chore: backup work done so far

2025-12-06 09:07:21 +01:00 · 2025-12-02 17:36:59 +01:00 · 2025-12-02 17:36:59 +01:00 · 5d27d18f85
commit 5d27d18f85
parent 9acfc5f934
77 changed files with 4005 additions and 2937 deletions
--- a/modules/home/common/anki.nix
+++ b/modules/home/common/anki.nix
@ -1,4 +1,4 @@
-{ lib, config, pkgs, globals, inputs, confLib, ... }:
+{ lib, config, pkgs, globals, confLib, type, ... }:
 let
  moduleName = "anki";
  inherit (config.swarselsystems) isPublic isNixos;
@ -54,7 +54,7 @@ in
              })
          ];
      };
-    } // lib.optionalAttrs (inputs ? sops) {
+    } // lib.optionalAttrs (type != "nixos") {
      sops = lib.mkIf (!isPublic && !isNixos) {
        secrets = {
          anki-user = { };
--- a/modules/home/common/emacs.nix
+++ b/modules/home/common/emacs.nix
@ -1,4 +1,4 @@
-{ self, lib, config, pkgs, globals, inputs, ... }:
+{ self, lib, config, pkgs, globals, inputs, type, ... }:
 let
  inherit (config.swarselsystems) homeDir mainUser isPublic isNixos;
  inherit (config.repo.secrets.common.emacs) radicaleUser;
@ -103,7 +103,7 @@ in
      startWithUserSession = "graphical";
    };

-  } // lib.optionalAttrs (inputs ? sops) {
+  } // lib.optionalAttrs (type != "nixos") {

    sops = lib.mkIf (!isPublic && !isNixos) {
      secrets = {
--- a/modules/home/common/gpg-agent.nix
+++ b/modules/home/common/gpg-agent.nix
@ -30,7 +30,7 @@ in
      enable = true;
      publicKeys = [
        {
-          source = "${self}/secrets/keys/gpg/gpg-public-key-0x76FD3810215AE097.asc";
+          source = "${self}/secrets/public/gpg/gpg-public-key-0x76FD3810215AE097.asc";
          trust = 5;
        }
      ];
--- a/modules/home/common/mail.nix
+++ b/modules/home/common/mail.nix
@ -1,4 +1,4 @@
-{ lib, config, inputs, globals, confLib, ... }:
+{ lib, config, globals, confLib, type, ... }:
 let
  inherit (confLib.getConfig.repo.secrets.common.mail) address1 address2 address2-name address3 address3-name address4;
  inherit (confLib.getConfig.repo.secrets.common) fullName;
@ -200,7 +200,7 @@ in
            };
          };
      };
-    } // lib.optionalAttrs (inputs ? sops) {
+    } // lib.optionalAttrs (type != "nixos") {
      sops.secrets = lib.mkIf (!config.swarselsystems.isPublic && !config.swarselsystems.isNixos) {
        address1-token = { path = "${xdgDir}/secrets/address1-token"; };
        address2-token = { path = "${xdgDir}/secrets/address2-token"; };
--- a/modules/home/common/settings.nix
+++ b/modules/home/common/settings.nix
@ -43,11 +43,11 @@ in
          trusted-users = [
            "@wheel"
            "${mainUser}"
-            (lib.mkIf config.swarselmodules.server.ssh-builder "builder")
+            (lib.mkIf ((config.swarselmodules ? server) ? ssh-builder) "builder")
          ];
          connect-timeout = 5;
-          bash-prompt-prefix = "[33m$SHLVL:\\w [0m";
-          bash-prompt = "$(if [[ $? -gt 0 ]]; then printf \"[31m\"; else printf \"[32m\"; fi)λ [0m";
+          bash-prompt-prefix = lib.mkIf config.swarselsystems.isClient "[33m$SHLVL:\\w [0m";
+          bash-prompt = lib.mkIf config.swarselsystems.isClient "$(if [[ $? -gt 0 ]]; then printf \"[31m\"; else printf \"[32m\"; fi)λ [0m";
          fallback = true;
          min-free = 128000000;
          max-free = 1000000000;
--- a/modules/home/common/sops.nix
+++ b/modules/home/common/sops.nix
@ -1,13 +1,13 @@
-{ config, lib, inputs, ... }:
+{ config, lib, type, ... }:
 let
  inherit (config.swarselsystems) homeDir;
 in
 {
  options.swarselmodules.sops = lib.mkEnableOption "sops settings";
-  config = lib.optionalAttrs (inputs ? sops) {
-    sops = {
-      age.sshKeyPaths = [ "${homeDir}/.ssh/sops" "${if config.swarselsystems.isImpermanence then "/persist" else ""}${homeDir}/.ssh/ssh_host_ed25519_key" ];
-      defaultSopsFile = "${if config.swarselsystems.isImpermanence then "/persist" else ""}${homeDir}/.dotfiles/secrets/general/secrets.yaml";
+  config = lib.optionalAttrs (type != "nixos") {
+    sops = lib.mkIf (!config.swarselsystems.isNixos) {
+      age.sshKeyPaths = [ "${if config.swarselsystems.isImpermanence then "/persist" else ""}${homeDir}/.ssh/sops" ];
+      defaultSopsFile = "${if config.swarselsystems.isImpermanence then "/persist" else ""}${homeDir}/.dotfiles/secrets/repo/common.yaml";

      validateSopsFiles = false;
    };
--- a/modules/home/common/ssh.nix
+++ b/modules/home/common/ssh.nix
@ -1,4 +1,4 @@
-{ inputs, lib, config, confLib, ... }:
+{ lib, config, confLib, type, ... }:
 {
  options.swarselmodules.ssh = lib.mkEnableOption "ssh settings";
  config = lib.mkIf config.swarselmodules.ssh ({
@ -24,7 +24,7 @@
        };
      } // confLib.getConfig.repo.secrets.common.ssh.hosts;
    };
-  } // lib.optionalAttrs (inputs ? sops) {
+  } // lib.optionalAttrs (type != "nixos") {
    sops.secrets = lib.mkIf (!config.swarselsystems.isPublic && !config.swarselsystems.isNixos) {
      builder-key = { path = "${config.home.homeDirectory}/.ssh/builder"; mode = "0600"; };
    };
--- a/modules/home/common/waybar.nix
+++ b/modules/home/common/waybar.nix
@ -1,4 +1,4 @@
-{ self, config, lib, inputs, pkgs, ... }:
+{ self, config, lib, pkgs, type, ... }:
 let
  inherit (config.swarselsystems) xdgDir;
  generateIcons = n: lib.concatStringsSep " " (builtins.map (x: "{icon" + toString x + "}") (lib.range 0 (n - 1)));
@ -320,7 +320,7 @@ in
      };
      style = builtins.readFile (self + /files/waybar/style.css);
    };
-  } // lib.optionalAttrs (inputs ? sops) {
+  } // lib.optionalAttrs (type != "nixos") {
    sops.secrets = lib.mkIf (!config.swarselsystems.isPublic && !config.swarselsystems.isNixos) {
      github-notifications-token = { path = "${xdgDir}/secrets/github-notifications-token"; };
    };
--- a/modules/home/common/yubikey.nix
+++ b/modules/home/common/yubikey.nix
@ -1,4 +1,4 @@
-{ lib, config, inputs, confLib, ... }:
+{ lib, config, confLib, type, ... }:
 let
  inherit (config.swarselsystems) homeDir;
 in
@ -13,7 +13,7 @@ in
        confLib.getConfig.secrets.common.yubikeys.dev2
      ];
    };
-  } // lib.optionalAttrs (inputs ? sops) {
+  } // lib.optionalAttrs (type != "nixos") {
    sops.secrets = lib.mkIf (!config.swarselsystems.isPublic) {
      u2f-keys = { path = "${homeDir}/.config/Yubico/u2f_keys"; };
    };
--- a/modules/home/common/zsh.nix
+++ b/modules/home/common/zsh.nix
@ -1,4 +1,4 @@
-{ config, pkgs, lib, minimal, inputs, globals, confLib, ... }:
+{ config, pkgs, lib, minimal, globals, confLib, type, ... }:
 let
  inherit (config.swarselsystems) flakePath isNixos;
  crocDomain = globals.services.croc.domain;
@ -133,9 +133,9 @@ in
          # QTWEBENGINE_CHROMIUM_FLAGS = "--no-sandbox";
        };
      };
-    } // lib.optionalAttrs (inputs ? sops) {
+    } // lib.optionalAttrs (type != "nixos") {

-      sops.secrets = lib.mkIf (!config.swarselsystems.isPublic && !config.swarselsystems.isNixos) {
+      sops.secrets = lib.mkIf (!config.swarselsystems.isPublic) {
        croc-password = { };
        github-nixpkgs-review-token = { };
      };
--- a/modules/home/optional/work.nix
+++ b/modules/home/optional/work.nix
@ -1,10 +1,10 @@
-{ self, inputs, config, pkgs, lib, vars, confLib, ... }:
+{ self, config, pkgs, lib, vars, confLib, type, ... }:
 let
  inherit (config.swarselsystems) homeDir mainUser;
  inherit (confLib.getConfig.repo.secrets.local.mail) allMailAddresses;
  inherit (confLib.getConfig.repo.secrets.local.work) mailAddress;

-  certsSopsFile = self + /secrets/certs/secrets.yaml;
+  certsSopsFile = self + /secrets/repo/certs.yaml;
 in
 {
  options.swarselmodules.optional-work = lib.swarselsystems.mkTrueOption;
@ -652,7 +652,7 @@ in
      };

    };
-  } // lib.optionalAttrs (inputs ? sops) {
+  } // lib.optionalAttrs (type != "nixos") {
    sops.secrets = lib.mkIf (!config.swarselsystems.isPublic && !config.swarselsystems.isNixos) {
      harica-root-ca = {
        sopsFile = certsSopsFile;