diff --git a/nixosConfigurations/astora/users.nix b/nixosConfigurations/astora/users.nix index 2b79a07..6a2bca6 100644 --- a/nixosConfigurations/astora/users.nix +++ b/nixosConfigurations/astora/users.nix @@ -11,7 +11,7 @@ users.users.l-nafaryus = { isNormalUser = true; description = "L-Nafaryus"; - extraGroups = ["networkmanager" "wheel" "audio" "libvirtd" "input"]; + extraGroups = ["networkmanager" "wheel" "audio" "libvirtd" "input" "video"]; group = "users"; uid = 1000; initialPassword = "nixos"; @@ -124,6 +124,8 @@ cliphist tree bonPkgs.bonvim + + freenect ]; xdg.portal = { diff --git a/nixosConfigurations/catarina/users.nix b/nixosConfigurations/catarina/users.nix index 1757f44..541c3f0 100644 --- a/nixosConfigurations/catarina/users.nix +++ b/nixosConfigurations/catarina/users.nix @@ -8,13 +8,28 @@ users.users.l-nafaryus = { isNormalUser = true; + createHome = true; description = "L-Nafaryus"; extraGroups = ["networkmanager" "wheel"]; group = "users"; - uid = 1000; shell = pkgs.fish; hashedPasswordFile = config.sops.secrets."users/l-nafaryus".path; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG1YGp8AI48hJUSQBZpuKLpbj2+3Q09vq64NxFr0N1MS nafaryus" + ]; }; users.users.nginx.extraGroups = ["acme" "papermc"]; + + users.users.kirill = { + isNormalUser = true; + createHome = true; + description = "Kirill"; + extraGroups = ["networkmanager"]; + group = "users"; + shell = pkgs.bash; + openssh.authorizedKeys.keys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCuxRavm+add0e0ODmp1ZQ1h3qV/7Yi8/h+nRIykV7+RKiBwvNK9kOz+vjS0jEUwmW7CqvbjI/QexUkK3UdANSeuXk4HU3CSdPM//yIcoydpEVDkfNL80ZClHISjAg0HHnD2WZ5UzOFdm0av7/93zkh+BP9kabEQWV6qMfFqTQkd2vvOMJRUEz4jiAuXBb9wTMYmAhv0WDlNVPdkSJlTHjE1eSxHqEBnPDtX7I9BqxLRmEs7JTqR2P1FBUP3ILhOx7/g0gkIPZDc/5ce44+cyMVLTkV2lP08rh1J73JMyMUnyWy5FRC+znLOyrYvgsbuKteK21yYBrN6AQYrDoLKcKw084mz2a38CA0GnGHVbXzyDEB6HoC9eQt+FGUrrC6Z9V3aUrGIRUbPNXTjmks6BJH0X44sWj/oKoimkbi191ADEoV1lCmGSH+XfigjR+Dc8fWWm2ekmbfGMVEqbFPNJF+rgJbhOSLtpXmMacs7+4z2vKJYRUe3oHjPFLePk0XfJE= kirill" + ]; + }; } diff --git a/nixosModules/misc/bonfire/secrets/catarina.yaml b/nixosModules/misc/bonfire/secrets/catarina.yaml index 6d7493f..326f52f 100644 --- a/nixosModules/misc/bonfire/secrets/catarina.yaml +++ b/nixosModules/misc/bonfire/secrets/catarina.yaml @@ -1,22 +1,22 @@ -dns: ENC[AES256_GCM,data:KpOHrII24C6ahlJEeUlrv4tEp0tsxAhPMGSQOHJ47nqVdJMJ10s3pvOePDzJ8SmEtPz0Tgloh7/Vte2UVakvQc1ebc+5aUSK5X3ig/H8CWLk8QJ/whP4R7f349qf6w==,iv:t8/92X2GphLnWVINPdSyyRR/IdjwM4fn7/CcSCaGZ00=,tag:7AcIBWXQaptomREdPO32Cw==,type:str] +dns: ENC[AES256_GCM,data:KIcegw69ZEVY1VnSktZMMjaRhCJVCHn7BCAKvfR/iXs5AseDLVC025WRAy92UuuVYPwBvdHgRQUg8I6lrfr7RTHJooANHUK8D79c2+sAI/KsUw2ENh1tVgdW2A4enQ==,iv:12yEf+u0Ky0vktAfpAuG28mRSKDLyWlWHJ+9EPYqI4w=,tag:9MKTsAUfvzEyEzTd6ba/Jg==,type:str] users: - root: ENC[AES256_GCM,data:6eN4qRA1KR7djxYhy4mRU+nm9KXuW3lAecU9gFf+w3nj9uWd6jlZW8zk1hzKWvmjRljjujZeAMpacq6BR//gMjI00Z6SwzS0gQ==,iv:4Pj8kYmK28a+fBu8vMNXU+lSYz/7aDIBfUtzSkIAKwI=,tag:J2SEJ/VDw2NPwZKIHQx8xQ==,type:str] - l-nafaryus: ENC[AES256_GCM,data:YpKH5sbKW2F6EhcXHn0be6E9tEV+DNY6puFmhrqMi4XNqL0MRfyVybIj97PQMhnb1GaJxUPLvbIbA5FFBl68crI8rtP7QTgUJA==,iv:qkxRqaoUCn7hhvEcmqxvFwOO5IP0vR6kNHMbFXhuIEg=,tag:p+ReVMvufIStvwqU0R9mNw==,type:str] + root: ENC[AES256_GCM,data:nZpmZM0Ws9mVujJhqPKfSJwIqit23pc2TlF6k4iGEzQvf2iROyWN/+b212d/LiAWOoVl3tRkt7EcOiLsLu51DJnQtCGOWGcF5w==,iv:hbNMqy+OxbHsh77zT6a2Yb1lUXwVRvRF1PhSO/15keE=,tag:oe/Y2fWKHNiRamuhY+3xYQ==,type:str] + l-nafaryus: ENC[AES256_GCM,data:RJXjIcSWrG00IqneQVBpvPayVZ/mFNZ16digWF/GaNNGYy+bDPYkglTiMdy5/xfah8BMrwmfID4PKyEBtMiIEx8VlV55N+hJyg==,iv:noFYBRrWMg7dxqAbVuT7uOCK4mQk4U29kiECJLb6QCQ=,tag:dZs6TC8kI9ioRYfhcceT+Q==,type:str] database: - git: ENC[AES256_GCM,data:+/MlOAtWaGGZsBUfEYQlDuey2zQ062ojQOtCSQEPwpY=,iv:9ObyynAgtE3TUUX6cpFsi3phA2X54n4jycmPnpUJWRI=,tag:EHbnV2l4ZDkgwoVJ7aJ9hw==,type:str] + git: ENC[AES256_GCM,data:g5Fnb9R/LnKrB6rDQ0ss0wu9SZu7433xfUIzJQKG3SA=,iv:MHEclxa1ldE51hNe0zHsVv5BPdN5RELlkHgZGXxSdTo=,tag:zzKNB0/RehFPrhFQMi/g9w==,type:str] mail: - l-nafaryus: ENC[AES256_GCM,data:4aeQ9V1iwGEvl3jRuqoxlU/BEripuFyxcPJi7US9uh+e9gLgB99fg/9hP5Qo3O0bhsu7WJy56sQjaW1w,iv:dfh87LBj7V25zP9Xb2nS1/jW4EVU27AmPL/RmaHt6RA=,tag:03Hkuh2ToAgvQ0+RqjB0rQ==,type:str] - git: ENC[AES256_GCM,data:e5p5STYmxRno6a0Lh1YxhhGf7nMep+bD8EsDkWWj3ODNixeTBM/Y6uX3EJu5JwYuHYI313zJNhCNR/8x,iv:ajukCVT9Aia/4Tq2nqnsszdHC3NqvL5FqWZK8soyM04=,tag:+GjZYCaQKdBxqnQkOvEn0w==,type:str] - kirill: ENC[AES256_GCM,data:bSYdsFwflv+CLkA8XoBoah6lLhD3E1Akt/wkZ8GuYf9OL+LDJjkrcQBNArjIxm3JMnPSBuauRU2Qdlpa,iv:ycmaLmFL0oVU8djI/zDypDHcapi+AFgwwMq4nLzXbvY=,tag:70NV3WL7B3Xr6FIcZt5gNQ==,type:str] + l-nafaryus: ENC[AES256_GCM,data:8JGjpQxcytZhfYT2JFUspufCnwCISbzBbaY2gN8WpSrlSlhIxVBkcdFnuGl3EJ6kABFX3lEGZomVNtay,iv:9l/x5xiDvkJ8QeqK7LTtQ/nxTckMGTkgujSDLtfWMZM=,tag:6qVUxjgs6QB+MQwog1fksw==,type:str] + git: ENC[AES256_GCM,data:w6odytyieDSJCRdf6og7rX1274Xtd3Mn+Eg5tPFjQv3pN/OVJ1fRk7nGFmHlKqR2VEtUVFHyZHKW4J7+,iv:Lo9yyCNvBxUOlxhLo4PFfT7eZrwZ3d6Yue2U8MBlTfM=,tag:T41aErdaYDI6ns20EBOwyw==,type:str] + kirill: ENC[AES256_GCM,data:ZBFfZufBdRRaeXUWiISVPxGvou78kNn+U1nYSBJ7OR6IqyvZMec+/s3+dDiwySOJ58EYCCqUZ7pq05U0,iv:r+mHKvxfI32Y/AHVN0AQqj3OqkxECuU6LIFNzmGvZ5s=,tag:gJsG2pa2k4gBTD294DuNWg==,type:str] gitea: - mail: ENC[AES256_GCM,data:ET/XYFqT6GbfF2XvyET0V6axdmLioROw9G3bVqdQ,iv:OWqVEWBUA6DpabmsiGQmcIt4n8OkzCv6111iY1Z6zAU=,tag:k1/yUbEmsdLvLhy1jzQt3Q==,type:str] + mail: ENC[AES256_GCM,data:LFYWpjHPcu6CQgcUEVcFA0ewZRjzA36wsoATnVGj,iv:Jqn1+6xa+wdkmdG2z9b8jf4DzCqF0I0YSctbiMN2tKw=,tag:aQQJG9STQmnAu+Dp9lj6cg==,type:str] gitea-runner: - master-token: ENC[AES256_GCM,data:6UmLWkzk2wAhDUdjMy3k2eivlS6FcMYBI+vIwofQY4LFVjzqmfHE0BDHPBFHsZTUUg==,iv:MPW3QFK8+25UC8QIknVB7OYJtt4ueRW4gB9UNAKXW6A=,tag:OKfzfw2EXgXLmxY1xl4Pyg==,type:str] + master-token: ENC[AES256_GCM,data:hZc+sti6I1j3EQQc/wRb5exg0yO6+wq0NCdUJ6FN/wpwyhfWPdEJ5eWw+3bAsEpxdQ==,iv:uJXhf5DZtk1LROyfw8bn5ZjN329LbZyTlaSPMvzeNXs=,tag:IeGUODEvfELc2YS+TUP7/g==,type:str] papermc: - rcon: ENC[AES256_GCM,data:SToy3Ek60SGK,iv:gLhpc7Hl/asuVsUtqE2O4X3W1g0nWGBBfhCHe/8R43A=,tag:Iq9dZ/rXIcYxg7c+vMHUMQ==,type:str] -discordToken: ENC[AES256_GCM,data:HZUhIl/Y1toBrNF3VZS2BAnhNYuP8PxXAd+lWyH5cnwyRKnWbRL/U9SEMagvDNAf4wEfXHdHe99qW3kOIt3VwSThb7mYu0bvKZ8=,iv:ij0EzPAQMfv42uZFwH9LRUnWd+A194vzpvNNqgRqlnM=,tag:k5vrI66IJ7xo0eCzTgtVjg==,type:str] + rcon: ENC[AES256_GCM,data:t6EjQmR+7l9x,iv:Vg3Ht/FNDUSkpRcP4c3hR/GzXMFMH/uD1wkPGn/OyKQ=,tag:++OEAYFK2qE4gM/XMSGH+g==,type:str] +discordToken: ENC[AES256_GCM,data:oRNbi3uDJClyRJgKycvJAt+2ZPT3hU9AVGmB1XMGqObz6O0DpdBlsmSCbwXwhvD2U0cMLUx7fdehdDUXTnk5qLR/eBSwD/k0+0U=,iv:WXRo7iSRn+/4oeHuuEhQsDNrxw1pWt21GDLeinVOmV0=,tag:IHWpKGlkmHwDI7j9MHTbtg==,type:str] nix-store: - cache-key: ENC[AES256_GCM,data:znLobclHJkANZ2m266772Vs+WVWY7hvvzXwW1Y26MDQKDYM3UOCtCQO3+3QDlI/yNMJTkjH2e4sNg8tggVUqoUTilcAxZ65UYQyOc54Ki/wwOrasXn6R/3XlNihcnH1iXMyVMX4RypE=,iv:XFY4806eykp7Wd6o3iFUXCL065+AOswobPcu4f7vl2M=,tag:CKbOr3GMgQoCz2NnCYN7eA==,type:str] + cache-key: ENC[AES256_GCM,data:SH0lBYa6ELoraxKmWo+hb3+rFRjFbVm1mj0YiVKUua5pVnC8Weihk4haTJZ1zShc3ADuinyHD/Ns+576bajWoE5jSGHXlgWQ8P+5fMZ0BkmZEuP5kooWRBk5t1aZilM3LJavwsYiE6E=,iv:KpwDXIXtaiNgVgcUQJJOnA+YLXVhJwILeq2dX1XkXgo=,tag:4kTemsodW0bhW9joQAPzhA==,type:str] sops: kms: [] gcp_kms: [] @@ -26,23 +26,23 @@ sops: - recipient: age1u9xr3tmwskfsrxg6gus3hmh9eakjh2h22jklfmcu33kassaraues435vvc enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvbUlxS2V4YmlKUkRaVVdJ - Q3g0NC9VSU56V2QzZ0FwV21DOVpVWlpMZGpFCmxuRGtPT1MwTS9zKzZLRXNEalQ4 - QTZ1TnlGclY5b3dlODRhWXBmWmJqeDQKLS0tIHZpZCtsZTVBUFVGY3NwTzliRlB4 - TkV4WDJjeUthRW9nekZDc3JISlhvN0kK8AQHN7BXOuVqtMHABNTqzxGzijs2DcFI - FMr3TC9FXYaqWtWCiwtHM1VtogVl3GW4SSIvVTnDyrGUYCI2T5yrCQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvajllWmw2U2U3eDFvY0Uw + S09kTGV1RDZVTU42QmlOZXcwWFl2RWNQeldRCklsSERCUUJKS1BNbkt4MWtoWFl3 + ZG9BVUFoQ1h5ZGlFelNzMEtIQmliTjgKLS0tIHZCWFBHUEw2TE9Yc0tZemtkUkNN + eXgrOTk1S0tDWWpHUkIveWZZdlYvMTQKyZMAYr6n5figUX2YUAAA37nxA5r1tyXh + F7/l2T4R+cXq3Oywf5EtezOMdl9Xprk0ZoubzT55p0TPtYwCNk6Chg== -----END AGE ENCRYPTED FILE----- - recipient: age1wyz7cfldqe9hh8qyw2qm42hkq9s7qdwqnrnv0u3s6vstv9649v0sh0z4em enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxb1M1Mk1mdGxIb3FPTXo5 - eXh0K2IzVEJqbnhzOFdvL1NwbHZ5bzNjUlRzCmFURHVBQnJuYVZiY1RNRndoQ2NQ - NjB3c0NkdnBWWUp2SC9HdVJsc1kwdVEKLS0tIEtTSE5jNVRLcmx3L2N0WUhFRVd6 - Y2RtUklhRVBkTDcrTXlPT1BueVh0dGcKl7b3hxT11JqUb43EEJQaB29MZydiFfUp - ehlILpToT00MEW3JRDHw4rjtIsTj5eaPYN8Gxou/MuvVrkK6Y8OLkg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxSkt5NG4wdGVwMDlpMFhv + Vm56L1owRXJ2RTBhUVZ2aXpVVUVrZDV6M0FNCmYxTlNrQko0SmorWUV3VnRkOENK + RDJzQkk0dVA0UVdDWEtxRDJEZFpSWVUKLS0tIGc1NFUzb1dhWUZlQWdpNFA4ZC9J + cFBmaUV4SWx3K21UUDA2YlBVY1NCazgK080jE+EELtQf8PmlaZs4RR+gjJEeEiTn + wwZXV8ufOGtLLwFtYlm8pdMXDtVrBywcRdzSo6/e73Y+GFxulTIFCQ== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-07-12T08:17:47Z" - mac: ENC[AES256_GCM,data:wuTRY0nW5VBicfmMjQUgKY3tycRy9t8e4AOT8jG2Lwzj8SAw7apEK3El9DwHYwI2nPHGh46zoKro7n3whtnwxaqQbp91kZA3WpDOlg3jH0d022jDcFz6a3YBd/btcWNiqdiY441sKHwhdMwACmaUTaxy+NueSJz5F8thG7QsgNw=,iv:Ase4mwxUng1XBYTvK9uU1GS4RwVniuxOucNw1J0VrbI=,tag:+PqW5QsHg0KE/ppepXPw4Q==,type:str] + lastmodified: "2024-08-05T17:43:22Z" + mac: ENC[AES256_GCM,data:OMwzBcK+KEaxZNTxCnlhDmm9efUkOtMk7vZUfxV9bCny80CdQhp9dD9a9bRPwn+lzgTj3CZLhLAubB3Eh01dqrbZ3DQt/p6xFQ54kCX0a18AHVSIrDcYQNez0MLcOI56RvJDofsO5Dh3i2sFXZ/gaxEjPBQPxlbH1KOrjCm480w=,iv:70i/TOlDF8Vru5FBu0fVb9IkG+Fg83zqcrcuyiHEHBc=,tag:A5qPz8KQl33Z5uHzMlTA0Q==,type:str] pgp: [] unencrypted_suffix: _unencrypted - version: 3.8.1 + version: 3.9.0