| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
| |
Install and configure some programs only on trusted machines. On trusted
machines, my mails, GPG and a few other things are configured. A machine
where this is not needed on a regular basis to get things done don't
need that much information.
Also rename `desktop/trust` to `trusted`, in case we want these packages
on a host that is not a desktop, and `trusted` is a better description.
|
|
|
|
|
|
|
|
| |
The variable is used to define the kind of machine we're managing.
`isDesktop` is a bit more descriptive.
We import `devel` for all machines, and we fine tune which packages we
want to install based on the value of `isDesktop`.
|
| |
|
|
|
|
|
| |
This is the correct way to set up the private key, let's see if this
works consistently across hosts and reboots.
|
|
|
|
| |
NUR is the nux user repository, which provides additional packages.
|
|
|
|
|
|
| |
The key was created under /run/agenix, which is wiped out after a
reboot. The key being absent prevents the wireguard interface to come
up. Store the key somewhere persistent to prevent this to happen.
|
|
|
|
|
|
|
|
|
| |
Add a new module to automatically configure the peers for wireguard. The
module needs a configuration file (in `configs/wireguard.toml`) which
lists all the peers, their IP and and their public keys. The secret keys
is encrypted as a secret with agenix.
There's some initial documentation on how to use this setup.
|
|
|
|
| |
This will be used to store secrets in the repository.
|
|
|
|
| |
We need the community overlay to get the pure GTK port of Emacs for now.
|
|
|
|
|
|
| |
Update the `mkSystem` function to include the proper common module, and
fix the path to import the common configuration for a desktop into
`carmel`.
|
| |
|
| |
|
| |
|
|
|