diff --git a/src/system/machines/desktop/home.nix b/src/system/machines/desktop/home.nix index f8d4f5a..6522ab5 100644 --- a/src/system/machines/desktop/home.nix +++ b/src/system/machines/desktop/home.nix @@ -10,7 +10,7 @@ programs.home-manager.enable = true; programs.bash.shellAliases = { - nixup = "sudo nixos-rebuild switch --flake /etc/nixos/.#desktop"; + nixup = "sudo nixos-rebuild switch --flake ${config.user.nixosDir}/.#desktop"; }; home.stateVersion = "22.11"; @@ -22,8 +22,11 @@ user = { bash.enable = true; git.enable = true; - gpg.enable = true; - security.enable = true; + + security = { + enable = true; + gpg.enable = true; + }; utils = { enable = true; diff --git a/src/system/machines/desktop/system.nix b/src/system/machines/desktop/system.nix index 2b68ef7..e952b41 100644 --- a/src/system/machines/desktop/system.nix +++ b/src/system/machines/desktop/system.nix @@ -6,8 +6,8 @@ ${config.user.name} = { isNormalUser = true; extraGroups = config.user.groups - ++ [ "video" "audio" "kvm" "libvirtd" "docker" ]; - openssh.authorizedKeys.keys = config.user.sshKeys.key2; + ++ [ "video" "audio" "kvm" "libvirtd" ]; + openssh.authorizedKeys.keys = [ "${config.user.sshKeys.key2}" ]; }; }; diff --git a/src/system/machines/server/home.nix b/src/system/machines/server/home.nix index fb18dc2..9c3b5de 100644 --- a/src/system/machines/server/home.nix +++ b/src/system/machines/server/home.nix @@ -10,7 +10,7 @@ programs.home-manager.enable = true; programs.bash.shellAliases = { - nixup = "sudo nixos-rebuild switch --flake /etc/nixos/.#server"; + nixup = "sudo nixos-rebuild switch --flake ${config.user.nixosDir}/.#server"; }; home.stateVersion = "23.11"; diff --git a/src/system/machines/server/system.nix b/src/system/machines/server/system.nix index ddff254..aba39bb 100644 --- a/src/system/machines/server/system.nix +++ b/src/system/machines/server/system.nix @@ -19,7 +19,7 @@ ${config.user.name} = { isNormalUser = true; extraGroups = config.user.groups; - openssh.authorizedKeys.keys = config.user.sshKeys.key1; + openssh.authorizedKeys.keys = [ "${config.user.sshKeys.key1}" ]; }; }; diff --git a/src/system/machines/wsl/home.nix b/src/system/machines/wsl/home.nix index 7b207e4..ec7f4f2 100644 --- a/src/system/machines/wsl/home.nix +++ b/src/system/machines/wsl/home.nix @@ -10,7 +10,7 @@ programs.home-manager.enable = true; programs.bash.shellAliases = { - nixup = "sudo nixos-rebuild switch --flake /etc/nixos/.#wsl"; + nixup = "sudo nixos-rebuild switch --flake ${config.user.nixosDir}/.#wsl"; }; home.stateVersion = "23.11"; diff --git a/src/user/configs/default.nix b/src/user/configs/default.nix index f865141..a74591e 100644 --- a/src/user/configs/default.nix +++ b/src/user/configs/default.nix @@ -1,60 +1,39 @@ -{ lib, pkgs, ... }: +{ lib, pkgs, config, ... }: let - userConfigs = rec { - name = "bryan"; - email = "bryan@ramos.codes"; - shell = pkgs.bash; +gpg = config.modules.user.security.gpg; - # Image name from ~Pictures/wallpapers directory - wallpaper = "mountains.jpg"; +userConfigs = rec { + name = "bryan"; + email = "bryan@ramos.codes"; + shell = pkgs.bash; + nixosDir = /etc/nixos; # PATH to this repo - groups = [ "wheel" "networkmanager" "home-manager" "input" ]; + # Image name from ~Pictures/wallpapers directory + wallpaper = "mountains.jpg"; - gitConfig = { - userName = "Bryan Ramos"; - userEmail = email; - signing = { - key = "F1F3466458452B2DF351F1E864D12BA95ACE1F2D"; - signByDefault = true; - }; + groups = [ "wheel" "networkmanager" "home-manager" "input" ]; - extraConfig = { - init = { defaultBranch = "master"; }; - mergetool = { - lazygit = { - cmd = "lazygit"; - trustExitCode = true; - }; - }; - merge = { tool = "lazygit"; }; - safe = { directory = "/etc/nixos"; }; - }; - - ignores = [ - "node_modules" - ".direnv" - "dist-newstyle" - ".nuxt/" - ".output/" - "dist" - ]; - }; - - pgpKey = { - text = import ./pgpKey.nix; - trust = 5; - }; - - sshKeys = { - key1 = [ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDl4895aB9P5p/lp8Hq5rHun4clvhyTSHFi3U2d6OOBoW5Fm+VcQnW/xbjmCBsXk5BdiowsBxQhwnzdfz/KJL7J5RobomUEaVRwb9UwT88eJveLp14BG8j2J3SjfyhrCX+4jkPx0bPQk1HGcuYY+tPEXf1q/ps88Dhu0CARBIzYQOTYY6b1qWzxpDoFZGHjKG8g5iY6FIu65yKKvvVy1f8IgZ3l3IpwBWVamxgkTcYY0QYSrmzo1n7TXxwrWbvenAqBsQ0cBPs+gVa3uIr+1TJl0Az5SElBVGu3LvUdlk58trtPUj6TQR3YUkg7Vjll7WHOdqhux5ZQNhjkOsHerf0Tw86e6cEzgeTuIbQHIb0LcsUunwKcuh2+au7RO599cvHn0+xZE5MZBxloDDaJ3JsiliM8kyPP/U3ERj03cWLW7BqbT+sfjAOl21RCzk0iQxk1wt/8VmtCr9Adv7IyrtaYvf/bwRP+g+9ldmzKGt8Mdb605uVzZ70H/LLm17f40Te+QHaex5by/6p6cuwEEZtgIg53Wpglu0rA6UxrBfQEHKl/Jt3FLeE0mnEyYkkR2MnHNtyWRIXtuqYZMAm2Ub1pFHH7jQV1gGiDVTw6a2eIwK21a/hXtRjFUpFd1nB1n+KNfJBE4zT3wm3Ud7mKw/6rWnoRyhYZvGXkFdp+iEs49Q==" - ]; - key2 = [ - "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBK2ROz7EVvE+nzF5k9EYZ2v3JhBzk058uh3QJTzcG4t70fkZgh9y56AOx26eXlKQWuuV05e8EkWRuVI8gfA2ROI=" - ]; + gitConfig = { + userName = "Bryan Ramos"; + userEmail = email; + signing = lib.optionalAttrs gpg.enable { + key = "F1F3466458452B2DF351F1E864D12BA95ACE1F2D"; + signByDefault = true; }; }; + + pgpKey = { + text = import ./keys/pgpKey.nix; + trust = 5; + }; + + sshKeys = { + key1 = import ./keys/sshKey1.nix; + key2 = import ./keys/sshKey2.nix; + }; +}; + in { options = { diff --git a/src/user/configs/pgpKey.nix b/src/user/configs/keys/pgpKey.nix similarity index 100% rename from src/user/configs/pgpKey.nix rename to src/user/configs/keys/pgpKey.nix diff --git a/src/user/configs/keys/sshKey1.nix b/src/user/configs/keys/sshKey1.nix new file mode 100644 index 0000000..d031f50 --- /dev/null +++ b/src/user/configs/keys/sshKey1.nix @@ -0,0 +1 @@ +"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDl4895aB9P5p/lp8Hq5rHun4clvhyTSHFi3U2d6OOBoW5Fm+VcQnW/xbjmCBsXk5BdiowsBxQhwnzdfz/KJL7J5RobomUEaVRwb9UwT88eJveLp14BG8j2J3SjfyhrCX+4jkPx0bPQk1HGcuYY+tPEXf1q/ps88Dhu0CARBIzYQOTYY6b1qWzxpDoFZGHjKG8g5iY6FIu65yKKvvVy1f8IgZ3l3IpwBWVamxgkTcYY0QYSrmzo1n7TXxwrWbvenAqBsQ0cBPs+gVa3uIr+1TJl0Az5SElBVGu3LvUdlk58trtPUj6TQR3YUkg7Vjll7WHOdqhux5ZQNhjkOsHerf0Tw86e6cEzgeTuIbQHIb0LcsUunwKcuh2+au7RO599cvHn0+xZE5MZBxloDDaJ3JsiliM8kyPP/U3ERj03cWLW7BqbT+sfjAOl21RCzk0iQxk1wt/8VmtCr9Adv7IyrtaYvf/bwRP+g+9ldmzKGt8Mdb605uVzZ70H/LLm17f40Te+QHaex5by/6p6cuwEEZtgIg53Wpglu0rA6UxrBfQEHKl/Jt3FLeE0mnEyYkkR2MnHNtyWRIXtuqYZMAm2Ub1pFHH7jQV1gGiDVTw6a2eIwK21a/hXtRjFUpFd1nB1n+KNfJBE4zT3wm3Ud7mKw/6rWnoRyhYZvGXkFdp+iEs49Q==" diff --git a/src/user/configs/keys/sshKey2.nix b/src/user/configs/keys/sshKey2.nix new file mode 100644 index 0000000..19c7829 --- /dev/null +++ b/src/user/configs/keys/sshKey2.nix @@ -0,0 +1 @@ +"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBK2ROz7EVvE+nzF5k9EYZ2v3JhBzk058uh3QJTzcG4t70fkZgh9y56AOx26eXlKQWuuV05e8EkWRuVI8gfA2ROI=" diff --git a/src/user/modules/default.nix b/src/user/modules/default.nix index 6513817..01abb97 100644 --- a/src/user/modules/default.nix +++ b/src/user/modules/default.nix @@ -2,7 +2,6 @@ imports = [ ./bash ./git - ./gpg ./gui ./security ./utils diff --git a/src/user/modules/git/config/bashScripts/cdg.nix b/src/user/modules/git/config/bashScripts/cdg.nix index 37f806c..00f7238 100644 --- a/src/user/modules/git/config/bashScripts/cdg.nix +++ b/src/user/modules/git/config/bashScripts/cdg.nix @@ -5,7 +5,6 @@ function cdg() { return 0 fi - # Check for invalid command if [[ -n "$1" ]]; then echo "Invalid command: $1. Try 'cdg --help'." return 1 diff --git a/src/user/modules/git/default.nix b/src/user/modules/git/default.nix index 33514cd..b700ced 100644 --- a/src/user/modules/git/default.nix +++ b/src/user/modules/git/default.nix @@ -10,6 +10,26 @@ in programs = { git = { enable = true; + extraConfig = { + init = { defaultBranch = "master"; }; + mergetool = { + vimdiff = { + trustExitCode = true; + }; + }; + merge = { tool = "vimdiff"; }; + safe = { + directory = "${config.user.nixosDir}"; + }; + }; + ignores = [ + "node_modules" + ".direnv" + "dist-newstyle" + ".nuxt/" + ".output/" + "dist" + ]; } // config.user.gitConfig; gh = { enable = true; diff --git a/src/user/modules/security/default.nix b/src/user/modules/security/default.nix index b8ed5dd..652b842 100644 --- a/src/user/modules/security/default.nix +++ b/src/user/modules/security/default.nix @@ -6,6 +6,7 @@ let in { options.modules.user.security = { enable = mkEnableOption "user.security"; }; + imports = [ ./modules ]; config = mkIf cfg.enable { home.packages = with pkgs; [ pass diff --git a/src/user/modules/security/modules/default.nix b/src/user/modules/security/modules/default.nix new file mode 100644 index 0000000..b67a622 --- /dev/null +++ b/src/user/modules/security/modules/default.nix @@ -0,0 +1,5 @@ +{ + imports = [ + ./gpg + ]; +} diff --git a/src/user/modules/gpg/default.nix b/src/user/modules/security/modules/gpg/default.nix similarity index 66% rename from src/user/modules/gpg/default.nix rename to src/user/modules/security/modules/gpg/default.nix index b793b4a..a4d8b44 100644 --- a/src/user/modules/gpg/default.nix +++ b/src/user/modules/security/modules/gpg/default.nix @@ -2,10 +2,10 @@ with lib; let - cfg = config.modules.user.gpg; + cfg = config.modules.user.security.gpg; in -{ options.modules.user.gpg = { enable = mkEnableOption "user.gpg"; }; +{ options.modules.user.security.gpg = { enable = mkEnableOption "user.security.gpg"; }; config = mkIf cfg.enable { programs.gpg = { enable = true; @@ -16,6 +16,7 @@ in enable = true; enableSshSupport = true; enableBashIntegration = true; + enableScDaemon = true; pinentryFlavor = "tty"; }; }; diff --git a/src/user/modules/utils/modules/dev/default.nix b/src/user/modules/utils/modules/dev/default.nix index 9a9ecbd..7db0e83 100644 --- a/src/user/modules/utils/modules/dev/default.nix +++ b/src/user/modules/utils/modules/dev/default.nix @@ -29,6 +29,10 @@ in }; }; + programs.git.ignores = [ + ".direnv" + ]; + home.sessionVariables = { DIRENV_LOG_FORMAT = " "; };