added authentication for darwin system

2025-06-28 19:10:41 -05:00
parent d9128fcf06
commit 6fc18f11a5
8 changed files with 102 additions and 99 deletions
@@ -1,84 +1,87 @@
 {
-  general = {
-    Hostname = "hakase";
-    Username = "lsoriano";
-    Timezone = "America/Chicago";
+  myConfig = {
+    general = {
+      Hostname = "hakase";
+      Username = "lsoriano";
+      Timezone = "America/Chicago";

-    allowUnfree = true; # allows installation of commercial apps.
+      allowUnfree = true; # allows installation of commercial apps.

-    terminal = {
-      Font = "JetBrainsMono Nerd Font"; # e.g., JetBrainsMono Nerd Font
-      Size = "11";
-      Shell = "fish";
-      Aliases = {
-        ls = "ls --color=auto";
-        update = ''
-          if [[ $(uname) == "Darwin" ]];
-            sudo darwin-rebuild switch --flake ~/.config/nixos#macos
-          else
-            sudo nixos-rebuild switch --flake ~/.config/nixos#desktop && home-manager switch --flake ~/.config/nixos#desktop
-          fi
+      terminal = {
+        Font = "JetBrainsMono Nerd Font"; # e.g., JetBrainsMono Nerd Font
+        Size = "11";
+        Shell = "fish";
+        Aliases = {
+          ls = "ls --color=auto";
+          update = ''
+            if [[ $(uname) == "Darwin" ]];
+              sudo darwin-rebuild switch --flake ~/.config/nixos#macos
+            else
+              sudo nixos-rebuild switch --flake ~/.config/nixos#desktop && home-manager switch --flake ~/.config/nixos#desktop
+            fi
+          '';
+          agu = "pkill gjs & ags run ~/.config/nixos/pkgs/ags/biscuit/app.ts & disown (jobs -p) &";
+        };
+      };
+      gitProfile = {
+        User = "kenji";
+        Email = "kenji@sakamoto.dev";
+        defaultBranch = "master";
+      };
+      ssh = {
+        extraConfig = ''
+          Host macair
+            User biscuit
+            HostName 192.168.68.81
        '';
-        agu = "pkill gjs & ags run ~/.config/nixos/pkgs/ags/biscuit/app.ts & disown (jobs -p) &";
      };
    };
-    gitProfile = {
-      User = "kenji";
-      Email = "kenji@sakamoto.dev";
-      defaultBranch = "master";
-    };
-    ssh = {
-      extraConfig = ''
-        Host macair
-          User biscuit
-          HostName 192.168.68.81
-      '';
-    };
-  };

-  builds = {
-    builder = {
-      trustedUsers = [
-        "@groups"
-        "biscuit"
-      ];
-      buildMachines = [
-        {
-          hostName = "192.168.68.81";
-          sshUser = "biscuit";
-          sshKey = "/home/biscuit/.ssh/id_rsa.pub";
-          system = "x86_64-linux";
-          supportedFeatures = ["big-parallel" "kvm" "nixos-test"];
-        }
-      ];
-    };
-  };
-
-  linux = {
-    system = "x86_64";
-
-    vpn = {
-      Enable = true;
-      secretFile = builtins.toPath ./secrets/.vpn.yaml;
-    };
-
-    touchpadSupport = false;
-    logitech-hardware.enable = false;
-
-    # Custom Applications
-    linux-apps = {
-      gaming = true;
-      my-apps = pkgs:
-        with pkgs; [
-          jellyfin-media-player
+    builds = {
+      builder = {
+        trustedUsers = [
+          "@groups"
+          "biscuit"
        ];
+        buildMachines = [
+          {
+            hostName = "192.168.68.81";
+            sshUser = "biscuit";
+            sshKey = "/home/biscuit/.ssh/id_rsa.pub";
+            system = "x86_64-linux";
+            supportedFeatures = ["big-parallel" "kvm" "nixos-test"];
+          }
+        ];
+      };
    };
-    hyprconf = {
-      Monitor = [
-        # hyprctl monitors all
-        # monitor, resolution@refreshrate, position (e.g., 0x0 is middle, 0x1080 is top), scale
-        ",highres@highrr,auto,auto"
-      ];
+
+    linux = {
+      system = "x86_64";
+      gaming = true;
+
+      vpn = {
+        Enable = true;
+        secretFile = builtins.toPath ./secrets/.vpn.yaml;
+      };
+
+      touchpadSupport = false;
+      logitech-hardware.enable = false;
+
+      # Custom Applications
+      linux-apps = {
+        gaming = true;
+        my-apps = pkgs:
+          with pkgs; [
+            jellyfin-media-player
+          ];
+      };
+      hyprconf = {
+        Monitor = [
+          # hyprctl monitors all
+          # monitor, resolution@refreshrate, position (e.g., 0x0 is middle, 0x1080 is top), scale
+          ",highres@highrr,auto,auto"
+        ];
+      };
    };
  };
 }
@@ -1,7 +1,6 @@
 {
  pkgs,
-  builds,
-  general,
+  myConfig,
  ...
 }: {
  imports = [
@@ -10,7 +9,6 @@
  # List packages installed in system profile. To search by name, run:
  # $ nix-env -qaP | grep wget
  environment.systemPackages = with pkgs; [
-    python313Full
  ];

  # Auto upgrade nix package and the daemon service.
@@ -20,7 +18,7 @@

  # Necessary for using flakes on this system.
  nix.settings.experimental-features = "nix-command flakes";
-  nix.settings.trusted-users = builds.builder.trustedUsers;
+  nix.settings.trusted-users = myConfig.builds.builder.trustedUsers;

  # Create /etc/zshrc that loads the nix-darwin environment.
  programs.zsh.enable = true; # default shell on catalina
@@ -31,12 +29,13 @@

  # The platform the configuration will be used on.
  nixpkgs.hostPlatform = "aarch64-darwin";
+  security.pam.services.sudo_local.touchIdAuth = true;

-  users.users.${general.Username} = {
-    name = "${general.Username}";
-    home = "/Users/${general.Username}";
-    shell = pkgs.${general.terminal.Shell};
+  users.users.${myConfig.general.Username} = {
+    name = "${myConfig.general.Username}";
+    home = "/Users/${myConfig.general.Username}";
+    shell = pkgs.${myConfig.general.terminal.Shell};
  };

-  home-manager.users.${general.Username} = import ../../home/macos.nix;
+  home-manager.users.${myConfig.general.Username} = import ../../home/macos.nix;
 }
@@ -1,4 +1,6 @@
-{...}: {
-  imports = [
-  ];
+{lib, ...}: {
+  imports =
+    [
+    ]
+    ++ [lib.optionals (linux-apps.gamingDesktop == true)];
 }
@@ -1,6 +1,6 @@
 {
  pkgs,
-  general,
+  myConfig,
  ...
 }: {
  programs.zoxide.enable = true;
@@ -12,7 +12,7 @@
      zoxide init fish | source

    '';
-    shellAliases = general.terminal.Aliases;
+    shellAliases = myConfig.general.terminal.Aliases;

    plugins = with pkgs.fishPlugins; [
    ];
@@ -1,10 +1,10 @@
-{general, ...}: {
+{myConfig, ...}: {
  programs.git = {
    enable = true;
    extraConfig = {
-      user.name = "${general.gitProfile.User}";
-      user.email = "${general.gitProfile.Email}";
-      init.defaultBranch = "${general.gitProfile.defaultBranch}";
+      user.name = "${myConfig.general.gitProfile.User}";
+      user.email = "${myConfig.general.gitProfile.Email}";
+      init.defaultBranch = "${myConfig.general.gitProfile.defaultBranch}";
    };
  };
 }
@@ -1,4 +1,4 @@
-{general, ...}: {
+{myConfig, ...}: {
  programs.kitty = {
    enable = true;

@@ -7,8 +7,8 @@
      confirm_os_window_close = 0;
      window_padding_width = 10;

-      font_size = general.terminal.Size;
-      font_family = general.terminal.Font;
+      font_size = myConfig.general.terminal.Size;
+      font_family = myConfig.general.terminal.Font;
      bold_font = "auto";
      italic_font = "auto";
      bold_italic_font = "auto";
@@ -1,6 +1,6 @@
 {
  pkgs,
-  general,
+  myConfig,
  ...
 }: {
  home.packages = with pkgs; [
@@ -13,7 +13,7 @@
  programs.zsh = {
    enableCompletion = false;
    syntaxHighlighting.enable = false;
-    shellAliases = general.terminal.Aliases;
+    shellAliases = myConfig.general.terminal.Aliases;
    history.size = 10000;
    antidote = {
      enable = true;
@@ -1,13 +1,12 @@
 {
  pkgs,
-  general,
-  terminal,
+  myConfig,
  ...
 }: {
  users = {
-    defaultUserShell = pkgs.${terminal.Shell};
+    defaultUserShell = pkgs.${myConfig.terminal.Shell};
    users = {
-      ${general.Username} = {
+      ${myConfig.general.Username} = {
        isNormalUser = true;
        extraGroups = ["wheel" "networkmanager" "input"];
        initialHashedPassword = "$6$19ss/QojER5kh20A$4VnZASq0CN4LLKSUvFfGzXsvEPprRa96u7c5GkSPWdKEuZp7aQQ5EHmZ5nsmKYlWu10gXKL.xHBBG2y33IbW01";