diff --git a/devShell.nix b/devShell.nix index 8d6f427d..d6991b2e 100644 --- a/devShell.nix +++ b/devShell.nix @@ -46,7 +46,7 @@ pkgs.mkShell { nf-update sumireko-apply ] ++ config.runners.lazy.nativeBuildInputs - ++ lib.optional (builtins.getEnv "TRUSTED" != "") (pkgs.writeShellScriptBin "bitw" ''${pkgs.rbw-bitw}/bin/bitw -p gpg://${config.network.nodes.all.${builtins.getEnv "HOME_HOSTNAME"}.kw.secrets.repo.bitw.source} "$@"'') + ++ lib.optional (builtins.getEnv "TRUSTED" != "") (pkgs.writeShellScriptBin "bitw" ''${pkgs.rbw-bitw}/bin/bitw -p gpg://${config.network.nodes.all.${builtins.getEnv "HOME_HOSTNAME"}.secrets.repo.bitw.source} "$@"'') ++ (map (node: writeShellScriptBin "${node.networking.hostName}-sd-img" '' nix build -f . network.nodes.${node.networking.hostName}.system.build.sdImage --show-trace diff --git a/hardware/oracle/common.nix b/hardware/oracle/common.nix index bbcd1e68..beb072c8 100644 --- a/hardware/oracle/common.nix +++ b/hardware/oracle/common.nix @@ -1,9 +1,9 @@ -{ config, tf, meta, kw, pkgs, lib, inputs, ... }: let +{ config, tf, meta, nixfiles, pkgs, lib, inputs, ... }: let oci-root = meta.deploy.targets.oci-root.tf; - cfg = config.kw.oci; + cfg = config.nixfiles.oci; in { - options.kw.oci = { + options.nixfiles.oci = { base = lib.mkOption { description = '' Canonical Ubuntu provides an EXT4 root filesystem. @@ -86,19 +86,19 @@ in interfaces = lib.singleton interface; ipv4 = lib.mkOrder 1000 (tf.resources.${config.networking.hostName}.getAttr "public_ip"); ipv6 = let - prefix = lib.head (lib.splitString "/" (oci-root.resources.oci_kw_subnet.importAttr "ipv6cidr_block")); - in assert lib.hasSuffix "::" prefix; prefix + toString config.kw.oci.network.publicV6; + prefix = lib.head (lib.splitString "/" (oci-root.resources.oci_nixfiles_subnet.importAttr "ipv6cidr_block")); + in assert lib.hasSuffix "::" prefix; prefix + toString config.nixfiles.oci.network.publicV6; ip = hostname: class: if hostname != config.networking.hostName then if class == 6 then let - prefix = lib.head (lib.splitString "/" (oci-root.resources.oci_kw_subnet.importAttr "ipv6cidr_block")); - in assert lib.hasSuffix "::" prefix; prefix + toString config.kw.oci.network.publicV6 + prefix = lib.head (lib.splitString "/" (oci-root.resources.oci_nixfiles_subnet.importAttr "ipv6cidr_block")); + in assert lib.hasSuffix "::" prefix; prefix + toString config.nixfiles.oci.network.publicV6 else if class == 4 then tf.resources.${config.networking.hostName}.importAttr "public_ip" else throw "${config.networking.hostName}: IP for ${hostname} of ${toString class} is invalid." else if class == 6 then let - prefix = lib.head (lib.splitString "/" (oci-root.resources.oci_kw_subnet.importAttr "ipv6cidr_block")); - in assert lib.hasSuffix "::" prefix; prefix + toString config.kw.oci.network.publicV6 + prefix = lib.head (lib.splitString "/" (oci-root.resources.oci_nixfiles_subnet.importAttr "ipv6cidr_block")); + in assert lib.hasSuffix "::" prefix; prefix + toString config.nixfiles.oci.network.publicV6 else if class == 4 then tf.resources.${config.networking.hostName}.getAttr "public_ip" else throw "${config.networking.hostName}: IP for ${hostname} of ${toString class} is invalid."; @@ -111,7 +111,7 @@ in deploy.tf = let - compartment_id = oci-root.resources.oci_kw_compartment.importAttr "id"; + compartment_id = oci-root.resources.oci_nixfiles_compartment.importAttr "id"; inherit (tf.lib.tf) terraformExpr; in { @@ -127,10 +127,10 @@ in providers.oci = { inputs = { tenancy_ocid = oci-root.outputs.oci_tenancy.import; - user_ocid = oci-root.resources.oci_kw_user.importAttr "id"; - fingerprint = oci-root.resources.oci_kw_apikey.importAttr "fingerprint"; + user_ocid = oci-root.resources.oci_nixfiles_user.importAttr "id"; + fingerprint = oci-root.resources.oci_nixfiles_apikey.importAttr "fingerprint"; region = oci-root.outputs.oci_region.import; - private_key_path = oci-root.resources.oci_kw_key_file.importAttr "filename"; + private_key_path = oci-root.resources.oci_nixfiles_key_file.importAttr "filename"; }; }; resources = lib.mkMerge [{ @@ -183,7 +183,7 @@ in inputs = { vnic_id = tf.resources."${config.networking.hostName}_vnic".refAttr "vnic_attachments[0].vnic_id"; display_name = config.networking.hostName; - ip_address = terraformExpr ''cidrhost("${oci-root.resources.oci_kw_subnet.importAttr "ipv6cidr_block"}", ${toString cfg.network.publicV6})''; + ip_address = terraformExpr ''cidrhost("${oci-root.resources.oci_nixfiles_subnet.importAttr "ipv6cidr_block"}", ${toString cfg.network.publicV6})''; }; }; "${config.networking.hostName}" = { @@ -209,8 +209,8 @@ in create_vnic_details = [ { assign_public_ip = true; - subnet_id = oci-root.resources.oci_kw_subnet.importAttr "id"; - private_ip = terraformExpr ''cidrhost("${oci-root.resources.oci_kw_subnet.importAttr "cidr_block"}", ${toString cfg.network.privateV4})''; + subnet_id = oci-root.resources.oci_nixfiles_subnet.importAttr "id"; + private_ip = terraformExpr ''cidrhost("${oci-root.resources.oci_nixfiles_subnet.importAttr "cidr_block"}", ${toString cfg.network.privateV4})''; nsg_ids = [ (tf.resources.firewall_group.refAttr "id") ]; diff --git a/hardware/oracle/default.nix b/hardware/oracle/default.nix index 6955f364..884f7b87 100644 --- a/hardware/oracle/default.nix +++ b/hardware/oracle/default.nix @@ -2,14 +2,14 @@ profiles = tree.prev; appendedProfiles = with profiles; { ubuntu = { config, ... }: { - kw.oci.base = "Canonical Ubuntu"; + nixfiles.oci.base = "Canonical Ubuntu"; imports = with import (inputs.tf-nix + "/modules"); [ nixos.ubuntu-linux common ]; }; oracle = { config, ... }: { - kw.oci.base = "Oracle Linux"; + nixfiles.oci.base = "Oracle Linux"; imports = with import (inputs.tf-nix + "/modules"); [ nixos.oracle-linux common diff --git a/hardware/wifi.nix b/hardware/wifi.nix index c623c4fa..095eeb2d 100644 --- a/hardware/wifi.nix +++ b/hardware/wifi.nix @@ -4,7 +4,7 @@ let inherit (lib.attrsets) mapListToAttrs nameValuePair; inherit (lib.modules) mkIf; in { - kw.secrets.variables = mapListToAttrs + secrets.variables = mapListToAttrs (field: nameValuePair "wireless-${field}" { path = "secrets/wifi"; diff --git a/home/base16.nix b/home/base16.nix index c4ecaae0..3a18d9a5 100644 --- a/home/base16.nix +++ b/home/base16.nix @@ -1,7 +1,7 @@ { config, pkgs, lib, ... }: { - kw.theme.enable = true; + nixfiles.theme.enable = true; base16 = { vim.enable = false; diff --git a/home/firefox/default.nix b/home/firefox/default.nix index 3c751eae..5522b8ef 100644 --- a/home/firefox/default.nix +++ b/home/firefox/default.nix @@ -1,4 +1,4 @@ -{ config, lib, pkgs, nixos, kw, ... }: +{ config, lib, pkgs, nixos, nixfiles, ... }: let inherit (lib.strings) toLower; @@ -108,7 +108,7 @@ let }; in { - home.file.".mozilla/tst.css" = { inherit (kw.sassTemplate { name = "tst"; src = ./tst.sass; }) source; }; + home.file.".mozilla/tst.css" = { inherit (nixfiles.sassTemplate { name = "tst"; src = ./tst.sass; }) source; }; programs.zsh.shellAliases = { ff-pm = "firefox --ProfileManager"; @@ -133,7 +133,7 @@ in id = 0; isDefault = true; settings = commonSettings; - userChrome = (kw.sassTemplate { name = "userChrome"; src = ./userChrome.sass; }).text; + userChrome = (nixfiles.sassTemplate { name = "userChrome"; src = ./userChrome.sass; }).text; }; }; }; diff --git a/home/kitty.nix b/home/kitty.nix index deb6326d..2d607e99 100644 --- a/home/kitty.nix +++ b/home/kitty.nix @@ -6,7 +6,7 @@ ''; programs.kitty = { enable = true; - font.name = config.kw.theme.font.termName; + font.name = config.nixfiles.theme.font.termName; settings = { font_size = "10.0"; bold_font = "auto"; diff --git a/home/mako.nix b/home/mako.nix index 16223dad..f8fe93da 100644 --- a/home/mako.nix +++ b/home/mako.nix @@ -1,7 +1,7 @@ { config, pkgs, lib, witch, ... }: let - inherit (config.kw.theme) base16; + inherit (config.nixfiles.theme) base16; in { systemd.user.services = { @@ -21,7 +21,7 @@ in programs.mako = { enable = true; - font = "${config.kw.theme.font.name} ${toString config.kw.theme.font.size}"; + font = "${config.nixfiles.theme.font.name} ${toString config.nixfiles.theme.font.size}"; defaultTimeout = 3000; borderColor = base16.base08; backgroundColor = "${base16.base00}BF"; diff --git a/home/services/weechat.nix b/home/services/weechat.nix index c7bb819f..70e8dab2 100644 --- a/home/services/weechat.nix +++ b/home/services/weechat.nix @@ -1,7 +1,7 @@ { config, lib, nixos, pkgs, tf, ... }: { - kw.secrets.variables = { + secrets.variables = { matrix-pass = { path = "social/matrix"; field = "password"; diff --git a/home/shell/bitw.nix b/home/shell/bitw.nix index 5f6a0afe..61cdfccd 100644 --- a/home/shell/bitw.nix +++ b/home/shell/bitw.nix @@ -1,7 +1,7 @@ { config, pkgs, meta, lib, ... }: { programs.rbw = { enable = true; - package = lib.mkIf (meta.trusted ? secrets) (pkgs.writeShellScriptBin "bitw" ''${pkgs.rbw-bitw}/bin/bitw -p gpg://${config.kw.secrets.repo.bitw.source} "$@"''); + package = lib.mkIf (meta.trusted ? secrets) (pkgs.writeShellScriptBin "bitw" ''${pkgs.rbw-bitw}/bin/bitw -p gpg://${config.secrets.repo.bitw.source} "$@"''); settings = { email = "kat@kittywit.ch"; base_url = "https://vault.kittywit.ch"; diff --git a/home/sway.nix b/home/sway.nix index 89708c1f..5b41ca8b 100644 --- a/home/sway.nix +++ b/home/sway.nix @@ -12,7 +12,7 @@ let lockCommand = config.programs.swaylock.script; in services.i3gopher = { enable = true; }; - kw.theme.swaylock = true; + nixfiles.theme.swaylock = true; programs.zsh.profileExtra = '' # If running from tty1 start sway @@ -100,9 +100,9 @@ let lockCommand = config.programs.swaylock.script; in }; }; fonts = { - names = [ config.kw.theme.font.name ]; + names = [ config.nixfiles.theme.font.name ]; style = "Regular"; - size = config.kw.theme.font.size; + size = config.nixfiles.theme.font.size; }; terminal = "${pkgs.wezterm}/bin/wezterm"; menu = "${pkgs.j4-dmenu-desktop}/bin/j4-dmenu-desktop --no-generic --dmenu=\"${dmenu}\" --term='${pkgs.wezterm}/bin/wezterm'"; @@ -265,7 +265,7 @@ let lockCommand = config.programs.swaylock.script; in "${cfg.modifier}+Delete" = ''mode "System (l) lock, (e) logout, (s) suspend, (h) hibernate, (r) reboot, (Shift+s) shutdown"''; }; - colors = let inherit (config.kw.theme) base16; in + colors = let inherit (config.nixfiles.theme) base16; in { focused = { border = base16.base01; diff --git a/home/syncplay.nix b/home/syncplay.nix index 203d0c51..bf70f84b 100644 --- a/home/syncplay.nix +++ b/home/syncplay.nix @@ -3,7 +3,7 @@ let inherit (lib.modules) mkForce; in { - kw.secrets.variables = { + secrets.variables = { syncplay-pass = { path = "services/media/syncplay"; field = "password"; diff --git a/home/waybar/default.nix b/home/waybar/default.nix index cd7ff0cc..1a9ffff2 100644 --- a/home/waybar/default.nix +++ b/home/waybar/default.nix @@ -1,7 +1,7 @@ -{ config, lib, pkgs, kw, ... }: +{ config, lib, pkgs, nixfiles, ... }: { - xdg.configFile."waybar/style.css" = { inherit (kw.sassTemplate { name = "waybar-style"; src = ./waybar.sass; }) source; }; + xdg.configFile."waybar/style.css" = { inherit (nixfiles.sassTemplate { name = "waybar-style"; src = ./waybar.sass; }) source; }; #systemd.user.services.waybar.Service.Environment = lib.singleton "NOTMUCH_CONFIG=${config.home.sessionVariables.NOTMUCH_CONFIG}"; diff --git a/home/wezterm.nix b/home/wezterm.nix index fee8a228..361314d9 100644 --- a/home/wezterm.nix +++ b/home/wezterm.nix @@ -10,8 +10,8 @@ return { check_for_updates = true, enable_tab_bar = true, - font = wezterm.font "${config.kw.theme.font.termName}", - font_size = ${toString config.kw.theme.font.size}, + font = wezterm.font "${config.nixfiles.theme.font.termName}", + font_size = ${toString config.nixfiles.theme.font.size}, } ''; } diff --git a/home/wofi/default.nix b/home/wofi/default.nix index d6a95a1e..14477e68 100644 --- a/home/wofi/default.nix +++ b/home/wofi/default.nix @@ -1,5 +1,5 @@ -{ config, kw, ... }: +{ config, nixfiles, ... }: { - xdg.configFile."wofi/wofi.css" = { inherit (kw.sassTemplate { name = "wofi-style"; src = ./wofi.sass; }) source; }; + xdg.configFile."wofi/wofi.css" = { inherit (nixfiles.sassTemplate { name = "wofi-style"; src = ./wofi.sass; }) source; }; } diff --git a/meta.nix b/meta.nix index 2f337820..6fc38075 100644 --- a/meta.nix +++ b/meta.nix @@ -10,7 +10,7 @@ esphomeNodes = (map (node: { network.nodes.esphome.${node} = { - imports = config.lib.kw.esphomeImport node; + imports = config.lib.nixfiles.esphomeImport node; esphome = { name = node; }; @@ -20,7 +20,7 @@ nixosNodes = (map (node: { network.nodes.nixos.${node} = { - imports = config.lib.kw.nixosImport node; + imports = config.lib.nixfiles.nixosImport node; networking = { hostName = node; }; @@ -30,7 +30,7 @@ darwinNodes = (map (node: { network.nodes.darwin.${node} = { - imports = config.lib.kw.darwinImport node; + imports = config.lib.nixfiles.darwinImport node; networking = { hostName = node; }; diff --git a/modules/esphome/deploy.nix b/modules/esphome/deploy.nix index 34bce866..2408738f 100644 --- a/modules/esphome/deploy.nix +++ b/modules/esphome/deploy.nix @@ -102,7 +102,9 @@ in { field = head (reverseList parts); path = if length parts > 1 then head parts else "password"; in nameValuePair "${config.esphome.name}-secret-${name}" ({ - value.shellCommand = "bitw get ${path} -f ${field}"; + value.shellCommand = let + bitw = pkgs.writeShellScriptBin "bitw" ''${pkgs.rbw-bitw}/bin/bitw -p gpg://${config.network.nodes.all.${builtins.getEnv "HOME_HOSTNAME"}.secrets.repo.bitw.source} "$@"''; + in "${bitw}/bin/bitw get ${path} -f ${field}"; type = "string"; sensitive = true; }) diff --git a/modules/home/secrets.nix b/modules/home/secrets.nix index f31d2255..cfe1c89e 100644 --- a/modules/home/secrets.nix +++ b/modules/home/secrets.nix @@ -1,43 +1,3 @@ -{ config, nixos, lib, ... }: - -with lib; - -let - secretType = types.submodule ({ name, ... }: { - options = { - path = mkOption { type = types.str; }; - field = mkOption { - type = types.str; - default = ""; - }; - }; - }); - repoSecretType = types.submodule ({ name, ... }: { - options = { - source = mkOption { - type = types.path; - }; - text = mkOption { - type = types.str; - }; - }; - }); - cfg = config.kw.secrets; -in -{ - options.kw = { - secrets = { - variables = mkOption { - type = types.attrsOf secretType; - default = { }; - }; - repo = mkOption { - type = types.attrsOf repoSecretType; - default = { }; - }; - }; - }; - config = { - kw.secrets.repo = nixos.kw.secrets.repo; - }; +{ config, nixos, ... }: { + secrets.repo = nixos.secrets.repo; } diff --git a/modules/home/theme.nix b/modules/home/theme.nix index f7b464fd..5537849a 100644 --- a/modules/home/theme.nix +++ b/modules/home/theme.nix @@ -7,9 +7,9 @@ with lib; -let cfg = config.kw.theme; in +let cfg = config.nixfiles.theme; in { - options.kw.theme = { + options.nixfiles.theme = { enable = mkEnableOption "kat's theme module"; sass = { variables = mkOption { @@ -55,7 +55,7 @@ let cfg = config.kw.theme; in }; }; config = mkIf (cfg.enable) { - kw.theme = { + nixfiles.theme = { base16 = lib.mapAttrs' (k: v: lib.nameValuePair k "#${v.hex}") (lib.filterAttrs (n: _: lib.hasInfix "base" n) config.base16.defaultScheme); base16t = lib.mapAttrs' (k: v: lib.nameValuePair "${k}t" "rgba(${toString v.red.byte}, ${toString v.green.byte}, ${toString v.blue.byte}, ${toString cfg.alpha})") @@ -132,7 +132,7 @@ let cfg = config.kw.theme; in Install = { WantedBy = [ "sway-session.target" ]; }; }; - lib.kw.sassTemplate = { name, src }: + lib.nixfiles.sassTemplate = { name, src }: let variables = pkgs.writeText "base-variables.sass" '' ${(concatStringsSep "\n" (mapAttrsToList(var: con: "\$${var}: ${con}") cfg.sass.variables))} @@ -153,6 +153,6 @@ let cfg = config.kw.theme; in inherit source; text = builtins.readFile source; }; - _module.args = { inherit (config.lib) kw; }; + _module.args = { inherit (config.lib) nixfiles; }; }; } diff --git a/modules/meta/deploy.nix b/modules/meta/deploy.nix index 6e018c2f..f05964b3 100644 --- a/modules/meta/deploy.nix +++ b/modules/meta/deploy.nix @@ -78,7 +78,7 @@ in tree.impure.modules.tf ]; deploy.gcroot = { - name = mkDefault "kw-${config.name}"; + name = mkDefault "nixfiles-${config.name}"; user = mkIf (builtins.getEnv "HOME_USER" != "") (mkDefault (builtins.getEnv "HOME_USER")); }; providers.local = { }; diff --git a/modules/meta/imports.nix b/modules/meta/imports.nix index 3b2ee613..1bf42d0d 100644 --- a/modules/meta/imports.nix +++ b/modules/meta/imports.nix @@ -42,24 +42,24 @@ with lib; homeImports = []; users = mkDefault (singleton "kat"); }; - lib.kw.nixosImport = hostName: lib.nodeImport { + lib.nixfiles.nixosImport = hostName: lib.nodeImport { inherit (config.network.importing) nixosImports homeImports users; profiles = meta.nixos; inherit hostName; }; - lib.kw.esphomeImport = hostName: lib.nodeImport { + lib.nixfiles.esphomeImport = hostName: lib.nodeImport { nixosImports = config.network.importing.esphomeImports; homeImports = []; users = []; profiles = { base = { }; }; inherit hostName; }; - lib.kw.darwinImport = hostName: lib.nodeImport { + lib.nixfiles.darwinImport = hostName: lib.nodeImport { nixosImports = config.network.importing.darwinImports; profiles = meta.darwin; inherit (config.network.importing) homeImports users; inherit hostName; }; - _module.args = { inherit (config.lib) kw; }; + _module.args = { inherit (config.lib) nixfiles; }; }; } diff --git a/modules/meta/network.nix b/modules/meta/network.nix index d3eea049..2f6d0306 100644 --- a/modules/meta/network.nix +++ b/modules/meta/network.nix @@ -152,8 +152,8 @@ with lib; extraModules = [ inputs.home-manager.darwinModules.home-manager meta.modules.darwin - meta.modules.system.genesis meta.modules.system + meta.modules.type meta.system ]; specialArgs = { @@ -164,9 +164,9 @@ with lib; nixos = { extraModules = [ inputs.home-manager.nixosModules.home-manager - meta.modules.system.genesis meta.modules.nixos meta.modules.system + meta.modules.type meta.nixos.network meta.system ]; diff --git a/modules/meta/secrets.nix b/modules/meta/secrets.nix index c7e08675..a37e71a4 100644 --- a/modules/meta/secrets.nix +++ b/modules/meta/secrets.nix @@ -1,8 +1,8 @@ { config, pkgs, lib, ... }: with lib; { - options.kw.secrets.command = mkOption { + options.secrets.command = mkOption { type = types.str; default = let - bitw = pkgs.writeShellScriptBin "bitw" ''${pkgs.rbw-bitw}/bin/bitw -p gpg://${config.network.nodes.all.${builtins.getEnv "HOME_HOSTNAME"}.kw.secrets.repo.bitw.source} "$@"''; + bitw = pkgs.writeShellScriptBin "bitw" ''${pkgs.rbw-bitw}/bin/bitw -p gpg://${config.network.nodes.all.${builtins.getEnv "HOME_HOSTNAME"}.secrets.repo.bitw.source} "$@"''; in "${bitw}/bin/bitw get"; }; diff --git a/modules/nixos/secrets.nix b/modules/nixos/secrets.nix index 9e6b9a9f..2733e427 100644 --- a/modules/nixos/secrets.nix +++ b/modules/nixos/secrets.nix @@ -1,21 +1,13 @@ -{ config, lib, meta, ... }: - -with lib; - -let - mcfg = meta.kw.secrets; - cfg = config.kw.secrets; -in -{ - config = mkIf (cfg.variables != { }) { +{ config, lib, meta, ... }: with lib; { + config = mkIf (config.secrets.variables != { }) { deploy.tf.variables = mapAttrs' (name: content: nameValuePair name ({ - value.shellCommand = "${mcfg.command} ${content.path}" + optionalString (content.field != "") " -f ${content.field}"; + value.shellCommand = "${meta.secrets.command} ${content.path}" + optionalString (content.field != "") " -f ${content.field}"; type = "string"; sensitive = true; }) ) - cfg.variables; + config.secrets.variables; }; } diff --git a/modules/system/secrets.nix b/modules/system/secrets.nix index 7ac3e7a3..c4222831 100644 --- a/modules/system/secrets.nix +++ b/modules/system/secrets.nix @@ -1,44 +1,3 @@ -{ config, lib, meta, ... }: - -with lib; - -let - secretType = types.submodule ({ name, ... }: { - options = { - path = mkOption { type = types.str; }; - field = mkOption { - type = types.str; - default = ""; - }; - }; - }); - repoSecretType = types.submodule ({ name, ... }: { - options = { - source = mkOption { - type = types.path; - }; - text = mkOption { - type = types.str; - }; - }; - }); - mcfg = meta.kw.secrets; - cfg = config.kw.secrets; -in -{ - options.kw = { - secrets = { - variables = mkOption { - type = types.attrsOf secretType; - default = { }; - }; - repo = mkOption { - type = types.attrsOf repoSecretType; - default = { }; - }; - }; - }; - config = { - kw.secrets.variables = lib.mkMerge (mapAttrsToList (username: user: user.kw.secrets.variables) config.home-manager.users); - }; +{ config, lib, meta, ... }: with lib; { + secrets.variables = lib.mkMerge (mapAttrsToList (username: user: user.secrets.variables) config.home-manager.users); } diff --git a/modules/tf/katdns.nix b/modules/tf/katdns.nix index f20395b9..88c7aa1d 100644 --- a/modules/tf/katdns.nix +++ b/modules/tf/katdns.nix @@ -1,16 +1,17 @@ { config, lib, ... }: with lib; { + variables.katdns-address = { - value.shellCommand = "${meta.kw.secrets.command} secrets/katdns -f address"; + value.shellCommand = "${meta.secrets.command} secrets/katdns -f address"; type = "string"; sensitive = true; }; variables.katdns-name = { - value.shellCommand = "${meta.kw.secrets.command} secrets/katdns -f username"; + value.shellCommand = "${meta.secrets.command} secrets/katdns -f username"; type = "string"; sensitive = true; }; variables.katdns-key = { - value.shellCommand = "${meta.kw.secrets.command} secrets/katdns -f password"; + value.shellCommand = "${meta.secrets.command} secrets/katdns -f password"; type = "string"; sensitive = true; }; diff --git a/modules/type/secretType.nix b/modules/type/secrets.nix similarity index 100% rename from modules/type/secretType.nix rename to modules/type/secrets.nix diff --git a/nixos/kat.nix b/nixos/kat.nix index 87e43a56..6fadcbea 100644 --- a/nixos/kat.nix +++ b/nixos/kat.nix @@ -11,7 +11,7 @@ ]; shell = pkgs.zsh; extraGroups = [ "wheel" "video" "systemd-journal" "plugdev" "bird2" "vfio" "input" "uinput" ]; - hashedPassword = mkIf (meta.trusted ? secrets) (removeSuffix "\n" config.kw.secrets.repo.kat-user.text); + hashedPassword = mkIf (meta.trusted ? secrets) (removeSuffix "\n" config.secrets.repo.kat-user.text); }; systemd.tmpfiles.rules = [ diff --git a/nixos/network.nix b/nixos/network.nix index 09c9af31..ce9fc743 100644 --- a/nixos/network.nix +++ b/nixos/network.nix @@ -302,7 +302,7 @@ variables = { tailscale-authkey.export = true; tailscale-apikey = { - value.shellCommand = "${meta.kw.secrets.command} secrets/tailscale -f api_key"; + value.shellCommand = "${meta.secrets.command} secrets/tailscale -f api_key"; sensitive = true; export = true; }; diff --git a/nixos/systems/daiyousei.nix b/nixos/systems/daiyousei.nix index bfacddfa..1e2a5153 100644 --- a/nixos/systems/daiyousei.nix +++ b/nixos/systems/daiyousei.nix @@ -1,4 +1,4 @@ -{ config, inputs, tf, meta, kw, pkgs, lib, ... }: with lib; { +{ config, inputs, tf, meta, nixfiles, pkgs, lib, ... }: with lib; { imports = with meta; [ hardware.aarch64-linux hardware.oracle.ubuntu @@ -23,7 +23,7 @@ services.znc ]; - kw.oci = { + nixfiles.oci = { specs = { shape = "VM.Standard.A1.Flex"; cores = 4; diff --git a/nixos/systems/rinnosuke.nix b/nixos/systems/rinnosuke.nix index e43e4227..1caa86fa 100644 --- a/nixos/systems/rinnosuke.nix +++ b/nixos/systems/rinnosuke.nix @@ -1,4 +1,4 @@ -{ config, tf, meta, kw, pkgs, lib, ... }: with lib; { +{ config, tf, meta, nixfiles, pkgs, lib, ... }: with lib; { imports = with meta; [ hardware.oracle.ubuntu nixos.network @@ -6,7 +6,7 @@ services.knot ]; - kw.oci = { + nixfiles.oci = { specs = { shape = "VM.Standard.E2.1.Micro"; cores = 1; diff --git a/nixos/systems/tewi/home-assistant.nix b/nixos/systems/tewi/home-assistant.nix index 82f05921..960661a3 100644 --- a/nixos/systems/tewi/home-assistant.nix +++ b/nixos/systems/tewi/home-assistant.nix @@ -17,7 +17,7 @@ ]; }; - kw.secrets.variables.ha-integration = { + secrets.variables.ha-integration = { path = "secrets/home-assistant"; field = "notes"; }; diff --git a/nixos/systems/tewi/mosquitto.nix b/nixos/systems/tewi/mosquitto.nix index 34956caf..11a97ba7 100644 --- a/nixos/systems/tewi/mosquitto.nix +++ b/nixos/systems/tewi/mosquitto.nix @@ -6,22 +6,22 @@ ]; }; - kw.secrets.variables.z2m-pass = { + secrets.variables.z2m-pass = { path = "secrets/mosquitto"; field = "z2m"; }; - kw.secrets.variables.systemd-pass = { + secrets.variables.systemd-pass = { path = "secrets/mosquitto"; field = "systemd"; }; - kw.secrets.variables.hass-pass = { + secrets.variables.hass-pass = { path = "secrets/mosquitto"; field = "hass"; }; - kw.secrets.variables.espresence-pass = { + secrets.variables.espresence-pass = { path = "secrets/mosquitto"; field = "espresence"; }; diff --git a/nixos/systems/tewi/vouch.nix b/nixos/systems/tewi/vouch.nix index fe8d1aca..3a0c6a7e 100644 --- a/nixos/systems/tewi/vouch.nix +++ b/nixos/systems/tewi/vouch.nix @@ -62,12 +62,12 @@ }; }; config = { - kw.secrets.variables.gensokyo-id = { + secrets.variables.gensokyo-id = { path = "secrets/id.gensokyo.zone"; field = "client_secret"; }; - kw.secrets.variables.gensokyo-jwt = { + secrets.variables.gensokyo-jwt = { path = "secrets/id.gensokyo.zone"; field = "jwt"; }; diff --git a/nixos/systems/tewi/zigbee2mqtt.nix b/nixos/systems/tewi/zigbee2mqtt.nix index c6f6b7b9..0f3eec12 100644 --- a/nixos/systems/tewi/zigbee2mqtt.nix +++ b/nixos/systems/tewi/zigbee2mqtt.nix @@ -6,12 +6,12 @@ ]; }; - kw.secrets.variables.z2m-mqtt-password = { + secrets.variables.z2m-mqtt-password = { path = "secrets/mosquitto"; field = "z2m"; }; - kw.secrets.variables.z2m-network-key = { + secrets.variables.z2m-network-key = { path = "secrets/zigbee2mqtt"; field = "password"; }; diff --git a/services/filehost.nix b/services/filehost.nix index 9875fb81..7729c553 100644 --- a/services/filehost.nix +++ b/services/filehost.nix @@ -16,7 +16,7 @@ fi ''; in { - kw.secrets.variables.xbackbone-ldap = { + secrets.variables.xbackbone-ldap = { path = "secrets/xbackbone"; field = "password"; }; diff --git a/services/gitea/default.nix b/services/gitea/default.nix index bc5b2ff3..f459f83e 100644 --- a/services/gitea/default.nix +++ b/services/gitea/default.nix @@ -1,7 +1,7 @@ { config, lib, pkgs, tf, ... }: { - kw.secrets.variables = { + secrets.variables = { gitea-mail-pass = { path = "secrets/mail-kittywitch"; field = "gitea-pass"; diff --git a/services/ha.nix b/services/ha.nix index 85a59d1a..a9be4bae 100644 --- a/services/ha.nix +++ b/services/ha.nix @@ -55,7 +55,7 @@ systemd.services.home-assistant.reloadTriggers = lib.mkForce [ ]; - kw.secrets.variables.z2m-network-key = { + secrets.variables.z2m-network-key = { path = "secrets/zigbee2mqtt"; field = "password"; }; diff --git a/services/hedgedoc.nix b/services/hedgedoc.nix index df406e22..de0775fd 100644 --- a/services/hedgedoc.nix +++ b/services/hedgedoc.nix @@ -1,7 +1,7 @@ { config, lib, tf, ... }: with lib; { - kw.secrets.variables = (mapListToAttrs + secrets.variables = (mapListToAttrs (field: nameValuePair "hedgedoc-${field}" { path = "secrets/hedgedoc"; diff --git a/services/jira.nix b/services/jira.nix index 02a42114..cf2565ec 100644 --- a/services/jira.nix +++ b/services/jira.nix @@ -33,7 +33,7 @@ }; - kw.secrets.variables.jira-postgres = { + secrets.variables.jira-postgres = { path = "secrets/jira"; field = "password"; }; diff --git a/services/keycloak.nix b/services/keycloak.nix index 2763ca8f..7f39a8e4 100644 --- a/services/keycloak.nix +++ b/services/keycloak.nix @@ -47,7 +47,7 @@ in { group = "keycloak"; }; - kw.secrets.variables.keycloak-postgres = { + secrets.variables.keycloak-postgres = { path = "services/keycloak"; field = "postgres"; }; diff --git a/services/knot/default.nix b/services/knot/default.nix index f955f493..cdb9e053 100644 --- a/services/knot/default.nix +++ b/services/knot/default.nix @@ -1,7 +1,7 @@ { config, lib, tf, pkgs, ... }: { - kw.secrets.variables = { + secrets.variables = { katdns-key-config = { path = "secrets/katdns"; field = "notes"; diff --git a/services/mail/dns.nix b/services/mail/dns.nix index 6941721f..2fb394cd 100644 --- a/services/mail/dns.nix +++ b/services/mail/dns.nix @@ -2,7 +2,7 @@ domains = [ "dork" "kittywitch" ]; in { - kw.secrets.variables = listToAttrs (map + secrets.variables = listToAttrs (map (domain: nameValuePair "mail-domainkey-${domain}" { path = "secrets/mail-${domain}"; diff --git a/services/mail/dovecot.nix b/services/mail/dovecot.nix index b15ecf90..0c257cf5 100644 --- a/services/mail/dovecot.nix +++ b/services/mail/dovecot.nix @@ -180,7 +180,7 @@ in params.dovecot2 = { }; }; - kw.secrets.variables."dovecot-ldap-password" = { + secrets.variables."dovecot-ldap-password" = { path = "services/dovecot"; field = "password"; }; diff --git a/services/mail/postfix.nix b/services/mail/postfix.nix index 20680d95..38422f81 100644 --- a/services/mail/postfix.nix +++ b/services/mail/postfix.nix @@ -19,7 +19,7 @@ let dork.dev REJECT Get lost - you're lying about who you are ''; in { - kw.secrets.variables."postfix-ldap-password" = { + secrets.variables."postfix-ldap-password" = { path = "services/dovecot"; field = "password"; }; diff --git a/services/mail/sogo.nix b/services/mail/sogo.nix index ccf54c91..bac57e11 100644 --- a/services/mail/sogo.nix +++ b/services/mail/sogo.nix @@ -1,5 +1,5 @@ { config, tf, lib, ... }: with lib; { - kw.secrets.variables.sogo-ldap = { + secrets.variables.sogo-ldap = { path = "secrets/sogo"; field = "password"; }; diff --git a/services/murmur-ldap/default.nix b/services/murmur-ldap/default.nix index dc3f314a..dc03309f 100644 --- a/services/murmur-ldap/default.nix +++ b/services/murmur-ldap/default.nix @@ -1,7 +1,7 @@ { config, lib, tf, pkgs, ... }: with lib; let murmurLdapScript = ./LDAPauth.py; in { - kw.secrets.variables = { + secrets.variables = { murmur-ldap-pass = { path = "social/mumble"; field = "ldap"; diff --git a/services/murmur.nix b/services/murmur.nix index 2402a5aa..44557863 100644 --- a/services/murmur.nix +++ b/services/murmur.nix @@ -12,7 +12,7 @@ in udp = singleton 64738; }; - kw.secrets.variables = { + secrets.variables = { murmur-password = { path = "social/mumble"; field = "password"; diff --git a/services/nextcloud.nix b/services/nextcloud.nix index 84c13801..65b421a3 100644 --- a/services/nextcloud.nix +++ b/services/nextcloud.nix @@ -1,7 +1,7 @@ -{ config, pkgs, lib, tf, kw, ... }: with lib; let +{ config, pkgs, lib, tf, nixfiles, ... }: with lib; let cfg = config.services.nextcloud; in { - kw.secrets.variables = + secrets.variables = mapListToAttrs (field: nameValuePair "nextcloud-${field}" { diff --git a/services/nfs.nix b/services/nfs.nix index 5b4243c9..4bf5c114 100644 --- a/services/nfs.nix +++ b/services/nfs.nix @@ -1,4 +1,4 @@ -{ config, lib, kw, ... }: +{ config, lib, nixfiles, ... }: with lib; diff --git a/services/openldap/default.nix b/services/openldap/default.nix index 0636e268..e573baf5 100644 --- a/services/openldap/default.nix +++ b/services/openldap/default.nix @@ -163,7 +163,7 @@ }; - kw.secrets.variables = mapListToAttrs + secrets.variables = mapListToAttrs (field: nameValuePair "openldap-${field}" { path = "services/openldap"; diff --git a/services/plex.nix b/services/plex.nix index f7404a7a..c4d3876b 100644 --- a/services/plex.nix +++ b/services/plex.nix @@ -1,4 +1,4 @@ -{ config, kw, pkgs, lib, ... }: { +{ config, nixfiles, pkgs, lib, ... }: { networks.chitei.tcp = [ 32400 ]; services = { plex = { diff --git a/services/synapse.nix b/services/synapse.nix index 0a41defb..a4c36a91 100644 --- a/services/synapse.nix +++ b/services/synapse.nix @@ -13,7 +13,7 @@ with lib; LC_CTYPE = "C"; ''; - kw.secrets.variables = (mapListToAttrs + secrets.variables = (mapListToAttrs (field: nameValuePair "mautrix-telegram-${field}" { path = "secrets/mautrix-telegram"; diff --git a/services/syncplay.nix b/services/syncplay.nix index 01299b54..df540229 100644 --- a/services/syncplay.nix +++ b/services/syncplay.nix @@ -4,7 +4,7 @@ with lib; { - kw.secrets.variables = + secrets.variables = let fieldAdapt = field: if field == "pass" then "password" else field; in diff --git a/services/tt-rss.nix b/services/tt-rss.nix index 730b1b9c..f629bd03 100644 --- a/services/tt-rss.nix +++ b/services/tt-rss.nix @@ -1,5 +1,5 @@ { config, pkgs, lib, tf, ... }: with lib; { - kw.secrets.variables = mapListToAttrs + secrets.variables = mapListToAttrs (field: nameValuePair "ttrss-${field}" { path = "secrets/ttrss"; diff --git a/services/tvheadend.nix b/services/tvheadend.nix index 8d3bff46..2e2ea316 100644 --- a/services/tvheadend.nix +++ b/services/tvheadend.nix @@ -1,4 +1,4 @@ -{ config, pkgs, lib, kw, ... }: +{ config, pkgs, lib, nixfiles, ... }: { hardware.firmware = [ pkgs.libreelec-dvb-firmware ]; diff --git a/services/vaultwarden.nix b/services/vaultwarden.nix index b0058914..3990dd76 100644 --- a/services/vaultwarden.nix +++ b/services/vaultwarden.nix @@ -1,7 +1,7 @@ { config, pkgs, lib, tf, ... }: with lib; { - kw.secrets.variables = mapListToAttrs (field: + secrets.variables = mapListToAttrs (field: nameValuePair "vaultwarden-${field}" { path = "secrets/vaultwarden"; inherit field; diff --git a/services/vikunja.nix b/services/vikunja.nix index 9cced937..ebae86e7 100644 --- a/services/vikunja.nix +++ b/services/vikunja.nix @@ -40,7 +40,7 @@ let }; in { - kw.secrets.variables = (mapListToAttrs + secrets.variables = (mapListToAttrs (field: nameValuePair "vikunja-${field}" { path = "secrets/vikunja"; diff --git a/services/znc.nix b/services/znc.nix index 852e53fe..55cd0988 100644 --- a/services/znc.nix +++ b/services/znc.nix @@ -51,7 +51,7 @@ in # ZNC networks.internet.tcp = singleton 5001; - kw.secrets.variables = + secrets.variables = let fieldAdapt = field: if field == "cert" then "notes" else if field == "pass" then "password" else field; in @@ -190,7 +190,7 @@ in }; }; }) - (mkIf (meta.trusted ? secrets) (import config.kw.secrets.repo.znc.source)) + (mkIf (meta.trusted ? secrets) (import config.secrets.repo.znc.source)) ]; configFile = config.secrets.files.znc-config.path; }; diff --git a/system/home.nix b/system/home.nix index 8ae10b05..9bb68bf9 100644 --- a/system/home.nix +++ b/system/home.nix @@ -11,6 +11,7 @@ with lib; sharedModules = [ inputs.nix-doom-emacs.hmModule meta.modules.home + meta.modules.type ]; useUserPackages = true; useGlobalPkgs = true; diff --git a/targets/home.nix b/targets/home.nix index afe30fa6..0a8e5c34 100644 --- a/targets/home.nix +++ b/targets/home.nix @@ -6,7 +6,7 @@ imports = optional (builtins.pathExists ../services/irlmail.nix) ../services/irlmail.nix; variables.tailscale-apikey = { - value.shellCommand = "${meta.kw.secrets.command} secrets/tailscale -f api_key"; + value.shellCommand = "${meta.secrets.command} secrets/tailscale -f api_key"; sensitive = true; export = true; }; diff --git a/targets/oci-root.nix b/targets/oci-root.nix index 8699f83e..12748416 100644 --- a/targets/oci-root.nix +++ b/targets/oci-root.nix @@ -43,43 +43,43 @@ }; resources = { - oci_kw_compartment = { + oci_nixfiles_compartment = { provider = "oci.oci-root"; type = "identity_compartment"; inputs = { - name = "kw"; - description = "kw"; + name = "nixfiles"; + description = "nixfiles"; compartment_id = var.oci_root_tenancy.ref; enable_delete = true; }; }; - oci_kw_user = { + oci_nixfiles_user = { provider = "oci.oci-root"; type = "identity_user"; inputs = { - name = "kw"; - description = "kw"; + name = "nixfiles"; + description = "nixfiles"; compartment_id = var.oci_root_tenancy.ref; }; }; - oci_kw_group = { + oci_nixfiles_group = { provider = "oci.oci-root"; type = "identity_group"; inputs = { - name = "kw"; - description = "kw"; + name = "nixfiles"; + description = "nixfiles"; compartment_id = var.oci_root_tenancy.ref; }; }; - oci_kw_usergroup = { + oci_nixfiles_usergroup = { provider = "oci.oci-root"; type = "identity_user_group_membership"; inputs = { - group_id = res.oci_kw_group.refAttr "id"; - user_id = res.oci_kw_user.refAttr "id"; + group_id = res.oci_nixfiles_group.refAttr "id"; + user_id = res.oci_nixfiles_user.refAttr "id"; }; }; - oci_kw_key = { + oci_nixfiles_key = { provider = "tls"; type = "private_key"; inputs = { @@ -87,35 +87,35 @@ rsa_bits = 2048; }; }; - oci_kw_key_file = { + oci_nixfiles_key_file = { provider = "local"; type = "file"; inputs = { - sensitive_content = res.oci_kw_key.refAttr "private_key_pem"; - filename = toString (config.terraform.dataDir + "/oci_kw_key"); + sensitive_content = res.oci_nixfiles_key.refAttr "private_key_pem"; + filename = toString (config.terraform.dataDir + "/oci_nixfiles_key"); file_permission = "0600"; }; }; - oci_kw_apikey = { + oci_nixfiles_apikey = { provider = "oci.oci-root"; type = "identity_api_key"; inputs = { - key_value = res.oci_kw_key.refAttr "public_key_pem"; - user_id = res.oci_kw_user.refAttr "id"; + key_value = res.oci_nixfiles_key.refAttr "public_key_pem"; + user_id = res.oci_nixfiles_user.refAttr "id"; }; }; - oci_kw_policy = { + oci_nixfiles_policy = { provider = "oci.oci-root"; type = "identity_policy"; inputs = { - name = "kw-admin"; - description = "kw admin"; + name = "nixfiles-admin"; + description = "nixfiles admin"; compartment_id = var.oci_root_tenancy.ref; statements = [ - "Allow group ${res.oci_kw_group.refAttr "name"} to manage all-resources in compartment id ${res.oci_kw_compartment.refAttr "id"}" - "Allow group ${res.oci_kw_group.refAttr "name"} to read virtual-network-family in compartment id ${var.oci_root_tenancy.ref}" + "Allow group ${res.oci_nixfiles_group.refAttr "name"} to manage all-resources in compartment id ${res.oci_nixfiles_compartment.refAttr "id"}" + "Allow group ${res.oci_nixfiles_group.refAttr "name"} to read virtual-network-family in compartment id ${var.oci_root_tenancy.ref}" '' - Allow group ${res.oci_kw_group.refAttr "name"} to manage vcns in compartment id ${var.oci_root_tenancy.ref} where ALL { + Allow group ${res.oci_nixfiles_group.refAttr "name"} to manage vcns in compartment id ${var.oci_root_tenancy.ref} where ALL { ANY { request.operation = 'CreateNetworkSecurityGroup', request.operation = 'DeleteNetworkSecurityGroup' } } '' @@ -166,14 +166,14 @@ vcn_id = res.oci_vcn.refAttr "id"; }; }; - oci_kw_subnet = { + oci_nixfiles_subnet = { provider = "oci.oci-root"; type = "core_subnet"; inputs = { - display_name = "kw"; + display_name = "nixfiles"; cidr_block = terraformExpr "cidrsubnet(${res.oci_vcn.namedRef}.cidr_blocks[0], 8, 8)"; # /24 ipv6cidr_block = terraformExpr "cidrsubnet(${res.oci_vcn.namedRef}.ipv6cidr_blocks[0], 8, 0)"; # from a /56 block to /64 - compartment_id = res.oci_kw_compartment.refAttr "id"; + compartment_id = res.oci_nixfiles_compartment.refAttr "id"; vcn_id = res.oci_vcn.refAttr "id"; route_table_id = res.oci_routes.refAttr "id"; }; diff --git a/trusted/flake.lock b/trusted/flake.lock index 4dce36fe..4a4aa5a7 100644 --- a/trusted/flake.lock +++ b/trusted/flake.lock @@ -3,11 +3,11 @@ "arcexprs": { "flake": false, "locked": { - "lastModified": 1664324035, - "narHash": "sha256-X/aULANyF9pHR+OejllcIG1vSs4H0sis5212dt6i/Xo=", + "lastModified": 1664737885, + "narHash": "sha256-ppcK2iEo949aGMVVXoqYs3H0K0jhPTDdUj+Dt1abIW0=", "owner": "arcnmx", "repo": "nixexprs", - "rev": "6b308153ddc58f1ed5e3223cb242ac4867ef5712", + "rev": "4e09592dade1388d900ab3524bc240ce75b14abb", "type": "github" }, "original": { @@ -20,11 +20,11 @@ "ci": { "flake": false, "locked": { - "lastModified": 1658370007, - "narHash": "sha256-gKxTtjSPwTNp1Lcqynw8HYDSq/wtF7EmF4NvS0dyeb8=", + "lastModified": 1664566287, + "narHash": "sha256-DysbqsNrLAGI4VU9HlP3qXe1b0P3N9mGGttmr3xUCHU=", "owner": "arcnmx", "repo": "ci", - "rev": "5cec82ebd5614fdeaaf442c4390451e2f483fdc4", + "rev": "3f5f6df67088485d422b97d3a41fe259e2bdc53e", "type": "github" }, "original": { @@ -92,11 +92,11 @@ "emacs-overlay": { "flake": false, "locked": { - "lastModified": 1662654452, - "narHash": "sha256-mrr161UOnVNx2pzR9ePmhVlxapzQ57ZDSLb9BRgW0bo=", + "lastModified": 1664478431, + "narHash": "sha256-XTPklm/+e2UfIitB0+s/fKTheMJSw3G1p+t0SsBCuo4=", "owner": "nix-community", "repo": "emacs-overlay", - "rev": "70e241d5b189982dabc1fe55829475c5c483c89d", + "rev": "6c78924bc5b6daaf98c0dbe63bdfcf80e6433f4b", "type": "github" }, "original": { @@ -348,11 +348,11 @@ "ws-butler": "ws-butler" }, "locked": { - "lastModified": 1662839665, - "narHash": "sha256-TGSRXMmRTn4eza3q0XvqpuPoeCnkktPeD0TaM/V1pZ0=", + "lastModified": 1664622347, + "narHash": "sha256-pJTnEG68PhrXjpkfz/784BlcxaHgV06b1cUVGRxhMdw=", "owner": "nix-community", "repo": "nix-doom-emacs", - "rev": "acbf1b70335d4fd6a6c05bc417d7f3ca44739437", + "rev": "b65e204ce9d20b376acc38ec205d08007eccdaef", "type": "github" }, "original": { @@ -395,11 +395,11 @@ ] }, "locked": { - "lastModified": 1664474132, - "narHash": "sha256-leeynikJOn2sxA03UvIzKiyctFeSLCGuh5tf0Uh6/1M=", + "lastModified": 1664742955, + "narHash": "sha256-jiD8gHTERZLzIFwnaXzXDDSjR44Fs1JhRujcNq3jNnA=", "owner": "kittywitch", "repo": "nixfiles", - "rev": "a0f9d0ab488632eb163885f0e817d83ca5d663ab", + "rev": "9794026f6c22b49518c285b4452ea4c8dd9ae7bf", "type": "github" }, "original": { @@ -410,11 +410,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1664281702, - "narHash": "sha256-haixZ4TJLu1Dciow54wrHrHvlGDVr5sW6MTeAV/ZLuI=", + "lastModified": 1664538465, + "narHash": "sha256-EnlC7dDKX7X1wlnXkB1gmn9rBZQ0J9+biVTZHw//8us=", "owner": "nixos", "repo": "nixpkgs", - "rev": "7e52b35fe98481a279d89f9c145f8076d049d2b9", + "rev": "10ecda252ce1b3b1d6403caeadbcc8f30d5ab796", "type": "github" }, "original": { @@ -442,11 +442,11 @@ }, "nur": { "locked": { - "lastModified": 1664382743, - "narHash": "sha256-rtDxdzj5IBvO114QP9gyfjVt9N7tZWd0e2/RQxrDtw4=", + "lastModified": 1664718272, + "narHash": "sha256-BNnUks1BKzBr8HzoKBFQ8a7/avQhDkKCu0DSgW1ulcY=", "owner": "nix-community", "repo": "nur", - "rev": "8ca43145e3b31861d807c8df3ce53f559c3b5762", + "rev": "392b26288ad1cdebd03eac17adb70491f9f392d3", "type": "github" }, "original": { @@ -475,11 +475,11 @@ "org": { "flake": false, "locked": { - "lastModified": 1662614940, - "narHash": "sha256-9eAqhKXpTfZQH3bn19ien3HIzF100h8z97iHqs/QUgY=", + "lastModified": 1664493874, + "narHash": "sha256-8zLosjfQX0aR5HprtCeiSqN1pfB+GEUF9AULk6WRcR4=", "owner": "emacs-straight", "repo": "org-mode", - "rev": "eb5ef0ae1424a725f933ef3929e5396a2ab727ab", + "rev": "fe1f4f2ccf040deff9c57288d987f17cc2da321f", "type": "github" }, "original": { @@ -491,11 +491,11 @@ "org-contrib": { "flake": false, "locked": { - "lastModified": 1661026052, - "narHash": "sha256-rE7aioQxeVjo+TVI4DIppKkmf/c7tRNzK6hQJAmUnVE=", + "lastModified": 1664301003, + "narHash": "sha256-8CAq/EB52RMQHNLZM0uc/1N5gKTfxGhf7WFt9sMKoD8=", "owner": "emacsmirror", "repo": "org-contrib", - "rev": "0740bd3fe69c4b327420185d931dcf0a9900a80e", + "rev": "aa104c0bbc3113f6d3d167b20bd8d6bf6a285f0f", "type": "github" }, "original": { @@ -539,11 +539,11 @@ "revealjs": { "flake": false, "locked": { - "lastModified": 1662369032, - "narHash": "sha256-1BZWA3W77YbNZUj+7vJbkTeWY8O4jjPg7t5PvlEVDYA=", + "lastModified": 1664012352, + "narHash": "sha256-Pu5p6HqIO2wvWiTEhsQyIuwlWEIa1GjO3EDXosznyYE=", "owner": "hakimel", "repo": "reveal.js", - "rev": "8a97ad58b04045fe5a9c964aa31659bd27e665c5", + "rev": "468132320d6e072abd1297d7cc24766a2b7a832d", "type": "github" }, "original": { @@ -610,11 +610,11 @@ "trusted": { "flake": false, "locked": { - "lastModified": 1657482041, - "narHash": "sha256-AEC0DO586Xq5NcYwyEBAosFj5VRSwLSPZCH5v5ri11s=", + "lastModified": 1664745519, + "narHash": "sha256-tUNmmEjJ6KOOPkHCkJytv4KemXf4idM8erPQgOr7SWc=", "ref": "main", - "rev": "76779729b344d8427f05d9e78c76a19daa7cc2a8", - "revCount": 92, + "rev": "f89074f4500dddb1962d49f3f542ce41d7beee87", + "revCount": 93, "type": "git", "url": "ssh://git@github.com/kittywitch/nixfiles-trusted" }, @@ -627,11 +627,11 @@ "ts-fold": { "flake": false, "locked": { - "lastModified": 1662386895, - "narHash": "sha256-pYW2hcHgkr9KYdRvX2EkpOt/OL8yl+mkZ21JbMKWc8Q=", + "lastModified": 1663136308, + "narHash": "sha256-FI25RLoHqhcjA2qel75LVmQH4rTkKiAUR2w9QODT1XM=", "owner": "jcs-elpa", "repo": "ts-fold", - "rev": "017402713bd2f1fd7a691aa48afb4330f5397432", + "rev": "c3da5520b988720f7f6e9e5e11b60746598112e0", "type": "github" }, "original": {