hektor/nix
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: hektor:06c858e0943cc2eba104705397476f46de244ceb
Branches Tags
hektor:main
..
compare: hektor:dd8a4856324de21995fcceb553bc110eaf722936
Branches Tags
hektor:main

4 Commits
06c858e094 ... dd8a485632

Author SHA1 Message Date
Hektor Misplon
dd8a485632 fix: remove signing keys 2026-03-11 19:38:43 +01:00
Hektor Misplon
adf7793f8c chore: update lockfile 2026-03-11 19:38:43 +01:00
Hektor Misplon
6643ba6bee refactor(home): organize home manager modules 2026-03-11 19:38:43 +01:00
Hektor Misplon
c5254c96a0 feat: add 'yubikey' module to 'andromache' host 2026-03-11 19:38:43 +01:00
4 changed files with 2 additions and 8 deletions
Expand all files Collapse all files

4
hosts/andromache/default.nix
View File

@@ -62,8 +62,6 @@ in
secrets.username = username; secrets.username = username;
docker.user = username; docker.user = username;
nix.settings.secret-key-files = [ config.sops.secrets.nix_signing_key_andromache.path ];
disko.devices = { disko.devices = {
disk.data = { disk.data = {
type = "disk"; type = "disk";
@@ -93,7 +91,7 @@ in
]; ];
my.yubikey = { my.yubikey = {
enable = true; enable = false;
inherit username; inherit username;
keys = [ keys = [
{ {

2
hosts/astyanax/default.nix
View File

@@ -61,8 +61,6 @@ in
nfc.user = username; nfc.user = username;
desktop.ly.enable = true; desktop.ly.enable = true;
nix.settings.secret-key-files = [ config.sops.secrets.nix_signing_key_astyanax.path ];
hardware = { hardware = {
cpu.intel.updateMicrocode = true; cpu.intel.updateMicrocode = true;
# https://wiki.nixos.org/wiki/Intel_Graphics # https://wiki.nixos.org/wiki/Intel_Graphics

2
modules/secrets/default.nix
View File

@@ -29,8 +29,6 @@ in
"anki_sync_user".owner = config.users.users.${cfg.username}.name; "anki_sync_user".owner = config.users.users.${cfg.username}.name;
"anki_sync_key".owner = config.users.users.${cfg.username}.name; "anki_sync_key".owner = config.users.users.${cfg.username}.name;
"hcloud".owner = config.users.users.${cfg.username}.name; "hcloud".owner = config.users.users.${cfg.username}.name;
"nix_signing_key_astyanax" = { };
"nix_signing_key_andromache" = { };
"opencode_api_key".owner = config.users.users.${cfg.username}.name; "opencode_api_key".owner = config.users.users.${cfg.username}.name;
# TODO: using shared secrets for now, but would be better to to per-host secrets # TODO: using shared secrets for now, but would be better to to per-host secrets
# To add per-host secrets: # To add per-host secrets:

2
modules/yubikey/default.nix
View File

@@ -60,7 +60,7 @@ in
settings = { settings = {
interactive = true; interactive = true;
cue = true; cue = true;
origin = cfg.origin; inherit (cfg) origin;
authfile = pkgs.writeText "u2f-mappings" (authfileContent cfg.username cfg.keys); authfile = pkgs.writeText "u2f-mappings" (authfileContent cfg.username cfg.keys);
}; };
}; };