...

author: Gregor Kleen <gkleen@yggdrasil.li> 2025-11-13 22:45:18 +0100
committer: Gregor Kleen <gkleen@yggdrasil.li> 2025-11-13 22:45:18 +0100
commit: f8a9228baa4f68c7639ef703e15f97bf146c53ee (patch)
tree: 6efca90bf896a6747f64b97ed2b9055f2d910508 /users/root.nix
parent: f92d022f5c03f719492fa4901d21190c3a576187 (diff)
download: nixos-f8a9228baa4f68c7639ef703e15f97bf146c53ee.tar
nixos-f8a9228baa4f68c7639ef703e15f97bf146c53ee.tar.gz
nixos-f8a9228baa4f68c7639ef703e15f97bf146c53ee.tar.bz2
nixos-f8a9228baa4f68c7639ef703e15f97bf146c53ee.tar.xz
nixos-f8a9228baa4f68c7639ef703e15f97bf146c53ee.zip
1 files changed, 79 insertions, 31 deletions
diff --git a/users/root.nix b/users/root.nix
index ed1acd50..7fa99452 100644
--- a/users/root.nix
+++ b/users/root.nix
@@ -1,6 +1,7 @@
-{ flake, lib, config, hostName, userName, pkgs, ... }:
+{ flake, home-manager, lib, config, hostName, userName, pkgs, ... }:
 let
  haveGKleen = flake.nixosModules.accounts ? "gkleen@${hostName}";
+  homeManagerRelease = lib.importJSON (home-manager + /release.json);
 in {
  imports = with flake.nixosModules.userProfiles.${userName}; [
    direnv utils
@@ -11,42 +12,89 @@ in {
    openssh.authorizedKeys.keyFiles = config.users.users."gkleen".openssh.authorizedKeys.keyFiles;
  };
-  home-manager.users.${userName} = {
+  home-manager.users.${userName} = { config, ... }: lib.foldr lib.recursiveUpdate {} ([
+    {
+      programs = {
+        git.enable = true;
+        ssh.enable = true;
+        gpg.enable = true;
+      };
+      services = {
+        gpg-agent = {
+          enable = true;
+          enableSshSupport = true;
+          extraConfig = ''
+            pinentry-program ${pkgs.pinentry-curses}/bin/pinentry
+            grab
+          '';
+        };
+      };
+    }
+  ] ++ (lib.optional (lib.versionAtLeast homeManagerRelease.release "25.11") {
    programs = {
-      git = {
+      git.settings = {
-        enable = true;
+        user = {
-        userEmail = "gkleen@yggdrasil.li";
+          email = "gkleen@yggdrasil.li";
-        userName = "Gregor Kleen";
+          name = "Gregor Kleen";
-        delta.enable = true;
+        };
-        extraConfig = {
+        core.excludesfile = toString ./gitignore;
-          pull.rebase = false;
+        pull.rebase = true;
+        submodule.recurse = true;
+        init.defaultBranch = "main";
+        column.ui = "auto";
+        branch.sort = "-committerdate";
+        tag.sort = "version:refname";
+        diff = {
+          algorithm = "histogram";
+          colorMoved = "plain";
+          mnemonicPrefix = true;
+          renames = true;
+        };
+        push = {
+          default = "simple";
+          autoSetupRemote = true;
+          followTags = true;
+        };
+        fetch = {
+          prune = true;
+          pruneTags = true;
+          all = true;
        };
+        rerere = {
+          enabled = true;
+          autoupdate = true;
+        };
+        rebase = {
+          autoSquash = true;
+          autoStash = true;
+          updateRefs = true;
+        };
+        merge.conflictstyle = "zdiff3";
      };
+      delta = {
-      ssh = {
        enable = true;
-        controlMaster = "auto";
+        enableGitIntegration = true;
-        controlPersist = "30m";
-        serverAliveInterval = 6;
-        serverAliveCountMax = 10;
-        hashKnownHosts = true;
-        extraConfig = ''
-          IdentitiesOnly true
-        '';
      };
+      ssh = {
+        enableDefaultConfig = false;
+        matchBlocks."*" = {
+          forwardAgent = false;
+          addKeysToAgent = "no";
+          compression = false;
+          userKnownHostsFile = "~/.ssh/known_hosts";
+          controlPath = "~/.ssh/master-%r@%n:%p";
-      gpg.enable = true;
+          controlMaster = "auto";
-    };
+          controlPersist = "30m";
+          serverAliveInterval = 6;
-    services = {
+          serverAliveCountMax = 10;
-      gpg-agent = {
+          hashKnownHosts = true;
-        enable = true;
+          identitiesOnly = true;
-        enableSshSupport = true;
+        };
-        extraConfig = ''
-          pinentry-program ${pkgs.pinentry-curses}/bin/pinentry
-          grab
-        '';
      };
    };
-  };
+  }));
 }
author	Gregor Kleen <gkleen@yggdrasil.li>	2025-11-13 22:45:18 +0100
committer	Gregor Kleen <gkleen@yggdrasil.li>	2025-11-13 22:45:18 +0100
commit	f8a9228baa4f68c7639ef703e15f97bf146c53ee (patch)
tree	6efca90bf896a6747f64b97ed2b9055f2d910508 /users/root.nix
parent	f92d022f5c03f719492fa4901d21190c3a576187 (diff)
download	nixos-f8a9228baa4f68c7639ef703e15f97bf146c53ee.tar nixos-f8a9228baa4f68c7639ef703e15f97bf146c53ee.tar.gz nixos-f8a9228baa4f68c7639ef703e15f97bf146c53ee.tar.bz2 nixos-f8a9228baa4f68c7639ef703e15f97bf146c53ee.tar.xz nixos-f8a9228baa4f68c7639ef703e15f97bf146c53ee.zip

diff --git a/users/root.nix b/users/root.nix index ed1acd50..7fa99452 100644 --- a/users/root.nix +++ b/users/root.nix
@@ -1,6 +1,7 @@
1	{ flake, lib, config, hostName, userName, pkgs, ... }:	1	{ flake, home-manager, lib, config, hostName, userName, pkgs, ... }:
2	let	2	let
3	haveGKleen = flake.nixosModules.accounts ? "gkleen@${hostName}";	3	haveGKleen = flake.nixosModules.accounts ? "gkleen@${hostName}";
		4	homeManagerRelease = lib.importJSON (home-manager + /release.json);
4	in {	5	in {
5	imports = with flake.nixosModules.userProfiles.${userName}; [	6	imports = with flake.nixosModules.userProfiles.${userName}; [
6	direnv utils	7	direnv utils
@@ -11,42 +12,89 @@ in {
11	openssh.authorizedKeys.keyFiles = config.users.users."gkleen".openssh.authorizedKeys.keyFiles;	12	openssh.authorizedKeys.keyFiles = config.users.users."gkleen".openssh.authorizedKeys.keyFiles;
12	};	13	};
13		14
14	home-manager.users.${userName} = {	15	home-manager.users.${userName} = { config, ... }: lib.foldr lib.recursiveUpdate {} ([
		16	{
		17	programs = {
		18	git.enable = true;
		19
		20	ssh.enable = true;
		21
		22	gpg.enable = true;
		23	};
		24
		25	services = {
		26	gpg-agent = {
		27	enable = true;
		28	enableSshSupport = true;
		29	extraConfig = ''
		30	pinentry-program ${pkgs.pinentry-curses}/bin/pinentry
		31	grab
		32	'';
		33	};
		34	};
		35	}
		36	] ++ (lib.optional (lib.versionAtLeast homeManagerRelease.release "25.11") {
15	programs = {	37	programs = {
16	git = {	38	git.settings = {
17	enable = true;	39	user = {
18	userEmail = "gkleen@yggdrasil.li";	40	email = "gkleen@yggdrasil.li";
19	userName = "Gregor Kleen";	41	name = "Gregor Kleen";
20	delta.enable = true;	42	};
21	extraConfig = {	43	core.excludesfile = toString ./gitignore;
22	pull.rebase = false;	44	pull.rebase = true;
		45	submodule.recurse = true;
		46	init.defaultBranch = "main";
		47	column.ui = "auto";
		48	branch.sort = "-committerdate";
		49	tag.sort = "version:refname";
		50	diff = {
		51	algorithm = "histogram";
		52	colorMoved = "plain";
		53	mnemonicPrefix = true;
		54	renames = true;
		55	};
		56	push = {
		57	default = "simple";
		58	autoSetupRemote = true;
		59	followTags = true;
		60	};
		61	fetch = {
		62	prune = true;
		63	pruneTags = true;
		64	all = true;
23	};	65	};
		66	rerere = {
		67	enabled = true;
		68	autoupdate = true;
		69	};
		70	rebase = {
		71	autoSquash = true;
		72	autoStash = true;
		73	updateRefs = true;
		74	};
		75	merge.conflictstyle = "zdiff3";
24	};	76	};
25		77	delta = {
26	ssh = {
27	enable = true;	78	enable = true;
28	controlMaster = "auto";	79	enableGitIntegration = true;
29	controlPersist = "30m";
30	serverAliveInterval = 6;
31	serverAliveCountMax = 10;
32	hashKnownHosts = true;
33	extraConfig = ''
34	IdentitiesOnly true
35	'';
36	};	80	};
		81	ssh = {
		82	enableDefaultConfig = false;
		83	matchBlocks."*" = {
		84	forwardAgent = false;
		85	addKeysToAgent = "no";
		86	compression = false;
		87	userKnownHostsFile = "~/.ssh/known_hosts";
		88	controlPath = "~/.ssh/master-%r@%n:%p";
37		89
38	gpg.enable = true;	90	controlMaster = "auto";
39	};	91	controlPersist = "30m";
40		92	serverAliveInterval = 6;
41	services = {	93	serverAliveCountMax = 10;
42	gpg-agent = {	94	hashKnownHosts = true;
43	enable = true;	95	identitiesOnly = true;
44	enableSshSupport = true;	96	};
45	extraConfig = ''
46	pinentry-program ${pkgs.pinentry-curses}/bin/pinentry
47	grab
48	'';
49	};	97	};
50	};	98	};
51	};	99	}));
52	}	100	}