diff --git a/flake.lock b/flake.lock index da4e55b..2c35989 100644 --- a/flake.lock +++ b/flake.lock @@ -43,11 +43,11 @@ ] }, "locked": { - "lastModified": 1748955489, - "narHash": "sha256-OmZXyW2g5qIuo5Te74McwR0TwauCO2sF3/SjGDVuxyg=", + "lastModified": 1744902080, + "narHash": "sha256-px7OEMQYhS9StY3sTYYeM/jJspk6SXgoPU7OmOSx+1c=", "owner": "nix-community", "repo": "home-manager", - "rev": "bb846c031be68a96466b683be32704ef6e07b159", + "rev": "2c71aae678c03a39c2542e136b87bd040ae1b3cb", "type": "github" }, "original": { @@ -79,11 +79,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1748693115, - "narHash": "sha256-StSrWhklmDuXT93yc3GrTlb0cKSS0agTAxMGjLKAsY8=", + "lastModified": 1744463964, + "narHash": "sha256-LWqduOgLHCFxiTNYi3Uj5Lgz0SR+Xhw3kr/3Xd0GPTM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "910796cabe436259a29a72e8d3f5e180fc6dfacc", + "rev": "2631b0b7abcea6e640ce31cd78ea58910d31e650", "type": "github" }, "original": { @@ -94,11 +94,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1748693115, - "narHash": "sha256-StSrWhklmDuXT93yc3GrTlb0cKSS0agTAxMGjLKAsY8=", + "lastModified": 1744463964, + "narHash": "sha256-LWqduOgLHCFxiTNYi3Uj5Lgz0SR+Xhw3kr/3Xd0GPTM=", "owner": "nixos", "repo": "nixpkgs", - "rev": "910796cabe436259a29a72e8d3f5e180fc6dfacc", + "rev": "2631b0b7abcea6e640ce31cd78ea58910d31e650", "type": "github" }, "original": { @@ -115,11 +115,11 @@ "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1748973087, - "narHash": "sha256-ZN0XKKdCBC9eLeog7qYhfGPbajkPtQPdlxp/dhwONw4=", + "lastModified": 1744904898, + "narHash": "sha256-wLepe0sdFFgXUOLY2t+GrfjBquiGFgNydQkQYGh6UwQ=", "owner": "nix-community", "repo": "NUR", - "rev": "90add46380908ba4395f5f1dfec84224a3b0d4b9", + "rev": "9ea0c40c52673079dfe50e82ddbb78679723be05", "type": "github" }, "original": { @@ -144,11 +144,11 @@ ] }, "locked": { - "lastModified": 1747603214, - "narHash": "sha256-lAblXm0VwifYCJ/ILPXJwlz0qNY07DDYdLD+9H+Wc8o=", + "lastModified": 1744669848, + "narHash": "sha256-pXyanHLUzLNd3MX9vsWG+6Z2hTU8niyphWstYEP3/GU=", "owner": "Mic92", "repo": "sops-nix", - "rev": "8d215e1c981be3aa37e47aeabd4e61bb069548fd", + "rev": "61154300d945f0b147b30d24ddcafa159148026a", "type": "github" }, "original": { diff --git a/hosts/morty/home-config.nix b/hosts/morty/home-config.nix index afb756a..d8708ff 100644 --- a/hosts/morty/home-config.nix +++ b/hosts/morty/home-config.nix @@ -1,10 +1,7 @@ { ... }: { config.modules = { application = { - gnupg = { - enable = true; - enableSshSupport = true; - }; + gnupg.enable = true; zathura.enable = true; foot.enable = true; imv.enable = true; diff --git a/modules/home-manager/application/gnupg/default.nix b/modules/home-manager/application/gnupg/default.nix index 53a24f1..ee7b38f 100644 --- a/modules/home-manager/application/gnupg/default.nix +++ b/modules/home-manager/application/gnupg/default.nix @@ -12,51 +12,30 @@ in default = true; description = "install password-store"; }; - - enableSshSupport = mkOption { - type = types.bool; - default = false; - description = "enable GnuPG agent SSH support"; - }; }; config = mkIf cfg.enable { - home.packages = with pkgs; [ - # pinentry-gnome - gcr - ]; + home.packages = with pkgs; [ + # pinentry-gnome + pkgs.gcr + ]; + programs.gpg = { enable = true; scdaemonSettings = { disable-ccid = true; }; - homedir = "${config.xdg.configHome}/gnupg"; }; services.gpg-agent = { enable = true; enableScDaemon = true; enableZshIntegration = true; - pinentry.package = pkgs.pinentry-gnome3; - enableSshSupport = cfg.enableSshSupport; - maxCacheTtl = 60 * 60 * 2; - maxCacheTtlSsh = 60 * 60 * 2; - defaultCacheTtl = 60 * 60; - defaultCacheTtlSsh = 60 * 60; - noAllowExternalCache = true; + pinentryPackage = pkgs.pinentry-gnome3; }; - home.sessionVariablesExtra = lib.mkIf cfg.enableSshSupport '' - if [[ -z "''${SSH_AUTH_SOCK}" ]]; then - export SSH_AUTH_SOCK="$(${config.programs.gpg.package}/bin/gpgconf --list-dirs agent-ssh-socket)" - fi - ''; - - services.ssh-agent.enable = if cfg.enableSshSupport then false else true; programs.password-store = { enable = cfg.pass; }; - - home.file.".local/bin/gpg-attach-key".source = ./files/gpg-attach-key.sh; }; } diff --git a/modules/home-manager/application/gnupg/files/gpg-attach-key.sh b/modules/home-manager/application/gnupg/files/gpg-attach-key.sh deleted file mode 100755 index 2851e85..0000000 --- a/modules/home-manager/application/gnupg/files/gpg-attach-key.sh +++ /dev/null @@ -1,137 +0,0 @@ -#!/usr/bin/env bash - -UUID="1429a4c6-78f5-4f46-98bc-894106b52399" -mountpoint="" - -usage() { - cat <&2 -Attach GPG master key ---- - -$0 [action] [--debug] [--help] - -mount or unmount encrypted device based on UUID and attach GnuPG private keys -to private key directory. Actions can be - - - 'mount' to mount USB device and attach keys - - 'unmount' to remove private keys attached and unmount USB device -EOF -} - -error() { - local message - printf -v message "\e[31mERROR:\e[0m %s\n" "$1" - >&2 printf "%b" "${message}" - show_stack_trace -} - -show_stack_trace() { - if [[ $DEBUG -eq 1 ]]; then - local message - message="└─ \e[1mStack trace\e[0m:\n" - for ((i = 2; i < ${#FUNCNAME[@]} - 1; i++)); do - if [[ $i = $((${#FUNCNAME[@]} - 2)) ]]; then - message="${message} └" - else - message="${message} ├" - fi - message="${message}─ source:\e[3;34m${BASH_SOURCE[$i]}\e[0m" - message="${message} function:\e[3;34m${FUNCNAME[$i]}\e[0m" - message="${message} line:\e[3;34m${BASH_LINENO[$i - 1]}\e[0m\n" - done - >&2 printf "%b" "${message}" - fi -} - -debug() { - local message - if [[ $DEBUG -eq 1 ]]; then - printf -v message "\e[3;34mDEBUG:\e[0m %s\n" "$*" - >&2 printf "%b" "$message" - show_stack_trace - fi -} - -# shellcheck disable=SC2317 -process_args() { - while :; do - case $1 in - -h | --help) - usage - exit 0 - ;; - m | mount) - action="mount" - ;; - u | umount | unmount) - action="unmount" - ;; - -d | --debug) - DEBUG=1 - ;; - *) - break - ;; - esac - shift - done -} - -main() { - if [ ! -L "/dev/disk/by-uuid/${UUID}" ]; then - error "disk with UUID ${UUID} not found" - exit 10 - fi - if [ -z "${GNUPGHOME}" ]; then - error "GNUPGHOME env variable not set, can't determine gnuph home directory" - exit 11 - fi - key_destination="${GNUPGHOME}/private-keys-v1.d" - - case "$action" in - "mount") - debug "Mount encryted key" - if ! udisksctl unlock -b /dev/disk/by-uuid/${UUID}; then - error "Unlock disk ${UUID} failed" - exit 10 - fi - mountpoint=$(udisksctl mount -b /dev/mapper/luks-${UUID} | awk '{print $4}') - - while read -r key_file; do - - debug "Create symlink for ${key_file}" - base=$(basename "$key_file") - - #create symlink to key file if not exist - if [ ! -e "${key_destination}/${base}" ]; then - ln -s "$key_file" "${key_destination}/${base}" - fi - done < <(find "${mountpoint%.}/.gpg_master/" -type f -name "*.key") - ;; - - "unmount") - debug "unmount encrypted key" - while read -r key_file; do - debug "Remove key \`${key_file}\`" - rm "$key_file" - done < <(find "${key_destination}" -type l -name "*.key") - - if ! udisksctl unmount -b /dev/mapper/luks-${UUID} 2 &>/dev/null; then - error "Can't unmount volume \`luks-${UUID}\`" - fi - - if ! udisksctl lock -b /dev/disk/by-uuid/${UUID} 2 &>/dev/null; then - error "Can't lock device \`${UUID}\`" - fi - ;; - *) - error "What do you want, mount or unmount:" - usage - exit 1 - ;; - esac -} - -process_args "$@" -main -exit 0 diff --git a/modules/home-manager/cli/vifm/default.nix b/modules/home-manager/cli/vifm/default.nix index c499ca6..5f4aefa 100644 --- a/modules/home-manager/cli/vifm/default.nix +++ b/modules/home-manager/cli/vifm/default.nix @@ -14,11 +14,11 @@ in poppler_utils # Preview PDF file ]; programs.zsh = { - initContent = '' + initExtra = '' cdv() { cd "$(vifm --choose-dir - "$@")" } - openv() { + openv() { xdg-open "$(vifm --choose-file - "$@")" } diff --git a/modules/home-manager/cli/zsh/default.nix b/modules/home-manager/cli/zsh/default.nix index 108dd36..f8e5977 100644 --- a/modules/home-manager/cli/zsh/default.nix +++ b/modules/home-manager/cli/zsh/default.nix @@ -60,7 +60,7 @@ in "\\n" = "fg=#7cafc2"; }; }; - initContent = '' + initExtra = '' # Ctrl + backspace: delete word bindkey -v "^H" backward-kill-word diff --git a/modules/home-manager/desktop/sway/includes/mako.nix b/modules/home-manager/desktop/sway/includes/mako.nix index 323e831..d3e293e 100644 --- a/modules/home-manager/desktop/sway/includes/mako.nix +++ b/modules/home-manager/desktop/sway/includes/mako.nix @@ -13,36 +13,35 @@ with lib; }; services.mako = { enable = true; - settings = { - font = "Fira Code Nerd Font 10"; - backgroundColor = "#353535FF"; - borderColor = "#1CD180"; - progressColor = "over #5566AAFF"; - textColor = "#FDFDFD"; - width = 300; - height = 100; - borderRadius = 0; - borderSize = 2; - icons = true; - maxIconSize = 64; - layer = "overlay"; - anchor = "top-right"; - format = '' - %a\n%s\n%b - ''; - "urgency=high" = { - border-color = "#F268b3"; - }; - "app-name=cmus" = { - border-size = 1; - default-timeout = 7000; - group-by = "app-name"; - format= "%b"; - }; - "app-name=cmus grouped" = { - format = "%b"; - }; - }; + font = "Fira Code Nerd Font 10"; + backgroundColor = "#353535FF"; + borderColor = "#1CD180"; + progressColor = "over #5566AAFF"; + textColor = "#FDFDFD"; + width = 300; + height = 100; + borderRadius = 0; + borderSize = 2; + icons = true; + maxIconSize = 64; + layer = "overlay"; + anchor = "top-right"; + format = '' + %a\n%s\n%b + ''; + extraConfig = '' + [urgency="high"] + border-color=#F268b3 + + [app-name="cmus"] + border-size=1 + default-timeout=7000 + group-by=app-name + format=%b + + [app-name="cmus" grouped] + format=%b + ''; }; }; } diff --git a/modules/home-manager/desktop/sway/includes/sway.nix b/modules/home-manager/desktop/sway/includes/sway.nix index 004322b..b94019e 100644 --- a/modules/home-manager/desktop/sway/includes/sway.nix +++ b/modules/home-manager/desktop/sway/includes/sway.nix @@ -169,20 +169,6 @@ in app_id = "^.*"; }; } - { - command = "resize set 70ppt 70ppt, border pixel 2"; - criteria = { - title = "^Open .*$"; - }; - }]; - }; - floating = { - border = 2; - titlebar = false; - criteria = [ - { - title = "^Open .*$"; - } ]; }; gaps = { @@ -210,6 +196,7 @@ in default_orientation auto workspace_layout default font pango:Fira Code Nerd Font Mono 10 + default_border pixel 1 title_align right ''; }; diff --git a/nixos/includes/system/sshclient.nix b/nixos/includes/system/sshclient.nix new file mode 100644 index 0000000..06098ba --- /dev/null +++ b/nixos/includes/system/sshclient.nix @@ -0,0 +1,11 @@ +{pkgs, ...}: +{ + environment.systemPackages = with pkgs; [ + lxqt.lxqt-openssh-askpass + ]; + programs.ssh = { + startAgent = false; + enableAskPassword = true; + askPassword = "${pkgs.lxqt.lxqt-openssh-askpass}/bin/lxqt-openssh-askpass"; + }; +} diff --git a/nixos/includes/system/user.nix b/nixos/includes/system/user.nix index a4ef445..b3f2970 100644 --- a/nixos/includes/system/user.nix +++ b/nixos/includes/system/user.nix @@ -1,17 +1,17 @@ -{ pkgs, username, ... }: +{ config, pkgs, username, ... }: { # Services services.pcscd.enable = true; # Programs - programs.ssh.startAgent = false; + programs.ssh.startAgent = true; programs.zsh.enable = true; - # Needed for home-manager systemd service + # Needed for home-manager systemd service programs.dconf.enable = true; - - # Configs + + # Configs fonts.fontconfig.enable = true; - + users.users.${username} = { shell = pkgs.zsh; isNormalUser = true;