mjallen/nix-config
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

other more different pi4 stuffs

Browse Source
This commit is contained in:
mjallen18
2025-05-18 18:45:02 -05:00
parent 8f32c03197
commit 7503bd41d3
5 changed files with 56 additions and 48 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
.sops.yaml
View File

@@ -6,7 +6,7 @@ keys:
- &desktop age1jv8ap5zwa49ftv0gg7wqf5ps0e68uuwxe2fekjsn0zkyql964unqyc58rf
- &admin age1pm3fehmmk0vmnrscz9vm96rakn46aaldr5ydpscmde3v9x0k3faswwdzxs
- &jallen-nas age1mn2afyp9my7y7hcyzum0wdwt49zufnkt8swnyy8pj30cwzs4zvgsthj0lt
- &pi4 age10srypda0fzsevtklch3kqkpuytm4k4wpgheqej4u9grye32wactsn30m46
- &pi4 age1ykkjw57t3z3deup3gtp7dujyaslskn74e0d9hsmqaha2pj3rvazqgndw5a
- &pi5 age1t2d5scrukk0guva5sr97a8tge5j8kd865adezrcru7p269pzwvpsamkgje
creation_rules:
- path_regex: secrets/[^/]+\.(yaml|json|env|ini)$
@@ -19,4 +19,4 @@ creation_rules:
- *admin
- *jallen-nas
- *pi4
- *pi5
- *pi5

1
hosts/pi4/adguard.nix
View File

@@ -5,6 +5,7 @@
openFirewall = true;
mutableSettings = true;
settings = {
http.address = "0.0.0.0:0";
users = [
{
name = "mjallen";

5
hosts/pi4/boot.nix
View File

@@ -10,6 +10,11 @@ in
};
plymouth.enable = true;
kernelPackages = pkgs.linuxPackages_latest;
initrd.postDeviceCommands = ''
echo "Running pre-boot fs resize"
/sbin/e2fsck -f /dev/mmcblk1p3
/sbin/resize2fs /dev/mmcblk1p3
'';
};
# hardware.raspberry-pi.config = {

5
hosts/pi4/configuration.nix
View File

@@ -5,7 +5,7 @@
{ config, lib, pkgs, ... }:
let
user = "matt";
# password = config.sops.secrets."desktop/matt_password".path;
password = config.sops.secrets."desktop/matt_password".path;
# kernelBundle = pkgs.linuxAndFirmware.v6_6_31;
in
{
@@ -79,8 +79,7 @@ in
mutableUsers = false;
users."${user}" = {
isNormalUser = true;
# hashedPasswordFile = password;
password = "BogieDudie1";
hashedPasswordFile = password;
extraGroups = [
"wheel"
"docker"

89
secrets/secrets.yaml
View File

@@ -94,81 +94,84 @@ secureboot:
pi5:
sys-public-key: ENC[AES256_GCM,data:CcmAv55Rz6E5T8hJ7iFknq5R0H86QGpQXNEFaNIcvJc/Re0wCS7NsfDkNGAgiUgDVpUB922LjizJ3s1rjeMx+YJsqU/mnTdm4ZrBg26is4K+Zn/MZ6jc6+4=,iv:RZCIMe8nPRjC1LBM36lofvNH6y4KtO9Q28L5BohFjpM=,tag:AV6CGsQ0vIKkTODGkfMRmg==,type:str]
sys-priv-key: ENC[AES256_GCM,data:e8lJEHhv6OBU8epLjaFjIgV9odb6TI6ssdRUN1hqPmkdBxcG8i21Rz+yRLf8lrOzuUBLwrg7fw0qN+A809t99SeGRd6kBIfB8dSNW3LxiKTR8kkoLFH14hv66K8Gzy+g8CYH3rzTHcYEMG0V13sFFWSfvZvdwj7CLZakZ0iDWBaPCnU9Em6SwfKeboeaXVM6IKSgKdOG5TJXBACAySVbMDAlZKli3vdNpUFPFji/MvChHmpohz2Lt7oHXB8RWGqXztUSg7HIPur5lKqU6eiXlFdgfnDIB5o3e1aTS70UkXzyCiQ5tMDr96/mWKqKd1lwVAHcxRgLA9uILFZXaIH4RQcgTAQ+KD9UpJgX8shWTVfY5iS7CmTQEXhbVltKG30rMQZfnrUOyk/9Ex8JoHIsxOcaEsnNExpMVY8zWVGnifJ1pT0luUSfZYi2+rU2mLqoy0jjW7B7RRzXORMvRsRnr/w+Gp/BwMDKI68ox5wWviHpaz11h/e/2O/8ksjQVmTtMbWEc4soP7VjZUm1HtG7,iv:gwJrwMCtjIaoE/2rL/sYhYxeAVJFEyBDWgsei7YjX60=,tag:KTJEn/zDOGmOn1Dob8IfoQ==,type:str]
pi4:
sys-public-key: ENC[AES256_GCM,data:OJYVHTSVoMWP7BKJUPi6AHw504QpMVHwCDW/SJtchxhGj22LnnFEGGL5pYvM48tM0PZbr2IvUYMRaGl/wPT6ZGnoeaA2aDpnlaN2YOLms9VSDYfdeKd4z24=,iv:tSP9bcjKQXvErWWryX+ZGM9gvns2Qu2rnoyiCBXs43M=,tag:U8ggYsVx9ofURiUmUHTUUQ==,type:str]
sys-priv-key: ENC[AES256_GCM,data:5PU1tRru3XaemDX7FbxL4UsLl4URyvtupuIwMKJEE8y+tLEz0J/O7OInfEuDitFMqRs/wWIDPHnQUcPBO9UuvJ3asQP9oUTNTS1NARl9H2d/v8QKSoArD15YhzORrWByaqAUSsmecTI1HEYYyhILXzgCkn3eLyFve+FbO1DLBfX9MKU9K9RIEoehfvpwPmlXxT9wrKbVpavP4Xvx96cOK9xvFz3MgzqgQ7T46kekDniDpS48g2guw+QB8brjF+qbfIPsUDpQwkpgg2NOOfyydGwV/lcjXcLW9+cHGIrXU9gINJGk5krX7pfUyHH9Ilw+tgUSBKN/Jm4tflGs3qdS/o6leDk1BC1CekqbATsvyQMkjrBdTWmzxfAMe0yKHNQSKtFdSsqFZAzKfcpkUI/ESKgRmhEpJuIID9tn+Mrte9qcTdD50JyVmem3NSoret/4MzsWXRXQ19OG3G18uB0zWPhfFBX49yW24nwuDlKJ1vr3wflvjyX4NL70lw8XGMgdzVX0gPGT7YB6axE4AftW,iv:fJs9GJkntWVzwMYOKHT0V/lc8tc6L0tQOjCT7CPfpFg=,tag:xeg6yT5svSXJm1I48Zh8PA==,type:str]
sops:
age:
- recipient: age157jemphjzg6zmk373vpccuguyw6e75qnkqmz8pcnn2yue85p939swqqhy0
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVYUhQNzl5N3lIMmczUzVi
Z0tDNWQ0YUd0QjFHMFNuamdBb3NyTjM3TVZjCmVQckVqZkZKL0RVQjk4a1pJRjFF
bkhZQ0dLa0pxWGt1eC8vKzQ3WGZ6WkEKLS0tIDUxR0hVdlVvUXk1bXdCSzd5SC9T
Y2ExLzFUa201Q1VSNUJ0WGlNc0gxSWMKW5LDShnlB2Sa5/85UrThPffulV6KF5hq
x1/lXQWL5HsaG2UOeXcDakcu346LTpscQQB99HFiwJLI1iNsqMGFeQ==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxRFQyQWVDYnd6MlNHUU83
SUlvQ05FZDBMNmxRdkZpMS9vN1E1S0w1TW1ZCnN2Mm16Vyt0ZzRTQmhGbUNZeDNW
eDcwa0FtQlQvYkc0UUVybnpyWHN6Tk0KLS0tIFR0SHByc3BoVzI3QmJKT1dINjBN
ZXRoeS9TUGZDSzIzYy9qdHRXUWN6TVkK/BWAbun7pwW9dqKQ7SuTyRlri6ttBlR4
j6kovkyqLNPdcZCZ8Sgxqo7RGdCHFmkmjms06tsfjFNxrNMySIbdhQ==
-----END AGE ENCRYPTED FILE-----
- recipient: age13g9a4d4jrvckfddpgn8sm4kjtzajr67le56pfdg78ktr5pd09phq32j89u
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXemdidGpONGp4dzZtaE9M
SnpZeDBvWUxCUVV6S2dJaW9FZGgzaHhlSVhnCnVOOVVvaWpXT0FUdmVNZWEwa2VP
K21idUpRNGdOc1VpdEZySjBqY2xkbFUKLS0tIGNnUXVrdjR6MXhMU0R6R3A5ME9R
bk1oeUtWb0tTeEJQdm9jYWVVWXFlL28KwEst/2GD4LfHb93gL5bo4GQM5K+/PxrL
9ot+jI4R9UU0RBRoN73su4noYeciuCLz/BfytabaJClV0Qd8dW6x7g==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBCcU5lbUMzU04wZUNaUkph
QjdtUHRsK0VqNU1WT3Zja1Avdlk4UTQrWHlRCkYwRXMySHBJRVhycGF3N2dzSTB0
RVl5enpxZE1sSnBxTm5jR3dXRk8xNVEKLS0tIFdZOGNQZHJnTWM2VTJ3MjNkTi9m
eFFId1B4Q0FXWWxaM3lXcnF0ZWFLSzgKj1mt6ogp+c81mQPK+j0wvD+7YdHxxixB
uWOHd8zNTFIruRfOU9sYf7Ghwahbag2MWdRyH4ytRjgM5qxct2MPKg==
-----END AGE ENCRYPTED FILE-----
- recipient: age1wpvfpv5n32lruk7c0da4uaeapsmhjxdvg8z4ljehn06l6g2y0e0sum404l
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwUExDaW9zVG5sbDc0RlBR
Q0xLS25TQlJ3WFNrRjlZU1dZM2FNY0ZOYXdVCm11bUlmMDFnMmVrbjFkTGRkTURk
L1hmV3czYmJwQm5RWHlTUnRTaVljd2MKLS0tIEU4OElyTW9IT3dNbjUzeUZYcTVs
Q0RuTXRpT25BWWlHcFpKRTMyc2lvZm8KCZbn37Gv1Bji2NGnXnf5ulZ/iIepKxgk
2VUiIeHuMrbni1iuPMcGH2tZ6WgZ2bLHcyJHrTvWYoQ2xHFwouQqAg==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQQmo4aWU4SGlBZWZ4Ynpm
YVNydHRjNmJVR0R6SnNIK0szWXFGUmJTeEhRCjZIU1htVGQxTFp2bGZHeFpzSlJL
elhwVUhIZjEvT1Q0aUtjbU15ZGU5S2cKLS0tIHE4SmR4Mm9jM0ROcnF5Wnl6MWpP
azFoc0h3U1dNa3Z6ZU5FdXE3UVZYSzAK4Ge42ceCmP0PA8cSJRp7bRTb5iLA/TWN
Z4cD8Azdn1Xx9HYZJ+T7cLmqXzi5as2p4nf7O7y+UV5KI1+VV/oboQ==
-----END AGE ENCRYPTED FILE-----
- recipient: age1jv8ap5zwa49ftv0gg7wqf5ps0e68uuwxe2fekjsn0zkyql964unqyc58rf
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB1M3RmbmY3OWJlVEFWYjNO
ZjFUWXFUakNqWTh4Z1RFRG1xaXJXSlY4SzFZCmF1WU9IaGY2UEI5LzE2N3lLRURR
U3kwREdrZEMzWEdGTXdCLzZ3SjNVTUUKLS0tIENBMlBYOU5NU0xXVko3SlNzc3V3
VXRlRVIzK05MVW0vSG1hdlpaZGVJQjAKnrBNT1z6LN3lDqzGZ0oY4kEoE+gtivc9
UQ7RTWLYNDiiDK046/23S3wh7Z7RdktaZvRPCjgFzJuNEywbQBstdQ==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1K2Y0QzFxdWg2N3lDNVYz
TzZ2WTRBMjRFWjUxOHhjTUZNQW4vQ29aZmdjCnhTb2J3RDlsbmNGWmRzYlFueFpB
NDJXMC9aRXVrcVAzeG56S0hEVGgrQVEKLS0tIHlMZ0NkdzNYNURYbGtrK0Ywb05W
b3dweDR6b3pHUGxNTUZJTnluVXkwTDgKbIUMRg2OuEhlJNLDHZHHnCydMWiUaDbG
noSFkVPlb51LKU1kge5Vo6xGAul3tH0CAww/5kG60LbHKeQS76onQQ==
-----END AGE ENCRYPTED FILE-----
- recipient: age1pm3fehmmk0vmnrscz9vm96rakn46aaldr5ydpscmde3v9x0k3faswwdzxs
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB6d1NyQWYvR3haZHhIMVBD
ZE1FTnpvMVZBQm9KQXIreHBHYVV2YWlFeDNFCkVhYVNHR0xZNERXcHVkdFRvMmxo
THFVTFNkOFR5OE5PRnRibG0vTjROUjAKLS0tIEIvalMvNndBSS91OGFIRUlBNFZO
a0Q5ZjFuQUR0TzRaRGZqeVJTTHAvelkKmIpnxBND+2rTS+BR5wuXWT5NBmRTLyKN
QHAusfHzOlbRXqQt6AQKqng4lrN6zgIH9NDeUl5gH/FirfD7FnniCg==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBMVHprYzlFVWc4RWhDdnlr
ampReXFFZGduOCtiV0FGT3YzVVFWaGhGMFZFCm85aXBWM0JvSnU0WEJmb0xkQ2Yx
Qm5NYUViMzhWVFJFcGhKYmoyWUJsV28KLS0tIEQyRFlhMGVLUGhZTi9rRUNCWExQ
T2MrTGVmTjhSVDVibHg1L084VFIydVUKibkSm36F2eXo3h7Naj7+h3rMVn8vfJns
1j9B4eWi7nh/B0INK8Si6mgSTAx/3sOUw+OWHjG1y1GAA1xF+bEJ1A==
-----END AGE ENCRYPTED FILE-----
- recipient: age1mn2afyp9my7y7hcyzum0wdwt49zufnkt8swnyy8pj30cwzs4zvgsthj0lt
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTWFBqR3dHVGJzREo1NkxY
aUNYUzBqSG5pZ21DN1g1UXVwWFJ4cXErL2tNCjNtRXlZd0NzS1NJdDg1TUV3eTBF
djdCa1ZMaVk3cTQ1a1lPR1duZ1NsWWMKLS0tIEpFRXprOUhNdFBsdWUvSVl5bzRr
M2xQSlVjenFxUCtneDVpL3FuMzJJalUK6RZMir4cfc1Qd9H9uCChKB5UqF+6xeOm
eA7r5gUFfm6mzU26erfu7rf8kM93b1bXn92ZGT5ZGz2AKbmtNRF0MQ==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBaWWkwTjdzZ2N1cEFHWmV6
Ukk5dnBaalA2SkJ2SzVrcHlIdWFUQ3dtUEJJClIzandJcktkZ3VIZXRQblBja1p1
TWtVbmtJSWl0dmpFa2RIQmdkclVuOE0KLS0tIElrc05tNGY1dndIUlJmZXlkbmZF
a1dnR1ZCTHEzbUljdVl3QXBaTThPVHMKi4rHbmK9mhmTuCvuM1HidnR9hU1ykncc
5etozYpcyaPLELZr29zPlCIMnlPW12blz2kGA1qlKdoKm1PIIQ0Pdw==
-----END AGE ENCRYPTED FILE-----
- recipient: age10srypda0fzsevtklch3kqkpuytm4k4wpgheqej4u9grye32wactsn30m46
- recipient: age1ykkjw57t3z3deup3gtp7dujyaslskn74e0d9hsmqaha2pj3rvazqgndw5a
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBUTDdiODM4Mzk2aTFqV1VL
Rmdmc2F4dzFSQVNvWWdRa1VRaEhoUVQ1RW5nCjgwTGpuRDdBc0EyQ3Frd2FSMENp
dVQwOHg2RFV0SitkQ1dkSW9oOVhXc2sKLS0tIHpkTWlmVCs0czBsQUUvOUxyWnpQ
eHVLVlVGVXY4Z3lzNEVJYVB0eFl5OVUKiD7uoWbhTADBb/i67qfx6jJac03q4B+W
Te/ranpo9MSmXXxkDPfn+/j6PLzfD9yFoqW3vgebm7DDKu/G8/G8mQ==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBpdFVhVHk1Q2ZFS3d5SFN4
SWxRdUxXQTZQdWRnMDhVK2RqOW5Xd0dnZUFNCmNTdzF4clMrRitIZFRMOGZFaXdB
VXJDZTNKZ2tKOThveGRzYnY0UGFwZEEKLS0tIFlwdnNJa0gwYU9GWnBvYndhVTFD
bWRNcnVCMWJFa2VUbmxtMGFPcWpDVTQKwdJJA/5Ko5dXEbP2sUJbjOddIkYs6G4L
CURKzdVmfvXu1nvJ4C+jDXnZ9YZNv7iTQRrhOnK2a6j4HEd/lQUD9Q==
-----END AGE ENCRYPTED FILE-----
- recipient: age1t2d5scrukk0guva5sr97a8tge5j8kd865adezrcru7p269pzwvpsamkgje
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBualNwWm9ERGFBUlJLZFRn
dlVDc1Foekgxczd0R1hjRVRDWWxEeURFU1NBCkRzVWRRa2xndXNHNGtCOCtqTnNB
dVBiaW10bWtQcmhEMjFMZTNPM3RGZTgKLS0tIERzWVN4dWdFcFQyUkRqcVJTeXM0
bjVLYWpRSWNwRVd3MTFJVFYxYkVOQkUKIF5fIQ5BLXf1ixaryZ4ZpPWf7CHvXa0w
T7SxgCGTCQDGlNp+JxMNAvAQe1O4Q1gDb11Qk5Bn5QntDiC3UT15wQ==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBETkZVVGxHcUlaZnBoZGxH
YkNjQVEwZ3JxTEp3dG5lUlRJUFNGRitQRXo4CkR3NG83MlY5SGhQNkhFaFVjWWR1
M0V0MkxOU0hod0luQ1B0YlEvWml4UTQKLS0tIHVyL09mWjE1MEcyczQ0OGp3WXYv
TkdNc25CSGVkSmJsZW0xc0hRK05SV1kK9kKvR2slhnKAUUQcQ/3mJ79PfrrTLyfL
IuEG3xwGQvwIISdSM5KOFEVYLe98N1+W3GYRPwqGTac8MG+vyXlirw==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-05-09T19:58:46Z"
mac: ENC[AES256_GCM,data:LSBrwGKnxEHPoJ4aCd9ocmwJ7V7kdlNNCF/9TC/W8DVHhuyL2EHJXGHdhd9iaZDE+ENkOig0EO4q92ezB5WMpMMl4bnUOtwj0WWfElPq5bdDQUWsrLlhFS9H1yXWhlsI4Mm4w56hNaWJhjISFW0wZXeZvvAoiFI5Fm1/jvl/Pas=,iv:YpYT1MNb/Yfw2Nnb61O9751MNR38/aYaUR75a0HUPF0=,tag:v8bJ81fPAU7/5eYLwZyMgg==,type:str]
lastmodified: "2025-05-18T21:41:04Z"
mac: ENC[AES256_GCM,data:2Zi6E+d5zDxrMG13/xfXSncdkK5jstL/6H6aq8TXpllXtCh5LltwEFW0UuSGAexid42t+VsfFS2QeVtrUGl5tNeRGoPfiQbgspsQvJ1UBDqIktF+ZAGzdBolzsofzgwC/z/wThgXJsUK/SHaSBvf97Hhv/lZfzbbi68LgkQBhI0=,iv:48SjZ4d16KJ2BVHD17afmGBViuLvfzPoUxqa+SngxII=,tag:4uE4hp5HHmsi1uz32JUYgw==,type:str]
unencrypted_suffix: _unencrypted
version: 3.10.2