70 lines
2.1 KiB
Nix
70 lines
2.1 KiB
Nix
{
|
|
config,
|
|
pkgs,
|
|
inputs,
|
|
lib,
|
|
nixpkgs-nixos-unstable-and-unfree,
|
|
...
|
|
}: let
|
|
system_cert_bundle_path = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
|
|
form3_cert_path = ./form3-palo-alto.pem;
|
|
form3_cert_bundle =
|
|
builtins.toFile "form3-cert-bundle.crt"
|
|
(builtins.readFile system_cert_bundle_path
|
|
+ builtins.readFile form3_cert_path);
|
|
in {
|
|
environment.systemPackages = with pkgs; [vim nixfmt];
|
|
|
|
imports = [../../git ../../mercurial];
|
|
services.nix-daemon.enable = true;
|
|
nix = {
|
|
useDaemon = true;
|
|
gc.automatic = true;
|
|
package = pkgs.nixUnstable;
|
|
extraOptions = ''
|
|
experimental-features = nix-command flakes
|
|
'';
|
|
};
|
|
|
|
fonts.fontDir.enable = true;
|
|
fonts.fonts = with pkgs; [
|
|
(runCommand "berkeley-fonts" {} ''
|
|
mkdir -vp "$out/share/fonts/opentype"
|
|
mkdir -vp "$out/share/fonts/truetype"
|
|
${pkgs.unzip}/bin/unzip ${../../fonts.zip} \*.otf -d $out/share/fonts/opentype
|
|
${pkgs.unzip}/bin/unzip ${../../fonts.zip} \*.ttf -d $out/share/fonts/truetype
|
|
|
|
'')
|
|
nerdfonts
|
|
fira-code
|
|
font-awesome
|
|
material-icons
|
|
powerline-fonts
|
|
source-code-pro
|
|
weather-icons
|
|
];
|
|
security.pki.certificateFiles = [form3_cert_path system_cert_bundle_path];
|
|
environment.variables = {
|
|
SSL_CERT_FILE = form3_cert_bundle;
|
|
NIX_SSL_CERT_FILE = form3_cert_bundle;
|
|
BUNDLE_SSL_CA_CERT = form3_cert_bundle;
|
|
CARGO_NET_GIT_FETCH_WITH_CLI = "true";
|
|
};
|
|
programs.zsh.enable = true;
|
|
|
|
system.stateVersion = 4;
|
|
|
|
home-manager.users.cyryl = {...}: {
|
|
imports = [];
|
|
home.packages = with pkgs; [awscli kubectl cargo-update];
|
|
programs.git.userEmail = lib.mkForce "cyryl.plotnicki@form3.tech";
|
|
programs.git.extraConfig.user.signingkey = "6441B1BC81F8FB1561C9AFF5534222210FE423ED";
|
|
programs.git.extraConfig.commit.gpgsign = true;
|
|
programs.git.extraConfig."url \"git@github.com:\"".insteadOf = "https://github.com/";
|
|
programs.gpg.enable = true;
|
|
programs.gpg.homedir = "/Users/cyryl/.gnupg";
|
|
programs.zsh.loginExtra = ''
|
|
eval "$(/opt/homebrew/bin/brew shellenv)"
|
|
'';
|
|
};
|
|
}
|