use ragenix for passwords
This commit is contained in:
parent
6324fa7c57
commit
7678345313
7 changed files with 240 additions and 11 deletions
|
@ -11,8 +11,6 @@
|
|||
modules =
|
||||
args.modules
|
||||
++ [
|
||||
./common.nix
|
||||
|
||||
./${name}
|
||||
./${name}/hardware-configuration.nix
|
||||
|
||||
|
@ -24,11 +22,18 @@
|
|||
|
||||
mapNixOS = lib.mapAttrs (toSystem inputs.nixpkgs.lib.nixosSystem);
|
||||
|
||||
desktop = with inputs; [
|
||||
./desktop.nix
|
||||
lanzaboote.nixosModules.lanzaboote
|
||||
home-manager.nixosModules.home-manager
|
||||
nixos = with inputs; [
|
||||
./common.nix
|
||||
ragenix.nixosModules.default
|
||||
];
|
||||
|
||||
desktop = with inputs;
|
||||
[
|
||||
./desktop.nix
|
||||
lanzaboote.nixosModules.lanzaboote
|
||||
home-manager.nixosModules.home-manager
|
||||
]
|
||||
++ nixos;
|
||||
in {
|
||||
flake.nixosConfigurations = mapNixOS {
|
||||
fuji = {
|
||||
|
|
|
@ -1,7 +1,9 @@
|
|||
{
|
||||
lib,
|
||||
pkgs,
|
||||
config,
|
||||
getchvim,
|
||||
ragenix,
|
||||
...
|
||||
}: let
|
||||
username = "leo";
|
||||
|
@ -93,6 +95,17 @@ in {
|
|||
|
||||
security.rtkit.enable = true;
|
||||
|
||||
age = {
|
||||
identityPaths = ["/home/leo/.ssh/id_ed25519"];
|
||||
|
||||
secrets = let
|
||||
base = ../secrets/desktop;
|
||||
in {
|
||||
rootPassword.file = "${base}/rootPassword.age";
|
||||
userPassword.file = "${base}/userPassword.age";
|
||||
};
|
||||
};
|
||||
|
||||
home-manager = {
|
||||
useGlobalPkgs = true;
|
||||
useUserPackages = true;
|
||||
|
@ -131,6 +144,7 @@ in {
|
|||
osu-lazer-bin
|
||||
gnome.file-roller
|
||||
getchvim.packages.${system}.default
|
||||
ragenix.packages.${system}.default
|
||||
];
|
||||
|
||||
services = {
|
||||
|
@ -161,10 +175,15 @@ in {
|
|||
security.pam.services.greetd.enableGnomeKeyring = true;
|
||||
|
||||
# Define a user account. Don't forget to set a password with ‘passwd’.
|
||||
users.users.${username} = {
|
||||
isNormalUser = true;
|
||||
shell = pkgs.fish;
|
||||
extraGroups = ["networkmanager" "wheel" "video"];
|
||||
users.users = {
|
||||
${username} = {
|
||||
isNormalUser = true;
|
||||
shell = pkgs.fish;
|
||||
extraGroups = ["networkmanager" "wheel" "video"];
|
||||
hashedPasswordFile = config.age.secrets.userPassword.path;
|
||||
};
|
||||
|
||||
root.hashedPasswordFile = config.age.secrets.rootPassword.path;
|
||||
};
|
||||
|
||||
fonts.packages = with pkgs; [
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue