feat(home): adjust vicinae and eilmeldung configurations
feat(neovim): enable folding in neovim configuration
fix(nixos): disable resolved dns and remove fallback dns on tako
chore(nixos): add pihole and resolved services to tsuba
chore(home): remove unused packages from programs
chore(nixos): add gamescope-wsi and vulkan-tools to steam configuration
chore(nixos): update navidrome service with sops integration and systemd tmpfiles
chore(darwin): use dynamic user in shiro configuration
chore(secrets): add lastfm and pihole secrets to secrets.yaml
The commit enables the SSH service on the ryu NixOS configuration with enhanced security settings including disabling password authentication and prohibiting root login. It also adds several font packages to the home configuration.
Changes:
- Enabled SSH service in ryu configuration with security settings
- Added font packages to home programs
- Moved SSH service definition to its own module file
- Removed SSH enablement from main configuration
- Updated service imports to include openssh module
feat(authelia): configure port and reverse proxy
feat(lldap): force password reset and update settings
fix(nixos): remove root from trusted users on ryu and tako
fix(immich): disable auto launch and enable password login
refactor(tako): enable authelia, immich, and lldap services
chore(secrets): update lldap seed and metadata timestamps
The changes update the configuration to use a `device.user` variable instead of hardcoded usernames like "fs0c131y" and "servius". This makes the configurations more flexible and reusable across different devices. The changes affect nixos configurations for mirai, ryu, and tako, as well as the darwin configuration for kuro, and the deploy.nix file.
The key changes include:
- Replacing hardcoded usernames with `device.user` in trusted-users lists
- Updating system.primaryUser to use `device.user`
- Modifying user definitions to use the device.user variable
- Adjusting deploy configuration to use "servius" as sshUser for tako
- Commenting out some service modules in tako's services/default.nix
