My configuration. Probably nothing to look for here.
 
 
 
Go to file
Deployerbot Main d4e9af06ef flake.lock: Update
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/c68a9fc85c2cb3a313be6ff40511635544dde8da' (2024-02-15)
  → 'github:NixOS/nixpkgs/1d1817869c47682a6bee85b5b0a6537b6c0fba26' (2024-02-16)
• Updated input 'nur':
    'github:nix-community/NUR/9eab660e8f9fe1b41bca3e198ba96c23270659ab' (2024-02-16)
  → 'github:nix-community/NUR/0453b0745100cee220ff5b1be71c8806aaa07547' (2024-02-17)
2024-02-17 23:30:53 +00:00
hosts virtualbox 2024-02-16 18:09:59 +02:00
modules compressAll: split to compressDrv and compressDrvWeb 2024-02-15 10:55:30 +02:00
pkgs extraCompressors 2024-02-15 10:57:31 +02:00
secrets fra1-a: backup e11sync 2024-01-25 14:49:51 +02:00
shared/home install nix-output-monitor 2024-02-14 15:54:42 +02:00
.envrc move home-manager config to a dedicated location 2023-10-06 11:24:00 +03:00
.gitattributes Configure git repository for gpg file diff. 2023-01-03 13:41:30 +02:00
.gitignore enable some checks in pre-commit hooks 2023-10-02 00:00:30 +03:00
LICENSE relicense 2024-01-15 18:18:45 +02:00
README.md update README a bit 2023-10-18 16:52:03 +03:00
data.nix soju: listen ws+insecure on :6698 2024-02-12 15:50:52 +02:00
flake.lock flake.lock: Update 2024-02-17 23:30:53 +00:00
flake.nix compressAll: split to compressDrv and compressDrvWeb 2024-02-15 10:55:30 +02:00
secrets.nix fra1-a: backup e11sync 2024-01-25 14:49:51 +02:00
statix.toml extraCompressors 2024-02-15 10:57:31 +02:00

README.md

Config

Flakes:

$ deploy --interactive '#vno1-oh2'

$ nix build .#deploy.nodes.fra1-a.profiles.system.path

Other:

$ nix build .#nixosConfigurations.vno3-rp3b.config.system.build.toplevel
$ nix build .#homeConfigurations.x86_64-linux.motiejusja.activationPackage

$ nix eval .#nixosConfigurations.vno1-oh2.config.services.nsd

Encoding host-only secrets

Encode a secret on host:

rage -e -r "$(cat /etc/ssh/ssh_host_ed25519_key.pub)" -o secret.age /path/to/plaintext

Decode a secret on host (to test things out):

rage -d -i /etc/ssh/ssh_host_ed25519_key secret.age