gerg-l/nixos
1
0
Fork 0
mirror of https://github.com/Gerg-L/nixos.git synced 2025-12-10 00:43:56 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

localModules -> local

Browse source 
moved keys to their own module

updated nix

switching pinning method
This commit is contained in:
Gerg-L 2023-07-02 00:33:46 -04:00
parent 2057ff5d17
commit 160a5c3ffe
24 changed files with 187 additions and 109 deletions
Download patch file Download diff file Expand all files Collapse all files

4
modules/DE/dwm.nix
View file

@ -8,9 +8,9 @@
lib,
...
}: {
options.localModules.DE.dwm.enable = lib.mkEnableOption "";
options.local.DE.dwm.enable = lib.mkEnableOption "";
config = lib.mkIf config.localModules.DE.dwm.enable {
config = lib.mkIf config.local.DE.dwm.enable {
services.gvfs.enable = true;
services.xserver = {
enable = true;

4
modules/DE/gnome.nix
View file

@ -4,9 +4,9 @@ _: {
pkgs,
...
}: {
options.localModules.DE.gnome.enable = lib.mkEnableOption "";
options.local.DE.gnome.enable = lib.mkEnableOption "";
config = lib.mkIf config.localModules.DE.gnome.enable {
config = lib.mkIf config.local.DE.gnome.enable {
environment = {
systemPackages = [pkgs.gnome.gnome-calculator];
gnome.excludePackages = builtins.attrValues {

4
modules/DE/xfce.nix
View file

@ -4,9 +4,9 @@ _: {
pkgs,
...
}: {
options.localModules.DE.xfce.enable = lib.mkEnableOption "";
options.local.DE.xfce.enable = lib.mkEnableOption "";
config = lib.mkIf config.localModules.DE.xfce.enable {
config = lib.mkIf config.local.DE.xfce.enable {
environment.systemPackages = [pkgs.xfce.xfce4-whiskermenu-plugin];
services.xserver = {
enable = true;

6
modules/DM/autoLogin.nix
View file

@ -3,7 +3,7 @@ _: {
lib,
...
}: {
options.localModules.DM = {
options.local.DM = {
autoLogin = lib.mkEnableOption "";
loginUser = lib.mkOption {
type = lib.types.nullOr lib.types.str;
@ -11,11 +11,11 @@ _: {
};
};
config = lib.mkIf config.localModules.DM.autoLogin {
config = lib.mkIf config.local.DM.autoLogin {
services.xserver.displayManager = {
autoLogin = {
enable = true;
user = config.localModules.DM.loginUser;
user = config.local.DM.loginUser;
};
};
};

6
modules/DM/lightDM.nix
View file

@ -4,9 +4,9 @@
pkgs,
...
}: {
options.localModules.DM.lightdm.enable = lib.mkEnableOption "";
options.local.DM.lightdm.enable = lib.mkEnableOption "";
config = lib.mkIf config.localModules.DM.lightdm.enable {
config = lib.mkIf config.local.DM.lightdm.enable {
services.xserver = {
displayManager = {
lightdm = {
@ -15,7 +15,7 @@
extraConfig = "minimum-vt=1";
greeters.mini = {
enable = true;
user = config.localModules.DM.loginUser;
user = config.local.DM.loginUser;
extraConfig = ''
[greeter]
show-password-label = false

4
modules/X11.nix
View file

@ -4,9 +4,9 @@ _: {
lib,
...
}: let
cfg = config.localModules.X11Programs;
cfg = config.local.X11Programs;
in {
options.localModules.X11Programs = {
options.local.X11Programs = {
sxhkd.enable = lib.mkEnableOption "";
};
config = lib.mkMerge [

30
modules/builders.nix
View file

@ -3,13 +3,13 @@ _: {
lib,
...
}: {
options.localModules.remoteBuild = {
options.local.remoteBuild = {
enable = lib.mkEnableOption "";
isBuilder = lib.mkEnableOption "";
};
config = lib.mkMerge [
(
lib.mkIf config.localModules.remoteBuild.enable {
lib.mkIf config.local.remoteBuild.enable {
nix = {
settings = {
keep-outputs = false;
@ -18,7 +18,6 @@ _: {
max-jobs = 0;
substituters = ["ssh-ng://nix-ssh@gerg-desktop" "https://cache.nixos.org/"];
trusted-public-keys = ["gerg-desktop:6p1+h6jQnb1MOt3ra3PlQpfgEEF4zRrQWiEuAqcjBj8=" "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="];
secret-key-files = "/persist/cache-keys/cache-priv-key.pem";
};
distributedBuilds = true;
buildMachines = [
@ -30,29 +29,24 @@ _: {
supportedFeatures = ["big-parallel" "nixos-test" "kvm" "benchmark"];
sshUser = "builder";
sshKey = "/etc/ssh/ssh_host_ed25519_key";
publicHostKey = "BQxvBOWsTw1gdNDR0KzrSRmbVhDrJdG05vYXkVmw8yA";
publicHostKey = config.local.keys.gerg-desktop_fingerprint;
}
];
};
programs.ssh.knownHosts = {
gerg-desktop = {
extraHostNames = ["gerg-desktop.lan"];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIeHsGcmOdIMzV+SNe4WFcA3CPHCNb1aqxThkXtm7G/1";
};
};
}
)
(
let
keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIq9YTf4jlVCKBKn44m4yJvj94C7pTOyaa4VjZFohNqD root@mom-laptop"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJUKHZasYQUAmRBiqtx1drDxfq18/N4rKydCtPHx461I root@game-laptop"
config.local.keys.root_moms-laptop
config.local.keys.root_game-laptop
];
in
lib.mkIf
config.localModules.remoteBuild.isBuilder
config.local.remoteBuild.isBuilder
{
sops.secrets.store_key = {};
users = {
groups.builder = {};
users.builder = {
@ -63,12 +57,22 @@ _: {
group = "builder";
};
};
services.openssh.extraConfig = ''
Match User builder
AllowAgentForwarding no
AllowTcpForwarding no
PermitTTY no
PermitTunnel no
X11Forwarding no
Match All
'';
nix = {
settings = {
trusted-users = ["builder" "nix-ssh"];
keep-outputs = true;
keep-derivations = true;
secret-key-files = config.sops.secrets.store_key.path;
};
sshServe = {
enable = true;

20
modules/direnv.nix
View file

@ -5,11 +5,9 @@ _: {pkgs, ...}: {
DIRENV_LOG_FORMAT = "";
DIRENV_CONFIG = "/etc/direnv";
};
#other direnv configuration goes here
etc."direnv/direnvrc".text = ''
source ${pkgs.nix-direnv}/share/nix-direnv/direnvrc
if [ -e $HOME/.config/direnv/direnvrc ] ; then
source $HOME/.config/direnv/direnvrc
fi
'';
};
programs = {
@ -23,12 +21,14 @@ _: {pkgs, ...}: {
eval "$(direnv hook bash)"
fi
'';
# fish.enable = true;
# fish.interactiveShellInit = ''
# if status --is-interactive; and not printenv PATH | grep -qc '/nix/store'; and [ -z "$IN_NIX_SHELL" ];
# direnv hook fish | source;
# echo "loaded direnv";
# end
# '';
# doesn't work for some reason
# fish.enable = true;
# fish.interactiveShellInit = ''
# set -g direnv_fish_mode disable_arrow
# if status --is-interactive; and not printenv PATH | grep -qc '/nix/store'; and [ -z "$IN_NIX_SHELL" ];
# direnv hook fish | source;
# echo "loaded direnv";
# end
# '';
};
}

4
modules/git.nix
View file

@ -4,12 +4,12 @@ _: {
lib,
...
}: {
options.localModules.git.disable = lib.mkOption {
options.local.git.disable = lib.mkOption {
type = lib.types.bool;
default = false;
};
config = lib.mkIf (! config.localModules.git.disable) {
config = lib.mkIf (! config.local.git.disable) {
programs.git = {
enable = true;
package = pkgs.gitMinimal;

4
modules/hardware.nix
View file

@ -3,9 +3,9 @@ _: {
lib,
...
}: let
cfg = config.localModules.hardware;
cfg = config.local.hardware;
in {
options.localModules.hardware = {
options.local.hardware = {
gpuAcceleration = {
disable = lib.mkOption {
type = lib.types.bool;

18
modules/keys.nix Normal file
View file

@ -0,0 +1,18 @@
_: {lib, ...}: {
options = {
local.keys = lib.mkOption {
default = {};
};
};
config = {
local.keys = {
gerg_gerg-phone = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDU6BnoHIgMLgZVGuvi03J9l5Z1yP1P5Q8QPyjRHyi77 gerg@gerg-phone";
gerg_gerg-windows = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILpYY2uw0OH1Re+3BkYFlxn0O/D8ryqByJB/ljefooNc gerg@gerg-windows";
root_moms-laptop = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIq9YTf4jlVCKBKn44m4yJvj94C7pTOyaa4VjZFohNqD root@moms-laptop";
root_game-laptop = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJUKHZasYQUAmRBiqtx1drDxfq18/N4rKydCtPHx461I root@game-laptop";
root_gerg-desktop = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIeHsGcmOdIMzV+SNe4WFcA3CPHCNb1aqxThkXtm7G/1 root@gerg-desktop";
gerg-desktop_fingerprint = "BQxvBOWsTw1gdNDR0KzrSRmbVhDrJdG05vYXkVmw8yA";
gerg_gerg-desktop = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJWbwkFJmRBgyWyWU+w3ksZ+KuFw9uXJN3PwqqE7Z/i8 gerg@gerg-desktop";
};
};
}

1
modules/misc.nix
View file

@ -7,7 +7,6 @@ _: {
options = {
dummyvalue = lib.mkOption {
default = {};
type = lib.configType;
};
nixpkgs.allowedUnfree = lib.mkOption {
type = lib.types.listOf lib.types.string;

3
modules/pinning.nix
View file

@ -4,8 +4,7 @@ in
lib.pipe alias [
(lib.filterAttrs (_: v: v._type == "flake"))
(lib.mapAttrsToList (n: input: {
environment.etc."nixpath/${n}".source = input.outPath;
nix.nixPath = ["${n}=/etc/nixpath/${n}"];
nix.nixPath = ["${n}=flake:${n}"];
nix.registry.${n}.flake = input;
}))
lib.mkMerge

52
modules/shell.nix
View file

@ -66,17 +66,54 @@
syntaxHighlighting.enable = true;
histSize = 10000;
histFile = "$HOME/.cache/zsh_history";
interactiveShellInit = ''
zle-line-init() {
emulate -L zsh
[[ $CONTEXT == start ]] || return 0
while true; do
zle .recursive-edit
local -i ret=$?
[[ $ret == 0 && $KEYS == $'\4' ]] || break
[[ -o ignore_eof ]] || exit 0
done
local saved_prompt=$PROMPT
local saved_rprompt=$RPROMPT
PROMPT='\$ '
RPROMPT='''
zle .reset-prompt
PROMPT=$saved_prompt
RPROMPT=$saved_rprompt
if (( ret )); then
zle .send-break
else
zle .accept-line
fi
return ret
}
zle -N zle-line-init
'';
};
#starship
starship = {
enable = true;
settings = {
add_newline = false;
format = "$sudo$nix_shell\${custom.direnv}$cmd_duration\n$git_metrics$git_state$git_branch\n$directory$character";
format = "$cmd_duration$git_metrics$git_state$git_branch\n$status$directory$character";
right_format = "$sudo$nix_shell\${custom.direnv} $time";
continuation_prompt = " ";
character = {
success_symbol = "[\\$](#9ece6a bold)";
error_symbol = "[\\$](#db4b4b bold)";
};
status = {
disabled = false;
format = "[$status]($style) ";
};
nix_shell = {
format = "[󱄅 ](#74b2ff)";
heuristic = true;
@ -104,6 +141,19 @@
style = "#36c692";
when = "printenv DIRENV_FILE";
};
time = {
format = "[$time]($style)\n";
time_format = "%I:%M %p";
disabled = false;
};
# username = {
# format = "[$user]($style)";
# show_always = true;
# };
# hostname = {
# ssh_only = false;
# format = "[$hostname]($style)";
# };
};
};
};

4
modules/theming.nix
View file

@ -4,9 +4,9 @@ _: {
lib,
...
}: let
cfg = config.localModules.theming;
cfg = config.local.theming;
in {
options.localModules.theming = {
options.local.theming = {
enable = lib.mkEnableOption "";
kmscon.enable = lib.mkEnableOption "";
};