commit ef4c366340439ddf7bcdf57ed715169a764abbf1
parent 92323c82f2a815d14884aaa2221c6b05ca96acbb
Author: Chris <chris@echoz.io>
Date: Sun, 12 Oct 2025 19:42:09 +0200
feat: set up oama and gpg
Diffstat:
4 files changed, 97 insertions(+), 11 deletions(-)
diff --git a/flake.lock b/flake.lock
@@ -95,17 +95,16 @@
]
},
"locked": {
- "lastModified": 1759851869,
- "narHash": "sha256-RpJ7lDywFHdDe9VGr8AwuMw/sInwR1mNmmsb7/E6wUs=",
- "owner": "echozio",
+ "lastModified": 1760239230,
+ "narHash": "sha256-eqSP/BAbQwNTlQ/6yuK0yILzZAPNNj91gp6oIfVtu/E=",
+ "owner": "nix-community",
"repo": "home-manager",
- "rev": "ba334bed0838204abf3d3f2a54563039ebc018d0",
+ "rev": "c4aaddeaecc09554c92518fd904e3e84b497ed09",
"type": "github"
},
"original": {
- "owner": "echozio",
+ "owner": "nix-community",
"repo": "home-manager",
- "rev": "ba334bed0838204abf3d3f2a54563039ebc018d0",
"type": "github"
}
},
@@ -215,11 +214,11 @@
"nixpkgs": "nixpkgs_2"
},
"locked": {
- "lastModified": 1760024177,
- "narHash": "sha256-LcmR500wmu1BDSsN+gv/OzVdjtfYbBHbrqaIRlib5qA=",
+ "lastModified": 1760290788,
+ "narHash": "sha256-5tIni4HDZdMHi1YpPpTWBRX48BIrQIgREJv73fuFW9A=",
"owner": "echozio",
"repo": "sec",
- "rev": "1a0ba8fe5439510f5e932a84aea32d01bcccda73",
+ "rev": "65d1cbf141d0c6191c5813051f6080d5aa9c0a77",
"type": "github"
},
"original": {
diff --git a/flake.nix b/flake.nix
@@ -3,8 +3,7 @@
nixpkgs.url = "nixpkgs/nixos-unstable";
disko.url = "github:nix-community/disko/v1.12.0";
- # home-manager.url = "github:nix-community/home-manager";
- home-manager.url = "github:echozio/home-manager/ba334bed0838204abf3d3f2a54563039ebc018d0";
+ home-manager.url = "github:nix-community/home-manager";
impermanence.url = "github:nix-community/impermanence";
sops-nix.url = "github:Mic92/sops-nix";
walker.url = "github:abenz1267/walker";
diff --git a/modules/gpg/default.nix b/modules/gpg/default.nix
@@ -0,0 +1,30 @@
+{
+ lib,
+ pkgs,
+
+ user,
+ ...
+}:
+{
+ home-manager.users.${user} =
+ { config, ... }:
+ {
+ programs.gpg = {
+ enable = true;
+ homedir = "${config.xdg.dataHome}/gnupg";
+ mutableKeys = false;
+ mutableTrust = false;
+ };
+
+ services.gpg-agent = {
+ enable = true;
+ pinentry.package = pkgs.writeShellScriptBin "rbw-pinentry-wrapper" ''
+ if [ -n "$WAYLAND_DISPLAY" ]; then
+ exec ${lib.getExe config.programs.wayprompt.package} "$@"
+ else
+ exec ${lib.getExe pkgs.pinentry-tty} "$@"
+ fi
+ '';
+ };
+ };
+}
diff --git a/modules/oama/default.nix b/modules/oama/default.nix
@@ -0,0 +1,58 @@
+{
+ lib,
+ pkgs,
+
+ user,
+ ...
+}:
+{
+ environment.persistence."/fix".users.${user}.directories = [
+ {
+ directory = ".local/state/oama";
+ mode = "0700";
+ }
+ ];
+
+ home-manager.users.${user} =
+ { config, ... }:
+ {
+ options.programs.oama = {
+ settings = lib.mkOption {
+ type =
+ with lib.types;
+ let
+ jsonValue = nullOr (oneOf [
+ (attrsOf jsonValue)
+ (listOf jsonValue)
+ number
+ str
+ bool
+ ]);
+ in
+ jsonValue;
+ default = null;
+ };
+ };
+
+ config =
+ let
+ cfg = config.programs.oama;
+ in
+ {
+ home.packages = [ pkgs.oama ];
+
+ xdg.configFile."oama/config.yaml" = lib.mkIf (cfg.settings != null) {
+ text = builtins.toJSON cfg.settings;
+ };
+
+ programs.oama.settings = {
+ encryption.tag = "GPG";
+ services.google = {
+ client_id = "406964657835-aq8lmia8j95dhl1a2bvharmfk3t1hgqj.apps.googleusercontent.com";
+ client_secret = "kSmqreRr0qwBWJgbf5Y-PjSU";
+ auth_scopes = "https://mail.google.com/";
+ };
+ };
+ };
+ };
+}
