A bunch of stuff, including commit signing!

flake.lock

@@ -108,6 +108,26 @@
         "type": "github"
       }
     },
+    "homeage": {
+      "inputs": {
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1669234151,
+        "narHash": "sha256-TwT87E3m2TZLgwYJESlype14HxUOrRGojPM5C2akrMg=",
+        "owner": "jordanisaacs",
+        "repo": "homeage",
+        "rev": "02bfe4ca06962d222e522fff0240c93946b20278",
+        "type": "github"
+      },
+      "original": {
+        "owner": "jordanisaacs",
+        "repo": "homeage",
+        "type": "github"
+      }
+    },
     "impermanence": {
       "locked": {
         "lastModified": 1668668915,
@@ -191,6 +211,7 @@
         "base16": "base16",
         "catppuccin-base16": "catppuccin-base16",
         "home-manager": "home-manager",
+        "homeage": "homeage",
         "impermanence": "impermanence",
         "neovim-nightly-overlay": "neovim-nightly-overlay",
         "nixpkgs": "nixpkgs"

flake.nix

@@ -13,6 +13,10 @@
     agenix.url = "github:ryantm/agenix";
     agenix.inputs.nixpkgs.follows = "nixpkgs";
 
+# Homeage
+ homeage.url = "github:jordanisaacs/homeage";
+      homeage.inputs.nixpkgs.follows = "nixpkgs";
+
     # Base16-nix
     base16.url = github:SenchoPens/base16.nix;
     base16.inputs.nixpkgs.follows = "nixpkgs";

home/adrielus/features/cli/default.nix

@@ -1,5 +1,5 @@
 { pkgs, ... }: {
-  imports = [ ./bat.nix ./git.nix ./ssh.nix ./fish.nix ./tmux ./starship.nix ];
+  imports = [ ./bat.nix ./ssh.nix ./fish.nix ./tmux ./git.nix ./starship.nix ];
 
   # Enable bash
   programs.bash.enable = true;

home/adrielus/features/cli/git.nix

@@ -1,11 +1,9 @@
-{ pkgs, ... }: {
+{ pkgs, config, ... }: {
   programs.git = {
     enable = true;
     package = pkgs.gitFull;
 
-    aliases = {
+    aliases.graph = "log --decorate --oneline --graph";
-      graph = "log --decorate --oneline --graph";
-    };
 
     userName = "Matei Adriel";
     userEmail = "rafaeladriel11@gmail.com";
@@ -15,12 +13,20 @@
       hub.protocol = "ssh";
       core.editor = "nvim";
       rebase.autoStash = true;
+
+      # Sign commits using ssh
+      gpg.format = "ssh";
+      user.signingkey = "~/.ssh/id_ed25519.pub";
+
+      # Sign everythin gby default
+      commit.gpgsign = true;
+      tag.gpgsign = true;
     };
   };
 
-  home.packages = with pkgs; [
+  # Github cli
-    # Two github clis
+  programs.gh = {
-    gh
+    enable = true;
-    hub
+    settings.git_protocol = "ssh";
-  ];
+  };
 }

home/adrielus/features/cli/tmux/default.nix

@@ -1,5 +1,5 @@
 { pkgs, config, ... }:
-let base17-tmux = pkgs.fetchFromGitHub {
+let base16-tmux = pkgs.fetchFromGitHub {
   owner = "tinted-theming";
   repo = "base16-tmux";
   sha256 = "1p6czpd9f0sbibdsph1hdw4ljp6zzjij2159bks16wbfbg3p1hhx";

home/adrielus/features/desktop/common/wakatime/default.nix

@@ -1,8 +1,10 @@
-{ pkgs, ... }: {
+{ pkgs, config, ... }: {
-  age.secrets.wakatime.file = ./wakatime_config.age;
+  homeage.file.wakatime = {
-
+    source = ./wakatime_config.age;
-  home = {
+    symlinks = [
-    file.".wakatime.cfg".source = config.age.secrets.wakatime.path;
+      "${config.home.homeDirectory}/.wakatime.cfg"
-    packages = with pkgs; [ wakatime ];
+    ];
   };
+
+  home.packages = with pkgs; [ wakatime ];
 }

home/adrielus/features/neovim/default.nix

@@ -39,11 +39,11 @@ let
   ];
 in
 let
-  simlink = config.lib.file.mkOutOfStoreSymlink;
+  symlink = config.lib.file.mkOutOfStoreSymlink;
 
   extraRuntime = [
     (if devMode
-      then simlink "${paths.dotfiles}/vscode-snippets"
+      then symlink "${paths.dotfiles}/vscode-snippets"
       else ../../../../dotfiles/vscode-snippets)
   ];
 
@@ -79,7 +79,7 @@ in
 
   home.file.".config/nvim".source =
     if devMode then
-      simlink "${paths.dotfiles}/neovim" else
+      symlink "${paths.dotfiles}/neovim" else
       ../../../../dotfiles/neovim;
 
   home.packages = [

home/adrielus/global/default.nix

@@ -3,6 +3,7 @@ let
   # Extra modules to import
   imports = [
     inputs.base16.homeManagerModule
+    inputs.homeage.homeManagerModules.homeage
     # inputs.impermanence.nixosModules.home-manager.impermanence
 
     ../features/cli
@@ -16,7 +17,7 @@ let
 in
 {
   # Import all modules defined in modules/home-manager
-  moduleImports = builtins.attrValues outputs.homeManagerModules ++ imports;
+  imports = builtins.attrValues outputs.homeManagerModules ++ imports;
 
   nixpkgs = {
     # Add all overlays defined in the overlays directory
@@ -47,4 +48,7 @@ in
     homeDirectory = lib.mkDefault "/home/${config.home.username}";
     stateVersion = lib.mkDefault "22.11";
   };
+
+  # Where homeage should look for our ssh key
+  homeage.identityPaths = [ "~/.ssh/id_ed25519" ];
 }

hosts/nixos/common/users/adrielus.nix

@@ -1,4 +1,11 @@
 { pkgs, config, ... }:
+let
+  # Record containing all the hosts
+  hosts = outputs.nixosConfigurations;
+
+  # Function from hostname to relative path to public ssh key
+  idKey = host: ../../${host}/id_ed25519.pub;
+in
 {
   # Password file stored through agenix
   age.secrets.adrielusPassword.file = ./adrielus_password.age;
@@ -31,5 +38,11 @@
       # Adds me to some default groups, and creates the home dir 
       isNormalUser = true;
     };
+
+    openssh.authorizedKeys.keyFiles =
+      builtins.attrValues # attrsetof path -> path[]
+        (builtins.mapAttrs # ... -> attrsetof host -> attrsetof path
+          (name: _: idKey name) # string -> host -> path
+          hosts);
   };
 }

hosts/nixos/tethys/id_ed25519.pub

@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINmdOiG0elKHvJ5yoUMd8I5qQdygvjdq45bxv65K230G tethys

hosts/nixos/tethys/ssh_host_ed25519_key.pub

@@ -1 +1 @@
-ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINmdOiG0elKHvJ5yoUMd8I5qQdygvjdq45bxv65K230G tethys
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILZYc7pDnaqiDnt5sDtlYHmmdhEXut3bxi28cgr2mguE root@nixos

hosts/nixos/tethys/ssh_host_rsa_key.pub

@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCvOM9q+uCw2GDDPggk5PR8oUcfb7WqVIp9No2dVbOppRfjnY+NBHMDPBL1VYT+lKZ6Q8bsdXdmued3Cz0mzCR7vQkV7eRu6O0363iZAhVdWvvfgSug+QPgYWYE5FnwH4LUgBzz2+rLXOAPWA7bcFQIlMtrAnAKW2DymYcJyYDSCy/FFL+twfgilUwy26X2JikvCSO6H8yLFqhhLUKGrCLJ0XyZgQw4BjrgPp68FzYNfHUZ1RcKzBi/OTLKpHp40tFyup9N6F6LL74miEpv9Yfx2xrtnTei+sz+PCceJwJidurc/yPMdtT4UFgKyJrWGFkIymY6q0q8nOg6KNR+DnzVDfTJfzDrBFgTwiJh3sUorlzMyw+FAqRiCMvU8qfHoKYJQb5wfSbfWfxhaRX9pa6aeJt83b8fQjbjbJiNrGp0zNp+ASvaT3R4zteQBWLMyHPxCONDepH1Yl3sjnm/+EIblVWryzhsRSCq/AEsyblR+dHDxMx56ob0LGfxKBzDN70W/vbXviOZVwXalw4GHjuD9bTh1CmBacfOtoOwbP55eVzW7EF22LUg1IqYYVKcPnqoAcIi5BJFZVtHWRTG9aZPNplsNPiF8QrPpKnpjfqTQmNdNuWSrBD81HGsm0aafjSAoxpl1K+bzvJxeBPOIJ40SGCH/jHWcmWk/At5D0Ne/w== root@nixos

secrets.nix

@@ -1,8 +1,8 @@
 let
-  tethys = builtins.readFile ./hosts/nixos/tethys/ssh_host_ed25519_key.pub;
+  adrielus = builtins.readFile ./hosts/nixos/tethys/id_ed25519.pub;
 in
 {
-  "./hosts/nixos/common/global/wireless/wifi_passwords.age".publicKeys = [ tethys ];
+  "./hosts/nixos/common/global/wireless/wifi_passwords.age".publicKeys = [ adrielus ];
-  "./hosts/nixos/common/users/adrielus_password.age".publicKeys = [ tethys ];
+  "./hosts/nixos/common/users/adrielus_password.age".publicKeys = [ adrielus ];
-  "./home/adrielus/features/desktop/common/wakatime/wakatime_config.age".publicKeys = [ tethys ];
+  "./home/adrielus/features/desktop/common/wakatime/wakatime_config.age".publicKeys = [ adrielus ];
 }