about summary refs log tree commit diff
path: root/modules/common
diff options
context:
space:
mode:
Diffstat (limited to 'modules/common')
-rw-r--r--modules/common/common/default.nix1
-rw-r--r--modules/common/common/nix/default.nix6
-rw-r--r--modules/common/common/secrets.nix21
-rw-r--r--modules/common/curl.nix2
-rw-r--r--modules/common/emacs/default.nix29
-rw-r--r--modules/common/emacs/doom/config.el2
-rw-r--r--modules/common/git.nix23
7 files changed, 77 insertions, 7 deletions
diff --git a/modules/common/common/default.nix b/modules/common/common/default.nix
index 2bfe7e8..8849ad9 100644
--- a/modules/common/common/default.nix
+++ b/modules/common/common/default.nix
@@ -5,6 +5,7 @@ _: {
     ./locale.nix
     ./networking.nix
     ./nix
+    ./secrets.nix
     ./shell
     ./users.nix
   ];
diff --git a/modules/common/common/nix/default.nix b/modules/common/common/nix/default.nix
index 0898457..378cd36 100644
--- a/modules/common/common/nix/default.nix
+++ b/modules/common/common/nix/default.nix
@@ -11,7 +11,10 @@
 with lib; {
   _module.args = let
     importNixpkgs = nixpkgs:
-      import nixpkgs {inherit (config.nixpkgs) config localSystem;};
+      import nixpkgs {
+        inherit (config.nixpkgs) config;
+        inherit (this) system;
+      };
   in rec {
     pkgsLocal = importNixpkgs "${config.my.home}/src/nixpkgs"; # Impure!
     pkgsMaster = importNixpkgs inputs.nixpkgs-master;
@@ -126,6 +129,7 @@ with lib; {
         telepresence = telepresence2;
         tor-browser = tor-browser-bundle-bin;
       }))
+    agenix.overlays.default
     emacs-overlay.overlay
     nur.overlay
   ];
diff --git a/modules/common/common/secrets.nix b/modules/common/common/secrets.nix
new file mode 100644
index 0000000..e15dea8
--- /dev/null
+++ b/modules/common/common/secrets.nix
@@ -0,0 +1,21 @@
+{
+  config,
+  lib,
+  pkgs,
+  this,
+  ...
+}:
+with lib; {
+  imports = [(mkAliasOptionModule ["secrets"] ["age" "secrets"])];
+
+  config = {
+    age.identityPaths =
+      if this.isHeadful
+      then ["${config.my.home}/.ssh/id_${my.ssh.type}"]
+      else
+        map (attr: attr.path) (filter (attr: attr.type == my.ssh.type)
+          config.services.openssh.hostKeys);
+
+    environment.systemPackages = with pkgs; [agenix];
+  };
+}
diff --git a/modules/common/curl.nix b/modules/common/curl.nix
index a48b93e..7c51bbd 100644
--- a/modules/common/curl.nix
+++ b/modules/common/curl.nix
@@ -7,7 +7,7 @@
 with lib; let
   cfg = config.nixfiles.modules.curl;
 in {
-  options.nixfiles.modules.curl.enable = mkEnableOption "cURL.";
+  options.nixfiles.modules.curl.enable = mkEnableOption "cURL";
 
   config = mkIf cfg.enable {
     hm.home.file.".curlrc".text = ''
diff --git a/modules/common/emacs/default.nix b/modules/common/emacs/default.nix
index bc4acdc..268d77d 100644
--- a/modules/common/emacs/default.nix
+++ b/modules/common/emacs/default.nix
@@ -1,8 +1,9 @@
 {
   config,
+  inputs,
   lib,
+  localUsername ? lib.my.username,
   pkgs,
-  pkgsStable,
   this,
   ...
 }:
@@ -12,6 +13,11 @@ in {
   options.nixfiles.modules.emacs.enable = mkEnableOption "GNU Emacs";
 
   config = mkIf cfg.enable {
+    secrets.authinfo = {
+      file = "${inputs.self}/secrets/authinfo";
+      owner = localUsername;
+    };
+
     nixfiles.modules = {
       fonts.enable = true;
       git.client.enable = true;
@@ -114,6 +120,8 @@ in {
                 concatMapStringsSep ":" (x: "${x}/bin") extraBins
               }"))
 
+              (appendq! auth-sources '("${config.secrets.authinfo.path}"))
+
               ;; Font must be set to N+2 because otherwise it looks too small.
               (setq doom-font (font-spec :family "${config.fontScheme.monospaceFont.family}"
                                           :size ${toString (config.fontScheme.monospaceFont.size + 2)})
@@ -139,11 +147,23 @@ in {
             (builtins.readFile ./doom/config.el)
           ];
           onChange = with config.hm.programs; ''
-            if [[ -x "''${XDG_CONFIG_HOME:~/.config}/emacs/bin/doom" ]]; then
+            export DOOMDIR="$HOME/.config/doom"
+            export EMACSDIR="$HOME/.config/emacs"
+
+            if [[ ! -d "$EMACSDIR/.git" ]]; then
+              ${git.package}/bin/git clone --depth=1 --branch=master \
+                "https://github.com/doomemacs/doomemacs" "$EMACSDIR"
+            fi
+
+            if [[ ! -d "$DOOMDIR" ]]; then
+              mkdir -p "$DOOMDIR"
+            fi
+
+            if [[ -x "$EMACSDIR/bin/doom" ]]; then
               oldpath="$PATH"
               export PATH="''${PATH:-/bin}:${emacs.package}/bin:${git.package}/bin"
 
-              "''${XDG_CONFIG_HOME:~/.config}/emacs/bin/doom" sync
+              "$EMACSDIR/bin/doom" sync -e -p --force --verbose
 
               export PATH="$oldpath"
               unset oldpath
@@ -155,8 +175,7 @@ in {
       programs.emacs = {
         enable = true;
         package = pkgs.emacs28; # Pin to avoid surprises.
-        # For some reason latest libvterm is not picked up by Emacs.
-        extraPackages = _: with pkgsStable.emacsPackages; [vterm];
+        extraPackages = p: with p; [vterm];
       };
     };
   };
diff --git a/modules/common/emacs/doom/config.el b/modules/common/emacs/doom/config.el
index 9284e0b..502ca27 100644
--- a/modules/common/emacs/doom/config.el
+++ b/modules/common/emacs/doom/config.el
@@ -84,6 +84,8 @@
 ;;; Nix
 ;;
 
+(setq nix-nixfmt-bin "alejandra")
+
 (after! lsp-mode
   (add-to-list 'lsp-language-id-configuration '(nix-mode . "nix"))
   (lsp-register-client
diff --git a/modules/common/git.nix b/modules/common/git.nix
index 2a0554f..c3ebafc 100644
--- a/modules/common/git.nix
+++ b/modules/common/git.nix
@@ -1,6 +1,8 @@
 {
   config,
+  inputs,
   lib,
+  localUsername ? lib.my.username,
   pkgs,
   ...
 }:
@@ -11,6 +13,27 @@ in {
     mkEnableOption "Git client";
 
   config = mkIf cfg.client.enable {
+    secrets = let
+      # HACK Darwin doesn't support XDG specifications.
+      configHome = "${config.my.home}/.config";
+    in {
+      glab-cli-config = {
+        file = "${inputs.self}/secrets/glab-cli-config";
+        path = "${configHome}/glab-cli/config.yml";
+        owner = localUsername;
+      };
+      gh-hosts = {
+        file = "${inputs.self}/secrets/gh-hosts";
+        path = "${configHome}/gh/hosts.yml";
+        owner = localUsername;
+      };
+      hut = {
+        file = "${inputs.self}/secrets/hut";
+        path = "${configHome}/hut/config";
+        owner = localUsername;
+      };
+    };
+
     hm = {
       home.packages = with pkgs; [glab hut];
 

Consider giving Nix/NixOS a try! <3