From e00ec679fb742fd27a80e804ed144fa8dc158dbe Mon Sep 17 00:00:00 2001 From: Andrew Kvalheim Date: Wed, 17 May 2023 18:45:47 -0700 Subject: [PATCH] Extract identity component --- common/components/git.user.nix | 9 ++++++--- common/components/keyboard.system.nix | 5 ++++- common/components/networking.system.nix | 4 +++- common/components/openpgp.user.nix | 5 ++++- common/components/printer.system.nix | 5 ++++- common/components/scanner.system.nix | 5 ++++- common/components/users.system.nix | 15 +++++++++------ common/components/virtualization.system.nix | 5 ++++- common/resources/identity.nix | 10 ++++++++++ common/system.nix | 4 ++-- common/user.nix | 9 ++++++--- hosts/main/system.nix | 5 ++++- packages/attachments.nix | 2 +- packages/email-hash.nix | 2 +- packages/resources/add-words | 2 +- packages/resources/organize-downloads | 6 +++--- 16 files changed, 66 insertions(+), 27 deletions(-) create mode 100644 common/resources/identity.nix diff --git a/common/components/git.user.nix b/common/components/git.user.nix index 68d9e5f..fd38f5c 100644 --- a/common/components/git.user.nix +++ b/common/components/git.user.nix @@ -1,5 +1,8 @@ { lib, pkgs, ... }: +let + identity = import ../resources/identity.nix; +in { home.packages = with pkgs; [ delta @@ -11,9 +14,9 @@ programs.git = { enable = true; - userName = "Andrew Kvalheim"; - userEmail = "Andrew@Kvalhe.im"; - signing.key = "0x9254D45940949194"; + userName = identity.name.long; + userEmail = identity.email; + signing.key = identity.openpgp.id; aliases = { diff-image = "!f() { cd -- \"\${GIT_PREFIX:-.}\"; GIT_DIFF_IMAGE_ENABLED=1 git diff \"$@\"; }; f"; diff --git a/common/components/keyboard.system.nix b/common/components/keyboard.system.nix index 2257b41..f245d68 100644 --- a/common/components/keyboard.system.nix +++ b/common/components/keyboard.system.nix @@ -1,5 +1,8 @@ { config, ... }: +let + identity = import ../resources/identity.nix; +in { imports = [ ../../packages/kmonad.nix @@ -26,5 +29,5 @@ services.ydotoold.enable = true; # Permissions - users.users.ak.extraGroups = [ "ydotool" ]; + users.users.${identity.username}.extraGroups = [ "ydotool" ]; } diff --git a/common/components/networking.system.nix b/common/components/networking.system.nix index 23579a8..3cb8559 100644 --- a/common/components/networking.system.nix +++ b/common/components/networking.system.nix @@ -2,6 +2,8 @@ let inherit (config) host; + + identity = import ../resources/identity.nix; in { options.host = { @@ -52,6 +54,6 @@ in system.activationScripts.etcAvahiServices = "mkdir -p /etc/avahi/services"; # Permissions - users.users.ak.extraGroups = [ "networkmanager" ]; + users.users.${identity.username}.extraGroups = [ "networkmanager" ]; }; } diff --git a/common/components/openpgp.user.nix b/common/components/openpgp.user.nix index e54247b..ee03df9 100644 --- a/common/components/openpgp.user.nix +++ b/common/components/openpgp.user.nix @@ -1,5 +1,8 @@ { config, pkgs, ... }: +let + identity = import ../resources/identity.nix; +in { home.packages = with pkgs; [ yubikey-touch-detector-icon @@ -19,7 +22,7 @@ programs.gpg = { enable = true; settings = { - default-key = "0x9254D45940949194"; + default-key = identity.openpgp.id; keyid-format = "0xlong"; no-greeting = true; no-symkey-cache = true; diff --git a/common/components/printer.system.nix b/common/components/printer.system.nix index ee8bf0e..5c3e1da 100644 --- a/common/components/printer.system.nix +++ b/common/components/printer.system.nix @@ -1,5 +1,8 @@ { pkgs, ... }: +let + identity = import ../resources/identity.nix; +in { allowedUnfree = [ "brgenml1lpr" ]; @@ -16,5 +19,5 @@ }; # Permissions - users.users.ak.extraGroups = [ "lp" ]; + users.users.${identity.username}.extraGroups = [ "lp" ]; } diff --git a/common/components/scanner.system.nix b/common/components/scanner.system.nix index 2be764a..c46feba 100644 --- a/common/components/scanner.system.nix +++ b/common/components/scanner.system.nix @@ -1,3 +1,6 @@ +let + identity = import ../resources/identity.nix; +in { imports = [ ]; @@ -10,5 +13,5 @@ }; # Permissions - users.users.ak.extraGroups = [ "scanner" ]; + users.users.${identity.username}.extraGroups = [ "scanner" ]; } diff --git a/common/components/users.system.nix b/common/components/users.system.nix index 3aa5eea..4929b75 100644 --- a/common/components/users.system.nix +++ b/common/components/users.system.nix @@ -1,17 +1,20 @@ { pkgs, ... }: +let + identity = import ../resources/identity.nix; +in { users.mutableUsers = false; - users.groups.ak.gid = 1000; - users.users.ak = { + users.groups.${identity.username}.gid = 1000; + users.users.${identity.username} = { isNormalUser = true; uid = 1000; - group = "ak"; + group = identity.username; extraGroups = [ "wheel" ]; - description = "Andrew"; - hashedPassword = builtins.readFile ../local/resources/ak.passwd; + description = identity.name.short; + hashedPassword = builtins.readFile ../local/resources/${identity.username}.passwd; shell = pkgs.zsh; - openssh.authorizedKeys.keys = [ (builtins.readFile ../resources/andrew.pub) ]; + openssh.authorizedKeys.keys = [ identity.ssh ]; }; } diff --git a/common/components/virtualization.system.nix b/common/components/virtualization.system.nix index 70cf02a..52ee197 100644 --- a/common/components/virtualization.system.nix +++ b/common/components/virtualization.system.nix @@ -1,3 +1,6 @@ +let + identity = import ../resources/identity.nix; +in { # Containers virtualisation.containers.registries.search = [ "docker.io" ]; @@ -8,5 +11,5 @@ virtualisation.libvirtd.enable = true; # Permissions - users.users.ak.extraGroups = [ "docker" "libvirtd" "podman" ]; + users.users.${identity.username}.extraGroups = [ "docker" "libvirtd" "podman" ]; } diff --git a/common/resources/identity.nix b/common/resources/identity.nix new file mode 100644 index 0000000..3f86c88 --- /dev/null +++ b/common/resources/identity.nix @@ -0,0 +1,10 @@ +{ + name.long = "Andrew Kvalheim"; + name.short = "Andrew"; + username = "ak"; + email = "andrew@kvalhe.im"; + openpgp.id = "0x9254D45940949194"; + openpgp.asc = ./andrew.asc; + ssh = builtins.readFile ./andrew.pub; + image = ./andrew.jpg; +} diff --git a/common/system.nix b/common/system.nix index f4720d2..03c1059 100644 --- a/common/system.nix +++ b/common/system.nix @@ -3,7 +3,7 @@ let inherit (config) host; - # Resources + identity = import ./resources/identity.nix; palette = import ./resources/palette.nix; in { @@ -44,7 +44,7 @@ in allowDiscards = true; fallbackToPassword = true; gpgCard.encryptedPass = ./local/resources/luks-passphrase.gpg; - gpgCard.publicKey = ./resources/andrew.asc; + gpgCard.publicKey = identity.openpgp.asc; }; }; fileSystems."/".options = [ "compress=zstd:2" "discard=async" "noatime" ]; diff --git a/common/user.nix b/common/user.nix index 0550961..2e1791e 100644 --- a/common/user.nix +++ b/common/user.nix @@ -1,5 +1,8 @@ { config, lib, ... }: +let + identity = import ./resources/identity.nix; +in { # Workaround for nix-community/home-manager#2333 disabledModules = [ "config/i18n.nix" ]; @@ -32,8 +35,8 @@ manual.html.enable = true; # User - home.username = "ak"; - home.homeDirectory = "/home/ak"; - home.file.".face".source = ./resources/andrew.jpg; + home.username = identity.username; + home.homeDirectory = "/home/${identity.username}"; + home.file.".face".source = identity.image; }; } diff --git a/hosts/main/system.nix b/hosts/main/system.nix index 14b150b..9e4aab5 100644 --- a/hosts/main/system.nix +++ b/hosts/main/system.nix @@ -1,5 +1,8 @@ { lib, pkgs, ... }: +let + identity = import ../../common/resources/identity.nix; +in { imports = [ ../../common/system.nix @@ -82,7 +85,7 @@ # Wireshark programs.wireshark.enable = true; - users.users.ak.extraGroups = [ "usbmux" "wireshark" ]; + users.users.${identity.username}.extraGroups = [ "usbmux" "wireshark" ]; # UniFi Network application allowedUnfree = [ "unifi-controller" ]; diff --git a/packages/attachments.nix b/packages/attachments.nix index 37a2006..9ca08a1 100644 --- a/packages/attachments.nix +++ b/packages/attachments.nix @@ -1,5 +1,5 @@ { yarn2nix-moretea }: (yarn2nix-moretea.mkYarnWorkspace { - src = /home/ak/akorg/project/current/andrew.kvalhe.im/andrew.kvalhe.im; + src = ~/akorg/project/current/andrew.kvalhe.im/andrew.kvalhe.im; }).attachments diff --git a/packages/email-hash.nix b/packages/email-hash.nix index 18c7d76..bce0446 100644 --- a/packages/email-hash.nix +++ b/packages/email-hash.nix @@ -9,7 +9,7 @@ rustPlatform.buildRustPackage rec { version = "0.2.2"; src = fetchGit { - url = "/home/ak/akorg/project/current/email-hash/email-hash"; + url = ~/akorg/project/current/email-hash/email-hash; ref = "v${version}"; }; diff --git a/packages/resources/add-words b/packages/resources/add-words index c1a6744..557b9f0 100644 --- a/packages/resources/add-words +++ b/packages/resources/add-words @@ -1,7 +1,7 @@ #!/usr/bin/env bash set -Eeuo pipefail -cd '/home/ak/src/configuration' +cd "$HOME/src/configuration" message='Update spell check word list' txt='common/resources/words.txt' diff --git a/packages/resources/organize-downloads b/packages/resources/organize-downloads index 6295ed9..ad22023 100644 --- a/packages/resources/organize-downloads +++ b/packages/resources/organize-downloads @@ -2,10 +2,10 @@ set -Eeuo pipefail shopt -s nullglob -intermediate_dir='/home/ak/screenshots/.unoptimized' -screenshots_dir='/home/ak/screenshots' +intermediate_dir="$HOME/screenshots/.unoptimized" +screenshots_dir="$HOME/screenshots" -for source in /home/ak/Downloads/Screen{s,\ S}hot\ *.png; do +for source in ~/Downloads/Screen{s,\ S}hot\ *.png; do while (( $(date +%s) - $(date '+%s' --reference "$source") <= 1 )); do echo "Waiting for file to settle: $source" sleep 1s