add mpro

Signed-off-by: Harald Hoyer <harald@hoyer.xyz>
2024-03-12 00:24:28 +01:00 · 2024-03-12 00:24:28 +01:00 · 5e2d3a6ce4
commit 5e2d3a6ce4
parent dd3dd53e11
25 changed files with 665 additions and 20 deletions
--- a/modules/darwin/home/default.nix
+++ b/modules/darwin/home/default.nix
@ -0,0 +1,40 @@
+{ options, config, pkgs, lib, inputs, ... }:
+
+with lib;
+with lib.plusultra;
+let
+  cfg = config.plusultra.home;
+in
+{
+  # imports = with inputs; [
+  #   home-manager.darwinModules.home-manager
+  # ];
+
+  options.plusultra.home = with types; {
+    file = mkOpt attrs { }
+      "A set of files to be managed by home-manager's <option>home.file</option>.";
+    configFile = mkOpt attrs { }
+      "A set of files to be managed by home-manager's <option>xdg.configFile</option>.";
+    extraOptions = mkOpt attrs { } "Options to pass directly to home-manager.";
+    homeConfig = mkOpt attrs { } "Final config for home-manager.";
+  };
+
+  config = {
+    plusultra.home.extraOptions = {
+      home.stateVersion = mkDefault "23.11";
+      home.file = mkAliasDefinitions options.plusultra.home.file;
+      xdg.enable = true;
+      xdg.configFile = mkAliasDefinitions options.plusultra.home.configFile;
+    };
+
+    snowfallorg.users.${config.plusultra.user.name}.home.config = mkAliasDefinitions options.plusultra.home.extraOptions;
+
+    home-manager = {
+      useUserPackages = true;
+      useGlobalPkgs = true;
+
+      # users.${config.plusultra.user.name} = args:
+      #   mkAliasDefinitions options.plusultra.home.extraOptions;
+    };
+  };
+}
--- a/modules/darwin/nix/default.nix
+++ b/modules/darwin/nix/default.nix
@ -0,0 +1,74 @@
+{ options
+, config
+, pkgs
+, lib
+, ...
+}:
+with lib;
+with lib.plusultra; let
+  cfg = config.plusultra.nix;
+in
+{
+  options.plusultra.nix = with types; {
+    enable = mkBoolOpt true "Whether or not to manage nix configuration.";
+    package = mkOpt package pkgs.nixUnstable "Which nix package to use.";
+  };
+
+  config = mkIf cfg.enable {
+    environment.systemPackages = with pkgs; [
+      deploy-rs
+      nixfmt
+      nix-index
+      nix-prefetch-git
+    ];
+
+    nix =
+      let
+        users = [ "root" config.plusultra.user.name ];
+      in
+      {
+        package = cfg.package;
+
+        settings = {
+          experimental-features = "nix-command flakes";
+          http-connections = 50;
+          warn-dirty = false;
+          log-lines = 50;
+
+          # Large builds apparently fail due to an issue with darwin:
+          # https://github.com/NixOS/nix/issues/4119
+          sandbox = false;
+
+          # This appears to break on darwin
+          # https://github.com/NixOS/nix/issues/7273
+          auto-optimise-store = false;
+
+          allow-import-from-derivation = true;
+
+          trusted-users = users;
+          allowed-users = users;
+
+          # NOTE: This configuration is generated by nix-installer so I'm adding it here in
+          # case it becomes important.
+          extra-nix-path = "nixpkgs=flake:nixpkgs";
+          build-users-group = "nixbld";
+        };
+        #// (lib.optionalAttrs config.plusultra.tools.direnv.enable {
+        #  keep-outputs = true;
+        #  keep-derivations = true;
+        #});
+
+        gc = {
+          automatic = true;
+          interval = { Day = 7; };
+          options = "--delete-older-than 30d";
+          user = config.plusultra.user.name;
+        };
+
+        # flake-utils-plus
+        generateRegistryFromInputs = true;
+        generateNixPathFromInputs = true;
+        linkInputs = true;
+      };
+  };
+}
--- a/modules/darwin/security/gpg/default.nix
+++ b/modules/darwin/security/gpg/default.nix
@ -0,0 +1,85 @@
+{ lib, config, pkgs, inputs, ... }:
+
+let
+  inherit (lib) types mkEnableOption mkIf;
+  inherit (lib.plusultra) mkOpt;
+
+  cfg = config.plusultra.security.gpg;
+  gpg = config.plusultra.security.gpg;
+  user = config.plusultra.user;
+  gpgConf = "${inputs.gpg-base-conf}/gpg.conf";
+
+  gpgAgentConf = ''
+    enable-ssh-support
+    default-cache-ttl 60
+    max-cache-ttl 120
+  '';
+
+  guide = "${inputs.yubikey-guide}/README.md";
+
+  theme = pkgs.fetchFromGitHub {
+    owner = "jez";
+    repo = "pandoc-markdown-css-theme";
+    rev = "019a4829242937761949274916022e9861ed0627";
+    sha256 = "1h48yqffpaz437f3c9hfryf23r95rr319lrb3y79kxpxbc9hihxb";
+  };
+
+  guideHTML = pkgs.runCommand "yubikey-guide" { } ''
+    ${pkgs.pandoc}/bin/pandoc \
+      --standalone \
+      --metadata title="Yubikey Guide" \
+      --from markdown \
+      --to html5+smart \
+      --toc \
+      --template ${theme}/template.html5 \
+      --css ${theme}/docs/css/theme.css \
+      --css ${theme}/docs/css/skylighting-solarized-theme.css \
+      -o $out \
+      ${guide}
+  '';
+
+  reload-yubikey = pkgs.writeShellScriptBin "reload-yubikey" ''
+    ${pkgs.gnupg}/bin/gpg-connect-agent "scd serialno" "learn --force" /bye
+  '';
+in
+{
+  options.plusultra.security.gpg = {
+    enable = mkEnableOption "GPG";
+    agentTimeout = mkOpt types.int 5 "The amount of time to wait before continuing with shell init.";
+  };
+
+  config = mkIf cfg.enable {
+    environment.systemPackages = with pkgs; [
+      gnupg
+    ];
+
+    environment.shellInit = ''
+      export GPG_TTY="$(tty)"
+      export SSH_AUTH_SOCK=$(${pkgs.gnupg}/bin/gpgconf --list-dirs agent-ssh-socket)
+
+      ${pkgs.coreutils}/bin/timeout ${builtins.toString cfg.agentTimeout} ${pkgs.gnupg}/bin/gpgconf --launch gpg-agent
+      gpg_agent_timeout_status=$?
+
+      if [ "$gpg_agent_timeout_status" = 124 ]; then
+        # Command timed out...
+        echo "GPG Agent timed out..."
+        echo 'Run "gpgconf --launch gpg-agent" to try and launch it again.'
+      fi
+    '';
+
+    programs.gnupg.agent = {
+      enable = true;
+      enableSSHSupport = true;
+    };
+
+    plusultra.home.file = {
+      ".gnupg/.keep".text = "";
+
+      ".gnupg/yubikey-guide.md".source = guide;
+      ".gnupg/yubikey-guide.html".source = guideHTML;
+
+      ".gnupg/gpg.conf".source = gpgConf;
+      ".gnupg/gpg-agent.conf".text = gpgAgentConf;
+    };
+  };
+}
--- a/modules/darwin/services/nix-daemon/default.nix
+++ b/modules/darwin/services/nix-daemon/default.nix
@ -0,0 +1,17 @@
+{ lib, config, ... }:
+
+let
+  inherit (lib) types mkIf;
+  inherit (lib.plusultra) mkOpt enabled;
+
+  cfg = config.plusultra.services.nix-daemon;
+in
+{
+  options.plusultra.services.nix-daemon = {
+    enable = mkOpt types.bool true "Whether to enable the Nix daemon.";
+  };
+
+  config = mkIf cfg.enable {
+    services.nix-daemon = enabled;
+  };
+}
--- a/modules/darwin/suites/common/default.nix
+++ b/modules/darwin/suites/common/default.nix
@ -0,0 +1,39 @@
+{ options, config, lib, pkgs, ... }:
+
+with lib;
+with lib.plusultra;
+let
+  cfg = config.plusultra.suites.common;
+in
+{
+  options.plusultra.suites.common = with types; {
+    enable = mkBoolOpt false "Whether or not to enable common configuration.";
+  };
+
+  config = mkIf cfg.enable {
+    programs.fish = enabled;
+
+    plusultra = {
+      nix = enabled;
+
+      #cli-apps = {
+      #  neovim = enabled;
+      #};
+
+      tools = {
+        git = enabled;
+        #flake = enabled;
+      };
+
+      system = {
+        fonts = enabled;
+        #input = enabled;
+        interface = enabled;
+      };
+
+      security = {
+        gpg = enabled;
+      };
+    };
+  };
+}
--- a/modules/darwin/suites/development/default.nix
+++ b/modules/darwin/suites/development/default.nix
@ -0,0 +1,35 @@
+{ options, config, lib, pkgs, ... }:
+
+with lib;
+with lib.plusultra;
+let
+  cfg = config.plusultra.suites.development;
+in
+{
+  options.plusultra.suites.development = with types; {
+    enable = mkBoolOpt false
+      "Whether or not to enable common development configuration.";
+  };
+
+  config = mkIf cfg.enable {
+    plusultra = {
+      #apps = {
+      #  vscode = enabled;
+      #};
+
+      tools = {
+        # at = enabled;
+        # direnv = enabled;
+        # go = enabled;
+        # http = enabled;
+        # k8s = enabled;
+        # node = enabled;
+        # titan = enabled;
+        # python = enabled;
+        # java = enabled;
+      };
+
+      # virtualisation = { podman = enabled; };
+    };
+  };
+}
--- a/modules/darwin/system/fonts/default.nix
+++ b/modules/darwin/system/fonts/default.nix
@ -0,0 +1,32 @@
+{ options, config, pkgs, lib, ... }:
+
+with lib;
+with lib.plusultra;
+let cfg = config.plusultra.system.fonts;
+in
+{
+  options.plusultra.system.fonts = with types; {
+    enable = mkBoolOpt false "Whether or not to manage fonts.";
+    fonts = mkOpt (listOf package) [ ] "Custom font packages to install.";
+  };
+
+  config = mkIf cfg.enable {
+    environment.variables = {
+      # Enable icons in tooling since we have nerdfonts.
+      LOG_ICONS = "true";
+    };
+
+    fonts = {
+      fontDir = enabled;
+
+      fonts = with pkgs;
+        [
+          noto-fonts
+          noto-fonts-cjk-sans
+          noto-fonts-cjk-serif
+          noto-fonts-emoji
+          (nerdfonts.override { fonts = [ "Hack" ]; })
+        ] ++ cfg.fonts;
+    };
+  };
+}
--- a/modules/darwin/system/interface/default.nix
+++ b/modules/darwin/system/interface/default.nix
@ -0,0 +1,29 @@
+{ options, config, pkgs, lib, ... }:
+
+with lib;
+with lib.plusultra;
+let cfg = config.plusultra.system.interface;
+in
+{
+  options.plusultra.system.interface = with types; {
+    enable = mkEnableOption "macOS interface";
+  };
+
+  config = mkIf cfg.enable {
+    system.defaults = {
+      dock.autohide = true;
+
+      finder = {
+        AppleShowAllExtensions = true;
+        FXEnableExtensionChangeWarning = false;
+      };
+
+      NSGlobalDomain = {
+        _HIHideMenuBar = true;
+        AppleShowScrollBars = "Always";
+      };
+    };
+
+    plusultra.home.file.".hushlogin".text = "";
+  };
+}
--- a/modules/darwin/tools/flake/default.nix
+++ b/modules/darwin/tools/flake/default.nix
@ -0,0 +1,18 @@
+{ lib, config, pkgs, ... }:
+
+with lib;
+with lib.plusultra;
+let
+  cfg = config.plusultra.tools.flake;
+in
+{
+  options.plusultra.tools.flake = {
+    enable = mkEnableOption "Flake";
+  };
+
+  config = mkIf cfg.enable {
+    environment.systemPackages = with pkgs; [
+      snowfallorg.flake
+    ];
+  };
+}
--- a/modules/darwin/tools/git/default.nix
+++ b/modules/darwin/tools/git/default.nix
@ -0,0 +1,62 @@
+{ options, config, pkgs, lib, ... }:
+
+with lib;
+with lib.plusultra;
+let
+  cfg = config.plusultra.tools.git;
+  gpg = config.plusultra.security.gpg;
+  user = config.plusultra.user;
+in
+{
+  options.plusultra.tools.git = with types; {
+    enable = mkEnableOption "Git";
+    userName = mkOpt types.str user.fullName "The name to configure git with.";
+    userEmail = mkOpt types.str user.email "The email to configure git with.";
+    signingKey =
+      mkOpt types.str "7F3D64824AC0B6B8009E50504BC0896FB5693595" "The key ID to sign commits with.";
+    signByDefault = mkOpt types.bool false "Whether to sign commits by default.";
+  };
+
+  config = mkIf cfg.enable {
+    environment.systemPackages = with pkgs; [ git ];
+    plusultra.home.extraOptions = {
+      programs.git = {
+        enable = true;
+        inherit (cfg) userName userEmail;
+        lfs = enabled;
+        signing = {
+          key = cfg.signingKey;
+          signByDefault = mkIf gpg.enable true;
+        };
+
+        extraConfig = {
+          init = { defaultBranch = "main"; };
+          pull = { rebase = true; };
+          push = { autoSetupRemote = true; };
+          core = { whitespace = "trailing-space,space-before-tab"; };
+          safe = {
+            directory = "${config.users.users.${user.name}.home}/git";
+          };
+          "credential \"https://github.com\"" = {
+            helper = "!gh auth git-credential";
+          };
+          alias = {
+            co = "checkout";
+            ci = "commit --signoff";
+          };
+          pull.ff = "only";
+          core.pager = "${pkgs.delta}/bin/delta";
+          delta = {
+            features = "decorations";
+            syntax-theme = "Dracula";
+            light = "false";
+            navigate = "true";
+          };
+          interactive.diffFilter = "${pkgs.delta}/bin/delta --color-only";
+          merge.conflictStyle = "diff3";
+          diff.colorMoved = "default";
+        };
+      };
+    };
+  };
+}
--- a/modules/darwin/tools/java/default.nix
+++ b/modules/darwin/tools/java/default.nix
@ -0,0 +1,17 @@
+{ options, config, lib, pkgs, ... }:
+
+with lib;
+with lib.plusultra;
+let cfg = config.plusultra.tools.java;
+in
+{
+  options.plusultra.tools.java = with types; {
+    enable = mkBoolOpt false "Whether or not to enable Java.";
+  };
+
+  config = mkIf cfg.enable {
+    environment.systemPackages = with pkgs; [
+      jdk
+    ];
+  };
+}
--- a/modules/darwin/tools/node/default.nix
+++ b/modules/darwin/tools/node/default.nix
@ -0,0 +1,42 @@
+{ options
+, config
+, pkgs
+, lib
+, ...
+}:
+with lib;
+with lib.plusultra; let
+  cfg = config.plusultra.tools.node;
+in
+{
+  options.plusultra.tools.node = with types; {
+    enable = mkBoolOpt false "Whether or not to install and configure git";
+    pkg = mkOpt package pkgs.nodejs "The NodeJS package to use";
+    prettier = {
+      enable = mkBoolOpt true "Whether or not to install Prettier";
+      pkg =
+        mkOpt package pkgs.nodePackages.prettier "The NodeJS package to use";
+    };
+    yarn = {
+      enable = mkBoolOpt true "Whether or not to install Yarn";
+      pkg = mkOpt package pkgs.nodePackages.yarn "The NodeJS package to use";
+    };
+    pnpm = {
+      enable = mkBoolOpt true "Whether or not to install Pnpm";
+      pkg = mkOpt package pkgs.nodePackages.pnpm "The NodeJS package to use";
+    };
+    flyctl = {
+      enable = mkBoolOpt true "Whether or not to install flyctl";
+      pkg = mkOpt package pkgs.flyctl "The flyctl package to use";
+    };
+  };
+
+  config = mkIf cfg.enable {
+    environment.systemPackages = with pkgs;
+      [ cfg.pkg ]
+      ++ (lib.optional cfg.prettier.enable cfg.prettier.pkg)
+      ++ (lib.optional cfg.yarn.enable cfg.yarn.pkg)
+      ++ (lib.optional cfg.pnpm.enable cfg.pnpm.pkg)
+      ++ (lib.optional cfg.flyctl.enable cfg.flyctl.pkg);
+  };
+}
--- a/modules/darwin/tools/python/default.nix
+++ b/modules/darwin/tools/python/default.nix
@ -0,0 +1,22 @@
+{ options, config, lib, pkgs, ... }:
+
+with lib;
+with lib.plusultra;
+let cfg = config.plusultra.tools.python;
+in
+{
+  options.plusultra.tools.python = with types; {
+    enable = mkBoolOpt false "Whether or not to enable Python.";
+  };
+
+  config =
+    mkIf cfg.enable {
+      environment.systemPackages = with pkgs; [
+        (python311.withPackages (ps:
+          with ps; [
+            numpy
+          ])
+        )
+      ];
+    };
+}
--- a/modules/darwin/user/default.nix
+++ b/modules/darwin/user/default.nix
@ -0,0 +1,45 @@
+{ lib
+, config
+, pkgs
+, ...
+}:
+let
+  inherit (lib) types mkIf mkDefault;
+  inherit (lib.plusultra) mkOpt;
+
+  cfg = config.plusultra.user;
+
+  is-linux = pkgs.stdenv.isLinux;
+  is-darwin = pkgs.stdenv.isDarwin;
+in
+{
+  options.plusultra.user = {
+    name = mkOpt types.str "harald" "The user account.";
+
+    fullName = mkOpt types.str "Harald Hoyer" "The full name of the user.";
+    email = mkOpt types.str "harald@hoyer.xyz" "The email of the user.";
+
+    uid = mkOpt (types.nullOr types.int) 501 "The uid for the user account.";
+  };
+
+  config = {
+    users.users.${cfg.name} = {
+      # NOTE: Setting the uid here is required for another
+      # module to evaluate successfully since it reads
+      # `users.users.${plusultra.user.name}.uid`.
+      uid = mkIf (cfg.uid != null) cfg.uid;
+    };
+
+    snowfallorg.users.${config.plusultra.user.name}.home.config = {
+      home = {
+        file = {
+          ".profile".text = ''
+            # The default file limit is far too low and throws an error when rebuilding the system.
+            # See the original with: ulimit -Sa
+            ulimit -n 4096
+          '';
+        };
+      };
+    };
+  };
+}