flake-parts: Almost done with yggdrasil

modules/base/system/default.nix

@@ -40,6 +40,13 @@
             ssh-to-age
           ];
 
+          services.gnome.gnome-keyring.enable = true;
+
+          services.dbus.packages = [
+            pkgs.gnome-keyring
+            pkgs.gcr
+          ];
+
           sops = {
             defaultSopsFile = ../../../secrets/secrets.yaml;
             defaultSopsFormat = "yaml";

modules/base/system/fonts.nix

@@ -0,0 +1,22 @@
+{
+
+  flake.modules.nixos.base =
+    { pkgs, ... }:
+    {
+      environment.variables = {
+        # Enable icons in tooling since we have nerdfonts.
+        LOG_ICONS = "true";
+      };
+
+      fonts.packages = with pkgs; [
+        font-awesome
+        powerline-fonts
+        powerline-symbols
+        nerd-fonts.code-new-roman
+        nerd-fonts.fira-code
+        nerd-fonts.symbols-only
+        fira
+      ];
+
+    };
+}

modules/base/system/gpg.nix

@@ -0,0 +1,61 @@
+{
+  flake.modules = {
+    nixos.base =
+      { pkgs, ... }:
+      let
+
+        reload-yubikey = pkgs.writeShellScriptBin "reload-yubikey" ''
+          ${pkgs.gnupg}/bin/gpg-connect-agent "scd serialno" "learn --force" /bye
+        '';
+      in
+      {
+        services.pcscd.enable = true;
+        services.udev.packages = with pkgs; [ yubikey-personalization ];
+
+        environment.systemPackages = with pkgs; [
+          cryptsetup
+          paperkey
+          gnupg
+          pinentry-curses
+          pinentry-qt
+
+          yubikey-manager
+          yubioath-flutter
+          reload-yubikey
+        ];
+
+        programs = {
+          ssh.startAgent = false;
+
+          gnupg.agent = {
+            enable = true;
+            enableSSHSupport = true;
+            enableExtraSocket = true;
+          };
+        };
+
+      };
+
+    homeManager.base =
+      { inputs, pkgs, ... }:
+      let
+        gpgConf = "${inputs.gpg-base-conf}/gpg.conf";
+
+        gpgAgentConf = ''
+          enable-ssh-support
+          default-cache-ttl 60
+          max-cache-ttl 120
+          pinentry-program ${pkgs.pinentry-qt}/bin/pinentry-qt
+        '';
+      in
+      {
+        home.file = {
+          ".gnupg/.keep".text = "";
+
+          ".gnupg/gpg.conf".source = gpgConf;
+          ".gnupg/gpg-agent.conf".text = gpgAgentConf;
+          ".gnupg/scdeamon.conf".text = "disable-ccid";
+        };
+      };
+  };
+}

modules/base/system/helix.nix

@@ -18,7 +18,7 @@
 
       };
 
-    homeManager.base =
+    homeManager.cholli =
       { inputs, pkgs, ... }:
       let
         helix-pkg = inputs.helix.packages.${pkgs.system}.default;

modules/base/system/locale.nix

@@ -0,0 +1,27 @@
+{
+  flake.modules.nixos.base =
+    { lib, ... }:
+    {
+      time.timeZone = "Europe/Berlin";
+      i18n.defaultLocale = "en_US.UTF-8";
+
+      i18n.extraLocaleSettings = {
+        LANG = "en_US.UTF-8";
+        LC_ALL = "en_US.UTF-8";
+        LC_ADDRESS = "de_DE.UTF-8";
+        LC_IDENTIFICATION = "de_DE.UTF-8";
+        LC_MEASUREMENT = "de_DE.UTF-8";
+        LC_MONETARY = "de_DE.UTF-8";
+        LC_NAME = "de_DE.UTF-8";
+        LC_NUMERIC = "de_DE.UTF-8";
+        LC_PAPER = "de_DE.UTF-8";
+        LC_TELEPHONE = "de_DE.UTF-8";
+        LC_TIME = "de_DE.UTF-8";
+      };
+
+      console = {
+        keyMap = lib.mkForce "us";
+        useXkbConfig = true;
+      };
+    };
+}

modules/base/system/nixdaemon.nix

@@ -0,0 +1,61 @@
+{
+  flake.modules.nixos.base =
+    {
+      config,
+      inputs,
+      lib,
+      pkgs,
+      ...
+    }:
+    let
+      username = "cholli";
+    in
+    {
+      environment.systemPackages = with pkgs; [
+        nixfmt-rfc-style
+        nix-prefetch-git
+
+        nix-index
+        nix-output-monitor
+      ];
+
+      programs.nh = {
+        enable = true;
+        package = inputs.nh-flake.packages.${pkgs.system}.nh;
+        flake = "/home/${username}/projects/config";
+      };
+
+      nix = {
+        settings =
+          let
+            users = [
+              "root"
+              username
+            ]
+            ++ lib.optional (builtins.hasAttr "native" config.services.gitea-actions-runner) "gitea-runner"
+            ++ lib.optional config.services.hydra.enable "hydra hydra-www hydra-evaluator hydra-queue-runner";
+          in
+          {
+            experimental-features = "nix-command flakes";
+            http-connections = 50;
+            warn-dirty = false;
+            log-lines = 50;
+            sandbox = "relaxed";
+            auto-optimise-store = true;
+            trusted-users = users;
+            allowed-users = users;
+            allowed-uris = "github: https://github.com/ git+https://github.com/ gitlab: https://gitlab.com/ git+https://gitlab.com/";
+          }
+          // (lib.optionalAttrs config.programs.direnv.enable {
+            keep-outputs = true;
+            keep-derivations = true;
+          });
+
+        gc = {
+          automatic = true;
+          dates = "daily";
+          options = "--delete-older-than 7d";
+        };
+      };
+    };
+}