diff --git a/flake.lock b/flake.lock index 0b81522..93bf57e 100644 --- a/flake.lock +++ b/flake.lock @@ -64,11 +64,11 @@ "zon2nix": "zon2nix" }, "locked": { - "lastModified": 1754941490, - "narHash": "sha256-2AJf0q4u1zakqjr0y4dCyqzdDSil8P5m2YpZxAAzJJw=", + "lastModified": 1756131615, + "narHash": "sha256-rmmsEZglqzgxIePTKe5wCIQ3syzAb4jE3RpNxD/2tzY=", "owner": "ghostty-org", "repo": "ghostty", - "rev": "5bf632e9cc0e77a578bad983b0cbdf0451ce87d4", + "rev": "8aa0b4c92a54f822043e134d2b84ee29844f944e", "type": "github" }, "original": { @@ -84,11 +84,11 @@ ] }, "locked": { - "lastModified": 1753592768, - "narHash": "sha256-oV695RvbAE4+R9pcsT9shmp6zE/+IZe6evHWX63f2Qg=", + "lastModified": 1755928099, + "narHash": "sha256-OILVkfhRCm8u18IZ2DKR8gz8CVZM2ZcJmQBXmjFLIfk=", "owner": "nix-community", "repo": "home-manager", - "rev": "fc3add429f21450359369af74c2375cb34a2d204", + "rev": "4a44fb9f7555da362af9d499817084f4288a957f", "type": "github" }, "original": { @@ -129,11 +129,24 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1754767907, - "narHash": "sha256-8OnUzRQZkqtUol9vuUuQC30hzpMreKptNyET2T9lB6g=", + "lastModified": 1755972213, + "narHash": "sha256-VYK7aDAv8H1enXn1ECRHmGbeY6RqLnNwUJkOwloIsko=", + "rev": "73e96df7cff5783f45e21342a75a1540c4eddce4", + "type": "tarball", + "url": "https://releases.nixos.org/nixos/unstable-small/nixos-25.11pre850642.73e96df7cff5/nixexprs.tar.xz" + }, + "original": { + "type": "tarball", + "url": "https://channels.nixos.org/nixos-unstable-small/nixexprs.tar.xz" + } + }, + "nixpkgs_3": { + "locked": { + "lastModified": 1755922037, + "narHash": "sha256-wY1+2JPH0ZZC4BQefoZw/k+3+DowFyfOxv17CN/idKs=", "owner": "nixos", "repo": "nixpkgs", - "rev": "c5f08b62ed75415439d48152c2a784e36909b1bc", + "rev": "b1b3291469652d5a2edb0becc4ef0246fff97a7c", "type": "github" }, "original": { @@ -149,7 +162,7 @@ "ghostty": "ghostty", "home-manager": "home-manager", "nix-flatpak": "nix-flatpak", - "nixpkgs": "nixpkgs_2" + "nixpkgs": "nixpkgs_3" } }, "systems": { @@ -202,23 +215,20 @@ "ghostty", "flake-utils" ], - "nixpkgs": [ - "ghostty", - "nixpkgs" - ] + "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1742104771, - "narHash": "sha256-LhidlyEA9MP8jGe1rEnyjGFCzLLgCdDpYeWggibayr0=", + "lastModified": 1756000480, + "narHash": "sha256-fR5pdcjO0II5MNdCzqvyokyuFkmff7/FyBAjUS6sMfA=", "owner": "jcollie", "repo": "zon2nix", - "rev": "56c159be489cc6c0e73c3930bd908ddc6fe89613", + "rev": "d9dc9ef1ab9ae45b5c9d80c6a747cc9968ee0c60", "type": "github" }, "original": { "owner": "jcollie", "repo": "zon2nix", - "rev": "56c159be489cc6c0e73c3930bd908ddc6fe89613", + "rev": "d9dc9ef1ab9ae45b5c9d80c6a747cc9968ee0c60", "type": "github" } } diff --git a/modules/common/environment.nix b/modules/common/environment.nix index d4e931c..2c7c8b9 100644 --- a/modules/common/environment.nix +++ b/modules/common/environment.nix @@ -1,20 +1,23 @@ { lib, pkgs, ... }: { - # Common packages that every system will use environment.systemPackages = with pkgs; [ git vim neovim usbutils coreutils - lshw - systemd - dmidecode pciutils - nix-ld patchelf htop - ]; + ] ++ + lib.optionals pkgs.stdenv.isLinux (with pkgs; [ + systemd + lshw + dmidecode + nix-ld + ]) ++ + lib.optionals pkgs.stdenv.isDarwin (with pkgs; [ + # nothing here, yet ;) + ]); - # Common environment variables that every system will use environment.variables.EDITOR = "nvim"; } diff --git a/modules/common/users.nix b/modules/common/users.nix index 1663a61..0ac1fb9 100644 --- a/modules/common/users.nix +++ b/modules/common/users.nix @@ -1,30 +1,23 @@ +{ lib, pkgs, userName, hostname, ... }: + { - lib, - pkgs, - userName, - hostname, - ... -} @ args: { networking.hostName = hostname; + + users.users."${userName}" = { + home = if pkgs.stdenv.isDarwin + then "/Users/${userName}" + else "/home/${userName}"; + description = userName; + } // lib.optionalAttrs pkgs.stdenv.isLinux { + group = "${userName}"; + isNormalUser = true; + }; + + users.groups.wyatt = {}; + nix.settings.trusted-users = [userName]; - # Don't forget to set a password with ‘passwd’! - users.users."${userName}" = lib.mkMerge [ - { - home = - if pkgs.stdenv.isDarwin - then "/Users/${userName}" - else "/home/${userName}"; - description = userName; - } - - (lib.mkIf (pkgs.stdenv.isLinux) { - group = "${userName}"; - isNormalUser = true; - }) - ]; - - security.sudo = { - extraRules = [ + security = lib.optionalAttrs pkgs.stdenv.isLinux { + sudo.extraRules = [ { groups = [ "wheel" ]; commands = [ @@ -37,7 +30,9 @@ ]; }; - users.groups.wyatt = {}; - - nix.settings.trusted-users = [userName]; + environment = lib.optionalAttrs pkgs.stdenv.isDarwin { + etc."sudoers.d/wheel-nopasswd".text = '' + %wheel ALL=(ALL:ALL) NOPASSWD: SETENV: ALL + ''; + }; } diff --git a/modules/security/sudo.nix b/modules/security/sudo.nix index 79360e8..e71b56d 100644 --- a/modules/security/sudo.nix +++ b/modules/security/sudo.nix @@ -5,7 +5,7 @@ }: with lib; { options = { - security.sudo = { + security.sudoers = { needsPassword = mkOption { type = types.bool; default = true;