swarsel/.dotfiles
1
0
Fork 0
mirror of https://github.com/Swarsel/.dotfiles.git synced 2025-12-06 09:07:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat: add uni profile

Browse source
This commit is contained in:
Leon Schwarzäugl 2025-08-10 11:33:14 +02:00
parent ae2126f363
commit e6c7351094
Signed by: swarsel
GPG key ID: 26A54C31F2A4FD84
9 changed files with 181 additions and 74 deletions
Download patch file Download diff file Expand all files Collapse all files

137
SwarselSystems.org
View file

@ -1855,6 +1855,7 @@ My work machine. Built for more security, this is the gold standard of my config
swarselprofiles = { swarselprofiles = {
personal = lib.mkIf (!minimal) true; personal = lib.mkIf (!minimal) true;
work = lib.mkIf (!minimal) true; work = lib.mkIf (!minimal) true;
uni = lib.mkIf (!minimal) true;
framework = lib.mkIf (!minimal) true; framework = lib.mkIf (!minimal) true;
amdcpu = true; amdcpu = true;
amdgpu = true; amdgpu = true;
@ -13678,26 +13679,8 @@ The rest of the settings is at [[#h:bbf2ecb6-c8ff-4462-b5d5-d45b28604ddf][work]]
stable.prometheus.cli stable.prometheus.cli
tigervnc tigervnc
openstackclient openstackclient
pizauth
]; ];
systemd.user.services.pizauth = {
Unit = {
Description = "Pizauth OAuth2 token manager";
};
Service = {
Type = "simple";
ExecStart = "${pkgs.pizauth}/bin/pizauth server -vvvv -d";
ExecReload = "${pkgs.pizauth}/bin/pizauth reload";
ExecStop = "${pkgs.pizauth}/bin/pizauth shutdown";
};
Install = {
WantedBy = [ "default.target" ];
};
};
home.sessionVariables = { home.sessionVariables = {
DOCUMENT_DIR_PRIV = lib.mkForce "${homeDir}/Documents/Private"; DOCUMENT_DIR_PRIV = lib.mkForce "${homeDir}/Documents/Private";
DOCUMENT_DIR_WORK = lib.mkForce "${homeDir}/Documents/Work"; DOCUMENT_DIR_WORK = lib.mkForce "${homeDir}/Documents/Work";
@ -14031,28 +14014,30 @@ The rest of the settings is at [[#h:bbf2ecb6-c8ff-4462-b5d5-d45b28604ddf][work]]
}; };
}; };
swarselservices.pizauth = {
enable = true;
accounts = {
work = {
authUri = "https://login.microsoftonline.com/common/oauth2/v2.0/authorize";
tokenUri = "https://login.microsoftonline.com/common/oauth2/v2.0/token";
clientId = "08162f7c-0fd2-4200-a84a-f25a4db0b584";
clientSecret = "TxRBilcHdC6WGBee]fs?QR:SJ8nI[g82";
scopes = [
"https://outlook.office365.com/IMAP.AccessAsUser.All"
"https://outlook.office365.com/SMTP.Send"
"offline_access"
];
loginHint = "${nixosConfig.repo.secrets.local.work.mailAddress}";
};
};
};
xdg = xdg =
let let
inherit (nixosConfig.repo.secrets.local.work) user1 user2 user3; inherit (nixosConfig.repo.secrets.local.work) user1 user2 user3;
in in
{ {
configFile."pizauth.conf".text = ''
account "work" {
auth_uri = "https://login.microsoftonline.com/common/oauth2/v2.0/authorize";
token_uri = "https://login.microsoftonline.com/common/oauth2/v2.0/token";
client_id = "08162f7c-0fd2-4200-a84a-f25a4db0b584";
client_secret = "TxRBilcHdC6WGBee]fs?QR:SJ8nI[g82";
scopes = [
"https://outlook.office365.com/IMAP.AccessAsUser.All",
"https://outlook.office365.com/SMTP.Send",
"offline_access"
];
// You don't have to specify login_hint, but it does make
// authentication a little easier.
login_hint = "${nixosConfig.repo.secrets.local.work.mailAddress}";
}
'';
mimeApps = { mimeApps = {
defaultApplications = { defaultApplications = {
"x-scheme-handler/msteams" = [ "teams-for-linux.desktop" ]; "x-scheme-handler/msteams" = [ "teams-for-linux.desktop" ];
@ -14206,6 +14191,39 @@ The rest of the settings is at [[#h:bbf2ecb6-c8ff-4462-b5d5-d45b28604ddf][work]]
#+end_src #+end_src
**** Uni
:PROPERTIES:
:CUSTOM_ID: h:52b41e73-46f3-4c2c-af64-eafb51e3b6b6
:END:
#+begin_src nix-ts :tangle modules/home/optional/uni.nix :noweb yes
{ config, lib, nixosConfig ? config, ... }:
{
options.swarselmodules.optional.uni = lib.mkEnableOption "optional uni settings";
config = lib.mkIf config.swarselmodules.optional.uni
{
swarselservices.pizauth = {
enable = true;
accounts = {
uni = {
authUri = "https://login.microsoftonline.com/common/oauth2/v2.0/authorize";
tokenUri = "https://login.microsoftonline.com/common/oauth2/v2.0/token";
clientId = "08162f7c-0fd2-4200-a84a-f25a4db0b584";
clientSecret = "TxRBilcHdC6WGBee]fs?QR:SJ8nI[g82";
scopes = [
"https://outlook.office365.com/IMAP.AccessAsUser.All"
"https://outlook.office365.com/SMTP.Send"
"offline_access"
];
loginHint = "${nixosConfig.repo.secrets.local.uni.mailAddress}";
};
};
};
};
}
#+end_src
**** Framework **** Framework
:PROPERTIES: :PROPERTIES:
:CUSTOM_ID: h:8a7b1c26-3448-42d3-932a-5d05d54b5490 :CUSTOM_ID: h:8a7b1c26-3448-42d3-932a-5d05d54b5490
@ -16750,6 +16768,33 @@ Modules that need to be loaded on the NixOS level. Note that these will not be a
#+end_src #+end_src
**** Uni
:PROPERTIES:
:CUSTOM_ID: h:87a83b10-3c2f-407c-89aa-922ad77748a4
:END:
#+begin_src nix-ts :tangle profiles/nixos/uni/default.nix :mkdirp yes
{ lib, config, ... }:
{
options.swarselprofiles.uni = lib.mkEnableOption "is this a uni host";
config = lib.mkIf config.swarselprofiles.uni {
# swarselmodules = {
# optional = {
# uni = lib.mkDefault true;
# };
# };
home-manager.users."${config.swarselsystems.mainUser}" = {
swarselprofiles = {
uni = lib.mkDefault true;
};
};
};
}
#+end_src
**** Framework **** Framework
:PROPERTIES: :PROPERTIES:
:CUSTOM_ID: h:eb272c99-842a-4095-bc65-283562749300 :CUSTOM_ID: h:eb272c99-842a-4095-bc65-283562749300
@ -17061,6 +17106,7 @@ This holds modules that are to be used on most hosts. These are also the most im
optional = { optional = {
gaming = lib.mkDefault true; gaming = lib.mkDefault true;
uni = lib.mkDefault true;
}; };
}; };
}; };
@ -17245,6 +17291,27 @@ This holds modules that are to be used on most hosts. These are also the most im
#+end_src #+end_src
**** Uni
:PROPERTIES:
:CUSTOM_ID: h:56f509b9-3271-4212-b5ea-482dbe288bda
:END:
#+begin_src nix-ts :tangle profiles/home/uni/default.nix :mkdirp yes
{ lib, config, ... }:
{
options.swarselprofiles.uni = lib.mkEnableOption "is this a uni host";
config = lib.mkIf config.swarselprofiles.uni {
swarselmodules = {
optional = {
uni = lib.mkDefault true;
};
};
};
}
#+end_src
**** Framework **** Framework
:PROPERTIES: :PROPERTIES:
:CUSTOM_ID: h:712b9d7f-16c0-42b3-b02b-6d79ee15cfcc :CUSTOM_ID: h:712b9d7f-16c0-42b3-b02b-6d79ee15cfcc

1
hosts/nixos/pyramid/default.nix
View file

@ -16,6 +16,7 @@ in
swarselprofiles = { swarselprofiles = {
personal = lib.mkIf (!minimal) true; personal = lib.mkIf (!minimal) true;
work = lib.mkIf (!minimal) true; work = lib.mkIf (!minimal) true;
uni = lib.mkIf (!minimal) true;
framework = lib.mkIf (!minimal) true; framework = lib.mkIf (!minimal) true;
amdcpu = true; amdcpu = true;
amdgpu = true; amdgpu = true;

6
hosts/nixos/pyramid/secrets/pii.nix.enc
View file

@ -1,5 +1,5 @@
{ {
"data": "ENC[AES256_GCM,data:kkwEMOzab5JK9G+rSfYygcAI6Y+b1tXkUFPdxN8e2Rnz2Uv4bDfITu8bmKqJ1q5kmHxQjQukioZkdQkabqBR8cx/CG3dRJfPAjEwMz4v8UYGSNSf8blJvdb4YKSizeOEALCuawBIm5hmvwuskXlol6UfkK66h9UnP94wwdh0KKemWinANxbIUX+cl6kK4X1eZrWRGr5Ts2HmjcowIbA+SmA8yVAwqoP6L1DuavilLGPfWhBI4Kj7ZTI3LRlvu4DZZ+DCAea3FgrrjbTWiWZfFW0YX2fDgNQkIxpp3N203zDu23HebZcmCrVBkfvFS7awBr5iVnwfsqOJR0LH92lIlUb8YoFShlJU/Day80i9uyYDCTHc4l2NBvjIH8NlpiYaA2A+rCW3VkVX3WzCGxBfi/kIqoNE3RdLJAYrIimsYaHSmk4o6jslR3xIRyQzDcNtWa92kINdCwBuJXc0UYe/HnR8tFlmOrlixMlVINTy45PRNYJoy7cuoJPd+aNIPQ2V31TB/CjUSZhEptVJSnQnKDui1xuV7vqcyPv06xftJGZRk/LL2cl3+HDLflkZYE7NVlLaOWMBOkX99W/WokF3NGBWuVeUp9bLCwpuEmzFafpCjKhGrQSDGkw17jmYWCULN9v3q6OvyylwqVuDDQZNSxGZFsSPr7qOxeENwTDQvRwpydthPRMMHh/wf3t5pyV/jW79SBuxIWvn4JbO8TBsd9TmVgXMgpd97+Zg3CnTqZApVVRzM8NzF25fMYHJv12YvkEmyOm0otFU84COhgNkpBRTJhyJdjKWVOTJFJyQviwy6BTBF6jqHyS+YP7BEZO2UID/9ODKVrSACCatSQlNtLQRrXOiE9h3g43uAJc/TyJ+A0IceUJ3BM+6PEJiqDWUfO5ucP3pLDdb4IDOAi/YeV9HQdyCdEVRf6a0CHmPcnkb+X+fxxcmZQCvuzQjOZQZw8UUwfhdJms6jTWqaN9leb3z4u8RPxOM1T+Qsu5dL5ouady7xVSO4c1Fw+EiiL9yOh42DTa4OyBlcTJiz5iigqmkaiQOwdwn+FlOYNraOd24h8+x7dDVQBbHjnV7xF7I1rmpOfA/lUbfovLU5SrIxLPT64J25ucudJWBTCDiYADUwhv+QmfJJsdt11+NWPkS3ymFbbWPtpZvhCaawrNKb3s/ohOEi8JIAyY9dtfRGuRoTsCcsJ4xjeSLehX4TgR0cl31Jmm+0kO2uuP7veDrqyUg1Swqsq4+BKfimprh/QzwSoB9lOdEPu0bdQza9sk+D5+H2ooXsVXA2YJscBZ/Kv+YYW57LlfwEvfpJDx5XiQtAYYlUeN8SPx72i9QzYugm339gj+eB8gtbX3W8Sl+D9Vs0P+GZ4G7K03JvzEExtA=,iv:Go3U5S9ZxtPawFoVjknH8j8WDg2TJLIU6mp5DQDj9BE=,tag:0QPJYyQsuZ4hz8xZZ2V4xw==,type:str]", "data": "ENC[AES256_GCM,data:p68IT8Bx7PKlHX5ZI5L0pU64WGA+q3byfbT9yOceKKq4BxD2ZX4zwxXrTsb1q6WOcxOfr7aqqJ8uzkSURKbSbjd1sImBrrzTh2BU80PnM7d8n2GuqJdj2TsiJ25MD5BNG2v0Ib3jDErI5cA6DWkQgzZV3gyfc486XpsFP8TZLjdHBqVO+FcDde/yqLMbAzaGfsOL/yvqsKgoCLQIsY9XyKVuVYuzreBRKo/kXUROCIB9wNFKvXvsMquCPGGDeumjVmcOvKqds3Gz4Ij3YjMiuLEcy4fJCl+Oqt9uKTAzETtxh+0G6UxqPc0IpS3ZzBGKVN+waOqbee0EgZys187qDVkg57L2QZ8I5An7EsMpo7T4KQDhxE8ZU4aLvwS/fobHaFW/9pSjqnH1v1O7gVpPS1T+GDTBHUDvlFVA3EtmTaXT2P3JHpFZCGex9AuyqQPOggwC2CVedmeWEc5osbGJhJjWjHvqkfcfLjIJB8bvp5y3FBXodJAEX9lW+Kbhe3121JU5pAlDp9QWG7a9wHdTSLbhC3qJXAtovOrOqrPTUD/LkSVMYDI+MaN+kw1kgCXH/ZXZmE8WCu7e8g7Vh4XEuRwhwAloGN6KyU+0LUP1SaMRTktur6sUtTIGdWdkaIVXn5sHMiLFYmwXy07uSZ3bGQ8nb3D0yInLkxCH/C/czS+bW3GFACo+bx9GcmDCPYXT1ay4HNFicCwcFNseDnbJMhs9SmI/EXQs1f7AaojMTnBmRpZLvAa++s5cW+GGYjoqZXn7CpGS9bPyv16MLv+81Is2zg1yXYTAwZyGjDrqYYBgsC0I1VgY1sDf1MRZtucL46GMaveIgrx8nlNB2vWkN9pky3GeZL9YvQgw6WEd32pnDxH2d7In83wqPjzk2Ce1fUG24nCBS/GLMEeE+DGud0jMaRbOkR4JmYGw9ej3En+52HHn+Nwy7nQy9gpvf0jOpzPyImCDbtIa+SgFm81nj3Di2SEcxhzqzY3oJbWdNmhbJzacxik73qi+PvY+s5eEr5/Xav8yUltWJHof7vCxw6qejBYa6gb01GOuWfyVVwMpmycrt7bbnWJQ1cULXnChwX3RaktMn1gYAO1kXpgOAEzGE0c/nIqnNWYdzQnfPmFUrBUSLj0SyymsGzBsTc8AmCk0ue8K8Z2lGYgSwHVRgvspWX4W3fvyL0AYwCureXh2MyqohNOEilKqolxQjNIM2B1hDNBWqN3dO6NnJKSE4XicfXHfd/6VVmpNVquWMq3SpcWMhiG3ZWMEWsJ8tTARlCg45uWCKq1iONd8baXLV3C+lutzQ86By5jmEGVYerSLvTsDN1t/VENaNqGCeJPNY5uLuhhoC55C/6zRYNQvzppWru7L+dMh/+t4i9cAgEgsVej5nJKnBPFlUFd2ZaaSoMf1Od1JjJSp3XdaQiXmAS2SUPPU3pLjM2xkpSSK0l1W7EKeQN2CA+dX3Whz3zBmRl8=,iv:DftbkwcfZYce8u+4APA0Od/J6gijDN1c35rBobS7kB4=,tag:IpqjdivPHQrjK/7oRx6spw==,type:str]",
"sops": { "sops": {
"age": [ "age": [
{ {
@ -11,8 +11,8 @@
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0Z2tONmQxTUhZUW12Z2Jm\nUnoxSnpYcnZDNGNzSko1ckl2RDh3NG1VS2dFCmIwUXhmSk1OUk02S0JPVDR5UWJ4\na0gwWlg0V005ZWxYa29PZ0laS2VqM0kKLS0tIHN5SU9pQ090eHljeXJGWm5hRFQ4\nZ001Nzkyb29RYkNUMDNDNlo4YnVQeTQK34bNIBgxId2+DHKQNVV3Iro3KGkE03Sp\niB1+dADT6nRvGvoyPqnLq/NYfw7eQ6XqYt55zkdCta8v6L1UNUkw8g==\n-----END AGE ENCRYPTED FILE-----\n" "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0Z2tONmQxTUhZUW12Z2Jm\nUnoxSnpYcnZDNGNzSko1ckl2RDh3NG1VS2dFCmIwUXhmSk1OUk02S0JPVDR5UWJ4\na0gwWlg0V005ZWxYa29PZ0laS2VqM0kKLS0tIHN5SU9pQ090eHljeXJGWm5hRFQ4\nZ001Nzkyb29RYkNUMDNDNlo4YnVQeTQK34bNIBgxId2+DHKQNVV3Iro3KGkE03Sp\niB1+dADT6nRvGvoyPqnLq/NYfw7eQ6XqYt55zkdCta8v6L1UNUkw8g==\n-----END AGE ENCRYPTED FILE-----\n"
} }
], ],
"lastmodified": "2025-08-07T12:21:20Z", "lastmodified": "2025-08-09T20:09:09Z",
"mac": "ENC[AES256_GCM,data:JxNvTsW6D7IbaczGsdgfTJcACm5VLrOw6Ep+RU9PoXn2LJZeJ9U8KIlnNdODtxMpiIpZ+ZPeJgQk+EXlUVd5n2dJQEr6vqfs4o85givDWE29Pki12Zb7jMhiW8/z9GYQ/TcskkWUfA0Brz9fKVKXLARvQdL1/9Rlw+F1VwWWBOo=,iv:V31hoIpUgq6X47D0B+MtBMsdD0oDpPkh2kvQWRJtS3w=,tag:dsW9SUIdGipX5rKyLAvCvQ==,type:str]", "mac": "ENC[AES256_GCM,data:s+LaqADPYV1UjsYZlxh6LGqaTwGzDYWyfcxPXakVUEmCe0YHfphSyRmhWwlr7WWM3w6BsZESq+PKYKtL7UunoolPh0KVEcobsvp7K/ZEPzDOH14ddOGiXDEpYRNqVYZtprR9pvrydOCPJbXO+klpLl0o3mm6j9VX2tIQdx3HNiA=,iv:rI2MG8OJUM6RNkJ3GsSYedOnRBTa+tbpporHC337unE=,tag:SY4yi5T7sFTIV02I8BbISg==,type:str]",
"pgp": [ "pgp": [
{ {
"created_at": "2025-06-14T22:31:01Z", "created_at": "2025-06-14T22:31:01Z",

2
modules/home/common/packages.nix
View file

@ -77,7 +77,7 @@
libreoffice-qt libreoffice-qt
xournalpp xournalpp
obsidian obsidian
spotify # spotify
vesktop # discord client vesktop # discord client
# nextcloud-client # enables a systemd service that I do not want # nextcloud-client # enables a systemd service that I do not want
spotify-player spotify-player

24
modules/home/optional/uni.nix Normal file
View file

@ -0,0 +1,24 @@
{ config, lib, nixosConfig ? config, ... }:
{
options.swarselmodules.optional.uni = lib.mkEnableOption "optional uni settings";
config = lib.mkIf config.swarselmodules.optional.uni
{
swarselservices.pizauth = {
enable = true;
accounts = {
uni = {
authUri = "https://login.microsoftonline.com/common/oauth2/v2.0/authorize";
tokenUri = "https://login.microsoftonline.com/common/oauth2/v2.0/token";
clientId = "08162f7c-0fd2-4200-a84a-f25a4db0b584";
clientSecret = "TxRBilcHdC6WGBee]fs?QR:SJ8nI[g82";
scopes = [
"https://outlook.office365.com/IMAP.AccessAsUser.All"
"https://outlook.office365.com/SMTP.Send"
"offline_access"
];
loginHint = "${nixosConfig.repo.secrets.local.uni.mailAddress}";
};
};
};
};
}

54
modules/home/optional/work.nix
View file

@ -18,26 +18,8 @@ in
stable.prometheus.cli stable.prometheus.cli
tigervnc tigervnc
openstackclient openstackclient
pizauth
]; ];
systemd.user.services.pizauth = {
Unit = {
Description = "Pizauth OAuth2 token manager";
};
Service = {
Type = "simple";
ExecStart = "${pkgs.pizauth}/bin/pizauth server -vvvv -d";
ExecReload = "${pkgs.pizauth}/bin/pizauth reload";
ExecStop = "${pkgs.pizauth}/bin/pizauth shutdown";
};
Install = {
WantedBy = [ "default.target" ];
};
};
home.sessionVariables = { home.sessionVariables = {
DOCUMENT_DIR_PRIV = lib.mkForce "${homeDir}/Documents/Private"; DOCUMENT_DIR_PRIV = lib.mkForce "${homeDir}/Documents/Private";
DOCUMENT_DIR_WORK = lib.mkForce "${homeDir}/Documents/Work"; DOCUMENT_DIR_WORK = lib.mkForce "${homeDir}/Documents/Work";
@ -371,28 +353,30 @@ in
}; };
}; };
swarselservices.pizauth = {
enable = true;
accounts = {
work = {
authUri = "https://login.microsoftonline.com/common/oauth2/v2.0/authorize";
tokenUri = "https://login.microsoftonline.com/common/oauth2/v2.0/token";
clientId = "08162f7c-0fd2-4200-a84a-f25a4db0b584";
clientSecret = "TxRBilcHdC6WGBee]fs?QR:SJ8nI[g82";
scopes = [
"https://outlook.office365.com/IMAP.AccessAsUser.All"
"https://outlook.office365.com/SMTP.Send"
"offline_access"
];
loginHint = "${nixosConfig.repo.secrets.local.work.mailAddress}";
};
};
};
xdg = xdg =
let let
inherit (nixosConfig.repo.secrets.local.work) user1 user2 user3; inherit (nixosConfig.repo.secrets.local.work) user1 user2 user3;
in in
{ {
configFile."pizauth.conf".text = ''
account "work" {
auth_uri = "https://login.microsoftonline.com/common/oauth2/v2.0/authorize";
token_uri = "https://login.microsoftonline.com/common/oauth2/v2.0/token";
client_id = "08162f7c-0fd2-4200-a84a-f25a4db0b584";
client_secret = "TxRBilcHdC6WGBee]fs?QR:SJ8nI[g82";
scopes = [
"https://outlook.office365.com/IMAP.AccessAsUser.All",
"https://outlook.office365.com/SMTP.Send",
"offline_access"
];
// You don't have to specify login_hint, but it does make
// authentication a little easier.
login_hint = "${nixosConfig.repo.secrets.local.work.mailAddress}";
}
'';
mimeApps = { mimeApps = {
defaultApplications = { defaultApplications = {
"x-scheme-handler/msteams" = [ "teams-for-linux.desktop" ]; "x-scheme-handler/msteams" = [ "teams-for-linux.desktop" ];

1
profiles/home/personal/default.nix
View file

@ -43,6 +43,7 @@
optional = { optional = {
gaming = lib.mkDefault true; gaming = lib.mkDefault true;
uni = lib.mkDefault true;
}; };
}; };
}; };

12
profiles/home/uni/default.nix Normal file
View file

@ -0,0 +1,12 @@
{ lib, config, ... }:
{
options.swarselprofiles.uni = lib.mkEnableOption "is this a uni host";
config = lib.mkIf config.swarselprofiles.uni {
swarselmodules = {
optional = {
uni = lib.mkDefault true;
};
};
};
}

18
profiles/nixos/uni/default.nix Normal file
View file

@ -0,0 +1,18 @@
{ lib, config, ... }:
{
options.swarselprofiles.uni = lib.mkEnableOption "is this a uni host";
config = lib.mkIf config.swarselprofiles.uni {
# swarselmodules = {
# optional = {
# uni = lib.mkDefault true;
# };
# };
home-manager.users."${config.swarselsystems.mainUser}" = {
swarselprofiles = {
uni = lib.mkDefault true;
};
};
};
}