diff --git a/machines/cake/hardware-config.nix b/machines/cake/hardware-config.nix index 8f9df64..8a8d5be 100644 --- a/machines/cake/hardware-config.nix +++ b/machines/cake/hardware-config.nix @@ -5,7 +5,6 @@ #"${nixpkgs}/nixos/modules/installer/sd-card/sd-image-aarch64.nix" ]; boot.kernelPackages = lib.mkForce pkgs.linuxPackages_rpi4; - #nixpkgs.pkgs = nixpkgs.legacyPackages.aarch64-linux; fileSystems = { "/" = { device = "/dev/disk/by-label/NIXOS_SD"; @@ -17,16 +16,14 @@ hardware = { raspberry-pi."4" = { apply-overlays-dtmerge.enable = true; - audio.enable = true; + #audio.enable = true; fkms-3d.enable = true; }; - #deviceTree = { - # enable = true; - # filter = lib.mkForce "*rpi-4-*.dtb"; - #}; + deviceTree = { + enable = true; + filter = lib.mkForce "*rpi-4-*.dtb"; + }; }; - nixpkgs.localSystem.system = "aarch64-linux"; - environment.systemPackages = [ pkgs.libraspberrypi pkgs.raspberrypi-eeprom ]; } diff --git a/machines/gum/config.nix b/machines/gum/config.nix index 092a962..4cf6e00 100644 --- a/machines/gum/config.nix +++ b/machines/gum/config.nix @@ -7,6 +7,8 @@ let allDisks = [ "/dev/sda" "/dev/sdb" ]; in { imports = [ + + ../../2configs/networking/zerotier.nix ./hetznercloud { # wait for mount diff --git a/machines/gum/facts/zerotier-ip b/machines/gum/facts/zerotier-ip new file mode 100644 index 0000000..4f9029b --- /dev/null +++ b/machines/gum/facts/zerotier-ip @@ -0,0 +1 @@ +fdcc:c5da:5295:c853:d499:933d:b874:7e32 \ No newline at end of file diff --git a/machines/gum/facts/zerotier-meshname b/machines/gum/facts/zerotier-meshname new file mode 100644 index 0000000..b45629d --- /dev/null +++ b/machines/gum/facts/zerotier-meshname @@ -0,0 +1 @@ +7xgmlwsssxefhvezsm63q5d6gi \ No newline at end of file diff --git a/machines/omo/config.nix b/machines/omo/config.nix index 27f5359..4d090c6 100644 --- a/machines/omo/config.nix +++ b/machines/omo/config.nix @@ -39,7 +39,7 @@ in { ../../2configs/editor/neovim # ../../2configs/storj/client.nix - + ../../2configs/networking/zerotier.nix ../../2configs/backup/state.nix { makefu.backup.server.repo = "/media/cryptX/backup/borg"; } @@ -156,7 +156,7 @@ in { # Temporary: # ../../2configs/temp/rst-issue.nix - ../../2configs/bgt/social-to-irc.nix + # ../../2configs/bgt/social-to-irc.nix ]; makefu.full-populate = true; diff --git a/machines/omo/facts/zerotier-ip b/machines/omo/facts/zerotier-ip new file mode 100644 index 0000000..6456924 --- /dev/null +++ b/machines/omo/facts/zerotier-ip @@ -0,0 +1 @@ +fdcc:c5da:5295:c853:d499:9359:e39a:d565 \ No newline at end of file diff --git a/machines/omo/facts/zerotier-meshname b/machines/omo/facts/zerotier-meshname new file mode 100644 index 0000000..110a0e8 --- /dev/null +++ b/machines/omo/facts/zerotier-meshname @@ -0,0 +1 @@ +7xgmlwsssxefhvezsnm6hgwvmu \ No newline at end of file diff --git a/machines/omo/hw/omo.nix b/machines/omo/hw/omo.nix index 1fd5212..6386c90 100644 --- a/machines/omo/hw/omo.nix +++ b/machines/omo/hw/omo.nix @@ -41,6 +41,7 @@ in { [ # TODO: unlock home partition via ssh ./vaapi.nix ../../../2configs/fs/sda-crypto-root.nix + ./nvme-extra.nix ]; makefu.server.primary-itf = primaryInterface; diff --git a/machines/wbob/config.nix b/machines/wbob/config.nix index 60e3e28..c663b1c 100644 --- a/machines/wbob/config.nix +++ b/machines/wbob/config.nix @@ -11,6 +11,7 @@ in { ./nuc + ../../2configs/networking/zerotier.nix ../../2configs/home-manager ../../2configs/support-nixos.nix ../../2configs/zsh-user.nix @@ -59,7 +60,8 @@ in { { environment.systemPackages = [ pkgs.vlc ]; } ../../2configs/bam # new hass entry point - ../../2configs/bam/led-fader.nix + # disable + # ../../2configs/bam/led-fader.nix ../../2configs/bam/printer.nix # ../../2configs/bam/kalauerbot.nix now runs in thales # ../../2configs/bam/visitor-photostore.nix diff --git a/machines/x/config.nix b/machines/x/config.nix index 4e548ca..d456a72 100644 --- a/machines/x/config.nix +++ b/machines/x/config.nix @@ -6,6 +6,7 @@ # ./x230 ./x13 + ../../2configs/networking/zerotier.nix ../../2configs/default.nix ## Common Hardware Components # (self + "/makefu/2configs/hw/mceusb.nix") diff --git a/sops/secrets/gum-zerotier-identity-secret/machines/gum b/sops/secrets/gum-zerotier-identity-secret/machines/gum new file mode 120000 index 0000000..16ac20d --- /dev/null +++ b/sops/secrets/gum-zerotier-identity-secret/machines/gum @@ -0,0 +1 @@ +../../../machines/gum \ No newline at end of file diff --git a/sops/secrets/gum-zerotier-identity-secret/secret b/sops/secrets/gum-zerotier-identity-secret/secret new file mode 100644 index 0000000..9429175 --- /dev/null +++ b/sops/secrets/gum-zerotier-identity-secret/secret @@ -0,0 +1,24 @@ +{ + "data": "ENC[AES256_GCM,data:7nycDcjXOAXOSVkErx6xlUExS8Rn1T7O0EXD/6peVLzaX2Pk2II2hfLj2h8E7NHQS6cajQgKewdCtveoAJ/2Ndps20ENWD0D3yBQZhBSzfWvjJKhOaRc8zt4lO0HJtVvBLkL8fTEGt3cfaYsfSZmeuK7YINvhibNm+ay6Klx5eAfWYkvBJhMvkPeyXkwrGoECKRtrBkiyvO1bWwOGZ4gFoFyfA91B3rbhDUdF8rLUK7rRkY4kAsWf1EPczKJ0St/rkit6UXp2v9b8+PcSNbZQsOLRdVNF9lhmZx7wfGu5jmjrHWXcgHTDtSro/VPf+qgpmg+MEpeWFXsE8FcDuNjTFq0L84knat6YX0KgXV8,iv:kchginy7XRXhnnqYwRiErMIJj2Wg3XqCvwANP6iietY=,tag:CsTKpyTmHo8jlJ3CjwtQzg==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": [ + { + "recipient": "age13ekyvn5ux7zyvclwlrpnhgauw5s6dzn538msjka8vpwhu535ychqa7dk7a", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBIWG9xQms0WCtBekJNRGZq\nOXRSYzNOcVF0WUhaRTNRUHIvM1dKczBZSUNrCklPMWhxUWpuM21KVjF6NEEraDYr\nR1JpQXpvSHdldUFTbzFwYVY4V2RlaGcKLS0tIFJBMy9CeGZCTW81RW5HclgrekhL\nL2plb2RCU0VCZko5VUJxczZRamE1dUUK3pGrUlVuj6dPEPZ5Ul8av4zeH+NlZzQ0\nk1qiRydDa0khgidmY6vJTlA3xV+Ey91dMHgLZ7GAxXrjsoK8R40KrQ==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1vh6qdlxzfsy8gquvzwsfz40ezkx9m5m9q8sj4225nh3mr9lrjvrqt079mp", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2R1JmTjZyajJwemYrMnND\nNTBvYmc4UEpPQUE5OUw2elVaS1VQL0hKTnpnCmFEbmNZYjVzVTJDRHRLS1I2ekF5\nRjQ2TE1MdnY5RlZYeXk2ZWNmRENFRDgKLS0tIGxjTXhNd3pjTHB2ZVdXVnVuQTdQ\nY2o2ZUVMYUx3YVZCR1NudXF1VnNxRXMKIUbVdJ8BuXgJ3bgRbt8M+IVykbZzKAAQ\nVHP23+uQA4xAtAGqhwGbpfNzN63DRybX4i0/W0HAkdOpmDogKZNiCQ==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2024-02-14T22:43:12Z", + "mac": "ENC[AES256_GCM,data:B7xvcQvbEVhXVQLRqgTrUF8kfEaYu5RTwDRxqpK7mz011mDt5lY+dPBzX724zlzZ7wKiZYoYTXp7e8ufJQsdM1LL3YZtuB65OSPqPRP9bYfEnqYhfxkywNCmwCFeQics+QkZfVtXaoSjd4bKwKKBpYDMZCTzz0HzzeNS0VbToMc=,iv:fHGdSNo74tJOv/mkoaH1ikG58wCUmmJFpi5rat64FRs=,tag:HGFyHDtQ4Oy2AQ855Kt/GA==,type:str]", + "pgp": null, + "unencrypted_suffix": "_unencrypted", + "version": "3.8.1" + } +} \ No newline at end of file diff --git a/sops/secrets/gum-zerotier-identity-secret/users/makefu b/sops/secrets/gum-zerotier-identity-secret/users/makefu new file mode 120000 index 0000000..f0f9f2c --- /dev/null +++ b/sops/secrets/gum-zerotier-identity-secret/users/makefu @@ -0,0 +1 @@ +../../../users/makefu \ No newline at end of file diff --git a/sops/secrets/omo-zerotier-identity-secret/machines/omo b/sops/secrets/omo-zerotier-identity-secret/machines/omo new file mode 120000 index 0000000..360e62c --- /dev/null +++ b/sops/secrets/omo-zerotier-identity-secret/machines/omo @@ -0,0 +1 @@ +../../../machines/omo \ No newline at end of file diff --git a/sops/secrets/omo-zerotier-identity-secret/secret b/sops/secrets/omo-zerotier-identity-secret/secret new file mode 100644 index 0000000..48d4b1f --- /dev/null +++ b/sops/secrets/omo-zerotier-identity-secret/secret @@ -0,0 +1,24 @@ +{ + "data": "ENC[AES256_GCM,data:bWvA4ThmuXzQYhzaEiOhap3ObZ2m/SzJniU3bpmF1lejCJhVR/5Y7ugOemG1znNcZbnqihYFI+WCvtvHR542rILP0qEuFlxN4jOWrtRtDmti6VLvF80MV1QgPwqgTdyPWImgYcoOLqQxG/v3SHXY8lwR5wcG8BnQ6qOLNbrbBLxX6CgZqyKjA6nDTCEDBgcd8f9iB0/PdIWADAdcy+y+ngzMbs7jdi2gn6ThtlIMvlJH5dYnmxpX+yXEwgBXDm/DQDxQOk2vf1OPdc6bRzHmBKI+E4LjoL1FHQpKpLW5Pn4Jde4hjMzSEv4JdQ0gzf78YnpVSyk8B/W8ktGxJXQ/PhySuFytOiHrCs474w3h,iv:sb6R4X1Y3JxS3F5X4qQucxmkuFjy0F0DMhC+HyCBx+U=,tag:QscAp6rOLqNfaWdBvWyRfA==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": [ + { + "recipient": "age1g0h4fhgnfr7zvp3mqa32u24k4nlfpqmk4dvl5pwnj7t3m6zl2cfs3mw7ht", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKbDlJMjZ2N2ZvaDdLNWFy\nbVJ0SHFncDdwTXJNaUhFcHExendoc2lTSEZVCmVaVjNKQ2F3YVl0SVRFTlBUdFB6\nU2szMnE3K2pYZmN1REhNMzBveGw3MlEKLS0tIG1jdHh5cm1HR0w2MUtXVWgrcjRV\nbGZVWEF3ZmZvUHJISzBIeCttejl0VzgKV2f5YDKosxnVzeJzcuqG0Wb+60Fd/0UG\n1zZkViEwFm3rKxZ25LsJ27h2FvVYqhMbBRujbgwgE6ZsDRvZ5p8tDw==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1vh6qdlxzfsy8gquvzwsfz40ezkx9m5m9q8sj4225nh3mr9lrjvrqt079mp", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBodEFPVGdmUTh1NUZ1WlRu\nUmJHQURhOWM0ZWt0djhBeDVPOXFaTWpuQlNJClRWZ0gwTHFwVTRHVDFvMW8zVEpC\nZVlOR3BnZG5iOXBiN1g3L1hnQWljbEEKLS0tIG5VS3VvKzJXUGdWUkMzaVNQSm9p\ndnE4REpJMk0zV2o5MkRTVXdVVGRSMDgK4wdId9Os1cRlMWvhuIJM620hkn+psb55\neroDvLfYZ7J1wuq+aL+wf2b2kDaiVdCoSoIUONVL8h6rYNWKAfhk2w==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2024-02-14T22:42:42Z", + "mac": "ENC[AES256_GCM,data:vhxKg9ch9fDGEWgeM6RTAAx3UIUlGdK4hGxTyVvnMcwCjjhIl4RtR5rD8hQFXpwLbYSkJyUMknBvQSEoJTowOXS7GHdOnpp1THyp4Q4OV/IeBp2yH0aAq9Gzh7hBJLeCeGx7KfMjwfvLHzSa4G1WsA27ckFU8juX7xIxYn3EtxI=,iv:NtUXBGf+iwd8tyctL4ANCWmeaE/HmMYkd/sI+hFC6Gk=,tag:LXnpsa105gdWC+AhuyDEjg==,type:str]", + "pgp": null, + "unencrypted_suffix": "_unencrypted", + "version": "3.8.1" + } +} \ No newline at end of file diff --git a/sops/secrets/omo-zerotier-identity-secret/users/makefu b/sops/secrets/omo-zerotier-identity-secret/users/makefu new file mode 120000 index 0000000..f0f9f2c --- /dev/null +++ b/sops/secrets/omo-zerotier-identity-secret/users/makefu @@ -0,0 +1 @@ +../../../users/makefu \ No newline at end of file