Bruno BELANYI
d64a867afc
flake: bump inputs
2021-10-04 14:45:41 +02:00
Bruno BELANYI
cc21d84808
home: tmux: add tmux service
...
continuous-integration/drone/push Build is passing
The service definition is pretty awful, but it deals with the secure
socket correctly...
This avoids having a small lapse when starting the very first shell of a
session, which must first launch the server.
2021-09-30 16:58:44 +02:00
Bruno BELANYI
84cdc30037
home: tmux: make history longer
...
We got tons of RAM!
2021-09-30 16:47:52 +02:00
Bruno BELANYI
07cf0fa4da
home: wm: i3: launch tmux when starting terminal
...
continuous-integration/drone/push Build is passing
Similarly to the `zsh` snippet, launch tmux unless I explicitly do not
want it.
The reason I also add it in `i3` is to make the launch happen sooner,
and to avoid doing double work on some shell startup shenanigans if I
can.
2021-09-30 15:38:43 +02:00
Bruno BELANYI
24de1890fc
home: zsh: launch tmux when starting a shell
2021-09-30 15:34:16 +02:00
Bruno BELANYI
4055ef17f0
home: vim: switch back to gruvbox theme
...
continuous-integration/drone/push Build is passing
Onedark is too annoying to deal with, and I still like gruvbox's colors
best.
2021-09-29 18:50:33 +02:00
Bruno BELANYI
7ce69233c1
flake: bump inputs
2021-09-29 17:37:15 +02:00
Bruno BELANYI
9f86615e77
profiles: gtk: new best practices for dconf
continuous-integration/drone/push Build is passing
2021-09-27 17:07:47 +02:00
Bruno BELANYI
e805496588
modules: secrets: fix permission for grafana
continuous-integration/drone/push Build is passing
2021-09-26 23:09:33 +02:00
Bruno BELANYI
3201445c08
modules: secrets: fix permission of 'matrix/mail'
2021-09-26 23:09:33 +02:00
Bruno BELANYI
30eaefc1d1
modules: secrets: add 'owner' logic
2021-09-26 23:09:33 +02:00
Bruno BELANYI
5f41bb1647
modules: secrets: remove 'with lib;'
2021-09-26 23:09:33 +02:00
Bruno BELANYI
fec4956063
secrets: move into 'modules'
2021-09-26 23:09:33 +02:00
Bruno BELANYI
a62c0ad126
project: bootstrap: retrieve agenix key
2021-09-26 23:09:33 +02:00
Bruno BELANYI
2cc13dddb5
ci: use 'nix flake check'
...
Now that I am using agenix, secrets stays encrypted at rest.
2021-09-26 23:09:33 +02:00
Bruno BELANYI
de92358bc0
flake: remove 'git-crypt'
2021-09-26 23:09:33 +02:00
Bruno BELANYI
167db81c6c
secrets: remove git-crypt
2021-09-26 23:09:33 +02:00
Bruno BELANYI
738d1760c3
secrets: remove git-crypt secrets
2021-09-26 23:09:33 +02:00
Bruno BELANYI
e962d4c574
modules: services: nginx: sso: use runtime secrets
2021-09-26 23:09:33 +02:00
Bruno BELANYI
1c0d671fff
machines: porthos: services: switch to agenix
...
The prep-work should be done now, time to hit the switch.
2021-09-26 23:09:32 +02:00
Bruno BELANYI
3bf3980e45
modules: services: nginx: allow sso secret files
...
This is in preparation of the migration to agenix, which does not allow
access to the secrets at build time.
2021-09-26 23:09:32 +02:00
Bruno BELANYI
f6faa11ff7
home: put modules into folders
2021-09-26 23:09:32 +02:00
Bruno BELANYI
67090494e2
home: terminal: put modules into folders
2021-09-26 23:09:32 +02:00
Bruno BELANYI
0d44b3b9f2
home: x: put modules into folders
2021-09-26 23:09:32 +02:00
Bruno BELANYI
37c20529c1
home: wm: put modules into folders
2021-09-26 23:09:32 +02:00
Bruno BELANYI
2449a96652
home: mail: put modules into folders
2021-09-26 23:09:32 +02:00
Bruno BELANYI
8a9337710f
home: firefox: put modules into folders
2021-09-26 23:09:32 +02:00
Bruno BELANYI
7b75ea43ad
profiles: put modules into folders
2021-09-26 23:09:32 +02:00
Bruno BELANYI
fb6e2afe89
modules: services: drone: split into files
...
This is cleaner to read.
2021-09-26 23:09:32 +02:00
Bruno BELANYI
51067582e0
modules: services: put modules into folders
2021-09-26 23:09:32 +02:00
Bruno BELANYI
78ade4c605
modules: hardware: put modules into folders
2021-09-26 23:09:32 +02:00
Bruno BELANYI
5c2921e00d
modules: system: put modules into folders
2021-09-26 23:09:32 +02:00
Bruno BELANYI
62a18cd3f6
modules: programs: put modules into folders
2021-09-26 23:09:32 +02:00
Bruno BELANYI
c6cc64e156
modules: home: put into folder
2021-09-26 23:09:32 +02:00
Bruno BELANYI
875a3d8587
machines: porthos: users: use clear-text ssh key
2021-09-26 23:09:32 +02:00
Bruno BELANYI
409e0ef357
modules: system: users: use agenix secrets
2021-09-26 23:09:32 +02:00
Bruno BELANYI
b6af754199
modules: services: wireguard: use agenix secrets
2021-09-26 23:09:32 +02:00
Bruno BELANYI
ca5e5a53cd
modules: services: nginx: use 'credentialsFile'
...
In preparation for the migration to agenix.
2021-09-26 23:09:32 +02:00
Bruno BELANYI
ba10af0644
modules: services: matrix: use 'mailConfigFile'
...
In preparation of the migration to agenix.
2021-09-26 23:09:32 +02:00
Bruno BELANYI
0f2c20e51d
modules: services: paperless: use 'secretKeyFile'
...
In preparation for the migration to agenix.
2021-09-26 23:09:32 +02:00
Bruno BELANYI
ca218730ff
modules: services: nextcloud: use 'credentialsfile'
...
In preparation for the migration to agenix.
2021-09-26 23:09:32 +02:00
Bruno BELANYI
ac5fd7f472
modules: services: miniflux: use 'credentialsFiles'
...
In preparation for the migration to agenix.
2021-09-26 23:09:32 +02:00
Bruno BELANYI
db37cea907
modules: services: transmission: secrets w/ file
...
In preparation for the migration to using agenix.
2021-09-26 23:09:31 +02:00
Bruno BELANYI
1cf93825b2
secrets: register agenix secrets automatically
2021-09-26 23:09:31 +02:00
Bruno BELANYI
8a2aad9b54
secrets: migrate to agenix
...
It is finally time to graduate to an actually secure, stateless
solution.
2021-09-26 23:09:31 +02:00
Bruno BELANYI
018394b61d
secrets: import 'agenix' module
2021-09-25 13:31:43 +02:00
Bruno BELANYI
1e3c633c72
flake: add 'agenix'
2021-09-25 13:30:51 +02:00
Bruno BELANYI
df302465c9
home: remove unused 'secrets' module
2021-09-25 13:27:01 +02:00
Bruno BELANYI
673ead7863
home: ssh: add missing 'mkIf cfg.enable'
continuous-integration/drone/push Build is passing
2021-09-24 01:21:57 +02:00
Bruno BELANYI
3d10461a6e
home: remove unused arguments
2021-09-24 01:21:57 +02:00