From 34d77cf53b05537f159598724423123192e13670 Mon Sep 17 00:00:00 2001
From: foglar <kohout.fi.2023@skola.ssps.cz>
Date: Thu, 26 Dec 2024 21:56:44 +0100
Subject: [PATCH] Yubikey and Oh-my-posh improvements

---
 README.md                                | 30 ++++++++++++++++++------
 flake.nix                                |  4 ++--
 kogami/home.nix                          |  2 +-
 nixos/home/packages/tools/oh-my-posh.nix | 13 +++++++---
 nixos/system/packages/yubikey.nix        |  9 +++++++
 5 files changed, 45 insertions(+), 13 deletions(-)

diff --git a/README.md b/README.md
index 77cd987..02c4776 100644
--- a/README.md
+++ b/README.md
@@ -2,32 +2,48 @@
 
 - my personal nix dotfiles in the **flake**
 
+## Build and deploy
+
 - simple build command for system
 
 ```bash
-git clone https://git.foglar.tech/foglar/dotfiles.git $HOME/dotfiles 
-sudo nixos-rebuild switch --flake ~/dotfiles#laptop
+git clone https://git.foglar.tech/foglar/dotfiles.git $HOME/.dotfiles 
+sudo nixos-rebuild switch --flake ~/.dotfiles#kogami
 ```
 
 - generate a vm of the flake with this command
 
 ```bash
-nix run github:nix-community/nixos-generators -- -c ./flake.nix --flake '#leanix' -f vm --disk-size 20480 
+nix run github:nix-community/nixos-generators -- -c ./flake.nix --flake '#ginoza' -f vm --disk-size 20480 
 ```
 
 - deploy configuration on the new system
 
 ```bash
 # Copy my repository
-git clone https://git.foglar.tech/foglar/dotfiles.git $HOME/dotfiles --depth 1
+git clone https://git.foglar.tech/foglar/dotfiles.git $HOME/.dotfiles --depth 1
 
 # Generate your own hardware configurations for system
-sudo nixos-generate-config --dir ~/dotfiles/zenith
+sudo nixos-generate-config --dir ~/.dotfiles/kogami
 # or
-sudo nixos-generate-config --dir ~/dotfiles/leanix
+sudo nixos-generate-config --dir ~/.dotfiles/ginoza
 
 # Rebuild your system from the flake
-sudo nixos-rebuild switch --flake ~/dotfiles#zenith
+sudo nixos-rebuild switch --flake ~/.dotfiles#kogami
 ```
 
 ## Features
+
+### Secure Operations
+
+- file for sops is in **~/.config/sops/ags/keys.txt**
+
+### Yubikey
+
+- setup your yubikey to work with current user
+
+```bash
+nix-shell -p yubico-pam -p yubikey-manager
+ykman otp chalresp --touch --generate 2
+ykpamcfg -2 -v
+```
diff --git a/flake.nix b/flake.nix
index 578d6f7..a970b30 100644
--- a/flake.nix
+++ b/flake.nix
@@ -54,11 +54,11 @@
     ...
   } @ inputs: let
     userSettings = {
-      username = "foglar"; # konsta or shinya (else defaulting to shinya or none)
+      username = "shinya"; # konsta or shinya (else defaulting to shinya or none)
       hostname = "kogami"; # kogami or ginoza
 
       shell = "zsh"; # bash, zsh, none
-      terminal = "kitty"; # kitty, alacritty
+      terminal = "kitty"; # kitty, alacritty, gnome-terminal
       browser = "librewolf"; # firefox, librewolf, qutebrowser
       editor = "neovim"; # neovim, vscode
 
diff --git a/kogami/home.nix b/kogami/home.nix
index 509da90..36ffa57 100644
--- a/kogami/home.nix
+++ b/kogami/home.nix
@@ -11,7 +11,7 @@
 
   # Desktop management
   desktop.hyprland.enable = true;
-  desktop.kde.enable = true;
+  desktop.kde.enable = false;
   desktop.gnome.enable = false;
 
   # Shell management
diff --git a/nixos/home/packages/tools/oh-my-posh.nix b/nixos/home/packages/tools/oh-my-posh.nix
index e166bb3..bd0d1a7 100644
--- a/nixos/home/packages/tools/oh-my-posh.nix
+++ b/nixos/home/packages/tools/oh-my-posh.nix
@@ -2,6 +2,7 @@
   lib,
   config,
   pkgs,
+  userSettings,
   ...
 }: {
   options = {
@@ -21,8 +22,14 @@
   config = lib.mkIf config.sh.oh-my-posh.enable {
     programs.oh-my-posh = {
       enable = true;
-      enableBashIntegration = if config.sh.bash.enable == true then true else false;
-      enableZshIntegration = if config.sh.zsh.enable == true then true else false;
+      enableBashIntegration =
+        if config.sh.bash.enable == true
+        then true
+        else false;
+      enableZshIntegration =
+        if config.sh.zsh.enable == true
+        then true
+        else false;
       settings = {
         "$schema" = "https://raw.githubusercontent.com/JanDeDobbeleer/oh-my-posh/main/themes/schema.json";
         "blocks" = [
@@ -83,7 +90,7 @@
                   "style" = "full";
                 };
                 "style" = "plain";
-                "template" = "<{{ if .Root }}lightBlue{{ else }}green{{ end }}>-[</>{{if eq .Folder \"foglar\"}}~{{else}}{{ .Folder }}{{end}}<{{ if .Root }}lightBlue{{ else }}green{{ end }}>]</>";
+                "template" = "<{{ if .Root }}lightBlue{{ else }}green{{ end }}>-[</>{{if eq .Folder \"${userSettings.username}\"}}~{{else}}{{ .Folder }}{{end}}<{{ if .Root }}lightBlue{{ else }}green{{ end }}>]</>";
               }
               {
                 "type" = "git";
diff --git a/nixos/system/packages/yubikey.nix b/nixos/system/packages/yubikey.nix
index 8649bc2..54ef6eb 100644
--- a/nixos/system/packages/yubikey.nix
+++ b/nixos/system/packages/yubikey.nix
@@ -42,5 +42,14 @@
       enable = true;
       enableSSHSupport = true;
     };
+
+    services.udev.extraRules = ''
+      ACTION=="remove",\
+       ENV{ID_BUS}=="usb",\
+       ENV{ID_MODEL_ID}=="0407",\
+       ENV{ID_VENDOR_ID}=="1050",\
+       ENV{ID_VENDOR}=="Yubico",\
+       RUN+="${pkgs.systemd}/bin/loginctl lock-sessions"
+    '';
   };
 }