From ad4158596a818921c8131fe4a5baf522f8e76811 Mon Sep 17 00:00:00 2001
From: pupbrained <mars@pupbrained.xyz>
Date: Wed, 31 Jul 2024 00:33:42 -0400
Subject: [PATCH] move secrets into flake so i dont need impure anymore

---
 flake.in.nix                           |  2 +-
 flake.nix                              |  3 +--
 secrets/passwd.age                     | 10 ++++++++++
 secrets/secrets.nix                    |  6 ++++++
 systems/x86_64-linux/navis/default.nix |  9 ++++-----
 5 files changed, 22 insertions(+), 8 deletions(-)
 create mode 100644 secrets/passwd.age
 create mode 100644 secrets/secrets.nix

diff --git a/flake.in.nix b/flake.in.nix
index 048af79..e8cbed2 100644
--- a/flake.in.nix
+++ b/flake.in.nix
@@ -88,7 +88,7 @@
                 git
                 nvfetcher
                 statix
-                (writeScriptBin "build" "nix fmt && nh os switch . -- --impure")
+                (writeScriptBin "build" "nix fmt && flake switch")
                 (writeScriptBin "up" "nix flake update")
               ];
             };
diff --git a/flake.nix b/flake.nix
index 221bbeb..e4be826 100644
--- a/flake.nix
+++ b/flake.nix
@@ -1,5 +1,4 @@
 # Do not modify! This file is generated.
-
 {
   inputs = {
     agenix.url = "github:ryantm/agenix";
@@ -43,4 +42,4 @@
     treefmt-nix.url = "github:numtide/treefmt-nix";
   };
   outputs = inputs: inputs.flakegen ./flake.in.nix inputs;
-}
\ No newline at end of file
+}
diff --git a/secrets/passwd.age b/secrets/passwd.age
new file mode 100644
index 0000000..916c58e
--- /dev/null
+++ b/secrets/passwd.age
@@ -0,0 +1,10 @@
+age-encryption.org/v1
+-> ssh-ed25519 Rnre+g OUN16bvLoM64rGq1M1TkQyRBOHygfDfhlQ5GS+8tZ1A
+m3TVkE8x+XycNBUGMEPNO24kZT+vlCVCPM/IP44hTt8
+-> ssh-ed25519 TwwU0w GA9PhE+RTCMGgV4UP/Km0ok8d6T/lEiqC2pRilhd+h8
+uELdOpsKjQacjZooio7PMN/qjT5gHt+8ofaKNZNjJCo
+--- S7SPN5ps/jdCjG+3c6aN6UgKC958ISDvJx7UjVDwrFQ
+
/����;�@��2����W/�){�!1*�����4�����Z`�d�*�t ;D�
+x����K%���r_��]O����Ć=\N�����=�
+��
��e�z
1y0ݿÓ��o�pn��,�c�����
+�.
\ No newline at end of file
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
new file mode 100644
index 0000000..f64fbce
--- /dev/null
+++ b/secrets/secrets.nix
@@ -0,0 +1,6 @@
+let
+  marshall = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL2vmQG3o3yMTXUbHYM7evCpUo/V+gK8Lofajt/hEjrB navis";
+  system = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJe8dn/plNp53zGSzHTZjjrQbo94WWMZf7508agyIwQQ agenix";
+in {
+  "passwd.age".publicKeys = [marshall system];
+}
diff --git a/systems/x86_64-linux/navis/default.nix b/systems/x86_64-linux/navis/default.nix
index 4330291..9d9951e 100644
--- a/systems/x86_64-linux/navis/default.nix
+++ b/systems/x86_64-linux/navis/default.nix
@@ -51,7 +51,7 @@ with lib // pkgs // inputs; {
   '';
 
   age = {
-    secrets.passwd.file = /etc/secrets/passwd.age;
+    secrets.passwd.file = "${self}/secrets/passwd.age";
     identityPaths = ["/persist/root/.ssh/id_ed25519"];
   };
 
@@ -102,7 +102,7 @@ with lib // pkgs // inputs; {
 
     systemPackages = [
       agenix.packages.${system}.default
-      gnome.nautilus
+      nautilus
       internal.lightly-boehs-qt6
       looking-glass-client
       snowfallorg.flake
@@ -119,7 +119,6 @@ with lib // pkgs // inputs; {
       hideMounts = true;
       directories = [
         "/etc/NetworkManager"
-        "/etc/secrets"
         "/etc/ssh"
         "/root/.ssh"
         "/var/lib/bluetooth"
@@ -468,9 +467,9 @@ with lib // pkgs // inputs; {
     bluetooth.enable = true;
     i2c.enable = true;
 
-    opengl = {
+    graphics = {
       enable = true;
-      driSupport32Bit = true;
+      enable32Bit = true;
       extraPackages = [
         vaapiVdpau
         nvidia-vaapi-driver