ambroisie/nix-config
ambroisie/nix-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Compare commits

base: ambroisie:3a471433ed2005c2ebc61b84c9c441d68eac2c37
Branches Tags
ambroisie:main
ambroisie:add-impermanence
ambroisie:add-nixgl
ambroisie:add-typos-hook
ambroisie:add-bazel-template
ambroisie:nvim-lua-lsp
ambroisie:xdg-nix
ambroisie:export-nixos-homes
ambroisie:add-matrix-bridges
..
compare: ambroisie:e6ba569b368c3f195a0d0198808bf4c043f7bb07
Branches Tags
ambroisie:main
ambroisie:add-impermanence
ambroisie:add-nixgl
ambroisie:add-typos-hook
ambroisie:add-bazel-template
ambroisie:nvim-lua-lsp
ambroisie:xdg-nix
ambroisie:export-nixos-homes
ambroisie:add-matrix-bridges

No commits in common. "3a471433ed2005c2ebc61b84c9c441d68eac2c37" and "e6ba569b368c3f195a0d0198808bf4c043f7bb07" have entirely different histories.
3a471433ed ... e6ba569b36

4 changed files with 16 additions and 30 deletions
Show stats Expand all files Collapse all files

8
flake.nix
View file

@ -135,13 +135,7 @@
inherit (self.checks.${system}.pre-commit) shellHook; inherit (self.checks.${system}.pre-commit) shellHook;
}; };
packages = packages = import ./pkgs { inherit pkgs; };
let
packages = import ./pkgs { inherit pkgs; };
isSystem = pkg: builtins.elem system pkg.meta.platforms;
finalPackages = lib.flip lib.filterAttrs packages (_: isSystem);
in
finalPackages;
}) // { }) // {
overlay = self.overlays.pkgs; overlay = self.overlays.pkgs;

16
home/secrets/default.nix
View file

@ -2,17 +2,13 @@
with lib; with lib;
let let
throwOnCanary = canaryHash = builtins.hashFile "sha256" ./canary;
let expectedHash =
canaryHash = builtins.hashFile "sha256" ./canary; "9df8c065663197b5a1095122d48e140d3677d860343256abd5ab6e4fb4c696ab";
expectedHash =
"9df8c065663197b5a1095122d48e140d3677d860343256abd5ab6e4fb4c696ab";
in
if canaryHash != expectedHash
then throw "Secrets are not readable. Have you run `git-crypt unlock`?"
else id;
in in
throwOnCanary { if canaryHash != expectedHash then
abort "Secrets are not readable. Have you run `git-crypt unlock`?"
else {
options.my.secrets = mkOption { options.my.secrets = mkOption {
type = types.attrs; type = types.attrs;
}; };

2
pkgs/bw-pass/default.nix
View file

@ -39,7 +39,7 @@ stdenvNoCC.mkDerivation rec {
description = "A simple script to query a password from bitwarden"; description = "A simple script to query a password from bitwarden";
homepage = "https://gitea.belanyi.fr/ambroisie/nix-config"; homepage = "https://gitea.belanyi.fr/ambroisie/nix-config";
license = with licenses; [ mit ]; license = with licenses; [ mit ];
platforms = platforms.linux; platforms = platforms.unix;
maintainers = with maintainers; [ ambroisie ]; maintainers = with maintainers; [ ambroisie ];
}; };
} }

20
secrets/default.nix
View file

@ -1,18 +1,14 @@
{ lib, ... }: { lib, pkgs, ... }:
with lib; with lib;
let let
throwOnCanary = canaryHash = builtins.hashFile "sha256" ./canary;
let expectedHash =
canaryHash = builtins.hashFile "sha256" ./canary; "9df8c065663197b5a1095122d48e140d3677d860343256abd5ab6e4fb4c696ab";
expectedHash =
"9df8c065663197b5a1095122d48e140d3677d860343256abd5ab6e4fb4c696ab";
in
if canaryHash != expectedHash
then throw "Secrets are not readable. Have you run `git-crypt unlock`?"
else id;
in in
throwOnCanary { if canaryHash != expectedHash then
abort "Secrets are not readable. Have you run `git-crypt unlock`?"
else {
options.my.secrets = mkOption { options.my.secrets = mkOption {
type = types.attrs; type = types.attrs;
}; };
@ -54,6 +50,6 @@ throwOnCanary {
root.hashedPassword = fileContents ./users/root/password.txt; root.hashedPassword = fileContents ./users/root/password.txt;
}; };
wireguard = import ./wireguard { inherit lib; }; wireguard = pkgs.callPackage ./wireguard { };
}; };
} }