ4TJLu1Dciow54wrHrHvlGDVr5sW6MTeAV/ZLuI=",
"lastModified": 1664780719,
"narHash": "sha256-Oxe6la5dSqRfJogjtY4sRzJjDDqvroJIVkcGEOT87MA=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "7e52b35fe98481a279d89f9c145f8076d049d2b9",
"rev": "fd54651f5ffb4a36e8463e0c327a78442b26cbe7",
"type": "github"
},
"original": {
@ -113,11 +132,11 @@
},
"nur": {
"locked": {
"lastModified": 1664400119,
"narHash": "sha256-G6gKRK9uOk7kt1uWCzmyuLB/qdQtGO8mxjs/dtTIr9A=",
"lastModified": 1664894790,
"narHash": "sha256-FAixnreJ0bXzK/m5a9KsC5XoiZFHqC4le0tseldsHZc=",
"owner": "nix-community",
"repo": "NUR",
"rev": "e378da2e2cd205a55a0203b91162fefba04087e6",
"rev": "529b4b6fc32b428cd07cc2a11abf728bdc59b4e5",
"type": "github"
},
"original": {
@ -129,12 +148,13 @@
"root": {
"inputs": {
"agenix": "agenix",
"arion": "arion",
"deployrs": "deployrs",
"hardware": "hardware",
"homemanager": "homemanager",
"nixpkgs": "nixpkgs",
"nur": "nur",
"utils": "utils_2"
"utils": "utils_3"
}
},
"utils": {
@ -166,6 +186,21 @@
"repo": "flake-utils",
"type": "github"
}
},
"utils_3": {
"locked": {
"lastModified": 1659877975,
"narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
}
},
"root": "root",

@ -6,10 +6,6 @@
url = "github:nixos/nixpkgs/nixos-unstable";
};
hardware = {
url = "github:nixos/nixos-hardware/master";
};
nur = {
url = "github:nix-community/NUR";
};
@ -18,23 +14,32 @@
url = "github:numtide/flake-utils";
};
deployrs = {
url = "github:serokell/deploy-rs";
inputs.nixpkgs.follows = "nixpkgs";
};
agenix = {
url = "github:ryantm/agenix";
inputs.nixpkgs.follows = "nixpkgs";
};
homemanager = {
url = "github:nix-community/home-manager/release-22.05";
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs";
};
deployrs = {
url = "github:serokell/deploy-rs";
inputs.nixpkgs.follows = "nixpkgs";
};
arion = {
url = "github:hercules-ci/arion";
inputs.nixpkgs.follows = "nixpkgs";
};
hardware = {
url = "github:nixos/nixos-hardware";
};
};
outputs = { self, nixpkgs, hardware, nur, utils, deployrs, agenix, homemanager, ... }@inputs:
outputs = { self, nixpkgs, nur, utils, agenix, homemanager, deployrs, arion, hardware, ... }@inputs:
let
in
@ -64,8 +69,12 @@
})
homemanager.nixosModules.home-manager
agenix.nixosModules.age
arion.nixosModules.arion
./machines/chnum
./profiles/thomas
# ./profiles/anna
# ./profiles/adrian
# ./profiles/tabea
];
specialArgs = {
@ -98,8 +107,12 @@
hardware.nixosModules.raspberry-pi-4
homemanager.nixosModules.home-manager
agenix.nixosModules.age
arion.nixosModules.arion
./machines/midgard
./profiles/thomas
# ./profiles/anna
# ./profiles/adrian
# ./profiles/tabea
];
specialArgs = {
@ -133,8 +146,12 @@
})
homemanager.nixosModules.home-manager
agenix.nixosModules.age
arion.nixosModules.arion
./machines/utgard
./profiles/thomas
# ./profiles/anna
# ./profiles/adrian
# ./profiles/tabea
];
specialArgs = {
@ -166,8 +183,12 @@
})
homemanager.nixosModules.home-manager
agenix.nixosModules.age
arion.nixosModules.arion
./machines/asgard
./profiles/thomas
# ./profiles/anna
# ./profiles/adrian
# ./profiles/tabea
];
specialArgs = {

@ -12,7 +12,17 @@
];
personal = {
services = { };
services = {
docker = {
enable = true;
};
samba = {
enable = true;
};
tailscale = {
enable = true;
};
};
};
system = {

@ -12,7 +12,23 @@
];
personal = {
services = { };
services = {
acme = {
enable = true;
};
adguard = {
enable = true;
};
coredns = {
enable = true;
};
docker = {
enable = true;
};
tailscale = {
enable = true;
};
};
};
system = {

@ -3,7 +3,6 @@ with lib;
{
imports = [
./frpc.nix
./network.nix
./nixpkgs.nix
./prowlarr.nix

@ -1,106 +0,0 @@
{ pkgs, lib, config, options, ... }:
with lib;
let
cfg = config.services.frpc;
configFile =
pkgs.writeText "frpc.conf" (generators.toINI { } cfg.settings);
in
{
options.services.frpc = {
enable = mkEnableOption "frpc";
user = mkOption {
type = types.str;
default = "frpc";
description = ''
User under which frpc runs.
'';
};
group = mkOption {
type = types.str;
default = "frpc";
description = ''
Group under which frpc runs.
'';
};
package = mkOption {
type = types.package;
default = pkgs.frp;
defaultText = "pkgs.frp";
description = ''
The frp package to use.
'';
};
token = mkOption {
type = types.str;
default = "";
description = ''
Path to token secret file.
'';
};
settings = mkOption {
description = ''
Full settings for the client.
'';
type = types.attrsOf types.attrs;
default = { };
example = literalExpression ''
common = {
server_addr = "example.com";
server_port = 7001;
};
http = {
type = "tcp";
local_ip = "127.0.0.1";
local_port = 80;
};
https = {
type = "tcp";
local_ip = "127.0.0.1";
local_port = 443;
};
'';
};
};
config = mkIf cfg.enable {
users.groups = mkIf (cfg.group == "frpc") {
frpc = { };
};
users.users = mkIf (cfg.user == "frpc") {
frpc = {
group = cfg.group;
shell = pkgs.bashInteractive;
createHome = false;
description = "frpc user";
isSystemUser = true;
};
};
systemd.services.frpc = {
description = "FRP Client";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
serviceConfig = {
Type = "simple";
User = cfg.user;
Group = cfg.group;
Restart = "on-failure";
ExecStart = pkgs.writeShellScript "frpc.sh" ''
set -eu
export FRP_TOKEN=$(<${cfg.token})
${cfg.package}/bin/frpc -c ${configFile}
'';
};
};
};
}

@ -6,6 +6,7 @@ with lib;
environment = {
systemPackages = with pkgs; [
coreutils
dig
file
git
gnumake

@ -10,7 +10,7 @@ with lib;
users = {
root = {
shell = pkgs.zsh;
hashedPassword = "$6$yuwsoikF5utqohar$fdcvq0iXdmiioiRyBGeVZICzQm4nKlv6.pj9AWh13VRCsE07dN9StDnXV0aslIBb0SWRFC4dY5Um2MYiAMfmH0";
passwordFile = config.age.secrets."users/root/password".path;
openssh = {
authorizedKeys = {
keys = [
@ -20,10 +20,11 @@ with lib;
};
};
admin = {
description = "Admin";
shell = pkgs.zsh;
isNormalUser = true;
passwordFile = config.age.secrets."users/admin/password".path;
uid = 1337;
hashedPassword = "$6$yuwsoikF5utqohar$fdcvq0iXdmiioiRyBGeVZICzQm4nKlv6.pj9AWh13VRCsE07dN9StDnXV0aslIBb0SWRFC4dY5Um2MYiAMfmH0";
openssh = {
authorizedKeys = {
keys = [
@ -39,5 +40,13 @@ with lib;
};
};
};
age.secrets."users/root/password" = {
file = ../../secrets/users/root/password.age;
};
age.secrets."users/admin/password" = {
file = ../../secrets/users/admin/password.age;
};
};
}

@ -0,0 +1,63 @@
{ pkgs, lib, config, options, fetchurl, ... }:
with lib;
let
cfg = config.personal.services.adguard;
in
{
options = {
personal = {
services = {
adguard = {
enable = mkEnableOption "Adguard";
};
};
};
};
config = mkIf cfg.enable {
services = {
adguardhome = {
enable = true;
mutableSettings = false;
host = "127.0.0.1";
port = 3000;
settings = {
dns = {
port = 5353;
bind_host = "127.0.0.1";
bootstrap_dns = "1.1.1.1";
upstream_dns = [
"1.1.1.1"
"8.8.8.8"
];
};
users = [{
name = "admin";
password = "$2y$05$wzuDDF0NaP0zX.gguP8EyuBJ1wlyTPjLvXf.LCK8VCBKIUq4PnR62";
}];
};
};
};
personal = {
services = {
webserver = {
enable = true;
hosts = [
{
domain = "adguard.boerger.ws";
proxy = "http://localhost:3000";
}
];
};
};
};
};
}

@ -1,4 +1,4 @@
{ pkgs, lib, config, options, ... }:
{ pkgs, lib, config, options, fetchurl, ... }:
with lib;
let

@ -0,0 +1,20 @@
{ pkgs, lib, config, options, fetchurl, ... }:
with lib;
let
cfg = config.personal.services.coredns;
in
{
options = {
personal = {
services = {
coredns = {
enable = mkEnableOption "CoreDNS";
};
};
};
};
config = mkIf cfg.enable { };
}

@ -3,15 +3,18 @@
{
imports = [
./acme.nix
./adguard.nix
./citrix.nix
./coredns.nix
./desktop.nix
./docker.nix
./frpc.nix
./hass.nix
./haveged.nix
./libvirt.nix
./media.nix
./nixbuild.nix
./openssh.nix
./tailscale.nix
./timesyncd.nix
./webserver.nix
];

@ -1,70 +0,0 @@
{ pkgs, lib, config, options, ... }:
with lib;
let
cfg = config.personal.services.frpc;
in
{
options = {
personal = {
services = {
frpc = {
enable = mkEnableOption "FRP Client";
};
};
};
};
config = mkIf cfg.enable {
services = {
frpc = {
enable = true;
token = config.age.secrets."services/frpc/token".path;
settings = {
common = {
server_addr = "frps.boerger.ws";
server_port = 30601;
token = "{{ .Envs.FRP_TOKEN }}";
admin_addr = "127.0.0.1";
admin_port = 7400;
admin_user = "admin";
admin_pwd = "admin";
tls_enable = true;
};
http = {
type = "tcp";
local_ip = "127.0.0.1";
local_port = 80;
use_encryption = true;
use_compression = true;
remote_port = 8080;
health_check_type = "tcp";
health_check_timeout_s = 3;
health_check_max_failed = 3;
health_check_interval_s = 10;
};
https = {
type = "tcp";
local_ip = "127.0.0.1";
local_port = 443;
use_encryption = true;
use_compression = true;
remote_port = 8443;
health_check_type = "tcp";
health_check_timeout_s = 3;
health_check_max_failed = 3;
health_check_interval_s = 10;
};
};
};
};
age.secrets."services/frpc/token" = {
file = ../../secrets/services/frpc/token.age;
owner = "frpc";
group = "frpc";
};
};
}

@ -0,0 +1,93 @@
{ pkgs, lib, config, options, fetchurl, ... }:
with lib;
let
cfg = config.personal.services.hass;
in
{
options = {
personal = {
services = {
hass = {
enable = mkEnableOption "Home Assistant";
};
};
};
};
config = mkIf cfg.enable {
environment = {
systemPackages = with pkgs; [
sqlite
];
};
services = {
home-assistant = {
enable = true;
package = (pkgs.home-assistant.override {
extraPackages = python3Packages: with python3Packages; [
pyicloud
radios
securetar
];
extraComponents = [
"accuweather"
"adguard"
"alexa"
"default_config"
];
}).overrideAttrs (oldAttrs: {
doInstallCheck = false;
});
config = {
http = {
server_host = "127.0.0.1";
server_port = 8123;
trusted_proxies = [ "127.0.0.1" ];
use_x_forwarded_for = true;
};
homeassistant = {
name = "Boerger";
latitude = 49.406330;
longitude = 11.036830;
time_zone = "Europe/Berlin";
unit_system = "metric";
temperature_unit = "C";
};
default_config = { };
};
};
};
personal = {
services = {
webserver = {
enable = true;
hosts = [
{
domain = "home.boerger.ws";
proxy = "http://127.0.0.1:8123";
proxyOptions = ''
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Ssl on;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
'';
}
];
};
};
};
};
}

@ -11,14 +11,6 @@ in
services = {
media = {
enable = mkEnableOption "Media";
domain = mkOption {
description = ''
Domain used for media vhosts
'';
type = types.str;
default = "boerger.ws";
};
};
};
};
@ -28,10 +20,13 @@ in
users = {
users = {
media = {
uid = 20000;
description = "Media";
shell = pkgs.zsh;
isSystemUser = true;
group = "media";
home = "/var/lib/media";
uid = 20000;
isSystemUser = true;
passwordFile = config.age.secrets."users/media/password".path;
};
};
@ -138,35 +133,35 @@ in
hosts = [
{
domain = "nzbget.${cfg.domain}";
domain = "nzbget.boerger.ws";
proxy = "http://localhost:6789";
}
{
domain = "jellyfin.${cfg.domain}";
domain = "jellyfin.boerger.ws";
proxy = "http://localhost:8096";
}
{
domain = "radarr.${cfg.domain}";
domain = "radarr.boerger.ws";
proxy = "http://localhost:7878";
}
{
domain = "sonarr.${cfg.domain}";
domain = "sonarr.boerger.ws";
proxy = "http://localhost:8989";
}
{
domain = "lidarr.${cfg.domain}";
domain = "lidarr.boerger.ws";
proxy = "http://localhost:8686";
}
{
domain = "readarr.${cfg.domain}";
domain = "readarr.boerger.ws";
proxy = "http://localhost:8787";
}
{
domain = "bazarr.${cfg.domain}";
domain = "bazarr.boerger.ws";
proxy = "http://localhost:6767";
}
{
domain = "prowlarr.${cfg.domain}";
domain = "prowlarr.boerger.ws";
proxy = "http://localhost:9696";
}
];
@ -180,5 +175,9 @@ in
allowedUDPPorts = [ 1900 7359 ];
};
};
age.secrets."users/media/password" = {
file = ../../secrets/users/media/password.age;
};
};
}

188
machines/services/samba.nix Normal file

@ -0,0 +1,188 @@
{ pkgs, lib, config, options, ... }:
with lib;
let
cfg = config.personal.services.samba;
in
{
options = {
personal = {
services = {
samba = {
enable = mkEnableOption "Samba";
};
};
};
};
config = mkIf cfg.enable {
users = {
users = {
media = {
uid = 20000;
description = "Media";
shell = pkgs.zsh;
isSystemUser = true;
group = "media";
home = "/var/lib/media";
passwordFile = config.age.secrets."users/media/password".path;
};
printer = {
uid = 20001;
description = "Printer";
shell = pkgs.zsh;
isSystemUser = true;
group = "printer";
home = "/var/lib/printer";
passwordFile = config.age.secrets."users/printer/password".path;
};
};
groups = {
media = {
gid = 20000;
};
printer = {
gid = 20001;
};
};
};
services = {
samba = {
enable = true;
openFirewall = true;
extraConfig = ''
workgroup = WORKGROUP
server string = Sharing
netbios name = Sharing
guest account = nobody
map to guest = bad user
'';
shares = {
photos = {
comment = "Shared photos";
path = "/var/lib/media/photos";
"browseable" = "yes";
"read only" = "no";
"writeable" = "yes";
"guest ok" = "yes";
"force user" = "media";
"force group" = "media";
};
videos = {
comment = "Shared videos";
path = "/var/lib/media/videos";
"browseable" = "yes";
"read only" = "no";
"writeable" = "yes";
"guest ok" = "yes";
"force user" = "media";
"force group" = "media";
};
movies = {
comment = "Shared movies";
path = "/var/lib/media/movies";
"browseable" = "no";
"read only" = "no";
"writeable" = "yes";
"guest ok" = "no";
"force user" = "media";
"force group" = "media";
"valid users" = "media";
};
shows = {
comment = "Shared shows";
path = "/var/lib/media/shows";
"browseable" = "no";
"read only" = "no";
"writeable" = "yes";
"guest ok" = "no";
"force user" = "media";
"force group" = "media";
"valid users" = "media";
};
books = {
comment = "Shared books";
path = "/var/lib/media/books";
"browseable" = "no";
"read only" = "no";
"writeable" = "yes";
"guest ok" = "no";
"force user" = "media";
"force group" = "media";
"valid users" = "media";
};
music = {
comment = "Shared music";
path = "/var/lib/media/music";
"browseable" = "no";
"read only" = "no";
"writeable" = "yes";
"guest ok" = "no";
"force user" = "media";
"force group" = "media";
"valid users" = "media";
};
downloads = {
comment = "Shared downloads";
path = "/var/lib/media/downloads";
"browseable" = "no";
"read only" = "no";
"writeable" = "yes";
"guest ok" = "no";
"force user" = "media";
"force group" = "media";
"valid users" = "media";
};
printer = {
comment = "Shared printer";
path = "/var/lib/printer";
"browseable" = "yes";
"read only" = "no";
"writeable" = "yes";
"guest ok" = "yes";
"force user" = "printer";
"force group" = "printer";
};
backup = {
comment = "Shared backup";
path = "/var/lib/backup/%u";
"browseable" = "yes";
"read only" = "no";
"writeable" = "yes";
"guest ok" = "no";
};
};
};
};
age.secrets."users/printer/password" = {
file = ../../secrets/users/printer/password.age;
};
age.secrets."users/media/password" = {
file = ../../secrets/users/media/password.age;
};
};
}

@ -0,0 +1,57 @@
{ pkgs, lib, config, options, fetchurl, ... }:
with lib;
let
cfg = config.personal.services.tailscale;
in
{
options = {
personal = {
services = {
tailscale = {
enable = mkEnableOption "Tailscale";
};
};
};
};
config = mkIf cfg.enable {
networking = {
firewall = {
checkReversePath = "loose";
};
};
services = {
tailscale = {
enable = true;
};
};
systemd.services.tailscaled-autoconnect = {
description = "Automatic connection for Tailscale";
after = [ "network-pre.target" "tailscale.service" ];
wants = [ "network-pre.target" "tailscale.service" ];
wantedBy = [ "multi-user.target" ];
serviceConfig.Type = "oneshot";
script = ''
sleep 3
STATUS="$(${pkgs.tailscale}/bin/tailscale status -json | ${pkgs.jq}/bin/jq -r .BackendState)"
if [ $\{STATUS\} = "Running" ]; then
exit 0
fi
${pkgs.tailscale}/bin/tailscale up --auth-key file:${config.age.secrets."services/tailscale/authkey".path}
'';
};
age.secrets."services/tailscale/authkey" = {
file = ../../secrets/services/tailscale/authkey.age;
};
};
}

@ -60,22 +60,6 @@ in
type = types.str;
default = "boerger.ws";
};
defaultDomain = mkOption {
description = ''
Domain used by default vhost
'';
type = types.str;
default = "boerger.ws";
};
redirectDomain = mkOption {
description = ''
Domain to redirect the default
'';
type = types.str;
default = "jellyfin.boerger.ws";
};
};
};
};
@ -101,20 +85,25 @@ in
locations = {
"/" = mkIf (builtins.hasAttr "proxy" elem) {
proxyPass = elem.proxy;
extraConfig = ''
proxy_set_header X-Forwarded-Ssl on;
'' + (elem.proxyOptions or "");
extraConfig = (
elem.proxyOptions or ''
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_set_header X-Forwarded-Ssl on;
''
);
};
};
} // (elem.domainOptions or { });
})
config.personal.services.webserver.hosts) // {
"${cfg.defaultDomain}" = {
"boerger.ws" = {
useACMEHost = cfg.acmeHost;
addSSL = true;
forceSSL = false;
default = true;
globalRedirect = cfg.redirectDomain;
root = "/var/empty";
};
};
};

@ -16,12 +16,15 @@
acme = {
enable = true;
};
frpc = {
hass = {
enable = true;
};
media = {
enable = true;
};
tailscale = {
enable = true;
};
};
};

@ -1,6 +1,25 @@
{ config, lib, pkgs, ... }:
let
cifsServer = "\\192.168.1.10";
cifsOptions = [
"x-systemd.automount"
"noauto"
"x-systemd.idle-timeout=60"
"x-systemd.device-timeout=5s"
"x-systemd.mount-timeout=5s"
"credentials=${config.age.secrets."users/media/smbpasswd".path}"
"uid=${config.users.users.media.uid}"
"gid=${config.users.groups.media.gid}"
];
in
{
environment = {
systemPackages = with pkgs; [
cifs-utils
];
};
swapDevices = [{
device = "/dev/disk/by-label/swap";
}];
@ -109,20 +128,6 @@
];
};
fileSystems."/var/lib/media/downloads" = {
device = "/dev/disk/by-label/downloads";
fsType = "ext4";
options = [
"noatime"
"discard"
];
};
# fileSystems."/var/lib/media/downloads" = {
# device = "192.168.1.10:/downloads";
# fsType = "nfs";
# };
fileSystems."/var/lib/media/movies" = {
device = "/dev/disk/by-label/movies";
fsType = "ext4";
@ -133,8 +138,9 @@
};
# fileSystems."/var/lib/media/movies" = {
# device = "192.168.1.10:/movies";
# fsType = "nfs";
# device = "${cifsServer}/movies";
# fsType = "cifs";
# options = cifsOptions;
# };
fileSystems."/var/lib/media/series" = {
@ -146,9 +152,10 @@
];
};
# fileSystems."/var/lib/media/series" = {
# device = "192.168.1.10:/series";
# fsType = "nfs";
# fileSystems."/var/lib/media/shows" = {
# device = "${cifsServer}/shows";
# fsType = "cifs";
# options = cifsOptions;
# };
fileSystems."/var/lib/media/books" = {
@ -161,8 +168,9 @@
};
# fileSystems."/var/lib/media/books" = {
# device = "192.168.1.10:/books";
# fsType = "nfs";
# device = "${cifsServer}/books";
# fsType = "cifs";
# options = cifsOptions;
# };
fileSystems."/var/lib/media/music" = {
@ -175,7 +183,27 @@
};
# fileSystems."/var/lib/media/music" = {
# device = "192.168.1.10:/music";
# fsType = "nfs";
# device = "${cifsServer}/music";
# fsType = "cifs";
# options = cifsOptions;
# };
fileSystems."/var/lib/media/downloads" = {
device = "/dev/disk/by-label/downloads";
fsType = "ext4";
options = [
"noatime"
"discard"
];
};
# fileSystems."/var/lib/media/downloads" = {
# device = "${cifsServer}/downloads";
# fsType = "cifs";
# options = cifsOptions;
# };
age.secrets."users/media/smbpasswd" = {
file = ../../secrets/users/media/smbpasswd.age;
};
}

@ -0,0 +1,52 @@
{ pkgs, lib, config, options, ... }:
with lib;
let
username = "adrian";
fullname = "Adrian Boerger";
desktop = config.personal.services.desktop.enable;
in
{
imports = [
../modules
./desktop
../programs
./programs
../services
./services
];
profile = {
username = username;
};
users = {
users = {
"${username}" = {
description = "${fullname}";
shell = pkgs.zsh;
isNormalUser = true;
passwordFile = config.age.secrets."users/${username}/password".path;
extraGroups = [
"audio"
"video"
"networkmanager"
];
};
};
};
home-manager.users."${username}" = { config, ... }: {
home = {
homeDirectory = "/home/${username}";
stateVersion = "18.09";
};
};
age.secrets."users/${username}/password" = {
file = ../../secrets/users/${username}/password.age;
};
}

@ -0,0 +1,9 @@
{ pkgs, lib, config, options, ... }:
{
options = {
profile = {
desktop = { };
};
};
}

@ -0,0 +1,7 @@
{ pkgs, lib, config, options, ... }:
{
imports = [
];
}

@ -0,0 +1,7 @@
{ pkgs, lib, config, options, ... }:
{
imports = [
];
}

52
profiles/anna/default.nix Normal file

@ -0,0 +1,52 @@
{ pkgs, lib, config, options, ... }:
with lib;
let
username = "anna";
fullname = "Anna Boerger";
desktop = config.personal.services.desktop.enable;
in
{
imports = [
../modules
./desktop
../programs
./programs
../services
./services
];
profile = {
username = username;
};
users = {
users = {
"${username}" = {
description = "${fullname}";
shell = pkgs.zsh;
isNormalUser = true;
passwordFile = config.age.secrets."users/${username}/password".path;
extraGroups = [
"audio"
"video"
"networkmanager"
];
};
};
};
home-manager.users."${username}" = { config, ... }: {
home = {
homeDirectory = "/home/${username}";
stateVersion = "18.09";
};
};
age.secrets."users/${username}/password" = {
file = ../../secrets/users/${username}/password.age;
};
}

@ -0,0 +1,9 @@
{ pkgs, lib, config, options, ... }:
{
options = {
profile = {
desktop = { };
};
};
}

@ -0,0 +1,7 @@
{ pkgs, lib, config, options, ... }:
{
imports = [
];
}

@ -0,0 +1,7 @@
{ pkgs, lib, config, options, ... }:
{
imports = [
];
}

@ -31,6 +31,8 @@
./slack.nix
./steam.nix
./teams.nix
./telegram.nix
./thunderbird.nix
./tmux.nix
./whatsapp.nix
./wine.nix

@ -4,18 +4,18 @@ with lib;
let
cfg = config.profile.programs.develop;
python = pkgs.python39.withPackages (p: with p; [
ansible-core
ansible-doctor
# ansible-later
ansible-lint
boto3
botocore
hcloud
passlib
requests
yamllint
]);
# python = pkgs.python39.withPackages (p: with p; [
# ansible-core
# ansible-doctor
# # ansible-later
# ansible-lint
# boto3
# botocore
# hcloud
# passlib
# requests
# yamllint
# ]);
in
{
@ -32,20 +32,18 @@ in
config = mkIf cfg.enable {
environment = {
systemPackages = with pkgs; [
python
php80
php80Packages.composer
nodejs-16_x
yarn
# python
act
ansible-doctor
ansible-later
ansible-lint
awscli2
eksctl
git-chglog
gopass
graphviz
hcloud
httpie
ipcalc
ngrok
@ -53,9 +51,17 @@ in
reflex
shellcheck
sops
upx
yamllint
checkov
terraform
terragrunt
upx
tflint
tfsec
nodejs-16_x
yarn
];
};
};

@ -19,7 +19,7 @@ in
config = mkIf cfg.enable {
environment = {
systemPackages = with pkgs; [
mattermost
mattermost-desktop
];
};
};

@ -0,0 +1,26 @@
{ pkgs, lib, config, options, ... }:
with lib;
let
cfg = config.profile.programs.telegram;
in
{
options = {
profile = {
programs = {
telegram = {
enable = mkEnableOption "Telegram";
};
};
};
};
config = mkIf cfg.enable {
environment = {
systemPackages = with pkgs; [
tdesktop
];
};
};
}

@ -0,0 +1,26 @@
{ pkgs, lib, config, options, ... }:
with lib;
let
cfg = config.profile.programs.thunderbird;
in
{
options = {
profile = {
programs = {
thunderbird = {
enable = mkEnableOption "Thunderbird";
};
};
};
};
config = mkIf cfg.enable {
environment = {
systemPackages = with pkgs; [
thunderbird-bin
];
};
};
}

@ -5,6 +5,7 @@
./blueman.nix
./caffeine.nix
./flameshot.nix
./mopidy.nix
./nmapplet.nix
./owncloud.nix
./udiskie.nix

@ -0,0 +1,50 @@
{ pkgs, lib, config, options, ... }:
with lib;
let
cfg = config.profile.services.mopidy;
in
{
options = {
profile = {
services = {
mopidy = {
enable = mkEnableOption "Mopidy";
};
};
};
};
config = mkIf cfg.enable {
home-manager.users."${config.profile.username}" = { config, ... }: {
programs = {
ncmpcpp = {
enable = true;
};
};
services = {
mopidy = {
enable = true;
extensionPackages = with pkgs; [
mopidy-iris
mopidy-jellyfin
mopidy-mpd
mopidy-tunein
];
# extraConfigFiles = [
# config.age.secrets."services/mopidy/jellyfin".path
# ];
};
};
};
# age.secrets."services/mopidy/jellyfin" = {
# file = ../../secrets/services/mopidy/jellyfin.age;
# owner = config.profile.username;
# };
};
}

@ -0,0 +1,52 @@
{ pkgs, lib, config, options, ... }:
with lib;
let
username = "tabea";
fullname = "Tabea Boerger";
desktop = config.personal.services.desktop.enable;
in
{
imports = [
../modules
./desktop
../programs
./programs
../services
./services
];
profile = {
username = username;
};
users = {
users = {
"${username}" = {
description = "${fullname}";
shell = pkgs.zsh;
isNormalUser = true;
passwordFile = config.age.secrets."users/${username}/password".path;
extraGroups = [
"audio"
"video"
"networkmanager"
];
};
};
};
home-manager.users."${username}" = { config, ... }: {
home = {
homeDirectory = "/home/${username}";
stateVersion = "18.09";
};
};
age.secrets."users/${username}/password" = {
file = ../../secrets/users/${username}/password.age;
};
}

@ -0,0 +1,9 @@
{ pkgs, lib, config, options, ... }:
{
options = {
profile = {
desktop = { };
};
};
}

@ -0,0 +1,7 @@
{ pkgs, lib, config, options, ... }:
{
imports = [
];
}

@ -0,0 +1,7 @@
{ pkgs, lib, config, options, ... }:
{
imports = [
];
}

@ -20,7 +20,7 @@ in
];
profile = {
username = "${username}";
username = username;
desktop = {
i3 = {
@ -68,6 +68,9 @@ in
lutris = {
enable = desktop;
};
thunderbird = {
enable = desktop;
};
mattermost = {
enable = desktop;
};
@ -80,9 +83,9 @@ in
owncloud = {
enable = desktop;
};
playonlinux = {
enable = desktop;
};
# playonlinux = {
# enable = desktop;
# };
rocketchat = {
enable = desktop;
};
@ -101,6 +104,9 @@ in
teams = {
enable = desktop;
};
telegram = {
enable = desktop;
};
whatsapp = {
enable = desktop;
};
@ -141,6 +147,9 @@ in
flameshot = {
enable = desktop;
};
mopidy = {
enable = desktop;
};
nmapplet = {
enable = desktop;
};
@ -151,9 +160,9 @@ in
enable = desktop;
};
dunst = {
enable = desktop;
};
# dunst = {
# enable = desktop;
# };
polybar = {
enable = desktop;
};
@ -166,7 +175,7 @@ in
description = "${fullname}";
shell = pkgs.zsh;
isNormalUser = true;
hashedPassword = "$6$yuwsoikF5utqohar$fdcvq0iXdmiioiRyBGeVZICzQm4nKlv6.pj9AWh13VRCsE07dN9StDnXV0aslIBb0SWRFC4dY5Um2MYiAMfmH0";
passwordFile = config.age.secrets."users/${username}/password".path;
openssh = {
authorizedKeys = {
keys = [
@ -229,4 +238,8 @@ in
stateVersion = "18.09";
};
};
age.secrets."users/${username}/password" = {
file = ../../secrets/users/${username}/password.age;
};
}

@ -4,6 +4,81 @@ with lib;
let
cfg = config.profile.desktop.i3;
programs = {
term = [
{
exec = "Alacritty";
class = "Alacritty";
}
];
editor = [
{
exec = "code";
class = "code";
}
];
browser = [
{
exec = "google-chrome-stable";
class = "google-chrome";
}
];
music = [ ];
mail = [
{
exec = "thunderbird";
class = "thunderbird";
}
];
chat = [
{
exec = "discord";
class = "discord";
}
{
exec = "element-desktop";
class = "element";
}
{
exec = "mattermost-desktop";
class = "mattermost";
}
{
exec = "rocketchat-desktop";
class = "rocket.chat";
}
{
exec = "signal-desktop";
class = "signal";
}
{
exec = "skypeforlinux";
class = "skype";
}
{
exec = "slack";
class = "slack";
}
{
exec = "teams";
class = "microsoft teams";
}
{
exec = "tdekstop";
class = "telegram-desktop";
}
{
exec = "whatsapp-for-linux";
class = "whatsapp-for-linux";
}
];
};
in
{
options = {
@ -21,15 +96,23 @@ in
home = {
packages = with pkgs; [
betterlockscreen
deadd-notification-center
feh
gnome.nautilus
gucharmap
libnotify
lxappearance
playerctl
scrot
];
};
services = {
gnome-keyring = {
enable = true;
};
};
xsession = {
enable = true;
@ -55,21 +138,23 @@ in
};
assigns = {
"1" = [{
class = "Alacritty";
}];
"3" = [{
class = "google-chrome";
}];
"1" = map (i: { class = i.class; }) programs.term;
"2" = map (i: { class = i.class; }) programs.editor;
"3" = map (i: { class = i.class; }) programs.browser;
"4" = map (i: { class = i.class; }) programs.mail;
"5" = map (i: { class = i.class; }) programs.music;
"6" = map (i: { class = i.class; }) programs.chat;
};
startup = [
{
command = "feh --borderless --no-fehbg --bg-scale $HOME/.wallpapers/tower.jpg";
command = "feh --no-fehbg --bg-scale $HOME/.wallpapers/tower.jpg";
always = false;
notification = false;
}
{
command = "betterlockscreen -w dim -u $HOME/.wallpapers/tower.jpg";
command = "betterlockscreen --update $HOME/.wallpapers/tower.jpg";
always = false;
notification = false;
}
{
@ -77,11 +162,11 @@ in
always = true;
notification = false;
}
{
command = "systemctl --user restart dunst";
always = true;
notification = false;
}
# {
# command = "systemctl --user restart dunst";
# always = true;
# notification = false;
# }
{
command = "systemctl --user restart udiskie";
always = true;
@ -97,7 +182,19 @@ in
always = true;
notification = false;
}
];
{
command = "deadd-notification-center";
always = false;
notification = false;
}
# {
# command = "clockify";
# always = false;
# notification = false;
# }
] ++ (map (i: { command = i.exec; notification = false; }) programs.term) ++ (map (i: { command = i.exec; notification = false; }) programs.editor) ++ (map (i: { command = i.exec; notification = false; }) programs.browser) ++ (map (i: { command = i.exec; notification = false; }) programs.mail) ++ (map (i: { command = i.exec; notification = false; }) programs.music) ++ (map (i: { command = i.exec; notification = false; }) programs.chat);
gaps = {
smartGaps = true;
@ -210,7 +307,7 @@ in
set $power "[l]ock log[o]ut [s]uspend [h]ibernate [r]eboot [p]oweroff"
mode $power {
bindsym l exec betterlockscreen -w dim -u $HOME/.wallpapers/tower.jpg; mode "default"
bindsym l exec betterlockscreen --lock dim; mode "default"
bindsym o exec i3-msg exit; mode "default"
bindsym s exec systemctl suspend; mode "default"
bindsym h exec systemctl hibernate; mode "default"

@ -2,11 +2,27 @@ let
thomas = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINaQYR0/Oj6k1H03kshz2J7rlGCaDSuaGPhhOs9FcZfn";
users = [ thomas ];
midgard = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICGC6aSeeKiMO9y3NMxPOh2JvvGYcyS4za+0+hSqI3Bj";
asgard = "";
utgard = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN02izetkp+Wru4KE0ZASwOcjJfXr3U0H/Q/i0fjdgJ7";
systems = [ utgard ];
systems = [ midgard asgard utgard ];
in
{
"services/acme/credentials.age".publicKeys = users ++ systems;
"services/frpc/token.age".publicKeys = users ++ systems;
"services/mopidy/jellyfin.age".publicKeys = users ++ systems;
"services/nixbuild/sshkey.age".publicKeys = users ++ systems;
"services/tailscale/authkey.age".publicKeys = users ++ systems;
"users/media/password.age".publicKeys = users ++ systems;
"users/media/smbpasswd.age".publicKeys = users ++ systems;
"users/printer/password.age".publicKeys = users ++ systems;
"users/root/password.age".publicKeys = users ++ systems;
"users/admin/password.age".publicKeys = users ++ systems;
"users/thomas/password.age".publicKeys = users ++ systems;
"users/anna/password.age".publicKeys = users ++ systems;
"users/adrian/password.age".publicKeys = users ++ systems;
"users/tabea/password.age".publicKeys = users ++ systems;
}

@ -1,9 +1,11 @@
age-encryption.org/v1
-> ssh-ed25519 ptT1OQ zh94IvnUClD1KSf07GormPU11pydyI2mJ0QR+dj35AU
WJmyov9jnDRU0XOfNly+YctW4u/74nbLjp84JRHncWE
-> ssh-ed25519 QkapZw 63is6AXw4FTrqsD0up52mIGSfLFcb+X+ZJ47QiOLgHo
NiILE2Wc05JFcISN0HV0oZ+m8H4HUQOADLrNoAWMVmk
-> [nwC-grease dC<=9<F[
hiGKFg8H+Vj1ZRCNDLcJUclYKKw
--- cy6U+0/Q0gTt5+XKisuoGbFFxggmfE3CfJkgWCuLty8
@^ç°µYô-œ”/WQŽ&=›‡ <0A>kO y·ZêmD:íÌ­)ùÕ+·‹¥+ZÙ<19>èئ!d
-> ssh-ed25519 ptT1OQ G0UMa/hBBgKiYtBUgm6E+LHVVly/sr2+0dThm+VsNV0
GFlyE+NmG7wND92/WXCJFFkq9M1Nsfq3k7YRnAIiH+s
-> ssh-ed25519 vDK6kA IMw7Ugc3JS3lo+jdy3VTfxNe+BcWRvIurYcHo8/20Gw
x6EZAsfUt/Q99W5ibar3GznBJPxgZiHGwplouzXDFdc
-> ssh-ed25519 QkapZw u+G8NcRFQARVgqHA8GgQI/FwAVJIEPYdyMOwEcQYIDY
EQdhk9LxqWPdIwzIhBG13dLVpXZJyadWr87YQ8M1UcQ
-> J-grease SyWuYE |$6Yno7V B^+)$-n
xH13RODn/QcYvsniQH4
--- ha8bj14RU/C0zmMc4kVty3WsN6fRF8ZdyhSmqKyPshs
<EFBFBD><EFBFBD>广]2(y>ケ 鋕VCテZ;ムャエD+サ\!.OEpqサI&fSェフLフ>A「K

Binary file not shown.

Binary file not shown.

@ -0,0 +1,12 @@
age-encryption.org/v1
-> ssh-ed25519 ptT1OQ LnnwfsdOcAom5MZY4xYG+m1CUOcR2LhCYU+UMGQxwU4
UxV1cyR0seHEmhzI0ngmf9MNEqA7Se77G52b4kw8a5E
-> ssh-ed25519 vDK6kA 4iqbkl1XVdmO/4bb8oCPstM+c90jjlNUqx1EPnKZqAs
voRRt0wWr4DIpkY5R+S9e7dhJ7PsirrQGYkku/86iLY
-> ssh-ed25519 QkapZw 7atPx1R+UvxoIevJwJSuDWjs4Uwtarae1ubDKXLLWGA
z3Xfmk2ysy+j57aRbt4kv0Jv+7ajeBlDw1VrADjNJlw
-> Jo:^-grease 68x TN\24 Y<eo UEy
AoDN8iMG
--- Hkh8+TIqB75tkzt1n2Biy9ZLKogTCdTzsT11w7N+/BI
<*W^š†2Ú }äqî“r4Øg[Màüi<08>bbdÛ
ÐóªêcæãOÔè „Vttáhð9ÎÂ$iìÊ +Q™qhf½Aï_#×™(lZõ‰lp/"

@ -0,0 +1,13 @@
age-encryption.org/v1
-> ssh-ed25519 ptT1OQ OnQmMRmL4vooeJARScu0RFDRxF+DAwzzHA6Xfs9E60M
q0oXUE7RKv/b5/v2nHbRDK0B/m/D5HQ9pCnCF1Hub/c
-> ssh-ed25519 vDK6kA iYH6SGuEb2frh2Av9/NnhsD5SYxPU/ymow7qiwPdPAA
iei5JokDZ4vyKYa4+oKi6tt4X+m6C9Q64YUHX75cJKo
-> ssh-ed25519 QkapZw WrWt+aqpoT/jQdD3ktFygrodrZ1dutukEWzSlAiCFDk
1mvKL9cnEE61wfY+yZE1N8E8SfYUWyyLftOg30JIgRg
-> W^&%6jtg-grease v8zD(}
NZAuTFXfI/X9rK8azx1w4fqKMrvOKcRWrGx3iXWn8Cdkb/cAtfRyckPc659jONns
/gJx2jcqstgYR7O38wnOuuevexEeRn/2i5bISRLbN1AGW4Q
--- LW/pRhTdYie4pUsBKMqRp38ltz1fJ9tZMRAcV71ykZk
údb»^FB¤f‰‰·
s˜Æ"2TºˆLb#­¢Â¨p

@ -0,0 +1,12 @@
age-encryption.org/v1
-> ssh-ed25519 ptT1OQ 6owQsraIjwntWOLM/IgsCfo9k4xP7EgBqGHz/9ACOgc
Qlee7D1NbteTDL97/yfvfkZnuuF1n5oCMCjwJZIERH0
-> ssh-ed25519 vDK6kA 6OPdEol4Z3nCRInYKRNb+EboSByN+ed1X0dVVZBTLkE
6kDLoKD+GQVaIzAy5GHdF8K/3iMZTg7x0cb8ScNA0B4
-> ssh-ed25519 QkapZw oZ6I/sL0ZGVu+8qK+Ol4QMlOCAFy4CaS83EAnV1XLWw
R63uqZ48KJ+M7HZ2vCQ/1eEXyzeTLZSHpp3AM6zLlTQ
-> dw,mS#A0-grease -?,a d<}@U<
aiBxTwXkpHMDz2mrp3+6PZE9pxA4TZe/+ioGsek0iWLjNGZ2zh1/z3cZ5dHodDfc
pHW/9wWa0j4
--- Yl4jZiBuNi+e4Hxo5JcbRmQGM5tzYz1UG0naPSH8fzI
Ñ6ß®ç³âSá….BXp JR¼ð<C2BC>¢ÕŸ áK±Õ_÷IJ±®š¸dA

@ -0,0 +1,11 @@
age-encryption.org/v1
-> ssh-ed25519 ptT1OQ ZwHZuEtXIywjlO1Qylc54X5yliYN2C20lXtxRleDOgE
h3PEPfWVR7Y3Xc80e26UwMg8SU9ZDgs4SkyAQsYzj+Q
-> ssh-ed25519 vDK6kA +yWQE2uLXFSpX4iCxaKyaxk/219fItLaZGC3vlzgQFs
g6wiwF/Ym7KUuWnPVLZyMzcvwOc+gEzQtVEOMcTGE2c
-> ssh-ed25519 QkapZw Ymvdm1Lh4AdNYQsvtnlTB+xFU0ukt0qvQGmSPodVT1M
5wKYkK+69TVRm0P+dZEASBfbAT0R7jBNJKmzwU6KIKk
-> (`jv:-grease j(N
2LnNRS5xWT3s9x5gg1ls7pfVbg/uFgCyLNr9/KK4YbQbsNKrNg
--- hLiE6yB2F7kOJw3qT31+bCbnMtcK32XYgxbI82WVlmY
öA,½ÍìÔXx[†Z©Ëg-2‡¦–®#â)»9ƒÚzºbÃïÿ[V¼€

@ -0,0 +1,12 @@
age-encryption.org/v1
-> ssh-ed25519 ptT1OQ 6nrRFAT0bfW/YJUvUidI1VKSuLYwInjTHAVBsW1m8QE
zXaMZLYdHMe552DAOJIE+2Ej4FbNoiC0lMUVK0HwkYw
-> ssh-ed25519 vDK6kA IgdF+Ru31yku4rGyIX9Kb5kbxfi8flHMw9jElsr/twM
HKL3yIg8tiYgmMnjVbSxk4kq5XvtSrk30bNuyj35mg4
-> ssh-ed25519 QkapZw vgukk5ZXct7y3e+3IDfKjM1Z/jKJhqmF2lg1WO/FfCo
kK1WaS6PCfhbJj04PVOMgc3nGU8tFQS6kJxqhWHV6ZE
-> V-grease * G#N'H$(
BV3zew7ZPBc3kj8Vlsm8egFoTN0jTe7mqzFqjucThfldN+YFcKZK6VxzzCsbB6mn
Ez2qmevGVI43inhwSmIUSnqVvj1+8hc5NICZJs24P+34HA
--- vjzDvpUTaCep8r5cGc5JDnZUdaQ/I2qXMDHIF7gDIdo
†Fa<46>Ûç<C39B>þC`žó ìS@Op8Ü{ª)|q+öìó×v::lú÷ìñ<>'æ!칦×c¢¶,

Binary file not shown.

@ -0,0 +1,13 @@
age-encryption.org/v1
-> ssh-ed25519 ptT1OQ 9z0mc7gau0SlDVq8NAZI0T+t2yetYhRJ5jJ+cx/pFTM
4Yz8DPjhtAsy0abWxKR5WE9uC7n5BfhADTSUiDZBqUk
-> ssh-ed25519 vDK6kA UPR/LPzCEBBo3WcTywbS/yjb7v+uQTjPzGVVv05VOkk
UcbxNWcmE14VIUa6Sq4U4Q0SHLhQ7OKiE+xnGVq90tc
-> ssh-ed25519 QkapZw uPxyBvN/TO//OGorad6hxvnDIqoLhROtU+HIcOOhXVs
J3u69kfjynkf5lUVDk7X+4JHmOSca0Q14YOwAV14lb8
-> GY`;C-grease (L,'+} $/@h ~
+ur0Lzp2w7e9/dJlEDbya+IIzQ6mwiEowxCUnCzm/JPELX/OLh/hlwUUzLOAJsVS
Kw6Rf41t6o5HPJZXLFBtQtyjgLeZx/rlIjrBmFQ41BJ0Lbmf7/g
--- E1i31zsuxNyizZMMeGBbgi1f77T3T5cn/kORrliha6U
õcgBˆÉMòصZ/MÌ
]»C³®LbÅR*’娃 »Ç ¸`½Ý,îi†£|÷°£ÕeD

@ -0,0 +1,12 @@
age-encryption.org/v1
-> ssh-ed25519 ptT1OQ YcyAUwVMlw4/ALw7mnNSf0mZEIBy2QutWPnw/dIcdGU
T12rjnbOaILGoVMRr2Ggi/kNThnacoLBFjCOBIROQgU
-> ssh-ed25519 vDK6kA t/nieYJLDvK/t6nmqv9uZeznMXKZx0w6haAdGGbRUig
L1RtzBdd2byvSb+Bei7cQk4pSeG572CmRnQ2fMl4xk8
-> ssh-ed25519 QkapZw h50sCx6P4KcKJ1FuKBG7b1fXvfE3uLHM4CbFj0p2+zU
b4llW691ia4zsUewi61ubDdTVuqKmZHkOQc+zcow3lo
-> [@JJ3u-grease H9 XQF %fy3, Za.Zvj_}
T68o20cFBiNu9Wgmk8ZpABs80V7f7Y6wBa3ldggYvp62kTswfS0mIGsO+ta6FZt9
++GxRoSprkcVmg4
--- 4yMs1I5euxBUuhkdu98y/ExONALCQkfx7K/6uHAFh6A
åJ<>Á•<1B>ûèíuŸ«°!ÈÛåˆ]Œ‚;ó)5œ7ªbsɹów:=ÅÃ

@ -0,0 +1,11 @@
age-encryption.org/v1
-> ssh-ed25519 ptT1OQ aldRZAe2K4bGX8GbnW01BC7pkreWmEYG50iFM5+cVkM
Ix3RuSN12AQr0kggdEwgVBmpv7oal99PHyTeAv0tDdc
-> ssh-ed25519 vDK6kA c9sm7SGxgbgJt2M/mKT0mnDPv8kMgvU4E+WM88pszDE
K7jsUZzDX5cXcnTCeswxOz/5+wMJMt80/pSU36UkE+w
-> ssh-ed25519 QkapZw HsnZIJNhcwAf7uAU6g+NtsNYSpnK0A7LOWZfNYN8tkE
i6y8GMfYo3iwH5reeUdMwmbzjR/BcKGZg+2OKNPRfIU
-> |/"ga-grease \:S|s5} 3HKp9_~
hewqWDDpTlc
--- gznXnky7kkgfMGD88xGo4dAXpZkLX7DKx8xMxRFgL+w
*(4qG0YEタ>H*7wNe、・<>cG[ク「L噤以<E599A4>

@ -0,0 +1,11 @@
age-encryption.org/v1
-> ssh-ed25519 ptT1OQ fwUu8pY2budRGKQ5KH8g3PpQkYw8nxQjXPMypWRVzmg
KqgwVHgyLsJHXn46OwwH5a6+mXIeu4JjsXXH3nZCFQQ
-> ssh-ed25519 vDK6kA QWFjCWEDx9y9hsBaVfdECb/9XiPtNR3SRf1dXd9szmI
fv9QTZ9h2JWW9d+rjjTnePOW/lxOnvVNYl3P3a2Fgnc
-> ssh-ed25519 QkapZw 9aLnV1zSbaws9Kzx7gFYBc3xQPzoNpqF8C3woF8D03E
CUZodCA2dAvZra7367A1PNdHlVkgKqfMl/LBlD35MKo
-> D-grease ;95[E YS| [,!+^H P~&
+fpm
--- FJSm4ETZT3yielQi7G05UJXRRNpOJawgSogBmyC51MU
i%`vø\? ‡\Yã{ö×I¼¾w5œCÌõrpP=ï®Gº¶Xðø<C3B0>