Skip to content

Commit

Permalink
wips
Browse files Browse the repository at this point in the history 
Signed-off-by: Anthony Rabbito <[email protected]>
  • Loading branch information
@anthr76
anthr76 committed Jan 26, 2025
1 parent 5a87bd9 commit cb5e538
Show file tree
Hide file tree
Showing 6 changed files with 120 additions and 88 deletions.
2 changes: 1 addition & 1 deletion .sops.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ keys:
# Users
- &anthony age12t69fa3kqmnxdx4sca7ecv6lfu3wrfwm95zuuhujcfk3ukcn8dzsk40u6x
# Hosts
- &bkp1 age1uvm732gdzuq2v2m97tw5gxerztw6ad3452xrpq5y9ggvg62x7fqse4pzly
- &bkp1 age17rwd9guzrfks7t3q4erdjm860mn0290kmthntw5myjyszvcwz95qkt8gyc
- &lga-test1 age1td7hkcms0fmrt438ta2kmxxfmp0lget6gdae7me60apprll543sqr525jy
- &e39 age1a4uumamqg8248ntjjl088ppq7m75p6zyhu5r8yyaqjvvk5yjpuksqspeea
- &octo age1mntfkg0jyv698z8kg6mlq8mr72ecpyt0dmn8y0skux9r26km4uzsge8h9q
Expand Down
3 changes: 3 additions & 0 deletions nixos/hosts/bkp1/default.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,9 @@
./hardware-configuration.nix
../../personalities/base
../../personalities/server
../../personalities/server/syncthing.nix
inputs.disko.nixosModules.disko
./disks.nix
];
networking.hostName = "bkp1";
networking.domain = "nwk2.rabbito.tech";
Expand Down
63 changes: 63 additions & 0 deletions nixos/hosts/bkp1/disks.nix
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,63 @@
{
disko.devices = {
disk = {
main = {
type = "disk";
device =
"/dev/disk/by-id/nvme-Samsung_SSD_970_EVO_Plus_500GB_S4P2NF0M318838M";
content = {
type = "gpt";
partitions = {
ESP = {
priority = 1;
name = "ESP";
start = "1M";
end = "4096M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [ "defaults" "umask=0077" ];
};
};
root = {
size = "100%";
content = {
type = "btrfs";
extraArgs = [ "-f" ];
subvolumes = {
"/rootfs" = { mountpoint = "/"; };
"/home" = { mountpoint = "/home"; };
"/nix" = {
mountOptions = [ "compress=zstd" "noatime" ];
mountpoint = "/nix";
};
};
mountpoint = "/partition-root";
};
};
};
};
};
data = {
type = "disk";
device = "/dev/disk/by-id/ata-Samsung_SSD_860_EVO_500GB_S3YZNB0M524981D";
content = {
type = "gpt";
partitions = {
data = {
size = "100%";
content = {
type = "btrfs";
extraArgs = [ "-f" ];
subvolumes = { "/data" = { mountpoint = "/data"; }; };
mountpoint = "/partition-data";
};
};
};
};
};
};
};
}
41 changes: 0 additions & 41 deletions nixos/hosts/bkp1/hardware-configuration.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,47 +19,6 @@
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];

fileSystems."/" = {
device = "/dev/disk/by-uuid/9b390384-9c28-4d8b-84c9-2edc8f1326ae";
fsType = "btrfs";
options = [ "subvol=rootfs" ];
};

fileSystems."/srv" = {
device = "/dev/disk/by-uuid/9b390384-9c28-4d8b-84c9-2edc8f1326ae";
fsType = "btrfs";
options = [ "subvol=rootfs/srv" ];
};

fileSystems."/var/lib/portables" = {
device = "/dev/disk/by-uuid/9b390384-9c28-4d8b-84c9-2edc8f1326ae";
fsType = "btrfs";
options = [ "subvol=rootfs/var/lib/portables" ];
};

fileSystems."/var/lib/machines" = {
device = "/dev/disk/by-uuid/9b390384-9c28-4d8b-84c9-2edc8f1326ae";
fsType = "btrfs";
options = [ "subvol=rootfs/var/lib/machines" ];
};

fileSystems."/boot" = {
device = "/dev/disk/by-uuid/7F84-BB22";
fsType = "vfat";
};

fileSystems."/nix" = {
device = "/dev/disk/by-uuid/9b390384-9c28-4d8b-84c9-2edc8f1326ae";
fsType = "btrfs";
options = [ "subvol=nix" ];
};

fileSystems."/home" = {
device = "/dev/disk/by-uuid/9b390384-9c28-4d8b-84c9-2edc8f1326ae";
fsType = "btrfs";
options = [ "subvol=home" ];
};

swapDevices = [ ];

# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
Expand Down
7 changes: 7 additions & 0 deletions nixos/personalities/server/syncthing.nix
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
{
services.syncthing = {
enable = true;
openDefaultPorts = true;
dataDir = "/data/syncthing";
};
}
92 changes: 46 additions & 46 deletions secrets/users.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,83 +16,83 @@ sops:
- recipient: age12t69fa3kqmnxdx4sca7ecv6lfu3wrfwm95zuuhujcfk3ukcn8dzsk40u6x
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBudVlvOWl2Wjg4WWE5T1FP
T1J2THJwVGpQNnNGQXozdzBxYW5zQnBGZHhjCndISms4YTJRWVBjOVRBeHU4MytQ
MnFuNmRCZ0FkZHh3YVZ4b1d5SENyRHMKLS0tIHFvM2lZTkZ0YWw5TldaOFpvYXY4
eTVubUhPelRaeFpmYzBUNGpsQmg4RE0KuyUICiRpoXbxones3rX8GEl91WGwm9bc
evs02ctVpkJVKz/v7vYQE7x30QU9jJeHRFiJ8PqFaqdrJG/mHE62Kw==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB6QWJic0tVcWVzK2I3Zm1j
bnBJRjIwclJBS2tNVDYxZmxWRG1VNXVYb1hFCkVJMzBEaEpOWWd2ejVlZHh6L1Ex
ZEFPbWtETTJKRkplZG1IU2JVRkhlVXMKLS0tIDRRblpINEcwMlZtQ3R6T0JQdmZU
aDlsTjZscnBsUW1tRCtIdWxXRkZhLzQKxa0uS8/6YT81pfzEla45gcaej4NwSjqw
HZKVzK2FWa87Gri2r8vQP/W8uBKzbNhmznGP4OsFvuCRxGVYtwdjbQ==
-----END AGE ENCRYPTED FILE-----
- recipient: age1uvm732gdzuq2v2m97tw5gxerztw6ad3452xrpq5y9ggvg62x7fqse4pzly
- recipient: age17rwd9guzrfks7t3q4erdjm860mn0290kmthntw5myjyszvcwz95qkt8gyc
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBUdFF3cmJ5b3Z2a1Z0RWFp
WStzS2NXTjB5dTBveG5ZL2oyM09VbU5ZZ1RFCmZPbVpQREQyVG90cWYxbHhzSWdz
SUZ0VURKUFdqb3YrdytQOCsyZUt1bU0KLS0tIGkrN0VIcHZoVGw5MzZ1S0ZQbDVU
dHAxblpSRDlsM2MxWGU4MUhhN2c5eEkK4dHzfOfmmc9o3G7Qy3iUFnQKJFLH/dXr
h+lu/AwDMJTggLEIr/BjPPEyP08fW5mp2Fajyz0WHdoCfBbwDDkP+Q==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4L216OURHbDBwRFNkRkww
eStpTk1yMlplYUZ0Ti9QSHZWb1Zna2d6VlZvCjh5UE1QQ3FQRG5pSFhRRXQyM0x6
N0RCQXVIM0J1M2N0Sk1DWHpDZnVKdzAKLS0tIGk2TmhrVzRTTWpoNEJWK2ZGSWhz
Z25JaFRkVHdsTjZ1SDlSbTR0UkZhNGcKXM5lBh9GVk7inPuCXPcJwTqLa0MwXQQu
g5yVce54uNQBiE9LbPLWphyZvGh/nTwUfEtZkfZnBxQHd9ffvXSuAg==
-----END AGE ENCRYPTED FILE-----
- recipient: age1td7hkcms0fmrt438ta2kmxxfmp0lget6gdae7me60apprll543sqr525jy
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKbTdSbjRObDhodUJUWWRF
NnRybGdQOXhvbVRIcXQzZUpJNjVtYlIzaXk4ClNtTWo2MVhtUlQ2SCtFZGxUYkts
Mk91OHVPM2cwcEZhVDdMYjhOM0pZRm8KLS0tIGdIU0VqMy9yOWtza00wZStIN0Nr
S1d0NThiODROQTl1L2c5eWxiVVV5MkEK4KnaEaE/ZPHLYp+So20Yxll0y9CB5GvV
cRJRbsQ9UKs/uc0AM4E0CjapCSA9bS1oUtpGO0fH/bxY2yRHSNe8yg==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBEcnpBMzdSZC8wNG13ZHNY
ZWp4T1dtSlhEdm9Ta0F5dWdyQXdZRzVRL0dZCk5BWVNtN3hPUjBVRWtPVW41LzJ1
NVZIQnFldVBJQ0F3djl6clJ2ZnZmb1EKLS0tIEdGM0VXcWdqT0ZlYVBOMXluM2hl
V243aU55YTNZMFVHcVEwd2tCSC9YcUUK9yu/6cKBLXgSLr7BYo8H+zmewEyh+Cti
q7wdt8aZI0EDcZPW69nOfM2R5H1IpuSmq86JuD/YwdBcPtdiSX8VIg==
-----END AGE ENCRYPTED FILE-----
- recipient: age1a4uumamqg8248ntjjl088ppq7m75p6zyhu5r8yyaqjvvk5yjpuksqspeea
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBsVGNpSitPSC8zOEw5SzBO
U0VKcE1YQzU5a0tWOXRYSk9NQ2NURG00RWlvCmRtYmtubzdOQjBvRkwrZXduWmht
RDYxTlVrWkFUYUZIWUpGWjh3NXdHL28KLS0tIDRyaWdBK2liTGprUnhWUEJqOGwz
NkxaSkdxVVNBL25mWms3UWlYWU1oWDgKLx+XCMJ52qirR1zedW8QTbM5xCmieEfY
YMNxT/WUP1kKqxNf9d+aq6hnsRowdLhihEqNdNym/VBhXOBCHWgquA==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBucWRnOG1ieEZiNXB6Z0sw
TXlJMkVuN3hmWmRXUEJ4RmUzcy94alVTY3hNCkozZnhUMXVZYUlYaFRjdnAwbmNH
eWNnNTEvNHFuSnNtZlY2a0xmWDkwcjgKLS0tIEl2RHFWK3kzZ1A5NVFaOTdRRDk3
VmY5UEs4b2xKMHpnWmh5WFVUcTZHeVUKjJzf92gNCMdGwCV5mHs1Vzmq5WbWwoTh
HlF/glcR1TBa2ss1hCf6KApoN/pYrus3lX5NHXdUubH9RvOCu8VbHw==
-----END AGE ENCRYPTED FILE-----
- recipient: age1mntfkg0jyv698z8kg6mlq8mr72ecpyt0dmn8y0skux9r26km4uzsge8h9q
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB2RW9tazVVSDZNTDNFSnFV
c2dvSWlCcHd0KzF4UHVFaVdaeGpZVEFna3lFCkNXRVNiUGF3OHJHa3hhSk93WTJH
UEpWNms5eHRtQ0dNeUlFOTZlK2ZMNlEKLS0tIGVYK1VHc29keGtmRlVaeFlKWUt4
Vkw4Mk5TUktFaUp1Qk5RQ0dCZTEyclkK8jWCSSPRRGUgVzwv3Henod4q8RoBHqy+
9BgmSpVrdlbikMBTS3u9TOO+iqwvx0n1rVle3cr4RX5A24je+OCs+A==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzQVpzTlFteVllVWo5S01N
SFI3L0NPZmNwL0kzdzZ2dDBVVEtONDNjUnhjCjdOT2d2YkF4dU15RXJ4L1RuMEh2
QlZET1dvWndCRHE5TXVPbnhqNndQSnMKLS0tIG12NTNFZWJoTWFaY1VUMlpzTTYw
N0FUZFQxSnBMUDc0cGFCZU5IVU1wNkkKP/z/EW6OVsSeoEsow0XXMW4+F7IQUVWH
C3Zc4tSwb6av7XsUsVK9LpEOYYq2UceFitUHn3xSihrdM9mK4fby5A==
-----END AGE ENCRYPTED FILE-----
- recipient: age17j2dw9kdpqntanmk9ndfw3gfu2cld22teuwzfuhnu8j7xpm2yf5se8d2f7
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHZUZZWWJaMWRoL2hSMlAx
QS90MVVOMHN3S2ZRcGF3RlFaWk9HUTJJQ3pzClYvT2x3aDQ3YnE5ejN5cnlpWFQz
UlZuOFBzdTRXeHh3bC9McmhUM3dtWTQKLS0tIGpqSUQ5bjM5aW1FalNoRlIrZ2lJ
OWVJT2hTR2dqbXlUbXBoUVlwNHFxb1kKXxHixvLBwyamnsFE5RHd+SJf2CfYo4tu
qLasQ3HThxExEzGuf+jtnaVQQQzHNM/7EX2DCEJW6esqBHu+y6URCQ==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB0cVM5SWJJSSs3MERVYmV0
b2hrWlRBQ0E1aE5WN295UHpUaWNsbHBxc3lnClRDNVQ5eWhBeUtvY3dadXZqdk0x
WWVoMG5pZU1OektpR0Z6Nm9zV3ZaZ0kKLS0tIGxuMHZvSzhVUXp5aTh2d0s0c1dF
cEVtdm02NVV0MmFaRnE1Zk9EZ2hJOHMKLx2JM+tELcc0n2zc/UgBFO5DX5L19WDz
0uRTtyDQW94Y6rjN0FSvES+EFiyfktYpbN6HS5sI4CBH+iVTKdTcFQ==
-----END AGE ENCRYPTED FILE-----
- recipient: age1hfg2qhhgkun0jz3ez383slf3ruldxyhvcr4488nuhn6vuuaje4rqhp0h96
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwN2x4czNHYWdMWWJ5MC8r
ZXAzZXZueDNlOE5qVkY1QjlrdE15ck9sandNCkIzazB5MGxndDJOdEFXaXBCaXJs
VXJpVTNGMEp6eVFIMDh3M2VVWFVTaUEKLS0tIG5USmZSVDViMUlVWHNXOWRnSGh1
Q1NPeHBVZ2kxRWl0SGkwdWljUHNicTAK2JBEKZcU/Yn0oAWCQ1dTPTPJG6ENgT8F
sEpeUwMuQ/nHWLrkQ/ZavJ34WwDKmZ75dObhLZ5VeBcJFl+3Lq28pA==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWWkN4ME5UZlRjRjZVV25I
cVU5NmxpeElYWCtvZmVZK1hQSzVRQkVhMlZJCkpTMjhtRFB4eVNIejBTN0tLM204
NndFSVpKSUNacFd5SG1YUmkzT2JuTWMKLS0tIHBXTS9vdWttc0VUbEg5OWxaK25s
WlB6VWJhV2RkV010bkV1ZEFhdUVkZXcK4g/1gwBKNRXcBhXL2HYURpAqXDv3M1+B
hb9WmhidtQmzINj9r4wOxoAw+YtpeKhvSNMwWdu9vd3Y+Ba98q0iIA==
-----END AGE ENCRYPTED FILE-----
- recipient: age1n84nrpcndeduskpx7psc5p3758vcp8ynme5qacdergyrkhhtremsdewm8g
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBuc1B1aFZneGQ5dnhsczU4
Z3pmd1p1d1ZVMHZUcitDQ3V0bVVqbW40OWp3CmdacEtVUW9VeU4yRXAyNWhnSnlQ
Yjl0Zm1PNXdUdHdJd056Zzg5ZnJOWE0KLS0tIHZxNXZaaUprRVZTNmlHK1lNNDJK
S2RvWTZOek8yRG9WanZwak5IMTZwYjQKQkCC/f1w3a7mGBgY099ZIZWFwYh3/NFm
JSY6INN6AugLMNWo4SpkHtTluXjA7A7fK7n8wjTIRfhV2i0WOytn1w==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3MFc0Ynp4N2pPb0hvaDhh
Ykp6Ni9ndDNiTUlTdktIWC94VUF4bUdxamh3CjR2MHEvb3JOcHhvRGlFMTVtZklF
MXpoaW1Rcm53ZnBkUFY2cG9kaHFnSjgKLS0tIGNSWlE2ZU9iUjNReHhkeERIL2VO
ekRKTWdFeUlGdERVcHFSS3k0UG9TbFkKyCw3kehi4Mvg6u7nbIczIivxaMv3wmls
5kQIHpoQqX6NPhWPmBwV6mL7AXIspXtwHPJgapk8l/hIzc8cbEsq3w==
-----END AGE ENCRYPTED FILE-----
- recipient: age1w0gxlxdt4p63ggundtdwvhar4kgkl5z09vmxxdg2r94f8hugsegq6nx2gw
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvc1Mva0dHZ2xMYS9YQ093
WnIvc0Rsa2czNU54U21uLzZrTlBuMEhoTVhzCmVkeTZkc2d6STFLaTJJbXhPd1lh
NWRoczIzWlNsSG8yOEVMVEVLOUZleGsKLS0tIGNzOHA3S3dKN29uMTl4bXgvd3JM
aXVheUlzK3prQWR5bytPcmlWSC9qOFEKmLiEcU0rCyi7HnBlgG/WZESnqC8erjKa
jNXj+pFjHW8bq6DlC8lclufntBiu7GYyX73SAE3Tpa9vMTyooGlv0g==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSArVVZBemlORTdzVE1YaWRN
MUsrVGZqTTJKdFhFSXFpY1NtS2FHK3pGVlQwCnFXd2lRRjN4VnM4NVRScUxqUHdz
L1dLU1hTNzVoSVdQNWl3elgrUGUxc0kKLS0tIElnNzNDWURoRUZROURFL1Q3U1Rk
NkhFaS93YU85QjUvNm5tOVhzT1NoeTgKZr7r5PX6h8I1WiHmz9Gk/NYQdSaNKDG0
ptShwm4bj57MqnqMVBT1flwrEvQXVCtqMY6jUIrVe7u1vSFcujTVNQ==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-01-19T15:26:04Z"
mac: ENC[AES256_GCM,data:qU3HChCRp70wbNNfmQtkFoMWNTZQmDFVTATtOMU9PhBUBHF4Kxnyg5qnXgpfhyYtpbjs1kNFd+Gh5IsvRwI8GccsL+Q6dd1UT148ajpnBLNNZnRNS7kLK9Crh1Y0ganPul0WBHWJspzyyNBfRrigk4LMyoBXGnei6/zeRDJMvV4=,iv:BDbhV5kHxydzla3//HTNYllpTDH06CyJbsxYWLhnTHU=,tag:wSBlFyXFWOI8m+xdg8rPpA==,type:str]
Expand Down

0 comments on commit cb5e538

Please sign in to comment.