84 lines
2.7 KiB
Nix
84 lines
2.7 KiB
Nix
{ config, home-manager, inputs, lib, pkgs, ... }:
|
|
with lib;
|
|
let
|
|
psCfg = config.pub-solar;
|
|
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
|
|
tritonshell = inputs.tritonshell;
|
|
in
|
|
{
|
|
imports = [
|
|
./session-variables.nix
|
|
];
|
|
|
|
config = {
|
|
pub-solar.social.enable = true;
|
|
|
|
pub-solar.graphical.alacritty.settings.font.size = 12;
|
|
pub-solar.graphical.alacritty.settings.key_bindings = [
|
|
{ key = "V"; mods = "Control|Super"; action = "Paste"; }
|
|
{ key = "C"; mods = "Control|Super"; action = "Copy"; }
|
|
];
|
|
services.kbfs.enable = true;
|
|
services.keybase.enable = true;
|
|
services.yubikey-agent.enable = true;
|
|
home-manager = pkgs.lib.setAttrByPath [ "users" psCfg.user.name ] {
|
|
xdg.configFile."git/config".text = import ./.config/git/config.nix { inherit config; inherit pkgs; };
|
|
xdg.configFile."git/config_greenbaum.cloud".text = import ./.config/git/config_greenbaum.cloud.nix { inherit config; inherit pkgs; };
|
|
xdg.configFile."git/config_git.b12f.io".text = import ./.config/git/config_git.b12f.io.nix { inherit config; inherit pkgs; };
|
|
xdg.configFile."watson/config".text = import ./.config/watson/config.nix { inherit config; inherit pkgs; };
|
|
|
|
home.packages = with pkgs; [
|
|
AusweisApp2
|
|
consul
|
|
gpu-switch
|
|
ifmetric
|
|
ipmitool
|
|
keybase-gui
|
|
nomad
|
|
thunderbird
|
|
vault
|
|
veracrypt
|
|
waypoint
|
|
];
|
|
|
|
|
|
systemd.user.services.yubikey-agent = {
|
|
Unit = {
|
|
Description = "Seamless ssh-agent for YubiKeys";
|
|
Documentation = [ "https://filippo.io/yubikey-agent" ];
|
|
};
|
|
|
|
Service = {
|
|
ExecStart = "${pkgs.yubikey-agent}/bin/yubikey-agent -l %t/yubikey-agent/yubikey-agent.sock";
|
|
ExecReload = "/bin/kill -HUP $MAINPID";
|
|
IPAddressDeny = "any";
|
|
RestrictAddressFamilies = "AF_UNIX";
|
|
RestrictNamespaces = "yes";
|
|
RestrictRealtime = "yes";
|
|
RestrictSUIDSGID = "yes";
|
|
LockPersonality = "yes";
|
|
SystemCallFilter = "@system-service ~@privileged @resources";
|
|
SystemCallErrorNumber = "EPERM";
|
|
SystemCallArchitectures = "native";
|
|
NoNewPrivileges = "yes";
|
|
KeyringMode = "private";
|
|
UMask = "0177";
|
|
RuntimeDirectory = "yubikey-agent";
|
|
};
|
|
|
|
Install = {
|
|
WantedBy = [ "sway-session.target" ];
|
|
};
|
|
};
|
|
|
|
programs.zsh = {
|
|
initExtra = import ./zshrc.nix { inherit config pkgs tritonshell; };
|
|
};
|
|
|
|
# xdg.configFile."wallpaper.jpg".source = ./assets/wallpaper.jpg;
|
|
};
|
|
|
|
#services.mopidy.configuration = mkIf config.pub-solar.audio.enable (builtins.readFile ../../secrets/mopidy.conf);
|
|
};
|
|
}
|