modules/configs.nix at main · jaspermayone.com/dots

jaspermayone.com / dots
fork atom
@jaspermayone.com's dotfiles
fork atom
dots / modules / configs.nix
at main 124 lines 4.8 kB view raw
wrap content
jaspermayone.com fix espanso bug 6w ago
735b39ff
  1# Centralized application configs
  2# Manages configs for espanso, btop, gh, wakatime, etc.
  3{
  4  config,
  5  lib,
  6  pkgs,
  7  isDarwin,
  8  ...
  9}:
 10
 11let
 12  # Paths for secrets - platform-specific
 13  dotsDir = if isDarwin then "/Users/jsp/dev/dots" else "/home/jsp/dots";
 14in
 15{
 16  # btop configuration
 17  xdg.configFile."btop/btop.conf".source = ../configs/btop.conf;
 18
 19  # Note: gh CLI is configured in modules/git.nix via programs.gh
 20
 21  # Karabiner configuration (keyboard remapping) - macOS only
 22  xdg.configFile."karabiner/karabiner.json" = lib.mkIf isDarwin {
 23    source = ../configs/karabiner.json;
 24  };
 25
 26  # Mise (version manager) configuration
 27  xdg.configFile."mise/config.toml".source = ../configs/mise.toml;
 28
 29  # Home file configurations (merged together)
 30  home.file = lib.mkMerge [
 31    # Claude Code configuration
 32    {
 33      ".claude/CLAUDE.md".source = ../configs/claude/CLAUDE.md;
 34      ".claude/settings.json".source = ../configs/claude/settings.json;
 35    }
 36    # macOS espanso paths
 37    (lib.mkIf isDarwin {
 38      "Library/Application Support/espanso/config/default.yml".source =
 39        ../configs/espanso/config/default.yml;
 40      "Library/Application Support/espanso/match/base.yml".source = ../configs/espanso/match/base.yml;
 41      "Library/Application Support/espanso/match/wit.yml".source = ../configs/espanso/match/wit.yml;
 42      "Library/Application Support/espanso/match/personal.yml".source = ../configs/espanso/match/personal.yml;
 43    })
 44
 45    # Linux espanso paths
 46    (lib.mkIf (!isDarwin) {
 47      ".config/espanso/config/default.yml".source = ../configs/espanso/config/default.yml;
 48      ".config/espanso/match/base.yml".source = ../configs/espanso/match/base.yml;
 49      ".config/espanso/match/wit.yml".source = ../configs/espanso/match/wit.yml;
 50      ".config/espanso/match/personal.yml".source = ../configs/espanso/match/personal.yml;
 51    })
 52
 53    # VS Code settings (macOS)
 54    (lib.mkIf isDarwin {
 55      "Library/Application Support/Code/User/settings.json".source = ../configs/vscode/settings.json;
 56      "Library/Application Support/Code/User/keybindings.json".source =
 57        ../configs/vscode/keybindings.json;
 58    })
 59
 60    # VS Code settings (Linux)
 61    (lib.mkIf (!isDarwin) {
 62      ".config/Code/User/settings.json".source = ../configs/vscode/settings.json;
 63      ".config/Code/User/keybindings.json".source = ../configs/vscode/keybindings.json;
 64    })
 65  ];
 66
 67  # Activation script to decrypt secrets for user configs
 68  # This runs on every home-manager activation
 69  home.activation.decryptUserSecrets = lib.hm.dag.entryAfter [ "writeBoundary" ] ''
 70        SECRETS_DIR="${dotsDir}/secrets"
 71        AGE="${pkgs.age}/bin/age"
 72        SSH_KEY="$HOME/.ssh/id_ed25519"
 73        ${
 74          if isDarwin then
 75            ''
 76              ESPANSO_DIR="$HOME/Library/Application Support/espanso/match"
 77            ''
 78          else
 79            ''
 80              ESPANSO_DIR="$HOME/.config/espanso/match"
 81            ''
 82        }
 83
 84        # Only proceed if we have the SSH key for decryption
 85        if [ -f "$SSH_KEY" ]; then
 86          # Decrypt espanso secrets
 87          ESPANSO_SECRETS="$SECRETS_DIR/espanso-secrets.age"
 88          if [ -f "$ESPANSO_SECRETS" ]; then
 89            $DRY_RUN_CMD mkdir -p "$ESPANSO_DIR"
 90            $DRY_RUN_CMD $AGE -d -i "$SSH_KEY" "$ESPANSO_SECRETS" > "$ESPANSO_DIR/secrets.yml" 2>/dev/null || echo "Warning: Failed to decrypt espanso secrets"
 91          fi
 92
 93          # Decrypt wakatime API key and merge with config
 94          WAKATIME_SECRET="$SECRETS_DIR/wakatime-api-key.age"
 95          if [ -f "$WAKATIME_SECRET" ]; then
 96            API_KEY=$($AGE -d -i "$SSH_KEY" "$WAKATIME_SECRET" 2>/dev/null || echo "")
 97            if [ -n "$API_KEY" ]; then
 98              $DRY_RUN_CMD cat > "$HOME/.wakatime.cfg" << EOF
 99    [settings]
100    api_url = https://waka.hogwarts.dev/api
101    api_key = $API_KEY
102    debug = false
103    status_bar_coding_activity = true
104    status_bar_enabled = false
105    EOF
106            fi
107          fi
108
109          # Decrypt npmrc (contains registry auth tokens)
110          NPMRC_SECRET="$SECRETS_DIR/npmrc.age"
111          if [ -f "$NPMRC_SECRET" ]; then
112            $DRY_RUN_CMD $AGE -d -i "$SSH_KEY" "$NPMRC_SECRET" > "$HOME/.npmrc" 2>/dev/null || echo "Warning: Failed to decrypt npmrc"
113          fi
114
115          # Decrypt Claude GitHub token (for MCP server)
116          CLAUDE_GITHUB_SECRET="$SECRETS_DIR/claude-github-token.age"
117          if [ -f "$CLAUDE_GITHUB_SECRET" ]; then
118            $DRY_RUN_CMD mkdir -p "$HOME/.config/claude"
119            $DRY_RUN_CMD $AGE -d -i "$SSH_KEY" "$CLAUDE_GITHUB_SECRET" > "$HOME/.config/claude/github-token" 2>/dev/null || echo "Warning: Failed to decrypt Claude GitHub token"
120            $DRY_RUN_CMD chmod 600 "$HOME/.config/claude/github-token"
121          fi
122        fi
123  '';
124}