mirror of
https://github.com/Swarsel/.dotfiles.git
synced 2025-12-06 09:07:21 +01:00
docs: outline manual setup steps (WIP)
This commit is contained in:
Leon Schwarzäugl
parent
8813fb5117
commit
f5ff5d5066
GPG key ID:
26A54C31F2A4FD84
3 changed files with 992 additions and 802 deletions
|
|
@ -297,6 +297,18 @@ Here I give a brief overview over the hostmachines that I am using. This is held
|
|||
|🔗 **Link Shortener** | [Shlink](https://github.com/Swarsel/.dotfiles/tree/main/modules/nixos/server/shlink.nix) |
|
||||
#+end_src
|
||||
|
||||
** Manual steps when setting up a new machine
|
||||
|
||||
#+begin_src markdown :noweb yes :exports both :results html
|
||||
|
||||
<<setup>>
|
||||
|
||||
If the new machine is a work machine, these steps are additionally needed:
|
||||
|
||||
<<worksetup>>
|
||||
|
||||
#+end_src
|
||||
|
||||
* flake.nix
|
||||
:PROPERTIES:
|
||||
:CUSTOM_ID: h:c7588c0d-2528-485d-b2df-04d6336428d7
|
||||
|
|
@ -10580,6 +10592,14 @@ This holds configuration that is specific to framework laptops.
|
|||
|
||||
Options that I need specifically at work. There are more options at [[#h:f0b2ea93-94c8-48d8-8d47-6fe58f58e0e6][Work]] (home-manager side).
|
||||
|
||||
When setting up a new machine:
|
||||
|
||||
#+begin_src markdown :noweb-ref worksetup :exports both :results html
|
||||
- setup the work VPN:
|
||||
- using the laptop certificate `.pem` as User cert and private key (CA cert: none)
|
||||
- vpn gateway is found in `nixosConfig.repo.secrets.local.work.vpnGateway`
|
||||
#+end_src
|
||||
|
||||
#+begin_src nix-ts :tangle modules/nixos/optional/work.nix
|
||||
{ self, lib, pkgs, config, configName, ... }:
|
||||
let
|
||||
|
|
@ -14427,7 +14447,18 @@ Currently, I am too lazy to explain every option here, but most of it is very se
|
|||
:CUSTOM_ID: h:7d384e3b-1be7-4644-b304-ada4af0b692b
|
||||
:END:
|
||||
|
||||
Settinfs that are needed for the gpg-agent. Also we are enabling emacs support for unlocking my Yubikey here.
|
||||
Settings that are needed for the gpg-agent. Also we are enabling emacs support for unlocking my Yubikey here.
|
||||
|
||||
When setting up a new machine:
|
||||
|
||||
#+begin_src markdown :noweb-ref setup :exports both :results html
|
||||
- setup gpgsm for signing of mails using S/MIME:
|
||||
- `gpgsm --import ~/Certificates/<certname>.p12`
|
||||
- `gpgsm --import ~/Certificates/harica-root.pem`
|
||||
- `gpgsm --import ~/Certificates/harica-intermediate.pem`
|
||||
- `gpgsm --list-keys --with-validation "HARICA Client RSA Root CA 2021"`
|
||||
- trust the certificate and set passphrase
|
||||
#+end_src
|
||||
|
||||
#+begin_src nix-ts :tangle modules/home/common/gpg-agent.nix
|
||||
{ self, lib, config, pkgs, ... }:
|
||||
|
|
@ -15216,13 +15247,21 @@ The rest of the settings is at [[#h:fb3f3e01-7df4-4b06-9e91-aa9cac61a431][gaming
|
|||
|
||||
#+end_src
|
||||
|
||||
**** Work
|
||||
**** Work (pizauth)
|
||||
:PROPERTIES:
|
||||
:CUSTOM_ID: h:f0b2ea93-94c8-48d8-8d47-6fe58f58e0e6
|
||||
:END:
|
||||
|
||||
The rest of the settings is at [[#h:bbf2ecb6-c8ff-4462-b5d5-d45b28604ddf][work]]. Here, I am setting up the different firefox profiles that I need for the SSO sites that I need to access at work as well as a few ssh shorthands.
|
||||
|
||||
When setting up a new machine:
|
||||
|
||||
#+begin_src markdown :noweb-ref setup :exports both :results html
|
||||
- setup pizauth for microsoft mail sync (account names are possibly `uni` and `work`):
|
||||
- `pizauth auth <account name, e.g. 'work'>`
|
||||
- `pizauth dump > ~/.pizauth.state`
|
||||
#+end_src
|
||||
|
||||
#+begin_src nix-ts :tangle modules/home/optional/work.nix :noweb yes
|
||||
{ self, config, pkgs, lib, vars, nixosConfig ? config, ... }:
|
||||
let
|
||||
|
|
@ -22120,6 +22159,14 @@ This sets up the =dashboard=, which is really quite useless. But, it looks cool
|
|||
:END:
|
||||
|
||||
This sections is no longer used really. An introduction can be found in [[#h:bcc3ebbe-df8a-46bd-b42d-73aad6fc66e5][Structure of this file]] under the historical note. The little noweb-ref blocks that I still use are found in [[#h:48e0cb2c-e412-4ae3-a244-80a8c09dbb02][Hosts]] and [[#h:3bb92528-c61c-4b8d-8214-bf2a40baaa32][Services]].
|
||||
** General steps when setting up a new machine
|
||||
|
||||
These general steps are needed when setting up a new machine and do not fit into another block well:
|
||||
|
||||
#+begin_src markdown :noweb-ref setup :exports both :results html
|
||||
- setup yubikey (automatic yubikey enrollment is not yet supported by `disko`):
|
||||
- `systemd-cryptenroll --fido2-device=auto /dev/<device, e.g. 'nvme0n1p2'>`
|
||||
#+end_src
|
||||
|
||||
* Appendix B: Supplementary Files
|
||||
:PROPERTIES:
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
{
|
||||
"data": "ENC[AES256_GCM,data:Avje6G0sf17iETA622PNdboM3FlYSFtdiPtEuCKpytuUS/2ATu1g9rTeLuSwKHzMfuweF1l+GWkME4D3PQZ2hzgtyByISnuHTFB0kO/QmnmpoNpEkGXgUKpogEaFWiTyFkg+Ceo8IFzSA+AW22DcNnU6ygZlnuK92XH3qJ9F/xyF8yd3eFXx9skA68GdpyoOxnw648ZKeL0/mWLcZVSxDpt7o2bnnL/lU8qp4HErRkgbIh8aUCfaZjRJMXOMfZj4rNSZ58ZCSTl1akuDRYQfqk8WdprrveDXVPtFe3Ol1LY2yqZtTTjE/L94fmQtkLE4U36uJfQBtnUAjqXJQqCpZRrJcQgqPyW29CWwIxK/2hccYIikv6033j2kUKQbXWMcniBsnFfmBvLLKBHdylNX2AstKjtkJ48dZskL833QvYwxNxePEk0heJ463goWHtDLWNFAMW5vrI/BYg8NM6PDYvZWG6yswUZFlUmzKoQxzbxKgnsXj4yDH+pNu8B8uWzKaEYDQjeKdOPEhagNVroeT+T6r0hp/sEJUTh8ekIwpmmNssF7DalKumEcuQy0K3Lvt7fUhB5Z+dFMz3eqhQuXtwQl9p0mpf13F8qVtbuB4Ye0N8HmGFp+TF5sVXy1RsgP80uVawaqKVyhiRoT+ZDMUno4MwkmPAmkYhemkH9UIsooiRdFOb9W4zzQbpC79htnGXGVWgDQMNYVun/TX0RMNnmFls/HoPQz5Ft6sKQp6cQ8bNxsWMJKTRR/Y8g32OomcGMegPDM+oeutvTFkUhhZdgFHd98brOZjrEeQVwyh6fOLqHaSIZB8XFjh/rDytPbX85/HQSH+k9zWgL4kpHoZeLPUK0alY2RMFlYuNd/a8yhgdlQZGGSfVP92JrdmOcTxgOd11zy6/eTWBWVZVE279CJvAYkKDTFN/MyoAC0gTl2mR9vW44BbDAHywOy8AJjzoDMWacg7DBFSqxW9ZGJbFs3udqYk5IDhrdOz941jE+WsP978K8uTn2F7d/Qz6lhmberdyIuPC0H18+2Gzv1L/LWtc6/kqqPOB9RYrlaayAfymqNV/3FdhFSxfx4Pm4SD5MIaZ99FS7+AwP3B5kmnCZToLZlFsgPL9DUwqwgx69gQxUlb362ih5swaCY0nOL63oa6c25/UvO9rYkDh52FhGl1N9gzvbzbYC0Mp7QuwzF1XWUFbhE+f9aJ6bAXHyS10GMfa76eLnnoPSslYZ4rZfLMjHOGjbTMY7wTLl50wKg4VbThWtpkxwbITGd5VZH1/iO6e7F8K0gMwHNMYSm/doNaRcN1HWi7eD6YtQVWlWlewx0C9BzW6TsOy3e9MtQBULFDkPEIbzoT/29dS1o7YKyomdBG867xbqKV31DkqBpq9G0Fv6kHCeu5MmfzeqhueA11+XFQvvNl2KsLW5LvlP7GPOl0VjlEBY61SGjXibMGcLOAEgsxyzzZhLP97pl1dTb2yokBkDTy9n9pgpWJ5NmZi68XMVew8Nx4vz0Dj6jZruPgO3vBtpUytx6vjp/hwKcUQq09PxY8QN5l3gfmZJvAiDMuZh6ZzaJvVhkK/afzt2YN1rozd+Ibo4k3831X+RkfKLFoiA6E0g9SEgm6HAl/gfRIKR740yH0uVVbpCNIRpfBuAQMAvoLczcgYjsMaZ5hqHh0nOC+hsHmEIP47KrPzyA8U3+TjQEbAN1aHAGkzVDVJ4E8iwPkPAP0B+b6mtSNfscdyG5iX2zlqcivvA51s8zouhxEZ4KZ9TiVtg6dlngP7fu1SjM2DYzG2Sshg8L+WyzFFjDgWPe5RO8btzWEFuNTpFgvaRYQWONa7JWgnigP4ZE7Tc+shN8BXGhjJnGM4Z1+PNPRWvB/d1Fqe1KbgTyVFHizD8DnNWmfgghFLOwenKbZXe8wAAGmfIaCHE7IMrTSeuqhfKpGGnrnlE9Hd3y/8ojYtOFPQ16ohTPxBVwN/gt8RCmBdP+i4Y11He0vdX3HaF3W9yGkIPDLY/aJ33NvK9lmCvXBYANSLirBJmY/xEgdxIbG9TDRnZPoUQ0b8WBZS8RFg7wuxNucNrMAHp+8n3Ww0D9+zqo1rropr7FRc1xYjRrxSvx+g0xhb46qe7In+mSaJy1seITD6T+LdnOz3SK6bXpZ1I1sg7B0XXCLyMe2cs3KrqmUwDYowm6rbyM65X2CVgl/ULXg0rjPBaKqqYpFeQDAYdBgLiLiA99tWhI3hf6WEYb9aio6gIgkDtKMe242TnauUBkCDHxqgC/Lhp4fG4+TCjRTNopO3nmEYoYH67+VQONyU4YRn7lmWReT5pFrkczBIogeihgCwL+zNzA/f4wvGdADNLH9uxuGIpR5a1/HwWa6cKxCQ375kl013By6dHre50zal18KHMz/ou8dDQOsWDMbjE01aDJEHHSVPZiySjXiNWD+mvy8SE8hMRVyP/9PyB91wXwhRAU1UJifFSCuKAlqkwOCkqrMJ+EDhoIrGhx+XfM84/wu/RIowKTtF4Zz7CmpjN8cSgm+Ht4akg7XaBiAGsZMal3TY33SzY7MHZ1Tsv2AeYHPtssyXBdVd8GRZAw7phoPqXpV1hSvLwS7fY2F3+Ie8U3E55p4U7HrYGo9SHqF90rSB/tUhQdah7ptcpywBWlCWqA9L+q7I5kljSLFSf/2Hl1B33M80rCCdnOSiyjawF+0n9Pysw4C/z0aHQIBTDYYTZ9a6RIEjHDFlX7GKX8CKw6XvTvsIgs2kDklcUNTgXI5MRMtkyIrh081V2gNj65B0+yWxlK2VvyKLv2AuFCH2m401Dazusp89yA624wMFRF/DQmiC7MPvWFMzhLbsQu3dRW+JKDv88t18OymQeQlbP+lNdff4Cd4fVoTqt6xCoDLrIcmX/rw9QZnmJF/dW2wmMVQIONdfBx6O+CHsaaLScHdJg0/RIfjA8bkObPh+p1ULvJ9ddLQA5J7Cd2omwhZqXpPbAiveykCEWRMOCD0mama5RHJOyNnqQGYUmPvpq+QwaR4+6DeGy319uyNiLcmKKMIx+hSq2qQhK+ler1DS5VLJC0g5rWcovE7bUs7sNKETvMfO8gr1Crve2wTWA6DCrNZSSkWXwzwJOsVmVx66e/hmh17k/DCqDG55z11QR6X7C0EryzAj1JPJ6wG9KamgsZOCqJL1h2piNdbTnnBPfE5btg2OIw1453OYgWI2f833p6BZR4irditSs67fNt4ZFGad7pq5ETlpFU1FQUZFuEm7iFrw==,iv:7YztaPs7GSC4AdIF36G3qb8lQAhUwkaD613z8LcUW7A=,tag:ULku+TZreQNt5/6ZyLtWog==,type:str]",
|
||||
"data": "ENC[AES256_GCM,data:8y8t7e8XhVy3lc+JcPnFFzI7DTpr+JlXfOKZJu7uX7DczTYQHIZQTrMcFjyBbB8SWJLWLUG8Yd5JGXk377CBX73cxGF+r895lxP+puoKRRzDapkg6y2uN0E3Gr1wnQFB4I8YX7n8UWnj18s3mTIohQHmhoxkuIqu2zvgEGBpMiz3oZIL4zmb8diLXh4PyB1qAI5U5RFWPpkwRWjXteD5m8mqcZ8k4A4l00IMgz2n9MJDQPMjYNITR3XbOlI1qNMYBVb3xuVLXBOBN6x5W4539kGAiHcAi8pOUvBjAXphOEGQ7uLoorAniHx2PPyqReDr5tx47h4RtKJGeGoJ6ZdaFS2LwD10Dkiac330ELLGpSuHoNn7cfw6P8xSyYfreIXbzgavZAlJ1t3fNjEwVtgz63bXL1IX326fP1WcFqBUgAMd8I+VZsxo15j92zZS8gUbdu4KdSMag4dlOa9rgJCLpZGw4UIifHn6RqbH8s/HdisWV2YA3p1/Oowp39Hnr1ZeUecHQCpC2Y/nVLZid9wy4NcIPDbkeb33vMzJ/G5o4EVeYcrnM4J7+KS7aJ4c2bbkRixc1w0bTYeQHFgvM9VBHHEO30t68AGEzju29XeMVi7bzamJZeApPEacMVzzCXlRiAWtPru9JtBYz17VXliMBiEc5Ffo12PXPV7VK/BimKBppJAGNSJiWg/fXawRJNs/fJkLywEL88cf3RYP0Wdy01umjU9tW7Y0W1zc46auKy8KPpCcT0e6kBGmlG2WJje3dNYDFUutFTllV+N7VeDOuZi4oaGrwF1Rz8cAKPrZWMyLX3bMc4EkP7t7h0DoTyXvl3CcA9/wgeCQrLIPLnUTBDTF6jsyt32IjxfiMMBTtR5hLJeM5BzybuYHI2Jbbnt2Ko+tCWOUNdRR7rOYT7o+xzm7g3apcrKIKaufc5YUxdD9asc8uAx+9w7tkg7O/2Ak9qPVgE7HIu9m5O4qaEQn8I1P1GbwiHZeIrfiRzcf6+KgjsLU7i+gCCb3EtMZJUS1CFmlyA+akgsFaunZFYLjg6vUmhQgTKhWooNj3DkdWXWN4bOB/lUyzsCezAD+HfPYyy2pYETRtS/XlpBktSYhP2yLZSxEyjsKBH8roZ/LpNwJV3RuvM+CPstj/pxf23Ayi8LrU1t88Q+/mje1OsMCr67Ltbl+7HXNcpM8zwLUfmTt72YZd1CnoAvbqM3pfecLM1AZEeR+p+xq8tsl1tRE2V0y/SH9kew4UOYRY/eZHmiy8P8Eyjj6/PL+/9+CLU9KGeK/28hGz1u1Ao03FxcPL1AeAeA1mlCNAErT/Q4GUKdDNa5uTHpU86VrMoELtvVaVn3V4AS5I+kTfvI9WF8oaI20U2ysAMpJSiPJyC5AVteyehXAEdGY7bgltvity8arU8efxwmrjbZ29ZWwRezqf1kZLb7pySCfsoqYwCFFDx4s7hD4RF1N4X9GQA5JupUO/+UZTcVX4aud+yf6uTb9yRC5LGjXJj5S03DQ+Vj35nZMUn6xhbPPnEj0uS9yug685mQm/bwUVHIEyoBZfPZquSSh1oolKsKnAPS2+fS13dr2sNuHktq40sJTTglz97ZexoIbZ7Ftx3tzFtqFMhh11EBV4eb0MCu9zwaq5DMoLugXECSkUy6Nfc9XGdRU/x3iIha36jg0wj9MwKNpztNFJzzWSVd8XU5rILbr9yWs4xZKBZq6PFx3NEXCIsJ0kkfc1FUBlnsiYG52A/zcFQZmUAPDy58M4rzLnWjC+qk7jU01Yw6aOcFqqE5kg9+AvYmF8JQ16s17d4o49I/fmL0MYVbSgdXrJZF9ejrkBkIMfu7UgbBlQdJCSW8BFx6zFmg2Y22bh52q8+//PK1rgUKs9RAsAasl8WKrKo+xNgai+1M9eMxg+wsBIP+j4WutMHXPv3AMeqt+JwIPiydPwny49820Z24h49pXPVK0EXTqZl46b7bUvyZqAbDTTDmjb/gOJII/ho6/EeaEUSk/r1NVUehq5S/e/UJagTDI3csmBgEcMYdk5CfoJt0cDeqHgrAo8U8xpURT5BAbeCHwWpI7sE47LZwHStf9WbHyacCGsob+ELvfMvunaY2YmqnlVaYulf0mgmn5YmBI8ouQ2Zc4eklzso+NN6e9j7ODhxPxF/MWKjoi/kpF8eBiEKEbPk0drOS4PcOFEDvbA7fFrwiwUnTqG2+FVBTgyidxDYX70jX5asox5wBc4WAgPXU0WNNb5I2bbenUoGKbDrZ989FblN5I3xnP5kxFq25evPtEvA5R9mwBYtBnd3UBBnDzcsI6gA7o73VW7Y25gfX5ODTRbMjxGYBU+xnNK+B9IOeMGTmFjuqchrlyaSOQ9T2Wx4kNyVUwWRMw/eZPkP6LtEQLVM8iotO6BNcPVqx6dCU4nh19IbjbfyrO0I5ZqSV/PVCRx2Pomceu0EfMpVReFvlIi/UyKROzLuOy6AY1RlthR8gM39l6a6l+WZeukkn+SoAEXeyw4U83K2H9WR6hYcgX0SPGVYfI3C83I0EChET30kiX/rb/fFtb8xdQogA4+R/vR3mPBaGMiWh0WDZVDhNy5/DlwYPYp1zDxtVjQffEhqWS5FqRdw5BsQJQc9glptU5QCgY/ITYwGlaW4OYWokFQWinH0JF9bcCjjjZMT9C52N9ZuZ0muxTT2/UxyhKhX7Eojxq6sz0HJ+TISa5FpUKx/W7I+XqT25n3PtKfnkRDDba+RxDy3bCYo60aOPfR9aCG0VbGLWgc4TQHCmC209rSSIlsD2DhBzFC2lCxasXHIgNAymGfbpOjvqdId9ev1XN0EEd0al4HBUvvGsq9FUeshAWMeWDKu1t0aDKJ6/c4bphThjoAqxtQaGPUFOhNw94PedCBgiRqXN02WZcrnqp/spj+uIfch1F/X5A3jTUev8vq/s7lge7h3CNWXNpBFrW5trdzE8N2Kw3AahsJfZCo/Qd9e6WHIDRgbZFEbKwkTIyeEW8rMv5Ls0Aq+kFvs76muJVnr+Pb7e/GabhgT3pPhYNLQWjPRQYkF2KDKrGUlrc2BkJqRLF3fhI7vQPFphWPl0Lj5idYglIn5v2P2HR9n3Z1+9oyIpmFsqjqILCdoMCDleQOb4DCzXnR5QE4LKg/jjJqqGyO4mAbpwdvN9Q4j1FOUsJNOgMNBUUdEr7n65ktKnJX5wX9cymosRUozgoteb2dblFJjY/pf8toH5kU+YIYmbQR0caw8tdpBl0ETcsaQpF3LbCsSfmN8tZyxS4R/0W782i08IsaN9uXEevlsyFgMg7I2q739fHqJ7kFeosXpKdUpOnmuoLu1A7,iv:9SAQXPwrhy5yjkNxn1lITD77MjqdrYOSlFpUBE8a/fY=,tag:tYApnwq2auUk+/N9alPX3w==,type:str]",
|
||||
"sops": {
|
||||
"age": [
|
||||
{
|
||||
|
|
@ -11,8 +11,8 @@
|
|||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0Z2tONmQxTUhZUW12Z2Jm\nUnoxSnpYcnZDNGNzSko1ckl2RDh3NG1VS2dFCmIwUXhmSk1OUk02S0JPVDR5UWJ4\na0gwWlg0V005ZWxYa29PZ0laS2VqM0kKLS0tIHN5SU9pQ090eHljeXJGWm5hRFQ4\nZ001Nzkyb29RYkNUMDNDNlo4YnVQeTQK34bNIBgxId2+DHKQNVV3Iro3KGkE03Sp\niB1+dADT6nRvGvoyPqnLq/NYfw7eQ6XqYt55zkdCta8v6L1UNUkw8g==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
}
|
||||
],
|
||||
"lastmodified": "2025-10-21T17:51:36Z",
|
||||
"mac": "ENC[AES256_GCM,data:nogwxr8xZVIPv1vnZyBZuGu5WHO7ygxfeoF+Nrmdqin4YrZ8nK3f8oVNAsEBfNvUyr2mkRAbAT3tgcP+u/w+RJgH9ERHWljnw5xy8iGLkTF36B83+lCL7cp3wIzllOQyRUYEHegnQWA79WoWWHD3u4sZmlinByJRUMscRV9uTww=,iv:rZd+3+WlcOVtqgJGhoBkJGm/HF/01wuopeFlEwvcupI=,tag:P7fIdk4ithHyOAfqui6xNw==,type:str]",
|
||||
"lastmodified": "2025-10-21T19:32:24Z",
|
||||
"mac": "ENC[AES256_GCM,data:wM862FQH/qX/abuD+krJOazli9Ci5GrpLtdcnzFgKCeNdjA2cfZ8M3DyzsBwMXjp6HxBHLyO7QXGcQkx3kIKGnRhEBuQzVOtrZhqcDi2Ho8iBV8Dh4xkhcpBYufw7xP8hGWg6ZVZ4JyM3P4NfAdxbfWTdc1VMStAafJ2SZ3pAYI=,iv:tDAKNe8LV40hRCqKzN6j6B71IV81SnrBgerxGPzU4Zk=,tag:7ZsST8pl9TjMog0dNKcUcA==,type:str]",
|
||||
"pgp": [
|
||||
{
|
||||
"created_at": "2025-06-14T22:31:01Z",
|
||||
|
|
|
|||
1737
index.html
1737
index.html
File diff suppressed because it is too large
Load diff
Loading…
Add table
Add a link
Reference in a new issue