moritz
/
dotfiles
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

feat: add webis module

nixos
Moritz Böhme 2023-05-16 12:13:20 +02:00
parent 420b5d5d10
commit 57f2094c44
Signed by: moritz
GPG Key ID: 970C6E89EB0547A9
6 changed files with 34 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
hosts/nixos-laptop/default.nix
View File

@ -15,6 +15,7 @@
profiles = { profiles = {
desktop.enable = true; desktop.enable = true;
personal.enable = true; personal.enable = true;
webis.enable = true;
}; };
}; };

2
modules/profiles/personal.nix
View File

@ -18,7 +18,7 @@ in
synology-drive.enable = true; synology-drive.enable = true;
}; };
programs = { programs = {
ssh.includeSecrets = mkDefault [ ../../secrets/ssh-home.age ]; ssh.includeSecrets = [ ../../secrets/ssh-home.age ];
git.signing = mkDefault true; git.signing = mkDefault true;
hub.enable = mkDefault true; hub.enable = mkDefault true;
firefox.arkenfox = { firefox.arkenfox = {

28
modules/profiles/webis.nix Normal file
View File

@ -0,0 +1,28 @@
{ lib
, config
, ...
}:
with lib;
let
cfg = config.my.profiles.webis;
in
{
options.my.profiles.webis.enable = mkEnableOption "webis profile";
config = mkIf cfg.enable {
my.programs.ssh.includeSecrets = [ ../../secrets/webis-ssh.age ];
age.secrets.webis = {
file = ../../secrets/webis.age;
name = "webis.ovpn";
};
services.openvpn.servers = {
webis = {
config = "config /run/agenix/webis.ovpn";
autoStart = false;
updateResolvConf = true;
};
};
};
}

5
secrets/secrets.nix
View File

@ -6,7 +6,8 @@ let
nixos-laptop = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDhtwHDGAZshiQWKkCcPWV9tC83b+bKBgjDcjP/N2CKO"; nixos-laptop = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDhtwHDGAZshiQWKkCcPWV9tC83b+bKBgjDcjP/N2CKO";
nixos-desktop = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKl8gMhwSf1NsP5gp14xbbyjqQLZzcHLb/XKRMoHdXgI"; nixos-desktop = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKl8gMhwSf1NsP5gp14xbbyjqQLZzcHLb/XKRMoHdXgI";
nixos-work = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGQdruRBgcS3JbX+8DP4GE+28M/ZnxqxhoaMM5EVUkrD"; nixos-work = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGQdruRBgcS3JbX+8DP4GE+28M/ZnxqxhoaMM5EVUkrD";
hosts = [ nixos-laptop nixos-desktop nixos-work ]; hosts-personal = [ nixos-laptop nixos-desktop ];
hosts = hosts-personal ++ [ nixos-work ];
all = users ++ hosts; all = users ++ hosts;
in in
@ -18,4 +19,6 @@ in
"uni-vpn.age".publicKeys = all; "uni-vpn.age".publicKeys = all;
"wireguard-preshared-key.age".publicKeys = all; "wireguard-preshared-key.age".publicKeys = all;
"wireguard-private-key.age".publicKeys = all; "wireguard-private-key.age".publicKeys = all;
"webis.age".publicKeys = hosts-personal ++ [ moritz ];
"webis-ssh.age".publicKeys = hosts-personal ++ [ moritz ];
} }

BIN
secrets/webis-ssh.age Normal file
View File

Binary file not shown.

BIN
secrets/webis.age Normal file
View File

Binary file not shown.