alex/nixos-configs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d19dcae3b244a64067b5d9c944c4714fa793ad5e
nixos-configs/hosts/pinwheel/modules/work/default.nix
Alexander Heldt fd7fccd9ae pinwheel: Install slack for work
2026-03-22 18:36:07 +01:00

151 lines
4.2 KiB
Nix
Raw Blame History

{
inputs,
pkgs,
lib,
config,
...
}:
let
gitEnabled = config.mod.git.enable;
goEnabled = config.mod.go.enable;
openvpnEnabled = config.mod.openvpn.enable;
in
{
home-manager.users.alex = {
# Ensure bashInteractive is first in PATH inside nix devshells.
# stdenv provides a non-interactive bash that breaks Copilot shell commands.
# Adding bashInteractive to home.packages alone isn't enough because devshell
# packages are prepended to PATH. This precmd hook runs after direnv's hook
# and re-prepends bashInteractive so it takes priority.
programs.zsh.initContent = ''
_ensure_bash_interactive() {
[[ "$PATH" == "${pkgs.bashInteractive}/bin:"* ]] || export PATH="${pkgs.bashInteractive}/bin:$PATH"
}
precmd_functions+=(_ensure_bash_interactive)
'';
# Configure IntelliJ to exclude .direnv from indexing
home.activation.intellijIgnoreDirenv = ''
for idea_config in $HOME/.config/JetBrains/IntelliJIdea*; do
if [ -d "$idea_config" ]; then
$DRY_RUN_CMD mkdir -p "$idea_config/options"
$DRY_RUN_CMD tee "$idea_config/options/filetypes.xml" > /dev/null <<'EOF'
<application>
<component name="FileTypeManager" version="18">
<ignoreFiles list="*.pyc;*.pyo;*.rbc;*.yarb;*~;.DS_Store;.git;.hg;.svn;CVS;__pycache__;_svn;vssver.scc;vssver2.scc;.direnv" />
</component>
</application>
EOF
fi
done
'';
home.sessionVariables = {
GITHUB_ACTOR = "Alexander Heldt";
GITHUB_TOKEN = "$(${pkgs.coreutils}/bin/cat ${config.age.secrets.work-github-token.path})";
};
home.packages = [
# (pkgs.callPackage ./pants.nix { inherit (pkgs) stdenv.hostPlatform.system; })
# (pkgs.callPackage ./syb-cli.nix { })
(inputs.nix-jetbrains-plugins.lib.buildIdeWithPlugins pkgs "idea" [
"IdeaVIM"
"com.github.copilot"
])
pkgs.bashInteractive
(pkgs.google-cloud-sdk.withExtraComponents [
pkgs.google-cloud-sdk.components.gke-gcloud-auth-plugin
])
pkgs.graphite-cli
pkgs.postman
pkgs.grpcurl
pkgs.slack
# for `radio`
pkgs.go-mockery
pkgs.golangci-lint
(pkgs.writeShellScriptBin "work-vpn" ''
case $1 in
up)
sudo sh -c "systemctl start openvpn-work-staging.service; systemctl start openvpn-work-production.service"
;;
down)
sudo sh -c "systemctl stop openvpn-work-staging.service; systemctl stop openvpn-work-production.service"
;;
esac
'')
];
programs.go = lib.mkIf goEnabled {
env = {
GOPRIVATE = [ "$(${pkgs.coreutils}/bin/cat ${config.age.secrets.work-go-private.path})" ];
};
};
programs.git = lib.mkIf gitEnabled {
includes = [
{
path = config.age.secrets.work-gitconfig.path;
condition = "gitdir:~/code/work/";
}
];
};
};
# Needed for `copilot`
programs.nix-ld.enable = true;
programs.nix-ld.libraries = [
pkgs.stdenv.cc.cc.lib
pkgs.zlib
];
services.openvpn.servers = lib.mkIf openvpnEnabled {
work-staging = {
config = "config ${config.age.secrets.work-staging-ovpn.path}";
autoStart = false;
};
work-production = {
config = "config ${config.age.secrets.work-production-ovpn.path}";
autoStart = false;
};
};
age.secrets = {
"work-gitconfig" = lib.mkIf gitEnabled {
file = ../../../../secrets/pinwheel/work-gitconfig.age;
path = "/home/alex/code/work/.work-gitconfig";
owner = "alex";
group = "users";
};
"work-github-token" = lib.mkIf gitEnabled {
file = ../../../../secrets/pinwheel/work-github-token.age;
path = "/home/alex/code/work/.work-github-token";
owner = "alex";
group = "users";
};
"work-go-private" = lib.mkIf goEnabled {
file = ../../../../secrets/pinwheel/work-go-private.age;
path = "/home/alex/code/work/.work-go-private";
owner = "alex";
group = "users";
};
"work-staging-ovpn" = lib.mkIf openvpnEnabled {
file = ../../../../secrets/pinwheel/work-staging-ovpn.age;
};
"work-production-ovpn" = lib.mkIf openvpnEnabled {
file = ../../../../secrets/pinwheel/work-production-ovpn.age;
};
};
}
Reference in New Issue View Git Blame Copy Permalink