thiago/nix-conf
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat: add sops, nitrokey support, update deps

Browse source 
* add `.sops.yaml`, secrets, pgp keys
* add nitrokey + smartcard pkgs, udev rules
* update flake inputs
* comment out ollama-cuda
This commit is contained in:
Thiago Sposito 2025-09-24 00:48:23 -03:00
parent 0f49cae653
commit 2a8494b24b
Signed by: thiago
GPG key ID: 3065EA73A976D430
9 changed files with 31 additions and 16 deletions
Download patch file Download diff file Expand all files Collapse all files

6
.sops.yaml Normal file
View file

@ -0,0 +1,6 @@
creation_rules:
- path_regex: secrets/.*$
key_groups:
- pgp:
- "B18A04BEE8CC097A9A1F692D459A665D838AC3F3"
- "F7508C2BD420864F27996BF4D1C47EF7DDD3DF93"

18
flake.lock generated
View file

@ -46,11 +46,11 @@
]
},
"locked": {
"lastModified": 1758375677,
"narHash": "sha256-BLtD+6qWz7fQjPk2wpwyXQLGI0E30Ikgf2ppn2nVadI=",
"lastModified": 1758676806,
"narHash": "sha256-XhSTUBFOtuumxAUVxTVD5k7nE/FgK11YUxAgzNQcmLU=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "edc7468e12be92e926847cb02418e649b02b59dd",
"rev": "676c0159ed51d10489a249ecdc61e115c2a90d03",
"type": "github"
},
"original": {
@ -90,11 +90,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1758277210,
"narHash": "sha256-iCGWf/LTy+aY0zFu8q12lK8KuZp7yvdhStehhyX1v8w=",
"lastModified": 1758427187,
"narHash": "sha256-pHpxZ/IyCwoTQPtFIAG2QaxuSm8jWzrzBGjwQZIttJc=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "8eaee110344796db060382e15d3af0a9fc396e0e",
"rev": "554be6495561ff07b6c724047bdd7e0716aa7b46",
"type": "github"
},
"original": {
@ -114,11 +114,11 @@
"systems": "systems_2"
},
"locked": {
"lastModified": 1758405527,
"narHash": "sha256-3OMGX/chlzLpL7OMjXUfcI+xGu5GMeldCnBQ5kM9lZE=",
"lastModified": 1758665797,
"narHash": "sha256-RIN05AhWIFCXL2OOXGoFdF/k8Q6OBhi/WcRtsYuTF5Q=",
"owner": "nix-community",
"repo": "nixvim",
"rev": "fd0c42355026185678e93bca152cbdb3b1a67563",
"rev": "0c15f88f1fc01c8799c5ce2a432fadc47f20e307",
"type": "github"
},
"original": {

2
home-manager/home.nix
View file

@ -35,9 +35,11 @@
libinput
nerd-fonts.fira-code
nil
nitrokey-app2
nixd
nixpkgs-fmt
nixfmt-rfc-style
nodejs_20
nordic
obsidian
pinentry-curses

2
home-manager/nixstation.nix
View file

@ -11,7 +11,6 @@
pkg:
builtins.elem (lib.getName pkg) [
"code-cursor"
"ollama-cuda"
"steam-original"
"steam-run"
"steam"
@ -20,7 +19,6 @@
home.packages = with pkgs; [
heroic
ollama-cuda
steam
];
}

1
home-manager/zsh.nix
View file

@ -17,6 +17,7 @@
initContent = ''
eval "$(direnv hook zsh)"
export GPG_TTY=$(tty)
export EDITOR="nvim -n -c 'set noswapfile nobackup nowritebackup'"
'';
shellAliases = {

2
hosts/Nixbook/default.nix
View file

@ -89,8 +89,6 @@
defaultSession = "gnome";
};
udev.packages = [ pkgs.libwacom ];
avahi = {
enable = true;
nssmdns4 = true;

2
hosts/Nixstation/default.nix
View file

@ -90,7 +90,7 @@
gdm.wayland = true;
defaultSession = "gnome";
};
udev.packages = [ pkgs.libwacom ];
avahi = {
enable = true;
nssmdns4 = true;

13
hosts/common/default.nix
View file

@ -16,17 +16,22 @@
value.source = value.flake;
}) config.nix.registry;
systemPackages = with pkgs; [
ccid
exfat
file
fuse3
gcsfuse
git
gnupg
hidapi
home-manager
keymapp
libnitrokey
libusb1
opensc
pciutils
pcsc-safenet
pcsclite
pcsctools
pkcs11helper
rclone
@ -45,7 +50,7 @@
nixPath = [ "/etc/nix/path" ];
settings = {
download-buffer-size = "512MiB";
download-buffer-size = "512M";
experimental-features = "nix-command flakes";
auto-optimise-store = true;
};
@ -65,10 +70,14 @@
pcscd.enable = true;
# xserver.displayManager.sessionCommands =
# "${pkgs.xorg.xmodmap}/bin/xmodmap -e 'keycode 64 = Alt_L'";
udev.packages = [
pkgs.libwacom
pkgs.nitrokey-udev-rules
];
};
users.groups.scard = { };
time.timeZone = "America/Sao_Paulo";
users.defaultUserShell = pkgs.zsh;
}

1
secrets Submodule

@ -0,0 +1 @@
Subproject commit b9fbd96fec611e4c85a129150a2d0e01242be6b2