update age and sops file initization, add ripgrep in fzf

allthatjazzleo · Jul 28, 2024 · 8c9c099 · 8c9c099
1 parent ea9f72e
commit 8c9c099
Show file tree

Hide file tree

Showing 7 changed files with 80 additions and 36 deletions.
diff --git a/cells/homemanager/home.nix b/cells/homemanager/home.nix
@@ -43,12 +43,8 @@ in {
     home = {
       inherit homeDirectory packages;
       username = user.username;
-      stateVersion = "23.05"; # See https://nixos.org/manual/nixpkgs/stable for most recent version
+      stateVersion = "24.05"; # See https://nixos.org/manual/nixpkgs/stable for most recent version
       sessionVariables = {
-        # DAML_HOME = getPkgOutPath {
-        #   pkgs = packages;
-        #   name = "daml-sdk";
-        # };
         PKG_CONFIG_PATH = "${(getPkgOutPath {
           pkgs = packages;
           name = "openssl";
@@ -73,29 +69,37 @@ in {
 
     programs = cell.programs.default homeDirectory user;
 
-    age.identityPaths =
-      options.age.identityPaths.default
-      ++ userAgeIdentityPaths;
-    age.secrets.ssh-config = {
-      file = ./secrets/ssh-config.age;
-      path = "${homeDirectory}/.ssh/config";
-    };
-    age.secrets.nix-config = {
-      file = ./secrets/nix.conf.age;
-      path = "${homeDirectory}/.config/nix/nix.conf";
-    };
-    age.secrets.sops-age-key = {
-      file = ./secrets/sops-age-key.age;
-      path = sopsAgeKeyPath;
-    };
+    age.identityPaths = userAgeIdentityPaths;
 
-    sops = {
-      age.keyFile = config.age.secrets.sops-age-key.path;
-      defaultSopsFile = ./secrets/secrets.yaml;
-      secrets.mysecret = {
-        path = "${homeDirectory}/.config/mysecret";
-      };
-    };
+    # don't create age and sops secrets if no age key identity paths are provided to avoid errors
+    age.secrets =
+      if builtins.length config.age.identityPaths > 0
+      then {
+        ssh-config = {
+          file = ./secrets/ssh-config.age;
+          path = "${homeDirectory}/.ssh/config";
+        };
+        nix-config = {
+          file = ./secrets/nix.conf.age;
+          path = "${homeDirectory}/.config/nix/nix.conf";
+        };
+        sops-age-key = {
+          file = ./secrets/sops-age-key.age;
+          path = sopsAgeKeyPath;
+        };
+      }
+      else {};
+
+    sops =
+      if builtins.length config.age.identityPaths > 0
+      then {
+        age.keyFile = config.age.secrets.sops-age-key.path;
+        defaultSopsFile = ./secrets/secrets.yaml;
+        secrets.mysecret = {
+          path = "${homeDirectory}/.config/mysecret";
+        };
+      }
+      else {};
 
     nixpkgs = {
       config = {

diff --git a/cells/homemanager/packages.nix b/cells/homemanager/packages.nix
@@ -50,7 +50,7 @@ in {
         nixfmt-classic
         nodejs-18_x
         operator-sdk
-        open-interpreter
+        # open-interpreter
         openssl_3_2
         pkg-config
         poetry
@@ -59,6 +59,7 @@ in {
         rustup
         shellcheck
         smartmontools
+        sops
         starship
         terraform
         tflint

diff --git a/cells/homemanager/programs.nix b/cells/homemanager/programs.nix
@@ -23,6 +23,16 @@ in {
         userName = user.github_username;
         delta = {
           enable = true;
+          options = {
+            features = "decorations";
+            whitespace-error-style = "22 reverse";
+            line-numbers = true;
+            decorations = {
+              commit-decoration-style = "bold yellow box ul";
+              file-style = "bold yellow ul";
+              file-decoration-style = "none";
+            };
+          };
         };
         lfs = {
           enable = true;

diff --git a/cells/homemanager/programs/starship.nix b/cells/homemanager/programs/starship.nix
@@ -75,7 +75,7 @@
       golang = {format = "via [🏎💨 $version](bold cyan) ";};
       terraform = {format = "via [🏎💨 $version$workspace]($style) ";};
       kubernetes = {
-        format = "on [⛵ ($user on )($cluster in )$context ($namespace)](dimmed green) ";
+        format = "on [⛵ ($user on )($cluster in )($namespace)](dimmed green) ";
         disabled = false;
         context_aliases = {
           "dev.local.cluster.k8s" = "dev";

diff --git a/cells/homemanager/programs/zsh.nix b/cells/homemanager/programs/zsh.nix
@@ -44,19 +44,25 @@
     };
     history = {size = 100000;};
     initExtraFirst = ''
+      # Nix
+      if [ -e '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh' ]; then
+        . '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh'
+      fi
+      # End Nix
       # python
-      for dir in $(ls -rd $HOME/Library/Python/*); do
+      for dir in $(ls -rd $HOME/Library/Python/*(N)); do
+        if [ "$dir" = "." ]; then
+          continue
+        fi
         export PATH="$dir/bin:$PATH"
       done
       # End python
       # Cargo
       export PATH="$HOME/.cargo/bin:$PATH"
       # End Cargo
-      # Nix
-      if [ -e '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh' ]; then
-        . '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh'
-      fi
-      # End Nix
+      # Go bin
+      export PATH="$(go env GOPATH)/bin:$PATH"
+      # End Go bin
       # krew
       export PATH="$HOME/.krew/bin:$PATH"
       # End krew
@@ -68,6 +74,22 @@
           cd)           fzf --preview 'eza --tree --color=always {} | head -200'   "$@" ;;
           export|unset) fzf --preview "eval 'echo \$'{}"         "$@" ;;
           ssh)          fzf --preview 'dig {}'                   "$@" ;;
+          rg)           rm -f /tmp/rg-fzf-{r,f}
+                        RG_PREFIX="rg --column --line-number --no-heading --color=always --smart-case "
+                        INITIAL_QUERY="placeholder"
+                        fzf --ansi --disabled --query "$INITIAL_QUERY" \
+                            --bind "start:reload:$RG_PREFIX {q}" \
+                            --bind "change:reload:sleep 0.2; $RG_PREFIX {q} || true" \
+                            --bind 'ctrl-t:transform:[[ ! $FZF_PROMPT =~ ripgrep ]] &&
+                              echo "rebind(change)+change-prompt(1. ripgrep> )+disable-search+transform-query:echo \{q} > /tmp/rg-fzf-f; cat /tmp/rg-fzf-r" ||
+                              echo "unbind(change)+change-prompt(2. fzf> )+enable-search+transform-query:echo \{q} > /tmp/rg-fzf-r; cat /tmp/rg-fzf-f"' \
+                            --bind 'enter:become(code -g -n {1}:{2}:{3})' \
+                            --color "hl:-1:underline,hl+:-1:underline:reverse" \
+                            --prompt '1. ripgrep> ' \
+                            --delimiter : \
+                            --header 'CTRL-T: Switch between ripgrep/fzf' \
+                            --preview-window 'right:60%,+{2}+3/3,~3' \
+                            --preview 'bat --color=always {1} --highlight-line {2}' ;;
           *)            fzf --preview 'bat -n --color=always {} --line-range :500 {}' "$@" ;;
         esac
       }
@@ -135,4 +157,7 @@
     enable = true;
     enableZshIntegration = true;
   };
+  ripgrep = {
+    enable = true;
+  };
 }
diff --git a/flake.nix b/flake.nix
@@ -48,7 +48,6 @@
         (devshells "devshells")
         (data "users")
         (functions "configurations")
-        (functions "modules")
         (functions "packages")
         (functions "programs")
         (functions "home")

diff --git a/secrets.nix b/secrets.nix
@@ -1,3 +1,8 @@
+# https://github.com/ryantm/agenix
+# Update secrets with agenix cli. When you save that file its content will be encrypted with all the public keys mentioned in the secrets.nix file.
+#  ```
+#  agenix -e cells/homemanager/secrets/ssh-config.age -i ~/.ssh/id_ed25519_homemanager
+#  ```
 let
   leopang = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJsF4iQmvHnLvSOnAuHMvpFaVww3TpAiNoIR6I1IxfcJ";
   workuser = "ssh-ed25519 xxx";