From 9a8bf34a56e087cb4457650dd61152b92aefdbcc Mon Sep 17 00:00:00 2001 From: Henry-Hiles Date: Sat, 22 Mar 2025 17:47:21 -0400 Subject: [PATCH] Use agenix for password --- flake.lock | 77 ++--------------------------- modules/common-desktop/pipewire.nix | 1 - modules/common/quadradical.nix | 7 --- modules/common/users.nix | 14 ++++++ secrets/foo.age | 5 -- secrets/password.age | 5 ++ 6 files changed, 23 insertions(+), 86 deletions(-) delete mode 100644 modules/common/quadradical.nix create mode 100644 modules/common/users.nix delete mode 100644 secrets/foo.age create mode 100644 secrets/password.age diff --git a/flake.lock b/flake.lock index c2b784d..05bf315 100644 --- a/flake.lock +++ b/flake.lock @@ -160,24 +160,6 @@ } }, "flake-parts": { - "inputs": { - "nixpkgs-lib": "nixpkgs-lib" - }, - "locked": { - "lastModified": 1741352980, - "narHash": "sha256-+u2UunDA4Cl5Fci3m7S643HzKmIDAe+fiXrLqYsR2fs=", - "owner": "hercules-ci", - "repo": "flake-parts", - "rev": "f4330d22f1c5d2ba72d3d22df5597d123fdb60a9", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "flake-parts", - "type": "github" - } - }, - "flake-parts_2": { "inputs": { "nixpkgs-lib": [ "stylix", @@ -363,57 +345,7 @@ "type": "github" } }, - "nix-gaming": { - "inputs": { - "flake-parts": "flake-parts", - "nixpkgs": "nixpkgs" - }, - "locked": { - "lastModified": 1742262357, - "narHash": "sha256-6JGR5I4cuFFun3AJKPnMPz6PKUPywIH+AFYROUFRvYQ=", - "owner": "fufexan", - "repo": "nix-gaming", - "rev": "53eda8bba79a2c28782734bca51d70ecffb82d74", - "type": "github" - }, - "original": { - "owner": "fufexan", - "repo": "nix-gaming", - "type": "github" - } - }, "nixpkgs": { - "locked": { - "lastModified": 1741865919, - "narHash": "sha256-4thdbnP6dlbdq+qZWTsm4ffAwoS8Tiq1YResB+RP6WE=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "573c650e8a14b2faa0041645ab18aed7e60f0c9a", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixpkgs-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs-lib": { - "locked": { - "lastModified": 1740877520, - "narHash": "sha256-oiwv/ZK/2FhGxrCkQkB83i7GnWXPPLzoqFHpDD3uYpk=", - "owner": "nix-community", - "repo": "nixpkgs.lib", - "rev": "147dee35aab2193b174e4c0868bd80ead5ce755c", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "nixpkgs.lib", - "type": "github" - } - }, - "nixpkgs_2": { "locked": { "lastModified": 1742288794, "narHash": "sha256-Txwa5uO+qpQXrNG4eumPSD+hHzzYi/CdaM80M9XRLCo=", @@ -429,7 +361,7 @@ "type": "github" } }, - "nixpkgs_3": { + "nixpkgs_2": { "locked": { "lastModified": 1741513245, "narHash": "sha256-7rTAMNTY1xoBwz0h7ZMtEcd8LELk9R5TzBPoHuhNSCk=", @@ -447,7 +379,7 @@ }, "nur": { "inputs": { - "flake-parts": "flake-parts_2", + "flake-parts": "flake-parts", "nixpkgs": [ "stylix", "nixpkgs" @@ -494,8 +426,7 @@ "agenix": "agenix", "firefox-gnome-theme": "firefox-gnome-theme", "home-manager": "home-manager_2", - "nix-gaming": "nix-gaming", - "nixpkgs": "nixpkgs_2", + "nixpkgs": "nixpkgs", "programsdb": "programsdb", "stylix": "stylix", "wrapper-manager": "wrapper-manager" @@ -513,7 +444,7 @@ "git-hooks": "git-hooks", "gnome-shell": "gnome-shell", "home-manager": "home-manager_3", - "nixpkgs": "nixpkgs_3", + "nixpkgs": "nixpkgs_2", "nur": "nur", "systems": "systems_2", "tinted-foot": "tinted-foot", diff --git a/modules/common-desktop/pipewire.nix b/modules/common-desktop/pipewire.nix index baf4b0f..57cfa56 100644 --- a/modules/common-desktop/pipewire.nix +++ b/modules/common-desktop/pipewire.nix @@ -8,7 +8,6 @@ support32Bit = true; }; pulse.enable = true; - lowLatency.enable = true; }; }; } diff --git a/modules/common/quadradical.nix b/modules/common/quadradical.nix deleted file mode 100644 index 44a34bb..0000000 --- a/modules/common/quadradical.nix +++ /dev/null @@ -1,7 +0,0 @@ -{ - users.users.quadradical = { - isNormalUser = true; - description = "QuadRadical"; - extraGroups = ["wheel"]; - }; -} diff --git a/modules/common/users.nix b/modules/common/users.nix new file mode 100644 index 0000000..8fb8132 --- /dev/null +++ b/modules/common/users.nix @@ -0,0 +1,14 @@ +{config, ...}: { + users = { + mutableUsers = false; + users = { + root.hashedPasswordFile = config.age.secrets."password.age".path; + quadradical = { + isNormalUser = true; + hashedPasswordFile = config.age.secrets."password.age".path; + description = "QuadRadical"; + extraGroups = ["wheel"]; + }; + }; + }; +} diff --git a/secrets/foo.age b/secrets/foo.age deleted file mode 100644 index ebf037e..0000000 --- a/secrets/foo.age +++ /dev/null @@ -1,5 +0,0 @@ -age-encryption.org/v1 --> ssh-ed25519 VKQUdQ V568wRYo550DS5oiEYb/19nR1mwz4XIBlkbuqKb9YiI -hh/6uj6bfMqEvWaWD+kqwXiuyKaXvn9XJF4T6EICCrg ---- fP66DGtL4VsWF3L8VCRn3lxfd0DQJqupcJvq0QyeOrk -1a=_zxcnata ՟ \ No newline at end of file diff --git a/secrets/password.age b/secrets/password.age new file mode 100644 index 0000000..0ae0f9e --- /dev/null +++ b/secrets/password.age @@ -0,0 +1,5 @@ +age-encryption.org/v1 +-> ssh-ed25519 VKQUdQ bgv7ItuDld87O5eehkMRFoAhjl1xDJ9qIKxjDfVOBH4 +ykJ5KMS+U3KJnbiiK50QJXUYfcvVN0xACo9cU2o0mYc +--- tDNTCrniH/S5YJ0JtM0Z62eBuiK5Ki97kWFYjv+w2+k +!(rҴ9MQq`*-b0h{ɸ)XuW ԽeHACjyI0IE P@_H[Bpϱ?6|Hl7RNR̋85㸁Y6c1:t^1l \ No newline at end of file