From ef65db8be79e8dc62996fa2fbfaae4ec19ac403a Mon Sep 17 00:00:00 2001
From: stuebinm
Date: Mon, 31 Oct 2022 21:25:57 +0100
Subject: add peerix

this is more difficult than i thought
---
 cyberbox/configuration.nix | 12 +++++++-
 flake.lock                 | 73 ++++++++++++++++++++++++++++++++++++++++++++--
 flake.nix                  |  6 ++--
 3 files changed, 86 insertions(+), 5 deletions(-)

diff --git a/cyberbox/configuration.nix b/cyberbox/configuration.nix
index 0638f30..31c49c4 100644
--- a/cyberbox/configuration.nix
+++ b/cyberbox/configuration.nix
@@ -1,4 +1,4 @@
-{ config, pkgs, ... }:
+{ config, pkgs, inputs, ... }:
 
 {
   imports = [
@@ -29,6 +29,16 @@
   };
 
 
+  services.peerix = {
+    enable = true;
+    openFirewall = true;
+    package = inputs.peerix.packages.x86_64-linux.peerix;
+    privateKeyFile = "/var/lib/peerix/peerix-private";
+    # publicKeyFile = "/var/lib/peerix-public";
+    publicKey = "peerix-abbenay:sWkpQo5oyhEEXXMEm+8+2KkVcBkfIVpa06jhBs2LRXM= peerix-cyberbox:tU7BvNanoiDAFqXQcPItEUCE4jLzdoZ589e3DYqPM9E=";
+  };
+
+
   # Enable the X11 windowing system.
   # services.xserver.enable = true;
 
diff --git a/flake.lock b/flake.lock
index bb88514..697e005 100644
--- a/flake.lock
+++ b/flake.lock
@@ -3,7 +3,7 @@
     "almanac": {
       "flake": false,
       "locked": {
-        "narHash": "sha256-0ej6znxb6EA55MAVP7tY7egAvCacVOQOLLcFETyXLn0=",
+        "narHash": "sha256-ypuzJrVWl4hkRPgSNIkPhCAadGHPH1vnfsXDwrwTCdA=",
         "path": "/home/stuebinm/clones/almanac",
         "type": "path"
       },
@@ -31,7 +31,7 @@
     "blog": {
       "flake": false,
       "locked": {
-        "narHash": "sha256-rvo/7QNbTkD7a7h7zq5J8Eft5YdlwNJXB4lw012sPgo=",
+        "narHash": "sha256-FzljOB8PpukwCP1XxfJsAJSBX5Im0VK462P6rbk8LDc=",
         "path": "/home/stuebinm/projects/blog",
         "rev": "61d09465b5285f4c5d5420cc9aa3f483072fb765",
         "type": "path"
@@ -92,6 +92,37 @@
         "type": "github"
       }
     },
+    "flake-compat_2": {
+      "flake": false,
+      "locked": {
+        "lastModified": 1627913399,
+        "narHash": "sha256-hY8g6H2KFL8ownSiFeMOjwPC8P0ueXpCVEbxgda3pko=",
+        "owner": "edolstra",
+        "repo": "flake-compat",
+        "rev": "12c64ca55c1014cdc1b16ed5a804aa8576601ff2",
+        "type": "github"
+      },
+      "original": {
+        "owner": "edolstra",
+        "repo": "flake-compat",
+        "type": "github"
+      }
+    },
+    "flake-utils": {
+      "locked": {
+        "lastModified": 1634851050,
+        "narHash": "sha256-N83GlSGPJJdcqhUxSCS/WwW5pksYf3VP1M13cDRTSVA=",
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "rev": "c91f3de5adaf1de973b797ef7485e441a65b8935",
+        "type": "github"
+      },
+      "original": {
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "type": "github"
+      }
+    },
     "gtfsBooks": {
       "flake": false,
       "locked": {
@@ -150,6 +181,20 @@
         "type": "github"
       }
     },
+    "nixos-hardware": {
+      "locked": {
+        "lastModified": 1667221253,
+        "narHash": "sha256-PGGT7D/qmi1E8D1Z32SLrzq7PJO5CajD64GfCCdslk0=",
+        "owner": "NixOS",
+        "repo": "nixos-hardware",
+        "rev": "d5bacd34f54328f31bef9237098fdeaad83074be",
+        "type": "github"
+      },
+      "original": {
+        "id": "nixos-hardware",
+        "type": "indirect"
+      }
+    },
     "nixpkgs": {
       "locked": {
         "lastModified": 1664831710,
@@ -212,6 +257,28 @@
         "type": "indirect"
       }
     },
+    "peerix": {
+      "inputs": {
+        "flake-compat": "flake-compat_2",
+        "flake-utils": "flake-utils",
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1661429880,
+        "narHash": "sha256-7/m468XZW82O7KhDtRdQ7RnPsh83+tA8N4U0FncFo1U=",
+        "owner": "cid-chan",
+        "repo": "peerix",
+        "rev": "32cd1b098b83c90726848bd6726f74e72c557abb",
+        "type": "github"
+      },
+      "original": {
+        "owner": "cid-chan",
+        "repo": "peerix",
+        "type": "github"
+      }
+    },
     "playground": {
       "flake": false,
       "locked": {
@@ -237,8 +304,10 @@
         "gtfsBooks": "gtfsBooks",
         "home-manager": "home-manager",
         "naersk": "naersk",
+        "nixos-hardware": "nixos-hardware",
         "nixpkgs": "nixpkgs",
         "nixpkgs-unstable": "nixpkgs-unstable",
+        "peerix": "peerix",
         "playground": "playground",
         "sfz": "sfz",
         "simple-nixos-mailserver": "simple-nixos-mailserver",
diff --git a/flake.nix b/flake.nix
index fb0b7ef..13bfa6d 100644
--- a/flake.nix
+++ b/flake.nix
@@ -8,6 +8,8 @@
 
     home-manager.url = "github:nix-community/home-manager/release-22.05";
     home-manager.inputs.nixpkgs.follows = "nixpkgs";
+    peerix.url = "github:cid-chan/peerix";
+    peerix.inputs.nixpkgs.follows = "nixpkgs";
     naersk.url = "github:nix-community/naersk";
     naersk.inputs.nixpkgs.follows = "nixpkgs";
     deploy-rs.url = "github:serokell/deploy-rs";
@@ -37,7 +39,7 @@
     walint.flake = false;
   };
 
-  outputs = { self, nixpkgs, deploy-rs, ... }@inputs:
+  outputs = { self, nixpkgs, deploy-rs, peerix, nixos-hardware, ... }@inputs:
   let
     mkConfig = imports: config:
     nixpkgs.lib.nixosSystem {
@@ -47,7 +49,7 @@
       specialArgs = { inherit inputs; };
     };
     mkServer = mkConfig [ ./common/headless.nix ];
-    mkDesktop = mkConfig [ ./common/desktop.nix ];
+    mkDesktop = mkConfig [ ./common/desktop.nix peerix.nixosModules.peerix ];
     deploy-vps = hostname: {
       inherit hostname;
       profiles.system = {
-- 
cgit v1.2.3