Merge pull request #284 from genebean/nixification

Nixification
2026-03-27 09:27:44 -04:00 · 2023-09-14 00:03:58 -04:00 · 2023-09-14 00:03:58 -04:00 · 41bf9dc9fa
commit 41bf9dc9fa
parent 15c92e683e cc0efcfdde
65 changed files with 989 additions and 154 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,5 +1,7 @@
 /.vagrant/
 /.vscode/
 /result/
 /result
 /vendor/
 .dccache
--- a/README.md
+++ b/README.md
@ -1,159 +1,27 @@
-# dots
+# Dots
-[![Ansible Lint](https://github.com/genebean/dots/actions/workflows/ansible-lint.yml/badge.svg)](https://github.com/genebean/dots/actions/workflows/ansible-lint.yml)
+This repo historically contained my dot files and is now transitioning to being a Nix flake that manages my dot files and the things that consume them. Things are changing a lot right now, but historically symlinked files are still in `link/`. Most all the other old stuff is now tucked away under `legacy/` to get it out of the way until I decide what is and isn't needed.
 [![Ruby](https://github.com/genebean/dots/actions/workflows/ruby.yml/badge.svg)](https://github.com/genebean/dots/actions/workflows/ruby.yml)
-> **NOTICE:** this repo is undergoing a transformation. Historically it has been centered around using Puppet and r10k as ruby gems. I love Puppet for managing servers, but running it unprivledged as a gem has proven more than a little challenging in this specific use case. As a result, I am transitioning to using Ansible for the adhoc work that is needed here. Also, the `dots` tool and associated rake tasks will almost certainly be moved to Python 3 as it is universally available without some of the hastles of a bundler based setup.
+The new Nix bits are driven by `flake.nix` which pulls in things under `modules/`. Initial support is for both x86 macOS and NixOS. New stuff is structured like so, at least for now:
 This repo contains my dot files and a tool to deploy them, and the programs that use them, to various OS's. Some additional tools that I consider part of my baseline setup are also installed and, if possible, configured by dots.
 Dots is written in ruby and utilizes bundler to keep all its dependancies
 as self-contained as possible. Installation of programs and management of git
 repositories is handled by way of the
 [Puppet gem](https://rubygems.org/gems/puppet).
 Everything about dots macOS assumes you are running it as a normal user,
 not as root. Strange and unexpected things could well happen if you run any part
 of it as root or via sudo while on macOS. That said, sudo is required on Debian
 due to there not being an equivalent to homebrew as you need sudo to use apt.
 ## Currently Supported OS's
 * macOS
 * Linux Mint 18.2
 ## Initial Setup
 ```bash
-git clone git@github.com:genebean/dots.git ~/.dotfiles
+$ tree . -I legacy* -I link*
-cd ~/.dotfiles
+.
-bin/bootstrap.sh
+├── flake.lock
-This script takes care of getting dots ready to use
+├── flake.nix
-Enter the number of the task you want to perform:
+├── LICENSE
-1) Mac setup
+├── modules
-2) EL setup
+│   ├── darwin
-3) Mint setup
+│   │   └── default.nix
-4) Quit
+│   ├── home-manager
-Task:
+│   │   └── default.nix
 │   ├── linux
 │   └── nixos
 │       ├── dconf.nix
 │       ├── default.nix
 │       └── hardware-configuration.nix
 ├── README.md
 └── Vagrantfile
 6 directories, 10 files
 ```
 After you run the setup for your OS you will want to make sure that
 [puppet/production/hieradata/nodes/](puppet/production/hieradata/nodes/)
 contains a file matching the hostname of your machine. That file needs to
 contain at least the following:
 ```yaml
 ---
 homedir: '/Users/johndoe'
 ```
 Naturally, you will want to adjust the entry to match the real path to your
 home directory. On a Mac this is generally in `/Users/` or `/home/` on Linux.
 ## Running dots
 The primary way to interact with dots is via `bundle exec rake dots`.
 This will run an interactive cli program like so:
 ```
 $ bundle exec rake dots
 /usr/local/Cellar/ruby/2.4.1_1/bin/ruby bin/dots.rb
 It seems you are on macOS 10.12.5
 What would you like to do? (Use arrow keys, press Enter to select)
 ‣ copy
  link
  install
 ```
 If not on macOS then you will need to use sudo for the install step:
 ```
 $ sudo bundle exec rake dots
 ```
 Additional tasks are available in the
 dots namespace. You can see all the available tasks via
 `bundle exec rake -T`.
 ## Notes
 #### Running Puppet
 ```bash
 # Any of these will work:
 bundle exec rake dots:run_puppet
 bundle exec rake dots:run_puppet_noop
 bundle exec puppet apply --environmentpath ~/.dotfiles/puppet ~/.dotfiles/puppet/production/manifests/site.pp
 ```
 As mentioned above, when not on macOS you will need to prefix bundle with sudo.
 #### Installed Homebrew packages
 To see what has been installed (not the deps) run `brew leaves`
 ## Project structure
 * `bin/`: this is where the "application" bits live
 * `bin/bootstrap`: platform specific helpers called by `bin/bootstrap.sh`
 * `copy/`: files directly in this directory are copied to all hosts
 * `copy/mac/`: files in here get copied to Macs
 * `copy/nix/`: files in here get copied to all Posix systems
 * `link/`: files directly in this directory are symlinked on all hosts.
  * all symlinks are prefixed with a dot. Ex: `link/gemrc` becomes `~/.gemrc`
 * `link/linux/`: files in here get symlinked on all Linux distros
 * `link/mac/`: files in here get symlinked on all Macs
 * `link/nix/`: files in here get symlinked on all Posix systems
 * `link/ssh/`: these files get symlinked under `~/.ssh/` on all Posix systems
 * `puppet/`: this is basically a control repo modified to suit this setup
 * `puppet/production/`: items from an environment's branch in a control repo
  * this setup assumes Puppet 4 and Hiera 5. Hiera's config is parsed as part of
    the environment rather than from a global config file.
 * `spec/`: unit tests go here
 ## Adding Packages
 To add additional pacakages to be installed and managed by dots you will need to
 edit the associated Puppet manifest. Currently, this consists of the following:
 ```bash
 puppet/production/site/profile/manifests/
 ├── base.pp
 ├── linux
 │   └── debian.pp
 ├── linux.pp
 └── mac.pp
 ```
 On macOS you can easily install packages and casks from homebrew or Python
 modules from pip. On Linux Mint you can easily use any package provider
 that supports Debian or Ubuntu since all installs are done via sudo. On both
 platforms you can also use custom exec's to to work around limitations. For
 example, an exec is used on Mint to set the shell to zsh and on both platforms
 to install or update the powerline fonts.
 ## Puppet Customizations
 This repo also contains some custom facts and functions under
 `puppet/production/site/custom_libs`:
 ### Facts
 * `os_release`: this creates a structured fact out of the contents of
  /etc/os-release on Linux systems. This info is needed on Mint to determine
  what version of Ubuntu it is based on.
 ### Functions
 * `find_group`: returns the owning group's GID as a string for the file or
  folder at a given path
 * `find_owner`: returns the owning user's UID as a string for the file or
  folder at a given path
--- a/flake.lock
+++ b/flake.lock
@ -0,0 +1,204 @@
 {
  "nodes": {
    "brew-src": {
      "flake": false,
      "locked": {
        "lastModified": 1690184446,
        "narHash": "sha256-fGjvNY6ON/cdExCfwhfqmHzoxs3AZ0sev7vyBHfPGJo=",
        "owner": "Homebrew",
        "repo": "brew",
        "rev": "3b3300546b5a4e40b74f4ee33cf225cca280defe",
        "type": "github"
      },
      "original": {
        "owner": "Homebrew",
        "ref": "4.1.1",
        "repo": "brew",
        "type": "github"
      }
    },
    "flake-utils": {
      "inputs": {
        "systems": "systems"
      },
      "locked": {
        "lastModified": 1687709756,
        "narHash": "sha256-Y5wKlQSkgEK2weWdOu4J3riRd+kV/VCgHsqLNTTWQ/0=",
        "owner": "numtide",
        "repo": "flake-utils",
        "rev": "dbabf0ca0c0c4bce6ea5eaf65af5cb694d2082c7",
        "type": "github"
      },
      "original": {
        "owner": "numtide",
        "repo": "flake-utils",
        "type": "github"
      }
    },
    "genebean-omp-themes": {
      "flake": false,
      "locked": {
        "lastModified": 1694629194,
        "narHash": "sha256-k1HqpsW5buBGe3rgugQvoKw5nPu/zBWiT8blb5eHc0w=",
        "owner": "genebean",
        "repo": "my-oh-my-posh-themes",
        "rev": "eb6ba507c2f37accc926c65bac1b88293a71eb9c",
        "type": "github"
      },
      "original": {
        "owner": "genebean",
        "repo": "my-oh-my-posh-themes",
        "type": "github"
      }
    },
    "home-manager": {
      "inputs": {
        "nixpkgs": [
          "nixpkgs"
        ]
      },
      "locked": {
        "lastModified": 1694375657,
        "narHash": "sha256-32X8dcty4vPXx+D4yJPQZBo5hJ1NQikALhevGv6elO4=",
        "owner": "nix-community",
        "repo": "home-manager",
        "rev": "f7848d3e5f15ed02e3f286029697e41ee31662d7",
        "type": "github"
      },
      "original": {
        "owner": "nix-community",
        "repo": "home-manager",
        "type": "github"
      }
    },
    "nix-darwin": {
      "inputs": {
        "nixpkgs": [
          "nixpkgs"
        ]
      },
      "locked": {
        "lastModified": 1694497842,
        "narHash": "sha256-z03v/m0OwcLBok97KcUgMl8ZFw5Xwsi2z+n6nL7JdXY=",
        "owner": "lnl7",
        "repo": "nix-darwin",
        "rev": "4496ab26628c5f43d2a5c577a06683c753e32fe2",
        "type": "github"
      },
      "original": {
        "owner": "lnl7",
        "repo": "nix-darwin",
        "type": "github"
      }
    },
    "nix-darwin_2": {
      "inputs": {
        "nixpkgs": "nixpkgs"
      },
      "locked": {
        "lastModified": 1688307440,
        "narHash": "sha256-7PTjbN+/+b799YN7Tk2SS5Vh8A0L3gBo8hmB7Y0VXug=",
        "owner": "LnL7",
        "repo": "nix-darwin",
        "rev": "b06bab83bdf285ea0ae3c8e145a081eb95959047",
        "type": "github"
      },
      "original": {
        "owner": "LnL7",
        "repo": "nix-darwin",
        "type": "github"
      }
    },
    "nix-homebrew": {
      "inputs": {
        "brew-src": "brew-src",
        "flake-utils": "flake-utils",
        "nix-darwin": "nix-darwin_2",
        "nixpkgs": "nixpkgs_2"
      },
      "locked": {
        "lastModified": 1690495710,
        "narHash": "sha256-7yF5A16Ayorrpcal74mRB1EqwUAHfXnoCIgDvj+ylgo=",
        "owner": "zhaofengli-wip",
        "repo": "nix-homebrew",
        "rev": "d2738b78fd0f304f5a7ed4764b736ed2c7169b94",
        "type": "github"
      },
      "original": {
        "owner": "zhaofengli-wip",
        "repo": "nix-homebrew",
        "type": "github"
      }
    },
    "nixpkgs": {
      "locked": {
        "lastModified": 1687274257,
        "narHash": "sha256-TutzPriQcZ8FghDhEolnHcYU2oHIG5XWF+/SUBNnAOE=",
        "path": "/nix/store/22qgs3skscd9bmrxv9xv4q5d4wwm5ppx-source",
        "rev": "2c9ecd1f0400076a4d6b2193ad468ff0a7e7fdc5",
        "type": "path"
      },
      "original": {
        "id": "nixpkgs",
        "type": "indirect"
      }
    },
    "nixpkgs_2": {
      "locked": {
        "lastModified": 1688049487,
        "narHash": "sha256-100g4iaKC9MalDjUW9iN6Jl/OocTDtXdeAj7pEGIRh4=",
        "owner": "NixOS",
        "repo": "nixpkgs",
        "rev": "4bc72cae107788bf3f24f30db2e2f685c9298dc9",
        "type": "github"
      },
      "original": {
        "owner": "NixOS",
        "ref": "nixos-unstable",
        "repo": "nixpkgs",
        "type": "github"
      }
    },
    "nixpkgs_3": {
      "locked": {
        "lastModified": 1694459622,
        "narHash": "sha256-PcbBuRJKFxgb+CUQ3sliI5oRaKHHAV+OSTv6GPAccEA=",
        "owner": "nixos",
        "repo": "nixpkgs",
        "rev": "bb446a19f77e8d1d0c5ada7069d21a001442fc73",
        "type": "github"
      },
      "original": {
        "owner": "nixos",
        "repo": "nixpkgs",
        "type": "github"
      }
    },
    "root": {
      "inputs": {
        "genebean-omp-themes": "genebean-omp-themes",
        "home-manager": "home-manager",
        "nix-darwin": "nix-darwin",
        "nix-homebrew": "nix-homebrew",
        "nixpkgs": "nixpkgs_3"
      }
    },
    "systems": {
      "locked": {
        "lastModified": 1681028828,
        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
        "owner": "nix-systems",
        "repo": "default",
        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
        "type": "github"
      },
      "original": {
        "owner": "nix-systems",
        "repo": "default",
        "type": "github"
      }
    }
  },
  "root": "root",
  "version": 7
 }
--- a/flake.nix
+++ b/flake.nix
@ -0,0 +1,96 @@
 {
  description = "A flake for all my stuff";
  inputs = {
    # Where we get most of our software. Giant mono repo with recipes
    # called derivations that say how to build software.
    nixpkgs.url = "github:nixos/nixpkgs";
    # Controls system level software and settings including fonts
    nix-darwin = {
      url = "github:lnl7/nix-darwin";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    # Manages things in home directory
    home-manager = {
      url = "github:nix-community/home-manager";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    # Manage Homebrew itself
    nix-homebrew.url = "github:zhaofengli-wip/nix-homebrew";
    # My oh-my-posh theme
    genebean-omp-themes = {
      url = "github:genebean/my-oh-my-posh-themes";
      flake = false;
    };
  }; # end inputs
  outputs = { self, nixpkgs, nix-darwin, home-manager, nix-homebrew, genebean-omp-themes, ... }: {
    nixosConfigurations = let
      user = "gene";
    in {
      rainbow-planet = nixpkgs.lib.nixosSystem {
        system = "x86_64-linux";
        modules = [
          ./modules/nixos
          home-manager.nixosModules.home-manager
          {
            home-manager = {
              useGlobalPkgs = true;
              useUserPackages = true;
              users.${user}.imports = [
                ./modules/home-manager
                ./modules/nixos/dconf.nix
              ];
              extraSpecialArgs = { inherit genebean-omp-themes; };
            };
          }
        ];
      }; # end rainbow-planet
    }; # end nixosConfigurations
    # This is only set to work with x86 macOS right now... that will need to be updated
    darwinConfigurations = let
      user = "gene.liverman";
    in {
      Blue-Rock = nix-darwin.lib.darwinSystem {
        system = "x86_64-darwin";
        pkgs = import nixpkgs {
          system = "x86_64-darwin";
          config.allowUnfree = true;
        };
        modules = [
          nix-homebrew.darwinModules.nix-homebrew
          {
            nix-homebrew = {
              # Install Homebrew under the default prefix
              enable = true;
              # User owning the Homebrew prefix
              user = "${user}";
              # Automatically migrate existing Homebrew installations
              autoMigrate = true;
            };
          }
          ./modules/darwin
          home-manager.darwinModules.home-manager
          {
            home-manager = {
              useGlobalPkgs = true;
              useUserPackages = true;
              users.${user}.imports = [
                ./modules/home-manager
              ];
              extraSpecialArgs = { inherit genebean-omp-themes; };
            };
          }
        ]; # end modules
      }; # end Blue-Rock
    }; # end darwinConfigurations
  };
 }
--- a/legacy/.bundle/ansible/README.md
+++ b/legacy/.bundle/ansible/README.md
--- a/legacy/.bundle/ansible/ansible_hosts.yaml
+++ b/legacy/.bundle/ansible/ansible_hosts.yaml
--- a/legacy/.bundle/ansible/bigboy.yaml
+++ b/legacy/.bundle/ansible/bigboy.yaml
--- a/legacy/.bundle/ansible/blue-rock.yaml
+++ b/legacy/.bundle/ansible/blue-rock.yaml
--- a/legacy/.bundle/ansible/carbonbean.yaml
+++ b/legacy/.bundle/ansible/carbonbean.yaml
--- a/legacy/.bundle/ansible/server-zsh.yaml
+++ b/legacy/.bundle/ansible/server-zsh.yaml
--- a/legacy/.bundle/config
+++ b/legacy/.bundle/config
--- a/legacy/.github/dependabot.yml
+++ b/legacy/.github/dependabot.yml
--- a/legacy/.github/workflows/ansible-lint.yml
+++ b/legacy/.github/workflows/ansible-lint.yml
--- a/legacy/.github/workflows/ruby.yml
+++ b/legacy/.github/workflows/ruby.yml
--- a/legacy/.puppet-lint.rc
+++ b/legacy/.puppet-lint.rc
--- a/legacy/.rspec
+++ b/legacy/.rspec
--- a/legacy/.rubocop.yml
+++ b/legacy/.rubocop.yml
--- a/legacy/DevelopmentPlan.md
+++ b/legacy/DevelopmentPlan.md
--- a/legacy/Gemfile
+++ b/legacy/Gemfile
--- a/legacy/Gemfile.lock
+++ b/legacy/Gemfile.lock
--- a/legacy/README.md
+++ b/legacy/README.md
@ -0,0 +1,159 @@
 # dots
 [![Ansible Lint](https://github.com/genebean/dots/actions/workflows/ansible-lint.yml/badge.svg)](https://github.com/genebean/dots/actions/workflows/ansible-lint.yml)
 [![Ruby](https://github.com/genebean/dots/actions/workflows/ruby.yml/badge.svg)](https://github.com/genebean/dots/actions/workflows/ruby.yml)
 > **NOTICE:** this repo is undergoing a transformation. Historically it has been centered around using Puppet and r10k as ruby gems. I love Puppet for managing servers, but running it unprivledged as a gem has proven more than a little challenging in this specific use case. As a result, I am transitioning to using Ansible for the adhoc work that is needed here. Also, the `dots` tool and associated rake tasks will almost certainly be moved to Python 3 as it is universally available without some of the hastles of a bundler based setup.
 This repo contains my dot files and a tool to deploy them, and the programs that use them, to various OS's. Some additional tools that I consider part of my baseline setup are also installed and, if possible, configured by dots.
 Dots is written in ruby and utilizes bundler to keep all its dependancies
 as self-contained as possible. Installation of programs and management of git
 repositories is handled by way of the
 [Puppet gem](https://rubygems.org/gems/puppet).
 Everything about dots macOS assumes you are running it as a normal user,
 not as root. Strange and unexpected things could well happen if you run any part
 of it as root or via sudo while on macOS. That said, sudo is required on Debian
 due to there not being an equivalent to homebrew as you need sudo to use apt.
 ## Currently Supported OS's
 * macOS
 * Linux Mint 18.2
 ## Initial Setup
 ```bash
 git clone git@github.com:genebean/dots.git ~/.dotfiles
 cd ~/.dotfiles
 bin/bootstrap.sh
 This script takes care of getting dots ready to use
 Enter the number of the task you want to perform:
 1) Mac setup
 2) EL setup
 3) Mint setup
 4) Quit
 Task:
 ```
 After you run the setup for your OS you will want to make sure that
 [puppet/production/hieradata/nodes/](puppet/production/hieradata/nodes/)
 contains a file matching the hostname of your machine. That file needs to
 contain at least the following:
 ```yaml
 ---
 homedir: '/Users/johndoe'
 ```
 Naturally, you will want to adjust the entry to match the real path to your
 home directory. On a Mac this is generally in `/Users/` or `/home/` on Linux.
 ## Running dots
 The primary way to interact with dots is via `bundle exec rake dots`.
 This will run an interactive cli program like so:
 ```
 $ bundle exec rake dots
 /usr/local/Cellar/ruby/2.4.1_1/bin/ruby bin/dots.rb
 It seems you are on macOS 10.12.5
 What would you like to do? (Use arrow keys, press Enter to select)
 ‣ copy
  link
  install
 ```
 If not on macOS then you will need to use sudo for the install step:
 ```
 $ sudo bundle exec rake dots
 ```
 Additional tasks are available in the
 dots namespace. You can see all the available tasks via
 `bundle exec rake -T`.
 ## Notes
 #### Running Puppet
 ```bash
 # Any of these will work:
 bundle exec rake dots:run_puppet
 bundle exec rake dots:run_puppet_noop
 bundle exec puppet apply --environmentpath ~/.dotfiles/puppet ~/.dotfiles/puppet/production/manifests/site.pp
 ```
 As mentioned above, when not on macOS you will need to prefix bundle with sudo.
 #### Installed Homebrew packages
 To see what has been installed (not the deps) run `brew leaves`
 ## Project structure
 * `bin/`: this is where the "application" bits live
 * `bin/bootstrap`: platform specific helpers called by `bin/bootstrap.sh`
 * `copy/`: files directly in this directory are copied to all hosts
 * `copy/mac/`: files in here get copied to Macs
 * `copy/nix/`: files in here get copied to all Posix systems
 * `link/`: files directly in this directory are symlinked on all hosts.
  * all symlinks are prefixed with a dot. Ex: `link/gemrc` becomes `~/.gemrc`
 * `link/linux/`: files in here get symlinked on all Linux distros
 * `link/mac/`: files in here get symlinked on all Macs
 * `link/nix/`: files in here get symlinked on all Posix systems
 * `link/ssh/`: these files get symlinked under `~/.ssh/` on all Posix systems
 * `puppet/`: this is basically a control repo modified to suit this setup
 * `puppet/production/`: items from an environment's branch in a control repo
  * this setup assumes Puppet 4 and Hiera 5. Hiera's config is parsed as part of
    the environment rather than from a global config file.
 * `spec/`: unit tests go here
 ## Adding Packages
 To add additional pacakages to be installed and managed by dots you will need to
 edit the associated Puppet manifest. Currently, this consists of the following:
 ```bash
 puppet/production/site/profile/manifests/
 ├── base.pp
 ├── linux
 │   └── debian.pp
 ├── linux.pp
 └── mac.pp
 ```
 On macOS you can easily install packages and casks from homebrew or Python
 modules from pip. On Linux Mint you can easily use any package provider
 that supports Debian or Ubuntu since all installs are done via sudo. On both
 platforms you can also use custom exec's to to work around limitations. For
 example, an exec is used on Mint to set the shell to zsh and on both platforms
 to install or update the powerline fonts.
 ## Puppet Customizations
 This repo also contains some custom facts and functions under
 `puppet/production/site/custom_libs`:
 ### Facts
 * `os_release`: this creates a structured fact out of the contents of
  /etc/os-release on Linux systems. This info is needed on Mint to determine
  what version of Ubuntu it is based on.
 ### Functions
 * `find_group`: returns the owning group's GID as a string for the file or
  folder at a given path
 * `find_owner`: returns the owning user's UID as a string for the file or
  folder at a given path
--- a/legacy/Rakefile
+++ b/legacy/Rakefile
--- a/legacy/bin/bootstrap.sh
+++ b/legacy/bin/bootstrap.sh
--- a/legacy/bin/bootstrap/bootstrap_el.sh
+++ b/legacy/bin/bootstrap/bootstrap_el.sh
--- a/legacy/bin/bootstrap/bootstrap_mac.sh
+++ b/legacy/bin/bootstrap/bootstrap_mac.sh
--- a/legacy/bin/bootstrap/bootstrap_mint.sh
+++ b/legacy/bin/bootstrap/bootstrap_mint.sh
--- a/legacy/bin/casks.sh
+++ b/legacy/bin/casks.sh
--- a/legacy/bin/dots.rb
+++ b/legacy/bin/dots.rb
--- a/legacy/bin/dotutils.rb
+++ b/legacy/bin/dotutils.rb
--- a/legacy/bin/rake_tasks.rb
+++ b/legacy/bin/rake_tasks.rb
--- a/legacy/bin/sclbundle
+++ b/legacy/bin/sclbundle
--- a/legacy/bin/sclruby
+++ b/legacy/bin/sclruby
--- a/legacy/bin/shell-setup.sh
+++ b/legacy/bin/shell-setup.sh
--- a/legacy/copy/mac/gitconfig
+++ b/legacy/copy/mac/gitconfig
--- a/legacy/copy/puppetforge.yml
+++ b/legacy/copy/puppetforge.yml
--- a/legacy/puppet/production/Puppetfile
+++ b/legacy/puppet/production/Puppetfile
--- a/legacy/puppet/production/environment.conf
+++ b/legacy/puppet/production/environment.conf
--- a/legacy/puppet/production/hiera.yaml
+++ b/legacy/puppet/production/hiera.yaml
--- a/legacy/puppet/production/hieradata/common.yaml
+++ b/legacy/puppet/production/hieradata/common.yaml
--- a/legacy/puppet/production/hieradata/nodes/YellowBadger.yaml
+++ b/legacy/puppet/production/hieradata/nodes/YellowBadger.yaml
--- a/legacy/puppet/production/hieradata/nodes/bowl.yaml
+++ b/legacy/puppet/production/hieradata/nodes/bowl.yaml
--- a/legacy/puppet/production/hieradata/nodes/gene.yaml
+++ b/legacy/puppet/production/hieradata/nodes/gene.yaml
--- a/legacy/puppet/production/hieradata/nodes/mintstring.yaml
+++ b/legacy/puppet/production/hieradata/nodes/mintstring.yaml
--- a/legacy/puppet/production/manifests/site.pp
+++ b/legacy/puppet/production/manifests/site.pp
--- a/legacy/puppet/production/scripts/config_version.rb
+++ b/legacy/puppet/production/scripts/config_version.rb
--- a/legacy/puppet/production/scripts/config_version.sh
+++ b/legacy/puppet/production/scripts/config_version.sh
--- a/legacy/puppet/production/site/custom_libs/lib/facter/os_release.rb
+++ b/legacy/puppet/production/site/custom_libs/lib/facter/os_release.rb
--- a/legacy/puppet/production/site/custom_libs/lib/puppet/functions/find_group.rb
+++ b/legacy/puppet/production/site/custom_libs/lib/puppet/functions/find_group.rb
--- a/legacy/puppet/production/site/custom_libs/lib/puppet/functions/find_owner.rb
+++ b/legacy/puppet/production/site/custom_libs/lib/puppet/functions/find_owner.rb
--- a/legacy/puppet/production/site/custom_libs/lib/puppet/functions/homedir_to_user.rb
+++ b/legacy/puppet/production/site/custom_libs/lib/puppet/functions/homedir_to_user.rb
--- a/legacy/puppet/production/site/profile/manifests/base.pp
+++ b/legacy/puppet/production/site/profile/manifests/base.pp
--- a/legacy/puppet/production/site/profile/manifests/linux.pp
+++ b/legacy/puppet/production/site/profile/manifests/linux.pp
--- a/legacy/puppet/production/site/profile/manifests/linux/debian.pp
+++ b/legacy/puppet/production/site/profile/manifests/linux/debian.pp
--- a/legacy/puppet/production/site/profile/manifests/linux/el.pp
+++ b/legacy/puppet/production/site/profile/manifests/linux/el.pp
--- a/legacy/puppet/production/site/profile/manifests/linux/el/docker_repos.pp
+++ b/legacy/puppet/production/site/profile/manifests/linux/el/docker_repos.pp
--- a/legacy/puppet/production/site/profile/manifests/mac.pp
+++ b/legacy/puppet/production/site/profile/manifests/mac.pp
--- a/legacy/puppet/production/site/role/manifests/server.pp
+++ b/legacy/puppet/production/site/role/manifests/server.pp
--- a/legacy/puppet/production/site/role/manifests/workstation.pp
+++ b/legacy/puppet/production/site/role/manifests/workstation.pp
--- a/legacy/r10k.yaml
+++ b/legacy/r10k.yaml
--- a/link/nix/vimrc
+++ b/link/nix/vimrc
@ -13,6 +13,7 @@ Plugin 'elzr/vim-json'                    " provides syntax highlighting for JSO
 Plugin 'garbas/vim-snipmate'              " provides code snippets
 Plugin 'godlygeek/tabular'                " provides a method for lining things up
 Plugin 'honza/vim-snippets'               " provides snippets for use with vim-snipmate
 Plugin 'LnL7/vim-nix'                     " support for writing Nix expressions in vim
 Plugin 'MarcWeber/vim-addon-mw-utils'     " a utility used by vim-snipmate
 Plugin 'mrk21/yaml-vim'                   " provides indentation and syntax highlighting for yaml
 Plugin 'rbong/vim-flog'                   " git branch viewer built on fugitive
--- a/modules/darwin/default.nix
+++ b/modules/darwin/default.nix
@ -0,0 +1,116 @@
 { pkgs, ... }: let
  user = "gene.liverman";
 in {
  system.stateVersion = 4;
  environment = {
    shells = with pkgs; [ bash zsh ];
    loginShell = pkgs.zsh;
    pathsToLink = [
      "/Applications"
      "/share/zsh"
    ];
    systemPackages = with pkgs; [
      coreutils
      chart-testing
      hugo
      kopia
      kubectx
      mas
      nmap
      nodejs
      nodePackages.npm
      openjdk
    ];
  };
  homebrew = {
    enable = true;
    onActivation = {
      autoUpdate = true;
      cleanup = "zap";
      upgrade = true;
    };
    taps = [
      "hashicorp/tap"
      # "homebrew/bundle"
      "homebrew/cask-fonts"
      # "jandedobbeleer/oh-my-posh"
      "null-dev/firefox-profile-switcher"
      "puppetlabs/puppet"
    ];
    brews = [
      "adr-tools"
      "helm"
      "kubernetes-cli"
    ];
    casks = [
      "1password"
      "1password-cli"
      "amethyst"
      "audacity"
      "cakebrew"
      "elgato-stream-deck"
      "firefox"
      "font-hack-nerd-font"
      "font-inconsolata-g-for-powerline"
      "font-source-code-pro-for-powerline"
      "google-drive"
      "iterm2"
      "keepingyouawake"
      "kopiaui"
      "libreoffice"
      "logseq"
      "nextcloud"
      "obs"
      "onlyoffice"
      "pdk"
      "puppet-bolt"
      "qmk-toolbox"
      "raycast"
      "signal"
      "tailscale"
      "thunderbird"
      "vagrant"
      "vivaldi"
      "virtualbox"
      "vlc"
      "whatsapp"
      "zenmap"
    ];
    masApps = {
      "1Password for Safari" = 1569813296;
      "BetterSnapTool" = 417375580;
      "Home Assistant" = 1099568401;
      "HomeCam" = 1292995895;
      "MeetingBar" = 1532419400;
      "Microsoft Remote Desktop" = 1295203466;
    };
  };
  nix = {
    settings = {
      bash-prompt-prefix = "(nix:$name)\040";
      build-users-group = "nixbld";
      experimental-features = [
        "auto-allocate-uids"
        "flakes"
        "nix-command"
      ];
      trusted-users = [ "@admin" "${user}" ];
    };
    extraOptions = ''
      # Generated by https://github.com/DeterminateSystems/nix-installer, version 0.11.0.
      extra-nix-path = nixpkgs=flake:nixpkgs
    '';
  };
  programs.zsh.enable = true;
  services.nix-daemon.enable = true;
  users.users.${user} = {
    home = "/Users/${user}";
    shell = pkgs.zsh;
  };
 }
--- a/modules/home-manager/default.nix
+++ b/modules/home-manager/default.nix
@ -0,0 +1,197 @@
 { pkgs, genebean-omp-themes, ... }: {
  home.stateVersion = "23.11";
  home.packages = with pkgs; [
    colordiff
    dog
    dos2unix
    du-dust
    element-desktop
    gotop
    htop
    hub
    jq
    meld
    mtr
    nix-zsh-completions
    rename
    slack
    subversion
    tree
    watch
    wget
    yq
    zoom-us
  ];
  home.sessionVariables = {
    CLICLOLOR = 1;
    PAGER = "less";
  };
  programs = {
    bat = {
      enable = true;
      config = {
        theme = "Dracula";
      };
    };
    eza.enable = true;
    gh.enable = true;
    git = {
      enable = true;
      delta.enable = true;
      lfs.enable = true;
      package = pkgs.gitAndTools.gitFull;
    };
    go = {
      enable = true;
      goPath = "go";
    };
    jq.enable = true;
    k9s.enable = true;
    neovim.enable = true;
    oh-my-posh = {
      enable = true;
      enableZshIntegration = true;
      settings = builtins.fromJSON (builtins.unsafeDiscardStringContext (builtins.readFile (genebean-omp-themes + "/beanbag.omp.json")));
    };
    vim = {
      enable = true;
      defaultEditor = true;
      plugins = with pkgs.vimPlugins; [
        vim-json
        vim-snipmate
        tabular
        vim-snippets
        vim-nix
        vim-addon-mw-utils
        vim-yaml
        vim-flog
        vim-puppet
        tlib_vim
        vim-fugitive
        vim-airline
        vim-airline-themes
        vim-ruby
        syntastic
      ];
      settings = {
        background = "dark";
        expandtab = true;
      };
      extraConfig = ''
        set nocompatible                              " be iMproved, required
        filetype plugin indent on                     " required for plugins to be able to adjust indent
        syntax on                                     " enable syntax highlighting
        set encoding=utf-8
        set termencoding=utf-8
        set t_Co=256                                  " tell vim we have 256 colors to work with
        set autoindent                                " automatically indent new lines
        set backspace=2                               " make backspace work like most other programs
        set fillchars+=stl:\ ,stlnc:\                 " fix added per powerline troubleshooting docs
        set laststatus=2                              " Always display the status line in all windows
        set noshowmode                                " Hide the default mode text (e.g. -- INSERT -- below the status line)
        set smarttab                                  " helps with expanding tabs to spaces (I think)
        set statusline+=%{FugitiveStatusline()}       " get git info via fugitive plugin
        set statusline+=%#warningmsg#                 " recommended setting from syntastic plugin
        set statusline+=%{SyntasticStatuslineFlag()}  " recommended setting from syntastic plugin
        set statusline+=%*                            " recommended setting from syntastic plugin
        " This has to come after colorscheme, if defined, to not be masked
        highlight ColorColumn ctermbg=232             " set the color to be used for guidelines
        let &colorcolumn=join(range(81,999),",")      " change the background color of everything beyond 80 characters
        let g:snipMate = { 'snippet_version' : 1 }
        " settings for the syntastic plugin
        let g:syntastic_always_populate_loc_list = 1
        let g:syntastic_auto_loc_list            = 1
        let g:syntastic_check_on_open            = 1
        let g:syntastic_check_on_wq              = 0
        let g:syntastic_enable_signs             = 1
        let g:syntastic_ruby_checkers            = ['rubocop']
        let g:syntastic_quiet_messages           = {'level': 'warnings'}
        " don't wrap text in markdown files
        let g:vim_markdown_folding_disabled      = 1
        " settings for vim-airline
        let g:airline_theme='badwolf'
        let g:airline_powerline_fonts = 1
      '';
    };
    vscode = {
      enable = true;
    };
    zsh = {
      enable = true;
      enableCompletion = true;
      enableAutosuggestions = true;
      history.save = 1000000;
      history.size = 1000000;
      initExtra = ''
        [ -f ~/.private-env ] && source ~/.private-env || echo '~/.private-env is missing'
        # Start GPG agent
        # Some tips from https://hedberg.io/yubikey-for-ssh/ helped simplify this:
        if [[ $(uname) == 'Darwin' ]]; then
          # Add GPG Suite binaries to the path:
          export PATH=/usr/local/MacGPG2/bin:$PATH
        fi
        export GPG_TTY=$(tty)
        if [[ `uname` == 'Linux' ]]; then
          alias uwgconnect='nmcli dev wifi connect SecureWest password'
          alias uwgforget='nmcli connection delete SecureWest'
          alias ykey='sudo systemctl restart pcscd && sudo pkill -9 gpg-agent && source ~/.zshrc; ssh-add -L'
        else
          alias currentwifi='networksetup -getairportnetwork en0 |cut -d ":" -f2- | cut -d " " -f2-'
          alias uwgconnect='networksetup -setairportnetwork en0 SecureWest'
          alias uwgforget='networksetup -removepreferredwirelessnetwork en0 SecureWest'
          alias ykey='pkill -9 gpg-agent && source ~/.zshrc; ssh-add -L'
        fi
        if [[ `uname` != 'Linux' ]]; then
          function otpon() {
                  osascript -e 'tell application "yubiswitch" to KeyOn'
          }
          function otpoff() {
                  osascript -e 'tell application "yubiswitch" to KeyOff'
          }
        fi
      '';
      oh-my-zsh = {
        enable = true;
        plugins = [
          "bundler"
          "gem"
          "git"
          "github"
          "history"
          "kubectl"
          "macos"
          "pip"
          "terraform"
          "vagrant"
          "vscode"
        ];
      };
      shellAliases = {
        beo = "bundle exec onceover run spec --trace --force";
        biv = "bundle install --path=vendor/bundle";
        ce = "code-exploration";
        gbc = ''
          git branch --merged | command grep -vE "^(\*|\s*(main|master|develop|production)\s*$)" | command xargs -n 1 git branch -d
        '';
        gitextract = "git log --pretty=email --patch-with-stat --reverse --full-index --binary --";
        gpge = "gpg2 --encrypt --sign --armor -r ";
        hubpr = "hub pull-request --push --browse";
        pssh = "ssh -o 'UserKnownHostsFile /dev/null' -o 'StrictHostKeyChecking no' -o PubkeyAcceptedKeyTypes=+ssh-rsa -o HostKeyAlgorithms=+ssh-rsa -o KexAlgorithms=+diffie-hellman-group1-sha1 -i ~/.ssh/id_rsa-acceptance";
        sal = "ssh-add -L";
        st = "open -a SourceTree";
        sz = "source ~/.zshrc";
        usegpg = "killall ssh-agent; export SSH_AUTH_SOCK=$(gpgconf --list-dirs agent-ssh-socket) && gpgconf --launch gpg-agent";
        usessh = "gpgconf --kill gpg-agent";
      };
    }; # end zsh
  };
 }
--- a/modules/nixos/dconf.nix
+++ b/modules/nixos/dconf.nix
@ -0,0 +1,24 @@
 # Generated via dconf2nix: https://github.com/gvolpe/dconf2nix
 { lib, ... }:
 with lib.hm.gvariant;
 {
  dconf.settings = {
    "com/gexperts/Tilix/profiles/2b7c4080-0ddd-46c5-8f23-563fd3ba789d" = {
      background-color = "#272822";
      background-transparency-percent = 10;
      badge-color-set = false;
      bold-color-set = false;
      cursor-colors-set = false;
      font = "Hack Nerd Font Mono 12";
      foreground-color = "#F8F8F2";
      highlight-colors-set = false;
      palette = [ "#272822" "#F92672" "#A6E22E" "#F4BF75" "#66D9EF" "#AE81FF" "#A1EFE4" "#F8F8F2" "#75715E" "#F92672" "#A6E22E" "#F4BF75" "#66D9EF" "#AE81FF" "#A1EFE4" "#F9F8F5" ];
      use-system-font = false;
      use-theme-colors = false;
      visible-name = "Default";
    };
  };
 }
--- a/modules/nixos/default.nix
+++ b/modules/nixos/default.nix
@ -0,0 +1,128 @@
 { config, pkgs, ... }: let
  user = "gene";
  hostname = "rainbow-planet";
 in {
  imports =
    [ # Include the results of the hardware scan.
      ./hardware-configuration.nix
    ];
  system.stateVersion = "23.05";
  # Bootloader.
  boot.loader.systemd-boot.enable = true;
  boot.loader.efi.canTouchEfiVariables = true;
  networking = {
    hostName = "${hostname}";
    networkmanager.enable = true;
  };
  time.timeZone = "America/New_York";
  # Select internationalisation properties.
  i18n = {
    defaultLocale = "en_US.UTF-8";
    extraLocaleSettings = {
      LC_ADDRESS = "en_US.UTF-8";
      LC_IDENTIFICATION = "en_US.UTF-8";
      LC_MEASUREMENT = "en_US.UTF-8";
      LC_MONETARY = "en_US.UTF-8";
      LC_NAME = "en_US.UTF-8";
      LC_NUMERIC = "en_US.UTF-8";
      LC_PAPER = "en_US.UTF-8";
      LC_TELEPHONE = "en_US.UTF-8";
      LC_TIME = "en_US.UTF-8";
    };
  };
  services.xserver = {
    enable = true;    # Enable the X11 windowing system.
    # Configure keymap in X11
    layout = "us";
    xkbVariant = "";
  };
  # Enable the GNOME Desktop Environment.
  services.xserver.displayManager.gdm.enable = true;
  services.xserver.desktopManager.gnome.enable = true;
  services.udev.packages = with pkgs; [
    gnome.gnome-settings-daemon
  ];
  # Enable CUPS to print documents.
  services.printing.enable = true;
  # Enable sound with pipewire.
  sound.enable = true;
  hardware.pulseaudio.enable = false;
  security.rtkit.enable = true;
  services.pipewire = {
    enable = true;
    alsa.enable = true;
    alsa.support32Bit = true;
    pulse.enable = true;
  };
  # Enable touchpad support (enabled default in most desktopManager).
  # services.xserver.libinput.enable = true;
  # Define a user account. Don't forget to set a password with ‘passwd’.
  users.users.${user} = {
    isNormalUser = true;
    description = "Gene Liverman";
    extraGroups = [ "networkmanager" "wheel" "dialout" ];
    packages = with pkgs; [
     tailscale-systray
    ];
  };
  environment.shells = with pkgs; [ bash zsh ];
  users.defaultUserShell = pkgs.zsh;
  programs.zsh.enable = true;
  security.sudo.wheelNeedsPassword = false;
  # Allow unfree packages
  nixpkgs.config.allowUnfree = true;
  # List packages installed in system profile. To search, run:
  # $ nix search wget
  environment.systemPackages = with pkgs; [
    dconf2nix
    firefox
    gnomeExtensions.appindicator
    gnomeExtensions.caffeine
    gnomeExtensions.dash-to-panel
    gnomeExtensions.user-themes
    libreoffice
    neofetch
    tailscale
    tilix
    vivaldi
  ];
  programs._1password.enable = true;
  programs._1password-gui = {
    enable = true;
    # Certain features, including CLI integration and system authentication support,
    # require enabling PolKit integration on some desktop environments (e.g. Plasma).
    polkitPolicyOwners = [ "${user}" ];
  };
  nix.settings = {
    allowed-users = [ "${user}" ];
    experimental-features = [
      "flakes"
      "nix-command"
    ];
  };
  fonts.fontDir.enable = false;
  fonts.packages = [ (pkgs.nerdfonts.override { fonts = [
    "Hack"
    "SourceCodePro"
  ]; }) ];
 }
--- a/modules/nixos/hardware-configuration.nix
+++ b/modules/nixos/hardware-configuration.nix
@ -0,0 +1,40 @@
 # Do not modify this file!  It was generated by ‘nixos-generate-config’
 # and may be overwritten by future invocations.  Please make changes
 # to /etc/nixos/configuration.nix instead.
 { config, lib, pkgs, modulesPath, ... }:
 {
  imports =
    [ (modulesPath + "/installer/scan/not-detected.nix")
    ];
  boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
  boot.initrd.kernelModules = [ ];
  boot.kernelModules = [ "kvm-intel" ];
  boot.extraModulePackages = [ ];
  fileSystems."/" =
    { device = "/dev/disk/by-uuid/eb9a2c7e-ae61-4d06-9464-49b98d576f7c";
      fsType = "ext4";
    };
  fileSystems."/boot" =
    { device = "/dev/disk/by-uuid/924D-E7A4";
      fsType = "vfat";
    };
  swapDevices =
    [ { device = "/dev/disk/by-uuid/166d24ca-401c-492e-845d-bb1d0d6d7d86"; }
    ];
  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
  # (the default) this is the recommended approach. When using systemd-networkd it's
  # still possible to use this option, but it's recommended to use it in conjunction
  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
  networking.useDHCP = lib.mkDefault true;
  # networking.interfaces.wlp58s0.useDHCP = lib.mkDefault true;
  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
  powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
 }