Compare commits
3 Commits
dd8a485632
...
06c858e094
| Author | SHA1 | Date | |
|---|---|---|---|
| 06c858e094 | |||
| 8cfd621319 | |||
| 4356d8b202 |
@@ -62,6 +62,8 @@ in
|
||||
secrets.username = username;
|
||||
docker.user = username;
|
||||
|
||||
nix.settings.secret-key-files = [ config.sops.secrets.nix_signing_key_andromache.path ];
|
||||
|
||||
disko.devices = {
|
||||
disk.data = {
|
||||
type = "disk";
|
||||
@@ -91,7 +93,7 @@ in
|
||||
];
|
||||
|
||||
my.yubikey = {
|
||||
enable = false;
|
||||
enable = true;
|
||||
inherit username;
|
||||
keys = [
|
||||
{
|
||||
|
||||
@@ -61,6 +61,8 @@ in
|
||||
nfc.user = username;
|
||||
desktop.ly.enable = true;
|
||||
|
||||
nix.settings.secret-key-files = [ config.sops.secrets.nix_signing_key_astyanax.path ];
|
||||
|
||||
hardware = {
|
||||
cpu.intel.updateMicrocode = true;
|
||||
# https://wiki.nixos.org/wiki/Intel_Graphics
|
||||
|
||||
@@ -29,6 +29,8 @@ in
|
||||
"anki_sync_user".owner = config.users.users.${cfg.username}.name;
|
||||
"anki_sync_key".owner = config.users.users.${cfg.username}.name;
|
||||
"hcloud".owner = config.users.users.${cfg.username}.name;
|
||||
"nix_signing_key_astyanax" = { };
|
||||
"nix_signing_key_andromache" = { };
|
||||
"opencode_api_key".owner = config.users.users.${cfg.username}.name;
|
||||
# TODO: using shared secrets for now, but would be better to to per-host secrets
|
||||
# To add per-host secrets:
|
||||
|
||||
@@ -60,7 +60,7 @@ in
|
||||
settings = {
|
||||
interactive = true;
|
||||
cue = true;
|
||||
inherit (cfg) origin;
|
||||
origin = cfg.origin;
|
||||
authfile = pkgs.writeText "u2f-mappings" (authfileContent cfg.username cfg.keys);
|
||||
};
|
||||
};
|
||||
|
||||
Reference in New Issue
Block a user