Bun/ROCKPro64-Server
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Unencrypt and rename to Bun

Browse source
This commit is contained in:
Bun 2025-03-12 17:58:52 -04:00
parent 410605f638
commit 3ad338f733
7 changed files with 13 additions and 16 deletions
Download patch file Download diff file Expand all files Collapse all files

3
README.md
View file

@ -1,3 +1,6 @@
# ROCKPro64-Server # ROCKPro64-Server
A flake for Jules' ROCKPro64 server. A flake for Jules' ROCKPro64 server.
For personal use, unlocking secrets can be done with this command:
``gpg --pinentry-mode loopback --decrypt local.key.asc | git-crypt unlock -``

2
flake.nix
View file

@ -18,7 +18,7 @@
... ...
}@inputs: }@inputs:
{ {
nixosConfigurations.rubble = nixpkgs.lib.nixosSystem { nixosConfigurations.progesterone = nixpkgs.lib.nixosSystem {
modules = [ ./system ]; modules = [ ./system ];
specialArgs = inputs; specialArgs = inputs;
}; };

5
system/accounts/users/custom/jimbo/default.nix → system/accounts/users/custom/bun/default.nix
View file

@ -1,13 +1,14 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
{ {
users.users.jimbo = { users.users.bun = {
hashedPassword = config.secrets.jimboAccPass; hashedPassword = config.secrets.bunAccPass;
isNormalUser = true; isNormalUser = true;
createHome = true; createHome = true;
openssh.authorizedKeys.keys = [ openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC2lMkUd+BbXITE5LTg94hEzmA6UKsIIbaf5YOjGoLzl Desktop" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC2lMkUd+BbXITE5LTg94hEzmA6UKsIIbaf5YOjGoLzl Desktop"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIFGHaxdTeC1xnTx2BY5LLR5LxhdSkmYoWuOeEuRIz0k Server" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIFGHaxdTeC1xnTx2BY5LLR5LxhdSkmYoWuOeEuRIz0k Server"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJahAoF74BY6GCTsFkt1ADKaraFgJJozW1Y1aBTLK0j9 Pixel9" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJahAoF74BY6GCTsFkt1ADKaraFgJJozW1Y1aBTLK0j9 Pixel9"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHMJtG55GlIRVs6NzN9MeGZUFeduOcbOhFc0QEqWEl7o"
]; ];
extraGroups = [ extraGroups = [
"wheel" "wheel"

2
system/accounts/users/custom/default.nix
View file

@ -2,6 +2,6 @@
{ {
imports = [ imports = [
./jules ./jules
./jimbo ./bun
]; ];
} }

2
system/default.nix
View file

@ -11,7 +11,7 @@
]; ];
networking = { networking = {
hostName = "rubble"; hostName = "progesterone";
hostId = "e0b1fcef"; hostId = "e0b1fcef";
}; };

15
system/devices/disks/disko/default.nix
View file

@ -21,17 +21,11 @@
mountOptions = [ "umask=0077" ]; mountOptions = [ "umask=0077" ];
}; };
}; };
luks = { main = {
size = "100%"; size = "100%";
content = { content = {
type = "luks"; type = "lvm_pv";
name = "${config.networking.hostName}-disk"; vg = "${config.networking.hostName}";
settings.allowDiscards = true;
passwordFile = "/tmp/secret.key";
content = {
type = "lvm_pv";
vg = "${config.networking.hostName}";
};
}; };
}; };
}; };
@ -68,14 +62,13 @@
mountOptions = [ "compress=zstd" "noatime" "ssd" ]; mountOptions = [ "compress=zstd" "noatime" "ssd" ];
}; };
"/persist/.snapshots" = { }; "/persist/.snapshots" = { };
"/persist/home/jules" = { }; "/persist/home/jules" = { };
"/persist/home/jules/.snapshots" = { }; "/persist/home/jules/.snapshots" = { };
}; };
}; };
}; };
swap = { swap = {
size = "4G"; size = "2G";
content = { content = {
type = "swap"; type = "swap";
discardPolicy = "both"; discardPolicy = "both";

BIN
system/secrets/default.nix
View file

Binary file not shown.