os/users/teutat3s/home.nix

84 lines
2.7 KiB
Nix

{ config, home-manager, inputs, lib, pkgs, ... }:
with lib;
let
psCfg = config.pub-solar;
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
tritonshell = inputs.tritonshell;
in
{
imports = [
./session-variables.nix
];
config = {
pub-solar.social.enable = true;
pub-solar.graphical.alacritty.settings.font.size = 12;
pub-solar.graphical.alacritty.settings.key_bindings = [
{ key = "V"; mods = "Control|Super"; action = "Paste"; }
{ key = "C"; mods = "Control|Super"; action = "Copy"; }
];
services.kbfs.enable = true;
services.keybase.enable = true;
services.yubikey-agent.enable = true;
home-manager = pkgs.lib.setAttrByPath [ "users" psCfg.user.name ] {
xdg.configFile."git/config".text = import ./.config/git/config.nix { inherit config; inherit pkgs; };
xdg.configFile."git/config_greenbaum.cloud".text = import ./.config/git/config_greenbaum.cloud.nix { inherit config; inherit pkgs; };
xdg.configFile."git/config_git.b12f.io".text = import ./.config/git/config_git.b12f.io.nix { inherit config; inherit pkgs; };
xdg.configFile."watson/config".text = import ./.config/watson/config.nix { inherit config; inherit pkgs; };
home.packages = with pkgs; [
AusweisApp2
consul
gpu-switch
ifmetric
ipmitool
keybase-gui
nomad
thunderbird
vault
veracrypt
waypoint
];
systemd.user.services.yubikey-agent = {
Unit = {
Description = "Seamless ssh-agent for YubiKeys";
Documentation = [ "https://filippo.io/yubikey-agent" ];
};
Service = {
ExecStart = "${pkgs.yubikey-agent}/bin/yubikey-agent -l %t/yubikey-agent/yubikey-agent.sock";
ExecReload = "/bin/kill -HUP $MAINPID";
IPAddressDeny = "any";
RestrictAddressFamilies = "AF_UNIX";
RestrictNamespaces = "yes";
RestrictRealtime = "yes";
RestrictSUIDSGID = "yes";
LockPersonality = "yes";
SystemCallFilter = "@system-service ~@privileged @resources";
SystemCallErrorNumber = "EPERM";
SystemCallArchitectures = "native";
NoNewPrivileges = "yes";
KeyringMode = "private";
UMask = "0177";
RuntimeDirectory = "yubikey-agent";
};
Install = {
WantedBy = [ "sway-session.target" ];
};
};
programs.zsh = {
initExtra = import ./zshrc.nix { inherit config pkgs tritonshell; };
};
# xdg.configFile."wallpaper.jpg".source = ./assets/wallpaper.jpg;
};
#services.mopidy.configuration = mkIf config.pub-solar.audio.enable (builtins.readFile ../../secrets/mopidy.conf);
};
}