pederbs/config
pederbs
/
config
2
1
Fork 0
Code Issues Pull Requests Releases Activity

lots of small fixes

This commit is contained in:
Peder Bergebakken Sundt 2023-02-25 01:29:13 +01:00
parent db4b4d4b45
commit 9b599adc07
16 changed files with 166 additions and 200 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
.editorconfig
View File

@ -1,9 +1,14 @@
# https://EditorConfig.org
root = true
[*]
end_of_line = lf
insert_final_newline = true
[*.nix]
indent_size = 2
indent_style = space
indent_size = 2
[Makefile]
indent_style = tab
[*.py]
indent_size = 4

2
cachix/cuda-maintainers.nix
View File

@ -1,4 +1,4 @@
# via https://nixos.wiki/wiki/CUDA
{
nix = {
settings = {

121
configuration.nix
View File

@ -25,8 +25,11 @@
nix.gc.options = "--delete-older-than 30d";
imports = [
./hardware-configuration.nix # results of hardware scan
./cachix.nix
(if builtins.pathExists ./hardware-configuration.nix
then ./hardware-configuration.nix # results of hardware scan
else {}
)
./profiles/web
./profiles/web/index
@ -67,10 +70,11 @@
./profiles/web/linktree-pbsds
./profiles/web/refleksjon-no
./profiles/web/roroslyd-no
./profiles/web/trivial-gradios
./profiles/web/censordodge
./profiles/web/openspeedtest
#./profiles/web/trivial-gradios
#./profiles/web/censordodge
#./profiles/web/openspeedtest
./profiles/domeneshop-dyndns # TODO: olavtr is hardcoded...
./profiles/code-remote
./profiles/remote-builders #
./profiles/nfs/reidun.nix # NFS mounts
@ -78,23 +82,19 @@
#./profiles/xrdp
./users
#./users/pbsds # todo: <- make this possible
# How to override package used by module
# https://github.com/NixOS/nixpkgs/issues/55366
# TODO: move to where relevant
<nixos-unstable/nixos/modules/services/misc/jellyfin.nix>
<nixos-unstable/nixos/modules/services/web-apps/invidious.nix>
#./users/pbsds
./users/all.nix
];
disabledModules = [
"services/misc/jellyfin.nix"
"services/web-apps/invidious.nix"
];
services.jellyfin.package = pkgs.unstable.jellyfin;
services.invidious.package = pkgs.unstable.invidious;
# TODO: remove? Move to where relevant
nixpkgs.overlays = [ (import ./overlays) ];
nixpkgs.overlays = [
/** /
(final: prev: {
mapcrafter = prev.callPackage /home/pbsds/repos/nixpkgs-mapcrafter/pkgs/tools/games/minecraft/mapcrafter/default.nix { };
mapcrafter-world112 = prev.callPackage /home/pbsds/repos/nixpkgs-mapcrafter/pkgs/tools/games/minecraft/mapcrafter/default.nix { world="world112"; };
})
/**/
];
# Allow unstable packages.
nixpkgs.config.packageOverrides = pkgs: {
@ -131,13 +131,10 @@
# Virtualization
#services.docker.enable = true;
virtualisation = {
podman.enable = true;
# TODO: are these default since 22.11?
podman.dockerCompat = true; # alias docker to podman
oci-containers.backend = "podman";
};
virtualisation.podman.enable = true;
# TODO: are these default since 22.11?
virtualisation.podman.dockerCompat = true; # alias docker to podman
virtualisation.oci-containers.backend = "podman";
# Networking
@ -174,26 +171,22 @@
#networking.firewall.allowedUDPPorts = [ ... ];
# Time zone and internationalisation properties.
time.timeZone = "Europe/Oslo";
i18n.defaultLocale = "en_US.utf8";
i18n.extraLocaleSettings = {
LC_ADDRESS = "nb_NO.utf8";
LC_IDENTIFICATION = "nb_NO.utf8";
LC_MEASUREMENT = "nb_NO.utf8";
LC_MONETARY = "nb_NO.utf8";
LC_NAME = "nb_NO.utf8";
LC_NUMERIC = "nb_NO.utf8";
LC_PAPER = "nb_NO.utf8";
LC_TELEPHONE = "nb_NO.utf8";
LC_TIME = "nb_NO.utf8";
};
services.xserver.layout = "no";
i18n.extraLocaleSettings.LC_ADDRESS = "nb_NO.utf8";
i18n.extraLocaleSettings.LC_IDENTIFICATION = "nb_NO.utf8";
i18n.extraLocaleSettings.LC_MEASUREMENT = "nb_NO.utf8";
i18n.extraLocaleSettings.LC_MONETARY = "nb_NO.utf8";
i18n.extraLocaleSettings.LC_NAME = "nb_NO.utf8";
i18n.extraLocaleSettings.LC_NUMERIC = "nb_NO.utf8";
i18n.extraLocaleSettings.LC_PAPER = "nb_NO.utf8";
i18n.extraLocaleSettings.LC_TELEPHONE = "nb_NO.utf8";
i18n.extraLocaleSettings.LC_TIME = "nb_NO.utf8";
console.keyMap = "no";
services.xserver.layout = "no";
services.xserver.xkbVariant = "";
console.keyMap = "no";
# Installed system packages
@ -264,7 +257,7 @@
glances
zenith
fzf
tealdeer #tldr
tealdeer # tldr
entr
axel aria
bat
@ -278,7 +271,7 @@
htmlq
sysz
du-dust # du alternative
ncdu # Disk usage analyzer with an ncurses interface
ncdu # Disk usage analyzer with an ncurses interface
gh
hub
@ -294,7 +287,8 @@
];
# TODO: make this root only?
# TODO: somehow make this root only?
# TODO: zsh
programs.bash.shellInit = ''
if command -v fzf-share >/dev/null; then
source "$(fzf-share)/key-bindings.bash"
@ -304,7 +298,7 @@
# TODO: make this root only?
programs.bash.shellAliases."ed" = "micro"; # TODO: ${EDITOR:-micro}
environment.variables."EDITOR" = "micro";
environment.variables."EDITOR" = "micro";
# TODO: remove? Move?
programs.dconf.enable = true;
@ -335,43 +329,6 @@
services.openssh.forwardX11 = true;
# auto domain update
systemd.services.domeneshop-updater = {
description = "domene.shop domain updater";
#after = [ "something?.service" ];
#wants = [ "something?.service" ];
serviceConfig = let
prog = pkgs.writeShellApplication {
name = "domeneshop-dyndns-updater.sh";
runtimeInputs = with pkgs; [ curl yq ];
text = ''
test -s /var/lib/secrets/domeneshop.toml || {
>&2 echo "ERROR: /var/lib/secrets/domeneshop.toml not found!"
exit 1
}
DOMENESHOP_TOKEN="$(tomlq .secrets.DOMENESHOP_TOKEN /var/lib/secrets/domeneshop.toml --raw-output)"
DOMENESHOP_SECRET="$(tomlq .secrets.DOMENESHOP_SECRET /var/lib/secrets/domeneshop.toml --raw-output)"
curl https://"$DOMENESHOP_TOKEN":"$DOMENESHOP_SECRET"@api.domeneshop.no/v0/dyndns/update?hostname=olavtr.pbsds.net
'';
};
in {
User = "domeneshop";
Group = "domeneshop";
DynamicUser = true;
ExecStart = "${prog}/bin/domeneshop-dyndns-updater.sh";
PrivateTmp = true;
};
};
systemd.timers.domeneshop-updater = let interval = "5h"; in {
description = "Update domene.shop every ${interval}";
wantedBy = [ "timers.target" ];
timerConfig = {
OnBootSec = "5m";
OnUnitInactiveSec = interval;
Unit = "domeneshop-updater.service";
};
};
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
@ -380,6 +337,4 @@
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "22.11"; # Did you read the comment?
#system.stateVersion = "22.05"; # Did you read the comment?
}

46
overlays/default.nix
View File

@ -1,46 +0,0 @@
# https://nixos.wiki/wiki/Overlays
let
# WARNING: this works for nixos-rebuild, but not for the nix-build trick shown on the bottom
#testing = import (fetchTarball {
# name = "pr-180823";
# url = "https://github.com/r-ryantm/nixpkgs/archive/cfe56470cb641985d43adba690d5bca5453110fe.tar.gz";
# sha256 = "0rbncjp2a99l6i4z7w2m86l40m33b3dl9qficfny47kqcfpgyx0b";
#}) {
# #config = prev.config;
#};
overridePythonPackages = old: {
overrides = final: prev: {
#pdoc = final.callPackage /home/pbsds/repos/nixpkgs-pdoc/pkgs/development/python-modules/pdoc { };
#domeneshop = final.callPackage /home/pbsds/repos/nixpkgs-domemeshop/pkgs/development/python-modules/domeneshop { };
#shap = final.callPackage /home/pbsds/repos/nixpkgs-catboost/pkgs/development/python-modules/shap { };
#catboost = final.callPackage /home/pbsds/repos/nixpkgs-catboost/pkgs/development/python-modules/catboost { };
analytics-python = final.callPackage /home/pbsds/repos/nixpkgs-gradio/pkgs/development/python-modules/analytics-python { };
ffmpy = final.callPackage /home/pbsds/repos/nixpkgs-gradio/pkgs/development/python-modules/ffmpy { };
markdown-it-py = final.callPackage /home/pbsds/repos/nixpkgs-gradio/pkgs/development/python-modules/markdown-it-py { };
gradio = final.callPackage /home/pbsds/repos/nixpkgs-gradio/pkgs/development/python-modules/gradio { };
trivial-gradios = final.callPackage ./trivial-gradios { };
};
};
in final: prev: {
#rallly = prev.callPackage ./rallly { };
mapcrafter = prev.callPackage /home/pbsds/repos/nixpkgs-mapcrafter/pkgs/tools/games/minecraft/mapcrafter/default.nix { };
mapcrafter-world112 = prev.callPackage /home/pbsds/repos/nixpkgs-mapcrafter/pkgs/tools/games/minecraft/mapcrafter/default.nix { world="world112"; };
#python3.pkgs = prev.python3.pkgs.override overridePythonPackages;
python3Packages = prev.python3Packages.override overridePythonPackages;
}
# How to test:
# nix-build -E 'with import <nixpkgs> { overlays = [ (import ./. ) ]; }; MY_PACKAGE'
# warning: using testing or unstable here (^) will infinitely recurse.

0
overlays/rallly/default.nix
View File

40
profiles/domeneshop-dyndns/default.nix Normal file
View File

@ -0,0 +1,40 @@
{ config, pkgs, lib, ... }:
{
# auto domain update
systemd.services.domeneshop-updater = {
description = "domene.shop domain updater";
#after = [ "something?.service" ];
#wants = [ "something?.service" ];
serviceConfig = let
prog = pkgs.writeShellApplication {
name = "domeneshop-dyndns-updater.sh";
runtimeInputs = with pkgs; [ curl yq ];
text = ''
test -s /var/lib/secrets/domeneshop.toml || {
>&2 echo "ERROR: /var/lib/secrets/domeneshop.toml not found!"
exit 1
}
DOMENESHOP_TOKEN="$( tomlq </var/lib/secrets/domeneshop.toml .secrets.DOMENESHOP_TOKEN --raw-output)"
DOMENESHOP_SECRET="$(tomlq </var/lib/secrets/domeneshop.toml .secrets.DOMENESHOP_SECRET --raw-output)"
curl https://"$DOMENESHOP_TOKEN":"$DOMENESHOP_SECRET"@api.domeneshop.no/v0/dyndns/update?hostname=olavtr.pbsds.net
'';
};
in {
User = "domeneshop";
Group = "domeneshop";
DynamicUser = true;
ExecStart = "${prog}/bin/domeneshop-dyndns-updater.sh";
PrivateTmp = true;
};
};
systemd.timers.domeneshop-updater = let interval = "5h"; in {
description = "Update domene.shop every ${interval}";
wantedBy = [ "timers.target" ];
timerConfig = {
OnBootSec = "5m";
OnUnitInactiveSec = interval;
Unit = "domeneshop-updater.service";
};
};
}

4
profiles/todos.md
View File

@ -1,5 +1 @@
* [ ] mv nas/default.nix nas.nix
* [ ] mv website/default.nix website.nix
* [ ] move each part into web-services, and import them as modules
* [ ] make mkDomain a function
* [ ] make ACME a function

8
profiles/web/invidious/default.nix
View File

@ -3,6 +3,14 @@
# Invidious
# An open source alternative front-end to YouTube
/**/
imports = [
({ disabledModules = [ "services/web-apps/invidious.nix" ]; })
<nixos-unstable/nixos/modules/services/web-apps/invidious.nix>
({ services.invidious.package = pkgs.unstable.invidious; })
];
/**/
services.invidious = {
enable = true;
domain = mkDomain "invidious";

8
profiles/web/jellyfin/default.nix
View File

@ -2,6 +2,14 @@
{
# Jellyfin
/**/
imports = [
({ disabledModules = [ "services/misc/jellyfin.nix" ]; })
<nixos-unstable/nixos/modules/services/misc/jellyfin.nix>
({ services.jellyfin.package = pkgs.unstable.jellyfin; })
];
/**/
services.jellyfin = {
enable = true; # don't enable unless you intend to first-time-setup the admin user
# from https://jellyfin.org/docs/general/networking/index.html:

36
profiles/web/todos.md
View File

@ -1,26 +1,20 @@
* [ ] cryptpad
* [ ] upterm / tmate
* [ ] shlink ?
* [ ] mailcatcher
* configure stuff to send its shit here
# TODO: kukkee or rallly
# https://noted.lol/2-self-hosted-alternatives-to-doodle-meeting-scheduling/
#https://rallly.co/
* [ ] https://noted.lol/2-self-hosted-alternatives-to-doodle-meeting-scheduling/
* [ ] kukkee
* [ ] rallly - https://rallly.co/
* [ ] Rocketchat - A self-hosted discord/slack alternative
* [ ] upterm / tmate - Secure terminal-session sharing
# upterm
# Secure terminal-session sharing
services.uptermd = {
enable = false;
openFirewall = true;
#listenAddress # default is "[::]";
#port = 2222; # default is 2222, uses ssh
#extraFlags
#hostKey = null;
};
# Rocketchat
# A self-hosted discord/slack alternative
# TODO, docker exists, but no nixos module
```
services.uptermd = {
enable = false;
openFirewall = true;
#listenAddress # default is "[::]";
#port = 2222; # default is 2222, uses ssh
#extraFlags
#hostKey = null;
};
```

18
profiles/web/trivial-gradios/default.nix
View File

@ -2,6 +2,24 @@
{
# trivial gradios
/** /
nixpkgs.overlays = [
(final: prev: {
python3Packages = prev.python3Packages.override (old: {
overrides = final: prev: {
#shap = final.callPackage /home/pbsds/repos/nixpkgs-catboost/pkgs/development/python-modules/shap { };
#catboost = final.callPackage /home/pbsds/repos/nixpkgs-catboost/pkgs/development/python-modules/catboost { };
analytics-python = final.callPackage /home/pbsds/repos/nixpkgs-gradio/pkgs/development/python-modules/analytics-python { };
ffmpy = final.callPackage /home/pbsds/repos/nixpkgs-gradio/pkgs/development/python-modules/ffmpy { };
markdown-it-py = final.callPackage /home/pbsds/repos/nixpkgs-gradio/pkgs/development/python-modules/markdown-it-py { };
gradio = final.callPackage /home/pbsds/repos/nixpkgs-gradio/pkgs/development/python-modules/gradio { };
trivial-gradios = final.callPackage ./pkg { };
};
});
})
];
/**/
/** /
systemd.services.trivial-gradios-heritage-graph = {
description = pkgs.python3Packages.trivial-gradios.meta.description;

0
overlays/trivial-gradios/default.nix → profiles/web/trivial-gradios/pkg/default.nix
View File

9
users/all.nix Normal file
View File

@ -0,0 +1,9 @@
{ config, pkgs, lib, ... }:
let
to-import = name: value: ./. + ("/" + name);
filter-users = key: val: val == "directory" && lib.pathExists "${./.}${key}/default.nix";
imports = lib.mapAttrsToList to-import (lib.filterAttrs filter-users (builtins.readDir ./.));
in
{
inherit imports;
}

31
users/default.nix
View File

@ -1,31 +1,6 @@
{ config, pkgs, lib, ... }:
{
# User accounts
# Don't forget to set a password with passwd!
imports = [
<home-manager/nixos>
./pbsds
];
home-manager.useGlobalPkgs = true;
# TODO: nas stuff
# TODO: can uid mapping be done at nfs level?
users.users.pbsds.uid = 1001;
users.groups.pbsds.gid = 1001;
users.users.jornane = {
isNormalUser = true;
uid = 1002;
description = "jornane";
extraGroups = [ "networkmanager" "wheel" ]; # TODO: NAS stuff
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDhGRFktIRrppVVILraEn5eTrANBIBMcpNT4qvNcd7Ut"
"ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAA/UAomSQjOHb4Im0TV70f7Jb/JpsQDd7YKHCXBmjmsrXi2dJVpw/tn+FzP4d2XJXm38hVN89yG+PQwZhf3PSHBaB4DXqFnVLFNWXTRyPPnc1U9uTEvLnZPpVJ/iv2zuS73QHrDcBdIubtdnsr239dJizUJJKwSMHszhOAN4AMYS9WivozdmyS+3o4p8mSp+tOWhq0hmVewnH0teTaHASpvE0V65xW9RGc5AWx0PgkGTXScOOf4/N8oXILn6mepODstlRKCZnBsC/LaXgJsk2+BX/Q/t4V0ytHh9iYblSavNjZZXRvygvkmV/eYAJAJ+igHubs2fEDsXfRj9J0O6JWjAmsELObCYGRbg9QkvaRq5EQgDoSW64iQUmbfB8NmYyXxg4fh0xBUrX87YkYvtHznWzD8hZkqRfj4K9Ixfk1Bsaxb5ubU3/mjGLOpZZ47zEqoen43rUxLq+eeMEQGDbq3mAcA6uX73MvBTzERrfh93rojwlUHEUDoUYyq7aN6Y9vF8/gy3KT2+pvAoUy4NDImSmJTwVcFJ+qUsAaGMECKiznte3Qn8TiD5G9nqeqCoA9edegM2N0z+ovsiXRxVqQDPh3cz/VPSsTKa8jNxhFpw4Q6KzDrtQOKXDkrhSKTxozVLYw2rYCkd2odOhjIJiN63UTNSm2z37ckKbOCqDy6LwW2ls4OzH/LOz2QDkMCwe7MYMrC66wanDhsRUZwlbSEs8aB25NB6OGg61hId3SLS8HzJ+4dmbHhciZm0oJlKRSMAqMLO6o9OVguJOl1td71rhnqAbp4UuaMqm5Zzut1ET+zkYB4t2voTuMhSrEJn1RS4hxR2rWt5jF9Nn67Mu70c0K2DE7FXqldGALC87GO7PHLTnNRg3o8FCkmVYlHNUEqHR56Incg5sC6KS9G1RL3KEHzjgzz8RjFXR5p1Qj+ZZjObVuENdWuqk7gQaxsyocCCB4pbBtF9AYDOIIGCn8rJSKUFvD8KIaTpWFsFoUXanSnAiSCT98GhfIBLbgAt4yJmegRKOML/cxplCh0z9MkNlfPdVU+LI/2RSj3NJpxd/KuR1l73IpgVNcbumXefAY95ztB/w067ZHCFlO0r+Q42NacthsMDc4Ffd+grLpo7KSmDRc+L9YdRNDgLZMbfIimHYIRRMdvEMEICXe1tUvtKBSfU1goTSXXYK2fLOBfOFIXCQponfgZ04klRjgpzCtv8juCOOrHU6r/FpIRkDNbwjWm9i8yBacZGT30bwjK8UW6JSFvDDu747f0ztKyQew8hEivOyqGDwZyrhFImasulsS0/7DB07oUQtaXJ7J8ucGsarttt02D6K8yuCh5bqEVk5Fy4Xlw=="
];
};
imports = [ <home-manager/nixos> ];
home-manager.useGlobalPkgs = true; # brrr
# When adding a new user accounts: Don't forget to set a password with passwd!
}

14
users/jornane/default.nix Normal file
View File

@ -0,0 +1,14 @@
{ config, pkgs, lib, ... }:
{
users.users.jornane = {
isNormalUser = true;
uid = 1002;
description = "jornane";
extraGroups = [ "networkmanager" "wheel" ]; # TODO: NAS stuff
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDhGRFktIRrppVVILraEn5eTrANBIBMcpNT4qvNcd7Ut"
"ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAA/UAomSQjOHb4Im0TV70f7Jb/JpsQDd7YKHCXBmjmsrXi2dJVpw/tn+FzP4d2XJXm38hVN89yG+PQwZhf3PSHBaB4DXqFnVLFNWXTRyPPnc1U9uTEvLnZPpVJ/iv2zuS73QHrDcBdIubtdnsr239dJizUJJKwSMHszhOAN4AMYS9WivozdmyS+3o4p8mSp+tOWhq0hmVewnH0teTaHASpvE0V65xW9RGc5AWx0PgkGTXScOOf4/N8oXILn6mepODstlRKCZnBsC/LaXgJsk2+BX/Q/t4V0ytHh9iYblSavNjZZXRvygvkmV/eYAJAJ+igHubs2fEDsXfRj9J0O6JWjAmsELObCYGRbg9QkvaRq5EQgDoSW64iQUmbfB8NmYyXxg4fh0xBUrX87YkYvtHznWzD8hZkqRfj4K9Ixfk1Bsaxb5ubU3/mjGLOpZZ47zEqoen43rUxLq+eeMEQGDbq3mAcA6uX73MvBTzERrfh93rojwlUHEUDoUYyq7aN6Y9vF8/gy3KT2+pvAoUy4NDImSmJTwVcFJ+qUsAaGMECKiznte3Qn8TiD5G9nqeqCoA9edegM2N0z+ovsiXRxVqQDPh3cz/VPSsTKa8jNxhFpw4Q6KzDrtQOKXDkrhSKTxozVLYw2rYCkd2odOhjIJiN63UTNSm2z37ckKbOCqDy6LwW2ls4OzH/LOz2QDkMCwe7MYMrC66wanDhsRUZwlbSEs8aB25NB6OGg61hId3SLS8HzJ+4dmbHhciZm0oJlKRSMAqMLO6o9OVguJOl1td71rhnqAbp4UuaMqm5Zzut1ET+zkYB4t2voTuMhSrEJn1RS4hxR2rWt5jF9Nn67Mu70c0K2DE7FXqldGALC87GO7PHLTnNRg3o8FCkmVYlHNUEqHR56Incg5sC6KS9G1RL3KEHzjgzz8RjFXR5p1Qj+ZZjObVuENdWuqk7gQaxsyocCCB4pbBtF9AYDOIIGCn8rJSKUFvD8KIaTpWFsFoUXanSnAiSCT98GhfIBLbgAt4yJmegRKOML/cxplCh0z9MkNlfPdVU+LI/2RSj3NJpxd/KuR1l73IpgVNcbumXefAY95ztB/w067ZHCFlO0r+Q42NacthsMDc4Ffd+grLpo7KSmDRc+L9YdRNDgLZMbfIimHYIRRMdvEMEICXe1tUvtKBSfU1goTSXXYK2fLOBfOFIXCQponfgZ04klRjgpzCtv8juCOOrHU6r/FpIRkDNbwjWm9i8yBacZGT30bwjK8UW6JSFvDDu747f0ztKyQew8hEivOyqGDwZyrhFImasulsS0/7DB07oUQtaXJ7J8ucGsarttt02D6K8yuCh5bqEVk5Fy4Xlw=="
];
};
}

18
users/pbsds/default.nix
View File

@ -1,13 +1,15 @@
{ config, pkgs, lib, ... }:
{
home-manager.users.pbsds = import ./home;
users.groups.pbsds.gid = 1001;
users.users.pbsds = {
isNormalUser = true;
uid = 1001; # TODO: uid mapping be done at nfs-mount level? That way we can enforce
description = "pbsds";
extraGroups = [ "pbsds" "networkmanager" "wheel" "nixbld" ]; # TODO: NAS stuff
initialHashedPassword = "$6$yNgxTHcP1UYkNwuZ$1sBehnKgPjVnDe0tSV8kyfynWpfjDzuohZX6SoTrMnYFa3/aiMOtI6JppYevl.M6qYhBIT0XBvL6TqSSFWn8B/";
# TODO: fetch from github?
openssh.authorizedKeys.keys = [
"ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAClYXCu7CyStjJ0AqZadUWfuA0h/3kC5FUJk4nTsR0nLXSNp26ETKYY9dID1JQCNgPDDZU3EKCNCpK+nZ/Q09L+agH5XtP6MRIDs0+aXZXy0rcLjS2fgx4ZgIiDGfBlaMCIrM/mdRzVmrYbeMotmkdsLSQ/lFBvX1IuzvUSnyYmRPCXxA== pederbs@hildring"
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDnVaayewel9GWGUYpTdLqfBnYnaBM10Vfq9fxeb9odwjf6pWe78il/5BCgW5EOadR/PeRv/ZYYnIT1uKEJOZkhjY2E6P2/B/JgzwPTwsrrjQsDHd5VjZty097dmf6vj0LXeJHmP9yogjPjGaSxktqyZi2CTFskRfZBPeCsoRMG+Z5bCMOHpXolvGCVWBNRcT3ITVYAAFL7HNPhcN3f5JkQgu0N+ySlMclNNSbHXXv1OIcLMKto6ZDx4DHp7NmU9uSbv8ERAfmoLCgdz1zOg0eVw9Kxs+XpUy3YFDdmPrny/Vq2LCDHljUWtjJI1uBoPF/ngavV+AuX5FHU9OSKNu7H pbsds@knut.pbsds.net"
@ -17,17 +19,5 @@
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDHV25/jfk0upLl6JOq1tu1n+VNkMr0OOu8nZa3NBZQfqrGiLQuTTFycBd5hhoWBaZewb0R8jm/GESE4gfeiLtObe0bKXo8SVty5hNrIq06BbICXByJR99ux17psaNyp/dvZO7gkjKm3m30q7TfbZANlIwhv0XmqCz8S31ocJddFznWyK3nFau/Lvzpupi0Y+7yHkmcKiWYzZsjluQF90M5X5nIf2x4jj7WY0IkR2l41MOLk4NCQNIor6EyAXnHs78JBS3kY5p2x7t/cBpMDBmbgZePdfjGv/L4vFgYiG1wTZT77PWPA93GHueZWDGUkIvKbNriP/U+bShKnGjIfZttjerhzsFE1V/RctCFToqHkW39439nCj6eFpgUiLHkx/mAUPz/whKP+9x5I3/DQkgYZ7qA424Msdz2wXWNi3465Mtrf5XPsjWNReEWt9I29W19K5OLO9QQVrkgdioSCvxoHLvQypPscPkLVF8srzCVA6npUOrOuJ5zZcK1ax2/0v8= pbsds@frotbjoff"
#"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC8S44NzMNlCGpQ0aMqpv4YCbp4esYKLejsFRtCCA3oSgz+zq0Rbem1S1/vQehC44Ps1JPljiJgb8rj0VFUcuqnDtJP6kYRvvUDBaM7QO8Z4mZjOKYQo/MoidaPYEHakPB4fk4fdDU1u090VvTgPJvNe0UmPoTHbedk4u+OMuvMr8T56OPmwZPrCyRLtc4O+cYoig/cB+Y7DlwNI9wBx3xhShb5tuML+ZR1XyBYgprwoZML5l2pzEeK7dXdmkc4QT4TM13EcNOopsNZymH/xOCsY/yVqVJJC2Smp6mkIk+Or0zdlzxXFp4u3MS4bg5pzFVFfsqJAQGB7laMxtakMbn0if54MOA34hEAdmzdBCc+g9suuqFhA9WPqMsVlxx9khTue0MNoUVflUkm4B51aPbnPe+aycxdqMgfONroOjtBAQYfGnlRUP1qR3AD9Y2ND/NhGA9f8gTKPBRam+lRDWEGQO9HmWQdpeZbfWEyJa82HZcTCIhQyQukfa5PIzwtops= pbsds@pbsds-optiplex7060"
];
#EDITOR = "micro";
#packages = with pkgs; [
#
#];
};
users.groups.pbsds = {};
home-manager.users.pbsds = import ./home;
}