more updating + fix smb secrets

2024-10-27 14:44:58 +01:00 · 2024-10-27 14:44:58 +01:00 · 9b760cafc1
commit 9b760cafc1
parent 0938d3d1dc
6 changed files with 17 additions and 13 deletions
--- a/.sops.yaml
+++ b/.sops.yaml
@ -10,18 +10,18 @@ creation_rules:
    key_groups:
      - age:
        - *xun
-  - path_regex: profiles/secrets/global
+  - path_regex: systemProfiles/secrets/global
    key_groups:
      - age:
        - *xun
        - *nixdesk
        - *hopper
-  - path_regex: profiles/secrets/nixdesk
+  - path_regex: systemProfiles/secrets/nixdesk
    key_groups:
      - age:
        - *xun
        - *nixdesk
-  - path_regex: profiles/secrets/hopper
+  - path_regex: systemProfiles/secrets/hopper
    key_groups:
      - age:
        - *xun
--- a/git-agecrypt.toml
+++ b/git-agecrypt.toml
@ -1,2 +0,0 @@
 [config]
 "hosts/nixdesk/smbcreds" = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKqW5ZkBV2XCdF/ZhwC1DOfrgiLxCC2ym6BO7miHi05M xun@nixdesk"]
--- a/hosts/machines/default.nix
+++ b/hosts/machines/default.nix
@ -109,7 +109,7 @@ in {
          # programs.gamemode # TEMP: TODO
          # programs.gamescope # TEMP: TODO
          # programs.steam # TEMP: TODO
-          programs.RE.default
+          # programs.RE.default
        ])
        {
--- a/hosts/machines/nixdesk/default.nix
+++ b/hosts/machines/nixdesk/default.nix
@ -25,6 +25,7 @@
      builtins.elem (lib.getName pkg) [
        "steam"
        "steam-original"
        "steam-unwrapped"
        "apple_cursor" # bwuh this is NOT unfree!!
      ];
  };
--- a/hosts/machines/nixdesk/samba-mount.nix
+++ b/hosts/machines/nixdesk/samba-mount.nix
@ -1,32 +1,37 @@
-{config, ...}: {
+{
  config,
  pkgs,
  ...
 }: {
  environment.systemPackages = [pkgs.cifs-utils];
  systemd.mounts = [
    {
      description = "smb hopper transmission download directory";
      what = "//192.168.50.97/transmission"; # hopper local ip
      where = "/server/transmission";
      type = "cifs";
-      options = builtins.readFile ./smbcreds;
+      options = "uid=xun,gid=users,credentials=${config.sops.secrets.samba.path}";
    }
    {
      description = "smb hopper vault";
      what = "//192.168.50.97/vault"; # hopper local ip
      where = "/server/vault";
      type = "cifs";
-      options = "uid=xun,gid=users," + (builtins.readFile ./smbcreds);
+      options = "uid=xun,gid=users,credentials=${config.sops.secrets.samba.path}";
    }
    {
      description = "smb hopper library";
      what = "//192.168.50.97/library"; # hopper local ip
      where = "/server/library";
      type = "cifs";
-      options = "uid=xun,gid=users," + (builtins.readFile ./smbcreds);
+      options = "uid=xun,gid=users,credentials=${config.sops.secrets.samba.path},vers=3.0";
    }
    {
      description = "smb hopper slskd files";
      what = "//192.168.50.97/slskd"; # hopper local ip
      where = "/server/slskd";
      type = "cifs";
-      options = "uid=xun,gid=users," + (builtins.readFile ./smbcreds);
+      options = "uid=xun,gid=users,credentials=${config.sops.secrets.samba.path}";
    }
  ];
--- a/pkgs/gamesand/default.nix
+++ b/pkgs/gamesand/default.nix
@ -1,11 +1,11 @@
 {
-  steamPackages,
+  steam-fhsenv-without-steam,
  symlinkJoin,
 }:
 symlinkJoin {
  name = "gamesand";
  paths = [
-    (steamPackages.steam-fhsenv-without-steam.override
+    (steam-fhsenv-without-steam.override
      {
        extraBwrapArgs = [
          "--ro-bind ./files /game/files"
		`@ -1,2 +0,0 @@`
			`[config]`
			`"hosts/nixdesk/smbcreds" = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKqW5ZkBV2XCdF/ZhwC1DOfrgiLxCC2ym6BO7miHi05M xun@nixdesk"]`