diff options
author | Franck Cuny <franck@fcuny.net> | 2024-12-16 09:25:23 -0800 |
---|---|---|
committer | Franck Cuny <franck@fcuny.net> | 2024-12-16 09:25:23 -0800 |
commit | 1bbd4e19c5595e6a6c310bd36fac5b4bd97ff39f (patch) | |
tree | e5ec852d0aa9378a5fae766f70d4c133acd5f8d1 | |
parent | move gitotlite to vm-synology (diff) | |
download | world-1bbd4e19c5595e6a6c310bd36fac5b4bd97ff39f.tar.gz |
refactor home-manager
Only install what's needed for specific OSes.
-rw-r--r-- | nix/lib/mkSystem.nix | 5 | ||||
-rw-r--r-- | nix/users/fcuny/1password.nix | 35 | ||||
-rw-r--r-- | nix/users/fcuny/git.nix | 59 | ||||
-rw-r--r-- | nix/users/fcuny/go.nix | 12 | ||||
-rw-r--r-- | nix/users/fcuny/home-manager.nix | 231 | ||||
-rw-r--r-- | nix/users/fcuny/k8s.nix | 33 | ||||
-rw-r--r-- | nix/users/fcuny/shell.nix | 90 | ||||
-rw-r--r-- | nix/users/fcuny/ssh.nix | 38 |
8 files changed, 277 insertions, 226 deletions
diff --git a/nix/lib/mkSystem.nix b/nix/lib/mkSystem.nix index 13e052e..2375adf 100644 --- a/nix/lib/mkSystem.nix +++ b/nix/lib/mkSystem.nix @@ -33,7 +33,10 @@ systemFunc rec { { home-manager.useGlobalPkgs = true; home-manager.useUserPackages = true; - home-manager.users.${user} = import userHMConfig { inputs = inputs; }; + home-manager.users.${user} = import userHMConfig { + inputs = inputs; + darwin = darwin; + }; } inputs.agenix.nixosModules.default diff --git a/nix/users/fcuny/1password.nix b/nix/users/fcuny/1password.nix new file mode 100644 index 0000000..0e16f8e --- /dev/null +++ b/nix/users/fcuny/1password.nix @@ -0,0 +1,35 @@ +{ config, ... }: +let + home = config.home.homeDirectory; + darwinSockPath = + "${home}/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sock"; + sockPath = ".1password/agent.sock"; +in +{ + home.sessionVariables = { SSH_AUTH_SOCK = "${home}/${sockPath}"; }; + + home.file.sock = { + source = config.lib.file.mkOutOfStoreSymlink darwinSockPath; + target = sockPath; + }; + + programs.fish = { + interactiveShellInit = '' + op completion fish | source + ''; + }; + + programs.ssh = { extraConfig = "IdentityAgent ~/${sockPath}"; }; + + # Generate ssh agent config for 1Password + # I want both my personal and work keys + home.file.".config/1Password/ssh/agent.toml".text = '' + [[ssh-keys]] + account = "my.1password.com" + + [[ssh-keys]] + account = "roblox.1password.com" + item = "GitHub ssh key" + vault = "Private" + ''; +} diff --git a/nix/users/fcuny/git.nix b/nix/users/fcuny/git.nix new file mode 100644 index 0000000..6300f36 --- /dev/null +++ b/nix/users/fcuny/git.nix @@ -0,0 +1,59 @@ +{ lib, pkgs, ... }: { + home.packages = with pkgs; [ + gitAndTools.pre-commit + git-credential-manager + gh + ]; + + programs.git = { + enable = true; + userName = "Franck Cuny"; + userEmail = "franck@fcuny.net"; + + aliases = { amend = "commit --amend"; }; + + includes = [ + { + condition = "hasconfig:remote.*.url:git@github.rbx.com:**"; + path = pkgs.writeText "finsitGitConfig" + (lib.generators.toGitINI { user.email = "fcuny@roblox.com"; }); + } + { + condition = "hasconfig:remote.*.url:git@github.com:Roblox/**"; + path = pkgs.writeText "finsitGitConfig" + (lib.generators.toGitINI { user.email = "fcuny@roblox.com"; }); + } + ]; + + extraConfig = { + core.whitespace = "trailing-space,space-before-tab"; + color.ui = "true"; + + # abort if the remote branch does not match the local one + push.default = "simple"; + + # https://adamj.eu/tech/2024/01/18/git-improve-diff-histogram/ + diff.algorithm = "histogram"; + + init.defaultBranch = "main"; + + pull.rebase = true; + rebase = { + # Automatically create a temporary stash entry before the + # operation begins, and apply it after the operation ends. + autoStash = true; + # Print a warning if some commits are removed + missingCommitsCheck = "warn"; + }; + + branch.autosetuprebase = "remote"; + branch.sort = "authordate"; + + url = { + "ssh://git@github.rbx.com/" = { + insteadOf = "https://github.rbx.com/"; + }; + }; + }; + }; +} diff --git a/nix/users/fcuny/go.nix b/nix/users/fcuny/go.nix new file mode 100644 index 0000000..b52f89e --- /dev/null +++ b/nix/users/fcuny/go.nix @@ -0,0 +1,12 @@ +{ config, pkgs, ... }: { + home.packages = with pkgs; [ go-tools golangci-lint gopls delve ]; + + programs.go = { + enable = true; + goPath = ".local/share/pkg.go"; + goBin = ".local/bin.go"; + goPrivate = [ "github.rbx.com/*" "github.com/fcuny/*" "git.fcuny.net/*" ]; + }; + + home.sessionPath = [ config.home.sessionVariables.GOBIN ]; +} diff --git a/nix/users/fcuny/home-manager.nix b/nix/users/fcuny/home-manager.nix index adb3adc..a344151 100644 --- a/nix/users/fcuny/home-manager.nix +++ b/nix/users/fcuny/home-manager.nix @@ -1,4 +1,4 @@ -{ ... }: +{ darwin, ... }: { config, lib, pkgs, ... }: let isLinux = pkgs.stdenv.isLinux; @@ -7,42 +7,11 @@ in { xdg.enable = true; + imports = [ ./shell.nix ./ssh.nix ./git.nix ] + ++ lib.optionals darwin [ ./1password.nix ./go.nix ./k8s.nix ]; + home.packages = with pkgs; [ - # go - go-tools - golangci-lint - gopls - delve - - # docker - dive # explore layers in docker images - - # shell - shellcheck - - # git - gitAndTools.pre-commit - git-credential-manager - gh - - # shell utils - coreutils - direnv - dust - procs - ripgrep - tree - wget - - # network - bandwhich - - # data manipulation - jless - jq - yq - # encryption age @@ -64,198 +33,10 @@ in { nixpkgs-fmt nil # nix lsp - # k8s - kind # k8s in docker - kubebuilder # generate controller - kubectl - kubernetes-helm # deploy applications - kubie # kubeconfig browser https://github.com/sbstp/kubie - kubelogin-oidc # OIDC plugin - k9s # object explorer - + ] ++ (lib.optionals (isLinux) [ htop ]) ++ (lib.optionals (darwin) [ # hashicorp boundary nomad-pack tfswitch - ] ++ (lib.optionals (isLinux) [ htop ]); - - programs.go = { - enable = true; - goPath = ".local/share/pkg.go"; - goBin = ".local/bin.go"; - goPrivate = [ "github.rbx.com/*" "github.com/fcuny/*" "git.fcuny.net/*" ]; - }; - - # an alternative to ls - programs.eza = { - enable = true; - icons = "never"; - enableFishIntegration = false; - extraOptions = [ - "--group-directories-first" - "--no-quotes" - "--git-ignore" - "--icons=never" - ]; - }; - - # an alternative to find - programs.fd = { - enable = true; - hidden = true; - ignores = [ ".git/" ".direnv/" ]; - }; - - programs.direnv = { - enable = true; - nix-direnv.enable = true; - enableZshIntegration = true; - config = { - global.disable_stdin = true; - global.strict_env = true; - }; - }; - - programs.fish = { - enable = true; - interactiveShellInit = '' - set fish_greeting "" - ''; - - shellAbbrs = { ncg = "nix-collect-garbage -d"; }; - shellAliases = { - c = "clear"; - ls = "eza -l -L=1 --git --color=always --group-directories-first"; - la = "eza -la --git --color=always --group-directories-first"; - ll = "eza -la -L=1 --git --color=always --group-directories-first"; - lt = "eza -aT -L=2 --git --color=always --group-directories-first"; - k = "kubectl"; - kctx = "kubie ctx"; - }; - }; - - programs.git = { - enable = true; - userName = "Franck Cuny"; - userEmail = "franck@fcuny.net"; - - aliases = { amend = "commit --amend"; }; - - includes = [ - { - condition = "hasconfig:remote.*.url:git@github.rbx.com:**"; - path = pkgs.writeText "finsitGitConfig" - (lib.generators.toGitINI { user.email = "fcuny@roblox.com"; }); - } - { - condition = "hasconfig:remote.*.url:git@github.com:Roblox/**"; - path = pkgs.writeText "finsitGitConfig" - (lib.generators.toGitINI { user.email = "fcuny@roblox.com"; }); - } - ]; - - extraConfig = { - core.whitespace = "trailing-space,space-before-tab"; - color.ui = "true"; - - # abort if the remote branch does not match the local one - push.default = "simple"; - - # https://adamj.eu/tech/2024/01/18/git-improve-diff-histogram/ - diff.algorithm = "histogram"; - - init.defaultBranch = "main"; - - pull.rebase = true; - rebase = { - # Automatically create a temporary stash entry before the - # operation begins, and apply it after the operation ends. - autoStash = true; - # Print a warning if some commits are removed - missingCommitsCheck = "warn"; - }; - - branch.autosetuprebase = "remote"; - branch.sort = "authordate"; - - url = { - "ssh://git@github.rbx.com/" = { - insteadOf = "https://github.rbx.com/"; - }; - }; - }; - }; - - programs.ssh = { - enable = true; - forwardAgent = true; - serverAliveInterval = 60; - controlMaster = "auto"; - controlPersist = "30m"; - extraConfig = '' - IdentityAgent "~/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sock" - ''; - matchBlocks = { - "personal" = { - hostname = "github.com"; - user = "git"; - forwardAgent = false; - extraOptions = { preferredAuthentications = "publickey"; }; - }; - "github.com" = { - hostname = "github.com"; - user = "git"; - forwardAgent = false; - extraOptions = { preferredAuthentications = "publickey"; }; - }; - "github.rbx.com" = { - hostname = "github.rbx.com"; - user = "git"; - forwardAgent = false; - extraOptions = { preferredAuthentications = "publickey"; }; - }; - }; - }; - - home.sessionPath = [ config.home.sessionVariables.GOBIN ]; - - home.sessionVariables = with config.xdg; { - ASPELL_CONF = "conf ${config.xdg.configHome}/aspell/config;"; - EDITOR = "emacsclient -a="; - HOMEBREW_NO_AUTO_UPDATE = 1; - IPYTHONDIR = "${cacheHome}/ipython"; - LESS = "-FRSXM"; - LESSCHARSET = "utf-8"; - MYPY_CACHE_DIR = "${cacheHome}/mypy"; - PAGER = "less"; - PIP_LOG = "${cacheHome}/pip/pip.log"; - PYLINTHOME = "${cacheHome}/pylint"; - PYTHON_EGG_CACHE = "${cacheHome}/python-eggs"; - SHELL = "${pkgs.fish}/bin/fish"; - VISUAL = "emacsclient -a="; - }; - - # Generate ssh agent config for 1Password - # I want both my personal and work keys - home.file.".config/1Password/ssh/agent.toml".text = '' - [[ssh-keys]] - account = "my.1password.com" - - [[ssh-keys]] - account = "roblox.1password.com" - item = "GitHub ssh key" - vault = "Private" - ''; - - home.file.kubie = { - target = ".kube/kubie.yaml"; - text = '' - shell: fish - configs: - include: - - ~/.kube/rksconfig - prompt: - fish_use_rprompt: true - ''; - }; + ]); } diff --git a/nix/users/fcuny/k8s.nix b/nix/users/fcuny/k8s.nix new file mode 100644 index 0000000..01fb802 --- /dev/null +++ b/nix/users/fcuny/k8s.nix @@ -0,0 +1,33 @@ +{ pkgs, ... }: { + home.packages = with pkgs; [ + kind # k8s in docker + kubebuilder # generate controller + kubectl + kubernetes-helm # deploy applications + kubie # kubeconfig browser https://github.com/sbstp/kubie + kubelogin-oidc # OIDC plugin + k9s # object explorer + + # docker + dive # explore layers in docker images + ]; + + home.file.kubie = { + target = ".kube/kubie.yaml"; + text = '' + shell: fish + configs: + include: + - ~/.kube/rksconfig + prompt: + fish_use_rprompt: true + ''; + }; + + programs.fish = { + shellAliases = { + ukctx = '' + ${pkgs.gh}/bin/gh api "repos/Roblox/prophase/contents/path/to/file" --jq '.content' | base64 -d > ~/.kube/rksconfig''; + }; + }; +} diff --git a/nix/users/fcuny/shell.nix b/nix/users/fcuny/shell.nix new file mode 100644 index 0000000..09fbc40 --- /dev/null +++ b/nix/users/fcuny/shell.nix @@ -0,0 +1,90 @@ +{ config, pkgs, ... }: { + home.packages = with pkgs; [ + # shell + shellcheck + + # shell utils + coreutils + direnv + dust + procs + ripgrep + tree + wget + + # network + bandwhich + + # data manipulation + jless + jq + yq + ]; + + programs.fish = { + enable = true; + interactiveShellInit = '' + # Configure classic prompt + set fish_color_user --bold blue + set fish_color_cwd --bold white + + # Enable colour hints in VCS prompt: + set __fish_git_prompt_showcolorhints yes + set __fish_git_prompt_color_prefix purple + set __fish_git_prompt_color_suffix purple + + set fish_greeting "" + ''; + shellAbbrs = { ncg = "nix-collect-garbage -d"; }; + shellAliases = { + c = "clear"; + ls = "eza -l -L=1 --git --color=always --group-directories-first"; + la = "eza -la --git --color=always --group-directories-first"; + ll = "eza -la -L=1 --git --color=always --group-directories-first"; + lt = "eza -aT -L=2 --git --color=always --group-directories-first"; + k = "kubectl"; + kctx = "kubie ctx"; + }; + }; + + # an alternative to ls + programs.eza = { + enable = true; + icons = "never"; + enableFishIntegration = false; + extraOptions = [ + "--group-directories-first" + "--no-quotes" + "--git-ignore" + "--icons=never" + ]; + }; + + # an alternative to find + programs.fd = { + enable = true; + hidden = true; + ignores = [ ".git/" ".direnv/" ]; + }; + + programs.direnv = { + enable = true; + nix-direnv.enable = true; + enableZshIntegration = true; + config = { + global.disable_stdin = true; + global.strict_env = true; + }; + }; + + home.sessionVariables = { + ASPELL_CONF = "conf ${config.xdg.configHome}/aspell/config;"; + EDITOR = "emacsclient -a="; + HOMEBREW_NO_AUTO_UPDATE = 1; + LESS = "-FRSXM"; + LESSCHARSET = "utf-8"; + PAGER = "less"; + SHELL = "${pkgs.fish}/bin/fish"; + VISUAL = "emacsclient -a="; + }; +} diff --git a/nix/users/fcuny/ssh.nix b/nix/users/fcuny/ssh.nix new file mode 100644 index 0000000..17c2f03 --- /dev/null +++ b/nix/users/fcuny/ssh.nix @@ -0,0 +1,38 @@ +{ ... }: { + # https://github.com/nix-community/home-manager/blob/master/modules/programs/ssh.nix + programs.ssh = { + enable = true; + forwardAgent = true; + serverAliveInterval = 60; + controlMaster = "auto"; + controlPersist = "30m"; + + matchBlocks = { + "personal" = { + hostname = "github.com"; + user = "git"; + forwardAgent = false; + extraOptions = { preferredAuthentications = "publickey"; }; + }; + "github.com" = { + hostname = "github.com"; + user = "git"; + forwardAgent = false; + extraOptions = { preferredAuthentications = "publickey"; }; + }; + "github.rbx.com" = { + hostname = "github.rbx.com"; + user = "git"; + forwardAgent = false; + extraOptions = { preferredAuthentications = "publickey"; }; + }; + "git" = { + hostname = "git.fcuny.net"; + port = 422; + user = "git"; + forwardAgent = false; + extraOptions = { preferredAuthentications = "publickey"; }; + }; + }; + }; +} |