diff --git a/flake.nix b/flake.nix index 13ace86..7cb8229 100644 --- a/flake.nix +++ b/flake.nix @@ -102,6 +102,7 @@ { # age.secrets.oauth_proxy_client_credentials.file = ./secrets/oauth_proxy_client_credentials.age; age.secrets.spotify_password = { file = ./secrets/spotify_password.age; owner = "bertof"; }; + age.secrets.garage_rpc_secret.file = ./secrets/garage_rpc_secret.age; } ./nixos_modules/bertof_user.nix @@ -235,6 +236,8 @@ home-manager.users.bertof = import ./loki/hm.nix; home-manager.users.tiziano = import ./loki/hm_tiziano.nix; } + + ./nixos_modules/garage.nix ]; }; }; diff --git a/freya/configuration.nix b/freya/configuration.nix index 6d9451e..20f8312 100644 --- a/freya/configuration.nix +++ b/freya/configuration.nix @@ -19,6 +19,7 @@ i18n.defaultLocale = "it_IT.UTF-8"; networking.hostName = "freya"; + networking.firewall.allowedTCPPorts = [ 80 ]; programs = { dconf.enable = true; @@ -47,11 +48,28 @@ blueman.enable = true; dbus.packages = [ pkgs.dconf ]; gnome.gnome-keyring.enable = true; + # nextcloud = { + # enable = true; + # hostName = "freya.local"; + # config.adminpassFile = config.age.secrets.nextcloud_admin_secret.path; + # config.objectstore.s3 = { + # enable = true; + # bucket = "nextcloud-bucket"; + # autocreate = false; + # key = "GK42a6b774429bfc254f4a5d36"; + # secretFile = config.age.secrets.nextcloud_bucket_secret.path; + # hostname = "localhost"; + # port = 3900; + # useSsl = false; + # region = "garage"; + # usePathStyle = true; + # }; + # }; openssh = { enable = true; openFirewall = true; }; - xserver = { - enable = true; - desktopManager.retroarch = { enable = true; package = pkgs.retroarchFull; }; - }; + # xserver = { + # enable = true; + # desktopManager.retroarch = { enable = true; package = pkgs.retroarchFull; }; + # }; }; time.timeZone = "Europe/Rome"; diff --git a/hm_modules/zellij.nix.orig b/hm_modules/zellij.nix.orig new file mode 100644 index 0000000..c60d9e1 --- /dev/null +++ b/hm_modules/zellij.nix.orig @@ -0,0 +1,66 @@ +<<<<<<< HEAD +{ pkgs, ... }: +let + strPalette = pkgs.lib.nix-rice.palette.toRgbHex pkgs.rice.colorPalette; +in +{ + programs.zellij.enable = true; + + home.shellAliases."ze" = "zellij"; + + xdg.configFile."zellij/config.kdl".text = '' + theme "nix-rice" + pane_frames false + ''; + + xdg.configFile."zellij/themes/nix-rice.kdl".text = '' + themes { + nix-rice { + bg "${strPalette.primary.foreground}" + fg "${strPalette.primary.background}" + red "${strPalette.normal.red}" + black "${strPalette.normal.black}" + green "${strPalette.normal.green}" + yellow "${strPalette.normal.yellow}" + blue "${strPalette.normal.blue}" + magenta "${strPalette.normal.magenta}" + cyan "${strPalette.normal.cyan}" + white "${strPalette.normal.white}" + orange "${strPalette.bright.red}" + } + } + ''; +} +||||||| parent of 6c85a84 (Zellij) +======= +{ pkgs, ... }: +let + strPalette = pkgs.lib.nix-rice.palette.toRgbHex pkgs.rice.colorPalette; +in +{ + programs.zellij.enable = true; + + xdg.configFile."zellij/config.kdl".text = '' + theme "nix-rice" + pane_frames false + ''; + + xdg.configFile."zellij/themes/nix-rice.kdl".text = '' + themes { + nix-rice { + bg "${strPalette.primary.foreground}" + fg "${strPalette.primary.background}" + red "${strPalette.normal.red}" + black "${strPalette.normal.black}" + green "${strPalette.normal.green}" + yellow "${strPalette.normal.yellow}" + blue "${strPalette.normal.blue}" + magenta "${strPalette.normal.magenta}" + cyan "${strPalette.normal.cyan}" + white "${strPalette.normal.white}" + orange "${strPalette.bright.red}" + } + } + ''; +} +>>>>>>> 6c85a84 (Zellij) diff --git a/nixos_modules/garage.nix b/nixos_modules/garage.nix new file mode 100644 index 0000000..19b124c --- /dev/null +++ b/nixos_modules/garage.nix @@ -0,0 +1,34 @@ +{ config, ... }: { + services.garage = { + enable = true; + settings = { + db_engine = "lmdb"; + replication_mode = 1; + # rpc_secret = "1cd018fba0fe414cc179348ca4ccdda9811ab3ba5dd50bd3ffe31639e3b268d6"; + rpc_secret_file = config.age.secrets.garage_rpc_secret.path; + rpc_bind_addr = "[::]:3901"; + bootstrap_peers = [ + # "@loki.local:3901" + # "b84c2bc806c004a6d88b3bec92ce50916f150aa26278317b71bdba5b173a0a58@thor.local:3901" + ]; + + s3_api = { + api_bind_addr = "[::]:3900"; + s3_region = "garage"; + root_domain = ".s3.bertof.net"; + }; + + s3_web = { + bind_addr = "[::]:3902"; + root_domain = ".web.bertof.net"; + }; + + admin = { + api_bind_addr = "0.0.0.0:3903"; + # metrics_token = "72ad105afc44f30c189b2505f5583d3ea9be26a3e0a4730d48381b1ae4b70074"; + # admin_token = "05bf164fe1ce3ecc1dff8fb1e5b237331d24b109792be714738fa92b2d14213d"; + # trace_sink = "http://localhost:4317"; + }; + }; + }; +} diff --git a/odin/hm.nix b/odin/hm.nix index 91a00d1..21521cc 100644 --- a/odin/hm.nix +++ b/odin/hm.nix @@ -118,6 +118,7 @@ ../hm_modules/webapp.nix ../hm_modules/xidlehook.nix ../hm_modules/zathura.nix + ../hm_modules/zellij.nix ]; home.stateVersion = "22.05"; diff --git a/secrets/garage_rpc_secret.age b/secrets/garage_rpc_secret.age new file mode 100644 index 0000000..a64cefa --- /dev/null +++ b/secrets/garage_rpc_secret.age @@ -0,0 +1,27 @@ +age-encryption.org/v1 +-> ssh-ed25519 lC44xg ybzKpXRQo23+PTg7AY9PIxHBP7FPTo6Gx12jXVjbVhY +Ai6OPVbreRuACiHp/jEHX1YmPV8jqdIYj7JvooOlyrA +-> ssh-ed25519 2L7QNA /si6fQPefUzyHV3yu+RvQvLx2VzNgv8pQxVAOZ+G5Cw +WrHI3JWqwzjPhLJBiqWt7SCfTkEEqw7bhAzI4qmZMoQ +-> ssh-ed25519 sNAOqA 4zQM/QURU60hX8XVHx7uTjyntsQiee4ziaY4wSxvRl0 +ZhBAILCX+LH7n7mDxpBsF8Y0T992pdoKH+ftkl15WcA +-> ssh-ed25519 13iwjQ GSe5Da1jwgU7StVtp+tEJkJYRh1+pBu38PP4deKTrxs +UNcze1Eysj9gm8Mu6CeL4fa+NM+IInIZRpLI8XoS64E +-> ssh-ed25519 7MB20A 2gSqbzohCNga1Q03Iavj/Ei3H7pdC8sGs/fTY8mV9Ts +HwWXSlwEk8ZoYc6J8TXs3X9PpA60EnmgxyFgQe4PHSk +-> ssh-ed25519 IvyYug fUL/Cx1zW488tiD2rqawc4MEqAhANtIEr0NcHFJ06W0 +k8dCZcfalLHMw81WJHE1qrJWtu0UiTaHILkVVhmtv0g +-> ssh-ed25519 v7O/FA w4UdgXrSVbzlzfFe8S2md4Tjwj48Q9VV7isdqTBWrTs +HxogK5ulsVSsSVH61+k2FI+nOpcfdB7xBUT6AZQ46cE +-> ssh-ed25519 Wzv8ew 9uX05RmANJBqZVNU74XZoqokPY7lc72zvWBGdErucVU +r3cRa6Dow6eWUtw1uZAkiMz3dWrJxXiZWKUxUHQYdI4 +-> ssh-ed25519 XgC3XA nc+heMkkM6ZMFnsbt51n5hwMNX3fLFuQApLzS1tJFSM +z1Hezf+UWHbQV97K+M0sz1dQNsuSJkA9lzKT+48QOX8 +-> ssh-ed25519 l795CA iEOWKA2NACCN9nAawcQIYUp58k3qIFKyq8owlYKVs20 +Xn7hLdvyoRbJR/rtMe7XypyzarGTJZfc/QnzIWxgmWw +-> +-grease E(q +3syIk/GAKbMdZwddJkiAyEYEcvjBkkq9cCDr46+8Uyc/yL6gGwA22Vk//WBPtedJ +ay9NA7gENiUlUFkhakjYYPMqPJVFj2OhHIEIZLnwH5cyEYaOAw33 +--- BSVN4bd8Ya+YbvF/3ClvOxLvjY3nbVeHj139z/L0auM +u͘0yEPdlj`6^u? yR?l#ZV1dFݕ +IU z!(3yzM{%D; {u \ No newline at end of file diff --git a/secrets/nextcloud_admin_secret.age b/secrets/nextcloud_admin_secret.age new file mode 100644 index 0000000..5b07730 Binary files /dev/null and b/secrets/nextcloud_admin_secret.age differ diff --git a/secrets/nextcloud_bucket_secret.age b/secrets/nextcloud_bucket_secret.age new file mode 100644 index 0000000..2c50f98 Binary files /dev/null and b/secrets/nextcloud_bucket_secret.age differ diff --git a/secrets/secrets.nix b/secrets/secrets.nix index d51e2d2..bb39c46 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -4,7 +4,7 @@ let bertof_freya = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAg2XYk1zynb713ky1JRcmXMCbuEt41AoIEemtmvgV7p"; bertof_loki = - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK13mAQgkc8oTXj5VbGrwAJ3ragiZIG/WuVUdnVOnsu1"; + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF4R5yaOKWlmbnufhAeY8NronqGkwc253mstjPt44heM bertof@loki"; bertof_odin = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAhxOjo9Ac9hVd3eOR56F6sClUMUh1m7VpcmzA18dslj"; bertof_thor = @@ -26,4 +26,7 @@ in { # "oauth_proxy_client_credentials.age".publicKeys = users ++ systems; "spotify_password.age".publicKeys = users ++ systems; + "garage_rpc_secret.age".publicKeys = users ++ systems; + "nextcloud_admin_secret.age".publicKeys = users ++ systems; + "nextcloud_bucket_secret.age".publicKeys = users ++ systems; } diff --git a/secrets/spotify_password.age b/secrets/spotify_password.age index bd7873e..af11c95 100644 --- a/secrets/spotify_password.age +++ b/secrets/spotify_password.age @@ -1,27 +1,26 @@ age-encryption.org/v1 --> ssh-ed25519 lC44xg +5dYF6Tqqo+U547RevPMoife9Vkh0djnmIhpMkAwJH8 -8bz5Cx5WpNUnS4MQeSg6/zZrmrMknKDkRWULSjjdY4w --> ssh-ed25519 2L7QNA rtT/Li8vXcAwXDgDstIHuf1TyxcFnbq/grYGlurPaGs -UUsj46M35WK4gpDHcXABp2XZEUv/hmTVZ6gkhC6H9JM --> ssh-ed25519 cNZgxQ uDTG0JhJq9I8R2eykXwvAWHbTXwJDYekdqIVM4xu0lI -2FKO53M05T7b/qSsgLC9u7H2s591XbOi6Sw53NUXDgA --> ssh-ed25519 13iwjQ 8Ksy+jkRPFvdpzoNZQfFWefOoS+zZeMGQXA2AHpsZws -V2pp6PYuMvANXPYdF2rdPRNuMcoOL9jKNFMKx8dDP0A --> ssh-ed25519 7MB20A VXr5bxIiz5b77QgCMiFBWRD9BoXMcG8OTtiowHNGCXE -q3J8OpqA2hG3fBQNQgVRX0EpbqBF4vXD5mWEFIC0VWI --> ssh-ed25519 IvyYug Aggq9sBm+WXcGrnOTpXcyMboU0bOKqWWKOV+vnKiEW8 -27bVXEyUu+6K+q+uOK7Kst1Ap/sHngRjzdtIQJppwas --> ssh-ed25519 v7O/FA fyhjCEqvPevtNCakMZC3b+sC1tqKHb8DN4EX6kkW6EU -97mOdPqoqgsoLDCb4TS58iQl11mhWBdMLhv2KrU5lJg --> ssh-ed25519 Wzv8ew 8HwTlkcVQllpuQ2IOJEXm7ULskzru6QYKxtI2uzPjmg -BjHxuCDORfI1CLVl/bwavFiktcORfl5Y/U7zmd6/Gck --> ssh-ed25519 XgC3XA bv3KpMp0WdpiIAQf1ZtyR5YcM8BG2DPJq5aBvw/V72Q -MeSg/SJqOgQwAypfErX7bDUnkOS+j4qnjwztchoYLJE --> ssh-ed25519 l795CA 4w9zFHlFers1yB/ZIAaK4p6Fa/I/6xQcnt+zfgE2Pgg -6HetmoUXTRLBcWPis6NZQW2bpH8/TE2FpDBQWWwANEs --> GP7-grease lH1)!] >|, ry DLD*$c< -+jaIgDL4jtbrtjMtaQWOlfTwdMQwVeWBO1sEkoRP ---- Z7fL3vF48UW9qXbomtkBhI2CZUg2u2Fa43DptEci3i0 -HWĘ ' -/Vi -|U=R)rG@I.>{6( \ No newline at end of file +-> ssh-ed25519 lC44xg Gu2a4bBme7wzv8OHEIyRmvyZ0QHLPEHXuf58YGrDsDM +LiIN1QNhgUuPexUUcuZjUHTRUHL+2no7SkYp5+UgIDI +-> ssh-ed25519 2L7QNA pCkz1K5J48W9spryk7R10Czq13C9y0nXSr1sqqmKsU8 +mCVZWpAMKh07YdrBDlti0z4Gl7ciphUn7izbzvqAV0I +-> ssh-ed25519 sNAOqA LT2C3WVmw22wFWKv9Q+JKtoEn51uNfbcfbjHSpTXjRs +OhQv/ssw88QbasdvinuOM7xVmYtFFm3dDKND5oJW9ic +-> ssh-ed25519 13iwjQ vjvgYAeMOSrXHF792LAN2vgHnNchWSfl3dgntFB77Bc +NLp2HNMl8YMNzKCpMAf5R6+yskq+YEyB+z57kECZkcI +-> ssh-ed25519 7MB20A 9Y8MaGIHSjuY/wgyENMtcm1mm+7ykvJXfbZuhdbADV8 +rkj2t4HaUltGvg5t2lwoxj43FqkhVAd2O7FNub8ReOU +-> ssh-ed25519 IvyYug vXETZBXjzQHgP3R4O3CyetLWCGlc+vaD6mmuvAfq5D0 +vbVvSvQwDJ/+IyPX/IY67DjYZ7mQboK3gpnsid0LYKA +-> ssh-ed25519 v7O/FA R4Ruac52xVswdW+kDauFeWq9k88N3o5Rop9HT62/SkY +2HbAe6y0/b78TDtO1LmN5Sjx5jx7BOLJzuGwtS8MdeQ +-> ssh-ed25519 Wzv8ew nVmadpPRxk99IZK7ZgzJgWOFXKnp3uIqbIa/JF0PAm4 +FrNKzTxR1QQQaZF8jIe4ZVscEQ50I4ZKKPEWDKJXSL8 +-> ssh-ed25519 XgC3XA XP3+BgBK2X0AVNkJR1Dof3dZJxpeYm8X6aeCbqVofEY +L1De6mLmlB+00XIhrsVKU1CDiAuPgo1VRp/VPodzF8o +-> ssh-ed25519 l795CA bG/zMcTC7s9QEu/M/eFh9ZNlUO1rs/M9Vo03NrIhYXY +71XRh4maIrge6IqLqk3bD2Pa5yzOnZLLg1q8cyzU4To +-> WPjB}A-grease 7 '}kH |)%1tw1qA'|60 \ No newline at end of file diff --git a/thor/hm.nix b/thor/hm.nix index 2f9e8df..8b16e43 100644 --- a/thor/hm.nix +++ b/thor/hm.nix @@ -107,6 +107,7 @@ ../hm_modules/webapp.nix ../hm_modules/xidlehook.nix ../hm_modules/zathura.nix + ../hm_modules/zellij.nix ]; home.stateVersion = "22.11";