| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
| |
Change-Id: If1e608b89b39bd5a53a37b873833a7ea881cb418
Reviewed-on: https://cl.fcuny.net/c/world/+/298
Reviewed-by: Franck Cuny <franck@fcuny.net>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
All the modules that are setup by the profiles are now managed at the
host level. This simplify some configuration, and will make it easier to
adjust things at the host instead of trying to squeeze everything into
profiles.
This will also help the refactoring later, when I'll split nixos and
home-manager configuration.
Change-Id: I17ffda8b0b5d15bf1915c6fae5030380523d74b5
Reviewed-on: https://cl.fcuny.net/c/world/+/297
Reviewed-by: Franck Cuny <franck@fcuny.net>
|
|
|
|
|
|
|
|
| |
So that we can build and install it.
Change-Id: I1f732ceb7be2e9cca625819562f5baed5e131f85
Reviewed-on: https://cl.fcuny.net/c/world/+/181
Reviewed-by: Franck Cuny <franck@fcuny.net>
|
|
|
|
|
|
| |
Having the secrets closer to the host is easier to manage. At the moment
I don't have secrets that are shared across multiple hosts, so that's an
OK approach.
|
|
|
|
|
| |
Refactor a bit the configuration, which should simplify the management
and usage of secrets from now on.
|
|
|
|
|
| |
home-manager configuration is used as a module, we don't have two
different ways to configure the host anymore.
|
|
|
|
| |
aptos is now using the new home-manager setup.
|
|
|
|
|
|
|
|
|
| |
We don't need the previous `hosts/common/system` configs anymore, as
everything has been moved out.
We keep some boot configuration for carmel in the host configuration for
now, but I need to check why I don't have similar settings for
tahoe (since I also need to unlock the host remotely).
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This is the start of yet another refactoring of the configuration.
Sound configuration is moving to a module, and we enable it as needed at
the host level. It takes care of configuring pipewire and install the
packages needed too.
This module is applied to the laptop and the desktop.
|
|
|
|
|
|
|
|
|
|
| |
Install and configure some programs only on trusted machines. On trusted
machines, my mails, GPG and a few other things are configured. A machine
where this is not needed on a regular basis to get things done don't
need that much information.
Also rename `desktop/trust` to `trusted`, in case we want these packages
on a host that is not a desktop, and `trusted` is a better description.
|
|
|
|
|
|
|
|
| |
The variable is used to define the kind of machine we're managing.
`isDesktop` is a bit more descriptive.
We import `devel` for all machines, and we fine tune which packages we
want to install based on the value of `isDesktop`.
|
| |
|
|
|
|
|
| |
This is the correct way to set up the private key, let's see if this
works consistently across hosts and reboots.
|
|
|
|
| |
NUR is the nux user repository, which provides additional packages.
|
|
|
|
|
|
| |
The key was created under /run/agenix, which is wiped out after a
reboot. The key being absent prevents the wireguard interface to come
up. Store the key somewhere persistent to prevent this to happen.
|
|
|
|
|
|
|
|
|
| |
Add a new module to automatically configure the peers for wireguard. The
module needs a configuration file (in `configs/wireguard.toml`) which
lists all the peers, their IP and and their public keys. The secret keys
is encrypted as a secret with agenix.
There's some initial documentation on how to use this setup.
|
|
|
|
| |
This will be used to store secrets in the repository.
|
|
|
|
| |
We need the community overlay to get the pure GTK port of Emacs for now.
|
|
|
|
|
|
| |
Update the `mkSystem` function to include the proper common module, and
fix the path to import the common configuration for a desktop into
`carmel`.
|
| |
|
| |
|
| |
|
|
|