dunkirk.sh / dots
Kieran's opinionated (and probably slightly dumb) nix config
fork atom
dots / machines / atalanta / home / default.nix
at main 4.5 kB view raw
1{ 2 inputs, 3 pkgs, 4 osConfig, 5 ... 6}: 7{ 8 imports = [ 9 (inputs.import-tree ../../../modules/home) 10 ]; 11 12 home = { 13 username = "kierank"; 14 homeDirectory = "/Users/kierank"; 15 packages = with pkgs; [ 16 inputs.nixvim.packages.${pkgs.stdenv.hostPlatform.system}.default 17 vesktop 18 ]; 19 }; 20 21 atelier = { 22 shell = { 23 enable = true; 24 }; 25 terminal = { 26 ghostty = { 27 enable = true; 28 windowDecoration = true; 29 }; 30 }; 31 apps = { 32 halloy.enable = true; 33 crush.enable = true; 34 helix = { 35 enable = true; 36 swift = true; 37 }; 38 }; 39 bore = { 40 enable = true; 41 authTokenFile = osConfig.age.secrets.frp-auth-token.path; 42 }; 43 ssh = { 44 enable = true; 45 46 zmx = { 47 enable = true; 48 hosts = [ "t.*" "p.*" "e.*" "j.*" ]; 49 }; 50 51 hosts = { 52 # Dynamic zmx sessions per server 53 "t.*" = { 54 hostname = "150.136.15.177"; # terebithia 55 }; 56 57 "p.*" = { 58 hostname = "150.136.63.103"; # prattle 59 }; 60 61 "e.*" = { 62 hostname = "192.168.0.94"; # ember 63 }; 64 65 "j.*" = { 66 hostname = "john.cedarville.edu"; 67 user = "klukas"; 68 }; 69 70 # Regular hosts 71 john = { 72 hostname = "john.cedarville.edu"; 73 user = "klukas"; 74 zmx = true; 75 }; 76 77 bandit = { 78 hostname = "bandit.labs.overthewire.org"; 79 port = 2220; 80 }; 81 82 kali = { 83 user = "kali"; 84 }; 85 86 terebithia = { 87 hostname = "150.136.15.177"; 88 zmx = true; 89 }; 90 91 prattle = { 92 hostname = "150.136.63.103"; 93 zmx = true; 94 }; 95 96 ember = { 97 hostname = "192.168.0.94"; 98 zmx = true; 99 }; 100 101 remarkable = { 102 hostname = "10.11.99.01"; 103 user = "root"; 104 }; 105 }; 106 107 extraConfig = '' 108 IdentityFile ~/.ssh/id_rsa 109 ''; 110 }; 111 }; 112 113 programs.zsh.initContent = '' 114 eval "$(/usr/libexec/path_helper)" 115 export PATH="$HOME/.cargo/bin:$PATH" 116 117 # MITM proxy management functions 118 MITM_SERVICE="Wi-Fi" # Change to "Ethernet" if needed 119 MITM_CERT="$HOME/.mitmproxy/mitmproxy-ca-cert.pem" 120 121 mitmup() { 122 # Generate mitmproxy CA certificate if it doesn't exist 123 if [ ! -f "$MITM_CERT" ]; then 124 echo "Generating mitmproxy CA certificate..." 125 (timeout 0.1 mitmproxy --set confdir="$HOME/.mitmproxy" 2>/dev/null; true) 126 fi 127 128 networksetup -setwebproxy "$MITM_SERVICE" localhost 8080 && 129 networksetup -setsecurewebproxy "$MITM_SERVICE" localhost 8080 && 130 sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain "$MITM_CERT" && 131 echo "mitmproxy enabled and cert added" 132 } 133 134 mitmdown() { 135 networksetup -setwebproxystate "$MITM_SERVICE" off && 136 networksetup -setsecurewebproxystate "$MITM_SERVICE" off && 137 sudo security delete-certificate -c mitmproxy /Library/Keychains/System.keychain && 138 echo "mitmproxy disabled and cert removed" 139 } 140 141 mitmstatus() { 142 GREEN='\033[0;32m' 143 RED='\033[0;31m' 144 NC='\033[0m' # No Color 145 146 echo "========== Proxy Status ==========" 147 for proto in webproxy securewebproxy; do 148 proxy_status=$(networksetup -get''${proto} "$MITM_SERVICE") 149 enabled=$(echo "$proxy_status" | grep "Enabled: Yes") 150 PROTO_UPPER=$(echo "$proto" | tr '[:lower:]' '[:upper:]') 151 if [ -n "$enabled" ]; then 152 echo -e "''${PROTO_UPPER} : ''${GREEN}ENABLED''${NC}" 153 else 154 echo -e "''${PROTO_UPPER} : ''${RED}DISABLED''${NC}" 155 fi 156 echo "$proxy_status" | grep -E "Server:|Port:" 157 done 158 159 echo "========== mitmproxy Certificate ==========" 160 if security find-certificate -c mitmproxy /Library/Keychains/System.keychain > /dev/null 2>&1; then 161 echo -e "mitmproxy certificate: ''${GREEN}PRESENT''${NC}" 162 else 163 echo -e "mitmproxy certificate: ''${RED}NOT PRESENT''${NC}" 164 fi 165 166 echo "========== mitmproxy Process ==========" 167 if pgrep -f mitmproxy > /dev/null; then 168 echo -e "mitmproxy process: ''${GREEN}RUNNING''${NC}" 169 else 170 echo -e "mitmproxy process: ''${RED}NOT RUNNING''${NC}" 171 fi 172 echo "===========================================" 173 } 174 175 176 ''; 177 178 # Let Home Manager install and manage itself 179 programs.home-manager.enable = true; 180 181 # https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion 182 home.stateVersion = "23.05"; 183}