hektor/nix
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: hektor:dd8a4856324de21995fcceb553bc110eaf722936
Branches Tags
hektor:main
..
compare: hektor:06c858e0943cc2eba104705397476f46de244ceb
Branches Tags
hektor:main

3 Commits
dd8a485632 ... 06c858e094

Author SHA1 Message Date
Hektor Misplon
06c858e094 chore: update lockfile 2026-03-10 21:03:12 +01:00
Hektor Misplon
8cfd621319 refactor(home): organize home manager modules 2026-03-10 21:00:28 +01:00
Hektor Misplon
4356d8b202 feat: add 'yubikey' module to 'andromache' host 2026-03-10 20:56:59 +01:00
4 changed files with 8 additions and 2 deletions
Expand all files Collapse all files

4
hosts/andromache/default.nix
View File

@@ -62,6 +62,8 @@ in
secrets.username = username; secrets.username = username;
docker.user = username; docker.user = username;
nix.settings.secret-key-files = [ config.sops.secrets.nix_signing_key_andromache.path ];
disko.devices = { disko.devices = {
disk.data = { disk.data = {
type = "disk"; type = "disk";
@@ -91,7 +93,7 @@ in
]; ];
my.yubikey = { my.yubikey = {
enable = false; enable = true;
inherit username; inherit username;
keys = [ keys = [
{ {

2
hosts/astyanax/default.nix
View File

@@ -61,6 +61,8 @@ in
nfc.user = username; nfc.user = username;
desktop.ly.enable = true; desktop.ly.enable = true;
nix.settings.secret-key-files = [ config.sops.secrets.nix_signing_key_astyanax.path ];
hardware = { hardware = {
cpu.intel.updateMicrocode = true; cpu.intel.updateMicrocode = true;
# https://wiki.nixos.org/wiki/Intel_Graphics # https://wiki.nixos.org/wiki/Intel_Graphics

2
modules/secrets/default.nix
View File

@@ -29,6 +29,8 @@ in
"anki_sync_user".owner = config.users.users.${cfg.username}.name; "anki_sync_user".owner = config.users.users.${cfg.username}.name;
"anki_sync_key".owner = config.users.users.${cfg.username}.name; "anki_sync_key".owner = config.users.users.${cfg.username}.name;
"hcloud".owner = config.users.users.${cfg.username}.name; "hcloud".owner = config.users.users.${cfg.username}.name;
"nix_signing_key_astyanax" = { };
"nix_signing_key_andromache" = { };
"opencode_api_key".owner = config.users.users.${cfg.username}.name; "opencode_api_key".owner = config.users.users.${cfg.username}.name;
# TODO: using shared secrets for now, but would be better to to per-host secrets # TODO: using shared secrets for now, but would be better to to per-host secrets
# To add per-host secrets: # To add per-host secrets:

2
modules/yubikey/default.nix
View File

@@ -60,7 +60,7 @@ in
settings = { settings = {
interactive = true; interactive = true;
cue = true; cue = true;
inherit (cfg) origin; origin = cfg.origin;
authfile = pkgs.writeText "u2f-mappings" (authfileContent cfg.username cfg.keys); authfile = pkgs.writeText "u2f-mappings" (authfileContent cfg.username cfg.keys);
}; };
}; };