wtf is happening

2024-03-12 01:43:35 -05:00 · 2024-03-12 01:43:35 -05:00 · 16da7ed48b
commit 16da7ed48b
parent 91e0976cda
9 changed files with 58 additions and 21 deletions
--- a/flake.lock
+++ b/flake.lock
@ -110,11 +110,11 @@
    },
    "nixpkgs": {
      "locked": {
-        "lastModified": 1709884566,
+        "lastModified": 1710197026,
-        "narHash": "sha256-NSYJg2sfdO/XS3L8XN/59Zhzn0dqWm7XtVnKI2mHq3w=",
+        "narHash": "sha256-0OdO4FsI7isTUKIGoFF6YRSp0H9oRAnb9ET1SlNu5G4=",
        "owner": "nixos",
        "repo": "nixpkgs",
-        "rev": "2be119add7b37dc535da2dd4cba68e2cf8d1517e",
+        "rev": "9c1dfe2db4be1095cc221e97a54323bc55d42696",
        "type": "github"
      },
      "original": {
--- a/flake.nix
+++ b/flake.nix
@ -21,10 +21,11 @@
    # home-manager = { };
  };
-  outputs = { self, nypkgs, nixpkgs, ragenix, ... } @ args:
+  outputs = { self, nypkgs, nixpkgs, ... } @ inputs:
    let
      nixosSystem = nixpkgs.lib.nixosSystem;
      mkMerge = nixpkgs.lib.mkMerge;
      settings = {
        system = {
          hostname = "gpdPocket3";
@ -39,21 +40,20 @@
            name = "RingOfStorms (Joshua Bell)";
          };
        };
        usersDir = ./users;
        systemsDir = ./systems;
        commonDir = ./_common;
        flakeDir = ./.;
        secretsDir = ./secrets;
        systemsDir = ./systems;
        usersDir = ./users;
      };
      ypkgs = nypkgs.legacyPackages.${settings.system.architecture};
      ylib = ypkgs.lib;
      ragenixPkg = ragenix.packages.${settings.system.architecture}.default;
    in
    {
      nixosConfigurations.${settings.system.hostname} = nixosSystem {
        system = settings.system.architecture;
        modules = [ ./systems/_common/configuration.nix ./systems/${settings.system.hostname}/configuration.nix ];
-        specialArgs = args // { inherit settings; inherit ylib; inherit ragenixPkg; };
+        specialArgs = inputs // { inherit settings; inherit ylib; };
      };
      # homeConfigurations = { };
    };
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@ -6,8 +6,6 @@
 # from authority
 # `nix run github:yaxitech/ragenix/ -- -i ~/.ssh/ragenix_authority --rules /etc/nixos/secrets/secrets.nix` <-r(eykey)|-e(edit) <File>>
 # Creating a new secret: 
 let
  publicKeys = [
    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBdG4tG18VeuEr/g4GM7HWUzHuUVcR9k6oS3TPBs4JRF ragenix authority key"
--- a/systems/_common/configuration.nix
+++ b/systems/_common/configuration.nix
@ -1,4 +1,4 @@
-{ config, lib, pkgs, settings, ylib, ragenixPkg, ... }:
+{ config, lib, pkgs, settings, ylib, ... } @ args:
 let
  home-manager = builtins.fetchTarball {
    url = "https://github.com/nix-community/home-manager/archive/release-23.11.tar.gz";
@ -14,6 +14,7 @@ in
      (/${settings.systemsDir}/${settings.system.hostname}/hardware-configuration.nix)
      # home manager import
      (import "${home-manager}/nixos")
      # ./ragenix.nix
    ];
  # Enable flakes
@ -23,7 +24,7 @@ in
  security.polkit.enable = true;
  home-manager.useUserPackages = true;
  home-manager.useGlobalPkgs = true;
-  home-manager.extraSpecialArgs = { inherit settings; inherit ylib; };
+  home-manager.extraSpecialArgs = args;
  # ==========
  #   Common
@ -61,9 +62,6 @@ in
    git
    fzf
    ripgrep
    # nix secrets
    ragenixPkg
  ];
  environment.shellAliases = {
--- a/systems/_common/ragenix.nix
+++ b/systems/_common/ragenix.nix
@ -0,0 +1,23 @@
 # TODO check out the by host way this person does: https://github.com/hlissner/dotfiles/blob/089f1a9da9018df9e5fc200c2d7bef70f4546026/modules/agenix.nix
 { settings, lib, inputs, ... }:
 let
  secretsDir = "${settings.secretsDir}";
  secretsFile = "${secretsDir}/secrets.nix";
 in
 {
  # imports = [ inputs.ragenix.nixosModules.age ];
  environment.systemPackages = [ inputs.ragenix.defaultPackage.${settings.system.architecture} ];
  # age = {
  #   secrets =
  #     if pathExists secretsFile
  #     then
  #       mapAttrs'
  #         (n: _: nameValuePair (removeSuffix ".age" n) {
  #           file = "${secretsDir}/${n}";
  #           owner = mkDefault settings.user.username; # TODO and root? or does that matter...
  #         })
  #         (import secretsFile)
  #     else { };
  # };
 }
--- a/users/_common/home.nix
+++ b/users/_common/home.nix
@ -5,8 +5,9 @@
  home.username = settings.user.username;
  home.homeDirectory = "/home/${settings.user.username}";
-  # We always want a standard ssh key-pair used for secret management, create it if not there.
+  imports = ylib.umport {
-  home.activation.generateSshKey = lib.hm.dag.entryAfter [ "writeBoundary" ] (import ./generate_ssh_key.nix args);
+    paths = [ ./programs ];
-
+    recursive = true;
-  imports = ylib.umport { paths = [ ./programs ]; recursive = true; };
+    exclude = [ ./programs/ssh/generate_ssh_key.nix ];
  };
 }
--- a/users/_common/programs/ssh/generate_ssh_key.nix
+++ b/users/_common/programs/ssh/generate_ssh_key.nix
--- a/users/_common/programs/ssh/ssh.nix
+++ b/users/_common/programs/ssh/ssh.nix
@ -0,0 +1,17 @@
 { lib, ... } @ args:
 {
  # We always want a standard ssh key-pair used for secret management, create it if not there.
  home.activation.generateSshKey = lib.hm.dag.entryAfter [ "writeBoundary" ] (import ./generate_ssh_key.nix args);
  programs.ssh = {
    enable = true;
    matchBlocks = {
      github = {
        hostname = "github.com";
        # TODO lEFT OFF HERE TRYING TO GET THIS TO WORK
        # identityFile = age.secrets.test1.file;
      };
    };
  };
 }
--- a/users/josh/home.nix
+++ b/users/josh/home.nix
@ -1,4 +1,4 @@
-{ settings, ylib, ... } @ _args:
+{ settings, ylib, ... }:
 {
  imports =
    # Common settings all users share