diff options
| author | Mark Nipper <nipsy@bitgnome.net> | 2025-06-02 21:37:54 -0700 |
|---|---|---|
| committer | Mark Nipper <nipsy@bitgnome.net> | 2025-06-02 21:37:54 -0700 |
| commit | 373afa3c99fb113385fe60b88f67813ef1fce44c (patch) | |
| tree | ab3759c8f191968aa2557d6be8bbb65c1d16bc80 /hosts/caladan/default.nix | |
| parent | 7482e4098518c20050062eb70836f3753d60520c (diff) | |
| download | nix-373afa3c99fb113385fe60b88f67813ef1fce44c.tar nix-373afa3c99fb113385fe60b88f67813ef1fce44c.tar.gz nix-373afa3c99fb113385fe60b88f67813ef1fce44c.tar.bz2 nix-373afa3c99fb113385fe60b88f67813ef1fce44c.tar.lz nix-373afa3c99fb113385fe60b88f67813ef1fce44c.tar.xz nix-373afa3c99fb113385fe60b88f67813ef1fce44c.tar.zst nix-373afa3c99fb113385fe60b88f67813ef1fce44c.zip | |
Add secrets @caladan
Diffstat (limited to 'hosts/caladan/default.nix')
| -rw-r--r-- | hosts/caladan/default.nix | 76 |
1 files changed, 32 insertions, 44 deletions
diff --git a/hosts/caladan/default.nix b/hosts/caladan/default.nix index f203d46..84fe060 100644 --- a/hosts/caladan/default.nix +++ b/hosts/caladan/default.nix @@ -77,32 +77,32 @@ ]; networking = { - # defaultGateway = { - # address = "192.168.1.1"; - # interface = "wlp15s0"; - # }; + defaultGateway = { + address = "192.168.1.1"; + interface = "wlp15s0"; + }; domain = "bitgnome.net"; hostId = "8981d1e5"; hostName = "caladan"; - # interfaces = { - # wlp15s0 = { - # ipv4.addresses = [ - # { address = "192.168.1.3"; prefixLength = 24; } - # ]; - # }; - # }; - # nameservers = [ "192.168.1.1" ]; - # nftables.enable = true; - # useDHCP = false; - # wireless = { - # enable = true; - # networks = { - # "Crystal Palace" = { - # pskRaw = "ext:psk_crystal_palace"; - # }; - # }; - # secretsFile = "${config.sops.secrets."wpa_supplicant".path}"; - # }; + interfaces = { + wlp15s0 = { + ipv4.addresses = [ + { address = "192.168.1.3"; prefixLength = 24; } + ]; + }; + }; + nameservers = [ "192.168.1.1" ]; + nftables.enable = true; + useDHCP = false; + wireless = { + enable = true; + networks = { + "Crystal Palace" = { + pskRaw = "ext:psk_crystal_palace"; + }; + }; + secretsFile = "${config.sops.secrets."wpa_supplicant".path}"; + }; }; nixpkgs = { @@ -123,28 +123,16 @@ services.openssh.settings.X11Forwarding = true; services.xserver.videoDrivers = [ "amdgpu" ]; - #sops = { - # age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; - # defaultSopsFile = ../secrets/arrakis.yaml; + sops = { + age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; + defaultSopsFile = ../secrets/caladan.yaml; - # secrets = { - # "nftables/ssh" = {}; - # "nix-access-token-github" = {}; - # "ssh_config".path = "/root/.ssh/config"; - # "wireguard/arrakis_key" = {}; - # "wireguard/black-sheep_psk" = {}; - # "wireguard/fangorn_psk" = {}; - # "wireguard/ginaz_psk" = {}; - # "wireguard/homer_psk" = {}; - # "wireguard/lilnasx_psk" = {}; - # "wireguard/lolli_psk" = {}; - # "wireguard/ramped_psk" = {}; - # "wireguard/timetrad_psk" = {}; - # "wireguard/treebeard_psk" = {}; - # "wireguard/wg1_conf" = {}; - # "wpa_supplicant" = {}; - # }; - #}; + secrets = { + "nix-access-token-github" = {}; + "ssh_config".path = "/root/.ssh/config"; + "wpa_supplicant" = {}; + }; + }; system.stateVersion = "23.11"; } |