summaryrefslogtreecommitdiff
path: root/archetypes/tjkeller
diff options
context:
space:
mode:
Diffstat (limited to 'archetypes/tjkeller')
-rw-r--r--archetypes/tjkeller/default.nix10
-rw-r--r--archetypes/tjkeller/hosts.nix16
-rw-r--r--archetypes/tjkeller/localization.nix5
-rw-r--r--archetypes/tjkeller/nas.nix35
-rw-r--r--archetypes/tjkeller/printing.nix39
-rw-r--r--archetypes/tjkeller/resources/secrets/hashed-root-password.yaml25
-rw-r--r--archetypes/tjkeller/resources/secrets/wpa_supplicant-conf.yaml16
-rw-r--r--archetypes/tjkeller/user.nix22
-rw-r--r--archetypes/tjkeller/wifi.nix38
9 files changed, 0 insertions, 206 deletions
diff --git a/archetypes/tjkeller/default.nix b/archetypes/tjkeller/default.nix
deleted file mode 100644
index 6a9bbd9..0000000
--- a/archetypes/tjkeller/default.nix
+++ /dev/null
@@ -1,10 +0,0 @@
-{
- imports = [
- ./hosts.nix
- ./localization.nix
- ./nas.nix
- ./printing.nix
- ./user.nix
- ./wifi.nix
- ];
-}
diff --git a/archetypes/tjkeller/hosts.nix b/archetypes/tjkeller/hosts.nix
deleted file mode 100644
index 66c6ccc..0000000
--- a/archetypes/tjkeller/hosts.nix
+++ /dev/null
@@ -1,16 +0,0 @@
-{
- networking.hosts = {
- "192.168.1.9" = [ "optiplex" ];
- "192.168.1.30" = [ "localgit" ];
- "192.168.1.11" = [ "truenas-home" ];
- "192.168.77.11" = [ "truenas-office" ];
- "192.168.77.8" = [ "publicgit" "tjkeller" ];
- "192.168.77.3" = [ "devel" ];
- "173.9.253.3" = [
- "git.tjkeller.xyz"
- "piped.tjkeller.xyz"
- "search.tjkeller.xyz"
- "tjkeller.xyz"
- ];
- };
-}
diff --git a/archetypes/tjkeller/localization.nix b/archetypes/tjkeller/localization.nix
deleted file mode 100644
index 8313f07..0000000
--- a/archetypes/tjkeller/localization.nix
+++ /dev/null
@@ -1,5 +0,0 @@
-{
- time.timeZone = "America/Chicago";
- i18n.defaultLocale = "en_US.UTF-8";
- services.xserver.xkb.layout = "us";
-}
diff --git a/archetypes/tjkeller/nas.nix b/archetypes/tjkeller/nas.nix
deleted file mode 100644
index 1ed0ca3..0000000
--- a/archetypes/tjkeller/nas.nix
+++ /dev/null
@@ -1,35 +0,0 @@
-{ lib, config, ... } :
-let
- cfg = config._archetypes.tjkeller.nas;
- mkNetworkFileSystem = device: automount: {
- device = "${device}";
- fsType = "nfs";
- options = [ "defaults" ] ++ lib.optionals (!automount) [ "noauto" ];
- };
-in {
- options._archetypes.tjkeller.nas = {
- enable = lib.mkEnableOption "enable network shares";
- home = {
- enable = lib.mkEnableOption "enable home network shares";
- automount = lib.mkEnableOption "automount home network shares";
- };
- office = {
- enable = lib.mkEnableOption "enable office network shares";
- automount = lib.mkEnableOption "automount home network shares";
- };
- };
-
- config = lib.mkIf cfg.enable {
- fileSystems = lib.optionalAttrs cfg.home.enable {
- "/media/Storage/Media" = mkNetworkFileSystem "truenas-home:/mnt/Storage/Media" cfg.home.automount;
- "/media/Storage/Backups" = mkNetworkFileSystem "truenas-home:/mnt/Storage/Backups" cfg.home.automount;
- "/media/Storage/Tapes" = mkNetworkFileSystem "truenas-home:/mnt/Storage/Backups/Tapes" cfg.home.automount;
- "/media/Family Photos" = mkNetworkFileSystem "truenas-home:/mnt/Media/Photos" cfg.home.automount;
- } // lib.optionalAttrs cfg.office.enable {
- "/media/chexx/chexx" = mkNetworkFileSystem "truenas-office:/mnt/Storage/chexx" cfg.office.automount;
- "/media/chexx/tkdocs" = mkNetworkFileSystem "truenas-office:/mnt/Storage/Users/Tim-Keller" cfg.office.automount;
- "/media/chexx/scans" = mkNetworkFileSystem "truenas-office:/mnt/Storage/Scans" cfg.office.automount;
- };
- # TODO auto mkdirz
- };
-}
diff --git a/archetypes/tjkeller/printing.nix b/archetypes/tjkeller/printing.nix
deleted file mode 100644
index d5cceab..0000000
--- a/archetypes/tjkeller/printing.nix
+++ /dev/null
@@ -1,39 +0,0 @@
-{ lib, config, pkgs, ... }: {
- config = lib.mkIf config.services.printing.enable {
- # Printer drivers
- services.printing.drivers = [
- pkgs.epson-escpr2
- pkgs.workcentre-7800-series
- ];
-
- # Scanning programs
- environment.systemPackages = with pkgs; [
- epsonscan2
- ];
-
- # Printers
- networking.hosts = {
- "192.168.1.35" = [ "Epson_ET-8500" ];
- "192.168.77.40" = [ "Xerox_WorkCentre_7855" ];
- };
-
- # Add printers to cups
- hardware.printers.ensurePrinters = [
- {
- name = "Epson_ET-8500";
- description = "Epson ET-8500";
- location = "Home";
- deviceUri = "ipp://Epson_ET-8500:631/ipp/print";
- model = "epson-inkjet-printer-escpr2/Epson-ET-8500_Series-epson-escpr2-en.ppd";
- }
- #{
- # name = "Xerox_WorkCentre_7855";
- # description = "Xerox WorkCentre 7855";
- # location = "Office";
- # deviceUri = "ipp://Xerox_WorkCentre_7855:631/ipp/print";
- # model = "everywhere IPP Everywhere";
- #}
- ];
- hardware.printers.ensureDefaultPrinter = "Epson_ET-8500";
- };
-}
diff --git a/archetypes/tjkeller/resources/secrets/hashed-root-password.yaml b/archetypes/tjkeller/resources/secrets/hashed-root-password.yaml
deleted file mode 100644
index a42fd42..0000000
--- a/archetypes/tjkeller/resources/secrets/hashed-root-password.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-hashed-root-password: ENC[AES256_GCM,data:7Qgoeb/6JPNupkHCBEzCs0FMP2cDEw972bjCRWeMrBrAMZzLsZc3Mbv03s1zLztUp6Ie93R5lVsamxKPUnaPt+Tnr/l+0E9aTmt7j7L6UzmWr12nj3FHxxTSU9ief6+ioIk+S4eICJspIQ==,iv:VoWP4qBCGzuYRpQw4nilUXByJ+ZwyZR/BdKowi+53DM=,tag:x6A00VCm8BEOhtv/WySXrQ==,type:str]
-sops:
- age:
- - recipient: age1w80rc0dnuu8nw99gw64c596qqetm78jdnsqajr0u7ephykekr39qfz8vnv
- enc: |
- -----BEGIN AGE ENCRYPTED FILE-----
- YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2Z3dTbW1GUzgyRUwyZGtF
- alZSeFBmdEdhNER3UEtGRGd4MnliK1l1eGpJCm80SHFNZ3NZOTNxVkM4R3ZLY005
- OFVtUGN3OXZJblRxOFNMOFhsV25CS0EKLS0tIEE5SG5NekxWbytXY2xNeUN6TWhG
- RldJZms3RDFuRk40ck42Mkd5RTd4YVUKgyWE8Cs0yLO/82w2muGWTlcjY86BVSUy
- bFeIcQT33dEPiNUmynTqEGpN2NVQbfVDw17QbA9GNhGClanTTXmX4A==
- -----END AGE ENCRYPTED FILE-----
- - recipient: age1f0tmpy2nam58skmznjyqd3zf54rxtfrk6fda0vlpq9y3yg6wac7sjf0vja
- enc: |
- -----BEGIN AGE ENCRYPTED FILE-----
- YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxcUprWjBXTVlidTRwMEZ6
- WHE4dWp6OWtybkFCaTkyY2JyaWYrRHNhZWtNCi9xamwreEsyVFdnWWhJeUVsdUpT
- UHlkRVJZZTEvMDluTWNJSnRSUXN6Q0kKLS0tIHNsQk92SUd2ekowY0hvQi9LNjIx
- Q0oxVFNtRkpZTlVHeEY3YXFoSlc4Zk0K7RaqH/Qf2dTPBuCz9DH0xgU+Tq8ATKUq
- tfAuuAU9HBtLFiZjhWsZmj5XUy5Z18IiUKDIxlw41mNtbcsUnjm30w==
- -----END AGE ENCRYPTED FILE-----
- lastmodified: "2025-07-17T22:34:07Z"
- mac: ENC[AES256_GCM,data:B95HuJC2o8B+P1f9kAtJTcSty7YSAByuqe/Xs6ce6780p05FuzWM5X9bwvwsYXngGNKqCHksWf50UXzJ3eyc6y4ISxdxljAv2FmJFKw4NkfGaOMiRLlGPMn1uFpOtkRT+qL0+mupWG/Ap3zcpbxjsDx46PUur+e6yRxlAHw8mGw=,iv:DYobhWK+4+7vOog7BrBASiHrEzzz0P6zqgWxexfcLG8=,tag:skGwUpDEB8e3TCjrxs5peA==,type:str]
- unencrypted_suffix: _unencrypted
- version: 3.10.2
diff --git a/archetypes/tjkeller/resources/secrets/wpa_supplicant-conf.yaml b/archetypes/tjkeller/resources/secrets/wpa_supplicant-conf.yaml
deleted file mode 100644
index 2fd7a0e..0000000
--- a/archetypes/tjkeller/resources/secrets/wpa_supplicant-conf.yaml
+++ /dev/null
@@ -1,16 +0,0 @@
-wpa_supplicant-conf: ENC[AES256_GCM,data:QoHQhTuEsSCW/K2ArOzNMfpSV7RtyTgezg4bM6eyNwhBhuJ/fCExzrniZtFzZ3zfs+ROFOYYxkx5lu4N/AQ6xEdCjJ3DYKHpeveqQ3GcWaldDr6aUDxLnBmLGBgSskGoOOANCwGvXGtFsChlCah02/W3YIhLWKIC1pfw1t9ANw9ErtLt7Fxt8TphJ1n9KdCXCJCMFrDjWDTrvbDzrvkJh6EGJIoaXuJSN+9asKrFvTwXyvHPbJmw8ZRbYgtlJtv5c1Q+PZoMtEeBRI/q2y/xUX5nvhnyy3HO1CaZPq+2XP9w+Zz90PyehVvbFVSl3V3Wg3rg9uu/c1rRGgfNkVJSHdhN+7nWYobSI28uoA8L9oXono9mNYwfcN2c4R6xwW9yOH72KabKRbD0Qq0mXcwNjU0HNneqvnMFURbDVstWmKt39gHg2xoZkG774EEDdXBAmKe5nbj0wVk8TBPWPcyR8gQ3uQrXPElqC7CWHMvajzi/hq02gmzkq1DAiheVWHxVmSQUUP3M52vvFBDdWip4X7IM3r5H4uBmcF6wGHl7JS+okDno5BuInIXvrApDV3rTqnam7YeQZao9pbx8WRWg/ZQFUysiXf9tcAl4ror71+SLKa5MfeP9AV431DbcsrIS1XQ=,iv:7qdltuNvesslz32SfEXqu9WFu2uGOGg1sjfskfqfXnk=,tag:N1RhL1M9YtDlvxLBRC2gAg==,type:str]
-sops:
- age:
- - recipient: age1w80rc0dnuu8nw99gw64c596qqetm78jdnsqajr0u7ephykekr39qfz8vnv
- enc: |
- -----BEGIN AGE ENCRYPTED FILE-----
- YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxdXBUWXEvRU85Tk1lNWgz
- ZHpENjdudmRuaEJIeVRHOHlDbWNzK0tQMGs4CmV6MVBpdE5PMTBWMm1PcDVFQ2VM
- b0IwWDFxLy8xYUcxRVZFSEsyYlBFS1UKLS0tIHpCbDQ0a29TZlVFTGp4aXJCSmJ4
- ZGxqMFQ1NDk1OHJIOUd0cVV0dzNNQlkKzYX36u0rEq6dMTCJf6OON6LzcEEnAB5A
- +M9t3OKUUNtwgksjBUEwqBLJ1sU9amijpK63GUxwp74YDtsb0YXHiw==
- -----END AGE ENCRYPTED FILE-----
- lastmodified: "2025-07-17T22:33:44Z"
- mac: ENC[AES256_GCM,data:leJsAdcWFE0EA1syXfd7yDu1Ct+vTkKiHUEc46O31uUeaWVFwgH8EKC0ImqiHMgbDJv+a9UHm7GtsWy1aMQNVRBXL3R2HbNQkOqGkIIdGsrrbjslQl8UwI7wx1g2P3ORhlGRYXTscDUl53+e4i3YrYOEDDPL5EAWuQEWldJXLZc=,iv:banL6qqV2EqfZFKHn5dawUq95Ima06z8H6Kso1qRdcA=,tag:g6M95M6bT4UPTfiEZT4ljw==,type:str]
- unencrypted_suffix: _unencrypted
- version: 3.10.2
diff --git a/archetypes/tjkeller/user.nix b/archetypes/tjkeller/user.nix
deleted file mode 100644
index 2695549..0000000
--- a/archetypes/tjkeller/user.nix
+++ /dev/null
@@ -1,22 +0,0 @@
-{ lib, config, pkgs, userDetails, ... }: let
- cfg = config._archetypes.tjkeller.setPasswords;
- hashedPasswordFile = config.sops.secrets.hashed-root-password.path;
-in {
- options._archetypes.tjkeller.setPasswords = {
- enable = lib.mkEnableOption "set users password. requires hashed root password from sops";
- };
-
- config = lib.mkIf cfg.enable {
- # Load hashed root password secret
- sops.secrets.hashed-root-password = {
- sopsFile = ./resources/secrets/hashed-root-password.yaml;
- neededForUsers = true;
- };
-
- # Apply password file
- users.users = {
- root = { inherit hashedPasswordFile; };
- ${userDetails.username} = lib.mkIf config._archetypes.users.primary.enable { inherit hashedPasswordFile; };
- };
- };
-}
diff --git a/archetypes/tjkeller/wifi.nix b/archetypes/tjkeller/wifi.nix
deleted file mode 100644
index 32b6ef8..0000000
--- a/archetypes/tjkeller/wifi.nix
+++ /dev/null
@@ -1,38 +0,0 @@
-{ lib, config, ... }: let
- cfg = config._archetypes.tjkeller.wifi;
-in {
- options._archetypes.tjkeller.wifi = {
- enable = lib.mkEnableOption "enables wifi";
- };
-
- config = lib.mkIf cfg.enable {
- networking.wireless = {
- enable = true; # Enables wireless support via wpa_supplicant.
- userControlled.enable = true;
- allowAuxiliaryImperativeNetworks = true; # Networks defined in aux imperitive networks (/etc/wpa_supplicant.conf)
- };
-
- # Load wpa_supplicant.conf secret config
- sops.secrets.wpa_supplicant-conf = {
- sopsFile = ./resources/secrets/wpa_supplicant-conf.yaml;
- };
-
- # Link /etc/wpa_supplicant.conf -> secret config
- environment.etc."wpa_supplicant.conf" = {
- source = config.sops.secrets.wpa_supplicant-conf.path;
- };
-
- # This service is a workaround to ensure that secrets are available on
- # reboot when the secret keys are on a separate subvolume
- systemd.services.npcnix-force-rebuild-sops-hack = {
- wantedBy = [ "multi-user.target" ];
- before = [ "wpa_supplicant.service" ];
- serviceConfig = {
- ExecStart = "/run/current-system/activate";
- Type = "oneshot";
- Restart = "on-failure"; # because oneshot
- RestartSec = "10s";
- };
- };
- };
-}
generated by cgit v1.2.3 (git 2.25.1) at 2025-09-05 07:30:28 +0000