diff --git a/configs/secrets.nix.secret b/configs/secrets.nix.secret index 2decefa..93dd4b7 100644 Binary files a/configs/secrets.nix.secret and b/configs/secrets.nix.secret differ diff --git a/machine/desktop.nix b/machine/desktop.nix index 30ca2e5..234696b 100644 --- a/machine/desktop.nix +++ b/machine/desktop.nix @@ -2,6 +2,8 @@ let secrets = import ../configs/secrets.nix; + secrets-wireguard = import ../configs/secrets-wireguard-publickeys.nix; + secrets-desktop = import ../configs/secrets-desktop.nix; in { imports = @@ -50,12 +52,12 @@ in wireguard.interfaces = { wg0 = { ips = [ "10.100.0.2/24" ]; - privateKey = secrets.wireguard-desktop-private; + privateKey = secrets-desktop.wireguard-desktop-private; peers = [ { - publicKey = secrets.wireguard-vps-public; - presharedKey = secrets.wireguard-preshared; + publicKey = secrets-wireguard.wireguard-vps-public; + presharedKey = secrets-wireguard.wireguard-preshared; allowedIPs = [ "10.100.0.0/24" ]; endpoint = "szczepan.ski:51820"; persistentKeepalive = 25; @@ -81,11 +83,11 @@ in extraPackages = with pkgs; [ rocm-opencl-icd rocm-opencl-runtime - amdvlk - ]; - extraPackages32 = with pkgs; [ - driversi686Linux.amdvlk + # amdvlk ]; + # extraPackages32 = with pkgs; [ + # driversi686Linux.amdvlk + # ]; }; fancontrol = { @@ -111,14 +113,6 @@ in }; }; - environment.systemPackages = with pkgs; [ - cpu-x - hwinfo - hardinfo - phoronix-test-suite - fswatch - ]; - sound.enable = true; services = { @@ -129,12 +123,12 @@ in compression = "auto,zstd"; encryption = { mode = "repokey-blake2" ; - passphrase = secrets.borg-desktop-key; + passphrase = secrets-desktop.borg-desktop-key; }; - extraCreateArgs = "--list --stats --verbose --checkpoint-interval 600 --exclude-caches"; + extraCreateArgs = "--checkpoint-interval 600 --exclude-caches"; environment.BORG_RSH = "ssh -i ~/.ssh/id_borg_rsa"; paths = "/home/alex"; - repo = "ssh://szczepan.ski/~/borg-backup/desktop"; + repo = "ssh://u278697-sub2@u278697.your-storagebox.de:23/./borg"; startAt = "daily"; user = "alex"; prune.keep = { @@ -144,14 +138,18 @@ in }; extraPruneArgs = "--save-space --list --stats"; exclude = map (x: paths + "/" + x) [ - ".config/chromium/Default/Service Worker/CacheStorage" ".cache" + ".config/chromium/Default/Service Worker/CacheStorage" + ".config/discord/Cache" ".local/share/libvirt/images" + ".local/share/Steam/config/htmlcache/Cache" ".local/share/Steam/steamapps" - "Games/guild-wars/drive_c/Program Files/Guild Wars/Gw.dat" + ".local/share/Trash" "Games/guild-wars-second/drive_c/Program Files/Guild Wars/Gw.dat" + "Games/guild-wars/drive_c/Program Files/Guild Wars/Gw.dat" "Kamera" "Nextcloud" + "shared" "Sync" "Workspace" ]; diff --git a/machine/thinkpad.nix b/machine/thinkpad.nix index 848266b..cfbc5ab 100644 --- a/machine/thinkpad.nix +++ b/machine/thinkpad.nix @@ -12,6 +12,7 @@ let exec -a "$0" "$@" ''; secrets = import ../configs/secrets.nix; + secrets-thinkpad = import ../configs/secrets-thinkpad.nix; in { imports = @@ -160,12 +161,12 @@ in compression = "auto,zstd"; encryption = { mode = "repokey-blake2" ; - passphrase = secrets.borg-desktop-key; + passphrase = secrets-thinkpad.borg-thinkpad-key; }; extraCreateArgs = "--list --stats --verbose --checkpoint-interval 600 --exclude-caches"; environment.BORG_RSH = "ssh -i ~/.ssh/id_borg_rsa"; paths = "/home/alex"; - repo = "ssh://szczepan.ski/~/borg-backup/thinkpad"; + repo = "ssh://u278697-sub1@u278697.your-storagebox.de:23/./borg"; startAt = "daily"; user = "alex"; prune.keep = { @@ -175,14 +176,17 @@ in }; extraPruneArgs = "--save-space --list --stats"; exclude = map (x: paths + "/" + x) [ - ".config/chromium/Default/Service Worker/CacheStorage" ".cache" + ".config/chromium/Default/Service Worker/CacheStorage" + ".config/discord/Cache" ".local/share/libvirt/images" ".local/share/Steam/steamapps" - "Games/guild-wars/drive_c/Program Files/Guild Wars/Gw.dat" + ".local/share/Trash" "Games/guild-wars-second/drive_c/Program Files/Guild Wars/Gw.dat" + "Games/guild-wars/drive_c/Program Files/Guild Wars/Gw.dat" "Kamera" "Nextcloud" + "shared" "Sync" "Workspace" ];