diff options
| author | KJ Tsanaktsidis <kj@kjtsanaktsidis.id.au> | 2026-01-07 23:02:27 +1100 |
|---|---|---|
| committer | KJ Tsanaktsidis <kj@kjtsanaktsidis.id.au> | 2026-01-07 23:02:27 +1100 |
| commit | 29cdd81138388af04004ad1bfef39dd45ac7ee8e (patch) | |
| tree | 662ef708ad95031f57233a4709fbb795d9cf0ae8 /labsrv01/home-kjtsanaktsidis.nix | |
| parent | 6ccad007f2b451266367390d1d4ef28a15a8e82d (diff) | |
more twiddle
Diffstat (limited to 'labsrv01/home-kjtsanaktsidis.nix')
| -rw-r--r-- | labsrv01/home-kjtsanaktsidis.nix | 103 |
1 files changed, 103 insertions, 0 deletions
diff --git a/labsrv01/home-kjtsanaktsidis.nix b/labsrv01/home-kjtsanaktsidis.nix new file mode 100644 index 0000000..c5b5989 --- /dev/null +++ b/labsrv01/home-kjtsanaktsidis.nix @@ -0,0 +1,103 @@ +{ + config, + pkgs, + ... +}: +{ + home.username = "kjtsanaktsidis"; + home.homeDirectory = "/home/kjtsanaktsidis"; + home.stateVersion = "25.11"; + + programs.home-manager.enable = true; + + # Install packages + home.packages = with pkgs; [ + htop + zellij + tmux + neovim + git-absorb + # LazyVim dependencies + lazygit + ripgrep + fd + nodejs + python3 + ]; + + # Configure sops for home-manager + sops = { + age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; + defaultSopsFile = ./secrets.yaml; + secrets = { + kj_id_ed25519 = { + path = "${config.home.homeDirectory}/.ssh/id_ed25519"; + }; + kj_gpg_private_key = { + path = "${config.home.homeDirectory}/.gnupg/private-key.asc"; + }; + }; + }; + + # Git configuration + programs.git = { + enable = true; + settings = { + user.name = "KJ Tsanaktsidis"; + user.email = "kj@kjtsanaktsidis.id.au"; + pull.rebase = true; + }; + signing = { + key = "7F21FB211E24B02A5DEF86E227CD40EB9B81C726"; + signByDefault = true; + }; + }; + + # Zsh configuration + programs.zsh = { + enable = true; + history = { + size = 1000000; + save = 1000000; + append = true; + extended = true; + ignoreSpace = false; + ignoreDups = false; + }; + + initContent = builtins.readFile ./zsh-config.zsh; + }; + + # FZF with standard keybindings + programs.fzf = { + enable = true; + enableZshIntegration = true; + }; + + programs.gpg = { + enable = true; + homedir = "${config.home.homeDirectory}/.gnupg"; + }; + services.gpg-agent = { + enable = true; + }; + systemd.user.services.manage-secrets = { + Unit = { + Description = "Import GPG and SSH keys from sops secrets"; + After = [ "sops-nix.service" ]; + Requires = [ "sops-nix.service" ]; + }; + Service = { + Type = "oneshot"; + RemainAfterExit = true; + ExecStart = toString (pkgs.writeShellScript "manage-secrets" '' + export GNUPGHOME="${config.programs.gpg.homedir}" + ${pkgs.gnupg}/bin/gpg --batch --verbose --trust-model always --import "${config.sops.secrets.kj_gpg_private_key.path}" + ${pkgs.openssh}/bin/ssh-keygen -y -f "${config.home.homeDirectory}/.ssh/id_ed25519" > "${config.home.homeDirectory}/.ssh/id_ed25519.pub" + ''); + }; + Install = { + WantedBy = [ "default.target" ]; + }; + }; +} |