From e40f7d991353ad70984afdf67b25c049190c56bd Mon Sep 17 00:00:00 2001 From: Azat Bahawi Date: Mon, 20 Feb 2023 02:05:59 +0300 Subject: 2023-02-20 --- modules/common/common/default.nix | 1 + modules/common/common/nix/default.nix | 6 +++++- modules/common/common/secrets.nix | 21 +++++++++++++++++++++ modules/common/curl.nix | 2 +- modules/common/emacs/default.nix | 29 ++++++++++++++++++++++++----- modules/common/emacs/doom/config.el | 2 ++ modules/common/git.nix | 23 +++++++++++++++++++++++ 7 files changed, 77 insertions(+), 7 deletions(-) create mode 100644 modules/common/common/secrets.nix (limited to 'modules/common') diff --git a/modules/common/common/default.nix b/modules/common/common/default.nix index 2bfe7e8..8849ad9 100644 --- a/modules/common/common/default.nix +++ b/modules/common/common/default.nix @@ -5,6 +5,7 @@ _: { ./locale.nix ./networking.nix ./nix + ./secrets.nix ./shell ./users.nix ]; diff --git a/modules/common/common/nix/default.nix b/modules/common/common/nix/default.nix index 0898457..378cd36 100644 --- a/modules/common/common/nix/default.nix +++ b/modules/common/common/nix/default.nix @@ -11,7 +11,10 @@ with lib; { _module.args = let importNixpkgs = nixpkgs: - import nixpkgs {inherit (config.nixpkgs) config localSystem;}; + import nixpkgs { + inherit (config.nixpkgs) config; + inherit (this) system; + }; in rec { pkgsLocal = importNixpkgs "${config.my.home}/src/nixpkgs"; # Impure! pkgsMaster = importNixpkgs inputs.nixpkgs-master; @@ -126,6 +129,7 @@ with lib; { telepresence = telepresence2; tor-browser = tor-browser-bundle-bin; })) + agenix.overlays.default emacs-overlay.overlay nur.overlay ]; diff --git a/modules/common/common/secrets.nix b/modules/common/common/secrets.nix new file mode 100644 index 0000000..e15dea8 --- /dev/null +++ b/modules/common/common/secrets.nix @@ -0,0 +1,21 @@ +{ + config, + lib, + pkgs, + this, + ... +}: +with lib; { + imports = [(mkAliasOptionModule ["secrets"] ["age" "secrets"])]; + + config = { + age.identityPaths = + if this.isHeadful + then ["${config.my.home}/.ssh/id_${my.ssh.type}"] + else + map (attr: attr.path) (filter (attr: attr.type == my.ssh.type) + config.services.openssh.hostKeys); + + environment.systemPackages = with pkgs; [agenix]; + }; +} diff --git a/modules/common/curl.nix b/modules/common/curl.nix index a48b93e..7c51bbd 100644 --- a/modules/common/curl.nix +++ b/modules/common/curl.nix @@ -7,7 +7,7 @@ with lib; let cfg = config.nixfiles.modules.curl; in { - options.nixfiles.modules.curl.enable = mkEnableOption "cURL."; + options.nixfiles.modules.curl.enable = mkEnableOption "cURL"; config = mkIf cfg.enable { hm.home.file.".curlrc".text = '' diff --git a/modules/common/emacs/default.nix b/modules/common/emacs/default.nix index bc4acdc..268d77d 100644 --- a/modules/common/emacs/default.nix +++ b/modules/common/emacs/default.nix @@ -1,8 +1,9 @@ { config, + inputs, lib, + localUsername ? lib.my.username, pkgs, - pkgsStable, this, ... }: @@ -12,6 +13,11 @@ in { options.nixfiles.modules.emacs.enable = mkEnableOption "GNU Emacs"; config = mkIf cfg.enable { + secrets.authinfo = { + file = "${inputs.self}/secrets/authinfo"; + owner = localUsername; + }; + nixfiles.modules = { fonts.enable = true; git.client.enable = true; @@ -114,6 +120,8 @@ in { concatMapStringsSep ":" (x: "${x}/bin") extraBins }")) + (appendq! auth-sources '("${config.secrets.authinfo.path}")) + ;; Font must be set to N+2 because otherwise it looks too small. (setq doom-font (font-spec :family "${config.fontScheme.monospaceFont.family}" :size ${toString (config.fontScheme.monospaceFont.size + 2)}) @@ -139,11 +147,23 @@ in { (builtins.readFile ./doom/config.el) ]; onChange = with config.hm.programs; '' - if [[ -x "''${XDG_CONFIG_HOME:~/.config}/emacs/bin/doom" ]]; then + export DOOMDIR="$HOME/.config/doom" + export EMACSDIR="$HOME/.config/emacs" + + if [[ ! -d "$EMACSDIR/.git" ]]; then + ${git.package}/bin/git clone --depth=1 --branch=master \ + "https://github.com/doomemacs/doomemacs" "$EMACSDIR" + fi + + if [[ ! -d "$DOOMDIR" ]]; then + mkdir -p "$DOOMDIR" + fi + + if [[ -x "$EMACSDIR/bin/doom" ]]; then oldpath="$PATH" export PATH="''${PATH:-/bin}:${emacs.package}/bin:${git.package}/bin" - "''${XDG_CONFIG_HOME:~/.config}/emacs/bin/doom" sync + "$EMACSDIR/bin/doom" sync -e -p --force --verbose export PATH="$oldpath" unset oldpath @@ -155,8 +175,7 @@ in { programs.emacs = { enable = true; package = pkgs.emacs28; # Pin to avoid surprises. - # For some reason latest libvterm is not picked up by Emacs. - extraPackages = _: with pkgsStable.emacsPackages; [vterm]; + extraPackages = p: with p; [vterm]; }; }; }; diff --git a/modules/common/emacs/doom/config.el b/modules/common/emacs/doom/config.el index 9284e0b..502ca27 100644 --- a/modules/common/emacs/doom/config.el +++ b/modules/common/emacs/doom/config.el @@ -84,6 +84,8 @@ ;;; Nix ;; +(setq nix-nixfmt-bin "alejandra") + (after! lsp-mode (add-to-list 'lsp-language-id-configuration '(nix-mode . "nix")) (lsp-register-client diff --git a/modules/common/git.nix b/modules/common/git.nix index 2a0554f..c3ebafc 100644 --- a/modules/common/git.nix +++ b/modules/common/git.nix @@ -1,6 +1,8 @@ { config, + inputs, lib, + localUsername ? lib.my.username, pkgs, ... }: @@ -11,6 +13,27 @@ in { mkEnableOption "Git client"; config = mkIf cfg.client.enable { + secrets = let + # HACK Darwin doesn't support XDG specifications. + configHome = "${config.my.home}/.config"; + in { + glab-cli-config = { + file = "${inputs.self}/secrets/glab-cli-config"; + path = "${configHome}/glab-cli/config.yml"; + owner = localUsername; + }; + gh-hosts = { + file = "${inputs.self}/secrets/gh-hosts"; + path = "${configHome}/gh/hosts.yml"; + owner = localUsername; + }; + hut = { + file = "${inputs.self}/secrets/hut"; + path = "${configHome}/hut/config"; + owner = localUsername; + }; + }; + hm = { home.packages = with pkgs; [glab hut]; -- cgit 1.4.1