diff --git a/home/default.nix b/home/default.nix index bb6fc08..b81ae69 100644 --- a/home/default.nix +++ b/home/default.nix @@ -1,4 +1,11 @@ { self, inputs, globalArgs, ... }: +let + commonModules = [ + ./modules/zsh.nix + ./modules/programs.nix + globalArgs + ]; +in { flake.homeConfigurations = { natto = inputs.home-manager.lib.homeManagerConfiguration { @@ -6,8 +13,29 @@ ./natto ./modules/secret.nix inputs.hyprland.homeManagerModules.default - globalArgs - ]; + ] ++ commonModules; + pkgs = self.legacyPackages.x86_64-linux; + }; + + spark = inputs.home-manager.lib.homeManagerConfiguration { + modules = [{ + home = { + homeDirectory = "/home/spark"; + username = "spark"; + stateVersion = "22.11"; + }; + }] ++ commonModules; + pkgs = self.legacyPackages.aarch64-linux; + }; + + bat = inputs.home-manager.lib.homeManagerConfiguration { + modules = [{ + home = { + homeDirectory = "/home/bat"; + username = "bat"; + stateVersion = "22.11"; + }; + }] ++ commonModules; pkgs = self.legacyPackages.x86_64-linux; }; }; diff --git a/home/modules/programs.nix b/home/modules/programs.nix new file mode 100644 index 0000000..ebe3e06 --- /dev/null +++ b/home/modules/programs.nix @@ -0,0 +1,8 @@ +{ config, ... }: +{ + programs = { + home-manager.enable = true; + password-store.enable = true; + direnv.enable = true; + }; +} diff --git a/home/modules/zsh.nix b/home/modules/zsh.nix new file mode 100644 index 0000000..12e9425 --- /dev/null +++ b/home/modules/zsh.nix @@ -0,0 +1,23 @@ +{ config, ... }: +{ + programs.zsh = { + enable = true; + autocd = true; + history = rec { + expireDuplicatesFirst = true; + size = 30000; + save = size; + }; + enableAutosuggestions = true; + enableCompletion = true; + enableSyntaxHighlighting = true; + prezto = { + enable = true; + prompt.theme = "pure"; + autosuggestions.color = "fg=yellow,bold"; + }; + initExtra = '' + unsetopt extendedGlob + ''; + }; +} diff --git a/home/natto/programs.nix b/home/natto/programs.nix index f4a4d9e..435f8c8 100644 --- a/home/natto/programs.nix +++ b/home/natto/programs.nix @@ -1,7 +1,6 @@ { pkgs, config, colors, ... }: { programs = { - home-manager.enable = true; firefox = { enable = true; profiles.natto = { @@ -22,8 +21,6 @@ }; }; go.enable = true; - password-store.enable = true; - direnv.enable = true; foot = { enable = true; settings = { diff --git a/home/natto/zsh.nix b/home/natto/zsh.nix index 2e12656..7ef720d 100644 --- a/home/natto/zsh.nix +++ b/home/natto/zsh.nix @@ -1,29 +1,12 @@ -{ config, ... }: +{ config, lib, ... }: let secretPath = "${config.home.homeDirectory}/.zshenv_secret"; in { - programs.zsh = { - enable = true; - autocd = true; - history = rec { - expireDuplicatesFirst = true; - size = 30000; - save = size; - }; - enableAutosuggestions = true; - enableCompletion = true; - enableSyntaxHighlighting = true; - prezto = { - enable = true; - prompt.theme = "pure"; - autosuggestions.color = "fg=yellow,bold"; - }; - initExtra = '' - . ${secretPath}; - unsetopt extendedGlob - ''; - }; + programs.zsh.initExtra = lib.mkForce '' + . ${secretPath}; + unsetopt extendedGlob + ''; age.secrets.zshenv_secret = { file = ./secrets/.zshenv_secret; diff --git a/hosts/marisa/default.nix b/hosts/marisa/default.nix index 85cf495..5d40f5d 100644 --- a/hosts/marisa/default.nix +++ b/hosts/marisa/default.nix @@ -1,4 +1,4 @@ -{ config, ... }: +{ config, pkgs, network, ... }: { imports = [ ./networking.nix @@ -7,6 +7,14 @@ ./services.nix ]; + users.users.spark = { + isNormalUser = true; + shell = pkgs.zsh; + home = "/home/spark"; + extraGroups = [ "wheel" ]; + openssh.authorizedKeys.keys = network.commonSSHKeys; + }; + time.timeZone = "Asia/Kolkata"; system.stateVersion = "21.05"; } diff --git a/hosts/marisa/networking.nix b/hosts/marisa/networking.nix index 5d811c5..4fa7993 100644 --- a/hosts/marisa/networking.nix +++ b/hosts/marisa/networking.nix @@ -26,23 +26,22 @@ enable = false; iwd.enable = true; }; + interfaces = { eth0 = { - useDHCP = false; ipv4.addresses = [{ prefixLength = 24; address = "192.168.1.159"; }]; }; wlan0 = { - useDHCP = false; ipv4.addresses = [{ prefixLength = 24; address = "192.168.1.159"; }]; }; }; - wireguard.interfaces.wg0 = with network.address.wireguard.ips; { + wireguard.interfaces.wg0 = with network.addresses.wireguard.ips; { ips = [ marisa ]; listenPort = 17840; privateKeyFile = "/var/secrets/wg.key"; diff --git a/hosts/marisa/services.nix b/hosts/marisa/services.nix index 723aa40..9106d5b 100644 --- a/hosts/marisa/services.nix +++ b/hosts/marisa/services.nix @@ -38,14 +38,7 @@ extraConfigFiles = lib.singleton "/run/consul/consul.json"; }; }; - users.users.root.openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJHingN2Aho+KGgEvBMjtoez+W1svl9uVoa4vG0d646j" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPX1HDzWpoaOcU8GDEGuDzXgxkCpyeqxRR6gLs/8JgHw" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOSQnDNrNP69tIK7U2D7qaMjycfIjpgx0at4U2D5Ufib" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK5V/hdkTTQSkDLXaEwY8xb/T8+sWtw5c6UjYOPaTrO8" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKFyKi0HYfkgvEDvjzmDRGwAq2z2KOkfv7scTVSnonBh" - ]; - security.pki.certificateFiles = [ ../../cert.pem ../../consul-agent-ca.pem ]; + security.pki.certificateFiles = [ ../../cert.pem ../../consul-agent-ca.pem ]; } diff --git a/hosts/modules/minimal.nix b/hosts/modules/minimal.nix index 513642b..10713bf 100644 --- a/hosts/modules/minimal.nix +++ b/hosts/modules/minimal.nix @@ -6,7 +6,7 @@ enable = true; extraRules = [ { - users = [ ]; + users = [ "wheel" ]; keepEnv = true; persist = true; } @@ -18,6 +18,7 @@ git htop vim + tmux wireguard-tools rnix-lsp nmap diff --git a/hosts/remilia/default.nix b/hosts/remilia/default.nix index 93cf3c8..097fad3 100644 --- a/hosts/remilia/default.nix +++ b/hosts/remilia/default.nix @@ -1,4 +1,4 @@ -{ config, pkgs, ... }: +{ config, pkgs, network, ... }: { imports = [ ./networking.nix @@ -15,6 +15,7 @@ shell = pkgs.zsh; home = "/home/bat"; extraGroups = [ "wheel" ]; + openssh.authorizedKeys.keys = network.commonSSHKeys; }; system.stateVersion = "21.11"; diff --git a/hosts/remilia/services.nix b/hosts/remilia/services.nix index afbfb5c..36a7ddb 100644 --- a/hosts/remilia/services.nix +++ b/hosts/remilia/services.nix @@ -77,12 +77,6 @@ in }; }; - users.users.root.openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJHingN2Aho+KGgEvBMjtoez+W1svl9uVoa4vG0d646j" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILCH975XCps+VCzo8Fpp5BkbtiFmj9y3//FBVYlQ7/yo" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMu+SbTrfE62nT7gkZCwiOVOlI2TkVz+RJQ49HbnHvnQ" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKFyKi0HYfkgvEDvjzmDRGwAq2z2KOkfv7scTVSnonBh" - ]; security.acme = { acceptTerms = true; certs = { diff --git a/lib/network.nix b/lib/network.nix index 363f5ba..d92889f 100644 --- a/lib/network.nix +++ b/lib/network.nix @@ -14,4 +14,12 @@ natto = "weirdnatto.in"; }; }; + + commonSSHKeys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJHingN2Aho+KGgEvBMjtoez+W1svl9uVoa4vG0d646j" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPX1HDzWpoaOcU8GDEGuDzXgxkCpyeqxRR6gLs/8JgHw" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOSQnDNrNP69tIK7U2D7qaMjycfIjpgx0at4U2D5Ufib" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK5V/hdkTTQSkDLXaEwY8xb/T8+sWtw5c6UjYOPaTrO8" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKFyKi0HYfkgvEDvjzmDRGwAq2z2KOkfv7scTVSnonBh" + ]; }