feat: add scadspc25 as host

This commit is contained in:
Moritz Böhme 2023-07-21 11:23:52 +02:00
parent 2e4ac37bc6
commit 1433a539a5
14 changed files with 218 additions and 63 deletions

View file

@ -0,0 +1,71 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running `nixos-help`).
{ config, pkgs, ... }:
{
imports =
[
# Include the results of the hardware scan.
./hardware-configuration.nix
];
my = {
yubikey.luksSupport.enable = false;
profiles = {
desktop.enable = true;
webis.enable = true;
};
programs.hyprland.keyboardLayouts = [ "us" "de" ];
};
# Use the systemd-boot EFI boot loader.
boot.loader.grub.enable = true;
boot.loader.grub.device = "nodev";
boot.loader.grub.efiSupport = true;
boot.loader.efi.canTouchEfiVariables = true;
networking.hostName = "scadspc25"; # Define your hostname.
networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
# Set your time zone.
time.timeZone = "Europe/Berlin";
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
environment.systemPackages = with pkgs; [
vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
wget
];
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
# programs.gnupg.agent = {
# enable = true;
# enableSSHSupport = true;
# };
# List services that you want to enable:
# Enable the OpenSSH daemon.
# services.openssh.enable = true;
# Copy the NixOS configuration file and link it from the resulting system
# (/run/current-system/configuration.nix). This is useful in case you
# accidentally delete configuration.nix.
# system.copySystemConfiguration = true;
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. It's perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.05"; # Did you read the comment?
}

View file

@ -0,0 +1,72 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" "sr_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{
device = "/dev/disk/by-uuid/cfc2d232-f833-4ecf-8098-fe805afd390d";
fsType = "btrfs";
options = [ "subvol=root" "compress=zstd" "noatime" ];
};
fileSystems."/home" =
{
device = "/dev/disk/by-uuid/cfc2d232-f833-4ecf-8098-fe805afd390d";
fsType = "btrfs";
options = [ "subvol=home" "compress=zstd" "noatime" ];
};
fileSystems."/nix" =
{
device = "/dev/disk/by-uuid/cfc2d232-f833-4ecf-8098-fe805afd390d";
fsType = "btrfs";
options = [ "subvol=nix" "compress=zstd" "noatime" ];
};
fileSystems."/var/log" =
{
device = "/dev/disk/by-uuid/cfc2d232-f833-4ecf-8098-fe805afd390d";
fsType = "btrfs";
options = [ "subvol=log" "compress=zstd" "noatime" ];
};
fileSystems."/snapshots" =
{
device = "/dev/disk/by-uuid/cfc2d232-f833-4ecf-8098-fe805afd390d";
fsType = "btrfs";
options = [ "subvol=snapshots" "compress=zstd" "noatime" ];
};
fileSystems."/boot" =
{
device = "/dev/disk/by-uuid/3B2B-63DB";
fsType = "vfat";
};
swapDevices =
[{ device = "/dev/disk/by-uuid/c08ff6b6-d6e2-4620-95fc-6c20b04c7363"; }];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.eno1.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp0s20f3.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

View file

@ -0,0 +1 @@
"x86_64-linux"

View file

@ -70,7 +70,6 @@ in
fish.enable = true;
git.enable = true;
gpg.enable = true;
navi.enable = true;
nix = {
gc.enable = true;
optimise.enable = true;

View file

@ -1,16 +1,19 @@
age-encryption.org/v1
-> ssh-ed25519 CjuqfA vQgqFrMrdEi4vwNj9qSLO9YVBTpY5OSMoRzH+Wk19lw
GkYkh9FisOcAREJe+CW3gftgWunKH1V7N/hm4l2n2BM
-> ssh-ed25519 QRYDmg pRNoHHxbQ7p6bzanDmakpHGc06EVqB8TSn+X7+4fbm8
O2rpt/OVbGKKzEnGVlMnOhyJaqsMQdeB5ZxjfKf9BNc
-> ssh-ed25519 wG6LYg 2aXp/3oo9BbOg7vBHnSPwDY9ycuJHA68Uf6Q9afYmA8
vd+yYpAqiDYMVIGvJmGD6T6Inwo64dYMRwq4n8kqV7E
-> ssh-ed25519 ZYd7Zg c/egc/Me5k/RirfanQY/Qq3Fhdm7q67lUL7SzpBp9Tk
81ubfNCPJOtbo82iKmB/Tq3jgUntKnAQQy+JuiZkeTo
-> ssh-ed25519 as9VYQ 6g/5nmOnTK9BWF0bLpk58OGb5iLMaJpNvg955iY5qhs
jWt7sv4r5n5x5zJRvmWuP9moVzqmro8jHrnAIUjH+vU
-> wn7ow-grease /PE|\ M5 3a3-e/J+ hv7j2
fPDfe6t5LKX5MmidzQkudoyFfF+GuUHIhtfz7DTyTAEczkqOCSUGvpGmgR5wckMK
rPUibrMFHW0
--- ivXm5PXqcdPjqMKGTRTasnf0zgaLc1QovA6gmxPEGQQ
žô0ÆTÊë`‰Ý“N“kºg]ج Xv™Èž Ì<>î¬í¦9J¨žd|¡b,¸<>SÞ„- Ïè WïáäÅDßšø¹S÷
-> ssh-ed25519 CjuqfA G27Yt1FyurlWFuq0397PV2+bivdRG0X//CfFqrSR2Qc
n31SgYLmCGlAsSIpOr/UwQupt92qh5ONU5n4xOGfeJU
-> ssh-ed25519 QRYDmg T36WQmcOabBJRDC18gIwEg+wHOs2k2a+ti4VKE9H+RQ
A8hj7izomU3eGEb7ML3EVZYaqvhQ5ZSHcb/EM2QnBa0
-> ssh-ed25519 wG6LYg weF/pK+Xxh5Kxt/JTXAd/YXkTibD6yGnewOloDWfszE
VpUC74mIThmgieN5cfljgFl3Os7SQ/HG9iA/nhUdORY
-> ssh-ed25519 ZYd7Zg TRuhGwA6YOxJjodDMhyQm6JiInbIwnSO86Vptoj+lGc
sknbCE94iTQwnwjWPpsbRUKAEqTSY82rXS/17bRXt0E
-> ssh-ed25519 as9VYQ oqaIVShntZXxqkkZP7Mg+Je3k0OvNWVH+6sbsu1Zlgc
gSd1Ecv5gNGxRZjsFYkcIDlJ+uv9ubZn8pgo56GrOHg
-> ssh-ed25519 dWIbQQ hNi/nS5QeE+MPUYvb94XwoN+GOuinzgc2QU/v2+VhkQ
L3p7rRv64DvD+VX7kad7B15kuDCQMxVB+ZE91mJYv74
-> @l~.-grease m4vSyUw1
xxt67nUfB58sf7oOIxzYCoiiqX/E4yJQmdJt3tVZ6FHyqNfU7SxrInaFDppl9tiW
WIhtVGjS
--- 6Hp/UXOV+kUSkC+cYQFu4vJ70qctprk/T/pr5tH0gV0
Ôè$Uð5E˜»‰\€é Étën|GðBÛ<42>å•.n}‚á wz&Ó
Zxê„@Úÿ¯©IÍæ¸|iÜ^s±¯C«O­ ž@ç

Binary file not shown.

View file

@ -6,8 +6,11 @@ let
nixos-laptop = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDhtwHDGAZshiQWKkCcPWV9tC83b+bKBgjDcjP/N2CKO";
nixos-desktop = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKl8gMhwSf1NsP5gp14xbbyjqQLZzcHLb/XKRMoHdXgI";
nixos-work = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGQdruRBgcS3JbX+8DP4GE+28M/ZnxqxhoaMM5EVUkrD";
scadspc25 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID3i/+siSLZmbW/8uM1LCpmR4ErCtS9zdS4aDDSfCESC";
hosts-personal = [ nixos-laptop nixos-desktop ];
hosts = hosts-personal ++ [ nixos-work ];
hosts-work = [ nixos-work scadspc25 ];
hosts = hosts-personal ++ hosts-work;
all = users ++ hosts;
in
@ -19,6 +22,6 @@ in
"uni-vpn.age".publicKeys = all;
"wireguard-preshared-key.age".publicKeys = all;
"wireguard-private-key.age".publicKeys = all;
"webis.age".publicKeys = hosts-personal ++ [ moritz ];
"webis-ssh.age".publicKeys = hosts-personal ++ [ moritz ];
"webis.age".publicKeys = hosts-personal ++ [ scadspc25 moritz ];
"webis-ssh.age".publicKeys = hosts-personal ++ [ scadspc25 moritz ];
}

View file

@ -1,16 +1,17 @@
age-encryption.org/v1
-> ssh-ed25519 CjuqfA eP249XpK70os6x/XG6zr0VWmQ4dDUvbijmYeArRAogs
C/nwUI7ObSuJRt4TfqUM8Z0IxD/mXg392CawE3r52Yw
-> ssh-ed25519 QRYDmg gv9JRmJBt0lQV2mx7TiZlyWNOIDXW2flISCN2Tw9kh8
h5wmTiWn8oX5Sr/yJp/FZ4eGxutCgIkPpDU8E4Dul0A
-> ssh-ed25519 wG6LYg 5Pw8gHIEP5rA4aStCC217iNnky9J/t1KsmfK25o6Ylw
TRJ4+3AsT9n0IEMZXyvcFRqSS1J48fFaVWHK9C3DgWw
-> ssh-ed25519 ZYd7Zg ns34LIL0NNzrSUFTJGsELNVyfxcknuDfgK9ZE0DGNXM
NUgBXe/HNOz8NKbS0xMzd3Z2cP9zsjLKcc4fDu66nw0
-> ssh-ed25519 as9VYQ kd/k9sA8gUNNKmhi5LcZqSrRg3qUKhHXhYKE7nkQgmY
JVPlAWimRS2QZu0PIvQMwzC21B35miaWpEEsUUEq37Q
-> T_b>Tl-grease Xe5~ 2q }
wGqdSY44FDId8JTxJS0/1mMbT/yPvB2L
--- 3g9QhHQwSdmcyWII9LEiUq38yyKfvW/OJFgRZHpQfhk
ŸŠþ6È}ãýj„ðèJèoeøÐÀNLšÁ1=OâJÀ‡g¿r„\<5C>~*ù®ZŒms¯WA™™

-> ssh-ed25519 CjuqfA /YCi+4iCBCJc2+n5DfEi6yFqYiC6WKyKqMQTC3dxYTM
TXnSGexVJPzsxV3GBoxujBPy4sYFK7tTzpgZd+tL7PY
-> ssh-ed25519 QRYDmg 7ol/1aYbVuD1peL4kMHFifxtfj1LJPQ7ByMgmoIiLG0
LJyz1aoBxOnxcy/x9yXCcMDG1CM8XSGTIvklShHsLr8
-> ssh-ed25519 wG6LYg LvuMCPIaXP8gDriTDVIXak2dLUTDgyA+ADnsFDEtpX4
PSsM5NsSVhsV1xtZPs3VZbJopfkDQg7Gxjkrnf+I5VI
-> ssh-ed25519 ZYd7Zg jt4zPtq1gv/SQ8Zqy2kFQZTUHo57d3BcBOusafU5TwE
FCifF8kUwHqlvokMMhJ/A2zCutshBg9K22gZPeYyK5s
-> ssh-ed25519 as9VYQ 2w+TXKZGnMQ5nRqVPfDiXAjGPLjMQcDzuZ42tXD81zE
GHVNnPD1QrRfjlxymtkIvW/fSH8280ye4ojag/RrL6Y
-> ssh-ed25519 dWIbQQ vFV8rbuDIUhVuWlp1zLKbSZkxWwBpjLGAHZ7TZmlpxA
2qq8R8eGQHMAtTAKJxv7ouXwbw9h9LnoipQ+dtq0bOk
-> eLqn-grease
s21qb67X34dXu+DeHZV4IA9mvegTyQSulJuWZXUyGmlxQT4N7pDAjAgrlrsT8zI
--- ogDMsipm47a5cDUlzX1zPmeakFaqXecpvYfPILf5PGA
ªï;èæŠ(+\"ßÐ`qnC:Î6†Vîì„t0½ë\2×oô¨¦Ù<œ*œ?J\ ÎTÏ¢ÐÕVÛ_Ç

Binary file not shown.

View file

@ -1,16 +1,19 @@
age-encryption.org/v1
-> ssh-ed25519 CjuqfA wsRuh5f7FBwEuH60mY/n5B2rfMXmN9loDRI5sgLAmQY
QRNPLd433Ax/F/NMCGdUUl1dXKvpaqErPYlDRPASkLA
-> ssh-ed25519 QRYDmg 1TN+ZhZMn3a5Ny/rrWZedHIwf69NCNj82RGfDt4VI1s
I+VsfBTJZ7gIIGROjU5hkvRZ/+OkxxPda9qYn28O5dg
-> ssh-ed25519 wG6LYg WhRpXAXmZPYLSmNcqvuLQIkwbOnyP/Fqmt5ZhvNqQx8
lKyFPSmEgY/BuLKxTOQMrOVf7ScL50WwvghgDQT6gsY
-> ssh-ed25519 ZYd7Zg E4VAC6uIuBdXZ0jciRW/835qIaDWixDig6oGi8KqFlw
15J0vEUwCFiViXP7UlKmAmKfm+d6UgjcA3gHvDzSQwg
-> ssh-ed25519 as9VYQ +sGqCqiBOgMcF90Rt6xKRHm0fqZMXflg6OBRwAhVU2k
rgzztigEJ1WCdI9AuXcjP2VZrPQxiecYRPfg4RdOyFM
-> xA'C-grease s-9 ?tXT 38r l[
lAYTp6Ot
--- RvWgnW1+4pux4UMOamln/5/xVLsyIgxAZwYOYZJGQo4
ÆH¬
I!õ4HüQŒ •ÍuR»òÝÍê7~…Õ‰×!3\™±ý»6 yø‡GŽN7£Ë|v>©ÂnÏÂÉÛ+·ê2zá'“>D
-> ssh-ed25519 CjuqfA G9o6Fr/QDmLnyWzDJ6H7hDbHOiDB+O+YktAPdvU7W3w
lJyk/YTCa5ZjO8dAlkkdhKTHZMSigRbjbKJfqw/fUEE
-> ssh-ed25519 QRYDmg EhRXKZpW6YrK5gnmjknsLw0n/p/6wpKYaxWl8okQmTk
CfhAxfuAslOeBUJ2KwPkOh3Z0iNzpLzWS6RDXf2FoeU
-> ssh-ed25519 wG6LYg QYrpUmxiXhq1j6J8Z2LitWd1B2HLcKN5+AoeKKxq0A8
cqvR67PV3wfNa9fmJb/WBXfC7A0sdmVaM/rsnVMtbIY
-> ssh-ed25519 ZYd7Zg vL7E7XfhSbk+tMTrtesX6CmzvGWkticcPX/sciDH0ls
i/vSM2S32FE9ehBTNZMMgA44JF35VrsDc4Zj/0XawV8
-> ssh-ed25519 as9VYQ ySyFU1aWka32ZrVR9psB7STvoBTszdCnL2J1Cp1CBnk
fmKHzYW7fvUnhfUUtK5agqcjK959GiV0RVCMOSx1BaE
-> ssh-ed25519 dWIbQQ 2L8XRok6Pn2pWjEiONRA5AJbRj7JKJY+nmvMaqD9zFA
t96XWaBuCxX/yawMq1DTK96B9rj8MnHL8JDf077lpvU
-> FS#1-grease p/ s |i4Z RP
945g87K4K3dU72Jn79DaImolDd5q+oVX5z4sKiqi2rZe2HbUgoNHlhRF8yyDIQpH
t2tFBx4OJN8NqVXkKw5NXTdmqKVIzCg
--- 9px5+jkQswAox2FjRnHynMCI0o0pnUqdmEcmGqdbqaE
ÑœK6F<1C>
@*Ö™á?j•©êå†~¶ !ϺìÕ“xBƒÍ>+b‡<ø±Gddžd¢ÇAÏ„a^Lò“nŒ††<E280A0>³³ áþºiÔt<C394>

Binary file not shown.

Binary file not shown.

Binary file not shown.

View file

@ -1,15 +1,17 @@
age-encryption.org/v1
-> ssh-ed25519 CjuqfA EQLHOBOVfp+j3x+coXt1isDkG+LvsSYkU8PT1cg97FQ
NJWJKvmN4hUHsC34n1ap4HlipC0rGWlqrbgR4vm91YY
-> ssh-ed25519 QRYDmg LOvHPzC4zfX2rlQBxYwHoHhjftCyWnBRLXZ/aB1ekQM
lVtsflczWZwhBx4FZeJK6jtcUCvwQKIA5Gmbth2to9U
-> ssh-ed25519 wG6LYg nqcLDqaVL7D0seK7kW52vmG/lm0Nd28lBroYrRMVynI
oYA8E4DDR26gpRCdJMWtzoGvUTErI6GMSdF99kTNKtc
-> ssh-ed25519 ZYd7Zg vz3LZxq0+KTx6E4J0X6duivLP0TFtA8WaOQaiSmMcF4
5g+3H/6J9FjsWifcfmEq8dz0hk4mpZhhJaEndPE3Mpw
-> ssh-ed25519 as9VYQ VIQ18yC/qEiP66hfCwWAbAbNCBypB47gbWkFg/TJmWE
MXK5RnuwAlKt676CPO0N/3BeM9gsgMPZNEG1DXq8uXA
-> 8kx-grease s%obC ~GOw1 C
--- V8z981BPe2yVOaMCj2np9Vvvy/6zP8xHCFKRFwsceXs
¢»„•¤ÇÜà+<2B>Xobë_)È<zݯmDPoçßê±Kð½ùÛÞZåé=ØÂ¥ºt-·b+}vûçµpgÝÊU' þø#/89„
-> ssh-ed25519 CjuqfA OoHLAZHlhjUykTdrTL3vR4xOR+M9xUz6PRr8sxM/ikc
MA0ZOeqZoraMOKFLs9XnEzLNGpAt3jJWytC5MXDO0qM
-> ssh-ed25519 QRYDmg uciExW93VcA/9Y1pchLXoWwDr3R47VbMvvxQUmeonxM
lckRRFSnA/MGRYaoBe3PTTTk1O+ZhfBrjhppvU16j5A
-> ssh-ed25519 wG6LYg 8J8epMCx+l9M6KBtVfjgD5+jdCC8//CtBnk1t64+5EM
lLhpx7tk43/gOQTg4L9XRg+EDmupK0bW3hS1PclpZjY
-> ssh-ed25519 ZYd7Zg wTghQ4lU1zbttB1pzWQJZVZAEmWvbZzJ1dh5vOqq90g
AwtibVxQP2AOkq6O0AW8M4BxCXE6DkDkdatoYr8E8rg
-> ssh-ed25519 as9VYQ E4qn+C3VtEKcnOfh2/VTuzQtyR1y3vjyTlEbVQbj604
vtFR+dBGPXbvfK2HT5J2Tfn++yUUAs5oIOKEoRqITxk
-> ssh-ed25519 dWIbQQ O0PMTuY3HGpLFOiE5QzsX4TkQv6DReuHipvFBxdE2xM
SsJrr8NB3d+ohcftj5CkmtK6GZvoVt8GQeav6le/uwY
-> kkxK-grease Y+ 1G ^
+17Pd0/0prkcbg/vxL8ews/NtQJrYEXafnHXU7L5NxqtYiokkh9d
--- HerEQyxchdLe0MJl/ZwU/NLtCNewjaNFqNA+KjvDtYg
™9èjv^€ÿ7¹µXÌ#Ù÷BAèËUC2wDg^Úf^¹R¤(2M)ÍIŽ[ Ê|ö8л³F…×bB¬Á¢ŠnMÿcZDr