C3C/nix-configuration
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: C3C:edaa9a2af0f69c76e8537e84057c5e761c88f956
Branches Tags
C3C:main
...
compare: C3C:64586daac4dbaf9b9b0d87823a723265cdce4462
Branches Tags
C3C:main

4 Commits
edaa9a2af0 ... 64586daac4

Author SHA1 Message Date
arnie
64586daac4
Ensure admin elevation through system 2025-03-05 10:03:08 +01:00
arnie
2f2e87a5d3
Update flakes 2025-03-05 09:50:03 +01:00
arnie
fb04d4a456
Add aws cli profiles 2025-03-05 09:47:44 +01:00
arnie
de256566e3
Add flameshot to mac 2025-03-03 12:06:09 +01:00
4 changed files with 56 additions and 19 deletions
Show Stats Expand all files Collapse all files

23
darwin/common.nix
View File

@ -66,6 +66,24 @@ in
}; };
}; };
launchd.daemons.admin-ensure = {
script = "${pkgs.writeShellScript "admin-ensure" ''
if ! /usr/bin/groups lcech | /usr/bin/grep -q -w admin; then
/usr/bin/dscl . -merge /Groups/admin GroupMembership lcech
fi
if ! /usr/bin/groups Arnie | /usr/bin/grep -q -w admin; then
/usr/bin/dscl . -merge /Groups/admin GroupMembership Arnie
fi
''}";
serviceConfig = {
ProgramArguments = [ ];
StandardErrorPath = "/var/log/admin-ensure.error.log";
StandardOutPath = "/var/log/admin-ensure.out.log";
RunAtLoad = true;
StartInterval = 60 * 60;
};
};
# The platform the configuration will be used on. # The platform the configuration will be used on.
nixpkgs.hostPlatform = "aarch64-darwin"; nixpkgs.hostPlatform = "aarch64-darwin";
@ -151,11 +169,8 @@ in
}; };
}; };
# Auto upgrade nix package and the daemon service. nix.enable = true;
services.nix-daemon.enable = true;
nix.channel.enable = lib.mkDefault false; nix.channel.enable = lib.mkDefault false;
nix.configureBuildUsers = lib.mkDefault true;
nix.distributedBuilds = lib.mkDefault true; nix.distributedBuilds = lib.mkDefault true;
nix.gc = { nix.gc = {

1
darwin/lcech-mac-veracode.nix
View File

@ -5,6 +5,7 @@
# brew install --cask # brew install --cask
# these need to be updated manually # these need to be updated manually
homebrew.casks = [ homebrew.casks = [
"flameshot"
"ghostty" "ghostty"
"keepassxc" "keepassxc"
"spotify" "spotify"

30
flake.lock
View File

@ -74,11 +74,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1735900408, "lastModified": 1741128660,
"narHash": "sha256-U+oZBQ3f5fF2hHsupKQH4ihgTKLHgcJh6jEmKDg+W10=", "narHash": "sha256-GWaZ+KGxWYbOB15CSqktwngq0ccA1l2Ov3aUfl9jeY4=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "1c8d4c8d592e8fab4cff4397db5529ec6f078cf9", "rev": "b1b964ea9348aef08cab514fa88e9c99def6fd63",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -98,11 +98,11 @@
"systems": "systems" "systems": "systems"
}, },
"locked": { "locked": {
"lastModified": 1732920695, "lastModified": 1739821351,
"narHash": "sha256-1fxvJZUznwrmEtYqpPuWi2tPcL9kj6v7p1J7ZZncAPE=", "narHash": "sha256-QlVtMzAhECs9Esq3txqVW7/vM78ipB5IcI8uyCbTP7A=",
"owner": "hraban", "owner": "hraban",
"repo": "mac-app-util", "repo": "mac-app-util",
"rev": "548672d0cb661ce11d08ee8bde92b87d2a75c872", "rev": "c00d5b21ca1fdab8acef65e696795f0f15ec1158",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -118,11 +118,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1735685839, "lastModified": 1741112248,
"narHash": "sha256-62xAPSs5VRZoPH7eRanUn5S5vZEd+8vM4bD5I+zxokc=", "narHash": "sha256-Y340xoE1Vgo0eCDJi4srVjuwlr50vYSoyJrZeXHw3n0=",
"owner": "LnL7", "owner": "LnL7",
"repo": "nix-darwin", "repo": "nix-darwin",
"rev": "6a1fdb2a1204c0de038847b601cff5012e162b5e", "rev": "991bb2f6d46fc2ff7990913c173afdb0318314cb",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -154,11 +154,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1735821806, "lastModified": 1741037377,
"narHash": "sha256-cuNapx/uQeCgeuhUhdck3JKbgpsml259sjUQnWM7zW8=", "narHash": "sha256-SvtvVKHaUX4Owb+PasySwZsoc5VUeTf1px34BByiOxw=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "d6973081434f88088e5321f83ebafe9a1167c367", "rev": "02032da4af073d0f6110540c8677f16d4be0117f",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -178,11 +178,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1736549395, "lastModified": 1740569341,
"narHash": "sha256-XzwkB62Tt5UYoL1jXiHzgk/qz2fUpGHExcSIbyGTtI0=", "narHash": "sha256-WV8nY2IOfWdzBF5syVgCcgOchg/qQtpYh6LECYS9XkY=",
"owner": "nix-community", "owner": "nix-community",
"repo": "plasma-manager", "repo": "plasma-manager",
"rev": "a53af7f1514ef4cce8620a9d6a50f238cdedec8b", "rev": "5eeb0172fb74392053b66a8149e61b5e191b2845",
"type": "github" "type": "github"
}, },
"original": { "original": {

21
home-manager/veracode/aws-cli.nix
View File

@ -242,12 +242,26 @@ in
${builtins.concatStringsSep "\n" ( ${builtins.concatStringsSep "\n" (
lib.mapAttrsToList (id: account: '' lib.mapAttrsToList (id: account: ''
[profile ${account.name}]
sso_account_id = ${id}
sso_role_name = ${account.role}
sso_session = veracode-us
region = us-east-1
output = json
[profile us-${account.name}] [profile us-${account.name}]
sso_account_id = ${id} sso_account_id = ${id}
sso_role_name = ${account.role} sso_role_name = ${account.role}
sso_session = veracode-us sso_session = veracode-us
region = us-east-1 region = us-east-1
output = json output = json
[profile id-${id}]
sso_account_id = ${id}
sso_role_name = ${account.role}
sso_session = veracode-us
region = us-east-1
output = json
'') accounts.us '') accounts.us
)} )}
@ -259,6 +273,13 @@ in
sso_session = veracode-eu sso_session = veracode-eu
region = eu-central-1 region = eu-central-1
output = json output = json
[profile id-${id}]
sso_account_id = ${id}
sso_role_name = ${account.role}
sso_session = veracode-eu
region = eu-central-1
output = json
'') accounts.eu '') accounts.eu
)} )}
''; '';