path: root/home/profiles/workstation.nix



{ config, lib, pkgs, ... }:
let
  restic-nas = pkgs.writeShellApplication
    {
      name = "restic-nas";
      runtimeInputs = [ pkgs.restic pkgs.tailscale pkgs.jq ];
      text = ''
        NAS=$(tailscale status --json | jq -r '.Peer | map(select(.HostName == "tahoe"))[0].TailscaleIPs[0]')

        RESTIC_REPOSITORY="sftp:''${NAS}:/$(hostname)"
        export RESTIC_REPOSITORY
        export RESTIC_PASSWORD_FILE=/run/agenix/restic/repo-users

        sudo -E restic -o sftp.command="ssh backup@''${NAS} -i /run/agenix/restic/ssh-key -s sftp" "$@"
      '';
    };

  album-to-nas = pkgs.writeShellApplication {
    name = "album-to-nas";
    runtimeInputs = [ pkgs.jq pkgs.tailscale ];
    text = ''
      ALBUM_PATH="$1"

      NAS=$(tailscale status --json | jq -r '.Peer | map(select(.HostName == "tahoe"))[0].TailscaleIPs[0]')

      scp "$ALBUM_PATH" "$NAS:~/import/album.zip"
      ssh "$NAS" bc-to-beet ~/import/album.zip
    '';
  };
in
{
  imports = [
    ./dev.nix
    ./emacs.nix
    ./firefox.nix
    ./yubikey.nix
    ./ytdlp.nix
  ];

  home.packages = with pkgs; [
    # media
    gnome3.eog
    gnome3.evince
    sublime-music
    vlc
    yt-dlp

    passage
    tree

    element-desktop-wayland

    # scanning
    tesseract
    imagemagick
    exiftool
    sane-airscan

    transmission-remote-gtk

    # custom tools
    album-to-nas
    restic-nas

    # tools from external repositories
    # x509-info
    # gh-ssh-keys
    # masked-emails
  ];

  programs.kitty = {
    enable = true;
    font = {
      name = "JetBrain Mono";
      size = 13;
    };
    theme = "Modus Operandi";
    settings = {
      tab_bar_edge = "bottom";
      tab_bar_background = "none";
      tab_bar_style = "powerline";
      active_tab_font_style = "bold-italic";
    };
  };

  programs.feh.enable = true;
  programs.mpv = {
    enable = true;
    config = {
      sub-auto = "fuzzy";
      vo = "gpu";
      hwdec = "auto-safe";
      gpu-context = "wayland";
      audio-display = "no";
      cache-pause = "no";
      cache = "yes";
      mute = "no";
      osc = "yes";
      screenshot-directory = "~/documents/screenshots/mpv-screenshots/";
      screenshot-format = "png";
    };
    scripts = lib.attrVals [ "sponsorblock" ] pkgs.mpvScripts;
  };

  services.gammastep = {
    enable = true;
    #TODO: this needs to come from locale.nix
    latitude = 37.8715;
    longitude = -122.273;
    temperature = {
      day = 5000;
      night = 3700;
    };
  };

  home.sessionVariables = {
    PASSAGE_DIR = "${config.xdg.dataHome}/passage/store";
    PASSAGE_IDENTITIES_FILE = "${config.xdg.dataHome}/passage/identities";
    # for now I have to default to rage, as the version of age is
    # not recent enough to work with keys generated by
    # age-plugin-yubikey
    PASSAGE_AGE = "${pkgs.rage}/bin/rage";
  };

  # enable bluetooth
  services.blueman-applet.enable = true;
}
{ config, lib, pkgs, ... }:
let
  restic-nas = pkgs.writeShellApplication
    {
      name = "restic-nas";
      runtimeInputs = [ pkgs.restic pkgs.tailscale pkgs.jq ];
      text = ''
        NAS=$(tailscale status --json | jq -r '.Peer | map(select(.HostName == "tahoe"))[0].TailscaleIPs[0]')

        RESTIC_REPOSITORY="sftp:''${NAS}:/$(hostname)"
        export RESTIC_REPOSITORY
        export RESTIC_PASSWORD_FILE=/run/agenix/restic/repo-users

        sudo -E restic -o sftp.command="ssh backup@''${NAS} -i /run/agenix/restic/ssh-key -s sftp" "$@"
      '';
    };

  album-to-nas = pkgs.writeShellApplication {
    name = "album-to-nas";
    runtimeInputs = [ pkgs.jq pkgs.tailscale ];
    text = ''
      ALBUM_PATH="$1"

      NAS=$(tailscale status --json | jq -r '.Peer | map(select(.HostName == "tahoe"))[0].TailscaleIPs[0]')

      scp "$ALBUM_PATH" "$NAS:~/import/album.zip"
      ssh "$NAS" bc-to-beet ~/import/album.zip
    '';
  };
in
{
  imports = [
    ./dev.nix
    ./emacs.nix
    ./firefox.nix
    ./yubikey.nix
    ./ytdlp.nix
  ];

  home.packages = with pkgs; [
    # media
    gnome3.eog
    gnome3.evince
    sublime-music
    vlc
    yt-dlp

    passage
    tree

    element-desktop-wayland

    # scanning
    tesseract
    imagemagick
    exiftool
    sane-airscan

    transmission-remote-gtk

    # custom tools
    album-to-nas
    restic-nas

    # tools from external repositories
    # x509-info
    # gh-ssh-keys
    # masked-emails
  ];

  programs.kitty = {
    enable = true;
    font = {
      name = "JetBrain Mono";
      size = 13;
    };
    theme = "Modus Operandi";
    settings = {
      tab_bar_edge = "bottom";
      tab_bar_background = "none";
      tab_bar_style = "powerline";
      active_tab_font_style = "bold-italic";
    };
  };

  programs.feh.enable = true;
  programs.mpv = {
    enable = true;
    config = {
      sub-auto = "fuzzy";
      vo = "gpu";
      hwdec = "auto-safe";
      gpu-context = "wayland";
      audio-display = "no";
      cache-pause = "no";
      cache = "yes";
      mute = "no";
      osc = "yes";
      screenshot-directory = "~/documents/screenshots/mpv-screenshots/";
      screenshot-format = "png";
    };
    scripts = lib.attrVals [ "sponsorblock" ] pkgs.mpvScripts;
  };

  services.gammastep = {
    enable = true;
    #TODO: this needs to come from locale.nix
    latitude = 37.8715;
    longitude = -122.273;
    temperature = {
      day = 5000;
      night = 3700;
    };
  };

  home.sessionVariables = {
    PASSAGE_DIR = "${config.xdg.dataHome}/passage/store";
    PASSAGE_IDENTITIES_FILE = "${config.xdg.dataHome}/passage/identities";
    # for now I have to default to rage, as the version of age is
    # not recent enough to work with keys generated by
    # age-plugin-yubikey
    PASSAGE_AGE = "${pkgs.rage}/bin/rage";
  };

  # enable bluetooth
  services.blueman-applet.enable = true;
}