auto-update-daily-20260202
1_: {
2 ssh = {
3 vincent = [
4 # Yubikeys (PIV - legacy, keep during transition)
5 "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFT5Rx+4Wuvd8lMBkcHxb4oHdRhm/OTg+p5tvPzoIN9enSmgRw5Inm/SlS8ZzV87G1NESTgzDRi6hREvqDlKvxs="
6 "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGHMa4rHuBbQQYv+8jvlkFCD2VYRGA4+5fnZAhLx8iDirzfEPqHB60UJWcDeixnJCUlpJjzFbS4crNOXhfCTCTE="
7 "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBBFzxC16VqwTgWDQfw2YCiOw2JzpH3z9XgHtKoHhBdHi2i9m9XUc7fIUeEIIf7P8ARRNd8q5bjvl8JY7LtPkNCU="
8 # FIDO2 resident keys (homelab)
9 "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIODTc5Exm59skgJdu6/rA3CpX4k4P1CFBqCFtelWGGmEAAAAC3NzaDpob21lbGFi homelab-servers"
10 "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIAGh5p44LvQrWjAMyC/5LjUnViqFl3ddVfiFnoiLgJb7AAAAEnNzaDpjcml0aWNhbC1pbmZyYQ== infra-touch-required"
11 # Host keys (trusted machines)
12 "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILJmTdMKYdgqpbQWBif58VBuwX+GqMGsMfB1ey1TKrM3 vincent@aomi"
13 "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGThdcaPfIaB7d+K5uODqEusLKGI5ZCye0aNOCaMoInO Kyushu's ssh key"
14 ];
15 };
16 syncthingFolders = {
17 sync = {
18 id = "7dshg-r8zr6";
19 path = "/home/vincent/sync";
20 };
21 documents = {
22 id = "oftdb-t5anv";
23 path = "/home/vincent/desktop/documents";
24 };
25 org = {
26 id = "sjpsr-xfwdu";
27 path = "/home/vincent/desktop/org";
28 versioning = {
29 type = "staggered";
30 params = {
31 cleanInterval = "3600"; # cleanup every hour
32 maxAge = "15768000"; # keep for ~6 months (182 days in seconds)
33 };
34 };
35 };
36 screenshots = {
37 id = "prpsz-azlz9";
38 path = "/home/vincent/desktop/pictures/screenshots";
39 };
40 wallpapers = {
41 id = "wpiah-ydwwx";
42 path = "/home/vincent/desktop/pictures/wallpapers";
43 };
44 claude-sync = {
45 id = "claude-sync"; # new consolidated folder
46 path = "/home/vincent/.local/share/claude-sync";
47 };
48 };
49 net = {
50 dns = {
51 cacheNetworks = [
52 "192.168.1.0/24"
53 "10.100.0.0/24"
54 ];
55 };
56 vpn = {
57 endpoint = "167.99.17.238";
58 };
59 };
60 # MicroVMs for isolated Claude Code agents (hosted on aomi)
61 # Used by: modules/microvm, home/common/shell/openssh.nix
62 microvms = {
63 host = "aomi.sbr.pm"; # SSH jump host
64 subnet = "192.168.83";
65 vms = {
66 claude-home = {
67 ip = "192.168.83.2";
68 workspace = "/home/vincent/src/home";
69 description = "Homelab/NixOS work";
70 };
71 claude-tekton = {
72 ip = "192.168.83.3";
73 workspace = "/home/vincent/src/tekton-pipelines";
74 description = "Tekton development";
75 };
76 claude-nixpkgs = {
77 ip = "192.168.83.4";
78 workspace = "/home/vincent/src/nixpkgs";
79 description = "nixpkgs contributions";
80 };
81 };
82 };
83 machines = {
84 athena = {
85 net = {
86 ips = [ "192.168.1.183" ];
87 vpn = {
88 pubkey = "RWqH7RdIXg+YE9U1nlsNiOC7jH8eWjWQmikqBVDGSXU=";
89 ips = [ "10.100.0.83" ];
90 };
91 names = [
92 "athena.home"
93 "athena.vpn"
94 "athena.sbr.pm"
95 ];
96 };
97 ssh = {
98 hostKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM/4KRP1rzOwyA2zP1Nf1WlLRHqAGutLtOHYWfH732xh";
99 # root = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFQVlSrUKU0xlM9E+sJ8qgdgqCW6ePctEBD2Yf+OnyME root@aomiy";
100 # vincent = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILJmTdMKYdgqpbQWBif58VBuwX+GqMGsMfB1ey1TKrM3 vincent@aomi";
101 };
102 syncthing = {
103 id = "N3AMUVI-FM2BAOD-U3OMZDJ-UHMQE6J-ACMM5B7-S7BTK6P-PSM36NR-DVZHLQF";
104 folders = {
105 sync = {
106 type = "receiveonly";
107 };
108 };
109 };
110 };
111 demeter = {
112 net = {
113 ips = [ "192.168.1.182" ];
114 vpn = {
115 pubkey = "/bBh4gvDty/AA2qIiHc7K0OHoOXWmj2SFFXdDq8nsUU=";
116 ips = [ "10.100.0.82" ];
117 };
118 names = [
119 "demeter.home"
120 "demeter.vpn"
121 "demeter.sbr.pm"
122 ];
123 };
124 ssh = {
125 hostKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGqQfEyHyjIGglayB9FtCqL7bnYfNSQlBXks2IuyCPmd";
126 };
127 syncthing = {
128 id = "TXCV3TS-TUEOTH6-ETB3LBV-KCIHT4L-RCCOIE3-VPBCNJB-VHQEAYI-WOXK5A5";
129 folders = {
130 sync = {
131 type = "receiveonly";
132 };
133 };
134 };
135 };
136 nagoya = {
137 net = {
138 ips = [ "192.168.1.80" ];
139 vpn = {
140 pubkey = "NCj5pwShre/xyRCK800ybjso1zIYUZ08YvFA2qGzhAI=";
141 ips = [ "10.100.0.80" ];
142 };
143 names = [
144 "nagoya.home"
145 "nagoya.vpn"
146 "nagoya.sbr.pm"
147 ];
148 };
149 ssh = {
150 hostKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIfep1SkMsAPHggXFLfEJNzZb7eoihtkqDeQruG+TbhF";
151 };
152 # syncthing = {
153 # id = "HZDLS5A-LKCEIYQ-DDMDYDF-DBTSRYH-HUNQSII-TVCDACT-DIYIO7V-G4K2EQV";
154 # folders = {
155 # sync = {
156 # type = "receiveonly";
157 # };
158 # };
159 # };
160 };
161 aix = {
162 net = {
163 vpn = {
164 pubkey = "D1HoBqrqBchHOOi8mjKpVg5vZtt+iFy8wj4o3kGYwkc=";
165 ips = [ "10.100.0.89" ];
166 };
167 names = [
168 "aix.vpn"
169 "aix.sbr.pm"
170 ];
171 };
172 syncthing = {
173 id = "GHE6XF4-YCKEMZS-JEZYXA6-ETJI3SS-BQFFOCS-ZJAWN4D-Q33IQ46-OYL7BQM";
174 folders = {
175 sync = {
176 type = "receiveonly";
177 };
178 };
179 };
180 ssh = {
181 hostKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEoUicDySCGETPAgmI0P3UrgZEXXw3zNsyCIylUP0bML";
182 };
183 };
184 kyushu = {
185 net = {
186 ips = [
187 "192.168.1.36"
188 "192.168.1.68"
189 ];
190 vpn = {
191 pubkey = "KVRzoPUw8UTQblYtbs/NLYLIVmtQehrc4Hacbpf5Ugs=";
192 ips = [ "10.100.0.19" ];
193 };
194 names = [
195 "kyushu.home"
196 "kyushu.vpn"
197 "kyushu.sbr.pm"
198 ];
199 };
200 ssh = {
201 hostKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINd795m+P54GlGJdMaGci9pQ9N942VUz8ri2F14+LWxg";
202 };
203 syncthing = {
204 id = "SBLRZF4-NOMC7QO-S6UW7OH-VK7KHQS-LZCESY6-USBJ5Z5-RIVIRII-XS7DGQS";
205 folders = {
206 org = { };
207 documents = { };
208 sync = { };
209 screenshots = { };
210 wallpapers = { };
211 claude-sync = { };
212 # TODO: implement paused or filter theses
213 # photos = {
214 # type = "receiveonly";
215 # paused = true; # TODO: implement this, start as paused
216 # };
217 # music = {
218 # type = "receiveonly";
219 # paused = true; # TODO: implement this, start as paused
220 # };
221 };
222 };
223 };
224 aomi = {
225 net = {
226 ips = [ "192.168.1.23" ];
227 vpn = {
228 pubkey = "XT4D9YLeVHwMb9R4mhBLSWHYF8iBO/UOT86MQL1jnA4=";
229 ips = [ "10.100.0.17" ];
230 };
231 names = [
232 "aomi.home"
233 "aomi.vpn"
234 "aomi.sbr.pm"
235 ];
236 };
237 ssh = {
238 hostKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFQVlSrUKU0xlM9E+sJ8qgdgqCW6ePctEBD2Yf+OnyME";
239 };
240 syncthing = {
241 id = "CN5P3MV-EJ65J4I-OHB7OBI-LD7JBWT-7SZCZD3-Z6NAASI-UCMKOAU-X2TNNAP";
242 folders = {
243 org = { };
244 documents = { };
245 sync = { };
246 screenshots = { };
247 wallpapers = { };
248 claude-sync = { };
249 # photos = {
250 # type = "receiveonly";
251 # paused = true; # TODO: implement this, start as paused
252 # };
253 };
254 };
255 };
256 shikoku = {
257 net = {
258 ips = [ "192.168.1.24" ];
259 vpn = {
260 pubkey = "foUoAvJXGyFV4pfEE6ISwivAgXpmYmHwpGq6X+HN+yA=";
261 ips = [ "10.100.0.2" ];
262 };
263 names = [
264 "shikoku.home"
265 "shikoku.vpn"
266 "shikoku.sbr.pm"
267 ];
268 };
269 ssh = {
270 hostKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH18c6kcorVbK2TwCgdewL6nQf29Cd5BVTeq8nRYUigm";
271 };
272 # syncthing = {
273 # id = "ZKUNKBI-N2K2LTG-AWLDAEX-NE6NALQ-DLFO6YV-FU4A7IE-KCF5ZCD-IEYSKAH";
274 # folders = {
275 # org = { };
276 # documents = { };
277 # sync = { };
278 # screenshots = { };
279 # wallpapers = { };
280 # };
281 # };
282 ssh = {
283 vincent = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGxstR3xEf87leVVDS3GVPx8Ap9+eP+OfkSvM26V54XP vincent@shikoku";
284 };
285 };
286 kerkouane = {
287 net = {
288 vpn = {
289 pubkey = "+H3fxErP9HoFUrPgU19ra9+GDLQw+VwvLWx3lMct7QI=";
290 ips = [ "10.100.0.1" ];
291 };
292 names = [
293 "kerkouane.vpn"
294 "kerkouane.sbr.pm"
295 ];
296 };
297 ssh = {
298 hostKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJguVoQYObRLyNxELFc3ai2yDJ25+naiM3tKrBGuxwwA";
299 };
300 syncthing = {
301 id = "QGD6ICB-EPSGCEN-IQWKN77-BCRWE67-56HX5IA-E4IDBCI-WE46DK3-EC63DQ7";
302 folders = {
303 sync = { };
304 };
305 };
306 };
307 sakhalin = {
308 net = {
309 ips = [ "192.168.1.70" ];
310 vpn = {
311 pubkey = "OAjw1l0z56F8kj++tqoasNHEMIWBEwis6iaWNAh1jlk=";
312 ips = [ "10.100.0.16" ];
313 };
314 names = [
315 "sakhalin.home"
316 "sakhalin.vpn"
317 "sakhalin.sbr.pm"
318 ];
319 };
320 ssh = {
321 hostKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN/PMBThi4DhgZR8VywbRDzzMVh2Qp3T6NJAcPubfXz6";
322 };
323 syncthing = {
324 id = "3L2KCXM-D75XCVU-5JLMV6V-FKQID2K-LJA6GFB-R2G77LD-5WXFHJT-BB4B7Q5";
325 folders = {
326 org = { };
327 documents = { };
328 sync = { };
329 screenshots = { };
330 wallpapers = { };
331 # photos = {
332 # type = "receiveonly";
333 # paused = true; # TODO: implement this, start as paused
334 # };
335 };
336 };
337 };
338 kobe = {
339 net = {
340 ips = [ "192.168.1.77" ];
341 vpn = {
342 pubkey = "B9jLGtXGZEfvBrgyEKrFRrsCsTsarfpFeyXqqq1NOWg=";
343 ips = [ "10.100.0.77" ];
344 };
345 names = [
346 "kobe.home"
347 "kobe.vpn"
348 "kobe.sbr.pm"
349 ];
350 };
351 ssh = {
352 # hostKey = "";
353 };
354 # syncthing = {
355 # id = "";
356 # folders = {
357 # org = { };
358 # documents = { };
359 # sync = { };
360 # };
361 # };
362 };
363 rhea = {
364 net = {
365 ips = [ "192.168.1.50" ];
366 vpn = {
367 pubkey = "QBGdlPgtaLIh+WDLbuIWPL+Nr08mtfIqs6RwgVDAGjA=";
368 ips = [ "10.100.0.50" ];
369 };
370 names = [
371 "rhea.home"
372 "rhea.vpn"
373 "rhea.sbr.pm"
374 ];
375 };
376 ssh = {
377 hostKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKFH3Lk4bRgNyFRK/Hzg1PvVbL/dpyI1SmLJFkb6VQDw";
378 };
379 syncthing = {
380 id = "73YP3XV-X3YLVBD-4KL77TS-DCFFXJ7-AYJDF3R-CJDRZNP-7YFPQNT-FKHJ7QW";
381 folders = {
382 org = { };
383 documents = { };
384 sync = { };
385 screenshots = {
386 path = "/neo/pictures/vincent/screenshots";
387 };
388 wallpapers = {
389 path = "/neo/pictures/vincent/wallpapers";
390 };
391 };
392 };
393 };
394 aion = {
395 net = {
396 ips = [ "192.168.1.49" ];
397 vpn = {
398 pubkey = "USTpNYlBri+ebsbg63ohDilFF/cbHytjI0W9t13VVng=";
399 ips = [ "10.100.0.49" ];
400 };
401 names = [
402 "aion.home"
403 "aion.vpn"
404 "aion.sbr.pm"
405 ];
406 };
407 ssh = {
408 hostKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAXDNi2KtoRU83y/V5OWnMbFWmxwBknPmrNWV4RChE7R";
409 };
410 syncthing = {
411 id = "YBQ6U6T-TMCZVUG-JNHGLRH-CZNZMHG-GQICVTK-LUXJR3H-KR2SXS7-CTNQCAU";
412 folders = {
413 org = { };
414 sync = { };
415 };
416 };
417 };
418 synodine = {
419 net = {
420 ips = [ "192.168.1.20" ];
421 names = [
422 "synodine.home"
423 "synodine.sbr.pm"
424 ];
425 };
426 ssh = {
427 hostKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDWdnPJg0Y4kd4lHPAGE4xgMAK2qvMg3oBxh0t+xO+7O";
428 };
429 };
430 wakasu = {
431 net = {
432 vpn = {
433 ips = [ "10.100.0.8" ];
434 };
435 names = [
436 "wakasu.vpn"
437 "wakasu.sbr.pm"
438 ];
439 };
440 # syncthing = {
441 # id = "WM23THJ-ECXRLXA-HE5TIKO-VPLSMRY-Y2EWZI7-Q7JMLPX-5Q5UNEN-QMB7ZQJ";
442 # folders = {
443 # org = { };
444 # documents = { };
445 # sync = { };
446 # screenshots = { };
447 # wallpapers = { };
448 # };
449 # };
450 };
451 # Home Assistant
452 hass = {
453 net = {
454 ips = [ "192.168.1.181" ];
455 vpn = {
456 ips = [ "10.100.0.81" ];
457 };
458 names = [
459 "hass.home"
460 "hass.vpn"
461 "hass.sbr.pm"
462 ];
463 };
464 };
465 okinawa = {
466 net = {
467 ips = [ "192.168.1.19" ];
468 vpn = {
469 # pubkey = "";
470 ips = [ "10.100.0.14" ];
471 };
472 names = [
473 "okinawa.home"
474 "okinawa.vpn"
475 "okinawa.sbr.pm"
476 ];
477 };
478 # syncthing = {
479 # id = "2RWT47Z-UGSH4QO-G4W6XN7-3XY722R-ZKGDN5U-4MDGHMA-6SM26QM-7VCQIAZ";
480 # folders = {
481 # sync = { };
482 # org = { };
483 # };
484 # };
485 };
486 # iPhone
487 hokkaido = {
488 net = {
489 ips = [ "192.168.1.115" ];
490 vpn = {
491 pubkey = "rN5ekYI/k3Ymd76vudCZtcaNNu6HmMLzB61uRXakV0M=";
492 ips = [ "10.100.0.5" ];
493 };
494 names = [
495 "hokkaido.home"
496 "hokkaido.vpn"
497 "hokkaido.sbr.pm"
498 ];
499 };
500 syncthing = {
501 id = "XD4XYNZ-DT3PJEY-UJYBHWX-6OQPPUI-HTW752L-FYTX3TW-GVHDTKW-PT336QV";
502 folders = {
503 documents = { };
504 sync = { };
505 org = { };
506 };
507 };
508 };
509 # Light Phone
510 suzu = {
511 net = {
512 vpn = {
513 ips = [ "10.100.0.65" ];
514 pubkey = "ufKLXzLkmYx1z7/VZJs9Ix6aXL3rYzP5B73QQP2WNx8=";
515 };
516 names = [
517 # "suzu.home"
518 "suzu.vpn"
519 "suzu.sbr.pm"
520 ];
521 };
522 };
523 # Boox tablet
524 osaka = {
525 net = {
526 vpn = {
527 ips = [ "10.100.0.64" ];
528 pubkey = "C12Ch3LasZ9Dvc1+X+IMSmKdip0l1n/aNNPvmQzzPFY=";
529 };
530 names = [
531 # "oksaka.home"
532 "osaka.vpn"
533 "osaka.sbr.pm"
534 ];
535 };
536 };
537 };
538 services = {
539 # Media services on rhea
540 immich = {
541 host = "rhea";
542 aliases = [ "photos" ];
543 };
544 jellyfin.host = "rhea";
545 jellyseerr.host = "rhea";
546 sonarr.host = "rhea";
547 radarr.host = "rhea";
548 lidarr.host = "rhea";
549 bazarr.host = "rhea";
550 prowlarr.host = "rhea";
551 transmission = {
552 host = "rhea";
553 aliases = [ "t" ];
554 };
555 transmission-music = {
556 host = "rhea";
557 aliases = [ "tm" ];
558 };
559 syncthing = {
560 host = "rhea";
561 aliases = [ "s" ];
562 };
563 homepage.host = "rhea";
564 # Linkwarden bookmark manager (runs on sakhalin, proxied via rhea/Traefik)
565 linkwarden = {
566 host = "rhea";
567 aliases = [ "links" ];
568 };
569 # Traefik dashboard
570 traefik.host = "rhea";
571 # Music streaming on aion (routed through rhea/traefik)
572 music.host = "rhea";
573 navidrome.host = "rhea";
574 # Podcast and audiobook management on aion (routed through rhea/traefik)
575 audiobookshelf.host = "rhea";
576 podcasts.host = "rhea";
577 # Ebook library management on rhea
578 calibre.host = "rhea";
579 books.host = "rhea";
580 # WebDAV on rhea
581 dav.host = "rhea";
582 # MQTT on demeter (routed through rhea/traefik)
583 mqtt.host = "rhea";
584 # Home Assistant on hass (routed through rhea/traefik)
585 home.host = "rhea";
586 # Services on sakhalin (routed through rhea/traefik)
587 kiwix.host = "rhea";
588 n8n.host = "rhea";
589 paperless.host = "rhea";
590 grafana.host = "rhea";
591 # Ollama LLM service on aomi (routed through rhea/traefik)
592 ollama = {
593 host = "rhea";
594 aliases = [ "llm" ];
595 };
596 # XMPP messaging server on aion (VPN-only, direct access)
597 xmpp.host = "aion";
598 };
599}