{ config, pkgs, inputs, lib, nixpkgs-nixos-unstable-and-unfree, ... }: let system_cert_bundle_path = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; form3_cert_path = ./form3-palo-alto.pem; form3_cert_bundle = builtins.toFile "form3-cert-bundle.crt" (builtins.readFile system_cert_bundle_path + builtins.readFile form3_cert_path); in { environment.systemPackages = with pkgs; [ vim nixfmt ]; imports = [ ../../git ../../mercurial ]; services.nix-daemon.enable = true; nix = { useDaemon = true; gc.automatic = true; package = pkgs.nixUnstable; extraOptions = '' experimental-features = nix-command flakes ''; }; fonts.fontDir.enable = true; fonts.fonts = with pkgs; [ (fetchzip { name = "berkeley-mono-fonts"; url = "file:///" + ../../fonts.zip; postFetch = '' mkdir -p $out/share/fonts unzip -j $downloadedFile \*.otf -d $out/share/fonts/opentype ''; sha256 = "sha256-y+j3iHGXJP1pdylLJTlxbhyQ1oFAwini3o3ljLzOsoM="; }) nerdfonts fira-code font-awesome material-icons powerline-fonts source-code-pro weather-icons ]; security.pki.certificateFiles = [ form3_cert_path system_cert_bundle_path ]; environment.variables = { SSL_CERT_FILE = form3_cert_bundle; NIX_SSL_CERT_FILE = form3_cert_bundle; BUNDLE_SSL_CA_CERT = form3_cert_bundle; CARGO_NET_GIT_FETCH_WITH_CLI = "true"; }; programs.zsh.enable = true; system.stateVersion = 4; home-manager.users.cyryl = { ... }: { imports = [ ]; home.packages = with pkgs; [ awscli kubectl ]; programs.git.userEmail = lib.mkForce "cyryl.plotnicki@form3.tech"; programs.git.extraConfig.user.signingkey = "6441B1BC81F8FB1561C9AFF5534222210FE423ED"; programs.git.extraConfig.commit.gpgsign = true; programs.git.extraConfig."url \"git@github.com:\"".insteadOf = "https://github.com/"; programs.gpg.enable = true; programs.gpg.homedir = "/Users/cyryl/.gnupg"; programs.zsh.loginExtra = '' eval "$(/opt/homebrew/bin/brew shellenv)" ''; }; }