sokai/mynixos-config
1
1
Fork 0
forked from mirrors_public/oddlama_nix-config
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat: change passwords and hide new hashes

Browse source
This commit is contained in:
oddlama 2023-05-22 23:53:45 +02:00
parent aaa1d88d46
commit f65b217a92
No known key found for this signature in database
GPG key ID: 14EFE510775FE39A
5 changed files with 13 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

1
README.md
View file

@ -12,6 +12,7 @@ This is my personal nix config.
- `hardware/` configuration for various hardware components - `hardware/` configuration for various hardware components
- `<something>.nix` commonly required configuration for `<something>` - `<something>.nix` commonly required configuration for `<something>`
- `<hostname>/` configuration for `<hostname>` - `<hostname>/` configuration for `<hostname>`
- `[microvms/]` configuration for microvms. This is optional even for existing microvms, since they can also be defined in-place.
- `secrets/` Local secrets for this host. Still theoretically accessible by other hosts, but owned by this one. - `secrets/` Local secrets for this host. Still theoretically accessible by other hosts, but owned by this one.
- `local.nix.age` Repository-wide local secrets. Decrypted on import via `builtins.extraBuiltins.rageImportEncrypted`. - `local.nix.age` Repository-wide local secrets. Decrypted on import via `builtins.extraBuiltins.rageImportEncrypted`.
- `[host.pub]` This host's public key. Used for agenix rekeying if it exists. - `[host.pub]` This host's public key. Used for agenix rekeying if it exists.

1
hosts/common/core/issue.nix
View file

@ -1,4 +1,5 @@
let let
# IP addresses: ${"${interface} \e{halfbright}\4{${interface}}\e{reset} \e{halfbright}\6{${interface}}\e{reset}"}
issue_text = '' issue_text = ''
\d \t \d \t
This is \e{cyan}\n\e{reset} [\e{lightblue}\l\e{reset}] (\s \m \r) This is \e{cyan}\n\e{reset} [\e{lightblue}\l\e{reset}] (\s \m \r)

BIN
secrets/global.nix.age
View file

Binary file not shown.

4
users/myuser/default.nix
View file

@ -5,12 +5,12 @@
stateVersion, stateVersion,
... ...
}: let }: let
inherit (config.repo.secrets.global) myuser; myuser = config.repo.secrets.global.myuser.name;
in { in {
users.groups.${myuser}.gid = config.users.users.${myuser}.uid; users.groups.${myuser}.gid = config.users.users.${myuser}.uid;
users.users.${myuser} = { users.users.${myuser} = {
uid = 1000; uid = 1000;
hashedPassword = "$6$YogAnKRz8qW2Gz.I$chgMKKrpPAfV0WuGN6ChOgUJistpCzFsHOT6mhHyj07mwI1kSfDJvnMB13frMvkpv2aGpXHVH.yxk5fYHeeET/"; inherit (config.repo.secrets.global.myuser) hashedPassword;
createHome = true; createHome = true;
group = myuser; group = myuser;
extraGroups = extraGroups =

6
users/root/default.nix
View file

@ -6,7 +6,7 @@
... ...
}: { }: {
users.users.root = { users.users.root = {
hashedPassword = "$6$EBo/CaxB.dQoq2W8$lo2b5vKgJlLPdGGhEqa08q3Irf1Zd1PcFBCwJOrG8lqjwbABkn1DEhrMh1P3ezwnww2HusUBuZGDSMa4nvSQg1"; inherit (config.repo.secrets.global.root) hashedPassword;
openssh.authorizedKeys.keys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA5Uq+CDy5Pmt3If5M6d8K/Q7HArU6sZ7sgoj3T521Wm"]; openssh.authorizedKeys.keys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA5Uq+CDy5Pmt3If5M6d8K/Q7HArU6sZ7sgoj3T521Wm"];
shell = pkgs.zsh; shell = pkgs.zsh;
}; };
@ -20,6 +20,10 @@
inherit stateVersion; inherit stateVersion;
inherit (config.users.users.root) uid; inherit (config.users.users.root) uid;
username = config.users.users.root.name; username = config.users.users.root.name;
packages = with pkgs; [
wireguard-tools
];
}; };
}; };
} }