Mirror/nix-git
Mirror/nix-git
1
0
Fork 0
mirror of https://codeberg.org/privacy1st/nix-git synced 2025-04-02 16:55:59 +02:00
Code Issues Packages Projects Releases Wiki Activity

define name, email, key fingerprint in base-user.nix

Browse Source
This commit is contained in:
Daniel Langbein 2025-03-30 14:47:44 +02:00
parent 7fa6af56b3
commit a7bf8f2ff3
Signed by: langfingaz
GPG Key ID: 6C47C753F0823002
36 changed files with 199 additions and 84 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
hosts/yodaHedgehog/host-specific.nix
View File

@ -11,6 +11,8 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
let let
email = config.yoda.email;
backup-source = "rootNas"; backup-source = "rootNas";
# The "stay-awake" file is located at `${backup-source}:${stay-awake-file}`. # The "stay-awake" file is located at `${backup-source}:${stay-awake-file}`.
# Example: ssh rootNas 'touch yodaHedgehog.stay-awake' # Example: ssh rootNas 'touch yodaHedgehog.stay-awake'
@ -85,11 +87,11 @@ in
printf '%s\n' 'Delaying backup due to SSH connectivity problems.' printf '%s\n' 'Delaying backup due to SSH connectivity problems.'
# After the fourth failed connection attempt, send a notification by email. # After the fourth failed connection attempt, send a notification by email.
if [ "''${i}" = "4" ]; then if [ "''${i}" = "4" ]; then
printf '%s\n\n%s' 'Subject: ${config.networking.hostName}' 'Error connecting to ${backup-source}. Will retry in some seconds.' | sendmail -f langbein@mail.de daniel@systemli.org printf '%s\n\n%s' 'Subject: ${config.networking.hostName}' 'Error connecting to ${backup-source}. Will retry in some seconds.' | sendmail -f langbein@mail.de ${email}
fi fi
# After ${retries} failed connection attempts, send a second notification by email and give up. # After ${retries} failed connection attempts, send a second notification by email and give up.
if [ "''${i}" = "${retries}" ]; then if [ "''${i}" = "${retries}" ]; then
printf '%s\n\n%s' 'Subject: ${config.networking.hostName}' 'Error connecting to ${backup-source} for ${retries} times. Giving up!' | sendmail -f langbein@mail.de daniel@systemli.org printf '%s\n\n%s' 'Subject: ${config.networking.hostName}' 'Error connecting to ${backup-source} for ${retries} times. Giving up!' | sendmail -f langbein@mail.de ${email}
exit 1 exit 1
fi fi
# Wait some seconds before repeating. # Wait some seconds before repeating.
@ -140,7 +142,7 @@ in
# Send filtered journal by email. # Send filtered journal by email.
systemctl start journalwatch.service ||: systemctl start journalwatch.service ||:
# Send notification by email. # Send notification by email.
printf '%s\n\n%s' 'Subject: ${config.networking.hostName}' 'Finished backup.' | sendmail -f langbein@mail.de daniel@systemli.org printf '%s\n\n%s' 'Subject: ${config.networking.hostName}' 'Finished backup.' | sendmail -f langbein@mail.de ${email}
# Let sendmail send emails. # Let sendmail send emails.
#while :; do #while :; do

4
modules/ark.nix
View File

@ -8,6 +8,8 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
let let
user = config.yoda.user;
extraTools = with pkgs; [ extraTools = with pkgs; [
p7zip p7zip
lrzip lrzip
@ -36,7 +38,7 @@ in
"unrar" "unrar"
]; ];
users.users."yoda" = { users.users."${user}" = {
packages = with pkgs; [ packages = with pkgs; [
ark-with-unrar # Archive manager: Compress and decompress ark-with-unrar # Archive manager: Compress and decompress
]; ];

5
modules/autostart.nix
View File

@ -1,9 +1,12 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
let
user = config.yoda.user;
in
{ {
# See also: # See also:
# Temporary workaround until https://github.com/nix-community/home-manager/issues/3447 is merged. # Temporary workaround until https://github.com/nix-community/home-manager/issues/3447 is merged.
home-manager.users."yoda" = { osConfig, config, pkgs, ... }: { home-manager.users."${user}" = { osConfig, config, pkgs, ... }: {
home.file."keepassxc" = { home.file."keepassxc" = {
target = ".config/autostart/org.keepassxc.KeePassXC.desktop"; target = ".config/autostart/org.keepassxc.KeePassXC.desktop";
source = (pkgs.keepassxc + "/share/applications/org.keepassxc.KeePassXC.desktop"); source = (pkgs.keepassxc + "/share/applications/org.keepassxc.KeePassXC.desktop");

41
modules/base-user.nix
View File

@ -1,16 +1,49 @@
# https://l-lin.github.io/nix/share-variables-between-Nix-modules
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
let let
defaultUsername = "yoda"; defaultUser = "yoda";
defaultName = "Daniel Langbein";
defaultEmail = "daniel@systemli.org";
defaultMaintainer = "langbeindaniel";
defaultFingerprint = "94F3D3DDAC22802258FC044B6C47C753F0823002";
in in
{ {
options.yoda.user = lib.mkOption { options.yoda.user = lib.mkOption {
# You can find the exhaustive list of types here: https://nlewo.github.io/nixos-manual-sphinx/development/option-types.xml.html # You can find the exhaustive list of types here: https://nlewo.github.io/nixos-manual-sphinx/development/option-types.xml.html
type = lib.types.str; type = lib.types.str;
default = defaultUsername; default = defaultUser;
description = "Username of the primary Linux user account. Must not include regex special characters."; description = "Primary Linux user name. Must not include regex special characters.";
};
options.yoda.name = lib.mkOption {
type = lib.types.str;
default = defaultName;
description = "Personal name of primary user.";
};
options.yoda.email = lib.mkOption {
type = lib.types.str;
default = defaultEmail;
description = "Personal email address of primary user.";
};
options.yoda.maintainer = lib.mkOption {
type = lib.types.str;
default = defaultMaintainer;
description = "Personal nix maintainer identifier of primary user";
};
options.yoda.fingerprint = lib.mkOption {
type = lib.types.str;
default = defaultFingerprint;
description = "Personal key fingerprint of primary user as listed by `gpg --list-keys`.";
}; };
config = { config = {
yoda.user = defaultUsername; lib.maintainers."${defaultMaintainer}" = {
name = defaultName;
email = defaultEmail;
keys = [{
fingerprint = defaultFingerprint;
}];
};
}; };
} }

4
modules/bash.nix
View File

@ -1,5 +1,7 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
let let
user = config.yoda.user;
bash-config = { bash-config = {
enable = true; enable = true;
enableCompletion = true; enableCompletion = true;
@ -18,7 +20,7 @@ in
# Required by home-manager programs.bash.enableCompletion # Required by home-manager programs.bash.enableCompletion
environment.pathsToLink = [ "/share/bash-completion" ]; environment.pathsToLink = [ "/share/bash-completion" ];
home-manager.users."yoda" = { osConfig, config, pkgs, ... }: { home-manager.users."${user}" = { osConfig, config, pkgs, ... }: {
programs.bash = bash-config; programs.bash = bash-config;
}; };
home-manager.users."root" = { osConfig, config, pkgs, ... }: { home-manager.users."root" = { osConfig, config, pkgs, ... }: {

7
modules/blackbox.nix
View File

@ -1,9 +1,12 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
let
user = config.yoda.user;
in
{ {
# A direct integration in Nautilus is still in progress: https://gitlab.gnome.org/raggesilver/blackbox/-/issues/20 # A direct integration in Nautilus is still in progress: https://gitlab.gnome.org/raggesilver/blackbox/-/issues/20
# Thus, we use nautilus-open-any-terminal. # Thus, we use nautilus-open-any-terminal.
users.users."yoda" = { users.users."${user}" = {
packages = with pkgs; [ packages = with pkgs; [
blackbox-terminal # Terminal emulator. Can show notifications for commands finished in the background. blackbox-terminal # Terminal emulator. Can show notifications for commands finished in the background.
nautilus-open-any-terminal # For Nautilus (GNOME files) integration nautilus-open-any-terminal # For Nautilus (GNOME files) integration
@ -11,7 +14,7 @@
}; };
programs.dconf.enable = true; programs.dconf.enable = true;
home-manager.users."yoda" = { osConfig, config, pkgs, ... }: { home-manager.users."${user}" = { osConfig, config, pkgs, ... }: {
dconf.settings = { dconf.settings = {
# For Nautilus (GNOME files) integration # For Nautilus (GNOME files) integration
"com/github/stunkymonkey/nautilus-open-any-terminal" = { "com/github/stunkymonkey/nautilus-open-any-terminal" = {

5
modules/digikam-rawtherapee-hugin-gimp.nix
View File

@ -1,6 +1,9 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
let
user = config.yoda.user;
in
{ {
users.users."yoda" = { users.users."${user}" = {
packages = with pkgs; [ packages = with pkgs; [
# TODO: Temporary fix until exiftool fix is landed in NixOS stable # TODO: Temporary fix until exiftool fix is landed in NixOS stable
# https://github.com/NixOS/nixpkgs/issues/332561 # https://github.com/NixOS/nixpkgs/issues/332561

7
modules/docker-pushrm-pkg.nix
View File

@ -1,4 +1,7 @@
{ pkgs, lib, buildGoModule, fetchFromGitHub }: { config, pkgs, lib, buildGoModule, fetchFromGitHub }:
let
maintainer = config.yoda.maintainer;
in
# TODO: `docker pushrm` does not work, however `docker-pushrm` does. # TODO: `docker pushrm` does not work, however `docker-pushrm` does.
# TODO: Watch for new releases # TODO: Watch for new releases
@ -48,6 +51,6 @@ buildGoModule rec {
''; '';
homepage = "https://github.com/christian-korneck/docker-pushrm"; homepage = "https://github.com/christian-korneck/docker-pushrm";
license = licenses.mit; license = licenses.mit;
maintainers = with maintainers; [ langbeindaniel ]; maintainers = with maintainers; [ maintainer ];
}; };
} }

10
modules/docker-pushrm.nix
View File

@ -1,15 +1,5 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
{ {
lib.maintainers = {
langbeindaniel = {
name = "Daniel Langbein";
email = "daniel@systemli.org";
keys = [{
fingerprint = "94F3 D3DD AC22 8022 58FC 044B 6C47 C753 F082 3002";
}];
};
};
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
( (
# callPackage is a function that automagically figures out which arguments your function wants, and then provides them from its own set. This pill explains it well: https://nixos.org/guides/nix-pills/callpackage-design-pattern.html # callPackage is a function that automagically figures out which arguments your function wants, and then provides them from its own set. This pill explains it well: https://nixos.org/guides/nix-pills/callpackage-design-pattern.html

9
modules/element-desktop.nix
View File

@ -1,10 +1,13 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
let
user = config.yoda.user;
in
{ {
# Issue: Login does not work. Webbrowser does not redirect back to Element app. Firefox does not ask to open link with Element app. It works with the Flatpak version though. # Issue: Login does not work. Webbrowser does not redirect back to Element app. Firefox does not ask to open link with Element app. It works with the Flatpak version though.
# #
# Configuration paths with user data: # Configuration paths with user data:
# NixOS: /home/yoda/.config/Element /home/yoda/.config/Riot # NixOS: /home/${user}/.config/Element /home/${user}/.config/Riot
# Flatpak: /home/yoda/.var/app/im.riot.Riot/config/Element # Flatpak: /home/${user}/.var/app/im.riot.Riot/config/Element
# #
# Solution: Don't use element-desktop-wayland, use the normal element-desktop package instead # Solution: Don't use element-desktop-wayland, use the normal element-desktop package instead
# #
@ -18,7 +21,7 @@
# Workaround: Use Flatpak version ... # Workaround: Use Flatpak version ...
# Discussion on GitHub: https://github.com/NixOS/nixpkgs/issues/343806 AMD GPUs and NixOS - 'Cannot find target for triple amdgcn-- Unable to find target for this triple (no targets are registered)' # Discussion on GitHub: https://github.com/NixOS/nixpkgs/issues/343806 AMD GPUs and NixOS - 'Cannot find target for triple amdgcn-- Unable to find target for this triple (no targets are registered)'
users.users."yoda" = { users.users."${user}" = {
packages = with pkgs; [ packages = with pkgs; [
# Matrix chat client. # Matrix chat client.
element-desktop element-desktop

7
modules/firefox.nix
View File

@ -1,6 +1,9 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
let
user = config.yoda.user;
in
{ {
users.users."yoda" = { users.users."${user}" = {
packages = with pkgs; [ packages = with pkgs; [
firefox # Web browser firefox # Web browser
]; ];
@ -14,7 +17,7 @@
# Required for dconf.settings # Required for dconf.settings
programs.dconf.enable = true; programs.dconf.enable = true;
home-manager.users."yoda" = { osConfig, config, pkgs, ... }: { home-manager.users."${user}" = { osConfig, config, pkgs, ... }: {
dconf.settings = { dconf.settings = {
"org/gnome/shell" = { "org/gnome/shell" = {
favorite-apps = ["firefox.desktop"]; favorite-apps = ["firefox.desktop"];

5
modules/freetube.nix
View File

@ -1,6 +1,9 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
let
user = config.yoda.user;
in
{ {
users.users."yoda" = { users.users."${user}" = {
packages = with pkgs; [ packages = with pkgs; [
unstable.freetube # YouTube client. unstable.freetube # YouTube client.
]; ];

5
modules/fwupd-gnome.nix
View File

@ -1,9 +1,12 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
let
user = config.yoda.user;
in
{ {
# Enable firmware update daemon # Enable firmware update daemon
services.fwupd.enable = true; services.fwupd.enable = true;
users.users."yoda" = { users.users."${user}" = {
packages = with pkgs; [ packages = with pkgs; [
# Install firmware on devices supported by fwupd. # Install firmware on devices supported by fwupd.
gnome-firmware gnome-firmware

6
modules/fzf.nix
View File

@ -1,5 +1,7 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
let let
user = config.yoda.user;
# Fuzzy shell history and file search. # Fuzzy shell history and file search.
# #
# Use fzf to search your command history (with STRG + r) and do file searches (with STRG + t). # Use fzf to search your command history (with STRG + r) and do file searches (with STRG + t).
@ -17,14 +19,14 @@ let
}; };
in in
{ {
home-manager.users."yoda" = { osConfig, config, pkgs, ... }: { home-manager.users."${user}" = { osConfig, config, pkgs, ... }: {
programs.fzf = fzf-config; programs.fzf = fzf-config;
}; };
home-manager.users."root" = { osConfig, config, pkgs, ... }: { home-manager.users."root" = { osConfig, config, pkgs, ... }: {
programs.fzf = fzf-config; programs.fzf = fzf-config;
}; };
users.users."yoda" = { users.users."${user}" = {
packages = with pkgs; [ packages = with pkgs; [
fd fd
]; ];

7
modules/ghostwriter.nix
View File

@ -1,6 +1,9 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
let
user = config.yoda.user;
in
{ {
users.users."yoda" = { users.users."${user}" = {
packages = with pkgs; [ packages = with pkgs; [
libsForQt5.ghostwriter # Markdown editor libsForQt5.ghostwriter # Markdown editor
]; ];
@ -9,7 +12,7 @@
# This fixes blurry fonts with fractional scaling on Wayland. # This fixes blurry fonts with fractional scaling on Wayland.
environment.sessionVariables.QT_QPA_PLATFORM = lib.mkIf (config.services.xserver.displayManager.gdm.wayland) "wayland"; environment.sessionVariables.QT_QPA_PLATFORM = lib.mkIf (config.services.xserver.displayManager.gdm.wayland) "wayland";
home-manager.users."yoda" = { osConfig, config, pkgs, ... }: { home-manager.users."${user}" = { osConfig, config, pkgs, ... }: {
home.file.".config/kde.org/ghostwriter.conf" = { home.file.".config/kde.org/ghostwriter.conf" = {
text = '' text = ''
[Application] [Application]

13
modules/git.nix
View File

@ -1,16 +1,21 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
let
user = config.yoda.user;
name = config.yoda.name;
email = config.yoda.email;
in
{ {
users.users."yoda" = { users.users."${user}" = {
packages = with pkgs; [ packages = with pkgs; [
git git
]; ];
}; };
home-manager.users."yoda" = { osConfig, config, pkgs, ... }: { home-manager.users."${user}" = { osConfig, config, pkgs, ... }: {
programs.git = { programs.git = {
enable = true; enable = true;
userName = "Daniel Langbein"; userName = name;
userEmail = "daniel@systemli.org"; userEmail = email;
signing.signByDefault = true; signing.signByDefault = true;
signing.key = null; signing.key = null;
aliases = { aliases = {

9
modules/gnome-wallpaper.nix
View File

@ -1,14 +1,17 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
let
user = config.yoda.user;
in
{ {
# https://discourse.nixos.org/t/how-to-set-gnome-a-k-a-gdm-greeter-a-k-a-lockscreen-login-background-a-k-a-wallpaper/14289 # https://discourse.nixos.org/t/how-to-set-gnome-a-k-a-gdm-greeter-a-k-a-lockscreen-login-background-a-k-a-wallpaper/14289
programs.dconf.enable = true; programs.dconf.enable = true;
home-manager.users."yoda" = { osConfig, config, pkgs, ... }: { home-manager.users."${user}" = { osConfig, config, pkgs, ... }: {
dconf.settings = { dconf.settings = {
"org/gnome/desktop/background" = { "org/gnome/desktop/background" = {
"picture-uri" = "/home/yoda/.config/background"; "picture-uri" = "/home/${user}/.config/background";
"picture-uri-dark" = "/home/yoda/.config/background"; "picture-uri-dark" = "/home/${user}/.config/background";
}; };
}; };
home.file.".config/background".source = "${(pkgs.callPackage ./wallpaper.nix { })}/img.jpg"; home.file.".config/background".source = "${(pkgs.callPackage ./wallpaper.nix { })}/img.jpg";

5
modules/headless.nix
View File

@ -1,6 +1,9 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
let
user = config.yoda.user;
in
{ {
users.users."yoda" = { users.users."${user}" = {
packages = with pkgs; [ packages = with pkgs; [
#zenith # Terminal resource monitor / task manager #zenith # Terminal resource monitor / task manager
btop # Terminal resource monitor / task manager btop # Terminal resource monitor / task manager

4
modules/home-manager.nix
View File

@ -1,5 +1,7 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
let let
user = config.yoda.user;
# Import Home Manager with niv. # Import Home Manager with niv.
home-manager = (import ../nix/sources.nix).home-manager; home-manager = (import ../nix/sources.nix).home-manager;
#home-manager-source = import (import ../nix/sources.nix).home-manager {}; #home-manager-source = import (import ../nix/sources.nix).home-manager {};
@ -19,7 +21,7 @@ in
# https://nix-community.github.io/home-manager/index.html#sec-install-nixos-module # https://nix-community.github.io/home-manager/index.html#sec-install-nixos-module
home-manager.useGlobalPkgs = true; home-manager.useGlobalPkgs = true;
home-manager.users."yoda" = { osConfig, config, pkgs, ... }: { home-manager.users."${user}" = { osConfig, config, pkgs, ... }: {
# https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion # https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion
# Switching to a higher state version typically requires performing some manual steps, such as data conversion or moving files. # Switching to a higher state version typically requires performing some manual steps, such as data conversion or moving files.
home.stateVersion = "24.11"; home.stateVersion = "24.11";

4
modules/initrd-contact-info.nix
View File

@ -38,12 +38,12 @@ let
in in
lib.optionalString (res != null) (lib.head res); lib.optionalString (res != null) (lib.head res);
contact_name = "Daniel Langbein"; contact_name = config.yoda.name;
# The file `phone-number` contains only one line with our phone number, e.g. +49 0173 ... # The file `phone-number` contains only one line with our phone number, e.g. +49 0173 ...
# Be aware that the phone number will be written to the nix store in plaintext! # Be aware that the phone number will be written to the nix store in plaintext!
# TODO: strip the read string (no tailing newlines) # TODO: strip the read string (no tailing newlines)
contact_phone = trim (builtins.readFile ../secrets/phone-number); contact_phone = trim (builtins.readFile ../secrets/phone-number);
contact_mail = "daniel@systemli.org"; contact_mail = config.yoda.email;
# https://wiki.nixos.org/wiki/Shell_Scripts # https://wiki.nixos.org/wiki/Shell_Scripts
contact-info-str = pkgs.stdenv.mkDerivation rec { contact-info-str = pkgs.stdenv.mkDerivation rec {

6
modules/jetbrains-ide.nix
View File

@ -1,5 +1,7 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
let let
user = config.yoda.user;
# version = ( # version = (
# if (config.nixpkgs.config.allowUnfree) # if (config.nixpkgs.config.allowUnfree)
# then "idea-ultimate" # then "idea-ultimate"
@ -41,14 +43,14 @@ in
# TODO: Currently markdown previews are broken anyways because of issues with the sandboxed webbrowser on NixOS # TODO: Currently markdown previews are broken anyways because of issues with the sandboxed webbrowser on NixOS
]; ];
users.users."yoda" = { users.users."${user}" = {
packages = with pkgs; [ packages = with pkgs; [
jetbrains."${version}" jetbrains."${version}"
]; ];
}; };
programs.dconf.enable = true; programs.dconf.enable = true;
home-manager.users."yoda" = { osConfig, config, pkgs, lib, ... }: { home-manager.users."${user}" = { osConfig, config, pkgs, lib, ... }: {
dconf.settings = { dconf.settings = {
"org/gnome/shell" = { "org/gnome/shell" = {
favorite-apps = ["${version}.desktop"]; favorite-apps = ["${version}.desktop"];

3
modules/journalwatch.nix
View File

@ -41,6 +41,7 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
let let
user = config.yoda.user; user = config.yoda.user;
email = config.yoda.email;
stopped-service-consumption-summary = '' stopped-service-consumption-summary = ''
\S+\.(service|scope|slice|swap|mount): Consumed ([0-9]+d )?([0-9]+h )?([0-9]+min )?[0-9\.]+(s|ms) CPU time(, .+)?\.''; \S+\.(service|scope|slice|swap|mount): Consumed ([0-9]+d )?([0-9]+h )?([0-9]+min )?[0-9\.]+(s|ms) CPU time(, .+)?\.'';
@ -96,7 +97,7 @@ in
enable = true; enable = true;
# Same as configured by sendmail MTA. # Same as configured by sendmail MTA.
mailFrom = "langbein@mail.de"; mailFrom = "langbein@mail.de";
mailTo = "daniel+journalwatch@systemli.org"; mailTo = email;
#interval = "hourly"; #interval = "hourly";
# Lowest priority of message to be considered. # Lowest priority of message to be considered.

15
modules/nitrokey-gpg-smartcard.nix
View File

@ -1,4 +1,7 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
let
user = config.yoda.user;
in
{ {
# Use NitroKey USB smartcard with SSH. # Use NitroKey USB smartcard with SSH.
# https://nixos.wiki/wiki/Nitrokey # https://nixos.wiki/wiki/Nitrokey
@ -38,14 +41,14 @@
# #
# ssh -v nas # ssh -v nas
#=> OpenSSH_9.3p2, OpenSSL 3.0.10 1 Aug 2023 #=> OpenSSH_9.3p2, OpenSSL 3.0.10 1 Aug 2023
#=> debug1: Reading configuration data /home/yoda/.ssh/config #=> debug1: Reading configuration data /home/${user}/.ssh/config
#=> debug1: /home/yoda/.ssh/config line 67: Applying options for nas #=> debug1: /home/${user}/.ssh/config line 67: Applying options for nas
#=> debug1: /home/yoda/.ssh/config line 180: Applying options for * #=> debug1: /home/${user}/.ssh/config line 180: Applying options for *
#=> debug1: Reading configuration data /etc/ssh/ssh_config #=> debug1: Reading configuration data /etc/ssh/ssh_config
#=> debug1: Executing command: '/nix/store/8fv91097mbh5049i9rglc73dx6kjg3qk-bash-5.2-p15/bin/bash -c '/nix/store/lvsbmqy4dmlri22145hbr6799hgbnpnf-gnupg-2.4.0/bin/gpg-connect-agent --quiet updatestartuptty /bye >/dev/null 2>&1'' #=> debug1: Executing command: '/nix/store/8fv91097mbh5049i9rglc73dx6kjg3qk-bash-5.2-p15/bin/bash -c '/nix/store/lvsbmqy4dmlri22145hbr6799hgbnpnf-gnupg-2.4.0/bin/gpg-connect-agent --quiet updatestartuptty /bye >/dev/null 2>&1''
# #
#=> USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND #=> USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
#=> yoda 2752 0.0 0.0 444812 3040 ? SLsl 16:09 0:00 /nix/store/lvsbmqy4dmlri22145hbr6799hgbnpnf-gnupg-2.4.0/bin/gpg-agent --supervised --pinentry-program /nix/store/8cvidvpwnwyxixlhqfaa5jlfndh2vir5-pinentry-1.2.1-curses/bin/pinentry #=> ${user} 2752 0.0 0.0 444812 3040 ? SLsl 16:09 0:00 /nix/store/lvsbmqy4dmlri22145hbr6799hgbnpnf-gnupg-2.4.0/bin/gpg-agent --supervised --pinentry-program /nix/store/8cvidvpwnwyxixlhqfaa5jlfndh2vir5-pinentry-1.2.1-curses/bin/pinentry
# NITROKEY SSH WORKAROUND (I): Do all of this in one shell! # NITROKEY SSH WORKAROUND (I): Do all of this in one shell!
# CREDITS: https://unix.stackexchange.com/a/250045/315162 # CREDITS: https://unix.stackexchange.com/a/250045/315162
@ -121,7 +124,7 @@
# pinentry-gnome # pinentry-gnome
#]; #];
#users.users."yoda" = { #users.users."${user}" = {
# packages = with pkgs; [ # packages = with pkgs; [
# #pinentry-curses # #pinentry-curses
# pinentry-gnome # pinentry-gnome
@ -146,7 +149,7 @@
# Smartcard daemon. # Smartcard daemon.
services.pcscd.enable = true; services.pcscd.enable = true;
home-manager.users."yoda" = { osConfig, config, pkgs, ... }: { home-manager.users."${user}" = { osConfig, config, pkgs, ... }: {
# Disable GNOME Keyring. See comment above. # Disable GNOME Keyring. See comment above.
# #

7
modules/obsidian.nix
View File

@ -1,4 +1,7 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
let
user = config.yoda.user;
in
{ {
# TODO: if on wayland and scaling != 1, start obsidian with the following command. # TODO: if on wayland and scaling != 1, start obsidian with the following command.
# Sharp fonts. # Sharp fonts.
@ -10,14 +13,14 @@
"obsidian" "obsidian"
]; ];
users.users."yoda" = { users.users."${user}" = {
packages = with pkgs; [ packages = with pkgs; [
obsidian # Markdown notes obsidian # Markdown notes
]; ];
}; };
programs.dconf.enable = true; programs.dconf.enable = true;
home-manager.users."yoda" = { osConfig, config, pkgs, lib, ... }: { home-manager.users."${user}" = { osConfig, config, pkgs, lib, ... }: {
dconf.settings = { dconf.settings = {
"org/gnome/shell" = { "org/gnome/shell" = {
favorite-apps = ["obsidian.desktop"]; favorite-apps = ["obsidian.desktop"];

5
modules/print-and-scan.nix
View File

@ -1,4 +1,7 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
let
user = config.yoda.user;
in
{ {
# Printing with IPP everywhere capable printers # Printing with IPP everywhere capable printers
# https://nixos.wiki/wiki/Printing # https://nixos.wiki/wiki/Printing
@ -58,7 +61,7 @@
extraBackends = [ pkgs.hplip ]; extraBackends = [ pkgs.hplip ];
}; };
users.users."yoda" = { users.users."${user}" = {
extraGroups = [ "scanner" "lp" ]; extraGroups = [ "scanner" "lp" ];
packages = with pkgs; [ packages = with pkgs; [
simple-scan # GNOME Document Scanner simple-scan # GNOME Document Scanner

5
modules/programs-kde.nix
View File

@ -1,4 +1,7 @@
{ config, pkgs, mkKdeDerivation, lib, ... }: { config, pkgs, mkKdeDerivation, lib, ... }:
let
user = config.yoda.user;
in
{ {
imports = [ imports = [
./ark.nix # Archive manager: Compress and decompress ./ark.nix # Archive manager: Compress and decompress
@ -11,7 +14,7 @@
"dotnet-runtime-6.0.36" "dotnet-runtime-6.0.36"
]; ];
users.users."yoda" = { users.users."${user}" = {
packages = with pkgs; [ packages = with pkgs; [
# Preinstalled # Preinstalled
# kdePackages.ark # Archive manager # kdePackages.ark # Archive manager

7
modules/sendmail-mta.nix
View File

@ -1,4 +1,7 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
let
email = config.yoda.email;
in
{ {
# Many programs use the `sendmail` command to send email. # Many programs use the `sendmail` command to send email.
# Nullmailer and OpenSMTP create a symlink from `sendmail` to their binary - they are (to a certain degree) sendmail compatible. # Nullmailer and OpenSMTP create a symlink from `sendmail` to their binary - they are (to a certain degree) sendmail compatible.
@ -46,8 +49,8 @@
# https://nixos.wiki/wiki/Msmtp#Aliases # https://nixos.wiki/wiki/Msmtp#Aliases
environment.etc.aliases = { environment.etc.aliases = {
text = '' text = ''
# Forward email from root to daniel@systemli.org # Forward email received by user root to ${email}
root: daniel@systemli.org root: ${email}
''; '';
mode = "0644"; mode = "0644";
}; };

7
modules/signal-desktop.nix
View File

@ -1,6 +1,9 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
let
user = config.yoda.user;
in
{ {
users.users."yoda" = { users.users."${user}" = {
packages = with pkgs; [ packages = with pkgs; [
signal-desktop # Signal client signal-desktop # Signal client
]; ];
@ -23,7 +26,7 @@
}) })
]; ];
home-manager.users."yoda" = { osConfig, config, pkgs, ... }: { home-manager.users."${user}" = { osConfig, config, pkgs, ... }: {
dconf.settings = { dconf.settings = {
"org/gnome/shell" = { "org/gnome/shell" = {
favorite-apps = ["signal-desktop.desktop"]; favorite-apps = ["signal-desktop.desktop"];

5
modules/spaceFM.nix
View File

@ -1,6 +1,9 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
let
user = config.yoda.user;
in
{ {
users.users."yoda" = { users.users."${user}" = {
packages = with pkgs; [ packages = with pkgs; [
spaceFM spaceFM
]; ];

17
modules/ssh-client.nix
View File

@ -1,6 +1,9 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
let
user = config.yoda.user;
in
{ {
home-manager.users."yoda" = { osConfig, config, pkgs, ... }: { home-manager.users."${user}" = { osConfig, config, pkgs, ... }: {
# SSH client configuration. # SSH client configuration.
programs.ssh = { programs.ssh = {
@ -15,13 +18,13 @@
}; };
"yodaTab" = { "yodaTab" = {
hostname = "192.168.178.53"; hostname = "192.168.178.53";
user = "yoda"; user = "${user}";
port = 22; port = 22;
compression = false; compression = false;
}; };
"yodaEnchilada" = { "yodaEnchilada" = {
hostname = "192.168.178.25"; hostname = "192.168.178.25";
user = "yoda"; user = "${user}";
port = 22; port = 22;
compression = false; compression = false;
}; };
@ -29,7 +32,7 @@
# local IP: 192.168.178.186 # local IP: 192.168.178.186
"yodaYoga" = { "yodaYoga" = {
hostname = "yodayoga.p1st.de"; hostname = "yodayoga.p1st.de";
user = "yoda"; user = "${user}";
port = 2224; port = 2224;
compression = true; compression = true;
}; };
@ -48,7 +51,7 @@
"pi3bplus" = { "pi3bplus" = {
hostname = "fckjpbxxim36c1gb.myfritz.net"; hostname = "fckjpbxxim36c1gb.myfritz.net";
user = "yoda"; user = "${user}";
port = 22; port = 22;
compression = true; compression = true;
}; };
@ -75,7 +78,7 @@
# local IP: 192.168.178.118 # local IP: 192.168.178.118
"yodaHedgehog" = { "yodaHedgehog" = {
hostname = "yodahedgehog.p1st.de"; hostname = "yodahedgehog.p1st.de";
user = "yoda"; user = "${user}";
port = 2226; port = 2226;
compression = true; compression = true;
}; };
@ -95,7 +98,7 @@
# local IP: 192.168.178.119 # local IP: 192.168.178.119
"yodaNas" = { "yodaNas" = {
hostname = "yodanas.p1st.de"; hostname = "yodanas.p1st.de";
user = "yoda"; user = "${user}";
port = 2222; port = 2222;
compression = true; compression = true;
}; };

5
modules/ssh-server.nix
View File

@ -1,4 +1,7 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
let
user = config.yoda.user;
in
{ {
# Enable SSH server. # Enable SSH server.
services.openssh = { services.openssh = {
@ -47,7 +50,7 @@
# TODO replace authorizedKeys in all .nix files with authorizedKeyFiles # TODO replace authorizedKeys in all .nix files with authorizedKeyFiles
# SSH public key(s) allowed to connect via SSH. # SSH public key(s) allowed to connect via SSH.
users.users."yoda".openssh.authorizedKeys.keys = [ users.users."${user}".openssh.authorizedKeys.keys = [
(builtins.readFile ../assets/ssh/nitrokey.pub) (builtins.readFile ../assets/ssh/nitrokey.pub)
]; ];
users.users."root".openssh.authorizedKeys.keys = [ users.users."root".openssh.authorizedKeys.keys = [

15
modules/thunderbird.nix
View File

@ -1,6 +1,9 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
let let
user = config.yoda.user; user = config.yoda.user;
name = config.yoda.name;
email = config.yoda.email;
fingerprint = config.yoda.fingerprint;
# TODO: trim whitespaces from string # TODO: trim whitespaces from string
email-uni-marburg = (builtins.readFile ../secrets/email-uni-marburg); email-uni-marburg = (builtins.readFile ../secrets/email-uni-marburg);
@ -13,16 +16,16 @@ in
home-manager.users."${user}" = { osConfig, config, pkgs, ... }: { home-manager.users."${user}" = { osConfig, config, pkgs, ... }: {
accounts.email.accounts = { accounts.email.accounts = {
"personal" = { "personal" = {
address = "daniel@systemli.org"; address = email;
gpg = { gpg = {
# The key to use as listed in gpg --list-keys. # The key to use as listed in gpg --list-keys.
key = "94F3D3DDAC22802258FC044B6C47C753F0823002"; key = fingerprint;
signByDefault = true; signByDefault = true;
}; };
primary = true; primary = true;
realName = "Daniel Langbein"; realName = name;
userName = "daniel@systemli.org"; userName = email;
imap = { imap = {
host = "mail.systemli.org"; host = "mail.systemli.org";
port = 993; port = 993;
@ -39,7 +42,7 @@ in
"uni-marburg" = { "uni-marburg" = {
address = email-uni-marburg; address = email-uni-marburg;
primary = false; primary = false;
realName = "Daniel Langbein"; realName = name;
# It seems as if both is possible: # It seems as if both is possible:
# userName: part of email before "@" # userName: part of email before "@"

5
modules/uni-vpn.nix
View File

@ -1,4 +1,7 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
let
user = config.yoda.user;
in
{ {
assertions = [{ assertions = [{
assertion = config.services.xserver.desktopManager.gnome.enable || config.services.desktopManager.plasma6.enable; assertion = config.services.xserver.desktopManager.gnome.enable || config.services.desktopManager.plasma6.enable;
@ -9,7 +12,7 @@
./t-telesec.nix ./t-telesec.nix
]; ];
users.users."yoda" = { users.users."${user}" = {
packages = with pkgs; [ packages = with pkgs; [
networkmanager-openconnect # Openconnect VPN networkmanager-openconnect # Openconnect VPN
]; ];

5
modules/usb-mtp-ptp.nix
View File

@ -1,4 +1,7 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
let
user = config.yoda.user;
in
{ {
# USB MTP and PTP support # USB MTP and PTP support
# https://wiki.archlinux.org/title/Media_Transfer_Protocol#File_manager_integration # https://wiki.archlinux.org/title/Media_Transfer_Protocol#File_manager_integration
@ -11,7 +14,7 @@
programs.gphoto2.enable = true; programs.gphoto2.enable = true;
# To grant digital camera access to a user, # To grant digital camera access to a user,
# the user must be part of the camera group: # the user must be part of the camera group:
users.users."yoda".extraGroups = ["camera"]; users.users."${user}".extraGroups = ["camera"];
# #
# Example usage: # Example usage:
# #

5
modules/veracrypt.nix
View File

@ -1,4 +1,7 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
let
user = config.yoda.user;
in
{ {
# Looks as if TrueCrypt is unfree software # Looks as if TrueCrypt is unfree software
# https://github.com/NixOS/nixpkgs/blob/5d017a8822e0907fb96f7700a319f9fe2434de02/pkgs/applications/misc/veracrypt/default.nix#L59 # https://github.com/NixOS/nixpkgs/blob/5d017a8822e0907fb96f7700a319f9fe2434de02/pkgs/applications/misc/veracrypt/default.nix#L59
@ -11,7 +14,7 @@
"veracrypt" "veracrypt"
]; ];
users.users."yoda" = { users.users."${user}" = {
packages = with pkgs; [ packages = with pkgs; [
veracrypt # Encrypted filesystem veracrypt # Encrypted filesystem
]; ];

6
modules/zsh.nix
View File

@ -1,5 +1,7 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
let let
user = config.yoda.user;
# https://nixos.wiki/wiki/Zsh # https://nixos.wiki/wiki/Zsh
zsh-config = { zsh-config = {
enable = true; enable = true;
@ -57,9 +59,9 @@ in
# Inside the following Home Manager configuration block, # Inside the following Home Manager configuration block,
# `config` refers to Home Manager configuration. # `config` refers to Home Manager configuration.
home-manager.users."yoda" = { osConfig, config, pkgs, ... }: { home-manager.users."${user}" = { osConfig, config, pkgs, ... }: {
programs.zsh = zsh-config // { programs.zsh = zsh-config // {
# nix-repl: config.home-manager.users."yoda".programs.zsh.history.path # nix-repl: config.home-manager.users."${user}".programs.zsh.history.path
# -> ~/.local/share/.histfile # -> ~/.local/share/.histfile
history.path = "${config.xdg.dataHome}/.histfile"; history.path = "${config.xdg.dataHome}/.histfile";
}; };