Satori:added vault-agent, changed hardware config
This commit is contained in:
@@ -58,6 +58,7 @@
|
|||||||
Satori = nixpkgs.lib.nixosSystem {
|
Satori = nixpkgs.lib.nixosSystem {
|
||||||
system = "x86_64-linux";
|
system = "x86_64-linux";
|
||||||
modules = [
|
modules = [
|
||||||
|
./modules/vault-agent.nix
|
||||||
./hosts/personal/satori.nix
|
./hosts/personal/satori.nix
|
||||||
inputs.agenix.nixosModules.age
|
inputs.agenix.nixosModules.age
|
||||||
inputs.home-manager.nixosModules.home-manager
|
inputs.home-manager.nixosModules.home-manager
|
||||||
|
@@ -1,4 +1,2 @@
|
|||||||
#!/usr/bin/env bash
|
#!/usr/bin/env bash
|
||||||
picom --experimental-backends &
|
|
||||||
~/.dwm/bruhstatus.sh &
|
~/.dwm/bruhstatus.sh &
|
||||||
feh --bg-scale ~/Downloads/stallman.jpg
|
|
||||||
|
@@ -7,42 +7,41 @@
|
|||||||
];
|
];
|
||||||
|
|
||||||
fileSystems."/" =
|
fileSystems."/" =
|
||||||
{ device = "/dev/disk/by-uuid/4c02ddf5-d00e-4d84-856f-c327ae44d047";
|
{
|
||||||
|
device = "/dev/disk/by-uuid/4c02ddf5-d00e-4d84-856f-c327ae44d047";
|
||||||
fsType = "btrfs";
|
fsType = "btrfs";
|
||||||
options = ["compress-force=zstd:2"];
|
options = ["compress-force=zstd:2"];
|
||||||
};
|
};
|
||||||
|
|
||||||
fileSystems."/boot/efi" =
|
fileSystems."/boot/efi" =
|
||||||
{ device = "/dev/disk/by-uuid/58B1-4631";
|
{
|
||||||
|
device = "/dev/disk/by-uuid/58B1-4631";
|
||||||
fsType = "vfat";
|
fsType = "vfat";
|
||||||
};
|
};
|
||||||
|
|
||||||
fileSystems."/home" =
|
|
||||||
{ device = "/dev/nvme0n1p6";
|
|
||||||
fsType = "ext4";
|
|
||||||
};
|
|
||||||
|
|
||||||
fileSystems."/mnt/Stuff" =
|
fileSystems."/mnt/Stuff" =
|
||||||
{ device = "/dev/sda2";
|
{
|
||||||
fsType = "ntfs";
|
device = "/dev/disk/by-uuid/843E68573E6843F0";
|
||||||
options = ["uid=natto" "gid=users" "umask=0022" "rw"];
|
|
||||||
};
|
|
||||||
fileSystems."/mnt/Games" =
|
|
||||||
{ device = "/dev/sda4";
|
|
||||||
fsType = "ntfs";
|
fsType = "ntfs";
|
||||||
options = ["uid=natto" "gid=users" "umask=0022" "rw"];
|
options = ["uid=natto" "gid=users" "umask=0022" "rw"];
|
||||||
};
|
};
|
||||||
fileSystems."/mnt/Extra" =
|
fileSystems."/mnt/Extra" =
|
||||||
{ device = "/dev/sda3";
|
{
|
||||||
|
device = "/dev/disk/by-uuid/32EE9F63EE9F1DE3";
|
||||||
fsType = "ntfs";
|
fsType = "ntfs";
|
||||||
options = ["uid=natto" "gid=users" "umask=0022" "rw"];
|
options = ["uid=natto" "gid=users" "umask=0022" "rw"];
|
||||||
};
|
};
|
||||||
fileSystems."/mnt/LinuxGames" =
|
fileSystems."/mnt/Games" =
|
||||||
{ device = "/dev/sda5";
|
{
|
||||||
fsType = "btrfs";
|
device = "/dev/disk/by-uuid/A4CC66B6CC668282";
|
||||||
options = ["rw" "compress-force=zstd:2"];
|
fsType = "ntfs";
|
||||||
|
options = ["uid=natto" "gid=users" "umask=0022" "rw"];
|
||||||
|
};
|
||||||
|
fileSystems."/mnt/Stuff2" =
|
||||||
|
{
|
||||||
|
device = "/dev/disk/by-uuid/e5be3621-8608-4ffe-bd33-5e6d22fef4ff";
|
||||||
|
fsType = "btrfs";
|
||||||
|
options = ["compress-force=zstd:1"];
|
||||||
};
|
};
|
||||||
|
|
||||||
swapDevices = [ {device = "/dev/nvme0n1p7";} ];
|
swapDevices = [ {device = "/dev/nvme0n1p7";} ];
|
||||||
powerManagement = {
|
powerManagement = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
@@ -21,7 +21,7 @@
|
|||||||
wireguard.interfaces.wg0 = {
|
wireguard.interfaces.wg0 = {
|
||||||
ips = [ "10.55.0.3/32" ];
|
ips = [ "10.55.0.3/32" ];
|
||||||
listenPort = 17840;
|
listenPort = 17840;
|
||||||
privateKeyFile = "/var/secrets/wg";
|
privateKeyFile = "/var/secrets/wg.key";
|
||||||
peers = [
|
peers = [
|
||||||
{
|
{
|
||||||
#Oracle VM1
|
#Oracle VM1
|
||||||
|
@@ -24,11 +24,34 @@
|
|||||||
enable = true;
|
enable = true;
|
||||||
permitRootLogin = "yes";
|
permitRootLogin = "yes";
|
||||||
};
|
};
|
||||||
/* vault = {
|
vault-agent = {
|
||||||
enable = true;
|
enable = true;
|
||||||
storageBackend = "mysql";
|
settings = {
|
||||||
storagePath = "/var/db";
|
vault = {
|
||||||
};*/
|
address = "https://10.55.0.2:8800";
|
||||||
|
client_cert = "/var/vault/cert.pem";
|
||||||
|
client_key = "/var/vault/key.pem";
|
||||||
|
};
|
||||||
|
auto_auth = {
|
||||||
|
method = [
|
||||||
|
{
|
||||||
|
"cert" = {
|
||||||
|
name = "Satori";
|
||||||
|
};
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
template = [
|
||||||
|
{
|
||||||
|
source = pkgs.writeText "wg.tpl" ''
|
||||||
|
{{ with secret "kv/systems/Satori/wg" }}{{ .Data.data.private }}{{ end }}
|
||||||
|
'';
|
||||||
|
destination = "/var/secrets/wg.key";
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
};
|
};
|
||||||
systemd.services = {
|
systemd.services = {
|
||||||
tor.wantedBy = lib.mkForce [];
|
tor.wantedBy = lib.mkForce [];
|
||||||
@@ -38,4 +61,5 @@
|
|||||||
#printing.wantedBy = lib.mkForce [];
|
#printing.wantedBy = lib.mkForce [];
|
||||||
#vault.wantedBy = lib.mkForce [];
|
#vault.wantedBy = lib.mkForce [];
|
||||||
};
|
};
|
||||||
|
security.pki.certificateFiles = [ ../../../cert.pem ];
|
||||||
}
|
}
|
||||||
|
@@ -1,5 +1,5 @@
|
|||||||
diff --color -u a/config.def.h b/config.def.h
|
diff --color -u a/config.def.h b/config.def.h
|
||||||
--- a/config.def.h 2020-06-19 14:59:45.000000000 +0530
|
--- a/config.def.h 2021-05-28 03:15:40.807354500 +0530
|
||||||
+++ b/config.def.h 2021-05-21 05:21:13.476454500 +0530
|
+++ b/config.def.h 2021-05-21 05:21:13.476454500 +0530
|
||||||
@@ -3,9 +3,10 @@
|
@@ -3,9 +3,10 @@
|
||||||
/*
|
/*
|
||||||
@@ -985,7 +985,7 @@ diff --color -u a/win.h b/win.h
|
|||||||
void xsetmode(int, unsigned int);
|
void xsetmode(int, unsigned int);
|
||||||
diff --color -u a/x.c b/x.c
|
diff --color -u a/x.c b/x.c
|
||||||
--- a/x.c 2020-06-19 14:59:45.000000000 +0530
|
--- a/x.c 2020-06-19 14:59:45.000000000 +0530
|
||||||
+++ b/x.c 2021-05-21 05:20:09.551000300 +0530
|
+++ b/x.c 2021-06-05 02:08:06.403477337 +0530
|
||||||
@@ -93,7 +93,7 @@
|
@@ -93,7 +93,7 @@
|
||||||
Window win;
|
Window win;
|
||||||
Drawable buf;
|
Drawable buf;
|
||||||
@@ -1117,4 +1117,13 @@ diff --color -u a/x.c b/x.c
|
|||||||
xsettitle(char *p)
|
xsettitle(char *p)
|
||||||
{
|
{
|
||||||
XTextProperty prop;
|
XTextProperty prop;
|
||||||
|
@@ -1595,6 +1675,8 @@
|
||||||
|
int
|
||||||
|
xstartdraw(void)
|
||||||
|
{
|
||||||
|
+ if (IS_SET(MODE_VISIBLE))
|
||||||
|
+ XCopyArea(xw.dpy, xw.win, xw.buf, dc.gc, 0, 0, win.w, win.h, 0, 0);
|
||||||
|
return IS_SET(MODE_VISIBLE);
|
||||||
|
}
|
||||||
|
|
||||||
Only in b: x.c.orig
|
Only in b: x.c.orig
|
||||||
|
Reference in New Issue
Block a user