fix: re-enable secrets on standalone home-manager

modules/home/common/emacs.nix

@@ -6,7 +6,7 @@ in
   options.swarselsystems.modules.emacs = lib.mkEnableOption "emacs settings";
   config = lib.mkIf config.swarselsystems.modules.emacs {
     # needed for elfeed
-    sops.secrets.fever = lib.mkIf (!isPublic) { path = "${homeDir}/.emacs.d/.fever"; };
+    sops.secrets.fever-pw = lib.mkIf (!isPublic) { path = "${homeDir}/.emacs.d/.fever"; };
 
     # enable emacs overlay for bleeding edge features
     # also read init.el file and install use-package packages

modules/home/common/env.nix

@@ -1,7 +1,7 @@
-{ lib, config, nixosConfig, globals, ... }:
+{ lib, config, globals, ... }:
 let
-  inherit (nixosConfig.repo.secrets.common.mail) address1 address2 address3 address4 allMailAddresses;
-  inherit (nixosConfig.repo.secrets.common) fullName;
+  inherit (config.repo.secrets.common.mail) address1 address2 address3 address4 allMailAddresses;
+  inherit (config.repo.secrets.common) fullName;
   crocDomain = globals.services.croc.domain;
 in
 {

modules/home/common/gammastep.nix

@@ -1,6 +1,6 @@
-{ lib, config, nixosConfig, ... }:
+{ lib, config, ... }:
 let
-  inherit (nixosConfig.repo.secrets.common.location) latitude longitude;
+  inherit (config.repo.secrets.common.location) latitude longitude;
 in
 {
   options.swarselsystems.modules.gammastep = lib.mkEnableOption "gammastep settings";

modules/home/common/git.nix

@@ -1,7 +1,7 @@
-{ lib, config, nixosConfig, globals, minimal, ... }:
+{ lib, config, globals, minimal, ... }:
 let
-  inherit (nixosConfig.repo.secrets.common.mail) address1;
-  inherit (nixosConfig.repo.secrets.common) fullName;
+  inherit (config.repo.secrets.common.mail) address1;
+  inherit (config.repo.secrets.common) fullName;
 
   gitUser = globals.user.name;
 in

modules/home/common/mail.nix

@@ -1,7 +1,7 @@
-{ lib, config, nixosConfig, ... }:
+{ lib, config, ... }:
 let
-  inherit (nixosConfig.repo.secrets.common.mail) address1 address2 add2Name address3 add3Name address4;
-  inherit (nixosConfig.repo.secrets.common) fullName;
+  inherit (config.repo.secrets.common.mail) address1 address2 address2-name address3 address3-name address4 address4-user address4-host;
+  inherit (config.repo.secrets.common) fullName;
   inherit (config.swarselsystems) xdgDir;
 in
 {
@@ -9,10 +9,10 @@ in
   config = lib.mkIf config.swarselsystems.modules.mail {
 
     sops.secrets = lib.mkIf (!config.swarselsystems.isPublic) {
-      mrswarsel = { path = "${xdgDir}/secrets/mrswarsel"; };
-      nautilus = { path = "${xdgDir}/secrets/nautilus"; };
-      leon = { path = "${xdgDir}/secrets/leon"; };
-      swarselmail = { path = "${xdgDir}/secrets/swarselmail"; };
+      address1-token = { path = "${xdgDir}/secrets/address1-token"; };
+      address2-token = { path = "${xdgDir}/secrets/address2-token"; };
+      address3-token = { path = "${xdgDir}/secrets/address3-token"; };
+      address4-token = { path = "${xdgDir}/secrets/address4-token"; };
     };
 
     programs = {
@@ -42,7 +42,7 @@ in
             address = address1;
             userName = address1;
             realName = fullName;
-            passwordCommand = "cat ${config.sops.secrets.leon.path}";
+            passwordCommand = "cat ${config.sops.secrets.address1-token.path}";
             gpg = {
               key = "0x76FD3810215AE097";
               signByDefault = true;
@@ -72,11 +72,11 @@ in
 
           swarsel = {
             address = address4;
-            userName = "8227dc594dd515ce232eda1471cb9a19";
+            userName = address4-user;
             realName = fullName;
-            passwordCommand = "cat ${config.sops.secrets.swarselmail.path}";
+            passwordCommand = "cat ${config.sops.secrets.address4-token.path}";
             smtp = {
-              host = "in-v3.mailjet.com";
+              host = address4-host;
               port = 587;
               tls = {
                 enable = true;
@@ -96,8 +96,8 @@ in
             primary = false;
             address = address2;
             userName = address2;
-            realName = add2Name;
-            passwordCommand = "cat ${config.sops.secrets.nautilus.path}";
+            realName = address2-name;
+            passwordCommand = "cat ${config.sops.secrets.address2-token.path}";
             imap.host = "imap.gmail.com";
             smtp.host = "smtp.gmail.com";
             msmtp.enable = true;
@@ -123,8 +123,8 @@ in
             primary = false;
             address = address3;
             userName = address3;
-            realName = add3Name;
-            passwordCommand = "cat ${config.sops.secrets.mrswarsel.path}";
+            realName = address3-name;
+            passwordCommand = "cat ${config.sops.secrets.address3-token.path}";
             imap.host = "imap.gmail.com";
             smtp.host = "smtp.gmail.com";
             msmtp.enable = true;

modules/home/common/settings.nix

@@ -1,4 +1,4 @@
-{ lib, config, ... }:
+{ self, lib, pkgs, config, ... }:
 let
   inherit (config.swarselsystems) mainUser;
 in
@@ -6,6 +6,14 @@ in
   options.swarselsystems.modules.general = lib.mkEnableOption "general nix settings";
   config = lib.mkIf config.swarselsystems.modules.general {
     nix = lib.mkIf (!config.swarselsystems.isNixos) {
+      package = lib.mkForce pkgs.nixVersions.nix_2_28;
+      extraOptions = ''
+        plugin-files = ${pkgs.nix-plugins.overrideAttrs (o: {
+          buildInputs = [pkgs.nixVersions.nix_2_28 pkgs.boost];
+          patches = (o.patches or []) ++ ["${self}/nix/nix-plugins.patch"];
+        })}/lib/nix/plugins
+        extra-builtins-file = ${self + /nix/extra-builtins.nix}
+      '';
       settings = {
         experimental-features = [
           "nix-command"
@@ -17,7 +25,7 @@ in
         trusted-users = [ "@wheel" "${mainUser}" ];
         connect-timeout = 5;
         bash-prompt-prefix = "$SHLVL:\\w ";
-        bash-prompt = "$(if [[ $? -gt 0 ]]; then printf \"\"; else printf \"\"; fi)\[\e[1m\]λ\[\e[0m\] ";
+        bash-prompt = "$(if [[ $? -gt 0 ]]; then printf \"\"; else printf \"\"; fi)λ ";
         fallback = true;
         min-free = 128000000;
         max-free = 1000000000;

modules/home/common/waybar.nix

@@ -61,7 +61,7 @@ in
     };
 
     sops.secrets = lib.mkIf (!config.swarselsystems.isPublic) {
-      github_notif = { path = "${xdgDir}/secrets/github_notif"; };
+      github-notifications-token = { path = "${xdgDir}/secrets/github-notifications-token"; };
     };
 
     programs.waybar = {

modules/home/common/yubikey.nix

@@ -1,4 +1,4 @@
-{ lib, config, nixosConfig, ... }:
+{ lib, config, ... }:
 let
   inherit (config.swarselsystems) homeDir;
 in
@@ -8,13 +8,13 @@ in
   config = lib.mkIf config.swarselsystems.modules.yubikey {
 
     sops.secrets = lib.mkIf (!config.swarselsystems.isPublic) {
-      u2f_keys = { path = "${homeDir}/.config/Yubico/u2f_keys"; };
+      u2f-keys = { path = "${homeDir}/.config/Yubico/u2f_keys"; };
     };
 
     pam.yubico.authorizedYubiKeys = lib.mkIf (config.swarselsystems.isNixos && !config.swarselsystems.isPublic) {
       ids = [
-        nixosConfig.repo.secrets.common.yubikeys.dev1
-        nixosConfig.repo.secrets.common.yubikeys.dev2
+        config.repo.secrets.common.yubikeys.dev1
+        config.repo.secrets.common.yubikeys.dev2
       ];
     };
   };

modules/home/optional/work.nix

@@ -1,7 +1,7 @@
-{ self, config, pkgs, lib, nixosConfig, ... }:
+{ self, config, pkgs, lib, ... }:
 let
   inherit (config.swarselsystems) homeDir;
-  inherit (nixosConfig.repo.secrets.local.work) user1 user1Long user2 user2Long user3 user3Long user4 path1 loc1 loc2 site1 site2 site3 site4 site5 site6 site7 lifecycle1 lifecycle2 domain1 domain2 gitMail;
+  inherit (config.repo.secrets.local.work) user1 user1Long user2 user2Long user3 user3Long user4 path1 loc1 loc2 site1 site2 site3 site4 site5 site6 site7 lifecycle1 lifecycle2 domain1 domain2 gitMail;
 in
 {
   options.swarselsystems.modules.optional.work = lib.mkEnableOption "optional work settings";