diff options
| -rw-r--r-- | nix-conf/config.nix | 1 | ||||
| -rw-r--r-- | nix-conf/darwin/configuration.nix | 40 | ||||
| -rw-r--r-- | nix-conf/flake.lock | 32 | ||||
| -rw-r--r-- | nix-conf/flake.nix | 57 | ||||
| -rw-r--r-- | nix-conf/home/includes/common.nix | 1 | ||||
| -rw-r--r-- | nix-conf/home/includes/darwin.nix | 15 | ||||
| -rw-r--r-- | nix-conf/home/includes/secrets.yaml | 8 | ||||
| -rw-r--r-- | nix-conf/home/includes/zsh.nix | 1 | ||||
| -rw-r--r-- | nix-conf/home/kevel.nix | 85 |
9 files changed, 155 insertions, 85 deletions
diff --git a/nix-conf/config.nix b/nix-conf/config.nix index 09d248e..3d1e6d4 100644 --- a/nix-conf/config.nix +++ b/nix-conf/config.nix @@ -7,7 +7,6 @@ experimental-features = "nix-command flakes"; substituters = [ "https://nix-community.cachix.org" - "https://cache.nixos.org/" ]; trusted-public-keys = [ "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" diff --git a/nix-conf/darwin/configuration.nix b/nix-conf/darwin/configuration.nix new file mode 100644 index 0000000..4eb4c43 --- /dev/null +++ b/nix-conf/darwin/configuration.nix @@ -0,0 +1,40 @@ +{ pkgs, ... }: +{ + nix.settings.trusted-users = [ + "djm" + "@staff" + ]; + system.stateVersion = 6; + #system.primaryUser = "djm"; # required to update com.apple.symbolichotkeys + system.keyboard.enableKeyMapping = true; + system.keyboard.userKeyMapping = [ + { + HIDKeyboardModifierMappingSrc = 30064771296; + HIDKeyboardModifierMappingDst = 30064771299; + } + { + HIDKeyboardModifierMappingSrc = 30064771299; + HIDKeyboardModifierMappingDst = 30064771296; + } + ]; + #system.defaults.CustomUserPreferences = { + # "com.apple.symbolichotkeys" = { + # AppleSymbolicHotKeys = { + # "60" = { + # enabled = 0; + # }; + # "61" = { + # enabled = 0; + # }; + # }; + # }; + #}; + nixpkgs.hostPlatform = "aarch64-darwin"; + users.users.djm.home = "/Users/djm"; + security.pam.services.sudo_local.touchIdAuth = true; + fonts.packages = [ + pkgs.aporetic + pkgs.meslo-lgs-nf + pkgs.fira-code + ]; +} diff --git a/nix-conf/flake.lock b/nix-conf/flake.lock index a745d87..a40dc93 100644 --- a/nix-conf/flake.lock +++ b/nix-conf/flake.lock @@ -1,18 +1,5 @@ { "nodes": { - "darwin-system-certs": { - "flake": false, - "locked": { - "lastModified": 1752902012, - "narHash": "sha256-nnYgKXmhL+DfaiQfk9y5fEZL+pDb7OuB9gsAo1JBv+Q=", - "path": "/private/etc/ssl/cert.pem", - "type": "path" - }, - "original": { - "path": "/private/etc/ssl/cert.pem", - "type": "path" - } - }, "home-manager": { "inputs": { "nixpkgs": [ @@ -20,11 +7,11 @@ ] }, "locked": { - "lastModified": 1754263839, - "narHash": "sha256-ck7lILfCNuunsLvExPI4Pw9OOCJksxXwozum24W8b+8=", + "lastModified": 1754886238, + "narHash": "sha256-LTQomWOwG70lZR+78ZYSZ9sYELWNq3HJ7/tdHzfif/s=", "owner": "nix-community", "repo": "home-manager", - "rev": "1d7abbd5454db97e0af51416f4960b3fb64a4773", + "rev": "0d492b89d1993579e63b9dbdaed17fd7824834da", "type": "github" }, "original": { @@ -77,11 +64,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1754214453, - "narHash": "sha256-Q/I2xJn/j1wpkGhWkQnm20nShYnG7TI99foDBpXm1SY=", + "lastModified": 1754725699, + "narHash": "sha256-iAcj9T/Y+3DBy2J0N+yF9XQQQ8IEb5swLFzs23CdP88=", "owner": "nixos", "repo": "nixpkgs", - "rev": "5b09dc45f24cf32316283e62aec81ffee3c3e376", + "rev": "85dbfc7aaf52ecb755f87e577ddbe6dbbdbc1054", "type": "github" }, "original": { @@ -93,11 +80,11 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1754292888, - "narHash": "sha256-1ziydHSiDuSnaiPzCQh1mRFBsM2d2yRX9I+5OPGEmIE=", + "lastModified": 1754767907, + "narHash": "sha256-8OnUzRQZkqtUol9vuUuQC30hzpMreKptNyET2T9lB6g=", "owner": "nixos", "repo": "nixpkgs", - "rev": "ce01daebf8489ba97bd1609d185ea276efdeb121", + "rev": "c5f08b62ed75415439d48152c2a784e36909b1bc", "type": "github" }, "original": { @@ -109,7 +96,6 @@ }, "root": { "inputs": { - "darwin-system-certs": "darwin-system-certs", "home-manager": "home-manager", "home-manager-stable": "home-manager-stable", "nix-darwin": "nix-darwin", diff --git a/nix-conf/flake.nix b/nix-conf/flake.nix index ad2dee9..7853b73 100644 --- a/nix-conf/flake.nix +++ b/nix-conf/flake.nix @@ -20,10 +20,6 @@ url = "github:nix-darwin/nix-darwin/master"; inputs.nixpkgs.follows = "nixpkgs"; }; - darwin-system-certs = { - url = "/private/etc/ssl/cert.pem"; - flake = false; - }; }; outputs = @@ -109,57 +105,14 @@ ]; }; - darwinConfigurations."LDN-DMORGAN" = nix-darwin.lib.darwinSystem { + darwinConfigurations."grithnir" = nix-darwin.lib.darwinSystem { + system.configurationRevision = self.rev or self.dirtyRev or null; modules = [ - # TODO move to separate file - ( - { pkgs, ... }: - { - nix.settings.trusted-users = [ - "dmorgan" - "@staff" - ]; - nix.settings.ssl-cert-file = "/Users/dmorgan/certs/full-cert.pem"; - system.configurationRevision = self.rev or self.dirtyRev or null; - system.stateVersion = 6; - #system.primaryUser = "dmorgan"; # required to update com.apple.symbolichotkeys - system.keyboard.enableKeyMapping = true; - system.keyboard.userKeyMapping = [ - { - HIDKeyboardModifierMappingSrc = 30064771296; - HIDKeyboardModifierMappingDst = 30064771299; - } - { - HIDKeyboardModifierMappingSrc = 30064771299; - HIDKeyboardModifierMappingDst = 30064771296; - } - ]; - #system.defaults.CustomUserPreferences = { - # "com.apple.symbolichotkeys" = { - # AppleSymbolicHotKeys = { - # "60" = { - # enabled = 0; - # }; - # "61" = { - # enabled = 0; - # }; - # }; - # }; - #}; - nixpkgs.hostPlatform = "aarch64-darwin"; - ids.gids.nixbld = 30000; - users.users.dmorgan.home = "/Users/dmorgan"; - fonts.packages = [ - pkgs.aporetic - pkgs.meslo-lgs-nf - pkgs.fira-code - ]; - } - ) + ./darwin/configuration.nix ./config.nix ]; }; - homeConfigurations."dmorgan@LDN-DMORGAN" = home-manager.lib.homeManagerConfiguration { + homeConfigurations."djm@grithnir" = home-manager.lib.homeManagerConfiguration { pkgs = darwin-pkgs; extraSpecialArgs = { inherit inputs; @@ -173,7 +126,7 @@ } ) ./config.nix - ./home/otm.nix + ./home/kevel.nix ]; }; homeConfigurations."djm@egalmoth" = home-manager-stable.lib.homeManagerConfiguration { diff --git a/nix-conf/home/includes/common.nix b/nix-conf/home/includes/common.nix index af1e484..cdbd064 100644 --- a/nix-conf/home/includes/common.nix +++ b/nix-conf/home/includes/common.nix @@ -369,6 +369,7 @@ }; }; + # TODO: why does programs.nh.flake bring in so many dependencies? programs.nh.enable = true; } diff --git a/nix-conf/home/includes/darwin.nix b/nix-conf/home/includes/darwin.nix index 6a15642..88b8bd4 100644 --- a/nix-conf/home/includes/darwin.nix +++ b/nix-conf/home/includes/darwin.nix @@ -33,8 +33,8 @@ let (old.patches or []) ++ [ (pkgs.fetchpatch { - url = "https://raw.githubusercontent.com/d12frosted/homebrew-emacs-plus/master/patches/emacs-30/fix-window-role.patch"; - sha256 = "0c41rgpi19vr9ai740g09lka3nkjk48ppqyqdnncjrkfgvm2710z"; + url = "https://raw.githubusercontent.com/d12frosted/homebrew-emacs-plus/master/patches/emacs-28/fix-window-role.patch"; + sha256 = "+z/KfsBm1lvZTZNiMbxzXQGRTjkCFO4QPlEK35upjsE="; }) (pkgs.fetchpatch { url = "https://raw.githubusercontent.com/d12frosted/homebrew-emacs-plus/master/patches/emacs-30/round-undecorated-frame.patch"; @@ -67,15 +67,13 @@ in findutils gh gh-dash - #gnused + gnused #mopidy-with-extensions #mpdscribble #mpc-cli #mpd #ncmpcpp nix - nodejs - pam-reattach pinentry_mac pgcli pgformatter @@ -107,6 +105,13 @@ in }) ]; + home.shellAliases = { + notify_success = ''( osascript -e 'display notification "The command finished" with title "Success"' && afplay /System/Library/Sounds/Ping.aiff && say done )''; + notify_failure = ''( osascript -e 'display notification "The command failed" with title "Failure"' && afplay /System/Library/Sounds/Sosumi.aiff && say failed )''; + notify = "notify_success || notify_failure"; + ltn = "lein test && notify"; + }; + # TODO is this a good idea? #programs.zsh.shellAliases = { emacs = "${emacs-plus-with-packages}/Applications/Emacs.app/Contents/MacOS/Emacs"; }; } diff --git a/nix-conf/home/includes/secrets.yaml b/nix-conf/home/includes/secrets.yaml index 2fc9d8c..12c2bc0 100644 --- a/nix-conf/home/includes/secrets.yaml +++ b/nix-conf/home/includes/secrets.yaml @@ -1,9 +1,9 @@ ssh_config: oci: ENC[AES256_GCM,data:l1GZ6mszgDhGztWmMdkNY2wRGfLIOGfHou7m0p8NkvaZZ3oKhblyu9C2Y2uEZArC8aCysxmU0QDfeIxDAzBdszUY,iv:HD8xdaiF9s0XZAuHNjAQfEtMgKaM0R12FCv5rTq19+Y=,tag:bfa48iOXhASXc+JhmYy/EQ==,type:str] - otm: "" + kevel: "" git_email_config: default: ENC[AES256_GCM,data:ADmbGuV+E5wvGdbdC12BDi2TvHeoIRWjerKxnvDV7dENCxFyy+3P01IyCA==,iv:Nik4YiC8WhWmAnM7g1ER5HU0pg88l9uFiHQNtou5jas=,tag:RtK0XKKcHHR39p3mSl5YRw==,type:str] - otm: ENC[AES256_GCM,data:dFrxmxFRU5MThUSdqWuL3ZmBCJfMUVYWQTnWQF25Cnn6lMflau5vHNEFZZDZxyFBk7A=,iv:EOv1xgxXuN3LuiO1eorazgQHBkWY9GKUjFBaYnfkLRI=,tag:Mg6SwdQSGjtlR5iiOU/q7g==,type:str] + kevel: ENC[AES256_GCM,data:rCo2e2mxxVJHsnq2kjQCusd6toXkFbhBUno4r5tntofcOaHMh7qw,iv:3GnYSdzCjvaxAVykRl9YV4NhyX7KcMrtEFn5wpMDghs=,tag:FCzQ/zaSCe+iUnEwV7N86w==,type:str] sops: age: - recipient: age1w7kjp0qdgfyg9cyj5w4qc4fc9qz3w65xw2veazesfgdenqrd3ucqsc5ejv @@ -15,7 +15,7 @@ sops: cjlWWTNQR3lLLzBqTHhld05VblFJdHcKihceil9ge+IKG2GZcLpGWUncvRvmyJ7w YiWtb/ApF4T27wsmmFyLSnG8OWkLCKzaeU4QOVIGYQcfzzcQD5nUGg== -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-04-29T13:45:42Z" - mac: ENC[AES256_GCM,data:Z4jJujUvl8jmJQbquV9NeczVZF17HI01sDpUoSSS7cM89WUOZzAOcT3zxR4hzyCfq4je++YkBPPFl4hcqbuVyBu8zCxY4z9673sFSLYrUA8THVeLYjMOTo0Hu0tIy8vy+uZZcAuRFaXyS+GrQHAdSSm4zVkwLG9R1nod+ys6LvQ=,iv:WfubcgFSY94cyfrlAlND6CQudoISuGL5fBhm9E3O4Q4=,tag:IeKYzou3EDwGyA23FGHtdA==,type:str] + lastmodified: "2025-08-08T14:56:52Z" + mac: ENC[AES256_GCM,data:480PFn+KvEVj+LnI5GL8GNIn3LN4M9HAL6HVAPNlaA/pO6esBs47BgRi9IsIZ9NA5lDHmZF58Fq4aiUBNQQo3DsHh+XTD6U+zrn6M2oPYW9mkaXKqSVRd7Ejq44MQ8fZ4qdFdtt/NxGyLlJ9ruPWJh4j6YjGuMaJ4mVfS17aW+U=,iv:1qpDVk+Bv/m6DvXUeNvbptT0sUVRVDlU6XpUCAl0Xd8=,tag:Xl/pMO85AT+LW4CVb+noFA==,type:str] unencrypted_suffix: _unencrypted version: 3.10.2 diff --git a/nix-conf/home/includes/zsh.nix b/nix-conf/home/includes/zsh.nix index 650f559..37c0cd4 100644 --- a/nix-conf/home/includes/zsh.nix +++ b/nix-conf/home/includes/zsh.nix @@ -144,6 +144,7 @@ in PER_DIRECTORY_HISTORY_TOGGLE = "^\\\\"; # ^\\ is ^# HISTORY_START_WITH_GLOBAL = true; LESS = "-iRXF"; + NH_FLAKE = "$HOME/dotfiles/nix-conf"; }; initContent = lib.mkMerge [ (lib.mkBefore '' diff --git a/nix-conf/home/kevel.nix b/nix-conf/home/kevel.nix new file mode 100644 index 0000000..267cd8d --- /dev/null +++ b/nix-conf/home/kevel.nix @@ -0,0 +1,85 @@ +{ + config, + lib, + pkgs, + inputs, + ... +}: +{ + imports = [ ./includes/darwin.nix ]; + + programs.home-manager.enable = true; + + home.username = "djm"; + home.homeDirectory = "/Users/djm"; + + # TODO move to darwin.nix + home.shellAliases = { + notify_success = ''( osascript -e 'display notification "The command finished" with title "Success"' && afplay /System/Library/Sounds/Ping.aiff && say done )''; + notify_failure = ''( osascript -e 'display notification "The command failed" with title "Failure"' && afplay /System/Library/Sounds/Sosumi.aiff && say failed )''; + notify = "notify_success || notify_failure"; + ltn = "lein test && notify"; + }; + + home.packages = with pkgs; [ + granted + nodejs + ]; + + # TODO + #home.file = { + #}; + + sops.secrets = { + "git_email_config/kevel" = { }; + "ssh_config/kevel" = { }; + }; + + programs.java = { + enable = true; + }; + + # TODO + programs.git = { + signing.signByDefault = lib.mkForce false; + includes = lib.mkForce [ + { path = config.sops.secrets."git_email_config/kevel".path; } + { + path = config.sops.secrets."git_email_config/default".path; + condition = "gitdir:~/src/ext/"; + } + { + path = config.sops.secrets."git_email_config/default".path; + condition = "gitdir:~/dotfiles/"; + } + { + contents = { + commit.gpgSign = true; + tag.gpgSign = true; + }; + condition = "gitdir:~/src/ext/"; + } + { + contents = { + commit.gpgSign = true; + tag.gpgSign = true; + }; + condition = "gitdir:~/dotfiles/"; + } + ]; + ignores = [ + ".envrc" + ".clj-kondo" + "shell.nix" + "default.nix" + ".direnv" + ".dir-locals.el" + ]; + }; + # TODO don't need different accounts, just different emails + programs.ssh = { + includes = [ config.sops.secrets."ssh_config/kevel".path ]; + }; + + home.stateVersion = "25.05"; +} |