From d8d6ccb53b36d4389900c4c3c9d54ef3bf922277 Mon Sep 17 00:00:00 2001 From: Devin Finlinson Date: Sun, 3 Mar 2024 22:01:15 -0700 Subject: libvirtd --- machines/doretta/configuration.nix | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/machines/doretta/configuration.nix b/machines/doretta/configuration.nix index e911cf3..cee39ed 100644 --- a/machines/doretta/configuration.nix +++ b/machines/doretta/configuration.nix @@ -16,6 +16,10 @@ networking.hostName = "doretta"; # Define your hostname. + virtualisation.libvirtd = { + enable = true; + }; + # Set your time zone. time.timeZone = "US/Mountain"; @@ -43,7 +47,6 @@ environment.systemPackages = with pkgs; [ qemu - libvirt ]; # Some programs need SUID wrappers, can be configured further or are -- cgit v1.2.3 From b3f5e3f3f2670d54097f0e20f50be3200b6dc689 Mon Sep 17 00:00:00 2001 From: Devin Finlinson Date: Fri, 5 Apr 2024 14:41:14 -0600 Subject: add cava for gui systems --- home-manager/home.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/home-manager/home.nix b/home-manager/home.nix index c10863d..73f99f9 100644 --- a/home-manager/home.nix +++ b/home-manager/home.nix @@ -56,6 +56,7 @@ yakuake pass btop + cava helvum filelight easyeffects -- cgit v1.2.3 From 82a1220a1d603e6f0beab8622da9ae23a882d719 Mon Sep 17 00:00:00 2001 From: Devin Finlinson Date: Fri, 5 Apr 2024 15:08:51 -0600 Subject: make cgit service to host public git repos on bosco --- flake.nix | 1 + modules/nixos/cgit.nix | 15 +++++++++++++++ 2 files changed, 16 insertions(+) create mode 100644 modules/nixos/cgit.nix diff --git a/flake.nix b/flake.nix index d3f90a2..fb58897 100644 --- a/flake.nix +++ b/flake.nix @@ -274,6 +274,7 @@ ./modules/nixos/nix-common.nix ./modules/nixos/environment.nix ./modules/nixos/tailscale.nix + ./modules/nixos/cgit.nix ./modules/nixos/system-packages.nix ./modules/users/defin.nix ./modules/users/root.nix diff --git a/modules/nixos/cgit.nix b/modules/nixos/cgit.nix new file mode 100644 index 0000000..fc331ec --- /dev/null +++ b/modules/nixos/cgit.nix @@ -0,0 +1,15 @@ +{ ... } : { # This is for hosting on bosco + services.cgit = { + bosco-git = { + enable = true; + nginx.location = "/git/"; + nginx.virtualHost = "git.myrmexia.xyz"; + repos = { + nixos-flake = { + desc = "A public repo for viewing my nixos config."; + path = "/srv/git/.flake.git"; + }; + }; + }; + }; +} -- cgit v1.2.3 From 9e1534000eb3ea9f993e33e1ba12a933c029cf34 Mon Sep 17 00:00:00 2001 From: Devin Finlinson Date: Fri, 5 Apr 2024 15:15:40 -0600 Subject: fix path for bat theme --- modules/home-manager/bat.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/home-manager/bat.nix b/modules/home-manager/bat.nix index 3a06076..978235c 100644 --- a/modules/home-manager/bat.nix +++ b/modules/home-manager/bat.nix @@ -7,7 +7,7 @@ theme = "catppuccin-mocha"; }; themes = { - catppuccin-mocha = builtins.readFile "${inputs.catppuccin-bat}/Catppuccin-mocha.tmTheme"; + catppuccin-mocha = builtins.readFile "${inputs.catppuccin-bat}/themes/Catppuccin mocha.tmTheme"; }; }; } -- cgit v1.2.3 From 7b1b713faf2e7bb3f6e505f5ed9889d380e1163e Mon Sep 17 00:00:00 2001 From: Devin Finlinson Date: Fri, 5 Apr 2024 15:43:14 -0600 Subject: update --- flake.lock | 66 +++++++++++++++++++++++++++++++------------------------------- 1 file changed, 33 insertions(+), 33 deletions(-) diff --git a/flake.lock b/flake.lock index 6fc9749..6cbd39b 100644 --- a/flake.lock +++ b/flake.lock @@ -67,11 +67,11 @@ "catppuccin-helix": { "flake": false, "locked": { - "lastModified": 1710265230, - "narHash": "sha256-ImrgF7xKD4gMBLI6m5CLChJEW82+nLJ2fVsPeZ58VVE=", + "lastModified": 1711793543, + "narHash": "sha256-8d+cGlyW0vurrww0vPETCr077JHibUQTpnTUOLjeObs=", "owner": "catppuccin", "repo": "helix", - "rev": "4bf31e995ead4e5f6e8cd4a08ea0497f1d35695b", + "rev": "0164c4ca888084df4f511da22c6a0a664b5061d2", "type": "github" }, "original": { @@ -83,11 +83,11 @@ "catppuccin-hyprland": { "flake": false, "locked": { - "lastModified": 1702668781, - "narHash": "sha256-9BhZq9J1LmHfAPBqOr64chiAEzS+YV6zqe9ma95V3no=", + "lastModified": 1712161758, + "narHash": "sha256-XTqpmucOeHUgSpXQ0XzbggBFW+ZloRD/3mFhI+Tq4O8=", "owner": "catppuccin", "repo": "hyprland", - "rev": "fc228737d3d0c12e34a7fa155a0fc3192e5e4017", + "rev": "b57375545f5da1f7790341905d1049b1873a8bb3", "type": "github" }, "original": { @@ -119,11 +119,11 @@ ] }, "locked": { - "lastModified": 1706981411, - "narHash": "sha256-cLbLPTL1CDmETVh4p0nQtvoF+FSEjsnJTFpTxhXywhQ=", + "lastModified": 1710888565, + "narHash": "sha256-s9Hi4RHhc6yut4EcYD50sZWRDKsugBJHSbON8KFwoTw=", "owner": "nix-community", "repo": "home-manager", - "rev": "652fda4ca6dafeb090943422c34ae9145787af37", + "rev": "f33900124c23c4eca5831b9b5eb32ea5894375ce", "type": "github" }, "original": { @@ -146,11 +146,11 @@ ] }, "locked": { - "lastModified": 1710257359, - "narHash": "sha256-43re5pzE/cswFAgw92/ugsB3+d5ufDaCcLtl9ztKfBo=", + "lastModified": 1711466786, + "narHash": "sha256-sArxGyUBiCA1in+q6t0QqT+ZJiZ1PyBp7cNPKLmREM0=", "owner": "hyprwm", "repo": "hyprcursor", - "rev": "1761f6cefd77f4fcd2039d930c88d6716ddc4974", + "rev": "d3876f34779cc03ee51e4aafc0d00a4f187c7544", "type": "github" }, "original": { @@ -172,11 +172,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1710816831, - "narHash": "sha256-8PyLk/gfMo4asjbqsoXw1I3zfnkCPSSX0r6UCJP3ctw=", + "lastModified": 1712348608, + "narHash": "sha256-iyS1dSTknppuJP+S9dLmOJctRO3aENWIHuMtid3dJ1A=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "05c84304ccb1169b550504830139e07e28500a3b", + "rev": "dab149e4a6291dd412b594c0faba2c44f9a74263", "type": "github" }, "original": { @@ -245,11 +245,11 @@ ] }, "locked": { - "lastModified": 1709914708, - "narHash": "sha256-bR4o3mynoTa1Wi4ZTjbnsZ6iqVcPGriXp56bZh5UFTk=", + "lastModified": 1711250455, + "narHash": "sha256-LSq1ZsTpeD7xsqvlsepDEelWRDtAhqwetp6PusHXJRo=", "owner": "hyprwm", "repo": "hyprlang", - "rev": "a685493fdbeec01ca8ccdf1f3655c044a8ce2fe2", + "rev": "b3e430f81f3364c5dd1a3cc9995706a4799eb3fa", "type": "github" }, "original": { @@ -279,11 +279,11 @@ }, "nixlib": { "locked": { - "lastModified": 1710636348, - "narHash": "sha256-/kB+ZWSdkZjbZ0FTqm0u84sf2jFS+30ysaEajmBjtoY=", + "lastModified": 1711846064, + "narHash": "sha256-cqfX0QJNEnge3a77VnytM0Q6QZZ0DziFXt6tSCV8ZSc=", "owner": "nix-community", "repo": "nixpkgs.lib", - "rev": "fa827dda806c5aa98f454da4c567991ab8ce422c", + "rev": "90b1a963ff84dc532db92f678296ff2499a60a87", "type": "github" }, "original": { @@ -300,11 +300,11 @@ ] }, "locked": { - "lastModified": 1710722910, - "narHash": "sha256-P5p9+WQFuABoBXBKEK1ZYu8mD6q8j/cQwZ9OYb0oh2E=", + "lastModified": 1712191720, + "narHash": "sha256-xXtSSnVHURHsxLQO30dzCKW5NJVGV/umdQPmFjPFMVA=", "owner": "nix-community", "repo": "nixos-generators", - "rev": "e63df01c798b99a76dc2ec25481be7dd25cd1610", + "rev": "0c15e76bed5432d7775a22e8d22059511f59d23a", "type": "github" }, "original": { @@ -315,11 +315,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1710695816, - "narHash": "sha256-3Eh7fhEID17pv9ZxrPwCLfqXnYP006RKzSs0JptsN84=", + "lastModified": 1712168706, + "narHash": "sha256-XP24tOobf6GGElMd0ux90FEBalUtw6NkBSVh/RlA6ik=", "owner": "nixos", "repo": "nixpkgs", - "rev": "614b4613980a522ba49f0d194531beddbb7220d3", + "rev": "1487bdea619e4a7a53a4590c475deabb5a9d1bfb", "type": "github" }, "original": { @@ -346,11 +346,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1710631334, - "narHash": "sha256-rL5LSYd85kplL5othxK5lmAtjyMOBg390sGBTb3LRMM=", + "lastModified": 1712163089, + "narHash": "sha256-Um+8kTIrC19vD4/lUCN9/cU9kcOsD1O1m+axJqQPyMM=", "owner": "nixos", "repo": "nixpkgs", - "rev": "c75037bbf9093a2acb617804ee46320d6d1fea5a", + "rev": "fd281bd6b7d3e32ddfa399853946f782553163b5", "type": "github" }, "original": { @@ -363,11 +363,11 @@ "nushell-scripts": { "flake": false, "locked": { - "lastModified": 1710829462, - "narHash": "sha256-RsyZL5TZjrLutcPxDy2jgC1kq6PN3CSwEczdzTXK5PU=", + "lastModified": 1712178643, + "narHash": "sha256-aQBCDSN9d4t1A+5ItQtaS6cOUt6sN26NKoi5Yb0062o=", "owner": "doolphin", "repo": "nu_scripts", - "rev": "6bcf652c02465de388ec41706a8e58c940f2dc5b", + "rev": "7dff4c44724a6a511178d319a950688a274204a1", "type": "github" }, "original": { -- cgit v1.2.3 From 6b343997573f932ac3d258f1f8d7606f68ca5602 Mon Sep 17 00:00:00 2001 From: Devin Finlinson Date: Fri, 5 Apr 2024 23:36:44 +0000 Subject: testing change in nginx virtualhost name for port conflict with caddy --- modules/nixos/cgit.nix | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/modules/nixos/cgit.nix b/modules/nixos/cgit.nix index fc331ec..7be2fdc 100644 --- a/modules/nixos/cgit.nix +++ b/modules/nixos/cgit.nix @@ -1,9 +1,13 @@ -{ ... } : { # This is for hosting on bosco +{ config, ... } : { # This is for hosting on bosco services.cgit = { bosco-git = { enable = true; nginx.location = "/git/"; - nginx.virtualHost = "git.myrmexia.xyz"; + nginx.virtualHost = "git.myrmexia.xyz:8081"; + settings = { + enable-commit-graph = 1; + enable-http-clone = 0; + }; repos = { nixos-flake = { desc = "A public repo for viewing my nixos config."; @@ -11,5 +15,11 @@ }; }; }; + # caddy = { + # enable = true; + # email = "devin.finlinson@pm.me"; + # virtualhosts."git.myrmexia.xyz".extraConfig = '' + # reverse_proxy http://localhost:${toString config.services.cgit.port} '' + # }; }; } -- cgit v1.2.3 From 70fa9682c8c6357733b646950405458b154dc675 Mon Sep 17 00:00:00 2001 From: Devin Finlinson Date: Fri, 5 Apr 2024 23:49:56 +0000 Subject: trying to change port for cgit nginx --- modules/nixos/cgit.nix | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/modules/nixos/cgit.nix b/modules/nixos/cgit.nix index 7be2fdc..f3a793f 100644 --- a/modules/nixos/cgit.nix +++ b/modules/nixos/cgit.nix @@ -3,7 +3,7 @@ bosco-git = { enable = true; nginx.location = "/git/"; - nginx.virtualHost = "git.myrmexia.xyz:8081"; + nginx.virtualHost = "git.myrmexia.xyz"; settings = { enable-commit-graph = 1; enable-http-clone = 0; @@ -15,11 +15,14 @@ }; }; }; + }; + services.nginx.virtualHosts."git.myrmexia.xyz" = { + listen.*.port = 8081; + }; # caddy = { # enable = true; # email = "devin.finlinson@pm.me"; # virtualhosts."git.myrmexia.xyz".extraConfig = '' # reverse_proxy http://localhost:${toString config.services.cgit.port} '' # }; - }; } -- cgit v1.2.3 From bc0454ced069ffa5713dd62c92b11554981dd8ed Mon Sep 17 00:00:00 2001 From: Devin Finlinson Date: Fri, 5 Apr 2024 23:56:00 +0000 Subject: test format change for listen port --- modules/nixos/cgit.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/modules/nixos/cgit.nix b/modules/nixos/cgit.nix index f3a793f..0cf6a09 100644 --- a/modules/nixos/cgit.nix +++ b/modules/nixos/cgit.nix @@ -17,8 +17,9 @@ }; }; services.nginx.virtualHosts."git.myrmexia.xyz" = { - listen.*.port = 8081; + listen.port = 8081; }; + # services.nginx.defaultHTTPListenPort # caddy = { # enable = true; # email = "devin.finlinson@pm.me"; -- cgit v1.2.3 From 368fc550688241d0dfabdf9510424263bd47ff7b Mon Sep 17 00:00:00 2001 From: Devin Finlinson Date: Fri, 5 Apr 2024 23:59:07 +0000 Subject: runnning bad fix for now --- modules/nixos/cgit.nix | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/modules/nixos/cgit.nix b/modules/nixos/cgit.nix index 0cf6a09..402200c 100644 --- a/modules/nixos/cgit.nix +++ b/modules/nixos/cgit.nix @@ -16,10 +16,13 @@ }; }; }; - services.nginx.virtualHosts."git.myrmexia.xyz" = { - listen.port = 8081; - }; - # services.nginx.defaultHTTPListenPort + # services.nginx.virtualHosts."git.myrmexia.xyz" = { + # listen.port = 8081; + # }; + + # this solution is extremely hacky as it changes nginx system defaults instead of virtual host default + #TODO: fix + services.nginx.defaultHTTPListenPort = 8081; # caddy = { # enable = true; # email = "devin.finlinson@pm.me"; -- cgit v1.2.3 From d72eeae5b42165ab97e2f12cee6aeab008b898c1 Mon Sep 17 00:00:00 2001 From: Devin Finlinson Date: Sat, 6 Apr 2024 01:24:41 +0000 Subject: more failed cgit experiments --- modules/nixos/cgit.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/modules/nixos/cgit.nix b/modules/nixos/cgit.nix index 402200c..ce08052 100644 --- a/modules/nixos/cgit.nix +++ b/modules/nixos/cgit.nix @@ -1,9 +1,9 @@ { config, ... } : { # This is for hosting on bosco services.cgit = { - bosco-git = { + "git.myrmexia.xyz" = { enable = true; nginx.location = "/git/"; - nginx.virtualHost = "git.myrmexia.xyz"; + # nginx.virtualHost = "git.myrmexia.xyz"; settings = { enable-commit-graph = 1; enable-http-clone = 0; @@ -16,8 +16,8 @@ }; }; }; - # services.nginx.virtualHosts."git.myrmexia.xyz" = { - # listen.port = 8081; + # services.nginx.virtualHosts."git.myrmexia.xyz".listen.port = 8081; + # listen.port = 8081; # }; # this solution is extremely hacky as it changes nginx system defaults instead of virtual host default -- cgit v1.2.3 From 1e53f46930b7aa410858c3bc228caaf1726547e7 Mon Sep 17 00:00:00 2001 From: Devin Finlinson Date: Sat, 6 Apr 2024 13:11:56 -0600 Subject: man colors should work with this bat theme --- modules/home-manager/bat.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/home-manager/bat.nix b/modules/home-manager/bat.nix index 13e8e6d..b54677f 100644 --- a/modules/home-manager/bat.nix +++ b/modules/home-manager/bat.nix @@ -4,6 +4,7 @@ enable = true; config = { pager = "less -FR"; + theme = "Solarized (dark)"; # theme = "catppuccin-mocha"; }; # themes = { -- cgit v1.2.3 From aa3f255a408ae189ec88b76e7c7313d5d8718cef Mon Sep 17 00:00:00 2001 From: Devin Finlinson Date: Sat, 6 Apr 2024 13:13:22 -0600 Subject: cleaning declarations --- modules/nixos/headscale.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/nixos/headscale.nix b/modules/nixos/headscale.nix index 261dd52..d56785f 100644 --- a/modules/nixos/headscale.nix +++ b/modules/nixos/headscale.nix @@ -1,4 +1,4 @@ -{config, pkgs, ...}: +{config, ...}: let domain = "myrmexia.xyz"; subDomain = "bosco.${domain}"; -- cgit v1.2.3 From a60472b7b010295843a6c0b91305a25624f2edee Mon Sep 17 00:00:00 2001 From: Devin Finlinson Date: Sat, 6 Apr 2024 13:38:30 -0600 Subject: add key for remote build --- modules/users/defin.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/modules/users/defin.nix b/modules/users/defin.nix index 139845f..eab36bb 100644 --- a/modules/users/defin.nix +++ b/modules/users/defin.nix @@ -22,6 +22,8 @@ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHXrt3+N4+ahtXZCUn11evQsVGsGgAohGwafC29/a4fk defin@Radahn" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICkGcmYIYCe6GHsZZvnXqsedF0wn+AhGSr+RPJtUO/kl defin@khad" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEaMYXO9ghATyUPzyE7aD/XVVmK9UAexueoGEYAqPT4L defin@kebab" + #unlocked keys for remote build + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHslJRD5+7rytlVDzeZh6B/4XW8QWQ5dsWWDBbOXKTrJ defin@zenbook" ]; }; }; -- cgit v1.2.3 From 04275d7faa164d960801548e74d648f89b62ac3c Mon Sep 17 00:00:00 2001 From: Devin Finlinson Date: Sat, 6 Apr 2024 13:57:24 -0600 Subject: trying another key --- modules/users/defin.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/users/defin.nix b/modules/users/defin.nix index eab36bb..393a718 100644 --- a/modules/users/defin.nix +++ b/modules/users/defin.nix @@ -24,6 +24,7 @@ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEaMYXO9ghATyUPzyE7aD/XVVmK9UAexueoGEYAqPT4L defin@kebab" #unlocked keys for remote build "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHslJRD5+7rytlVDzeZh6B/4XW8QWQ5dsWWDBbOXKTrJ defin@zenbook" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFstzru5ItF3ZhAAR4B8+iTZfGztbbMsKh01Y/K8lg+Q defin@zenbook" ]; }; }; -- cgit v1.2.3 From c34b0520c2cf21f476bbf4a7702648b71561f184 Mon Sep 17 00:00:00 2001 From: Devin Finlinson Date: Sat, 6 Apr 2024 14:00:23 -0600 Subject: made a root key --- modules/users/defin.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/users/defin.nix b/modules/users/defin.nix index 393a718..6f22dcd 100644 --- a/modules/users/defin.nix +++ b/modules/users/defin.nix @@ -23,6 +23,7 @@ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICkGcmYIYCe6GHsZZvnXqsedF0wn+AhGSr+RPJtUO/kl defin@khad" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEaMYXO9ghATyUPzyE7aD/XVVmK9UAexueoGEYAqPT4L defin@kebab" #unlocked keys for remote build + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINUdE8ETBYb9Is4BVekdgC5wStzcnWilSRhDmwp0vSX9 root@zenbook" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHslJRD5+7rytlVDzeZh6B/4XW8QWQ5dsWWDBbOXKTrJ defin@zenbook" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFstzru5ItF3ZhAAR4B8+iTZfGztbbMsKh01Y/K8lg+Q defin@zenbook" ]; -- cgit v1.2.3 From 40b26850c3cbafaba54e025be24667dfe20a8288 Mon Sep 17 00:00:00 2001 From: Devin Finlinson Date: Sat, 6 Apr 2024 14:06:07 -0600 Subject: testing no root keys --- modules/users/defin.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/modules/users/defin.nix b/modules/users/defin.nix index 6f22dcd..393a718 100644 --- a/modules/users/defin.nix +++ b/modules/users/defin.nix @@ -23,7 +23,6 @@ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICkGcmYIYCe6GHsZZvnXqsedF0wn+AhGSr+RPJtUO/kl defin@khad" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEaMYXO9ghATyUPzyE7aD/XVVmK9UAexueoGEYAqPT4L defin@kebab" #unlocked keys for remote build - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINUdE8ETBYb9Is4BVekdgC5wStzcnWilSRhDmwp0vSX9 root@zenbook" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHslJRD5+7rytlVDzeZh6B/4XW8QWQ5dsWWDBbOXKTrJ defin@zenbook" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFstzru5ItF3ZhAAR4B8+iTZfGztbbMsKh01Y/K8lg+Q defin@zenbook" ]; -- cgit v1.2.3 From 1fa49f495753b6fa90be67633b9f1ceff121ebad Mon Sep 17 00:00:00 2001 From: Devin Finlinson Date: Sat, 6 Apr 2024 14:07:46 -0600 Subject: root can't user user keys even with no passphrase --- modules/users/defin.nix | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/modules/users/defin.nix b/modules/users/defin.nix index 393a718..b88fe2e 100644 --- a/modules/users/defin.nix +++ b/modules/users/defin.nix @@ -23,8 +23,7 @@ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICkGcmYIYCe6GHsZZvnXqsedF0wn+AhGSr+RPJtUO/kl defin@khad" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEaMYXO9ghATyUPzyE7aD/XVVmK9UAexueoGEYAqPT4L defin@kebab" #unlocked keys for remote build - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHslJRD5+7rytlVDzeZh6B/4XW8QWQ5dsWWDBbOXKTrJ defin@zenbook" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFstzru5ItF3ZhAAR4B8+iTZfGztbbMsKh01Y/K8lg+Q defin@zenbook" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINUdE8ETBYb9Is4BVekdgC5wStzcnWilSRhDmwp0vSX9 root@zenbook" ]; }; }; -- cgit v1.2.3 From 1d378703dae7171ea97e8b981adffc4b64f02ed5 Mon Sep 17 00:00:00 2001 From: Devin Finlinson Date: Sat, 6 Apr 2024 15:12:23 -0600 Subject: add builders group to nix truster users --- modules/users/defin.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/users/defin.nix b/modules/users/defin.nix index b88fe2e..b52ebe6 100644 --- a/modules/users/defin.nix +++ b/modules/users/defin.nix @@ -28,6 +28,7 @@ }; }; + nix.settings.trusted-users = [ "@builders" ]; # I can't think of a better spot to put this rn. services.openssh = { ports = [ 22 2200 ]; # needed because isp blocks ssh over 22 -- cgit v1.2.3 From 2d703cf9809eb1e008e1c3af37651cab90696ab0 Mon Sep 17 00:00:00 2001 From: Devin Finlinson Date: Sat, 6 Apr 2024 15:19:29 -0600 Subject: enable doretta ssh auth for build server --- machines/doretta/configuration.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/machines/doretta/configuration.nix b/machines/doretta/configuration.nix index cee39ed..b29289e 100644 --- a/machines/doretta/configuration.nix +++ b/machines/doretta/configuration.nix @@ -16,6 +16,8 @@ networking.hostName = "doretta"; # Define your hostname. + security.pam.enableSSHAgentAuth = true; + virtualisation.libvirtd = { enable = true; }; -- cgit v1.2.3 From e458ce87743db6a3d4ae69112deb864542b8edda Mon Sep 17 00:00:00 2001 From: Devin Finlinson Date: Sat, 6 Apr 2024 15:21:56 -0600 Subject: ssh agent auth for all systems test --- modules/users/defin.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/users/defin.nix b/modules/users/defin.nix index b52ebe6..af7e0cb 100644 --- a/modules/users/defin.nix +++ b/modules/users/defin.nix @@ -29,6 +29,7 @@ }; nix.settings.trusted-users = [ "@builders" ]; + security.pam.enableSSHAgentAuth = true; # I can't think of a better spot to put this rn. services.openssh = { ports = [ 22 2200 ]; # needed because isp blocks ssh over 22 -- cgit v1.2.3 From c40e52fffc7202ba86e6c1ab478989d9dd10eabc Mon Sep 17 00:00:00 2001 From: Devin Finlinson Date: Sat, 6 Apr 2024 15:34:30 -0600 Subject: switch to locked key --- modules/users/defin.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/users/defin.nix b/modules/users/defin.nix index af7e0cb..9d38f7b 100644 --- a/modules/users/defin.nix +++ b/modules/users/defin.nix @@ -22,8 +22,8 @@ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHXrt3+N4+ahtXZCUn11evQsVGsGgAohGwafC29/a4fk defin@Radahn" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICkGcmYIYCe6GHsZZvnXqsedF0wn+AhGSr+RPJtUO/kl defin@khad" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEaMYXO9ghATyUPzyE7aD/XVVmK9UAexueoGEYAqPT4L defin@kebab" - #unlocked keys for remote build - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINUdE8ETBYb9Is4BVekdgC5wStzcnWilSRhDmwp0vSX9 root@zenbook" + # keys for remote build + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPLx3RgUgbE7THS7hRZypyudEKffj0ppwQfQuxIpPf8H root@zenbook" ]; }; }; -- cgit v1.2.3 From a94cd3d5a3762e810cbdc629fd1072f669afc3ee Mon Sep 17 00:00:00 2001 From: Devin Finlinson Date: Sun, 7 Apr 2024 00:01:24 +0000 Subject: i just needed to open the port for cgit --- modules/nixos/cgit.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/nixos/cgit.nix b/modules/nixos/cgit.nix index ce08052..177158a 100644 --- a/modules/nixos/cgit.nix +++ b/modules/nixos/cgit.nix @@ -29,4 +29,5 @@ # virtualhosts."git.myrmexia.xyz".extraConfig = '' # reverse_proxy http://localhost:${toString config.services.cgit.port} '' # }; + networking.firewall.allowedTCPPorts = [8081]; } -- cgit v1.2.3