feat: full bootstrapping

2025-12-06 09:07:21 +01:00 · 2024-12-17 01:10:04 +01:00 · 2024-12-17 01:10:04 +01:00 · 67884944a3
commit 67884944a3
parent 2cdbae7747
16 changed files with 677 additions and 51 deletions
--- a/profiles/common/home/custom-packages.nix
+++ b/profiles/common/home/custom-packages.nix
@ -21,6 +21,8 @@
    ts2t
    vershell

+    bootstrap
+
    (pkgs.writeScriptBin "project" ''
      #! ${pkgs.bash}/bin/bash
      if [ "$1" == "rust" ]; then
--- a/profiles/common/home/emacs.nix
+++ b/profiles/common/home/emacs.nix
@ -1,5 +1,9 @@
-{ self, pkgs, ... }:
+{ self, config, pkgs, ... }:
 {
+
+  # needed for elfeed
+  sops.secrets.fever = { path = "${config.home.homeDirectory}/.emacs.d/.fever"; };
+
  # enable emacs overlay for bleeding edge features
  # also read init.el file and install use-package packages
  programs.emacs = {
--- a/profiles/common/home/settings.nix
+++ b/profiles/common/home/settings.nix
@ -1,4 +1,4 @@
-{ self, lib, config, pkgs, ... }:
+{ lib, config, pkgs, ... }:
 {
  nix = {
    package = lib.mkDefault pkgs.nix;
@ -20,7 +20,7 @@
    stateVersion = lib.mkDefault "23.05";
    keyboard.layout = "us";
    sessionVariables = {
-      FLAKE = "${self}";
+      FLAKE = "${config.home.homeDirectory}/.dotfiles";
    };
  };
 }
--- a/profiles/common/home/sops.nix
+++ b/profiles/common/home/sops.nix
@ -7,7 +7,7 @@ let
 in
 {
  sops = {
-    age.sshKeyPaths = [ "${config.home.homeDirectory}/.ssh/sops" ];
+    age.sshKeyPaths = [ "${config.home.homeDirectory}/.ssh/sops" "${config.home.homeDirectory}/.ssh/ssh_host_ed25519_key" ];
    defaultSopsFile = mkIfElse config.swarselsystems.isBtrfs "/persist/.dotfiles/secrets/general/secrets.yaml" "${config.home.homeDirectory}/.dotfiles/secrets/general/secrets.yaml";

    validateSopsFiles = false;
@ -17,7 +17,6 @@ in
      leon = { path = "/run/user/1000/secrets/leon"; };
      swarselmail = { path = "/run/user/1000/secrets/swarselmail"; };
      github_notif = { path = "/run/user/1000/secrets/github_notif"; };
-      fever = { path = "${config.home.homeDirectory}/.emacs.d/.fever"; };
    };
  };
 }
--- a/profiles/common/nixos/sops.nix
+++ b/profiles/common/nixos/sops.nix
@ -8,7 +8,7 @@ in
 {
  sops = {

-    age.sshKeyPaths = mkIfElse config.swarselsystems.isBtrfs [ "/persist/.ssh/sops" ] [ "${config.users.users.swarsel.home}/.ssh/sops" ];
+    age.sshKeyPaths = mkIfElse config.swarselsystems.isBtrfs [ "/persist/.ssh/sops" ] [ "${config.users.users.swarsel.home}/.ssh/sops" "/etc/ssh/ssh_host_ed25519_key" ];
    defaultSopsFile = mkIfElse config.swarselsystems.isBtrfs "/persist/.dotfiles/secrets/general/secrets.yaml" "${config.users.users.swarsel.home}/.dotfiles/secrets/general/secrets.yaml";

    validateSopsFiles = false;
--- a/profiles/common/nixos/users.nix
+++ b/profiles/common/nixos/users.nix
@ -7,6 +7,7 @@
    users.swarsel = {
      isNormalUser = true;
      description = "Leon S";
+      password = lib.mkIf config.swarselsystems.initialSetup "setup";
      hashedPasswordFile = lib.mkIf (!config.swarselsystems.initialSetup) config.sops.secrets.swarseluser.path;
      extraGroups = [ "networkmanager" "syncthing" "docker" "wheel" "lp" "audio" "video" "vboxusers" "libvirtd" "scanner" ];
      packages = with pkgs; [ ];