harald/nixcfg
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

nix fmt

Browse source 
Signed-off-by: Harald Hoyer <harald@hoyer.xyz>
This commit is contained in:
Harald Hoyer 2024-11-19 10:31:29 +01:00
parent a3187e163d
commit 900f95169f
83 changed files with 1134 additions and 705 deletions
Download patch file Download diff file Expand all files Collapse all files

17
modules/darwin/home/default.nix
View file

@ -1,4 +1,11 @@
{ options, config, pkgs, lib, inputs, ... }:
{
options,
config,
pkgs,
lib,
inputs,
...
}:
with lib;
with lib.metacfg;
@ -11,10 +18,10 @@ in
# ];
options.metacfg.home = with types; {
file = mkOpt attrs { }
"A set of files to be managed by home-manager's <option>home.file</option>.";
configFile = mkOpt attrs { }
"A set of files to be managed by home-manager's <option>xdg.configFile</option>.";
file = mkOpt attrs { } "A set of files to be managed by home-manager's <option>home.file</option>.";
configFile =
mkOpt attrs { }
"A set of files to be managed by home-manager's <option>xdg.configFile</option>.";
extraOptions = mkOpt attrs { } "Options to pass directly to home-manager.";
homeConfig = mkOpt attrs { } "Final config for home-manager.";
};

23
modules/darwin/nix/default.nix
View file

@ -1,11 +1,13 @@
{ options
, config
, pkgs
, lib
, ...
{
options,
config,
pkgs,
lib,
...
}:
with lib;
with lib.metacfg; let
with lib.metacfg;
let
cfg = config.metacfg.nix;
in
{
@ -24,7 +26,10 @@ in
nix =
let
users = [ "root" config.metacfg.user.name ];
users = [
"root"
config.metacfg.user.name
];
in
{
package = cfg.package;
@ -60,7 +65,9 @@ in
gc = {
automatic = true;
interval = { Day = 7; };
interval = {
Day = 7;
};
options = "--delete-older-than 30d";
user = config.metacfg.user.name;
};

12
modules/darwin/security/gpg/default.nix
View file

@ -1,4 +1,10 @@
{ lib, config, pkgs, inputs, ... }:
{
lib,
config,
pkgs,
inputs,
...
}:
let
inherit (lib) types mkEnableOption mkIf;
@ -21,9 +27,7 @@ in
};
config = mkIf cfg.enable {
environment.systemPackages = with pkgs; [
gnupg
];
environment.systemPackages = with pkgs; [ gnupg ];
environment.shellInit = ''
export GPG_TTY="$(tty)"

16
modules/darwin/services/base/default.nix
View file

@ -1,8 +1,9 @@
{ options
, config
, lib
, pkgs
, ...
{
options,
config,
lib,
pkgs,
...
}:
with lib;
with lib.metacfg;
@ -37,7 +38,10 @@ in
wget
starship
];
shells = [ pkgs.fish pkgs.bash ];
shells = [
pkgs.fish
pkgs.bash
];
};
programs = {

4
modules/darwin/services/nix-daemon/default.nix
View file

@ -11,7 +11,5 @@ in
enable = mkOpt types.bool true "Whether to enable the Nix daemon.";
};
config = mkIf cfg.enable {
services.nix-daemon = enabled;
};
config = mkIf cfg.enable { services.nix-daemon = enabled; };
}

8
modules/darwin/suites/common/default.nix
View file

@ -1,4 +1,10 @@
{ options, config, lib, pkgs, ... }:
{
options,
config,
lib,
pkgs,
...
}:
with lib;
with lib.metacfg;

17
modules/darwin/system/fonts/default.nix
View file

@ -1,8 +1,15 @@
{ options, config, pkgs, lib, ... }:
{
options,
config,
pkgs,
lib,
...
}:
with lib;
with lib.metacfg;
let cfg = config.metacfg.system.fonts;
let
cfg = config.metacfg.system.fonts;
in
{
options.metacfg.system.fonts = with types; {
@ -17,14 +24,16 @@ in
};
fonts = {
packages = with pkgs;
packages =
with pkgs;
[
noto-fonts
noto-fonts-cjk-sans
noto-fonts-cjk-serif
noto-fonts-emoji
(nerdfonts.override { fonts = [ "Hack" ]; })
] ++ cfg.fonts;
]
++ cfg.fonts;
};
};
}

48
modules/darwin/system/interface/default.nix
View file

@ -1,8 +1,15 @@
{ options, config, pkgs, lib, ... }:
{
options,
config,
pkgs,
lib,
...
}:
with lib;
with lib.metacfg;
let cfg = config.metacfg.system.interface;
let
cfg = config.metacfg.system.interface;
in
{
options.metacfg.system.interface = with types; {
@ -10,25 +17,26 @@ in
};
config = mkIf cfg.enable {
system.activationScripts.applications.text = let
env = pkgs.buildEnv {
name = "system-applications";
paths = config.environment.systemPackages;
pathsToLink = "/Applications";
};
in
system.activationScripts.applications.text =
let
env = pkgs.buildEnv {
name = "system-applications";
paths = config.environment.systemPackages;
pathsToLink = "/Applications";
};
in
lib.mkForce ''
# Set up applications.
echo "setting up /Applications..." >&2
rm -rf /Applications/Nix\ Apps
mkdir -p /Applications/Nix\ Apps
find ${env}/Applications -maxdepth 1 -type l -exec readlink '{}' + |
while read -r src; do
app_name=$(basename "$src")
echo "copying $src" >&2
${pkgs.mkalias}/bin/mkalias "$src" "/Applications/Nix Apps/$app_name"
done
'';
# Set up applications.
echo "setting up /Applications..." >&2
rm -rf /Applications/Nix\ Apps
mkdir -p /Applications/Nix\ Apps
find ${env}/Applications -maxdepth 1 -type l -exec readlink '{}' + |
while read -r src; do
app_name=$(basename "$src")
echo "copying $src" >&2
${pkgs.mkalias}/bin/mkalias "$src" "/Applications/Nix Apps/$app_name"
done
'';
system.defaults = {
dock.autohide = true;

9
modules/darwin/user/default.nix
View file

@ -1,7 +1,8 @@
{ lib
, config
, pkgs
, ...
{
lib,
config,
pkgs,
...
}:
let
inherit (lib) types mkIf mkDefault;

13
modules/home/cli-apps/bash/default.nix
View file

@ -1,7 +1,8 @@
{ lib
, config
, pkgs
, ...
{
lib,
config,
pkgs,
...
}:
let
inherit (lib) mkEnableOption mkIf;
@ -14,9 +15,7 @@ in
};
config = mkIf cfg.enable {
home.packages = with pkgs; [
bashInteractive
];
home.packages = with pkgs; [ bashInteractive ];
programs.bash = {
enable = true;
initExtra = ''

19
modules/home/cli-apps/bat/default.nix
View file

@ -1,10 +1,12 @@
{ lib
, config
, pkgs
, ...
{
lib,
config,
pkgs,
...
}:
with lib;
with lib.metacfg; let
with lib.metacfg;
let
cfg = config.metacfg.cli-apps.bat;
in
{
@ -16,7 +18,12 @@ in
programs.bat = {
enable = true;
config.theme = "ansi";
extraPackages = with pkgs.bat-extras; [ batdiff batman batgrep batwatch ];
extraPackages = with pkgs.bat-extras; [
batdiff
batman
batgrep
batwatch
];
};
};
}

29
modules/home/cli-apps/fish/default.nix
View file

@ -1,7 +1,8 @@
{ lib
, config
, pkgs
, ...
{
lib,
config,
pkgs,
...
}:
let
inherit (lib) mkEnableOption mkIf;
@ -33,15 +34,17 @@ in
end
'';
plugins = [{
name = "foreign-env";
src = pkgs.fetchFromGitHub {
owner = "oh-my-fish";
repo = "plugin-foreign-env";
rev = "dddd9213272a0ab848d474d0cbde12ad034e65bc";
sha256 = "00xqlyl3lffc5l0viin1nyp819wf81fncqyz87jx8ljjdhilmgbs";
};
}];
plugins = [
{
name = "foreign-env";
src = pkgs.fetchFromGitHub {
owner = "oh-my-fish";
repo = "plugin-foreign-env";
rev = "dddd9213272a0ab848d474d0cbde12ad034e65bc";
sha256 = "00xqlyl3lffc5l0viin1nyp819wf81fncqyz87jx8ljjdhilmgbs";
};
}
];
# shellInit =
# ''

11
modules/home/cli-apps/home-manager/default.nix
View file

@ -1,4 +1,9 @@
{ lib, config, pkgs, ... }:
{
lib,
config,
pkgs,
...
}:
let
inherit (lib) mkEnableOption mkIf;
@ -24,8 +29,6 @@ in
man = "${pkgs.bat-extras.batman}/bin/batman";
};
home.packages = with pkgs; [
vim
];
home.packages = with pkgs; [ vim ];
};
}

17
modules/home/cli-apps/neovim/default.nix
View file

@ -1,4 +1,9 @@
{ lib, config, pkgs, ... }:
{
lib,
config,
pkgs,
...
}:
let
inherit (lib) mkEnableOption mkIf;
@ -199,7 +204,10 @@ in
nix = 110;
ruby = 120;
java = 130;
go = [ 90 130 ];
go = [
90
130
];
};
};
};
@ -223,7 +231,10 @@ in
comment-nvim.enable = true;
};
vim.spellChecking.languages = [ "en" "de" ];
vim.spellChecking.languages = [
"en"
"de"
];
};
};
};

23
modules/home/cli-apps/starship/default.nix
View file

@ -1,7 +1,8 @@
{ lib
, config
, pkgs
, ...
{
lib,
config,
pkgs,
...
}:
let
inherit (lib) mkEnableOption mkIf;
@ -15,16 +16,22 @@ in
config = mkIf cfg.enable {
home.packages = with pkgs; [
(pkgs.nerdfonts.override { fonts = [ "FiraCode" "DroidSansMono" "JetBrainsMono" ]; })
(pkgs.nerdfonts.override {
fonts = [
"FiraCode"
"DroidSansMono"
"JetBrainsMono"
];
})
];
programs.starship = {
enable = true;
settings = {
container.format = "[\\[$name\\]]($style) ";
git_status = {
ahead = "$\{count}";
diverged = "$\{ahead_count}$\{behind_count}";
behind = "$\{count}";
ahead = "\${count}";
diverged = "\${ahead_count}\${behind_count}";
behind = "\${count}";
};
};
};

18
modules/home/cli-apps/tmux/default.nix
View file

@ -1,10 +1,12 @@
{ lib
, config
, pkgs
, ...
{
lib,
config,
pkgs,
...
}:
with lib;
with lib.metacfg; let
with lib.metacfg;
let
cfg = config.metacfg.cli-apps.tmux;
in
{
@ -12,9 +14,5 @@ in
enable = mkEnableOption "Tmux";
};
config = mkIf cfg.enable {
home.packages = with pkgs; [
tmux
];
};
config = mkIf cfg.enable { home.packages = with pkgs; [ tmux ]; };
}

9
modules/home/host/default.nix
View file

@ -1,4 +1,11 @@
{ lib, config, pkgs, host ? null, format ? "unknown", ... }:
{
lib,
config,
pkgs,
host ? null,
format ? "unknown",
...
}:
let
inherit (lib) types;

17
modules/home/tools/alacritty/default.nix
View file

@ -1,7 +1,8 @@
{ lib
, config
, pkgs
, ...
{
lib,
config,
pkgs,
...
}:
let
inherit (lib) mkEnableOption mkIf;
@ -16,7 +17,13 @@ in
config = mkIf cfg.enable {
home.packages = with pkgs; [
alacritty
(pkgs.nerdfonts.override { fonts = [ "FiraCode" "DroidSansMono" "JetBrainsMono" ]; })
(pkgs.nerdfonts.override {
fonts = [
"FiraCode"
"DroidSansMono"
"JetBrainsMono"
];
})
];
};
}

11
modules/home/tools/direnv/default.nix
View file

@ -1,8 +1,15 @@
{ options, config, lib, pkgs, ... }:
{
options,
config,
lib,
pkgs,
...
}:
with lib;
with lib.metacfg;
let cfg = config.metacfg.tools.direnv;
let
cfg = config.metacfg.tools.direnv;
in
{
options.metacfg.tools.direnv = with types; {

26
modules/home/tools/git/default.nix
View file

@ -1,4 +1,9 @@
{ lib, config, pkgs, ... }:
{
lib,
config,
pkgs,
...
}:
let
inherit (lib) types mkEnableOption mkIf;
@ -13,7 +18,8 @@ in
userName = mkOpt types.str user.fullName "The name to configure git with.";
userEmail = mkOpt types.str user.email "The email to configure git with.";
signingKey =
mkOpt types.str "7F3D64824AC0B6B8009E50504BC0896FB5693595" "The key ID to sign commits with.";
mkOpt types.str "7F3D64824AC0B6B8009E50504BC0896FB5693595"
"The key ID to sign commits with.";
signByDefault = mkOpt types.bool false "Whether to sign commits by default.";
};
@ -32,10 +38,18 @@ in
inherit (cfg) signByDefault;
};
extraConfig = {
init = { defaultBranch = "main"; };
pull = { rebase = true; };
push = { autoSetupRemote = true; };
core = { whitespace = "trailing-space,space-before-tab"; };
init = {
defaultBranch = "main";
};
pull = {
rebase = true;
};
push = {
autoSetupRemote = true;
};
core = {
whitespace = "trailing-space,space-before-tab";
};
safe = {
directory = "${user.home}/git";
};

23
modules/home/tools/jetbrains/default.nix
View file

@ -1,8 +1,15 @@
{ options, config, lib, pkgs, ... }:
{
options,
config,
lib,
pkgs,
...
}:
with lib;
with lib.metacfg;
let cfg = config.metacfg.tools.jetbrains;
let
cfg = config.metacfg.tools.jetbrains;
in
{
options.metacfg.tools.jetbrains = with types; {
@ -10,12 +17,16 @@ in
};
config = mkIf cfg.enable {
home.sessionPath = [
"$HOME/.local/share/JetBrains/Toolbox/scripts"
];
home.sessionPath = [ "$HOME/.local/share/JetBrains/Toolbox/scripts" ];
home.packages = with pkgs; [
jetbrains-toolbox
(pkgs.nerdfonts.override { fonts = [ "FiraCode" "DroidSansMono" "JetBrainsMono" ]; })
(pkgs.nerdfonts.override {
fonts = [
"FiraCode"
"DroidSansMono"
"JetBrainsMono"
];
})
];
};
}

11
modules/home/tools/ssh/default.nix
View file

@ -1,4 +1,9 @@
{ lib, config, pkgs, ... }:
{
lib,
config,
pkgs,
...
}:
let
inherit (lib) types mkEnableOption mkIf;
@ -10,9 +15,7 @@ in
};
config = mkIf cfg.enable {
home.packages = with pkgs; [
mosh
];
home.packages = with pkgs; [ mosh ];
programs.ssh = {
enable = true;
extraConfig = ''

15
modules/home/user/default.nix
View file

@ -1,7 +1,18 @@
{ lib, config, pkgs, osConfig ? { }, ... }:
{
lib,
config,
pkgs,
osConfig ? { },
...
}:
let
inherit (lib) types mkIf mkDefault mkMerge;
inherit (lib)
types
mkIf
mkDefault
mkMerge
;
inherit (lib.metacfg) mkOpt;
cfg = config.metacfg.user;

23
modules/nixos/home/default.nix
View file

@ -1,15 +1,23 @@
{ options, config, pkgs, lib, inputs, ... }:
{
options,
config,
pkgs,
lib,
inputs,
...
}:
with lib;
with lib.metacfg;
let cfg = config.metacfg.home;
let
cfg = config.metacfg.home;
in
{
options.metacfg.home = with types; {
file = mkOpt attrs { }
(mdDoc "A set of files to be managed by home-manager's `home.file`.");
configFile = mkOpt attrs { }
(mdDoc "A set of files to be managed by home-manager's `xdg.configFile`.");
file = mkOpt attrs { } (mdDoc "A set of files to be managed by home-manager's `home.file`.");
configFile = mkOpt attrs { } (
mdDoc "A set of files to be managed by home-manager's `xdg.configFile`."
);
extraOptions = mkOpt attrs { } "Options to pass directly to home-manager.";
};
@ -25,8 +33,7 @@ in
useUserPackages = true;
useGlobalPkgs = true;
users.${config.metacfg.user.name} =
mkAliasDefinitions options.metacfg.home.extraOptions;
users.${config.metacfg.user.name} = mkAliasDefinitions options.metacfg.home.extraOptions;
};
};
}

11
modules/nixos/nix-ld/default.nix
View file

@ -1,8 +1,15 @@
{ options, config, lib, pkgs, ... }:
{
options,
config,
lib,
pkgs,
...
}:
with lib;
with lib.metacfg;
let cfg = config.metacfg.nix-ld;
let
cfg = config.metacfg.nix-ld;
in
{
options.metacfg.nix-ld = with types; {

88
modules/nixos/nix/default.nix
View file

@ -1,15 +1,25 @@
{ options, config, pkgs, lib, inputs, ... }:
{
options,
config,
pkgs,
lib,
inputs,
...
}:
with lib;
with lib.metacfg;
let
cfg = config.metacfg.nix;
substituters-submodule = types.submodule ({ name, ... }: {
options = with types; {
key = mkOpt (nullOr str) null "The trusted public key for this substituter.";
};
});
substituters-submodule = types.submodule (
{ name, ... }:
{
options = with types; {
key = mkOpt (nullOr str) null "The trusted public key for this substituter.";
};
}
);
in
{
options.metacfg.nix = with types; {
@ -18,25 +28,23 @@ in
default-substituter = {
url = mkOpt str "https://cache.nixos.org" "The url for the substituter.";
key = mkOpt str "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" "The trusted public key for the substituter.";
key =
mkOpt str "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
"The trusted public key for the substituter.";
};
extra-substituters = mkOpt (attrsOf substituters-submodule) { } "Extra substituters to configure.";
};
config = mkIf cfg.enable {
assertions = mapAttrsToList
(name: value: {
assertion = value.key != null;
message = "metacfg.nix.extra-substituters.${name}.key must be set";
})
cfg.extra-substituters;
assertions = mapAttrsToList (name: value: {
assertion = value.key != null;
message = "metacfg.nix.extra-substituters.${name}.key must be set";
}) cfg.extra-substituters;
environment.systemPackages = with pkgs; [
metacfg.nixos-revision
(metacfg.nixos-hosts.override {
hosts = inputs.self.nixosConfigurations;
})
(metacfg.nixos-hosts.override { hosts = inputs.self.nixosConfigurations; })
deploy-rs
nixfmt
nix-index
@ -48,8 +56,10 @@ in
nix =
let
users = [ "root" config.metacfg.user.name ] ++
optional config.services.hydra.enable "hydra";
users = [
"root"
config.metacfg.user.name
] ++ optional config.services.hydra.enable "hydra";
extra-substituters = cfg.extra-substituters // {
"https://attic.teepot.org/tee-pot".key = "tee-pot:SS6HcrpG87S1M6HZGPsfo7d1xJccCGev7/tXc5+I4jg=";
};
@ -57,29 +67,29 @@ in
{
package = cfg.package;
settings = {
experimental-features = "nix-command flakes";
http-connections = 50;
warn-dirty = false;
log-lines = 50;
sandbox = true;
auto-optimise-store = true;
trusted-users = users;
allowed-users = users;
settings =
{
experimental-features = "nix-command flakes";
http-connections = 50;
warn-dirty = false;
log-lines = 50;
sandbox = true;
auto-optimise-store = true;
trusted-users = users;
allowed-users = users;
substituters =
[ cfg.default-substituter.url ]
++
(mapAttrsToList (name: value: name) extra-substituters);
trusted-public-keys =
[ cfg.default-substituter.key ]
++
(mapAttrsToList (name: value: value.key) extra-substituters);
substituters = [
cfg.default-substituter.url
] ++ (mapAttrsToList (name: value: name) extra-substituters);
trusted-public-keys = [
cfg.default-substituter.key
] ++ (mapAttrsToList (name: value: value.key) extra-substituters);
} // (lib.optionalAttrs config.metacfg.tools.direnv.enable {
keep-outputs = true;
keep-derivations = true;
});
}
// (lib.optionalAttrs config.metacfg.tools.direnv.enable {
keep-outputs = true;
keep-derivations = true;
});
gc = {
automatic = true;

20
modules/nixos/services/base/default.nix
View file

@ -1,8 +1,9 @@
{ options
, config
, lib
, pkgs
, ...
{
options,
config,
lib,
pkgs,
...
}:
with lib;
with lib.metacfg;
@ -39,7 +40,9 @@ in
};
environment = {
sessionVariables = { PATH = "$HOME/bin"; };
sessionVariables = {
PATH = "$HOME/bin";
};
systemPackages = with pkgs; [
age
bash
@ -73,7 +76,10 @@ in
"$@"
'')
];
shells = [ pkgs.fish pkgs.bash ];
shells = [
pkgs.fish
pkgs.bash
];
};
hardware = {

19
modules/nixos/services/gui/default.nix
View file

@ -1,8 +1,15 @@
{ options, config, lib, pkgs, ... }:
{
options,
config,
lib,
pkgs,
...
}:
with lib;
with lib.metacfg;
let cfg = config.metacfg.gui;
let
cfg = config.metacfg.gui;
in
{
options.metacfg.gui = with types; {
@ -150,7 +157,13 @@ in
noto-fonts-emoji
liberation_ttf
freefont_ttf
(nerdfonts.override { fonts = [ "FiraCode" "DroidSansMono" "JetBrainsMono" ]; })
(nerdfonts.override {
fonts = [
"FiraCode"
"DroidSansMono"
"JetBrainsMono"
];
})
];
fontconfig = {

11
modules/nixos/services/homeprinter/default.nix
View file

@ -1,8 +1,15 @@
{ options, config, lib, pkgs, ... }:
{
options,
config,
lib,
pkgs,
...
}:
with lib;
with lib.metacfg;
let cfg = config.metacfg.homeprinter;
let
cfg = config.metacfg.homeprinter;
in
{
options.metacfg.homeprinter = with types; {

15
modules/nixos/services/podman/default.nix
View file

@ -1,8 +1,15 @@
{ options, config, lib, pkgs, ... }:
{
options,
config,
lib,
pkgs,
...
}:
with lib;
with lib.metacfg;
let cfg = config.metacfg.podman;
let
cfg = config.metacfg.podman;
in
{
options.metacfg.podman = with types; {
@ -18,7 +25,9 @@ in
dockerCompat = lib.mkDefault true;
# For Nixos version > 22.11
defaultNetwork.settings = { dns_enabled = true; };
defaultNetwork.settings = {
dns_enabled = true;
};
};
};
};

11
modules/nixos/services/secureboot/default.nix
View file

@ -1,8 +1,15 @@
{ options, config, lib, pkgs, ... }:
{
options,
config,
lib,
pkgs,
...
}:
with lib;
with lib.metacfg;
let cfg = config.metacfg.secureboot;
let
cfg = config.metacfg.secureboot;
in
{
options.metacfg.secureboot = with types; {

23
modules/nixos/sgx/aesmd_dcap/default.nix
View file

@ -1,4 +1,10 @@
{ options, config, lib, pkgs, ... }:
{
options,
config,
lib,
pkgs,
...
}:
with lib;
with lib.metacfg;
@ -21,14 +27,15 @@ in
quoteProviderLibrary = pkgs.nixsgx.sgx-dcap.default_qpl;
};
systemd.services.aesmd = {
environment.LD_LIBRARY_PATH = lib.mkForce (lib.makeLibraryPath [ pkgs.nixsgx.sgx-dcap.default_qpl pkgs.curl.out ]);
environment.LD_LIBRARY_PATH = lib.mkForce (
lib.makeLibraryPath [
pkgs.nixsgx.sgx-dcap.default_qpl
pkgs.curl.out
]
);
serviceConfig = {
BindReadOnlyPaths = [
"/etc/sgx_default_qcnl.conf"
];
BindPaths = [
"/dev/log"
];
BindReadOnlyPaths = [ "/etc/sgx_default_qcnl.conf" ];
BindPaths = [ "/dev/log" ];
};
};
};

32
modules/nixos/sgx/pccs/default.nix
View file

@ -1,4 +1,10 @@
{ options, config, lib, pkgs, ... }:
{
options,
config,
lib,
pkgs,
...
}:
with lib;
with lib.metacfg;
@ -49,21 +55,19 @@ in
};
};
systemd.services.pccs-secret =
{
description = "Inject pccs secret";
wantedBy = [ "multi-user.target" ];
before = [ "podman-pccs.service" ];
systemd.services.pccs-secret = {
description = "Inject pccs secret";
wantedBy = [ "multi-user.target" ];
before = [ "podman-pccs.service" ];
serviceConfig = {
EnvironmentFile = cfg.secret;
ExecStart = ''
-${pkgs.podman}/bin/podman secret create --env PCCS_CONFIG PCCS_CONFIG
'';
RemainAfterExit = true;
};
serviceConfig = {
EnvironmentFile = cfg.secret;
ExecStart = ''
-${pkgs.podman}/bin/podman secret create --env PCCS_CONFIG PCCS_CONFIG
'';
RemainAfterExit = true;
};
};
};
}

11
modules/nixos/tools/direnv/default.nix
View file

@ -1,8 +1,15 @@
{ options, config, lib, pkgs, ... }:
{
options,
config,
lib,
pkgs,
...
}:
with lib;
with lib.metacfg;
let cfg = config.metacfg.tools.direnv;
let
cfg = config.metacfg.tools.direnv;
in
{
options.metacfg.tools.direnv = with types; {

27
modules/nixos/tools/git/default.nix
View file

@ -1,4 +1,10 @@
{ options, config, pkgs, lib, ... }:
{
options,
config,
pkgs,
lib,
...
}:
with lib;
with lib.metacfg;
@ -12,8 +18,7 @@ in
enable = mkBoolOpt false "Whether or not to install and configure git.";
userName = mkOpt types.str user.fullName "The name to configure git with.";
userEmail = mkOpt types.str user.email "The email to configure git with.";
signingKey =
mkOpt types.str "9762169A1B35EA68" "The key ID to sign commits with.";
signingKey = mkOpt types.str "9762169A1B35EA68" "The key ID to sign commits with.";
};
config = mkIf cfg.enable {
@ -29,10 +34,18 @@ in
signByDefault = mkIf gpg.enable true;
};
extraConfig = {
init = { defaultBranch = "main"; };
pull = { rebase = true; };
push = { autoSetupRemote = true; };
core = { whitespace = "trailing-space,space-before-tab"; };
init = {
defaultBranch = "main";
};
pull = {
rebase = true;
};
push = {
autoSetupRemote = true;
};
core = {
whitespace = "trailing-space,space-before-tab";
};
safe = {
directory = "${user.home}/git";
};

72
modules/nixos/user/default.nix
View file

@ -1,11 +1,13 @@
{ options
, config
, pkgs
, lib
, ...
{
options,
config,
pkgs,
lib,
...
}:
with lib;
with lib.metacfg; let
with lib.metacfg;
let
cfg = config.metacfg.user;
defaultIconFileName = "profile.jpg";
defaultIcon = pkgs.stdenvNoCC.mkDerivation {
@ -18,11 +20,17 @@ with lib.metacfg; let
cp $src $out
'';
passthru = { fileName = defaultIconFileName; };
passthru = {
fileName = defaultIconFileName;
};
};
propagatedIcon =
pkgs.runCommandNoCC "propagated-icon"
{ passthru = { fileName = cfg.icon.fileName; }; }
{
passthru = {
fileName = cfg.icon.fileName;
};
}
''
local target="$out/share/metacfg-icons/user/${cfg.name}"
mkdir -p "$target"
@ -38,9 +46,7 @@ in
initialPassword =
mkOpt str "password"
"The initial password to use when the user is first created.";
icon =
mkOpt (nullOr package) defaultIcon
"The profile picture to use for the user.";
icon = mkOpt (nullOr package) defaultIcon "The profile picture to use for the user.";
prompt-init = mkBoolOpt true "Whether or not to show an initial message when opening a new shell.";
extraGroups = mkOpt (listOf str) [ ] "Groups for the user to be assigned.";
sshKeys = mkOpt (listOf str) [
@ -49,14 +55,11 @@ in
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBAYbUTKpy4QR3s944/hjJ1UK05asFEs/SmWeUbtS0cdA660sT4xHnRfals73FicOoz+uIucJCwn/SCM804j+wtM="
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMNsmP15vH8BVKo7bdvIiiEjiQboPGcRPqJK0+bH4jKD harald@lenovo.fritz.box"
] "ssh keys";
extraOptions =
mkOpt attrs { }
(mdDoc "Extra options passed to `users.users.<name>`.");
extraOptions = mkOpt attrs { } (mdDoc "Extra options passed to `users.users.<name>`.");
};
config = {
environment.systemPackages = with pkgs; [
];
environment.systemPackages = with pkgs; [ ];
metacfg.home = {
file = {
@ -68,10 +71,7 @@ in
"Videos/.keep".text = "";
"work/.keep".text = "";
".face".source = cfg.icon;
"Pictures/${
cfg.icon.fileName or (builtins.baseNameOf cfg.icon)
}".source =
cfg.icon;
"Pictures/${cfg.icon.fileName or (builtins.baseNameOf cfg.icon)}".source = cfg.icon;
};
extraOptions.programs.bash.initExtra = ''
@ -85,27 +85,25 @@ in
'';
};
users.users.${cfg.name} =
{
isNormalUser = true;
users.users.${cfg.name} = {
isNormalUser = true;
# inherit (cfg) name initialPassword;
# inherit (cfg) name initialPassword;
openssh.authorizedKeys.keys = cfg.sshKeys;
home = "/home/${cfg.name}";
group = "users";
openssh.authorizedKeys.keys = cfg.sshKeys;
home = "/home/${cfg.name}";
group = "users";
shell = pkgs.bash;
shell = pkgs.bash;
# Arbitrary user ID to use for the user. Since I only
# have a single user on my machines this won't ever collide.
# However, if you add multiple users you'll need to change this
# so each user has their own unique uid (or leave it out for the
# system to select).
uid = 1000;
# Arbitrary user ID to use for the user. Since I only
# have a single user on my machines this won't ever collide.
# However, if you add multiple users you'll need to change this
# so each user has their own unique uid (or leave it out for the
# system to select).
uid = 1000;
extraGroups = [ "wheel" ] ++ cfg.extraGroups;
}
// cfg.extraOptions;
extraGroups = [ "wheel" ] ++ cfg.extraGroups;
} // cfg.extraOptions;
};
}