From 574e91135fff09e98e2087a6c8669ded70062125 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jonas=20R=C3=B6ger?= Date: Fri, 27 Mar 2026 23:50:55 +0100 Subject: [PATCH] dend: cs home part --- home/jonas@comfy-station/configuration.nix | 21 +-- home/jonas@comfy-station/default.nix | 7 + hosts/comfy-station/default.nix | 1 + modules/desktop/kdeconnect.nix | 15 ++ modules/hardware/yubikey.nix | 65 +++++++- modules/networking/ssh.nix | 47 ++++++ modules/programs/firefox.nix | 87 ++++++++++ modules/programs/ranger.nix | 63 +++++++ .../omz_custom/themes/my_bureau.zsh-theme | 154 ++++++++++++++++++ modules/zsh/zsh.nix | 74 +++++++++ 10 files changed, 517 insertions(+), 17 deletions(-) create mode 100644 modules/desktop/kdeconnect.nix create mode 100644 modules/networking/ssh.nix create mode 100644 modules/programs/firefox.nix create mode 100644 modules/programs/ranger.nix create mode 100644 modules/zsh/static/omz_custom/themes/my_bureau.zsh-theme create mode 100644 modules/zsh/zsh.nix diff --git a/home/jonas@comfy-station/configuration.nix b/home/jonas@comfy-station/configuration.nix index 00ad23d..b782c61 100644 --- a/home/jonas@comfy-station/configuration.nix +++ b/home/jonas@comfy-station/configuration.nix @@ -17,22 +17,11 @@ }; # hive modules - #hive.firefox = { - # enable = true; - # plasmaIntegration = true; - # passFF = true; - #}; - #hive.kdeconnect.enable = true; - #hive.ranger.enable = true; - #hive.ssh = { - # enable = true; - # sopsFile = ../secrets/jonas/ssh.yaml; - # keys = ["borg" "passgit"]; - #}; - #hive.yubikey.enable = true; - #hive.yubikey.withCCID = false; - #hive.zsh.enable = true; - #hive.nix-scripts.enable = true; + hive.ssh = { + sopsFile = ../../secrets/jonas/ssh.yaml; + keys = ["borg" "passgit"]; + }; + hive.yubikey.withCCID = false; #hive.doom.enable = true; #hive.doom.asDefaultEditor = true; #hive.doom.enableCopilot = true; diff --git a/home/jonas@comfy-station/default.nix b/home/jonas@comfy-station/default.nix index a5adc3d..33b288f 100644 --- a/home/jonas@comfy-station/default.nix +++ b/home/jonas@comfy-station/default.nix @@ -20,6 +20,13 @@ self.homeModules.wofi self.homeModules.kitty self.homeModules.nextcloud-client + self.homeModules.firefox + self.homeModules.kdeconnect + self.homeModules.ranger + self.homeModules.ssh + self.homeModules.yubikey + self.homeModules.zsh + self.homeModules.nix-scripts ]; }; } diff --git a/hosts/comfy-station/default.nix b/hosts/comfy-station/default.nix index 2d2b1bf..e787f3b 100644 --- a/hosts/comfy-station/default.nix +++ b/hosts/comfy-station/default.nix @@ -25,6 +25,7 @@ self.nixosModules.creative self.nixosModules.openhantek self.nixosModules.firefox + self.nixosModules.kdeconnect ]; }; } diff --git a/modules/desktop/kdeconnect.nix b/modules/desktop/kdeconnect.nix new file mode 100644 index 0000000..f13409a --- /dev/null +++ b/modules/desktop/kdeconnect.nix @@ -0,0 +1,15 @@ +{ + flake.homeModules.kdeconnect = { + services.kdeconnect.indicator = true; + }; + + flake.nixosModules.kdeconnect = { + pkgs, + lib, + ... + }: { + programs.kdeconnect.enable = true; + # Use qt-6 version + programs.kdeconnect.package = lib.mkForce pkgs.kdePackages.kdeconnect-kde; + }; +} diff --git a/modules/hardware/yubikey.nix b/modules/hardware/yubikey.nix index f372c13..c1dfb98 100644 --- a/modules/hardware/yubikey.nix +++ b/modules/hardware/yubikey.nix @@ -1,4 +1,4 @@ -{ +{self, ...}: { flake.nixosModules.yubikey = {pkgs, ...}: { services.udev.packages = with pkgs; [ yubikey-personalization @@ -17,4 +17,67 @@ enableSSHSupport = true; }; }; + + flake.homeModules.yubikey = { + config, + lib, + pkgs, + ... + }: let + cfg = config.hive.yubikey; + in { + options.hive.yubikey = with lib; { + pinentry = mkOption { + type = types.enum ["qt" "gnome3"]; + default = "qt"; + description = "The pinentry flavour to use"; + }; + withCCID = mkOption { + type = types.bool; + default = true; + description = "Use stand-alone CCID (instead of a running pcscd service)"; + }; + }; + + config = { + programs.gpg = { + enable = true; + mutableKeys = false; + mutableTrust = false; + publicKeys = [ + { + source = self + /static/keys/my_pub.asc; + trust = "ultimate"; + } + ]; + scdaemonSettings = lib.mkIf (!cfg.withCCID) { + disable-ccid = true; + }; + }; + services.gpg-agent = { + enable = true; + enableSshSupport = true; + enableZshIntegration = true; + pinentry = + if cfg.pinentry == "gnome3" + then { + package = pkgs.pinentry-gnome3; + program = "pinentry-gnome3"; + } + else if cfg.pinentry == "qt" + then { + package = pkgs.pinentry-qt; + program = "pinentry-qt"; + } + else {}; + sshKeys = [config.programs.git.signing.key]; + }; + home.sessionVariables = { + SSH_AUTH_SOCK = "$XDG_RUNTIME_DIR/gnupg/S.gpg-agent.ssh"; + }; + systemd.user.settings.Manager.DefaultEnvironment = { + SSH_AUTH_SOCK = "/run/user/%U/gnupg/S.gpg-agent.ssh"; + }; + }; + }; } diff --git a/modules/networking/ssh.nix b/modules/networking/ssh.nix new file mode 100644 index 0000000..8ef296d --- /dev/null +++ b/modules/networking/ssh.nix @@ -0,0 +1,47 @@ +{ + flake.homeModules.ssh = { + config, + lib, + ... + }: let + cfg = config.hive.ssh; + in { + options.hive.ssh = { + keys = lib.mkOption { + type = lib.types.listOf (lib.types.str); + default = []; + description = '' + A list of SSH key names. Each one results in a id_ file in .ssh + ''; + }; + sopsFile = lib.mkOption { + type = lib.types.path; + default = null; + description = '' + Path to the sops file containing the SSH keys. + Requires a config key. And for each private key names in an keys. entry. + ''; + }; + }; + + config = { + sops.secrets = + { + "ssh/config" = { + inherit (cfg) sopsFile; + key = "config"; + path = "${config.home.homeDirectory}/.ssh/config"; + }; + } + // builtins.listToAttrs (map (name: { + name = "ssh/id_${name}"; + value = { + inherit (cfg) sopsFile; + key = "keys/${name}"; + path = "${config.home.homeDirectory}/.ssh/id_${name}"; + }; + }) + cfg.keys); + }; + }; +} diff --git a/modules/programs/firefox.nix b/modules/programs/firefox.nix new file mode 100644 index 0000000..0c3effb --- /dev/null +++ b/modules/programs/firefox.nix @@ -0,0 +1,87 @@ +{inputs, ...}: { + flake.nixosModules.firefox = {pkgs, ...}: { + programs.firefox.enable = true; + programs.firefox.nativeMessagingHosts.packages = [pkgs.passff-host]; + }; + + flake.homeModules.firefox = { + programs.firefox = { + enable = true; + + # Default profile + profiles.jonas = { + name = "Jonas"; + id = 0; + isDefault = true; + + # Search + search = { + default = "ddg"; + order = ["ddg" "google"]; + force = true; + engines = { + "Nix Packages" = { + urls = [ + { + template = "https://search.nixos.org/packages"; + params = [ + { + name = "type"; + value = "packages"; + } + { + name = "query"; + value = "{searchTerms}"; + } + ]; + } + ]; + }; + "Noogle" = { + urls = [ + { + template = "https://noogle.dev/q"; + params = [ + { + name = "term"; + value = "{searchTerms}"; + } + ]; + } + ]; + }; + "cppreference" = { + urls = [ + { + template = "https://en.cppreference.com/mwiki/index.php"; + params = [ + { + name = "title"; + value = "Special%3ASearch"; + } + { + name = "search"; + value = "{searchTerms}"; + } + { + name = "Go"; + value = "go"; + } + ]; + } + ]; + }; + }; + }; + + # Extensions + extensions.packages = with inputs.firefox-addons.packages."x86_64-linux"; [ + ublock-origin + violentmonkey + plasma-integration + passff + ]; + }; + }; + }; +} diff --git a/modules/programs/ranger.nix b/modules/programs/ranger.nix new file mode 100644 index 0000000..6cf37f4 --- /dev/null +++ b/modules/programs/ranger.nix @@ -0,0 +1,63 @@ +{ + flake.homeModules.ranger = { + config, + lib, + ... + }: { + programs.ranger = { + enable = true; + settings = { + preview_images = true; + preview_images_method = + if config.programs.kitty.enable + then "kitty" + else "ueberzug"; + }; + extraConfig = lib.strings.concatStringsSep "\n" [ + "default_linemode devicons" + ]; + mappings = { + f = "console fzf_filter%space"; + }; + plugins = + [ + { + name = "ranger_fzf_filter"; + src = builtins.fetchGit { + url = "https://github.com/MuXiu1997/ranger-fzf-filter"; + rev = "bf16de2e4ace415b685ff7c58306d0c5146f9f43"; + }; + } + { + name = "ranger_archives"; + src = builtins.fetchGit { + url = "https://github.com/maximtrp/ranger-archives"; + rev = "b4e136b24fdca7670e0c6105fb496e5df356ef25"; + }; + } + { + name = "ranger_devicons"; + src = builtins.fetchGit { + url = "https://github.com/alexanderjeurissen/ranger_devicons"; + rev = "f227f212e14996fbb366f945ec3ecaf5dc5f44b0"; + }; + } + ] + ++ ( + if config.services.kdeconnect.enable + then + lib.lists.singleton + { + name = "ranger_kdeconnect.py"; + src = + builtins.fetchGit { + url = "https://github.com/bwconrad/ranger-kdeconnect"; + rev = "710c600bb894fed3e293f6518930c16a494dd154"; + } + + "/kdeconnect_send.py"; + } + else [] + ); + }; + }; +} diff --git a/modules/zsh/static/omz_custom/themes/my_bureau.zsh-theme b/modules/zsh/static/omz_custom/themes/my_bureau.zsh-theme new file mode 100644 index 0000000..874874a --- /dev/null +++ b/modules/zsh/static/omz_custom/themes/my_bureau.zsh-theme @@ -0,0 +1,154 @@ +# oh-my-zsh Bureau Theme + +### NVM + +ZSH_THEME_NVM_PROMPT_PREFIX="%B⬡%b " +ZSH_THEME_NVM_PROMPT_SUFFIX="" + +### Git [±master ▾●] + +ZSH_THEME_GIT_PROMPT_PREFIX="[%{$fg_bold[green]%}±%{$reset_color%}%{$fg_bold[white]%}" +ZSH_THEME_GIT_PROMPT_SUFFIX="%{$reset_color%}]" +ZSH_THEME_GIT_PROMPT_CLEAN="%{$fg_bold[green]%}✓%{$reset_color%}" +ZSH_THEME_GIT_PROMPT_AHEAD="%{$fg[cyan]%}▴%{$reset_color%}" +ZSH_THEME_GIT_PROMPT_BEHIND="%{$fg[magenta]%}▾%{$reset_color%}" +ZSH_THEME_GIT_PROMPT_STAGED="%{$fg_bold[green]%}●%{$reset_color%}" +ZSH_THEME_GIT_PROMPT_UNSTAGED="%{$fg_bold[yellow]%}●%{$reset_color%}" +ZSH_THEME_GIT_PROMPT_UNTRACKED="%{$fg_bold[red]%}●%{$reset_color%}" +ZSH_THEME_GIT_PROMPT_STASHED="(%{$fg_bold[blue]%}✹%{$reset_color%})" + +bureau_nix_shell () { + if [ -n "$IN_NIX_SHELL" ]; then + if [ -n "$out" ]; then + local name=$(basename $(realpath -mL "$out/../../")) + echo -n "[nix-shell@$name]" + else + echo -n "[nix-shell]" + fi + else + echo -n "" + fi +} + +bureau_nix_shell_prompt () { + if [ -n "$IN_NIX_SHELL" ]; then + echo -n "[nix]" + else + echo -n "" + fi +} + +bureau_git_info () { + local ref + ref=$(command git symbolic-ref HEAD 2> /dev/null) || \ + ref=$(command git rev-parse --short HEAD 2> /dev/null) || return + echo "${ref#refs/heads/}" +} + +bureau_git_status() { + local result gitstatus + gitstatus="$(command git status --porcelain -b 2>/dev/null)" + + # check status of files + local gitfiles="$(tail -n +2 <<< "$gitstatus")" + if [[ -n "$gitfiles" ]]; then + if [[ "$gitfiles" =~ $'(^|\n)[AMRD]. ' ]]; then + result+="$ZSH_THEME_GIT_PROMPT_STAGED" + fi + if [[ "$gitfiles" =~ $'(^|\n).[MTD] ' ]]; then + result+="$ZSH_THEME_GIT_PROMPT_UNSTAGED" + fi + if [[ "$gitfiles" =~ $'(^|\n)\\?\\? ' ]]; then + result+="$ZSH_THEME_GIT_PROMPT_UNTRACKED" + fi + if [[ "$gitfiles" =~ $'(^|\n)UU ' ]]; then + result+="$ZSH_THEME_GIT_PROMPT_UNMERGED" + fi + else + result+="$ZSH_THEME_GIT_PROMPT_CLEAN" + fi + + # check status of local repository + local gitbranch="$(head -n 1 <<< "$gitstatus")" + if [[ "$gitbranch" =~ '^## .*ahead' ]]; then + result+="$ZSH_THEME_GIT_PROMPT_AHEAD" + fi + if [[ "$gitbranch" =~ '^## .*behind' ]]; then + result+="$ZSH_THEME_GIT_PROMPT_BEHIND" + fi + if [[ "$gitbranch" =~ '^## .*diverged' ]]; then + result+="$ZSH_THEME_GIT_PROMPT_DIVERGED" + fi + + # check if there are stashed changes + if command git rev-parse --verify refs/stash &> /dev/null; then + result+="$ZSH_THEME_GIT_PROMPT_STASHED" + fi + + echo $result +} + +bureau_git_prompt() { + # ignore non git folders and hidden repos (adapted from lib/git.zsh) + if ! command git rev-parse --git-dir &> /dev/null \ + || [[ "$(command git config --get oh-my-zsh.hide-info 2>/dev/null)" == 1 ]]; then + return + fi + + # check git information + local gitinfo=$(bureau_git_info) + if [[ -z "$gitinfo" ]]; then + return + fi + + # quote % in git information + local output="${gitinfo:gs/%/%%}" + + # check git status + local gitstatus=$(bureau_git_status) + if [[ -n "$gitstatus" ]]; then + output+=" $gitstatus" + fi + + echo "${ZSH_THEME_GIT_PROMPT_PREFIX}${output}${ZSH_THEME_GIT_PROMPT_SUFFIX}" +} + + +_PATH="%{$fg_bold[white]%}%~%{$reset_color%}" + +if [[ $EUID -eq 0 ]]; then + _USERNAME="%{$fg_bold[red]%}%n" + _LIBERTY="%{$fg[red]%}#" +else + _USERNAME="%{$fg_bold[white]%}%n" + _LIBERTY="%{$fg[green]%}$" +fi +_USERNAME="$_USERNAME%{$reset_color%}@%m" +_LIBERTY="$_LIBERTY%{$reset_color%}" + + +get_space () { + local STR=$1$2 + local zero='%([BSUbfksu]|([FB]|){*})' + local LENGTH=${#${(S%%)STR//$~zero/}} + local SPACES=$(( COLUMNS - LENGTH - ${ZLE_RPROMPT_INDENT:-1} )) + + (( SPACES > 0 )) || return + printf ' %.0s' {1..$SPACES} +} + +_1LEFT="$_USERNAME $_PATH" +_1RIGHT="[%*]" + +bureau_precmd () { + _1SPACES=`get_space $_1LEFT $_1RIGHT` + print + print -rP "$_1LEFT$_1SPACES$_1RIGHT" +} + +setopt prompt_subst +PROMPT='$(bureau_nix_shell_prompt)> $_LIBERTY ' +RPROMPT='$(nvm_prompt_info) $(bureau_nix_shell) $(bureau_git_prompt)' + +autoload -U add-zsh-hook +add-zsh-hook precmd bureau_precmd diff --git a/modules/zsh/zsh.nix b/modules/zsh/zsh.nix new file mode 100644 index 0000000..6bc879d --- /dev/null +++ b/modules/zsh/zsh.nix @@ -0,0 +1,74 @@ +{ + flake.homeModules.zsh = { + config, + pkgs, + ... + }: let + omz_custom = "${config.home.homeDirectory}/.config/omz_custom"; + in { + home.file."${omz_custom}" = { + source = ./static/omz_custom; + recursive = true; + }; + + # direnv + programs.direnv = { + enable = true; + enableZshIntegration = true; + nix-direnv.enable = true; + }; + + # fancy ls command + programs.lsd = { + enable = true; + }; + + # Zsh + programs.zsh = { + enable = true; + enableCompletion = true; + syntaxHighlighting.enable = true; + + history.size = 10000; + history.path = "${config.xdg.dataHome}/zsh/history"; + oh-my-zsh = { + enable = true; + plugins = [ + "docker" + "docker-compose" + "fzf" + "git" + "pass" + "poetry" + "python" + "rust" + ]; + theme = "my_bureau"; + custom = omz_custom; + }; + }; + + home.packages = with pkgs; [ + bat + fzf + git + htop + killall + mmtui + nh + nix-output-monitor + nix-search-cli + nix-tree + nixpkgs-fmt + pass + pay-respects + ranger + unzip + vim + w3m + wget + yt-dlp + zip + ]; + }; +}