diff --git a/error b/error deleted file mode 100644 index 240dd5c..0000000 --- a/error +++ /dev/null @@ -1,14 +0,0 @@ -○ yubikey-touch-detector.service - yubikey-touch-detector - Loaded: loaded (/home/moth/.config/systemd/user/yubikey-touch-detector.service; enabled; preset: enabled) - Active: inactive (dead) - -Jul 15 20:29:36 pcLexell systemd[1672]: /nix/store/7kckxc8g79h8qgdp5b1ixrwq8qcy02q0-yubikey-touch-detector.service/yubikey-touch-detector.service:2: Unknown key name 'After' in section 'Install', ignoring. -Jul 15 20:29:36 pcLexell systemd[1672]: /nix/store/7kckxc8g79h8qgdp5b1ixrwq8qcy02q0-yubikey-touch-detector.service/yubikey-touch-detector.service:4: Unknown key name 'Wants' in section 'Install', ignoring. -Jul 15 20:29:36 pcLexell systemd[1672]: /nix/store/7kckxc8g79h8qgdp5b1ixrwq8qcy02q0-yubikey-touch-detector.service/yubikey-touch-detector.service:5: Unknown key name 'Wants' in section 'Install', ignoring. -Jul 15 20:41:01 pcLexell systemd[1672]: /home/moth/.config/systemd/user/yubikey-touch-detector.service:2: Unknown key name 'After' in section 'Install', ignoring. -Jul 15 20:41:01 pcLexell systemd[1672]: /home/moth/.config/systemd/user/yubikey-touch-detector.service:4: Unknown key name 'Wants' in section 'Install', ignoring. -Jul 15 20:41:01 pcLexell systemd[1672]: /home/moth/.config/systemd/user/yubikey-touch-detector.service:5: Unknown key name 'Wants' in section 'Install', ignoring. -Jul 15 20:41:01 pcLexell systemd[1672]: /home/moth/.config/systemd/user/yubikey-touch-detector.service:3: Unknown key name 'Wants' in section 'Install', ignoring. -Jul 15 20:41:01 pcLexell systemd[1672]: /home/moth/.config/systemd/user/yubikey-touch-detector.service:4: Unknown key name 'Wants' in section 'Install', ignoring. -Jul 15 20:41:01 pcLexell systemd[1672]: /nix/store/0c6k4bslwfghs6gqk7h76jw51v2y0dgs-yubikey-touch-detector.service/yubikey-touch-detector.service:3: Unknown key name 'Wants' in section 'Install', ignoring. -Jul 15 20:41:01 pcLexell systemd[1672]: /nix/store/0c6k4bslwfghs6gqk7h76jw51v2y0dgs-yubikey-touch-detector.service/yubikey-touch-detector.service:4: Unknown key name 'Wants' in section 'Install', ignoring. diff --git a/machines/pcLexell/initrd.backup.nix b/machines/pcLexell/initrd.backup.nix deleted file mode 100644 index 3461347..0000000 --- a/machines/pcLexell/initrd.backup.nix +++ /dev/null @@ -1,92 +0,0 @@ -# Infrastructure config by DomesticMoth -# -# To the extent possible under law, the person who associated CC0 with -# this work has waived all copyright and related or neighboring rights -# to it. -# -# You should have received a copy of the CC0 legalcode along with this -# work. If not, see . -{ - config, - pkgs, - lib, - inputs, - ... -}: { - environment.systemPackages = with pkgs; [ - tree - b3sum - openssl - ]; - - #services.getty.autologinUser = "root"; - - boot.initrd = { - extraUtilsCommands = '' - copy_bin_and_libs ${pkgs.bash}/bin/bash - copy_bin_and_libs ${pkgs.b3sum}/bin/b3sum - copy_bin_and_libs ${pkgs.util-linux}/bin/lsblk - copy_bin_and_libs ${pkgs.tree}/bin/tree - copy_bin_and_libs ${pkgs.openssl}/bin/openssl - ''; - kernelModules = [ - "uas" - "usbcore" - "usb_storage" - "vfat" - "nls_cp437" - "nls_iso8859_1" - ]; - availableKernelModules = [ - # For better luks encryption performance - "aesni_intel" - "cryptd" - ]; - # TODO Add hello message with my contacts - postDeviceCommands = let - path_hash = "50e97458df1ecadddd93c088873054dae35bedf51530e98df80d9c2ad814520a"; - content_hash = "f1ac885c1f27071f89ff728d627fa7859f86e6526d9fd1ebd164a48d60515db1"; - in - lib.mkBefore '' - REF_PATH_HASH="${path_hash}" - REF_CONTENT_HASH="${content_hash}" - mkdir -p /key - mkdir -p /decrypt - echo "Waiting two seconds to make sure the USB key has been loaded" - sleep 2 - echo "Geting list of FAT32 partitions on all disks" - lsblk -f --raw | grep "vfat FAT32" | cut -f1 -d" " | while read partition - do - echo "Mount /dev/$partition to /key" - mount -n -t vfat -o ro /dev/$partition /key - echo "List files in /key" - tree /key -fxainF -L 3 --prune --noreport | grep -v '/$' | grep -v '>' | tr -d '*' | while read file - do - HASH=$(echo $file | b3sum | cut -f1 -d" ") - if [ "$REF_PATH_HASH" == "$HASH" ]; then - echo "file found: $file" - CONTENT_HASH=$(b3sum $file | cut -f1 -d" ") - if [ "$CONTENT_HASH" == "$REF_CONTENT_HASH" ]; then - echo "found key file: $file" - cp $file /decrypt/encrypted_key - return - fi - fi - done - echo "Unmount /key" - umount /key - done - # Decrypt /decrypt/encrypted_key with openssl to /decrypt/decrypted_key - clear - read -sp "Enter password:" PASSWORD - openssl enc -aes-256-cbc -d -pbkdf2 -in /decrypt/encrypted_key -out /decrypt/decrypted_key -k "$PASSWORD" - #cat /decrypt/decrypted_key - # Unlock luks partition with /decrypt/decrypted_key - #bash - ''; - luks.devices."crypted" = { - keyFile = "/decrypt/decrypted_key"; - preLVM = lib.mkForce false; - }; - }; -} diff --git a/service b/service deleted file mode 100644 index 7e0c2ff..0000000 --- a/service +++ /dev/null @@ -1,239 +0,0 @@ -Type=simple -ExitType=main -Restart=no -NotifyAccess=none -RestartUSec=100ms -TimeoutStartUSec=1min 30s -TimeoutStopUSec=1min 30s -TimeoutAbortUSec=1min 30s -TimeoutStartFailureMode=terminate -TimeoutStopFailureMode=terminate -RuntimeMaxUSec=infinity -RuntimeRandomizedExtraUSec=0 -WatchdogUSec=infinity -WatchdogTimestampMonotonic=0 -RootDirectoryStartOnly=no -RemainAfterExit=no -GuessMainPID=yes -MainPID=0 -ControlPID=0 -FileDescriptorStoreMax=0 -NFileDescriptorStore=0 -StatusErrno=0 -Result=success -ReloadResult=success -CleanResult=success -UID=[not set] -GID=[not set] -NRestarts=0 -OOMPolicy=stop -ReloadSignal=1 -ExecMainStartTimestampMonotonic=0 -ExecMainExitTimestampMonotonic=0 -ExecMainPID=0 -ExecMainCode=0 -ExecMainStatus=0 -ExecStart={ path=/nix/store/skkl7yd7x0f3nlv2kphlx77mkc8mgxn0-yubikey-touch-detector ; argv[]=/nix/store/skkl7yd7x0f3nlv2kphlx77mkc8mgxn0-yubikey-touch-detector ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 } -ExecStartEx={ path=/nix/store/skkl7yd7x0f3nlv2kphlx77mkc8mgxn0-yubikey-touch-detector ; argv[]=/nix/store/skkl7yd7x0f3nlv2kphlx77mkc8mgxn0-yubikey-touch-detector ; flags= ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 } -Slice=app.slice -ControlGroupId=0 -MemoryCurrent=[not set] -MemoryAvailable=infinity -CPUUsageNSec=[not set] -TasksCurrent=[not set] -IPIngressBytes=[no data] -IPIngressPackets=[no data] -IPEgressBytes=[no data] -IPEgressPackets=[no data] -IOReadBytes=18446744073709551615 -IOReadOperations=18446744073709551615 -IOWriteBytes=18446744073709551615 -IOWriteOperations=18446744073709551615 -Delegate=no -CPUAccounting=yes -CPUWeight=[not set] -StartupCPUWeight=[not set] -CPUShares=[not set] -StartupCPUShares=[not set] -CPUQuotaPerSecUSec=infinity -CPUQuotaPeriodUSec=infinity -IOAccounting=no -IOWeight=[not set] -StartupIOWeight=[not set] -BlockIOAccounting=no -BlockIOWeight=[not set] -StartupBlockIOWeight=[not set] -MemoryAccounting=yes -DefaultMemoryLow=0 -DefaultMemoryMin=0 -MemoryMin=0 -MemoryLow=0 -MemoryHigh=infinity -MemoryMax=infinity -MemorySwapMax=infinity -MemoryZSwapMax=infinity -MemoryLimit=infinity -DevicePolicy=auto -TasksAccounting=yes -TasksMax=76887 -IPAccounting=no -ManagedOOMSwap=auto -ManagedOOMMemoryPressure=auto -ManagedOOMMemoryPressureLimit=0 -ManagedOOMPreference=none -Environment=PATH=/nix/store/q3rdxplhag8f207xczrh59bybgb6chlm-gnupg-2.4.0/bin:/nix/store/vnpiazvywys7w82wvs5fa84214421msp-yubikey-touch-detector-1.10.1/bin -UMask=0022 -LimitCPU=infinity -LimitCPUSoft=infinity -LimitFSIZE=infinity -LimitFSIZESoft=infinity -LimitDATA=infinity -LimitDATASoft=infinity -LimitSTACK=infinity -LimitSTACKSoft=8388608 -LimitCORE=infinity -LimitCORESoft=infinity -LimitRSS=infinity -LimitRSSSoft=infinity -LimitNOFILE=524288 -LimitNOFILESoft=1024 -LimitAS=infinity -LimitASSoft=infinity -LimitNPROC=256290 -LimitNPROCSoft=256290 -LimitMEMLOCK=8388608 -LimitMEMLOCKSoft=8388608 -LimitLOCKS=infinity -LimitLOCKSSoft=infinity -LimitSIGPENDING=256290 -LimitSIGPENDINGSoft=256290 -LimitMSGQUEUE=819200 -LimitMSGQUEUESoft=819200 -LimitNICE=0 -LimitNICESoft=0 -LimitRTPRIO=0 -LimitRTPRIOSoft=0 -LimitRTTIME=infinity -LimitRTTIMESoft=infinity -WorkingDirectory=!/home/moth -OOMScoreAdjust=200 -CoredumpFilter=0x33 -Nice=0 -IOSchedulingClass=2 -IOSchedulingPriority=4 -CPUSchedulingPolicy=0 -CPUSchedulingPriority=0 -CPUAffinityFromNUMA=no -NUMAPolicy=n/a -TimerSlackNSec=50000 -CPUSchedulingResetOnFork=no -NonBlocking=no -StandardInput=null -StandardOutput=journal -StandardError=inherit -TTYReset=no -TTYVHangup=no -TTYVTDisallocate=no -SyslogPriority=30 -SyslogLevelPrefix=yes -SyslogLevel=6 -SyslogFacility=3 -LogLevelMax=-1 -LogRateLimitIntervalUSec=0 -LogRateLimitBurst=0 -SecureBits=0 -CapabilityBoundingSet=cap_chown cap_dac_override cap_dac_read_search cap_fowner cap_fsetid cap_kill cap_setgid cap_setuid cap_setpcap cap_linux_immutable cap_net_bind_service cap_net_broadcast cap_net_admin cap_net_raw cap_ipc_lock cap_ipc_owner cap_sys_module cap_sys_rawio cap_sys_chroot cap_sys_ptrace cap_sys_pacct cap_sys_admin cap_sys_boot cap_sys_nice cap_sys_resource cap_sys_time cap_sys_tty_config cap_mknod cap_lease cap_audit_write cap_audit_control cap_setfcap cap_mac_override cap_mac_admin cap_syslog cap_wake_alarm cap_block_suspend cap_audit_read cap_perfmon cap_bpf cap_checkpoint_restore -DynamicUser=no -RemoveIPC=no -PrivateTmp=no -PrivateDevices=no -ProtectClock=no -ProtectKernelTunables=no -ProtectKernelModules=no -ProtectKernelLogs=no -ProtectControlGroups=no -PrivateNetwork=no -PrivateUsers=no -PrivateMounts=no -PrivateIPC=no -ProtectHome=no -ProtectSystem=no -SameProcessGroup=no -UtmpMode=init -IgnoreSIGPIPE=yes -NoNewPrivileges=no -SystemCallErrorNumber=2147483646 -LockPersonality=no -RuntimeDirectoryPreserve=no -RuntimeDirectoryMode=0755 -StateDirectoryMode=0755 -CacheDirectoryMode=0755 -LogsDirectoryMode=0755 -ConfigurationDirectoryMode=0755 -TimeoutCleanUSec=infinity -MemoryDenyWriteExecute=no -RestrictRealtime=no -RestrictSUIDSGID=no -RestrictNamespaces=no -MountAPIVFS=no -KeyringMode=inherit -ProtectProc=default -ProcSubset=all -ProtectHostname=no -KillMode=control-group -KillSignal=15 -RestartKillSignal=15 -FinalKillSignal=9 -SendSIGKILL=yes -SendSIGHUP=no -WatchdogSignal=6 -Id=yubikey-touch-detector.service -Names=yubikey-touch-detector.service -Requires=basic.target app.slice -WantedBy=graphical-session.target -Conflicts=shutdown.target -Before=graphical-session.target shutdown.target -After=basic.target app.slice -Description=yubikey-touch-detector -LoadState=loaded -ActiveState=inactive -FreezerState=running -SubState=dead -FragmentPath=/home/moth/.config/systemd/user/yubikey-touch-detector.service -UnitFileState=enabled -UnitFilePreset=enabled -StateChangeTimestamp=Sat 2023-07-15 20:25:03 +04 -StateChangeTimestampMonotonic=1181387789 -InactiveExitTimestampMonotonic=0 -ActiveEnterTimestampMonotonic=0 -ActiveExitTimestampMonotonic=0 -InactiveEnterTimestampMonotonic=0 -CanStart=yes -CanStop=yes -CanReload=no -CanIsolate=no -CanFreeze=yes -StopWhenUnneeded=no -RefuseManualStart=no -RefuseManualStop=no -AllowIsolate=no -DefaultDependencies=yes -OnSuccessJobMode=fail -OnFailureJobMode=replace -IgnoreOnIsolate=no -NeedDaemonReload=no -JobTimeoutUSec=infinity -JobRunningTimeoutUSec=infinity -JobTimeoutAction=none -ConditionResult=no -AssertResult=no -ConditionTimestampMonotonic=0 -AssertTimestampMonotonic=0 -Transient=no -Perpetual=no -StartLimitIntervalUSec=10s -StartLimitBurst=5 -StartLimitAction=none -FailureAction=none -SuccessAction=none -CollectMode=inactive