diff --git a/misc/erase-your-darlings-setup.sh b/misc/erase-your-darlings-setup.sh index 38f353b..8d726ed 100644 --- a/misc/erase-your-darlings-setup.sh +++ b/misc/erase-your-darlings-setup.sh @@ -79,4 +79,8 @@ reboot mkdir -p /persist/etc/nixos cp -r /etc/nixos /persist/etc -cp /etc/machine-id /persist/etc/machine-id +cp /etc/machine-id /persist/etc + +mkdir -p /persist/etc/ssh +cp /etc/ssh/ssh_host_ed25519_key /persist/etc/ssh +cp /etc/ssh/ssh_host_ed25519_key.pub /persist/etc/ssh diff --git a/modules/base/erase-your-darlings.nix b/modules/base/erase-your-darlings.nix index 8a8b287..8128829 100644 --- a/modules/base/erase-your-darlings.nix +++ b/modules/base/erase-your-darlings.nix @@ -19,12 +19,16 @@ in { environment.etc = { nixos.source = "/persist/etc/nixos"; machine-id.source = "/persist/etc/machine-id"; + "ssh/ssh_host_ed25519_key".source = "/persist/etc/ssh/ssh_host_ed25519_key"; + "ssh/ssh_host_ed25519_key.pub".source = "/persist/etc/ssh/ssh_host_ed25519_key.pub"; }; security.sudo.extraConfig = '' Defaults lecture = never ''; + users.mutableUsers = false; + boot.initrd.postDeviceCommands = pkgs.lib.mkBefore '' mkdir -p /mnt diff --git a/modules/timers/wol.nix b/modules/timers/wol.nix index 371bab3..61ce9d5 100644 --- a/modules/timers/wol.nix +++ b/modules/timers/wol.nix @@ -22,9 +22,7 @@ in { }; systemd.services."enable-wol" = { - script = '' - /home/horseman/nix-config/misc/startup.sh - ''; + script = builtins.readFile ../../misc/startup.sh; serviceConfig = { Type = "oneshot"; User = "root"; diff --git a/secrets/password.age b/secrets/password.age index 8b0f89c..79d3b15 100644 --- a/secrets/password.age +++ b/secrets/password.age @@ -1,22 +1,21 @@ -----BEGIN AGE ENCRYPTED FILE----- -YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IC9tczZkdyBlcUJQ -Q0w2WWdNUWwySExscUkvc1JjMGQwNDcyTHBtMGxrVFQ0UlpvQUNrCjJ3VjRFYWF6 -Rm9QMk83V2hsMkUyR2RyS0pheG0rUjhDVFN0eUFTTXJQM2sKLT4gc3NoLWVkMjU1 -MTkgZ1BJZFpBIEI5SHNacVcrbVl1Z2VjdFJyV1UrVDZGUkFKMXc1NEtlTzNIS213 -MTB2bGcKTjhYNERkRjd3Z3NueHpTYWJpM0ZWSkk4bGxlTFQrbFlFc2ZCWEpKRUJR -bwotPiBzc2gtZWQyNTUxOSBXeUlGekEgai9yczJENFlIOEJPVEFqUU5vNHk4Wkc5 -empZdi9hSXlORUtmaVZETmZDRQoyaTBvODJlZmQ5c3BCdnM5NktCVEMxVFFCakhn -bkN0RjB2VzhMRjl0ZlJVCi0+IHNzaC1lZDI1NTE5IGRiT2VoQSB2S0JLQXhOczR0 -clBjWmRpbXVoYXpiODJjTUdoRUxRSE9PSkIyR2JsT25jCkZXc2pxbVBXbEoyS2x0 -SlVWRmxEWlA0ZVpId2c0K3V4M25PUkhDZExvOTgKLT4gc3NoLWVkMjU1MTkgdHYv -Q3pnIGt3U1J3djlpM1BKUmE3SnFFU2lDNkpPSERDUUR2MHdKMFIvanUvYll3aHMK -NWxaVGhMVy9CT0V5cWcybHQ2WVlvbUJRaFE1cVpnbmEzKzRxWW5RcVhBRQotPiBz -c2gtZWQyNTUxOSBrTlFjWncgM2x6L1F1bEEvTU54RkR6V0l4SG43WHlZNHEyM1dW -cm9MQ25WTm4rSlVrMAo5Zk5iU1UyVHQxbkRBTnNxMTN1anREdGdrQTNzbnNNeHlj -MktrYjVWUm5JCi0+IFU7bU1yI0gtZ3JlYXNlIC5pR29fdFhAIHp2WlosIHwsaFhw -CkprWllya2VSS0xPR0U2d1RJcnVDdWJMVklZOHMycWxaOGVMcnVuUitXd2Ura1VU -OFVFVE1jajRrdUtWV2Y2N1EKcTNWNTY3T3NoVHF0YjlVTnVnCi0tLSBPMmlSZW5k -UVhOTStobWIrUmQzbldIdWoyK0VzZWFPc25nd3RLelk1U3RZCupun+M3jtGXiD8y -8oBmknZc0ChPp4QiPrh2Jo0x9+6rKDwX0eGoxPCHj8rZ4Md33RIB/JOUszVUfzwh -v2E+LDqULmpW1yWCL08klb3KrUi/ShHMjSjpHRo7vas5tUnNiQlbYVn+eMBelQ== +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IC9tczZkdyBRYkZw +bldsb0JESDFiTVFRQ3RLZktFUU5OL3VITEhNM1dyNzE2VzF1dVcwCmxkdlE0M1pm +NEpTcmtESWdvbm81L2dLU1FudVB1T1JmM2VBemY1K3R6MzQKLT4gc3NoLWVkMjU1 +MTkgZ1BJZFpBIHlTRVBvM2dYbWtVYUJ1Y3pQc0I4bnFZQ2hPYS9GWFpVc0VXSDlU +T0l3R2sKdHFqQm5iZEErZ3dVUUp1WGhDWUVHdEc3TUlqWnJJNXkyeUJiZmJMMW1L +bwotPiBzc2gtZWQyNTUxOSBXeUlGekEgaHIzTkdPNGZ6MWlyM0lrWXJwd2hYaWN6 +VGpQblp4Kysxc25YOXdsTzMzUQp2dGFHeXVmbVgwajNKK1ZNU0szUEpJRmRCS0pD +NnNyL3h2TFNFWmR1VkwwCi0+IHNzaC1lZDI1NTE5IGRiT2VoQSBONnVPWUlWL0Ro +ZTdQbG5mRk42ZUFsYVFkWHowZmJreXhqYTc5M0prRHpvCkRYVmpHbldMT1dWdm5F +dEdlT1YrT2tEa2loa1h0WVV2YlFHdTlBWWlnQ0UKLT4gc3NoLWVkMjU1MTkgdHYv +Q3pnIG1Cc2RiUkE0WERzTU1aL3h2YWtNckdLeDFraGtQclhhNjlCQUFObk93elEK +WUR4dVJqbUh3LytSbTBkSmg1SUhYQ0pGQkxiM2tMWW1FZUtmWmxtVFYyWQotPiBz +c2gtZWQyNTUxOSBrTlFjWncgelFXeVYyZlVCVXg5ejVZSGdNTXF3YjY2OW1DYUNr +RXdoVlFrL0xhZnRWawpVTjVRMjNNRlhjaDkvckFmTmhuUjZTbzBzS21ibU1xUjJO +ZDFydmZCK2VRCi0+IFItZ3JlYXNlIFBEIGAvdD57Im4oIEhEW0MgLQoybmNnaUpO +aVl4Y0dERXBMdzBEZlJhWGUKLS0tICtnc2pHWnh5MUE5cndVc1FDa0tJRWloU1Aw +Zm0wdDJWY2lDbUV0MVIzODgKZOAVSl5pQwFI9YRpSkqHUCiBdn2UAL8ZALAuijya +jYh34OCkzlguVGATye5t/46JIbnAUc1RiMNAGGdCU6hvqyo3C/ZMXdbDa4HW7yoG +ixYoAV57cWHRGiggMvTC/XUBJR5uni7h3/RcOg== -----END AGE ENCRYPTED FILE-----