changes

src/system/machines/desktop/home.nix

@@ -10,7 +10,7 @@
 
     programs.home-manager.enable = true;
     programs.bash.shellAliases = {
-      nixup = "sudo nixos-rebuild switch --flake /etc/nixos/.#desktop";
+      nixup = "sudo nixos-rebuild switch --flake ${config.user.nixosDir}/.#desktop";
     };
 
     home.stateVersion = "22.11";
@@ -22,8 +22,11 @@
       user = {
         bash.enable = true;
         git.enable = true;
+
+        security = {
+          enable = true;
           gpg.enable = true;
-        security.enable = true;
+        };
 
         utils = {
           enable = true;

src/system/machines/desktop/system.nix

@@ -6,8 +6,8 @@
     ${config.user.name} = {
       isNormalUser = true;
       extraGroups = config.user.groups
-        ++ [ "video" "audio" "kvm" "libvirtd" "docker" ];
+        ++ [ "video" "audio" "kvm" "libvirtd" ];
-      openssh.authorizedKeys.keys = config.user.sshKeys.key2;
+      openssh.authorizedKeys.keys = [ "${config.user.sshKeys.key2}" ];
     };
   };
 

src/system/machines/server/home.nix

@@ -10,7 +10,7 @@
 
     programs.home-manager.enable = true;
     programs.bash.shellAliases = {
-      nixup = "sudo nixos-rebuild switch --flake /etc/nixos/.#server";
+      nixup = "sudo nixos-rebuild switch --flake ${config.user.nixosDir}/.#server";
     };
 
     home.stateVersion = "23.11";

src/system/machines/server/system.nix

@@ -19,7 +19,7 @@
     ${config.user.name} = {
       isNormalUser = true;
       extraGroups = config.user.groups;
-      openssh.authorizedKeys.keys = config.user.sshKeys.key1;
+      openssh.authorizedKeys.keys = [ "${config.user.sshKeys.key1}" ];
     };
   };
 

src/system/machines/wsl/home.nix

@@ -10,7 +10,7 @@
 
     programs.home-manager.enable = true;
     programs.bash.shellAliases = {
-      nixup = "sudo nixos-rebuild switch --flake /etc/nixos/.#wsl";
+      nixup = "sudo nixos-rebuild switch --flake ${config.user.nixosDir}/.#wsl";
     };
 
     home.stateVersion = "23.11";

src/user/configs/default.nix

@@ -1,10 +1,13 @@
-{ lib, pkgs, ... }:
+{ lib, pkgs, config, ... }:
 
 let
-  userConfigs = rec {
+gpg = config.modules.user.security.gpg;
+
+userConfigs = rec {
   name = "bryan";
   email = "bryan@ramos.codes";
   shell = pkgs.bash;
+  nixosDir = /etc/nixos; # PATH to this repo
 
   # Image name from ~Pictures/wallpapers directory
   wallpaper = "mountains.jpg";
@@ -14,47 +17,23 @@ let
   gitConfig = {
     userName = "Bryan Ramos";
     userEmail = email;
-      signing = {
+    signing = lib.optionalAttrs gpg.enable {
       key = "F1F3466458452B2DF351F1E864D12BA95ACE1F2D";
       signByDefault = true;
     };
-
-      extraConfig = {
-        init = { defaultBranch = "master"; };
-        mergetool = {
-          lazygit = {
-            cmd = "lazygit";
-            trustExitCode = true;
-          };
-        };
-        merge = { tool = "lazygit"; };
-        safe = { directory = "/etc/nixos"; };
-      };
-
-      ignores = [
-        "node_modules"
-        ".direnv"
-        "dist-newstyle"
-        ".nuxt/"
-        ".output/"
-        "dist"
-      ];
   };
 
   pgpKey = {
-      text = import ./pgpKey.nix;
+    text = import ./keys/pgpKey.nix;
     trust = 5;
   };
 
   sshKeys = {
-      key1 = [
+    key1 = import ./keys/sshKey1.nix;
-        "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDl4895aB9P5p/lp8Hq5rHun4clvhyTSHFi3U2d6OOBoW5Fm+VcQnW/xbjmCBsXk5BdiowsBxQhwnzdfz/KJL7J5RobomUEaVRwb9UwT88eJveLp14BG8j2J3SjfyhrCX+4jkPx0bPQk1HGcuYY+tPEXf1q/ps88Dhu0CARBIzYQOTYY6b1qWzxpDoFZGHjKG8g5iY6FIu65yKKvvVy1f8IgZ3l3IpwBWVamxgkTcYY0QYSrmzo1n7TXxwrWbvenAqBsQ0cBPs+gVa3uIr+1TJl0Az5SElBVGu3LvUdlk58trtPUj6TQR3YUkg7Vjll7WHOdqhux5ZQNhjkOsHerf0Tw86e6cEzgeTuIbQHIb0LcsUunwKcuh2+au7RO599cvHn0+xZE5MZBxloDDaJ3JsiliM8kyPP/U3ERj03cWLW7BqbT+sfjAOl21RCzk0iQxk1wt/8VmtCr9Adv7IyrtaYvf/bwRP+g+9ldmzKGt8Mdb605uVzZ70H/LLm17f40Te+QHaex5by/6p6cuwEEZtgIg53Wpglu0rA6UxrBfQEHKl/Jt3FLeE0mnEyYkkR2MnHNtyWRIXtuqYZMAm2Ub1pFHH7jQV1gGiDVTw6a2eIwK21a/hXtRjFUpFd1nB1n+KNfJBE4zT3wm3Ud7mKw/6rWnoRyhYZvGXkFdp+iEs49Q=="
+    key2 = import ./keys/sshKey2.nix;
-      ];
-      key2 = [
-        "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBK2ROz7EVvE+nzF5k9EYZ2v3JhBzk058uh3QJTzcG4t70fkZgh9y56AOx26eXlKQWuuV05e8EkWRuVI8gfA2ROI="
-      ];
-    };
   };
+};
+
 in
 {
   options = {

src/user/configs/keys/sshKey1.nix

@@ -0,0 +1 @@
+"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDl4895aB9P5p/lp8Hq5rHun4clvhyTSHFi3U2d6OOBoW5Fm+VcQnW/xbjmCBsXk5BdiowsBxQhwnzdfz/KJL7J5RobomUEaVRwb9UwT88eJveLp14BG8j2J3SjfyhrCX+4jkPx0bPQk1HGcuYY+tPEXf1q/ps88Dhu0CARBIzYQOTYY6b1qWzxpDoFZGHjKG8g5iY6FIu65yKKvvVy1f8IgZ3l3IpwBWVamxgkTcYY0QYSrmzo1n7TXxwrWbvenAqBsQ0cBPs+gVa3uIr+1TJl0Az5SElBVGu3LvUdlk58trtPUj6TQR3YUkg7Vjll7WHOdqhux5ZQNhjkOsHerf0Tw86e6cEzgeTuIbQHIb0LcsUunwKcuh2+au7RO599cvHn0+xZE5MZBxloDDaJ3JsiliM8kyPP/U3ERj03cWLW7BqbT+sfjAOl21RCzk0iQxk1wt/8VmtCr9Adv7IyrtaYvf/bwRP+g+9ldmzKGt8Mdb605uVzZ70H/LLm17f40Te+QHaex5by/6p6cuwEEZtgIg53Wpglu0rA6UxrBfQEHKl/Jt3FLeE0mnEyYkkR2MnHNtyWRIXtuqYZMAm2Ub1pFHH7jQV1gGiDVTw6a2eIwK21a/hXtRjFUpFd1nB1n+KNfJBE4zT3wm3Ud7mKw/6rWnoRyhYZvGXkFdp+iEs49Q=="

src/user/configs/keys/sshKey2.nix

@@ -0,0 +1 @@
+"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBK2ROz7EVvE+nzF5k9EYZ2v3JhBzk058uh3QJTzcG4t70fkZgh9y56AOx26eXlKQWuuV05e8EkWRuVI8gfA2ROI="

src/user/modules/default.nix

@@ -2,7 +2,6 @@
   imports = [
     ./bash
     ./git
-    ./gpg
     ./gui
     ./security
     ./utils

src/user/modules/git/config/bashScripts/cdg.nix

@@ -5,7 +5,6 @@ function cdg() {
     return 0
   fi
 
-  # Check for invalid command
   if [[ -n "$1" ]]; then
     echo "Invalid command: $1. Try 'cdg --help'."
     return 1

src/user/modules/git/default.nix

@@ -10,6 +10,26 @@ in
     programs = {
       git = {
         enable = true;
+        extraConfig = {
+          init = { defaultBranch = "master"; };
+          mergetool = {
+            vimdiff = {
+              trustExitCode = true;
+            };
+          };
+          merge = { tool = "vimdiff"; };
+          safe = {
+            directory = "${config.user.nixosDir}";
+          };
+        };
+        ignores = [
+          "node_modules"
+          ".direnv"
+          "dist-newstyle"
+          ".nuxt/"
+          ".output/"
+          "dist"
+        ];
       } // config.user.gitConfig;
       gh = {
         enable = true;

src/user/modules/security/default.nix

@@ -6,6 +6,7 @@ let
 
 in
 { options.modules.user.security = { enable = mkEnableOption "user.security"; };
+  imports = [ ./modules ];
   config = mkIf cfg.enable {
     home.packages = with pkgs; [
       pass

src/user/modules/security/modules/default.nix

@@ -0,0 +1,5 @@
+{
+  imports = [
+    ./gpg
+  ];
+}

src/user/modules/security/modules/gpg/default.nix

@@ -2,10 +2,10 @@
 
 with lib;
 let
-  cfg = config.modules.user.gpg;
+  cfg = config.modules.user.security.gpg;
 
 in
-{ options.modules.user.gpg = { enable = mkEnableOption "user.gpg"; };
+{ options.modules.user.security.gpg = { enable = mkEnableOption "user.security.gpg"; };
   config = mkIf cfg.enable {
     programs.gpg = {
       enable = true;
@@ -16,6 +16,7 @@ in
       enable = true;
       enableSshSupport = true;
       enableBashIntegration = true;
+      enableScDaemon = true;
       pinentryFlavor = "tty";
     };
   };

src/user/modules/utils/modules/dev/default.nix

@@ -29,6 +29,10 @@ in
       };
     };
 
+    programs.git.ignores = [
+      ".direnv"
+    ];
+
     home.sessionVariables = {
       DIRENV_LOG_FORMAT = " ";
     };