Cloonar/nixos
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

update secrets

Browse Source
This commit is contained in:
Dominik Polakovics Polakovics
2025-10-08 21:48:34 +02:00
parent 64334192de
commit af60555eea
10 changed files with 259 additions and 203 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
hosts/nb/users/codex-cli.nix
View File

@@ -5,7 +5,7 @@ let
npmPrefix = "${home}/.npm-global";
node = pkgs.nodejs; # or pkgs.nodejs_20
in {
home-manager.users.dominik = { lib, pkgs, ... }: {
home-manager.users.dominik = { config, lib, pkgs, ... }: {
home.packages = with pkgs; [
node
gnutar # provides `tar`
@@ -13,6 +13,12 @@ in {
unzip
python314 # useful for codex model use
jq # useful for JSON processing
(pkgs.writeShellScriptBin "codex" ''
#!/usr/bin/env bash
export TMPDIR="''${TMPDIR:-$HOME/.cache/codex-tmp}"
export XDG_RUNTIME_DIR="''${XDG_RUNTIME_DIR:-$HOME/.cache/xdg-runtime}"
exec ${npmPrefix}/bin/codex "$@"
'')
];
# Ensure ~/.npmrc with a user prefix (no sudo needed)
@@ -34,12 +40,17 @@ in {
NPM_CONFIG_PREFIX = npmPrefix;
};
home.activation.ensureCodexDirs = lib.hm.dag.entryAfter [ "writeBoundary" ] ''
install -d -m 700 "${config.home.homeDirectory}/.cache/codex-tmp"
install -d -m 700 "${config.home.homeDirectory}/.cache/xdg-runtime"
'';
# Auto-install @openai/codex if it's not already there
# (idempotent on each `home-manager switch`)
home.activation.installCodexCli = lib.hm.dag.entryAfter [ "writeBoundary" ] ''
export PATH=${node}/bin:${pkgs.gnutar}/bin:${pkgs.gzip}/bin:${pkgs.unzip}/bin:${pkgs.curl}/bin:$PATH
mkdir -p ${npmPrefix}
if ! command -v codex >/dev/null 2>&1; then
if [ ! -x "${npmPrefix}/bin/codex" ]; then
echo "Installing @openai/codex globally..."
# --global uses prefix from ~/.npmrc; PATH has node for postinstall
${node}/bin/npm install -g @openai/codex

7
hosts/nb/users/dominik.nix
View File

@@ -646,10 +646,10 @@ in
ssh-keygen -R gitlab.epicenter.works
ssh-keyscan gitlab.epicenter.works >> ~/.ssh/known_hosts
git clone git@github.com:AKVorrat/nixos.git ${persistHome}/projects/epicenter.works/epicenter-nixos 2>/dev/null
git clone git@github.com:AKVorrat/ewcampaign.git ${persistHome}/projects/epicenter.works/ewcampaign 2>/dev/null
git clone git@gitlab.epicenter.works:epicenter.works/website.git ${persistHome}/projects/epicenter.works/epicenter.works 2>/dev/null
git clone git@github.com:AKVorrat/epicenter.works-website.git ${persistHome}/projects/epicenter.works/epicenter.works-website 2>/dev/null
git clone git@gitlab.epicenter.works:epicenter.works/nixos.git ${persistHome}/projects/epicenter.works/epicenter-nixos 2>/dev/null
git clone git@github.com:AKVorrat/spenden.akvorrat.at.git ${persistHome}/projects/epicenter.works/spenden.akvorrat.at 2>/dev/null
git clone git@github.com:AKVorrat/dearmep-website.git ${persistHome}/projects/epicenter.works/dearmep-website 2>/dev/null
git clone gitea@git.cloonar.com:Cloonar/eidas.monitor.git ${persistHome}/projects/epicenter.works/eidas.monitor 2>/dev/null
@@ -658,7 +658,10 @@ in
home.file.".wallpaper.jpg".source = ./configs/wallpaper.jpg;
home.file.".wallpaper.png".source = ./configs/wallpaper.png;
home.file.".local/share/nvim/project_nvim/project_history".source = ./configs/project_history;
home.file.".local/share/nvim/project_nvim/project_history" = {
source = ./configs/project_history;
force = true;
};
home.file.".config/Cryptomator/settings.json" = {
source = ./configs/cryptomator.json;
force = true;