{ user ? throw "user argument is required", home ? throw "home argument is required", }: { config, lib, pkgs, ... }: { nixpkgs.overlays = [ (final: prev: { k9s = prev.k9s.overrideAttrs (oldAttrs: { patches = oldAttrs.patches or [ ] ++ [ ./remove-splash.patch ]; }); }) ]; environment.persistence = { "/persist"."${home}/.kube" = { }; "/cache"."${home}/.kube/cache" = { }; }; users.users.${user}.extraGroups = [ "kubernetes" ]; sops.secrets = { "kubernetes/accounts/${user}/crt" = { key = "kubernetes/accounts/users/crt"; group = "users"; mode = "0440"; }; "kubernetes/accounts/${user}/key" = { key = "kubernetes/accounts/users/key"; group = "users"; mode = "0440"; }; }; home-manager.users.${user} = { home = { packages = with pkgs; [ kubectl kustomize kubernetes-helm kompose ]; file.".kube/local".source = config.services.kubernetes.lib.mkKubeConfig user { caFile = config.sops.secrets."kubernetes/ca/crt".path; certFile = config.sops.secrets."kubernetes/accounts/${user}/crt".path; keyFile = config.sops.secrets."kubernetes/accounts/${user}/key".path; server = config.services.kubernetes.apiserverAddress; }; }; programs = { k9s = { enable = true; settings.k9s = { skipLatestRevCheck = true; liveViewAutoRefresh = true; refreshRate = 1; ui = { skin = "matugen"; logoless = true; reactive = true; }; }; }; zsh = { initExtra = '' kubeswitch() { local target="$HOME/.kube/$1" local config="$HOME/.kube/config" if [[ -f "$target" && "$target" != "$config" ]]; then ln -sf "$target" "$config" echo "Switched kube context to $1" p10k reload else echo "Invalid kube context: $1" echo "Ensure the file exists in ~/.kube" fi } _kubeswitch_completion() { local dir="$HOME/.kube" local config="$dir/config" compadd -- ''${(f)"$(find "$dir" -maxdepth 1 \( -type f -o -type l \) -not -name 'config' -exec basename {} \;)"} } compdef _kubeswitch_completion kubeswitch ''; p10k.extraRightPromptElements = [ "kubecontext" ]; }; }; theme.template."${home}/.config/k9s/skins/matugen.yaml".source = ./theme.yaml; }; }