Refactor structure

Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>

flake.nix

@@ -103,11 +103,10 @@
         devShells = {
           bun = import ./hosts/common/shells/bun { inherit pkgs; };
           go = import ./hosts/common/shells/go { inherit pkgs; };
-          java17 = import ./hosts/common/shells/java17 { inherit pkgs; };
+          java = import ./hosts/common/shells/java { inherit pkgs; };
           nix = import ./hosts/common/shells/nix { inherit pkgs; };
           nodejs = import ./hosts/common/shells/nodejs { inherit pkgs; };
           python = import ./hosts/common/shells/python { inherit pkgs; };
-          sas = import ./hosts/common/shells/sas { inherit pkgs; };
         };
 
         formatter = pkgs.nixfmt-rfc-style;

hosts/common/shells/java/default.nix

@@ -0,0 +1,8 @@
+{ pkgs, ... }:
+pkgs.mkShell {
+  packages = with pkgs; [ jdk ];
+
+  shellHook = ''
+    export JAVA_HOME=${pkgs.jdk.home}
+  '';
+}

hosts/common/shells/java17/default.nix

@@ -1,10 +0,0 @@
-{ pkgs, ... }:
-pkgs.mkShell {
-  packages = with pkgs; [
-    jdk17
-  ];
-
-  shellHook = ''
-    export JAVA_HOME=${pkgs.jdk17.home}
-  '';
-}

hosts/common/shells/sas/default.nix

@@ -1,28 +0,0 @@
-{ pkgs, ... }:
-pkgs.mkShell {
-  packages = with pkgs; [
-    go
-    gopls
-    go-tools
-    golangci-lint
-    golangci-lint-langserver
-    jdk17
-  ];
-
-  shellHook = ''
-    if git rev-parse --is-inside-work-tree &> /dev/null; then
-      TOP="$(git rev-parse --show-toplevel)"
-      if ! grep -q "^\.go$" "$TOP/.gitignore" "$TOP/.git/info/exclude"; then echo ".go" >> "$TOP/.git/info/exclude"; fi
-      if ! grep -q "^\.gradle$" "$TOP/.gitignore" "$TOP/.git/info/exclude"; then echo ".gradle" >> "$TOP/.git/info/exclude"; fi
-    else
-      TOP="$(pwd)"
-    fi
-
-    export GOPATH="$TOP/.go"
-    export GOPROXY=goproxy.unx.sas.com
-    export GONOSUMDB=*.sas.com,sassoftware.io
-    export JAVA_HOME="${pkgs.jdk17.home}"
-    export GRADLE_USER_HOME="$TOP/.gradle"
-    mkdir -p "$GRADLE_USER_HOME" && cp -f ~/.gradle/gradle.properties "$GRADLE_USER_HOME/gradle.properties"
-  '';
-}

hosts/eirene/default.nix

@@ -2,10 +2,11 @@
 {
   imports = [
     ../../lib
+
     inputs.disko.nixosModules.disko
     (import ./format.nix { device = "/dev/disk/by-id/nvme-SAMSUNG_MZVL22T0HBLB-00BL2_S64RNE0R602762"; })
-    ./hardware.nix
+    ./hardware
-    ./display.nix
+
     ../common/configs/system/bluetooth
     ../common/configs/system/boot
     ../common/configs/system/brightnessctl
@@ -43,6 +44,7 @@
     ../common/configs/system/users
     ../common/configs/system/wget
     ../common/configs/system/zsh
+
     ./users/nick
   ];
 

hosts/eirene/hardware/default.nix

@@ -1,5 +1,9 @@
 { pkgs, lib, ... }:
 {
+  imports = [
+    ./display.nix
+  ];
+
   # https://github.com/NixOS/nixos-hardware/tree/master/lenovo/legion/16achg6
   hardware = {
     enableAllFirmware = true;
@@ -58,7 +62,7 @@
 
   powerManagement.enable = true;
 
-  systemd.services.powertop.postStart = builtins.readFile ./configs/system/scripts/mouse.sh;
+  systemd.services.powertop.postStart = builtins.readFile ./scripts/mouse.sh;
 
   services = {
     xserver.videoDrivers = [ "nvidia" ];
@@ -85,7 +89,7 @@
         gestures.workspace_swipe_distance = 600;
       };
 
-      programs.zsh.loginExtra = lib.mkBefore (builtins.readFile ./configs/system/scripts/card.sh);
+      programs.zsh.loginExtra = lib.mkBefore (builtins.readFile ./scripts/card.sh);
     }
   ];
 }

hosts/eirene/users/nick/configs/console/git/default.nix

@@ -0,0 +1,28 @@
+{
+  user ? throw "user argument is required",
+  home ? throw "home argument is required",
+}:
+{ ... }:
+{
+  home-manager.users.${user} = {
+    sops.secrets = {
+      "git/credentials" = {
+        sopsFile = ../../../../../../../secrets/personal/secrets.yaml;
+        path = "${home}/.config/git/credentials";
+      };
+      "git/cookies" = {
+        sopsFile = ../../../../../../../secrets/personal/secrets.yaml;
+        path = "${home}/.config/git/cookies";
+      };
+    };
+
+    programs.ssh.matchBlocks = {
+      "github.com" = {
+        hostname = "github.com";
+        user = "git";
+        identityFile = "${home}/.ssh/ssh_personal_ed25519_key";
+        extraOptions.StrictHostKeyChecking = "no";
+      };
+    };
+  };
+}

hosts/eirene/users/nick/configs/console/syncthing/default.nix

@@ -0,0 +1,17 @@
+{
+  user ? throw "user argument is required",
+  home ? throw "home argument is required",
+}:
+{ ... }:
+{
+  home-manager.users.${user}.services.syncthing.settings.folders = {
+    official = {
+      label = "Official";
+      path = "${home}/Documents/Official";
+      devices = [
+        "amalthea"
+        "ganymede"
+      ];
+    };
+  };
+}

hosts/eirene/users/nick/configs/gui/obsidian/default.nix

@@ -0,0 +1,22 @@
+{
+  user ? throw "user argument is required",
+  home ? throw "home argument is required",
+}:
+{ ... }:
+{
+  home-manager.users.${user} = {
+    programs.obsidian.vaults."Documents/Obsidian/master".enable = true;
+
+    services.syncthing.settings.folders.obsidian = {
+      label = "Obsidian";
+      path = "${home}/Documents/Obsidian";
+      devices = [
+        "amalthea"
+        "ganymede"
+      ];
+    };
+
+    home.file."Documents/Obsidian/.stignore".source =
+      ../../../../../../common/configs/user/gui/obsidian/config/.stignore;
+  };
+}

hosts/eirene/users/nick/default.nix

@@ -8,6 +8,7 @@ in
 {
   imports = [
     ../../../common/configs/user/options.nix
+
     (import ../../../common/configs/user/console/android { inherit user home; })
     (import ../../../common/configs/user/console/bashmount { inherit user home; })
     (import ../../../common/configs/user/console/bluetooth { inherit user home; })
@@ -40,6 +41,7 @@ in
     (import ../../../common/configs/user/console/xdg { inherit user home; })
     (import ../../../common/configs/user/console/yt-dlp { inherit user home; })
     (import ../../../common/configs/user/console/zsh { inherit user home; })
+
     (import ../../../common/configs/user/gui/astal { inherit user home; })
     (import ../../../common/configs/user/gui/bluetooth { inherit user home; })
     (import ../../../common/configs/user/gui/brightnessctl { inherit user home; })
@@ -71,6 +73,11 @@ in
     (import ../../../common/configs/user/gui/wev { inherit user home; })
     (import ../../../common/configs/user/gui/x11 { inherit user home; })
     (import ../../../common/configs/user/gui/xdg { inherit user home; })
+
+    (import ./configs/console/git { inherit user home; })
+    (import ./configs/console/syncthing { inherit user home; })
+
+    (import ./configs/gui/obsidian { inherit user home; })
   ];
 
   # echo "password" | mkpasswd -s
@@ -101,60 +108,16 @@ in
     };
 
     sops.secrets = {
-      "git/credentials" = {
+      "ssh/personal/key" = {
         sopsFile = ../../../../secrets/personal/secrets.yaml;
-        path = "${home}/.config/git/credentials";
+        path = "${home}/.ssh/ssh_personal_ed25519_key";
       };
-      "git/cookies" = {
+      "ssh/personal/pass".sopsFile = ../../../../secrets/personal/secrets.yaml;
-        sopsFile = ../../../../secrets/personal/secrets.yaml;
-        path = "${home}/.config/git/cookies";
-      };
-
-      "ssh/personal/git/key" = {
-        sopsFile = ../../../../secrets/personal/secrets.yaml;
-        path = "${home}/.ssh/ssh_git_personal_ed25519_key";
-      };
-      "ssh/personal/git/pass".sopsFile = ../../../../secrets/personal/secrets.yaml;
 
       "gpg/personal/key".sopsFile = ../../../../secrets/personal/secrets.yaml;
       "gpg/personal/pass".sopsFile = ../../../../secrets/personal/secrets.yaml;
     };
 
-    programs = {
-      ssh.matchBlocks = {
-        "github.com" = {
-          hostname = "github.com";
-          user = "git";
-          identityFile = "${home}/.ssh/ssh_git_personal_ed25519_key";
-          extraOptions.StrictHostKeyChecking = "no";
-        };
-      };
-
-      obsidian.vaults."Documents/Obsidian/master".enable = true;
-    };
-
     theme.wallpaper = ../../../../static/wallpapers/clouds.png;
-
-    services.syncthing.settings.folders = {
-      obsidian = {
-        label = "Obsidian";
-        path = "${home}/Documents/Obsidian";
-        devices = [
-          "amalthea"
-          "ganymede"
-        ];
-      };
-      official = {
-        label = "Official";
-        path = "${home}/Documents/Official";
-        devices = [
-          "amalthea"
-          "ganymede"
-        ];
-      };
-    };
-
-    home.file."Documents/Obsidian/.stignore".source =
-      ../../../common/configs/user/gui/obsidian/config/.stignore;
   };
 }

hosts/elara/configs/git/default.nix

@@ -0,0 +1,21 @@
+{ ... }:
+{
+  sops.secrets."ssh/sas/key" = {
+    sopsFile = ../../../../secrets/sas/secrets.yaml;
+    path = "/root/.ssh/ssh_sas_ed25519_key";
+  };
+
+  programs.ssh.extraConfig = ''
+    Host github.com
+      User git
+      HostName github.com
+      IdentityFile /root/.ssh/ssh_sas_ed25519_key
+      StrictHostKeyChecking no
+
+    Host gitlab.sas.com
+      User git
+      HostName gitlab.sas.com
+      IdentityFile /root/.ssh/ssh_sas_ed25519_key
+      StrictHostKeyChecking no
+  '';
+}

hosts/elara/default.nix

@@ -2,14 +2,15 @@
 {
   imports = [
     ../../lib
+
     inputs.disko.nixosModules.disko
     (import ./format.nix {
       device = "/dev/disk/by-id/ata-Samsung_SSD_990_EVO_1TB_S7GCNL0XA04998F";
     })
-    ./hardware.nix
+    ./hardware
     # elara runs on an external drive on eirene
-    ../eirene/hardware.nix
+    ../eirene/hardware
-    ../eirene/display.nix
+
     ../common/configs/system/bluetooth
     ../common/configs/system/boot
     ../common/configs/system/brightnessctl
@@ -47,36 +48,17 @@
     ../common/configs/system/users
     ../common/configs/system/wget
     ../common/configs/system/zsh
-    ./configs/system/globalprotect-remote-connect
+
+    ./configs/git
+    ./configs/globalprotect-remote-connect
+
     ./users/nikara
   ];
 
   networking.hostName = "elara";
   i18n.defaultLocale = "en_US.UTF-8";
 
-  sops = {
+  sops.defaultSopsFile = ./secrets/secrets.yaml;
-    defaultSopsFile = ./secrets/secrets.yaml;
-
-    # Required for building private SAS packages
-    secrets."ssh/sas/git/key" = {
-      sopsFile = ../../secrets/sas/secrets.yaml;
-      path = "/root/.ssh/ssh_git_sas_ed25519_key";
-    };
-  };
-
-  programs.ssh.extraConfig = ''
-    Host github.com
-      User git
-      HostName github.com
-      IdentityFile /root/.ssh/ssh_git_sas_ed25519_key
-      StrictHostKeyChecking no
-
-    Host gitlab.sas.com
-      User git
-      HostName gitlab.sas.com
-      IdentityFile /root/.ssh/ssh_git_sas_ed25519_key
-      StrictHostKeyChecking no
-  '';
 
   environment.impermanence.device =
     config.disko.devices.disk.usb.content.partitions.root.content.name;

hosts/elara/users/nikara/configs/console/git/default.nix

@@ -0,0 +1,45 @@
+{
+  user ? throw "user argument is required",
+  home ? throw "home argument is required",
+}:
+{ ... }:
+{
+  home-manager.users.${user} = {
+    sops.secrets = {
+      # Personal
+      "git/credentials" = {
+        sopsFile = ../../../../../../../secrets/personal/secrets.yaml;
+        path = "${home}/.config/git/credentials";
+      };
+      "git/cookies" = {
+        sopsFile = ../../../../../../../secrets/personal/secrets.yaml;
+        path = "${home}/.config/git/cookies";
+      };
+    };
+
+    programs.ssh.matchBlocks = {
+      # Personal
+      "github.com/karaolidis" = {
+        hostname = "github.com";
+        user = "git";
+        identityFile = "${home}/.ssh/ssh_personal_ed25519_key";
+        extraOptions.StrictHostKeyChecking = "no";
+      };
+
+      # SAS
+      "github.com" = {
+        hostname = "github.com";
+        user = "git";
+        identityFile = "${home}/.ssh/ssh_sas_ed25519_key";
+        extraOptions.StrictHostKeyChecking = "no";
+      };
+
+      "gitlab.sas.com" = {
+        hostname = "gitlab.sas.com";
+        user = "git";
+        identityFile = "${home}/.ssh/ssh_sas_ed25519_key";
+        extraOptions.StrictHostKeyChecking = "no";
+      };
+    };
+  };
+}

hosts/elara/users/nikara/configs/console/go/default.nix

@@ -0,0 +1,29 @@
+{
+  user ? throw "user argument is required",
+  home ? throw "home argument is required",
+}:
+{ pkgs, ... }:
+{
+  environment.persistence."/cache"."${home}/.local/share/go" = { };
+
+  home-manager.users.${user} = {
+    programs.go = {
+      enable = true;
+      goPath = "${home}/.local/share/go";
+    };
+
+    home = {
+      packages = with pkgs; [
+        gopls
+        go-tools
+        golangci-lint
+        golangci-lint-langserver
+      ];
+
+      sessionVariables = {
+        GOPROXY = "goproxy.unx.sas.com";
+        GONOSUMDB = "*.sas.com,sassoftware.io";
+      };
+    };
+  };
+}

hosts/elara/users/nikara/configs/console/java/default.nix

@@ -0,0 +1,27 @@
+{
+  user ? throw "user argument is required",
+  home ? throw "home argument is required",
+}:
+{ pkgs, ... }:
+{
+  environment.persistence."/cache"."${home}/.local/share/gradle" = { };
+
+  home-manager.users.${user} = {
+    programs = {
+      java = {
+        enable = true;
+        package = pkgs.jdk17;
+      };
+
+      gradle = {
+        enable = true;
+        home = "${home}/.local/share/gradle";
+      };
+    };
+
+    sops.secrets."artifactory" = {
+      sopsFile = ../../../../../../../secrets/sas/secrets.yaml;
+      path = "${home}/.local/share/gradle/gradle.properties";
+    };
+  };
+}

hosts/elara/users/nikara/configs/console/jsonify/default.nix

@@ -0,0 +1,8 @@
+{
+  user ? throw "user argument is required",
+  home ? throw "home argument is required",
+}:
+{ pkgs, ... }:
+{
+  home-manager.users.${user}.home.packages = [ (pkgs.callPackage ./package.nix { }) ];
+}

hosts/elara/users/nikara/configs/console/jsonify/package.nix

@@ -0,0 +1,22 @@
+{ pkgs, ... }:
+pkgs.buildGoModule rec {
+  pname = "jsonify";
+  version = "0.1.6";
+
+  src = fetchGit {
+    url = "git@github.com:sas-institute-rnd-internal/polaris-jsonify.git";
+    ref = "main";
+    rev = "7b8f8a0f0b3c1bbfb7f814c5a3dae5f696ca38e3";
+  };
+
+  preBuild = ''
+    rm -rf sage
+  '';
+
+  installPhase = ''
+    mkdir -p $out/bin
+    cp "$GOPATH/bin/polaris-jsonify" $out/bin/jsonify
+  '';
+
+  vendorHash = "sha256-sJ3Jc7ZC+1s3m5nH6WtXsGVZfLEW7CZAcNtstUpc9M4=";
+}

hosts/elara/users/nikara/configs/console/klog/default.nix

@@ -0,0 +1,8 @@
+{
+  user ? throw "user argument is required",
+  home ? throw "home argument is required",
+}:
+{ pkgs, ... }:
+{
+  home-manager.users.${user}.home.packages = [ (pkgs.callPackage ./package.nix { }) ];
+}

hosts/elara/users/nikara/configs/console/klog/package.nix

@@ -0,0 +1,13 @@
+{ pkgs, ... }:
+pkgs.buildGoModule rec {
+  pname = "klog";
+  version = "0.6.2";
+
+  src = fetchGit {
+    url = "git@gitlab.sas.com:convoy/devops/klog.git";
+    ref = "master";
+    rev = "17629fe278dd23e12bd6f17ee9db0d2fde37bc6c";
+  };
+
+  vendorHash = "";
+}

hosts/elara/users/nikara/configs/console/kubernetes/default.nix

@@ -0,0 +1,23 @@
+{
+  user ? throw "user argument is required",
+  home ? throw "home argument is required",
+}:
+{ ... }:
+{
+  home-manager.users.${user} = {
+    sops.secrets = {
+      "kubeconfig/d90270" = {
+        sopsFile = ../../../../../../../secrets/sas/secrets.yaml;
+        path = "${home}/.kube/d90270";
+      };
+      "kubeconfig/d90271" = {
+        sopsFile = ../../../../../../../secrets/sas/secrets.yaml;
+        path = "${home}/.kube/d90271";
+      };
+      "kubeconfig/d90272" = {
+        sopsFile = ../../../../../../../secrets/sas/secrets.yaml;
+        path = "${home}/.kube/d90272";
+      };
+    };
+  };
+}

hosts/elara/users/nikara/configs/gui/obsidian/default.nix

@@ -0,0 +1,8 @@
+{
+  user ? throw "user argument is required",
+  home ? throw "home argument is required",
+}:
+{ ... }:
+{
+  home-manager.users.${user}.programs.obsidian.vaults."Documents/Obsidian/master".enable = true;
+}

hosts/elara/users/nikara/default.nix

@@ -37,6 +37,7 @@ in
     (import ../../../common/configs/user/console/wget { inherit user home; })
     (import ../../../common/configs/user/console/xdg { inherit user home; })
     (import ../../../common/configs/user/console/zsh { inherit user home; })
+
     (import ../../../common/configs/user/gui/astal { inherit user home; })
     (import ../../../common/configs/user/gui/bluetooth { inherit user home; })
     (import ../../../common/configs/user/gui/brightnessctl { inherit user home; })
@@ -66,9 +67,17 @@ in
     (import ../../../common/configs/user/gui/x11 { inherit user home; })
     (import ../../../common/configs/user/gui/xdg { inherit user home; })
 
+    (import ./configs/console/git { inherit user home; })
+    (import ./configs/console/go { inherit user home; })
+    (import ./configs/console/java { inherit user home; })
+    (import ./configs/console/kubernetes { inherit user home; })
+
+    (import ./configs/gui/obsidian { inherit user home; })
+
     # Warning: the following imports use private SAS repositories.
     # You must build the system once with these imports commented out,
     # then uncomment them and rebuild the system once keys are provisioned.
+    (import ./configs/console/jsonify { inherit user home; })
   ];
 
   # echo "password" | mkpasswd -s
@@ -100,80 +109,24 @@ in
 
     sops.secrets = {
       # Personal
-      "git/credentials" = {
+      "ssh/personal/key" = {
         sopsFile = ../../../../secrets/personal/secrets.yaml;
-        path = "${home}/.config/git/credentials";
+        path = "${home}/.ssh/ssh_personal_ed25519_key";
       };
-      "git/cookies" = {
+      "ssh/personal/pass".sopsFile = ../../../../secrets/personal/secrets.yaml;
-        sopsFile = ../../../../secrets/personal/secrets.yaml;
-        path = "${home}/.config/git/cookies";
-      };
-
-      "ssh/personal/git/key" = {
-        sopsFile = ../../../../secrets/personal/secrets.yaml;
-        path = "${home}/.ssh/ssh_git_personal_ed25519_key";
-      };
-      "ssh/personal/git/pass".sopsFile = ../../../../secrets/personal/secrets.yaml;
 
       "gpg/personal/key".sopsFile = ../../../../secrets/personal/secrets.yaml;
       "gpg/personal/pass".sopsFile = ../../../../secrets/personal/secrets.yaml;
 
       # SAS
-      "ssh/sas/git/key" = {
+      "ssh/sas/key" = {
         sopsFile = ../../../../secrets/sas/secrets.yaml;
-        path = "${home}/.ssh/ssh_git_sas_ed25519_key";
+        path = "${home}/.ssh/ssh_sas_ed25519_key";
       };
-      "ssh/sas/git/pass".sopsFile = ../../../../secrets/sas/secrets.yaml;
+      "ssh/sas/pass".sopsFile = ../../../../secrets/sas/secrets.yaml;
 
       "gpg/sas/key".sopsFile = ../../../../secrets/sas/secrets.yaml;
       "gpg/sas/pass".sopsFile = ../../../../secrets/sas/secrets.yaml;
-
-      "kubeconfig/d90270" = {
-        sopsFile = ../../../../secrets/sas/secrets.yaml;
-        path = "${home}/.kube/d90270";
-      };
-      "kubeconfig/d90271" = {
-        sopsFile = ../../../../secrets/sas/secrets.yaml;
-        path = "${home}/.kube/d90271";
-      };
-      "kubeconfig/d90272" = {
-        sopsFile = ../../../../secrets/sas/secrets.yaml;
-        path = "${home}/.kube/d90272";
-      };
-
-      "artifactory" = {
-        sopsFile = ../../../../secrets/sas/secrets.yaml;
-        path = "${home}/.gradle/gradle.properties";
-      };
-    };
-
-    programs = {
-      ssh.matchBlocks = {
-        # Personal
-        "github.com/karaolidis" = {
-          hostname = "github.com";
-          user = "git";
-          identityFile = "${home}/.ssh/ssh_git_personal_ed25519_key";
-          extraOptions.StrictHostKeyChecking = "no";
-        };
-
-        # SAS
-        "github.com" = {
-          hostname = "github.com";
-          user = "git";
-          identityFile = "${home}/.ssh/ssh_git_sas_ed25519_key";
-          extraOptions.StrictHostKeyChecking = "no";
-        };
-
-        "gitlab.sas.com" = {
-          hostname = "gitlab.sas.com";
-          user = "git";
-          identityFile = "${home}/.ssh/ssh_git_sas_ed25519_key";
-          extraOptions.StrictHostKeyChecking = "no";
-        };
-      };
-
-      obsidian.vaults."Documents/Obsidian/master".enable = true;
     };
 
     theme.wallpaper = ../../../../static/wallpapers/snow.jpg;

hosts/installer/default.nix

@@ -2,11 +2,13 @@
 {
   imports = [
     ../../lib
+
     inputs.disko.nixosModules.disko
     (import ./format.nix {
       device = "/dev/disk/by-id/usb-SanDisk_Ultra_Trek_050133f0afb69de86a475ee8d2ad97e4916cce11764cffba9ab262d42a7d0d2f66460000000000000000000039b7a3b8ff990a109f5581078ea6e86a-0:0";
     })
-    ./hardware.nix
+    ./hardware
+
     ../common/configs/system/boot
     ../common/configs/system/btop
     ../common/configs/system/btrfs
@@ -34,6 +36,7 @@
     ../common/configs/system/users
     ../common/configs/system/wget
     ../common/configs/system/zsh
+
     ./users/nick
   ];
 

hosts/installer/users/nick/configs/console/git/default.nix

@@ -0,0 +1,28 @@
+{
+  user ? throw "user argument is required",
+  home ? throw "home argument is required",
+}:
+{ ... }:
+{
+  home-manager.users.${user} = {
+    sops.secrets = {
+      "git/credentials" = {
+        sopsFile = ../../../../../../../secrets/personal/secrets.yaml;
+        path = "${home}/.config/git/credentials";
+      };
+      "git/cookies" = {
+        sopsFile = ../../../../../../../secrets/personal/secrets.yaml;
+        path = "${home}/.config/git/cookies";
+      };
+    };
+
+    programs.ssh.matchBlocks = {
+      "github.com" = {
+        hostname = "github.com";
+        user = "git";
+        identityFile = "${home}/.ssh/ssh_personal_ed25519_key";
+        extraOptions.StrictHostKeyChecking = "no";
+      };
+    };
+  };
+}

hosts/installer/users/nick/default.nix

@@ -8,6 +8,7 @@ in
 {
   imports = [
     ../../../common/configs/user/options.nix
+
     (import ../../../common/configs/user/console/bashmount { inherit user home; })
     (import ../../../common/configs/user/console/btop { inherit user home; })
     (import ../../../common/configs/user/console/fastfetch { inherit user home; })
@@ -27,6 +28,8 @@ in
     (import ../../../common/configs/user/console/wget { inherit user home; })
     (import ../../../common/configs/user/console/xdg { inherit user home; })
     (import ../../../common/configs/user/console/zsh { inherit user home; })
+
+    (import ./configs/console/git { inherit user home; })
   ];
 
   # echo "password" | mkpasswd -s
@@ -57,32 +60,14 @@ in
     };
 
     sops.secrets = {
-      "git/credentials" = {
+      "ssh/personal/key" = {
         sopsFile = ../../../../secrets/personal/secrets.yaml;
-        path = "${home}/.config/git/credentials";
+        path = "${home}/.ssh/ssh_personal_ed25519_key";
       };
-      "git/cookies" = {
+      "ssh/personal/pass".sopsFile = ../../../../secrets/personal/secrets.yaml;
-        sopsFile = ../../../../secrets/personal/secrets.yaml;
-        path = "${home}/.config/git/cookies";
-      };
-
-      "ssh/personal/git/key" = {
-        sopsFile = ../../../../secrets/personal/secrets.yaml;
-        path = "${home}/.ssh/ssh_git_personal_ed25519_key";
-      };
-      "ssh/personal/git/pass".sopsFile = ../../../../secrets/personal/secrets.yaml;
 
       "gpg/personal/key".sopsFile = ../../../../secrets/personal/secrets.yaml;
       "gpg/personal/pass".sopsFile = ../../../../secrets/personal/secrets.yaml;
     };
-
-    programs.ssh.matchBlocks = {
-      "github.com" = {
-        hostname = "github.com";
-        user = "git";
-        identityFile = "${home}/.ssh/ssh_git_personal_ed25519_key";
-        extraOptions.StrictHostKeyChecking = "no";
-      };
-    };
   };
 }