diff --git a/.sops.yaml b/.sops.yaml deleted file mode 100644 index aa3f5f4..0000000 --- a/.sops.yaml +++ /dev/null @@ -1,14 +0,0 @@ -# This example uses YAML anchors which allows reuse of multiple keys -# without having to repeat yourself. -# Also see https://github.com/Mic92/dotfiles/blob/master/nixos/.sops.yaml -# for a more complex example. -keys: - - &ephase 26D5035DF6B4BE70F2B51B4C178139E02D2ACF00 - - &luci age19kvatn3zpeqh9zy7u8ce0hqe7dyaesxrukewxt8u7pf4cqkj5dfqm5nlwy -creation_rules: - - path_regex: secrets/[^/]+\.(yaml|json|env|ini)$ - key_groups: - - age: - - *luci - pgp: - - *ephase diff --git a/flake.lock b/flake.lock index 398d504..d5012c7 100644 --- a/flake.lock +++ b/flake.lock @@ -71,22 +71,6 @@ "type": "indirect" } }, - "nixpkgs-stable": { - "locked": { - "lastModified": 1725762081, - "narHash": "sha256-vNv+aJUW5/YurRy1ocfvs4q/48yVESwlC/yHzjkZSP8=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "dc454045f5b5d814e5862a6d057e7bb5c29edc05", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "release-24.05", - "repo": "nixpkgs", - "type": "github" - } - }, "nur": { "locked": { "lastModified": 1725115514, @@ -107,29 +91,7 @@ "home-manager": "home-manager", "nixgl": "nixgl", "nixpkgs": "nixpkgs", - "nur": "nur", - "sops-nix": "sops-nix" - } - }, - "sops-nix": { - "inputs": { - "nixpkgs": [ - "nixpkgs" - ], - "nixpkgs-stable": "nixpkgs-stable" - }, - "locked": { - "lastModified": 1726524647, - "narHash": "sha256-qis6BtOOBBEAfUl7FMHqqTwRLB61OL5OFzIsOmRz2J4=", - "owner": "Mic92", - "repo": "sops-nix", - "rev": "e2d404a7ea599a013189aa42947f66cede0645c8", - "type": "github" - }, - "original": { - "owner": "Mic92", - "repo": "sops-nix", - "type": "github" + "nur": "nur" } } }, diff --git a/flake.nix b/flake.nix index 8d89bce..6549eb4 100644 --- a/flake.nix +++ b/flake.nix @@ -11,18 +11,14 @@ url = "github:nix-community/home-manager"; inputs.nixpkgs.follows = "nixpkgs"; }; - sops-nix = { - url = "github:Mic92/sops-nix"; - inputs.nixpkgs.follows = "nixpkgs"; - }; }; - outputs = { self, nixpkgs, home-manager, nur, nixgl, sops-nix, ... }@inputs: + outputs = { self, nixpkgs, home-manager, nur, nixgl, ... }@inputs: let stateVersion = "23.11"; allSystems = [ - "x86_64-linux" # 64bit AMD/Intel x86 - "aarch64-linux" # 64bit ARM Linux + "x86_64-linux" # 64bit AMD/Intel x86 + "aarch64-linux" # 64bit ARM macOS ]; forAllSystems = fn: @@ -32,16 +28,14 @@ in { devShells = forAllSystems ({ pkgs }: { default = pkgs.mkShell { name = "nixfiles"; - buildInputs = [ - pkgs.sops - pkgs.age + buildInputs = [ pkgs.shellcheck pkgs.shfmt pkgs.lefthook pkgs.go-task pkgs.convco pkgs.typos - pkgs.home-manager + pkgs.home-manager ]; }; }); @@ -52,6 +46,9 @@ in { inherit stateVersion inputs; hostname = "morty"; username = "ephase"; + hostConfig = { + desktop = true; + }; }; modules = [ ./nixos/default.nix @@ -64,6 +61,9 @@ in { inherit stateVersion inputs; hostname = "mrmeeseeks"; username = "ephase"; + hostConfig = { + desktop = true; + }; }; modules = [ ./nixos/default.nix diff --git a/home-manager/base.nix b/home-manager/base.nix deleted file mode 100644 index 13a4a20..0000000 --- a/home-manager/base.nix +++ /dev/null @@ -1,13 +0,0 @@ -{ lib, hostname, ...}: -{ - programs.home-manager.enable = true; - home.sessionPath = [ - "$HOME/.local/bin" - ]; - imports = [ - ../hosts/${hostname}/home-config.nix - ../modules/home-manager/default.nix - ] ++ lib.optional ( - builtins.pathExists ../hosts/${hostname}/includes/home-manager.nix - ) ../hosts/${hostname}/includes/home-manager.nix; -} diff --git a/home-manager/default.nix b/home-manager/default.nix index 6470228..50f33fa 100644 --- a/home-manager/default.nix +++ b/home-manager/default.nix @@ -1,12 +1,18 @@ -{ stateVersion, username, inputs, ... }: +{ lib, stateVersion, username, hostname, ... }: { - home.stateVersion = stateVersion; home.username = "${username}"; home.homeDirectory = "/home/${username}"; - fonts.fontconfig.enable = true; - imports = [ - inputs.sops-nix.homeManagerModules.sops - ./base.nix - ../nixos/includes/system/overlay.nix + home.stateVersion = stateVersion; + programs.home-manager.enable = true; + fonts.fontconfig.enable = true; + home.sessionPath = [ + "$HOME/.local/bin" ]; + imports = [ + ../nixos/includes/system/overlay.nix + ../hosts/${hostname}/home-config.nix + ../modules/home-manager/default.nix + ]++ lib.optional ( + builtins.pathExists ../hosts/${hostname}/includes/home-manager.nix + ) ../hosts/${hostname}/includes/home-manager.nix; } diff --git a/hosts/luci/home-config.nix b/hosts/luci/home-config.nix index dc82f2b..7693c35 100644 --- a/hosts/luci/home-config.nix +++ b/hosts/luci/home-config.nix @@ -24,7 +24,6 @@ web.qutebrowser.enable = true; web.webcord.enable = true; gaming.lutris.enable = false; - accounts.dav.enable = true; desktop.sway = { enable = true; kanshi = true; diff --git a/hosts/luci/includes/home-manager.nix b/hosts/luci/includes/home-manager.nix index 78957fc..5ebec63 100644 --- a/hosts/luci/includes/home-manager.nix +++ b/hosts/luci/includes/home-manager.nix @@ -1,4 +1,4 @@ -{ ... }: +_: { ## Specific host home manager configuration wayland.windowManager.sway.config = { @@ -16,5 +16,4 @@ }; }; }; - sops.age.keyFile = "/home/ephase/.config/sops/age/keys.txt"; } diff --git a/modules/home-manager/accounts/dav/default.nix b/modules/home-manager/accounts/dav/default.nix deleted file mode 100644 index 1282443..0000000 --- a/modules/home-manager/accounts/dav/default.nix +++ /dev/null @@ -1,133 +0,0 @@ -{ lib, config, ... }: -with lib; -let - cfg = config.modules.accounts.dav; - vdirsyncerConf = { - enable = true; - auth = "basic"; - userNameCommand = [ - "cat" - "${config.sops.secrets."webdav/username".path}" - ]; - }; -in -{ - options.modules.accounts.dav = { - enable = mkEnableOption "enable personal Caldav / CardDav"; - }; - config = mkIf cfg.enable { - - ## Manage secrets used in this module - sops = { - secrets = { - "webdav/url/caldav" = { - sopsFile = ../../../../secrets/accounts.yaml; - }; - "webdav/url/carddav" = { - sopsFile = ../../../../secrets/accounts.yaml; - }; - "webdav/username" = { - sopsFile = ../../../../secrets/accounts.yaml; - }; - "webdav/password" = { - sopsFile = ../../../../secrets/accounts.yaml; - }; - }; - }; - - accounts.calendar.basePath = ".local/share/calendars"; - accounts.calendar.accounts.personal_calendars = { - name = "personal_calendar"; - remote.type = "caldav"; - remote.passwordCommand = [ - "cat" - "${config.sops.secrets."webdav/password".path}" - ]; - vdirsyncer = vdirsyncerConf // { - metadata = [ - "color" - "displayname" - ]; - itemTypes = [ - "VTODO" - "VEVENT" - ]; - urlCommand = [ - "cat" - "${config.sops.secrets."webdav/url/caldav".path}" - ]; - collections = [ - "from a" - "from b" - ]; - }; - khal = { - enable = true; - type = "discover"; - color = "auto"; - }; - }; - - accounts.contact.basePath = ".local/share/contacts"; - accounts.contact.accounts.personal_contacts = { - remote.type = "carddav"; - remote.passwordCommand = [ - "cat" - "${config.sops.secrets."webdav/password".path}" - ]; - local.type = "filesystem"; - local.fileExt = ".vcf"; - vdirsyncer = vdirsyncerConf // { - - metadata = [ - "displayname" - ]; - urlCommand = [ - "cat" - "${config.sops.secrets."webdav/url/carddav".path}" - ]; - }; - khal = { - enable = true; - color = "#26A269"; - }; - khard = { - enable = true; - }; - }; - programs.vdirsyncer.enable = true; - services.vdirsyncer = { - enable = true; - frequency = "*:0/15"; - }; - programs.khal = { - enable = true; - locale = { - dateformat = "%Y.%m.%d"; - datetimeformat = "%Y.%m.%d %H:%M"; - longdateformat = "%d %B %Y"; - longdatetimeformat = "%d %B %Y %H:%M"; - timeformat = "%H:%M"; - }; - settings = { - default = { - highlight_event_days = true; - }; - view = { - frame = "color"; - blank_line_before_day = true; - }; - }; - }; - programs.khard = { - enable = true; - settings = { - general = { - default_action = "list"; - editor = ["nvim" "-i" "NONE"]; - merge_editor = [ "nvim" "-d" ]; - }; - }; - }; - }; -} diff --git a/modules/home-manager/default.nix b/modules/home-manager/default.nix index c9346df..eee7b36 100644 --- a/modules/home-manager/default.nix +++ b/modules/home-manager/default.nix @@ -21,6 +21,5 @@ ./web/firefox ./web/qutebrowser/default.nix ./web/webcord - ./accounts/dav ]; } diff --git a/nixos/default.nix b/nixos/default.nix index 983345b..a32272a 100644 --- a/nixos/default.nix +++ b/nixos/default.nix @@ -1,4 +1,4 @@ -{ inputs, pkgs, stateVersion, hostname, username, hostConfig, ... }: +{ pkgs, lib, stateVersion, hostname, username, hostConfig, ... }: { imports = [ # Include the results of the hardware scan. ../hosts/${hostname}/hardware-configuration.nix @@ -43,17 +43,20 @@ inherit hostConfig; inherit hostname; }; - - # NixOS system-wide home-manager configuration - sharedModules = [ - inputs.sops-nix.homeManagerModules.sops - ]; - users.${username} = { home.stateVersion = stateVersion; - imports = [ - ../home-manager/base.nix + programs.home-manager.enable = true; + + home.sessionPath = [ + "$HOME/.local/bin" ]; + + imports = [ + ../hosts/${hostname}/home-config.nix + ../modules/home-manager/default.nix + ] ++ lib.optional ( + builtins.pathExists ../hosts/${hostname}/includes/home-manager.nix + ) ../hosts/${hostname}/includes/home-manager.nix; }; }; diff --git a/secrets/accounts.yaml b/secrets/accounts.yaml deleted file mode 100644 index f1d11e4..0000000 --- a/secrets/accounts.yaml +++ /dev/null @@ -1,46 +0,0 @@ -webdav: - url: - caldav: ENC[AES256_GCM,data:UMoSLlEhxtJ/80wIQlGaqfu/OI4JXodSLYySwAyJJg==,iv:WTGZ8mq3huVEPMNOBDGdghy994Z5vCzvVDMvp5djnlw=,tag:s34QZVjqvNiQT/P9SVCeUw==,type:str] - carddav: ENC[AES256_GCM,data:oGLZ4c02b4wiYCqhyQzC1NG210BUpSpSqibi7xvtIjHhW/X4wvYU5QPm2VKCrJYpvqIEeiah1TDwvByqLpBz5d8Ucyme,iv:cwaWTvdS5eEGmwm5+n2N31ajzAXPix4woXECUqXtk3E=,tag:jRK3viRDzwd5JmNh6UVt2A==,type:str] - username: ENC[AES256_GCM,data:Z/QVE3Di,iv:pRBgv/K+VzbF5/iaftTDoxZWjvVztPznLJ5LKpKQaoM=,tag:rCw9mLFtzhpp5vO5eVKqvA==,type:str] - password: ENC[AES256_GCM,data:X7hjL2VczjPGKF4n2g==,iv:BwqXZ3h+EIHU+Cvx8gDYhgd2NiBkednUz+ksp40sYas=,tag:ngbtcYsfOxvTTcftBE+lMg==,type:str] -sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age19kvatn3zpeqh9zy7u8ce0hqe7dyaesxrukewxt8u7pf4cqkj5dfqm5nlwy - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJRk1KamJ3clA4QTBZT3BL - blZGaVNQb2tWMTkrWUxicm9PdXV6RTJJbXh3ClJJQTJON3BBRGJ4RWg1UnRQNVoy - bFllM0E1djlOUTVRQ1lZc1JEQS9YNXcKLS0tIEhac3FpUVd6TW9pbUMyNlAzbk5P - dGZkOExNbTRuS0NvaDgzUmlFRVNvckEK7PSVxtaDd/3yWIIuAMcX586imRu/On09 - duwFZ5btOY2fxNYgV9sCG7Vr+OGCO8n9OWBS9hLy7MJwAzi/f5l7Fg== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-07-20T16:25:53Z" - mac: ENC[AES256_GCM,data:4vNjXD26LeHv00B4gDumkUzq7Us9HRWv79Wq3iyTeDjKOXw9lluIQIZsDB1aQS90dTNCEvlbZ6pt1oHRqGySpDcKHId6rsUy9qkeLl683haKKilT47ABpGiMd2sY6xL1FQPiXMH4qc7wxh+EuS0N6Y+mgIY9Kn0qP6ion1s/lqs=,iv:JZ5lnJKBXQeKadihHyItueHDO6zULVMLSPmGCe+Qlz4=,tag:+bh08XI2TWov6yQJ1+KtoA==,type:str] - pgp: - - created_at: "2024-06-24T20:12:19Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA9/d8qUtz+3ZAQ/7BoojnrnGgF4TEnFTJMWVy229Cx1knABVot45A1frFWmS - kwIGPGQPlCjGF4tyIOmBy8WpQWBuKffYakCC/OklHCyfnLjsyhcR+MSqDVzqMmy3 - dEThTcGPRCerM1Mu8oWPk0yq5AKzuJagr9+4ITrljsh6tRwA4qmfKxQ6BZhGPQHJ - 3FZwcQHfaDkuag3o5swNKHX//MIZwEDyXJHKgeTUPhENzc0POdjPU5CZN0HBU4ep - 98PJAlAiDKyYSQkg1MfOWvCllyfvhGPzTLEPq5jazqpc7lgNKxJGU5kTnUUi2fKS - gCJdqRlMBO/3S8wUZg0gIsw1+OwmfL0y99MeMP1ggGaqFkGs6Pqj7sRd6/QcuP0l - w2QZgB9S6DOUkfy5m5Xw7VboE2aAX4BOrWNJVDy//358322xxuqZdbp3pIjnsmt/ - b2gTZb1eGK/o5GmXfgzCf7In1b3wldg/ZSHyxGct1CJIgNBb1nFDMmyVI9J5zER0 - 2ZTflNfN/cxttW2BvGRoL3fWXnO+ThLHz1q1WWWCOC7TLTnESOtAueSCTlrMcij/ - 7zL7Wc98JgdAuxhznMjiYqY9nZK48jhBCBOdC0uool/FNElcStUaOq1O3HRo5qoi - s277Wqtp0uZqeLBxgNEGwicEDm9BbrVzH9egYGMaPJI6STIJYduJXBegnPf5KFXS - XgHTJyK7u9MrZ58kkiT95455NEqQd27JMqmsGwReX6/LpYs5KJJGT4qGNab8GM5A - VMniFb1GOXIOxSbYgfkgaHc+zK43O5UwBwegOneTC6ak/CQYvD9xQS94FKqwF10= - =7pZ/ - -----END PGP MESSAGE----- - fp: 26D5035DF6B4BE70F2B51B4C178139E02D2ACF00 - unencrypted_suffix: _unencrypted - version: 3.8.1