gensokyo-zone/infrastructure
1
0
Fork 0
mirror of https://github.com/gensokyo-zone/infrastructure.git synced 2026-02-09 12:29:19 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions

Git signing test. Reformats.

Browse source 
GPG should work now.

Signed-off-by: kat witch <kat@kittywit.ch>
This commit is contained in:
kat witch 2021-02-23 02:42:26 +00:00
parent 09a3d86503
commit dd38d4b114
4 changed files with 38 additions and 40 deletions
Download patch file Download diff file Expand all files Collapse all files

31
config/hosts/athame/mail.nix
View file

@ -1,10 +1,9 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
let sources = (import ../../../nix/sources.nix); let
secrets = (import ../../../secrets.nix); sources = (import ../../../nix/sources.nix);
secrets = (import ../../../secrets.nix);
in { in {
imports = [ imports = [ sources.nixos-mailserver.outPath ];
sources.nixos-mailserver.outPath
];
mailserver = { mailserver = {
enable = true; enable = true;
@ -14,26 +13,22 @@ in {
# A list of all login accounts. To create the password hashes, use # A list of all login accounts. To create the password hashes, use
# nix run nixpkgs.apacheHttpd -c htpasswd -nbB "" "super secret password" | cut -d: -f2 # nix run nixpkgs.apacheHttpd -c htpasswd -nbB "" "super secret password" | cut -d: -f2
loginAccounts = { loginAccounts = {
"kat@kittywit.ch" = { "kat@kittywit.ch" = {
hashedPassword = secrets.hosts.athame.mail.kat.password; hashedPassword = secrets.hosts.athame.mail.kat.password;
aliases = [ aliases = [ "postmaster@kittywit.ch" ];
"postmaster@kittywit.ch"
];
# Make this user the catchAll address for domains kittywit.ch and # Make this user the catchAll address for domains kittywit.ch and
# example2.com # example2.com
catchAll = [ catchAll = [ "kittywit.ch" ];
"kittywit.ch" };
];
};
}; };
# Extra virtual aliases. These are email addresses that are forwarded to # Extra virtual aliases. These are email addresses that are forwarded to
# loginAccounts addresses. # loginAccounts addresses.
extraVirtualAliases = { extraVirtualAliases = {
# address = forward address; # address = forward address;
"abuse@kittywit.ch" = "kat@kittywit.ch"; "abuse@kittywit.ch" = "kat@kittywit.ch";
}; };
# Use Let's Encrypt certificates. Note that this needs to set up a stripped # Use Let's Encrypt certificates. Note that this needs to set up a stripped

7
config/users/kat/default.nix
View file

@ -15,8 +15,7 @@
uid = 1000; uid = 1000;
isNormalUser = true; isNormalUser = true;
openssh.authorizedKeys.keys = [ openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDX2x9eT02eJn2lAc7zA3c84+FXkft1f3hbTXKZ6+q/F kat@yule" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCocjQqiDIvzq+Qu3jkf7FXw5piwtvZ1Mihw9cVjdVcsra3U2c9WYtYrA3rS50N3p00oUqQm9z1KUrvHzdE+03ZCrvaGdrtYVsaeoCuuvw7qxTQRbItTAEsfRcZLQ5c1v/57HNYNEsjVrt8VukMPRXWgl+lmzh37dd9w45cCY1QPi+JXQQ/4i9Vc3aWSe4X6PHOEMSBHxepnxm5VNHm4PObGcVbjBf0OkunMeztd1YYA9sEPyEK3b8IHxDl34e5t6NDLCIDz0N/UgzCxSxoz+YJ0feQuZtud/YLkuQcMxW2dSGvnJ0nYy7SA5DkW1oqcy6CGDndHl5StOlJ1IF9aGh0gGkx5SRrV7HOGvapR60RphKrR5zQbFFka99kvSQgOZqSB3CGDEQGHv8dXKXIFlzX78jjWDOBT67vA/M9BK9FS2iNnBF5x6shJ9SU5IK4ySxq8qvN7Us8emkN3pyO8yqgsSOzzJT1JmWUAx0tZWG/BwKcFBHfceAPQl6pwxx28TM3BTBRYdzPJLTkAy48y6iXW6UYdfAPlShy79IYjQtEThTuIiEzdzgYdros0x3PDniuAP0KOKMgbikr0gRa6zahPjf0qqBnHeLB6nHAfaVzI0aNbhOg2bdOueE1FX0x48sjKqjOpjlIfq4WeZp9REr2YHEsoLFOBfgId5P3BPtpBQ== cardno:000612078454"
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCno0Ci2VEkxgWu1mR24puvphHw3KdaNelEhS7n5LEtNuFuNLd0vhQkP5sWGqg4W9pjcHELV8898Bz7+K+ikbZgD2yiK9ROFxSZc/e47H5m9Yn74blrahFmu4S1RL+UPlqnJoUwULsP28xDW3iZbBYnWffMGWXL6Yr8oAdMvOMmKf6KZ/akfRIB22kS6y1XeJnfnzQZRImr+whrNiXKrCXqlcINLkObZW0Wv+BwfXKMhD0lqlTJYAyMdmfWy7ARep032A/XE+gOcln9Ut55GcVwS45LreZuXlk66lHZvFNeK0ETa079Fl7Bx4kYhuek48bIYwpqsIPW+1CDNyeW79Fd dorkd@DESKTOP-U9VEBIL"
]; ];
shell = pkgs.fish; shell = pkgs.fish;
extraGroups = [ "wheel" "video" ]; extraGroups = [ "wheel" "video" ];
@ -47,9 +46,7 @@
enable = true; enable = true;
userName = "kat witch"; userName = "kat witch";
userEmail = "kat@kittywit.ch"; userEmail = "kat@kittywit.ch";
signing = { signing = { key = "01F50A29D4AA91175A11BDB17248991EFA8EFBEE"; };
key = "01F50A29D4AA91175A11BDB17248991EFA8EFBEE";
};
}; };
programs.ssh = { programs.ssh = {

17
config/users/kat/desktop.nix
View file

@ -56,16 +56,21 @@ in {
neofetch neofetch
htop htop
]; ];
}; };
programs.gnupg.agent = { programs.gnupg.agent = {
enable = true; enable = true;
enableSSHSupport = true; enableSSHSupport = true;
pinentryFlavor = "gtk2"; pinentryFlavor = "gtk2";
}; };
home-manager.users.kat = { home-manager.users.kat = {
home.file.".gnupg/gpg-agent.conf".text = ''
enable-ssh-support
pinentry-program ${pkgs.pinentry.gtk2}/bin/pinentry
'';
services.nextcloud-client.enable = true; services.nextcloud-client.enable = true;
programs.firefox = { enable = true; }; programs.firefox = { enable = true; };

17
config/users/kat/fish.nix
View file

@ -5,9 +5,10 @@
programs.fish = { programs.fish = {
enable = true; enable = true;
interactiveShellInit = '' interactiveShellInit = ''
${if (lib.elem "desktop" config.meta.deploy.groups) ${if (lib.elem "desktop" config.meta.deploy.groups) then
then "export SSH_AUTH_SOCK=(gpgconf --list-dirs agent-ssh-socket)" "export SSH_AUTH_SOCK=(gpgconf --list-dirs agent-ssh-socket)"
else ""} else
""}
set -g fish_greeting "" set -g fish_greeting ""
''; '';
shellAliases = { nixdirfmt = "fd --color=never .nix | xargs nixfmt"; }; shellAliases = { nixdirfmt = "fd --color=never .nix | xargs nixfmt"; };
@ -22,9 +23,9 @@
}]; }];
}; };
}; };
programs.direnv = { programs.direnv = {
enable = true; enable = true;
enableFishIntegration = true; enableFishIntegration = true;
enableNixDirenvIntegration = true; enableNixDirenvIntegration = true;
}; };
} }