From 36a21d12577c4df22b9bab413938b7d861f2e163 Mon Sep 17 00:00:00 2001 From: fwastring Date: Fri, 6 Mar 2026 11:16:39 +0100 Subject: [PATCH] added some more stuff --- maskiner/core/configuration.nix | 15 +++++++++++++++ moduler/dev.nix | 14 ++++++++++++-- moduler/fish.nix | 1 + moduler/programs.nix | 3 +++ moduler/programs/kubernetes-tools.nix | 6 ++++-- moduler/tmux.nix | 19 +++++++++++-------- root_ca.crt | 11 +++++++++++ secrets/sops.yaml | 5 +++-- 8 files changed, 60 insertions(+), 14 deletions(-) create mode 100644 root_ca.crt diff --git a/maskiner/core/configuration.nix b/maskiner/core/configuration.nix index b76e029..6b35beb 100644 --- a/maskiner/core/configuration.nix +++ b/maskiner/core/configuration.nix @@ -54,6 +54,7 @@ in sops.defaultSopsFile = ../../secrets/sops.yaml; sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; sops.secrets.build-service = { }; + sops.secrets.fw-qemu = { }; environment.systemPackages = [ pkgs.cifs-utils ]; @@ -99,6 +100,20 @@ in ]; }; + fileSystems."/mnt/fw-qemu/C" = { + device = "//10.0.2.4/qemu/C$"; + fsType = "cifs"; + options = + let + automount_opts = + "x-systemd.automount,noauto,x-systemd.idle-timeout=60," + + "x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s"; + in + [ + "${automount_opts},credentials=${toString config.sops.secrets.fw-qemu.path},vers=3.0" + ]; + }; + home-manager.extraSpecialArgs = { inherit inputs pkgs; }; home-manager.users.fw = { imports = [ diff --git a/moduler/dev.nix b/moduler/dev.nix index a3a5f3b..f79534b 100644 --- a/moduler/dev.nix +++ b/moduler/dev.nix @@ -3,6 +3,9 @@ pkgs, ... }: +let + azPkgs = inputs.nixpkgs-azure-cli.legacyPackages.${pkgs.stdenv.hostPlatform.system}; +in { environment.systemPackages = with pkgs; [ @@ -11,8 +14,15 @@ gh awscli minio-client - opentofu - azure-cli + opentofu + (azPkgs.azure-cli.withExtensions ( + with azPkgs.azure-cli.extensions; + [ + # aks-preview + # ssh + fzf + ] + )) yq jq git diff --git a/moduler/fish.nix b/moduler/fish.nix index e93c6d0..e898153 100644 --- a/moduler/fish.nix +++ b/moduler/fish.nix @@ -106,6 +106,7 @@ in set -x -U GOPATH $HOME/.go gh completion -s fish > ~/.config/fish/completions/gh.fish set -gx PATH $PATH $HOME/scripts + set -gx PATH $PATH $HOME/.krew/bin set -Ux FZF_DEFAULT_OPTS "${fzfOpts}" ''; diff --git a/moduler/programs.nix b/moduler/programs.nix index 0524d24..eaebc67 100644 --- a/moduler/programs.nix +++ b/moduler/programs.nix @@ -73,6 +73,9 @@ speedcrunch wayland-bongocat opencode + quickemu + virt-viewer + go-passbolt-cli dbeaver-bin ( diff --git a/moduler/programs/kubernetes-tools.nix b/moduler/programs/kubernetes-tools.nix index bc5444d..010e769 100644 --- a/moduler/programs/kubernetes-tools.nix +++ b/moduler/programs/kubernetes-tools.nix @@ -12,7 +12,7 @@ config = lib.mkIf config.kubernetes-tools.enable { environment.systemPackages = with pkgs; [ kubectl - krew + krew # buildkit argocd # containerd @@ -26,8 +26,10 @@ helm-git ]; }) - # k3sup ]; + environment.variables = { + KREW_ROOT = "$HOME/.krew"; + }; }; } diff --git a/moduler/tmux.nix b/moduler/tmux.nix index 9212fcb..02506a3 100644 --- a/moduler/tmux.nix +++ b/moduler/tmux.nix @@ -1,5 +1,6 @@ { pkgs, inputs, ... }: { +home.packages = [ pkgs.copyq ]; programs.tmux = { enable = true; mouse = true; @@ -11,24 +12,26 @@ plugins = with pkgs; [ tmuxPlugins.sensible tmuxPlugins.pain-control - tmuxPlugins.session-wizard tmuxPlugins.logging tmuxPlugins.resurrect tmuxPlugins.continuum tmuxPlugins.open + tmuxPlugins.tmux-fzf { plugin = inputs.minimal-tmux.packages.${pkgs.stdenv.hostPlatform.system}.default; } ]; extraConfig = '' - set -g set-clipboard on + set -g set-clipboard on - set -g base-index 1 - set-window-option -g pane-base-index 1 + set -g base-index 1 + set-window-option -g pane-base-index 1 - set-window-option -g mode-keys vi + set-window-option -g mode-keys vi - bind-key -T copy-mode-vi v send-keys -X begin-selection - bind -T copy-mode-vi y send-keys -X copy-pipe-and-cancel 'xclip -in -selection clipboard' - bind -T copy-mode-vi MouseDragEnd1Pane send-keys -X copy-pipe-and-cancel "xclip -i -f -selection primary | xclip -i -selection clipboard" + bind-key -T copy-mode-vi v send-keys -X begin-selection + bind -T copy-mode-vi y send-keys -X copy-pipe-and-cancel 'xclip -in -selection clipboard' + bind -T copy-mode-vi MouseDragEnd1Pane send-keys -X copy-pipe-and-cancel "xclip -i -f -selection primary | xclip -i -selection clipboard" + + bind-key -T prefix T display-popup -E -h "40%" -w "80%" ~/.nix-profile/share/tmux-plugins/session-wizard/bin/t set -g @continuum-restore 'on' diff --git a/root_ca.crt b/root_ca.crt new file mode 100644 index 0000000..c663d5d --- /dev/null +++ b/root_ca.crt @@ -0,0 +1,11 @@ +-----BEGIN CERTIFICATE----- +MIIBozCCAUmgAwIBAgIQQ2MDZa+mQZSTrbCWcL7n9TAKBggqhkjOPQQDAjAwMRIw +EAYDVQQKEwlpZmFjdHMtY2ExGjAYBgNVBAMTEWlmYWN0cy1jYSBSb290IENBMB4X +DTI2MDEyODEwMjgxMVoXDTM2MDEyNjEwMjgxMVowMDESMBAGA1UEChMJaWZhY3Rz +LWNhMRowGAYDVQQDExFpZmFjdHMtY2EgUm9vdCBDQTBZMBMGByqGSM49AgEGCCqG +SM49AwEHA0IABExdoMXQswrSmwJOMhtZ1S9eKszlcBMLitUKIdbtWkW+lTOuiuWr +dYY3evg0cMCkujkxgax5GyXtjhhESkYA/gijRTBDMA4GA1UdDwEB/wQEAwIBBjAS +BgNVHRMBAf8ECDAGAQH/AgEBMB0GA1UdDgQWBBRVgDkzcoTuUUNhVHJ35XNKw80W +ZDAKBggqhkjOPQQDAgNIADBFAiAaUVBcKf/bFdvqs4Q1YWDVrIz6+B71NcUz/iQd +owJe5QIhANY9JCU3BR3M/Ca+BNmDyQpqXCs7yz36N8hoqlmKtC/3 +-----END CERTIFICATE----- diff --git a/secrets/sops.yaml b/secrets/sops.yaml index 6ba2171..4477c44 100644 --- a/secrets/sops.yaml +++ b/secrets/sops.yaml @@ -10,6 +10,7 @@ user-password: ENC[AES256_GCM,data:cngHqB2IQXVvSMwm5KJeq6wOQMQ4z/DWap3YMyahq2fz8 immich-secrets-file: ENC[AES256_GCM,data:aUSQr5k7uqZzBvpSAFgpfStcuEPbf3U2GED+biU56UBi02MgQzckmK4kKJ7XIF6UyBvxLw==,iv:mep3JNp86YjsIJSONYNLeEYsSN/ERao7hs7O5cnHF9s=,tag:m6sulZTYMnTpxgPGFXITTg==,type:str] paperless-admin-password: ENC[AES256_GCM,data:Aup5T7pMptHT6z7Uqzd9I4EMaG4sbPNC9bVj+muTowkNKAr3nMOOXaAL4wgy00UI9u4KdZzQ/hyrYMMT,iv:VaR7OK8CEC3VlSbGvLIihX15fQQ7H/PyWZcp7nifOAg=,tag:G4DNgqjbZYaeSmj8vmT5IA==,type:str] build-service: ENC[AES256_GCM,data:4I1iPfdc5mbzGIYCVEtTZW0/MvLwUyEb2uaDERaApYMOVB3iSVNx+fyhxRokaQ==,iv:zAfFGFJdj6TvkS4D9qtRhYtPcvhNqv98Dmzp0TKVp+4=,tag:bWrUbEleOVq01eeKYvq7rw==,type:str] +fw-qemu: ENC[AES256_GCM,data:TxbilLf79+gieY3WbAGl175aTUVjIc6rlKfYTy8Usmw=,iv:WCvfZctBVCSPwoCXMDoSroNt+kakGke5r0pFOSAMPgo=,tag:qY0HxicfypO15CozZ2fcoQ==,type:str] sops: age: - recipient: age1jeyw96795qu52swmtkjqgr2w3g4vxc43ckc5r4hlwpje23ptnfwsheah0s @@ -57,7 +58,7 @@ sops: dFZ3T3VUeHVnVThadHVQaVJCNkdZeDQK99L7CbBbklUUtanyFIOiCzO3hZP1mh3z ZZhhr6BCcHBbqzLaRLbT27BTCoNuGsXxyzW6tpXYacYuITkcFq9bOQ== -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-12-30T12:32:36Z" - mac: ENC[AES256_GCM,data:4uQBw966lOw1/NBi5LCuKEs5chGQvRtbVjJijF/504go5GsGVcrCOvoedwZzM2ui5GYecrmIKWThjRxT9DLYkzb+8BOF7sWKRwjQq2g/3Ew1UnqDJC+uiTvHSq2QzB/B5tD3astQyo8Y7JryHDZDVIvYano+gijIzQgFNeAVgQU=,iv:xucBautLNDbMD/KXryRdcW1I8Ui30ANloShQ3OjKFLI=,tag:estaWlGhl9R+vlSWxa79jA==,type:str] + lastmodified: "2026-02-19T10:11:05Z" + mac: ENC[AES256_GCM,data:I6wKjKoYp1MxO/5kLBiiETJWlDHcuqtLFU4ZlzPHqS3MuOCh0958Zlzv0R6vz5piREqEoiFFPb2O4VROMMXK+xKXTzO5us0j9OYfPi5J/8J0g085QCKqO4nnpyb/CxSMoHJ2+BTfmyhbAwqmXe7jo0ylOU/gFfx9fIt6ewD0LjI=,iv:+My8r7y4FhFQnOx7wNQGJ9Cd4vk7CzxUJv7xnJoPyXE=,tag:eywhbOfjOp940jem30YMVQ==,type:str] unencrypted_suffix: _unencrypted version: 3.11.0