jordan/nix-config
1
1
Fork 0
Code Issues 10 Pull Requests Actions Projects 3 Wiki Activity

Compare commits

base: jordan:master
Branches Tags
jordan:master jordan:helios-disko jordan:hass jordan:immich jordan:zitadel jordan:skycam jordan:24.05 jordan:lunarvim jordan:matrix jordan:docs jordan:vps1 jordan:wallpapers jordan:fix-odyssey-nix-store
..
compare: jordan:helios-disko
Branches Tags
jordan:master jordan:helios-disko jordan:hass jordan:immich jordan:zitadel jordan:skycam jordan:24.05 jordan:lunarvim jordan:matrix jordan:docs jordan:vps1 jordan:wallpapers jordan:fix-odyssey-nix-store

1 Commits
master ... helios-dis

Author SHA1 Message Date
Jordan Holt
2cbacf93b6 hosts/helios: add initial disko config 2025-08-23 21:39:28 +01:00
76 changed files with 290 additions and 1057 deletions
Expand all files Collapse all files

184
flake.lock generated
View File

@@ -38,11 +38,11 @@
"treefmt-nix": "treefmt-nix" "treefmt-nix": "treefmt-nix"
}, },
"locked": { "locked": {
"lastModified": 1759699908, "lastModified": 1754492276,
"narHash": "sha256-kYVGY8sAfqwpNch706Fy2+/b+xbtfidhXSnzvthAhIQ=", "narHash": "sha256-cCtleJZQY5eWPYRGl5x63BZ2rfOik4pLveCveH+tmvM=",
"owner": "oddlama", "owner": "oddlama",
"repo": "agenix-rekey", "repo": "agenix-rekey",
"rev": "42362b12f59978aabf3ec3334834ce2f3662013d", "rev": "69ed7833c0e4e6a677a20894d8f12876b9e2bedb",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -71,11 +71,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1759499898, "lastModified": 1753216019,
"narHash": "sha256-UNzYHLWfkSzLHDep5Ckb5tXc0fdxwPIrT+MY4kpQttM=", "narHash": "sha256-zik7WISrR1ks2l6T1MZqZHb/OqroHdJnSnAehkE0kCk=",
"owner": "hyprwm", "owner": "hyprwm",
"repo": "aquamarine", "repo": "aquamarine",
"rev": "655e067f96fd44b3f5685e17f566b0e4d535d798", "rev": "be166e11d86ba4186db93e10c54a141058bdce49",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -131,11 +131,11 @@
"utils": "utils" "utils": "utils"
}, },
"locked": { "locked": {
"lastModified": 1756719547, "lastModified": 1749105467,
"narHash": "sha256-N9gBKUmjwRKPxAafXEk1EGadfk2qDZPBQp4vXWPHINQ=", "narHash": "sha256-hXh76y/wDl15almBcqvjryB50B0BaiXJKk20f314RoE=",
"owner": "serokell", "owner": "serokell",
"repo": "deploy-rs", "repo": "deploy-rs",
"rev": "125ae9e3ecf62fb2c0fd4f2d894eb971f1ecaed2", "rev": "6bc76b872374845ba9d645a2f012b764fecd765f",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -213,11 +213,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1758287904, "lastModified": 1755519972,
"narHash": "sha256-IGmaEf3Do8o5Cwp1kXBN1wQmZwQN3NLfq5t4nHtVtcU=", "narHash": "sha256-bU4nqi3IpsUZJeyS8Jk85ytlX61i4b0KCxXX9YcOgVc=",
"owner": "nix-community", "owner": "nix-community",
"repo": "disko", "repo": "disko",
"rev": "67ff9807dd148e704baadbd4fd783b54282ca627", "rev": "4073ff2f481f9ef3501678ff479ed81402caae6d",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -229,11 +229,11 @@
"firefox-gnome-theme": { "firefox-gnome-theme": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1759418614, "lastModified": 1755874650,
"narHash": "sha256-0E3TqvXAy81qeM/jZXWWOTZ14Hs1RT7o78UyZM+Jbr4=", "narHash": "sha256-ClHCtrzwU6TIfK0qOzAsfPY4swrpbZ8SwUpBpVwphaY=",
"owner": "rafaelmardojai", "owner": "rafaelmardojai",
"repo": "firefox-gnome-theme", "repo": "firefox-gnome-theme",
"rev": "afd438034bf91089cfeb9e6b5cb987bdf5442d0f", "rev": "6fafa0409ad451b90db466f900b7549a1890bf1a",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -332,11 +332,11 @@
"nixpkgs-lib": "nixpkgs-lib" "nixpkgs-lib": "nixpkgs-lib"
}, },
"locked": { "locked": {
"lastModified": 1759362264, "lastModified": 1754487366,
"narHash": "sha256-wfG0S7pltlYyZTM+qqlhJ7GMw2fTF4mLKCIVhLii/4M=", "narHash": "sha256-pHYj8gUBapuUzKV/kN/tR3Zvqc7o6gdFB9XKXIp1SQ8=",
"owner": "hercules-ci", "owner": "hercules-ci",
"repo": "flake-parts", "repo": "flake-parts",
"rev": "758cf7296bee11f1706a574c77d072b8a7baa881", "rev": "af66ad14b28a127c5c0f3bbb298218fc63528a18",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -353,11 +353,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1759362264, "lastModified": 1754091436,
"narHash": "sha256-wfG0S7pltlYyZTM+qqlhJ7GMw2fTF4mLKCIVhLii/4M=", "narHash": "sha256-XKqDMN1/Qj1DKivQvscI4vmHfDfvYR2pfuFOJiCeewM=",
"owner": "hercules-ci", "owner": "hercules-ci",
"repo": "flake-parts", "repo": "flake-parts",
"rev": "758cf7296bee11f1706a574c77d072b8a7baa881", "rev": "67df8c627c2c39c41dbec76a1f201929929ab0bd",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -517,11 +517,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1758463745, "lastModified": 1755928099,
"narHash": "sha256-uhzsV0Q0I9j2y/rfweWeGif5AWe0MGrgZ/3TjpDYdGA=", "narHash": "sha256-OILVkfhRCm8u18IZ2DKR8gz8CVZM2ZcJmQBXmjFLIfk=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "3b955f5f0a942f9f60cdc9cacb7844335d0f21c3", "rev": "4a44fb9f7555da362af9d499817084f4288a957f",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -576,11 +576,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1759490292, "lastModified": 1754305013,
"narHash": "sha256-T6iWzDOXp8Wv0KQOCTHpBcmAOdHJ6zc/l9xaztW6Ivc=", "narHash": "sha256-u+M2f0Xf1lVHzIPQ7DsNCDkM1NYxykOSsRr4t3TbSM4=",
"owner": "hyprwm", "owner": "hyprwm",
"repo": "hyprgraphics", "repo": "hyprgraphics",
"rev": "9431db625cd9bb66ac55525479dce694101d6d7a", "rev": "4c1d63a0f22135db123fc789f174b89544c6ec2d",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -605,11 +605,11 @@
"xdph": "xdph" "xdph": "xdph"
}, },
"locked": { "locked": {
"lastModified": 1760227591, "lastModified": 1755883465,
"narHash": "sha256-zqyzWqTRgNV8inISkZCvAxJLZbjIzcD9mnPabFCtYPU=", "narHash": "sha256-/yviTS9piazXoZAmnN0dXnYjDAFvooBnzJfPw2Gi30Y=",
"owner": "hyprwm", "owner": "hyprwm",
"repo": "Hyprland", "repo": "Hyprland",
"rev": "ed936430216e7aa5f6f53d22eff713f8e9ed69ac", "rev": "0d45b277d6c750377b336034b8adc53eae238d91",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -635,11 +635,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1760143196, "lastModified": 1755183521,
"narHash": "sha256-UPKU7QXmJ8vJO59bGzT0UFhvncWb14odLJXzcvSu73U=", "narHash": "sha256-wrP8TM2lb2x0+PyTc7Uc3yfVBeIlYW7+hFeG14N9Cr8=",
"owner": "hyprwm", "owner": "hyprwm",
"repo": "hyprland-plugins", "repo": "hyprland-plugins",
"rev": "f6dd103dfb12f8939bf8049ee35a2b3eb7564dc3", "rev": "c1ddebb423acc7c88653c04de5ddafee64dac89a",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -728,11 +728,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1759080228, "lastModified": 1753819801,
"narHash": "sha256-RgDoAja0T1hnF0pTc56xPfLfFOO8Utol2iITwYbUhTk=", "narHash": "sha256-tHe6XeNeVeKapkNM3tcjW4RuD+tB2iwwoogWJOtsqTI=",
"owner": "hyprwm", "owner": "hyprwm",
"repo": "hyprland-qtutils", "repo": "hyprland-qtutils",
"rev": "629b15c19fa4082e4ce6be09fdb89e8c3312aed7", "rev": "b308a818b9dcaa7ab8ccab891c1b84ebde2152bc",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -757,11 +757,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1758927902, "lastModified": 1753622892,
"narHash": "sha256-LZgMds7M94+vuMql2bERQ6LiFFdhgsEFezE4Vn+Ys3A=", "narHash": "sha256-0K+A+gmOI8IklSg5It1nyRNv0kCNL51duwnhUO/B8JA=",
"owner": "hyprwm", "owner": "hyprwm",
"repo": "hyprlang", "repo": "hyprlang",
"rev": "4dafa28d4f79877d67a7d1a654cddccf8ebf15da", "rev": "23f0debd2003f17bd65f851cd3f930cff8a8c809",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -782,11 +782,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1759619523, "lastModified": 1754481650,
"narHash": "sha256-r1ed7AR2ZEb2U8gy321/Xcp1ho2tzn+gG1te/Wxsj1A=", "narHash": "sha256-6u6HdEFJh5gY6VfyMQbhP7zDdVcqOrCDTkbiHJmAtMI=",
"owner": "hyprwm", "owner": "hyprwm",
"repo": "hyprutils", "repo": "hyprutils",
"rev": "3df7bde01efb3a3e8e678d1155f2aa3f19e177ef", "rev": "df6b8820c4a0835d83d0c7c7be86fbc555f1f7fd",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -807,11 +807,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1755184602, "lastModified": 1751897909,
"narHash": "sha256-RCBQN8xuADB0LEgaKbfRqwm6CdyopE1xIEhNc67FAbw=", "narHash": "sha256-FnhBENxihITZldThvbO7883PdXC/2dzW4eiNvtoV5Ao=",
"owner": "hyprwm", "owner": "hyprwm",
"repo": "hyprwayland-scanner", "repo": "hyprwayland-scanner",
"rev": "b3b0f1f40ae09d4447c20608e5a4faf8bf3c492d", "rev": "fcca0c61f988a9d092cbb33e906775014c61579d",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -849,16 +849,16 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1754860581, "lastModified": 1748294338,
"narHash": "sha256-EM0IE63OHxXCOpDHXaTyHIOk2cNvMCGPqLt/IdtVxgk=", "narHash": "sha256-FVO01jdmUNArzBS7NmaktLdGA5qA3lUMJ4B7a05Iynw=",
"owner": "NuschtOS", "owner": "NuschtOS",
"repo": "ixx", "repo": "ixx",
"rev": "babfe85a876162c4acc9ab6fb4483df88fa1f281", "rev": "cc5f390f7caf265461d4aab37e98d2292ebbdb85",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "NuschtOS", "owner": "NuschtOS",
"ref": "v0.1.1", "ref": "v0.0.8",
"repo": "ixx", "repo": "ixx",
"type": "github" "type": "github"
} }
@@ -866,11 +866,11 @@
"kvlibadwaita": { "kvlibadwaita": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1757782301, "lastModified": 1710621848,
"narHash": "sha256-jCXME6mpqqWd7gWReT04a//2O83VQcOaqIIXa+Frntc=", "narHash": "sha256-xBl6zmpqTAH5MIT5iNAdW6kdOcB5MY0Dtrb95hdYpwA=",
"owner": "GabePoel", "owner": "GabePoel",
"repo": "KvLibadwaita", "repo": "KvLibadwaita",
"rev": "1f4e0bec44b13dabfa1fe4047aa8eeaccf2f3557", "rev": "87c1ef9f44ec48855fd09ddab041007277e30e37",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -906,11 +906,11 @@
}, },
"nixos-hardware": { "nixos-hardware": {
"locked": { "locked": {
"lastModified": 1760106635, "lastModified": 1755330281,
"narHash": "sha256-2GoxVaKWTHBxRoeUYSjv0AfSOx4qw5CWSFz2b+VolKU=", "narHash": "sha256-aJHFJWP9AuI8jUGzI77LYcSlkA9wJnOIg4ZqftwNGXA=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixos-hardware", "repo": "nixos-hardware",
"rev": "9ed85f8afebf2b7478f25db0a98d0e782c0ed903", "rev": "3dac8a872557e0ca8c083cdcfc2f218d18e113b0",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -946,11 +946,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1759381078, "lastModified": 1754725699,
"narHash": "sha256-gTrEEp5gEspIcCOx9PD8kMaF1iEmfBcTbO0Jag2QhQs=", "narHash": "sha256-iAcj9T/Y+3DBy2J0N+yF9XQQQ8IEb5swLFzs23CdP88=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "7df7ff7d8e00218376575f0acdcc5d66741351ee", "rev": "85dbfc7aaf52ecb755f87e577ddbe6dbbdbc1054",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -978,11 +978,11 @@
}, },
"nixpkgs-lib": { "nixpkgs-lib": {
"locked": { "locked": {
"lastModified": 1754788789, "lastModified": 1753579242,
"narHash": "sha256-x2rJ+Ovzq0sCMpgfgGaaqgBSwY+LST+WbZ6TytnT9Rk=", "narHash": "sha256-zvaMGVn14/Zz8hnp4VWT9xVnhc8vuL3TStRqwk22biA=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nixpkgs.lib", "repo": "nixpkgs.lib",
"rev": "a73b9c743612e4244d865a2fdee11865283c04e6", "rev": "0f36c44e01a6129be94e3ade315a5883f0228a6e",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -993,11 +993,11 @@
}, },
"nixpkgs-unstable": { "nixpkgs-unstable": {
"locked": { "locked": {
"lastModified": 1760038930, "lastModified": 1755615617,
"narHash": "sha256-Oncbh0UmHjSlxO7ErQDM3KM0A5/Znfofj2BSzlHLeVw=", "narHash": "sha256-HMwfAJBdrr8wXAkbGhtcby1zGFvs+StOp19xNsbqdOg=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "0b4defa2584313f3b781240b29d61f6f9f7e0df3", "rev": "20075955deac2583bb12f07151c2df830ef346b4",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -1008,11 +1008,11 @@
}, },
"nixpkgs_2": { "nixpkgs_2": {
"locked": { "locked": {
"lastModified": 1759994382, "lastModified": 1755704039,
"narHash": "sha256-wSK+3UkalDZRVHGCRikZ//CyZUJWDJkBDTQX1+G77Ow=", "narHash": "sha256-gKlP0LbyJ3qX0KObfIWcp5nbuHSb5EHwIvU6UcNBg2A=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "5da4a26309e796daa7ffca72df93dbe53b8164c7", "rev": "9cb344e96d5b6918e94e1bca2d9f3ea1e9615545",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -1031,11 +1031,11 @@
"systems": "systems_6" "systems": "systems_6"
}, },
"locked": { "locked": {
"lastModified": 1760187633, "lastModified": 1755727480,
"narHash": "sha256-0+hp5PqHTXEUjUnc7oFIJVILkNVC330kMeVNdayYrII=", "narHash": "sha256-eb9N7XFj1zirk+D2KV+rn/CjmVHDISlxhtZCWZEVpkM=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nixvim", "repo": "nixvim",
"rev": "76e558c281e738bf1564e366a0c44533bdf0638d", "rev": "6df0b97b39baa1c0b3002b051f307aed68e17d1b",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -1055,11 +1055,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1758662783, "lastModified": 1753771532,
"narHash": "sha256-igrxT+/MnmcftPOHEb+XDwAMq3Xg1Xy7kVYQaHhPlAg=", "narHash": "sha256-Pmpke0JtLRzgdlwDC5a+aiLVZ11JPUO5Bcqkj0nHE/k=",
"owner": "NuschtOS", "owner": "NuschtOS",
"repo": "search", "repo": "search",
"rev": "7d4c0fc4ffe3bd64e5630417162e9e04e64b27a4", "rev": "2a65adaf2c0c428efb0f4a2bc406aab466e96a06",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -1078,11 +1078,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1758108966, "lastModified": 1754416808,
"narHash": "sha256-ytw7ROXaWZ7OfwHrQ9xvjpUWeGVm86pwnEd1QhzawIo=", "narHash": "sha256-c6yg0EQ9xVESx6HGDOCMcyRSjaTpNJP10ef+6fRcofA=",
"owner": "cachix", "owner": "cachix",
"repo": "git-hooks.nix", "repo": "git-hooks.nix",
"rev": "54df955a695a84cd47d4a43e08e1feaf90b1fd9b", "rev": "9c52372878df6911f9afc1e2a1391f55e4dfc864",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -1100,11 +1100,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1759523803, "lastModified": 1755879220,
"narHash": "sha256-PTod9NG+i3XbbnBKMl/e5uHDBYpwIWivQ3gOWSEuIEM=", "narHash": "sha256-2KZl6cU5rzEwXKMW369kLTzinJXXkF3TRExA6qEeVbc=",
"owner": "cachix", "owner": "cachix",
"repo": "git-hooks.nix", "repo": "git-hooks.nix",
"rev": "cfc9f7bb163ad8542029d303e599c0f7eee09835", "rev": "3ff4596663c8cbbffe06d863ee4c950bce2c3b78",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -1143,11 +1143,11 @@
"secrets": { "secrets": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1756051653, "lastModified": 1755887038,
"narHash": "sha256-JJkQliqI7zn+esLnKQP82eQEuolNz8IELm/BYGPTvEw=", "narHash": "sha256-HoEMwFfR3rwNxwJjFCbj3rfW8k6EabHuMJAZOwsT95c=",
"ref": "refs/heads/master", "ref": "refs/heads/master",
"rev": "01cf200f61946ac9f259f9163933ea1749cb3531", "rev": "9e47b557087ebde3a30c9f97189d110c29d144fd",
"revCount": 41, "revCount": 40,
"type": "git", "type": "git",
"url": "ssh://git@git.vimium.com/jordan/nix-secrets.git" "url": "ssh://git@git.vimium.com/jordan/nix-secrets.git"
}, },
@@ -1249,11 +1249,11 @@
"thunderbird-gnome-theme": { "thunderbird-gnome-theme": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1757216698, "lastModified": 1755861050,
"narHash": "sha256-aQAlgHsBAS+DdyYDlYhW/xT86xIu9FO8yJEzSCVaSBg=", "narHash": "sha256-oLmw1VRrmbuLwT5errG3lT85K0jLII/aQ32VtdJ+1xM=",
"owner": "rafaelmardojai", "owner": "rafaelmardojai",
"repo": "thunderbird-gnome-theme", "repo": "thunderbird-gnome-theme",
"rev": "8b9a19eb188b3ede65e8f12a11637bbd56e4f4d7", "rev": "b1fbb41db5718c23667bd9b40268b8e7317634fd",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -1290,11 +1290,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1760120816, "lastModified": 1755934250,
"narHash": "sha256-gq9rdocpmRZCwLS5vsHozwB6b5nrOBDNc2kkEaTXHfg=", "narHash": "sha256-CsDojnMgYsfshQw3t4zjRUkmMmUdZGthl16bXVWgRYU=",
"owner": "numtide", "owner": "numtide",
"repo": "treefmt-nix", "repo": "treefmt-nix",
"rev": "761ae7aff00907b607125b2f57338b74177697ed", "rev": "74e1a52d5bd9430312f8d1b8b0354c92c17453e5",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -1349,11 +1349,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1755354946, "lastModified": 1753633878,
"narHash": "sha256-zdov5f/GcoLQc9qYIS1dUTqtJMeDqmBmo59PAxze6e4=", "narHash": "sha256-js2sLRtsOUA/aT10OCDaTjO80yplqwOIaLUqEe0nMx0=",
"owner": "hyprwm", "owner": "hyprwm",
"repo": "xdg-desktop-portal-hyprland", "repo": "xdg-desktop-portal-hyprland",
"rev": "a10726d6a8d0ef1a0c645378f983b6278c42eaa0", "rev": "371b96bd11ad2006ed4f21229dbd1be69bed3e8a",
"type": "github" "type": "github"
}, },
"original": { "original": {

2
flake.nix
View File

@@ -113,10 +113,10 @@
}: }:
flake-parts.lib.mkFlake { inherit inputs; } { flake-parts.lib.mkFlake { inherit inputs; } {
imports = [ imports = [
inputs.agenix-rekey.flakeModule
inputs.pre-commit-hooks.flakeModule inputs.pre-commit-hooks.flakeModule
inputs.nix-topology.flakeModule inputs.nix-topology.flakeModule
inputs.treefmt-nix.flakeModule inputs.treefmt-nix.flakeModule
./nix/agenix-rekey.nix
./nix/devshell.nix ./nix/devshell.nix
./nix/hosts.nix ./nix/hosts.nix
]; ];

2
hosts/artemis/default.nix
View File

@@ -25,8 +25,6 @@ in
hostPlatform = "x86_64-linux"; hostPlatform = "x86_64-linux";
}; };
age.rekey.hostPubkey = ./ssh_host_ed25519_key.pub;
boot.loader = { boot.loader = {
systemd-boot = { systemd-boot = {
enable = true; enable = true;

2
hosts/artemis/hardware-configuration.nix
View File

@@ -68,7 +68,7 @@ in
"amdgpu.sched_hw_submission=4" "amdgpu.sched_hw_submission=4"
"audit=0" "audit=0"
]; ];
kernelPackages = pkgs.linuxPackages_6_16; kernelPackages = pkgs.linuxPackages_6_15;
supportedFilesystems = [ "ntfs" ]; supportedFilesystems = [ "ntfs" ];
}; };

1
hosts/artemis/ssh_host_ed25519_key.pub
View File

@@ -1 +0,0 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDXJmnp4LUE9AFjGHwvxAu4m/3PB2uYQ69F7wYv7cGGT

2
hosts/atlas/default.nix
View File

@@ -9,8 +9,6 @@
nixpkgs.hostPlatform = "x86_64-linux"; nixpkgs.hostPlatform = "x86_64-linux";
age.rekey.hostPubkey = ./ssh_host_ed25519_key.pub;
boot.loader = { boot.loader = {
systemd-boot.enable = true; systemd-boot.enable = true;
efi.canTouchEfiVariables = true; efi.canTouchEfiVariables = true;

1
hosts/atlas/ssh_host_ed25519_key.pub
View File

@@ -1 +0,0 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPddvpZeCUelUGsnFvx87WOqKKc+MGPU6+rx6s1ReWQl

12
hosts/common.nix
View File

@@ -6,24 +6,17 @@
}: }:
{ {
imports = [ imports = [
inputs.agenix.nixosModules.default inputs.agenix.nixosModules.age
inputs.agenix-rekey.nixosModules.default
inputs.home-manager.nixosModules.home-manager inputs.home-manager.nixosModules.home-manager
../modules/nixos ../modules/nixos
../modules/nixos/impermanence.nix ../modules/nixos/impermanence.nix
]; ];
age.rekey = {
masterIdentities = [ ../secrets/yubikey-nix-primary.pub ];
storageMode = "local";
generatedSecretsDir = inputs.self.outPath + "/secrets/generated/${config.networking.hostName}";
localStorageDir = inputs.self.outPath + "/secrets/rekeyed/${config.networking.hostName}";
};
nixpkgs = { nixpkgs = {
config.allowUnfree = true; config.allowUnfree = true;
overlays = [ overlays = [
inputs.agenix.overlays.default inputs.agenix.overlays.default
(import ../overlays/default.nix)
(final: prev: { (final: prev: {
unstable = import inputs.nixpkgs-unstable { unstable = import inputs.nixpkgs-unstable {
config = { config = {
@@ -32,7 +25,6 @@
system = final.system; system = final.system;
}; };
}) })
(import ../overlays/default.nix)
]; ];
}; };

2
hosts/desktop.nix
View File

@@ -40,7 +40,7 @@
}; };
system.autoUpgrade = { system.autoUpgrade = {
enable = false; enable = true;
flake = "git+ssh://git@git.vimium.com/jordan/nix-config.git"; flake = "git+ssh://git@git.vimium.com/jordan/nix-config.git";
randomizedDelaySec = "10min"; randomizedDelaySec = "10min";
}; };

5
hosts/helios/default.nix
View File

@@ -1,4 +1,5 @@
{ {
inputs,
pkgs, pkgs,
lib, lib,
... ...
@@ -9,15 +10,15 @@ let
in in
{ {
imports = [ imports = [
inputs.disko.nixosModules.disko
./hardware-configuration.nix ./hardware-configuration.nix
./disko-config.nix
../desktop.nix ../desktop.nix
../../users/jordan ../../users/jordan
]; ];
nixpkgs.hostPlatform = "x86_64-linux"; nixpkgs.hostPlatform = "x86_64-linux";
age.rekey.hostPubkey = ./ssh_host_ed25519_key.pub;
boot = { boot = {
loader.grub = { loader.grub = {
enable = true; enable = true;

101
hosts/helios/disko-config.nix Normal file
View File

@@ -0,0 +1,101 @@
{ ... }:
{
disko.devices = {
disk = {
main = {
type = "disk";
device = "/dev/disk/by-id/ata-SanDisk_Ultra_II_480GB_162224802391";
content = {
type = "gpt";
partitions = {
MBR = {
size = "1M";
type = "EF02"; # For GRUB MBR
};
boot = {
size = "500M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
};
};
zfs = {
size = "100%";
content = {
type = "zfs";
pool = "rpool";
};
};
};
};
};
};
zpool = {
rpool = {
type = "zpool";
options = {
ashift = "12";
};
rootFsOptions = {
compression = "zstd";
acltype = "posix";
atime = "off";
xattr = "sa";
dnodesize = "auto";
mountpoint = "none";
canmount = "off";
devices = "off";
exec = "off";
setuid = "off";
};
datasets = {
"local" = {
type = "zfs_fs";
};
"local/root" = {
type = "zfs_fs";
mountpoint = "/";
options = {
canmount = "noauto";
mountpoint = "/";
exec = "on";
setuid = "on";
};
postCreateHook = "zfs snapshot rpool/local/root@blank";
};
"local/nix" = {
type = "zfs_fs";
mountpoint = "/nix";
options = {
canmount = "noauto";
mountpoint = "/nix";
exec = "on";
setuid = "on";
};
};
"local/state" = {
type = "zfs_fs";
mountpoint = "/state";
options = {
canmount = "noauto";
mountpoint = "/state";
};
};
"safe" = {
type = "zfs_fs";
};
"safe/persist" = {
type = "zfs_fs";
mountpoint = "/persist";
options = {
canmount = "noauto";
mountpoint = "/persist";
};
};
};
};
};
};
}

1
hosts/helios/ssh_host_ed25519_key.pub
View File

@@ -1 +0,0 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL2tDij7eTDbljl6Crz4i7qrM0lgp8U2T9ZMXt7VQPT/

2
hosts/hypnos/default.nix
View File

@@ -22,8 +22,6 @@
}; };
}; };
age.rekey.hostPubkey = ./ssh_host_ed25519_key.pub;
boot.loader = { boot.loader = {
systemd-boot.enable = true; systemd-boot.enable = true;
efi.canTouchEfiVariables = true; efi.canTouchEfiVariables = true;

1
hosts/hypnos/ssh_host_ed25519_key.pub
View File

@@ -1 +0,0 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINGlbvy+4QHbveFbS6r9S0JWUVHeI/MgYLyGtfpZqJ/3

33
hosts/library/ai.nix
View File

@@ -1,15 +1,13 @@
{ {
inputs,
config, config,
pkgs, pkgs,
... ...
}: }:
let
stateDir = "/var/lib/open-webui";
in
{ {
age.secrets.open-webui-env = { age.secrets."files/services/open-webui/envfile" = {
rekeyFile = ./secrets/open-webui-env.age; file = "${inputs.secrets}/files/services/open-webui/envfile.age";
}; };
services.open-webui = { services.open-webui = {
@@ -31,33 +29,10 @@ in
OFFLINE_MODE = "True"; OFFLINE_MODE = "True";
OPENID_PROVIDER_URL = "https://auth.vimium.com/oauth2/openid/${clientId}/.well-known/openid-configuration"; OPENID_PROVIDER_URL = "https://auth.vimium.com/oauth2/openid/${clientId}/.well-known/openid-configuration";
OPENID_REDIRECT_URI = "${publicUrl}/oauth/oidc/callback"; OPENID_REDIRECT_URI = "${publicUrl}/oauth/oidc/callback";
# Fix from https://github.com/NixOS/nixpkgs/pull/431395
STATIC_DIR = "${stateDir}/static";
DATA_DIR = "${stateDir}/data";
HF_HOME = "${stateDir}/hf_home";
SENTENCE_TRANSFORMERS_HOME = "${stateDir}/transformers_home";
}; };
environmentFile = config.age.secrets.open-webui-env.path; environmentFile = config.age.secrets."files/services/open-webui/envfile".path;
}; };
# Fix from https://github.com/NixOS/nixpkgs/pull/432897
systemd.services.open-webui.preStart = ''
if [ -d "${stateDir}/data" ] && [ -n "$(ls -A "${stateDir}/data" 2>/dev/null)" ]; then
exit 0
fi
mkdir -p "${stateDir}/data"
[ -f "${stateDir}/webui.db" ] && mv "${stateDir}/webui.db" "${stateDir}/data/"
for dir in cache uploads vector_db; do
[ -d "${stateDir}/$dir" ] && mv "${stateDir}/$dir" "${stateDir}/data/"
done
exit 0
'';
modules.services.borgmatic.directories = [ modules.services.borgmatic.directories = [
"/var/lib/private/open-webui" "/var/lib/private/open-webui"
]; ];

2
hosts/library/default.nix
View File

@@ -17,8 +17,6 @@
nixpkgs.hostPlatform = "x86_64-linux"; nixpkgs.hostPlatform = "x86_64-linux";
age.rekey.hostPubkey = ./ssh_host_ed25519_key.pub;
boot = { boot = {
loader.systemd-boot.enable = true; loader.systemd-boot.enable = true;
loader.efi.canTouchEfiVariables = true; loader.efi.canTouchEfiVariables = true;

10
hosts/library/secrets/open-webui-env.age
View File

@@ -1,10 +0,0 @@
age-encryption.org/v1
-> piv-p256 a1N2XA AqHsJTdBE6LT9QJK7Dek6b3zA/PaqAmma7uRdKHdQQym
KMB+yq8M+eej5pg7MHFBqzYhQhVnrPpTevDVo1RZn5Q
-> m;#M[T-grease > G>`e0C&G OS
ichBG8145Jl9vthZfVHcznJmi+c81HHZfd7UGzdfP7TR1wp9ub6IXiqK9KRe7ga7
N3osvWzwiwCI5oN0NA
--- ILq3bk5+xuZ4CV7J/rQkYBMz5wG2dHzn+G+cvEqUSRw
j
<EFBFBD><EFBFBD>X<EFBFBD>+<2B><>r<EFBFBD><1E><>j<EFBFBD><6A><EFBFBD>ZW <16><>p<EFBFBD><70><EFBFBD>k<EFBFBD>%ǗxdC5mͧ '[<5B><>w<EFBFBD>x<EFBFBD><EFBFBD>#<23><><EFBFBD>O<18><14>7<EFBFBD>bC'8<><38>3<EFBFBD>b<EFBFBD>{_<>%_<><5F>s&<26><><EFBFBD>ѹrr<72><07><><EFBFBD>,
5L8<EFBFBD>yC<EFBFBD>O<EFBFBD>6o<EFBFBD><EFBFBD><EFBFBD>k}<7D><17>_<EFBFBD><5F>i<EFBFBD>m<EFBFBD>u3|<7C>f 5<><35>5<EFBFBD><35>A<EFBFBD>V<EFBFBD>><3E>+<2B><><EFBFBD><EFBFBD>E=<3D><><11><>E<EFBFBD><45><EFBFBD>aE<61>-<2D>Ԑ^<5E><>Q<EFBFBD><51>j<EFBFBD><6A><EFBFBD><EFBFBD>7<EFBFBD>6P<36><50>b<EFBFBD><62>E8*4߄

1
hosts/library/ssh_host_ed25519_key.pub
View File

@@ -1 +0,0 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBP+SH4lzFTE29y9HfjkaO7Ino5OqEws5UXcnBFoo76C

2
hosts/mail/default.nix
View File

@@ -14,8 +14,6 @@
nixpkgs.hostPlatform = "x86_64-linux"; nixpkgs.hostPlatform = "x86_64-linux";
age.rekey.hostPubkey = ./ssh_host_ed25519_key.pub;
networking = { networking = {
hostId = "08ac2f14"; hostId = "08ac2f14";
firewall = { firewall = {

1
hosts/mail/ssh_host_ed25519_key.pub
View File

@@ -1 +0,0 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGLHtC0JmFfct+lYl0EjgphutmeYY8BWDctY3+/TsO6L

13
hosts/odyssey/default.nix
View File

@@ -20,8 +20,6 @@
}; };
}; };
age.rekey.hostPubkey = ./ssh_host_ed25519_key.pub;
boot.loader = { boot.loader = {
systemd-boot = { systemd-boot = {
enable = true; enable = true;
@@ -52,17 +50,6 @@
capSysAdmin = true; capSysAdmin = true;
}; };
environment.systemPackages = with pkgs; [
yubikey-manager
age-plugin-yubikey
];
services.udev.packages = with pkgs; [
libfido2
];
services.pcscd.enable = true;
modules = { modules = {
hardware.presonus-studio.enable = true; hardware.presonus-studio.enable = true;
services = { services = {

1
hosts/odyssey/ssh_host_ed25519_key.pub
View File

@@ -1 +0,0 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJre8/cjdoUnbTu0x4ClTITcq4lq+FjpEyJBbLbOlox7

1
hosts/pi/README.md
View File

@@ -27,4 +27,3 @@ SD card | `/dev/mmcblk0` (ext4, NixOS Root)
- HDMI to ONKYO HT-R990 - HDMI to ONKYO HT-R990
- S/PDIF to ONKYO HT-R990 - S/PDIF to ONKYO HT-R990
- Ethernet to ONKYO HT-R990 - Ethernet to ONKYO HT-R990
- Ethernet to LG TV

29
hosts/pi/default.nix
View File

@@ -15,8 +15,6 @@
nixpkgs.hostPlatform = "aarch64-linux"; nixpkgs.hostPlatform = "aarch64-linux";
age.rekey.hostPubkey = ./ssh_host_ed25519_key.pub;
hardware = { hardware = {
raspberry-pi."4" = { raspberry-pi."4" = {
apply-overlays-dtmerge.enable = true; apply-overlays-dtmerge.enable = true;
@@ -131,25 +129,14 @@
}; };
}; };
networking.interfaces = { # Connection to ONKYO HT-R990
# Connection to ONKYO HT-R990 networking.interfaces.end0 = {
end0 = { ipv4.addresses = [
ipv4.addresses = [ {
{ address = "172.16.0.1";
address = "172.16.0.1"; prefixLength = 30;
prefixLength = 30; }
} ];
];
};
# Connection to LG TV
enp1s0u2 = {
ipv4.addresses = [
{
address = "172.16.1.1";
prefixLength = 30;
}
];
};
}; };
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [

1
hosts/pi/home-assistant/default.nix
View File

@@ -244,7 +244,6 @@
"wake_on_lan" "wake_on_lan"
"water_heater" "water_heater"
"weather" "weather"
"webostv"
"websocket_api" "websocket_api"
"wled" "wled"
"workday" "workday"

2
hosts/pi/snapcast.nix
View File

@@ -18,7 +18,7 @@
}; };
services.snapserver = { services.snapserver = {
enable = false; enable = true;
streams = { streams = {
default = { default = {
type = "file"; type = "file";

1
hosts/pi/ssh_host_ed25519_key.pub
View File

@@ -1 +0,0 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFYv5V6Lr1Er1dljwmunurIz1Q3Ce5FsFSxtUOW6aO9J

2
hosts/skycam/default.nix
View File

@@ -11,8 +11,6 @@
nixpkgs.hostPlatform = "aarch64-linux"; nixpkgs.hostPlatform = "aarch64-linux";
age.rekey.hostPubkey = ./ssh_host_ed25519_key.pub;
networking = { networking = {
hostId = "731d1660"; hostId = "731d1660";
firewall = { firewall = {

1
hosts/skycam/ssh_host_ed25519_key.pub
View File

@@ -1 +0,0 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHv5+HwcRetBxtQZXpGbYv22S4prJu9bYCzKTSoMCl8D

4
hosts/vps1/README.md
View File

@@ -6,8 +6,8 @@ VPS hosted in OVH.
## Specs ## Specs
- CPU - 4 vCores - CPU - ??
- Memory - 4 GB - Memory - ??
### Disks ### Disks

3
hosts/vps1/default.nix
View File

@@ -12,7 +12,6 @@
./matrix.nix ./matrix.nix
./nginx.nix ./nginx.nix
./photoprism.nix ./photoprism.nix
./vaultwarden.nix
../server.nix ../server.nix
]; ];
@@ -20,8 +19,6 @@
hostPlatform = "x86_64-linux"; hostPlatform = "x86_64-linux";
}; };
age.rekey.hostPubkey = ./ssh_host_ed25519_key.pub;
networking = { networking = {
hostId = "08bf6db3"; hostId = "08bf6db3";
firewall = { firewall = {

99
hosts/vps1/kanidm.nix
View File

@@ -6,27 +6,14 @@
let let
baseDomain = "vimium.com"; baseDomain = "vimium.com";
domain = "auth.${baseDomain}"; domain = "auth.${baseDomain}";
mkRandomSecret = {
generator.script = "alnum";
mode = "440";
group = "kanidm";
};
in in
{ {
age.secrets.kanidm-admin-password = mkRandomSecret;
age.secrets.kanidm-idm-admin-password = mkRandomSecret;
age.secrets.kanidm-oauth2-gitea = mkRandomSecret;
age.secrets.kanidm-oauth2-open-webui = mkRandomSecret;
age.secrets.kanidm-oauth2-vaultwarden = mkRandomSecret;
services.kanidm = services.kanidm =
let let
uri = "https://${domain}"; uri = "https://${domain}";
in in
{ {
package = pkgs.unstable.kanidmWithSecretProvisioning; package = pkgs.unstable.kanidm;
enableClient = true; enableClient = true;
enableServer = true; enableServer = true;
clientSettings = { clientSettings = {
@@ -41,92 +28,8 @@ in
tls_key = "${config.security.acme.certs.${domain}.directory}/key.pem"; tls_key = "${config.security.acme.certs.${domain}.directory}/key.pem";
version = "2"; version = "2";
}; };
provision = {
enable = true;
adminPasswordFile = config.age.secrets.kanidm-admin-password.path;
idmAdminPasswordFile = config.age.secrets.kanidm-idm-admin-password.path;
persons.jordan = {
displayName = "Jordan Holt";
legalName = "Jordan Holt";
mailAddresses = [
"jordan@vimium.com"
];
groups = [
"gitea_admins"
"gitea_users"
"jellyfin_admins"
"jellyfin_users"
"open-webui_admins"
"open-webui_users"
"vaultwarden_users"
];
};
groups."gitea_admins" = { };
groups."gitea_users" = { };
systems.oauth2.gitea = {
displayName = "Gitea";
originUrl = "https://git.vimium.com/user/oauth2/Vimium/callback";
originLanding = "https://git.vimium.com/";
basicSecretFile = config.age.secrets.kanidm-oauth2-gitea.path;
scopeMaps."gitea_users" = [
"openid"
"email"
"profile"
];
allowInsecureClientDisablePkce = true;
preferShortUsername = true;
claimMaps.groups = {
joinType = "array";
valuesByGroup."gitea_admins" = [ "admin" ];
};
};
groups."jellyfin_admins" = { };
groups."jellyfin_users" = { };
groups."open-webui_admins" = { };
groups."open-webui_users" = { };
systems.oauth2.open-webui = {
displayName = "Open WebUI";
originUrl = "https://chat.ai.vimium.com/oauth/oidc/callback";
originLanding = "https://chat.ai.vimium.com/";
basicSecretFile = config.age.secrets.kanidm-oauth2-open-webui.path;
scopeMaps."open-webui_users" = [
"openid"
"email"
"profile"
];
allowInsecureClientDisablePkce = true;
claimMaps.groups = {
joinType = "array";
valuesByGroup."open-webui_admins" = [ "admin" ];
};
};
groups."vaultwarden_users" = { };
systems.oauth2.vaultwarden = {
displayName = "Vaultwarden";
originUrl = "https://vaultwarden.vimium.com/identity/connect/oidc-signin";
originLanding = "https://vaultwarden.vimium.com/";
basicSecretFile = config.age.secrets.kanidm-oauth2-vaultwarden.path;
scopeMaps."vaultwarden_users" = [
"openid"
"email"
"profile"
];
};
};
}; };
# LDAP server binds to tailscale network interface
systemd.services.kanidm = {
requires = [ "tailscaled.service" ];
after = [ "tailscaled.service" ];
serviceConfig.RestartSec = "60";
};
services.nginx.virtualHosts = { services.nginx.virtualHosts = {
"${domain}" = { "${domain}" = {
useACMEHost = "${domain}"; useACMEHost = "${domain}";

99
hosts/vps1/matrix.nix
View File

@@ -1,5 +1,4 @@
{ {
inputs,
config, config,
lib, lib,
pkgs, pkgs,
@@ -27,69 +26,33 @@ let
}; };
matrixServerConfig."m.server" = "${matrixSubdomain}:443"; matrixServerConfig."m.server" = "${matrixSubdomain}:443";
commonBridgeSettings = bridge: { commonBridgeSettings = bridge: {
database = lib.mkIf usePostgresql { appservice = {
type = "postgres"; database = lib.mkIf usePostgresql {
uri = "postgresql:///${bridge}?host=/run/postgresql"; type = "postgres";
uri = "postgresql:///${bridge}?host=/run/postgresql";
};
}; };
bridge = { bridge = {
encryption = {
allow = true;
default = true;
require = true;
};
permissions = { permissions = {
"${serverName}" = "user"; "${serverName}" = "user";
"@jordan:${serverName}" = "admin"; "@jordan:${serverName}" = "admin";
}; };
}; provisioning = {
encryption = { shared_secret = "disable";
allow = true; };
default = true;
require = true;
};
provisioning = {
shared_secret = "disable";
}; };
homeserver = { homeserver = {
address = "https://${matrixSubdomain}"; address = "https://${matrixSubdomain}";
domain = serverName; domain = serverName;
}; };
double_puppet.secrets = {
"${serverName}" = "as_token:$MAUTRIX_DOUBLEPUPPET_TOKEN";
};
}; };
proxyConfig = ''
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
'';
in in
{ {
# Backport new options from https://github.com/NixOS/nixpkgs/pull/446155
disabledModules = [
"services/matrix/mautrix-whatsapp.nix"
];
imports = [
(inputs.nixpkgs-unstable + /nixos/modules/services/matrix/mautrix-whatsapp.nix)
];
age.secrets = {
mautrix-doublepuppet-registration = {
rekeyFile = ./secrets/mautrix-doublepuppet-registration.age;
mode = "0440";
group = "matrix-synapse";
};
mautrix-signal-env = {
rekeyFile = ./secrets/mautrix-signal-env.age;
mode = "0440";
group = "mautrix-signal";
};
mautrix-whatsapp-env = {
rekeyFile = ./secrets/mautrix-whatsapp-env.age;
mode = "0440";
group = "mautrix-whatsapp";
};
};
networking.firewall.allowedTCPPorts = [ networking.firewall.allowedTCPPorts = [
8448 # Matrix federation 8448 # Matrix federation
]; ];
@@ -137,11 +100,14 @@ in
locations = { locations = {
"/" = { "/" = {
proxyPass = "http://localhost:8008"; proxyPass = "http://localhost:8008";
extraConfig = proxyConfig; extraConfig = ''
proxy_set_header X-Forwarded-For $remote_addr;
'';
}; };
"/_matrix" = { "/_matrix" = {
proxyPass = "http://localhost:8008"; proxyPass = "http://localhost:8008";
extraConfig = proxyConfig + '' extraConfig = ''
proxy_set_header X-Forwarded-For $remote_addr;
client_max_body_size 50M; client_max_body_size 50M;
''; '';
}; };
@@ -196,9 +162,6 @@ in
enable = true; enable = true;
enableRegistrationScript = true; enableRegistrationScript = true;
settings = { settings = {
app_service_config_files = [
config.age.secrets.mautrix-doublepuppet-registration.path
];
database.name = (if usePostgresql then "psycopg2" else "sqlite3"); database.name = (if usePostgresql then "psycopg2" else "sqlite3");
enable_metrics = false; enable_metrics = false;
enable_registration = false; enable_registration = false;
@@ -235,33 +198,23 @@ in
services.mautrix-signal = lib.mkIf bridges.signal { services.mautrix-signal = lib.mkIf bridges.signal {
enable = true; enable = true;
environmentFile = config.age.secrets.mautrix-signal-env.path; settings = commonBridgeSettings "mautrix-signal";
settings = lib.recursiveUpdate {
encryption = {
pickle_key = "$MAUTRIX_SIGNAL_ENCRYPTION_PICKLE_KEY";
};
} (commonBridgeSettings "mautrix-signal");
}; };
services.mautrix-whatsapp = lib.mkIf bridges.whatsapp { services.mautrix-whatsapp = lib.mkIf bridges.whatsapp {
enable = true; enable = true;
environmentFile = config.age.secrets.mautrix-whatsapp-env.path; settings = {
settings = lib.recursiveUpdate { bridge = {
backfill = {
enabled = true;
max_initial_messags = 50;
};
encryption = {
pickle_key = "$MAUTRIX_WHATSAPP_ENCRYPTION_PICKLE_KEY";
};
network = {
mute_status_broadcast = true;
history_sync = { history_sync = {
backfill = true;
max_initial_conversations = -1; max_initial_conversations = -1;
message_count = 50;
request_full_sync = true; request_full_sync = true;
}; };
mute_bridging = true;
}; };
} (commonBridgeSettings "mautrix-whatsapp"); }
// commonBridgeSettings "mautrix-whatsapp";
}; };
environment.persistence."/persist".directories = [ environment.persistence."/persist".directories = [

9
hosts/vps1/nginx.nix
View File

@@ -164,6 +164,15 @@ in
root = "/var/www/pki.vimium.com"; root = "/var/www/pki.vimium.com";
}; };
}; };
"suhailhussain.com" = {
forceSSL = true;
enableACME = true;
serverAliases = [ "www.suhailhussain.com" ];
extraConfig = nginxErrorPages + nginxEdgeHeaders + nginxStrictHeaders;
locations."/" = {
root = "/var/www/suhailhussain.com";
};
};
"vimium.com" = { "vimium.com" = {
default = true; default = true;
forceSSL = true; forceSSL = true;

BIN
hosts/vps1/secrets/mautrix-doublepuppet-registration.age
View File

Binary file not shown.

9
hosts/vps1/secrets/mautrix-signal-env.age
View File

@@ -1,9 +0,0 @@
age-encryption.org/v1
-> piv-p256 a1N2XA AuFF7Zqic+KNiU82xDS8ItdNSnr1045DpKOyYHZgq3kE
qNK+p6I6kR2A41d/gVyCp2b3xu7g0/rCXIL22Gal3IA
-> R.kR/-r-grease 5Q54Z B.x PMjy\
3ajY8AoJzUB9fiDnHoFVSIPEfvgAk2VtJeHNOno9cxeK6uZ+Ve22pUWBN2cp+2Qz
J7J9U1zQWVSOum3dDmscAVBzf4Hw2hUBZcAnZA
--- hZ4N9mXSCS3zT9R/Axb9dWVx5Lr+mLxxXuR45oehok4
<EFBFBD><EFBFBD>z󩃢<EFBFBD>J%<25><>w<><77><EFBFBD>͜<EFBFBD><CD9C><EFBFBD>c<15>' <20><><EFBFBD>K 39<33><39>˯<EFBFBD>q<1A>G<>bX6<58>6<EFBFBD>̚<EFBFBD><CC9A>p<03>4<EFBFBD>mG<6D><14><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
<EFBFBD>`<60>8

BIN
hosts/vps1/secrets/mautrix-whatsapp-env.age
View File

Binary file not shown.

8
hosts/vps1/secrets/vaultwarden-env.age
View File

@@ -1,8 +0,0 @@
age-encryption.org/v1
-> piv-p256 a1N2XA A+JTQrgN4xxrQpLhyMtfq82/26DwsudKmxyE8gx9PlJU
oZjXRvr2mza+28asKcXzSDU0em5edPpazk5dOLXrvZ8
-> )z\cT7C|-grease v>P/r|O s\(zEXaF Q ,!Y2g+NM
ZAEVPuF8OEWWNKFP+7IUrpaDydZDAFCRnj1vOdGiBf6BzgbicAAmIF4XgBQqpE5M
JoCzgjdKB1kLOQB2PWRfJ02L93/zFQXm
--- vcFS71G0ZZ1bU8dKgMmLMv5sUIi/TYjOu41EuDpJyXw
:<3A><><15><><EFBFBD><7F>!<21>-<<11><1E>:<3A><><EFBFBD><EFBFBD>rg?<3F>N-i<><69><EFBFBD>?<3F>d<EFBFBD>Z2h<32>3<EFBFBD> <0C>]

1
hosts/vps1/ssh_host_ed25519_key.pub
View File

@@ -1 +0,0 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII9NBbTqjs709LTRgeBV306s3SI7WuQMbor195QprBFc

78
hosts/vps1/vaultwarden.nix
View File

@@ -1,78 +0,0 @@
{
config,
lib,
...
}:
let
inherit (lib)
mkForce
;
baseDomain = "vimium.com";
domain = "vaultwarden.${baseDomain}";
in
{
age.secrets.vaultwarden-env = {
rekeyFile = ./secrets/vaultwarden-env.age;
mode = "0440";
group = "vaultwarden";
};
services.vaultwarden = {
enable = true;
dbBackend = "sqlite";
backupDir = "/var/cache/vaultwarden-backup";
config = {
dataFolder = mkForce "/var/lib/vaultwarden";
useSysLog = true;
webVaultEnabled = true;
rocketPort = 8222;
ssoEnabled = true;
ssoOnly = true;
ssoAuthority = "https://auth.vimium.com/oauth2/openid/vaultwarden";
ssoClientId = "vaultwarden";
signupsAllowed = false;
passwordIterations = 1000000;
invitationsAllowed = true;
invitationOrgName = "Vimium";
domain = "https://${domain}";
};
environmentFile = config.age.secrets.vaultwarden-env.path;
};
services.nginx.virtualHosts = {
"${domain}" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://127.0.0.1:${toString config.services.vaultwarden.config.rocketPort}";
proxyWebsockets = true;
};
};
};
systemd.services.backup-vaultwarden.environment.DATA_FOLDER = mkForce "/var/lib/vaultwarden";
systemd.services.vaultwarden.serviceConfig = {
StateDirectory = mkForce "vaultwarden";
RestartSec = "60";
};
environment.persistence."/persist".directories = [
{
directory = "/var/lib/vaultwarden";
user = "vaultwarden";
group = "vaultwarden";
mode = "0700";
}
];
environment.persistence."/state".directories = [
{
directory = config.services.vaultwarden.backupDir;
user = "vaultwarden";
group = "vaultwarden";
mode = "0700";
}
];
}

2
hosts/vps2/default.nix
View File

@@ -15,8 +15,6 @@
hostPlatform = "x86_64-linux"; hostPlatform = "x86_64-linux";
}; };
age.rekey.hostPubkey = ./ssh_host_ed25519_key.pub;
networking = { networking = {
hostId = "60de4af8"; hostId = "60de4af8";
firewall = { firewall = {

1
hosts/vps2/ssh_host_ed25519_key.pub
View File

@@ -1 +0,0 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG1Ee9QHeGSVpmruNaMdaycYyNdTXVRWpwUk1EBEM7UW

29
nix/agenix-rekey.nix
View File

@@ -1,29 +0,0 @@
{
inputs,
...
}:
{
imports = [
inputs.agenix-rekey.flakeModule
];
perSystem =
{ config, ... }:
{
agenix-rekey.nixosConfigurations = inputs.self.nixosConfigurations;
devshells.default = {
commands = [
{
inherit (config.agenix-rekey) package;
help = "Edit, generate, and rekey secrets";
}
];
env = [
{
name = "AGENIX_REKEY_ADD_TO_GIT";
value = "true";
}
];
};
};
}

2
overlays/default.nix
View File

@@ -31,8 +31,6 @@ lib.mapAttrs (
else else
# Namespaced package sets in regular attrsets. # Namespaced package sets in regular attrsets.
prev.${name} // value prev.${name} // value
else if name == "vaultwarden" then
final.callPackage value { rustPlatform = final.unstable.rustPlatform; }
else else
final.callPackage value { } final.callPackage value { }
) pkgs ) pkgs

65
pkgs/vaultwarden/package.nix
View File

@@ -1,65 +0,0 @@
{
lib,
stdenv,
callPackage,
rustPlatform,
fetchFromGitHub,
nixosTests,
pkg-config,
openssl,
libiconv,
dbBackend ? "sqlite",
libmysqlclient,
libpq,
}:
let
webvault = callPackage ./webvault.nix { };
in
rustPlatform.buildRustPackage rec {
pname = "vaultwarden";
version = "git-" + builtins.substring 0 7 src.rev;
src = fetchFromGitHub {
owner = "dani-garcia";
repo = "vaultwarden";
rev = "a2ad1dc7c3d28834749d4b14206838d795236c27";
sha256 = "sha256-6Qmp/Uv8hdKuL9e3tPMKgNq1ZdvRQbzM65ifmS2Z3UY=";
};
cargoHash = "sha256-F7we9rurJ7srz54lsuSrdoIZpkGE+4ncW3+wjEwaD7M=";
# used for "Server Installed" version in admin panel
env.VW_VERSION = version;
nativeBuildInputs = [ pkg-config ];
buildInputs = [
openssl
]
++ lib.optionals stdenv.hostPlatform.isDarwin [
libiconv
]
++ lib.optional (dbBackend == "mysql") libmysqlclient
++ lib.optional (dbBackend == "postgresql") libpq;
buildFeatures = dbBackend;
passthru = {
inherit webvault;
tests = nixosTests.vaultwarden;
updateScript = callPackage ./update.nix { };
};
meta = with lib; {
description = "Unofficial Bitwarden compatible server written in Rust";
homepage = "https://github.com/dani-garcia/vaultwarden";
changelog = "https://github.com/dani-garcia/vaultwarden/releases/tag/${version}";
license = licenses.agpl3Only;
maintainers = with maintainers; [
dotlambda
SuperSandro2000
];
mainProgram = "vaultwarden";
};
}

83
pkgs/vaultwarden/webvault.nix
View File

@@ -1,83 +0,0 @@
{
lib,
buildNpmPackage,
fetchFromGitHub,
nixosTests,
python3,
vaultwarden,
}:
let
version = "2025.8.0";
bw_web_builds = fetchFromGitHub {
owner = "dani-garcia";
repo = "bw_web_builds";
rev = "v${version}";
hash = "sha256-93acGKO3Fq81M1wKPvIynvkTFXPQXypcMb+c4aEtxJc=";
};
in
buildNpmPackage rec {
pname = "vaultwarden-webvault";
inherit version;
src = fetchFromGitHub {
owner = "vaultwarden";
repo = "vw_web_builds";
rev = bw_web_builds.rev;
hash = "sha256-u51EP4I+bUcTeMqfzx1gbZMxpjalt3bpK3QGp5QEpYU=";
};
npmDepsHash = "sha256-wi7ZDgGKXrtueLob5OVNKCpnzC00UW9zo8KwuoyL1Bo=";
postPatch = ''
ln -s ${bw_web_builds}/{patches,resources} ..
'';
nativeBuildInputs = [
python3
];
makeCacheWritable = true;
env = {
ELECTRON_SKIP_BINARY_DOWNLOAD = "1";
npm_config_build_from_source = "true";
};
npmRebuildFlags = [
# FIXME one of the esbuild versions fails to download @esbuild/linux-x64
"--ignore-scripts"
];
npmBuildScript = "dist:oss:selfhost";
npmBuildFlags = [
"--workspace"
"apps/web"
];
npmFlags = [ "--legacy-peer-deps" ];
installPhase = ''
runHook preInstall
mkdir -p $out/share/vaultwarden
mv apps/web/build $out/share/vaultwarden/vault
runHook postInstall
'';
passthru = {
inherit bw_web_builds;
tests = nixosTests.vaultwarden;
};
meta = with lib; {
description = "Integrates the web vault into vaultwarden";
homepage = "https://github.com/dani-garcia/bw_web_builds";
changelog = "https://github.com/dani-garcia/bw_web_builds/releases/tag/v${version}";
platforms = platforms.all;
license = licenses.gpl3Plus;
inherit (vaultwarden.meta) maintainers;
};
}

7
secrets/generated/vps1/kanidm-admin-password.age
View File

@@ -1,7 +0,0 @@
age-encryption.org/v1
-> piv-p256 a1N2XA A54fi3eKkgTq6VOnMm2ze+aHVpJ0NNsqT+w7nvYoznbM
t/dRpZzqO/mX7iHLxbvzVxdmTECkRFPA5jmYfZwbMR0
-> O_h4MVE-grease {- v~ 05B3
Clwo0RqQmOGC24XDUIA+4MfDLlWnc3SjR8Kk0Wokqf6R5QFobU4
--- loq7Xutgff/pptwqLMmjVA1uZwtDE1z6wsORzSgY80w
"<22>2<EFBFBD>Q<EFBFBD>`D<> $<24>N<EFBFBD><4E><<3C><><EFBFBD>.<2E><05>=5<><35>8<EFBFBD>%g<><67>E<EFBFBD><45>l[T<>I<>y

8
secrets/generated/vps1/kanidm-idm-admin-password.age
View File

@@ -1,8 +0,0 @@
age-encryption.org/v1
-> piv-p256 a1N2XA Aul2Rho3PfWaREBYYJr5FpyV5+eQ18GY5DT1dB9QcAH8
wDHmswR1WRsqCrqRv6imy2oeo+FP3Z1kDpWvr/IzcUY
-> 4-grease x K>#G$!
WbQ2yy2Pkkn0BYBR+y0tPLCFTN6cKEYGEp4B+nagPf42XONM3Q4ewp5UJF25rAiJ
LsUecsY7dvX1n9HAz6uBwMm6Xt4
--- iPJfeOsee5HmeCB5NRHSPIywjhUrjdhsoEx9aTxbrZs
^ɽ$jFP <09><>@<40><><EFBFBD>銿[|<7C><04><>N<>p2<11><><EFBFBD><EFBFBD>|[<5B><>I>><3E>%f<><66><EFBFBD><EFBFBD>֧<EFBFBD>l<EFBFBD>W<EFBFBD>!Av`<60><>2<EFBFBD><32><EFBFBD>8<>jVff<>J<1F><>

9
secrets/generated/vps1/kanidm-oauth2-gitea.age
View File

@@ -1,9 +0,0 @@
age-encryption.org/v1
-> piv-p256 a1N2XA A5Gj5hu1YQbUrm3IK35oDUHhnohr594lykadF+Smf+LB
grnVZatvY80rTTQR8bZphg/25aa1cKJYUGh+jYGqi7A
-> 0-grease 6#aWp kp fD7ks3KL -)qyQ
FH1L4t8VAxZIOeP6bPJV3qdaBXPXGkuroABtMs7D88WzHduNjBoETZH47zekRDVM
BAGAdcqSHuGyCp7EA4lgttN/vfA+8fAbcit/p98TTiGQbXZ4YYg
--- KB5apFUmA/vu8OLpReNzr2zeDyig5NZ8iBXdy5XDbXM
<EFBFBD><EFBFBD><EFBFBD>ԝrŧ)N<>S<EFBFBD><53>8<EFBFBD>X<12>s<><73><EFBFBD><EFBFBD>G<EFBFBD>x<EFBFBD>q<EFBFBD>%<25><><EFBFBD><1B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>Co<43>
<EFBFBD>S6<EFBFBD><EFBFBD>ܐ<EFBFBD>L\U<><55><EFBFBD>z<<3C>H<EFBFBD>\<5C>a<EFBFBD>;Q%<25><17>

8
secrets/generated/vps1/kanidm-oauth2-open-webui.age
View File

@@ -1,8 +0,0 @@
age-encryption.org/v1
-> piv-p256 a1N2XA Ah6buspw/yLQJuiyWr0t3Phy+U3HhRY2t0SofqISzHmJ
pVYmmBoqXD9l55DUIad9D/0h/vhXmeMauK+xaBpX0cM
-> M)*gn$-grease _b3%6l sH|2-zq P%h
CWIfvXf9R5QvRXzv8wv+vB8nXLk0eTxy/htCUSm2ujjw
--- 1t/2tU8qFo9C2yH3ZtsZIp8ZMNEjrecLh2HkDVnKTx4
<EFBFBD>\eP<65><50>,<2C><><EFBFBD>t<EFBFBD><74>V<EFBFBD>x<EFBFBD><78><EFBFBD><EFBFBD><EFBFBD><EFBFBD>A<>Ke<4B>}<7D><><EFBFBD>\]<5D>
<EFBFBD><EFBFBD><EFBFBD>`<<3C><>b;y G<><47><EFBFBD><EFBFBD>

BIN
secrets/generated/vps1/kanidm-oauth2-vaultwarden.age
View File

Binary file not shown.

9
secrets/rekeyed/atlas/9f3916fc5285b691931e572afdc8ac22-open-webui-api-key.age
View File

@@ -1,9 +0,0 @@
age-encryption.org/v1
-> ssh-ed25519 mV4Rog gj6NT+DEVJbKeGArVcbzNphmMXoXFmVPHlo+zWuI1Ek
Wt0saIoq6RnQR1jVLHI84JMDP0rCvc1kfjSQoSHly/4
-> t-grease <a`) :34)]ad /J) =]!RB~HB
m7JCE0PP2H9DkOdbj/dhZATaXfIoPmocKnGkYUXnjyo99nVMMy2FSmNdZyE0KGCR
eVkIGwJbH3HNimXst62gIxvSrFQ4a4IcO1Cv8UaMK9UjGfy731BRpg
--- bEP7E9Ajvw0pIWFF7+QakdFigo0B+0aa0ha9/Y/OADA
Zrի<><D5AB>0/^<5E>2<18>B
o<EFBFBD><EFBFBD><EFBFBD>@3<01><10>~qS<71><04><><EFBFBD><0E>H fa <09><>S<1E>0<EFBFBD><30><EFBFBD><EFBFBD>rv<><08><>B+<2B>

8
secrets/rekeyed/helios/e09d8370465eb4038d032d0d84b700b1-open-webui-api-key.age
View File

@@ -1,8 +0,0 @@
age-encryption.org/v1
-> ssh-ed25519 3xQa4Q 3I7Mpt3/StzFpy8/egW+PleMsKV/YFsw1lpzt0057ns
Plc2u/sza/Fga8lnCMj4rH8midPdaFP+FZ1J8+pwRP8
-> .-grease !Yk9l62 H3@'J 9Klw
2fJgCUF22ciTm8EfYemHjA1uN1jkVGLGfcTllU8m08Ya2fUPig7ZK4fNLV3ttMc4
uLthrVZFo1HKF2wQSMeDq+ITZItvxHg2NFxqkWRCJv4
--- r3Fao3CQxFocTu4+9/Nh0zcCvTYQWpmRQD112YiAIwU
[<5B>XG<58><1F>ތ<EFBFBD><DE8C><EFBFBD><08>aFa<><61> K|<7C>' <0E><>dO<64>X<EFBFBD><1C><><EFBFBD><EFBFBD><EFBFBD>G<15>LH<4C><48><EFBFBD><18><>4<EFBFBD><34>

9
secrets/rekeyed/hypnos/c12ed3579ec35228529211b0f518d0fe-open-webui-api-key.age
View File

@@ -1,9 +0,0 @@
age-encryption.org/v1
-> ssh-ed25519 5PDipg Eic12F37CNvDBqlFV17aMYXTS/eFKEd8SYfOvKV2CGY
Co7whyv5vxJnlELVyIZJiNmj+hATpw1/QpK2t8CtcvE
-> >e`c+0-grease D[m[ *0=DB?=
uPUY90BUNR6Hm0F2Q0F+dXWkUOe4cLjrAvkcxaR79km0qMgJ/C7ribHeWpK3siOe
2zz5YA
--- XoQX1p09n36Cqyc0sEShbtcn4wbX68ULdGNrDzX5w04
<1B><><EFBFBD>A<EFBFBD>X<EFBFBD><58><EFBFBD><EFBFBD>f<02><>(<28>=<3D><><EFBFBD>e<EFBFBD>u<EFBFBD>˜<EFBFBD>z@<40>V.<2E>~<1D>_I<5F>#吤#2Q;9D<39>$e<>l<EFBFBD>H<EFBFBD><48>;
<EFBFBD>`5<><35>

9
secrets/rekeyed/library/0a21efefa75a30ace89a3b082e980952-open-webui-env.age
View File

@@ -1,9 +0,0 @@
age-encryption.org/v1
-> ssh-ed25519 QjbOZQ uJRXV06taQiHq9Um5E2FNNYo5oZP4M1mmY3OBRK7NSk
4rcF2AJ5hsnTM1yUD37yWYtU2E7zAzHBKNVagfRgVGQ
-> z[Ud1L%*-grease ]j 7_ ?+5
pVP4JA8o5o5kWHoxuttfOdd2GLhCiANBrdbNXWhe7fMZy74Gsj0IX7caHcL/rNkM
p/DF/V4Y5QUvgQ5y7F95tc36uvNzmcsKaKauk3yIdzp6+9nuu+hQ6Qbvr0liWkuR
0pQB
--- LeXXxszTuVoj2OE6m3yPEQe6hsQAFZkhPVXpspa40vo
.G<><47><EFBFBD>7m<17><>m=<3D>2v<32><76><EFBFBD>ɼ<EFBFBD>[<5B><><EFBFBD>.ο'ro<72><6F><EFBFBD>9k<>Ny<4E>T<EFBFBD>uB<75><42>lnkJ]<5D>=N^3 QJ<51>:7]<5D>Y<EFBFBD><59>G<EFBFBD><47>R<EFBFBD><06><><EFBFBD>t<><74><EFBFBD>cN<63>S<7F>v<EFBFBD><76>w<EFBFBD>w`fT<16><><6A><DAB8><EFBFBD><EFBFBD>͂X<CD82><58><EFBFBD><EFBFBD>4<EFBFBD>`<60>o<EFBFBD><6F>(<28><>K<EFBFBD>^<5E><>I3<7F>gP<67><03><>7<7F>r`V<*<2A><>9<05>ya <09>P<EFBFBD>J<EFBFBD><4A> <0B><EFBFBD>ѳ<EFBFBD>i6<69>T<EFBFBD><54>><1D>n<EFBFBD>"Qz<51><7A>`<60><><EFBFBD>|<7C><>;冼<><E586BC><14><><EFBFBD><EFBFBD>)<29>>܁ <0B><><EFBFBD>E<EFBFBD>1<EFBFBD><1A><15>NKJ<>ej<65>I<EFBFBD>

8
secrets/rekeyed/odyssey/c8231a45d0bb912d87bc291481a583cd-open-webui-api-key.age
View File

@@ -1,8 +0,0 @@
age-encryption.org/v1
-> ssh-ed25519 jqV4bA 9vHES4DslQIplaJN4M+TnWzQxPwO0WOWnusIQxrQqh8
oLran53jiS0hjirGdMD/akpaNCNvKY5M0+i/6ky5HNM
-> 2ZC`)9-grease W G
ZW4ghYvlO1xs0GHJldTD1ZdM+wXYQ4dNdZsg81dTE7VxIona+puaHU9MBq/v2+Sg
qmqbacPFykJqeBG/uhJHYHgjbuHT8c0gTvWH3RCIQEPq
--- fS6Rtw7zUkvtwfx1/GIHT40nzsmh5Nfj7/SG9svMXAQ
k<EFBFBD>E8<EFBFBD>ρ<>E<>rh<><68>@<40>Z<EFBFBD>U9<55><39>n<EFBFBD><6E>tei<13><>W6Y<19>bjCĕ<43>P<01>.r<12><>˭<EFBFBD><CBAD><EFBFBD><EFBFBD><EFBFBD>>

10
secrets/rekeyed/vps1/297ecb1d48e44e0f309958a6b43f58d4-mautrix-doublepuppet-registration.age
View File

@@ -1,10 +0,0 @@
age-encryption.org/v1
-> ssh-ed25519 lOyIlA LfDvF0kXFmP4yGPz9A5uov9DbRfMeLniWQhgnYE3ZA0
9GkGo/twG1cfOHZgRGAmAcfQlrgQ86QvgehbkleKyz0
-> GEv|{-grease c)B+5+, \v$ piek
hwIw75OzOhfdScMKrNZ5i+WWh5zcfMryQXdbz81yUkEjWm9P4UVOYee+zz4/PU+t
6nEKEqvPf6RwBOzAlzx72Yi0l+onxh1CHOWRlfU
--- dkZlSoaBUqLnMu25ocR0VwgPr190ZOmcMdxQ3KApFS0
<1D><><ٲ<06><>}M9Gdh<64><68><EFBFBD><EFBFBD>0[<5B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>̮ȼa<7F>j<EFBFBD>g<1C><><EFBFBD>:J<><4A><14>$:^<5E><><EFBFBD>O<1A>e<EFBFBD><65>@<40><>o<EFBFBD><6F>1
<1B>r]I><3E>t<EFBFBD>?<3F>X<06>Q<EFBFBD><15>ى<EFBFBD><D989>A<EFBFBD>r)ab <09><13><><EFBFBD>$8e<38><65><EFBFBD><EFBFBD>f<EFBFBD>ōz<02>7<EFBFBD><10><>lf)<29>|jl<6A>%<0F><>
v-<2D><>!<21><><EFBFBD>(<28><>.qR<71><52><EFBFBD>*y<><06><><EFBFBD>X<EFBFBD>ٵ

BIN
secrets/rekeyed/vps1/3c5deb9c71bac734f22226832529aa8c-kanidm-oauth2-gitea.age
View File

Binary file not shown.

BIN
secrets/rekeyed/vps1/4cbaed0c22d9da1e2cb1a12dea1953f4-mautrix-signal-env.age
View File

Binary file not shown.

8
secrets/rekeyed/vps1/6a6726d70ccca930f798a32691ce17eb-mautrix-whatsapp-env.age
View File

@@ -1,8 +0,0 @@
age-encryption.org/v1
-> ssh-ed25519 lOyIlA ZQWnreUg4ob9RmEKNrdJKWGRCC1k0HWc8op8ycG5uXU
U6SEQWo1DoLxclnhkXJy3D93nuijiD4kk9qjMk61Yis
-> b(/|-grease
CUalICYuF4P5Ipe5C6gdrw
--- OmIGQ6VJYZcCIkTPapXNIMJswGczS/1bp8A+AeAj0yU
<EFBFBD>M<13>l<EFBFBD>nY<6E>K-<2D><><EFBFBD>G<EFBFBD>^\<5C><><EFBFBD><EFBFBD>k(<14>Z<EFBFBD><5A><EFBFBD><EFBFBD><EFBFBD>Z<EFBFBD>$-=(<28><><EFBFBD><07><><EFBFBD><EFBFBD>H<EFBFBD><0E><>=4<><34>ً#<23>Y<01>7<EFBFBD><37><EFBFBD>tnݍg<DD8D>p>`<60><>E<EFBFBD>B$ <20><13>0<EFBFBD><30><EFBFBD><EFBFBD>8BWO<57><06>ُ)<29>(<28><>U<EFBFBD>"Ͻ<>54U<34>G<EFBFBD><47>oȥ?<18><>u<EFBFBD>A<EFBFBD><41>
z`<60>d3Ij`<60>Ҁ<06>SK<53><01>} $<24><><EFBFBD><EFBFBD><03>8%<25><><EFBFBD><EFBFBD><EFBFBD>9<EFBFBD><39><EFBFBD><EFBFBD><06>?1tZ<74>Av´+<2B><>J<EFBFBD><4A>ϝZ<CF9D>u<EFBFBD>ls<6C>kJ+-<2D>h<EFBFBD><68><EFBFBD><EFBFBD>

7
secrets/rekeyed/vps1/80ea265ad53ef54ed48c4e1d842774b1-kanidm-admin-password.age
View File

@@ -1,7 +0,0 @@
age-encryption.org/v1
-> ssh-ed25519 lOyIlA OQXbnkBzK8DL7wJkbHWo/XUlLQHjBEVu1xMzmhB78Xc
vGcN1v+YxXidGs7Z3hvZypklIZVF1/J6DZpx8JId/hw
-> mfI^2]-grease ,
2C8Bs6nnhfatjdqc/Wc
--- tuwRBOHiF0e6lgo4bK4Ui+bjjuTf5uZJgDJnpqf1seU
<EFBFBD>J<EFBFBD>\g<>;<1B><><EFBFBD><EFBFBD>V <0B><>qFNq[7<><37>l<EFBFBD><6C><EFBFBD><EFBFBD>f<EFBFBD><66><EFBFBD>w <09><EFBFBD><E39DAF>i|RDL<44>R#<23><>%u-A1<41><31>–<><10>=<3D>A<EFBFBD><41><EFBFBD><EFBFBD>W<>c

10
secrets/rekeyed/vps1/87759af7d4ddc9e7d805487478d2f53e-vaultwarden-env.age
View File

@@ -1,10 +0,0 @@
age-encryption.org/v1
-> ssh-ed25519 lOyIlA Tyyx5kyLTN9MI+Bc66Rh7RbQ+qZF0S5Y2HCTvUFRqBo
lzPjwPDXjg8ioc4XAJewTDdzXN5QO3BeGbTVxGW1B0U
-> *-grease >|vs MPFf.c. nm=m ^
OHDKbCO9uIoRv9Ar2kbIENz1NLY8iUlzmV07SouSJcxNWyEAqsVzxAkLsIeQKYn5
XbtjLv88wHhf2w
--- 7kHTJevOeZdsk2v9qP1V7wL4/Qz8wmFgoQiPMcx56WU
<EFBFBD>L<EFBFBD><EFBFBD>ȼam<EFBFBD><EFBFBD><EFBFBD><EFBFBD>w<EFBFBD>B]<5D><>
<EFBFBD><EFBFBD>m<EFBFBD>ھځ<EFBFBD><EFBFBD>Od<EFBFBD><EFBFBD>L%<25>P<EFBFBD><50>I<EFBFBD><49>'<27>X<EFBFBD><58><ko<6B>>OF<4F>j<EFBFBD>8<EFBFBD><38><EFBFBD>8s<>[<5B>(<28><>C<EFBFBD>lTd<><64><EFBFBD>H<14>[9<><39> <20><>$A<>l<EFBFBD>Pf<50>}<7D><>jCo]`<60><><EFBFBD><EFBFBD> <6E>jw*<16>Y<EFBFBD><i<>MO<4D><4F>D<18><><08>[!T#<23><>ȕX<C895>ق<EFBFBD>K<EFBFBD>X<EFBFBD>-<2D><><EFBFBD>{f<>$%<11><><EFBFBD><EFBFBD>g<>T}<7D><>k<EFBFBD>R1<52>Q?<3F><>?٭Q<D9AD><51>h<EFBFBD>W<EFBFBD> e<><65>||z<><7A>Xe<58>rD3\';<06> j<>F<><46><EFBFBD>hY
<EFBFBD><16>R<EFBFBD>H1<48> <0B>Rꑱ/*w <09> 3ǷY"<22>{<7B><><EFBFBD>LN<1D>s"<22><1F><>7B<37>

8
secrets/rekeyed/vps1/a8f9724475694d2a470fc175c5a6d38e-kanidm-idm-admin-password.age
View File

@@ -1,8 +0,0 @@
age-encryption.org/v1
-> ssh-ed25519 lOyIlA XbDvpING9Qe/x3sNWrqn2vqEw2SvgP79ApCrJTTGuiM
cOaoXvYgPH7egMF1MT4gtaMHnoHWgeKeEjkwCoOQf74
-> y''zjcK-grease J y ,CxRN3
2kaqVO6qm24DPq5fhEN+AM+hPvW3VPHKlzuMy8SLeW/3um8bXNmFdxwzfkDoFSf3
viYrDFmlY7+RTFt6JADBs67eYlQblBgZwTo
--- NwBzcAYM5hOyvIsRVLYH8ez6gn8Z3yxmX8Tfz1hETz0
<EFBFBD>g<EFBFBD>><3E>@<40><><EFBFBD>l<EFBFBD><6C>g<EFBFBD>[<5B><52><D9BD><EFBFBD><EFBFBD>Xv<58><76>9ߵ"<22><>\<5C>hۺU<DBBA>y<EFBFBD><79><EFBFBD><EFBFBD>4ܞO<DC9E><4F> =z<><7A>xB<78>@DzIJ<49><1F><>O<EFBFBD><4F><EFBFBD><EFBFBD><EFBFBD>M<EFBFBD><4D>LH<

8
secrets/rekeyed/vps1/d4527fa57d6907c78335cdabd3e84d46-kanidm-oauth2-open-webui.age
View File

@@ -1,8 +0,0 @@
age-encryption.org/v1
-> ssh-ed25519 lOyIlA VsJu05NEZogLfeKJ8f9PiUH9RZn2RKJ+/FYOTzUOIyY
Zd5ze/ijrlRs948f6fhCR+IN6uXpck6ejMlpyGugOfQ
-> z+o-grease +J< ey N"
uAedOA+JGje0EKhTuQJj+RDh98H6dqryAUe7nC2iF6t7wAT1NHFLWWfRqw3nNtMb
Cb0pH7hECmbW0vygVD67NusZOvleB2RHng
--- KcTuAfeh0NIBLRmtXZFlbsAAmH9Eu2KmswfZzWgaeZ8
<EFBFBD><EFBFBD>9E<EFBFBD>QުF<EFBFBD>`i<><69><1B>o<EFBFBD><6F>~<7E><08>/<2F>V<*{<7B>'A~<7E>n0<><17> <0B><>'@<40>K<EFBFBD><4B><<3C>xǽ'AJMFN<46><4E><18>#<23>$C܊=$ZH<5A>A<06>

7
secrets/rekeyed/vps1/fca01dd09f0ae4a1ffdc7a24a884ae5a-kanidm-oauth2-vaultwarden.age
View File

@@ -1,7 +0,0 @@
age-encryption.org/v1
-> ssh-ed25519 lOyIlA lN4CAdRzmrQqTaI75QwSyhPF34tXWvnyT3EF+wYp5H0
z9b9Rm/zk4PHrw35EeLtx4Gyp6Nlv55SWM/OxuuqOcA
-> CJNg-grease ^p}Pf r@D 94/&
eM0eWh2/4FSBoFvqSvVI
--- y0Tsd45+A1Q8XwnUee6RZJPkYiazusnxYkmBeHqru0E
W`.)"<22>(<28><><EFBFBD>Ys<59><1F><><EFBFBD><EFBFBD>r<EFBFBD><72><EFBFBD>0<EFBFBD>“ <20><>r<EFBFBD>g<>Y<EFBFBD><59><EFBFBD>6<EFBFBD>P=;[Y<><59><EFBFBD>&<26>b<>R<EFBFBD><52>6Wv<57><1B>Ǡ<EFBFBD><C7A0>Æs<C386>&<26><><EFBFBD>=U

7
secrets/yubikey-nix-primary.pub
View File

@@ -1,7 +0,0 @@
# Serial: 24187788, Slot: 1
# Name: YubiKey Nix Primary
# Created: Mon, 25 Aug 2025 21:00:00 +0000
# PIN policy: Once (A PIN is required once per session, if set)
# Touch policy: Cached (A physical touch is required for decryption, and is cached for 15 seconds)
# Recipient: age1yubikey1qwwyem3502gqenzet20xdpjnuhhv2cezvzk590jdta9wqkw48p8gj7n4x96
AGE-PLUGIN-YUBIKEY-13SFHZQVZDDFHVHQGGYPC3

40
users/guest/common/optional/graphical/jellyfin.nix
View File

@@ -1,40 +0,0 @@
{
pkgs,
...
}:
{
home.packages = with pkgs; [
gamescope
jellyfin-media-player
];
home.persistence."/state".directories = [
".cache/jellyfin.org"
];
home.persistence."/persist".directories = [
".config/jellyfin.org"
".local/share/jellyfinmediaplayer"
".local/share/Jellyfin Media Player"
];
systemd.user.services.jellyfin-media-player = {
Unit = {
Description = "Jellyfin Media Player in Gamescope";
After = [
"graphical.target"
"default.target"
];
};
Service = {
ExecStart = ''
${pkgs.gamescope}/bin/gamescope --hdr-enabled --rt --backend drm -- \
${pkgs.jellyfin-media-player}/bin/jellyfinmediaplayer --scale-factor 2 --tv --fullscreen
'';
Restart = "always";
};
Install = {
WantedBy = [ "default.target" ];
};
};
}

10
users/guest/common/optional/graphical/steam.nix
View File

@@ -8,13 +8,6 @@
steam steam
]; ];
home.persistence."/persist".directories = [
".config/gamescope"
".local/share/Steam"
".local/share/vulkan"
".steam"
];
systemd.user.services.steam-big-picture = { systemd.user.services.steam-big-picture = {
Unit = { Unit = {
Description = "Steam Big Picture in Gamescope"; Description = "Steam Big Picture in Gamescope";
@@ -30,5 +23,8 @@
''; '';
Restart = "always"; Restart = "always";
}; };
Install = {
WantedBy = [ "default.target" ];
};
}; };
} }

18
users/guest/default.nix
View File

@@ -27,7 +27,6 @@ in
home-manager.users.${name} = { home-manager.users.${name} = {
imports = [ imports = [
./common/optional/graphical/jellyfin.nix
./common/optional/graphical/steam.nix ./common/optional/graphical/steam.nix
{ {
home.persistence."/state" = { home.persistence."/state" = {
@@ -37,7 +36,11 @@ in
}; };
home.persistence."/persist" = { home.persistence."/persist" = {
directories = [ directories = [
".config/gamescope"
".local/share/icons" ".local/share/icons"
".local/share/Steam"
".local/share/vulkan"
".steam"
]; ];
}; };
} }
@@ -45,20 +48,7 @@ in
++ optional (builtins.pathExists hostFile) hostFile; ++ optional (builtins.pathExists hostFile) hostFile;
home = { home = {
packages = with pkgs; [
adwaita-fonts
];
username = name; username = name;
sessionVariables = {
ZDOTDIR = "~/.config/zsh";
};
};
fonts.fontconfig.enable = true;
programs.zsh = {
enable = true;
enableCompletion = true;
}; };
xdg.enable = true; xdg.enable = true;

121
users/jordan/common/neovim.nix
View File

@@ -1,5 +1,4 @@
{ {
osConfig,
... ...
}: }:
@@ -35,80 +34,14 @@
providers.wl-copy.enable = true; providers.wl-copy.enable = true;
}; };
plugins.cmp = {
enable = true;
autoEnableSources = true;
settings = {
sources = [
{ name = "nvim_lsp"; }
{ name = "path"; }
{ name = "buffer"; }
];
mapping = {
"<Tab>" = "cmp.mapping(cmp.mapping.select_next_item(), {'i', 's'})";
"<S-Tab>" = "cmp.mapping(cmp.mapping.select_prev_item(), {'i', 's'})";
"<CR>" = "cmp.mapping.confirm({ select = true })";
};
};
};
plugins.codecompanion = {
enable = true;
settings = {
adapters = {
http.opts.show_defaults = false;
openwebui.__raw = ''
function()
return require("codecompanion.adapters").extend("openai_compatible", {
name = "openwebui",
formatted_name = "Open WebUI",
opts = {
stream = true,
tools = true,
vision = false,
},
url = "''${url}''${chat_endpoint}",
env = {
api_key = "cmd:cat ${osConfig.age.secrets.open-webui-api-key.path}",
url = "https://chat.ai.vimium.com",
chat_endpoint = "/api/chat/completions",
models_endpoint = "/api/models",
},
headers = {
["Content-Type"] = "application/json",
Authorization = "Bearer ''${api_key}",
},
schema = {
model = {
default = "openai/gpt-5-chat",
},
},
})
end
'';
};
strategies = {
chat = {
adapter = "openwebui";
};
inline = {
adapter = "openwebui";
};
cmd = {
adapter = "openwebui";
};
};
};
};
plugins.comment.enable = true; plugins.comment.enable = true;
plugins.hmts.enable = true; plugins.hmts.enable = true;
plugins.lightline.enable = true; plugins.lightline.enable = true;
plugins.luasnip.enable = true;
plugins.lsp = { plugins.lsp = {
enable = true; enable = true;
servers = { servers = {
@@ -130,10 +63,25 @@
}; };
}; };
plugins.luasnip.enable = true;
plugins.nvim-autopairs.enable = true; plugins.nvim-autopairs.enable = true;
plugins.cmp = {
enable = true;
autoEnableSources = true;
settings = {
sources = [
{ name = "nvim_lsp"; }
{ name = "path"; }
{ name = "buffer"; }
];
mapping = {
"<Tab>" = "cmp.mapping(cmp.mapping.select_next_item(), {'i', 's'})";
"<S-Tab>" = "cmp.mapping(cmp.mapping.select_prev_item(), {'i', 's'})";
"<CR>" = "cmp.mapping.confirm({ select = true })";
};
};
};
plugins.telescope = { plugins.telescope = {
enable = true; enable = true;
keymaps = { keymaps = {
@@ -167,41 +115,18 @@
plugins.vim-surround.enable = true; plugins.vim-surround.enable = true;
plugins.visual-multi.enable = true;
plugins.web-devicons.enable = true; plugins.web-devicons.enable = true;
plugins.yazi.enable = true;
plugins.zen-mode.enable = true;
# plugins.actions-preview.enable = true;
# plugins.aerial.enable = true;
# plugins.arrow.enable = true;
# plugins.blink.enable = true;
# plugins.bufferline.enable = true;
# plugins.fidget.enable = true;
# plugins.flash.enable = true;
# plugins.fugitive.enable = true;
# plugins.fzf-lua.enable = true;
# plugins.gitsigns.enable = true; # plugins.gitsigns.enable = true;
# plugins.gitgutter.enable = true; # plugins.gitgutter.enable = true;
# plugins.glance.enable = true; # plugins.goyo.enable = true;
# plugins.hop.enable = true; # plugins.fugitive.enable = true;
# plugins.improved-search.enable = true; # plugins.fzf-lua.enable = true;
# plugins.goto-preview.enable = true;
# plugins.kulala.enable = true;
# plugins.neo-tree.enable = true; # plugins.neo-tree.enable = true;
# plugins.none-ls.enable = true; # plugins.none-ls.enable = true;
# plugins.nvim-dap.enable = true; # plugins.nvim-tree.enable = true;
# plugins.nvim-dbee.enable = true;
# plugins.nvim-neoclip.enable = true;
# plugins.oil.enable = true; # plugins.oil.enable = true;
# plugins.persisted.enable = true;
# plugins.precognition.enable = true;
# plugins.project-nvim.enable = true; # plugins.project-nvim.enable = true;
# plugins.tardis.enable = true;
# plugins.typescript-tools.enable = true;
}; };
home.sessionVariables.EDITOR = "nvim"; home.sessionVariables.EDITOR = "nvim";

8
users/jordan/common/optional/graphical/hyprland/default.nix
View File

@@ -61,8 +61,8 @@ in
portalPackage = portalPackage =
inputs.hyprland.packages.${pkgs.stdenv.hostPlatform.system}.xdg-desktop-portal-hyprland; inputs.hyprland.packages.${pkgs.stdenv.hostPlatform.system}.xdg-desktop-portal-hyprland;
plugins = [ plugins = [
# pkgs.unstable.hyprlandPlugins.hyprbars pkgs.unstable.hyprlandPlugins.hyprbars
# pkgs.unstable.hyprlandPlugins.hypr-dynamic-cursors pkgs.unstable.hyprlandPlugins.hypr-dynamic-cursors
]; ];
settings = { settings = {
general = { general = {
@@ -77,7 +77,7 @@ in
plugin = { plugin = {
dynamic-cursors = { dynamic-cursors = {
enabled = false; enabled = true;
mode = "none"; mode = "none";
shake = { shake = {
enabled = true; enabled = true;
@@ -85,7 +85,7 @@ in
}; };
hyprbars = { hyprbars = {
enabled = false; enabled = true;
bar_height = 20; bar_height = 20;
bar_blur = true; bar_blur = true;
}; };

83
users/jordan/common/optional/graphical/hyprland/waybar.css
View File

@@ -3,88 +3,7 @@
} }
window#waybar { window#waybar {
background: linear-gradient( border-radius: 1em;
to bottom,
rgba(118, 118, 118, 0.78) 0%,
rgba(50, 50, 50, 0.78) 50%,
rgba(0, 0, 0, 0.74) 50%,
rgba(0, 0, 0, 0.76) 100%
);
border-top: 1px solid rgba(71, 71, 71, 0.90);
border-bottom: 1px solid rgba(0, 0, 0, 0.97);
box-shadow: inset 0px 1px 0px 0px rgba(158, 158, 158, 0.90);
text-shadow: black 0px 0px 2px;
color: white;
}
#workspaces button {
margin: 2px;
background: linear-gradient(
to bottom,
rgba(255, 255, 255, 0.35) 0%,
rgba(255, 255, 255, 0.11) 50%,
rgba(255, 255, 255, 0) 50%
);
border: 1px solid rgba(0, 0, 0, 0.37);
border-radius: 4px;
box-shadow: inset 0px 1px 0px 0px rgba(255, 255, 255, 0.25);
text-shadow: black 0px 0px 2px;
color: white;
}
#workspaces button:hover {
background:
linear-gradient(
to bottom,
rgba(255, 255, 255, 0.35) 0%,
rgba(255, 255, 255, 0.17) 50%,
rgba(255, 255, 255, 0) 50%
),
radial-gradient(
ellipse 80% 80% at 50% 110%,
rgba(44, 126, 204, 1) 0%,
rgba(44, 126, 204, 0) 80%
);
}
#workspaces button.active {
background: linear-gradient(
to bottom,
rgba(0, 0, 0, 0.40) 0%,
rgba(0, 0, 0, 0.38) 50%,
rgba(0, 0, 0, 0.55) 50%
);
box-shadow: inset 0px 1px 0px 0px rgb(0, 0, 0);
}
#workspaces button.active:hover {
background:
linear-gradient(
to bottom,
rgba(0, 0, 0, 0.40) 0%,
rgba(0, 0, 0, 0.38) 50%,
rgba(0, 0, 0, 0.55) 50%
),
radial-gradient(
ellipse 80% 80% at 50% 120%,
rgba(43, 143, 189, 1) 0%,
rgba(43, 143, 189, 0) 80%
);
}
#workspaces button.urgent {
background:
linear-gradient(
to bottom,
rgba(255, 255, 255, 0.35) 0%,
rgba(255, 255, 255, 0.11) 50%,
rgba(255, 255, 255, 0) 50%
),
radial-gradient(
ellipse 80% 80% at 50% 100%,
rgba(199, 128, 14, 1) 0%,
rgba(170, 75, 12, 0) 100%
);
} }
.modules-left { .modules-left {

3
users/jordan/common/optional/graphical/hyprland/waybar.nix
View File

@@ -8,8 +8,9 @@
settings = [ settings = [
{ {
layer = "top"; layer = "top";
position = "bottom"; position = "top";
height = 30; height = 30;
margin = "10 20 0 20";
spacing = 10; spacing = 10;
modules-left = [ modules-left = [

2
users/jordan/common/shell.nix
View File

@@ -174,7 +174,6 @@ in
mcfly.enable = true; mcfly.enable = true;
navi.enable = true; navi.enable = true;
nix-index.enable = true; nix-index.enable = true;
yazi.enable = true;
}; };
home.persistence."/persist" = { home.persistence."/persist" = {
@@ -193,6 +192,7 @@ in
jq jq
ncdu ncdu
nix-zsh-completions nix-zsh-completions
nnn
ripgrep ripgrep
]; ];
} }

5
users/jordan/default.nix
View File

@@ -15,11 +15,6 @@ in
{ {
age.secrets."passwords/users/jordan".file = "${inputs.secrets}/passwords/users/jordan.age"; age.secrets."passwords/users/jordan".file = "${inputs.secrets}/passwords/users/jordan.age";
age.secrets.open-webui-api-key = {
rekeyFile = ./secrets/open-webui-api-key.age;
owner = "jordan";
};
users.users.${name} = { users.users.${name} = {
description = "Jordan Holt"; description = "Jordan Holt";
extraGroups = [ extraGroups = [

7
users/jordan/secrets/open-webui-api-key.age
View File

@@ -1,7 +0,0 @@
age-encryption.org/v1
-> piv-p256 a1N2XA AnYGGZaNhtGzK2rbiM3Nfom6xfUq5qTv7fUMDVl1jb+J
gu1Rpzq2gIB6uopM3tNl3CAb0Xyweu8DA61Unku56m0
-> x]n-grease R"L{e% Q(Dh['$p ,KZz C
JKGsU9abzhI9Qly1rrkbXqYl947wcA
--- jZDJChrb2qWPWvG0aFUDNOJGx+fowthXvwyuMI77drI
Ѐ6{_<><5F><EFBFBD><EFBFBD><EFBFBD><EFBFBD>_<EFBFBD><5F> <20><><EFBFBD>S<EFBFBD> Dž<><C785><EFBFBD>+<2B><>!<21><> <><7F>A<EFBFBD><41><19>ܠ<EFBFBD>A<EFBFBD>y<EFBFBD>