nix-home/nki-personal-do/configuration.nix

{ pkgs, config, ... }: {
  imports = [
    ./hardware-configuration.nix
    ./networking.nix # generated at runtime by nixos-infect

    # Set up postgresql
    ../modules/postgresql
  ];

  boot.cleanTmpDir = true;
  networking.hostName = "nki-personal";
  networking.firewall.allowPing = true;
  services.openssh.enable = true;
  users.users.root.openssh.authorizedKeys.keys = [
    "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDLr1Q+PJuDYJtBAVMSU0U2kZi4V0Z7dE+dpRxa4aEDupSlcPCwSEtcpNME1up7z0yxjcIHHkBYq0RobIaLqwEmntnZzz37jg/iiHwyZsN93jZljId1X0uykcMem4ljiqgmRg3Fs8RKj2+N1ovpIZVDOWINLJJDVJntNvwW/anSCtx27FATVdroHoiyXCwVknG6p3bHU5Nd3idRMn45kZ7Qf1J50XUhtu3ehIWI2/5nYIbi8WDnzY5vcRZEHROyTk2pv/m9rRkCTaGnUdZsv3wfxeeT3223k0mUfRfCsiPtNDGwXn66HcG2cmhrBIeDoZQe4XNkzspaaJ2+SGQfO8Zf natsukagami@gmail.com"
  ];

  environment.systemPackages = with pkgs; [
  ];

  services.do-agent.enable = true;

  system.autoUpgrade = {
    enable = true;
    allowReboot = true;
    flake = "github:natsukagami/nix-home#nki-personal-do";
  };

  nix = {
    package = pkgs.nixUnstable;
    extraOptions = ''
      experimental-features = nix-command flakes
    '';
  };

  # Secret management
  sops.defaultSopsFile = ./secrets/secrets.yaml;
  sops.age.sshKeyPaths = [ "/root/.ssh/id_ed25519" ];

  # tinc
  services.my-tinc.enable = true;
  services.my-tinc.hostName = "cloud";
  sops.secrets.tinc-private-key = { };
  services.my-tinc.rsaPrivateKey = config.sops.secrets.tinc-private-key.path;
}
Hosts setup succeeded 2021-10-28 20:35:02 +00:00			`{ pkgs, config, ... }: {`
Setting up basic ops 2021-10-27 19:36:16 +00:00			`imports = [`
			`./hardware-configuration.nix`
			`./networking.nix # generated at runtime by nixos-infect`
Merge everything into a single nix flake 2021-10-31 19:06:44 +00:00
Set up PostgreSQL 2021-10-31 20:33:27 +00:00			`# Set up postgresql`
			`../modules/postgresql`
Setting up basic ops 2021-10-27 19:36:16 +00:00			`];`

			`boot.cleanTmpDir = true;`
			`networking.hostName = "nki-personal";`
			`networking.firewall.allowPing = true;`
			`services.openssh.enable = true;`
			`users.users.root.openssh.authorizedKeys.keys = [`
Merge everything into a single nix flake 2021-10-31 19:06:44 +00:00			`"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDLr1Q+PJuDYJtBAVMSU0U2kZi4V0Z7dE+dpRxa4aEDupSlcPCwSEtcpNME1up7z0yxjcIHHkBYq0RobIaLqwEmntnZzz37jg/iiHwyZsN93jZljId1X0uykcMem4ljiqgmRg3Fs8RKj2+N1ovpIZVDOWINLJJDVJntNvwW/anSCtx27FATVdroHoiyXCwVknG6p3bHU5Nd3idRMn45kZ7Qf1J50XUhtu3ehIWI2/5nYIbi8WDnzY5vcRZEHROyTk2pv/m9rRkCTaGnUdZsv3wfxeeT3223k0mUfRfCsiPtNDGwXn66HcG2cmhrBIeDoZQe4XNkzspaaJ2+SGQfO8Zf natsukagami@gmail.com"`
Setting up basic ops 2021-10-27 19:36:16 +00:00			`];`

			`environment.systemPackages = with pkgs; [`
			`];`

			`services.do-agent.enable = true;`

Merge everything into a single nix flake 2021-10-31 19:06:44 +00:00			`system.autoUpgrade = {`
			`enable = true;`
			`allowReboot = true;`
			`flake = "github:natsukagami/nix-home#nki-personal-do";`
			`};`

			`nix = {`
			`package = pkgs.nixUnstable;`
			`extraOptions = ''`
			`experimental-features = nix-command flakes`
			`'';`
			`};`
Hosts setup succeeded 2021-10-28 20:35:02 +00:00
			`# Secret management`
			`sops.defaultSopsFile = ./secrets/secrets.yaml;`
			`sops.age.sshKeyPaths = [ "/root/.ssh/id_ed25519" ];`

			`# tinc`
			`services.my-tinc.enable = true;`
Rename to tinc-friendly names 2021-10-28 21:05:06 +00:00			`services.my-tinc.hostName = "cloud";`
Merge everything into a single nix flake 2021-10-31 19:06:44 +00:00			`sops.secrets.tinc-private-key = { };`
Hosts setup succeeded 2021-10-28 20:35:02 +00:00			`services.my-tinc.rsaPrivateKey = config.sops.secrets.tinc-private-key.path;`
Setting up basic ops 2021-10-27 19:36:16 +00:00			`}`