evan/nix
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

base

Browse Source
This commit is contained in:
Evan Reichard 2025-04-07 16:40:47 -04:00
parent e3d49f5328
commit 8bbb23c655
18 changed files with 111 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
.sops.yaml
View File

@ -1,7 +1,15 @@
keys: keys:
# Admin - Age Native
- &admin_reichard age1sac93wpnjcv62s7583jv6a4yspndh6k0r25g3qx3k7gq748uvafst6nz4w - &admin_reichard age1sac93wpnjcv62s7583jv6a4yspndh6k0r25g3qx3k7gq748uvafst6nz4w
# lin-va-mbp-personal@evanreichard - SSH Derived
- &user_lin-va-mbp-personal age17ayje4uv2mhwehhp9jr3u9l0ds07396kt7ef40sufx89vm7cgfjq6d5d4y
creation_rules: creation_rules:
- path_regex: secrets/[^/]+\.(yaml|json|env|ini)$ - path_regex: secrets/[^/]+\.(yaml|json|env|ini)$
key_groups: key_groups:
- age: - age:
- *admin_reichard - *admin_reichard
- path_regex: secrets/lin-va-mbp-personal/evanreichard/[^/]+\.(yaml|json|env|ini)$
key_groups:
- age:
- *admin_reichard
- *user_lin-va-mbp-personal

3
README.md
View File

@ -1,12 +1,11 @@
# Description # Description
This repository contains the configuration for multiple machines, as well as my home / IDE config (home-manager). This repository contains the configuration for multiple machines, as well as my home / IDE config (home-manager).
It takes heavy inspiration from [khaneliman/khanelinix](https://github.com/khaneliman/khanelinix).
### NixOS ### NixOS
```bash ```bash
sudo nixos-rebuild switch --flake .#lin-va-mbp-personal
``` ```
### NixOS Generators ### NixOS Generators

51
homes/aarch64-darwin/evanreichard@MBP-Personal/default.nix
View File

@ -1,51 +0,0 @@
{ pkgs, lib, config, namespace, ... }:
let
inherit (lib.${namespace}) enabled;
in
{
reichard = {
user = {
enable = true;
inherit (config.snowfallorg.user) name;
};
services = {
ssh-agent = enabled;
};
programs = {
graphical = {
ghostty = enabled;
};
terminal = {
btop = enabled;
direnv = enabled;
git = enabled;
k9s = enabled;
nvim = enabled;
};
};
};
# Global Packages
programs.jq = enabled;
programs.pandoc = enabled;
home.packages = with pkgs; [
android-tools
imagemagick
mosh
python311
texliveSmall # Pandoc PDF Dep
google-cloud-sdk
tldr
];
# SQLite Configuration
home.file.".sqliterc".text = ''
.headers on
.mode column
'';
home.stateVersion = "24.11";
}

0
homes/aarch64-darwin/evanreichard@MBP-Personal/README.md → homes/aarch64-darwin/evanreichard@mac-va-mbp-personal/README.md
View File

63
homes/aarch64-darwin/evanreichard@mac-va-mbp-personal/default.nix Executable file
View File

@ -0,0 +1,63 @@
{ pkgs, lib, config, namespace, ... }:
let
inherit (lib.${namespace}) enabled;
in
{
home.stateVersion = "24.11";
reichard = {
user = {
enable = true;
inherit (config.snowfallorg.user) name;
};
services = {
ssh-agent = enabled;
# TODO
# sops = {
# enable = true;
# defaultSopsFile = lib.snowfall.fs.get-file "secrets/mac-va-mbp-personal/evanreichard/default.yaml";
# sshKeyPaths = [ "${config.home.homeDirectory}/.ssh/id_ed25519" ];
# };
};
programs = {
graphical = {
ghostty = enabled;
ghidra = enabled;
browsers.firefox = {
enable = true;
gpuAcceleration = true;
hardwareDecoding = true;
};
};
terminal = {
btop = enabled;
direnv = enabled;
git = enabled;
k9s = enabled;
nvim = enabled;
};
};
};
# Global Packages
# programs.jq = enabled;
# programs.pandoc = enabled;
# home.packages = with pkgs; [
# android-tools
# imagemagick
# mosh
# python311
# texliveSmall # Pandoc PDF Dep
# google-cloud-sdk
# tldr
# ];
# SQLite Configuration
home.file.".sqliterc".text = ''
.headers on
.mode column
'';
}

15
homes/aarch64-darwin/evanreichard@MBP-Work/default.nix → homes/aarch64-darwin/evanreichard@mac-va-mbp-work/default.nix
View File

@ -3,6 +3,8 @@ let
inherit (lib.${namespace}) enabled; inherit (lib.${namespace}) enabled;
in in
{ {
home.stateVersion = "24.11";
reichard = { reichard = {
user = { user = {
enable = true; enable = true;
@ -11,11 +13,22 @@ in
services = { services = {
ssh-agent = enabled; ssh-agent = enabled;
# TODO
# sops = {
# enable = true;
# defaultSopsFile = lib.snowfall.fs.get-file "secrets/mac-va-mbp-work/evanreichard/default.yaml";
# sshKeyPaths = [ "${config.home.homeDirectory}/.ssh/id_ed25519" ];
# };
}; };
programs = { programs = {
graphical = { graphical = {
ghostty = enabled; ghostty = enabled;
browsers.firefox = {
enable = true;
gpuAcceleration = true;
hardwareDecoding = true;
};
}; };
terminal = { terminal = {
@ -47,6 +60,4 @@ in
.headers on .headers on
.mode column .mode column
''; '';
home.stateVersion = "24.11";
} }

0
homes/aarch64-linux/evanreichard@mbp-nixos/README.md → homes/aarch64-linux/evanreichard@lin-va-mbp-personal/README.md
View File

4
homes/aarch64-linux/evanreichard@mbp-nixos/default.nix → homes/aarch64-linux/evanreichard@lin-va-mbp-personal/default.nix
View File

@ -3,6 +3,8 @@ let
inherit (lib.${namespace}) enabled; inherit (lib.${namespace}) enabled;
in in
{ {
home.stateVersion = "24.11";
reichard = { reichard = {
user = { user = {
enable = true; enable = true;
@ -82,6 +84,4 @@ in
.headers on .headers on
.mode column .mode column
''; '';
home.stateVersion = "24.11";
} }

2
modules/nixos/services/openssh/default.nix
View File

@ -10,7 +10,7 @@ let
cfg = config.${namespace}.services.openssh; cfg = config.${namespace}.services.openssh;
authorizedKeys = [ authorizedKeys = [
# MBP-Personal NixOS # evanreichard@lin-va-mbp-personal
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILJJoyXQOv9cAjGUHrUcvsW7vY9W0PmuPMQSI9AMZvNY" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILJJoyXQOv9cAjGUHrUcvsW7vY9W0PmuPMQSI9AMZvNY"
]; ];
in in

21
secrets/lin-va-mbp-personal/evanreichard/default.yaml Normal file
View File

@ -0,0 +1,21 @@
rke2_kubeconfig: ENC[AES256_GCM,data:ZfqWAsIcx2h/cyrfkcyQXrO+dzYF7JRkplj3Y9mm4oEiQKeG7xeYdtNAE112PdFfLcI00HQRaKbzrcNBbG1M+kUQZROUk47sr7AqpeRxJIob1ZoTgwN98gQ1W0ikPFYBUw4HIVxmY9wuNyqDk54LNwu47A3hMUmCLEv8sPkk8r7lhA9Vf3HTtTbQBK8VBa5059YJyEIpZjMMaXPZReIR6Gka9qsZ4d1F1B8VYu+fBH2ZIKtG1HMCXzl/RvjaCqtlrk5AptooSQ/upOMq6omHWfBf8oty/0o6yasxYldMawetUW55TOm12QlgdmbDkXqeMAai03N3tj8zMESOVEHVxRzjosVTq4u5DzPAMmLFAk5NYaPpd5c6jlM2Gk7pT9v+X+n+GGYW9xfYLURe1sSy/yWmLXhEhOzLXkyc1T3M1bHWqnXDXfU1bhXWVLKwNDmuS96YWHb1o+Qr+3HTUCPQa70M9Va18O+pERD0Yj/Jz1HxwyAHKClRs06Lo73gl3eY7lOGhnafRSyxR91oMXs+ijSfFk8CNEA/PxKPaXUoKpDLpM6+iPnEmnsAT/kV9IrqnevsIABtzWMR6XHQbRodPowsx2zlSgzJfLkVZ37dsZawALv1FN/XOtrW53Zt8BGK3dIwIM1tRy6nR+UKoN8mQ4KI43MNZ7A7CagCAkWbs3AserDqU+4VYIF/biLVA9q+tZZory7lLraLpByVa2Mi1/JFUW23PyW6fa9nVvBDonzs5M4N7p4/Yw9rdWBWC/1ZQIvSKbTIla+mtDKX6GTlEAsaoJOFc+F8fX8FxGEZtxoXENshoyAvsQSihUbdsKkjDQAIcZ0lHAUKLJyJZSWFRkQsl64MkvBJwGedsMq/zzU8K96iBojYLQspPq8Yp612nxQahRyxAXWFvYAfMmxMqhSbEYuJA62DSUA1KwILZx7yPfKZWXLQzGDnpGyFRuORP+ZjANGXo1eqAED4cHqwZCHTo6q6Zh9zN4Y4jrO/z4G16PwheAi/WTJswzdI83J9FAR3TrKAGyf3a5hR03BNVHBbO+I6dX/Rhwp0eIdR0MPVXJE+CshcTixQNKWK7SRmpDQemAQq3g6c4i5DWB9PUlipkry+pcQzsz1omPLGjf/2Mz2CAdvPnjCYfeTeFxz42s6VJHBBd5Sgg/7ONQTj6QpvFhpP2u8aWmgbPnV3n0phejq9Bpj1lEEEN5JZlU2Swj6t6rtFD5fAZUu3L5FRPg5xZhCV0zu4VXuaEflPdidK35b0jIiz22qpAkw+/0vh36u+kkUOabgpnt+I3CqeCilRuq6tIvtIx2AHFZ4Y9WdfXpjd/BEl2GY8VrxSWzpXS0YYWiNwypJx/J1zzmZZO6G7QcKSpIuoULM4uneBlaZurjXdVT8QzupUmX+CVyXHZUTXX3tM0rFnuDG3uGjOUM+67kS/zd3LJk8fnY1awU08gTOrs7qIDIzqEaEVxvK60XcBqc4dDYG+FTKEOEOi88WGIZH12gFy49epciPaTQMxcKbRftE9R1fZNdze1PwX2lrm891KTBD7YwFJkUin88Ype7bQNI4Djyca0TumZjYKok1AoSzjLTJGYOmiZg9wYyN+6m/FrdM0krgUQzvErtfSFryX4XaLbpPJnpRcdzoiNzwwuVYMLn5mBhj4m08gjiiHQlVlSMSJxpXi6GdXqrMCDudDHyPX5LHh21e2wajZ59p1Y42Gew1dOOP+M/5/0PrwDvqKhUWgAp2q8PzQuQ+ZyCq63jVpTI0/BskiD1iQBwQFDN2A32V9xymnkuS1pKn9xnosNMWVR3R9l6sLQDxH6vJcCEqWvCmxg8n5nfPtgx0E+clmmFFHVQ/xmXbe1lKS1o/M5dLHDG3CdrUpSEf8IC7/qkhaG8d3EmKGFskwJcbpPSzCJfMLS1JuYGJL/m7jqSI5JJ+KzTlPQCjubW74+EEvScTIaQP7e+RtE60LbgkwLprIEfCao3I+P0W4YgqLfE/xF4NQ3qVy3vrXOVGJSR4e0R3rI9RiuHmYoduldqtLr8rhqVqbU33q9s1ifL/62Rh2ZnXcnP4w75eH1EtunucZ2ml9QwHbpG0liKrthvPlmUNVsOhWdwlUfHrCUs8sgLNwW98mgG+7Kva4edejNmaEq/43TtN/RBmrNanB0Dp2SIeEbYRFfLqWGCtIRJpeJF227ggJXxt3fZnCW1eiEihDLKfc3hz+7zo/QlkBkbbj9D1BRURieH7DCr8cvymKa1QL9nRl0aJzWvMg//Q8/nMA23qBays34s4EUrcDin6AnUZIu63eAvxtcesPDTVq31+NatLmty21VG3mk7s7yw1dDwJncCXQ6zYp+SOC90xMFUR++FYcpX6qFiRGk7qNln9hnllwu1SqQYgV/w9MmD6GYLk+/xCUWK3kbCjWZ0Nhxkk+A3snUealYeeK75fZfL8TlAkgKqpRL1KlY3jrDe2rgzQyrHb7AoLukf2RJcXwu3GBP9PLQjJSSJw3vEHltCDnt7YR2KRA5NvJw429brs/4RvkBlX2a593swY63YthWinhCs6I3kgiDVaycpiQit4HCwMATAnhkzD590QLgf/am+7vcQlxl1MCtG6V+mBSIDQw17kxfrq/P18MyKixtREI/TW2lT127JvMlH3Te3f5KDQNyWc5oUP8bsfvxpZ6nO6xrUY1pZ+1eCsapkNalLH5x4yk3viGHiWS7ow44jjaCDraL/YCvGN+7SHjDBIWRpt+/ncrjezxWJa2yN29y+JrJgRxHYmfmZVMHxPGZ9aexCRHxnTVgwlT577VTDltqYi9CC0kQmTPt3CZzSiOP8ht4gwHNuNjNus8qGT9w7nYd81ViCYV/VpMRKmq9cR3rY75U6BU8QO74hFTfDigmGBPxXwGuhWZEWMbmK1Xl867xybVj9UTHhdbgnhta0J9RXm29A9YL3RMdL/DDZNQGq2eMK4CDq2l9X7UdPqbJphXfCv1AmCdufdvzEAq8kVEw5+RQxEOVV0g84G8bH5dOKfOwr7b9Bogtg37+j5pLPJzcoRKl3NynlWMGZVcnkEgRqmzFreXAYIyScE16rIzeEHdL5ngvm9EcPQfAWz6CvylrK7Bl91pJonNYprSqHUO0F4K4/kscm4j90kD5wpGOcrwke2+OI3oqez7QPmfzKnYoSrtcXqbt9lnluqobdYsCHY6mUjn4utROUD+g7gW5yYkxC7R1ySvvt5t63rOX6QH4UP9Uz7dCpo831vMHQ8Am+VFNbLXirq6/2P4TKTnScSQh/OnJ8Sx0/zxbPAb3jwzmx/eFAd+eazL0hCGTnh/D0WxcqfxTItOllsKUGX+md2VAoJQLra07gMJlh1tuDk2+ZXjvOsoGOMAzswpKPLf6TVe5Yi4eEosDM8ZFkVSngF3qx4TB2NcuKl739qUvLf0eL461y7+doJcdC+sl19scJjlEBFmEU9YNoJ8T0m9nT5UIi7l0tuek2i9SpzQRjHym1Y12JsiYoTR83mTBMR33hChE9aMc0FBkNesVJ9SBWOtLsd1i/UxUyZIk/C8shVGPmYplT9QOO/RqwJtvTeOkhrEWQq9zRoGqKQJs+j6VatHOdqVweX4/0icBN5QamXwgH61c7RbT79MDCZHvHSKkAe+eNVw7y6+0ZgCxtiIbo3RJwdRGqy6XHGnRfzRbzjO9H26gBmWX+Z7ZfeHLghen/tOW/qEh+uT1TR+O71GnhOgd1QQh84vyE2U+lAzneHI2gVG8EzA8Ho/UGiXJALQPElkJzR3GXDXVAHAw8Q6wCjLnxpmpkJZEJiJ9uDktKkNdF5uM6oEfQbxpP8uWJQnK4sCaZOTBsqEzyBm+KUXOpt0PbGFmb+gfPHIpO6rNGdWJ/C9F63ZbWhMXfONuLCjMis86lLJimwYH9G0PQWrmh7ENuZB3/giYbVqUjD3yP44axfw,iv:zfbeDFKb3hHQFi9wEuDj8XRqTLhc+2AnJU1roGJVZkU=,tag:mwNz9UCO6lCDK5hMWNLfNw==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1sac93wpnjcv62s7583jv6a4yspndh6k0r25g3qx3k7gq748uvafst6nz4w
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0SnA3M2F0cXZjOGlFSTJw
aE9BNGJsQ1JzelFoQk4yMGlpN2dkVUR4ZUNvCmljSDhsVU4rUnowV2dIdlhZYnMy
aXo2OGZRd21PYk81ZE9pV05XSmpVOEEKLS0tIGhGNkVmTnVYRENEYlBxZXJTaExt
SC91WFNocEN2K1NFK2dBUHYwZTQrVFkKKb3AlaRX96vJwEmxNNAThTlO9ZwtD1tv
c6aBELEbmJFdHOcIJITzmS3YOssDOgTL2TbcSFu8mdAQYsRvxC96HA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-04-07T18:09:21Z"
mac: ENC[AES256_GCM,data:RxVXYkx4JD2l6zIcx051DSyw4yYMWdK23ssaw94jkxlICvDyeZy9aO9kC0bAYqn0iB2BDEdh/0rzNZeJHlkjKQx9+et82iwFdwC9GSTVl/FV39fr9YbsqFQGqMAEo/JqElul9Sjd5vgdC1xQOF+Jceo11F9LhDteOiFn2a3Sv5I=,iv:sb9ah+Tk39FUIDpq4g5YGScIku3w5tVlDDNyxuHS4OY=,tag:nC+yLdj/moS2+nMIzNAOdw==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.9.4

0
systems/aarch64-linux/mbp-nixos/default.nix → systems/aarch64-linux/lin-va-mbp-personal/default.nix
View File

0
systems/aarch64-linux/mbp-nixos/firmware/all_firmware.tar.gz → systems/aarch64-linux/lin-va-mbp-personal/firmware/all_firmware.tar.gz
View File

0
systems/aarch64-linux/mbp-nixos/firmware/kernelcache.release.mac14j → systems/aarch64-linux/lin-va-mbp-personal/firmware/kernelcache.release.mac14j
View File

0
systems/aarch64-linux/mbp-nixos/hardware-configuration.nix → systems/aarch64-linux/lin-va-mbp-personal/hardware-configuration.nix
View File

4
systems/x86_64-linux/nixos-builder/default.nix → systems/x86_64-linux/lin-va-nix-builder/default.nix
View File

@ -22,7 +22,7 @@ in
openssh = { openssh = {
enable = true; enable = true;
authorizedKeys = [ authorizedKeys = [
# MBP-Personal NixOS # evanreichard@lin-va-mbp-personal
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILJJoyXQOv9cAjGUHrUcvsW7vY9W0PmuPMQSI9AMZvNY" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILJJoyXQOv9cAjGUHrUcvsW7vY9W0PmuPMQSI9AMZvNY"
# NixOS Builder # NixOS Builder
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDF8QjeN8lpT+Mc70zwEJQqN9W/GKvTOTd32VgfNhVdN" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDF8QjeN8lpT+Mc70zwEJQqN9W/GKvTOTd32VgfNhVdN"
@ -34,7 +34,7 @@ in
users.users.${cfg.name} = { users.users.${cfg.name} = {
openssh = { openssh = {
authorizedKeys.keys = [ authorizedKeys.keys = [
# MBP-Personal NixOS # evanreichard@lin-va-mbp-personal
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILJJoyXQOv9cAjGUHrUcvsW7vY9W0PmuPMQSI9AMZvNY" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILJJoyXQOv9cAjGUHrUcvsW7vY9W0PmuPMQSI9AMZvNY"
# NixOS Builder # NixOS Builder
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDF8QjeN8lpT+Mc70zwEJQqN9W/GKvTOTd32VgfNhVdN" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDF8QjeN8lpT+Mc70zwEJQqN9W/GKvTOTd32VgfNhVdN"

0
systems/x86_64-linux/office-server/default.nix → systems/x86_64-linux/lin-va-office/default.nix
View File

0
systems/x86_64-linux/utility-desktop/default.nix → systems/x86_64-linux/lin-va-utility/default.nix
View File

0
systems/x86_64-vmware/rke2-node/default.nix → systems/x86_64-vmware/lin-va-rke2/default.nix
View File