flake.lock: update mysecrets

hosts/dunamis/configuration.nix: add dnscrypt
hosts/dunamis/sops.nix: add another ssh key
hosts/dunamis/users/user/home-configuration.nix: import sops.nix
hosts/dunamis/users/user/sops.nix: link public keys
modules/home/desktop/niri/default.nix: redo layout string insertion

Signed-off-by: unexplrd <unexplrd@linerds.us>

hosts/dunamis/configuration.nix

@@ -62,6 +62,14 @@
     fwupd.enable = true;
     openssh.enable = true;
     syncthing.openDefaultPorts = true;
+    dnscrypt-proxy2 = {
+      enable = true;
+      settings = {
+        require_dnssec = true;
+        server_names = ["mullvad-doh"];
+        bootstrap_resolvers = ["9.9.9.11:53" "9.9.9.9:53"];
+      };
+    };
     opensnitch = {
       enable = false;
       settings = {

hosts/dunamis/sops.nix

@@ -24,6 +24,11 @@ in {
         mode = "0400";
         owner = "user";
       };
+      "ssh-private-uni" = {
+        path = "/home/user/.ssh/id_uni_ed25519";
+        mode = "0400";
+        owner = "user";
+      };
     };
   };
 }

hosts/dunamis/users/user/home-configuration.nix

@@ -5,6 +5,7 @@
     self.homeModules.programs
     ./programs.nix
     ./flatpak.nix
+    ./sops.nix
   ];
   desktop.niri.enable = true;
   home = {

hosts/dunamis/users/user/sops.nix

@@ -1,20 +1,26 @@
 {inputs, ...}: let
   secretsPath = builtins.toString inputs.mysecrets;
 in {
-  imports = with inputs; [
-    sops-nix.homeManagerModules.sops
-  ];
+  # imports = with inputs; [
+  #   sops-nix.homeManagerModules.sops
+  # ];
+  # sops = {
+  # age.keyFile = "/var/lib/sops-nix/key.txt";
 
-  sops = {
-    age.keyFile = "/var/lib/sops-nix/key.txt";
+  # defaultSopsFile = "${secretsPath}/secrets.yaml";
+  # validateSopsFiles = false;
 
-    defaultSopsFile = "${secretsPath}/secrets.yaml";
-    validateSopsFiles = false;
-
-    secrets = {
-      "ssh/private/dunamis-user" = {
-        path = "/home/user/.ssh/id_ed25519";
-      };
-    };
+  # secrets = {
+  #   "ssh/private/dunamis-user" = {
+  #     path = "/home/user/.ssh/id_ed25519";
+  #   };
+  # };
+  home.file."id_ed25519_pub" = {
+    source = "${secretsPath}/ssh/user/id_dunamis_ed25519.pub";
+    target = ".ssh/id_ed25519.pub";
+  };
+  home.file."id_uni_ed25519_pub" = {
+    source = "${secretsPath}/ssh/user/id_uni_ed25519.pub";
+    target = ".ssh/id_uni_ed25519.pub";
   };
 }