Much change, kinda broke my git history

base.nix

@@ -2,25 +2,26 @@
 
 {
 
-  imports = [ 
+  imports = [
     ./users/default.nix
-    ./users/julien.nix 
+    ./users/julien.nix
   ];
   luj.nix.enable = true;
+  luj.secrets.enable = true;
+  luj.ssh-server.enable = true;
 
   sops.defaultSopsFile = ./secrets/secrets.yaml;
-  sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key"];
+  sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
 
   time.timeZone = "Europe/Paris";
-    i18n.defaultLocale = "en_US.UTF-8";
+  i18n.defaultLocale = "en_US.UTF-8";
-    console = {
+  console = {
-        font = "Lat2-Terminus16";
+    font = "Lat2-Terminus16";
-        keyMap = "fr";
+    keyMap = "fr";
-    };
+  };
 
-   
+
-    services.openssh.enable = true;
+  programs.mosh.enable = true;
-    programs.mosh.enable = true;
+  programs.gnupg.agent.enable = true;
-    programs.gnupg.agent.enable = true;
 
 }

home-manager-modules/mails/default.nix

@@ -29,7 +29,7 @@ with lib;
           msmtp.enable = true;
           primary = true;
           realName = "Julien Malka";
-          passwordCommand = "${pkgs.gnupg}/bin/gpg -q --batch --passphrase-file /home/julien/email-passphrase -d ${./ens.pass.gpg}";
+          passwordCommand = "cat /home/julien/.config/ens-mail-passwd";
           smtp = {
             host = "clipper.ens.fr";
           };

home-manager-modules/neovim/default.nix

@@ -54,6 +54,7 @@ with lib;
         rnix-lsp
         tree-sitter
         sumneko-lua-language-server
+        ripgrep
       ];
       extraConfig = ''
         luafile ${./lua}/lsp.lua

home-manager-modules/ssh-client/default.nix

@@ -0,0 +1,37 @@
+{ config, pkgs, lib, ... }:
+let
+  cfg = config.luj.programs.ssh-client;
+in
+with lib;
+{
+  options.luj.programs.ssh-client = {
+    enable = mkEnableOption "Enable ssh client";
+  };
+
+  config = mkIf cfg.enable {
+    programs.ssh = {
+      enable = true;
+      matchBlocks = {
+        newton = {
+          hostname = "newton.julienmalka.me";
+          user = "julien";
+          port = 45;
+        };
+        lisa = {
+          hostname = "2a01:e0a:5f9:9681:5880:c9ff:fe9f:3dfb";
+          user = "julien";
+#          port = 45;
+        };
+        newton-init = {
+          hostname = "newton.julienmalka.me";
+          user = "root";
+          port = 2222;
+        };
+        sas = {
+          hostname = "sas.eleves.ens.fr";
+          user = "jmalka";
+        };
+      };
+    };
+  };
+}

machines/lisa/home-julien.nix

@@ -2,6 +2,7 @@
 {
  luj.hmgr.julien = {
     luj.programs.neovim.enable = true;
+    luj.programs.ssh-client.enable = true;
     luj.programs.git.enable = true;
   };
 }

machines/macintosh/home-julien.nix

@@ -3,6 +3,7 @@
 
   luj.hmgr.julien = {
     luj.programs.neovim.enable = true;
+    luj.programs.ssh-client.enable = true;
     luj.i3.enable = true;
     luj.polybar.enable = true;
     home.packages = with pkgs; [
@@ -28,6 +29,7 @@
       ctags
       ungoogled-chromium
       networkmanagerapplet
+      sops
     ];
 
 

machines/newton/home-julien.nix

@@ -3,6 +3,7 @@
   luj.hmgr.julien = {
     luj.programs.neovim.enable = true;
     luj.programs.git.enable = true;
+    luj.programs.ssh-client.enable = true;
     luj.emails = {
       enable = true;
       backend.enable = true;

modules/hmgr/default.nix

@@ -1,4 +1,4 @@
-{ config, pkgs, lib, ... }:
+{ config, pkgs, lib, inputs, ... }:
 let
   cfg = config.luj.hmgr;
 in
@@ -13,7 +13,7 @@ with lib;
       lib.mapAttrs
         (name: value:
           {
-            imports = with builtins; map (x: ../../home-manager-modules + "/${x}/default.nix") (attrNames (readDir ../../home-manager-modules)); 
+            imports = with builtins; (map (x: ../../home-manager-modules + "/${x}/default.nix") (attrNames (readDir ../../home-manager-modules))); 
             home.username = "${name}";
             home.homeDirectory = "/home/${name}";
             home.stateVersion = "21.11";

modules/secrets/default.nix

@@ -0,0 +1,23 @@
+{ pkgs, config, lib, inputs, ... }:
+let
+  cfg = config.luj.secrets;
+in
+with lib;
+{
+  options.luj.secrets = {
+    enable = mkEnableOption "Create secrets";
+  };
+
+  config = mkIf cfg.enable
+    {
+      sops.secrets.ens-mail-passwd = {
+        owner = "julien";
+        path = "/home/julien/.config/ens-mail-passwd";
+      };
+
+      sops.secrets.sendinblue-mail-passwd = {};
+      
+      };
+
+
+}

modules/ssh-server/default.nix

@@ -0,0 +1,21 @@
+{ pkgs, config, lib, inputs, ... }:
+let
+  cfg = config.luj.ssh-server;
+in
+with lib;
+{
+  options.luj.ssh-server = {
+    enable = mkEnableOption "Accept ssh connections";
+  };
+
+  config = mkIf cfg.enable
+    {
+      services.openssh = {
+        enable = true;
+        ports = [ 45 ];
+        passwordAuthentication = false;
+        permitRootLogin = "no";
+        openFirewall = true;
+      };
+    };
+}

modules/zfs-mails/default.nix

@@ -8,7 +8,7 @@ let
     host = "smtp-relay.sendinblue.com";
     port = "587";
     user = "julien.malka@me.com";
-    passwordeval = "${pkgs.gnupg}/bin/gpg -q --batch --passphrase-file /home/julien/email-passphrase -d ${./sendinblue.pass.gpg}";
+    passwordeval = "cat /run/secrets/sendinblue-mail-passwd";
     from = emailFrom;
   };
 

secrets/secrets.yaml

@@ -1,5 +1,7 @@
 user-julien-password: ENC[AES256_GCM,data:v1mzJTqMTIVcy/qTV6s98/RVjlDSKj/HPTpawRv5PbL8OVszjO9IJKRlNJJfzNZ9o3euVV8bhGvaHRkoqLhflp1ULpCqZ/uLeDXbCG700Hlr61jahyYA1vDORl4QXTm+b4hhyGc4xrExHg==,iv:Gv6y9DnKuxVz+QxSIW9IVCv9DdU5cA6+WR/OSA0SNfQ=,tag:sEIqwf24eYbpevnUlXxOkg==,type:str]
 user-root-password: ENC[AES256_GCM,data:RPdunJvhHm7jKVCjtUEjrWvICCMUy/iMNgu/ApE+X04xnQUzI16+utlhEyJreRUzqu/qjV76Iep+WC8Bqn3XOEHSFOKxTqhwrbrgBX52zwVzDFUTGsLYMp9vLazl69qwB41rokpC35hcTA==,iv:062Qn5BkGC+McSSCjNXeSPZ+r2KgrYEuDq/PHf87nac=,tag:HdOWNw1iS3XoLm8CfDcTvQ==,type:str]
+ens-mail-passwd: ENC[AES256_GCM,data:NLJ2D09xUNXVdA==,iv:rql17Ox9QIVtfkZWUS7+M3rgEOOd02hn390zNdSBAj0=,tag:SbajW6RjNWIJsiikFMliww==,type:str]
+sendinblue-mail-passwd: ENC[AES256_GCM,data:XpB255skeWKwwK2AqMwqEw==,iv:cuS58ISY9J1qMkAAjxWdHpEYHPFBBmCS8hwNX4BBV4w=,tag:dhJSN6ozThH4wKsw8M8Mug==,type:str]
 sops:
     kms: []
     gcp_kms: []
@@ -33,8 +35,8 @@ sops:
             YlZjaTNZL29VcHlReGxWRENobHcyUDgK1518yGevHiTP1WiaIvqeqYBi8Y9ZhoJZ
             okemTbpj3Svv/TVIjKp3iO/KHHPYrCZPOQAmvxf/PP14ahOmEv255g==
             -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2021-12-22T13:06:39Z"
+    lastmodified: "2021-12-22T14:29:36Z"
-    mac: ENC[AES256_GCM,data:UuvZbrFbw3/hiU1ETOot172VxQu3+rqy1NzHssqJvq7sZkBKbP9YQq7BaEDBw+uX0ZWnZXontBT7tDoufCtzuuAaCARRupDHYTBq5jKA2eMQFgudTG3Cxs8g/pYgaYDxtMcRzz0b8sXLs0PmLoAewF+qZYNN2rfmMgUePxIcl70=,iv:RuchRXHDuqmhru4gGaepz4szMJLav0zh1GxAN8cpGYI=,tag:eT0//dTSQjBr3+8y7CmyRQ==,type:str]
+    mac: ENC[AES256_GCM,data:hZtqIZEm71CFkAWZPEBkbxolajds3wqPLW2D+RRVU+3r39IYe65KZe9tC7Jpfscj2XPAf8ay+2Vmhp+e+Ddu8nZe7f2MP2ep3BkQUfdTPTFim6HoIvI2Vis1seyoIKjXai1tJ7TbSH6DwdbXfFubccnWpMgBiSS6om83SRhHhHY=,iv:qOaS+BHhep5mnNTCtZKquFjEJMGwZHaCFTNRNFi1BDI=,tag:xoTXnOCgeAgw3S1zuPEO6w==,type:str]
     pgp: []
     unencrypted_suffix: _unencrypted
     version: 3.7.1

users/julien.nix

@@ -7,7 +7,7 @@
   users.users.julien = {
     isNormalUser = true;
     home = "/home/julien";
-    extraGroups = [ "wheel" "keys"]; 
+    extraGroups = [ "wheel" config.users.groups.keys.name]; 
     shell = pkgs.fish;
     passwordFile = config.sops.secrets.user-julien-password.path;
     openssh.authorizedKeys.keyFiles = [