From aef10f1db090d41b30386ab805b180f451f0cf69 Mon Sep 17 00:00:00 2001
From: Gene Liverman <gene.liverman@ltnglobal.com>
Date: Thu, 8 Feb 2024 13:54:45 -0500
Subject: [PATCH] Adding mightymac

This adds all the code needed to get mightmac setup, at least to start
with. A couple of other things were changed to account for this being
the first Apple Silicon Mac I have used.

Additionally, I have restricted VLC to only select Macs now due to
using a custom build of it on my work computer.
---
 .sops.yaml                                    |  6 +++
 flake.nix                                     |  1 +
 .../hosts/mightymac/gene.liverman.nix         | 24 +++++++++
 .../home-manager/hosts/mightymac/secrets.yaml | 23 ++++++++
 modules/hosts/darwin/AirPuppet/default.nix    |  1 +
 modules/hosts/darwin/mightymac/default.nix    | 52 +++++++++++++++++++
 modules/system/common/all-darwin.nix          |  5 +-
 7 files changed, 111 insertions(+), 1 deletion(-)
 create mode 100644 modules/home-manager/hosts/mightymac/gene.liverman.nix
 create mode 100644 modules/home-manager/hosts/mightymac/secrets.yaml
 create mode 100644 modules/hosts/darwin/mightymac/default.nix

diff --git a/.sops.yaml b/.sops.yaml
index 2c1d07c..d930bf4 100644
--- a/.sops.yaml
+++ b/.sops.yaml
@@ -5,6 +5,7 @@ keys:
   - &system_rainbow_planet age15xlw5vnnjdx2ypz6rq0mqcywuaj3yx8y6lrgf95satafqf7y4qus6rv6ck
   - &user_airpuppet age1awdf9h0avajf57cudx0rjfmxu2wlxw8wf3sa7yvfk8rp4j6taecsu74x77
   - &user_blue_rock age1rt72txg22w8y3cdvq9w7zff0cas6xtkplpj36kxnevfnrtn82f6ss7yw7d
+  - &user_mightymac age1zz34qx3n3dj63sva24kaymetv3apn58lafjq4dl6zw7xxachuyts00mhck
   - &user_mini_watcher age1rpy8edlpgxuf6w75cvlqexuq2xe4c49h9t2ge6jhc3fzczp8vfasnjelwq
 creation_rules:
   - path_regex: hetznix01/secrets.yaml$
@@ -27,6 +28,10 @@ creation_rules:
     key_groups:
       - age:
           - *user_blue_rock
+  - path_regex: mightymac/secrets.yaml$
+    key_groups:
+      - age:
+          - *user_mightymac
   - path_regex: mini-watcher/secrets.yaml$
     key_groups:
       - age:
@@ -39,6 +44,7 @@ creation_rules:
           - *system_rainbow_planet
           - *user_airpuppet
           - *user_blue_rock
+          - *user_mightymac
           - *user_mini_watcher
 
 
diff --git a/flake.nix b/flake.nix
index 01d591d..b52adf0 100644
--- a/flake.nix
+++ b/flake.nix
@@ -138,6 +138,7 @@
       darwinConfigurations = {
         AirPuppet = darwinHostConfig "x86_64-darwin" "AirPuppet" "gene";
         Blue-Rock = darwinHostConfig "x86_64-darwin" "Blue-Rock" "gene.liverman";
+        mightymac = darwinHostConfig "aarch64-darwin" "mightymac" "gene.liverman";
       };
 
       nixosConfigurations = {
diff --git a/modules/home-manager/hosts/mightymac/gene.liverman.nix b/modules/home-manager/hosts/mightymac/gene.liverman.nix
new file mode 100644
index 0000000..321be9e
--- /dev/null
+++ b/modules/home-manager/hosts/mightymac/gene.liverman.nix
@@ -0,0 +1,24 @@
+{ pkgs, genebean-omp-themes, sops-nix, username, ... }: {
+  home.stateVersion = "23.11";
+  imports = [
+    ../../common/all-cli.nix
+    ../../common/all-gui.nix
+    ../../common/all-darwin.nix
+  ];
+
+  programs = {
+    go = {
+      enable = true;
+      goPath = "go";
+    };
+    k9s.enable = true;
+  };
+
+  sops = {
+    defaultSopsFile = ./secrets.yaml;
+    secrets = {
+      local_git_config.path = "/Users/${username}/.gitconfig-local";
+      local_private_env.path = "/Users/${username}/.private-env";
+    };
+  };
+}
diff --git a/modules/home-manager/hosts/mightymac/secrets.yaml b/modules/home-manager/hosts/mightymac/secrets.yaml
new file mode 100644
index 0000000..f4cdfa2
--- /dev/null
+++ b/modules/home-manager/hosts/mightymac/secrets.yaml
@@ -0,0 +1,23 @@
+tailscale_key: ENC[AES256_GCM,data:rWN6mW6LC/EjMTbMjXkCmMQYEehEbViScKeaLEOpR6VSZJFD0aZI9wh5yKcQeaUT0BiJIzITsUxj,iv:aCqdsW7JPq6Q2kFl6ZciwIQfzAbs9LvhWilbEI8okAc=,tag:U0p4UND/n26ZF17keSL0DA==,type:str]
+local_git_config: ENC[AES256_GCM,data:CQjq1bFnc8jdv2bM3Ez4hEgC6CtH5xQx4nFhqSRG7oV8DtMLQOwYklQt9Fra,iv:Wxw1or1+QaROvqe7QzTRi9oJSjrPtk0N60kq7jDfdWM=,tag:eODZOCeZMM/HoeRSeeNVLA==,type:str]
+local_private_env: ENC[AES256_GCM,data:BhAbHzQ67mXo7TH4ygZxpytnx5S08zSsFeWlZefQySe5zZSuKaOgBssduxrJ/t1uDeOlv4ibsqh4G4EKkIIkW9UNVMnQIpyFaq4L0Ayj1loX5pSgkmhwnXnw2SQ24m6yuPZcoAzAJdMa8rItUOLn4Xsr+uepApI1bRHSFENaHj5Ju31cuiHNdNn/u63Zm/9Y5MpPFluhZg4aSt80gXX+wk3In0LB+rlJeLmuROJx9V+4BuTtEVtB2cJuNtgmSj3J7HzYCONaox4q4MmuYdCGuWMe0mKdZ7JYyUh0ROvNajxnyuQgxwNrDhLtFSjo/3s3Uewn3+d8tFJf3AP9QpyiZ5y6DMdZiRv9urN3ApQTZF4GzggTggkGarmapEUejG6PNrkTNR/ENRxsX0WO28BY4fyOtIF8S6hR4fCTVLx+bx1TY8ki5bQ4TM3hW0dW8c2xu68qKrK0xWeQV/Mf89pl+OgJ4vIjNAWb/PPTmZE4pEFhMnbShdU7rL48hnNX2upBwTheE9LTStea/dMZU9ivfEfOlqVd0sgpL6/F/V7ENPLy5gEqfRlQs/MqhOJ68Yip/hFc56/qSjOJ0/mseCdghJKtEmO8QuaZeJuNVv4ErHegrlItHes7c9Y95NsqKqENbVqdXfQeeuHInP7SIS/BRitj8isl/NNguchHRPGFv45SnOjqvSG4W6jVtNuqd1ENg4qztMtCczBi/pij+t5WSMjztjR/iQyuaHVK/XCg5kaET3ZbijlpdCuJ6cHD4VquJOPaSJEJs9KBU8OG0UyR261pj2eEavuX3ZUuI7PqzQgr3pJ8NuwV837J5NFmX9HixlxgOGTsdZOETlnnzRKxX34K/gyrB4My232iuO+UEmV8IYobfYSh4DNZ2GyE17871OTDZAq/OkRxQ7NAP280bkL2flJ1sSF0pNd2EHW2HQzsAmM4dJXg2Qgny7FcP9hi5saTnBCEEZ88TPuXMHwVqz4D4viYH7Gnh1Ie045bxnRG1d3FUI9ixdbnYUA7xNjr/l0abuv6X4it67dkKgf2529gtuGPr45fHkchM1Ix9wvIH6y8ymnheIfWbraCyzJv3h3ecePo6m7rqmd86UqwhtZUFOt1Vk8YjVW4FYcL+Y5J1p5KOKJkFz3tsBppQi0CQRkKxSnjRuTTGIZoOfqhTi4BfYjwPJNHP6Q39rOt8GndfnrkOlVHjSCIsYWL15d+zp8i8zR8yjB1w5lOlRHhBv70DNrnzvsSwIoB36aR21fvRmmdlVYXDnkj/fOMygPc6ws0gTr6Rh71qaSJDNAY9lhUjaTV1cQEoE481vY7+WWUsudKjV+Gc4OG9RadasaST6cNp9JPDW/Nj7RnE7GWsl89gxV+wKeRiYmfmbFVe6ptx0VzXx4P8Et2t72ARWD4iCwK5UamHCDrp6l/Fisl7fsQqxH7W+DXL3nE5nbh1XSKiSKdSsDERQ4CnYKoYSRrkK5tkHUsyxbK4rys0XAFzBon7RbkHn5yllcykJLKTy7pbmudfdMhDhyq/BfylkifsXVBrdVUPGxwm9TbYFdRXT3Dk3Q2x0Vvatp1gsUMWTYk2uaOEALn3EUbrJ5qgV63gOAzezZ40lOjA8R3ZJPOd+QsVfjCRS87H9jJrrJktSGP+x7vX1luqGwkWWesL9ciYz0d9ag6eVzCF+GrIa9ZMXbKY+8zH1RnLhta2yscdtrxGt5/D6RDJlfqOchwVLaCH09ao6Vl3qAL37QEdSqVbuYo6xmIEYRmdykvDJE+aZRs9+qGkxCJPOhFmh0GiRJ/dRKszxFvmLzyOrz6f6nC1MtSpQD9PMN/ED71mVv1M+VdF/6sbcxEa3UdJbpwNXt1qjZuvY6Am1ZIF3O8b0SL2J1K5hB9gVm3jt77kHYcqHCCPzgHrERPuqcIpiHZjsI5MPFYlc5VZZPyPcEQ0/1UaOwMKffVNIeMV91Y4uuXj3XJ95EkjaRNJwYhTvi7HA37DOPHUOXmLeICm35SQl8JfEar38PxRCeuJA5ZjFY5IHvV6wG9pLcnYhZHoMdbdnnfbEyTtiskeNWTL0zn4ZDXgV1G4M3DNWCob+tPh1E//i1xE/WiygjhV7mOP9QiJ/Uo78N/6bsXHKXapCCALpwYiZ0XqkHq11ehdy6Ox6v6MI4laRMjMSW6YVvTCHNkk3GTyQbxYspSlUjmV3dhEs/cxVv+lyNSJ+wKZztuQTNCo2VE2Oyt6ZqIzFyX5MwdT1UL0WxLI21xQWILrcIjO9lcBIVC0AmaL58eLxm+w3mUSBVdE1IN8a0shnHCMngJkvqD32i1Ovq+wvR8On5PAYgO9f39WOsZ3lhxQPcg0MCdjkOfg7HRc1Kkw+ovFqBeospTPy2UgA/PX+t4Qsgh7+qz/itD8wsSdb+7VLx1ciPVrS0Wn/Y+sU+BpXvLQjtgWaHK2prFYZtoD5sTZNUpC9uvxiblixlJQC9kQpFuAAw7vlCSIuFgMz4T58XHQf/4aPq/goKchxIIA3m4jFwSFwTHdfg/ily+0fJCFANha2b2Kcvrdps3d6Tm/sOXCXMygy1E2lMwDG/DvpQNIHqUvxk4HzPwZy2hbfROrkUbqd8xRgXyN0Q8EN4P4Qupdj2VCK/m/QpxOhHSbY/0725Y4tY0ROwucT79oNgnogq76st0dMG13DdEyTwUvt0fwMUMfQ6NjDDhk6kUCWYJVQVtg6VE/iwWNnQiMEy3N6drSEQ9cVlYURC7b37VvTTXNQg3cworzXjBGIrWjkZmrPd0/Lo4LvlKPf0pZlv6F5KYGRGE6t6TqXAB6H/oHLRne0K4UGCtZmixqfzdbabxnvLZzp4NMF34v1PDkLPcVvZqXO1Jt7hFp65T6wpXVNnX7bbvLF3IHazENUSSa51ixqwpG+Cp9U82xI8tJ2T+1BIn3dyMs9yDyYfv8D4Kaj2PxBCWnF7eq2EJZjBmJyHeX2SH96ZxNm3oZmZ0ixfqW8STfnuXsxyFXYb7Ux1AQlk78Zg+Yq76ez+qhFIkvDRjwg/D42E7voUdltQOJosWd9A5aaVGDX7Af1MFRzO+kaWlKqPGUrnQXkbzjQFDiO20YThg3u/6jT1tdy5zx4WQ7w/M8JYgDZiAADhfWgzbqTDSfeKKqpT77WOytLa/XZT7ePjK+uMgXxZQhZUOwPCrugxrS/ygFzCU/CBcE58k0mqDMsdkG7Sfa5etBQaVi5KRnwOximbuo6omLZyRvRGc4+qzBYL6HcC1HfWr6XgYDNzRuJ46rv0jK+jDrhD7A0OatPoOSfhIn+zp/s08nae5zaXLeJ/RJKKlialm/KSrD1jbop66FfFTLeier8NQKZ1yisXd8OPlrOpGMt75vLjvqTimKl1/MByINrH47VTUNbEDJVdty+9j726T/0KiOpXQYsM5rfloJMNrfNhd0+VDVPqhzh6Iym0gZ1rgBwA/8MNh0hhe65ObdMdy4eM3TBpw2aPmyn+Hb73I54OwsS5f,iv:TzVm6eqJyeD39aijd0XeMMLUwSzZqpRwzTXluFMze1E=,tag:c3UXLJTROVo8daKE6LOHNw==,type:str]
+sops:
+    kms: []
+    gcp_kms: []
+    azure_kv: []
+    hc_vault: []
+    age:
+        - recipient: age1zz34qx3n3dj63sva24kaymetv3apn58lafjq4dl6zw7xxachuyts00mhck
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3VEdwRHBZWWt2bERMV1Zm
+            K0VHb2NFVXBmMFpWYUh2V2VoYXRueTVuUER3CkdKK1pZb21qRjZvTFdlSzdjREpD
+            NXdwbjdKb2JrNXRTQUtiU0tlaWpzWUUKLS0tIE9Yck5NZC9IcTFFTDUwQytsTUdU
+            YndNc25Xemxrd2VXSStlbTJjZFBOR0UKe6wxJBlS7YZJXW3f/rlmKanqu9SeYXYB
+            qxEU+fMDfQ/R+jRo6fGRtNnnY3nowZP+hSYYuGT9SRFwqYR1M3xeqw==
+            -----END AGE ENCRYPTED FILE-----
+    lastmodified: "2024-02-08T16:42:14Z"
+    mac: ENC[AES256_GCM,data:vz/fYYvjlell4faiJJomj38cn4aJQYexv+sq4qDHupvq/6gCI+pLkBYxUIzY6F7P9WXE00RblkzKcqwAlai+DwUMjqAUVKs6I35IIcjyvcL94xYJFMHnWA09gNmxUwitT/t8wJLwOmetyBrdp3oM9Jrp0y3WQVfpTapbp8Ckopo=,iv:38cU1awy0WHLjRqBREoyEHdMQNSi3uXvn78Ny3lNiKo=,tag:OI8ueMAvOfou2bMemASicg==,type:str]
+    pgp: []
+    unencrypted_suffix: _unencrypted
+    version: 3.8.1
diff --git a/modules/hosts/darwin/AirPuppet/default.nix b/modules/hosts/darwin/AirPuppet/default.nix
index 35963be..17b71e5 100644
--- a/modules/hosts/darwin/AirPuppet/default.nix
+++ b/modules/hosts/darwin/AirPuppet/default.nix
@@ -7,6 +7,7 @@
       "backblaze"
       "calibre"
       "steam"
+      "vlc"
     ];
     masApps = {
       "HomeCam" = 1292995895;
diff --git a/modules/hosts/darwin/mightymac/default.nix b/modules/hosts/darwin/mightymac/default.nix
new file mode 100644
index 0000000..51d51f0
--- /dev/null
+++ b/modules/hosts/darwin/mightymac/default.nix
@@ -0,0 +1,52 @@
+{ pkgs, ... }: {
+  system.stateVersion = 4;
+
+  environment = {
+    systemPackages = with pkgs; [
+      chart-testing
+      kopia
+      kubectx
+      python2
+    ];
+  };
+
+  homebrew = {
+    taps = [
+      "hashicorp/tap"
+      # "homebrew/bundle"
+      # "jandedobbeleer/oh-my-posh"
+      "puppetlabs/puppet"
+    ];
+    brews = [
+      "adr-tools"
+      "helm"
+      "kubernetes-cli"
+    ];
+    casks = [
+      "asana"
+      "boinc"
+      "discord"
+      "elgato-stream-deck"
+      "google-drive"
+      "kopiaui"
+      "obs"
+      "pdk"
+      "puppet-agent"
+      "puppet-bolt"
+      "qmk-toolbox"
+      "thunderbird"
+      "vagrant"
+      "vial"
+      "whalebird"
+      "zenmap"
+    ];
+    masApps = {
+      "HomeCam" = 1292995895;
+      "Keeper Password Manager" = 414781829;
+      "MeetingBar" = 1532419400;
+      "Microsoft Remote Desktop" = 1295203466;
+      "Telegram" = 747648890;
+      "WhatsApp Messenger" = 310633997;
+    };
+  };
+}
diff --git a/modules/system/common/all-darwin.nix b/modules/system/common/all-darwin.nix
index 482d975..c19c32a 100644
--- a/modules/system/common/all-darwin.nix
+++ b/modules/system/common/all-darwin.nix
@@ -42,6 +42,7 @@
       "angry-ip-scanner"
       "audacity"
       "balenaetcher"
+      #"displaylink"
       "element"
       "firefox"
       "font-hack-nerd-font"
@@ -66,7 +67,6 @@
       "sonos"
       "tailscale"
       "vivaldi"
-      "vlc"
       "zoom"
     ];
     masApps = {
@@ -87,12 +87,15 @@
         "auto-allocate-uids"
         "flakes"
         "nix-command"
+        "repl-flake"
       ];
       trusted-users = [ "@admin" "${username}" ];
     };
     extraOptions = ''
       # Generated by https://github.com/DeterminateSystems/nix-installer, version 0.11.0.
       extra-nix-path = nixpkgs=flake:nixpkgs
+      # Uncoment below after validation bug is fixed
+      #upgrade-nix-store-path-url = https://install.determinate.systems/nix-upgrade/stable/universal
     '';
   };