karaolidis/nix
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Refactor structure

Browse Source 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
This commit is contained in:
Nick Karaolidis
2025-01-09 13:50:26 +00:00
parent c8c34c40e5
commit b355f72b2e
30 changed files with 362 additions and 202 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
flake.nix
View File

@@ -103,11 +103,10 @@
devShells = {
bun = import ./hosts/common/shells/bun { inherit pkgs; };
go = import ./hosts/common/shells/go { inherit pkgs; };
java17 = import ./hosts/common/shells/java17 { inherit pkgs; };
java = import ./hosts/common/shells/java { inherit pkgs; };
nix = import ./hosts/common/shells/nix { inherit pkgs; };
nodejs = import ./hosts/common/shells/nodejs { inherit pkgs; };
python = import ./hosts/common/shells/python { inherit pkgs; };
sas = import ./hosts/common/shells/sas { inherit pkgs; };
};
formatter = pkgs.nixfmt-rfc-style;

8
hosts/common/shells/java/default.nix Normal file
View File

@@ -0,0 +1,8 @@
{ pkgs, ... }:
pkgs.mkShell {
packages = with pkgs; [ jdk ];
shellHook = ''
export JAVA_HOME=${pkgs.jdk.home}
'';
}

10
hosts/common/shells/java17/default.nix
View File

@@ -1,10 +0,0 @@
{ pkgs, ... }:
pkgs.mkShell {
packages = with pkgs; [
jdk17
];
shellHook = ''
export JAVA_HOME=${pkgs.jdk17.home}
'';
}

28
hosts/common/shells/sas/default.nix
View File

@@ -1,28 +0,0 @@
{ pkgs, ... }:
pkgs.mkShell {
packages = with pkgs; [
go
gopls
go-tools
golangci-lint
golangci-lint-langserver
jdk17
];
shellHook = ''
if git rev-parse --is-inside-work-tree &> /dev/null; then
TOP="$(git rev-parse --show-toplevel)"
if ! grep -q "^\.go$" "$TOP/.gitignore" "$TOP/.git/info/exclude"; then echo ".go" >> "$TOP/.git/info/exclude"; fi
if ! grep -q "^\.gradle$" "$TOP/.gitignore" "$TOP/.git/info/exclude"; then echo ".gradle" >> "$TOP/.git/info/exclude"; fi
else
TOP="$(pwd)"
fi
export GOPATH="$TOP/.go"
export GOPROXY=goproxy.unx.sas.com
export GONOSUMDB=*.sas.com,sassoftware.io
export JAVA_HOME="${pkgs.jdk17.home}"
export GRADLE_USER_HOME="$TOP/.gradle"
mkdir -p "$GRADLE_USER_HOME" && cp -f ~/.gradle/gradle.properties "$GRADLE_USER_HOME/gradle.properties"
'';
}

6
hosts/eirene/default.nix
View File

@@ -2,10 +2,11 @@
{
imports = [
../../lib
inputs.disko.nixosModules.disko
(import ./format.nix { device = "/dev/disk/by-id/nvme-SAMSUNG_MZVL22T0HBLB-00BL2_S64RNE0R602762"; })
./hardware.nix
./display.nix
./hardware
../common/configs/system/bluetooth
../common/configs/system/boot
../common/configs/system/brightnessctl
@@ -43,6 +44,7 @@
../common/configs/system/users
../common/configs/system/wget
../common/configs/system/zsh
./users/nick
];

8
hosts/eirene/hardware.nix → hosts/eirene/hardware/default.nix
View File

@@ -1,5 +1,9 @@
{ pkgs, lib, ... }:
{
imports = [
./display.nix
];
# https://github.com/NixOS/nixos-hardware/tree/master/lenovo/legion/16achg6
hardware = {
enableAllFirmware = true;
@@ -58,7 +62,7 @@
powerManagement.enable = true;
systemd.services.powertop.postStart = builtins.readFile ./configs/system/scripts/mouse.sh;
systemd.services.powertop.postStart = builtins.readFile ./scripts/mouse.sh;
services = {
xserver.videoDrivers = [ "nvidia" ];
@@ -85,7 +89,7 @@
gestures.workspace_swipe_distance = 600;
};
programs.zsh.loginExtra = lib.mkBefore (builtins.readFile ./configs/system/scripts/card.sh);
programs.zsh.loginExtra = lib.mkBefore (builtins.readFile ./scripts/card.sh);
}
];
}

0
hosts/eirene/display.nix → hosts/eirene/hardware/display.nix
View File

0
hosts/eirene/configs/system/scripts/card.sh → hosts/eirene/hardware/scripts/card.sh
View File

0
hosts/eirene/configs/system/scripts/mouse.sh → hosts/eirene/hardware/scripts/mouse.sh
View File

28
hosts/eirene/users/nick/configs/console/git/default.nix Normal file
View File

@@ -0,0 +1,28 @@
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ ... }:
{
home-manager.users.${user} = {
sops.secrets = {
"git/credentials" = {
sopsFile = ../../../../../../../secrets/personal/secrets.yaml;
path = "${home}/.config/git/credentials";
};
"git/cookies" = {
sopsFile = ../../../../../../../secrets/personal/secrets.yaml;
path = "${home}/.config/git/cookies";
};
};
programs.ssh.matchBlocks = {
"github.com" = {
hostname = "github.com";
user = "git";
identityFile = "${home}/.ssh/ssh_personal_ed25519_key";
extraOptions.StrictHostKeyChecking = "no";
};
};
};
}

17
hosts/eirene/users/nick/configs/console/syncthing/default.nix Normal file
View File

@@ -0,0 +1,17 @@
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ ... }:
{
home-manager.users.${user}.services.syncthing.settings.folders = {
official = {
label = "Official";
path = "${home}/Documents/Official";
devices = [
"amalthea"
"ganymede"
];
};
};
}

22
hosts/eirene/users/nick/configs/gui/obsidian/default.nix Normal file
View File

@@ -0,0 +1,22 @@
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ ... }:
{
home-manager.users.${user} = {
programs.obsidian.vaults."Documents/Obsidian/master".enable = true;
services.syncthing.settings.folders.obsidian = {
label = "Obsidian";
path = "${home}/Documents/Obsidian";
devices = [
"amalthea"
"ganymede"
];
};
home.file."Documents/Obsidian/.stignore".source =
../../../../../../common/configs/user/gui/obsidian/config/.stignore;
};
}

57
hosts/eirene/users/nick/default.nix
View File

@@ -8,6 +8,7 @@ in
{
imports = [
../../../common/configs/user/options.nix
(import ../../../common/configs/user/console/android { inherit user home; })
(import ../../../common/configs/user/console/bashmount { inherit user home; })
(import ../../../common/configs/user/console/bluetooth { inherit user home; })
@@ -40,6 +41,7 @@ in
(import ../../../common/configs/user/console/xdg { inherit user home; })
(import ../../../common/configs/user/console/yt-dlp { inherit user home; })
(import ../../../common/configs/user/console/zsh { inherit user home; })
(import ../../../common/configs/user/gui/astal { inherit user home; })
(import ../../../common/configs/user/gui/bluetooth { inherit user home; })
(import ../../../common/configs/user/gui/brightnessctl { inherit user home; })
@@ -71,6 +73,11 @@ in
(import ../../../common/configs/user/gui/wev { inherit user home; })
(import ../../../common/configs/user/gui/x11 { inherit user home; })
(import ../../../common/configs/user/gui/xdg { inherit user home; })
(import ./configs/console/git { inherit user home; })
(import ./configs/console/syncthing { inherit user home; })
(import ./configs/gui/obsidian { inherit user home; })
];
# echo "password" | mkpasswd -s
@@ -101,60 +108,16 @@ in
};
sops.secrets = {
"git/credentials" = {
"ssh/personal/key" = {
sopsFile = ../../../../secrets/personal/secrets.yaml;
path = "${home}/.config/git/credentials";
path = "${home}/.ssh/ssh_personal_ed25519_key";
};
"git/cookies" = {
sopsFile = ../../../../secrets/personal/secrets.yaml;
path = "${home}/.config/git/cookies";
};
"ssh/personal/git/key" = {
sopsFile = ../../../../secrets/personal/secrets.yaml;
path = "${home}/.ssh/ssh_git_personal_ed25519_key";
};
"ssh/personal/git/pass".sopsFile = ../../../../secrets/personal/secrets.yaml;
"ssh/personal/pass".sopsFile = ../../../../secrets/personal/secrets.yaml;
"gpg/personal/key".sopsFile = ../../../../secrets/personal/secrets.yaml;
"gpg/personal/pass".sopsFile = ../../../../secrets/personal/secrets.yaml;
};
programs = {
ssh.matchBlocks = {
"github.com" = {
hostname = "github.com";
user = "git";
identityFile = "${home}/.ssh/ssh_git_personal_ed25519_key";
extraOptions.StrictHostKeyChecking = "no";
};
};
obsidian.vaults."Documents/Obsidian/master".enable = true;
};
theme.wallpaper = ../../../../static/wallpapers/clouds.png;
services.syncthing.settings.folders = {
obsidian = {
label = "Obsidian";
path = "${home}/Documents/Obsidian";
devices = [
"amalthea"
"ganymede"
];
};
official = {
label = "Official";
path = "${home}/Documents/Official";
devices = [
"amalthea"
"ganymede"
];
};
};
home.file."Documents/Obsidian/.stignore".source =
../../../common/configs/user/gui/obsidian/config/.stignore;
};
}

21
hosts/elara/configs/git/default.nix Normal file
View File

@@ -0,0 +1,21 @@
{ ... }:
{
sops.secrets."ssh/sas/key" = {
sopsFile = ../../../../secrets/sas/secrets.yaml;
path = "/root/.ssh/ssh_sas_ed25519_key";
};
programs.ssh.extraConfig = ''
Host github.com
User git
HostName github.com
IdentityFile /root/.ssh/ssh_sas_ed25519_key
StrictHostKeyChecking no
Host gitlab.sas.com
User git
HostName gitlab.sas.com
IdentityFile /root/.ssh/ssh_sas_ed25519_key
StrictHostKeyChecking no
'';
}

36
hosts/elara/default.nix
View File

@@ -2,14 +2,15 @@
{
imports = [
../../lib
inputs.disko.nixosModules.disko
(import ./format.nix {
device = "/dev/disk/by-id/ata-Samsung_SSD_990_EVO_1TB_S7GCNL0XA04998F";
})
./hardware.nix
./hardware
# elara runs on an external drive on eirene
../eirene/hardware.nix
../eirene/display.nix
../eirene/hardware
../common/configs/system/bluetooth
../common/configs/system/boot
../common/configs/system/brightnessctl
@@ -47,36 +48,17 @@
../common/configs/system/users
../common/configs/system/wget
../common/configs/system/zsh
./configs/system/globalprotect-remote-connect
./configs/git
./configs/globalprotect-remote-connect
./users/nikara
];
networking.hostName = "elara";
i18n.defaultLocale = "en_US.UTF-8";
sops = {
defaultSopsFile = ./secrets/secrets.yaml;
# Required for building private SAS packages
secrets."ssh/sas/git/key" = {
sopsFile = ../../secrets/sas/secrets.yaml;
path = "/root/.ssh/ssh_git_sas_ed25519_key";
};
};
programs.ssh.extraConfig = ''
Host github.com
User git
HostName github.com
IdentityFile /root/.ssh/ssh_git_sas_ed25519_key
StrictHostKeyChecking no
Host gitlab.sas.com
User git
HostName gitlab.sas.com
IdentityFile /root/.ssh/ssh_git_sas_ed25519_key
StrictHostKeyChecking no
'';
sops.defaultSopsFile = ./secrets/secrets.yaml;
environment.impermanence.device =
config.disko.devices.disk.usb.content.partitions.root.content.name;

0
hosts/elara/hardware.nix → hosts/elara/hardware/default.nix
View File

45
hosts/elara/users/nikara/configs/console/git/default.nix Normal file
View File

@@ -0,0 +1,45 @@
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ ... }:
{
home-manager.users.${user} = {
sops.secrets = {
# Personal
"git/credentials" = {
sopsFile = ../../../../../../../secrets/personal/secrets.yaml;
path = "${home}/.config/git/credentials";
};
"git/cookies" = {
sopsFile = ../../../../../../../secrets/personal/secrets.yaml;
path = "${home}/.config/git/cookies";
};
};
programs.ssh.matchBlocks = {
# Personal
"github.com/karaolidis" = {
hostname = "github.com";
user = "git";
identityFile = "${home}/.ssh/ssh_personal_ed25519_key";
extraOptions.StrictHostKeyChecking = "no";
};
# SAS
"github.com" = {
hostname = "github.com";
user = "git";
identityFile = "${home}/.ssh/ssh_sas_ed25519_key";
extraOptions.StrictHostKeyChecking = "no";
};
"gitlab.sas.com" = {
hostname = "gitlab.sas.com";
user = "git";
identityFile = "${home}/.ssh/ssh_sas_ed25519_key";
extraOptions.StrictHostKeyChecking = "no";
};
};
};
}

29
hosts/elara/users/nikara/configs/console/go/default.nix Normal file
View File

@@ -0,0 +1,29 @@
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ pkgs, ... }:
{
environment.persistence."/cache"."${home}/.local/share/go" = { };
home-manager.users.${user} = {
programs.go = {
enable = true;
goPath = "${home}/.local/share/go";
};
home = {
packages = with pkgs; [
gopls
go-tools
golangci-lint
golangci-lint-langserver
];
sessionVariables = {
GOPROXY = "goproxy.unx.sas.com";
GONOSUMDB = "*.sas.com,sassoftware.io";
};
};
};
}

27
hosts/elara/users/nikara/configs/console/java/default.nix Normal file
View File

@@ -0,0 +1,27 @@
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ pkgs, ... }:
{
environment.persistence."/cache"."${home}/.local/share/gradle" = { };
home-manager.users.${user} = {
programs = {
java = {
enable = true;
package = pkgs.jdk17;
};
gradle = {
enable = true;
home = "${home}/.local/share/gradle";
};
};
sops.secrets."artifactory" = {
sopsFile = ../../../../../../../secrets/sas/secrets.yaml;
path = "${home}/.local/share/gradle/gradle.properties";
};
};
}

8
hosts/elara/users/nikara/configs/console/jsonify/default.nix Normal file
View File

@@ -0,0 +1,8 @@
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ pkgs, ... }:
{
home-manager.users.${user}.home.packages = [ (pkgs.callPackage ./package.nix { }) ];
}

22
hosts/elara/users/nikara/configs/console/jsonify/package.nix Normal file
View File

@@ -0,0 +1,22 @@
{ pkgs, ... }:
pkgs.buildGoModule rec {
pname = "jsonify";
version = "0.1.6";
src = fetchGit {
url = "git@github.com:sas-institute-rnd-internal/polaris-jsonify.git";
ref = "main";
rev = "7b8f8a0f0b3c1bbfb7f814c5a3dae5f696ca38e3";
};
preBuild = ''
rm -rf sage
'';
installPhase = ''
mkdir -p $out/bin
cp "$GOPATH/bin/polaris-jsonify" $out/bin/jsonify
'';
vendorHash = "sha256-sJ3Jc7ZC+1s3m5nH6WtXsGVZfLEW7CZAcNtstUpc9M4=";
}

8
hosts/elara/users/nikara/configs/console/klog/default.nix Normal file
View File

@@ -0,0 +1,8 @@
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ pkgs, ... }:
{
home-manager.users.${user}.home.packages = [ (pkgs.callPackage ./package.nix { }) ];
}

13
hosts/elara/users/nikara/configs/console/klog/package.nix Normal file
View File

@@ -0,0 +1,13 @@
{ pkgs, ... }:
pkgs.buildGoModule rec {
pname = "klog";
version = "0.6.2";
src = fetchGit {
url = "git@gitlab.sas.com:convoy/devops/klog.git";
ref = "master";
rev = "17629fe278dd23e12bd6f17ee9db0d2fde37bc6c";
};
vendorHash = "";
}

23
hosts/elara/users/nikara/configs/console/kubernetes/default.nix Normal file
View File

@@ -0,0 +1,23 @@
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ ... }:
{
home-manager.users.${user} = {
sops.secrets = {
"kubeconfig/d90270" = {
sopsFile = ../../../../../../../secrets/sas/secrets.yaml;
path = "${home}/.kube/d90270";
};
"kubeconfig/d90271" = {
sopsFile = ../../../../../../../secrets/sas/secrets.yaml;
path = "${home}/.kube/d90271";
};
"kubeconfig/d90272" = {
sopsFile = ../../../../../../../secrets/sas/secrets.yaml;
path = "${home}/.kube/d90272";
};
};
};
}

8
hosts/elara/users/nikara/configs/gui/obsidian/default.nix Normal file
View File

@@ -0,0 +1,8 @@
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ ... }:
{
home-manager.users.${user}.programs.obsidian.vaults."Documents/Obsidian/master".enable = true;
}

77
hosts/elara/users/nikara/default.nix
View File

@@ -37,6 +37,7 @@ in
(import ../../../common/configs/user/console/wget { inherit user home; })
(import ../../../common/configs/user/console/xdg { inherit user home; })
(import ../../../common/configs/user/console/zsh { inherit user home; })
(import ../../../common/configs/user/gui/astal { inherit user home; })
(import ../../../common/configs/user/gui/bluetooth { inherit user home; })
(import ../../../common/configs/user/gui/brightnessctl { inherit user home; })
@@ -66,9 +67,17 @@ in
(import ../../../common/configs/user/gui/x11 { inherit user home; })
(import ../../../common/configs/user/gui/xdg { inherit user home; })
(import ./configs/console/git { inherit user home; })
(import ./configs/console/go { inherit user home; })
(import ./configs/console/java { inherit user home; })
(import ./configs/console/kubernetes { inherit user home; })
(import ./configs/gui/obsidian { inherit user home; })
# Warning: the following imports use private SAS repositories.
# You must build the system once with these imports commented out,
# then uncomment them and rebuild the system once keys are provisioned.
(import ./configs/console/jsonify { inherit user home; })
];
# echo "password" | mkpasswd -s
@@ -100,80 +109,24 @@ in
sops.secrets = {
# Personal
"git/credentials" = {
"ssh/personal/key" = {
sopsFile = ../../../../secrets/personal/secrets.yaml;
path = "${home}/.config/git/credentials";
path = "${home}/.ssh/ssh_personal_ed25519_key";
};
"git/cookies" = {
sopsFile = ../../../../secrets/personal/secrets.yaml;
path = "${home}/.config/git/cookies";
};
"ssh/personal/git/key" = {
sopsFile = ../../../../secrets/personal/secrets.yaml;
path = "${home}/.ssh/ssh_git_personal_ed25519_key";
};
"ssh/personal/git/pass".sopsFile = ../../../../secrets/personal/secrets.yaml;
"ssh/personal/pass".sopsFile = ../../../../secrets/personal/secrets.yaml;
"gpg/personal/key".sopsFile = ../../../../secrets/personal/secrets.yaml;
"gpg/personal/pass".sopsFile = ../../../../secrets/personal/secrets.yaml;
# SAS
"ssh/sas/git/key" = {
"ssh/sas/key" = {
sopsFile = ../../../../secrets/sas/secrets.yaml;
path = "${home}/.ssh/ssh_git_sas_ed25519_key";
path = "${home}/.ssh/ssh_sas_ed25519_key";
};
"ssh/sas/git/pass".sopsFile = ../../../../secrets/sas/secrets.yaml;
"ssh/sas/pass".sopsFile = ../../../../secrets/sas/secrets.yaml;
"gpg/sas/key".sopsFile = ../../../../secrets/sas/secrets.yaml;
"gpg/sas/pass".sopsFile = ../../../../secrets/sas/secrets.yaml;
"kubeconfig/d90270" = {
sopsFile = ../../../../secrets/sas/secrets.yaml;
path = "${home}/.kube/d90270";
};
"kubeconfig/d90271" = {
sopsFile = ../../../../secrets/sas/secrets.yaml;
path = "${home}/.kube/d90271";
};
"kubeconfig/d90272" = {
sopsFile = ../../../../secrets/sas/secrets.yaml;
path = "${home}/.kube/d90272";
};
"artifactory" = {
sopsFile = ../../../../secrets/sas/secrets.yaml;
path = "${home}/.gradle/gradle.properties";
};
};
programs = {
ssh.matchBlocks = {
# Personal
"github.com/karaolidis" = {
hostname = "github.com";
user = "git";
identityFile = "${home}/.ssh/ssh_git_personal_ed25519_key";
extraOptions.StrictHostKeyChecking = "no";
};
# SAS
"github.com" = {
hostname = "github.com";
user = "git";
identityFile = "${home}/.ssh/ssh_git_sas_ed25519_key";
extraOptions.StrictHostKeyChecking = "no";
};
"gitlab.sas.com" = {
hostname = "gitlab.sas.com";
user = "git";
identityFile = "${home}/.ssh/ssh_git_sas_ed25519_key";
extraOptions.StrictHostKeyChecking = "no";
};
};
obsidian.vaults."Documents/Obsidian/master".enable = true;
};
theme.wallpaper = ../../../../static/wallpapers/snow.jpg;

5
hosts/installer/default.nix
View File

@@ -2,11 +2,13 @@
{
imports = [
../../lib
inputs.disko.nixosModules.disko
(import ./format.nix {
device = "/dev/disk/by-id/usb-SanDisk_Ultra_Trek_050133f0afb69de86a475ee8d2ad97e4916cce11764cffba9ab262d42a7d0d2f66460000000000000000000039b7a3b8ff990a109f5581078ea6e86a-0:0";
})
./hardware.nix
./hardware
../common/configs/system/boot
../common/configs/system/btop
../common/configs/system/btrfs
@@ -34,6 +36,7 @@
../common/configs/system/users
../common/configs/system/wget
../common/configs/system/zsh
./users/nick
];

0
hosts/installer/hardware.nix → hosts/installer/hardware/default.nix
View File

28
hosts/installer/users/nick/configs/console/git/default.nix Normal file
View File

@@ -0,0 +1,28 @@
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ ... }:
{
home-manager.users.${user} = {
sops.secrets = {
"git/credentials" = {
sopsFile = ../../../../../../../secrets/personal/secrets.yaml;
path = "${home}/.config/git/credentials";
};
"git/cookies" = {
sopsFile = ../../../../../../../secrets/personal/secrets.yaml;
path = "${home}/.config/git/cookies";
};
};
programs.ssh.matchBlocks = {
"github.com" = {
hostname = "github.com";
user = "git";
identityFile = "${home}/.ssh/ssh_personal_ed25519_key";
extraOptions.StrictHostKeyChecking = "no";
};
};
};
}

27
hosts/installer/users/nick/default.nix
View File

@@ -8,6 +8,7 @@ in
{
imports = [
../../../common/configs/user/options.nix
(import ../../../common/configs/user/console/bashmount { inherit user home; })
(import ../../../common/configs/user/console/btop { inherit user home; })
(import ../../../common/configs/user/console/fastfetch { inherit user home; })
@@ -27,6 +28,8 @@ in
(import ../../../common/configs/user/console/wget { inherit user home; })
(import ../../../common/configs/user/console/xdg { inherit user home; })
(import ../../../common/configs/user/console/zsh { inherit user home; })
(import ./configs/console/git { inherit user home; })
];
# echo "password" | mkpasswd -s
@@ -57,32 +60,14 @@ in
};
sops.secrets = {
"git/credentials" = {
"ssh/personal/key" = {
sopsFile = ../../../../secrets/personal/secrets.yaml;
path = "${home}/.config/git/credentials";
path = "${home}/.ssh/ssh_personal_ed25519_key";
};
"git/cookies" = {
sopsFile = ../../../../secrets/personal/secrets.yaml;
path = "${home}/.config/git/cookies";
};
"ssh/personal/git/key" = {
sopsFile = ../../../../secrets/personal/secrets.yaml;
path = "${home}/.ssh/ssh_git_personal_ed25519_key";
};
"ssh/personal/git/pass".sopsFile = ../../../../secrets/personal/secrets.yaml;
"ssh/personal/pass".sopsFile = ../../../../secrets/personal/secrets.yaml;
"gpg/personal/key".sopsFile = ../../../../secrets/personal/secrets.yaml;
"gpg/personal/pass".sopsFile = ../../../../secrets/personal/secrets.yaml;
};
programs.ssh.matchBlocks = {
"github.com" = {
hostname = "github.com";
user = "git";
identityFile = "${home}/.ssh/ssh_git_personal_ed25519_key";
extraOptions.StrictHostKeyChecking = "no";
};
};
};
}