From ebbbb431254e3017d319dbe4df281621929d1ba6 Mon Sep 17 00:00:00 2001
From: =?utf8?q?S=C3=A9verine=20Popek?= <severine.popek@autistici.org>
Date: Wed, 7 Apr 2021 03:57:19 +0200
Subject: [PATCH] git-crypt: add key for sevy
---
.gitattributes | 2 ++
flake.lock | 7 ++++---
flake.nix | 2 +-
homes/sevy.nix | 1 +
hosts/oignon.nix | 2 +-
hosts/patate/backup/rsync-backup.nix | 3 ++-
hosts/patate/hardware.nix | 14 ++++++++++++++
install | 2 +-
private/world/sevy/hashedPassword | Bin 0 -> 122 bytes
9 files changed, 26 insertions(+), 7 deletions(-)
create mode 100644 private/world/sevy/hashedPassword
diff --git a/.gitattributes b/.gitattributes
index 5143514..de09678 100644
--- a/.gitattributes
+++ b/.gitattributes
@@ -1,2 +1,4 @@
private/root/oignon/** filter=git-crypt-julm diff=git-crypt-julm
private/world/julm/** filter=git-crypt-julm diff=git-crypt-julm
+private/root/patate/** filter=git-crypt-sevy diff=git-crypt-sevy
+private/world/sevy/** filter=git-crypt-sevy diff=git-crypt-sevy
diff --git a/flake.lock b/flake.lock
index f33f1ae..448c4aa 100644
--- a/flake.lock
+++ b/flake.lock
@@ -20,15 +20,16 @@
"nixpkgs": "nixpkgs"
},
"locked": {
- "lastModified": 1607156297,
- "narHash": "sha256-rRu3Nq3oRAaDDgJuNQhH7wD+rQfYoviNhrpqXyOlJjI=",
+ "lastModified": 1617625888,
+ "narHash": "sha256-GuVivqQPZUskBhu4uQAgWhGI1sVuqz7nRMV+Rc+yWBU=",
"owner": "nix-community",
"repo": "home-manager",
- "rev": "275d1b52126674764f0f3d15c73c2add511bd310",
+ "rev": "f019c1cf16d0019d332ef43cffa0bd9bf007252b",
"type": "github"
},
"original": {
"owner": "nix-community",
+ "ref": "release-20.09",
"repo": "home-manager",
"type": "github"
}
diff --git a/flake.nix b/flake.nix
index 5221d64..f2a5fb4 100644
--- a/flake.nix
+++ b/flake.nix
@@ -1,7 +1,7 @@
{
inputs.nixpkgs.url = "github:NixOS/nixpkgs/34f85de51bbc74595e63b22ee089adbb31f7c7a2";
inputs.flake-utils.url = "github:numtide/flake-utils";
-inputs.home-manager.url = "github:nix-community/home-manager";
+inputs.home-manager.url = "github:nix-community/home-manager/release-20.09";
#inputs.pass = { type = "path"; path = "./pass"; flake = false; };
outputs = inputs: let
remoteNixpkgsPatches = import nixpkgs/patches.nix;
diff --git a/homes/sevy.nix b/homes/sevy.nix
index e20f524..a75638e 100644
--- a/homes/sevy.nix
+++ b/homes/sevy.nix
@@ -44,6 +44,7 @@ home.packages = [
pkgs.curl
pkgs.dino
#pkgs.dnsutils
+ pkgs.dstat
pkgs.ffmpeg
pkgs.file
pkgs.git-crypt
diff --git a/hosts/oignon.nix b/hosts/oignon.nix
index 6d31ae9..f9918cc 100644
--- a/hosts/oignon.nix
+++ b/hosts/oignon.nix
@@ -59,7 +59,7 @@ nix = {
};
nix.sshServe = {
enable = true;
- keys = [ (lib.readFile ../private/world/sevy/ssh/id_ed25519.pub) ];
+ keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOOaag1MS41CRZrAji3K5IDROh5szSo34SDB0HNXGQtX julm@losurdo" ];
};
services.openssh.passwordAuthentication = false;
diff --git a/hosts/patate/backup/rsync-backup.nix b/hosts/patate/backup/rsync-backup.nix
index 3e4b7e1..0599b6e 100644
--- a/hosts/patate/backup/rsync-backup.nix
+++ b/hosts/patate/backup/rsync-backup.nix
@@ -31,7 +31,8 @@ home-manager.users.sevy = {
ExecStart = pkgs.writeShellScript "rsync-backup" ''
FS_LABEL=$1
set -eux
- DEVICE=$(${pkgs.util-linux}/bin/blkid -l -o device -t LABEL="$FS_LABEL")
+ # FIXME: utillinux -> unit-linux when updating to 20.05
+ DEVICE=$(${pkgs.utillinux}/bin/blkid -l -o device -t LABEL="$FS_LABEL")
while ! ${pkgs.glib}/bin/gio mount --device "$DEVICE"
do test ! -d /run/media/sevy/"$FS_LABEL" || break
sleep 1
diff --git a/hosts/patate/hardware.nix b/hosts/patate/hardware.nix
index 018a87c..d3849ee 100644
--- a/hosts/patate/hardware.nix
+++ b/hosts/patate/hardware.nix
@@ -4,6 +4,19 @@ hardware.cpu.intel.updateMicrocode = true;
powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
services.thinkfan = {
enable = true;
+ # FIXME: uncomment when updating to 21.05
+ levels = ''
+ (0, 0, 57)
+ (1, 56, 62)
+ (2, 61, 65)
+ (3, 64, 66)
+ (4, 65, 68)
+ (5, 67, 71)
+ (6, 70, 76)
+ (7, 75, 81)
+ (127, 80, 32767)
+ '';
+ /*
levels = [
[0 0 57]
[1 56 62]
@@ -15,6 +28,7 @@ services.thinkfan = {
[7 75 81]
[127 80 32767]
];
+ */
};
# https://bugzilla.kernel.org/show_bug.cgi?id=110941
diff --git a/install b/install
index b211adf..07783bf 100755
--- a/install
+++ b/install
@@ -7,5 +7,5 @@ else
trap 'git reset private/root' EXIT
git rm -rf --cached --ignore-unmatch private/root # prevent copying to /nix/store
nixos-rebuild switch --flake . "$@"
- nix-env --delete-generations +2 --profile /nix/var/nix/profiles/system
+ nix-env --delete-generations +9 --profile /nix/var/nix/profiles/system
fi
diff --git a/private/world/sevy/hashedPassword b/private/world/sevy/hashedPassword
new file mode 100644
index 0000000000000000000000000000000000000000..d1b273d5922c22f47336367915171b8d3210f166
GIT binary patch
literal 122
zcmV-=0EPbmM@dveQdv+`05QjjKmd-ngsWN#kPwT~!{1c<9A#(dFt_h#2!Ij0b8eRv
znQzENyH0DZ29`Jj)fzk65es$xCKr$NOn5__S|$slfOfY<kXHY=-a)=i12lNK8|t$y
c9V`O-jrn;>xY9xk94;f9?XrYr9-nGC`DjWtasU7T
literal 0
HcmV?d00001
--
2.47.2