From 88b1b75c8220fc8c66bfd9489dfc555cd1ef2f8c Mon Sep 17 00:00:00 2001 From: Malte Tammena Date: Sun, 18 Aug 2024 12:22:51 +0200 Subject: [PATCH] chore: drop host/trochulus-hispidus + user/marie --- .sops.yaml | 7 -- hardware/latitude-e7440.nix | 34 -------- hashes.nix | 1 - hosts/faunus-ater/modules/timetagger.nix | 2 +- hosts/granodomus-lima/default.nix | 2 +- hosts/murex-pecten/default.nix | 1 - hosts/trochulus-hispidus/default.nix | 104 ----------------------- modules/base-system.nix | 1 - modules/marie.nix | 43 ---------- secrets/users/marie/secrets.yaml | 62 -------------- users/marie/default.nix | 81 ------------------ 11 files changed, 2 insertions(+), 336 deletions(-) delete mode 100644 hardware/latitude-e7440.nix delete mode 100644 hosts/trochulus-hispidus/default.nix delete mode 100644 modules/marie.nix delete mode 100644 secrets/users/marie/secrets.yaml delete mode 100644 users/marie/default.nix diff --git a/.sops.yaml b/.sops.yaml index 1a39f8e..664dac6 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -79,13 +79,6 @@ creation_rules: age: - *helix-texta - *murex-pecten - - path_regex: secrets/users/marie/[^/]+\.yaml$ - key_groups: - - pgp: - - *malte - age: - - *trochulus-hispidus - - *murex-pecten - path_regex: secrets/users/deck/[^/]+\.yaml$ key_groups: - pgp: diff --git a/hardware/latitude-e7440.nix b/hardware/latitude-e7440.nix deleted file mode 100644 index 848a23f..0000000 --- a/hardware/latitude-e7440.nix +++ /dev/null @@ -1,34 +0,0 @@ -{ - config, - lib, - modulesPath, - ... -}: { - imports = [(modulesPath + "/installer/scan/not-detected.nix")]; - - boot.initrd.availableKernelModules = ["xhci_pci" "ehci_pci" "ahci" "usb_storage" "sd_mod" "sdhci_pci"]; - boot.initrd.kernelModules = []; - boot.kernelModules = ["kvm-intel"]; - boot.extraModulePackages = []; - - fileSystems."/" = { - label = "root"; - fsType = "ext4"; - }; - - fileSystems."/boot" = { - label = "boot"; - fsType = "vfat"; - options = [ - "fmask=0077" - "dmask=0077" - ]; - }; - - swapDevices = [ - {label = "swap";} - ]; - - hardware.cpu.intel.updateMicrocode = - lib.mkDefault config.hardware.enableRedistributableFirmware; -} diff --git a/hashes.nix b/hashes.nix index 43b869c..5438173 100644 --- a/hashes.nix +++ b/hashes.nix @@ -9,7 +9,6 @@ hash = "sha256-mdkRuEzfWhdbX0DD6uwc1o8kXjqk1Y0+FFKHrM2m81w="; cargoHash = "sha256-5nhtGqukZ8tp7gPV+JiUEHTzWUj6JtsB2i7bODcXJSc="; }; - pexel-bg.hash = "sha256-Su2UwFpZKj5sa80UrcDSX9O2GuVI6XR2gSLpp4gJZP0="; youtubePlugin = { hash = "sha256-gJ7RGB0pSG/iLdpmXHpQOoQTisXnMl1Mgd0KYFgg2qI="; version = "7.0.3.2"; diff --git a/hosts/faunus-ater/modules/timetagger.nix b/hosts/faunus-ater/modules/timetagger.nix index f562f20..3417637 100644 --- a/hosts/faunus-ater/modules/timetagger.nix +++ b/hosts/faunus-ater/modules/timetagger.nix @@ -10,7 +10,7 @@ TIMETAGGER_BIND = "0.0.0.0:5873"; TIMETAGGER_DATADIR = "/root/_timetagger"; TIMETAGGER_LOG_LEVEL = "info"; - TIMETAGGER_CREDENTIALS = "malte:$2a$08$NAbUfqRJhoy/rI9MoAHyNeXNQ2v7mh9zUbcG/naH0W6RkP9cCxfH6,marie:$2a$08$ubOZWO510y5bgwIl0O4Ne.dKZdWoHqEMzvs56L6esqvLfBJ/6OgYm"; + TIMETAGGER_CREDENTIALS = "malte:$2a$08$NAbUfqRJhoy/rI9MoAHyNeXNQ2v7mh9zUbcG/naH0W6RkP9cCxfH6"; }; volumes = [ "/data/dirty/timetagger:/root/_timetagger" diff --git a/hosts/granodomus-lima/default.nix b/hosts/granodomus-lima/default.nix index 66cac01..11ed934 100644 --- a/hosts/granodomus-lima/default.nix +++ b/hosts/granodomus-lima/default.nix @@ -44,7 +44,7 @@ in { lib.flatten (lib.attrsets.mapAttrsToList extractIPs vpn); }; - # Run radicale with infcloud interface for me and Marie + # Run radicale with infcloud interface for me services.radicaleWithInfcloud.enable = true; services.nginx.virtualHosts = let diff --git a/hosts/murex-pecten/default.nix b/hosts/murex-pecten/default.nix index 4191795..64229c3 100644 --- a/hosts/murex-pecten/default.nix +++ b/hosts/murex-pecten/default.nix @@ -84,7 +84,6 @@ }; users.mutableUsers = false; - users.custom.marie.enable = false; users.custom.malte.enable = true; fonts = { diff --git a/hosts/trochulus-hispidus/default.nix b/hosts/trochulus-hispidus/default.nix deleted file mode 100644 index 51612a5..0000000 --- a/hosts/trochulus-hispidus/default.nix +++ /dev/null @@ -1,104 +0,0 @@ -{ - pkgs, - inputs, - ... -}: { - imports = [ - inputs.nixos-hardware.nixosModules.common-cpu-intel - inputs.nixos-hardware.nixosModules.common-pc-laptop - inputs.nixos-hardware.nixosModules.common-pc-laptop-ssd - inputs.self.nixosModules.homeManagerConfig - ../../hardware/latitude-e7440.nix - ]; - config = { - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = true; - - networking.hostName = "trochulus-hispidus"; - - networking.interfaces.eno1.useDHCP = true; - networking.interfaces.wlp2s0.useDHCP = true; - - settings.minimalGnome.enable = true; - - hardware = { - opengl = { - enable = true; - driSupport = true; - driSupport32Bit = true; - extraPackages = with pkgs; [ - intel-media-driver - vaapiIntel - vaapiVdpau - libvdpau-va-gl - ]; - - extraPackages32 = with pkgs.pkgsi686Linux; [vaapiIntel]; - }; - }; - - # Make sure her settings are all in German since she prefers it that way! - i18n.defaultLocale = "de_DE.UTF-8"; - console = { - font = "Lat2-Terminus16"; - keyMap = "de"; - }; - services.xserver.layout = "de"; - - # TODO: Remove when firefox' RDD is fixed (allows libva) - environment.variables."MOZ_DISABLE_RDD_SANDBOX" = "1"; - - # Enable the X11 windowing system. - services.xserver = { - enable = true; - # Enable the GNOME Desktop Environment. - displayManager.gdm.enable = true; - desktopManager.gnome.enable = true; - - libinput.enable = true; - libinput.mouse.accelProfile = "flat"; - libinput.touchpad.accelProfile = "flat"; - }; - # But disable geary in favour of evolution - programs.geary.enable = false; - programs.evolution.enable = true; - - services.fwupd.enable = true; - services.devmon.enable = true; - - # Enable sound. - sound.enable = true; - hardware.pulseaudio.enable = false; - security.rtkit.enable = true; - services.pipewire = { - enable = true; - alsa.enable = true; - alsa.support32Bit = true; - pulse.enable = true; - }; - xdg.portal = { - enable = true; - config.common.default = "*"; - extraPortals = [pkgs.xdg-desktop-portal-wlr]; - }; - - users = { - mutableUsers = false; - custom.marie.enable = true; - }; - - fonts = { - enableDefaultPackages = true; - packages = with pkgs; [hack-nerdfont noto-fonts noto-fonts-cjk joypixels]; - fontconfig = {enable = true;}; - }; - - # This value determines the NixOS release from which the default - # settings for stateful data, like file locations and database versions - # on your system were taken. It‘s perfectly fine and recommended to leave - # this value at the release version of the first install of this system. - # Before changing this value read the documentation for this option - # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "21.11"; # Did you read the comment? - }; -} diff --git a/modules/base-system.nix b/modules/base-system.nix index 787ca96..23a5bb1 100644 --- a/modules/base-system.nix +++ b/modules/base-system.nix @@ -18,7 +18,6 @@ in { imports = [ ./hdparm.nix ./malte.nix - ./marie.nix ./deck.nix ./radicale.nix ./wakeup.nix diff --git a/modules/marie.nix b/modules/marie.nix deleted file mode 100644 index e3526bd..0000000 --- a/modules/marie.nix +++ /dev/null @@ -1,43 +0,0 @@ -{ - pkgs, - lib, - config, - ... -}: let - cfg = config.users.custom.marie; -in { - options.users.custom.marie = with lib; { - enable = mkEnableOption "Enable user 'marie' on this machine"; - }; - - config = lib.mkIf cfg.enable { - users.users.marie = { - isNormalUser = true; - extraGroups = [ - "wheel" - "networkmanager" - "video" - "lp" - "scanner" - config.users.groups.keys.name - ]; - hashedPassword = "$6$Fo/q41zf1/tI4dgX$.Y1bnBkGjwkRCOM2gg1yZtAjFQadjAVX8Eq8Llw5Y12ENOycBWtNaCVPli2P7gwNpLSg3p80iG.Zy.T1GR0NG0"; - # This is really just for my comfort - shell = pkgs.fish; - }; - - programs.fish.enable = true; - home-manager.users.marie.imports = [../users/marie/default.nix]; - - sops.secrets = let - sopsFile = ../secrets/users/marie/secrets.yaml; - owner = "marie"; - mode = "0400"; - in { - restic-backup-marie = { - inherit sopsFile owner mode; - key = "restic-backup"; - }; - }; - }; -} diff --git a/secrets/users/marie/secrets.yaml b/secrets/users/marie/secrets.yaml deleted file mode 100644 index 0385521..0000000 --- a/secrets/users/marie/secrets.yaml +++ /dev/null @@ -1,62 +0,0 @@ -sftp-key: ENC[AES256_GCM,data:4L7axQ32gzaNBXPzx6zb/cUcs+KWle+EF48TaQZs8J0OogrTW+gMiyk/Lz83Jcs1KucGZKtbxYdbvPDTqI9SNjVpR6FMgIQGJHfsNqyu2d37LTy9x1ztfgQfHz2wzUPbI/a0DWgnME1MsRI6qBtdWEyxz+Bnfnu4kknaO4JVognz8IzqY9Q3tVRViHuuqJ3e24pktUL5JbbfHI95Bd+uw96ZNaVM+gjElbaRbQMczJV14e/dda5zgjLVXJC5EB9JmXuaeQMIFqzqFUXYnhqo9J2HDzdA70XuZuPPoOY/2r669IEnZ1IdxGapUwjlN+ySvq6ZTELdC5snD2jUFkxp7Xtq7fjjFK751QLCDYE5+yGNlpBfT34fw01AZFwYhEbw/wweinS7tBDlBHersdZFHFJ38w2PlZKf6GD7ugdFW+drM9BXxN+ouqKznG0ChLxI/o37y/VTg6sbISwhHxZdjwH9305RvSWw7DHjE4xGv9gaRnE2hWXvoFDbWw1UxQzZKhXQehx2gVSMjQFFhvPYFV5qSpcdp5JK7Ah5,iv:7KSRNChXLvrQSZ/DQhwVhNQALB17yjO1s8Wmhkb/zwY=,tag:Ac9FSA9hl2U/zTRcJOyulQ==,type:str] -restic-backup: ENC[AES256_GCM,data:DUwBIQ1Jpx+9fMKJITPL7SjTOKnLYq96f8mRiJsf2mw=,iv:We05l/3NZDWf83IR5nhRz2gktn17LXPj0wmeqlPgkI4=,tag:fl3Ft0+4qY5wzP8nwiYXXA==,type:str] -sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age1un55h66zlhm4vmf7800q0c5n24zwpwvyllhmu68x33kkf2kwu9dsts8ztg - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBaTm9vOWFvMGYyNGpwOXd0 - WGRmeE9VTWVhT25rMkczTFIrZ2loUzhvbWlBCmJVbE5CYjVrdlVQM0xqVU9pZExj - VlZpQW9kSFJyWjN3L1JBRmdCTjVIYmsKLS0tIHdza094SzlFWnRpT3pmbG1JWDBS - RUptb1FtdVUyaG02SE1SaHIvczV4dlEKVtaE53EOuueKSdqLOyNFbx3z/erRUESs - 4lGQ06ahXqJHe/MOtZjly8TanLnMMyuG9xuY0kf1ZMCmHwMpy+neoA== - -----END AGE ENCRYPTED FILE----- - - recipient: age1txlfvwlahwjy3ujeefsp7ket5c575schwc24a07j4twu0jxzqgwse4n78a - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTMXhwNWRVS0M5bVdLNzVU - c2dhNWtXc2E5SDVMcWJobEVTaGhpTnhMQTBZClFIdTBONGFzRCtNaFhZeEZ4TXcv - K0JxNjYreDNuTkJqakhjYnpSdWpMVzQKLS0tIDg0bzRTQTY0Snl1a2hoVzJPamUw - NHZkU0Y1UHEzM2Q2SlN5WGtkaE9NZmsKTKlzaVya6cA/ieQTvYj1X6T5dXwjo2nb - FxI9x0+0yqxfJIsBmZihonrJW1SdMGRdaOR0FNefpQUHeKnnSW6Bww== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2023-11-18T10:15:55Z" - mac: ENC[AES256_GCM,data:4vdecKjXR8BK8vFsaBKYPzyPDzems8xYF4wg9oxv3FytcFLPzqGTzsmTsT9pI4LPitfd/8h126NMBx7T7zPdeDvQIcfEycQ+s7TAT8oTyaSix0KZn4r+JjbQgw9jG1ouk6RWqR+gnbEWiwbJpx2joOZdIcRBg2MUwcKJaKJZYlI=,iv:epGDMq2rXhDD+qct9BuNZq3yxdFRtzGDH6BvgOUtqiw=,tag:ZuoT7rgTabZa2SPNktUL5w==,type:str] - pgp: - - created_at: "2023-11-18T10:15:40Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA1TPiPeBUmHHAQ//faMxtFcP/xNWe8mzMILtsnOK1rqpGzGhi3aFZoeKKvPl - yPDi3RgQxf/G4dxuJbLDaSd5ZdvBEJcZDy/G6OuRNHR+kC+iwbFV/tGFA47UfhNe - OVqFKr+1q1iNn0E85zyXRIe8sAYkLQzRJMHBj7NHMiFbiIn5q3K3PMktArOwPvR3 - PZYHMQfw0q3V7Z/8O2fsBMA1IA9noCv6rEw9KkKxFdK6ZYNDWzQeg6RwW2K/lsB9 - BQKtyCMIUbXVBQCzymOT0J1jJwmZ5ZzCW3Ct61oq/gKRmm9fEQc+OFHUWAzyMvHb - hqNMkb9xDYuVcvHBAW4NJ/M3BuTx5HqoN62lTmhA7Jb2KzZ/A0ydMeS/BU+9A51h - gZG+XK7zEOXeyUY3z0kHtAkCrV/rL66sENkw9k835mV6Uq0onSo4V8vACOfsQTNq - 3VMupZrunz1W8WNLvkFqBa5tx6eqk+3PTz2qEMor7+8CSaQzc7W+AUkHejjig93H - pEOusUd3rywK7onw+xgT0ztujAQNtWgV5CzGQiNAaw4hXl7x4cbvZdqE6no0Coed - KozxMCb+SiLGBs4ImjOfZk64kNh30mxORw20PC0Nrx5Nq5cmCoaVr31qNZdIP7lz - eSOimjKiZfnTlyNFtTXE1wcTOn/qvCKpS9FsKB5t21gjbO5RbRnBBChRR3jC3vCF - AgwD0cvHqpYuZE0BD/0fdLnvnQAw3KPobuEm6Eufjaej2iNPvCMqNAyMZof7Gkgp - o/t+/IX/tKDi8MRCJWYFpTgIgUdhk8TrvWiQ8J3CplkEyzM62GP8rMRgjC5kmRua - BzukynwclDzt6NoJaP95jJVIWz6Yez8ATnFHVlmC1KxsSUdDq3sbfONaQLWO8q3A - qIul8+opu5SEq05T8gGiRKfTI8333N9zlrJU6aEn8gAc+7Xw5Q4U4L30HEuJj4/J - ZIx5C7ZyhvjI5/5bK9X64GN5TAFz8OSHGnvQPhY7yXQD98wfTzyZCj2nw4VmoVPE - 6Yje/GwNikh1gbAf/WxGk511m8VT9cm4N9q/9mUdPuvqUEkIbiCgX132/NjXpAcH - o0aSpburQGa5l/HnJHYA50/AVH+F9GqUmJFHDvXIQNUjUfTT5juuF+2lTYBFtpYi - x6UhdSC0InoKQPFDmznLRgNUBZykdDakCdXHA+YHqxsbRAUsi2NxrPaTkEQpQppi - 7XhEIu5a/guYswr4ynA8rERw4LmXls+AcIrAxUEHEjwkXkpOcEKxw1UaJkW02M7O - iR4pLE0JzvgXFi8UNgGN7V5EAlngR9zQ/Kk0tE7yyWXDSL5p5SLPuC4i8/HXW+2G - 0JZHEioNiEM3ELs3IgSK/IF3RoFnzZHEGSIfqI3CWgUNJieLTJQ39crj+m1sXNJe - Ac4g5Em4qQP6WRJYA/YD9RHZHe1X+F3f9E7OXzdY1XSBMkD72TXtodAeDqMw12u0 - RfFXwpLacvzXZ71J27KYB+UD75Dw2wbMzTEhVvyuNvoji4vlE86RhvnUD8/A9Q== - =uVJq - -----END PGP MESSAGE----- - fp: D5FEA546C06B3AEC97EB7F5A437B3369EAE401C4 - unencrypted_suffix: _unencrypted - version: 3.8.1 diff --git a/users/marie/default.nix b/users/marie/default.nix deleted file mode 100644 index 095946d..0000000 --- a/users/marie/default.nix +++ /dev/null @@ -1,81 +0,0 @@ -{ - pkgs, - lib, - ... -}: let - inherit (lib.hm.gvariant) mkTuple; - bg = pkgs.fetchurl { - url = "https://images.pexels.com/photos/2559941/pexels-photo-2559941.jpeg"; - hash = (builtins.import ../../hashes.nix).pexel-bg.hash; - }; - - operaFixed = lib.warn "Has opera been fixed yet? (https://github.com/NixOS/nixpkgs/pull/120891)" (pkgs.opera.overrideAttrs (old: { - buildInputs = - old.buildInputs - ++ [ - pkgs.libdrm - pkgs.mesa - ]; - })); -in { - imports = [ - ../modules/restic-backup.nix - ../modules/profiles-cleanup.nix - ]; - - config = { - home.packages = with pkgs; [ - bitwarden - element-desktop - fd - firefox-wayland - git - gnome.gnome-sound-recorder - libreoffice - okular - operaFixed - shotwell - signal-desktop - skypeforlinux - sshfs - tdesktop - texlive.combined.scheme-full - texmaker - ungoogled-chromium - unzip - ]; - - programs.fish.enable = true; - - xdg.enable = true; - - services.restic = { - enable = true; - paths = ["/home/marie/Uni" "/home/marie/Bilder" "/home/marie/Promotion"]; - }; - - programs.mpv = { - enable = true; - package = pkgs.mpv; - }; - - dconf.settings = { - "org/gnome/desktop/peripherals/touchpad" = { - tap-to-click = true; - two-finger-scrolling-enabled = true; - }; - "org/gnome/desktop/input-sources" = { - per-window = false; - sources = [(mkTuple ["xkb" "de"]) (mkTuple ["xkb" "us+workman"])]; - xkb-options = ["compose:rctrl"]; - }; - "org/gnome/desktop/interface" = { - enable-hot-corners = false; - show-battery-percentage = true; - }; - "org/gnome/desktop/background" = {picture-uri = "file://${bg}";}; - }; - - home.stateVersion = "18.09"; - }; -}