git-crypt: add key for sevy
authorSéverine Popek <severine.popek@autistici.org>
Wed, 7 Apr 2021 01:57:19 +0000 (03:57 +0200)
committerSéverine Popek <severine.popek@autistici.org>
Wed, 7 Apr 2021 02:31:54 +0000 (04:31 +0200)
.gitattributes
flake.lock
flake.nix
homes/sevy.nix
hosts/oignon.nix
hosts/patate/backup/rsync-backup.nix
hosts/patate/hardware.nix
install
private/world/sevy/hashedPassword [new file with mode: 0644]

index 5143514841dfb26ca8969c2197fcc1f20aaf5aa8..de096781b54df7087605592182d31bd3dcb1e34d 100644 (file)
@@ -1,2 +1,4 @@
 private/root/oignon/** filter=git-crypt-julm diff=git-crypt-julm
 private/world/julm/**  filter=git-crypt-julm diff=git-crypt-julm
+private/root/patate/** filter=git-crypt-sevy diff=git-crypt-sevy
+private/world/sevy/**  filter=git-crypt-sevy diff=git-crypt-sevy
index f33f1ae7db58c6c99a8e5e4c8d7d27e1387194ce..448c4aaec98dc77ac5708d0aeb8e8a01c3053b9d 100644 (file)
         "nixpkgs": "nixpkgs"
       },
       "locked": {
-        "lastModified": 1607156297,
-        "narHash": "sha256-rRu3Nq3oRAaDDgJuNQhH7wD+rQfYoviNhrpqXyOlJjI=",
+        "lastModified": 1617625888,
+        "narHash": "sha256-GuVivqQPZUskBhu4uQAgWhGI1sVuqz7nRMV+Rc+yWBU=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "275d1b52126674764f0f3d15c73c2add511bd310",
+        "rev": "f019c1cf16d0019d332ef43cffa0bd9bf007252b",
         "type": "github"
       },
       "original": {
         "owner": "nix-community",
+        "ref": "release-20.09",
         "repo": "home-manager",
         "type": "github"
       }
index 5221d649489947dc1fccb2ccbd4d44d9b9117d03..f2a5fb4dcceba4d25d8b2b2ecd0fec99b00803b5 100644 (file)
--- a/flake.nix
+++ b/flake.nix
@@ -1,7 +1,7 @@
 {
 inputs.nixpkgs.url = "github:NixOS/nixpkgs/34f85de51bbc74595e63b22ee089adbb31f7c7a2";
 inputs.flake-utils.url = "github:numtide/flake-utils";
-inputs.home-manager.url = "github:nix-community/home-manager";
+inputs.home-manager.url = "github:nix-community/home-manager/release-20.09";
 #inputs.pass = { type = "path"; path = "./pass"; flake = false; };
 outputs = inputs: let
   remoteNixpkgsPatches = import nixpkgs/patches.nix;
index e20f5240153a1ba8f1eefb6e11bf82b70b971e4e..a75638eedb57fc6fa5aa4b2438554725ffb76d18 100644 (file)
@@ -44,6 +44,7 @@ home.packages = [
   pkgs.curl
   pkgs.dino
   #pkgs.dnsutils
+  pkgs.dstat
   pkgs.ffmpeg
   pkgs.file
   pkgs.git-crypt
index 6d31ae9466fb955419c4790bb64a7e1d962808ef..f9918cca9f156b41100ae790a7f458ed7534ebb5 100644 (file)
@@ -59,7 +59,7 @@ nix = {
 };
 nix.sshServe = {
   enable = true;
-  keys = [ (lib.readFile ../private/world/sevy/ssh/id_ed25519.pub) ];
+  keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOOaag1MS41CRZrAji3K5IDROh5szSo34SDB0HNXGQtX julm@losurdo" ];
 };
 services.openssh.passwordAuthentication = false;
 
index 3e4b7e1b8b467aeb924d35772d3ab4f4cec2a248..0599b6e1dfbf1616a06d1f9f3d17b0a92a88ad2c 100644 (file)
@@ -31,7 +31,8 @@ home-manager.users.sevy = {
       ExecStart = pkgs.writeShellScript "rsync-backup" ''
         FS_LABEL=$1
         set -eux
-        DEVICE=$(${pkgs.util-linux}/bin/blkid -l -o device -t LABEL="$FS_LABEL")
+        # FIXME: utillinux -> unit-linux when updating to 20.05
+        DEVICE=$(${pkgs.utillinux}/bin/blkid -l -o device -t LABEL="$FS_LABEL")
         while ! ${pkgs.glib}/bin/gio mount --device "$DEVICE"
           do test ! -d /run/media/sevy/"$FS_LABEL" || break
              sleep 1
index 018a87c828efb38b616fb2dd5b0753d8c630e5a4..d3849ee4a5242d6b241741c98ebc5582a9b972fc 100644 (file)
@@ -4,6 +4,19 @@ hardware.cpu.intel.updateMicrocode = true;
 powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
 services.thinkfan = {
   enable = true;
+  # FIXME: uncomment when updating to 21.05
+  levels = ''
+    (0,     0,      57)
+    (1,     56,     62)
+    (2,     61,     65)
+    (3,     64,     66)
+    (4,     65,     68)
+    (5,     67,     71)
+    (6,     70,     76)
+    (7,     75,     81)
+    (127,   80,     32767)
+  '';
+  /*
   levels = [
     [0     0      57]
     [1     56     62]
@@ -15,6 +28,7 @@ services.thinkfan = {
     [7     75     81]
     [127   80     32767]
   ];
+  */
 };
 
 # https://bugzilla.kernel.org/show_bug.cgi?id=110941
diff --git a/install b/install
index b211adf4bff6d06aff7e6a58424f281459596e07..07783bf5c3632d577d033cbbd2d7af7b13cbaea8 100755 (executable)
--- a/install
+++ b/install
@@ -7,5 +7,5 @@ else
   trap 'git reset private/root' EXIT
   git rm -rf --cached --ignore-unmatch private/root # prevent copying to /nix/store
   nixos-rebuild switch --flake . "$@"
-  nix-env --delete-generations +2 --profile /nix/var/nix/profiles/system
+  nix-env --delete-generations +9 --profile /nix/var/nix/profiles/system
 fi
diff --git a/private/world/sevy/hashedPassword b/private/world/sevy/hashedPassword
new file mode 100644 (file)
index 0000000..d1b273d
Binary files /dev/null and b/private/world/sevy/hashedPassword differ