sops update

System update
nvf and cleanup
2025-01-11 23:02:22 +01:00 · 2025-01-11 21:28:49 +01:00 · 2025-01-11 21:28:39 +01:00
9 changed files with 2346 additions and 17 deletions
--- a/TODO.md
+++ b/TODO.md
@ -37,6 +37,7 @@
 - [ ] add notification management for bluetooth etc...
 - [ ] add syncthing configuration
 - [ ] qutebrowser configuration
+- [ ] script dir set environment variable

 - [ ] update my home page and create new web
 - [ ] fix kde theme in stylix
--- a/flake.lock
+++ b/flake.lock
--- a/flake.nix
+++ b/flake.nix
@ -1,5 +1,5 @@
 {
-  description = "My highly sofisticated and complicated flake";
+  description = "My highly sophisticated and complicated flake";

  inputs = {
    install-script = {
@ -60,6 +60,8 @@
      url = "github:ghostty-org/ghostty";
    };

+    nvf.url = "github:notashelf/nvf";
+
    # Nix on Droid Configuration
    nixpkgs-droid.url = "github:NixOS/nixpkgs/nixos-24.05";

@ -162,5 +164,13 @@
        };
      };
    };
+    packages."x86_64-linux".default =
+      (inputs.nvf.lib.neovimConfiguration {
+        pkgs = nixpkgs.legacyPackages."x86_64-linux";
+        modules = [
+          ./nixos/system/packages/nvf.nix
+        ];
+      })
+      .neovim;
  };
 }
--- a/nixos/home/apps/cli_tools.nix
+++ b/nixos/home/apps/cli_tools.nix
@ -30,7 +30,7 @@
      ++ (
        if pkgs.system == "x86_64-linux"
        then [
-          nvtopPackages.full
+          #nvtopPackages.full
          toybox
        ]
        else []
--- a/nixos/system/packages.nix
+++ b/nixos/system/packages.nix
@ -8,6 +8,7 @@
    ./packages/yubikey.nix
    ./packages/sops/sops.nix
    ./packages/ssh-client.nix
+    ./packages/syncthing.nix
  ];

  program = {
@ -24,6 +25,7 @@
      notify = lib.mkDefault false;
    };
    ssh.client.enable = lib.mkDefault true;
+    syncthing.enable = lib.mkDefault true;
  };
  sys.desktop.steamdeck.enable = lib.mkDefault false;
  sys.security.sops.enable = lib.mkDefault true;
--- a/nixos/system/packages/nvf.nix
+++ b/nixos/system/packages/nvf.nix
@ -0,0 +1,31 @@
+{...}: {
+  vim = {
+    viAlias = true;
+    vimAlias = true;
+
+    theme = {
+      enable = true;
+      name = "catppuccin"; # catppuccin, tokyo-night, one-dark
+      style = "mocha";
+    };
+
+    languages = {
+      enableLSP = true;
+      enableTreesitter = true;
+
+      nix.enable = true;
+      rust.enable = true;
+      python.enable = true;
+      lua.enable = true;
+      csharp.enable = true;
+      go.enable = true;
+      markdown.enable = true;
+      clang.enable = true;
+      html.enable = true;
+    };
+
+    statusline.lualine.enable = true;
+    telescope.enable = true;
+    autocomplete.nvim-cmp.enable = true;
+  };
+}
--- a/nixos/system/packages/sops/secrets/secrets.yaml
+++ b/nixos/system/packages/sops/secrets/secrets.yaml
@ -1,6 +1,6 @@
 kogami:
    password-hash: ENC[AES256_GCM,data:HXuzumA7zAzBUcOBszeslYVDLA7r3W7gINn2FvMCTEHkc+y3zWftK4CVnk+TuRcgP9/htUphs2BmusogFAdmRQ3HmQU8WGQN0A==,iv:n2063dWbEmFKEvXbY2uk+C6lwF7WzA8jalKOFHPVICc=,tag:wb5bq4Dk3a9UnzYFBInHEA==,type:str]
-    syncthing: ENC[AES256_GCM,data:699bwajY9/0=,iv:YXmw613vRfWlbjiex6LfACZD+otES3E6Mm0e+66dfA8=,tag:H3QCsg0VvZpxkhWKyGH8Gg==,type:str]
+    syncthing: ENC[AES256_GCM,data:ero9yQ==,iv:lPpT2WMB9BVb1o8VL0X9hDtzCZv76fLIZh7+5Tkv+Ik=,tag:SVLwrE9MK+nSpJVvEEaByw==,type:str]
 ginoza:
    password-hash: ENC[AES256_GCM,data:xqE0y3Z7+kasYFQLn4Wuo+/c9L8BEakf2HKgN5BsttC2iDuzYSvXrP8K6pe5Skdi5Aq0MVz9LixJFM3PBgLORL1C6k0iDSardw==,iv:bKL40h0rGNmnnkA7EieKAD5KyENXOiTNsTVH1V0B7HU=,tag:c1MsRuiOK/j2b0iKOyO8FQ==,type:str]
 yubikey_id: ENC[AES256_GCM,data:ZyamX5gxoW4=,iv:4tW7muk6AaJf9VmXmFd6Ut63U27fFD8QgYSBx3RgOfw=,tag:IFlSiOffMyc33Rw1gxwCPA==,type:int]
@ -22,8 +22,8 @@ sops:
            T0cxV21SN0hJaFg3R3hpTjIxa3lJNVEKdIrR5XDHxpCojk2A1pxc4dYtSJRrObbY
            JS/nDgu74LugEchiOhuIJ7nh3MS5XBOmmt2GTHrqxZEZFoIykjIGug==
            -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2025-01-07T17:20:45Z"
-    mac: ENC[AES256_GCM,data:oENblUlcgDrZaNV2/XggaPoGavqHBXv4i3DpcfFFKiymifmITHj5m6HflVePDqtkBceTnMyCNCzQ6Ijmrt8Xkr4wbEQpoLhjyfWW/4QOlKjT3GAxfWEth7uzCHxuqd24aHs1jRyphua7bgbVLLuI0khHiL5s8b+9wkkTmV9Y3WE=,iv:eDglG+RMUagzE0qVi73dGXMerup8ipg/rFxV+qJfNXM=,tag:wZyMqxZLUh4B6JuQL4GXFA==,type:str]
+    lastmodified: "2025-01-07T17:58:06Z"
+    mac: ENC[AES256_GCM,data:SnuO2BSpo3Zs0FatGLC3pT9X92/CUB/D7UE0X7FkK/CLXFMZFT1FRS7Ru+FgHXzCnQIUDtVNdJDOkatt0CdgjMKPxNXSOZRSv4A1NCGhzVDGX9/BjLYmdTWlJ2KEbirvPTi8SffIJt2YkaAqhBvRo9EByAZV/AnokA/Oi9xdO0I=,iv:qEXAbN6388LWUnEx/L6Rgzrnxis3KT2gB0AI9raGWJA=,tag:9oLpm5TgGIxPev12PTTb+g==,type:str]
    pgp: []
    unencrypted_suffix: _unencrypted
    version: 3.9.2
--- a/nixos/system/packages/sops/sops.nix
+++ b/nixos/system/packages/sops/sops.nix
@ -14,6 +14,7 @@
      defaultSopsFormat = "yaml";

      age.keyFile = "/home/${userSettings.username}/.config/sops/age/keys.txt";
+      age.generateKey = true;

      # SSH private keys
      secrets = {
@ -32,24 +33,31 @@
          group = "users";
        };

-        templates = {
-          "${userSettings.hostname}/syncthing".content = ''${config.sops.placeholder."${userSettings.hostname}/syncthing"}'';
+        "yubikey_id" = {
+          owner = userSettings.username;
+          group = "users";
        };
      };
+
+      templates = {
+        "syncthing-password".content = ''${config.sops.placeholder."${userSettings.hostname}/syncthing"}'';
+        "yubikey-id".content = ''${config.sops.placeholder.yubikey_id}'';
+      };
    };

    # Password hash
    users.users.${userSettings.username}.hashedPasswordFile = "${config.sops.secrets."${userSettings.hostname}/password-hash".path}";

    # YubiKey IDs
-    security.pam.yubico.id = [17032113];
-    #++ (
-    #  if config.program.yubikey.enable
-    #  then ["${config.sops.secrets.yubikey_id}".value]
-    #  else []
-    #);
+    security.pam.yubico.id =
+      []
+      ++ (
+        if config.program.yubikey.enable
+        then [config.sops.templates."yubikey-id".content]
+        else []
+      );

    # Syncthing password
-    #services.syncthing.settings.gui.password = config.sops.templates."${userSettings.hostname}/syncthing".content;
+    services.syncthing.settings.gui.password = config.sops.templates."syncthing-password".content;
  };
 }
--- a/nixos/system/settings/default-applications.nix
+++ b/nixos/system/settings/default-applications.nix
@ -41,11 +41,14 @@
      "x-scheme-handler/https" = "${config.xdg.da.browser}.desktop";
      "x-scheme-handler/about" = "${config.xdg.da.browser}.desktop";
      "x-scheme-handler/unknown" = "${config.xdg.da.browser}.desktop";
+
      "text/plain" = "${userSettings.editor}.desktop";
      "application/pdf" = "org.gnome.Evince.desktop";
-      "image/svg+xml" = "org.gnome.Loupe.desktop";
+      "image/svg+xml" = "inkscape.desktop";
      "image/jpeg" = "org.gnome.Loupe.desktop";
      "image/png" = "org.gnome.Loupe.desktop";
+      "inode/directory" = "org.gnome.Nautilus.desktop";
+      "video/mp4" = "mpv.desktop";
    };

    programs.zsh.enable =
Author	SHA1	Message	Date
foglar	c3f13735c9	sops update	2025-01-11 23:02:22 +01:00
foglar	4dd93707f0	System update	2025-01-11 21:28:49 +01:00
foglar	8111065f13	nvf and cleanup	2025-01-11 21:28:39 +01:00