crony/nix-conf
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(desktop): add systemwide flatpak and enable polkit.

Browse source
This commit is contained in:
CronyAkatsuki 2025-06-22 22:01:42 +02:00
parent 9b707cd3d2
commit 095e45e435
9 changed files with 128 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

10
hosts/ymir/configuration.nix
View file

@ -76,7 +76,12 @@
services.seatd.enable = true; services.seatd.enable = true;
# Enable flatpak # Enable flatpak
services.flatpak.enable = true; services.flatpak = {
enable = true;
packages = [
"com.dec05eba.gpu_screen_recorder"
];
};
# Enable ratbagd to customize mouse options # Enable ratbagd to customize mouse options
services.ratbagd.enable = true; services.ratbagd.enable = true;
@ -104,6 +109,9 @@
# Enable light for image control # Enable light for image control
programs.light.enable = true; programs.light.enable = true;
# Enable polkit
security.polkit.enable = true;
# programs.river = { # programs.river = {
# enable = true; # enable = true;
# extraPackages = []; # extraPackages = [];

1
modules/servers/general/default.nix
View file

@ -9,5 +9,6 @@
./root.nix ./root.nix
./beszel-agent.nix ./beszel-agent.nix
./optimise-storage.nix ./optimise-storage.nix
./restic.nix
]; ];
} }

37
modules/servers/general/restic.nix Normal file
View file

@ -0,0 +1,37 @@
{config, ...}: let
opts = {
paths = [
"/var/lib/private"
];
pruneOpts = [
"--keep-last 10"
"--keep-daily 7"
"--keep-weekly 5"
"--keep-monthly 12"
];
checkOpts = [
"--read-data-subset=10%"
"--with-cache"
];
};
in {
services.restic.backups = {
local = {
initialize = true;
passwordFile = config.age.secrets.restic-server-local-pass.path;
repository = "/var/lib/backup";
paths = opts.paths;
pruneOpts = opts.pruneOpts;
checkOpts = opts.checkOpts;
};
server = {
initialize = true;
passwordFile = config.age.secrets.restic-server-pass.path;
repositoryFile = config.age.secrets.restic-server-pass.path;
environmentFile = config.age.secrets.restic-server-pass.path;
paths = opts.paths;
pruneOpts = opts.pruneOpts;
checkOpts = opts.checkOpts;
};
};
}

12
modules/servers/general/secrets.nix
View file

@ -11,6 +11,18 @@
root-passwd = { root-passwd = {
file = ../../../secrets/root-passwd.age; file = ../../../secrets/root-passwd.age;
}; };
restic-server-local-pass = {
file = ../../../secrets/restic-server-local-pass.age;
};
restic-server-pass = {
file = ../../../secrets/restic-server-pass.age;
};
restic-server-repo = {
file = ../../../secrets/restic-server-repo.age;
};
restic-server-env = {
file = ../../../secrets/restic-server-env.age;
};
}; };
}; };
} }

21
secrets/restic-server-env.age Normal file
View file

@ -0,0 +1,21 @@
age-encryption.org/v1
-> ssh-ed25519 2P4nKw P/5AREO2GLWDGgTnQmcvq4ORUDvZUCDNUfW6gjnXgWQ
Sx+9oL+PqaJ27/reuUmXGcUk+46bOFcDrZHOxMBmRwY
-> ssh-ed25519 6+hQpQ vzLILUkCCObrl9IPqqQc4mPmG6OB6qeu7vOVCOoEM04
bOcMcMzGEh/5FifL89zMkxG+bN+hISfZoboe4yJmRC0
-> ssh-ed25519 l/ODWA BPR4ySpMzah8UbyWy98C8xgEvNFLznjGhNTq2sv1xUI
I3mRcRkoOMw86eBLaqqDmsuEl/RLPo1QMXJ6KYk4UMo
-> ssh-ed25519 7+5K3Q +pDaZv47X000tK1W+2j/8EXlakycO5zR7x7AUfJ4LmI
XkwW2uMN7HRRFhuRdrJElVBJFwyiBd4/UInsJ9xoH6g
-> ssh-ed25519 Ow0TGw 1AakJzOyPpNkWpOSq8+TecnSdWFH1sS70Zcl4YwMSyg
4g/e2PAMWtHgD/ejlZio2hd+kRlcBO4Hih7i1973n2s
-> ssh-ed25519 cEINMA yBiCcMRwa6KmAAUJdhPeayKYYqmW2lLrUDP9JH5TVAc
2Ba4lRQ/rbKSSRbQkunq1l9FbuASbYkaSo+hLEyr+R0
-> ssh-ed25519 qbMKrQ JuE4wL9iuYie2cno9+SRZipNCy/IyjS+6+RXMOFXi10
jIBwICumFSm10F5t3VFdhzl6/Lv211jAZnp72yNtaG0
-> ssh-ed25519 GNZYRg 7e+vuacgxTObvGQToLk/n0yVQ8cpL4h/SLTKtY6HTQU
EoExlKOqtE4wJ2hVBCvYLyecZyW5Ck+LWq99iFth+eA
-> ssh-ed25519 fd/ZLQ eICkKc6DBKBqijQXJMlP3zNR7LLmR3JS+eksVACBGU4
SjEGDhJIMRsEe9EGRW3//zdeyagAVYGls3Nm9Ap9EKc
--- 6p/Szb20erzQyj0bmy2781LdRQHHhG44pylOUlMms40
F$YRDé!Rhþ +º`.~'`±œ½¢àB'œ µ¨Ïv†iî.5“cd$ÆÕ<>=„•¾ûT”Ü uV努\( öFíp§†íüâÀ—ÏÕ„“²×<76>k¢3<>¯+&e9føê´<16>ÀÐÅJ“ÞEÞ”ë~cÏD¢

BIN
secrets/restic-server-local-pass.age Normal file
View file

Binary file not shown.

22
secrets/restic-server-pass.age Normal file
View file

@ -0,0 +1,22 @@
age-encryption.org/v1
-> ssh-ed25519 2P4nKw 9bifvOgrYMg2Fhi0sgXa/qrpfRgGuoG4SU9p1BICkEs
1MSxA7Kyu1KCNQ+LanV8xcS6HM9gZFOOM0t9RjHiHzE
-> ssh-ed25519 6+hQpQ NLvp1THtsHMqGMNr2DjGdnPqQXGWvNY6EbbzUASNKws
3wPnJUnw2JfwInlHVOVtbodDm8Vy4bQ22tGJcuF5v18
-> ssh-ed25519 l/ODWA K0MoTwlMtberAnMoJpQrgY5cLPdOcN07UJiy5glH3Co
Gy+eLnwBk91Sx9LARLgzJljOkGj34eAGOxruCPdHChI
-> ssh-ed25519 7+5K3Q Lj1DYkDIynawk0aOP/BuAHZDSFI3YZif2lZ2/l3y4UI
pwW+MjdBTPlZvUB4J6ATQivbyxjxUtj6R2rxuRYIs0s
-> ssh-ed25519 Ow0TGw odMc/AhI0E9/1ejVf+Vpgqj4e/wadDQ74qB0GLXdugQ
C/SRlcOSWb/MhawMQ3zaCLjlxqKdOhLuqf95GTrhEwI
-> ssh-ed25519 cEINMA cmJECvSXeo/m/GFbgFfDiH4+ywTjIEHFrvjLgUaX+RY
A/zztUB7W0aeVcUkuQkh7RXnPeGaGAgE0PQX3EvAV/8
-> ssh-ed25519 qbMKrQ ev9qGmwgAI2Jx0GQhYphti0OKcRAv/EGyBt5ojunqHg
zfuh0+WDGB/LjHmAd7SOFY5EjQoeYOgS4Z4JE3ikg6M
-> ssh-ed25519 GNZYRg nR1Mcbq961DtSv5wOjIGuY9uT8VmR4LAWjburH6fMC8
4adxy7fGFci7KpUGg0zGOgp/IIwATYc58WJDA2Lu2Bs
-> ssh-ed25519 fd/ZLQ jGg06rq7vZMyg9Qvs1zJ/rnF6clYED03j0tMMFn7G0k
Ku0tq3Z+hKKyMZDYX+N0UyTXtJAJXxLohYKgGCDW/kA
--- fXoZEKdfq3xsOniylAnr63qVkS/LvRJfZu/8+Y0t8qw
nó”1È>3²Ö|Y«9ß«7{‡äó!V
ezq«ó"Å]k(ñEc"䜲Ѷ*Ò]Ä¡kú'Ý ÂIsê¶r¿fª0|#…^¹ÞK»î‰ŒÇ@ä½ÆUšÌ<C5A1>ïÛVTK¦W}ùÆyŠ>Qö¢ƒ­S±'ϼHtÜÕ:fÁ;•§ÆyÂ[Ø¶Í¯íº«`ûÙØH¿û~3¯|Ó!Mˆ[¡‹Â}“<>—|?£Ó†fOcÝÞž}ѵ§È¥u¸crÅdF+ú#UìzßÚ)ðxZHg<48>ÇõŸÀnxÆD¹GÅ`€s«¸.X

22
secrets/restic-server-repo.age Normal file
View file

@ -0,0 +1,22 @@
age-encryption.org/v1
-> ssh-ed25519 2P4nKw QySrledbwALjWMNCtmNB9V4fjT05hih8mhJnULRTXkM
PW0Yk/eXqN57NuWQbuE0kUqJHf8XouODHNwQpeRiEe0
-> ssh-ed25519 6+hQpQ CMIGCb6niVPPKNTVXMjWx0Xrh63X4ucyGXATbPi2JEg
1yUotoIqnzGoX6gJ5/VlWmOXdm1Dt4vqLJrtsg9jlgE
-> ssh-ed25519 l/ODWA X0hBPkxppmofKE1AWUJIKJkDPaclBVbCVGFwVmzWEEQ
fpXHBOfN/B9UDOIJ98r5J4BMYKeEPMXmM+knxkI43kg
-> ssh-ed25519 7+5K3Q QdJv8xbWsQgeQpeVugPyWRS5aNFL+MAKCQsfHutEl3w
FDqXq5t8ElE2tl4WJbcpmJc0YmcrpjYqGX2O8maxHjU
-> ssh-ed25519 Ow0TGw b5LtwpTlb2Hs9dtg8Uth1UIqNdRK+Nj+XsAApfsrbwE
lThcDeUMW49n6crw02xnh2HzZ74icKUdF6bdqxqqY24
-> ssh-ed25519 cEINMA aLfXjPsQIJby0CZgYDoA4WPL1b0e69SPe72Z4p6f/1A
lyT+Q6C3kPERXMepNmwoy0tAvLk6qdxUuQoV31KMEfo
-> ssh-ed25519 qbMKrQ LehmoKiFc4HPA23gx4V9UJiinnm3Ei91BmB+EKgY0Gg
XIf9trBywVNsoIqAT1XtVqKi0WZzJ8iruGSxjE8zIiU
-> ssh-ed25519 GNZYRg W4t6E8lEGhYTDepNdpQz8pch2Lm48xFUuntWoDGeJys
19OD++WOzru7sR5kkNVKmdnhMc0VXKrP2LLpvsxJxZE
-> ssh-ed25519 fd/ZLQ Dteel22OzKqmx3uwIACayU2Ph+iUoZGbF1bReGW06lk
iaxcz6F607Xm5bG+ax2TRnvjgl6Kv/dE6VWJxEEzeos
--- +2gjtn4rTs6lwr04qBfQQ7vaYaxdk4zF/wdcCYQtmkM
!óò¼n½8
GúÖ¯ï'7L´J<ÜûØx6dŽ]`AdSsÐ?XVJx@±\~òsÆ Èy^¡ý@é2-|:y㮫v<C2AB>/ÄÚÀeûnc=Ð<>}»O¬Õ€m<E282AC>ø«Ã]J‰j^‘“

4
secrets/secrets.nix
View file

@ -33,4 +33,8 @@ in {
"restic-backblaze-pass.age".publicKeys = systems ++ users; "restic-backblaze-pass.age".publicKeys = systems ++ users;
"restic-backblaze-repo.age".publicKeys = systems ++ users; "restic-backblaze-repo.age".publicKeys = systems ++ users;
"restic-backblaze-env.age".publicKeys = systems ++ users; "restic-backblaze-env.age".publicKeys = systems ++ users;
"restic-server-local-pass.age".publicKeys = systems ++ users;
"restic-server-pass.age".publicKeys = systems ++ users;
"restic-server-repo.age".publicKeys = systems ++ users;
"restic-server-env.age".publicKeys = systems ++ users;
} }