MacBook.local-2024-11-28-10-56-04

2024-11-28 10:56:04 +01:00
parent 8761abf51c
commit f26936704f
18 changed files with 85 additions and 15 deletions
--- a/machine/homeserver.nix
+++ b/machine/homeserver.nix
--- a/machine/raspberrypi.nix
+++ b/machine/raspberrypi.nix
--- a/machine/thinkpad.nix
+++ b/machine/thinkpad.nix
--- a/configs/common.nix
+++ b/configs/common.nix
@ -75,7 +75,7 @@
  };
  sops = {
-    defaultSopsFile = lib.mkDefault ../secrets.yaml;
+    defaultSopsFile = lib.mkDefault ../secrets/secrets.yaml;
    validateSopsFiles = true;
    age = {
      sshKeyPaths = ["/persist/etc/ssh/ssh_host_ed25519_key"];
@ -86,7 +86,7 @@
    secrets = {
      hashedPassword = {
        neededForUsers = true;
-        sopsFile = ../secrets.yaml;
+        sopsFile = ../secrets/secrets.yaml;
      };
    };
  };
--- a/flake.lock
+++ b/flake.lock
@ -174,6 +174,26 @@
        "type": "github"
      }
    },
    "nix-darwin": {
      "inputs": {
        "nixpkgs": [
          "nixpkgs-unstable"
        ]
      },
      "locked": {
        "lastModified": 1732603785,
        "narHash": "sha256-AEjWTJwOmSnVYsSJCojKgoguGfFfwel6z/6ud6UFMU8=",
        "owner": "LnL7",
        "repo": "nix-darwin",
        "rev": "6ab87b7c84d4ee873e937108c4ff80c015a40c7a",
        "type": "github"
      },
      "original": {
        "owner": "LnL7",
        "repo": "nix-darwin",
        "type": "github"
      }
    },
    "nix-github-actions": {
      "inputs": {
        "nixpkgs": [
@ -252,6 +272,7 @@
        "home-manager": "home-manager_2",
        "impermanence": "impermanence",
        "kwin-effects-forceblur": "kwin-effects-forceblur",
        "nix-darwin": "nix-darwin",
        "nixos-hardware": "nixos-hardware",
        "nixpkgs-unstable": "nixpkgs-unstable",
        "sops-nix": "sops-nix"
--- a/flake.nix
+++ b/flake.nix
@ -28,6 +28,11 @@
      url = "github:TamtamHero/fw-fanctrl/packaging/nix";
      inputs.nixpkgs.follows = "nixpkgs-unstable";
    };
    nix-darwin = {
      url = "github:LnL7/nix-darwin";
      inputs.nixpkgs.follows = "nixpkgs-unstable";
    };
  };
  outputs = {
@ -40,6 +45,7 @@
    nixpkgs-unstable,
    sops-nix,
    impermanence,
    nix-darwin,
    ...
  } @ inputs: let
    inherit (self) outputs;
@ -121,5 +127,18 @@
        ];
      };
    };
    darwinConfigurations."MacBook" = nix-darwin.lib.darwinSystem {
      system = "aarch64-darwin";
      modules = [
          ./machine/macbook/configuration.nix
        # home-manager.darwinModules.home-manager
        # {
        #   home-manager.useGlobalPkgs = true;
        #   home-manager.useUserPackages = true;
        #   home-manager.users.omerxx = import ./home.nix;
        # }
      ];
    };
  };
 }
--- a/machine/desktop/configuration.nix
+++ b/machine/desktop/configuration.nix
@ -22,7 +22,7 @@ in {
  ];
  sops = {
-    defaultSopsFile = ../../secrets.yaml;
+    defaultSopsFile = ../../secrets/secrets.yaml;
    validateSopsFiles = true;
    age = {
      sshKeyPaths = ["/persist/etc/ssh/ssh_host_ed25519_key"];
@ -32,7 +32,7 @@ in {
    secrets = {
      borg-key = {
-        sopsFile = ../../secrets-desktop.yaml;
+        sopsFile = ../../secrets/secrets-desktop.yaml;
        owner = config.users.users.alex.name;
        group = config.users.users.alex.group;
      };
--- a/machine/framework/configuration.nix
+++ b/machine/framework/configuration.nix
@ -21,7 +21,7 @@ in {
  ];
  sops = {
-    defaultSopsFile = ../../secrets.yaml;
+    defaultSopsFile = ../../secrets/secrets.yaml;
    validateSopsFiles = true;
    age = {
      sshKeyPaths = ["/persist/etc/ssh/ssh_host_ed25519_key"];
@ -31,7 +31,7 @@ in {
    secrets = {
      borg-key = {
-        sopsFile = ../../secrets-framework.yaml;
+        sopsFile = ../../secrets/secrets-framework.yaml;
        owner = config.users.users.alex.name;
        group = config.users.users.alex.group;
      };
--- a/machine/macbook/configuration.nix
+++ b/machine/macbook/configuration.nix
@ -0,0 +1,30 @@
 {
  config,
  pkgs,
  lib,
  outputs,
  inputs,
  ...
 }: {
  nixpkgs.hostPlatform = "aarch64-darwin";
  system.defaults = {
    dock.autohide = true;
    dock.mru-spaces = false;
    # finder.AppleShowAllExtensions = true;
    # finder.FXPreferredViewStyle = "clmv";
    screencapture.location = "~/Pictures/screenshots";
    screensaver.askForPasswordDelay = 10;
  };
  services.nix-daemon.enable = true;
  nix.settings.experimental-features = "nix-command flakes";
  nix = {
    configureBuildUsers = true;
  useDaemon = true;
  };
  homebrew.enable = true;
  system.stateVersion = 5;
 }
--- a/machine/mini/configuration.nix
+++ b/machine/mini/configuration.nix
@ -13,7 +13,7 @@
  ];
  sops = {
-    defaultSopsFile = ../../secrets.yaml;
+    defaultSopsFile = ../../secrets/secrets.yaml;
    validateSopsFiles = true;
    age = {
      sshKeyPaths = ["/persist/etc/ssh/ssh_host_ed25519_key"];
@ -23,7 +23,7 @@
    secrets = {
      borg-key = {
-        sopsFile = ../../secrets-mini.yaml;
+        sopsFile = ../../secrets/secrets-mini.yaml;
        owner = config.users.users.alex.name;
        group = config.users.users.alex.group;
      };
--- a/machine/nixos-virtualbox/configuration.nix
+++ b/machine/nixos-virtualbox/configuration.nix
@ -13,7 +13,7 @@
  ];
  sops = {
-    defaultSopsFile = ../../secrets.yaml;
+    defaultSopsFile = ../../secrets/secrets.yaml;
    validateSopsFiles = true;
    age = {
      sshKeyPaths = ["/persist/etc/ssh/ssh_host_ed25519_key"];
--- a/machine/vps-arm/configuration.nix
+++ b/machine/vps-arm/configuration.nix
@ -26,7 +26,7 @@ in {
  ];
  sops = {
-    defaultSopsFile = ../../secrets-vps-arm.yaml;
+    defaultSopsFile = ../../secrets/secrets-vps-arm.yaml;
    secrets = {
      borg-key = {
        owner = config.users.users.alex.name;
--- a/secrets/secrets-desktop.yaml
+++ b/secrets/secrets-desktop.yaml
--- a/secrets/secrets-framework.yaml
+++ b/secrets/secrets-framework.yaml
--- a/secrets/secrets-mini.yaml
+++ b/secrets/secrets-mini.yaml
--- a/secrets/secrets-vps-arm.yaml
+++ b/secrets/secrets-vps-arm.yaml
--- a/secrets/secrets.yaml
+++ b/secrets/secrets.yaml