diff options
Diffstat (limited to 'users/profiles')
| -rw-r--r-- | users/profiles/1password.nix | 41 | ||||
| -rw-r--r-- | users/profiles/dev.nix | 52 | ||||
| -rw-r--r-- | users/profiles/fish.nix | 31 | ||||
| -rw-r--r-- | users/profiles/gh.nix | 16 | ||||
| -rw-r--r-- | users/profiles/git.nix | 120 | ||||
| -rw-r--r-- | users/profiles/k8s.nix | 79 | ||||
| -rw-r--r-- | users/profiles/mac.nix | 67 | ||||
| -rw-r--r-- | users/profiles/minimal.nix | 7 | ||||
| -rw-r--r-- | users/profiles/ssh.nix | 43 | ||||
| -rw-r--r-- | users/profiles/starship.nix | 40 | ||||
| -rw-r--r-- | users/profiles/work.nix | 54 |
11 files changed, 90 insertions, 460 deletions
diff --git a/users/profiles/1password.nix b/users/profiles/1password.nix deleted file mode 100644 index 63892c7..0000000 --- a/users/profiles/1password.nix +++ /dev/null @@ -1,41 +0,0 @@ -{ pkgs, config, ... }: -let - home = config.home.homeDirectory; - darwinSockPath = "${home}/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sock"; - sockPath = ".1password/agent.sock"; -in -{ - home.packages = with pkgs; [ - _1password-cli - ]; - - home.sessionVariables = { - SSH_AUTH_SOCK = "${home}/${sockPath}"; - }; - - home.file.sock = { - source = config.lib.file.mkOutOfStoreSymlink darwinSockPath; - target = sockPath; - }; - - programs.fish = { - interactiveShellInit = '' - op completion fish | source - ''; - }; - - programs.ssh = { - extraConfig = "IdentityAgent ~/${sockPath}"; - }; - - # Generate ssh agent config for 1Password - # I want both my personal and work keys - home.file.".config/1Password/ssh/agent.toml".text = '' - [[ssh-keys]] - account = "my.1password.com" - - [[ssh-keys]] - account = "roblox.1password.com" - vault = "Private" - ''; -} diff --git a/users/profiles/dev.nix b/users/profiles/dev.nix deleted file mode 100644 index 0c9a07c..0000000 --- a/users/profiles/dev.nix +++ /dev/null @@ -1,52 +0,0 @@ -{ - config, - pkgs, - ... -}: -{ - home.packages = - with pkgs; - [ - docker - docker-credential-helpers - dive # explore layers in docker images - wireshark - ] - ++ [ - llmPython.llm # llm and claude support - aider-chat - ] - ++ [ - delve - go-tools # collection of tools, https://github.com/dominikh/go-tools - golangci-lint - gopls - ] - ++ [ - nil # nix lsp - nix-direnv # integration with direnv - nixfmt-rfc-style # new formatter - ] - ++ [ - python3 - basedpyright - ruff - # ruff-lsp - uv - ]; - - programs.go = { - enable = true; - goPath = ".local/share/pkg.go"; - goBin = ".local/bin.go"; - goPrivate = [ - "github.rbx.com/*" - "github.com/fcuny/*" - ]; - }; - - home.sessionPath = [ - config.home.sessionVariables.GOBIN - "${config.home.homeDirectory}/.local/bin" - ]; -} diff --git a/users/profiles/fish.nix b/users/profiles/fish.nix deleted file mode 100644 index 314e9f6..0000000 --- a/users/profiles/fish.nix +++ /dev/null @@ -1,31 +0,0 @@ -{ ... }: -{ - programs.fish = { - enable = true; - interactiveShellInit = '' - set fish_greeting "" - - fish_add_path -p ~/.cargo/bin/ - - # Add utmctl to PATH - fish_add_path /Applications/UTM.app/Contents/MacOS/ - ''; - shellAbbrs = { - ncg = "nix-collect-garbage --delete-older-than 7d"; - ndc = "nix develop --command"; - nfc = "nix flake check"; - ngcroot = "ls -al /nix/var/nix/gcroots/auto/"; - nph = "nix profile history --profile /nix/var/nix/profiles/system"; - nsn = "nix search nixpkgs"; - nsv = "nix store verify --all"; - - g = "git"; - gap = "git add --patch"; - }; - shellAliases = { - la = "eza -la --git --color=always --group-directories-first"; - ll = "eza -la -L=1 --git --color=always --group-directories-first"; - lt = "eza -aT -L=2 --git --color=always --group-directories-first"; - }; - }; -} diff --git a/users/profiles/gh.nix b/users/profiles/gh.nix deleted file mode 100644 index bf74766..0000000 --- a/users/profiles/gh.nix +++ /dev/null @@ -1,16 +0,0 @@ -{ ... }: -{ - programs.gh = { - enable = true; - - settings = { - version = 1; - git_protocol = "ssh"; - prompt = "enabled"; - aliases = { - co = "pr checkout"; - vw = "pr view --web"; - }; - }; - }; -} diff --git a/users/profiles/git.nix b/users/profiles/git.nix deleted file mode 100644 index ebc753b..0000000 --- a/users/profiles/git.nix +++ /dev/null @@ -1,120 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -let - inherit (config) userinfo; -in -{ - home.packages = with pkgs; [ - gitAndTools.pre-commit - git-credential-manager - ]; - - programs.git = { - enable = true; - - delta = { - enable = true; - options.features = "decorations side-by-side line-numbers"; - }; - - userName = lib.mkDefault userinfo.fullName; - userEmail = lib.mkDefault userinfo.email; - - aliases = { - amend = "commit --amend"; - a = "commit --amend --no-edit"; - st = "status"; - co = "checkout"; - br = "branch"; - rb = "pull --rebase"; - hist = "log --pretty=format:\"%Cgreen%h %Creset%cd %Cblue[%cn] %Creset%s%C(yellow)%d%C(reset)\" --graph --date=relative --decorate --all"; - llog = "log --graph --name-status --pretty=format:\"%C(red)%h %C(reset)(%cd) %C(green)%an %Creset%s %C(yellow)%d%Creset\" --date=relative"; - logo = "log --pretty=format:\"%C(yellow)%h%Cred%d %Creset%s%Cblue (%cn)\" --decorate"; - logf = "log --pretty=format:\"%C(yellow)%h%Cred%d %Creset%s%Cblue (%cn)\" --decorate --numstat"; - }; - - # https://stackoverflow.com/questions/74012449/git-includeif-hasconfigremote-url-not-working - # to test it's working as expected: - # run `git config --get-all user.email' in a repository to check that we get all the possible emails - # run `git config --get user.email' in a repository to check which email is selected - includes = [ - { - condition = "hasconfig:remote.*.url:git@github.rbx.com:*/**"; - path = pkgs.writeText "username.cfg" (lib.generators.toGitINI { user.email = "fcuny@roblox.com"; }); - } - { - condition = "hasconfig:remote.*.url:git@github.com:Roblox/**"; - path = pkgs.writeText "username.cfg" (lib.generators.toGitINI { user.email = "fcuny@roblox.com"; }); - } - { - condition = "hasconfig:remote.*.url:https://github.com/Roblox/**"; - path = pkgs.writeText "username.cfg" (lib.generators.toGitINI { user.email = "fcuny@roblox.com"; }); - } - { - condition = "hasconfig:remote.*.url:https://github.rbx.com/*/**"; - path = pkgs.writeText "username.cfg" (lib.generators.toGitINI { user.email = "fcuny@roblox.com"; }); - } - ]; - - ignores = [ - ".DS_Store" - ".aider.*" - ".direnv" - ".envrc" - ]; - - extraConfig = { - core.whitespace = "trailing-space,space-before-tab"; - color.ui = true; - - # nicer output - column.ui = "auto"; - - # https://adamj.eu/tech/2024/01/18/git-improve-diff-histogram/ - diff.algorithm = "histogram"; - - init.defaultBranch = "main"; - - # https://blog.gitbutler.com/how-git-core-devs-configure-git/ - push = { - # abort if the remote branch does not match the local one - default = "simple"; - autoSetupRemote = true; - followTags = true; - }; - - fetch = { - prune = true; - pruneTags = true; - all = true; - }; - - pull.rebase = true; - - rebase = { - autosquash = true; - updateRefs = true; - # Automatically create a temporary stash entry before the - # operation begins, and apply it after the operation ends. - autoStash = true; - # Print a warning if some commits are removed - missingCommitsCheck = "warn"; - }; - - branch = { - autosetuprebase = "remote"; - sort = "authordate"; - }; - - url = { - "ssh://git@github.rbx.com/" = { - insteadOf = "https://github.rbx.com/"; - }; - }; - }; - }; -} diff --git a/users/profiles/k8s.nix b/users/profiles/k8s.nix index ec59228..dd3d88b 100644 --- a/users/profiles/k8s.nix +++ b/users/profiles/k8s.nix @@ -1,87 +1,22 @@ -{ pkgs, ... }: +{ self, pkgs, ... }: { + + import = [ + "${self}/users/programs/k9s.nix" + "${self}/users/programs/kubie.nix" + ]; + home.packages = with pkgs; [ kind # k8s in docker kubebuilder # generate controller kubectl kubernetes-helm # deploy applications - kubie # kubeconfig browser https://github.com/sbstp/kubie kubelogin-oidc # OIDC plugin ]; - programs.k9s = { - enable = true; - settings = { - k9s = { - refreshRate = 1; - }; - }; - plugin = { - plugins = { - log-bat = { - shortCut = "Shift-L"; - description = "Logs (bat)"; - scopes = [ "po" ]; - command = "bash"; - background = false; - args = [ - "-c" - "\"$@\" | bat" - "dummy-arg" - "kubectl" - "logs" - "$NAME" - "-n" - "$NAMESPACE" - "--context" - "$CONTEXT" - "--kubeconfig" - "$KUBECONFIG" - ]; - }; - log-bat-container = { - shortCut = "Shift-L"; - description = "Logs (bat)"; - scopes = [ "containers" ]; - command = "bash"; - background = false; - args = [ - "-c" - "\"$@\" | bat" - "dummy-arg" - "kubectl" - "logs" - "-c" - "$NAME" - "$POD" - "-n" - "$NAMESPACE" - "--context" - "$CONTEXT" - "--kubeconfig" - "$KUBECONFIG" - ]; - }; - }; - }; - }; - - home.file.kubie = { - target = ".kube/kubie.yaml"; - text = '' - shell: fish - configs: - include: - - ~/.kube/rksconfig - prompt: - fish_use_rprompt: false - ''; - }; - programs.fish = { shellAbbrs = { k = "kubectl"; - kctx = "kubie ctx"; klogs = "kubectl logs"; }; shellAliases = { diff --git a/users/profiles/mac.nix b/users/profiles/mac.nix index 02f2cbd..8c281ac 100644 --- a/users/profiles/mac.nix +++ b/users/profiles/mac.nix @@ -1,68 +1,53 @@ { self, pkgs, ... }: { imports = [ - ./1password.nix - ./dev.nix - ./fish.nix - ./git.nix - ./llm.nix - ./secrets.nix - ./ssh.nix - ./starship.nix + "${self}/users/programs/1password.nix" "${self}/users/programs/alacritty" - "${self}/users/programs/emacs" "${self}/users/programs/bat.nix" + "${self}/users/programs/direnv.nix" + "${self}/users/programs/emacs" + "${self}/users/programs/eza.nix" + "${self}/users/programs/fd.nix" + "${self}/users/programs/fish.nix" + "${self}/users/programs/gh.nix" + "${self}/users/programs/git.nix" + "${self}/users/programs/go.nix" + "${self}/users/programs/ssh.nix" + "${self}/users/programs/starship.nix" + ./llm.nix + ./secrets.nix ]; home.packages = with pkgs; [ age + aider-chat bandwhich + basedpyright bottom coreutils + dive # explore layers in docker images + docker + docker-credential-helpers dust jless jq + llmPython.llm # llm and claude support + nil # nix lsp + nix-direnv # integration with direnv + nixfmt-rfc-style # new formatter procs + python3 restic ripgrep + ruff shellcheck tree + uv wget + wireshark yq ]; - programs.direnv = { - enable = true; - nix-direnv.enable = true; - config = { - global.disable_stdin = true; - global.strict_env = true; - }; - }; - - # an alternative to ls - programs.eza = { - enable = true; - icons = "never"; - enableFishIntegration = false; - extraOptions = [ - "--group-directories-first" - "--no-quotes" - "--git-ignore" - "--icons=never" - ]; - }; - - # an alternative to find - programs.fd = { - enable = true; - hidden = true; - ignores = [ - ".git/" - ".direnv/" - ]; - }; - home.sessionVariables = { LESS = "-FRSXM"; LESSCHARSET = "utf-8"; diff --git a/users/profiles/minimal.nix b/users/profiles/minimal.nix index ed67195..b751e91 100644 --- a/users/profiles/minimal.nix +++ b/users/profiles/minimal.nix @@ -1,7 +1,10 @@ -{ pkgs, ... }: +{ self, pkgs, ... }: { - imports = [ ./bat.nix ]; + imports = [ + "${self}/users/programs/bat.nix" + ]; + home.packages = with pkgs; [ htop ]; diff --git a/users/profiles/ssh.nix b/users/profiles/ssh.nix deleted file mode 100644 index 322a8bc..0000000 --- a/users/profiles/ssh.nix +++ /dev/null @@ -1,43 +0,0 @@ -{ pkgs, config, ... }: -{ - # https://github.com/nix-community/home-manager/blob/master/modules/programs/ssh.nix - programs.ssh = { - enable = true; - forwardAgent = true; - serverAliveInterval = 60; - controlMaster = "auto"; - controlPersist = "30m"; - controlPath = "${config.home.homeDirectory}/.ssh/sockets/S.%r@%h:%p"; - - matchBlocks = { - "git.fcuny.net" = { - proxyCommand = "${pkgs.cloudflared}/bin/cloudflared access ssh --hostname %h"; - }; - "github.com" = { - hostname = "github.com"; - user = "git"; - forwardAgent = false; - extraOptions = { - preferredAuthentications = "publickey"; - controlMaster = "no"; - controlPath = "none"; - }; - }; - "github.rbx.com" = { - hostname = "github.rbx.com"; - user = "git"; - forwardAgent = false; - extraOptions = { - preferredAuthentications = "publickey"; - controlMaster = "no"; - controlPath = "none"; - }; - }; - }; - }; - - home.file = { - # we need this path to be created so that the control path can be used. - ".ssh/sockets/.keep".text = "# Managed by Home Manager"; - }; -} diff --git a/users/profiles/starship.nix b/users/profiles/starship.nix deleted file mode 100644 index 8a541ce..0000000 --- a/users/profiles/starship.nix +++ /dev/null @@ -1,40 +0,0 @@ -{ ... }: -{ - programs.starship = { - enable = true; - settings = { - add_newline = false; - character = { - success_symbol = "[›](bold green)"; - error_symbol = "[›](bold red)"; - }; - directory = { - fish_style_pwd_dir_length = 3; - }; - git_branch = { - symbol = "🌱 "; - }; - git_commit = { - commit_hash_length = 4; - }; - git_status = { - deleted = "✗"; - modified = "✶"; - staged = "✓"; - stashed = "≡"; - }; - "$schema" = "https://starship.rs/config-schema.json"; - hostname = { - ssh_only = true; - }; - username = { - disabled = true; - }; - kubernetes = { - disabled = false; - style = "bold blue"; - }; - nix_shell.disabled = false; - }; - }; -} diff --git a/users/profiles/work.nix b/users/profiles/work.nix index 33a1e3e..feb5a46 100644 --- a/users/profiles/work.nix +++ b/users/profiles/work.nix @@ -1,4 +1,9 @@ -{ pkgs, ... }: +{ + lib, + self, + pkgs, + ... +}: let nomad-prod = pkgs.writeShellScriptBin "nomad-prod" '' set -e @@ -23,7 +28,7 @@ let in { imports = [ - ./gh.nix + "${self}/users/programs/gh.nix" ./k8s.nix ]; @@ -95,6 +100,51 @@ in envAliases // additionalAliases; }; + programs.ssh.matchBlocks = { + "github.rbx.com" = { + hostname = "github.rbx.com"; + user = "git"; + forwardAgent = false; + extraOptions = { + preferredAuthentications = "publickey"; + controlMaster = "no"; + controlPath = "none"; + }; + }; + }; + # the configuration for sapi is generated when we run `sapi jump`, there's no need to manage it with nix. programs.ssh.includes = [ "config_sapi" ]; + + programs.git = { + extraConfig = { + url = { + "ssh://git@github.rbx.com/" = { + insteadOf = "https://github.rbx.com/"; + }; + }; + }; + # https://stackoverflow.com/questions/74012449/git-includeif-hasconfigremote-url-not-working + # to test it's working as expected: + # run `git config --get-all user.email' in a repository to check that we get all the possible emails + # run `git config --get user.email' in a repository to check which email is selected + includes = [ + { + condition = "hasconfig:remote.*.url:git@github.rbx.com:*/**"; + path = pkgs.writeText "username.cfg" (lib.generators.toGitINI { user.email = "fcuny@roblox.com"; }); + } + { + condition = "hasconfig:remote.*.url:git@github.com:Roblox/**"; + path = pkgs.writeText "username.cfg" (lib.generators.toGitINI { user.email = "fcuny@roblox.com"; }); + } + { + condition = "hasconfig:remote.*.url:https://github.com/Roblox/**"; + path = pkgs.writeText "username.cfg" (lib.generators.toGitINI { user.email = "fcuny@roblox.com"; }); + } + { + condition = "hasconfig:remote.*.url:https://github.rbx.com/*/**"; + path = pkgs.writeText "username.cfg" (lib.generators.toGitINI { user.email = "fcuny@roblox.com"; }); + } + ]; + }; } |