chore: update work PGP key

hardware/pilot1.nix

@@ -1,36 +0,0 @@
-{
-  config,
-  lib,
-  pkgs,
-  ...
-}:
-
-{
-  boot.initrd.availableKernelModules = [
-    "xhci_pci"
-    "ahci"
-    "usbhid"
-    "usb_storage"
-    "sd_mod"
-    "rtsx_pci_sdmmc"
-  ];
-  boot.initrd.kernelModules = [ "dm-snapshot" ];
-  boot.kernelModules = [ "kvm-intel" ];
-  boot.extraModulePackages = [ ];
-
-  fileSystems."/" = {
-    device = "/dev/disk/by-uuid/155b5acf-a0f8-4615-ae03-43a5c193f772";
-    fsType = "ext4";
-  };
-
-  fileSystems."/boot" = {
-    device = "/dev/disk/by-uuid/31C7-CBD1";
-    fsType = "vfat";
-  };
-
-  swapDevices = [ { device = "/dev/disk/by-uuid/397a1a92-596f-421b-99e1-c9b2cb821309"; } ];
-
-  powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
-
-  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
-}

home/git.nix

@@ -17,9 +17,9 @@
       };
       work = {
         name = "Felix Schröter";
-        email = "fs@upsquared.com";
+        email = "felix.schroeter@cmdscale.com";
         # use sign subkey's fingerprint: gpg2 -K --with-subkey-fingerprint
-        signingKey = "16F6 4623 8B1C 80C4 6267  6FF9 4D13 24C5 006E 9B2E";
+        signingKey = "5A9D CC6B F70A C69B B0D7  C755 A3A2 2573 CA6D 0E38";
         dirs = [ "~/dev/work/" ];
       };
     };

hosts/flake-module.nix

@@ -12,7 +12,7 @@
           inputs.nixos-hardware.nixosModules.common-gpu-amd
           (self.lib.createSystemModule "home-pc" {
             hardwareConfig = ../hardware/home-pc.nix;
-            config = ../hosts/home-pc.nix;
+            config = ../hosts/home-pc/default.nix;
           })
           self.lib.createMediaGroup
           (self.lib.createUserModule "felschr" {
@@ -40,31 +40,6 @@
           inherit inputs;
         };
       };
-      pilot1 = inputs.nixpkgs.lib.nixosSystem {
-        system = "x86_64-linux";
-        modules = [
-          inputs.nixpkgs.nixosModules.notDetected
-          inputs.nixos-hardware.nixosModules.common-pc
-          inputs.nixos-hardware.nixosModules.common-pc-ssd
-          inputs.nixos-hardware.nixosModules.common-cpu-intel
-          (self.lib.createSystemModule "pilot1" {
-            hardwareConfig = ../hardware/pilot1.nix;
-            config = ../hosts/work-pc.nix;
-          })
-          (self.lib.createUserModule "felschr" {
-            homeModule = self.homeModules.felschr-work;
-            user.extraGroups = [
-              "wheel"
-              "audio"
-              "disk"
-            ];
-            usesContainers = true;
-          })
-        ];
-        specialArgs = {
-          inherit inputs;
-        };
-      };
       home-server = inputs.nixpkgs.lib.nixosSystem {
         system = "x86_64-linux";
         modules = [
@@ -76,7 +51,7 @@
           inputs.matrix-appservices.nixosModule
           (self.lib.createSystemModule "home-server" {
             hardwareConfig = ../hardware/lattepanda.nix;
-            config = ../hosts/home-server.nix;
+            config = ../hosts/home-server/default.nix;
           })
           self.lib.createMediaGroup
           (self.lib.createUserModule "felschr" {

hosts/home-pc/default.nix

@@ -2,24 +2,24 @@
 
 {
   imports = [
-    ../hardware/base.nix
-    ../hardware/bluetooth.nix
-    ../hardware/xbox.nix
-    ../hardware/steam.nix
-    ../hardware/ledger.nix
-    ../system/desktop.nix
-    ../system/printing/home.nix
-    ../system/gaming.nix
-    ../desktop
-    ../desktop/cosmic.nix
-    ../virtualisation/containers.nix
-    ../virtualisation/podman.nix
-    ../virtualisation/libvirt.nix
-    ../modules/systemdNotify.nix
-    ../services/samba/home-pc.nix
-    ../services/restic/home-pc.nix
-    ../services/pcscd.nix
-    ../services/open-webui.nix
+    ../../hardware/base.nix
+    ../../hardware/bluetooth.nix
+    ../../hardware/xbox.nix
+    ../../hardware/steam.nix
+    ../../hardware/ledger.nix
+    ../../system/desktop.nix
+    ../../system/printing/home.nix
+    ../../system/gaming.nix
+    ../../desktop
+    ../../desktop/cosmic.nix
+    ../../virtualisation/containers.nix
+    ../../virtualisation/podman.nix
+    ../../virtualisation/libvirt.nix
+    ../../modules/systemdNotify.nix
+    ../../services/samba/home-pc.nix
+    ../../services/restic/home-pc.nix
+    ../../services/pcscd.nix
+    ../../services/open-webui.nix
   ];
 
   nixpkgs.config.allowUnfree = true;

hosts/home-server/default.nix

@@ -18,33 +18,33 @@ let
 in
 {
   imports = [
-    ../hardware/base.nix
-    ../desktop/x11.nix
-    ../system/server.nix
-    ../virtualisation/containers.nix
-    ../virtualisation/podman.nix
-    ../modules/inadyn.nix
-    ../modules/systemdNotify.nix
-    ../services/postgres
-    ../services/mail.nix
-    ../services/lldap.nix
-    ../services/authelia.nix
-    ../services/forgejo
-    ../services/restic/home-server.nix
-    ../services/samba/home-server.nix
-    # ../services/kodi.nix
-    ../services/jellyfin.nix
-    ../services/etebase.nix
-    ../services/website.nix
-    ../services/wkd.nix
-    ../services/home-assistant
-    ../services/matrix
-    ../services/immich.nix
-    ../services/miniflux.nix
-    ../services/paperless.nix
-    ../services/nextcloud.nix
-    ../services/collabora-office.nix
-    ../services/calibre-web.nix
+    ../../hardware/base.nix
+    ../../desktop/x11.nix
+    ../../system/server.nix
+    ../../virtualisation/containers.nix
+    ../../virtualisation/podman.nix
+    ../../modules/inadyn.nix
+    ../../modules/systemdNotify.nix
+    ../../services/postgres
+    ../../services/mail.nix
+    ../../services/lldap.nix
+    ../../services/authelia.nix
+    ../../services/forgejo
+    ../../services/restic/home-server.nix
+    ../../services/samba/home-server.nix
+    # ../../services/kodi.nix
+    ../../services/jellyfin.nix
+    ../../services/etebase.nix
+    ../../services/website.nix
+    ../../services/wkd.nix
+    ../../services/home-assistant
+    ../../services/matrix
+    ../../services/immich.nix
+    ../../services/miniflux.nix
+    ../../services/paperless.nix
+    ../../services/nextcloud.nix
+    ../../services/collabora-office.nix
+    ../../services/calibre-web.nix
   ];
 
   age.secrets.cloudflare.file = ../secrets/cloudflare.age;

hosts/penguin/default.nix

@@ -13,6 +13,7 @@
         hostname = "penguin";
         timezone = "Europe/Berlin";
         ipaddr = "192.168.0.1";
+        packages = [ "ds-lite" ];
       };
     };
 }

hosts/work-pc.nix

@@ -1,42 +0,0 @@
-{ ... }:
-
-{
-  imports = [
-    ../hardware/base.nix
-    ../hardware/bluetooth.nix
-    ../system/desktop.nix
-    ../system/printing/home.nix
-    ../desktop
-    ../virtualisation/containers.nix
-    ../virtualisation/podman.nix
-  ];
-
-  # replace with regenerated hardware-configuration.nix
-  boot.initrd.luks.devices = {
-    enc = {
-      device = "/dev/disk/by-partlabel/nixos";
-      allowDiscards = true;
-    };
-  };
-
-  nixpkgs.config.allowUnfree = true;
-
-  hardware.logitech.wireless.enable = true;
-  hardware.logitech.wireless.enableGraphical = true;
-
-  programs.adb.enable = true;
-
-  programs.zsh.enable = true;
-
-  services.openssh = {
-    enable = true;
-    settings = {
-      KbdInteractiveAuthentication = false;
-      PasswordAuthentication = false;
-      PermitRootLogin = "no";
-    };
-  };
-
-  # only change this when specified in release notes
-  system.stateVersion = "24.11";
-}

secrets/secrets.nix

@@ -6,11 +6,9 @@ let
   # `ssh-keygen -t ed25519 -N "" -f /etc/secrets/initrd/ssh_host_ed25519_key`
   home-pc = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBFTQvIcSdhEKl/Kq+pcS/cPCyyZ1ygj+djfuaXzaRMx";
   home-server = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILO+OLPr8zdOMYyKtm98AFJai7zbaxw7JhVWgOwu7K3C";
-  pilot1 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHEucfNzPbDRdDjTaLG3PzN4lAzDAq3QUkaLvaRjjsCY";
   systems = [
     home-pc
     home-server
-    pilot1
   ];
 in
 {
@@ -18,13 +16,11 @@ in
     felschr
     home-pc
     home-server
-    pilot1
   ];
   "restic/password.age".publicKeys = [
     felschr
     home-pc
     home-server
-    pilot1
   ];
   "smtp.age".publicKeys = [
     felschr