update: noisebell update

update: noisebell relay configuration
feat: add jet as a trusted user
2026-03-24 14:22:19 -07:00 · 2026-03-24 14:22:09 -07:00 · 2026-03-23 22:19:47 -07:00
4 changed files with 22 additions and 5 deletions
--- a/configuration.nix
+++ b/configuration.nix
@ -67,6 +67,14 @@
    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE40ISu3ydCqfdpb26JYD5cIN0Fu0id/FDS+xjB5zpqu"
  ];

+  users.users.jet = {
+    isNormalUser = true;
+    extraGroups = [ "wheel" ];
+    openssh.authorizedKeys.keys = [
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE40ISu3ydCqfdpb26JYD5cIN0Fu0id/FDS+xjB5zpqu"
+    ];
+  };
+
  # SSH - Secure it
  services.openssh = {
    enable = true;
@ -120,8 +128,13 @@
    "nix-command"
    "flakes"
  ];
+  nix.settings.trusted-users = [
+    "root"
+    "jet"
+  ];
  nix.settings.max-jobs = "auto";
  nix.settings.cores = 0;
+  security.sudo.wheelNeedsPassword = false;
  services.postgresql.package = pkgs.postgresql_15;
  nixpkgs.config.allowUnfree = true; # Allow unfree packages (Minecraft, etc.)

--- a/flake.lock
+++ b/flake.lock
@ -422,11 +422,11 @@
        "rust-overlay": "rust-overlay_2"
      },
      "locked": {
-        "lastModified": 1774306596,
-        "narHash": "sha256-6K/06QYWQsUmNqHwGPPf7/NjtEGNhnSL1IPXdPM+uOg=",
+        "lastModified": 1774387217,
+        "narHash": "sha256-bhMs1DdFqFoeXwWOLx+1MU0ltGIYPf7OA33cvzFI9C0=",
        "ref": "refs/heads/main",
-        "rev": "50468db20b3c1606c6fb1d3d027c309a09bc469d",
-        "revCount": 52,
+        "rev": "adb929227b9640285754b6a04774ab0587e5771b",
+        "revCount": 60,
        "type": "git",
        "url": "https://git.extremist.software/jet/noisebell"
      },
--- a/flake.nix
+++ b/flake.nix
@ -51,7 +51,7 @@
        let
          pkgs = nixpkgs.legacyPackages.x86_64-linux;
          deploy = pkgs.writeShellScriptBin "nhs" ''
-            nh os switch --hostname extremist-software --target-host root@extremist-software path:. "$@"
+            nh os switch --hostname extremist-software --target-host jet@extremist-software path:. "$@"
          '';
          check-secrets = pkgs.writeShellScriptBin "check-secrets" ''
            set -euo pipefail
--- a/modules/noisebell.nix
+++ b/modules/noisebell.nix
@ -11,6 +11,10 @@
        url = "http://127.0.0.1:3004/webhook";
        secretFile = config.age.secrets.noisebell-discord-webhook-secret.path;
      }
+      {
+        url = "http://noisebell-pi:8090/webhook";
+        secretFile = config.age.secrets.noisebell-relay-webhook-secret.path;
+      }
    ];
  };
Author	SHA1	Message	Date
Jet	02811f2d4d	update: noisebell update	2026-03-24 14:22:19 -07:00
Jet	f569039eec	update: noisebell relay configuration	2026-03-24 14:22:09 -07:00
Jet	b41c85b161	feat: add jet as a trusted user	2026-03-23 22:19:47 -07:00