mirror of
https://github.com/nickolaj-jepsen/nixos.git
synced 2026-01-22 08:06:50 +01:00
feat(glance): add github components
This commit is contained in:
Nickolaj Jepsen
parent
4aa1f38ab9
commit
8fcf3c579d
4 changed files with 141 additions and 8 deletions
4
.github/copilot-instructions.md
vendored
4
.github/copilot-instructions.md
vendored
|
|
@ -3,6 +3,7 @@
|
|||
## Architecture Overview
|
||||
|
||||
This is a **NixOS flake-based configuration** managing multiple hosts (desktop, laptop, homelab, work, WSL) with:
|
||||
|
||||
- **flake-parts** for modular flake organization
|
||||
- **home-manager** integrated via `fireproof.home-manager` option (not standalone)
|
||||
- **agenix + agenix-rekey** for YubiKey-based secret management
|
||||
|
|
@ -79,6 +80,7 @@ just new-host <hostname> <user> # Bootstrap new host config
|
|||
## Secret Management
|
||||
|
||||
Secrets use **agenix-rekey** with YubiKey master identity:
|
||||
|
||||
- Global secrets: `secrets/*.age`
|
||||
- Host-specific: `secrets/hosts/<hostname>/` (includes rekeyed secrets in `.rekey/`)
|
||||
- Reference secrets via `config.age.secrets.<name>.path`
|
||||
|
|
@ -117,7 +119,7 @@ services.myapp.environmentFile = config.age.secrets.my-secret.path;
|
|||
|
||||
### Adding a homelab service
|
||||
|
||||
1. Create `modules/homelab/myservice.nix`
|
||||
1. Create `modules/homelab/myservice.nix`
|
||||
2. Guard with `lib.mkIf config.fireproof.homelab.enable`
|
||||
3. Add nginx virtualHost for HTTPS proxy
|
||||
4. Import in `modules/homelab/default.nix`
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue