rrvsh/pantheon
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(machine, secrets): add qmk and vial, export gemini key

Browse source
This commit is contained in:
Mohammad Rafiq 2025-07-14 23:11:19 +08:00
parent 399e049775
commit 96321d4026
No known key found for this signature in database
3 changed files with 51 additions and 31 deletions
Download patch file Download diff file Expand all files Collapse all files

2
nix/manifest.nix
View file

@ -33,10 +33,10 @@
}; };
}; };
extraCfg = { extraCfg = {
services.fwupd.enable = true; # FIXME: remove
machine = { machine = {
bluetooth.enable = true; bluetooth.enable = true;
usb.automount = true; usb.automount = true;
usb.qmk.enable = true;
virtualisation = { virtualisation = {
podman.enable = true; podman.enable = true;
podman.distrobox.enable = true; podman.distrobox.enable = true;

20
nix/modules/machine/default.nix
View file

@ -5,7 +5,12 @@ let
in in
{ {
flake.modules.nixos.default = flake.modules.nixos.default =
{ config, modulesPath, ... }: {
config,
modulesPath,
pkgs,
...
}:
let let
cfg = config.machine; cfg = config.machine;
in in
@ -14,6 +19,7 @@ in
options.machine = { options.machine = {
bluetooth.enable = mkEnableOption ""; bluetooth.enable = mkEnableOption "";
usb.automount = mkEnableOption ""; usb.automount = mkEnableOption "";
usb.qmk.enable = mkEnableOption "";
}; };
config = mkMerge [ config = mkMerge [
(mkIf cfg.usb.automount { (mkIf cfg.usb.automount {
@ -28,6 +34,18 @@ in
} }
]; ];
}) })
(mkIf cfg.usb.qmk.enable {
hardware.keyboard.qmk.enable = true;
services.udev = {
packages = with pkgs; [
vial
qmk
qmk-udev-rules
qmk_hid
];
};
})
(mkIf cfg.bluetooth.enable { (mkIf cfg.bluetooth.enable {
persistDirs = [ "/var/lib/bluetooth" ]; persistDirs = [ "/var/lib/bluetooth" ];
hardware.bluetooth = { hardware.bluetooth = {

60
nix/modules/system/secrets.nix
View file

@ -13,39 +13,41 @@ let
inherit (cfg.paths) secrets; inherit (cfg.paths) secrets;
in in
{ {
flake.modules.nixos.default = flake.modules = {
{ config, ... }: nixos.default =
{ { config, ... }:
imports = [ inputs.sops-nix.nixosModules.sops ]; {
config = { imports = [ inputs.sops-nix.nixosModules.sops ];
sops = { config = {
age.sshKeyPaths = [ sops = {
"/persist${config.users.defaultUserHome}/${username}/.ssh/id_ed25519" age.sshKeyPaths = [
]; "/persist${config.users.defaultUserHome}/${username}/.ssh/id_ed25519"
secrets."keys/gemini".sopsFile = secrets + "/keys.yaml"; ];
secrets."keys/gemini".sopsFile = secrets + "/keys.yaml";
};
environment.shellInit = # sh
''
export GEMINI_API_KEY=$(sudo cat ${config.sops.secrets."keys/gemini".path})
'';
}; };
environment.shellInit = # sh
''
export GEMINI_API_KEY=$(sudo cat ${config.sops.secrets."keys/gemini".path})
'';
}; };
}; darwin.default =
flake.modules.darwin.default = { config, ... }:
{ config, ... }: {
{ imports = [ inputs.sops-nix.darwinModules.sops ];
imports = [ inputs.sops-nix.darwinModules.sops ]; config = {
config = { sops = {
sops = { age.sshKeyPaths = [ "${config.users.users.${username}.home}/.ssh/id_ed25519" ];
age.sshKeyPaths = [ "${config.users.users.${username}.home}/.ssh/id_ed25519" ]; secrets."keys/gemini".sopsFile = secrets + "/keys.yaml";
secrets."keys/gemini".sopsFile = secrets + "/keys.yaml"; };
environment.shellInit = # sh
''
export GEMINI_API_KEY=$(sudo cat ${config.sops.secrets."keys/gemini".path})
'';
}; };
environment.shellInit = # sh
''
export GEMINI_API_KEY=$(sudo cat ${config.sops.secrets."keys/gemini".path})
'';
}; };
}; homeManager.default.persistDirs = [ ".config/sops/age" ];
flake.modules.homeManager.default.persistDirs = [ ".config/sops/age" ]; };
perSystem = perSystem =
{ pkgs, ... }: { pkgs, ... }:
{ {