From 27a2c78f988c4087510d028c52197fa102d6feab Mon Sep 17 00:00:00 2001 From: Milo Moisson Date: Sun, 27 Oct 2024 15:59:28 +0100 Subject: [PATCH] feat: enforce dependencies between fragments --- README.md | 15 ++++++++++++--- home-manager/fragments/epita.nix | 22 +++++++++++----------- home-manager/fragments/git.nix | 9 +++++++-- home-manager/fragments/helix.nix | 7 ++++++- home-manager/fragments/kitty.nix | 9 ++++++++- home-manager/fragments/vm.nix | 1 - home-manager/fragments/xdg-mime.nix | 15 +++++++++++++-- home-manager/profiles/desktop.nix | 8 ++++++-- home-manager/profiles/lightweight.nix | 6 ++++-- home-manager/profiles/macintosh.nix | 7 ++++--- nixos/fragments/agenix.nix | 22 ++++++++++++++-------- nixos/fragments/backup.nix | 3 +++ nixos/profiles/laptop.nix | 3 --- shells.nix | 15 ++++++--------- 14 files changed, 94 insertions(+), 48 deletions(-) diff --git a/README.md b/README.md index 5fb23b5..4cdee45 100644 --- a/README.md +++ b/README.md @@ -37,6 +37,7 @@ ## Add a new module - Copy template and replace `` with module name + ```nix { config , lib @@ -46,13 +47,21 @@ cfg = config.local.fragment.; in { - options.local.fragment..enable = lib.mkEnableOption '' + options.local.fragment."".enable = lib.mkEnableOption '' related - Depends on: + Depends on: + - [] : + - ... ''; - config = lib.mkIf cfg.enable { }; + config = lib.mkIf cfg.enable { + assertions = [ + { assertion = config.""; message = " module depends on "; } + ]; + + # put the rest of the config down below + }; } ``` diff --git a/home-manager/fragments/epita.nix b/home-manager/fragments/epita.nix index cc928ea..d560b32 100644 --- a/home-manager/fragments/epita.nix +++ b/home-manager/fragments/epita.nix @@ -19,7 +19,7 @@ let MOUNT_DIR="$XDG_RUNTIME_DIR/afs-epita" klist || kinit -f "$USERNAME@CRI.EPITA.FR" - ls "$MOUNT_DIR" || mkdir "$MOUNT_DIR" + ls "$MOUNT_DIR" >/dev/null || mkdir -v "$MOUNT_DIR" sshfs -o reconnect "$USERNAME@ssh.cri.epita.fr:$REMOTE_DIR" "$MOUNT_DIR" ''; }; @@ -28,20 +28,20 @@ in options.local.fragment.epita.enable = lib.mkEnableOption '' EPITA related - Depends on: SSH + Depends on: + - `ssh` program: Mount AFS script needs SSH ''; config = lib.mkIf cfg.enable { + assertions = [ + { assertion = config.programs.ssh.enable; message = "`epita` fragment depends on `ssh` program"; } + ]; + # Needed for sshfs - programs.ssh = { - # TODO: should depends on ssh module, may conflict later - enable = true; - - matchBlocks."ssh.cri.epita.fr" = { - extraOptions = { - GSSAPIAuthentication = "yes"; - GSSAPIDelegateCredentials = "yes"; - }; + programs.ssh.matchBlocks."ssh.cri.epita.fr" = { + extraOptions = { + GSSAPIAuthentication = "yes"; + GSSAPIDelegateCredentials = "yes"; }; }; diff --git a/home-manager/fragments/git.nix b/home-manager/fragments/git.nix index 0ca7224..603172c 100644 --- a/home-manager/fragments/git.nix +++ b/home-manager/fragments/git.nix @@ -13,10 +13,15 @@ in options.local.fragment.git.enable = lib.mkEnableOption '' Git related - Depends on: Agenix + Depends on: + - `agenix` fragment: Need for GPG key and GitGuardian API key ''; config = lib.mkIf cfg.enable { + assertions = [ + { assertion = config.local.fragment.agenix.enable; message = "`git` fragment depends on `agenix` fragment"; } + ]; + home.sessionVariables = { # Disable annoying warning message GIT_DISCOVERY_ACROSS_FILESYSTEM = 0; @@ -27,7 +32,7 @@ in lfs.enable = true; userName = "Milo Moisson"; - # TODO: this email should be behind a secret + # TODO: this email should be behind a secret or at least a config userEmail = "milomoisson@gmail.com"; signing = { diff --git a/home-manager/fragments/helix.nix b/home-manager/fragments/helix.nix index 9f7cde1..6b1310e 100644 --- a/home-manager/fragments/helix.nix +++ b/home-manager/fragments/helix.nix @@ -20,10 +20,15 @@ in options.local.fragment.helix.enable = lib.mkEnableOption '' Helix editor related - Depends on: Agenix + Depends on: + - `agenix` fragment: WakaTime key ''; config = lib.mkIf cfg.enable { + assertions = [ + { assertion = config.local.fragment.agenix.enable; message = "`helix` fragment depends on `agenix` fragment"; } + ]; + programs.helix = { enable = true; package = if flags.onlyCached then pkgs.helix else lpkgs.helix; diff --git a/home-manager/fragments/kitty.nix b/home-manager/fragments/kitty.nix index d226a01..b354b54 100644 --- a/home-manager/fragments/kitty.nix +++ b/home-manager/fragments/kitty.nix @@ -12,10 +12,17 @@ in options.local.fragment.kitty.enable = lib.mkEnableOption '' Kitty related - Depends on: `fish` + Depends on: + - (Darwin) `fish` program: lauches fish on startup + + Has weird behavior if set as login shell ''; config = lib.mkIf cfg.enable { + assertions = [ + { assertion = (!isDarwin) || config.programs.fish.enable; message = "`kitty` fragment depends on `fish` program on darwin platforms"; } + ]; + programs.kitty = { enable = true; settings = { diff --git a/home-manager/fragments/vm.nix b/home-manager/fragments/vm.nix index 8af42ee..a7eddb5 100644 --- a/home-manager/fragments/vm.nix +++ b/home-manager/fragments/vm.nix @@ -317,7 +317,6 @@ in "--locked XF86AudioMute" = "exec ${pamixer} --toggle-mute"; "--locked XF86AudioMicMute" = "exec ${pamixer} --default-source --toggle-mute"; "--locked XF86MonBrightnessUp" = "exec ${brightnessctl} --exponent set 5%+"; - # TODO: expertiment with min-value "--locked XF86MonBrightnessDown" = "exec ${brightnessctl} --exponent set 5%- --min-value=1"; "--locked XF86TouchpadToggle" = ''input "type:touchpad" events toggle enabled disabled_on_external_mouse''; } diff --git a/home-manager/fragments/xdg-mime.nix b/home-manager/fragments/xdg-mime.nix index 34d029c..c35be7c 100644 --- a/home-manager/fragments/xdg-mime.nix +++ b/home-manager/fragments/xdg-mime.nix @@ -1,5 +1,6 @@ { config , lib +, pkgs , ... }: @@ -7,14 +8,24 @@ let cfg = config.local.fragment.xdg-mime; in { - # TODO: enforce dependence options.local.fragment.xdg-mime.enable = lib.mkEnableOption '' Sets default applications based on mime type. - Depends on: `nautilus`, `firefox`, `imv`, `kitty`. + Depends on: + - `firefox` program: default browser + - `imv` program: default image viewer + - `kitty` program: default terminal + - `nautilus` program: default file explorer ''; config = lib.mkIf cfg.enable { + assertions = [ + { assertion = config.programs.firefox.enable; message = "`xdg-mime` fragment depends on `firefox` program"; } + { assertion = config.programs.imv.enable; message = "`xdg-mime` fragment depends on `imv` program"; } + { assertion = config.programs.kitty.enable; message = "`xdg-mime` fragment depends on `kitty` program"; } + { assertion = lib.lists.count (drv: (drv.pname or "") == pkgs.gnome.nautilus.pname) config.home.packages > 0; message = "`xdg-mime` fragment depends on `nautilus` program"; } + ]; + xdg.mimeApps = { enable = true; diff --git a/home-manager/profiles/desktop.nix b/home-manager/profiles/desktop.nix index a897cc9..c3194eb 100644 --- a/home-manager/profiles/desktop.nix +++ b/home-manager/profiles/desktop.nix @@ -8,8 +8,6 @@ , ... }: -if (isDarwin) then throw "this is a HM non-darwin config" else - let inherit (self.outputs) homeManagerModules; @@ -22,6 +20,10 @@ in ]; config = { + assertions = [ + { assertion = !isDarwin; message = "this is a HM non-darwin config"; } + ]; + local.fragment = { agenix.enable = true; aws.enable = true; @@ -130,6 +132,8 @@ in programs.broot.enable = true; + programs.ssh.enable = true; + programs.bat = { enable = true; config = { diff --git a/home-manager/profiles/lightweight.nix b/home-manager/profiles/lightweight.nix index 87ae8f1..59b9012 100644 --- a/home-manager/profiles/lightweight.nix +++ b/home-manager/profiles/lightweight.nix @@ -8,8 +8,6 @@ , ... }: -if (isDarwin) then throw "this is a HM non-darwin config" else - let inherit (self.outputs) homeManagerModules; @@ -22,6 +20,10 @@ in ]; config = { + assertions = [ + { assertion = !isDarwin; message = "this is a HM non-darwin config"; } + ]; + local.flags.onlyCached = true; local.fragment = { diff --git a/home-manager/profiles/macintosh.nix b/home-manager/profiles/macintosh.nix index 71adabc..b024c01 100644 --- a/home-manager/profiles/macintosh.nix +++ b/home-manager/profiles/macintosh.nix @@ -1,6 +1,5 @@ { self , config -, lib , llib , pkgs @@ -10,8 +9,6 @@ , ... }: -if (!isDarwin) then throw "this is a HM darwin-only config" else - let inherit (self.outputs) homeManagerModules; inherit (self.inputs) agenix; @@ -33,6 +30,10 @@ in ]; config = { + assertions = [ + { assertion = isDarwin; message = "this is a HM darwin-only config"; } + ]; + local.fragment = { aws.enable = true; git.enable = true; diff --git a/nixos/fragments/agenix.nix b/nixos/fragments/agenix.nix index 2c07149..50fe61a 100644 --- a/nixos/fragments/agenix.nix +++ b/nixos/fragments/agenix.nix @@ -17,20 +17,26 @@ in (if isDarwin then agenix.darwinModules.default else agenix.nixosModules.default) ]; - # TODO: enforce dependance options.local.fragment.agenix.enable = lib.mkEnableOption '' Agenix secrets manager - Depends on: OpenSSH (`security`) + Depends on: + - `openssh` services: needs host machine keys ''; config = lib.mkIf cfg.enable { - # By default, agenix uses host machine keys (aka `openssh.hostKeys`). - # These are always available at boot in opposition to user one that might - # be located on luks protected partitions. - # age.identityPaths = [ ]; - - age.secrets = all-secrets.nixos; + assertions = [ + { assertion = config.services.openssh.enable; message = "`agenix` fragement depends on `openssh` program"; } + ]; + + age = { + # By default, agenix uses host machine keys (aka `openssh.hostKeys`). + # These are always available at boot in opposition to user one that might + # be located on luks protected partitions. + # identityPaths = [ ]; + + secrets = all-secrets.nixos; + }; }; } diff --git a/nixos/fragments/backup.nix b/nixos/fragments/backup.nix index c454d71..9a51361 100644 --- a/nixos/fragments/backup.nix +++ b/nixos/fragments/backup.nix @@ -17,6 +17,9 @@ in Backup related ''; + # TODO: fix module + config.assertions = lib.optional cfg.enable { assertion = false; message = "module is broken"; }; + config.services.restic.backups = lib.mkIf cfg.enable { # Backup documents and repos code google-drive = { diff --git a/nixos/profiles/laptop.nix b/nixos/profiles/laptop.nix index d0b5620..64e39bc 100644 --- a/nixos/profiles/laptop.nix +++ b/nixos/profiles/laptop.nix @@ -24,9 +24,6 @@ in virtualisation.enable = true; wireless.enable = true; fonts.enable = true; - - # TODO: fix module first - # backup.enable = true; }; networking.hosts = { diff --git a/shells.nix b/shells.nix index a545502..1adf913 100644 --- a/shells.nix +++ b/shells.nix @@ -1,21 +1,18 @@ -{ self -, lib -, lpkgs -, system +{ lpkgs , ... }@pkgs: let - inherit (self.outputs) packages; - - allSelfPackages = lib.mapAttrsToList (_: value: value) packages.${system}; - mkPackageShell = packages: pkgs.mkShell { inherit packages; }; in { # Import packages of this flake along with useful tools for managing dotfiles - default = mkPackageShell (with pkgs; [ just lpkgs.agenix ]); + default = mkPackageShell (with pkgs; [ + lpkgs.agenix + home-manager + just + ]); # Add presets that I can quickly use