diff --git a/flake.lock b/flake.lock index 8a95fce..e425e8b 100644 --- a/flake.lock +++ b/flake.lock @@ -101,6 +101,21 @@ "type": "github" } }, + "flakey-profile": { + "locked": { + "lastModified": 1712898590, + "narHash": "sha256-FhGIEU93VHAChKEXx905TSiPZKga69bWl1VB37FK//I=", + "owner": "lf-", + "repo": "flakey-profile", + "rev": "243c903fd8eadc0f63d205665a92d4df91d42d9d", + "type": "github" + }, + "original": { + "owner": "lf-", + "repo": "flakey-profile", + "type": "github" + } + }, "home-manager": { "inputs": { "nixpkgs": [ @@ -129,11 +144,11 @@ ] }, "locked": { - "lastModified": 1747439237, - "narHash": "sha256-5rCGrnkglKKj4cav1U3HC+SIUNJh08pqOK4spQv9RjA=", + "lastModified": 1745251259, + "narHash": "sha256-Hf8WEJMMoP6Fe+k+PYkVJFk5UKory2S0jW7HqRVqQFc=", "owner": "nix-community", "repo": "home-manager", - "rev": "ae755329092c87369b9e9a1510a8cf1ce2b1c708", + "rev": "82ee14ff60611b46588ea852f267aafcc117c8c8", "type": "github" }, "original": { @@ -156,6 +171,43 @@ "url": "https://git.dadada.li/dadada/dadada.li/archive/main.tar.gz" } }, + "lix": { + "flake": false, + "locked": { + "lastModified": 1729298361, + "narHash": "sha256-hiGtfzxFkDc9TSYsb96Whg0vnqBVV7CUxyscZNhed0U=", + "rev": "ad9d06f7838a25beec425ff406fe68721fef73be", + "type": "tarball", + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/ad9d06f7838a25beec425ff406fe68721fef73be.tar.gz?rev=ad9d06f7838a25beec425ff406fe68721fef73be" + }, + "original": { + "type": "tarball", + "url": "https://git.lix.systems/lix-project/lix/archive/2.91.1.tar.gz" + } + }, + "lix-module": { + "inputs": { + "flake-utils": [ + "flake-utils" + ], + "flakey-profile": "flakey-profile", + "lix": "lix", + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1732605668, + "narHash": "sha256-DN5/166jhiiAW0Uw6nueXaGTueVxhfZISAkoxasmz/g=", + "rev": "f19bd752910bbe3a861c9cad269bd078689d50fe", + "type": "tarball", + "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/f19bd752910bbe3a861c9cad269bd078689d50fe.tar.gz?rev=f19bd752910bbe3a861c9cad269bd078689d50fe" + }, + "original": { + "type": "tarball", + "url": "https://git.lix.systems/lix-project/nixos-module/archive/2.91.1-2.tar.gz" + } + }, "nixlib": { "locked": { "lastModified": 1736643958, @@ -194,11 +246,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1747129300, - "narHash": "sha256-L3clA5YGeYCF47ghsI7Tcex+DnaaN/BbQ4dR2wzoiKg=", + "lastModified": 1744633460, + "narHash": "sha256-fbWE4Xpw6eH0Q6in+ymNuDwTkqmFmtxcQEmtRuKDTTk=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "e81fd167b33121269149c57806599045fd33eeed", + "rev": "9a049b4a421076d27fee3eec664a18b2066824cb", "type": "github" }, "original": { @@ -210,11 +262,43 @@ }, "nixpkgs": { "locked": { - "lastModified": 1747327360, - "narHash": "sha256-LSmTbiq/nqZR9B2t4MRnWG7cb0KVNU70dB7RT4+wYK4=", + "lastModified": 1744917357, + "narHash": "sha256-1Sj8MToixDwakJYNMYBS/PYbg8Oa4CAxreXraMHB5qg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "e06158e58f3adee28b139e9c2bcfcc41f8625b46", + "rev": "1eae3268880484be84199bdb77941c09bb4a97ba", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-24.11-small", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-full": { + "locked": { + "lastModified": 1744440957, + "narHash": "sha256-FHlSkNqFmPxPJvy+6fNLaNeWnF1lZSgqVCl/eWaJRc4=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "26d499fc9f1d567283d5d56fcf367edd815dba1d", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-24.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-unstable": { + "locked": { + "lastModified": 1744932701, + "narHash": "sha256-fusHbZCyv126cyArUwwKrLdCkgVAIaa/fQJYFlCEqiU=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "b024ced1aac25639f8ca8fdfc2f8c4fbd66c48ef", "type": "github" }, "original": { @@ -224,22 +308,6 @@ "type": "github" } }, - "nixpkgs-small": { - "locked": { - "lastModified": 1747452614, - "narHash": "sha256-hSEz6JHZTJJTeIudt0SK3UoZnfThHwKCUGvSe5/zn8g=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "e067fb89ac3e59f993f257c799318132f1492f01", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-unstable-small", - "repo": "nixpkgs", - "type": "github" - } - }, "root": { "inputs": { "agenix": "agenix", @@ -248,10 +316,12 @@ "flake-utils": "flake-utils", "home-manager": "home-manager_2", "homepage": "homepage", + "lix-module": "lix-module", "nixos-generators": "nixos-generators", "nixos-hardware": "nixos-hardware", "nixpkgs": "nixpkgs", - "nixpkgs-small": "nixpkgs-small", + "nixpkgs-full": "nixpkgs-full", + "nixpkgs-unstable": "nixpkgs-unstable", "systems": "systems", "treefmt-nix": "treefmt-nix" } @@ -278,11 +348,11 @@ ] }, "locked": { - "lastModified": 1747469671, - "narHash": "sha256-bo1ptiFoNqm6m1B2iAhJmWCBmqveLVvxom6xKmtuzjg=", + "lastModified": 1744961264, + "narHash": "sha256-aRmUh0AMwcbdjJHnytg1e5h5ECcaWtIFQa6d9gI85AI=", "owner": "numtide", "repo": "treefmt-nix", - "rev": "ab0378b61b0d85e73a8ab05d5c6029b5bd58c9fb", + "rev": "8d404a69efe76146368885110f29a2ca3700bee6", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 05f7349..8dc1c74 100644 --- a/flake.nix +++ b/flake.nix @@ -2,8 +2,9 @@ description = "dadada's nix flake"; inputs = { - nixpkgs-small.url = "github:NixOS/nixpkgs/nixos-unstable-small"; - nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; + nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11-small"; + nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable"; + nixpkgs-full.url = "github:NixOS/nixpkgs/nixos-24.11"; flake-utils = { url = "github:numtide/flake-utils"; inputs.systems.follows = "systems"; @@ -25,6 +26,11 @@ url = "github:numtide/devshell"; inputs.nixpkgs.follows = "nixpkgs"; }; + lix-module = { + url = "https://git.lix.systems/lix-project/nixos-module/archive/2.91.1-2.tar.gz"; + inputs.nixpkgs.follows = "nixpkgs"; + inputs.flake-utils.follows = "flake-utils"; + }; nixos-generators = { url = "github:nix-community/nixos-generators"; inputs.nixpkgs.follows = "nixpkgs"; diff --git a/home/default.nix b/home/default.nix index fd0ddd3..80d53a3 100644 --- a/home/default.nix +++ b/home/default.nix @@ -19,24 +19,24 @@ let "helix" ]; colors = { - background = "fdf6e3"; - foreground = "657b83"; - regular0 = "eee8d5"; # background darker - regular1 = "dc322f"; # red - regular2 = "859900"; # green - regular3 = "b58900"; # dark orange - regular4 = "268bd2"; # azure blue - regular5 = "d33682"; # hot pink - regular6 = "2aa198"; # petrol - regular7 = "073642"; # navy - bright0 = "cb4b16"; # orange - bright1 = "fdf6e3"; # foreground - bright2 = "93a1a1"; # grey - bright3 = "839496"; # slightly darker grey - bright4 = "657b83"; # even slightly darker grey - bright5 = "6c71c4"; # purple - bright6 = "586e75"; # pretty dark grey - bright7 = "002b36"; # dark navy blue + background = "ffffff"; + foreground = "000000"; + regular0 = "000000"; + regular1 = "000000"; + regular2 = "000000"; + regular3 = "000000"; + regular4 = "000000"; + regular5 = "000000"; + regular6 = "000000"; + regular7 = "000000"; + bright0 = "ffffff"; + bright1 = "ffffff"; + bright2 = "ffffff"; + bright3 = "ffffff"; + bright4 = "ffffff"; + bright5 = "ffffff"; + bright6 = "ffffff"; + bright7 = "ffffff"; }; in { @@ -403,11 +403,11 @@ in bindsym $mod+grave exec busctl --user call org.keepassxc.KeePassXC.MainWindow /keepassxc org.keepassxc.KeePassXC.MainWindow lockAllDatabases && swaylock -c #fdf6e3 # class border backgr. text indicator child_border - client.focused #${bright6} #${foreground} #${background} #${bright5} #${regular4} - client.focused_inactive #${regular0} #${regular0} #${foreground} #${bright5} #${regular0} - client.unfocused #${regular0} #${background} #${bright2} #${bright5} #${regular0} - client.urgent #${bright1} #${bright0} #${regular4} #${background} #${bright0} - client.placeholder #${background} #${bright2} #${foreground} #${background} #${bright2} + client.focused #${background} #${foreground} #${background} #${foreground} #${background} + client.focused_inactive #${background} #${background} #${foreground} #${foreground} #${background} + client.unfocused #${background} #${background} #${foreground} #${foreground} #${background} + client.urgent #${background} #${background} #${foreground} #${foreground} #${background} + client.placeholder #${background} #${background} #${foreground} #${foreground} #${background} client.background #${foreground} @@ -432,8 +432,6 @@ in } ''; - services.poweralertd.enable = true; - # Let Home Manager install and manage itself. programs.home-manager.enable = true; diff --git a/home/modules/alacritty/default.nix b/home/modules/alacritty/default.nix index 086b945..db3db6e 100644 --- a/home/modules/alacritty/default.nix +++ b/home/modules/alacritty/default.nix @@ -17,7 +17,7 @@ in programs.alacritty = { enable = true; settings = { - env.TERM = "xterm-256color"; + env.TERM = "xterm-mono"; scrolling.history = 0; font = { size = 9; diff --git a/home/modules/helix/config/config.toml b/home/modules/helix/config/config.toml index 41cf786..71b6c42 100644 --- a/home/modules/helix/config/config.toml +++ b/home/modules/helix/config/config.toml @@ -1,4 +1,4 @@ -theme = "solarized_light" +theme = "black" [editor] line-number = "relative" diff --git a/home/modules/helix/config/themes/black.toml b/home/modules/helix/config/themes/black.toml new file mode 100644 index 0000000..88d1a35 --- /dev/null +++ b/home/modules/helix/config/themes/black.toml @@ -0,0 +1,34 @@ +"ui.background" = {bg="white"} +"ui.text" = "black" +"ui.linenr" = {bg="white", fg="black"} +"ui.linenr.selected" = {bg="white", fg="black"} +"ui.selection" = {modifiers=["reversed"]} +"ui.cursorline" = {modifiers=["reversed"]} +"ui.statusline" = {modifiers=["reversed"]} +"ui.statusline.inactive" = {fg="black", bg="white"} +"ui.virtual" = "indent" +"ui.virtual.ruler" = { bg = "black", fg ="white" } +"ui.cursor.match" = {modifiers=["reversed"]} +"ui.cursor" = {modifiers=["reversed"]} +"ui.debug" = {fg="black"} +"ui.highlight" = { modifiers = ["underlined"] } +"ui.highlight.frameline" = {modifiers=["reversed"]} +"ui.help" = { modifiers=["reversed"] } +"ui.popup" = { modifiers=["reversed"] } +"ui.popup.info" = { modifiers=["reversed"] } +"ui.text.info" = { modifiers=["reversed"] } +"ui.menu" = { bg="black", fg="white" } +"ui.menu.selected" = { bg="white", fg="black" } +"ui.window" = { bg="white" } +"diagnostic" = { modifiers=["reversed"] } +"diagnostic.error" = {modifiers=["bold", "underlined"]} +"diagnostic.warning" = {modifiers=["underlined", "italic"]} +"diagnostic.hint" = {modifiers=["underlined"]} +"diagnostic.unnecessary" = {modifiers = ["dim"]} +"diagnostic.deprecated" = {modifiers = ["crossed_out"]} +"ui.bufferline" = { fg="black", bg="white" } +"ui.bufferline.active" = { fg="black", bg="white" } + +[palette] +white = "#ffffff" +black = "#000000" diff --git a/home/modules/tmux.nix b/home/modules/tmux.nix index 70f2974..df005ff 100644 --- a/home/modules/tmux.nix +++ b/home/modules/tmux.nix @@ -12,17 +12,17 @@ in config = mkIf cfg.enable { programs.tmux = { enable = true; - terminal = "tmux-256color"; extraConfig = '' setw -g mode-keys vi set -g mouse on set -g set-clipboard external set -g set-titles on set -g status on - set -ga terminal-overrides ',*256col*:Tc' set-option -g status-interval 5 set-option -g automatic-rename on set-option -g automatic-rename-format '#{b:pane_current_path}' + set -g status-bg "#000000" + set -g status-fg "#ffffff" bind '"' split-window -c "#{pane_current_path}" bind % split-window -h -c "#{pane_current_path}" bind c new-window -c "#{pane_current_path}" diff --git a/home/modules/zsh.nix b/home/modules/zsh.nix index a095bff..fb4cc76 100644 --- a/home/modules/zsh.nix +++ b/home/modules/zsh.nix @@ -20,6 +20,7 @@ in autocd = true; sessionVariables = { EDITOR = "hx"; + TERM = "xterm-mono"; }; history = { extended = true; @@ -44,6 +45,7 @@ in PROMPT="%F{red}%?%f %F{green}%m%f:%F{blue}%~%f"$'\n'"╰─> " RPROMPT='$(git_super_status)' + #NIX_BUILD_SHELL="${pkgs.zsh}/bin/zsh" ''; profileExtra = '' ''; diff --git a/nixos/configurations.nix b/nixos/configurations.nix index adacb51..48d70cd 100644 --- a/nixos/configurations.nix +++ b/nixos/configurations.nix @@ -1,73 +1,60 @@ -{ - self, - agenix, - home-manager, - homepage, - nixos-hardware, - nixos-generators, - nixpkgs, - nixpkgs-small, - ... +{ self +, agenix +, lix-module +, nixpkgs +, nixpkgs-full +, home-manager +, homepage +, nixos-hardware +, nixos-generators +, nixpkgs-unstable +, ... }@inputs: let - nixosSystem = - { - nixpkgs, - system ? "x86_64-linux", - extraModules ? [ ], - }: - nixpkgs.lib.nixosSystem { - inherit system; + lixModule = lix-module.nixosModules.default; - modules = - [ - { - nixpkgs.overlays = nixpkgs.lib.attrValues self.overlays; - } - ] - ++ (nixpkgs.lib.attrValues self.nixosModules) - ++ [ agenix.nixosModules.age ] - ++ extraModules; - }; + nixosSystem = { n_nixpkgs ? nixpkgs, system ? "x86_64-linux", extraModules ? [ ] }: n_nixpkgs.lib.nixosSystem { + inherit system; + + modules = [ + lixModule + { + nixpkgs.overlays = n_nixpkgs.lib.attrValues self.overlays; + } + ] ++ (n_nixpkgs.lib.attrValues self.nixosModules) ++ [ agenix.nixosModules.age ] ++ extraModules; + }; in { - gorgon = - let - system = "x86_64-linux"; - in - nixosSystem { - inherit nixpkgs system; + gorgon = nixosSystem rec { + n_nixpkgs = nixpkgs-unstable; - extraModules = [ + system = "x86_64-linux"; + + extraModules = [ + { + nixpkgs.overlays = nixpkgs.lib.attrValues self.overlays; + dadada.pkgs = self.packages.${system}; + dadada.inputs = inputs // { dadada = self; }; + } + + nixos-hardware.nixosModules.lenovo-thinkpad-t14s-amd-gen1 + + home-manager.nixosModules.home-manager + ({ pkgs, lib, ... }: { - nixpkgs.overlays = nixpkgs.lib.attrValues self.overlays; - dadada.pkgs = self.packages.${system}; - dadada.inputs = inputs // { - dadada = self; - }; - } - - nixos-hardware.nixosModules.lenovo-thinkpad-t14s-amd-gen1 - - home-manager.nixosModules.home-manager - ( - { pkgs, lib, ... }: - { - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - home-manager.sharedModules = (nixpkgs.lib.attrValues self.hmModules) ++ [ - { dadada.home.helix.package = pkgs.helix; } - { manual.manpages.enable = false; } - ]; - home-manager.users.dadada = import ../home; - } - ) - ./gorgon/configuration.nix - ]; - }; + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + home-manager.sharedModules = (nixpkgs.lib.attrValues self.hmModules) ++ [ + { dadada.home.helix.package = pkgs.helix; } + { manual.manpages.enable = false; } + ]; + home-manager.users.dadada = import ../home; + }) + ./gorgon/configuration.nix + ]; + }; surgat = nixosSystem { - nixpkgs = nixpkgs-small; system = "x86_64-linux"; extraModules = [ { @@ -79,38 +66,34 @@ in }; agares = nixosSystem { - nixpkgs = nixpkgs-small; extraModules = [ ./agares/configuration.nix ]; }; - installer = - let - nixpkgs = nixpkgs-small; - in - nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - modules = [ - nixos-generators.nixosModules.install-iso - self.nixosModules.admin - { - isoImage.isoName = nixpkgs.lib.mkForce "dadada-nixos-installer.iso"; - networking.tempAddresses = "disabled"; - dadada.admin.enable = true; - documentation.enable = true; - documentation.nixos.enable = true; - i18n.defaultLocale = "en_US.UTF-8"; - console = { - font = "Lat2-Terminus16"; - keyMap = "us"; - }; - } - ]; - }; + installer = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + lixModule + nixos-generators.nixosModules.install-iso + self.nixosModules.admin + { + isoImage.isoName = nixpkgs.lib.mkForce "dadada-nixos-installer.iso"; + networking.tempAddresses = "disabled"; + dadada.admin.enable = true; + documentation.enable = true; + documentation.nixos.enable = true; + i18n.defaultLocale = "en_US.UTF-8"; + console = { + font = "Lat2-Terminus16"; + keyMap = "us"; + }; + } + ]; + }; ninurta = nixosSystem { - nixpkgs = nixpkgs-small; + n_nixpkgs = nixpkgs-full; extraModules = [ ./ninurta/configuration.nix ]; diff --git a/nixos/modules/profiles/base.nix b/nixos/modules/profiles/base.nix index c23a273..e375cc9 100644 --- a/nixos/modules/profiles/base.nix +++ b/nixos/modules/profiles/base.nix @@ -1,4 +1,4 @@ -{ config, lib, pkgs, ... }: +{ config, lib, ... }: let mkDefault = lib.mkDefault; inputs = config.dadada.inputs; @@ -22,8 +22,6 @@ in time.timeZone = mkDefault "Europe/Berlin"; - nix.package = pkgs.lix; - nix.settings.substituters = [ https://cache.nixos.org/ ]; nix.settings.trusted-public-keys = [ diff --git a/nixos/modules/profiles/cloud.nix b/nixos/modules/profiles/cloud.nix index ba131e1..98314c7 100644 --- a/nixos/modules/profiles/cloud.nix +++ b/nixos/modules/profiles/cloud.nix @@ -5,19 +5,11 @@ let in { boot.initrd.availableKernelModules = [ "virtio-pci" ]; - - boot.kernelParams = [ - # Wait forever for the filesystem root to show up - "rootflags=x-systemd.device-timeout=0" - - # Wait forever to enter the LUKS passphrase via SSH - "rd.luks.options=timeout=0" - ]; boot.initrd.network = { enable = true; ssh = { enable = true; - port = 2223; + port = 22; hostKeys = [ config.age.secrets."${initrdHostKey}".path ]; @@ -35,13 +27,8 @@ in ''; }; - assertions = lib.singleton { - assertion = (config.boot.initrd.network.ssh.hostKeys != [ ]) -> config.boot.loader.supportsInitrdSecrets == true; - message = "Refusing to store private keys in store"; - }; - age.secrets."${initrdHostKey}" = { - file = "${secretsPath}/initrd-${initrdHostKey}.age"; + file = "${secretsPath}/${initrdHostKey}.age"; mode = "600"; path = "/etc/initrd/${initrdHostKey}"; symlink = false; diff --git a/nixos/modules/profiles/server.nix b/nixos/modules/profiles/server.nix index 1aeab43..d26358c 100644 --- a/nixos/modules/profiles/server.nix +++ b/nixos/modules/profiles/server.nix @@ -20,7 +20,6 @@ with lib; { services.journald.extraConfig = '' SystemKeepFree = 2G - MaxRetentionSec = 100days ''; system.autoUpgrade = { diff --git a/nixos/surgat/configuration.nix b/nixos/surgat/configuration.nix index f2c7ba2..6dad1ee 100644 --- a/nixos/surgat/configuration.nix +++ b/nixos/surgat/configuration.nix @@ -137,10 +137,6 @@ in boot.loader.grub.enable = true; boot.loader.grub.device = "/dev/sda"; - boot.kernelParams = [ - "ip=49.12.3.98::172.31.1.1:255.255.255.255:surgat::dhcp" - ]; - services.resolved = { enable = true; fallbackDns = [ "9.9.9.9" "2620:fe::fe" ]; diff --git a/outputs.nix b/outputs.nix index d588f6e..efa3dab 100644 --- a/outputs.nix +++ b/outputs.nix @@ -1,14 +1,18 @@ # Adapted from Mic92/dotfiles -{ - self, - flake-utils, - nixpkgs, - agenix, - devshell, - ... -}@inputs: -(flake-utils.lib.eachDefaultSystem ( - system: +{ self +, flake-utils +, flake-registry +, homepage +, lix-module +, nixpkgs +, home-manager +, nixos-hardware +, nixpkgs-full +, agenix +, devshell +, ... +} @ inputs: +(flake-utils.lib.eachDefaultSystem (system: let pkgs = import nixpkgs { inherit system; }; in @@ -31,9 +35,8 @@ packages = import ./pkgs { inherit pkgs; } // { installer-iso = self.nixosConfigurations.installer.config.system.build.isoImage; }; - } -)) -// { + })) + // { hmModules = import ./home/modules.nix { lib = nixpkgs.lib; }; diff --git a/secrets/initrd-surgat-ssh_host_ed25519_key.age b/secrets/initrd-surgat-ssh_host_ed25519_key.age deleted file mode 100644 index 32dbcbf..0000000 Binary files a/secrets/initrd-surgat-ssh_host_ed25519_key.age and /dev/null differ diff --git a/secrets/secrets.nix b/secrets/secrets.nix index 946d855..7da57e3 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -21,7 +21,6 @@ in "miniflux-admin-credentials.age".publicKeys = [ systems.surgat dadada ]; "gorgon-backup-passphrase-gs.age".publicKeys = [ systems.gorgon dadada ]; "paperless.age".publicKeys = [ systems.gorgon dadada ]; - "initrd-surgat-ssh_host_ed25519_key.age".publicKeys = [ systems.surgat dadada ]; "surgat-ssh_host_ed25519_key.age".publicKeys = [ systems.surgat dadada ]; "ninurta-initrd-ssh-key.age".publicKeys = [ systems.ninurta dadada ]; "ddns-credentials.age".publicKeys = [ systems.agares systems.ninurta dadada ];