diff --git a/flake.lock b/flake.lock index ab510d1..7ef6959 100644 --- a/flake.lock +++ b/flake.lock @@ -88,11 +88,11 @@ "nixpkgs": "nixpkgs" }, "locked": { - "lastModified": 1754727511, - "narHash": "sha256-iRqRCeeXEQ5HSB6zI6Wja7ZfY0PPRx5yelgjtoX2iMo=", + "lastModified": 1756028045, + "narHash": "sha256-j6ehEdta7YnXtk42cdYQEElCKfnbe24yfeHJwszgyes=", "owner": "catppuccin", "repo": "nix", - "rev": "7b55c4947c02f79dfd249432ccb0ada2726c29e2", + "rev": "ad015344f592b6ebb82de853b747dd577926ec77", "type": "github" }, "original": { @@ -118,11 +118,11 @@ }, "crane_2": { "locked": { - "lastModified": 1750266157, - "narHash": "sha256-tL42YoNg9y30u7zAqtoGDNdTyXTi8EALDeCB13FtbQA=", + "lastModified": 1754269165, + "narHash": "sha256-0tcS8FHd4QjbCVoxN9jI+PjHgA4vc/IjkUSp+N3zy0U=", "owner": "ipetkov", "repo": "crane", - "rev": "e37c943371b73ed87faf33f7583860f81f1d5a48", + "rev": "444e81206df3f7d92780680e45858e31d2f07a08", "type": "github" }, "original": { @@ -138,11 +138,11 @@ ] }, "locked": { - "lastModified": 1753140376, - "narHash": "sha256-7lrVrE0jSvZHrxEzvnfHFE/Wkk9DDqb+mYCodI5uuB8=", + "lastModified": 1756115622, + "narHash": "sha256-iv8xVtmLMNLWFcDM/HcAPLRGONyTRpzL9NS09RnryRM=", "owner": "nix-community", "repo": "disko", - "rev": "545aba02960caa78a31bd9a8709a0ad4b6320a5c", + "rev": "bafad29f89e83b2d861b493aa23034ea16595560", "type": "github" }, "original": { @@ -407,11 +407,11 @@ ] }, "locked": { - "lastModified": 1754613544, - "narHash": "sha256-ueR1mGX4I4DWfDRRxxMphbKDNisDeMPMusN72VV1+cc=", + "lastModified": 1756022458, + "narHash": "sha256-J1i35r4HfNDdPpwL0vOBaZopQudAUVtartEerc1Jryc=", "owner": "nix-community", "repo": "home-manager", - "rev": "cc2fa2331aebf9661d22bb507d362b39852ac73f", + "rev": "9e3a33c0bcbc25619e540b9dfea372282f8a9740", "type": "github" }, "original": { @@ -427,11 +427,11 @@ "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1754639028, - "narHash": "sha256-w1+XzPBAZPbeGLMAgAlOjIquswo6Q42PMep9KSrRzOA=", + "lastModified": 1755931229, + "narHash": "sha256-j8ghatY34DbEnHe42r8VtAe05WyMUK+d66uGKsfLbbk=", "owner": "Jovian-Experiments", "repo": "Jovian-NixOS", - "rev": "d49809278138d17be77ab0ef5506b26dc477fa62", + "rev": "bcad5af8eb475df936f6cf2d04b076dc6784af95", "type": "github" }, "original": { @@ -492,11 +492,11 @@ ] }, "locked": { - "lastModified": 1754195341, - "narHash": "sha256-YL71IEf2OugH3gmAsxQox6BJI0KOcHKtW2QqT/+s2SA=", + "lastModified": 1756008611, + "narHash": "sha256-rfTBWuTXi9/X7GhtF562FKNXKh2kvKb6dwI5lV1SjPE=", "owner": "nix-community", "repo": "nix-index-database", - "rev": "b7fcd4e26d67fca48e77de9b0d0f954b18ae9562", + "rev": "52dec1cb33a614accb9e01307e17816be974d24d", "type": "github" }, "original": { @@ -543,11 +543,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1754564048, - "narHash": "sha256-dz303vGuzWjzOPOaYkS9xSW+B93PSAJxvBd6CambXVA=", + "lastModified": 1755330281, + "narHash": "sha256-aJHFJWP9AuI8jUGzI77LYcSlkA9wJnOIg4ZqftwNGXA=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "26ed7a0d4b8741fe1ef1ee6fa64453ca056ce113", + "rev": "3dac8a872557e0ca8c083cdcfc2f218d18e113b0", "type": "github" }, "original": { @@ -559,11 +559,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1753694789, - "narHash": "sha256-cKgvtz6fKuK1Xr5LQW/zOUiAC0oSQoA9nOISB0pJZqM=", + "lastModified": 1755615617, + "narHash": "sha256-HMwfAJBdrr8wXAkbGhtcby1zGFvs+StOp19xNsbqdOg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "dc9637876d0dcc8c9e5e22986b857632effeb727", + "rev": "20075955deac2583bb12f07151c2df830ef346b4", "type": "github" }, "original": { @@ -591,11 +591,11 @@ }, "nixpkgs-edge": { "locked": { - "lastModified": 1754746130, - "narHash": "sha256-HV0PzHvAhy6Nq667yrMl/VtsUpUL1R4GSieYr440YCE=", + "lastModified": 1756125962, + "narHash": "sha256-lPH73WcPmqs1o3tzczrqEAGKCIZmTrJG++uzrKb2rMk=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "abc81cb62ac76ba2105e55ce969f6e7bd1a860d3", + "rev": "215c901e6caa3a87579dbab4edc6adcea4fb4359", "type": "github" }, "original": { @@ -606,11 +606,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1754498491, - "narHash": "sha256-erbiH2agUTD0Z30xcVSFcDHzkRvkRXOQ3lb887bcVrs=", + "lastModified": 1755615617, + "narHash": "sha256-HMwfAJBdrr8wXAkbGhtcby1zGFvs+StOp19xNsbqdOg=", "owner": "nixos", "repo": "nixpkgs", - "rev": "c2ae88e026f9525daf89587f3cbee584b92b6134", + "rev": "20075955deac2583bb12f07151c2df830ef346b4", "type": "github" }, "original": { @@ -622,11 +622,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1753694789, - "narHash": "sha256-cKgvtz6fKuK1Xr5LQW/zOUiAC0oSQoA9nOISB0pJZqM=", + "lastModified": 1755027561, + "narHash": "sha256-IVft239Bc8p8Dtvf7UAACMG5P3ZV+3/aO28gXpGtMXI=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "dc9637876d0dcc8c9e5e22986b857632effeb727", + "rev": "005433b926e16227259a1843015b5b2b7f7d1fc3", "type": "github" }, "original": { @@ -654,11 +654,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1754498491, - "narHash": "sha256-erbiH2agUTD0Z30xcVSFcDHzkRvkRXOQ3lb887bcVrs=", + "lastModified": 1755615617, + "narHash": "sha256-HMwfAJBdrr8wXAkbGhtcby1zGFvs+StOp19xNsbqdOg=", "owner": "nixos", "repo": "nixpkgs", - "rev": "c2ae88e026f9525daf89587f3cbee584b92b6134", + "rev": "20075955deac2583bb12f07151c2df830ef346b4", "type": "github" }, "original": { @@ -718,11 +718,11 @@ }, "nixpkgs_8": { "locked": { - "lastModified": 1750865895, - "narHash": "sha256-p2dWAQcLVzquy9LxYCZPwyUdugw78Qv3ChvnX755qHA=", + "lastModified": 1754800730, + "narHash": "sha256-HfVZCXic9XLBgybP0318ym3cDnGwBs/+H5MgxFVYF4I=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "61c0f513911459945e2cb8bf333dc849f1b976ff", + "rev": "641d909c4a7538f1539da9240dedb1755c907e40", "type": "github" }, "original": { @@ -857,11 +857,11 @@ ] }, "locked": { - "lastModified": 1750905536, - "narHash": "sha256-Mo7yXM5IvMGNvJPiNkFsVT2UERmnvjsKgnY6UyDdySQ=", + "lastModified": 1754880555, + "narHash": "sha256-tG6l0wiX8V8IvG4HFYY8IYN5vpNAxQ+UWunjjpE6SqU=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "2fa7c0aabd15fa0ccc1dc7e675a4fcf0272ad9a1", + "rev": "17c591a44e4eb77f05f27cd37e1cfc3f219c7fc4", "type": "github" }, "original": { @@ -879,11 +879,11 @@ "nixpkgs-25_05": "nixpkgs-25_05" }, "locked": { - "lastModified": 1754605910, - "narHash": "sha256-kVWxzm44ywJTb4REfwWCYXnROISykG0yE+X5A3Gov24=", + "lastModified": 1755996068, + "narHash": "sha256-+KP2Lu813lX0sfKTP6Nc4ulaE/EDIDmWUQVX9S850Yg=", "owner": "simple-nixos-mailserver", "repo": "nixos-mailserver", - "rev": "57d9624c71ca65bee69b30d72b11f6c5257e9500", + "rev": "cc5f1804270d138f268a6f2d64c383fb4cf59ad0", "type": "gitlab" }, "original": { @@ -898,11 +898,11 @@ "nixpkgs": "nixpkgs_6" }, "locked": { - "lastModified": 1754328224, - "narHash": "sha256-glPK8DF329/dXtosV7YSzRlF4n35WDjaVwdOMEoEXHA=", + "lastModified": 1754988908, + "narHash": "sha256-t+voe2961vCgrzPFtZxha0/kmFSHFobzF00sT8p9h0U=", "owner": "Mic92", "repo": "sops-nix", - "rev": "49021900e69812ba7ddb9e40f9170218a7eca9f4", + "rev": "3223c7a92724b5d804e9988c6b447a0d09017d48", "type": "github" }, "original": { @@ -930,11 +930,11 @@ "tinted-zed": "tinted-zed" }, "locked": { - "lastModified": 1754597531, - "narHash": "sha256-OpC9/PBIuL2WEJUkcuD/wVxI8r+3o6f5RylSIefjHo4=", + "lastModified": 1755997543, + "narHash": "sha256-/fejmCQ7AWa655YxyPxRDbhdU7c5+wYsFSjmEMXoBCM=", "owner": "danth", "repo": "stylix", - "rev": "63bb34a66ad7d1af2e95ee20dd675896b2074c32", + "rev": "f47c0edcf71e802378b1b7725fa57bb44fe85ee8", "type": "github" }, "original": { @@ -1077,11 +1077,11 @@ "rust-overlay": "rust-overlay_2" }, "locked": { - "lastModified": 1753722377, - "narHash": "sha256-L9CujCLS4PmpEhGKqezD4DognRNcYDz/oAL7T8jqCxk=", + "lastModified": 1754932774, + "narHash": "sha256-gJQZS6M2x5oPs089/9kAy0EIriEauUKEm0UNF7HEl6o=", "owner": "dj95", "repo": "zjstatus", - "rev": "f6c28d9b780891afa693d1b9be4384b16ae7a578", + "rev": "0a963622fa5cd3d62d6ee9b82f78eacd52ae5647", "type": "github" }, "original": { diff --git a/home-manager/desktop/package-configs/plasma-desktop/default.nix b/home-manager/desktop/package-configs/plasma-desktop/default.nix index ee3c721..721e0ba 100644 --- a/home-manager/desktop/package-configs/plasma-desktop/default.nix +++ b/home-manager/desktop/package-configs/plasma-desktop/default.nix @@ -28,6 +28,22 @@ target = ".config/kdeconnect/config"; force = true; }; + home.file."Games/.directory" = { + text = '' + [Desktop Entry] + Icon=folder-games + ''; + target = "Games/.directory"; + force = true; + }; + home.file."Code/.directory" = { + text = '' + [Desktop Entry] + Icon=folder-script + ''; + target = "Code/.directory"; + force = true; + }; programs.plasma = { enable = true; diff --git a/home-manager/hosts/EDI/lillian.nix b/home-manager/hosts/EDI/lillian.nix index 5aa1c76..6d2719a 100644 --- a/home-manager/hosts/EDI/lillian.nix +++ b/home-manager/hosts/EDI/lillian.nix @@ -20,5 +20,5 @@ ]; # https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion - home.stateVersion = "25.05"; + home.stateVersion = "25.11"; } diff --git a/home-manager/hosts/GLaDOS/lillian.nix b/home-manager/hosts/GLaDOS/lillian.nix index cc55531..7097090 100644 --- a/home-manager/hosts/GLaDOS/lillian.nix +++ b/home-manager/hosts/GLaDOS/lillian.nix @@ -30,5 +30,5 @@ }; # https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion - home.stateVersion = "25.05"; + home.stateVersion = "25.11"; } diff --git a/home-manager/hosts/shodan/lillian.nix b/home-manager/hosts/shodan/lillian.nix index d763022..7a115b0 100644 --- a/home-manager/hosts/shodan/lillian.nix +++ b/home-manager/hosts/shodan/lillian.nix @@ -110,5 +110,5 @@ programs.plasma.kscreenlocker.passwordRequired = false; # https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion - home.stateVersion = "25.05"; + home.stateVersion = "25.11"; } diff --git a/home-manager/hosts/wheatley/lillian.nix b/home-manager/hosts/wheatley/lillian.nix index 9bd29f7..d190612 100644 --- a/home-manager/hosts/wheatley/lillian.nix +++ b/home-manager/hosts/wheatley/lillian.nix @@ -35,5 +35,5 @@ }; # https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion - home.stateVersion = "25.05"; + home.stateVersion = "25.11"; } diff --git a/nixos/desktop/default.nix b/nixos/desktop/default.nix index fbb0ea7..41689cc 100644 --- a/nixos/desktop/default.nix +++ b/nixos/desktop/default.nix @@ -36,7 +36,6 @@ dvt servo restart - freetube-0236 # System tools aha @@ -92,7 +91,7 @@ #rustdesk ]) ++ (with pkgs-edge; [ - # freetube + freetube # list of latest packages from nixpkgs master # Can be used to install latest version of some packages ]); @@ -107,7 +106,7 @@ programs = { # Allow executing of anything on the system with a , eg: , python executes python from the nix store even if not in $PATH currently command-not-found.enable = lib.mkForce false; - nix-index.enable = true; + # nix-index.enable = true; nix-index-database.comma.enable = true; direnv = { diff --git a/nixos/hosts/EDI/configuration.nix b/nixos/hosts/EDI/configuration.nix index d52551f..373915f 100644 --- a/nixos/hosts/EDI/configuration.nix +++ b/nixos/hosts/EDI/configuration.nix @@ -57,5 +57,5 @@ }; # https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion - system.stateVersion = "25.05"; + system.stateVersion = "25.11"; } diff --git a/nixos/hosts/GLaDOS/configuration.nix b/nixos/hosts/GLaDOS/configuration.nix index adf2633..4d01abb 100644 --- a/nixos/hosts/GLaDOS/configuration.nix +++ b/nixos/hosts/GLaDOS/configuration.nix @@ -96,5 +96,5 @@ users.users.lillian.extraGroups = ["gamemode"]; # https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion - system.stateVersion = "25.05"; + system.stateVersion = "25.11"; } diff --git a/nixos/hosts/queen/configuration.nix b/nixos/hosts/queen/configuration.nix index 40d1028..e0041fa 100644 --- a/nixos/hosts/queen/configuration.nix +++ b/nixos/hosts/queen/configuration.nix @@ -3,6 +3,7 @@ outputs, lib, pkgs, + config, ... }: { imports = [ @@ -90,6 +91,30 @@ enable = false; }; + systemd = { + services."upgrade-nextcloud" = { + path = with pkgs; [nextcloud31]; + enable = true; + unitConfig = { + after = "nextcloud-setup.service"; + }; + serviceConfig = { + Type = "oneshot"; + ExecStart = "${config.services.nextcloud.occ}/bin/nextcloud-occ upgrade"; + RemainAfterExit = "yes"; + }; + }; + + timers."upgrade-nextcloud" = { + wantedBy = ["timers.target"]; + partOf = ["upgrade-nextcloud.service"]; + timerConfig = { + OnCalendar = "daily"; + Unit = "nextcloud-setup.service"; + }; + }; + }; + networking = { domain = ""; @@ -192,5 +217,5 @@ }; # https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion - system.stateVersion = "25.05"; + system.stateVersion = "25.11"; } diff --git a/nixos/hosts/shodan/configuration.nix b/nixos/hosts/shodan/configuration.nix index 1f5594c..accf28c 100644 --- a/nixos/hosts/shodan/configuration.nix +++ b/nixos/hosts/shodan/configuration.nix @@ -275,5 +275,5 @@ }; # https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion - system.stateVersion = "25.05"; + system.stateVersion = "25.11"; } diff --git a/nixos/hosts/wheatley/configuration.nix b/nixos/hosts/wheatley/configuration.nix index b39a571..9402ef1 100644 --- a/nixos/hosts/wheatley/configuration.nix +++ b/nixos/hosts/wheatley/configuration.nix @@ -29,7 +29,7 @@ programs = { # Allow executing of anything on the system with a , eg: , python executes python from the nix store even if not in $PATH currently command-not-found.enable = lib.mkForce false; - nix-index.enable = true; + # nix-index.enable = true; nix-index-database.comma.enable = true; }; services = { @@ -220,6 +220,34 @@ # wg public key for host: A02sO7uLdgflhPIRd0cbJONIaPP4z8HTxDkmX4NegFg= # TODO: generate this dynamically based on other hosts + mullvad = { + address = ["10.70.93.226/32" "fc00:bbbb:bbbb:bb01::7:5de1/128"]; + privateKeyFile = lib.mkForce config.sops.secrets."wg-private-key".path; + dns = ["100.64.0.7"]; + extraOptions = { + FwMark = 51820; + }; + + postUp = '' + ${pkgs.iproute2}/bin/ip rule add from 192.168.2.43 table main + ${pkgs.iptables}/bin/iptables -t mangle -A PREROUTING -i end0 -j CONNMARK --set-mark 51820 + ${pkgs.iptables}/bin/iptables -t mangle -A PREROUTING -m connmark --mark 51820 -j MARK --set-mark 51820 + ''; + + preDown = '' + ${pkgs.iproute2}/bin/ip rule del from 192.168.2.43 table main + ${pkgs.iptables}/bin/iptables -t mangle -D PREROUTING -i end0 -j CONNMARK --set-mark 51820 + ${pkgs.iptables}/bin/iptables -t mangle -D PREROUTING -m connmark --mark 51820 -j MARK --set-mark 51820 + ''; + + peers = [ + { + publicKey = "UrQiI9ISdPPzd4ARw1NHOPKKvKvxUhjwRjaI0JpJFgM="; + allowedIPs = ["0.0.0.0/0" "::0/0"]; + endpoint = "193.32.249.66:51820"; + } + ]; + }; wg1 = { # Determines the IP address and subnet of the server's end of the tunnel interface. address = ["10.0.0.1/24" "fdc9:281f:04d7:9ee9::1/64"]; @@ -229,22 +257,26 @@ # This allows the wireguard server to route your traffic to the internet and hence be like a VPN postUp = '' - ${pkgs.iptables}/bin/iptables -A FORWARD -i wg0 -j ACCEPT - ${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -s 10.0.0.1/24 -o eth0 -j MASQUERADE - ${pkgs.iptables}/bin/ip6tables -A FORWARD -i wg0 -j ACCEPT - ${pkgs.iptables}/bin/ip6tables -t nat -A POSTROUTING -s fdc9:281f:04d7:9ee9::1/64 -o eth0 -j MASQUERADE + ${pkgs.iptables}/bin/iptables -A FORWARD -i wg1 -j ACCEPT + ${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -s mullvad -o end0 -j MASQUERADE + ${pkgs.iptables}/bin/ip6tables -A FORWARD -i wg1 -j ACCEPT + ${pkgs.iptables}/bin/ip6tables -t nat -A POSTROUTING -s mullvad -o end0 -j MASQUERADE ''; # Undo the above preDown = '' - ${pkgs.iptables}/bin/iptables -D FORWARD -i wg0 -j ACCEPT - ${pkgs.iptables}/bin/iptables -t nat -D POSTROUTING -s 10.0.0.1/24 -o eth0 -j MASQUERADE - ${pkgs.iptables}/bin/ip6tables -D FORWARD -i wg0 -j ACCEPT - ${pkgs.iptables}/bin/ip6tables -t nat -D POSTROUTING -s fdc9:281f:04d7:9ee9::1/64 -o eth0 -j MASQUERADE + ${pkgs.iptables}/bin/iptables -D FORWARD -i wg1 -j ACCEPT + ${pkgs.iptables}/bin/iptables -t nat -D POSTROUTING -s mullvad -o end0 -j MASQUERADE + ${pkgs.iptables}/bin/ip6tables -D FORWARD -i wg1 -j ACCEPT + ${pkgs.iptables}/bin/ip6tables -t nat -D POSTROUTING -s mullvad -o end0 -j MASQUERADE ''; privateKeyFile = lib.mkForce config.sops.secrets."wg-private-key".path; + extraOptions = { + FwMark = 51820; + }; + peers = [ { #GLaDOS public key @@ -351,6 +383,6 @@ services.cage.enable = true; nixpkgs.config.kodi.enableAdvancedLauncher = true; - system.stateVersion = "25.05"; + system.stateVersion = "25.11"; nixpkgs.hostPlatform = lib.mkForce "aarch64-linux"; } diff --git a/nixos/shared/default.nix b/nixos/shared/default.nix index 0fa24d4..cd85ee7 100644 --- a/nixos/shared/default.nix +++ b/nixos/shared/default.nix @@ -90,13 +90,15 @@ # grub.enable = false; }; - programs.zsh = { - enable = true; - }; + programs = { + zsh = { + enable = true; + }; - programs.gnupg.agent = { - enable = true; - enableBrowserSocket = true; + gnupg.agent = { + enable = true; + enableBrowserSocket = true; + }; }; stylix = { @@ -173,18 +175,36 @@ # sansSerif = ["Atkinson Hyperlegible"]; # }; }; + systemd = { + services."shutdown-zellij-zsh" = { + path = with pkgs; [killall]; + enable = true; + unitConfig = { + Before = "shutdown.target"; + }; + serviceConfig = { + Type = "oneshot"; + ExecStart = "${pkgs.killall}/bin/killall -SIGKILL zellij zsh"; + RemainAfterExit = "yes"; + }; + }; - systemd.services."shutdown-zellij-zsh" = { - path = with pkgs; [killall]; - enable = true; - unitConfig = { - Before = "shutdown.target"; - }; - serviceConfig = { - Type = "oneshot"; - ExecStart = "${pkgs.killall}/bin/killall -SIGKILL zellij zsh"; - RemainAfterExit = "yes"; - }; + services."start-vpn-wg" = + if config.services.vpn-ip.enable + then { + path = with pkgs; [systemd]; + enable = true; + unitConfig = { + Wants = "network-online.target"; + After = "network-online.target"; + }; + serviceConfig = { + Type = "oneshot"; + ExecStart = "${pkgs.systemd}/bin/systemctl start wg-quick-wg0.service"; + RemainAfterExit = "yes"; + }; + } + else {}; }; networking = @@ -194,7 +214,7 @@ wg-quick.interfaces = { wg0 = { - autostart = true; + autostart = false; address = ["10.0.0.${config.services.vpn-ip.ip}/24" "fdc9:281f:04d7:9ee9::${config.services.vpn-ip.ip}/64"]; dns = ["10.0.0.1" "fdc9:281f:04d7:9ee9::1"]; listenPort = 51821; @@ -234,20 +254,22 @@ }; users = { - users.lillian = { - isNormalUser = true; - extraGroups = ["sudo" "networkmanager" "wheel" "vboxsf" "docker"]; - shell = pkgs.zsh; - hashedPasswordFile = config.sops.secrets."lillian-password".path; - openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILhwA+ZdP2tEBYQNdzLHZzFHxocyeqzhXI6tFpaZA3PZ lillian@EDI" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH30G2PJOnI6jnAtxOQV0SpLFUva0adarLZLvaoZvjGE lillian@GLaDOS" - ]; + users = { + lillian = { + isNormalUser = true; + extraGroups = ["sudo" "networkmanager" "wheel" "vboxsf" "docker"]; + shell = pkgs.zsh; + hashedPasswordFile = config.sops.secrets."lillian-password".path; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILhwA+ZdP2tEBYQNdzLHZzFHxocyeqzhXI6tFpaZA3PZ lillian@EDI" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH30G2PJOnI6jnAtxOQV0SpLFUva0adarLZLvaoZvjGE lillian@GLaDOS" + ]; + }; + + root = { + hashedPassword = "*"; + }; }; mutableUsers = false; - - users.root = { - hashedPassword = "*"; - }; }; }