aboutsummaryrefslogtreecommitdiff
path: root/home/programs
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--home/programs/backups/restic.nix (renamed from home/profiles/restic.nix)3
-rw-r--r--home/programs/cli/bat.nix16
-rw-r--r--home/programs/cli/core.nix43
-rw-r--r--home/programs/cli/eza.nix21
-rw-r--r--home/programs/cli/fd.nix (renamed from home/profiles/fd.nix)6
-rw-r--r--home/programs/cli/tmux.nix16
-rw-r--r--home/programs/dev/delta.nix7
-rw-r--r--home/programs/dev/direnv.nix (renamed from home/profiles/direnv.nix)0
-rw-r--r--home/programs/dev/gh.nix15
-rw-r--r--home/programs/dev/git.nix (renamed from home/profiles/git.nix)5
-rw-r--r--home/programs/dev/go.nix (renamed from home/profiles/go.nix)0
-rw-r--r--home/programs/dev/k8s.nix (renamed from home/profiles/k8s.nix)0
-rw-r--r--home/programs/media/mpv.nix16
-rw-r--r--home/programs/media/videos.nix11
-rw-r--r--home/programs/media/yt-dlp.nix17
-rw-r--r--home/programs/messengers/matrix.nix6
-rw-r--r--home/programs/security/age.nix (renamed from home/profiles/security.nix)1
-rw-r--r--home/programs/security/hashi.nix54
-rw-r--r--home/programs/security/onepassword.nix (renamed from home/profiles/onepassword.nix)0
-rw-r--r--home/programs/security/sapi.nix20
-rw-r--r--home/programs/security/ssh.nix (renamed from home/profiles/ssh.nix)0
-rw-r--r--home/programs/security/yubikey.nix6
-rw-r--r--home/programs/shell/fish.nix (renamed from home/profiles/fish.nix)9
-rw-r--r--home/programs/term/kitty.nix (renamed from home/profiles/kitty.nix)0
24 files changed, 260 insertions, 12 deletions
diff --git a/home/profiles/restic.nix b/home/programs/backups/restic.nix
index 96ae8d4..a27270f 100644
--- a/home/profiles/restic.nix
+++ b/home/programs/backups/restic.nix
@@ -4,7 +4,6 @@
pkgs,
...
}:
-
let
nasHost = "nas";
repoPath = "/backups/workstation";
@@ -23,7 +22,7 @@ in
home.packages = with pkgs; [ restic ];
age.secrets.restic-password = {
- file = ../../secrets/restic-pw.age;
+ file = ../../../secrets/restic-pw.age;
path = "${config.home.homeDirectory}/.config/restic/password";
mode = "400";
};
diff --git a/home/programs/cli/bat.nix b/home/programs/cli/bat.nix
new file mode 100644
index 0000000..3627997
--- /dev/null
+++ b/home/programs/cli/bat.nix
@@ -0,0 +1,16 @@
+{ pkgs, ... }:
+{
+ programs.bat = {
+ enable = true;
+ extraPackages = with pkgs.bat-extras; [ batman ];
+ config = {
+ pager = "less -FR";
+ };
+ };
+
+ programs.fish.shellAliases = {
+ cat = "${pkgs.bat.outPath}/bin/bat --paging=never";
+ less = "${pkgs.bat.outPath}/bin/bat";
+ man = "${pkgs.bat-extras.batman}/bin/batman";
+ };
+}
diff --git a/home/programs/cli/core.nix b/home/programs/cli/core.nix
new file mode 100644
index 0000000..cbfd110
--- /dev/null
+++ b/home/programs/cli/core.nix
@@ -0,0 +1,43 @@
+{ config, pkgs, ... }:
+{
+ home.packages =
+ with pkgs;
+ [
+ bandwhich
+ bottom
+ coreutils
+ delve
+ dive # explore layers in docker images
+ docker
+ docker-credential-helpers
+ dust
+ dysk
+ jless
+ nil # nix lsp
+ nix-direnv # integration with direnv
+ nixfmt-rfc-style # new formatter
+ procs
+ shellcheck
+ tree
+ wget
+ wireshark
+ yq
+ ]
+ ++ lib.optionals pkgs.stdenv.isLinux [
+ pciutils
+ powertop
+ traceroute
+ ];
+
+ programs.ripgrep.enable = true;
+ programs.jq.enable = true;
+
+ programs.fish.shellAliases = {
+ grep = "${pkgs.ripgrep}/bin/rg";
+ ps = "${pkgs.procs}/bin/procs";
+ };
+
+ home.sessionPath = [
+ "${config.home.homeDirectory}/.local/bin"
+ ];
+}
diff --git a/home/programs/cli/eza.nix b/home/programs/cli/eza.nix
new file mode 100644
index 0000000..517ab2f
--- /dev/null
+++ b/home/programs/cli/eza.nix
@@ -0,0 +1,21 @@
+{ pkgs, ... }:
+{
+ programs.eza = {
+ enable = true;
+ icons = "always";
+ colors = "always";
+ git = true;
+ enableFishIntegration = false; # I setup my own aliases
+ extraOptions = [
+ "--group-directories-first"
+ "--no-quotes"
+ "--git-ignore"
+ ];
+ };
+
+ programs.fish.shellAliases = with pkgs; {
+ la = "${eza}/bin/eza -la";
+ ll = "${eza}/bin/eza -la -L=1";
+ lt = "${eza}/bin/eza -aT -L=2";
+ };
+}
diff --git a/home/profiles/fd.nix b/home/programs/cli/fd.nix
index 8fc3a75..873eaed 100644
--- a/home/profiles/fd.nix
+++ b/home/programs/cli/fd.nix
@@ -1,4 +1,4 @@
-{ ... }:
+{ pkgs, ... }:
{
programs.fd = {
enable = true;
@@ -9,4 +9,8 @@
"vendor/"
];
};
+
+ programs.fish.shellAliases = {
+ find = "${pkgs.fd}/bin/fd";
+ };
}
diff --git a/home/programs/cli/tmux.nix b/home/programs/cli/tmux.nix
new file mode 100644
index 0000000..776c443
--- /dev/null
+++ b/home/programs/cli/tmux.nix
@@ -0,0 +1,16 @@
+{ pkgs, ... }:
+{
+ programs.tmux = {
+ enable = true;
+ aggressiveResize = true;
+ baseIndex = 1;
+ clock24 = true;
+ escapeTime = 0;
+ historyLimit = 100000;
+ keyMode = "emacs";
+ mouse = true;
+ shell = "${pkgs.fish}/bin/fish";
+ shortcut = "z";
+ terminal = "tmux-256color";
+ };
+}
diff --git a/home/programs/dev/delta.nix b/home/programs/dev/delta.nix
new file mode 100644
index 0000000..726357f
--- /dev/null
+++ b/home/programs/dev/delta.nix
@@ -0,0 +1,7 @@
+{ ... }:
+{
+ programs.delta = {
+ enable = true;
+ options.features = "decorations side-by-side line-numbers";
+ };
+}
diff --git a/home/profiles/direnv.nix b/home/programs/dev/direnv.nix
index bad971d..bad971d 100644
--- a/home/profiles/direnv.nix
+++ b/home/programs/dev/direnv.nix
diff --git a/home/programs/dev/gh.nix b/home/programs/dev/gh.nix
new file mode 100644
index 0000000..b194b35
--- /dev/null
+++ b/home/programs/dev/gh.nix
@@ -0,0 +1,15 @@
+{ ... }:
+{
+ programs.gh = {
+ enable = true;
+ settings = {
+ version = 1;
+ git_protocol = "ssh";
+ prompt = "enabled";
+ aliases = {
+ co = "pr checkout";
+ vw = "pr view --web";
+ };
+ };
+ };
+}
diff --git a/home/profiles/git.nix b/home/programs/dev/git.nix
index 4821498..333f968 100644
--- a/home/profiles/git.nix
+++ b/home/programs/dev/git.nix
@@ -13,11 +13,6 @@ in
pre-commit
];
- programs.delta = {
- enable = true;
- options.features = "decorations side-by-side line-numbers";
- };
-
programs.git = {
enable = true;
settings = {
diff --git a/home/profiles/go.nix b/home/programs/dev/go.nix
index d6ea5f4..d6ea5f4 100644
--- a/home/profiles/go.nix
+++ b/home/programs/dev/go.nix
diff --git a/home/profiles/k8s.nix b/home/programs/dev/k8s.nix
index 1e6cd41..1e6cd41 100644
--- a/home/profiles/k8s.nix
+++ b/home/programs/dev/k8s.nix
diff --git a/home/programs/media/mpv.nix b/home/programs/media/mpv.nix
new file mode 100644
index 0000000..925d4fe
--- /dev/null
+++ b/home/programs/media/mpv.nix
@@ -0,0 +1,16 @@
+{ pkgs, ... }:
+{
+ programs.mpv = {
+ enable = true;
+ config = {
+ screenshot-directory = "~/Documents/screenshots";
+ ontop = true;
+ profile = "gpu-hq";
+ };
+ scripts = with pkgs.mpvScripts; [
+ sponsorblock
+ quality-menu # Switch video quality from YT on-the-go
+ vr-reversal # Script for mpv to play VR video with optional saving of head tracking data
+ ];
+ };
+}
diff --git a/home/programs/media/videos.nix b/home/programs/media/videos.nix
new file mode 100644
index 0000000..00d4f2a
--- /dev/null
+++ b/home/programs/media/videos.nix
@@ -0,0 +1,11 @@
+{ pkgs, ... }:
+{
+ home.packages =
+ with pkgs;
+ [
+ ffmpeg
+ ]
+ ++ lib.optionals pkgs.stdenv.isDarwin [
+ vlc-bin
+ ];
+}
diff --git a/home/programs/media/yt-dlp.nix b/home/programs/media/yt-dlp.nix
new file mode 100644
index 0000000..ae48c18
--- /dev/null
+++ b/home/programs/media/yt-dlp.nix
@@ -0,0 +1,17 @@
+{ ... }:
+{
+ programs.yt-dlp = {
+ enable = true;
+
+ settings = {
+ mtime = false;
+ merge-output-format = "mkv";
+ restrict-filenames = true;
+ embed-thumbnail = true;
+ embed-metadata = true;
+ embed-chapters = true;
+ sponsorblock-mark = "sponsor";
+ output = "~/Movies/%(uploader)s/%(upload_date>%Y-%m-%d)s-%(title)s-%(id)s.%(ext)s";
+ };
+ };
+}
diff --git a/home/programs/messengers/matrix.nix b/home/programs/messengers/matrix.nix
new file mode 100644
index 0000000..0bf6881
--- /dev/null
+++ b/home/programs/messengers/matrix.nix
@@ -0,0 +1,6 @@
+{ pkgs, ... }:
+{
+ home.packages = with pkgs; [
+ element-desktop
+ ];
+}
diff --git a/home/profiles/security.nix b/home/programs/security/age.nix
index fd82167..e41d0d8 100644
--- a/home/profiles/security.nix
+++ b/home/programs/security/age.nix
@@ -1,6 +1,7 @@
{ pkgs, config, ... }:
{
home.packages = with pkgs; [
+ age
age-plugin-yubikey
passage
];
diff --git a/home/programs/security/hashi.nix b/home/programs/security/hashi.nix
new file mode 100644
index 0000000..c24845e
--- /dev/null
+++ b/home/programs/security/hashi.nix
@@ -0,0 +1,54 @@
+{ pkgs, ... }:
+let
+ nomad-prod = pkgs.writeShellScriptBin "nomad-prod" ''
+ set -e
+
+ if [ $# -ne 1 ]; then
+ echo "Usage: nomad-ui CELL_ID"
+ exit 1
+ fi
+
+ CELL_ID=$1
+
+ echo ">> Fetching cell definition for $CELL_ID from GitHub"
+ REGION_ID=$(${pkgs.gh}/bin/gh api --hostname github.rbx.com repos/Roblox/cell-lifecycle/contents/definitions/''${CELL_ID}.yaml --jq '.content' | base64 -d | yq -r '.regionId')
+
+ if [ -z "$REGION_ID" ] || [ "$REGION_ID" = "null" ]; then
+ echo "Error: Could not retrieve regionId for cell $CELL_ID"
+ exit 1
+ fi
+
+ echo ">> Found regionId: $REGION_ID"
+
+ case "$REGION_ID" in
+ r002)
+ VAULT_REGION="chi1"
+ ;;
+ r003)
+ VAULT_REGION="ash1"
+ ;;
+ *)
+ echo "Error: Unknown regionId $REGION_ID. Expected r002 or r003."
+ exit 1
+ ;;
+ esac
+
+ echo ">> Using vault region: $VAULT_REGION"
+
+ echo ">> Login to $VAULT_REGION vault using Okta"
+ export VAULT_ADDR="https://$VAULT_REGION-vault.simulprod.com:8200"
+ export VAULT_TOKEN=$(${pkgs.vault}/bin/vault login -field=token -method=oidc username=$USER)
+
+ echo ">> Accessing cell $CELL_ID"
+ export NOMAD_ADDR="https://$CELL_ID-nomad.simulprod.com"
+ export NOMAD_TOKEN=$(${pkgs.vault}/bin/vault read -field secret_id ''${CELL_ID}_nomad/creds/management)
+
+ ${pkgs.nomad}/bin/nomad ui --authenticate
+ '';
+in
+{
+ home.packages = with pkgs; [
+ nomad-prod
+ hashi
+ ];
+}
diff --git a/home/profiles/onepassword.nix b/home/programs/security/onepassword.nix
index f364a9e..f364a9e 100644
--- a/home/profiles/onepassword.nix
+++ b/home/programs/security/onepassword.nix
diff --git a/home/programs/security/sapi.nix b/home/programs/security/sapi.nix
new file mode 100644
index 0000000..1d90698
--- /dev/null
+++ b/home/programs/security/sapi.nix
@@ -0,0 +1,20 @@
+{ pkgs, ... }:
+{
+ home.packages = with pkgs; [
+ sapi
+ ];
+
+ # the configuration for sapi is generated when we run `sapi jump`,
+ # there's no need to manage it with nix.
+ programs.ssh.includes = [ "config_sapi" ];
+
+ programs.fish.shellAbbrs = {
+ "sjump-st1-snc2" = "${pkgs.sapi}/bin/sapi jump sitetest1-snc2";
+ "sjump-st1-snc3" = "${pkgs.sapi}/bin/sapi jump sitetest3-snc2";
+ "sjump-st2-snc2" = "${pkgs.sapi}/bin/sapi jump sitetest2-snc2";
+ "sjump-st3" = "${pkgs.sapi}/bin/sapi jump sitetest3";
+ "sjump" = "${pkgs.sapi}/bin/sapi jump";
+ "ssh-edge" =
+ "${pkgs.kitty}/bin/kitten ssh -o StrictHostKeyChecking=no -o IdentitiesOnly=yes -J chi1-jumpcontainer-es -i (${pkgs._1password-cli}/bin/op read 'op://Infra-Compute-Edge-rks/ice_ssh-private-key/ice_rsa'|psub)";
+ };
+}
diff --git a/home/profiles/ssh.nix b/home/programs/security/ssh.nix
index 004b082..004b082 100644
--- a/home/profiles/ssh.nix
+++ b/home/programs/security/ssh.nix
diff --git a/home/programs/security/yubikey.nix b/home/programs/security/yubikey.nix
new file mode 100644
index 0000000..8e5c598
--- /dev/null
+++ b/home/programs/security/yubikey.nix
@@ -0,0 +1,6 @@
+{ pkgs, ... }:
+{
+ home.packages = with pkgs; [
+ yubikey-manager
+ ];
+}
diff --git a/home/profiles/fish.nix b/home/programs/shell/fish.nix
index 5adb99b..1e1ef36 100644
--- a/home/profiles/fish.nix
+++ b/home/programs/shell/fish.nix
@@ -1,12 +1,9 @@
-{ ... }:
+{ pkgs, ... }:
{
programs.fish = {
enable = true;
interactiveShellInit = ''
set fish_greeting ""
-
- # Add utmctl to PATH
- fish_add_path /Applications/UTM.app/Contents/MacOS/
'';
shellAbbrs = {
ncg = "nix-collect-garbage --delete-older-than 7d";
@@ -18,4 +15,8 @@
nsv = "nix store verify --all";
};
};
+
+ home.sessionVariables = {
+ SHELL = "${pkgs.fish}/bin/fish";
+ };
}
diff --git a/home/profiles/kitty.nix b/home/programs/term/kitty.nix
index b02702d..b02702d 100644
--- a/home/profiles/kitty.nix
+++ b/home/programs/term/kitty.nix
generated by cgit v1.2.3 (git 2.25.1) at 2026-01-20 11:42:36 +0000