From f9205e1e963aa2ff9e31f93e80c536aa59f0842e Mon Sep 17 00:00:00 2001
From: Franck Cuny <franck@fcuny.net>
Date: Thu, 9 Oct 2025 19:11:52 -0700
Subject: move common modules under modules/

Simplify the import on the various hosts.
---
 modules/common/default.nix  |  2 ++
 modules/common/fish.nix     |  4 ++++
 modules/common/ssh.nix      |  7 +++++++
 modules/darwin/default.nix  |  9 +++++++++
 modules/darwin/desktop.nix  | 34 ++++++++++++++++++++++++++++++++++
 modules/darwin/keyboard.nix |  7 +++++++
 modules/darwin/nix.nix      | 42 ++++++++++++++++++++++++++++++++++++++++++
 modules/darwin/security.nix |  5 +++++
 8 files changed, 110 insertions(+)
 create mode 100644 modules/common/fish.nix
 create mode 100644 modules/common/ssh.nix
 create mode 100644 modules/darwin/default.nix
 create mode 100644 modules/darwin/desktop.nix
 create mode 100644 modules/darwin/keyboard.nix
 create mode 100644 modules/darwin/nix.nix
 create mode 100644 modules/darwin/security.nix

(limited to 'modules')

diff --git a/modules/common/default.nix b/modules/common/default.nix
index b42a079..5a0da5f 100644
--- a/modules/common/default.nix
+++ b/modules/common/default.nix
@@ -1,7 +1,9 @@
 { ... }:
 {
   imports = [
+    ./fish.nix
     ./home.nix
     ./host-config.nix
+    ./ssh.nix
   ];
 }
diff --git a/modules/common/fish.nix b/modules/common/fish.nix
new file mode 100644
index 0000000..21fdf98
--- /dev/null
+++ b/modules/common/fish.nix
@@ -0,0 +1,4 @@
+{ ... }:
+{
+  programs.fish.enable = true;
+}
diff --git a/modules/common/ssh.nix b/modules/common/ssh.nix
new file mode 100644
index 0000000..3e975ee
--- /dev/null
+++ b/modules/common/ssh.nix
@@ -0,0 +1,7 @@
+{ ... }:
+{
+  programs.ssh.knownHosts = {
+    "github.com".publicKey =
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl";
+  };
+}
diff --git a/modules/darwin/default.nix b/modules/darwin/default.nix
new file mode 100644
index 0000000..674e042
--- /dev/null
+++ b/modules/darwin/default.nix
@@ -0,0 +1,9 @@
+{ ... }:
+{
+  imports = [
+    ./desktop.nix
+    ./keyboard.nix
+    ./nix.nix
+    ./security.nix
+  ];
+}
diff --git a/modules/darwin/desktop.nix b/modules/darwin/desktop.nix
new file mode 100644
index 0000000..55cef64
--- /dev/null
+++ b/modules/darwin/desktop.nix
@@ -0,0 +1,34 @@
+{ pkgs, ... }:
+{
+  fonts.packages = with pkgs; [
+    source-code-pro
+  ];
+
+  system.defaults = {
+    dock = {
+      autohide = true;
+      dashboard-in-overlay = false;
+      launchanim = false; # Don't animate opening applications.
+      mru-spaces = false; # don’t rearrange spaces based on the most recent use
+      orientation = "bottom";
+      show-recents = false;
+      showhidden = false;
+      tilesize = 30; # Default is 64.
+      wvous-br-corner = 1; # Disable Notes hot corner.
+    };
+    finder.AppleShowAllExtensions = true;
+
+    CustomUserPreferences = {
+      "com.apple.desktopservices" = {
+        # Avoid creating .DS_Store files on network or USB volumes
+        DSDontWriteNetworkStores = true;
+        DSDontWriteUSBStores = true;
+      };
+    };
+
+    # Requires the directory to already exist.
+    # See system.activationScripts.postUserActivation
+    screencapture.location = "~/Documents/screenshots";
+    SoftwareUpdate.AutomaticallyInstallMacOSUpdates = true;
+  };
+}
diff --git a/modules/darwin/keyboard.nix b/modules/darwin/keyboard.nix
new file mode 100644
index 0000000..c460bac
--- /dev/null
+++ b/modules/darwin/keyboard.nix
@@ -0,0 +1,7 @@
+{ ... }:
+{
+  system.keyboard = {
+    enableKeyMapping = true;
+    remapCapsLockToControl = true;
+  };
+}
diff --git a/modules/darwin/nix.nix b/modules/darwin/nix.nix
new file mode 100644
index 0000000..56d85ca
--- /dev/null
+++ b/modules/darwin/nix.nix
@@ -0,0 +1,42 @@
+{
+  lib,
+  adminUser,
+  pkgs,
+  ...
+}:
+{
+  nix = {
+    extraOptions = ''
+      tarball-ttl = 900
+    '';
+    gc = {
+      automatic = true;
+      options = "--delete-older-than 7d";
+    };
+    optimise = {
+      automatic = true;
+    };
+    package = pkgs.nixVersions.stable;
+    settings = {
+      trusted-substituters = [
+        "https://cachix.cachix.org"
+        "https://nixpkgs.cachix.org"
+        "https://nix-community.cachix.org"
+      ];
+      trusted-public-keys = [
+        "cachix.cachix.org-1:eWNHQldwUO7G2VkjpnjDbWwy4KQ/HNxht7H4SSoMckM="
+        "nixpkgs.cachix.org-1:q91R6hxbwFvDqTSDKwDAV4T5PxqXGxswD8vhONFMeOE="
+        "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
+        "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
+      ];
+      trusted-users = [
+        "@admin"
+        adminUser.name
+      ];
+      experimental-features = lib.mkDefault [
+        "nix-command"
+        "flakes"
+      ];
+    };
+  };
+}
diff --git a/modules/darwin/security.nix b/modules/darwin/security.nix
new file mode 100644
index 0000000..178fca1
--- /dev/null
+++ b/modules/darwin/security.nix
@@ -0,0 +1,5 @@
+{ ... }:
+{
+  # Touch ID for sudo auth
+  security.pam.services.sudo_local.touchIdAuth = true;
+}
-- 
cgit v1.2.3