john/dendritic
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

incorporated john-p14s, big squash merge of stuff

Browse Source
This commit is contained in:
John Lancaster
2026-03-29 15:12:38 -05:00
parent 31df60a718
commit 93458a5e53
37 changed files with 924 additions and 419 deletions
Download Patch File Download Diff File Expand all files Collapse all files
modules/hosts/soteria/soteria.nix
+7 -13
View File
@@ -7,11 +7,9 @@ in
flake.nixosConfigurations."${hostname}" = inputs.nixpkgs.lib.nixosSystem {
modules = with inputs.self.modules; [
nixos.lxc
nixos."${username}"
nixos.mysops
nixos.step-ssh-host
inputs.home-manager.nixosModules.home-manager
nixos."${username}"
nixos.zsh
nixos.login-text
# nixos.mtls
# nixos.restic-server
@@ -24,42 +22,38 @@ in
];
step-ssh-host = {
hostname = hostname;
caURL = caURL;
};
# This provides the secrets at install time
sops.defaultSopsFile = ./secrets.yaml;
home-manager.users."${username}" = {
imports = with inputs.self.modules; [
homeManager"${hostname}"
homeManager."${hostname}"
];
};
}
];
};
flake.modules.homeManager."${hostname}" = { config, lib, pkgs, ... }: {
flake.modules.homeManager."${hostname}" = { config, pkgs, lib, ... }: {
imports = with inputs.self.modules; [
homeManager.rebuild
homeManager.mysops
homeManager.janus-ca
homeManager.mtls
homeManager.docker
];
homeManagerFlakeDir = "${config.xdg.configHome}/home-manager";
home.username = "${username}";
home.homeDirectory = "/home/${username}";
shell.program = "zsh";
docker.enable = true;
# This will provide the edit-secrets script targeting this file
mysops.hostSecretFile = "${config.xdg.configHome}/home-manager/modules/hosts/soteria/secrets.yaml";
mysops.hostSecretFile = "${config.homeManagerFlakeDir}/modules/hosts/soteria/secrets.yaml";
mtls = {
enable = true;
subject = hostname;
ca = {
url = "https://janus.john-stream.com/";
fingerprint = "2036c44f7b5901566ff7611ea6c927291ecc6d2dd00779c0eead70ec77fa10d6";
};
san = [
"${hostname}.john-stream.com"
"192.168.1.142"