Mirror/nix-git
Mirror/nix-git
1
0
Fork 0
mirror of https://codeberg.org/privacy1st/nix-git synced 2025-04-01 16:45:59 +02:00
Code Issues Packages Projects Releases Wiki Activity

define name, email, key fingerprint in base-user.nix

Browse Source
This commit is contained in:
Daniel Langbein 2025-03-30 14:47:44 +02:00
parent 7fa6af56b3
commit a7bf8f2ff3
Signed by: langfingaz
GPG Key ID: 6C47C753F0823002
36 changed files with 199 additions and 84 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
hosts/yodaHedgehog/host-specific.nix
View File

@ -11,6 +11,8 @@
{ config, pkgs, ... }:
let
email = config.yoda.email;
backup-source = "rootNas";
# The "stay-awake" file is located at `${backup-source}:${stay-awake-file}`.
# Example: ssh rootNas 'touch yodaHedgehog.stay-awake'
@ -85,11 +87,11 @@ in
printf '%s\n' 'Delaying backup due to SSH connectivity problems.'
# After the fourth failed connection attempt, send a notification by email.
if [ "''${i}" = "4" ]; then
printf '%s\n\n%s' 'Subject: ${config.networking.hostName}' 'Error connecting to ${backup-source}. Will retry in some seconds.' | sendmail -f langbein@mail.de daniel@systemli.org
printf '%s\n\n%s' 'Subject: ${config.networking.hostName}' 'Error connecting to ${backup-source}. Will retry in some seconds.' | sendmail -f langbein@mail.de ${email}
fi
# After ${retries} failed connection attempts, send a second notification by email and give up.
if [ "''${i}" = "${retries}" ]; then
printf '%s\n\n%s' 'Subject: ${config.networking.hostName}' 'Error connecting to ${backup-source} for ${retries} times. Giving up!' | sendmail -f langbein@mail.de daniel@systemli.org
printf '%s\n\n%s' 'Subject: ${config.networking.hostName}' 'Error connecting to ${backup-source} for ${retries} times. Giving up!' | sendmail -f langbein@mail.de ${email}
exit 1
fi
# Wait some seconds before repeating.
@ -140,7 +142,7 @@ in
# Send filtered journal by email.
systemctl start journalwatch.service ||:
# Send notification by email.
printf '%s\n\n%s' 'Subject: ${config.networking.hostName}' 'Finished backup.' | sendmail -f langbein@mail.de daniel@systemli.org
printf '%s\n\n%s' 'Subject: ${config.networking.hostName}' 'Finished backup.' | sendmail -f langbein@mail.de ${email}
# Let sendmail send emails.
#while :; do

4
modules/ark.nix
View File

@ -8,6 +8,8 @@
{ config, pkgs, lib, ... }:
let
user = config.yoda.user;
extraTools = with pkgs; [
p7zip
lrzip
@ -36,7 +38,7 @@ in
"unrar"
];
users.users."yoda" = {
users.users."${user}" = {
packages = with pkgs; [
ark-with-unrar # Archive manager: Compress and decompress
];

5
modules/autostart.nix
View File

@ -1,9 +1,12 @@
{ config, pkgs, lib, ... }:
let
user = config.yoda.user;
in
{
# See also:
# Temporary workaround until https://github.com/nix-community/home-manager/issues/3447 is merged.
home-manager.users."yoda" = { osConfig, config, pkgs, ... }: {
home-manager.users."${user}" = { osConfig, config, pkgs, ... }: {
home.file."keepassxc" = {
target = ".config/autostart/org.keepassxc.KeePassXC.desktop";
source = (pkgs.keepassxc + "/share/applications/org.keepassxc.KeePassXC.desktop");

41
modules/base-user.nix
View File

@ -1,16 +1,49 @@
# https://l-lin.github.io/nix/share-variables-between-Nix-modules
{ config, lib, pkgs, ... }:
let
defaultUsername = "yoda";
defaultUser = "yoda";
defaultName = "Daniel Langbein";
defaultEmail = "daniel@systemli.org";
defaultMaintainer = "langbeindaniel";
defaultFingerprint = "94F3D3DDAC22802258FC044B6C47C753F0823002";
in
{
options.yoda.user = lib.mkOption {
# You can find the exhaustive list of types here: https://nlewo.github.io/nixos-manual-sphinx/development/option-types.xml.html
type = lib.types.str;
default = defaultUsername;
description = "Username of the primary Linux user account. Must not include regex special characters.";
default = defaultUser;
description = "Primary Linux user name. Must not include regex special characters.";
};
options.yoda.name = lib.mkOption {
type = lib.types.str;
default = defaultName;
description = "Personal name of primary user.";
};
options.yoda.email = lib.mkOption {
type = lib.types.str;
default = defaultEmail;
description = "Personal email address of primary user.";
};
options.yoda.maintainer = lib.mkOption {
type = lib.types.str;
default = defaultMaintainer;
description = "Personal nix maintainer identifier of primary user";
};
options.yoda.fingerprint = lib.mkOption {
type = lib.types.str;
default = defaultFingerprint;
description = "Personal key fingerprint of primary user as listed by `gpg --list-keys`.";
};
config = {
yoda.user = defaultUsername;
lib.maintainers."${defaultMaintainer}" = {
name = defaultName;
email = defaultEmail;
keys = [{
fingerprint = defaultFingerprint;
}];
};
};
}

4
modules/bash.nix
View File

@ -1,5 +1,7 @@
{ config, pkgs, ... }:
let
user = config.yoda.user;
bash-config = {
enable = true;
enableCompletion = true;
@ -18,7 +20,7 @@ in
# Required by home-manager programs.bash.enableCompletion
environment.pathsToLink = [ "/share/bash-completion" ];
home-manager.users."yoda" = { osConfig, config, pkgs, ... }: {
home-manager.users."${user}" = { osConfig, config, pkgs, ... }: {
programs.bash = bash-config;
};
home-manager.users."root" = { osConfig, config, pkgs, ... }: {

7
modules/blackbox.nix
View File

@ -1,9 +1,12 @@
{ config, pkgs, ... }:
let
user = config.yoda.user;
in
{
# A direct integration in Nautilus is still in progress: https://gitlab.gnome.org/raggesilver/blackbox/-/issues/20
# Thus, we use nautilus-open-any-terminal.
users.users."yoda" = {
users.users."${user}" = {
packages = with pkgs; [
blackbox-terminal # Terminal emulator. Can show notifications for commands finished in the background.
nautilus-open-any-terminal # For Nautilus (GNOME files) integration
@ -11,7 +14,7 @@
};
programs.dconf.enable = true;
home-manager.users."yoda" = { osConfig, config, pkgs, ... }: {
home-manager.users."${user}" = { osConfig, config, pkgs, ... }: {
dconf.settings = {
# For Nautilus (GNOME files) integration
"com/github/stunkymonkey/nautilus-open-any-terminal" = {

5
modules/digikam-rawtherapee-hugin-gimp.nix
View File

@ -1,6 +1,9 @@
{ config, pkgs, ... }:
let
user = config.yoda.user;
in
{
users.users."yoda" = {
users.users."${user}" = {
packages = with pkgs; [
# TODO: Temporary fix until exiftool fix is landed in NixOS stable
# https://github.com/NixOS/nixpkgs/issues/332561

7
modules/docker-pushrm-pkg.nix
View File

@ -1,4 +1,7 @@
{ pkgs, lib, buildGoModule, fetchFromGitHub }:
{ config, pkgs, lib, buildGoModule, fetchFromGitHub }:
let
maintainer = config.yoda.maintainer;
in
# TODO: `docker pushrm` does not work, however `docker-pushrm` does.
# TODO: Watch for new releases
@ -48,6 +51,6 @@ buildGoModule rec {
'';
homepage = "https://github.com/christian-korneck/docker-pushrm";
license = licenses.mit;
maintainers = with maintainers; [ langbeindaniel ];
maintainers = with maintainers; [ maintainer ];
};
}

10
modules/docker-pushrm.nix
View File

@ -1,15 +1,5 @@
{ config, pkgs, lib, ... }:
{
lib.maintainers = {
langbeindaniel = {
name = "Daniel Langbein";
email = "daniel@systemli.org";
keys = [{
fingerprint = "94F3 D3DD AC22 8022 58FC 044B 6C47 C753 F082 3002";
}];
};
};
environment.systemPackages = with pkgs; [
(
# callPackage is a function that automagically figures out which arguments your function wants, and then provides them from its own set. This pill explains it well: https://nixos.org/guides/nix-pills/callpackage-design-pattern.html

9
modules/element-desktop.nix
View File

@ -1,10 +1,13 @@
{ config, pkgs, lib, ... }:
let
user = config.yoda.user;
in
{
# Issue: Login does not work. Webbrowser does not redirect back to Element app. Firefox does not ask to open link with Element app. It works with the Flatpak version though.
#
# Configuration paths with user data:
# NixOS: /home/yoda/.config/Element /home/yoda/.config/Riot
# Flatpak: /home/yoda/.var/app/im.riot.Riot/config/Element
# NixOS: /home/${user}/.config/Element /home/${user}/.config/Riot
# Flatpak: /home/${user}/.var/app/im.riot.Riot/config/Element
#
# Solution: Don't use element-desktop-wayland, use the normal element-desktop package instead
#
@ -18,7 +21,7 @@
# Workaround: Use Flatpak version ...
# Discussion on GitHub: https://github.com/NixOS/nixpkgs/issues/343806 AMD GPUs and NixOS - 'Cannot find target for triple amdgcn-- Unable to find target for this triple (no targets are registered)'
users.users."yoda" = {
users.users."${user}" = {
packages = with pkgs; [
# Matrix chat client.
element-desktop

7
modules/firefox.nix
View File

@ -1,6 +1,9 @@
{ config, pkgs, lib, ... }:
let
user = config.yoda.user;
in
{
users.users."yoda" = {
users.users."${user}" = {
packages = with pkgs; [
firefox # Web browser
];
@ -14,7 +17,7 @@
# Required for dconf.settings
programs.dconf.enable = true;
home-manager.users."yoda" = { osConfig, config, pkgs, ... }: {
home-manager.users."${user}" = { osConfig, config, pkgs, ... }: {
dconf.settings = {
"org/gnome/shell" = {
favorite-apps = ["firefox.desktop"];

5
modules/freetube.nix
View File

@ -1,6 +1,9 @@
{ config, pkgs, lib, ... }:
let
user = config.yoda.user;
in
{
users.users."yoda" = {
users.users."${user}" = {
packages = with pkgs; [
unstable.freetube # YouTube client.
];

5
modules/fwupd-gnome.nix
View File

@ -1,9 +1,12 @@
{ config, pkgs, ... }:
let
user = config.yoda.user;
in
{
# Enable firmware update daemon
services.fwupd.enable = true;
users.users."yoda" = {
users.users."${user}" = {
packages = with pkgs; [
# Install firmware on devices supported by fwupd.
gnome-firmware

6
modules/fzf.nix
View File

@ -1,5 +1,7 @@
{ config, pkgs, ... }:
let
user = config.yoda.user;
# Fuzzy shell history and file search.
#
# Use fzf to search your command history (with STRG + r) and do file searches (with STRG + t).
@ -17,14 +19,14 @@ let
};
in
{
home-manager.users."yoda" = { osConfig, config, pkgs, ... }: {
home-manager.users."${user}" = { osConfig, config, pkgs, ... }: {
programs.fzf = fzf-config;
};
home-manager.users."root" = { osConfig, config, pkgs, ... }: {
programs.fzf = fzf-config;
};
users.users."yoda" = {
users.users."${user}" = {
packages = with pkgs; [
fd
];

7
modules/ghostwriter.nix
View File

@ -1,6 +1,9 @@
{ config, pkgs, lib, ... }:
let
user = config.yoda.user;
in
{
users.users."yoda" = {
users.users."${user}" = {
packages = with pkgs; [
libsForQt5.ghostwriter # Markdown editor
];
@ -9,7 +12,7 @@
# This fixes blurry fonts with fractional scaling on Wayland.
environment.sessionVariables.QT_QPA_PLATFORM = lib.mkIf (config.services.xserver.displayManager.gdm.wayland) "wayland";
home-manager.users."yoda" = { osConfig, config, pkgs, ... }: {
home-manager.users."${user}" = { osConfig, config, pkgs, ... }: {
home.file.".config/kde.org/ghostwriter.conf" = {
text = ''
[Application]

13
modules/git.nix
View File

@ -1,16 +1,21 @@
{ config, pkgs, ... }:
let
user = config.yoda.user;
name = config.yoda.name;
email = config.yoda.email;
in
{
users.users."yoda" = {
users.users."${user}" = {
packages = with pkgs; [
git
];
};
home-manager.users."yoda" = { osConfig, config, pkgs, ... }: {
home-manager.users."${user}" = { osConfig, config, pkgs, ... }: {
programs.git = {
enable = true;
userName = "Daniel Langbein";
userEmail = "daniel@systemli.org";
userName = name;
userEmail = email;
signing.signByDefault = true;
signing.key = null;
aliases = {

9
modules/gnome-wallpaper.nix
View File

@ -1,14 +1,17 @@
{ config, pkgs, ... }:
let
user = config.yoda.user;
in
{
# https://discourse.nixos.org/t/how-to-set-gnome-a-k-a-gdm-greeter-a-k-a-lockscreen-login-background-a-k-a-wallpaper/14289
programs.dconf.enable = true;
home-manager.users."yoda" = { osConfig, config, pkgs, ... }: {
home-manager.users."${user}" = { osConfig, config, pkgs, ... }: {
dconf.settings = {
"org/gnome/desktop/background" = {
"picture-uri" = "/home/yoda/.config/background";
"picture-uri-dark" = "/home/yoda/.config/background";
"picture-uri" = "/home/${user}/.config/background";
"picture-uri-dark" = "/home/${user}/.config/background";
};
};
home.file.".config/background".source = "${(pkgs.callPackage ./wallpaper.nix { })}/img.jpg";

5
modules/headless.nix
View File

@ -1,6 +1,9 @@
{ config, pkgs, ... }:
let
user = config.yoda.user;
in
{
users.users."yoda" = {
users.users."${user}" = {
packages = with pkgs; [
#zenith # Terminal resource monitor / task manager
btop # Terminal resource monitor / task manager

4
modules/home-manager.nix
View File

@ -1,5 +1,7 @@
{ config, pkgs, ... }:
let
user = config.yoda.user;
# Import Home Manager with niv.
home-manager = (import ../nix/sources.nix).home-manager;
#home-manager-source = import (import ../nix/sources.nix).home-manager {};
@ -19,7 +21,7 @@ in
# https://nix-community.github.io/home-manager/index.html#sec-install-nixos-module
home-manager.useGlobalPkgs = true;
home-manager.users."yoda" = { osConfig, config, pkgs, ... }: {
home-manager.users."${user}" = { osConfig, config, pkgs, ... }: {
# https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion
# Switching to a higher state version typically requires performing some manual steps, such as data conversion or moving files.
home.stateVersion = "24.11";

4
modules/initrd-contact-info.nix
View File

@ -38,12 +38,12 @@ let
in
lib.optionalString (res != null) (lib.head res);
contact_name = "Daniel Langbein";
contact_name = config.yoda.name;
# The file `phone-number` contains only one line with our phone number, e.g. +49 0173 ...
# Be aware that the phone number will be written to the nix store in plaintext!
# TODO: strip the read string (no tailing newlines)
contact_phone = trim (builtins.readFile ../secrets/phone-number);
contact_mail = "daniel@systemli.org";
contact_mail = config.yoda.email;
# https://wiki.nixos.org/wiki/Shell_Scripts
contact-info-str = pkgs.stdenv.mkDerivation rec {

6
modules/jetbrains-ide.nix
View File

@ -1,5 +1,7 @@
{ config, pkgs, lib, ... }:
let
user = config.yoda.user;
# version = (
# if (config.nixpkgs.config.allowUnfree)
# then "idea-ultimate"
@ -41,14 +43,14 @@ in
# TODO: Currently markdown previews are broken anyways because of issues with the sandboxed webbrowser on NixOS
];
users.users."yoda" = {
users.users."${user}" = {
packages = with pkgs; [
jetbrains."${version}"
];
};
programs.dconf.enable = true;
home-manager.users."yoda" = { osConfig, config, pkgs, lib, ... }: {
home-manager.users."${user}" = { osConfig, config, pkgs, lib, ... }: {
dconf.settings = {
"org/gnome/shell" = {
favorite-apps = ["${version}.desktop"];

3
modules/journalwatch.nix
View File

@ -41,6 +41,7 @@
{ config, pkgs, ... }:
let
user = config.yoda.user;
email = config.yoda.email;
stopped-service-consumption-summary = ''
\S+\.(service|scope|slice|swap|mount): Consumed ([0-9]+d )?([0-9]+h )?([0-9]+min )?[0-9\.]+(s|ms) CPU time(, .+)?\.'';
@ -96,7 +97,7 @@ in
enable = true;
# Same as configured by sendmail MTA.
mailFrom = "langbein@mail.de";
mailTo = "daniel+journalwatch@systemli.org";
mailTo = email;
#interval = "hourly";
# Lowest priority of message to be considered.

15
modules/nitrokey-gpg-smartcard.nix
View File

@ -1,4 +1,7 @@
{ config, pkgs, lib, ... }:
let
user = config.yoda.user;
in
{
# Use NitroKey USB smartcard with SSH.
# https://nixos.wiki/wiki/Nitrokey
@ -38,14 +41,14 @@
#
# ssh -v nas
#=> OpenSSH_9.3p2, OpenSSL 3.0.10 1 Aug 2023
#=> debug1: Reading configuration data /home/yoda/.ssh/config
#=> debug1: /home/yoda/.ssh/config line 67: Applying options for nas
#=> debug1: /home/yoda/.ssh/config line 180: Applying options for *
#=> debug1: Reading configuration data /home/${user}/.ssh/config
#=> debug1: /home/${user}/.ssh/config line 67: Applying options for nas
#=> debug1: /home/${user}/.ssh/config line 180: Applying options for *
#=> debug1: Reading configuration data /etc/ssh/ssh_config
#=> debug1: Executing command: '/nix/store/8fv91097mbh5049i9rglc73dx6kjg3qk-bash-5.2-p15/bin/bash -c '/nix/store/lvsbmqy4dmlri22145hbr6799hgbnpnf-gnupg-2.4.0/bin/gpg-connect-agent --quiet updatestartuptty /bye >/dev/null 2>&1''
#
#=> USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
#=> yoda 2752 0.0 0.0 444812 3040 ? SLsl 16:09 0:00 /nix/store/lvsbmqy4dmlri22145hbr6799hgbnpnf-gnupg-2.4.0/bin/gpg-agent --supervised --pinentry-program /nix/store/8cvidvpwnwyxixlhqfaa5jlfndh2vir5-pinentry-1.2.1-curses/bin/pinentry
#=> ${user} 2752 0.0 0.0 444812 3040 ? SLsl 16:09 0:00 /nix/store/lvsbmqy4dmlri22145hbr6799hgbnpnf-gnupg-2.4.0/bin/gpg-agent --supervised --pinentry-program /nix/store/8cvidvpwnwyxixlhqfaa5jlfndh2vir5-pinentry-1.2.1-curses/bin/pinentry
# NITROKEY SSH WORKAROUND (I): Do all of this in one shell!
# CREDITS: https://unix.stackexchange.com/a/250045/315162
@ -121,7 +124,7 @@
# pinentry-gnome
#];
#users.users."yoda" = {
#users.users."${user}" = {
# packages = with pkgs; [
# #pinentry-curses
# pinentry-gnome
@ -146,7 +149,7 @@
# Smartcard daemon.
services.pcscd.enable = true;
home-manager.users."yoda" = { osConfig, config, pkgs, ... }: {
home-manager.users."${user}" = { osConfig, config, pkgs, ... }: {
# Disable GNOME Keyring. See comment above.
#

7
modules/obsidian.nix
View File

@ -1,4 +1,7 @@
{ config, pkgs, lib, ... }:
let
user = config.yoda.user;
in
{
# TODO: if on wayland and scaling != 1, start obsidian with the following command.
# Sharp fonts.
@ -10,14 +13,14 @@
"obsidian"
];
users.users."yoda" = {
users.users."${user}" = {
packages = with pkgs; [
obsidian # Markdown notes
];
};
programs.dconf.enable = true;
home-manager.users."yoda" = { osConfig, config, pkgs, lib, ... }: {
home-manager.users."${user}" = { osConfig, config, pkgs, lib, ... }: {
dconf.settings = {
"org/gnome/shell" = {
favorite-apps = ["obsidian.desktop"];

5
modules/print-and-scan.nix
View File

@ -1,4 +1,7 @@
{ config, pkgs, ... }:
let
user = config.yoda.user;
in
{
# Printing with IPP everywhere capable printers
# https://nixos.wiki/wiki/Printing
@ -58,7 +61,7 @@
extraBackends = [ pkgs.hplip ];
};
users.users."yoda" = {
users.users."${user}" = {
extraGroups = [ "scanner" "lp" ];
packages = with pkgs; [
simple-scan # GNOME Document Scanner

5
modules/programs-kde.nix
View File

@ -1,4 +1,7 @@
{ config, pkgs, mkKdeDerivation, lib, ... }:
let
user = config.yoda.user;
in
{
imports = [
./ark.nix # Archive manager: Compress and decompress
@ -11,7 +14,7 @@
"dotnet-runtime-6.0.36"
];
users.users."yoda" = {
users.users."${user}" = {
packages = with pkgs; [
# Preinstalled
# kdePackages.ark # Archive manager

7
modules/sendmail-mta.nix
View File

@ -1,4 +1,7 @@
{ config, pkgs, ... }:
let
email = config.yoda.email;
in
{
# Many programs use the `sendmail` command to send email.
# Nullmailer and OpenSMTP create a symlink from `sendmail` to their binary - they are (to a certain degree) sendmail compatible.
@ -46,8 +49,8 @@
# https://nixos.wiki/wiki/Msmtp#Aliases
environment.etc.aliases = {
text = ''
# Forward email from root to daniel@systemli.org
root: daniel@systemli.org
# Forward email received by user root to ${email}
root: ${email}
'';
mode = "0644";
};

7
modules/signal-desktop.nix
View File

@ -1,6 +1,9 @@
{ config, pkgs, lib, ... }:
let
user = config.yoda.user;
in
{
users.users."yoda" = {
users.users."${user}" = {
packages = with pkgs; [
signal-desktop # Signal client
];
@ -23,7 +26,7 @@
})
];
home-manager.users."yoda" = { osConfig, config, pkgs, ... }: {
home-manager.users."${user}" = { osConfig, config, pkgs, ... }: {
dconf.settings = {
"org/gnome/shell" = {
favorite-apps = ["signal-desktop.desktop"];

5
modules/spaceFM.nix
View File

@ -1,6 +1,9 @@
{ config, pkgs, lib, ... }:
let
user = config.yoda.user;
in
{
users.users."yoda" = {
users.users."${user}" = {
packages = with pkgs; [
spaceFM
];

17
modules/ssh-client.nix
View File

@ -1,6 +1,9 @@
{ config, pkgs, ... }:
let
user = config.yoda.user;
in
{
home-manager.users."yoda" = { osConfig, config, pkgs, ... }: {
home-manager.users."${user}" = { osConfig, config, pkgs, ... }: {
# SSH client configuration.
programs.ssh = {
@ -15,13 +18,13 @@
};
"yodaTab" = {
hostname = "192.168.178.53";
user = "yoda";
user = "${user}";
port = 22;
compression = false;
};
"yodaEnchilada" = {
hostname = "192.168.178.25";
user = "yoda";
user = "${user}";
port = 22;
compression = false;
};
@ -29,7 +32,7 @@
# local IP: 192.168.178.186
"yodaYoga" = {
hostname = "yodayoga.p1st.de";
user = "yoda";
user = "${user}";
port = 2224;
compression = true;
};
@ -48,7 +51,7 @@
"pi3bplus" = {
hostname = "fckjpbxxim36c1gb.myfritz.net";
user = "yoda";
user = "${user}";
port = 22;
compression = true;
};
@ -75,7 +78,7 @@
# local IP: 192.168.178.118
"yodaHedgehog" = {
hostname = "yodahedgehog.p1st.de";
user = "yoda";
user = "${user}";
port = 2226;
compression = true;
};
@ -95,7 +98,7 @@
# local IP: 192.168.178.119
"yodaNas" = {
hostname = "yodanas.p1st.de";
user = "yoda";
user = "${user}";
port = 2222;
compression = true;
};

5
modules/ssh-server.nix
View File

@ -1,4 +1,7 @@
{ config, pkgs, ... }:
let
user = config.yoda.user;
in
{
# Enable SSH server.
services.openssh = {
@ -47,7 +50,7 @@
# TODO replace authorizedKeys in all .nix files with authorizedKeyFiles
# SSH public key(s) allowed to connect via SSH.
users.users."yoda".openssh.authorizedKeys.keys = [
users.users."${user}".openssh.authorizedKeys.keys = [
(builtins.readFile ../assets/ssh/nitrokey.pub)
];
users.users."root".openssh.authorizedKeys.keys = [

15
modules/thunderbird.nix
View File

@ -1,6 +1,9 @@
{ config, pkgs, lib, ... }:
let
user = config.yoda.user;
user = config.yoda.user;
name = config.yoda.name;
email = config.yoda.email;
fingerprint = config.yoda.fingerprint;
# TODO: trim whitespaces from string
email-uni-marburg = (builtins.readFile ../secrets/email-uni-marburg);
@ -13,16 +16,16 @@ in
home-manager.users."${user}" = { osConfig, config, pkgs, ... }: {
accounts.email.accounts = {
"personal" = {
address = "daniel@systemli.org";
address = email;
gpg = {
# The key to use as listed in gpg --list-keys.
key = "94F3D3DDAC22802258FC044B6C47C753F0823002";
key = fingerprint;
signByDefault = true;
};
primary = true;
realName = "Daniel Langbein";
realName = name;
userName = "daniel@systemli.org";
userName = email;
imap = {
host = "mail.systemli.org";
port = 993;
@ -39,7 +42,7 @@ in
"uni-marburg" = {
address = email-uni-marburg;
primary = false;
realName = "Daniel Langbein";
realName = name;
# It seems as if both is possible:
# userName: part of email before "@"

5
modules/uni-vpn.nix
View File

@ -1,4 +1,7 @@
{ config, pkgs, ... }:
let
user = config.yoda.user;
in
{
assertions = [{
assertion = config.services.xserver.desktopManager.gnome.enable || config.services.desktopManager.plasma6.enable;
@ -9,7 +12,7 @@
./t-telesec.nix
];
users.users."yoda" = {
users.users."${user}" = {
packages = with pkgs; [
networkmanager-openconnect # Openconnect VPN
];

5
modules/usb-mtp-ptp.nix
View File

@ -1,4 +1,7 @@
{ config, pkgs, ... }:
let
user = config.yoda.user;
in
{
# USB MTP and PTP support
# https://wiki.archlinux.org/title/Media_Transfer_Protocol#File_manager_integration
@ -11,7 +14,7 @@
programs.gphoto2.enable = true;
# To grant digital camera access to a user,
# the user must be part of the camera group:
users.users."yoda".extraGroups = ["camera"];
users.users."${user}".extraGroups = ["camera"];
#
# Example usage:
#

5
modules/veracrypt.nix
View File

@ -1,4 +1,7 @@
{ config, pkgs, lib, ... }:
let
user = config.yoda.user;
in
{
# Looks as if TrueCrypt is unfree software
# https://github.com/NixOS/nixpkgs/blob/5d017a8822e0907fb96f7700a319f9fe2434de02/pkgs/applications/misc/veracrypt/default.nix#L59
@ -11,7 +14,7 @@
"veracrypt"
];
users.users."yoda" = {
users.users."${user}" = {
packages = with pkgs; [
veracrypt # Encrypted filesystem
];

6
modules/zsh.nix
View File

@ -1,5 +1,7 @@
{ config, pkgs, ... }:
let
user = config.yoda.user;
# https://nixos.wiki/wiki/Zsh
zsh-config = {
enable = true;
@ -57,9 +59,9 @@ in
# Inside the following Home Manager configuration block,
# `config` refers to Home Manager configuration.
home-manager.users."yoda" = { osConfig, config, pkgs, ... }: {
home-manager.users."${user}" = { osConfig, config, pkgs, ... }: {
programs.zsh = zsh-config // {
# nix-repl: config.home-manager.users."yoda".programs.zsh.history.path
# nix-repl: config.home-manager.users."${user}".programs.zsh.history.path
# -> ~/.local/share/.histfile
history.path = "${config.xdg.dataHome}/.histfile";
};