From f260f7d847f99c8dd919c9c75d612bc3a0279040 Mon Sep 17 00:00:00 2001 From: xinyangli Date: Wed, 4 Dec 2024 16:31:06 +0800 Subject: [PATCH] calcite: drop tpm-ssh-agent and oidc-agent for now --- machines/calcite/configuration.nix | 13 ------- machines/calcite/network.nix | 20 +++++----- overlays/pkgs/oidc-agent/default.nix | 56 ---------------------------- 3 files changed, 9 insertions(+), 80 deletions(-) delete mode 100644 overlays/pkgs/oidc-agent/default.nix diff --git a/machines/calcite/configuration.nix b/machines/calcite/configuration.nix index f80351b..1531899 100644 --- a/machines/calcite/configuration.nix +++ b/machines/calcite/configuration.nix @@ -51,7 +51,6 @@ in }; # services.gnome.gnome-keyring.enable = lib.mkForce false; security.pam.services.login.enableGnomeKeyring = lib.mkForce false; - services.ssh-tpm-agent.enable = true; programs.ssh.agentPKCS11Whitelist = "${config.security.tpm2.pkcs11.package}/lib/libtpm_pkcs11.so"; @@ -66,18 +65,6 @@ in }; }; - programs.oidc-agent.enable = true; - programs.oidc-agent.providers = [ - { - issuer = "https://home.xinyang.life:9201"; - pubclient = { - client_id = "xdXOt13JKxym1B1QcEncf2XDkLAexMBFwiT9j6EfhhHFJhs2KM9jbjTmf8JBXE69"; - client_secret = "UBntmLjC2yYCeHwsyj73Uwo9TAaecAetRwMw0xYcvNL9yRdLSUi0hUAHfvCHFeFh"; - scope = "openid offline_access profile email"; - }; - } - ]; - programs.vim.enable = true; programs.vim.defaultEditor = true; diff --git a/machines/calcite/network.nix b/machines/calcite/network.nix index 31203ad..27e77ee 100644 --- a/machines/calcite/network.nix +++ b/machines/calcite/network.nix @@ -1,4 +1,9 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: { imports = [ ]; @@ -24,16 +29,9 @@ services.dae.enable = true; services.dae.configFile = "/var/lib/dae/config.dae"; - systemd.services.dae.after = lib.mkIf (config.networking.networkmanager.enable) [ "NetworkManager-wait-online.service" ]; - - custom.sing-box = { - enable = false; - configFile = { - urlFile = config.sops.secrets.sing_box_url.path; - hash = "6ca5bc8a16f8c413227690aceeee2c12c02cab09473c216b849af1e854b98588"; - }; - overrideSettings.experimental.clash_api.external_ui = "${config.nur.repos.linyinfeng.yacd}"; - }; + systemd.services.dae.after = lib.mkIf (config.networking.networkmanager.enable) [ + "NetworkManager-wait-online.service" + ]; # Open ports in the firewall. networking.firewall.enable = true; diff --git a/overlays/pkgs/oidc-agent/default.nix b/overlays/pkgs/oidc-agent/default.nix deleted file mode 100644 index 9634c4c..0000000 --- a/overlays/pkgs/oidc-agent/default.nix +++ /dev/null @@ -1,56 +0,0 @@ -{ - lib, - stdenv, - fetchFromGitHub, - curl, - webkitgtk, - libmicrohttpd, - libsecret, - qrencode, - libsodium, - pkg-config, - help2man, -}: - -stdenv.mkDerivation rec { - pname = "oidc-agent"; - version = "5.1.0"; - - src = fetchFromGitHub { - owner = "indigo-dc"; - repo = "oidc-agent"; - rev = "v${version}"; - sha256 = "sha256-cOK/rZ/jnyALLuhDM3+qvwwe4Fjkv8diQBkw7NfVo0c="; - }; - - buildInputs = [ - pkg-config - help2man - ]; - nativeBuildInputs = [ - curl - webkitgtk - libmicrohttpd - libsecret - qrencode - libsodium - ]; - enableParallelBuilding = true; - - installPhase = '' - make -j $NIX_BUILD_CORES PREFIX=$out BIN_PATH=$out LIB_PATH=$out/lib \ - install_bin install_lib install_conf - ''; - postFixup = '' - # Override with patched binary to be used by help2man - cp -r $out/bin/* bin - make install_man PREFIX=$out - ''; - - meta = with lib; { - description = "oidc-agent for managing OpenID Connect tokens on the command line"; - homepage = "https://github.com/indigo-dc/oidc-agent"; - maintainers = [ ]; - license = licenses.mit; - }; -}