dotfiles/nixos/boxes/form3/default.nix
Cyryl Płotnicki 635f5902aa
Some checks are pending
use nix / build (push) Waiting to run
cleanup, make checks pass
2024-04-27 11:33:38 +01:00

68 lines
1.7 KiB
Nix

{
config,
pkgs,
inputs,
lib,
nixpkgs-nixos-unstable-and-unfree,
...
}: let
system_cert_bundle_path = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
form3_cert_path = ./form3-palo-alto.pem;
form3_cert_bundle =
builtins.toFile "form3-cert-bundle.crt"
(builtins.readFile system_cert_bundle_path
+ builtins.readFile form3_cert_path);
in {
environment.systemPackages = with pkgs; [vim nixfmt];
imports = [../../git ../../mercurial];
services.nix-daemon.enable = true;
nix = {
useDaemon = true;
gc.automatic = true;
package = pkgs.nixUnstable;
extraOptions = ''
experimental-features = nix-command flakes
'';
};
fonts.fontDir.enable = true;
fonts.fonts = with pkgs; [
nerdfonts
fira-code
font-awesome
material-icons
powerline-fonts
source-code-pro
weather-icons
];
security.pki.certificateFiles = [form3_cert_path system_cert_bundle_path];
environment.variables = {
SSL_CERT_FILE = form3_cert_bundle;
NIX_SSL_CERT_FILE = form3_cert_bundle;
BUNDLE_SSL_CA_CERT = form3_cert_bundle;
CARGO_NET_GIT_FETCH_WITH_CLI = "true";
};
programs.zsh.enable = true;
system.stateVersion = 4;
home-manager.users.cyryl = {...}: {
imports = [];
home.packages = with pkgs; [awscli kubectl cargo-update];
programs = {
git.userEmail = lib.mkForce "cyryl.plotnicki@form3.tech";
git.extraConfig = {
user.signingkey = "6441B1BC81F8FB1561C9AFF5534222210FE423ED";
commit.gpgsign = true;
"url \"git@github.com:\"".insteadOf = "https://github.com/";
};
gpg.enable = true;
gpg.homedir = "/Users/cyryl/.gnupg";
zsh.loginExtra = ''
eval "$(/opt/homebrew/bin/brew shellenv)"
'';
};
};
}