commit 06e6d51a2a6201255e3b524ee6f1376f3822fb33 · kitten.sh/system

+28 -27

flake.lock

···

       14
       14
        
               "systems": "systems"

     

       15
       15
        
             },

     

       16
       16
        
             "locked": {

     

       17
       17
       -
               "lastModified": 1723293904,

     

       18
       18
       -
               "narHash": "sha256-b+uqzj+Wa6xgMS9aNbX4I+sXeb5biPDi39VgvSFqFvU=",

     

       17
       17
       +
               "lastModified": 1736955230,

     

       18
       18
       +
               "narHash": "sha256-uenf8fv2eG5bKM8C/UvFaiJMZ4IpUFaQxk9OH5t/1gA=",

     

       19
       19
        
               "owner": "ryantm",

     

       20
       20
        
               "repo": "agenix",

     

       21
       21
       -
               "rev": "f6291c5935fdc4e0bef208cfc0dcab7e3f7a1c41",

     

       21
       21
       +
               "rev": "e600439ec4c273cf11e06fe4d9d906fb98fa097c",

     

       22
       22
        
               "type": "github"

     

       23
       23
        
             },

     

       24
       24
        
             "original": {

     
···

       38
       38
        
               ]

     

       39
       39
        
             },

     

       40
       40
        
             "locked": {

     

       41
       41
       -
               "lastModified": 1737058742,

     

       42
       42
       -
               "narHash": "sha256-akgqrW8z7Nt6SrP56umZRcG4RYUW+nH2WbU4MNF3mPQ=",

     

       41
       41
       +
               "lastModified": 1738441082,

     

       42
       42
       +
               "narHash": "sha256-u9VxWHI/tuJOUCxUZwU/OdKDZgWOrh8ub7MKTSjBSK8=",

     

       43
       43
        
               "owner": "tadfisher",

     

       44
       44
        
               "repo": "android-nixpkgs",

     

       45
       45
       -
               "rev": "42733564fa7787454437727d09389c8a3663e225",

     

       45
       45
       +
               "rev": "113ee3d89d2df95ff6b6bc4432852bb880f1df54",

     

       46
       46
        
               "type": "github"

     

       47
       47
        
             },

     

       48
       48
        
             "original": {

     
···

       61
       61
        
               "rust-overlay": "rust-overlay"

     

       62
       62
        
             },

     

       63
       63
        
             "locked": {

     

       64
       64
       -
               "lastModified": 1735172763,

     

       65
       65
       -
               "narHash": "sha256-a6n8RsiAolz6p24Fsr/gTndx9xr9USpKqKK6kzBeXQc=",

     

       64
       64
       +
               "lastModified": 1737610453,

     

       65
       65
       +
               "narHash": "sha256-OLgl/kgjOmDFrkU04PlqVklXj1m9y8xF7xbD+blAdg8=",

     

       66
       66
        
               "owner": "tpwrules",

     

       67
       67
        
               "repo": "nixos-apple-silicon",

     

       68
       68
       -
               "rev": "3daf0637409689d7a1304cedc50d20542bc47905",

     

       68
       68
       +
               "rev": "1f7bdbb82f6b9ec1d8d206e2c64d36f13bae91a1",

     

       69
       69
        
               "type": "github"

     

       70
       70
        
             },

     

       71
       71
        
             "original": {

     
···

       112
       112
        
               ]

     

       113
       113
        
             },

     

       114
       114
        
             "locked": {

     

       115
       115
       -
               "lastModified": 1736085891,

     

       116
       116
       -
               "narHash": "sha256-bTl9fcUo767VaSx4Q5kFhwiDpFQhBKna7lNbGsqCQiA=",

     

       115
       115
       +
               "lastModified": 1738277753,

     

       116
       116
       +
               "narHash": "sha256-iyFcCOk0mmDiv4ut9mBEuMxMZIym3++0qN1rQBg8FW0=",

     

       117
       117
        
               "owner": "lnl7",

     

       118
       118
        
               "repo": "nix-darwin",

     

       119
       119
       -
               "rev": "ba9b3173b0f642ada42b78fb9dfc37ca82266f6c",

     

       119
       119
       +
               "rev": "49b807fa7c37568d7fbe2aeaafb9255c185412f9",

     

       120
       120
        
               "type": "github"

     

       121
       121
        
             },

     

       122
       122
        
             "original": {

     
···

       328
       328
        
               ]

     

       329
       329
        
             },

     

       330
       330
        
             "locked": {

     

       331
       331
       -
               "lastModified": 1735344290,

     

       332
       332
       -
               "narHash": "sha256-oJDtWPH1oJT34RJK1FSWjwX4qcGOBRkcNQPD0EbSfNM=",

     

       331
       331
       +
               "lastModified": 1736373539,

     

       332
       332
       +
               "narHash": "sha256-dinzAqCjenWDxuy+MqUQq0I4zUSfaCvN9rzuCmgMZJY=",

     

       333
       333
        
               "owner": "nix-community",

     

       334
       334
        
               "repo": "home-manager",

     

       335
       335
       -
               "rev": "613691f285dad87694c2ba1c9e6298d04736292d",

     

       335
       335
       +
               "rev": "bd65bc3cde04c16755955630b344bc9e35272c56",

     

       336
       336
        
               "type": "github"

     

       337
       337
        
             },

     

       338
       338
        
             "original": {

     
···

       352
       352
        
               ]

     

       353
       353
        
             },

     

       354
       354
        
             "locked": {

     

       355
       355
       -
               "lastModified": 1721810896,

     

       356
       356
       -
               "narHash": "sha256-HuI4ci+0OwWYJsRDPAdzq15OhQ6PrIN957o/ZDRgEPI=",

     

       355
       355
       +
               "lastModified": 1738491590,

     

       356
       356
       +
               "narHash": "sha256-4kfFt2XpLQt91rFBzJAn5RwQart1kHwsLp2oljlUETY=",

     

       357
       357
        
               "owner": "kitten",

     

       358
       358
        
               "repo": "language-servers.nix",

     

       359
       359
       -
               "rev": "b5783394d5706161ef9d572b514d2c7b7cb4cec9",

     

       359
       359
       +
               "rev": "98546154224afdc6637ebdb21932cd5a2452337a",

     

       360
       360
        
               "type": "github"

     

       361
       361
        
             },

     

       362
       362
        
             "original": {

     
···

       377
       377
        
               "rust-overlay": "rust-overlay_2"

     

       378
       378
        
             },

     

       379
       379
        
             "locked": {

     

       380
       380
       -
               "lastModified": 1734994463,

     

       381
       381
       -
               "narHash": "sha256-S9MgfQjNt4J3I7obdLOVY23h+Yl/hnyibwGfOl+1uOE=",

     

       380
       380
       +
               "lastModified": 1737639419,

     

       381
       381
       +
               "narHash": "sha256-AEEDktApTEZ5PZXNDkry2YV2k6t0dTgLPEmAZbnigXU=",

     

       382
       382
        
               "owner": "nix-community",

     

       383
       383
        
               "repo": "lanzaboote",

     

       384
       384
       -
               "rev": "93e6f0d77548be8757c11ebda5c4235ef4f3bc67",

     

       384
       384
       +
               "rev": "a65905a09e2c43ff63be8c0e86a93712361f871e",

     

       385
       385
        
               "type": "github"

     

       386
       386
        
             },

     

       387
       387
        
             "original": {

     

       388
       388
        
               "owner": "nix-community",

     

       389
       389
       +
               "ref": "v0.4.2",

     

       389
       390
        
               "repo": "lanzaboote",

     

       390
       391
        
               "type": "github"

     

       391
       392
        
             }

     
···

       475
       476
        
           },

     

       476
       477
        
           "nixos-hardware": {

     

       477
       478
        
             "locked": {

     

       478
       478
       -
               "lastModified": 1736283893,

     

       479
       479
       -
               "narHash": "sha256-BG1FfTexFwNty5VhYjaQLMR6CMPfI3QRcaZrFQYu2EM=",

     

       479
       479
       +
               "lastModified": 1738471961,

     

       480
       480
       +
               "narHash": "sha256-cgXDFrplNGs7bCVzXhRofjD8oJYqqXGcmUzXjHmip6Y=",

     

       480
       481
        
               "owner": "NixOS",

     

       481
       482
        
               "repo": "nixos-hardware",

     

       482
       482
       -
               "rev": "4f339f6be2b61662f957c2ee9eda0fa597d8a6d6",

     

       483
       483
       +
               "rev": "537286c3c59b40311e5418a180b38034661d2536",

     

       483
       484
        
               "type": "github"

     

       484
       485
        
             },

     

       485
       486
        
             "original": {

     
···

       491
       492
        
           },

     

       492
       493
        
           "nixpkgs": {

     

       493
       494
        
             "locked": {

     

       494
       494
       -
               "lastModified": 1737525964,

     

       495
       495
       -
               "narHash": "sha256-3wFonKmNRWKq1himW9N3TllbeGIHFACI5vmLpk6moF8=",

     

       495
       495
       +
               "lastModified": 1738297584,

     

       496
       496
       +
               "narHash": "sha256-AYvaFBzt8dU0fcSK2jKD0Vg23K2eIRxfsVXIPCW9a0E=",

     

       496
       497
        
               "owner": "nixos",

     

       497
       498
        
               "repo": "nixpkgs",

     

       498
       498
       -
               "rev": "5757bbb8bd7c0630a0cc4bb19c47e588db30b97c",

     

       499
       499
       +
               "rev": "9189ac18287c599860e878e905da550aa6dec1cd",

     

       499
       500
        
               "type": "github"

     

       500
       501
        
             },

     

       501
       502
        
             "original": {

+2 -6

flake.nix

···

       18
       18
        
           };

     

       19
       19
        
       

     

       20
       20
        
           lanzaboote = {

     

       21
       21
       -
             url = "github:nix-community/lanzaboote";

     

       21
       21
       +
             url = "github:nix-community/lanzaboote/v0.4.2";

     

       22
       22
        
             inputs.nixpkgs.follows = "nixpkgs";

     

       23
       23
        
           };

     

       24
       24
        
       

     
···

       81
       81
        
             inputs.lix-module.overlays.lixFromNixpkgs

     

       82
       82
        
             inputs.nvim-plugins.overlays.default

     

       83
       83
        
             inputs.android-sdk.overlays.default

     

       84
       84
       -
             (self: super: {

     

       85
       85
       -
               inherit (inputs.language-servers.packages.${self.system})

     

       86
       86
       -
                 typescript-language-server

     

       87
       87
       -
                 vscode-langservers-extracted;

     

       88
       88
       -
             })

     

       84
       84
       +
             inputs.language-servers.overlays.default

     

       89
       85
        
           ];

     

       90
       86
        
         in {

     

       91
       87
        
           darwinConfigurations."sprite" = mkSystem {

+25 -9

home/base/gpg.nix

···

       1
       1
       -
       { lib, config, ... }:

     

       1
       1
       +
       { lib, helpers, config, ... }:

     

       2
       2
        
       

     

       3
       3
        
       with lib;

     

       4
       4
        
       let

     
···

       14
       14
        
         };

     

       15
       15
        
       

     

       16
       16
        
         config = mkIf cfg.enable {

     

       17
       17
       -
           modules.git.signingKey = mkDefault "303B6A9A312AA035";

     

       17
       17
       +
           programs.gpg = {

     

       18
       18
       +
             enable = true;

     

       19
       19
       +
             homedir = home;

     

       20
       20
       +
             mutableKeys = true;

     

       21
       21
       +
           };

     

       18
       22
        
       

     

       19
       19
       -
           home.sessionVariables = {

     

       20
       20
       -
             GNUPGHOME = home;

     

       23
       23
       +
           services.gpg-agent = {

     

       24
       24
       +
             enable = true;

     

       25
       25
       +
             # See: https://github.com/nix-community/home-manager/pull/5901

     

       26
       26
       +
             enableSshSupport = !helpers.isDarwin;

     

       27
       27
       +
             verbose = true;

     

       28
       28
       +
             sshKeys = [

     

       29
       29
       +
               "E2BFF19637FDC25A02F45583176FAD1ED1F6BDD6"

     

       30
       30
       +
               "75EF1DBB30A59CFB56BCE06A88CCF363DA63B1A7"

     

       31
       31
       +
             ];

     

       21
       32
        
           };

     

       33
       33
       +
       

     

       34
       34
       +
           # See: https://github.com/nix-community/home-manager/pull/5901

     

       35
       35
       +
           programs.zsh.initExtra = let

     

       36
       36
       +
             gpgPkg = config.programs.gpg.package;

     

       37
       37
       +
           in optionalString helpers.isDarwin ''

     

       38
       38
       +
             ${gpgPkg}/bin/gpg-connect-agent --quiet updatestartuptty /bye > /dev/null 2>&1

     

       39
       39
       +
             export SSH_AUTH_SOCK=$(${gpgPkg}/bin/gpgconf --list-dirs agent-ssh-socket)

     

       40
       40
       +
           '';

     

       41
       41
       +
       

     

       42
       42
       +
           modules.git.signingKey = mkDefault "303B6A9A312AA035";

     

       22
       43
        
       

     

       23
       44
        
           age.secrets."pubring.kbx" = {

     

       24
       45
        
             symlink = true;

     
···

       43
       64
        
             path = "${home}/private-keys-v1.d/CA84692E3CC846C8EC7272468E962B63FC599E49.key";

     

       44
       65
        
             file = ./encrypt/CA84692E3CC846C8EC7272468E962B63FC599E49.key.age;

     

       45
       66
        
           };

     

       46
       46
       -
       

     

       47
       47
       -
           xdg.dataFile."gnupg/sshcontrol".text = ''

     

       48
       48
       -
             E2BFF19637FDC25A02F45583176FAD1ED1F6BDD6

     

       49
       49
       -
             75EF1DBB30A59CFB56BCE06A88CCF363DA63B1A7

     

       50
       50
       -
           '';

     

       51
       67
        
         };

     

       52
       68
        
       }

+2 -2

home/base/xdg.nix

···

       13
       13
        
             };

     

       14
       14
        
           };

     

       15
       15
        
           xdg.runtimeDir = mkOption {

     

       16
       16
       -
             type = types.nullOr types.string;

     

       17
       17
       -
             default = if helpers.isDarwin then "$(mktemp -d --suffix=$UID)" else null;

     

       16
       16
       +
             type = types.nullOr types.str;

     

       17
       17
       +
             default = if helpers.isDarwin then "$(mktemp -d)" else null;

     

       18
       18
        
             apply = (val: if val != null then (toString val) else null);

     

       19
       19
        
           };

     

       20
       20
        
         };

+1 -1

modules/base/certs.nix

···

       2
       2
        
       

     

       3
       3
        
       with lib;

     

       4
       4
        
       let

     

       5
       5
       -
         cfg = config.modules.gpg;

     

       5
       5
       +
         cfg = config.modules.certs;

     

       6
       6
        
       in {

     

       7
       7
        
         options.modules.certs = {

     

       8
       8
        
           enable = mkOption {

-1

modules/base/default.nix

···

       6
       6
        
           ./certs.nix

     

       7
       7
        
           ./shell.nix

     

       8
       8
        
           ./linux.nix

     

       9
       9
       -
           ./gpg.nix

     

       10
       9
        
         ];

     

       11
       10
        
       }

-27

modules/base/gpg.nix

···

       1
       1
       -
       { lib, config, pkgs, ... }:

     

       2
       2
       -
       

     

       3
       3
       -
       with lib;

     

       4
       4
       -
       let

     

       5
       5
       -
         cfg = config.modules.gpg;

     

       6
       6
       -
       in {

     

       7
       7
       -
         options.modules.gpg = {

     

       8
       8
       -
           enable = mkOption {

     

       9
       9
       -
             default = true;

     

       10
       10
       -
             description = "GnuPG";

     

       11
       11
       -
             type = types.bool;

     

       12
       12
       -
           };

     

       13
       13
       -
         };

     

       14
       14
       -
       

     

       15
       15
       -
         config = mkIf cfg.enable {

     

       16
       16
       -
           environment.systemPackages = [

     

       17
       17
       -
             pkgs.gnupg

     

       18
       18
       -
           ];

     

       19
       19
       -
       

     

       20
       20
       -
           programs.gnupg = {

     

       21
       21
       -
             agent = {

     

       22
       22
       -
               enable = true;

     

       23
       23
       -
               enableSSHSupport = true;

     

       24
       24
       -
             };

     

       25
       25
       -
           };

     

       26
       26
       -
         };

     

       27
       27
       -
       }

+4 -4

modules/nvim/default.nix

···

       12
       12
        
           nix_bins = {

     

       13
       13
        
             terraformls = '${pkgs.terraform-ls}/bin/terraform-ls',

     

       14
       14
        
             tsserver = '${pkgs.typescript-language-server}/bin/typescript-language-server',

     

       15
       15
       -
             eslintls = '${pkgs.vscode-langservers-extracted}/bin/vscode-eslint-language-server',

     

       16
       16
       -
             cssls = '${pkgs.vscode-langservers-extracted}/bin/vscode-css-language-server',

     

       17
       17
       -
             htmlls = '${pkgs.vscode-langservers-extracted}/bin/vscode-html-language-server',

     

       18
       18
       -
             jsonls = '${pkgs.vscode-langservers-extracted}/bin/vscode-json-language-server',

     

       15
       15
       +
             eslintls = '${pkgs.vscode-eslint-language-server}/bin/vscode-eslint-language-server',

     

       16
       16
       +
             cssls = '${pkgs.vscode-css-language-server}/bin/vscode-css-language-server',

     

       17
       17
       +
             htmlls = '${pkgs.vscode-html-language-server}/bin/vscode-html-language-server',

     

       18
       18
       +
             jsonls = '${pkgs.vscode-json-language-server}/bin/vscode-json-language-server',

     

       19
       19
        
             bunx = '${pkgs.bun}/bin/bunx',

     

       20
       20
        
             ripgrep = '${pkgs.ripgrep}/bin/rg',

     

       21
       21
        
             rustanalyzer = '${pkgs.rust-analyzer}/bin/rust-analyzer',