From 29cdd81138388af04004ad1bfef39dd45ac7ee8e Mon Sep 17 00:00:00 2001 From: KJ Tsanaktsidis Date: Wed, 7 Jan 2026 23:02:27 +1100 Subject: more twiddle --- flake.nix | 11 ----- labsrv01/configuration.nix | 7 ++- labsrv01/home-kjtsanaktsidis.nix | 103 +++++++++++++++++++++++++++++++++++++++ labsrv01/home.nix | 103 --------------------------------------- labsrv01/homes.nix | 12 +++++ 5 files changed, 121 insertions(+), 115 deletions(-) create mode 100644 labsrv01/home-kjtsanaktsidis.nix delete mode 100644 labsrv01/home.nix create mode 100644 labsrv01/homes.nix diff --git a/flake.nix b/flake.nix index e9bd29c..2004038 100644 --- a/flake.nix +++ b/flake.nix @@ -26,18 +26,7 @@ system = "x86_64-linux"; specialArgs = { inherit inputs; }; modules = [ - inputs.disko.nixosModules.disko ./labsrv01/configuration.nix - inputs.sops-nix.nixosModules.sops - inputs.home-manager.nixosModules.home-manager - { - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - home-manager.users.kjtsanaktsidis = ./labsrv01/home.nix; - home-manager.sharedModules = [ - inputs.sops-nix.homeManagerModules.sops - ]; - } ]; }; diff --git a/labsrv01/configuration.nix b/labsrv01/configuration.nix index d1b20ec..83dae2f 100644 --- a/labsrv01/configuration.nix +++ b/labsrv01/configuration.nix @@ -10,10 +10,15 @@ { imports = [ inputs.determinate.nixosModules.default + inputs.disko.nixosModules.disko ./disk-config.nix + inputs.sops-nix.nixosModules.sops ./secureboot.nix - ./alt-arrow-vt.nix ./network.nix + ./alt-arrow-vt.nix + + inputs.home-manager.nixosModules.home-manager + ./homes.nix ]; hardware.facter.reportPath = ./facter.json; diff --git a/labsrv01/home-kjtsanaktsidis.nix b/labsrv01/home-kjtsanaktsidis.nix new file mode 100644 index 0000000..c5b5989 --- /dev/null +++ b/labsrv01/home-kjtsanaktsidis.nix @@ -0,0 +1,103 @@ +{ + config, + pkgs, + ... +}: +{ + home.username = "kjtsanaktsidis"; + home.homeDirectory = "/home/kjtsanaktsidis"; + home.stateVersion = "25.11"; + + programs.home-manager.enable = true; + + # Install packages + home.packages = with pkgs; [ + htop + zellij + tmux + neovim + git-absorb + # LazyVim dependencies + lazygit + ripgrep + fd + nodejs + python3 + ]; + + # Configure sops for home-manager + sops = { + age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; + defaultSopsFile = ./secrets.yaml; + secrets = { + kj_id_ed25519 = { + path = "${config.home.homeDirectory}/.ssh/id_ed25519"; + }; + kj_gpg_private_key = { + path = "${config.home.homeDirectory}/.gnupg/private-key.asc"; + }; + }; + }; + + # Git configuration + programs.git = { + enable = true; + settings = { + user.name = "KJ Tsanaktsidis"; + user.email = "kj@kjtsanaktsidis.id.au"; + pull.rebase = true; + }; + signing = { + key = "7F21FB211E24B02A5DEF86E227CD40EB9B81C726"; + signByDefault = true; + }; + }; + + # Zsh configuration + programs.zsh = { + enable = true; + history = { + size = 1000000; + save = 1000000; + append = true; + extended = true; + ignoreSpace = false; + ignoreDups = false; + }; + + initContent = builtins.readFile ./zsh-config.zsh; + }; + + # FZF with standard keybindings + programs.fzf = { + enable = true; + enableZshIntegration = true; + }; + + programs.gpg = { + enable = true; + homedir = "${config.home.homeDirectory}/.gnupg"; + }; + services.gpg-agent = { + enable = true; + }; + systemd.user.services.manage-secrets = { + Unit = { + Description = "Import GPG and SSH keys from sops secrets"; + After = [ "sops-nix.service" ]; + Requires = [ "sops-nix.service" ]; + }; + Service = { + Type = "oneshot"; + RemainAfterExit = true; + ExecStart = toString (pkgs.writeShellScript "manage-secrets" '' + export GNUPGHOME="${config.programs.gpg.homedir}" + ${pkgs.gnupg}/bin/gpg --batch --verbose --trust-model always --import "${config.sops.secrets.kj_gpg_private_key.path}" + ${pkgs.openssh}/bin/ssh-keygen -y -f "${config.home.homeDirectory}/.ssh/id_ed25519" > "${config.home.homeDirectory}/.ssh/id_ed25519.pub" + ''); + }; + Install = { + WantedBy = [ "default.target" ]; + }; + }; +} diff --git a/labsrv01/home.nix b/labsrv01/home.nix deleted file mode 100644 index c5b5989..0000000 --- a/labsrv01/home.nix +++ /dev/null @@ -1,103 +0,0 @@ -{ - config, - pkgs, - ... -}: -{ - home.username = "kjtsanaktsidis"; - home.homeDirectory = "/home/kjtsanaktsidis"; - home.stateVersion = "25.11"; - - programs.home-manager.enable = true; - - # Install packages - home.packages = with pkgs; [ - htop - zellij - tmux - neovim - git-absorb - # LazyVim dependencies - lazygit - ripgrep - fd - nodejs - python3 - ]; - - # Configure sops for home-manager - sops = { - age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; - defaultSopsFile = ./secrets.yaml; - secrets = { - kj_id_ed25519 = { - path = "${config.home.homeDirectory}/.ssh/id_ed25519"; - }; - kj_gpg_private_key = { - path = "${config.home.homeDirectory}/.gnupg/private-key.asc"; - }; - }; - }; - - # Git configuration - programs.git = { - enable = true; - settings = { - user.name = "KJ Tsanaktsidis"; - user.email = "kj@kjtsanaktsidis.id.au"; - pull.rebase = true; - }; - signing = { - key = "7F21FB211E24B02A5DEF86E227CD40EB9B81C726"; - signByDefault = true; - }; - }; - - # Zsh configuration - programs.zsh = { - enable = true; - history = { - size = 1000000; - save = 1000000; - append = true; - extended = true; - ignoreSpace = false; - ignoreDups = false; - }; - - initContent = builtins.readFile ./zsh-config.zsh; - }; - - # FZF with standard keybindings - programs.fzf = { - enable = true; - enableZshIntegration = true; - }; - - programs.gpg = { - enable = true; - homedir = "${config.home.homeDirectory}/.gnupg"; - }; - services.gpg-agent = { - enable = true; - }; - systemd.user.services.manage-secrets = { - Unit = { - Description = "Import GPG and SSH keys from sops secrets"; - After = [ "sops-nix.service" ]; - Requires = [ "sops-nix.service" ]; - }; - Service = { - Type = "oneshot"; - RemainAfterExit = true; - ExecStart = toString (pkgs.writeShellScript "manage-secrets" '' - export GNUPGHOME="${config.programs.gpg.homedir}" - ${pkgs.gnupg}/bin/gpg --batch --verbose --trust-model always --import "${config.sops.secrets.kj_gpg_private_key.path}" - ${pkgs.openssh}/bin/ssh-keygen -y -f "${config.home.homeDirectory}/.ssh/id_ed25519" > "${config.home.homeDirectory}/.ssh/id_ed25519.pub" - ''); - }; - Install = { - WantedBy = [ "default.target" ]; - }; - }; -} diff --git a/labsrv01/homes.nix b/labsrv01/homes.nix new file mode 100644 index 0000000..6e6cdb4 --- /dev/null +++ b/labsrv01/homes.nix @@ -0,0 +1,12 @@ +{ + inputs, + ... +}: +{ + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + home-manager.users.kjtsanaktsidis = ./home-kjtsanaktsidis.nix; + home-manager.sharedModules = [ + inputs.sops-nix.homeManagerModules.sops + ]; +} -- cgit v1.2.3