about summary refs log tree commit diff
path: root/lib (follow)
Commit message (Collapse)AuthorAgeFilesLines
* ref(nix): rename lib/ to nix/Franck Cuny2022-06-092-80/+0
| | | | | | Change-Id: If1e608b89b39bd5a53a37b873833a7ea881cb418 Reviewed-on: https://cl.fcuny.net/c/world/+/298 Reviewed-by: Franck Cuny <franck@fcuny.net>
* ref(profiles): get rid of all the profilesFranck Cuny2022-06-091-1/+0
| | | | | | | | | | | | | | All the modules that are setup by the profiles are now managed at the host level. This simplify some configuration, and will make it easier to adjust things at the host instead of trying to squeeze everything into profiles. This will also help the refactoring later, when I'll split nixos and home-manager configuration. Change-Id: I17ffda8b0b5d15bf1915c6fae5030380523d74b5 Reviewed-on: https://cl.fcuny.net/c/world/+/297 Reviewed-by: Franck Cuny <franck@fcuny.net>
* feat(gerrit-hook): add gerrit-hook to the overlaysFranck Cuny2022-06-041-0/+5
| | | | | | | | So that we can build and install it. Change-Id: I1f732ceb7be2e9cca625819562f5baed5e131f85 Reviewed-on: https://cl.fcuny.net/c/world/+/181 Reviewed-by: Franck Cuny <franck@fcuny.net>
* secrets: move the actual secrets with hosts configFranck Cuny2022-04-131-2/+1
| | | | | | Having the secrets closer to the host is easier to manage. At the moment I don't have secrets that are shared across multiple hosts, so that's an OK approach.
* secrets: move all the secrets under module/Franck Cuny2022-04-102-13/+6
| | | | | Refactor a bit the configuration, which should simplify the management and usage of secrets from now on.
* remove `mkHome` from libFranck Cuny2022-04-091-33/+0
| | | | | home-manager configuration is used as a module, we don't have two different ways to configure the host anymore.
* aptos: consume the new profilesFranck Cuny2022-04-081-0/+4
| | | | aptos is now using the new home-manager setup.
* refactor boot configuration to a moduleFranck Cuny2022-04-061-1/+0
| | | | | | | | | We don't need the previous `hosts/common/system` configs anymore, as everything has been moved out. We keep some boot configuration for carmel in the host configuration for now, but I need to check why I don't have similar settings for tahoe (since I also need to unlock the host remotely).
* create a profile for laptopFranck Cuny2022-04-051-0/+1
|
* sound: add a new moduleFranck Cuny2022-04-051-0/+1
| | | | | | | | | | This is the start of yet another refactoring of the configuration. Sound configuration is moving to a module, and we enable it as needed at the host level. It takes care of configuring pipewire and install the packages needed too. This module is applied to the laptop and the desktop.
* home-manager: add `isTrusted`Franck Cuny2022-04-031-1/+2
| | | | | | | | | | Install and configure some programs only on trusted machines. On trusted machines, my mails, GPG and a few other things are configured. A machine where this is not needed on a regular basis to get things done don't need that much information. Also rename `desktop/trust` to `trusted`, in case we want these packages on a host that is not a desktop, and `trusted` is a better description.
* rename `desktop` to `isDesktop`Franck Cuny2022-04-031-2/+2
| | | | | | | | The variable is used to define the kind of machine we're managing. `isDesktop` is a bit more descriptive. We import `devel` for all machines, and we fine tune which packages we want to install based on the value of `isDesktop`.
* wireguard: revert to previous portFranck Cuny2022-03-021-1/+1
|
* wireguard: use agenix from the moduleFranck Cuny2022-03-021-2/+8
| | | | | This is the correct way to set up the private key, let's see if this works consistently across hosts and reboots.
* flake: add new overlay: NURFranck Cuny2022-02-271-1/+4
| | | | NUR is the nux user repository, which provides additional packages.
* agenix: store wireguard key in persistent storageFranck Cuny2022-02-241-4/+2
| | | | | | The key was created under /run/agenix, which is wiped out after a reboot. The key being absent prevents the wireguard interface to come up. Store the key somewhere persistent to prevent this to happen.
* wireguard: module and peers configurationsFranck Cuny2022-02-212-0/+45
| | | | | | | | | Add a new module to automatically configure the peers for wireguard. The module needs a configuration file (in `configs/wireguard.toml`) which lists all the peers, their IP and and their public keys. The secret keys is encrypted as a secret with agenix. There's some initial documentation on how to use this setup.
* agenix: add flake for agenixFranck Cuny2022-02-211-0/+1
| | | | This will be used to store secrets in the repository.
* emacs: pull community's overlayFranck Cuny2022-02-131-0/+1
| | | | We need the community overlay to get the pure GTK port of Emacs for now.
* hosts: import common modulesFranck Cuny2022-02-121-1/+1
| | | | | | Update the `mkSystem` function to include the proper common module, and fix the path to import the common configuration for a desktop into `carmel`.
* lib: remove in-existing moduleFranck Cuny2022-02-101-1/+0
|
* fix a few errorsFranck Cuny2022-02-101-1/+1
|
* nix: fix a bunch of stuffFranck Cuny2022-02-101-9/+5
|
* home-manager: split the configurationFranck Cuny2022-02-101-0/+62