diff --git a/secrets/test1.age b/secrets/test1.age deleted file mode 100644 index 2204055..0000000 --- a/secrets/test1.age +++ /dev/null @@ -1,15 +0,0 @@ ------BEGIN AGE ENCRYPTED FILE----- -YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBKcmZV -NGJQYmVUeVYrQ2JaV0lmMkhMUFN1S0Rwa29ZYU5FbFQwbWtMbWtnCitlZXlQYkZr -TDViemxOaXUxYUhsYjM5WElBRno0UGF0OXc0Qys3WnlRc0UKLT4gc3NoLWVkMjU1 -MTkgSjkxOXNRIFg4K09yZS81YXhGeDJJUFArMVhHaHc5dzBTOGlEdXRqbk5lMmNN -NUMyV1kKV2V3WGwzK2RESXhvR2VBMG9lY082SngxTGxXNU94Mys5aStaM1grNWR0 -OAotPiBzc2gtZWQyNTUxOSBlNmUwbFEgNGxJbGpKNUJ3YkhGbkhGdStIOE1oVVVy -S1pJdTNpMGZtOWtHOGo4VjRENApEQWlBTkVEWEdVbE1CSGNUM1hlcnJjQWUxNU9V -Z1ZxVExjaEdGazQwQ2dJCi0+IFduYm4ueC1ncmVhc2UgVkggNDI5fU1FIGInTgpB -NzJuN01JU1REOE1Vc3U2NkdudjJNb2svVTgwTUdFSXNodjdQVWxraVAyMU5LTkw3 -SDQ3bXlYUnNjeERIVHArClFUY3gwK1pXTTVlSjh3YXFtVEVhY1VCRm1HTmsrQ25r -cG5wbEZnbwotLS0gMG9mM0RjQ1NmMWlGSkRTMzZTbjBXRUcrVVdZa0g1dFJRaHJO -b09HRTJrVQr7a6J+H3U+cSUTVgwj8kN/BvANiKufv5UsJTxwfZD3YT7K49O5OfR5 -/RXQwUU8GUM9b9BCkroA4fB1NJoU9pc= ------END AGE ENCRYPTED FILE----- diff --git a/systems/_common/configuration.nix b/systems/_common/configuration.nix index 3882b63..4e597e6 100644 --- a/systems/_common/configuration.nix +++ b/systems/_common/configuration.nix @@ -1,4 +1,4 @@ -{ config, lib, pkgs, settings, ylib, ... } @ args: +{ config, lib, pkgs, settings, ylib, ... } @ inputs: let home-manager = builtins.fetchTarball { url = "https://github.com/nix-community/home-manager/archive/release-23.11.tar.gz"; @@ -24,7 +24,7 @@ in security.polkit.enable = true; home-manager.useUserPackages = true; home-manager.useGlobalPkgs = true; - home-manager.extraSpecialArgs = { inherit settings; inherit ylib; inherit (args) ragenix; }; + home-manager.extraSpecialArgs = { inherit settings; inherit ylib; inherit (inputs) ragenix; inherit (config) age; }; # ========== # Common diff --git a/systems/_common/ragenix.nix b/systems/_common/ragenix.nix index 62f7271..51a3469 100644 --- a/systems/_common/ragenix.nix +++ b/systems/_common/ragenix.nix @@ -20,8 +20,8 @@ in # (import secretsFile) # else { }; { - test1 = { - file = /${settings.secretsDir}/test1.age; + nix2github = { + file = /${settings.secretsDir}/nix2github.age; owner = settings.user.username; }; }; diff --git a/systems/gpdPocket3/configuration.nix b/systems/gpdPocket3/configuration.nix index 6e08e53..0303b9a 100644 --- a/systems/gpdPocket3/configuration.nix +++ b/systems/gpdPocket3/configuration.nix @@ -1,12 +1,11 @@ { config, lib, pkgs, settings, ... } @ args: -let - homeManagerUser = import "${settings.usersDir}/${settings.user.username}/home.nix"; -in { imports = [ # Our custom stuff ./stupid-keyboard.nix + (settings.usersDir + "/root/configuration.nix") + (settings.usersDir + "/josh/configuration.nix") ]; # Use the systemd-boot EFI boot loader. @@ -88,20 +87,6 @@ in (nerdfonts.override { fonts = [ "JetBrainsMono" ]; }) ]; - users.users.root.initialPassword = "password1"; - users.users.${settings.user.username} = { - initialPassword = "password1"; - isNormalUser = true; - extraGroups = [ "wheel" "networkmanager" "video" "input" ]; - shell = pkgs.zsh; - }; - # TODO how to do this from home manager file instead - environment.pathsToLink = [ "/share/zsh" ]; - programs.zsh = { - enable = true; - }; - home-manager.users.${settings.user.username} = homeManagerUser; - services.xserver.enable = true; services.xserver.displayManager.gdm.enable = true; services.xserver.desktopManager.gnome.enable = true; diff --git a/users/_common/programs/ssh.nix b/users/_common/programs/ssh.nix index 19a4f1e..81b5ee2 100644 --- a/users/_common/programs/ssh.nix +++ b/users/_common/programs/ssh.nix @@ -1,4 +1,4 @@ -{ lib, ... } @ args: +{ lib, settings, age, pkgs, ... } @ args: { # We always want a standard ssh key-pair used for secret management, create it if not there. home.activation.generateSshKey = lib.hm.dag.entryAfter [ "writeBoundary" ] '' @@ -21,7 +21,7 @@ matchBlocks = { github = { hostname = "github.com"; - identityFile = age.secrets.test1.file; + identityFile = age.secrets.nix2github.path; }; }; }; diff --git a/users/josh/configuration.nix b/users/josh/configuration.nix new file mode 100644 index 0000000..c3630b6 --- /dev/null +++ b/users/josh/configuration.nix @@ -0,0 +1,32 @@ +{ config, lib, ylib, pkgs, settings, ... } @ args: +{ + users.users.${settings.user.username} = { + initialPassword = "password1"; + isNormalUser = true; + extraGroups = [ "wheel" "networkmanager" "video" "input" ]; + shell = pkgs.zsh; + }; + + # TODO how to do this from home manager file instead + environment.pathsToLink = [ "/share/zsh" ]; + programs.zsh = { + enable = true; + }; + + home-manager.users.${settings.user.username} = { + imports = + # Common settings all users share + [ (settings.usersDir + "/_common/home.nix") ] + # User programs + ++ ylib.umport { + paths = [ ./programs ]; + recursive = true; + } + # User theme + ++ ylib.umport { + paths = [ ./theme ]; + recursive = true; + }; + }; +} + diff --git a/users/josh/home.nix b/users/josh/home.nix deleted file mode 100644 index b889bd8..0000000 --- a/users/josh/home.nix +++ /dev/null @@ -1,16 +0,0 @@ -{ settings, ylib, ... }: -{ - imports = - # Common settings all users share - [ (settings.usersDir + "/_common/home.nix") ] - # User programs - ++ ylib.umport { - paths = [ ./programs ]; - recursive = true; - } - # User theme - ++ ylib.umport { - paths = [ ./theme ]; - recursive = true; - }; -} diff --git a/users/root/configuration.nix b/users/root/configuration.nix new file mode 100644 index 0000000..fb5f6f6 --- /dev/null +++ b/users/root/configuration.nix @@ -0,0 +1,9 @@ +{ config, lib, pkgs, settings, ... } @ args: +{ + users.users.root = { + initialPassword = "password1"; + }; + + ## TODO github ssh key... etc +} +