This file doesn't contain any secrets at all, it's just miscellaneous public data that I need to be able to access from many places.
It also contains public SSH keys for all the systems I have and care about, but also for trusted users that should have access to accounts on different systems. This becomes a central place to manage said keys for said users.
Private laptop, deployed like a normal NixOS system using
nixos-rebuild to build new generations. ZFS snapshots are pushed
from this system to server-main-elis whenever this system is online.
Work laptop, deployed like a normal NixOS system using nixos-rebuild
to build new generations. ZFS snapshots are pushed from this system to
server-main-elis whenever this system is online.
Home file server, deployed using deploy .#server-main-elis. Also
used as build machines for the laptops. It's also my primary location
to store ZFS snapshots that I backup from all of the other systems. It
runs home assistant and some other things.
On location server for http://speliarvika.se, will be used for LAN cache among other things.
System that runs Gitea, ip.failar.nu, and a
Matrix home server among some other things. Deployed using deploy .#vps06.
If you're adventurous and want to run a clone of my configuration from a live-iso, it can be built locally:
nix build github:etu/nixconfig#isoThis directory contains a whole bunch of modules that I've come up with to make it easier for me to quickly configure multiple systems to do similar things. So I've made my own modules with my own options.
Here's things like Emacs, home-manager, sway configuration, the list goes on.
This is the directory with real secrets managed with agenix which age encrypt files using the public SSH keys for my users on my primary laptops and the public SSH-key on the host of intended use. This way I can see, edit and update encryption keys on my primary laptops and commit these files to the repository. But then also the target system of intended use can decrypt it with it's stateful private SSH key.