aires/nix-configuration
aires/nix-configuration
1
0
Fork 0
Code Actions Activity

Finally got the new secrets format working right...I hope. I should really just use sops or agenix @_@

Browse source
This commit is contained in:
Aires 2024-05-16 13:35:11 -04:00
parent 313928498c
commit 51c6175140
5 changed files with 11 additions and 20 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
flake.nix
View file

@ -79,9 +79,6 @@
useGlobalPkgs = true; useGlobalPkgs = true;
useUserPackages = true; useUserPackages = true;
backupFileExtension = "home-manager-backup"; backupFileExtension = "home-manager-backup";
extraSpecialArgs = {
inherit inputs;
};
}; };
} }
]; ];

3
hosts/Haven/hardware-configuration.nix
View file

@ -4,7 +4,6 @@
lib, lib,
pkgs, pkgs,
modulesPath, modulesPath,
nix-secrets,
... ...
}: }:
{ {
@ -34,7 +33,7 @@
enable = true; enable = true;
mdadmConf = lib.mkIf (config.networking.hostName == "Haven") '' mdadmConf = lib.mkIf (config.networking.hostName == "Haven") ''
ARRAY /dev/md/Sapana metadata=1.2 UUID=51076daf:efdb34dd:bce48342:3b549fcb ARRAY /dev/md/Sapana metadata=1.2 UUID=51076daf:efdb34dd:bce48342:3b549fcb
MAILADDR ${nix-secrets.users.aires.email} MAILADDR ${config.secrets.users.aires.email}
''; '';
}; };
}; };

6
modules/autoimport.nix
View file

@ -5,10 +5,10 @@ with lib;
let let
# Fetch secrets # Fetch secrets
# IMPORTANT: Make sure this repo exists on the filesystem first! # IMPORTANT: Make sure this repo exists on the filesystem first!
nix-secrets-ssh = builtins.fetchGit { nix-secrets = builtins.fetchGit {
url = "/home/aires/Development/nix-configuration/nix-secrets"; url = "/home/aires/Development/nix-configuration/nix-secrets";
ref = "main"; ref = "main";
rev = "18340f7a56b754d807a5be2ef84f12ea3b34ce4e"; rev = "be1b413b4215984d10e15ffbd4a47a038d5a4292";
}; };
# Recursively constructs an attrset of a given folder, recursing on directories, value of attrs is the filetype # Recursively constructs an attrset of a given folder, recursing on directories, value of attrs is the filetype
@ -33,5 +33,5 @@ let
); );
in in
{ {
imports = [ "${nix-secrets-ssh}" ] ++ validFiles ./.; imports = [ "${nix-secrets}" ] ++ validFiles ./.;
} }

17
modules/services/msmtp.nix
View file

@ -1,10 +1,5 @@
# See https://nixos.wiki/wiki/Msmtp # See https://nixos.wiki/wiki/Msmtp
{ { config, lib, ... }:
config,
lib,
nix-secrets,
...
}:
let let
cfg = config.host.services.msmtp; cfg = config.host.services.msmtp;
@ -19,15 +14,15 @@ with lib;
programs.msmtp = { programs.msmtp = {
enable = true; enable = true;
accounts.default = { accounts.default = {
host = nix-secrets.services.msmtp.host; host = config.secrets.services.msmtp.host;
user = nix-secrets.services.msmtp.user; user = config.secrets.services.msmtp.user;
password = nix-secrets.services.msmtp.password; password = config.secrets.services.msmtp.password;
auth = true; auth = true;
tls = true; tls = true;
tls_starttls = true; tls_starttls = true;
port = 587; port = 587;
from = "${config.networking.hostName}@${nix-secrets.networking.primaryDomain}"; from = "${config.networking.hostName}@${config.secrets.networking.primaryDomain}";
to = nix-secrets.users.aires.email; to = config.secrets.users.aires.email;
}; };
}; };
}; };

2
nix-secrets

@ -1 +1 @@
Subproject commit 18340f7a56b754d807a5be2ef84f12ea3b34ce4e Subproject commit be1b413b4215984d10e15ffbd4a47a038d5a4292