swarsel/.dotfiles
1
0
Fork 0
mirror of https://github.com/Swarsel/.dotfiles.git synced 2025-12-06 09:07:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix: waybar github-notification, nixpkgs-review

Browse source
This commit is contained in:
Leon Schwarzäugl 2025-08-09 14:27:42 +02:00
parent 3957e1a4a7
commit ca2d20522c
Signed by: swarsel
GPG key ID: 26A54C31F2A4FD84
6 changed files with 27 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

16
SwarselSystems.org
View file

@ -3889,7 +3889,7 @@ in
} }
#+end_src #+end_src
**** Expose home-manager secrets in NixOS (automatically active) **** Expose home-manager sops secrets in NixOS (automatically active)
#+begin_src nix-ts :tangle modules/nixos/common/home-manager-secrets.nix #+begin_src nix-ts :tangle modules/nixos/common/home-manager-secrets.nix
{ lib, config, globals, ... }: { lib, config, globals, ... }:
@ -3913,6 +3913,7 @@ in
fever-pw = { path = "${homeDir}/.emacs.d/.fever"; owner = mainUser; }; fever-pw = { path = "${homeDir}/.emacs.d/.fever"; owner = mainUser; };
}) // (lib.optionalAttrs modules.zsh { }) // (lib.optionalAttrs modules.zsh {
croc-password = { owner = mainUser; }; croc-password = { owner = mainUser; };
github-nixpkgs-review-token = { owner = mainUser; };
}) // (lib.optionalAttrs modules.emacs { }) // (lib.optionalAttrs modules.emacs {
emacs-radicale-pw = { owner = mainUser; }; emacs-radicale-pw = { owner = mainUser; };
}); });
@ -4632,7 +4633,9 @@ Next, we will setup some environment variables that need to be set on the system
gst-plugins-ugly gst-plugins-ugly
gst-libav gst-libav
]); ]);
}; } // (lib.optionalAttrs (!config.swarselsystems.isPublic) {
GITHUB_NOTIFICATION_TOKEN_PATH = config.sops.secrets.github-notifications-token.path;
});
}; };
}; };
} }
@ -11210,6 +11213,7 @@ Sets environment variables. Here I am only setting the EDITOR variable, most var
SWARSEL_CAL3NAME = source3-name; SWARSEL_CAL3NAME = source3-name;
SWARSEL_FULLNAME = fullName; SWARSEL_FULLNAME = fullName;
SWARSEL_MAIL_ALL = allMailAddresses; SWARSEL_MAIL_ALL = allMailAddresses;
GITHUB_NOTIFICATION_TOKEN_PATH = nixosConfig.sops.secrets.github-notifications-token.path;
}; };
}; };
} }
@ -11681,6 +11685,7 @@ Currently I only use it as before with =initExtra= though.
sops.secrets = lib.mkIf (!config.swarselsystems.isPublic && !config.swarselsystems.isNixos) { sops.secrets = lib.mkIf (!config.swarselsystems.isPublic && !config.swarselsystems.isNixos) {
croc-password = { }; croc-password = { };
github-nixpkgs-review-token = { };
}; };
programs.zsh = { programs.zsh = {
@ -11715,8 +11720,10 @@ Currently I only use it as before with =initExtra= though.
boot-diff = "nix store diff-closures /run/*-system"; boot-diff = "nix store diff-closures /run/*-system";
gen-diff = "nix profile diff-closures --profile /nix/var/nix/profiles/system"; gen-diff = "nix profile diff-closures --profile /nix/var/nix/profiles/system";
cc = "wl-copy"; cc = "wl-copy";
topology = "nix build .#topology.x86_64-linux.config.output"; build-topology = "nix build .#topology.x86_64-linux.config.output";
iso = "nix build --print-out-paths .#live-iso"; build-iso = "nix build --print-out-paths .#live-iso";
nix-review- = "nix run nixpkgs#nixpkgs-review -- rev HEAD";
nix-review-post = "nix run nixpkgs#nixpkgs-review -- pr --post-result --systems linux";
} }
config.swarselsystems.shellAliases; config.swarselsystems.shellAliases;
autosuggestion.enable = true; autosuggestion.enable = true;
@ -11790,6 +11797,7 @@ Currently I only use it as before with =initExtra= though.
bindkey '^H' my-backward-delete-word bindkey '^H' my-backward-delete-word
export CROC_PASS="$(cat ${nixosConfig.sops.secrets.croc-password.path})" export CROC_PASS="$(cat ${nixosConfig.sops.secrets.croc-password.path})"
export GITHUB_TOKEN="$(cat ${nixosConfig.sops.secrets.github-nixpkgs-review-token.path})"
''; '';
}; };
}; };

1
modules/home/common/env.nix
View file

@ -31,6 +31,7 @@ in
SWARSEL_CAL3NAME = source3-name; SWARSEL_CAL3NAME = source3-name;
SWARSEL_FULLNAME = fullName; SWARSEL_FULLNAME = fullName;
SWARSEL_MAIL_ALL = allMailAddresses; SWARSEL_MAIL_ALL = allMailAddresses;
GITHUB_NOTIFICATION_TOKEN_PATH = nixosConfig.sops.secrets.github-notifications-token.path;
}; };
}; };
} }

8
modules/home/common/zsh.nix
View file

@ -15,6 +15,7 @@ in
sops.secrets = lib.mkIf (!config.swarselsystems.isPublic && !config.swarselsystems.isNixos) { sops.secrets = lib.mkIf (!config.swarselsystems.isPublic && !config.swarselsystems.isNixos) {
croc-password = { }; croc-password = { };
github-nixpkgs-review-token = { };
}; };
programs.zsh = { programs.zsh = {
@ -49,8 +50,10 @@ in
boot-diff = "nix store diff-closures /run/*-system"; boot-diff = "nix store diff-closures /run/*-system";
gen-diff = "nix profile diff-closures --profile /nix/var/nix/profiles/system"; gen-diff = "nix profile diff-closures --profile /nix/var/nix/profiles/system";
cc = "wl-copy"; cc = "wl-copy";
topology = "nix build .#topology.x86_64-linux.config.output"; build-topology = "nix build .#topology.x86_64-linux.config.output";
iso = "nix build --print-out-paths .#live-iso"; build-iso = "nix build --print-out-paths .#live-iso";
nix-review- = "nix run nixpkgs#nixpkgs-review -- rev HEAD";
nix-review-post = "nix run nixpkgs#nixpkgs-review -- pr --post-result --systems linux";
} }
config.swarselsystems.shellAliases; config.swarselsystems.shellAliases;
autosuggestion.enable = true; autosuggestion.enable = true;
@ -124,6 +127,7 @@ in
bindkey '^H' my-backward-delete-word bindkey '^H' my-backward-delete-word
export CROC_PASS="$(cat ${nixosConfig.sops.secrets.croc-password.path})" export CROC_PASS="$(cat ${nixosConfig.sops.secrets.croc-password.path})"
export GITHUB_TOKEN="$(cat ${nixosConfig.sops.secrets.github-nixpkgs-review-token.path})"
''; '';
}; };
}; };

4
modules/nixos/client/env.nix
View file

@ -13,7 +13,9 @@
gst-plugins-ugly gst-plugins-ugly
gst-libav gst-libav
]); ]);
}; } // (lib.optionalAttrs (!config.swarselsystems.isPublic) {
GITHUB_NOTIFICATION_TOKEN_PATH = config.sops.secrets.github-notifications-token.path;
});
}; };
}; };
} }

1
modules/nixos/common/home-manager-secrets.nix
View file

@ -19,6 +19,7 @@ in
fever-pw = { path = "${homeDir}/.emacs.d/.fever"; owner = mainUser; }; fever-pw = { path = "${homeDir}/.emacs.d/.fever"; owner = mainUser; };
}) // (lib.optionalAttrs modules.zsh { }) // (lib.optionalAttrs modules.zsh {
croc-password = { owner = mainUser; }; croc-password = { owner = mainUser; };
github-nixpkgs-review-token = { owner = mainUser; };
}) // (lib.optionalAttrs modules.emacs { }) // (lib.optionalAttrs modules.emacs {
emacs-radicale-pw = { owner = mainUser; }; emacs-radicale-pw = { owner = mainUser; };
}); });

6
secrets/general/secrets.yaml
View file

@ -22,6 +22,8 @@ croc-password: ENC[AES256_GCM,data:uz7vI2rrPi1uTKEks4IPnWOt/R6ydlp/cQ==,iv:ZE01X
github-api-token: ENC[AES256_GCM,data:9AhHkmv4JUjmir77INYflGvjNWW/E17FmfoXs5IUnAlL7B/l8s7UlVob0Az4lOUnm3+R0RWJz0HKMvOdZVZjd3RakdoWqvBHFqOVNF1MNthg2izIiaERsnDXcxj54qJfpD505xFSBWmnTKWVwRZlW5WEsFPuvaVy,iv:wzXT+qsn4VG+R8tGU33EWoaMKs4c/BB5W7f2JvuX2eY=,tag:EEhbktsmWHBwh0iBtfaXlA==,type:str] github-api-token: ENC[AES256_GCM,data:9AhHkmv4JUjmir77INYflGvjNWW/E17FmfoXs5IUnAlL7B/l8s7UlVob0Az4lOUnm3+R0RWJz0HKMvOdZVZjd3RakdoWqvBHFqOVNF1MNthg2izIiaERsnDXcxj54qJfpD505xFSBWmnTKWVwRZlW5WEsFPuvaVy,iv:wzXT+qsn4VG+R8tGU33EWoaMKs4c/BB5W7f2JvuX2eY=,tag:EEhbktsmWHBwh0iBtfaXlA==,type:str]
#ENC[AES256_GCM,data:vQF1i7rtfz/MBElKIN9j8N0=,iv:jf2SZpulx85yx2sHcnA3iwkiXJcHq4x1fdBUcSRuiK0=,tag:WpUNpH6/8jDvQA8zRGrdKg==,type:comment] #ENC[AES256_GCM,data:vQF1i7rtfz/MBElKIN9j8N0=,iv:jf2SZpulx85yx2sHcnA3iwkiXJcHq4x1fdBUcSRuiK0=,tag:WpUNpH6/8jDvQA8zRGrdKg==,type:comment]
emacs-radicale-pw: ENC[AES256_GCM,data:BIORG0geX8s1WOA=,iv:SeoVn8xHlqQGxZzHrm5I5LITMoutRnz3OygswDc96ew=,tag:C3S4a8IEvCjHgAyRrCaaRw==,type:str] emacs-radicale-pw: ENC[AES256_GCM,data:BIORG0geX8s1WOA=,iv:SeoVn8xHlqQGxZzHrm5I5LITMoutRnz3OygswDc96ew=,tag:C3S4a8IEvCjHgAyRrCaaRw==,type:str]
#ENC[AES256_GCM,data:qsBNKxd3Ng==,iv:1fNMDJt7vgKFSdghYBZsuDoZ1sWvzj1Zu8NmkjX6Zh8=,tag:0D7EsgN8B1z7/y4iZS/PtQ==,type:comment]
github-nixpkgs-review-token: ENC[AES256_GCM,data:/4ssZAEwEc9fZeR69GCvLMm4eRv4uabyDbGDGqfRUllO5DVSbZxO+A==,iv:mcARvAyPAB9pyCGFy2A/6qeZbSepHyWVNyusaQ5ze3I=,tag:o7AP6g8XHkPUaCnXK3CFig==,type:str]
sops: sops:
age: age:
- recipient: age1h72072slm2pthn9m2qwjsyy2dsazc6hz97kpzh4gksvv0r2jqecqul8w63 - recipient: age1h72072slm2pthn9m2qwjsyy2dsazc6hz97kpzh4gksvv0r2jqecqul8w63
@ -87,8 +89,8 @@ sops:
SjV6L3crUkdLWTlsNFgyRHBla2FFam8KILYsNbLdCirfoC/Vex8yEYpS2G4O0EQP SjV6L3crUkdLWTlsNFgyRHBla2FFam8KILYsNbLdCirfoC/Vex8yEYpS2G4O0EQP
wa1xzPk3Ue0/g67dv5UZFhUn0ZB2XGFC3kEPWpptTj0VL+9Z/r0zKA== wa1xzPk3Ue0/g67dv5UZFhUn0ZB2XGFC3kEPWpptTj0VL+9Z/r0zKA==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2025-07-22T05:16:03Z" lastmodified: "2025-08-05T09:33:50Z"
mac: ENC[AES256_GCM,data:CoOd5ki9DoSBzwTeTw3JDGPReJD4th+v20AItwIZBLX15eLb1KXANdz5ekHeFZ6ntHq4ij0FUH63W6ojpBdvzJS7GgboQyAThkyJSmqtr7lN9rTa3XZSIKDTZCKm4wrG60q17vUIZXPLxM+NN1Fp2oEyCwt1s7SHM11xJ3JdyBk=,iv:ofyAhu4pjzNAJguU5Z5H9Capqcky/mTMXHEYS/qhvNs=,tag:L9tZRzd5VgbB7lyCkT6yTA==,type:str] mac: ENC[AES256_GCM,data:rMtrDQtYsDyNqqVYKY9vg7fDGJjO2zQ+boN3j0dmYKyr5zzbbJAeCxAs3H/rNkgc3ril7sCfyAvP8n9KtYO6xmQuvu3Qgj2oqBiyvolfmYCArT0l7n+ImnNUGnFOfeugYPEIxvhDcEDK6dKiBMlEuyhtJ0hbVfvE4POQZi/jvMM=,iv:imWVUiFAbgzhPN/RNecx2LzCC5MJFg5nAIvGDCN2k0I=,tag:z0P180ZKj5p/g/E38CUjAQ==,type:str]
pgp: pgp:
- created_at: "2025-07-10T23:51:26Z" - created_at: "2025-07-10T23:51:26Z"
enc: |- enc: |-