diff --git a/maskiner/core/configuration.nix b/maskiner/core/configuration.nix index 6b35beb..d3a2376 100644 --- a/maskiner/core/configuration.nix +++ b/maskiner/core/configuration.nix @@ -54,7 +54,18 @@ in sops.defaultSopsFile = ../../secrets/sops.yaml; sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; sops.secrets.build-service = { }; + sops.secrets.fredrik-wastring = { }; sops.secrets.fw-qemu = { }; + sops.secrets.github_token = { + owner = "fw"; + group = "users"; + mode = "0400"; + }; + sops.secrets.grafana_token = { + owner = "fw"; + group = "users"; + mode = "0400"; + }; environment.systemPackages = [ pkgs.cifs-utils ]; @@ -100,6 +111,34 @@ in ]; }; + fileSystems."/mnt/hyperv2/C" = { + device = "//192.168.0.48/C$"; + fsType = "cifs"; + options = + let + automount_opts = + "x-systemd.automount,noauto,x-systemd.idle-timeout=60," + + "x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s"; + in + [ + "${automount_opts},credentials=${toString config.sops.secrets.fredrik-wastring.path},vers=3.0" + ]; + }; + + fileSystems."/mnt/hyperv1/C" = { + device = "//192.168.0.143/C$"; + fsType = "cifs"; + options = + let + automount_opts = + "x-systemd.automount,noauto,x-systemd.idle-timeout=60," + + "x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s"; + in + [ + "${automount_opts},credentials=${toString config.sops.secrets.fredrik-wastring.path},vers=3.0" + ]; + }; + fileSystems."/mnt/fw-qemu/C" = { device = "//10.0.2.4/qemu/C$"; fsType = "cifs"; diff --git a/moduler/dev.nix b/moduler/dev.nix index f79534b..2eb48df 100644 --- a/moduler/dev.nix +++ b/moduler/dev.nix @@ -15,6 +15,7 @@ in awscli minio-client opentofu + python3 (azPkgs.azure-cli.withExtensions ( with azPkgs.azure-cli.extensions; [ diff --git a/moduler/fish.nix b/moduler/fish.nix index e898153..fd212a1 100644 --- a/moduler/fish.nix +++ b/moduler/fish.nix @@ -1,4 +1,9 @@ -{ pkgs, lib, config, ... }: +{ + pkgs, + lib, + config, + ... +}: let inherit (lib) concatStringsSep mkOption types; @@ -95,20 +100,30 @@ in interactiveShellInit = let fzfOpts = catppuccinFzfOptions.${config.fish.theme}; - in '' - fish_vi_key_bindings - set fish_greeting - set FLAKE_DIR "/home/fw/nix" - set JIRA_API_TOKEN ATATT3xFfGF0_fkpGB1ne-QOSJzFVG0yH31j2CRtdNqbePCyEm9enpnA2uA3go75_GQwZPFX_IO9tf10ALJWvDLjsuHl8MSOUkNd703Vqr4uuGLAbHY73Z_b9fDJVrfodTrGAN9sZ5Sp75opCVkXB7MVXSAIvlWimRdwe-tqDPH4vhwY9Hqcs6M=0510D6CD - set -Ux FZF_CTRL_R_OPTS "--reverse" - set -Ux FZF_TMUX_OPTS "-p" - set -e GOROOT - set -x -U GOPATH $HOME/.go - gh completion -s fish > ~/.config/fish/completions/gh.fish - set -gx PATH $PATH $HOME/scripts - set -gx PATH $PATH $HOME/.krew/bin + in + '' + fish_vi_key_bindings + set fish_greeting + set FLAKE_DIR "/home/fw/nix" + set JIRA_API_TOKEN ATATT3xFfGF0_fkpGB1ne-QOSJzFVG0yH31j2CRtdNqbePCyEm9enpnA2uA3go75_GQwZPFX_IO9tf10ALJWvDLjsuHl8MSOUkNd703Vqr4uuGLAbHY73Z_b9fDJVrfodTrGAN9sZ5Sp75opCVkXB7MVXSAIvlWimRdwe-tqDPH4vhwY9Hqcs6M=0510D6CD + set -gx GITHUB_PERSONAL_ACCESS_TOKEN (cat /run/secrets/github_token) + set -gx GITHUB_HOST "https://github.com" + set -gx GRAFANA_SERVICE_ACCOUNT_TOKEN (cat /run/secrets/grafana_token) + set -gx GRAFANA_URL "https://monitoring.internalifacts.se" + set -Ux FZF_CTRL_R_OPTS "--reverse" + set -Ux FZF_TMUX_OPTS "-p" + set -e GOROOT + set -x -U GOPATH $HOME/.go + gh completion -s fish > ~/.config/fish/completions/gh.fish + set -gx PATH $PATH $HOME/scripts + set -gx PATH $PATH $HOME/.krew/bin - set -Ux FZF_DEFAULT_OPTS "${fzfOpts}" + if not set -q SSH_AUTH_SOCK + eval (ssh-agent -c) + ssh-add ~/.ssh/id_ed25519 >/dev/null 2>&1 + end + + set -Ux FZF_DEFAULT_OPTS "${fzfOpts}" ''; }; }; diff --git a/moduler/oh-my-posh.nix b/moduler/oh-my-posh.nix index 3175e0c..ac979a1 100644 --- a/moduler/oh-my-posh.nix +++ b/moduler/oh-my-posh.nix @@ -1,4 +1,9 @@ -{ pkgs, lib, config, ... }: +{ + pkgs, + lib, + config, + ... +}: let palettes = { latte = { @@ -73,10 +78,41 @@ with lib; "fetch_status" = false; "fetch_upstream_icon" = false; }; - "template" = "{{ .HEAD }} "; + "template" = "{{ .HEAD }}"; "style" = "plain"; "type" = "git"; } + { + "type" = "terraform"; + "style" = "plain"; + "foreground" = "p:peach"; + "properties" = { + "command" = "tofu"; + }; + "template" = "  {{.WorkspaceName}}"; + } + { + "type" = "kubectl"; + "style" = "plain"; + "foreground" = "p:lavender"; + "template" = " 󱃾 {{.Context}}{{if .Namespace}} :: {{.Namespace}}{{end}}"; + "options" = { + "context_aliases" = { + "prd-mmo" = "prd-mmo"; + "test-mmo" = "test-mmo"; + }; + "cluster_aliases" = { + "prd-mmo" = "prd-mmo"; + "test-mmo" = "test-mmo"; + }; + }; + } + # { + # "type" = "argocd"; + # "style" = "plain"; + # "foreground" = "p:blue"; + # "template" = "  {{ .Server }}"; + # } { "style" = "plain"; "foreground" = "p:closer"; @@ -85,7 +121,7 @@ with lib; { "foreground" = "p:mauve"; "style" = "plain"; - "template" = "{{ .UserName }}@"; + "template" = " {{ .UserName }}@"; "type" = "session"; } { diff --git a/moduler/programs.nix b/moduler/programs.nix index e2c28b7..4b306cc 100644 --- a/moduler/programs.nix +++ b/moduler/programs.nix @@ -75,6 +75,9 @@ quickemu virt-viewer go-passbolt-cli + wf-recorder + slurp + dbeaver-bin ( diff --git a/moduler/programs/hyprland/default.nix b/moduler/programs/hyprland/default.nix index 963465f..1319d1b 100644 --- a/moduler/programs/hyprland/default.nix +++ b/moduler/programs/hyprland/default.nix @@ -294,6 +294,11 @@ with lib; "$mod SHIFT, s, exec, ${pkgs.grim}/bin/grim -g \"$(${pkgs.slurp}/bin/slurp)\" - | ${pkgs.wl-clipboard}/bin/wl-copy -t image/png" "$mod SHIFT, c, exec, ${pkgs.grim}/bin/grim -g \"$(${pkgs.slurp}/bin/slurp)\" \"$HOME/$(date +screenshot-%Y%m%d-%H%M%S.png)\"" + # GIFs + "$mod SHIFT, g, exec, ${pkgs.bash}/bin/bash -lc 'ts=$(date +recording-%Y%m%d-%H%M%S); dir=\"$HOME/misc/clips\"; mp4=\"$dir/$ts.mp4\"; gif=\"$dir/$ts.gif\"; mkdir -p \"$dir\"; ${pkgs.wf-recorder}/bin/wf-recorder -g \"$(${pkgs.slurp}/bin/slurp)\" -f \"$mp4\" && ${pkgs.ffmpeg}/bin/ffmpeg -i \"$mp4\" -vf \"fps=20,scale=1200:-1:flags=lanczos,palettegen\" -y /tmp/palette.png && ${pkgs.ffmpeg}/bin/ffmpeg -i \"$mp4\" -i /tmp/palette.png -filter_complex \"fps=20,scale=1200:-1:flags=lanczos[x];[x][1:v]paletteuse\" -y \"$gif\" && rm -f \"$mp4\"'" + "$mod SHIFT, f, exec, pkill -INT wf-recorder" + + # special "SUPER+SHIFT, code:201, exec, confetti" ",XF86Tools , exec, ${pkgs.playerctl}/bin/playerctl play-pause" diff --git a/secrets/sops.yaml b/secrets/sops.yaml index 4477c44..0561cf7 100644 --- a/secrets/sops.yaml +++ b/secrets/sops.yaml @@ -10,7 +10,10 @@ user-password: ENC[AES256_GCM,data:cngHqB2IQXVvSMwm5KJeq6wOQMQ4z/DWap3YMyahq2fz8 immich-secrets-file: ENC[AES256_GCM,data:aUSQr5k7uqZzBvpSAFgpfStcuEPbf3U2GED+biU56UBi02MgQzckmK4kKJ7XIF6UyBvxLw==,iv:mep3JNp86YjsIJSONYNLeEYsSN/ERao7hs7O5cnHF9s=,tag:m6sulZTYMnTpxgPGFXITTg==,type:str] paperless-admin-password: ENC[AES256_GCM,data:Aup5T7pMptHT6z7Uqzd9I4EMaG4sbPNC9bVj+muTowkNKAr3nMOOXaAL4wgy00UI9u4KdZzQ/hyrYMMT,iv:VaR7OK8CEC3VlSbGvLIihX15fQQ7H/PyWZcp7nifOAg=,tag:G4DNgqjbZYaeSmj8vmT5IA==,type:str] build-service: ENC[AES256_GCM,data:4I1iPfdc5mbzGIYCVEtTZW0/MvLwUyEb2uaDERaApYMOVB3iSVNx+fyhxRokaQ==,iv:zAfFGFJdj6TvkS4D9qtRhYtPcvhNqv98Dmzp0TKVp+4=,tag:bWrUbEleOVq01eeKYvq7rw==,type:str] +fredrik-wastring: ENC[AES256_GCM,data:TQSjO/GGErorK1VwTUXU40o+8z8vh3OM01ErmmHnmp9p0EIfb8mmPqB37i/Ncw==,iv:mRL6grlO/GVw/5RrkHcsZ0Un5IWCPF9CRSxumZZXUcI=,tag:EN4ETD5UtXN3gAE6bfaUxg==,type:str] fw-qemu: ENC[AES256_GCM,data:TxbilLf79+gieY3WbAGl175aTUVjIc6rlKfYTy8Usmw=,iv:WCvfZctBVCSPwoCXMDoSroNt+kakGke5r0pFOSAMPgo=,tag:qY0HxicfypO15CozZ2fcoQ==,type:str] +github_token: ENC[AES256_GCM,data:E8j5K2U8UvTpZtsWIm55dvvSxmZjDY15lYeXGuKnPuq1fRyb5HolEQ==,iv:tqODZ4Y247D4DhmC3z7XEq/2K2JsU76p1hxYkYiql9E=,tag:iYithxJyO/GKvKwwh4BDlA==,type:str] +grafana_token: ENC[AES256_GCM,data:yAUqBV2/IF/wkyutHhf1Ui/xxRIt+SgsUk7QmdcnYa+x5KC8G1ifdcxJjPJvyQ==,iv:dGk6AfadwajDbFzTteCeyNIpwWRwdJbNwjGSlrmhaBU=,tag:svCcQo96PGFXu+MVsmn1HQ==,type:str] sops: age: - recipient: age1jeyw96795qu52swmtkjqgr2w3g4vxc43ckc5r4hlwpje23ptnfwsheah0s @@ -58,7 +61,7 @@ sops: dFZ3T3VUeHVnVThadHVQaVJCNkdZeDQK99L7CbBbklUUtanyFIOiCzO3hZP1mh3z ZZhhr6BCcHBbqzLaRLbT27BTCoNuGsXxyzW6tpXYacYuITkcFq9bOQ== -----END AGE ENCRYPTED FILE----- - lastmodified: "2026-02-19T10:11:05Z" - mac: ENC[AES256_GCM,data:I6wKjKoYp1MxO/5kLBiiETJWlDHcuqtLFU4ZlzPHqS3MuOCh0958Zlzv0R6vz5piREqEoiFFPb2O4VROMMXK+xKXTzO5us0j9OYfPi5J/8J0g085QCKqO4nnpyb/CxSMoHJ2+BTfmyhbAwqmXe7jo0ylOU/gFfx9fIt6ewD0LjI=,iv:+My8r7y4FhFQnOx7wNQGJ9Cd4vk7CzxUJv7xnJoPyXE=,tag:eywhbOfjOp940jem30YMVQ==,type:str] + lastmodified: "2026-03-12T14:47:05Z" + mac: ENC[AES256_GCM,data:+v483ag0f3VorJB0zd6M+mFt3sM7NtDMmRzvH8aLcaoo78/WIHBWFHPSBYBSaXFsm7LYdfA3TpEkuazOzeaiShSMk4AM+g1OB/j6ulzo0jzKg/milD7VAhHYbVCL85IRUHL1It478AukcHAIkFBItzbz7pUNLyESSY14g165iLQ=,iv:nOi9uiAoSS0O0YgvKCPH1kYG8Jfl8gwqDZEULbnG1Bw=,tag:v3u+Z0EQ4qLNWsjoZYzT/Q==,type:str] unencrypted_suffix: _unencrypted - version: 3.11.0 + version: 3.12.0