Commit graph

815 commits

Author SHA1 Message Date
Bruno BELANYI 8664781da7 secrets: migrate to agenix
It is finally time to graduate to an actually secure, stateless
solution.
2021-09-26 23:09:31 +02:00
Bruno BELANYI abf526ae3c secrets: import 'agenix' module 2021-09-25 13:31:43 +02:00
Bruno BELANYI 7273f2102a flake: add 'agenix' 2021-09-25 13:30:51 +02:00
Bruno BELANYI 963c86c66f home: remove unused 'secrets' module 2021-09-25 13:27:01 +02:00
Bruno BELANYI f3519e845f home: ssh: add missing 'mkIf cfg.enable' 2021-09-24 01:21:57 +02:00
Bruno BELANYI 8ba1746be4 home: remove unused arguments 2021-09-24 01:21:57 +02:00
Bruno BELANYI 313b0c23a9 modules: remove unused arguments 2021-09-24 01:21:57 +02:00
Bruno BELANYI 176d95d890 machines: remove unused arguments 2021-09-24 01:21:57 +02:00
Bruno BELANYI b398481ba3 pkgs: remove unused arguments 2021-09-24 01:21:57 +02:00
Bruno BELANYI d813d85af8 lib: remove 'with self;' 2021-09-24 01:21:57 +02:00
Bruno BELANYI 9473cff408 lib: modules: refactor 'mapModules'
Introduce the recursive version of this function, then refactor to
reduce repetition.
2021-09-24 01:21:57 +02:00
Bruno BELANYI 2b0b6f2004 lib: modules: document 'mapModules' 2021-09-24 00:26:28 +02:00
Bruno BELANYI 8852699c9a modules: services: nginx: use 'recursiveMerge' 2021-09-23 22:11:25 +02:00
Bruno BELANYI 364ea0404a home: wm: i3: use 'recursiveMerge' 2021-09-23 22:11:25 +02:00
Bruno BELANYI 8ce123c527 lib: attrs: add 'recursiveMerge' 2021-09-23 22:11:25 +02:00
Bruno BELANYI c13e57f584 modules: system: users: use 'initialHashedPassword'
This is the better option to use in case I want to have a stateless
system.
2021-09-23 21:30:24 +02:00
Bruno BELANYI 2f9d3417d4 modules: system: users: use 'ambroisie' password
Do not rely on `my.user.name` which could be changed to a value not
available in the secrets.
2021-09-23 21:28:29 +02:00
Bruno BELANYI 27040532bd modules: programs: steam: respect XDG conventions
Steam wants to pollute HOME with `.steam*` files and folders, which are
useless and annoying.

We want to make sure the wrappers are preferred when installing, so use
`lib.hiPrio` to ensure they get chosen.
2021-09-15 19:23:24 +02:00
Bruno BELANYI 7aa2a0f8fa machines: aramis: programs: enable steam 2021-09-15 19:23:24 +02:00
Bruno BELANYI 24b540d948 modules: programs: add steam 2021-09-15 19:23:24 +02:00
Bruno BELANYI 91489d5b71 modules: add 'programs' directory 2021-09-15 16:48:10 +02:00
Bruno BELANYI 4ccf549e58 modules: system: remove 'media'
It was not the idiomatic way to do this.
2021-09-15 16:10:06 +02:00
Bruno BELANYI 8c0b70dcb5 pkgs: make use of scoping
This is the way to make sure `callPackage` picks up my custom packages
to be used in the set.
2021-09-15 15:33:18 +02:00
Bruno BELANYI 02992d819e home: gdb: add nix store to safe path
For now, the nix store path is hard-coded rather than substituted.

This is useful for pretty-printing C++ types compiled with a different
C++ library from my gdb.
2021-09-03 17:34:39 +02:00
Bruno BELANYI 9474a3b57b git: remove duplicate ignore directive 2021-09-01 14:52:38 +02:00
Bruno BELANYI 4521cba5f0 flake: use 'nativeBuildInputs' 2021-09-01 14:51:27 +02:00
Bruno BELANYI 0df212f877 pkgs: unified-hosts-lists: do not set 'phases' 2021-08-31 20:11:11 +02:00
Bruno BELANYI 1690efc107 pkgs: unbound-zones-adblock: do not set 'phases' 2021-08-31 20:11:00 +02:00
Bruno BELANYI 5fdf108c40 pkgs: matrix-notifier: do not set 'phases' 2021-08-31 20:10:41 +02:00
Bruno BELANYI 2d40fc3d00 pkgs: i3-get-window-criteria: do not set 'phases' 2021-08-31 20:08:22 +02:00
Bruno BELANYI 5accea2a33 pkgs: havm: use 'nativeBuildInputs'
This is the correct one to use for a compiler like 'ghc'.
2021-08-31 19:50:44 +02:00
Bruno BELANYI 1d41918d70 pkgs: diff-flake: do not set 'phases' 2021-08-31 19:03:33 +02:00
Bruno BELANYI 2709c3751f pkgs: comma: do not set 'phases' 2021-08-31 19:03:25 +02:00
Bruno BELANYI 920e31c72f pkgs: comma: give path to source directly 2021-08-31 19:03:24 +02:00
Bruno BELANYI cc54fe9087 pkgs: bw-pass: do not set 'phases' 2021-08-31 18:59:05 +02:00
Bruno BELANYI 2c81416774 pkgs: havm: use 'checkInputs' for test dependency 2021-08-31 18:44:17 +02:00
Bruno BELANYI 9a5bba7574 home: wm: i3bar: remove redundant '%' 2021-08-31 18:31:32 +02:00
Bruno BELANYI bf6af94bec modules: services: paperless: proxy websockets 2021-08-31 13:52:11 +02:00
Bruno BELANYI 14d56a1337 machines: porthos: services: enable paperless 2021-08-31 13:52:11 +02:00
Bruno BELANYI 23484989a6 modules: services: paperless: add admin password
This is a fallback in case SSO stops working...
2021-08-31 13:52:11 +02:00
Bruno BELANYI 197f371ca9 secrets: add paperless password
To be used as a fallback.
2021-08-31 13:52:11 +02:00
Bruno BELANYI da4595cd39 modules: services: add paperless 2021-08-31 13:52:11 +02:00
Bruno BELANYI 2ea68f705d secrets: add paperless 2021-08-31 13:52:11 +02:00
Bruno BELANYI 2d12211d3e flake: bump inputs 2021-08-31 13:52:10 +02:00
Bruno BELANYI 187c35c448 home: pager: remove lesspipe
I don't use it anymore.
2021-08-30 21:23:13 +02:00
Bruno BELANYI 8319f0ea5c modules: services: nginx: nginx-sso verbose logs
For some reason it still doesn't appear in the systemd log...
2021-08-30 17:38:25 +02:00
Bruno BELANYI fd898df590 modules: services: nginx: add SSO 2021-08-30 17:36:39 +02:00
Bruno BELANYI 52079bf1e7 modules: services: nginx: enable explicitly 2021-08-30 17:36:39 +02:00
Bruno BELANYI 878759cb77 secrets: add sso 2021-08-30 17:36:39 +02:00
Bruno BELANYI fd526b674b secrets: allow lists in types 2021-08-30 15:35:00 +02:00