From 1f8f5e565b8049082431c53361703f59466924d4 Mon Sep 17 00:00:00 2001 From: Tyler Starr Date: Tue, 19 Sep 2023 18:00:34 -0700 Subject: [PATCH 1/5] fix config for bulwark --- provision/nixos/hosts/bulwark/configuration.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/provision/nixos/hosts/bulwark/configuration.nix b/provision/nixos/hosts/bulwark/configuration.nix index 1b6711d8..26994e8d 100644 --- a/provision/nixos/hosts/bulwark/configuration.nix +++ b/provision/nixos/hosts/bulwark/configuration.nix @@ -54,7 +54,6 @@ users.users.${user} = { isNormalUser = true; extraGroups = [ "wheel" "docker" ]; # Enable ‘sudo’ for the user. - shell = pkgs.zsh; }; # List packages installed in system profile. From 3833669402e8eff9520c9c5e3c9315cb337ffc98 Mon Sep 17 00:00:00 2001 From: Tyler Starr Date: Sun, 8 Oct 2023 00:35:05 -0700 Subject: [PATCH 2/5] allow vpn clients to access samba --- provision/nixos/hosts/torus/samba-server.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/provision/nixos/hosts/torus/samba-server.nix b/provision/nixos/hosts/torus/samba-server.nix index 015086ba..b5a9d67c 100644 --- a/provision/nixos/hosts/torus/samba-server.nix +++ b/provision/nixos/hosts/torus/samba-server.nix @@ -7,7 +7,7 @@ server string = smbnix netbios name = smbnix security = user - hosts allow = 192.168.1. 127.0.0.1 localhost + hosts allow = 192.168.2. 192.168.1. 127.0.0.1 localhost hosts deny = 0.0.0.0/0 guest account = nobody map to guest = bad user From b60d3514c8b2205faf6b0e474adbdb0f4f92e9c3 Mon Sep 17 00:00:00 2001 From: Tyler Starr Date: Sun, 8 Oct 2023 10:05:31 -0700 Subject: [PATCH 3/5] add favorite apps to bar in gnome --- provision/nixos/hosts/bulwark/steam-deck.nix | 6 +++++- provision/nixos/modules/devel/notes.nix | 1 + 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/provision/nixos/hosts/bulwark/steam-deck.nix b/provision/nixos/hosts/bulwark/steam-deck.nix index cfc9142d..91586b94 100644 --- a/provision/nixos/hosts/bulwark/steam-deck.nix +++ b/provision/nixos/hosts/bulwark/steam-deck.nix @@ -37,7 +37,11 @@ screen-keyboard-enabled = true; }; "org/gnome/shell" = { - favorite-apps = ["steam.desktop"]; + favorite-apps = [ + "steam.desktop" + "org.gnome.Console.desktop" + "chromium-browser.desktop" + ]; }; }; }; diff --git a/provision/nixos/modules/devel/notes.nix b/provision/nixos/modules/devel/notes.nix index 4b775575..8611b9fe 100644 --- a/provision/nixos/modules/devel/notes.nix +++ b/provision/nixos/modules/devel/notes.nix @@ -13,6 +13,7 @@ in { zk # for zk bat + fzf ]; }; } From bbbcc13cc1d484b9ebbb027c920684a377a7d133 Mon Sep 17 00:00:00 2001 From: Tyler Starr Date: Sun, 8 Oct 2023 10:18:05 -0700 Subject: [PATCH 4/5] add keys for bulwark --- home/private_dot_wireguard/bulwark.pub | 1 + home/private_dot_wireguard/bulwark.tmpl | 1 + 2 files changed, 2 insertions(+) create mode 100644 home/private_dot_wireguard/bulwark.pub create mode 100644 home/private_dot_wireguard/bulwark.tmpl diff --git a/home/private_dot_wireguard/bulwark.pub b/home/private_dot_wireguard/bulwark.pub new file mode 100644 index 00000000..18151923 --- /dev/null +++ b/home/private_dot_wireguard/bulwark.pub @@ -0,0 +1 @@ +CDoy/XI8FRQV/ySHigLWG2tpWVw8hgEZXRQCEE3qYHQ= diff --git a/home/private_dot_wireguard/bulwark.tmpl b/home/private_dot_wireguard/bulwark.tmpl new file mode 100644 index 00000000..6aaf4465 --- /dev/null +++ b/home/private_dot_wireguard/bulwark.tmpl @@ -0,0 +1 @@ +{{ (secret "Wireguard - Bulwark Secret" "NOTES") }} From 4f850e9a3a035b41babca9804d54c290bdb36351 Mon Sep 17 00:00:00 2001 From: Tyler Starr Date: Sun, 8 Oct 2023 10:29:38 -0700 Subject: [PATCH 5/5] addd Bulwark wireguard --- .../nixos/hosts/bulwark/configuration.nix | 24 ++++++++++++------- 1 file changed, 15 insertions(+), 9 deletions(-) diff --git a/provision/nixos/hosts/bulwark/configuration.nix b/provision/nixos/hosts/bulwark/configuration.nix index 26994e8d..9614c336 100644 --- a/provision/nixos/hosts/bulwark/configuration.nix +++ b/provision/nixos/hosts/bulwark/configuration.nix @@ -53,7 +53,7 @@ # Define user account. users.users.${user} = { isNormalUser = true; - extraGroups = [ "wheel" "docker" ]; # Enable ‘sudo’ for the user. + extraGroups = [ "dialout" "wheel" "docker" "libvirtd" ]; # Enable ‘sudo’ for the user. }; # List packages installed in system profile. @@ -67,28 +67,34 @@ # Enable modules modules = { desktop = { - #sway.enable = true; + sway.enable = false; }; devel = { - #engineering.enable = true; + engineering.enable = false; notes.enable = true; - #python.enable = true; - #tooling.enable = true; + python.enable = false; + tooling.enable = false; }; gaming = { steam.enable = true; }; services = { - #jellyfin.enable = true; - #peripherals.enable = true; + jellyfin.enable = false; + peripherals.enable = false; samba-client.enable = true; - #samba-server.enable = true; syncthing.enable = true; - #virt-manager.enable = true; + virt-manager.enable = false; }; system = { ssh.enable = true; terminal.enable = true; + wireguard-client = { + enable = true; + privateKeyFile = "/home/${user}/.wireguard/bulwark"; + address = [ "192.168.2.4/24" ]; + publicKey = "bd7bbZOngl/FTdBlnbIhgCLNf6yx5X8WjiRB7E1NEQQ="; + endpoint = "66.218.43.87"; + }; }; }; # Did you read the comment?