envs/home
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

updated

Browse Source
This commit is contained in:
Morten Olsen
2025-12-27 00:02:02 +01:00
parent e384cc4829
commit 7f087bc39e
16 changed files with 257 additions and 213 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
modules/darwin/homebrew.nix
View File

@@ -9,9 +9,11 @@
pkgs,
...
}:
with lib; let
with lib;
let
cfg = config.modules.homebrew;
in {
in
{
options.modules.homebrew = {
enable = mkEnableOption "Homebrew management via nix-darwin";
@@ -127,7 +129,11 @@ in {
# Cleanup behavior
cleanup = mkOption {
type = types.enum ["none" "uninstall" "zap"];
type = types.enum [
"none"
"uninstall"
"zap"
];
default = "zap";
description = ''
Cleanup behavior for Homebrew packages:
@@ -150,7 +156,7 @@ in {
# Upgrade outdated packages
upgrade = true;
# Cleanup behavior for unmanaged packages
cleanup = cfg.cleanup;
inherit (cfg) cleanup;
};
# Global settings
@@ -162,26 +168,18 @@ in {
};
# Taps (third-party repositories)
taps = cfg.taps;
inherit (cfg) taps;
# Formulae (CLI tools from Homebrew)
brews = cfg.brews;
inherit (cfg) brews;
caskArgs.no_quarantine = true;
# Casks (GUI applications)
casks =
cfg.casks.shared
++ (
if cfg.casks.enablePersonal
then cfg.casks.personal
else []
)
++ (
if cfg.casks.enableWork
then cfg.casks.work
else []
);
++ (if cfg.casks.enablePersonal then cfg.casks.personal else [ ])
++ (if cfg.casks.enableWork then cfg.casks.work else [ ]);
};
};
}

9
modules/darwin/system.nix
View File

@@ -5,12 +5,16 @@
lib,
username,
...
}: {
}:
{
# Nix configuration
nix = {
settings = {
# Enable flakes and new nix command
experimental-features = ["nix-command" "flakes"];
experimental-features = [
"nix-command"
"flakes"
];
# Avoid unwanted garbage collection when using nix-direnv
keep-outputs = true;
keep-derivations = true;
@@ -35,7 +39,6 @@
DisableConsoleAccess = true;
};
dock = {
autohide = true;
autohide-delay = 0.0;

71
modules/home/apps.nix
View File

@@ -7,9 +7,11 @@
pkgs,
lib,
...
}: let
}:
let
cfg = config.modules.apps;
in {
in
{
options.modules.apps = {
enable = lib.mkEnableOption "application configurations";
@@ -29,7 +31,6 @@ in {
};
};
jellyfin-tui = {
enable = lib.mkOption {
type = lib.types.bool;
@@ -66,38 +67,42 @@ in {
config = lib.mkIf cfg.enable {
programs.zen-browser = lib.mkIf cfg.zen-browser.enable {
enable = true;
policies = let
mkExtensionSettings = builtins.mapAttrs (_: pluginId: {
install_url = "https://addons.mozilla.org/firefox/downloads/latest/${pluginId}/latest.xpi";
installation_mode = "force_installed";
});
in {
AutofillAddressEnabled = true;
AutofillCreditCardEnabled = false;
DisableAppUpdate = true;
DisableFeedbackCommands = true;
DisableFirefoxStudies = true;
DisablePocket = true;
DisableTelemetry = true;
DontCheckDefaultBrowser = true;
NoDefaultBookmarks = true;
OfferToSaveLogins = false;
EnableTrackingProtection = {
Value = true;
Locked = true;
Cryptomining = true;
Fingerprinting = true;
};
policies =
let
mkExtensionSettings = builtins.mapAttrs (
_: pluginId: {
install_url = "https://addons.mozilla.org/firefox/downloads/latest/${pluginId}/latest.xpi";
installation_mode = "force_installed";
}
);
in
{
AutofillAddressEnabled = true;
AutofillCreditCardEnabled = false;
DisableAppUpdate = true;
DisableFeedbackCommands = true;
DisableFirefoxStudies = true;
DisablePocket = true;
DisableTelemetry = true;
DontCheckDefaultBrowser = true;
NoDefaultBookmarks = true;
OfferToSaveLogins = false;
EnableTrackingProtection = {
Value = true;
Locked = true;
Cryptomining = true;
Fingerprinting = true;
};
ExtensionSettings = mkExtensionSettings {
#"78272b6fa58f4a1abaac99321d503a20@proton.me" = "proton-pass";
"{446900e4-71c2-419f-a6a7-df9c091e268b}" = "bitwarden-password-manager";
"{d7742d87-e61d-4b78-b8a1-b469842139fa}" = "vimium-ff";
"readeck@readeck.com" = "readeck";
"@testpilot-containers" = "multi-account-containers";
"uBlock0@raymondhill.net" = "ublock-origin";
ExtensionSettings = mkExtensionSettings {
#"78272b6fa58f4a1abaac99321d503a20@proton.me" = "proton-pass";
"{446900e4-71c2-419f-a6a7-df9c091e268b}" = "bitwarden-password-manager";
"{d7742d87-e61d-4b78-b8a1-b469842139fa}" = "vimium-ff";
"readeck@readeck.com" = "readeck";
"@testpilot-containers" = "multi-account-containers";
"uBlock0@raymondhill.net" = "ublock-origin";
};
};
};
};
# Aerospace window manager configuration (macOS)

62
modules/home/git-files.nix
View File

@@ -13,34 +13,42 @@
lib,
...
}:
with lib; let
with lib;
let
cfg = config.modules.gitFiles;
# Helper function to generate gitconfig content
mkGitConfig = {
email,
signingKey,
urlRewrites ? {},
}: ''
[user]
email = ${email}
name = Morten Olsen
signingkey = ${signingKey}
mkGitConfig =
{
email,
signingKey,
urlRewrites ? { },
}:
''
[user]
email = ${email}
name = Morten Olsen
signingkey = ${signingKey}
[commit]
gpgsign = true
[commit]
gpgsign = true
[gpg]
format = ssh
[gpg]
format = ssh
[gpg "ssh"]
program = "/Applications/1Password.app/Contents/MacOS/op-ssh-sign"
${optionalString (urlRewrites != {}) (concatStringsSep "\n" (mapAttrsToList (name: value: ''
[gpg "ssh"]
program = "/Applications/1Password.app/Contents/MacOS/op-ssh-sign"
${optionalString (urlRewrites != { }) (
concatStringsSep "\n" (
mapAttrsToList (name: value: ''
[url "${name}"]
insteadOf = ${value}'') urlRewrites))}
'';
in {
[url "${name}"]
insteadOf = ${value}'') urlRewrites
)
)}
'';
in
{
options.modules.gitFiles = {
enable = mkEnableOption "Project-specific git configuration files";
@@ -102,8 +110,8 @@ in {
# Used on personal machine for all projects under ~/Projects/
(mkIf cfg.personal.enable {
"Projects/.gitconfig".text = mkGitConfig {
email = cfg.personal.email;
signingKey = cfg.personal.signingKey;
inherit (cfg.personal) email;
inherit (cfg.personal) signingKey;
urlRewrites = {
"ssh://git@ssh-gitea.olsen.cloud:2205/" = "https://gitea.olsen.cloud/";
"git@github-private:" = "https://github.com/";
@@ -115,8 +123,8 @@ in {
# Used on work machine for personal projects under ~/Projects/private/
(mkIf cfg.private.enable {
"Projects/private/.gitconfig".text = mkGitConfig {
email = cfg.private.email;
signingKey = cfg.private.signingKey;
inherit (cfg.private) email;
inherit (cfg.private) signingKey;
urlRewrites = {
"ssh://git@ssh-gitea.olsen.cloud:2205/" = "https://gitea.olsen.cloud/";
"git@github-private:" = "https://github.com/";
@@ -128,8 +136,8 @@ in {
# Used on work machine for work projects under ~/Projects/zeronorth/
(mkIf cfg.zeronorth.enable {
"Projects/zeronorth/.gitconfig".text = mkGitConfig {
email = cfg.zeronorth.email;
signingKey = cfg.zeronorth.signingKey;
inherit (cfg.zeronorth) email;
inherit (cfg.zeronorth) signingKey;
urlRewrites = {
"git@github-zeronorth:" = "https://github.com/";
};

42
modules/home/git.nix
View File

@@ -11,9 +11,11 @@
lib,
...
}:
with lib; let
with lib;
let
cfg = config.modules.git;
in {
in
{
options.modules.git = {
enable = mkEnableOption "Git configuration";
@@ -36,21 +38,23 @@ in {
};
includes = mkOption {
type = types.listOf (types.submodule {
options = {
condition = mkOption {
type = types.str;
description = "The includeIf condition (e.g., gitdir:~/Projects/)";
example = "gitdir:~/Projects/";
type = types.listOf (
types.submodule {
options = {
condition = mkOption {
type = types.str;
description = "The includeIf condition (e.g., gitdir:~/Projects/)";
example = "gitdir:~/Projects/";
};
path = mkOption {
type = types.str;
description = "Path to the included gitconfig file";
example = "~/Projects/.gitconfig";
};
};
path = mkOption {
type = types.str;
description = "Path to the included gitconfig file";
example = "~/Projects/.gitconfig";
};
};
});
default = [];
}
);
default = [ ];
description = "List of conditional includes for project-specific git configurations";
};
};
@@ -88,8 +92,8 @@ in {
# Conditional includes for project-specific configurations
includes = map (inc: {
condition = inc.condition;
path = inc.path;
inherit (inc) condition;
inherit (inc) path;
}) cfg.includes;
# All git settings using the new unified settings option
@@ -171,4 +175,4 @@ in {
};
};
};
}
}

7
modules/home/packages.nix
View File

@@ -9,7 +9,8 @@
pkgs,
lib,
...
}: {
}:
{
home.packages = with pkgs; [
# ========================================================================
# Shell Tools
@@ -27,7 +28,7 @@
ripgrep # Modern grep (aliased as grep)
delta # Modern diff with syntax highlighting (aliased as diff)
dust # A more intuitive version of du written in rust
duf # A better df alternative
duf # A better df alternative
hyperfine # A command-line benchmarking tool.
choose # A human-friendly and fast alternative to cut and (sometimes) awk
coreutils
@@ -88,7 +89,7 @@
k9s # Kubernetes TUI
istioctl # Istio service mesh CLI
fluxcd # GitOps toolkit
popeye #
popeye
argocd
kubeseal
kubebuilder

9
modules/home/shell.nix
View File

@@ -13,7 +13,8 @@
pkgs,
lib,
...
}: {
}:
{
# ==========================================================================
# Zsh Configuration
# ==========================================================================
@@ -279,7 +280,7 @@
enable = true;
# The config.nu can be anywhere you want if you like to edit your Nushell with Nu
# configFile.source = ./.../config.nu;
# for editing directly to config.nu
# for editing directly to config.nu
extraConfig = ''
let carapace_completer = {|spans|
carapace $spans.0 nushell ...$spans | from json
@@ -304,13 +305,13 @@
split row (char esep) |
append /usr/bin/env
)
'';
'';
shellAliases = {
vi = "hx";
vim = "hx";
nano = "hx";
};
};
};
programs.carapace = {
enable = true;
enableNushellIntegration = true;

16
modules/home/ssh.nix
View File

@@ -8,9 +8,11 @@
lib,
...
}:
with lib; let
with lib;
let
cfg = config.modules.ssh;
in {
in
{
options.modules.ssh = {
enable = mkEnableOption "SSH configuration";
@@ -65,7 +67,7 @@ in {
enableDefaultConfig = false;
# Include colima SSH config for container access
includes = ["~/.colima/ssh_config"];
includes = [ "~/.colima/ssh_config" ];
# 1Password SSH agent integration (macOS)
extraConfig = ''
@@ -119,7 +121,7 @@ in {
identityFile = cfg.githubZeronorthKeyPath;
identitiesOnly = true;
};
# Docker server
"docker.host" = {
hostname = "docker.olsen.cloud";
@@ -128,7 +130,7 @@ in {
identityFile = cfg.githubPrivateKeyPath;
identitiesOnly = true;
};
# NAS server
"nas.host" = {
hostname = "192.168.20.106";
@@ -137,7 +139,7 @@ in {
identityFile = cfg.githubPrivateKeyPath;
identitiesOnly = true;
};
# Private MacBook
"macbook.host" = {
hostname = "192.168.3.9";
@@ -146,7 +148,7 @@ in {
identityFile = cfg.githubPrivateKeyPath;
identitiesOnly = true;
};
# ZN MacBook
"zn.host" = {
hostname = "192.168.3.3";

7
modules/home/tmux.nix
View File

@@ -7,7 +7,8 @@
pkgs,
lib,
...
}: {
}:
{
programs.tmux = {
enable = true;
@@ -116,6 +117,8 @@
# Utils - lazygit popup
bind -r g display-popup -d '#{pane_current_path}' -w80% -h80% -E lazygit
bind -r o display-popup -d '#{pane_current_path}' -w80% -h80% -E yazi
bind -r p display-popup -d '#{pane_current_path}' -w80% -h80% -E $SHELL
'';
};
}
}