feat: add scadspc25 as host

This commit is contained in:
Moritz Böhme 2023-07-21 11:23:52 +02:00
parent 2e4ac37bc6
commit 1433a539a5
14 changed files with 218 additions and 63 deletions

View file

@ -0,0 +1,71 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running `nixos-help`).
{ config, pkgs, ... }:
{
imports =
[
# Include the results of the hardware scan.
./hardware-configuration.nix
];
my = {
yubikey.luksSupport.enable = false;
profiles = {
desktop.enable = true;
webis.enable = true;
};
programs.hyprland.keyboardLayouts = [ "us" "de" ];
};
# Use the systemd-boot EFI boot loader.
boot.loader.grub.enable = true;
boot.loader.grub.device = "nodev";
boot.loader.grub.efiSupport = true;
boot.loader.efi.canTouchEfiVariables = true;
networking.hostName = "scadspc25"; # Define your hostname.
networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
# Set your time zone.
time.timeZone = "Europe/Berlin";
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
environment.systemPackages = with pkgs; [
vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
wget
];
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
# programs.gnupg.agent = {
# enable = true;
# enableSSHSupport = true;
# };
# List services that you want to enable:
# Enable the OpenSSH daemon.
# services.openssh.enable = true;
# Copy the NixOS configuration file and link it from the resulting system
# (/run/current-system/configuration.nix). This is useful in case you
# accidentally delete configuration.nix.
# system.copySystemConfiguration = true;
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. It's perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.05"; # Did you read the comment?
}

View file

@ -0,0 +1,72 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" "sr_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{
device = "/dev/disk/by-uuid/cfc2d232-f833-4ecf-8098-fe805afd390d";
fsType = "btrfs";
options = [ "subvol=root" "compress=zstd" "noatime" ];
};
fileSystems."/home" =
{
device = "/dev/disk/by-uuid/cfc2d232-f833-4ecf-8098-fe805afd390d";
fsType = "btrfs";
options = [ "subvol=home" "compress=zstd" "noatime" ];
};
fileSystems."/nix" =
{
device = "/dev/disk/by-uuid/cfc2d232-f833-4ecf-8098-fe805afd390d";
fsType = "btrfs";
options = [ "subvol=nix" "compress=zstd" "noatime" ];
};
fileSystems."/var/log" =
{
device = "/dev/disk/by-uuid/cfc2d232-f833-4ecf-8098-fe805afd390d";
fsType = "btrfs";
options = [ "subvol=log" "compress=zstd" "noatime" ];
};
fileSystems."/snapshots" =
{
device = "/dev/disk/by-uuid/cfc2d232-f833-4ecf-8098-fe805afd390d";
fsType = "btrfs";
options = [ "subvol=snapshots" "compress=zstd" "noatime" ];
};
fileSystems."/boot" =
{
device = "/dev/disk/by-uuid/3B2B-63DB";
fsType = "vfat";
};
swapDevices =
[{ device = "/dev/disk/by-uuid/c08ff6b6-d6e2-4620-95fc-6c20b04c7363"; }];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.eno1.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp0s20f3.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

View file

@ -0,0 +1 @@
"x86_64-linux"

View file

@ -70,7 +70,6 @@ in
fish.enable = true; fish.enable = true;
git.enable = true; git.enable = true;
gpg.enable = true; gpg.enable = true;
navi.enable = true;
nix = { nix = {
gc.enable = true; gc.enable = true;
optimise.enable = true; optimise.enable = true;

View file

@ -1,16 +1,19 @@
age-encryption.org/v1 age-encryption.org/v1
-> ssh-ed25519 CjuqfA vQgqFrMrdEi4vwNj9qSLO9YVBTpY5OSMoRzH+Wk19lw -> ssh-ed25519 CjuqfA G27Yt1FyurlWFuq0397PV2+bivdRG0X//CfFqrSR2Qc
GkYkh9FisOcAREJe+CW3gftgWunKH1V7N/hm4l2n2BM n31SgYLmCGlAsSIpOr/UwQupt92qh5ONU5n4xOGfeJU
-> ssh-ed25519 QRYDmg pRNoHHxbQ7p6bzanDmakpHGc06EVqB8TSn+X7+4fbm8 -> ssh-ed25519 QRYDmg T36WQmcOabBJRDC18gIwEg+wHOs2k2a+ti4VKE9H+RQ
O2rpt/OVbGKKzEnGVlMnOhyJaqsMQdeB5ZxjfKf9BNc A8hj7izomU3eGEb7ML3EVZYaqvhQ5ZSHcb/EM2QnBa0
-> ssh-ed25519 wG6LYg 2aXp/3oo9BbOg7vBHnSPwDY9ycuJHA68Uf6Q9afYmA8 -> ssh-ed25519 wG6LYg weF/pK+Xxh5Kxt/JTXAd/YXkTibD6yGnewOloDWfszE
vd+yYpAqiDYMVIGvJmGD6T6Inwo64dYMRwq4n8kqV7E VpUC74mIThmgieN5cfljgFl3Os7SQ/HG9iA/nhUdORY
-> ssh-ed25519 ZYd7Zg c/egc/Me5k/RirfanQY/Qq3Fhdm7q67lUL7SzpBp9Tk -> ssh-ed25519 ZYd7Zg TRuhGwA6YOxJjodDMhyQm6JiInbIwnSO86Vptoj+lGc
81ubfNCPJOtbo82iKmB/Tq3jgUntKnAQQy+JuiZkeTo sknbCE94iTQwnwjWPpsbRUKAEqTSY82rXS/17bRXt0E
-> ssh-ed25519 as9VYQ 6g/5nmOnTK9BWF0bLpk58OGb5iLMaJpNvg955iY5qhs -> ssh-ed25519 as9VYQ oqaIVShntZXxqkkZP7Mg+Je3k0OvNWVH+6sbsu1Zlgc
jWt7sv4r5n5x5zJRvmWuP9moVzqmro8jHrnAIUjH+vU gSd1Ecv5gNGxRZjsFYkcIDlJ+uv9ubZn8pgo56GrOHg
-> wn7ow-grease /PE|\ M5 3a3-e/J+ hv7j2 -> ssh-ed25519 dWIbQQ hNi/nS5QeE+MPUYvb94XwoN+GOuinzgc2QU/v2+VhkQ
fPDfe6t5LKX5MmidzQkudoyFfF+GuUHIhtfz7DTyTAEczkqOCSUGvpGmgR5wckMK L3p7rRv64DvD+VX7kad7B15kuDCQMxVB+ZE91mJYv74
rPUibrMFHW0 -> @l~.-grease m4vSyUw1
--- ivXm5PXqcdPjqMKGTRTasnf0zgaLc1QovA6gmxPEGQQ xxt67nUfB58sf7oOIxzYCoiiqX/E4yJQmdJt3tVZ6FHyqNfU7SxrInaFDppl9tiW
žô0ÆTÊë`‰Ý“N“kºg]ج Xv™Èž Ì<>î¬í¦9J¨žd|¡b,¸<>SÞ„- Ïè WïáäÅDßšø¹S÷ WIhtVGjS
--- 6Hp/UXOV+kUSkC+cYQFu4vJ70qctprk/T/pr5tH0gV0
Ôè$Uð5E˜»‰\€é Étën|GðBÛ<42>å•.n}‚á wz&Ó
Zxê„@Úÿ¯©IÍæ¸|iÜ^s±¯C«O­ ž@ç

Binary file not shown.

View file

@ -6,8 +6,11 @@ let
nixos-laptop = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDhtwHDGAZshiQWKkCcPWV9tC83b+bKBgjDcjP/N2CKO"; nixos-laptop = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDhtwHDGAZshiQWKkCcPWV9tC83b+bKBgjDcjP/N2CKO";
nixos-desktop = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKl8gMhwSf1NsP5gp14xbbyjqQLZzcHLb/XKRMoHdXgI"; nixos-desktop = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKl8gMhwSf1NsP5gp14xbbyjqQLZzcHLb/XKRMoHdXgI";
nixos-work = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGQdruRBgcS3JbX+8DP4GE+28M/ZnxqxhoaMM5EVUkrD"; nixos-work = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGQdruRBgcS3JbX+8DP4GE+28M/ZnxqxhoaMM5EVUkrD";
scadspc25 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID3i/+siSLZmbW/8uM1LCpmR4ErCtS9zdS4aDDSfCESC";
hosts-personal = [ nixos-laptop nixos-desktop ]; hosts-personal = [ nixos-laptop nixos-desktop ];
hosts = hosts-personal ++ [ nixos-work ]; hosts-work = [ nixos-work scadspc25 ];
hosts = hosts-personal ++ hosts-work;
all = users ++ hosts; all = users ++ hosts;
in in
@ -19,6 +22,6 @@ in
"uni-vpn.age".publicKeys = all; "uni-vpn.age".publicKeys = all;
"wireguard-preshared-key.age".publicKeys = all; "wireguard-preshared-key.age".publicKeys = all;
"wireguard-private-key.age".publicKeys = all; "wireguard-private-key.age".publicKeys = all;
"webis.age".publicKeys = hosts-personal ++ [ moritz ]; "webis.age".publicKeys = hosts-personal ++ [ scadspc25 moritz ];
"webis-ssh.age".publicKeys = hosts-personal ++ [ moritz ]; "webis-ssh.age".publicKeys = hosts-personal ++ [ scadspc25 moritz ];
} }

View file

@ -1,16 +1,17 @@
age-encryption.org/v1 age-encryption.org/v1
-> ssh-ed25519 CjuqfA eP249XpK70os6x/XG6zr0VWmQ4dDUvbijmYeArRAogs -> ssh-ed25519 CjuqfA /YCi+4iCBCJc2+n5DfEi6yFqYiC6WKyKqMQTC3dxYTM
C/nwUI7ObSuJRt4TfqUM8Z0IxD/mXg392CawE3r52Yw TXnSGexVJPzsxV3GBoxujBPy4sYFK7tTzpgZd+tL7PY
-> ssh-ed25519 QRYDmg gv9JRmJBt0lQV2mx7TiZlyWNOIDXW2flISCN2Tw9kh8 -> ssh-ed25519 QRYDmg 7ol/1aYbVuD1peL4kMHFifxtfj1LJPQ7ByMgmoIiLG0
h5wmTiWn8oX5Sr/yJp/FZ4eGxutCgIkPpDU8E4Dul0A LJyz1aoBxOnxcy/x9yXCcMDG1CM8XSGTIvklShHsLr8
-> ssh-ed25519 wG6LYg 5Pw8gHIEP5rA4aStCC217iNnky9J/t1KsmfK25o6Ylw -> ssh-ed25519 wG6LYg LvuMCPIaXP8gDriTDVIXak2dLUTDgyA+ADnsFDEtpX4
TRJ4+3AsT9n0IEMZXyvcFRqSS1J48fFaVWHK9C3DgWw PSsM5NsSVhsV1xtZPs3VZbJopfkDQg7Gxjkrnf+I5VI
-> ssh-ed25519 ZYd7Zg ns34LIL0NNzrSUFTJGsELNVyfxcknuDfgK9ZE0DGNXM -> ssh-ed25519 ZYd7Zg jt4zPtq1gv/SQ8Zqy2kFQZTUHo57d3BcBOusafU5TwE
NUgBXe/HNOz8NKbS0xMzd3Z2cP9zsjLKcc4fDu66nw0 FCifF8kUwHqlvokMMhJ/A2zCutshBg9K22gZPeYyK5s
-> ssh-ed25519 as9VYQ kd/k9sA8gUNNKmhi5LcZqSrRg3qUKhHXhYKE7nkQgmY -> ssh-ed25519 as9VYQ 2w+TXKZGnMQ5nRqVPfDiXAjGPLjMQcDzuZ42tXD81zE
JVPlAWimRS2QZu0PIvQMwzC21B35miaWpEEsUUEq37Q GHVNnPD1QrRfjlxymtkIvW/fSH8280ye4ojag/RrL6Y
-> T_b>Tl-grease Xe5~ 2q } -> ssh-ed25519 dWIbQQ vFV8rbuDIUhVuWlp1zLKbSZkxWwBpjLGAHZ7TZmlpxA
wGqdSY44FDId8JTxJS0/1mMbT/yPvB2L 2qq8R8eGQHMAtTAKJxv7ouXwbw9h9LnoipQ+dtq0bOk
--- 3g9QhHQwSdmcyWII9LEiUq38yyKfvW/OJFgRZHpQfhk -> eLqn-grease
ŸŠþ6È}ãýj„ðèJèoeøÐÀNLšÁ1=OâJÀ‡g¿r„\<5C>~*ù®ZŒms¯WA™™ s21qb67X34dXu+DeHZV4IA9mvegTyQSulJuWZXUyGmlxQT4N7pDAjAgrlrsT8zI
 --- ogDMsipm47a5cDUlzX1zPmeakFaqXecpvYfPILf5PGA
ªï;èæŠ(+\"ßÐ`qnC:Î6†Vîì„t0½ë\2×oô¨¦Ù<œ*œ?J\ ÎTÏ¢ÐÕVÛ_Ç

Binary file not shown.

View file

@ -1,16 +1,19 @@
age-encryption.org/v1 age-encryption.org/v1
-> ssh-ed25519 CjuqfA wsRuh5f7FBwEuH60mY/n5B2rfMXmN9loDRI5sgLAmQY -> ssh-ed25519 CjuqfA G9o6Fr/QDmLnyWzDJ6H7hDbHOiDB+O+YktAPdvU7W3w
QRNPLd433Ax/F/NMCGdUUl1dXKvpaqErPYlDRPASkLA lJyk/YTCa5ZjO8dAlkkdhKTHZMSigRbjbKJfqw/fUEE
-> ssh-ed25519 QRYDmg 1TN+ZhZMn3a5Ny/rrWZedHIwf69NCNj82RGfDt4VI1s -> ssh-ed25519 QRYDmg EhRXKZpW6YrK5gnmjknsLw0n/p/6wpKYaxWl8okQmTk
I+VsfBTJZ7gIIGROjU5hkvRZ/+OkxxPda9qYn28O5dg CfhAxfuAslOeBUJ2KwPkOh3Z0iNzpLzWS6RDXf2FoeU
-> ssh-ed25519 wG6LYg WhRpXAXmZPYLSmNcqvuLQIkwbOnyP/Fqmt5ZhvNqQx8 -> ssh-ed25519 wG6LYg QYrpUmxiXhq1j6J8Z2LitWd1B2HLcKN5+AoeKKxq0A8
lKyFPSmEgY/BuLKxTOQMrOVf7ScL50WwvghgDQT6gsY cqvR67PV3wfNa9fmJb/WBXfC7A0sdmVaM/rsnVMtbIY
-> ssh-ed25519 ZYd7Zg E4VAC6uIuBdXZ0jciRW/835qIaDWixDig6oGi8KqFlw -> ssh-ed25519 ZYd7Zg vL7E7XfhSbk+tMTrtesX6CmzvGWkticcPX/sciDH0ls
15J0vEUwCFiViXP7UlKmAmKfm+d6UgjcA3gHvDzSQwg i/vSM2S32FE9ehBTNZMMgA44JF35VrsDc4Zj/0XawV8
-> ssh-ed25519 as9VYQ +sGqCqiBOgMcF90Rt6xKRHm0fqZMXflg6OBRwAhVU2k -> ssh-ed25519 as9VYQ ySyFU1aWka32ZrVR9psB7STvoBTszdCnL2J1Cp1CBnk
rgzztigEJ1WCdI9AuXcjP2VZrPQxiecYRPfg4RdOyFM fmKHzYW7fvUnhfUUtK5agqcjK959GiV0RVCMOSx1BaE
-> xA'C-grease s-9 ?tXT 38r l[ -> ssh-ed25519 dWIbQQ 2L8XRok6Pn2pWjEiONRA5AJbRj7JKJY+nmvMaqD9zFA
lAYTp6Ot t96XWaBuCxX/yawMq1DTK96B9rj8MnHL8JDf077lpvU
--- RvWgnW1+4pux4UMOamln/5/xVLsyIgxAZwYOYZJGQo4 -> FS#1-grease p/ s |i4Z RP
ÆH¬ 945g87K4K3dU72Jn79DaImolDd5q+oVX5z4sKiqi2rZe2HbUgoNHlhRF8yyDIQpH
I!õ4HüQŒ •ÍuR»òÝÍê7~…Õ‰×!3\™±ý»6 yø‡GŽN7£Ë|v>©ÂnÏÂÉÛ+·ê2zá'“>D t2tFBx4OJN8NqVXkKw5NXTdmqKVIzCg
--- 9px5+jkQswAox2FjRnHynMCI0o0pnUqdmEcmGqdbqaE
ÑœK6F<1C>
@*Ö™á?j•©êå†~¶ !ϺìÕ“xBƒÍ>+b‡<ø±Gddžd¢ÇAÏ„a^Lò“nŒ††<E280A0>³³ áþºiÔt<C394>

Binary file not shown.

Binary file not shown.

Binary file not shown.

View file

@ -1,15 +1,17 @@
age-encryption.org/v1 age-encryption.org/v1
-> ssh-ed25519 CjuqfA EQLHOBOVfp+j3x+coXt1isDkG+LvsSYkU8PT1cg97FQ -> ssh-ed25519 CjuqfA OoHLAZHlhjUykTdrTL3vR4xOR+M9xUz6PRr8sxM/ikc
NJWJKvmN4hUHsC34n1ap4HlipC0rGWlqrbgR4vm91YY MA0ZOeqZoraMOKFLs9XnEzLNGpAt3jJWytC5MXDO0qM
-> ssh-ed25519 QRYDmg LOvHPzC4zfX2rlQBxYwHoHhjftCyWnBRLXZ/aB1ekQM -> ssh-ed25519 QRYDmg uciExW93VcA/9Y1pchLXoWwDr3R47VbMvvxQUmeonxM
lVtsflczWZwhBx4FZeJK6jtcUCvwQKIA5Gmbth2to9U lckRRFSnA/MGRYaoBe3PTTTk1O+ZhfBrjhppvU16j5A
-> ssh-ed25519 wG6LYg nqcLDqaVL7D0seK7kW52vmG/lm0Nd28lBroYrRMVynI -> ssh-ed25519 wG6LYg 8J8epMCx+l9M6KBtVfjgD5+jdCC8//CtBnk1t64+5EM
oYA8E4DDR26gpRCdJMWtzoGvUTErI6GMSdF99kTNKtc lLhpx7tk43/gOQTg4L9XRg+EDmupK0bW3hS1PclpZjY
-> ssh-ed25519 ZYd7Zg vz3LZxq0+KTx6E4J0X6duivLP0TFtA8WaOQaiSmMcF4 -> ssh-ed25519 ZYd7Zg wTghQ4lU1zbttB1pzWQJZVZAEmWvbZzJ1dh5vOqq90g
5g+3H/6J9FjsWifcfmEq8dz0hk4mpZhhJaEndPE3Mpw AwtibVxQP2AOkq6O0AW8M4BxCXE6DkDkdatoYr8E8rg
-> ssh-ed25519 as9VYQ VIQ18yC/qEiP66hfCwWAbAbNCBypB47gbWkFg/TJmWE -> ssh-ed25519 as9VYQ E4qn+C3VtEKcnOfh2/VTuzQtyR1y3vjyTlEbVQbj604
MXK5RnuwAlKt676CPO0N/3BeM9gsgMPZNEG1DXq8uXA vtFR+dBGPXbvfK2HT5J2Tfn++yUUAs5oIOKEoRqITxk
-> 8kx-grease s%obC ~GOw1 C -> ssh-ed25519 dWIbQQ O0PMTuY3HGpLFOiE5QzsX4TkQv6DReuHipvFBxdE2xM
SsJrr8NB3d+ohcftj5CkmtK6GZvoVt8GQeav6le/uwY
--- V8z981BPe2yVOaMCj2np9Vvvy/6zP8xHCFKRFwsceXs -> kkxK-grease Y+ 1G ^
¢»„•¤ÇÜà+<2B>Xobë_)È<zݯmDPoçßê±Kð½ùÛÞZåé=ØÂ¥ºt-·b+}vûçµpgÝÊU' þø#/89„ +17Pd0/0prkcbg/vxL8ews/NtQJrYEXafnHXU7L5NxqtYiokkh9d
--- HerEQyxchdLe0MJl/ZwU/NLtCNewjaNFqNA+KjvDtYg
™9èjv^€ÿ7¹µXÌ#Ù÷BAèËUC2wDg^Úf^¹R¤(2M)ÍIŽ[ Ê|ö8л³F…×bB¬Á¢ŠnMÿcZDr