diff --git a/flake.nix b/flake.nix index 2ece31a..0590318 100644 --- a/flake.nix +++ b/flake.nix @@ -64,19 +64,6 @@ }; # Home manager configuration - homeManagerModules = [ - inputs.home-manager.nixosModules.default - { - home-manager = { - useGlobalPkgs = true; - useUserPackages = true; - extraSpecialArgs = { - stable = inputs.nixpkgs; - unstable = inputs.nixpkgs-u; - }; - }; - } - ]; homeManagerUModules = [ inputs.home-manager-u.nixosModules.default { @@ -246,6 +233,8 @@ }; }; + nixosModules = { }; + nixosConfigurations = { thor = inputs.nixpkgs-u.lib.nixosSystem { system = "x86_64-linux"; @@ -382,14 +371,24 @@ ./instances/freya/hardware-configuration.nix ./instances/freya/configuration.nix + ./nixos/users/tiziano.nix + ./nixos/torrentbox.nix ./nixos/minio_server.nix # ./nixos/nextcloud.nix ./nixos/ntfy.nix # S3 cache read # ./nixos/s3_cache_read.nix - ] ++ homeManagerModules ++ [{ + ] ++ homeManagerUModules ++ [{ home-manager.users.bertof = import ./instances/freya/hm.nix; + + + + age.secrets = { + rclone_bertof = { file = ./secrets/rclone_bertof.age; owner = "bertof"; }; + rclone_tiziano = { file = ./secrets/rclone_tiziano.age; owner = "tiziano"; }; + }; + }]; }; @@ -401,12 +400,19 @@ ./instances/baldur/configuration.nix # ./nixos/digitalocean.nix + ./nixos/users/tiziano.nix + # ./nixos/users/tiziano.nix # S3 cache read # ./nixos/s3_cache_read.nix ] ++ homeManagerUModules ++ [{ home-manager.users.bertof = import ./instances/baldur/hm.nix; - # home-manager.users.tiziano = import ./instances/baldur/hm_tiziano.nix; + home-manager.users.tiziano = import ./instances/baldur/hm_tiziano.nix; + + age.secrets = { + rclone_bertof = { file = ./secrets/rclone_bertof.age; owner = "bertof"; }; + rclone_tiziano = { file = ./secrets/rclone_tiziano.age; owner = "tiziano"; }; + }; }]; }; @@ -423,9 +429,14 @@ ./nixos/users/tiziano.nix # S3 cache read # ./nixos/s3_cache_read.nix - ] ++ homeManagerModules ++ [{ + ] ++ homeManagerUModules ++ [{ home-manager.users.bertof = import ./instances/odin/hm.nix; home-manager.users.tiziano = import ./instances/odin/hm_tiziano.nix; + + age.secrets = { + rclone_bertof = { file = ./secrets/rclone_bertof.age; owner = "bertof"; }; + rclone_tiziano = { file = ./secrets/rclone_tiziano.age; owner = "tiziano"; }; + }; }]; }; }; diff --git a/instances/freya/configuration.nix b/instances/freya/configuration.nix index 2ca39de..ae9875a 100644 --- a/instances/freya/configuration.nix +++ b/instances/freya/configuration.nix @@ -30,10 +30,7 @@ in enable = true; # package = pkgs.bluezFull; }; - opengl = { - enable = true; - driSupport = true; - }; + opengl.enable = true; raspberry-pi."4" = { # audio.enable = true; # AUDIO fkms-3d.enable = true; # GPU diff --git a/instances/odin/configuration.nix b/instances/odin/configuration.nix index 09b42da..22e9b53 100644 --- a/instances/odin/configuration.nix +++ b/instances/odin/configuration.nix @@ -1,4 +1,4 @@ -{ config, pkgs, ... }: +{ pkgs, ... }: let hosts = import ../../hosts.nix; in diff --git a/nixos/basics/remote-deploy.nix b/nixos/basics/remote-deploy.nix index 1e4cb17..6bc6687 100644 --- a/nixos/basics/remote-deploy.nix +++ b/nixos/basics/remote-deploy.nix @@ -5,7 +5,7 @@ openFirewall = true; settings = { KbdInteractiveAuthentication = lib.mkDefault false; - PermitRootLogin = lib.mkDefault "prohibit-password"; + # PermitRootLogin = lib.mkDefault "prohibit-password"; PasswordAuthentication = lib.mkDefault false; }; };