From d048a7b6a225f9e30b2a95e9461f4c267eb29af0 Mon Sep 17 00:00:00 2001 From: Franck Cuny Date: Mon, 4 Mar 2024 16:17:39 -0800 Subject: add configuration for my work machine --- flake.nix | 6 ++++- hosts/common/darwin/homebrew.nix | 7 ++++- hosts/common/darwin/macos.nix | 5 ++++ hosts/work/default.nix | 35 +++++++++++++++++++++++++ nix/flake/hosts.nix | 1 + nix/profiles/home-manager/dev.nix | 16 +++++++----- nix/profiles/home-manager/git.nix | 6 +++++ nix/profiles/home-manager/ssh.nix | 21 +++++++++++++++ nix/profiles/home-manager/work.nix | 53 ++++++++++++++++++++++++++++++++++++++ 9 files changed, 142 insertions(+), 8 deletions(-) create mode 100644 hosts/work/default.nix create mode 100644 nix/profiles/home-manager/work.nix diff --git a/flake.nix b/flake.nix index ab53de9..3a42cd9 100644 --- a/flake.nix +++ b/flake.nix @@ -42,7 +42,11 @@ outputs = inputs: inputs.flake-parts.lib.mkFlake { inherit inputs; } { - systems = [ "aarch64-darwin" "x86_64-linux" ]; + systems = [ + "aarch64-darwin" + "x86_64-darwin" + "x86_64-linux" + ]; imports = [ ./nix/flake/devshell.nix diff --git a/hosts/common/darwin/homebrew.nix b/hosts/common/darwin/homebrew.nix index 0a7a2c9..60fbd6b 100644 --- a/hosts/common/darwin/homebrew.nix +++ b/hosts/common/darwin/homebrew.nix @@ -10,12 +10,17 @@ brews = [ "aspell" # spelling - "kind" # to run local k8s cluster "envoy" # to do some testing with envoy + "go" # it's also installed by nix, but this is a fallback, just in case + "hashicorp/tap/boundary" # https://www.boundaryproject.io/ + "kind" # to run local k8s cluster + "kubebuilder" + "s3cmd" ]; taps = [ "homebrew/cask-fonts" + "hashicorp/tap" ]; casks = [ diff --git a/hosts/common/darwin/macos.nix b/hosts/common/darwin/macos.nix index 810d64d..edc57a0 100644 --- a/hosts/common/darwin/macos.nix +++ b/hosts/common/darwin/macos.nix @@ -8,6 +8,11 @@ system.defaults.finder.AppleShowAllExtensions = true; system.defaults.screencapture.location = "~/Documents/screenshots"; + system.keyboard = { + enableKeyMapping = true; + remapCapsLockToControl = true; + }; + system.defaults.CustomUserPreferences = { "com.apple.desktopservices" = { # Avoid creating .DS_Store files on network or USB volumes diff --git a/hosts/work/default.nix b/hosts/work/default.nix new file mode 100644 index 0000000..ae9a765 --- /dev/null +++ b/hosts/work/default.nix @@ -0,0 +1,35 @@ +{ pkgs, ... }: +let user = "fcuny"; in +{ + services.nix-daemon.enable = true; + + nix = { + package = pkgs.nixFlakes; + + gc = { + user = "root"; + automatic = true; + interval = { Weekday = 0; Hour = 2; Minute = 0; }; + options = "--delete-older-than 30d"; + }; + + settings = { + trusted-users = [ "@admin" "${user}" ]; + experimental-features = [ "nix-command" "flakes" ]; + }; + }; + + # in order to install things like 1password's extensions + nixpkgs.config.allowUnfree = true; + + programs.zsh.enable = true; + + users.users.fcuny.home = "/Users/fcuny"; + + # Touch ID for sudo auth + security.pam.enableSudoTouchIdAuth = true; + + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + home-manager.users.fcuny = import ../../nix/profiles/home-manager/work.nix; +} diff --git a/nix/flake/hosts.nix b/nix/flake/hosts.nix index 2d655d6..7348672 100644 --- a/nix/flake/hosts.nix +++ b/nix/flake/hosts.nix @@ -26,6 +26,7 @@ in { darwinConfigurations = { mba-fcuny = mkDarwinConfig "aarch64-darwin" ../../hosts/mba; + HQ-C02FK3Q7MD6T = mkDarwinConfig "x86_64-darwin" ../../hosts/work; }; } ]; diff --git a/nix/profiles/home-manager/dev.nix b/nix/profiles/home-manager/dev.nix index e0ca68b..6eacdc9 100644 --- a/nix/profiles/home-manager/dev.nix +++ b/nix/profiles/home-manager/dev.nix @@ -22,24 +22,28 @@ in goPath = ".local/share/pkg.go"; goBin = ".local/bin.go"; package = pkgs.go_1_21; + goPrivate = [ "github.rbx.com/roblox/*" "github.com/fcuny/world/*" ]; }; home.packages = with pkgs; [ + # go go-tools golangci-lint gopls + # docker dive # explore layers in docker images - pythonEnv - - kubectl + # shell + shellcheck + # ops google-cloud-sdk + kubectl + tfswitch - rnix-lsp - alejandra - nil + # python + pythonEnv ]; home.sessionPath = [ diff --git a/nix/profiles/home-manager/git.nix b/nix/profiles/home-manager/git.nix index d7b07c3..93909de 100644 --- a/nix/profiles/home-manager/git.nix +++ b/nix/profiles/home-manager/git.nix @@ -35,6 +35,12 @@ branch.sort = "authordate"; commit.template = "${config.xdg.dataHome}/git/commit.template"; + + url = { + "ssh://git@github.rbx.com/" = { + insteadOf = "https://github.rbx.com/"; + }; + }; }; ignores = [ diff --git a/nix/profiles/home-manager/ssh.nix b/nix/profiles/home-manager/ssh.nix index 47aee8a..0ed401e 100644 --- a/nix/profiles/home-manager/ssh.nix +++ b/nix/profiles/home-manager/ssh.nix @@ -10,12 +10,33 @@ IdentityAgent "~/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sock" ''; matchBlocks = { + "personal" = { + hostname = "github.com"; + user = "git"; + forwardAgent = false; + extraOptions = { preferredAuthentications = "publickey"; }; + }; "github.com" = { hostname = "github.com"; user = "git"; forwardAgent = false; extraOptions = { preferredAuthentications = "publickey"; }; }; + "github.rbx.com" = { + hostname = "github.com"; + user = "git"; + forwardAgent = false; + extraOptions = { preferredAuthentications = "publickey"; }; + }; }; }; + + # Generate ssh agent config for 1Password - I want both my personal and work keys + home.file.".config/1Password/ssh/agent.toml".text = '' + [[ssh-keys]] + account = "my.1password.com" + + [[ssh-keys]] + account = "roblox.1password.com" + ''; } diff --git a/nix/profiles/home-manager/work.nix b/nix/profiles/home-manager/work.nix new file mode 100644 index 0000000..d9b0dab --- /dev/null +++ b/nix/profiles/home-manager/work.nix @@ -0,0 +1,53 @@ +{ pkgs, ... }: { + + home.stateVersion = "23.05"; + + imports = [ + ./dev.nix + ./firefox.nix + ./git.nix + ./ssh.nix + ./zsh.nix + ]; + + home.packages = with pkgs; [ + # general shell utils + direnv + ripgrep + tree + wget + + # data manipulation + jless + jq + yq + + # nix related + nil + nix-direnv + nixd + nixfmt + nixpkgs-fmt + rnix-lsp + ]; + + home.sessionVariables = { + EDITOR = "emacsclient -a="; + VISUAL = "emacsclient -a="; + LESS = "-FRSXM"; + LESSCHARSET = "utf-8"; + PAGER = "less"; + }; + + programs = { + direnv = { + enable = true; + nix-direnv.enable = true; + enableZshIntegration = true; + config = { + global.disable_stdin = true; + global.strict_env = true; + }; + }; + }; +} -- cgit 1.4.1