From 8b51d375e5ba466c57a49c171557c3fdbf9282d6 Mon Sep 17 00:00:00 2001
From: Menno van Leeuwen <menno@vleeuwen.me>
Date: Tue, 28 Jan 2025 15:16:07 +0100
Subject: [PATCH] refactor: update SSH configurations and add new key for
 Menno's 2025 setup

---
 bin/actions/secrets.sh                           |  3 +++
 config/ansible/inventory.ini                     |  2 +-
 config/ansible/main.yml                          |  2 +-
 config/ansible/tasks/global/symlinks.yml         | 16 ++++++----------
 config/home-manager/flake.nix                    |  4 ++--
 config/home-manager/workstation/dconf.nix        |  9 ++++++---
 config/ssh/authorized_keys/homeserver-pc         |  3 +++
 .../{mennos-gamingpc => mennos-desktop}          |  3 +++
 config/ssh/authorized_keys/mennos-laptop         |  3 +++
 config/ssh/authorized_keys/mennos-server         |  3 +++
 config/ssh/config                                |  2 +-
 secrets/ssh_keys/mennos-2025.pem.gpg             | 14 ++++++++++++++
 secrets/ssh_keys/mennos-2025.pub.gpg             |  8 ++++++++
 13 files changed, 54 insertions(+), 18 deletions(-)
 rename config/ssh/authorized_keys/{mennos-gamingpc => mennos-desktop} (67%)
 create mode 100644 secrets/ssh_keys/mennos-2025.pem.gpg
 create mode 100644 secrets/ssh_keys/mennos-2025.pub.gpg

diff --git a/bin/actions/secrets.sh b/bin/actions/secrets.sh
index 1e0695a..2aa0500 100755
--- a/bin/actions/secrets.sh
+++ b/bin/actions/secrets.sh
@@ -82,6 +82,9 @@ encrypt_folder() {
         printfe "%s\n" "cyan" "Encrypting $file..."
         gpg --quiet --batch --yes --symmetric --cipher-algo AES256 --armor --passphrase="$password" --output "$file.gpg" "$file"
 
+        printfe "%s\n" "cyan" "Staging $file for commit..."
+        git add -f "$file.gpg"
+
         # Update checksum file
         echo $current_checksum > "$checksum_file"
     done
diff --git a/config/ansible/inventory.ini b/config/ansible/inventory.ini
index 5ee4916..2606faa 100644
--- a/config/ansible/inventory.ini
+++ b/config/ansible/inventory.ini
@@ -4,5 +4,5 @@ mennos-desktop ansible_connection=local
 
 [servers]
 mennos-server ansible_connection=local
-homeserver-pc ansible_connection=local
+mennos-hobbypc ansible_connection=local
 mennos-vm ansible_connection=local
diff --git a/config/ansible/main.yml b/config/ansible/main.yml
index d845827..e2e70f5 100644
--- a/config/ansible/main.yml
+++ b/config/ansible/main.yml
@@ -18,4 +18,4 @@
 
     - name: Include server tasks
       ansible.builtin.import_tasks: tasks/servers/server.yml
-      when: hostname in ['mennos-server', 'homeserver-pc', 'mennos-vm']
+      when: hostname in ['mennos-server', 'mennos-hobbypc', 'mennos-vm']
diff --git a/config/ansible/tasks/global/symlinks.yml b/config/ansible/tasks/global/symlinks.yml
index 2f79006..86b8237 100644
--- a/config/ansible/tasks/global/symlinks.yml
+++ b/config/ansible/tasks/global/symlinks.yml
@@ -25,13 +25,11 @@
     follow: false
   vars:
     gitconfig_mapping:
+      mennos-desktop: "~/dotfiles/config/git/gitconfig.linux"
+      mennos-laptop: "~/dotfiles/config/git/gitconfig.linux"
       mennos-server: "~/dotfiles/config/git/gitconfig.mennos-server"
       mennos-vm: "~/dotfiles/config/git/gitconfig.mennos-server"
-      mennos-desktop: "~/dotfiles/config/git/gitconfig.linux"
-      mennos-gamingpc: "~/dotfiles/config/git/gitconfig.linux"
-      mennos-laptop: "~/dotfiles/config/git/gitconfig.linux"
-      homeserver-pc: "~/dotfiles/config/git/gitconfig.linux"
-      wsl: "~/dotfiles/config/git/gitconfig.wsl"
+      mennos-hobbypc: "~/dotfiles/config/git/gitconfig.linux"
 
 - name: Create SSH authorized_keys symlink
   ansible.builtin.file:
@@ -42,10 +40,8 @@
     follow: false
   vars:
     authorized_keys_mapping:
+      mennos-desktop: "~/dotfiles/config/ssh/authorized_keys/mennos-desktop"
+      mennos-laptop: "~/dotfiles/config/ssh/authorized_keys/mennos-laptop"
       mennos-server: "~/dotfiles/config/ssh/authorized_keys/mennos-server"
       mennos-vm: "~/dotfiles/config/ssh/authorized_keys/mennos-server"
-      mennos-desktop: "~/dotfiles/config/ssh/authorized_keys/mennos-desktop"
-      mennos-gamingpc: "~/dotfiles/config/ssh/authorized_keys/mennos-gamingpc"
-      mennos-laptop: "~/dotfiles/config/ssh/authorized_keys/mennos-laptop"
-      homeserver-pc: "~/dotfiles/config/ssh/authorized_keys/homeserver-pc"
-      wsl: "~/dotfiles/config/ssh/authorized_keys/wsl"
+      mennos-hobbypc: "~/dotfiles/config/ssh/authorized_keys/mennos-hobbypc"
diff --git a/config/home-manager/flake.nix b/config/home-manager/flake.nix
index a528183..c2ad044 100644
--- a/config/home-manager/flake.nix
+++ b/config/home-manager/flake.nix
@@ -83,13 +83,13 @@
           };
         };
 
-        "homeserver-pc" = home-manager.lib.homeManagerConfiguration {
+        "mennos-hobbypc" = home-manager.lib.homeManagerConfiguration {
           inherit pkgs;
           modules = [ ./home.nix ];
           extraSpecialArgs = {
             inherit pkgs pkgs-unstable;
             isServer = true;
-            hostname = "homeserver-pc";
+            hostname = "mennos-hobbypc";
           };
         };
       };
diff --git a/config/home-manager/workstation/dconf.nix b/config/home-manager/workstation/dconf.nix
index 2fbac70..e1a5d3e 100644
--- a/config/home-manager/workstation/dconf.nix
+++ b/config/home-manager/workstation/dconf.nix
@@ -32,16 +32,19 @@
   dconf = {
     enable = true;
     settings = {
-      # Set nemo as the default file manager and disable desktop icons since this is handled by nemo
       "org/gnome/desktop/background" = {
-        show-desktop-icons = false;
+        show-desktop-icons = true;
       };
+
       "org/gnome/desktop/applications/file-manager" = {
-        exec = "nemo";
+        exec = "nautilus";
       };
 
       "org/gnome/desktop/interface" = {
         color-scheme = "prefer-dark";
+        font-name = "Hack Nerd Font 11";
+        monospace-font-name = "Hack Nerd Font Mono 10";
+        document-font-name = "Hack Nerd Font 11";
       };
 
       # Pinned apps
diff --git a/config/ssh/authorized_keys/homeserver-pc b/config/ssh/authorized_keys/homeserver-pc
index 31af7f9..955df76 100644
--- a/config/ssh/authorized_keys/homeserver-pc
+++ b/config/ssh/authorized_keys/homeserver-pc
@@ -3,3 +3,6 @@ ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM+sKpcREOUjwMMSzEWAso6830wbOi8kUxqpuXWw5gHr
 
 # Samsung S24U
 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMSJwfqOZQxGDbM07JziQeBNirvQxhFd6nEwWPjy1zCo u0_a555@localhost
+
+# Menno's 2025 SSH Key
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE22Hfx8wgkc57TXX1TCMHcNrCdjbfog5QeHFJfl7IeD mennos-2025-sshkey
diff --git a/config/ssh/authorized_keys/mennos-gamingpc b/config/ssh/authorized_keys/mennos-desktop
similarity index 67%
rename from config/ssh/authorized_keys/mennos-gamingpc
rename to config/ssh/authorized_keys/mennos-desktop
index 31af7f9..955df76 100644
--- a/config/ssh/authorized_keys/mennos-gamingpc
+++ b/config/ssh/authorized_keys/mennos-desktop
@@ -3,3 +3,6 @@ ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM+sKpcREOUjwMMSzEWAso6830wbOi8kUxqpuXWw5gHr
 
 # Samsung S24U
 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMSJwfqOZQxGDbM07JziQeBNirvQxhFd6nEwWPjy1zCo u0_a555@localhost
+
+# Menno's 2025 SSH Key
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE22Hfx8wgkc57TXX1TCMHcNrCdjbfog5QeHFJfl7IeD mennos-2025-sshkey
diff --git a/config/ssh/authorized_keys/mennos-laptop b/config/ssh/authorized_keys/mennos-laptop
index 31af7f9..955df76 100644
--- a/config/ssh/authorized_keys/mennos-laptop
+++ b/config/ssh/authorized_keys/mennos-laptop
@@ -3,3 +3,6 @@ ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM+sKpcREOUjwMMSzEWAso6830wbOi8kUxqpuXWw5gHr
 
 # Samsung S24U
 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMSJwfqOZQxGDbM07JziQeBNirvQxhFd6nEwWPjy1zCo u0_a555@localhost
+
+# Menno's 2025 SSH Key
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE22Hfx8wgkc57TXX1TCMHcNrCdjbfog5QeHFJfl7IeD mennos-2025-sshkey
diff --git a/config/ssh/authorized_keys/mennos-server b/config/ssh/authorized_keys/mennos-server
index 31af7f9..955df76 100644
--- a/config/ssh/authorized_keys/mennos-server
+++ b/config/ssh/authorized_keys/mennos-server
@@ -3,3 +3,6 @@ ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM+sKpcREOUjwMMSzEWAso6830wbOi8kUxqpuXWw5gHr
 
 # Samsung S24U
 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMSJwfqOZQxGDbM07JziQeBNirvQxhFd6nEwWPjy1zCo u0_a555@localhost
+
+# Menno's 2025 SSH Key
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE22Hfx8wgkc57TXX1TCMHcNrCdjbfog5QeHFJfl7IeD mennos-2025-sshkey
diff --git a/config/ssh/config b/config/ssh/config
index 18ded0c..f505f4b 100644
--- a/config/ssh/config
+++ b/config/ssh/config
@@ -1,4 +1,4 @@
 Host *
-    IdentityAgent ~/.1password/agent.sock
+    IdentityFile ~/dotfiles/secrets/ssh_keys/mennos-2025.pem
 
 Include ~/.ssh/config.d/*.conf
diff --git a/secrets/ssh_keys/mennos-2025.pem.gpg b/secrets/ssh_keys/mennos-2025.pem.gpg
new file mode 100644
index 0000000..c7be038
--- /dev/null
+++ b/secrets/ssh_keys/mennos-2025.pem.gpg
@@ -0,0 +1,14 @@
+-----BEGIN PGP MESSAGE-----
+
+jA0ECQMI/MBD50d0mRj/0sDsAbPsVpYUTMPTlDOwOER6j9yC6VRLupYjlis0G+qX
+HsrmJzhwzh0Cs3OB8/NjX/pZIt19UL1gAQ6dtwENrUrjb3BjfTlKWh2WZkVctLMk
+ezGmBYbThvZeeyQKvftsC1BvdA7tWNdFf6Tq7joMSZKUtxqvFfSPhXEcKGxO2Kml
+Y1oSB/jGxZ8Ix5zw2+jf1PpBCiiB/XdryHalw/ygj3CW6WuipGv9jkwOOFRtV9pl
+KfWtS+ytHzRuWt7xxe4oQQpbZ93/wvU85ukkZTIUPbryGbjn4NJ2GTEYAx/jpgmf
+PHpZ4tvp7ni5bNtVQYFs8bOLjTZ6axmxNEUQ7I1Q9zzC9htGIWjnGQa/qKeM9miK
+ITiY2Z6j3eyNigkoGNonKgIbGAP4kFUm8gZEAa48oMDc1k13OFMzUSpGrkzsWeG8
+/SlyxeqjKwiZGprRW7wIpJaTWRMlM2itFki20W1YIFaEgrdFkHYCzsJvBWquCz5q
+JvHkMlWsXcfdxyy/GX/m0iydXkEvZr1MlYqZrjddyjQ8h9naCdv3RKk20VXpDAEL
+IjoWOLem4O/J0ukkSZk=
+=lWRa
+-----END PGP MESSAGE-----
diff --git a/secrets/ssh_keys/mennos-2025.pub.gpg b/secrets/ssh_keys/mennos-2025.pub.gpg
new file mode 100644
index 0000000..845067e
--- /dev/null
+++ b/secrets/ssh_keys/mennos-2025.pub.gpg
@@ -0,0 +1,8 @@
+-----BEGIN PGP MESSAGE-----
+
+jA0ECQMI/d1LfLMuNKf/0p8Bjsbms6yKmGKnfL876Ze+/qWSg+rGiFdRhDW02efU
+GEXEN+a7yFAlFtJi8bFw3VRyFBJZqhWkYKb3kDGRrtSqJxQOj0KnH2Sc8MJWGQ2C
+1tRPtujn9jSbjp7bzCt922vvtRDqRI8LUcyfUKVxb91XEltwcBUaAoqw7v94kFMk
+4IE94vikxtpwfrqx0A0Zcbdzq1IPL5HPoihZJ/GKauw=
+=hdl1
+-----END PGP MESSAGE-----