From 7866d6ff26ce994b1f5fd183a43d4ee729c55003 Mon Sep 17 00:00:00 2001
From: waveringana <ana@nekomimi.pet>
Date: Sat, 21 Jun 2025 14:07:58 -0400
Subject: [PATCH 1/3] add prism launcher

---
 hosts/focalor/default.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/hosts/focalor/default.nix b/hosts/focalor/default.nix
index 482516c..e5156a5 100755
--- a/hosts/focalor/default.nix
+++ b/hosts/focalor/default.nix
@@ -154,6 +154,7 @@
   # =============================================================================
   environment.systemPackages = with pkgs; [
     inputs.agenix.packages.x86_64-linux.default
+    prismlauncher
   ];
 
   # =============================================================================

From 15e28ccf877ff5d5692687b9a9a31817ed299dbb Mon Sep 17 00:00:00 2001
From: waveringana <ana@nekomimi.pet>
Date: Sat, 21 Jun 2025 14:15:01 -0400
Subject: [PATCH 2/3] rekey

---
 hosts/focalor/default.nix        |   4 ++--
 secrets/build-token.age          |  21 ++++++++++-----------
 secrets/garage-admin-token.age   |  20 ++++++++++----------
 secrets/garage-metrics-token.age | Bin 587 -> 587 bytes
 secrets/garage-rpc-secret.age    |  22 +++++++++++-----------
 secrets/headscale-authkey.age    | Bin 591 -> 591 bytes
 secrets/secrets.nix              |   2 +-
 7 files changed, 34 insertions(+), 35 deletions(-)
 mode change 100755 => 100644 secrets/build-token.age
 mode change 100755 => 100644 secrets/garage-admin-token.age
 mode change 100755 => 100644 secrets/garage-metrics-token.age
 mode change 100755 => 100644 secrets/garage-rpc-secret.age
 mode change 100755 => 100644 secrets/headscale-authkey.age

diff --git a/hosts/focalor/default.nix b/hosts/focalor/default.nix
index e5156a5..84044a2 100755
--- a/hosts/focalor/default.nix
+++ b/hosts/focalor/default.nix
@@ -25,8 +25,8 @@
     # Hardware-specific
     ../../common/nvidia.nix
     
-    # Common secrets (commented out)
-    # ../../host-secrets.nix
+    # Common secrets
+    ../../host-secrets.nix
   ];
 
   # =============================================================================
diff --git a/secrets/build-token.age b/secrets/build-token.age
old mode 100755
new mode 100644
index 2bc7eee..5bc5fca
--- a/secrets/build-token.age
+++ b/secrets/build-token.age
@@ -1,12 +1,11 @@
 age-encryption.org/v1
--> ssh-ed25519 i9wBeA SNBmBYKDOcADlQKvTCzGFWJF2mUoHYmnSNl3qXsiEwQ
-hzClNOQ/XdN5rIOeYt6cJEE/I0Y7pNqSTX33tOy761Q
--> ssh-ed25519 UbxDgg shMhY2WtElJ61NFyYVzt8SG09YaIndXbo1gqDv7GtT8
-v6W0lBm8kuVM6thJsOwJvnwg3R1wq7CcRF9yZnYaltI
--> ssh-ed25519 YYzA7Q uK8U+89FYcjthWZNT0exk/pqY/syoQ5Cbq+pDVCcLwQ
-iPGTlIGxCLVgqAnYX6ZbAqLLIwtxDTylcAUpV30/y18
--> ssh-ed25519 UbxDgg smr+A6sEa3ksrATeqOT08RTkIu4sVSzX/hM2piqlFg4
-sUGg9jas6vJhD2DoqARAtA9nPB6Kj/0xTCt0+QalhxE
---- eaSZzUL7BdIOC4uzDuSWRtoR7PaQfYzW0xjt85HSC3E
-m,·?§ÕÇDT›wÀ×w·>ÄtëlÂŠ/Ü*†Z85#f‹ÍcyÅ»US¨Î•™è¬.ð‹~¹àa´sQ?ºý*Zà f[ã`i{Ý˜:ÙÝŠ&Û°,4äå©»Õ
-ä­t+ÙšÀ½xÜË0ÙŸbMØÓ—ßÊµßwµÉ<
\ No newline at end of file
+-> ssh-ed25519 i9wBeA iGYNmiExHD0M2Efk3zqlsZsUY9xcVW4ZyK2TKVkMxTE
+PVm7Qwd+o/fP8bfSSouikZTV5yHIc1pFrS3EE/oi2wg
+-> ssh-ed25519 UbxDgg n7YqLyF7ZqjOzaKDZ0j89gBT/pflBA72m/0NcW+lU3I
+Jj2aFFRhn8/eNRrXdfAAH6nMAvmtCZyd0/GWfBfoPg0
+-> ssh-ed25519 YYzA7Q zrSEpBaQDjjWnCCeqqjYvSoZkZIXEwEk15R+8vNtYxA
+AdEkXRqk1ekR/6wqf6gmFPPlTvxsB4WgQxQXMSpPie0
+-> ssh-ed25519 3RWqPQ iIMULw0As6DUmo+iTsXdcba4Tml65WESZlDxJfEEBBw
+WxsBR7YRZGnuZpMnLld3VRrPQq8OP2UfFACrt/lPOp8
+--- D2QkZuwJA43Zezo4RhE2gW7UO8shM2upHi4tcaPSLUY
+òé@´g!´h0E”!ùi¿<ZÒõøòàgrë3` #GõàÝ[€KÿLCXükÆÜàé/—Ýà,ÛºÄ³L¡P‚l@Baüåùé¨Ì‰26%gO!Sü"þÕe‘q3#þò¥Œô‡êÖ‚ù¡nT–V•½Ç)/
\ No newline at end of file
diff --git a/secrets/garage-admin-token.age b/secrets/garage-admin-token.age
old mode 100755
new mode 100644
index 23e752f..c427d56
--- a/secrets/garage-admin-token.age
+++ b/secrets/garage-admin-token.age
@@ -1,11 +1,11 @@
 age-encryption.org/v1
--> ssh-ed25519 i9wBeA 3kSlwZ54PYTcvftI/3XcTpnSDxBmKRKNMy3Xf69Psm8
-QtqP2ebKP2M7hWcvFoT24aBkhj2Kvu1dlBbcGPyBo3k
--> ssh-ed25519 UbxDgg o/TFehVOAh1Mcw3TJdldANFahiFhj9UvhFoFWyXVmzk
-suQBydY0cRZ3FrrYDizfE8CrF8YjyJXWtzpPMJ5vgqI
--> ssh-ed25519 YYzA7Q nbNcoC5R6CxsZKEvscezknX56mvDnw3VdG2gApHcZVY
-AJHD+nM0OmZMX+aILK4s3x8wHI8K3O6hmb+1T7URTWc
--> ssh-ed25519 UbxDgg iK4ea0RJLy7UGCHe8B5g6qr7hpSMYvx3dSQ3DW47sS4
-8dAWBDtDOY3YB0u+aEiIUTMqBQqYxV/HafosHk5Vklo
---- wbbBYCiJ+zOdj8bEmKLSd+vU3RMGX5nulXAcKcK4fRI
-ÃUß$FÈqp¹¦h?üƒŸx«yd™Ì5±¡Ï¨èÎ>é„Ï*=/=­Gi(¦,êBw{ŽhÙr³Ôå-'X¯G™9…5#/ú'Ü!ë
\ No newline at end of file
+-> ssh-ed25519 i9wBeA 8PLBgO1NF5MRPY/2WsmqQ31meGxLEq1CTOqo5ngwTFo
+ymt1bCGSEN1jCb5zBc7gvaShzLKwT6Y5/J1/zO8PKWs
+-> ssh-ed25519 UbxDgg JPYD8E0EDn2eBL0IltQtrgfTfFM4fqtRCjIqmrBb8is
+QWzV5535zfi4wde4qY1TtWKwXEoSbkCRwpLt5R6k84I
+-> ssh-ed25519 YYzA7Q YEIN85tSaLGmjECEGPVWrVtX3gXGXqy7NZEtnW86fkk
+wPWnLtotf0JjJ+wPbz19DVYb8iXqXV9F61v54CAqoA4
+-> ssh-ed25519 3RWqPQ P13HdiuAj6ZOqfw41dlZdim/Qz7Pu9sQkeRbAOfKo3M
+9eI3OCu9corRl7Wnpa7o2d3JxtBR3ttJG021o8fDUL4
+--- keY3p62HlGCBh2Wu9a9ZO6jcmLuk7bX1cJrRg+0BAQU
+UO±«ÝµòPRU]ŽêÒ†fpšs…ýU³á˜WÂ9qÝLÈýoØyv%¬M0˜K„ØS€Iù[§Š;(½W("¶3)º½×
\ No newline at end of file
diff --git a/secrets/garage-metrics-token.age b/secrets/garage-metrics-token.age
old mode 100755
new mode 100644
index 2998028fcb640d5182e0b6d38c667b3f08b990e4..9c6bd90df21081d5b4ff9753b63987f395d596cd
GIT binary patch
delta 515
zcmX@ja++m=PIzEJj#FA<Nt&@+xnFU3u)lszzN>4xv%g7bnsJ3&ZlPypm48`^d1zo(
zF;_}*c($)sl(9)xhJkTKa(=pnk9)qQX=!R=Qe=9vL9$C|n3I!>SCW58_T+d*@$kwV
z?<Ak{(qMNB<I2)VR~N5RgUGP3{B)B-Kfg5nAj3+(Fq4S%@bXflVlGdg%1DE#DnHXi
zV@Gdy=cp`;)Etk9@Q4({N&}Zvzx1&DLQ~g@Q0Gjq^obwE>vQspe2UziyfTVPgOe?c
zJabIUb8;PxB3(-=Je-qqT+6h>5<Ma+T*I<MxsocY0&>HuTq2wTeIvpOOd?J5j9j$?
zb1N-!GfkbdlC(opDhrJgvy)x(xpeImii<OJQ&WsgO${v-jDx}p0|FJ2&E2#8-4nIl
zjFQ|#3Q|%k>kW&Nje?z%OS3YQQ#~vK%R>CJinB`+-3=VMOuhXK(hQSKll)vv-4dN6
z!VQxW4ZX9nLNX0Z%>8r2yu$KJqRdO3ovIwUbaizV64O0=Op}AmDpL%d3qz}1JcC0j
z($fN59V7ER3p0zg-F@;LtBfPFybVpb^5pjiCNEAfbY+mzd|NE5wZC=a&CN^JWJ;d6
zaQFOf+uhw7y%T$)l(pw>`sJ?q;=`jUwGZb8-Zc2?{BGZ`Q;YmeLt7a)`ll}wzUVI6
HyhZ{5{BO3?

delta 534
zcmX@ja++m=PJNnZVwPE1nO~-7MP!j>S&&n1Wl3;id1+LBK$%feK)RuaM|qxGq+yY3
zIaiTyiGPYql)HPdb9q6aqf2>}QL#sqrCVTSindFYSEffswwrmbuS>bN1(&X!LUD11
zZfc5=si~o*LTFNjOM1FOZkcy!m`k#wNwRBEfJa7UnVWlMc}bynxvQ(MpK)$_PL6p-
zlBK18ns$`|SD|NSo<&88Q>B|{g}!mVWk9%VL`g}hi<enosb8f_MoD3ip^KMMcvWEX
z#E;_j9!V}nMy0tSt`(I*AqGyNN&abOCT=<D#>H->rIjvb{#ix^o`&h3`gz%0o)P5*
zRY^Xn&Y_lWRZ&Js$;R55e&ONXmZ4dN{>B*|RiXJQCg!=J&KdbQeBxmkY-&{O5@8k@
zQD$nKlTuz^<d*Ign&Fm`VGx#)SMHRN=^q+a;p>&0Q_PhW?3$iq66WPpUSJYrnwg#B
zlTmDu7~z&$9v)bjSQ(I<>QrHxRFN2xV!@@WtE&*0=<Z%pm>!a8S(qA}A08Csm7Hbf
z;gg!2?`2@>Vo;V9;+*Lk;hP$)UCtFC6B3%T-F>$!cSm7>(1{!YpNDz7rZGh{`v$(S
z-mNsh{Bf}Xt5Z8)XYuj}37SEhzDTSU|Nrk#%DliA8HrB|>Rq}Iu8lKX>$+`vZtSg1
E03klTKL7v#

diff --git a/secrets/garage-rpc-secret.age b/secrets/garage-rpc-secret.age
old mode 100755
new mode 100644
index 65aaa9b..a544d5c
--- a/secrets/garage-rpc-secret.age
+++ b/secrets/garage-rpc-secret.age
@@ -1,12 +1,12 @@
 age-encryption.org/v1
--> ssh-ed25519 i9wBeA AtZIxAsM2lbP4hpZ5RjMkdVN3Ko4IVciNLsI+2ioh10
-HA5dZPJeO0RJpQVcXSTXl9Bzah55Md+UPldiz9NkzFM
--> ssh-ed25519 UbxDgg IT0sHTltNKJqDnBdJXcBa3D8LO0rWY1ff2yursA0zl4
-jKE3Y2zOL92q82mcmdwZ1zi9AyaGLF1i9kl1+gegb7o
--> ssh-ed25519 YYzA7Q DNlwj0lNOmQukfavVMyUxAJtNTpqKUobCu7stzrU/lg
-Qxu4ITmiPfhDUnMdfBQPVEJi8AkZ3wCpKsfMlkWKoNs
--> ssh-ed25519 UbxDgg bSJTVJtj9b4hb8/MFyWry79pez8xa2+lXgufBHinwz4
-lFnBfg1BZ9Kzb6wcYqbR0km9jRvSuK/fyhV5H508s24
---- RhUMM66NH9bAUKHjMiJdQXV96SBap8hKKGayMaZ578c
-b¦pïƒÎÒ›U}Á@¹=5Â«Á´¬·ƒÎ¦=îÈÈ
-T‰-Òï*¡÷MóÂÔìÉ³Ÿ¡5Ñ‹­Ì"æ`1[˜Û_rtž¬jU]ˆ&gŠŸ‹Õ ¼PÕqšà¸C8ñÔ
\ No newline at end of file
+-> ssh-ed25519 i9wBeA zKsnT6qzLx1lwXUOqSvz288GQvRuTSC4h1r1/peo4kI
+i/t/qhyZRcW3werLZMF6IY8YP5t/BcvyfsffDhz+toE
+-> ssh-ed25519 UbxDgg VZuoyPwHuaysdcvJlx6ILndEjQ0hKQN4kaJGzwutzEU
+zhGpGQYN6WiyJ9IXH/Kldfm1iTVcZYPvaUdxTyPfFbA
+-> ssh-ed25519 YYzA7Q Qlj5Oas+FqgbCBJjjBjcD/rlndFmU3XaB7IPzeS47DM
+rLs09r8RRq/SJd9oLJsDGibAZsKXo1SJ/qvi4Z4Vhhg
+-> ssh-ed25519 3RWqPQ NfcoP0kzkhHXvjbtmsWhrTu6jJ4Cby2C35JqE17qxzk
+wbWmgoZrN2hbblKEbEJ07IMI+ZZeVsOJLcEALYQ6tOo
+--- nZymvWQjoVNZRlBMvYxiQt/IvT8LuNZFR4hQF6pJR04
+]¼ï~4FÉOÞªªËÕÎ`Çds»O
+×>hæé¥5»ƒ­ø?›–€ÿ3œ!ü=s#f	R5scxãïÝˆJš]ä­û…ê;f$XùnGè³òµŠì³gó´Ð
\ No newline at end of file
diff --git a/secrets/headscale-authkey.age b/secrets/headscale-authkey.age
old mode 100755
new mode 100644
index e7872c754f68be0d34191d58957bac3c0fb2ecb7..f8dfd70a776cc16fc452d2d8b29ce6decec054bb
GIT binary patch
delta 519
zcmX@la-L;^PIyUfQgV)|r=NRhT3VoQZcadOMRH_*p`*4%MqrS+Z?d*WUSeXAm%p(`
zHdjh=n5k2_N3wshMP`I^U|L#+NorAHVqRpVmycUUva6A6Zcb%heu<&C<K%co@$drw
zKy&Xx?UJ(eiipzkfRw60Z|Csvis00WAb*QoZBL)nfGBt8oPg3y6RwOb*VJ<3$S|)c
z1DD{u{M;zBG#|f!P(u?_@1#nT0^i({kStFNqsowclZhY2>%9t7OUrz;-BKdM14}a_
zqB2~ayi>EvEX>?0B1+vO5<RN&g3WWZvwTAHxzaq!f(oK4@^b@C%sp~~olJs^QxZc9
z-LovyEt4xub3G~o5(}$>_1zLfxpeImii<OJQ&WsgO${v-jDx}p0|FINT|GTAD}p>z
zG6PFZ46_5h>y6VbQnl0E+>6}}!rd(^L&}OH0um#=3#;<E94&pKGV}u?T#QTuoRdn;
zN*se+qC%6rBO-Fl3JP-44U@e~Gu(=NlFiDwbaizVvV)Qh^j!+Wol6WH^P@`LT|+HR
zyiE-w{IU$ojl3OGQ}eRC^D8aNvH~o)9^7?&bU~Nvk>{VuYd<WXxTGho_LtjLv&hK6
z_}16IK3;j1b^G%bzVG{T`2GFXZrCQ~;qR5Ft*yFOJ;5M7I(;!i@!U&_Lba!Y-W&gw
LX5sf<^Xei1Gi<ul

delta 538
zcmX@la-L;^PQ7VRRk4q2etwFNTY9-km1S^=lUbgNd4NH1RAO*`w!V33lu3YJu5(0=
zFPB%6MM#KQw!WWsV5+;XnU`ycPgSOWMR>MFs+*@-fxBszuS;b>X?{hxBbTn7LUD11
zZfc5=si~o*LTFNjOM1FOk)fA=QmCato_lFpp;x|Vj$4k4OF+I$UZsCnQB_ioqouw}
zQdps-c}QkHmv2>4sDW`xWOzuplWU-RVrH;!qEEPSnukYbc}2dtesEP#mPK%ozG<<=
z#E;_jj((LvWlo76sg}tFiCGbjJ}JrB&IUOZVO5b~CP`V5MTQyqB`JX^{w~E_mZq7e
zL0)by5#a?T<`&68p2=CkMkeWo?gfse-lhdXX~7<j+3DKB79IvTd}0_G;1=qU>XGD`
zQyLKvkz!EqZRQ<X8tjx)5fzqPkZI^0lx9|u?w6Ei9LSX!QRtFc73Sk#rtj<PTwoF4
zROVf3=2YpHXzG%0T;h>gnHrMo6O`raYQUwdtE=D`SP<o??H3i465)|+;27$u?Uv{3
z=wjh*SRCqH=v`tSRS^>8>!R&!9LaTpjhDU2@~pAvi=M4w%t<>>S6z+2_4<{4ewMhl
zT<?Y{rGi%%oBN%dEF=2kOVq}Yt?MT*+Pf}$dDKRQtje|Z+MLxn?A-56<8?Nq$Hsal
J8MYnz4*+^lxh((y

diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index 542185d..e3d4571 100755
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -4,7 +4,7 @@ let
 
   valefar = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJlXq2lSfiWwRwIxsxhffW5FDGmjt0QKYN+BaikmRR71";
   buer = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMVhjwDcO8eleSoR8a37ZGGPvkHEgV+c8SYcy07SayPB";
-  focalor = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJlXq2lSfiWwRwIxsxhffW5FDGmjt0QKYN+BaikmRR71";
+  focalor = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA518oTmTp5VG60/dBrLu7rlV1hh8muhMattoiGfmrei";
   systems = [ valefar buer focalor];
 in
 {

From d90ad7fbc512389b84d20d1cb6f734b34744b4a4 Mon Sep 17 00:00:00 2001
From: waveringana <ana@nekomimi.pet>
Date: Sat, 21 Jun 2025 14:27:19 -0400
Subject: [PATCH 3/3] oops

---
 common/services.nix | 3 +++
 flake.nix           | 2 ++
 2 files changed, 5 insertions(+)

diff --git a/common/services.nix b/common/services.nix
index 288fad1..7f54d98 100755
--- a/common/services.nix
+++ b/common/services.nix
@@ -23,4 +23,7 @@
   services.tailscale.useRoutingFeatures = "both";
   services.tailscale.authKeyFile = lib.mkIf (config ? age && config.age ? secrets) 
     config.age.secrets."headscale-authkey".path;
+  services.tailscale.extraUpFlags = [
+    "--login-server=https://headscale.nekomimi.pet"
+  ];
 }
diff --git a/flake.nix b/flake.nix
index 189e09f..aa1275d 100755
--- a/flake.nix
+++ b/flake.nix
@@ -95,6 +95,8 @@
             ./hosts/buer
 
             agenix.nixosModules.default
+
+            { imports = builtins.attrValues nixosModules; }
           ];
         };
       };