diff options
Diffstat (limited to 'homes/kjtsanaktsidis/default.nix')
| -rw-r--r-- | homes/kjtsanaktsidis/default.nix | 140 |
1 files changed, 140 insertions, 0 deletions
diff --git a/homes/kjtsanaktsidis/default.nix b/homes/kjtsanaktsidis/default.nix new file mode 100644 index 0000000..8195727 --- /dev/null +++ b/homes/kjtsanaktsidis/default.nix @@ -0,0 +1,140 @@ +{ + config, + pkgs, + lib, + ... +}: +{ + home.username = "kjtsanaktsidis"; + home.homeDirectory = "/home/kjtsanaktsidis"; + home.stateVersion = "25.11"; + + programs.home-manager.enable = true; + + # Install packages + home.packages = with pkgs; [ + htop + zellij + tmux + git-absorb + # LazyVim dependencies + lazygit + ripgrep + fd + nodejs + python3 + nixos-rebuild-ng + ]; + + # Configure sops for home-manager + sops = { + age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; + defaultSopsFile = ./secrets.yaml; + secrets = { + kj_id_ed25519 = { + path = "${config.home.homeDirectory}/.ssh/id_ed25519"; + }; + kj_gpg_private_key = { + path = "${config.home.homeDirectory}/.gnupg/private-key.asc"; + }; + fastmail_app_password = { + path = "${config.xdg.configHome}/secrets/fastmail_app_password"; + }; + }; + }; + + accounts.email.accounts.fastmail = { + enable = true; + primary = true; + address = "kj@kjtsanaktsidis.id.au"; + realName = "KJ Tsanaktsidis"; + userName = "kj@kjtsanaktsidis.id.au"; + flavor = "fastmail.com"; + msmtp = { + enable = true; + extraConfig = { + host = "smtp.fastmail.com"; + port = "465"; + tls = "on"; + auth = "on"; + user = "kj@kjtsanaktsidis.id.au"; + from = "kj@kjtsanaktsidis.id.au"; + passwordeval = "cat ${config.sops.secrets.fastmail_app_password.path}"; + }; + }; + }; + programs.msmtp.enable = true; + + # Git configuration + programs.git = { + enable = true; + settings = { + user.name = "KJ Tsanaktsidis"; + user.email = "kj@kjtsanaktsidis.id.au"; + pull.rebase = true; + sendemail = { + sendmailCmd = "${pkgs.msmtp}/bin/msmtp -a default"; + from = "KJ Tsanaktsidis <kj@kjtsanaktsidis.id.au>"; + confirm = "always"; + annotate = true; + }; + }; + signing = { + key = "7F21FB211E24B02A5DEF86E227CD40EB9B81C726"; + signByDefault = true; + }; + }; + + programs.neovim = { + enable = true; + defaultEditor = true; + }; + + # Zsh configuration + programs.zsh = { + enable = true; + history = { + size = 1000000; + save = 1000000; + append = true; + extended = true; + ignoreSpace = false; + ignoreDups = false; + }; + + initContent = lib.mkOrder 1000 (builtins.readFile ./zsh-config.zsh); + }; + + # FZF with standard keybindings + programs.fzf = { + enable = true; + enableZshIntegration = true; + }; + + programs.gpg = { + enable = true; + homedir = "${config.home.homeDirectory}/.gnupg"; + }; + services.gpg-agent = { + enable = true; + }; + systemd.user.services.manage-secrets = { + Unit = { + Description = "Import GPG and SSH keys from sops secrets"; + After = [ "sops-nix.service" ]; + Requires = [ "sops-nix.service" ]; + }; + Service = { + Type = "oneshot"; + RemainAfterExit = true; + ExecStart = toString (pkgs.writeShellScript "manage-secrets" '' + export GNUPGHOME="${config.programs.gpg.homedir}" + ${pkgs.gnupg}/bin/gpg --batch --verbose --trust-model always --import "${config.sops.secrets.kj_gpg_private_key.path}" + ${pkgs.openssh}/bin/ssh-keygen -y -f "${config.home.homeDirectory}/.ssh/id_ed25519" > "${config.home.homeDirectory}/.ssh/id_ed25519.pub" + ''); + }; + Install = { + WantedBy = [ "default.target" ]; + }; + }; +} |