From 373afa3c99fb113385fe60b88f67813ef1fce44c Mon Sep 17 00:00:00 2001
From: Mark Nipper <nipsy@bitgnome.net>
Date: Mon, 2 Jun 2025 21:37:54 -0700
Subject: Add secrets @caladan

---
 hosts/caladan/default.nix | 76 ++++++++++++++++++++---------------------------
 1 file changed, 32 insertions(+), 44 deletions(-)

(limited to 'hosts/caladan/default.nix')

diff --git a/hosts/caladan/default.nix b/hosts/caladan/default.nix
index f203d46..84fe060 100644
--- a/hosts/caladan/default.nix
+++ b/hosts/caladan/default.nix
@@ -77,32 +77,32 @@
   ];
 
   networking = {
-  #  defaultGateway = {
-  #    address = "192.168.1.1";
-  #    interface = "wlp15s0";
-  #  };
+    defaultGateway = {
+      address = "192.168.1.1";
+      interface = "wlp15s0";
+    };
     domain = "bitgnome.net";
     hostId = "8981d1e5";
     hostName = "caladan";
-  #  interfaces = {
-  #    wlp15s0 = {
-  #      ipv4.addresses = [
-  #        { address = "192.168.1.3"; prefixLength = 24; }
-  #      ];
-  #    };
-  #  };
-  #  nameservers = [ "192.168.1.1" ];
-  #  nftables.enable = true;
-  #  useDHCP = false;
-  #  wireless = {
-  #    enable = true;
-  #    networks = {
-  #      "Crystal Palace" = {
-  #        pskRaw = "ext:psk_crystal_palace";
-  #      };
-  #    };
-  #    secretsFile = "${config.sops.secrets."wpa_supplicant".path}";
-  #  };
+    interfaces = {
+      wlp15s0 = {
+        ipv4.addresses = [
+          { address = "192.168.1.3"; prefixLength = 24; }
+        ];
+      };
+    };
+    nameservers = [ "192.168.1.1" ];
+    nftables.enable = true;
+    useDHCP = false;
+    wireless = {
+      enable = true;
+      networks = {
+        "Crystal Palace" = {
+          pskRaw = "ext:psk_crystal_palace";
+        };
+      };
+      secretsFile = "${config.sops.secrets."wpa_supplicant".path}";
+    };
   };
 
   nixpkgs = {
@@ -123,28 +123,16 @@
   services.openssh.settings.X11Forwarding = true;
   services.xserver.videoDrivers = [ "amdgpu" ];
 
-  #sops = {
-  #  age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
-  #  defaultSopsFile = ../secrets/arrakis.yaml;
+  sops = {
+    age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
+    defaultSopsFile = ../secrets/caladan.yaml;
 
-  #  secrets = {
-  #    "nftables/ssh" = {};
-  #    "nix-access-token-github" = {};
-  #    "ssh_config".path = "/root/.ssh/config";
-  #    "wireguard/arrakis_key" = {};
-  #    "wireguard/black-sheep_psk" = {};
-  #    "wireguard/fangorn_psk" = {};
-  #    "wireguard/ginaz_psk" = {};
-  #    "wireguard/homer_psk" = {};
-  #    "wireguard/lilnasx_psk" = {};
-  #    "wireguard/lolli_psk" = {};
-  #    "wireguard/ramped_psk" = {};
-  #    "wireguard/timetrad_psk" = {};
-  #    "wireguard/treebeard_psk" = {};
-  #    "wireguard/wg1_conf" = {};
-  #    "wpa_supplicant" = {};
-  #  };
-  #};
+    secrets = {
+      "nix-access-token-github" = {};
+      "ssh_config".path = "/root/.ssh/config";
+      "wpa_supplicant" = {};
+    };
+  };
 
   system.stateVersion = "23.11";
 }
-- 
cgit v1.2.3