feat: hm init

2024-03-08 12:47:39 +01:00 · 2024-03-08 12:47:39 +01:00 · a519b03cdb
commit a519b03cdb
parent 586a01c702
5 changed files with 64 additions and 2 deletions
--- a/config/secrets/secrets.nix
+++ b/config/secrets/secrets.nix
@ -15,4 +15,5 @@ in {
  "services/invidious/password-database.age".publicKeys = default;
  "services/wakapi/password-salt.env.age".publicKeys = default;
  "system/password-root.age".publicKeys = default;
+  "system/password-winston.age".publicKeys = default;
 }
--- a/config/secrets/system/password-winston.age
+++ b/config/secrets/system/password-winston.age
@ -0,0 +1,8 @@
+age-encryption.org/v1
+-> piv-p256 ML6NcA Ahvh4LS3HPgfsYXd3rg6Pv8fh8YfebpV5uZxGB1PGqDU
+c2gaWpi0jw8rTABSp8dQjoVGr8XrfL3RNF7tTnY+0zU
+-> ssh-ed25519 zj2A2A 7LVJCgK9qXKrG78rAoAYHrUHL4dWEmqltoGdMWIKtGE
+xpLhCbxmnWb8RQhX6uWp5b7DZHfC+axrk+8Pu15eAo8
+--- 078hR/qMmp09Tpps7iYREHu2zLs34ggO1jrsgGm3ZOo
+èrô¾›^ÔñRœÑ°.€’<E282AC>›Üª<1A>ù•ZX<5A>|,i_(ÍæEM\)p£ïƒu h¼ApŽ%»t§ûeaZz€Êò{®‚ö6šì8'°Ø¥¢¥Šø
+€5½
r¦oˆ6¬tæ>’ôÙºjo[æC»<43><C2BB>øï€Ø›c™gZ%»t®«fTVá
--- a/config/users.nix
+++ b/config/users.nix
@ -2,13 +2,39 @@
  config,
  pkgs,
  ...
-}: {
+}: let
+  keys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILm0O46zW/XfVOSwz0okRWYeOAg+wCVkCtCAoVTpZsOh"];
+in {
  i18n.defaultLocale = "en_US.UTF-8";

  users.mutableUsers = false;
  users.users.root = {
-    openssh.authorizedKeys.keys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILm0O46zW/XfVOSwz0okRWYeOAg+wCVkCtCAoVTpZsOh"];
    hashedPasswordFile = config.age.secrets."system/password-root".path;
+    openssh.authorizedKeys.keys = keys;
    shell = pkgs.bash;
  };
+
+  users.users.winston = {
+    extraGroups = ["wheel"];
+    hashedPasswordFile = config.age.secrets."system/password-winston".path;
+    isNormalUser = true;
+    openssh.authorizedKeys.keys = keys;
+  };
+
+  home-manager = {
+    useGlobalPkgs = true;
+    useUserPackages = true;
+    users.winston = {
+      home.stateVersion = "23.11";
+      programs.fish = {
+        enable = true;
+        plugins = [
+          {
+            name = "plugin-git";
+            src = pkgs.fishPlugins.plugin-git.src;
+          }
+        ];
+      };
+    };
+  };
 }
--- a/flake.lock
+++ b/flake.lock
@ -82,6 +82,27 @@
        "type": "github"
      }
    },
+    "home-manager": {
+      "inputs": {
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1706981411,
+        "narHash": "sha256-cLbLPTL1CDmETVh4p0nQtvoF+FSEjsnJTFpTxhXywhQ=",
+        "owner": "nix-community",
+        "repo": "home-manager",
+        "rev": "652fda4ca6dafeb090943422c34ae9145787af37",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-community",
+        "ref": "release-23.11",
+        "repo": "home-manager",
+        "type": "github"
+      }
+    },
    "nixinate": {
      "inputs": {
        "nixpkgs": [
@ -167,6 +188,7 @@
        "agenix": "agenix",
        "flake-parts": "flake-parts",
        "flake-utils": "flake-utils",
+        "home-manager": "home-manager",
        "nixinate": "nixinate",
        "nixpkgs": "nixpkgs",
        "nixpkgs-unstable": "nixpkgs-unstable",
--- a/flake.nix
+++ b/flake.nix
@ -27,6 +27,7 @@
            ./config
            ./modules
            inputs.agenix.nixosModules.default
+            inputs.home-manager.nixosModules.home-manager
            inputs.valheim-server.nixosModules.default
            inputs.vscode-server.nixosModules.default
          ];
@ -75,6 +76,10 @@
  inputs = {
    nixpkgs.url = "github:nixos/nixpkgs/nixos-23.11";
    nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
+    home-manager = {
+      url = "github:nix-community/home-manager/release-23.11";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };

    flake-parts = {
      url = "github:hercules-ci/flake-parts";