From 2cd936257549c49316f9025a121eedc5b3dd8b0a Mon Sep 17 00:00:00 2001 From: Franck Cuny Date: Thu, 24 Jul 2025 11:32:05 -0700 Subject: fix configuration for work machine The hostname is capitalized so let's also capitalize the filename! The overlays are not under `customPackages` anymore. --- flake/overlays.nix | 2 + machines/darwin/aarch64-darwin/HQ-KWNY2VH41P.nix | 57 ++++++++++++++++++++++ machines/darwin/aarch64-darwin/hq-kwny2vh41p.nix | 60 ------------------------ users/profiles/work.nix | 18 +++---- 4 files changed, 68 insertions(+), 69 deletions(-) create mode 100644 machines/darwin/aarch64-darwin/HQ-KWNY2VH41P.nix delete mode 100644 machines/darwin/aarch64-darwin/hq-kwny2vh41p.nix diff --git a/flake/overlays.nix b/flake/overlays.nix index 83eadd0..1429138 100644 --- a/flake/overlays.nix +++ b/flake/overlays.nix @@ -3,6 +3,8 @@ flake.overlays.default = _final: prev: { llmPython = prev.callPackage "${self}/pkgs/llmPython/" { }; + sapi = prev.callPackage "${self}/pkgs/sapi" { }; + hashi = prev.callPackage "${self}/pkgs/hashi" { }; }; perSystem = diff --git a/machines/darwin/aarch64-darwin/HQ-KWNY2VH41P.nix b/machines/darwin/aarch64-darwin/HQ-KWNY2VH41P.nix new file mode 100644 index 0000000..640ec4b --- /dev/null +++ b/machines/darwin/aarch64-darwin/HQ-KWNY2VH41P.nix @@ -0,0 +1,57 @@ +{ + adminUser, + pkgs, + self, + ... +}: +{ + + imports = [ + "${self}/profiles/home-manager.nix" + "${self}/profiles/darwin.nix" + ]; + + system.primaryUser = adminUser.name; + + fonts.packages = with pkgs; [ + source-code-pro + ]; + + # The user should already exist, but we need to set this up so Nix knows + # what our home directory is (https://github.com/LnL7/nix-darwin/issues/423). + users = { + users.${adminUser.name} = { + home = "/Users/${adminUser.name}"; + shell = pkgs.fish; + }; + }; + + environment.shells = [ pkgs.fish ]; + + programs.fish.enable = true; + programs.fish.shellInit = '' + # Nix + if test -e '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.fish' + source '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.fish' + end + # End Nix + ''; + + programs.ssh.knownHosts = { + "github.com".publicKey = + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl"; + }; + + home-manager.users.${adminUser.name} = { + home.stateVersion = "23.05"; + home.username = "${adminUser.name}"; + home.homeDirectory = "/Users/${adminUser.name}"; + home.packages = with pkgs; [ grpcurl ]; + imports = [ + "${self}/users/profiles/mac.nix" + "${self}/users/profiles/work.nix" + ]; + inherit (adminUser) userinfo; + programs.git.userEmail = "fcuny@roblox.com"; + }; +} diff --git a/machines/darwin/aarch64-darwin/hq-kwny2vh41p.nix b/machines/darwin/aarch64-darwin/hq-kwny2vh41p.nix deleted file mode 100644 index e0ebf11..0000000 --- a/machines/darwin/aarch64-darwin/hq-kwny2vh41p.nix +++ /dev/null @@ -1,60 +0,0 @@ -{ - adminUser, - pkgs, - self, - ... -}: -{ - - imports = [ - "${self}/profiles/home-manager.nix" - "${self}/profiles/darwin.nix" - ]; - - system.primaryUser = adminUser.name; - - # https://github.com/nix-darwin/nix-darwin/issues/1339 - ids.gids.nixbld = 30000; - - fonts.packages = with pkgs; [ - source-code-pro - ]; - - # The user should already exist, but we need to set this up so Nix knows - # what our home directory is (https://github.com/LnL7/nix-darwin/issues/423). - users = { - users.${adminUser.name} = { - home = "/Users/${adminUser.name}"; - shell = pkgs.fish; - }; - }; - - environment.shells = [ pkgs.fish ]; - - programs.fish.enable = true; - programs.fish.shellInit = '' - # Nix - if test -e '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.fish' - source '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.fish' - end - # End Nix - ''; - - programs.ssh.knownHosts = { - "github.com".publicKey = - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl"; - }; - - home-manager.users.${adminUser.name} = { - home.stateVersion = "23.05"; - home.username = "${adminUser.name}"; - home.homeDirectory = "/Users/${adminUser.name}"; - home.packages = with pkgs; [ grpcurl ]; - imports = [ - "${self}/users/profiles/mac.nix" - "${self}/users/profiles/work.nix" - ]; - inherit (adminUser) userinfo; - programs.git.userEmail = "fcuny@roblox.com"; - }; -} diff --git a/users/profiles/work.nix b/users/profiles/work.nix index 8d0f4fd..33a1e3e 100644 --- a/users/profiles/work.nix +++ b/users/profiles/work.nix @@ -30,8 +30,8 @@ in home.packages = with pkgs; [ awscli2 boundary # for secure remote access - customPackages.hashi - customPackages.sapi + hashi + sapi nomad-prod tfswitch vault @@ -68,11 +68,11 @@ in builtins.concatMap (env: [ { name = "ssh-sign-${env.alias}"; - value = "${pkgs.customPackages.hashi}/bin/hashi -e ${env.name} sign --output-path=/Users/fcuny/.ssh/cert-${env.alias} --key=(${pkgs._1password-cli}/bin/op read 'op://employee/default rbx ssh key/public key'|psub) key"; + value = "${pkgs.hashi}/bin/hashi -e ${env.name} sign --output-path=/Users/fcuny/.ssh/cert-${env.alias} --key=(${pkgs._1password-cli}/bin/op read 'op://employee/default rbx ssh key/public key'|psub) key"; } { name = "hashi-${env.alias}"; - value = "${pkgs.customPackages.hashi}/bin/hashi -e ${env.name} show v"; + value = "${pkgs.hashi}/bin/hashi -e ${env.name} show v"; } { name = "ssh-${env.alias}"; @@ -83,11 +83,11 @@ in # Add any additional non-environment specific aliases additionalAliases = { - "sjump-st1-snc2" = "${pkgs.customPackages.sapi}/bin/sapi jump sitetest1-snc2"; - "sjump-st1-snc3" = "${pkgs.customPackages.sapi}/bin/sapi jump sitetest3-snc2"; - "sjump-st2-snc2" = "${pkgs.customPackages.sapi}/bin/sapi jump sitetest2-snc2"; - "sjump-st3" = "${pkgs.customPackages.sapi}/bin/sapi jump sitetest3"; - "sjump" = "${pkgs.customPackages.sapi}/bin/sapi jump"; + "sjump-st1-snc2" = "${pkgs.sapi}/bin/sapi jump sitetest1-snc2"; + "sjump-st1-snc3" = "${pkgs.sapi}/bin/sapi jump sitetest3-snc2"; + "sjump-st2-snc2" = "${pkgs.sapi}/bin/sapi jump sitetest2-snc2"; + "sjump-st3" = "${pkgs.sapi}/bin/sapi jump sitetest3"; + "sjump" = "${pkgs.sapi}/bin/sapi jump"; "ssh-edge" = "ssh -o StrictHostKeyChecking=no -o IdentitiesOnly=yes -J chi1-jumpcontainer-es -i (${pkgs._1password-cli}/bin/op read 'op://Infra-Compute-Edge-rks/ice_ssh-private-key/ice_rsa'|psub)"; }; -- cgit v1.2.3