Add videos.knazarov.com and some emacs changes
This commit is contained in:
parent
8fd7e4c619
commit
92c25e624a
15 changed files with 425 additions and 91 deletions
|
@ -3,6 +3,7 @@ keys:
|
|||
- &server_mira age1le98v5v0xnlnc4y0ydgj9kwfftt8g5wduws8zsadgc97pj0fzecs55tjvz
|
||||
- &server_framework age1rkmhgep2jhdnma24x7ufzr686cwq6p3nk7mmedykan0d7c36xaus2y58sw
|
||||
- &server_knazarovcom age1esdg28lplhhvrj6vmqu9x0adyxj5trp2dp7my3k57kjhkstkk9cqkg5qkj
|
||||
- &server_videos age16md2hayuu3txmv5xykkdwdnwn4ep2yg9kcrrkwzxphzjlnu6g3uqsk45re
|
||||
creation_rules:
|
||||
- path_regex: secrets\.yaml$
|
||||
key_groups:
|
||||
|
@ -18,3 +19,10 @@ creation_rules:
|
|||
- *admin_knazarov
|
||||
age:
|
||||
- *server_knazarovcom
|
||||
|
||||
- path_regex: secrets-videos\.yaml$
|
||||
key_groups:
|
||||
- pgp:
|
||||
- *admin_knazarov
|
||||
age:
|
||||
- *server_videos
|
||||
|
|
|
@ -5,6 +5,19 @@
|
|||
{ config, lib, nixpkgs, pkgs, home-manager, ... }:
|
||||
|
||||
let my_python = (pkgs.python3.withPackages (ps: with ps; [ git_plan ]));
|
||||
|
||||
my_emacs =
|
||||
(pkgs.emacsWithPackagesFromUsePackage {
|
||||
config = ./emacs.el;
|
||||
defaultInitFile = true;
|
||||
package = pkgs.emacs29-pgtk.overrideAttrs (old: { withTreeSitter = true; });
|
||||
alwaysEnsure = true;
|
||||
extraEmacsPackages = epkgs: [
|
||||
pkgs.mu
|
||||
epkgs.treesit-grammars.with-all-grammars
|
||||
];
|
||||
});
|
||||
|
||||
in {
|
||||
imports = [
|
||||
#./gnupg.nix
|
||||
|
@ -13,6 +26,7 @@ in {
|
|||
nix.extraOptions = ''
|
||||
!include ${config.sops.secrets.github_token.path}
|
||||
bash-prompt = (nix:$name)\040\[\033[1;32m\][\u@\h:\w]\$\[\033[0m\]\040
|
||||
extra-sandbox-paths = /nix/var/cache/ccache
|
||||
'';
|
||||
|
||||
sops = {
|
||||
|
@ -82,7 +96,7 @@ in {
|
|||
users.users.knazarov = {
|
||||
isNormalUser = true;
|
||||
description = "Konstantin Nazarov";
|
||||
extraGroups = [ "networkmanager" "wheel" config.users.groups.keys.name ];
|
||||
extraGroups = [ "networkmanager" "wheel" config.users.groups.keys.name];
|
||||
packages = with pkgs; [ ];
|
||||
openssh.authorizedKeys.keys = [
|
||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDGxebDydOcs7URJjXFHMU++ruaZOJpXbK4ixH19pWTsX7WtxxriZxD4+RQ3oyllGG/8sEFzEe0NoTHUPU6YrBpfwT/ekGDmCJHtvZ+rZs+cRQd6tObfAUip1B1Mcvhuaj0prnrbfohOuHpvQ/L8TogIKuHgczDmud4KGUu0mxCsUHbD5tlKpsgN+dJXkvjxsO7JhhF9JpFTrYAU0gTuBPTt3ynpnZKrE1NgnE0iy+CEr/v41dLqxw3fUjT3nOFUQ1l/VKTw5mLt5Iw7XmBLuFGLRAVrwzXxeBCfYqKGYgY4QV8HCcVpcqC8zWmRskiRetzQ/5HwRagm4yZr0I+LZ305nGB0cSJzLWXXOUF6SDg2cqAXFpF/o2LoFCmaV5h3jmCGOUrowF7oV4mYwBMWfabrbZx21z/R56GkAOOEKc2h+Qh5wIj4yayX081SkqJK3J9+3vGG4VvXnwGnPnWQFqrzeedyV74maffGBGFYm0UOcD+oG6EwM+7MEUBpJm9m4c= knazarov"
|
||||
|
@ -155,20 +169,12 @@ in {
|
|||
graphviz
|
||||
fzf
|
||||
nixfmt
|
||||
my_emacs
|
||||
libreoffice
|
||||
#network-manager-applet
|
||||
(clang-tools.override {
|
||||
llvmPackages = llvmPackages_16;
|
||||
}) # mainly for clang-format
|
||||
(emacsWithPackagesFromUsePackage {
|
||||
config = ./emacs.el;
|
||||
defaultInitFile = true;
|
||||
package = emacs29-pgtk.overrideAttrs (old: { withTreeSitter = true; });
|
||||
alwaysEnsure = true;
|
||||
extraEmacsPackages = epkgs: [
|
||||
pkgs.mu
|
||||
epkgs.treesit-grammars.with-all-grammars
|
||||
];
|
||||
})
|
||||
# wget
|
||||
my_python
|
||||
];
|
||||
|
@ -186,23 +192,23 @@ in {
|
|||
services.fwupd.enable = true;
|
||||
|
||||
services.gnome.gnome-keyring.enable = true;
|
||||
services.emacs.package = nixpkgs.emacsUnstablePgtk;
|
||||
#services.emacs.package = nixpkgs.emacsUnstablePgtk;
|
||||
|
||||
# Enables wayland support in electron apps (e.g. slack)
|
||||
environment.sessionVariables.NIXOS_OZONE_WL = "1";
|
||||
|
||||
# Set default browser to qutebrowser in electron apps
|
||||
environment.sessionVariables.DEFAULT_BROWSER =
|
||||
"${pkgs.qutebrowser}/bin/qutebrowser";
|
||||
#environment.sessionVariables.DEFAULT_BROWSER =
|
||||
#"${pkgs.qutebrowser}/bin/qutebrowser";
|
||||
|
||||
# Set default browser to qutebrowser everywhere else
|
||||
xdg.mime.defaultApplications = {
|
||||
"text/html" = "org.qutebrowser.qutebrowser.desktop";
|
||||
"x-scheme-handler/http" = "org.qutebrowser.qutebrowser.desktop";
|
||||
"x-scheme-handler/https" = "org.qutebrowser.qutebrowser.desktop";
|
||||
"x-scheme-handler/about" = "org.qutebrowser.qutebrowser.desktop";
|
||||
"x-scheme-handler/unknown" = "org.qutebrowser.qutebrowser.desktop";
|
||||
};
|
||||
#xdg.mime.defaultApplications = {
|
||||
#"text/html" = "org.qutebrowser.qutebrowser.desktop";
|
||||
#"x-scheme-handler/http" = "org.qutebrowser.qutebrowser.desktop";
|
||||
#"x-scheme-handler/https" = "org.qutebrowser.qutebrowser.desktop";
|
||||
#"x-scheme-handler/about" = "org.qutebrowser.qutebrowser.desktop";
|
||||
#"x-scheme-handler/unknown" = "org.qutebrowser.qutebrowser.desktop";
|
||||
#};
|
||||
|
||||
# Enable screen sharing on Wayland
|
||||
xdg = {
|
||||
|
@ -339,6 +345,11 @@ in {
|
|||
# };
|
||||
};
|
||||
|
||||
services.jellyfin = {
|
||||
enable = true;
|
||||
openFirewall = true;
|
||||
};
|
||||
|
||||
networking.firewall.allowedTCPPorts = [
|
||||
# Syncthing
|
||||
8384
|
||||
|
@ -390,6 +401,12 @@ in {
|
|||
source ''${EMACS_VTERM_PATH}/etc/emacs-vterm-bash.sh
|
||||
fi
|
||||
'';
|
||||
shellAliases = {
|
||||
nn = "notes.sh -n";
|
||||
ne =
|
||||
''notes.sh -l | fzf --tac --with-nth="2..-1" | xargs -o notes.sh -e'';
|
||||
|
||||
};
|
||||
};
|
||||
|
||||
gtk = {
|
||||
|
@ -488,6 +505,13 @@ in {
|
|||
}];
|
||||
};
|
||||
|
||||
services.emacs = {
|
||||
enable = true;
|
||||
package = my_emacs;
|
||||
client.enable = true;
|
||||
|
||||
};
|
||||
|
||||
wayland.windowManager.sway = {
|
||||
enable = true;
|
||||
xwayland = true;
|
||||
|
@ -505,8 +529,10 @@ in {
|
|||
"exec pactl set-source-mute @DEFAULT_SOURCE@ toggle";
|
||||
"XF86MonBrightnessUp" = "exec brightnessctl s +5%";
|
||||
"XF86MonBrightnessDown" = "exec brightnessctl s 5%-";
|
||||
#"Mod4+Return" =
|
||||
#"exec emacs --eval '(progn (setq confirm-kill-processes nil) (vterm))'";
|
||||
"Mod4+Return" =
|
||||
"exec emacs --eval '(progn (setq confirm-kill-processes nil) (vterm))'";
|
||||
"exec emacsclient -c";
|
||||
"Mod4+space" =
|
||||
"exec ${pkgs.foot}/bin/foot -T mylauncher -a mylauncher ${pkgs.q-sh}/bin/q";
|
||||
"Mod4+p" =
|
||||
|
@ -535,6 +561,7 @@ in {
|
|||
};
|
||||
};
|
||||
extraConfig = ''
|
||||
for_window [title="as_toolbar"] floating enable
|
||||
for_window [title="mylauncher"] floating enable
|
||||
for_window [title="Firefox.*Sharing Indicator"] floating enable;
|
||||
default_border pixel 3
|
||||
|
|
27
emacs.el
27
emacs.el
|
@ -105,6 +105,10 @@
|
|||
(use-package hide-mode-line)
|
||||
(add-hook 'vterm-mode-hook #'hide-mode-line-mode)
|
||||
|
||||
;; Disable "when done with this frame..." message when running
|
||||
;; emacsclient
|
||||
(setq server-client-instructions nil)
|
||||
|
||||
;; -------- Cursor and movement --------
|
||||
|
||||
;; On emacs mac port use Alt as meta key
|
||||
|
@ -182,6 +186,18 @@
|
|||
'(font . "Source Code Pro-11"))
|
||||
))
|
||||
|
||||
(add-to-list 'default-frame-alist
|
||||
'(font . "Source Code Pro-11"))
|
||||
|
||||
;; Configure fonts when running in daemon mode
|
||||
(defun my-configure-font (frame)
|
||||
"Configure font given initial non-daemon FRAME.
|
||||
Intended for `after-make-frame-functions'."
|
||||
(add-to-list 'default-frame-alist
|
||||
'(font . "Source Code Pro-11"))
|
||||
(remove-hook 'after-make-frame-functions #'my-configure-font))
|
||||
|
||||
(add-hook 'after-make-frame-functions #'my-configure-font)
|
||||
|
||||
;; -------- Packages --------
|
||||
|
||||
|
@ -882,6 +898,14 @@ If vterm is not running yet, start it. Then, show the main
|
|||
window, unless BACKGROUND (prefix-argument) is non-nil.
|
||||
" t nil)
|
||||
|
||||
(defun vterm-new ()
|
||||
(interactive)
|
||||
(setq current-prefix-arg '(4)) ; C-u
|
||||
(call-interactively 'vterm))
|
||||
|
||||
;; EAT terminal
|
||||
|
||||
(use-package eat)
|
||||
|
||||
;; lua
|
||||
|
||||
|
@ -971,6 +995,9 @@ window, unless BACKGROUND (prefix-argument) is non-nil.
|
|||
|
||||
(use-package terraform-mode)
|
||||
|
||||
;; Bash
|
||||
|
||||
(add-hook 'sh-mode-hook (lambda () (setq indent-tabs-mode t)))
|
||||
|
||||
;; Nix
|
||||
|
||||
|
|
36
flake.lock
36
flake.lock
|
@ -11,11 +11,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1695464766,
|
||||
"narHash": "sha256-u1rpF4ypWlZ80dvXWG9QpeMsbKNV1NdIrOUijnsqV2Y=",
|
||||
"lastModified": 1697769700,
|
||||
"narHash": "sha256-ox9E90lRTKim6rb92kOfvqed+0jOmqgKpsAItsVdGdk=",
|
||||
"owner": "nix-community",
|
||||
"repo": "emacs-overlay",
|
||||
"rev": "d073b90d4942257caa847becd802875391daadf5",
|
||||
"rev": "7e236c963a46bc712971f9f6ff78f4ea50b64c0f",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -90,11 +90,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1695939862,
|
||||
"narHash": "sha256-YKDlS3HCXiMflP5i/uEQnZf2henO10beetINHj80hmU=",
|
||||
"lastModified": 1698008546,
|
||||
"narHash": "sha256-d/NKtADAQIWD55192MgRY+d2sSYczkbnQWKie8JOE4Q=",
|
||||
"owner": "~knazarov",
|
||||
"repo": "knazarov.com",
|
||||
"rev": "ea70e4a202b4fdc0e5e20c5fce9a631093d3cf35",
|
||||
"rev": "f7eab37ffcd60bc3beea83986a49e8cca66c24a5",
|
||||
"type": "sourcehut"
|
||||
},
|
||||
"original": {
|
||||
|
@ -105,11 +105,11 @@
|
|||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1695479676,
|
||||
"narHash": "sha256-YMcMXZ6xFA05egIwfUBh106AvaTHu3DBFQCnGuJx84Y=",
|
||||
"lastModified": 1697795961,
|
||||
"narHash": "sha256-0ebo3Aq3uhqcd9653sL3CPr6ANlfX3PwPBtGyvh4mgk=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "805fee6f38428d7ef2ee59b36cf910003cabed71",
|
||||
"rev": "585a8b12b1ab3f5cfd7aec0b3958b754ef63bad2",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -120,11 +120,11 @@
|
|||
},
|
||||
"nixpkgs-stable": {
|
||||
"locked": {
|
||||
"lastModified": 1695272228,
|
||||
"narHash": "sha256-4uw2OdJPVyjdB+xcDst9SecrNIpxKXJ2usN3M5HVa7o=",
|
||||
"lastModified": 1697655685,
|
||||
"narHash": "sha256-79Kuv+QdgsVc+rkibuAgWHnh8IXrLBTOKg5nM0Qvux0=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "55ac2a9d2024f15c56adf20da505b29659911da8",
|
||||
"rev": "80c1aab725151632ddc2a20caeb914e76dd0673c",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -141,11 +141,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1696081283,
|
||||
"narHash": "sha256-ldiJ3gWOvW/aq3zwetnSg1pjU7PfKYVsQWxIZGM/NNA=",
|
||||
"lastModified": 1696170164,
|
||||
"narHash": "sha256-ew+zhK/okYJdOdl3yWcRzi0NHfVbnXzS+EjlOf8vN6k=",
|
||||
"owner": "~knazarov",
|
||||
"repo": "notes.sh",
|
||||
"rev": "38e2883be54cd6634d83888f8f8545ddb44b9556",
|
||||
"rev": "342615a128cf96f1d6cb69a9c09e408d9ff0ab11",
|
||||
"type": "sourcehut"
|
||||
},
|
||||
"original": {
|
||||
|
@ -198,11 +198,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1695284550,
|
||||
"narHash": "sha256-z9fz/wz9qo9XePEvdduf+sBNeoI9QG8NJKl5ssA8Xl4=",
|
||||
"lastModified": 1697339241,
|
||||
"narHash": "sha256-ITsFtEtRbCBeEH9XrES1dxZBkE1fyNNUfIyQjQ2AYQs=",
|
||||
"owner": "Mic92",
|
||||
"repo": "sops-nix",
|
||||
"rev": "2f375ed8702b0d8ee2430885059d5e7975e38f78",
|
||||
"rev": "51186b8012068c417dac7c31fb12861726577898",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
|
@ -84,6 +84,7 @@
|
|||
mira = node ./nodes/mira;
|
||||
framework = node ./nodes/framework;
|
||||
knazarovcom = server ./nodes/knazarovcom;
|
||||
videos = server ./nodes/videos;
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,29 +1,22 @@
|
|||
{ config, pkgs, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[
|
||||
./hardware-configuration.nix
|
||||
];
|
||||
imports = [ ./hardware-configuration.nix ];
|
||||
|
||||
boot.loader.grub.enable = true;
|
||||
networking.hostName = "knazarovcom";
|
||||
boot.loader.grub.device = "/dev/vda";
|
||||
|
||||
|
||||
users.users.knazarov = {
|
||||
isNormalUser = true;
|
||||
extraGroups = [ "wheel" ];
|
||||
openssh.authorizedKeys.keys = [
|
||||
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIJkgpPDojl4RtsuFLIsHkH/19s3trYljdn/Jmbb3FCHNAAAABHNzaDo= knazarov@framework"
|
||||
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIO7W7yDKxAj9u1hu3zsZMJW+0HUnA/C/rkbuzkQantkaAAAABHNzaDo= knazarov@mira"];
|
||||
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIO7W7yDKxAj9u1hu3zsZMJW+0HUnA/C/rkbuzkQantkaAAAABHNzaDo= knazarov@mira"
|
||||
];
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
vim
|
||||
sops
|
||||
goaccess
|
||||
];
|
||||
environment.systemPackages = with pkgs; [ vim sops goaccess ];
|
||||
|
||||
services.openssh.enable = true;
|
||||
services.openssh.settings = {
|
||||
|
@ -49,10 +42,15 @@
|
|||
~*(MJ12bot|IonCrawl|webprosbot|Sogou|paloaltonetworks|CensysInspect) 1;
|
||||
~*(DotBot|ev-crawler|InternetMeasurement|CheckMarkNetwork|panscient) 1;
|
||||
~*(gdnplus|PunkMap|pdrlabs|SurdotlyBot|researchscan|serpstatbot) 1;
|
||||
~*(MegaIndex) 1;
|
||||
~*(MegaIndex|DongleEmulatorBot|TinyTestBot) 1;
|
||||
}
|
||||
'';
|
||||
virtualHosts = {
|
||||
"www.knazarov.com" = {
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
globalRedirect = "knazarov.com";
|
||||
};
|
||||
"knazarov.com" = {
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
|
@ -94,17 +92,14 @@
|
|||
"matrix.knazarov.com" = {
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
locations."/_matrix" = {
|
||||
proxyPass = "http://127.0.0.1:8008";
|
||||
};
|
||||
};
|
||||
"turn.knazarov.com" = {
|
||||
enableACME = true;
|
||||
locations."/_matrix" = { proxyPass = "http://127.0.0.1:8008"; };
|
||||
};
|
||||
"turn.knazarov.com" = { enableACME = true; };
|
||||
};
|
||||
};
|
||||
security.acme.acceptTerms = true;
|
||||
security.acme.certs = {
|
||||
"www.knazarov.com".email = "mail@knazarov.com";
|
||||
"knazarov.com".email = "mail@knazarov.com";
|
||||
"vmatveeva.com".email = "mail@knazarov.com";
|
||||
"matrix.knazarov.com".email = "mail@knazarov.com";
|
||||
|
@ -122,9 +117,7 @@
|
|||
global = {
|
||||
server_name = "knazarov.com";
|
||||
private_key = config.sops.secrets.matrix_key.path;
|
||||
jetstream = {
|
||||
storage_path = "/var/lib/dendrite/nats";
|
||||
};
|
||||
jetstream = { storage_path = "/var/lib/dendrite/nats"; };
|
||||
};
|
||||
client_api.registration_shared_secret = "$REGISTRATION_SHARED_SECRET";
|
||||
client_api.turn = {
|
||||
|
@ -161,7 +154,7 @@
|
|||
|
||||
sops.defaultSopsFile = ./secrets.yaml;
|
||||
sops.secrets = {
|
||||
example_key = {};
|
||||
example_key = { };
|
||||
matrix_key = {
|
||||
mode = "0440";
|
||||
group = config.users.groups.keys.name;
|
||||
|
@ -178,11 +171,14 @@
|
|||
|
||||
networking.firewall = {
|
||||
allowedTCPPorts = [
|
||||
80 443
|
||||
3478 5349 # coturn
|
||||
80
|
||||
443
|
||||
3478
|
||||
5349 # coturn
|
||||
];
|
||||
allowedUDPPorts = [
|
||||
3478 5349 # coturn
|
||||
3478
|
||||
5349 # coturn
|
||||
];
|
||||
allowedUDPPortRanges = [{
|
||||
from = config.services.coturn.min-port;
|
||||
|
|
|
@ -19,4 +19,11 @@ in
|
|||
boot.initrd.luks.devices."luks-8aa0584a-df60-42c3-adc2-d88b85544c85".device = "/dev/disk/by-uuid/8aa0584a-df60-42c3-adc2-d88b85544c85";
|
||||
boot.initrd.luks.devices."luks-8aa0584a-df60-42c3-adc2-d88b85544c85".keyFile = "/crypto_keyfile.bin";
|
||||
|
||||
hardware.opengl = {
|
||||
enable = true;
|
||||
extraPackages = with pkgs; [
|
||||
vaapiVdpau
|
||||
libvdpau-va-gl
|
||||
];
|
||||
};
|
||||
}
|
||||
|
|
|
@ -5,34 +5,32 @@
|
|||
|
||||
let
|
||||
|
||||
in
|
||||
{
|
||||
imports =
|
||||
[ (modulesPath + "/installer/scan/not-detected.nix")
|
||||
];
|
||||
in {
|
||||
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
|
||||
|
||||
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
|
||||
boot.initrd.availableKernelModules =
|
||||
[ "nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
|
||||
boot.initrd.kernelModules = [ ];
|
||||
|
||||
boot.kernelModules = [ "kvm-amd"];
|
||||
boot.kernelModules = [ "kvm-amd" ];
|
||||
|
||||
boot.kernelParams = [ "mem_sleep_default=deep" ];
|
||||
|
||||
fileSystems."/" =
|
||||
{ device = "/dev/disk/by-uuid/1a71ab59-b65c-4866-a76c-a1372cc30cb8";
|
||||
fsType = "ext4";
|
||||
};
|
||||
fileSystems."/" = {
|
||||
device = "/dev/disk/by-uuid/1a71ab59-b65c-4866-a76c-a1372cc30cb8";
|
||||
fsType = "ext4";
|
||||
};
|
||||
|
||||
boot.initrd.luks.devices."luks-ad5fe721-9e57-45ae-bc7a-9724590d97e8".device = "/dev/disk/by-uuid/ad5fe721-9e57-45ae-bc7a-9724590d97e8";
|
||||
boot.initrd.luks.devices."luks-ad5fe721-9e57-45ae-bc7a-9724590d97e8".device =
|
||||
"/dev/disk/by-uuid/ad5fe721-9e57-45ae-bc7a-9724590d97e8";
|
||||
|
||||
fileSystems."/boot/efi" =
|
||||
{ device = "/dev/disk/by-uuid/36AD-6828";
|
||||
fsType = "vfat";
|
||||
};
|
||||
fileSystems."/boot/efi" = {
|
||||
device = "/dev/disk/by-uuid/36AD-6828";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
swapDevices =
|
||||
[ { device = "/dev/disk/by-uuid/9ea6aaab-0e78-411f-90fa-5161d897419b"; }
|
||||
];
|
||||
[{ device = "/dev/disk/by-uuid/9ea6aaab-0e78-411f-90fa-5161d897419b"; }];
|
||||
|
||||
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||
# (the default) this is the recommended approach. When using systemd-networkd it's
|
||||
|
@ -43,8 +41,10 @@ in
|
|||
# networking.interfaces.enp21s0u4.useDHCP = lib.mkDefault true;
|
||||
|
||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||
hardware.cpu.amd.updateMicrocode =
|
||||
lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||
|
||||
# for mira
|
||||
hardware.system76.enableAll = true;
|
||||
hardware.system76.enableAll = true;
|
||||
|
||||
}
|
||||
|
|
143
nodes/videos/configuration.nix
Normal file
143
nodes/videos/configuration.nix
Normal file
|
@ -0,0 +1,143 @@
|
|||
{ config, pkgs, ... }:
|
||||
|
||||
{
|
||||
imports = [ ./hardware-configuration.nix ];
|
||||
|
||||
boot.loader.grub.enable = true;
|
||||
networking.hostName = "videos";
|
||||
boot.loader.grub.device = "/dev/vda";
|
||||
|
||||
users.users.knazarov = {
|
||||
isNormalUser = true;
|
||||
extraGroups = [ "wheel" ];
|
||||
openssh.authorizedKeys.keys = [
|
||||
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIJkgpPDojl4RtsuFLIsHkH/19s3trYljdn/Jmbb3FCHNAAAABHNzaDo= knazarov@framework"
|
||||
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIO7W7yDKxAj9u1hu3zsZMJW+0HUnA/C/rkbuzkQantkaAAAABHNzaDo= knazarov@mira"
|
||||
];
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [ vim sops goaccess ];
|
||||
|
||||
services.openssh.enable = true;
|
||||
services.openssh.settings = {
|
||||
PermitRootLogin = "no";
|
||||
PasswordAuthentication = false;
|
||||
};
|
||||
|
||||
security.pam.enableSSHAgentAuth = true;
|
||||
security.sudo.wheelNeedsPassword = false;
|
||||
nix.settings.trusted-users = [ "@wheel" ];
|
||||
|
||||
services.nginx = {
|
||||
enable = true;
|
||||
clientMaxBodySize = "1024m";
|
||||
virtualHosts = {
|
||||
#"www.videos.knazarov.com" = {
|
||||
#enableACME = true;
|
||||
#forceSSL = true;
|
||||
#globalRedirect = "videos.knazarov.com";
|
||||
#};
|
||||
"videos.knazarov.com" = {
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
locations."/" = { proxyPass = "http://127.0.0.1:9000"; };
|
||||
};
|
||||
};
|
||||
};
|
||||
security.acme.acceptTerms = true;
|
||||
security.acme.certs = {
|
||||
#"www.videos.knazarov.com".email = "mail@knazarov.com";
|
||||
"videos.knazarov.com".email = "mail@knazarov.com";
|
||||
};
|
||||
|
||||
|
||||
networking.interfaces.ens3 = {
|
||||
ipv4.addresses = [{
|
||||
address = "107.189.7.30";
|
||||
prefixLength = 24;
|
||||
}];
|
||||
ipv6.addresses = [{
|
||||
address = "2605:6400:0030:eb21:c7c2:1dfa:e144:b0a9";
|
||||
prefixLength = 64;
|
||||
}];
|
||||
};
|
||||
|
||||
services.postgresql = {
|
||||
enable = true;
|
||||
enableTCPIP = true;
|
||||
authentication = ''
|
||||
hostnossl peertube_local peertube_test 127.0.0.1/32 md5
|
||||
'';
|
||||
initialScript = config.sops.secrets.postgresql_init.path;
|
||||
};
|
||||
|
||||
services.redis.servers.peertube = {
|
||||
enable = true;
|
||||
bind = "0.0.0.0";
|
||||
requirePassFile = config.sops.secrets.redis_password.path;
|
||||
port = 31638;
|
||||
};
|
||||
|
||||
|
||||
services.peertube = {
|
||||
enable = true;
|
||||
localDomain = "videos.knazarov.com";
|
||||
configureNginx = true;
|
||||
enableWebHttps = true;
|
||||
listenWeb = 443;
|
||||
|
||||
secrets.secretsFile = config.sops.secrets.peertube_secrets.path;
|
||||
database = {
|
||||
host = "127.0.0.1";
|
||||
name = "peertube_local";
|
||||
user = "peertube_test";
|
||||
passwordFile = config.sops.secrets.postgresql_password.path;
|
||||
};
|
||||
redis = {
|
||||
host = "127.0.0.1";
|
||||
port = 31638;
|
||||
passwordFile = config.sops.secrets.redis_password_peertube.path;
|
||||
};
|
||||
settings = {
|
||||
listen.hostname = "0.0.0.0";
|
||||
instance.name = "Konstantin Nazarov's Videos";
|
||||
};
|
||||
};
|
||||
|
||||
sops.defaultSopsFile = ./secrets-videos.yaml;
|
||||
sops.secrets = {
|
||||
postgresql_password = {
|
||||
mode = "0440";
|
||||
group = config.users.groups.peertube.name;
|
||||
};
|
||||
postgresql_init = {
|
||||
mode = "0440";
|
||||
group = config.users.groups.postgres.name;
|
||||
};
|
||||
redis_password = {
|
||||
mode = "0440";
|
||||
group = config.users.groups.redis-peertube.name;
|
||||
};
|
||||
redis_password_peertube = {
|
||||
mode = "0440";
|
||||
group = config.users.groups.peertube.name;
|
||||
};
|
||||
peertube_secrets = {
|
||||
mode = "0440";
|
||||
group = config.users.groups.peertube.name;
|
||||
};
|
||||
};
|
||||
|
||||
|
||||
|
||||
networking.defaultGateway = "107.189.7.1";
|
||||
networking.nameservers = [ "107.189.0.68" ];
|
||||
networking.firewall = {
|
||||
allowedTCPPorts = [ 80 443 22 ];
|
||||
allowedUDPPorts = [ ];
|
||||
allowedUDPPortRanges = [ ];
|
||||
};
|
||||
# networking.firewall.allowedUDPPorts = [ ... ];
|
||||
|
||||
system.stateVersion = "23.05";
|
||||
}
|
33
nodes/videos/hardware-configuration.nix
Normal file
33
nodes/videos/hardware-configuration.nix
Normal file
|
@ -0,0 +1,33 @@
|
|||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ config, lib, pkgs, modulesPath, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[ (modulesPath + "/profiles/qemu-guest.nix")
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sr_mod" "virtio_blk" ];
|
||||
boot.initrd.kernelModules = [ ];
|
||||
boot.kernelModules = [ "kvm-amd" ];
|
||||
boot.extraModulePackages = [ ];
|
||||
|
||||
fileSystems."/" =
|
||||
{ device = "/dev/disk/by-uuid/a1fbd9ef-8b11-45d0-8763-c16000fd2860";
|
||||
fsType = "ext4";
|
||||
};
|
||||
|
||||
swapDevices =
|
||||
[ { device = "/dev/disk/by-uuid/e237bab4-fe76-4823-817b-d9999748d7d0"; }
|
||||
];
|
||||
|
||||
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||
# (the default) this is the recommended approach. When using systemd-networkd it's
|
||||
# still possible to use this option, but it's recommended to use it in conjunction
|
||||
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
||||
networking.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.ens3.useDHCP = lib.mkDefault true;
|
||||
|
||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||
}
|
4
nodes/videos/host-metadata.nix
Normal file
4
nodes/videos/host-metadata.nix
Normal file
|
@ -0,0 +1,4 @@
|
|||
{
|
||||
system = "x86_64-linux";
|
||||
host = "knazarovcom";
|
||||
}
|
45
nodes/videos/secrets-videos.yaml
Normal file
45
nodes/videos/secrets-videos.yaml
Normal file
|
@ -0,0 +1,45 @@
|
|||
postgresql_init: ENC[AES256_GCM,data:q2aDuTt+9IBYBvKknCfl48R+pInE6nEBagjX+kfLGhZeeD40JypaVENVkhgWd6lgFof9WNNSuRF80IXQPbsmx2UU+nDQN6c6y5oyePsSl96mnuxC7BTq5ySbH784YlR5r6m112iOiKixJIveztUZrpbVq9jbpOd77noT1+VmWZjgtleRzaxy7ucB0685GBSHAhS0gub4BrS2CvrU+UNklu/X+GuZcLqDMIuSemRauTyd2Lqzpj1JNxgd49lDill3aO/w2eG69G4Jn2Ot3Va79FfFvZvYdZpz5qCkPlZXkbgAd0U+XvucFxU6g4zOrdqbA8OMwuraUpzAh1erCyPdn6nlz/KYAajZyGTTL8ViqyUSTuemSn1To7ko5VF2n4xsxfcROpm9Zr4phGjpeoVs+8Ya,iv:k291En6bZxAQREnk1Gp7bk+ffI+RFKUXi+azratVQts=,tag:RF0OLZEKwoPgWF2NQz8aag==,type:str]
|
||||
postgresql_password: ENC[AES256_GCM,data:sVs1nK4m2g3e9IPONacQNxg8leSHhcke4Q==,iv:Wj1QmjqRpR3MVkMxsiOTmOp+F45u6/G/uXGn1/U8CLg=,tag:RewivpcrTZxDfkRVSHlWsg==,type:str]
|
||||
redis_password: ENC[AES256_GCM,data:0sRW8zg6ST9fZJi7lC9HuMcjEeObtXJPjw==,iv:L0iee1c0CtsIPEhIYVCRjAQPRzGsAVGlSHQDQ6Ypw3E=,tag:Fbm4C4WxusiolsQdmxWKKA==,type:str]
|
||||
redis_password_peertube: ENC[AES256_GCM,data:MBbfvWovKhVqQS8dWKlBSKCFtnLGl5sZIQ==,iv:f9+vuE4QtZ2udQZLUKQAgTn9XfG8crHqIicKDQHZEkg=,tag:oxk7xj2rLx28OIkudsOWzQ==,type:str]
|
||||
peertube_secrets: ENC[AES256_GCM,data:oFkwr2gg+bzTC/iaZ2GzQQ7b7NK7eZs9JW96Jv7Evaar9wbfYJRpAuoHfYf0pzMRJ3qvNfchXfa7D5cddx24SQ==,iv:Bdcjq1GMhmh+wl80jFAeQ2UDeD2jGBlnXQrAo5eZuEs=,tag:SzUwJ/jJPFsXfMH+vNjGSQ==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age16md2hayuu3txmv5xykkdwdnwn4ep2yg9kcrrkwzxphzjlnu6g3uqsk45re
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB2Rys2czUvN2lPQm9mQ0Zj
|
||||
ZVViQnYvWW04N2dFd0k2RHBIeUlPMW54R1dvCnNHaUpsSFBMSWFrRVJKdXpxM0ZN
|
||||
RzBnaWxOWEdJcFJMZEs0SW5vb0NaUTgKLS0tIFEvZ1Nsd3RiUys5RTVLWjJPS2dZ
|
||||
dmkwMjZxNmJQVEx6OTRKa0c0RWRVdmMKMbFRo4DH2npvGXuhgYaXm39qIK7TxzEF
|
||||
FEmqf4TG6g2mgthnkH/fHkr5WTJBjlTlRBnxkepFygFpb3405RiWaw==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2023-10-25T22:30:12Z"
|
||||
mac: ENC[AES256_GCM,data:49o705lbbI4r3l7WFlitd2bBcIEoqOvmNk+UvtNkoKy7q2cQySUpPNSGrV4nzdhfUhWBti5ntzXdsJpGYDhtf9VOVub39oYtnHsgTM9tv9CRZlHJgsKNmJaousQR9oRZw4Ju32yLDzspvi2fNH//bN80IkiBmVayg2Z/ea4tWAk=,iv:/YCU8HOIh2XY29+3lPSl3m74b0K+WTOd7aUnGY+oHsk=,tag:Tb6p+EtihV4X9ZP54aqyjQ==,type:str]
|
||||
pgp:
|
||||
- created_at: "2023-10-25T22:19:47Z"
|
||||
enc: |-
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
wcFMAz3KbDTqPV7IARAAmXxEKOOguwKskZErr79loGEboZL0YLJhujsslvIhYBXL
|
||||
PyWcTBAHOYuCM1M3Vpg3k84/sRYXplRaBohnAgLTMVz1ZC6STSypGEtK9WLGy2TG
|
||||
1KNp5VhDVEdUWj1ldU5K3NGTwA++rMpB7O/lnKmcDFTHYe6GL5a9unE895Ecz9fX
|
||||
JdTV9cJvvMmjAs3X2y7tYXwQydGQ4yQI3dqXAS0Xtsl90fH4XIIYPl2rHFX8BNam
|
||||
L+k2+uFrrFrFYP9vGj2D6I6kJTeoBoAk7wGG0kUN+U3ykpZL9o58+drNVi+ZSv3b
|
||||
JgQ1wssh77L8jmRneUb/BjpX5AlbIMq/pJZw5ZZuu9SDEukxvMFypwr91TaHZFfG
|
||||
sZ262bMt+U5+hytVj3QsRX+SJI9UfYF1W+HLSiTzckkjw06OTLdffoI6g6vDGLg+
|
||||
bS8UvlAay0TLprf1NKlsC98wevabU1mYW9CnKCykt3e9B6Oc8DdjKISezzc4McbR
|
||||
R158vnDZITJW9owGgUZC45p2zlpWowfLfXnnttyLsqjSKzqELvax7u7xbIbDQ2sX
|
||||
mtgIJOLu8hMlIlC/JgO86t7t3A1xbvYszo3zCO1czfkSAIIIHX/xsehaJxAZ8l3y
|
||||
pMwzNAIVcBMN2qfICYa2ehbB2V2HMoROdHvQzbRJLj2VE5JCucCbLTTbZ6sLs1/S
|
||||
UQFTUGIKsPIhmucuT4t69WVEY+mIx/1UP2Kp15RttSRdmhFaa0sWQn5BGau83lB0
|
||||
NMu3iDgq/tvOlE7JHxLAnCcGnm76ARYU9BGrB06rbOmM2A==
|
||||
=0sBJ
|
||||
-----END PGP MESSAGE-----
|
||||
fp: DDB4423999505236CF585F9B0560020C9C577C1B
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.7.3
|
41
pgp_keys/nemo.asc
Normal file
41
pgp_keys/nemo.asc
Normal file
|
@ -0,0 +1,41 @@
|
|||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
|
||||
mQGNBF11TxgBDAC+wWm/Ica/y7PU9rD6R22PUxFWJ893qfWrHRNhZZV9b+Cx9WkX
|
||||
S9WZwnk7w5EKM9zrkSYuJlplxU+xQapdJx+wWikhT3419JsBrKdixel+ugc5upxN
|
||||
Nr68l2XNH6EYgADL8gcMGsH+MplxnNTvtcOgwXHkMxtxOCHYZPZBkjYXXaqJO5a/
|
||||
asw6HT8Ne8M/jeOtjm3T03iNatnyZyH3IiFjjibGtMLIVVlbd9tJonpgQXHlxQjx
|
||||
Qo6kO/SZ5LQNsvoV2Lkz3knxh/2P50eKpsLrD4usu9foAbBXRRT6uqyzBgGcVdB8
|
||||
2PW2TfMx25lsXBNKcikRTxhymVIXOKOYdau/HvSHdya3aME3Vt0rEqZhL+oI58oO
|
||||
en7kPpxqXFq7BV9SkcwPKY+NV87BLHeBIW1pxvX5sszMd23HJ8nAH9ElXqbfOAOn
|
||||
OPKpERgotugqPIzPr70C6/IZ6BTK0mNM0XjS1I1RZI88TlyXh20IEUk19GWu1jLU
|
||||
KPelR+xVEMVvojMAEQEAAbQlTWlraGFpbCBLb21hcm92IDxuZW1vQG5pbC5mb3Vu
|
||||
ZGF0aW9uPokB1AQTAQgAPgIbAwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgBYhBGOB
|
||||
4LBSwPoHQei88woTEQJoGppDBQJj3wegBQkSz/eAAAoJEAoTEQJoGppDA0cMAIsw
|
||||
rezpf2gW/hEl11+PCIOlIDpyAQQ93YWRfkzheRmTuiZSjuMVydPb+Aa0IUrL00zC
|
||||
eRPzgP/HpJ+n9l45+WsJS3xcU0GLtJlNqvskjG9BN72eWoT69eIiHkEbSZuXIEUJ
|
||||
agC2wOHhHV7ClOWq5voFxIbemKlN6pkZ8NFueZJ+TxnevJIL7lM7t5+GrB59hxEq
|
||||
ceH9hkUGxRfQthXYem9lzm9jb4/bJrDwTLOv16Vuzij/6sr6DsqTIWlIZ8MvUkXV
|
||||
pJk9Jjk0HNGU1aRsuVHkCnUSPpA7QVTrlGXD5CF1nTKhtQaJ0I2CsyGdx8l4DC36
|
||||
D2EBxGqdSh70xtWQ0FYn68zNSv4MvhaQNlkDtVo0jDiTX2WoqTrSuCbnQ2+HY/Bu
|
||||
I8kx+Cy9tN3isvodm8bKNCQxopfWFQC0rjg04xFiQ6ej1GTpuZfAa2FfwotcyYSr
|
||||
e6Nq8sIxITLhu4PqZWI0ybJHOGRqX8st4no6f1mdhf1ccLlNXKKqJJsle6nh/LkB
|
||||
jQRddU8YAQwA54U/ODkn99+xBmAKgtXnYlMtBnKzwGO5zRazRjiZ4CD07UwRdOGM
|
||||
N15LHePDXf5GNnc7KXVlQLu+5ixswNkTkLnaJutzfSho5HwwsRqV+LdxX/3WQ6GP
|
||||
wtLsPX3r0HUY+noA9wJou6bFCu+RB70ptWsQCtuifBDtOYcrDow/f2ne0ZtAIgiz
|
||||
zSUyqVV6If68JPuMmIfwg8enNIolyFo7UwDwOieX09lxaMcNhuuGen2uftYieqBD
|
||||
GxlRc6s2LFpbo3gVX47DlnhXjsiYc2ccrp0/PsWMZlvlX/Ktfj3qdUZkfPwUCJMx
|
||||
6q6nEHG7mY98XWSCZe4o3XjUyz7pWAW0AU9ZsM+IxVUsaBwy/MEqtmBLbJ14i2Sp
|
||||
1tQqtigiaBUONYs+XW8G0A3ZO8jfReK3BF2HW41BGPiogrlG3dxWOpjAp5K2/Wdm
|
||||
1eFZpn4N4Yuo+l6p/ahRynB4tZR8PFd4QmcwcQz//Ghrg0MIpLSFGw9UPEegtYiP
|
||||
E6okZjJDu/btABEBAAGJAbwEGAEIACYWIQRjgeCwUsD6B0HovPMKExECaBqaQwUC
|
||||
XXVPGAIbDAUJB4YfgAAKCRAKExECaBqaQ7xlC/9GX/8BGlnQyEqUXoHKD9aasqxV
|
||||
d2NmA3C/OUKgZZqmErmPVouApVhE4nYJQHLeaCOoZdEzBXrRVebMXbsvDQZy5xwa
|
||||
OWjSaSJc7aQq/JA/Ij6x2NGlvPvrWGtpXel0Ws2pAohB5jSfMsMs5C2/dKL8pKOn
|
||||
cR6gDVH7VTRjt53CMFXsOk9R2bV5i3lfwgKH5/TtiNSxGteiiECwr9epx+wvp2hl
|
||||
1EOijoPeCVQnIpR8AiPBe57zaM++hzuoKJb7RxPzyeRdU27KJbENtW/ejOGw7KnV
|
||||
sdeFHK2KAD3ESdnWPp7upll2h4zjxMbhvLWH6BSuW4SRZam+Ur0tDlD4XZZcE7WM
|
||||
Vo4/F5qcFakmUH9yISIhhjkjwXE49oRf2wP85gv0le+uTNOd0FtqegltzUQkBDq4
|
||||
wBLjY5aXT0IdaIJnXFgHc4WiGZpCMoTJECjGC0RV2tO+2b5n3Ly/6z71Y7thDKVD
|
||||
GJmEFZCof+JXVbKiQ97v429IN+o3lv+9BuMgGSM=
|
||||
=2x6g
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
|
@ -2,7 +2,7 @@ hello: ENC[AES256_GCM,data:+LPt8J+Ks1m10+zZ2Q96r3K2W6Yeng7M7+c2TYDQ+/4AJl6Xc6hVn
|
|||
fastmail_password: ENC[AES256_GCM,data:tHr8PqIg9DigRBu2bgjUeg==,iv:NI9bENFPuKcOt1cd2kg2DKU22J1dJ+3mK7UoceZagR4=,tag:oEgeQb1iLKisOqHi9Ds7xg==,type:str]
|
||||
github_token: ENC[AES256_GCM,data:E1+wrI5VUlnsqfKNH6fY7IXqHIiagAByLYCfIfdd2+HcvniAvZzaIyKB3nma5eks3csN5A9XgYXRb09lELroW00obmIWbWZPdFhDccHRtVOqFq/r+x27O/3MAkDqID5mc8xD8SqWUibr9UZfXjFcXC4bx7+a4pyy45akz9RLIJRVKDzxMBGmZ/wQcuFS9uy2Pv2yWRL7q4olzvc/kzNFRWCLU7ThIAJSIx//NluOE8xjsA==,iv:Cdc2wwGdXprch1hHd0CwJM6vUAYmfhI4FpcKjcoIZYY=,tag:so8BJtjHGcGzayPqMwy43A==,type:str]
|
||||
mullvad_account: ENC[AES256_GCM,data:CO4wl2vNAMEC9oy37nIrpw==,iv:a3w64u8XQ/tihIDxIPPtdZ6F7dldLPvRzGUs1MpVe4M=,tag:HQxJVuGEvI0fVj8yGptbdA==,type:str]
|
||||
git_plan_config: ENC[AES256_GCM,data:K1jtHTmSDrWeld/0WWDTToDUnnDmXiQqiX7q/xKnxPYcC4ZLo7roIkz1OfnIlcML7sk3ZIBEf1rFI7AdXQWbJouQP7R0IPN2gOBZxC9JoaTNftuYY1lfdjuaTDVpMJtZuWHFtk6Oc+LZ7TH24TnHXbw3H9JFmZSeb+Ztl2n0gINNWrWdw4HrN/puouHQl4H7bLsDhD33X5lv/nOsE0KR52/F8Iae0Tvud7Yk69b+xcirlaAP5xxvHRh03jfxQtiYpIU5v8Qv2U9aL7k625uJLswdM/7DLlvplTV4zbdnf2j6VvTerGd4NmewVwQEfr/hzJg+0avClD2o9mNZNNpV/gMTtVrZgJsWGQocA1HVXaazxFvlb9LsFe9PI0MTlxr/AHpW1F33eHaSP7HAWJ5GGTwK1W7FQRf4L8P6ozAOQeESeJIfF4Zeoh8FC/6ZrqtwVNhyGMat2EaSgPNISnfOTYu1mWBebQ+spsy4yt9S/t5oFkLuD2KpxLohj2PaOVk3p03DQXoCCf5m67ODvuCFG8lEV8xaXtfFRR9WjB7KJx1SZbUvTE8Hnzos6UTUqMnAG/X0WiTRgK5kaH7FUMhK7eElBY9/CQg9Q9qWPy8mbZQmvgejcDYsxmsL04oNGVyaSN+HyJi6sS6KkICKtRNJYEF9K/VExBEqWBWRPhe88ESu7oEnziOkzoz0BdJix10lxNgiN/t/+XNMrDCMqeCLxyYq9XDn4Pr+4mXKHOwGbofwSlAp9HJLa+yi/F4sleDW9WvYFUdFleweAij10KDQ6N/XOSKOe4quH6BXCJZC+8Aig4DRlosMdtSkqPGny1DD1mQYdyVbL1c9oP4XVUklF/fKt1qH8g+ORLUMX6IefM7W8aKwyTQImcbiL+ZWjs7YH+JdJ2uYOhY4WL+0bAdLD5lGuQu9yoO7LvcxzBz22RrF4/85BshNVVU=,iv:ZDmaGvR1Eiu1NtXP1wXPvvrcm375QKinjcjHrgSj/OQ=,tag:b7y1N3thEYVQFHz7HIGz8w==,type:str]
|
||||
git_plan_config: ENC[AES256_GCM,data:2D7EgJF6Peh0j+h/c02U2qGWLwrPWRGX6YeAremV4lbea1PCrsydxoRAAd5NGIg50zFL2IpIQTqiDDFNXZe9ZzEYlKBukARuM/T/QexR0jP7bELm3CmxkoMS/ZDilFvWFnZfyYOhNiFFPDpH3qFwn+Sk19I24GsPsO/mPjVFdyiAKpKLggu0EsuDcbORvbe7o/uzJHxE3Ph2u6jS61L5dByPThiY0an84Lujz05Xwe0dJuv6yHmzbHvvrnfOovybJAWwk41XyaQylq5Ld0op/InRskhBPn8bW+aVhTiVpYTR6Ve5hCjveim+FLFkgSZQIPxNZWKkUaDeyC6jCyQ8lu0MARbLWdmsZwMW6cM7iKGOodzlx4QPQFLaSZokNz4f+rQPqrD/0cidGD6alhRqSWL5XsIlGlrtPBwgBGdFbwrns+lkAZYFOjiCG+cnWUdhIJbHAK1QJAuV5DMyU/9en0ESKo6zrQZc0vpA0Uf1lhqC4QInw7+e6yE1GqxlbhaVmlo6hc9AVRxLVFiSr0e9wBMbdyISCr/dsoq7Z8whGipePA05OApX3f3Zv5A2nv434eQ/C3y/cld/lLpvV5O7yKJKoZHSnDvViiydQWEzkSVgaOPwCDZzcYJlOVVZz+Nnyx7YF4fhUeRcnBsQhl/eYTmdvTPbXbkoyuol9ikFehWsws0hdiElBCYdtxLIC/VpMjMBKdHexBgG1i1JVPHOK4KPgZNYFy1/wbBINRx4iPN5NIakkSERhe7RHKqkatSp1o614AImBaoW+yIsG2uM9up1pkNDgt4hyhW9kMftrv6Po2uhq46Cf6nxX8j8cepqKOigxt2E8ajnMqWKQ937RtyoCccRw65ligAXOaL5RAWiyrggXR6mpcnWTNQkjgFh5lsgmTNXA3O/ItkICfekr0uDl4kRagG89NWaYmRfFCUg49m8vJ2OaF8Fy+Ae2NKjdi5lOdEWk/5ydPzgq8zw4ek=,iv:O4CsEXqMDd6ow/V21ULhfi+qlxjcaWc2TelrAy72JDY=,tag:mo7uUQmolaDCSpN8s8vkYQ==,type:str]
|
||||
git_plan_credentials: ENC[AES256_GCM,data:d4egK2w4TGIDNaI2Wc3ViOBnH7/WpdeS1EoYe4/oaM4iayBXOEQMvT9qIgu/Hml34gvbBN9lRmlNkESVh7YpwO5wACkkRcO/0ZTyP8XzFUUo0IfUh1iHPjEQOF7vygW/woqBiQgFPRws9F+g6BW8aSQrBgvBF5IeNLhFBvSJUvTft1xEsNwFnkWnfZ2JWmYqLjEggoUEqtXMRw9KKcqm4DNXIzxmA8wSzDriIzeCVuSEV8sJD21saFPPaLw/jupLTLdWp5F8rAxLGa6e9coCNu8vSuqUgfv0jFET71bNw28xPrN38A/PIlUcR9MXe1SGqKAFxEv134ZkJr78g1PIWNoVDrmIlMpV6dYRLKM1FOcpAhJorIXooIl6quCdg2/U5onP8cQ7lt2LsEG5APKj7pz7huatdwM/CgxrcqPVb0E2Lk5c+wi3Rf9/Jz3BqcWQm3bwkHwivWyCD1Nw+qRXLFSfXGTovSBsxX0j4LbdP0o4iPuj068DGawpYC/AfcKfOCmh8aInQhGCQtIq14QGffU9GbW37gHu,iv:ZzOUYu3s+kfwbKajA+6fdu2EysipjoKD49muLNFBZ58=,tag:e0RI7rA8eLQI8h5L4pvS1A==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
|
@ -28,8 +28,8 @@ sops:
|
|||
U3loV2xDMkM5SWNXRDJobDloL0FVUUkK3OP7KvcKkE8mJ880dm6LMFZUxELjl8/P
|
||||
6+q8qAYiAvl0Cbd4GzkNpUuBbLlFFWfFmC0vbgg8gyZ6xI5AFhHAPw==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2023-09-04T08:56:05Z"
|
||||
mac: ENC[AES256_GCM,data:j90tHJC29wq5E5c68/NFKLsjid+Pr90HtAQHNPfOpWKEQapYAYcLBf9OYpJvSh3errLEEVOl/aoIoycDxI0vb6gX98In4hRXP9QkJO2ew/PyDOEKGMxaoYSKnfslB0VaEHPrC3LLAm/1qtuWWSLJT02WPke8iU2KtaQgCpc1XiY=,iv:2AeIHxbIi1UqB9d2EEgHD7PWKdh8Ystt6p+N63fDSGg=,tag:789IAWnTi2L3OWxHLPSVSQ==,type:str]
|
||||
lastmodified: "2023-10-03T11:01:33Z"
|
||||
mac: ENC[AES256_GCM,data:4x92WpoJ7RzT8FvpiacrlO+/7iJ1p9Do7iE4SU33aV4ASZt6spWpX+gkTEIaEo2lrJ7n1jPzFsPSjdguKBeg7RnMyIcuo010x32/ueBNSun57NU6Ay3XaP1FJ06LffMu7QmX2mJAZQG4BmITEwDUhNvE/0nAIqRfHVqYJywvvlI=,iv:l6C8uPmsPh9rh3pc5iWVXUBmd9nNvGNEAMkwjmRX9ag=,tag:54ojG4YTdaBuvedZBK7y+Q==,type:str]
|
||||
pgp:
|
||||
- created_at: "2023-06-10T01:03:11Z"
|
||||
enc: |-
|
||||
|
|
|
@ -1,9 +1,11 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
if [ "$1" = "mira" ]; then
|
||||
nixos-rebuild switch --use-remote-sudo --flake `pwd`#mira
|
||||
nixos-rebuild switch --use-remote-sudo --flake `pwd`#mira
|
||||
elif [ "$1" = "framework" ]; then
|
||||
NIX_SSHOPTS="-t" nixos-rebuild switch --target-host framework --use-remote-sudo --flake `pwd`#framework
|
||||
NIX_SSHOPTS="-t" nixos-rebuild switch --target-host framework --use-remote-sudo --flake `pwd`#framework
|
||||
elif [ "$1" = "knazarovcom" ]; then
|
||||
nixos-rebuild switch --target-host knazarov.com --use-remote-sudo --flake `pwd`#knazarovcom
|
||||
nixos-rebuild switch --target-host knazarov.com --use-remote-sudo --flake `pwd`#knazarovcom
|
||||
elif [ "$1" = "videos" ]; then
|
||||
nixos-rebuild switch --target-host 107.189.7.30 --use-remote-sudo --flake `pwd`#videos
|
||||
fi
|
||||
|
|
Loading…
Reference in a new issue