From a7bf8f2ff35c5c64665bd5fab952dea879d7b8c0 Mon Sep 17 00:00:00 2001
From: Daniel Langbein <daniel@systemli.org>
Date: Sun, 30 Mar 2025 14:47:44 +0200
Subject: [PATCH] define name, email, key fingerprint in base-user.nix
---
hosts/yodaHedgehog/host-specific.nix | 8 +++--
modules/ark.nix | 4 ++-
modules/autostart.nix | 5 ++-
modules/base-user.nix | 41 +++++++++++++++++++---
modules/bash.nix | 4 ++-
modules/blackbox.nix | 7 ++--
modules/digikam-rawtherapee-hugin-gimp.nix | 5 ++-
modules/docker-pushrm-pkg.nix | 7 ++--
modules/docker-pushrm.nix | 10 ------
modules/element-desktop.nix | 9 +++--
modules/firefox.nix | 7 ++--
modules/freetube.nix | 5 ++-
modules/fwupd-gnome.nix | 5 ++-
modules/fzf.nix | 6 ++--
modules/ghostwriter.nix | 7 ++--
modules/git.nix | 13 ++++---
modules/gnome-wallpaper.nix | 9 +++--
modules/headless.nix | 5 ++-
modules/home-manager.nix | 4 ++-
modules/initrd-contact-info.nix | 4 +--
modules/jetbrains-ide.nix | 6 ++--
modules/journalwatch.nix | 3 +-
modules/nitrokey-gpg-smartcard.nix | 15 ++++----
modules/obsidian.nix | 7 ++--
modules/print-and-scan.nix | 5 ++-
modules/programs-kde.nix | 5 ++-
modules/sendmail-mta.nix | 7 ++--
modules/signal-desktop.nix | 7 ++--
modules/spaceFM.nix | 5 ++-
modules/ssh-client.nix | 17 +++++----
modules/ssh-server.nix | 5 ++-
modules/thunderbird.nix | 15 ++++----
modules/uni-vpn.nix | 5 ++-
modules/usb-mtp-ptp.nix | 5 ++-
modules/veracrypt.nix | 5 ++-
modules/zsh.nix | 6 ++--
36 files changed, 199 insertions(+), 84 deletions(-)
diff --git a/hosts/yodaHedgehog/host-specific.nix b/hosts/yodaHedgehog/host-specific.nix
index 7f6e889..afc9de0 100644
--- a/hosts/yodaHedgehog/host-specific.nix
+++ b/hosts/yodaHedgehog/host-specific.nix
@@ -11,6 +11,8 @@
{ config, pkgs, ... }:
let
+ email = config.yoda.email;
+
backup-source = "rootNas";
# The "stay-awake" file is located at `${backup-source}:${stay-awake-file}`.
# Example: ssh rootNas 'touch yodaHedgehog.stay-awake'
@@ -85,11 +87,11 @@ in
printf '%s\n' 'Delaying backup due to SSH connectivity problems.'
# After the fourth failed connection attempt, send a notification by email.
if [ "''${i}" = "4" ]; then
- printf '%s\n\n%s' 'Subject: ${config.networking.hostName}' 'Error connecting to ${backup-source}. Will retry in some seconds.' | sendmail -f langbein@mail.de daniel@systemli.org
+ printf '%s\n\n%s' 'Subject: ${config.networking.hostName}' 'Error connecting to ${backup-source}. Will retry in some seconds.' | sendmail -f langbein@mail.de ${email}
fi
# After ${retries} failed connection attempts, send a second notification by email and give up.
if [ "''${i}" = "${retries}" ]; then
- printf '%s\n\n%s' 'Subject: ${config.networking.hostName}' 'Error connecting to ${backup-source} for ${retries} times. Giving up!' | sendmail -f langbein@mail.de daniel@systemli.org
+ printf '%s\n\n%s' 'Subject: ${config.networking.hostName}' 'Error connecting to ${backup-source} for ${retries} times. Giving up!' | sendmail -f langbein@mail.de ${email}
exit 1
fi
# Wait some seconds before repeating.
@@ -140,7 +142,7 @@ in
# Send filtered journal by email.
systemctl start journalwatch.service ||:
# Send notification by email.
- printf '%s\n\n%s' 'Subject: ${config.networking.hostName}' 'Finished backup.' | sendmail -f langbein@mail.de daniel@systemli.org
+ printf '%s\n\n%s' 'Subject: ${config.networking.hostName}' 'Finished backup.' | sendmail -f langbein@mail.de ${email}
# Let sendmail send emails.
#while :; do
diff --git a/modules/ark.nix b/modules/ark.nix
index ae69e1d..fb012f7 100644
--- a/modules/ark.nix
+++ b/modules/ark.nix
@@ -8,6 +8,8 @@
{ config, pkgs, lib, ... }:
let
+ user = config.yoda.user;
+
extraTools = with pkgs; [
p7zip
lrzip
@@ -36,7 +38,7 @@ in
"unrar"
];
- users.users."yoda" = {
+ users.users."${user}" = {
packages = with pkgs; [
ark-with-unrar # Archive manager: Compress and decompress
];
diff --git a/modules/autostart.nix b/modules/autostart.nix
index 6db6b80..3549a88 100644
--- a/modules/autostart.nix
+++ b/modules/autostart.nix
@@ -1,9 +1,12 @@
{ config, pkgs, lib, ... }:
+let
+ user = config.yoda.user;
+in
{
# See also:
# Temporary workaround until https://github.com/nix-community/home-manager/issues/3447 is merged.
- home-manager.users."yoda" = { osConfig, config, pkgs, ... }: {
+ home-manager.users."${user}" = { osConfig, config, pkgs, ... }: {
home.file."keepassxc" = {
target = ".config/autostart/org.keepassxc.KeePassXC.desktop";
source = (pkgs.keepassxc + "/share/applications/org.keepassxc.KeePassXC.desktop");
diff --git a/modules/base-user.nix b/modules/base-user.nix
index 58bb3de..832ef08 100644
--- a/modules/base-user.nix
+++ b/modules/base-user.nix
@@ -1,16 +1,49 @@
+# https://l-lin.github.io/nix/share-variables-between-Nix-modules
+
{ config, lib, pkgs, ... }:
let
- defaultUsername = "yoda";
+ defaultUser = "yoda";
+
+ defaultName = "Daniel Langbein";
+ defaultEmail = "daniel@systemli.org";
+ defaultMaintainer = "langbeindaniel";
+ defaultFingerprint = "94F3D3DDAC22802258FC044B6C47C753F0823002";
in
{
options.yoda.user = lib.mkOption {
# You can find the exhaustive list of types here: https://nlewo.github.io/nixos-manual-sphinx/development/option-types.xml.html
type = lib.types.str;
- default = defaultUsername;
- description = "Username of the primary Linux user account. Must not include regex special characters.";
+ default = defaultUser;
+ description = "Primary Linux user name. Must not include regex special characters.";
+ };
+ options.yoda.name = lib.mkOption {
+ type = lib.types.str;
+ default = defaultName;
+ description = "Personal name of primary user.";
+ };
+ options.yoda.email = lib.mkOption {
+ type = lib.types.str;
+ default = defaultEmail;
+ description = "Personal email address of primary user.";
+ };
+ options.yoda.maintainer = lib.mkOption {
+ type = lib.types.str;
+ default = defaultMaintainer;
+ description = "Personal nix maintainer identifier of primary user";
+ };
+ options.yoda.fingerprint = lib.mkOption {
+ type = lib.types.str;
+ default = defaultFingerprint;
+ description = "Personal key fingerprint of primary user as listed by `gpg --list-keys`.";
};
config = {
- yoda.user = defaultUsername;
+ lib.maintainers."${defaultMaintainer}" = {
+ name = defaultName;
+ email = defaultEmail;
+ keys = [{
+ fingerprint = defaultFingerprint;
+ }];
+ };
};
}
diff --git a/modules/bash.nix b/modules/bash.nix
index 1608b09..d823e7f 100644
--- a/modules/bash.nix
+++ b/modules/bash.nix
@@ -1,5 +1,7 @@
{ config, pkgs, ... }:
let
+ user = config.yoda.user;
+
bash-config = {
enable = true;
enableCompletion = true;
@@ -18,7 +20,7 @@ in
# Required by home-manager programs.bash.enableCompletion
environment.pathsToLink = [ "/share/bash-completion" ];
- home-manager.users."yoda" = { osConfig, config, pkgs, ... }: {
+ home-manager.users."${user}" = { osConfig, config, pkgs, ... }: {
programs.bash = bash-config;
};
home-manager.users."root" = { osConfig, config, pkgs, ... }: {
diff --git a/modules/blackbox.nix b/modules/blackbox.nix
index daa53da..c7d063b 100644
--- a/modules/blackbox.nix
+++ b/modules/blackbox.nix
@@ -1,9 +1,12 @@
{ config, pkgs, ... }:
+let
+ user = config.yoda.user;
+in
{
# A direct integration in Nautilus is still in progress: https://gitlab.gnome.org/raggesilver/blackbox/-/issues/20
# Thus, we use nautilus-open-any-terminal.
- users.users."yoda" = {
+ users.users."${user}" = {
packages = with pkgs; [
blackbox-terminal # Terminal emulator. Can show notifications for commands finished in the background.
nautilus-open-any-terminal # For Nautilus (GNOME files) integration
@@ -11,7 +14,7 @@
};
programs.dconf.enable = true;
- home-manager.users."yoda" = { osConfig, config, pkgs, ... }: {
+ home-manager.users."${user}" = { osConfig, config, pkgs, ... }: {
dconf.settings = {
# For Nautilus (GNOME files) integration
"com/github/stunkymonkey/nautilus-open-any-terminal" = {
diff --git a/modules/digikam-rawtherapee-hugin-gimp.nix b/modules/digikam-rawtherapee-hugin-gimp.nix
index 149878a..1f1ded3 100644
--- a/modules/digikam-rawtherapee-hugin-gimp.nix
+++ b/modules/digikam-rawtherapee-hugin-gimp.nix
@@ -1,6 +1,9 @@
{ config, pkgs, ... }:
+let
+ user = config.yoda.user;
+in
{
- users.users."yoda" = {
+ users.users."${user}" = {
packages = with pkgs; [
# TODO: Temporary fix until exiftool fix is landed in NixOS stable
# https://github.com/NixOS/nixpkgs/issues/332561
diff --git a/modules/docker-pushrm-pkg.nix b/modules/docker-pushrm-pkg.nix
index d4e00d0..766f432 100644
--- a/modules/docker-pushrm-pkg.nix
+++ b/modules/docker-pushrm-pkg.nix
@@ -1,4 +1,7 @@
-{ pkgs, lib, buildGoModule, fetchFromGitHub }:
+{ config, pkgs, lib, buildGoModule, fetchFromGitHub }:
+let
+ maintainer = config.yoda.maintainer;
+in
# TODO: `docker pushrm` does not work, however `docker-pushrm` does.
# TODO: Watch for new releases
@@ -48,6 +51,6 @@ buildGoModule rec {
'';
homepage = "https://github.com/christian-korneck/docker-pushrm";
license = licenses.mit;
- maintainers = with maintainers; [ langbeindaniel ];
+ maintainers = with maintainers; [ maintainer ];
};
}
diff --git a/modules/docker-pushrm.nix b/modules/docker-pushrm.nix
index 6ed14cd..72ce599 100644
--- a/modules/docker-pushrm.nix
+++ b/modules/docker-pushrm.nix
@@ -1,15 +1,5 @@
{ config, pkgs, lib, ... }:
{
- lib.maintainers = {
- langbeindaniel = {
- name = "Daniel Langbein";
- email = "daniel@systemli.org";
- keys = [{
- fingerprint = "94F3 D3DD AC22 8022 58FC 044B 6C47 C753 F082 3002";
- }];
- };
- };
-
environment.systemPackages = with pkgs; [
(
# callPackage is a function that automagically figures out which arguments your function wants, and then provides them from its own set. This pill explains it well: https://nixos.org/guides/nix-pills/callpackage-design-pattern.html
diff --git a/modules/element-desktop.nix b/modules/element-desktop.nix
index a39da2b..feb6538 100644
--- a/modules/element-desktop.nix
+++ b/modules/element-desktop.nix
@@ -1,10 +1,13 @@
{ config, pkgs, lib, ... }:
+let
+ user = config.yoda.user;
+in
{
# Issue: Login does not work. Webbrowser does not redirect back to Element app. Firefox does not ask to open link with Element app. It works with the Flatpak version though.
#
# Configuration paths with user data:
- # NixOS: /home/yoda/.config/Element /home/yoda/.config/Riot
- # Flatpak: /home/yoda/.var/app/im.riot.Riot/config/Element
+ # NixOS: /home/${user}/.config/Element /home/${user}/.config/Riot
+ # Flatpak: /home/${user}/.var/app/im.riot.Riot/config/Element
#
# Solution: Don't use element-desktop-wayland, use the normal element-desktop package instead
#
@@ -18,7 +21,7 @@
# Workaround: Use Flatpak version ...
# Discussion on GitHub: https://github.com/NixOS/nixpkgs/issues/343806 AMD GPUs and NixOS - 'Cannot find target for triple amdgcn-- Unable to find target for this triple (no targets are registered)'
- users.users."yoda" = {
+ users.users."${user}" = {
packages = with pkgs; [
# Matrix chat client.
element-desktop
diff --git a/modules/firefox.nix b/modules/firefox.nix
index 03d8052..3e38957 100644
--- a/modules/firefox.nix
+++ b/modules/firefox.nix
@@ -1,6 +1,9 @@
{ config, pkgs, lib, ... }:
+let
+ user = config.yoda.user;
+in
{
- users.users."yoda" = {
+ users.users."${user}" = {
packages = with pkgs; [
firefox # Web browser
];
@@ -14,7 +17,7 @@
# Required for dconf.settings
programs.dconf.enable = true;
- home-manager.users."yoda" = { osConfig, config, pkgs, ... }: {
+ home-manager.users."${user}" = { osConfig, config, pkgs, ... }: {
dconf.settings = {
"org/gnome/shell" = {
favorite-apps = ["firefox.desktop"];
diff --git a/modules/freetube.nix b/modules/freetube.nix
index c6c640f..fb881ab 100644
--- a/modules/freetube.nix
+++ b/modules/freetube.nix
@@ -1,6 +1,9 @@
{ config, pkgs, lib, ... }:
+let
+ user = config.yoda.user;
+in
{
- users.users."yoda" = {
+ users.users."${user}" = {
packages = with pkgs; [
unstable.freetube # YouTube client.
];
diff --git a/modules/fwupd-gnome.nix b/modules/fwupd-gnome.nix
index d5f65b1..e18b6fe 100644
--- a/modules/fwupd-gnome.nix
+++ b/modules/fwupd-gnome.nix
@@ -1,9 +1,12 @@
{ config, pkgs, ... }:
+let
+ user = config.yoda.user;
+in
{
# Enable firmware update daemon
services.fwupd.enable = true;
- users.users."yoda" = {
+ users.users."${user}" = {
packages = with pkgs; [
# Install firmware on devices supported by fwupd.
gnome-firmware
diff --git a/modules/fzf.nix b/modules/fzf.nix
index 78c0fc4..36d62b6 100644
--- a/modules/fzf.nix
+++ b/modules/fzf.nix
@@ -1,5 +1,7 @@
{ config, pkgs, ... }:
let
+ user = config.yoda.user;
+
# Fuzzy shell history and file search.
#
# Use fzf to search your command history (with STRG + r) and do file searches (with STRG + t).
@@ -17,14 +19,14 @@ let
};
in
{
- home-manager.users."yoda" = { osConfig, config, pkgs, ... }: {
+ home-manager.users."${user}" = { osConfig, config, pkgs, ... }: {
programs.fzf = fzf-config;
};
home-manager.users."root" = { osConfig, config, pkgs, ... }: {
programs.fzf = fzf-config;
};
- users.users."yoda" = {
+ users.users."${user}" = {
packages = with pkgs; [
fd
];
diff --git a/modules/ghostwriter.nix b/modules/ghostwriter.nix
index 6b625e0..581039f 100644
--- a/modules/ghostwriter.nix
+++ b/modules/ghostwriter.nix
@@ -1,6 +1,9 @@
{ config, pkgs, lib, ... }:
+let
+ user = config.yoda.user;
+in
{
- users.users."yoda" = {
+ users.users."${user}" = {
packages = with pkgs; [
libsForQt5.ghostwriter # Markdown editor
];
@@ -9,7 +12,7 @@
# This fixes blurry fonts with fractional scaling on Wayland.
environment.sessionVariables.QT_QPA_PLATFORM = lib.mkIf (config.services.xserver.displayManager.gdm.wayland) "wayland";
- home-manager.users."yoda" = { osConfig, config, pkgs, ... }: {
+ home-manager.users."${user}" = { osConfig, config, pkgs, ... }: {
home.file.".config/kde.org/ghostwriter.conf" = {
text = ''
[Application]
diff --git a/modules/git.nix b/modules/git.nix
index cb1b78b..b96c6b3 100644
--- a/modules/git.nix
+++ b/modules/git.nix
@@ -1,16 +1,21 @@
{ config, pkgs, ... }:
+let
+ user = config.yoda.user;
+ name = config.yoda.name;
+ email = config.yoda.email;
+in
{
- users.users."yoda" = {
+ users.users."${user}" = {
packages = with pkgs; [
git
];
};
- home-manager.users."yoda" = { osConfig, config, pkgs, ... }: {
+ home-manager.users."${user}" = { osConfig, config, pkgs, ... }: {
programs.git = {
enable = true;
- userName = "Daniel Langbein";
- userEmail = "daniel@systemli.org";
+ userName = name;
+ userEmail = email;
signing.signByDefault = true;
signing.key = null;
aliases = {
diff --git a/modules/gnome-wallpaper.nix b/modules/gnome-wallpaper.nix
index 85faa4d..de86f06 100644
--- a/modules/gnome-wallpaper.nix
+++ b/modules/gnome-wallpaper.nix
@@ -1,14 +1,17 @@
{ config, pkgs, ... }:
+let
+ user = config.yoda.user;
+in
{
# https://discourse.nixos.org/t/how-to-set-gnome-a-k-a-gdm-greeter-a-k-a-lockscreen-login-background-a-k-a-wallpaper/14289
programs.dconf.enable = true;
- home-manager.users."yoda" = { osConfig, config, pkgs, ... }: {
+ home-manager.users."${user}" = { osConfig, config, pkgs, ... }: {
dconf.settings = {
"org/gnome/desktop/background" = {
- "picture-uri" = "/home/yoda/.config/background";
- "picture-uri-dark" = "/home/yoda/.config/background";
+ "picture-uri" = "/home/${user}/.config/background";
+ "picture-uri-dark" = "/home/${user}/.config/background";
};
};
home.file.".config/background".source = "${(pkgs.callPackage ./wallpaper.nix { })}/img.jpg";
diff --git a/modules/headless.nix b/modules/headless.nix
index 46466bb..ef67adb 100644
--- a/modules/headless.nix
+++ b/modules/headless.nix
@@ -1,6 +1,9 @@
{ config, pkgs, ... }:
+let
+ user = config.yoda.user;
+in
{
- users.users."yoda" = {
+ users.users."${user}" = {
packages = with pkgs; [
#zenith # Terminal resource monitor / task manager
btop # Terminal resource monitor / task manager
diff --git a/modules/home-manager.nix b/modules/home-manager.nix
index 6224779..32c4bad 100644
--- a/modules/home-manager.nix
+++ b/modules/home-manager.nix
@@ -1,5 +1,7 @@
{ config, pkgs, ... }:
let
+ user = config.yoda.user;
+
# Import Home Manager with niv.
home-manager = (import ../nix/sources.nix).home-manager;
#home-manager-source = import (import ../nix/sources.nix).home-manager {};
@@ -19,7 +21,7 @@ in
# https://nix-community.github.io/home-manager/index.html#sec-install-nixos-module
home-manager.useGlobalPkgs = true;
- home-manager.users."yoda" = { osConfig, config, pkgs, ... }: {
+ home-manager.users."${user}" = { osConfig, config, pkgs, ... }: {
# https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion
# Switching to a higher state version typically requires performing some manual steps, such as data conversion or moving files.
home.stateVersion = "24.11";
diff --git a/modules/initrd-contact-info.nix b/modules/initrd-contact-info.nix
index 8e619a1..1907abd 100644
--- a/modules/initrd-contact-info.nix
+++ b/modules/initrd-contact-info.nix
@@ -38,12 +38,12 @@ let
in
lib.optionalString (res != null) (lib.head res);
- contact_name = "Daniel Langbein";
+ contact_name = config.yoda.name;
# The file `phone-number` contains only one line with our phone number, e.g. +49 0173 ...
# Be aware that the phone number will be written to the nix store in plaintext!
# TODO: strip the read string (no tailing newlines)
contact_phone = trim (builtins.readFile ../secrets/phone-number);
- contact_mail = "daniel@systemli.org";
+ contact_mail = config.yoda.email;
# https://wiki.nixos.org/wiki/Shell_Scripts
contact-info-str = pkgs.stdenv.mkDerivation rec {
diff --git a/modules/jetbrains-ide.nix b/modules/jetbrains-ide.nix
index ec8390d..1f622a9 100644
--- a/modules/jetbrains-ide.nix
+++ b/modules/jetbrains-ide.nix
@@ -1,5 +1,7 @@
{ config, pkgs, lib, ... }:
let
+ user = config.yoda.user;
+
# version = (
# if (config.nixpkgs.config.allowUnfree)
# then "idea-ultimate"
@@ -41,14 +43,14 @@ in
# TODO: Currently markdown previews are broken anyways because of issues with the sandboxed webbrowser on NixOS
];
- users.users."yoda" = {
+ users.users."${user}" = {
packages = with pkgs; [
jetbrains."${version}"
];
};
programs.dconf.enable = true;
- home-manager.users."yoda" = { osConfig, config, pkgs, lib, ... }: {
+ home-manager.users."${user}" = { osConfig, config, pkgs, lib, ... }: {
dconf.settings = {
"org/gnome/shell" = {
favorite-apps = ["${version}.desktop"];
diff --git a/modules/journalwatch.nix b/modules/journalwatch.nix
index 77a4723..e1e4105 100644
--- a/modules/journalwatch.nix
+++ b/modules/journalwatch.nix
@@ -41,6 +41,7 @@
{ config, pkgs, ... }:
let
user = config.yoda.user;
+ email = config.yoda.email;
stopped-service-consumption-summary = ''
\S+\.(service|scope|slice|swap|mount): Consumed ([0-9]+d )?([0-9]+h )?([0-9]+min )?[0-9\.]+(s|ms) CPU time(, .+)?\.'';
@@ -96,7 +97,7 @@ in
enable = true;
# Same as configured by sendmail MTA.
mailFrom = "langbein@mail.de";
- mailTo = "daniel+journalwatch@systemli.org";
+ mailTo = email;
#interval = "hourly";
# Lowest priority of message to be considered.
diff --git a/modules/nitrokey-gpg-smartcard.nix b/modules/nitrokey-gpg-smartcard.nix
index 7bbcc40..7d82be4 100644
--- a/modules/nitrokey-gpg-smartcard.nix
+++ b/modules/nitrokey-gpg-smartcard.nix
@@ -1,4 +1,7 @@
{ config, pkgs, lib, ... }:
+let
+ user = config.yoda.user;
+in
{
# Use NitroKey USB smartcard with SSH.
# https://nixos.wiki/wiki/Nitrokey
@@ -38,14 +41,14 @@
#
# ssh -v nas
#=> OpenSSH_9.3p2, OpenSSL 3.0.10 1 Aug 2023
- #=> debug1: Reading configuration data /home/yoda/.ssh/config
- #=> debug1: /home/yoda/.ssh/config line 67: Applying options for nas
- #=> debug1: /home/yoda/.ssh/config line 180: Applying options for *
+ #=> debug1: Reading configuration data /home/${user}/.ssh/config
+ #=> debug1: /home/${user}/.ssh/config line 67: Applying options for nas
+ #=> debug1: /home/${user}/.ssh/config line 180: Applying options for *
#=> debug1: Reading configuration data /etc/ssh/ssh_config
#=> debug1: Executing command: '/nix/store/8fv91097mbh5049i9rglc73dx6kjg3qk-bash-5.2-p15/bin/bash -c '/nix/store/lvsbmqy4dmlri22145hbr6799hgbnpnf-gnupg-2.4.0/bin/gpg-connect-agent --quiet updatestartuptty /bye >/dev/null 2>&1''
#
#=> USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
- #=> yoda 2752 0.0 0.0 444812 3040 ? SLsl 16:09 0:00 /nix/store/lvsbmqy4dmlri22145hbr6799hgbnpnf-gnupg-2.4.0/bin/gpg-agent --supervised --pinentry-program /nix/store/8cvidvpwnwyxixlhqfaa5jlfndh2vir5-pinentry-1.2.1-curses/bin/pinentry
+ #=> ${user} 2752 0.0 0.0 444812 3040 ? SLsl 16:09 0:00 /nix/store/lvsbmqy4dmlri22145hbr6799hgbnpnf-gnupg-2.4.0/bin/gpg-agent --supervised --pinentry-program /nix/store/8cvidvpwnwyxixlhqfaa5jlfndh2vir5-pinentry-1.2.1-curses/bin/pinentry
# NITROKEY SSH WORKAROUND (I): Do all of this in one shell!
# CREDITS: https://unix.stackexchange.com/a/250045/315162
@@ -121,7 +124,7 @@
# pinentry-gnome
#];
- #users.users."yoda" = {
+ #users.users."${user}" = {
# packages = with pkgs; [
# #pinentry-curses
# pinentry-gnome
@@ -146,7 +149,7 @@
# Smartcard daemon.
services.pcscd.enable = true;
- home-manager.users."yoda" = { osConfig, config, pkgs, ... }: {
+ home-manager.users."${user}" = { osConfig, config, pkgs, ... }: {
# Disable GNOME Keyring. See comment above.
#
diff --git a/modules/obsidian.nix b/modules/obsidian.nix
index 6079f24..7f7a649 100644
--- a/modules/obsidian.nix
+++ b/modules/obsidian.nix
@@ -1,4 +1,7 @@
{ config, pkgs, lib, ... }:
+let
+ user = config.yoda.user;
+in
{
# TODO: if on wayland and scaling != 1, start obsidian with the following command.
# Sharp fonts.
@@ -10,14 +13,14 @@
"obsidian"
];
- users.users."yoda" = {
+ users.users."${user}" = {
packages = with pkgs; [
obsidian # Markdown notes
];
};
programs.dconf.enable = true;
- home-manager.users."yoda" = { osConfig, config, pkgs, lib, ... }: {
+ home-manager.users."${user}" = { osConfig, config, pkgs, lib, ... }: {
dconf.settings = {
"org/gnome/shell" = {
favorite-apps = ["obsidian.desktop"];
diff --git a/modules/print-and-scan.nix b/modules/print-and-scan.nix
index 652396e..c2b25cd 100644
--- a/modules/print-and-scan.nix
+++ b/modules/print-and-scan.nix
@@ -1,4 +1,7 @@
{ config, pkgs, ... }:
+let
+ user = config.yoda.user;
+in
{
# Printing with IPP everywhere capable printers
# https://nixos.wiki/wiki/Printing
@@ -58,7 +61,7 @@
extraBackends = [ pkgs.hplip ];
};
- users.users."yoda" = {
+ users.users."${user}" = {
extraGroups = [ "scanner" "lp" ];
packages = with pkgs; [
simple-scan # GNOME Document Scanner
diff --git a/modules/programs-kde.nix b/modules/programs-kde.nix
index d58ae1b..d5d6185 100644
--- a/modules/programs-kde.nix
+++ b/modules/programs-kde.nix
@@ -1,4 +1,7 @@
{ config, pkgs, mkKdeDerivation, lib, ... }:
+let
+ user = config.yoda.user;
+in
{
imports = [
./ark.nix # Archive manager: Compress and decompress
@@ -11,7 +14,7 @@
"dotnet-runtime-6.0.36"
];
- users.users."yoda" = {
+ users.users."${user}" = {
packages = with pkgs; [
# Preinstalled
# kdePackages.ark # Archive manager
diff --git a/modules/sendmail-mta.nix b/modules/sendmail-mta.nix
index a7c6c06..7ff8f37 100644
--- a/modules/sendmail-mta.nix
+++ b/modules/sendmail-mta.nix
@@ -1,4 +1,7 @@
{ config, pkgs, ... }:
+let
+ email = config.yoda.email;
+in
{
# Many programs use the `sendmail` command to send email.
# Nullmailer and OpenSMTP create a symlink from `sendmail` to their binary - they are (to a certain degree) sendmail compatible.
@@ -46,8 +49,8 @@
# https://nixos.wiki/wiki/Msmtp#Aliases
environment.etc.aliases = {
text = ''
- # Forward email from root to daniel@systemli.org
- root: daniel@systemli.org
+ # Forward email received by user root to ${email}
+ root: ${email}
'';
mode = "0644";
};
diff --git a/modules/signal-desktop.nix b/modules/signal-desktop.nix
index 6165230..39d1bcc 100644
--- a/modules/signal-desktop.nix
+++ b/modules/signal-desktop.nix
@@ -1,6 +1,9 @@
{ config, pkgs, lib, ... }:
+let
+ user = config.yoda.user;
+in
{
- users.users."yoda" = {
+ users.users."${user}" = {
packages = with pkgs; [
signal-desktop # Signal client
];
@@ -23,7 +26,7 @@
})
];
- home-manager.users."yoda" = { osConfig, config, pkgs, ... }: {
+ home-manager.users."${user}" = { osConfig, config, pkgs, ... }: {
dconf.settings = {
"org/gnome/shell" = {
favorite-apps = ["signal-desktop.desktop"];
diff --git a/modules/spaceFM.nix b/modules/spaceFM.nix
index 445d1c5..3a29e4d 100644
--- a/modules/spaceFM.nix
+++ b/modules/spaceFM.nix
@@ -1,6 +1,9 @@
{ config, pkgs, lib, ... }:
+let
+ user = config.yoda.user;
+in
{
- users.users."yoda" = {
+ users.users."${user}" = {
packages = with pkgs; [
spaceFM
];
diff --git a/modules/ssh-client.nix b/modules/ssh-client.nix
index 4ace94c..dda5bfd 100644
--- a/modules/ssh-client.nix
+++ b/modules/ssh-client.nix
@@ -1,6 +1,9 @@
{ config, pkgs, ... }:
+let
+ user = config.yoda.user;
+in
{
- home-manager.users."yoda" = { osConfig, config, pkgs, ... }: {
+ home-manager.users."${user}" = { osConfig, config, pkgs, ... }: {
# SSH client configuration.
programs.ssh = {
@@ -15,13 +18,13 @@
};
"yodaTab" = {
hostname = "192.168.178.53";
- user = "yoda";
+ user = "${user}";
port = 22;
compression = false;
};
"yodaEnchilada" = {
hostname = "192.168.178.25";
- user = "yoda";
+ user = "${user}";
port = 22;
compression = false;
};
@@ -29,7 +32,7 @@
# local IP: 192.168.178.186
"yodaYoga" = {
hostname = "yodayoga.p1st.de";
- user = "yoda";
+ user = "${user}";
port = 2224;
compression = true;
};
@@ -48,7 +51,7 @@
"pi3bplus" = {
hostname = "fckjpbxxim36c1gb.myfritz.net";
- user = "yoda";
+ user = "${user}";
port = 22;
compression = true;
};
@@ -75,7 +78,7 @@
# local IP: 192.168.178.118
"yodaHedgehog" = {
hostname = "yodahedgehog.p1st.de";
- user = "yoda";
+ user = "${user}";
port = 2226;
compression = true;
};
@@ -95,7 +98,7 @@
# local IP: 192.168.178.119
"yodaNas" = {
hostname = "yodanas.p1st.de";
- user = "yoda";
+ user = "${user}";
port = 2222;
compression = true;
};
diff --git a/modules/ssh-server.nix b/modules/ssh-server.nix
index 91aec7d..c0761a4 100644
--- a/modules/ssh-server.nix
+++ b/modules/ssh-server.nix
@@ -1,4 +1,7 @@
{ config, pkgs, ... }:
+let
+ user = config.yoda.user;
+in
{
# Enable SSH server.
services.openssh = {
@@ -47,7 +50,7 @@
# TODO replace authorizedKeys in all .nix files with authorizedKeyFiles
# SSH public key(s) allowed to connect via SSH.
- users.users."yoda".openssh.authorizedKeys.keys = [
+ users.users."${user}".openssh.authorizedKeys.keys = [
(builtins.readFile ../assets/ssh/nitrokey.pub)
];
users.users."root".openssh.authorizedKeys.keys = [
diff --git a/modules/thunderbird.nix b/modules/thunderbird.nix
index e8d5c9b..81e0680 100644
--- a/modules/thunderbird.nix
+++ b/modules/thunderbird.nix
@@ -1,6 +1,9 @@
{ config, pkgs, lib, ... }:
let
- user = config.yoda.user;
+ user = config.yoda.user;
+ name = config.yoda.name;
+ email = config.yoda.email;
+ fingerprint = config.yoda.fingerprint;
# TODO: trim whitespaces from string
email-uni-marburg = (builtins.readFile ../secrets/email-uni-marburg);
@@ -13,16 +16,16 @@ in
home-manager.users."${user}" = { osConfig, config, pkgs, ... }: {
accounts.email.accounts = {
"personal" = {
- address = "daniel@systemli.org";
+ address = email;
gpg = {
# The key to use as listed in gpg --list-keys.
- key = "94F3D3DDAC22802258FC044B6C47C753F0823002";
+ key = fingerprint;
signByDefault = true;
};
primary = true;
- realName = "Daniel Langbein";
+ realName = name;
- userName = "daniel@systemli.org";
+ userName = email;
imap = {
host = "mail.systemli.org";
port = 993;
@@ -39,7 +42,7 @@ in
"uni-marburg" = {
address = email-uni-marburg;
primary = false;
- realName = "Daniel Langbein";
+ realName = name;
# It seems as if both is possible:
# userName: part of email before "@"
diff --git a/modules/uni-vpn.nix b/modules/uni-vpn.nix
index 328b34e..7f83b1e 100644
--- a/modules/uni-vpn.nix
+++ b/modules/uni-vpn.nix
@@ -1,4 +1,7 @@
{ config, pkgs, ... }:
+let
+ user = config.yoda.user;
+in
{
assertions = [{
assertion = config.services.xserver.desktopManager.gnome.enable || config.services.desktopManager.plasma6.enable;
@@ -9,7 +12,7 @@
./t-telesec.nix
];
- users.users."yoda" = {
+ users.users."${user}" = {
packages = with pkgs; [
networkmanager-openconnect # Openconnect VPN
];
diff --git a/modules/usb-mtp-ptp.nix b/modules/usb-mtp-ptp.nix
index 7b4d989..6fc43b2 100644
--- a/modules/usb-mtp-ptp.nix
+++ b/modules/usb-mtp-ptp.nix
@@ -1,4 +1,7 @@
{ config, pkgs, ... }:
+let
+ user = config.yoda.user;
+in
{
# USB MTP and PTP support
# https://wiki.archlinux.org/title/Media_Transfer_Protocol#File_manager_integration
@@ -11,7 +14,7 @@
programs.gphoto2.enable = true;
# To grant digital camera access to a user,
# the user must be part of the camera group:
- users.users."yoda".extraGroups = ["camera"];
+ users.users."${user}".extraGroups = ["camera"];
#
# Example usage:
#
diff --git a/modules/veracrypt.nix b/modules/veracrypt.nix
index ad50715..4097bd6 100644
--- a/modules/veracrypt.nix
+++ b/modules/veracrypt.nix
@@ -1,4 +1,7 @@
{ config, pkgs, lib, ... }:
+let
+ user = config.yoda.user;
+in
{
# Looks as if TrueCrypt is unfree software
# https://github.com/NixOS/nixpkgs/blob/5d017a8822e0907fb96f7700a319f9fe2434de02/pkgs/applications/misc/veracrypt/default.nix#L59
@@ -11,7 +14,7 @@
"veracrypt"
];
- users.users."yoda" = {
+ users.users."${user}" = {
packages = with pkgs; [
veracrypt # Encrypted filesystem
];
diff --git a/modules/zsh.nix b/modules/zsh.nix
index 143d67b..7f65720 100644
--- a/modules/zsh.nix
+++ b/modules/zsh.nix
@@ -1,5 +1,7 @@
{ config, pkgs, ... }:
let
+ user = config.yoda.user;
+
# https://nixos.wiki/wiki/Zsh
zsh-config = {
enable = true;
@@ -57,9 +59,9 @@ in
# Inside the following Home Manager configuration block,
# `config` refers to Home Manager configuration.
- home-manager.users."yoda" = { osConfig, config, pkgs, ... }: {
+ home-manager.users."${user}" = { osConfig, config, pkgs, ... }: {
programs.zsh = zsh-config // {
- # nix-repl: config.home-manager.users."yoda".programs.zsh.history.path
+ # nix-repl: config.home-manager.users."${user}".programs.zsh.history.path
# -> ~/.local/share/.histfile
history.path = "${config.xdg.dataHome}/.histfile";
};