simplify configuration for darwin

author: Franck Cuny <franck@fcuny.net> 2025-11-02 13:06:05 -0800
committer: Franck Cuny <franck@fcuny.net> 2025-11-02 13:06:05 -0800
commit: cb961051f8307a0bfd6e75acb52a7b7ac003e4d0 (patch)
tree: c2e3e29716bf10bb5d95d2c11d8692672c379c5f /home/profiles
parent: move remote-unlock as a profile (diff)
download: infra-cb961051f8307a0bfd6e75acb52a7b7ac003e4d0.tar.gz
17 files changed, 374 insertions, 55 deletions
diff --git a/home/profiles/bat.nix b/home/profiles/bat.nix
new file mode 100644
index 0000000..a03ba62
--- /dev/null
+++ b/home/profiles/bat.nix
@@ -0,0 +1,4 @@
+{ ... }:
+{
+  programs.bat.enable = true;
+}
diff --git a/home/profiles/direnv.nix b/home/profiles/direnv.nix
new file mode 100644
index 0000000..bad971d
--- /dev/null
+++ b/home/profiles/direnv.nix
@@ -0,0 +1,13 @@
+{ ... }:
+{
+  programs.direnv = {
+    enable = true;
+    nix-direnv.enable = true;
+    config.global = {
+      disable_stdin = true;
+      strict_env = true;
+      hide_env_diff = true;
+      warn_timeout = 0;
+    };
+  };
+}
diff --git a/home/profiles/eza.nix b/home/profiles/eza.nix
new file mode 100644
index 0000000..f71b9b6
--- /dev/null
+++ b/home/profiles/eza.nix
@@ -0,0 +1,22 @@
+{ ... }:
+{
+  programs.eza = {
+    enable = true;
+    icons = "never";
+    colors = "always";
+    git = true;
+    enableFishIntegration = false;
+    extraOptions = [
+      "--group-directories-first"
+      "--no-quotes"
+      "--git-ignore"
+      "--icons=never"
+    ];
+  };
+
+  programs.fish.shellAliases = {
+    la = "eza -la";
+    ll = "eza -la -L=1";
+    lt = "eza -aT -L=2";
+  };
+}
diff --git a/home/profiles/fd.nix b/home/profiles/fd.nix
new file mode 100644
index 0000000..8fc3a75
--- /dev/null
+++ b/home/profiles/fd.nix
@@ -0,0 +1,12 @@
+{ ... }:
+{
+  programs.fd = {
+    enable = true;
+    hidden = true;
+    ignores = [
+      ".git/"
+      ".direnv/"
+      "vendor/"
+    ];
+  };
+}
diff --git a/home/profiles/fish.nix b/home/profiles/fish.nix
new file mode 100644
index 0000000..5adb99b
--- /dev/null
+++ b/home/profiles/fish.nix
@@ -0,0 +1,21 @@
+{ ... }:
+{
+  programs.fish = {
+    enable = true;
+    interactiveShellInit = ''
+      set fish_greeting ""
+
+      # Add utmctl to PATH
+      fish_add_path /Applications/UTM.app/Contents/MacOS/
+    '';
+    shellAbbrs = {
+      ncg = "nix-collect-garbage --delete-older-than 7d";
+      ndc = "nix develop --command";
+      nfc = "nix flake check";
+      ngcroot = "ls -al /nix/var/nix/gcroots/auto/";
+      nph = "nix profile history --profile /nix/var/nix/profiles/system";
+      nsn = "nix search nixpkgs";
+      nsv = "nix store verify --all";
+    };
+  };
+}
diff --git a/home/profiles/git.nix b/home/profiles/git.nix
new file mode 100644
index 0000000..c88705c
--- /dev/null
+++ b/home/profiles/git.nix
@@ -0,0 +1,90 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
+let
+  inherit (config) userinfo;
+in
+{
+  home.packages = with pkgs; [
+    git-credential-manager
+    gitAndTools.pre-commit
+  ];
+
+  programs.git = {
+    enable = true;
+
+    delta = {
+      enable = true;
+      options.features = "decorations side-by-side line-numbers";
+    };
+
+    userName = lib.mkDefault userinfo.fullName;
+    userEmail = lib.mkDefault userinfo.email;
+
+    aliases = {
+      amend = "commit --amend";
+      a = "commit --amend --no-edit";
+      st = "status";
+      co = "checkout";
+      br = "branch";
+      rb = "pull --rebase";
+      hist = "log --pretty=format:\"%Cgreen%h %Creset%cd %Cblue[%cn] %Creset%s%C(yellow)%d%C(reset)\" --graph --date=relative --decorate --all";
+      llog = "log --graph --name-status --pretty=format:\"%C(red)%h %C(reset)(%cd) %C(green)%an %Creset%s %C(yellow)%d%Creset\" --date=relative";
+      logo = "log --pretty=format:\"%C(yellow)%h%Cred%d %Creset%s%Cblue (%cn)\" --decorate";
+      logf = "log --pretty=format:\"%C(yellow)%h%Cred%d %Creset%s%Cblue (%cn)\" --decorate --numstat";
+    };
+
+    ignores = [
+      ".DS_Store"
+      ".aider.*"
+      ".direnv"
+    ];
+
+    extraConfig = {
+      core.whitespace = "trailing-space,space-before-tab";
+      color.ui = true;
+
+      # nicer output
+      column.ui = "auto";
+
+      # https://adamj.eu/tech/2024/01/18/git-improve-diff-histogram/
+      diff.algorithm = "histogram";
+
+      init.defaultBranch = "main";
+
+      # https://blog.gitbutler.com/how-git-core-devs-configure-git/
+      push = {
+        # abort if the remote branch does not match the local one
+        default = "simple";
+        autoSetupRemote = true;
+        followTags = true;
+      };
+
+      fetch = {
+        prune = true;
+        pruneTags = true;
+        all = true;
+      };
+
+      pull.rebase = true;
+
+      rebase = {
+        autosquash = true;
+        updateRefs = true;
+        # Automatically create a temporary stash entry before the
+        # operation begins, and apply it after the operation ends.
+        autoStash = true;
+        # Print a warning if some commits are removed
+        missingCommitsCheck = "warn";
+      };
+
+      branch = {
+        autosetuprebase = "remote";
+        sort = "authordate";
+      };
+    };
+  };
+}
diff --git a/home/profiles/go.nix b/home/profiles/go.nix
new file mode 100644
index 0000000..87e7add
--- /dev/null
+++ b/home/profiles/go.nix
@@ -0,0 +1,18 @@
+{ pkgs, ... }:
+{
+  home.packages = with pkgs; [
+    go-tools # collection of tools, https://github.com/dominikh/go-tools
+    golangci-lint
+    gopls
+  ];
+
+  programs.go = {
+    enable = true;
+    goPath = ".local/share/pkg.go";
+    goBin = ".local/bin.go";
+    goPrivate = [
+      "github.rbx.com/*"
+      "github.com/fcuny/*"
+    ];
+  };
+}
diff --git a/home/profiles/k8s.nix b/home/profiles/k8s.nix
index 5eb4cf6..1e6cd41 100644
--- a/home/profiles/k8s.nix
+++ b/home/profiles/k8s.nix
@@ -1,22 +1,39 @@
-{ self, pkgs, ... }:
+{ pkgs, ... }:
 {
-
-  imports = [
-    "${self}/home/programs/k9s.nix"
-    "${self}/home/programs/kubie.nix"
-  ];
-
   home.packages = with pkgs; [
     kind # k8s in docker
     kubebuilder # generate controller
     kubectl
+    kubie # kubeconfig browser https://github.com/sbstp/kubie
     kubernetes-helm # deploy applications
     kubelogin-oidc # OIDC plugin
   ];
 
+  programs.k9s = {
+    enable = true;
+    settings = {
+      k9s = {
+        refreshRate = 1;
+      };
+    };
+  };
+
+  home.file.kubie = {
+    target = ".kube/kubie.yaml";
+    text = ''
+      shell: fish
+      configs:
+        include:
+          - ~/.kube/rksconfig
+      prompt:
+        fish_use_rprompt: false
+    '';
+  };
+
   programs.fish = {
     shellAbbrs = {
       k = "kubectl";
+      kctx = "kubie ctx";
       klogs = "kubectl logs";
     };
     shellAliases = {
diff --git a/home/profiles/mac.nix b/home/profiles/mac.nix
index 4eb237b..01a891a 100644
--- a/home/profiles/mac.nix
+++ b/home/profiles/mac.nix
@@ -1,52 +1,45 @@
-{ self, pkgs, ... }:
 {
+  pkgs,
+  config,
+  ...
+}:
+let
+
+  inherit (config.home) username;
+in
+{
+  age = {
+    identityPaths = [ "${config.home.homeDirectory}/.ssh/agenix" ];
+    secretsDir = "${config.home.homeDirectory}/.local/share/agenix";
+  };
+
   imports = [
-    "${self}/home/programs/alacritty"
-    "${self}/home/programs/bat.nix"
-    "${self}/home/programs/direnv.nix"
-    "${self}/home/programs/emacs"
-    "${self}/home/programs/eza.nix"
-    "${self}/home/programs/fd.nix"
-    "${self}/home/programs/firefox"
-    "${self}/home/programs/fish.nix"
-    "${self}/home/programs/gh.nix"
-    "${self}/home/programs/git.nix"
-    "${self}/home/programs/go.nix"
-    "${self}/home/programs/onepassword.nix"
-    "${self}/home/programs/rust.nix"
-    "${self}/home/programs/ssh.nix"
-    "${self}/home/programs/starship.nix"
-    "${self}/home/programs/tmux.nix"
-    ./secrets.nix
+    ./fish.nix
+    ./ssh.nix
+    ./onepassword.nix
+    ../programs/emacs
+    ../programs/firefox
   ];
 
+  home.homeDirectory = "/Users/${username}";
+
   home.packages = with pkgs; [
     age
     aider-chat
     bandwhich
-    basedpyright
-    bottom
     coreutils
+    delve
     dive # explore layers in docker images
     docker
     docker-credential-helpers
-    dust
-    jless
-    jq
     nil # nix lsp
     nix-direnv # integration with direnv
     nixfmt-rfc-style # new formatter
     procs
-    python3
     restic
-    ripgrep
-    ruff
     shellcheck
-    tree
-    uv
     wget
     wireshark
-    yq
   ];
 
   home.sessionVariables = {
diff --git a/home/profiles/media.nix b/home/profiles/media.nix
index 28a8663..a2cfd9d 100644
--- a/home/profiles/media.nix
+++ b/home/profiles/media.nix
@@ -1,4 +1,4 @@
-{ pkgs, self, ... }:
+{ pkgs, ... }:
 {
   home.packages = with pkgs; [
     ffmpeg
@@ -6,8 +6,32 @@
     vlc-bin
   ];
 
-  imports = [
-    "${self}/home/programs/yt-dlp.nix"
-    "${self}/home/programs/mpv.nix"
-  ];
+  programs.mpv = {
+    enable = true;
+    config = {
+      screenshot-directory = "~/Documents/screenshots";
+      ontop = true;
+      profile = "gpu-hq";
+    };
+    scripts = with pkgs.mpvScripts; [
+      sponsorblock
+      quality-menu # Switch video quality from YT on-the-go
+      vr-reversal # Script for mpv to play VR video with optional saving of head tracking data
+    ];
+  };
+
+  programs.yt-dlp = {
+    enable = true;
+
+    settings = {
+      mtime = false;
+      merge-output-format = "mkv";
+      restrict-filenames = true;
+      embed-thumbnail = true;
+      embed-metadata = true;
+      embed-chapters = true;
+      sponsorblock-mark = "sponsor";
+      output = "~/Movies/%(uploader)s/%(upload_date>%Y-%m-%d)s-%(title)s-%(id)s.%(ext)s";
+    };
+  };
 }
diff --git a/home/profiles/minimal.nix b/home/profiles/minimal.nix
new file mode 100644
index 0000000..f3aef75
--- /dev/null
+++ b/home/profiles/minimal.nix
@@ -0,0 +1,13 @@
+{ config, ... }:
+let
+  inherit (config.home) username;
+in
+{
+  imports = [
+    ./bat.nix
+    ./eza.nix
+  ];
+
+  home.homeDirectory = "/home/${username}";
+  home.stateVersion = "25.05";
+}
diff --git a/home/profiles/onepassword.nix b/home/profiles/onepassword.nix
new file mode 100644
index 0000000..232092e
--- /dev/null
+++ b/home/profiles/onepassword.nix
@@ -0,0 +1,14 @@
+{ config, ... }:
+{
+  programs.onepassword = {
+    enable = true;
+    sshKeys = [
+      { account = "my.1password.com"; } # All keys from personal account
+    ];
+  };
+
+  home.sessionPath = [
+    config.home.sessionVariables.GOBIN
+    "${config.home.homeDirectory}/.local/bin"
+  ];
+}
diff --git a/home/profiles/secrets.nix b/home/profiles/secrets.nix
deleted file mode 100644
index 986a9e9..0000000
--- a/home/profiles/secrets.nix
+++ /dev/null
@@ -1,7 +0,0 @@
-{ config, ... }:
-{
-  age = {
-    identityPaths = [ "${config.home.homeDirectory}/.ssh/agenix" ];
-    secretsDir = "${config.home.homeDirectory}/.local/share/agenix";
-  };
-}
diff --git a/home/profiles/ssh.nix b/home/profiles/ssh.nix
new file mode 100644
index 0000000..250aff5
--- /dev/null
+++ b/home/profiles/ssh.nix
@@ -0,0 +1,29 @@
+{ config, ... }:
+{
+  programs.ssh = {
+    enable = true;
+    forwardAgent = true;
+    serverAliveInterval = 60;
+    controlMaster = "auto";
+    controlPersist = "30m";
+    controlPath = "${config.home.homeDirectory}/.ssh/sockets/S.%r@%h:%p";
+
+    matchBlocks = {
+      "github.com" = {
+        hostname = "github.com";
+        user = "git";
+        forwardAgent = false;
+        extraOptions = {
+          preferredAuthentications = "publickey";
+          controlMaster = "no";
+          controlPath = "none";
+        };
+      };
+    };
+  };
+
+  home.file = {
+    # we need this path to be created so that the control path can be used.
+    ".ssh/sockets/.keep".text = "# Managed by Home Manager";
+  };
+}
diff --git a/home/profiles/starship.nix b/home/profiles/starship.nix
new file mode 100644
index 0000000..5f0f87a
--- /dev/null
+++ b/home/profiles/starship.nix
@@ -0,0 +1,25 @@
+{ ... }:
+{
+  programs.starship = {
+    enable = true;
+    settings = {
+      add_newline = false;
+      character = {
+        success_symbol = "[›](bold green)";
+        error_symbol = "[›](bold red)";
+      };
+      "$schema" = "https://starship.rs/config-schema.json";
+      hostname = {
+        ssh_only = true;
+      };
+      username = {
+        disabled = true;
+      };
+      kubernetes = {
+        disabled = false;
+        style = "bold blue";
+      };
+      nix_shell.disabled = false;
+    };
+  };
+}
diff --git a/home/profiles/work.nix b/home/profiles/work.nix
index 28cf820..04dc61e 100644
--- a/home/profiles/work.nix
+++ b/home/profiles/work.nix
@@ -1,9 +1,4 @@
-{
-  lib,
-  self,
-  pkgs,
-  ...
-}:
+{ lib, pkgs, ... }:
 let
   nomad-prod = pkgs.writeShellScriptBin "nomad-prod" ''
     set -e
@@ -53,7 +48,6 @@ let
 in
 {
   imports = [
-    "${self}/home/programs/gh.nix"
     ./k8s.nix
   ];
 
@@ -68,6 +62,19 @@ in
     vault
   ];
 
+  programs.gh = {
+    enable = true;
+    settings = {
+      version = 1;
+      git_protocol = "ssh";
+      prompt = "enabled";
+      aliases = {
+        co = "pr checkout";
+        vw = "pr view --web";
+      };
+    };
+  };
+
   programs.onepassword.sshKeys = lib.mkAfter [
     {
       account = "roblox.1password.com";
@@ -79,6 +86,7 @@ in
     shellAbbrs =
       let
         environments = [
+          o
           {
             name = "chi1";
             alias = "chi1";
diff --git a/home/profiles/workstation.nix b/home/profiles/workstation.nix
new file mode 100644
index 0000000..0494281
--- /dev/null
+++ b/home/profiles/workstation.nix
@@ -0,0 +1,23 @@
+{ pkgs, ... }:
+{
+  imports = [
+    ./bat.nix
+    ./eza.nix
+    ./direnv.nix
+    ./go.nix
+    ./starship.nix
+    ./fd.nix
+    ./git.nix
+  ];
+
+  home.packages = with pkgs; [
+    bottom
+    dust
+    fish
+    jless
+    jq
+    ripgrep
+    tree
+    yq
+  ];
+}
author	Franck Cuny <franck@fcuny.net>	2025-11-02 13:06:05 -0800
committer	Franck Cuny <franck@fcuny.net>	2025-11-02 13:06:05 -0800
commit	cb961051f8307a0bfd6e75acb52a7b7ac003e4d0 (patch)
tree	c2e3e29716bf10bb5d95d2c11d8692672c379c5f /home/profiles
parent	move remote-unlock as a profile (diff)
download	infra-cb961051f8307a0bfd6e75acb52a7b7ac003e4d0.tar.gz