noah/dotfiles
1
0
Fork 0
mirror of https://github.com/nmasur/dotfiles synced 2025-04-24 01:02:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: noah:e90c6b17246babf0da7a7925efe1087025008626
Branches Tags
noah:master
noah:platform
noah:home-manager-fix
noah:immich-proxy
noah:microcode
noah:nixd
noah:eblume-mole
noah:language-checks
noah:keyd-2.4.3
noah:sway
noah:nixosmodules
noah:unfree-predicate-by-pkgs
noah:darwin-ssl
noah:pre-platform
noah:begin-nixos
noah:begin-nix
noah:neovim-lua
noah:pre-nix
noah:legacy
..
compare: noah:a3dcca556f8d612ac57a7a0ebdb33b4e7e244b10
Branches Tags
noah:master
noah:platform
noah:home-manager-fix
noah:immich-proxy
noah:microcode
noah:nixd
noah:eblume-mole
noah:language-checks
noah:keyd-2.4.3
noah:sway
noah:nixosmodules
noah:unfree-predicate-by-pkgs
noah:darwin-ssl
noah:pre-platform
noah:begin-nixos
noah:begin-nix
noah:neovim-lua
noah:pre-nix
noah:legacy

No commits in common. "e90c6b17246babf0da7a7925efe1087025008626" and "a3dcca556f8d612ac57a7a0ebdb33b4e7e244b10" have entirely different histories.
e90c6b1724 ... a3dcca556f

8 changed files with 45 additions and 43 deletions
Show Stats Expand all files Collapse all files

9
apps/loadkey.nix Normal file
View File

@ -0,0 +1,9 @@
{ pkgs, ... }:
{
# TODO: just replace with packages instead of apps
type = "app";
program = "${pkgs.nmasur.loadkey}/bin/loadkey";
}

27
apps/reencrypt-secrets.nix Normal file
View File

@ -0,0 +1,27 @@
{ pkgs, ... }:
{
# nix run github:nmasur/dotfiles#reencrypt-secrets ./private
type = "app";
program = builtins.toString (
pkgs.writeShellScript "reencrypt-secrets" ''
if [ $# -eq 0 ]; then
echo "Must provide directory to reencrypt."
exit 1
fi
encrypted=$1
for encryptedfile in ''${1}/*; do
tmpfile=$(mktemp)
echo "Decrypting ''${encryptedfile}..."
${pkgs.age}/bin/age --decrypt \
--identity ~/.ssh/id_ed25519 $encryptedfile > $tmpfile
echo "Encrypting ''${encryptedfile}..."
${pkgs.age}/bin/age --encrypt --armor --recipients-file ${builtins.toString ../misc/public-keys} $tmpfile > $encryptedfile
rm $tmpfile
done
echo "Finished."
''
);
}

16
flake.nix
View File

@ -447,14 +447,14 @@
packages = mypackages;
# # Programs that can be run by calling this flake
# apps = forAllSystems (
# system:
# let
# pkgs = import nixpkgs { inherit system overlays; };
# in
# import ./apps { inherit pkgs; }
# );
# Programs that can be run by calling this flake
apps = forAllSystems (
system:
let
pkgs = import nixpkgs { inherit system overlays; };
in
import ./apps { inherit pkgs; }
);
# Development environments
devShells = forAllSystems (

1
hosts-by-platform/aarch64-linux/flame/default.nix
View File

@ -27,7 +27,6 @@ rec {
nmasur.profiles = {
common.enable = true;
linux-base.enable = true;
power-user.enable = true;
};
home.stateVersion = "23.05";
};

21
pkgs/tools/misc/reencrypt-secrets/package.nix
View File

@ -1,21 +0,0 @@
{ pkgs, ... }:
# nix run github:nmasur/dotfiles#reencrypt-secrets ./private
pkgs.writeShellScriptBin "reencrypt-secrets" ''
if [ $# -eq 0 ]; then
echo "Must provide directory to reencrypt."
exit 1
fi
encrypted=$1
find "''${1}" -type f -name "*.age" | while IFS= read -r encryptedfile; do
tmpfile=$(mktemp)
echo "Decrypting ''${encryptedfile}..."
${pkgs.age}/bin/age --decrypt \
--identity ~/.ssh/id_ed25519 $encryptedfile > $tmpfile
echo "Encrypting ''${encryptedfile}..."
${pkgs.age}/bin/age --encrypt --armor --recipients-file ${builtins.toString ../../../../misc/public-keys} $tmpfile > $encryptedfile
rm $tmpfile
done
echo "Finished."
''

3
platforms/home-manager/modules/nmasur/presets/programs/fish.nix
View File

@ -40,9 +40,6 @@ in
description = "Evaluate a bash-like environment variables file";
body = ''set -gx (cat $argv | tr "=" " " | string split ' ')'';
};
fish_user_key_bindings = {
body = cfg.fish_user_key_bindings;
};
ip = {
body = lib.getExe pkgs.nmasur.ip-check;
};

6
platforms/home-manager/modules/nmasur/presets/services/nix.nix
View File

@ -40,12 +40,6 @@ in
settings = {
# Trust users for messing with Nix stuff
trusted-users = [
"root"
"@wheel"
];
# Add community Cachix to binary cache
# Don't use at work because blocked by corporate firewall
builders-use-substitutes = true;

5
platforms/nixos/modules/nmasur/profiles/base.nix
View File

@ -28,16 +28,13 @@ in
};
};
programs.fish.enable = lib.mkDefault config.home-manager.users.${username}.programs.fish.enable;
# Allows us to declaritively set password
users.mutableUsers = lib.mkDefault false;
# Define a user account. Don't forget to set a password with passwd.
users.users.${username} = {
# Use fish by default if enabled in home-manager
shell = lib.mkIf (config.programs.fish.enable) pkgs.fish;
shell = lib.mkIf (config.home-manager.users.${username}.programs.fish.enable) pkgs.fish;
# Create a home directory for human user
isNormalUser = lib.mkDefault true;