andreas/nixos-config
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

fix home-manager and misc changes

Browse Source
This commit is contained in:
Andreas Schaafsma 2024-11-07 14:17:25 +01:00
parent dea19e0b3b
commit 01f1e82284
11 changed files with 237 additions and 46 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
.sops.yaml Normal file
View File

@ -0,0 +1,11 @@
keys:
- users:
- &andreas age19j24x89dfh4f7v58c8k64yupqas4f7qkkyper7yj9dd7vqwvvq0qkyvhxk # generated using cli
- hosts:
- &th0nkpad-nixos age1ma8x6wugvc40mkst33mejq0m6r44jk6zwjjun3znyer5nztgn9vs0nwjx4 # derived from ssh host key
creation_rules:
- path_regex: secrets.yaml$
key_groups:
- age:
- *andreas
- *th0nkpad-nixos

21
flake.lock generated
View File

@ -121,6 +121,26 @@
"type": "github" "type": "github"
} }
}, },
"home-manager": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1730837930,
"narHash": "sha256-0kZL4m+bKBJUBQse0HanewWO0g8hDdCvBhudzxgehqc=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "2f607e07f3ac7e53541120536708e824acccfaa8",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "home-manager",
"type": "github"
}
},
"nixos-cosmic": { "nixos-cosmic": {
"inputs": { "inputs": {
"flake-compat": "flake-compat", "flake-compat": "flake-compat",
@ -262,6 +282,7 @@
"root": { "root": {
"inputs": { "inputs": {
"game-of-life": "game-of-life", "game-of-life": "game-of-life",
"home-manager": "home-manager",
"nixos-cosmic": "nixos-cosmic", "nixos-cosmic": "nixos-cosmic",
"nixos-wsl": "nixos-wsl", "nixos-wsl": "nixos-wsl",
"nixpkgs": "nixpkgs_4", "nixpkgs": "nixpkgs_4",

24
flake.nix
View File

@ -17,9 +17,14 @@
url = "github:mic92/sops-nix"; url = "github:mic92/sops-nix";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
home-manager = {
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs";
};
}; };
outputs = inputs: let outputs = inputs:
let
lib = inputs.snowfall-lib.mkLib { lib = inputs.snowfall-lib.mkLib {
inherit inputs; inherit inputs;
src = ./.; src = ./.;
@ -27,7 +32,7 @@
channels-config = { channels-config = {
allowUnfree = true; allowUnfree = true;
allowUnfreePredicate = _: true; allowUnfreePredicate = _: true;
permittedInsecurePackages = ["openssl-1.1.1w"]; permittedInsecurePackages = [ "openssl-1.1.1w" ];
}; };
# Configure Snowfall Lib, all of these settings are optional. # Configure Snowfall Lib, all of these settings are optional.
@ -55,7 +60,20 @@
inherit inputs; inherit inputs;
src = ./.; src = ./.;
nixos = with inputs; [
# disko.nixosModules.disko
# impermanence.nixosModules.impermanence
home-manager.nixosModules.home-manager
{
home-manager = {
useGlobalPkgs = true;
useUserPackages = true;
};
}
# nix-ld.nixosModules.nix-ld
# sops-nix.nixosModules.sops
# stylix.nixosModules.stylix
];
systems.modules.nixos = with inputs; [ systems.modules.nixos = with inputs; [
# my-input.nixosModules.my-module # my-input.nixosModules.my-module

0
homes/x86_64-linux/andreas@nixos-wsl/.gitkeep Normal file
View File

39
homes/x86_64-linux/andreas@nixos-wsl/default.nix
View File

@ -1,39 +0,0 @@
{
config,
lib,
pkgs,
...
}: let
inherit (lib.mine) enabled;
in {
imports = [
../modules.nix
];
mine.home = {
gui-apps = {
hexchat = enabled;
};
networking = enabled;
sops.secrets.deploy_ed25519 = {
mode = "0400";
path = "${config.home.homeDirectory}/.ssh/deploy_ed25519";
};
tui.neomutt.personalEmail = true;
personal-apps = enabled;
suites.laptop = enabled;
user.settings = {
stylix = {
fonts = {
terminalSize = 10.0;
waybarSize = 12;
};
image = ../../../systems/x86_64-linux/ironman-laptop/ffvii.jpg;
};
transparancy.terminalOpacity = 0.85;
};
waybar.resolution = 768;
};
home = {
packages = [pkgs.tochd];
};
}

0
homes/x86_64-linux/andreas@th0nkpad-nixos/.gitkeep Normal file
View File

24
homes/x86_64-linux/andreas@th0nkpad-nixos/default.nix
View File

@ -0,0 +1,24 @@
{ config
, lib
, pkgs
, ...
}:
let
inherit (lib.my-namespace) enabled;
in
{
imports = [
# ../modules.nix
];
my-namespace.home = {
stream-tools = enabled;
# networking = enabled;
# personal-apps = enabled;
# suites.laptop = enabled;
};
home = {
packages = [
pkgs.nil
];
};
}

106
modules/home/home/default.nix Normal file
View File

@ -0,0 +1,106 @@
{
config,
lib,
pkgs,
...
}: let
inherit (lib) mkIf;
inherit (lib.mine) enabled;
imp = config.mine.home.impermanence.enable;
in {
config = {
home = {
packages = with pkgs; [
dig
duf
du-dust
eltclsh
fzf
idracclient
inetutils
jq
neofetch
nerdfonts
nodejs_18
p7zip
poppler_utils
pv
qrencode
restic
rclone
ripgrep
switchssh
unzip
yq
zip
];
sessionPath = ["$HOME/bin" "$HOME/.local/bin"];
shellAliases = {
# "df" = "duf -only local";
# "du" = "dust -xd1 --skip-total";
# # "ducks" = "du -chs * 2>/dev/null | sort -rh | head -11 && du -chs .* 2>/dev/null | sort -rh | head -11";
# "gmount" = "rclone mount google:/ ~/Drive/";
"df" = "df -h";
"nano" = "vim";
};
stateVersion = "24.05";
};
# manual = {
# html.enable = false;
# manpages.enable = false;
# json.enable = false;
# };
programs = {
bash = {
enable = true;
enableCompletion = true;
enableVteIntegration = true;
};
dircolors = enabled;
direnv = {
enable = true;
enableBashIntegration = true;
nix-direnv = enabled;
};
gpg = {
enable = true;
settings = {
personal-cipher-preferences = "AES256 AES192 AES";
personal-digest-preferences = "SHA512 SHA384 SHA256";
personal-compress-preferences = "ZLIB BZIP2 ZIP Uncompressed";
default-preference-list = "SHA512 SHA384 SHA256 AES256 AES192 AES ZLIB BZIP2 ZIP Uncompressed";
cert-digest-algo = "SHA512";
s2k-digest-algo = "SHA512";
s2k-cipher-algo = "AES256";
charset = "utf-8";
fixed-list-mode = true;
no-comments = true;
no-emit-version = true;
no-greeting = true;
keyid-format = "0xlong";
list-options = "show-uid-validity";
verify-options = "show-uid-validity";
with-fingerprint = true;
require-cross-certification = true;
no-symkey-cache = true;
use-agent = true;
throw-keyids = true;
};
};
home-manager = enabled;
};
services = {
gpg-agent = {
enable = true;
enableScDaemon = true;
enableSshSupport = true;
extraConfig = ''
ttyname $GPG_TTY
'';
defaultCacheTtl = 10800;
maxCacheTtl = 21600;
};
};
};
}

4
modules/home/stream-tools.nix → modules/home/stream-tools/default.nix
View File

@ -4,8 +4,8 @@
lib, lib,
... ...
}: let }: let
inherit (lib.my-namespace) mkEnableOption mkIf; inherit (lib) mkEnableOption mkIf;
cfg = config.my-namespace.home.stream-tools; cfg = config.mine.home.stream-tools;
in { in {
options.my-namespace.home.stream-tools = { options.my-namespace.home.stream-tools = {
enable = mkEnableOption "Enable the Stream Machine Tools"; enable = mkEnableOption "Enable the Stream Machine Tools";

42
secrets.yaml Normal file
View File

@ -0,0 +1,42 @@
private-keys:
andreas: ENC[AES256_GCM,data:UMOMU5vd+kOvReBP+noCPopsP90uAx0UM5mLgsXX1obks3DvcW28yVpLR952CroDzUOYwpkQ+7MheBznZxVfG6+b36rzphIUyDXArix3c90mak+4fhkUFAxsAW2VeKzUTGEBIUiejtfW4sBaHoQVWpDBSLbGajB9GzBXspNR+J/nriD8xas9ZkvYvFM4BIKM5vFNQxCGUy44IyHffxtX9kHjboiSeIgK7Gj1hA4iC/byIBqTLzJOCBHQs3irs/CSbZgFR7MFuiqR2ZWVdJ1dKAr9fejd36muymsutVUDzTsq/P1Id0YlgnYVcpJxAMHKq8QEZu8yNLEzkr/QMxs5Z2Bu93CkiJDAGXJZvtipfLX0UtIkResCLBD40EKty8U2OnKwm4k3xzJoHRTZ3qVnJQGESYHTZHHumRRcDYJnQBL6iav50mG0KS0mfcoetoDTpQfxsi3OnLO7kjSP2fE8sSJRi363nfciBwH/TTf911HhD5ruOo3bQeryjtGN8Y+PAqvrILiIKPODvoRVqaka,iv:lvlaQwEzDpvdSjH6Z4NrzABifyVP5jyzERHP72CSbis=,tag:rmSINraNXFZElfFHZDqeeQ==,type:str]
andreas-password: ENC[AES256_GCM,data:XBvfrBSrlKzpO9vgmwQYJshlJH1OCMrcdfYMvp32ZOFZSf4/GrM/FRaatS7to+0ZgJlLNt+npSK0nwV8NXvwgHgN8bsuDiL7KQ==,iv:lD0ruX5AVKVfdA0/vpeUAPf5cTSExyaF8VWebFkbXV8=,tag:nAuwEkHGtlEzu8Qbe0ECdA==,type:str]
#ENC[AES256_GCM,data:aX2EVkOK7ivoDTzSMmonY64dU6mnRjE83sA3MFIPnzeJ5snZN8WY9PF1CmkDU/ZVB+j9Law=,iv:sPfVyBuGCyd/Y9Lw9cl0akA2IUE5/Yi5C07dh6Ioyu0=,tag:tOT5uHVdgYG+/E4ye0QcFg==,type:comment]
#ENC[AES256_GCM,data:djH8vAA+TvvbA/Jsuvca7E4o6pYTfKGGdK4=,iv:5Dw0niDhi7P6P9XRz2qgSL3CxpiXBtIsekOMycroLrA=,tag:OSvPPgq0kV4JskrQ86Qp5A==,type:comment]
#ENC[AES256_GCM,data:C1BstOPXnCf4Cr8UlanCegA=,iv:k9Me959xb6Weg/yArAIg5kWH36se/yyGWNQUu314uw0=,tag:x0bTh0bsYxbCX5GObsGI5g==,type:comment]
#ENC[AES256_GCM,data:Q0vsUrzlOgDICeIxXtc=,iv:gR8sYrtE/v9GGDEO2nj/v5IHr9ycXhvv1VcB/dEH/FU=,tag:FBde9vkRM/drFtpTWfLcNg==,type:comment]
#ENC[AES256_GCM,data:LoKuLBSze19z0U/45DBFt6aEJBs=,iv:Btk0sBgj8h5Qk5eYNwPHULuhPu0nXSXE2iR4UVFcBeA=,tag:S2I9HQkeo/jJboy44vrgCw==,type:comment]
#ENC[AES256_GCM,data:wDZ6Ln5teASPxXPvQGRZCdBIvfY=,iv:Qnx32skeDMB21GwhXd5fImkHS+y+HUOdNvbMT2mpy6A=,tag:BKl04542M8rH6BpFERqHZg==,type:comment]
#ENC[AES256_GCM,data:f+g7qdm8xf/wDhQqlnzIdmHhzfOG73VWfdw=,iv:/kDspwnXH7QfhzUuHATQTniLm/ZX6mo/QGxyQXdubcY=,tag:muoXeMNHb5vqm8IoC6Gl4A==,type:comment]
#ENC[AES256_GCM,data:42kR+DANphdxNVWNlxePU8U=,iv:JeZgMtb7a+/7V5hruQIHio0Aj+ThpHZwajx10e0rqOA=,tag:Ln+7DFl6+aq4YLZ8GK9qOg==,type:comment]
#ENC[AES256_GCM,data:DjK/fZDWEaa2BA==,iv:AnceR62V3OJrn5utgdffMcC+mWdxsUYMYn6454SVCsY=,tag:MRa8cDMEMGtBCxvqcKy/0Q==,type:comment]
#ENC[AES256_GCM,data:jqzidzai+6ShhzM=,iv:PDjUgLaoFVxAWBLXfWkXRzBp5BuvGU7DCorRYY6dan0=,tag:dKa2O7n/jno/M5nzCzCD/w==,type:comment]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age19j24x89dfh4f7v58c8k64yupqas4f7qkkyper7yj9dd7vqwvvq0qkyvhxk
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBdGZlV3R4eW5FYS9HZGYr
N3VSR0tIbzUrL0RsUEw2NkZtUWcxVG55bEIwCjQ5U0Ztd1luUEQ2SEg4RHA2RWRK
K3dhN2liMDYyZElhbkZEUC9namhrc2MKLS0tIEhYTEYwQWduNkdKbGJQcTBRUWVG
aDMwR1I5NG13dUhwRXg1TXI4dG9nWXMKti+hv0+7/Rz0W22bToYs1/DFzoMllHpB
7uuVpUFDuC2D40ize0UX4rJ8Yo63lhJrRpsxIhzkP/vq+wMAFrKKLg==
-----END AGE ENCRYPTED FILE-----
- recipient: age1ma8x6wugvc40mkst33mejq0m6r44jk6zwjjun3znyer5nztgn9vs0nwjx4
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBnK0dSTTVJWmt3aS91UmFm
Ui9zT3VpMlBybWJXOVdKdU5mTkprdU5WRm00CktHd2g4M1VldHhTQyszRTVTOUtt
Mld4a3lYSHF2SytIc0RjQ1RoODQvaE0KLS0tIGN3SlpMeTEvNktNSm5oT0dXRVFr
UmZrTXhyM2hYWW1kY05xa01PM1MzUDAK67AkP1XE445RXbVxcksRXL7MYHFjLPLV
ITL404AabakBeOX9yixwymzkD1BbUYEdW6N28ntqdH5cZZfVteYdMA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-11-07T10:47:23Z"
mac: ENC[AES256_GCM,data:zqkbmx7XIHQnOVkozPLiBzsNhACbGwvWiFcFlEHhlyEeQ7rvltLlUlgivb7aawwG1RuxCwshHwLfuKRQ/iGJcXjFO4UM5VER6CAA/88UrpgXW8VBw8iuchr+Y58lu0s+98fj7VffcuWjhJ1AYvBxFaTZA6DjxFjv3l1Gyxtw6kM=,iv:XG9Qb61INy1OJZjI3cDbY9fswLqf8+QvcUMrmtKGtuQ=,tag:+JacTF/+qU+j/cm8Wn1c8g==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.9.1

10
systems/x86_64-linux/th0nkpad-nixos/default.nix
View File

@ -54,7 +54,7 @@ in
# thunderbird # thunderbird
]; ];
}; };
lib.my-namespace.home.stream-tools.enable = true; # lib.my-namespace.home.stream-tools.enable = true;
# Open ports in the firewall. # Open ports in the firewall.
@ -91,10 +91,18 @@ in
flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo
''; '';
}; };
services.openssh = {
enable = true;
passwordAuthentication = true;
};
# services.xrdp.enable = true; # services.xrdp.enable = true;
# services.xrdp.defaultWindowManager = "${pkgs.gnome-session}/bin/gnome-session"; # services.xrdp.defaultWindowManager = "${pkgs.gnome-session}/bin/gnome-session";
# services.xrdp.openFirewall = true; # services.xrdp.openFirewall = true;
# Disable the GNOME3/GDM auto-suspend feature that cannot be disabled in GUI! # Disable the GNOME3/GDM auto-suspend feature that cannot be disabled in GUI!
# If no user is logged in, the machine will power down after 20 minutes. # If no user is logged in, the machine will power down after 20 minutes.
systemd.targets.sleep.enable = false; systemd.targets.sleep.enable = false;