janus root

flake.nix

@@ -34,7 +34,7 @@
       };
 
       mkhomeManagerModules = config: [
-        (self.homeManagerModules.default inputs)
+        self.homeManagerModules.default
         # { inherit (config) extraImports; }
         {
           user = config.user;
@@ -52,8 +52,10 @@
     {
       lib = { inherit mkhomeManagerModules; };
 
-      homeManagerModules.default = inputs: { 
+      homeManagerModules.default = { 
-        imports = [ ./homeManagerModules ]; 
+        imports = [ 
+          ./homeManagerModules
+        ];
       };
 
       nixosModules.default = { config, ... }: {

homeManagerModules/default.nix

@@ -13,7 +13,7 @@
     ../nixosModules/options.nix
     # inputs._1password-shell-plugins.hmModules.default
     # Commented out because it tries to configure fish shell which we don't use
-  ];
+  ] ++ lib.optional (inputs ? resticprofile) inputs.resticprofile.homeManagerModules.default;
 
   nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
     "1password-cli"
@@ -55,9 +55,12 @@
     btop
     yazi
     uv
+    (writeShellScriptBin "nhms" ''
+      nix run home-manager -- switch --flake ~/.config/home-manager --impure
+    '')
     (writeShellScriptBin "nhmu" ''
       nix flake update --flake ~/.config/home-manager
-      nix run home-manager -- switch --flake ~/.config/home-manager --impure
+      nhms
     '')
     # # It is sometimes useful to fine-tune packages, for example, by applying
     # # overrides. You can do that directly here, just don't forget the

homeManagerModules/ghostty.nix

@@ -16,7 +16,7 @@
     enableZshIntegration = true;
     package = config.lib.nixGL.wrap pkgs.ghostty;
     settings = {
-      command = "TERM=xterm-256color /usr/bin/bash";
+      command = "TERM=xterm-256color ${pkgs.zsh}/bin/zsh";
       font-size = 12;
       font-family = "Source Code Pro";
       # theme = "idleToes";
@@ -58,7 +58,7 @@
     name = "Ghostty";
     type = "Application";
     comment = "A terminal emulator";
-    exec = "nixGL ghostty";
+    exec = "nixGLMesa ghostty";
     icon = "com.mitchellh.ghostty";
     terminal = false;
     startupNotify = true;
@@ -75,14 +75,14 @@
     actions = {
       new-window = {
         name = "New Window";
-        exec = "nixGL ghostty";
+        exec = "nixGLMesa ghostty";
       };
     };
   };
 
   # https://discourse.nixos.org/t/apps-installed-via-home-manager-are-not-visible-within-gnome/48252/2
   # home.activation.copyDesktopFiles = lib.hm.dag.entryAfter ["installPackages"] ''
-  #   if [ "$XDG_CURRENT_DESKTOP" = "GNOME" ]; then
+  #   if [[ "$XDG_CURRENT_DESKTOP" == "GNOME" || "$XDG_CURRENT_DESKTOP" == "Unity" ]]; then
 
   #     mkdir -p "${config.home.homeDirectory}/.local/share/applications"
 

homeManagerModules/restic/flake.nix

@@ -10,8 +10,10 @@
   outputs = { self, nixpkgs, home-manager }:
     let
       systems = [ "x86_64-linux" "aarch64-linux" ];
+      forAllSystems = nixpkgs.lib.genAttrs systems;
+      
       # Define a function to build the resticprofile package for a given system:
-      resticprofilePkg = { pkgs, lib, ... }:
+      resticprofilePkg = pkgs:
         pkgs.buildGoModule rec {
           pname = "resticprofile";
           version = "0.32.0";
@@ -19,12 +21,12 @@
             owner = "creativeprojects";
             repo  = "resticprofile";
             rev   = "v${version}";
-            sha256 = "sha256-ezelvyroQG1EW3SU63OVHJ/T4qjN5DRllvPIXnei1Z4=";  # source tarball hash
+            sha256 = "sha256-fmYsoGYppNgbtoX18aF5UHBG9ieYorBJ9JZkwrR+UBI=";  # source tarball hash
           };
-          vendorHash = "sha256-M9S6F/Csz7HnOq8PSWjpENKm1704kVx9zDts1ieraTE=";  # Correct vendor hash
+          vendorHash = "sha256-/GVWjOvkYe7xMRjANKIKV6FSU0F5VY1ZP/ppgAJyhvw=";  # Correct vendor hash
           goPackagePath = "github.com/creativeprojects/resticprofile";
           doCheck = false;  # Disable tests due to sandboxed build environment
-          meta = with lib; {
+          meta = with pkgs.lib; {
             description = "Configuration profiles manager and scheduler for restic backup";
             homepage    = "https://creativeprojects.github.io/resticprofile/";
             license     = licenses.gpl3Only;
@@ -33,14 +35,28 @@
         };
     in {
       # Provide the package for all supported systems:
-      packages = nixpkgs.lib.genAttrs systems (system: 
+      packages = forAllSystems (system: 
-        let pkgs = import nixpkgs { inherit system; }; 
+        let 
-        in { resticprofile = resticprofilePkg { inherit pkgs; lib = pkgs.lib; }; }
+          pkgs = import nixpkgs { inherit system; }; 
+        in {
+          resticprofile = resticprofilePkg pkgs;
+          default = resticprofilePkg pkgs;
+        }
       );
 
       # Provide the Home Manager module
       homeManagerModules = {
-        resticprofile = ./resticprofile.nix;
+        resticprofile = { config, lib, pkgs, ... }: 
+          let
+            # Use the package built by this flake
+            resticprofilePackage = self.packages.${pkgs.system}.resticprofile;
+          in {
+            imports = [ ./resticprofile.nix ];
+            config = lib.mkIf config.programs.resticprofile.enable {
+              programs.resticprofile.package = lib.mkDefault resticprofilePackage;
+            };
+          };
+        default = self.homeManagerModules.resticprofile;
       };
     };
 }

homeManagerModules/restic/profiles/base.nix

@@ -14,11 +14,13 @@
     backup = {
       verbose = true;
       exclude = [
-        ".vscode*"
         ".cache"
+        ".devenv"
+        ".rustup"
+        ".cargo"
         ".venv"
         ".pyenv"
-        ".devenv"
+        ".vscode*"
         "data/postgres"
         "build"
         "__pycache__"
@@ -33,6 +35,9 @@
         "dist"
         "/home/*/Pictures"
         "/home/*/Videos"
+        "/home/*/go"
+        "/home/*/snap"
+        "/home/john/john-nas"
       ];
       schedule-permission = "user";
       schedule-priority = "background";

homeManagerModules/restic/resticprofile.nix

@@ -7,6 +7,7 @@ let
   baseProfile = import ./profiles/base.nix { inherit lib config; };
   profiles = lib.recursiveUpdate baseProfile cfg.profiles;
 in {
+  # Create the programs.resticprofile option
   options.programs.resticprofile = {
     enable = mkEnableOption "Enable resticprofile (Restic backup profile manager)";
 
@@ -45,21 +46,27 @@ in {
       resticprofileCmd = ''
         ${cfg.package}/bin/resticprofile --config "${config.xdg.configHome}/resticprofile/profiles.yaml"
       '';
+      
+      # Define the rp script as a variable so we can reference it
+      rpScript = pkgs.writeShellScriptBin "rp" ''
+        set -e
+        sudo ${cfg.package}/bin/resticprofile --config "${config.xdg.configHome}/resticprofile/profiles.yaml" $@
+      '';
+      rpbackupScript = pkgs.writeShellScriptBin "rp-backup" ''
+        ${rpScript}/bin/rp run-schedule backup@default
+      '';
     in {
       # Add a script to manually unschedule and reschedule all resticprofiles
       home.packages = [
         cfg.package
-        (pkgs.writeShellScriptBin "rp" ''
+        rpScript
-          set -e
+        rpbackupScript
-          sudo ${cfg.package}/bin/resticprofile --config "${config.xdg.configHome}/resticprofile/profiles.yaml" $@
-        '')
         (pkgs.writeShellScriptBin "rps" ''
           set -e
-          rp unschedule --all
+          ${rpScript}/bin/rp unschedule --all
-          rp schedule --all
+          ${rpScript}/bin/rp schedule --all
         '')
-        (pkgs.writeShellScriptBin "rp-test" "rp run-schedule backup@default --dry-run")
+        (pkgs.writeShellScriptBin "rp-test" "${rpbackupScript}/bin/rp-backup --dry-run")
-        (pkgs.writeShellScriptBin "rp-test" "rp run-schedule backup@default --dry-run")
       ];
       xdg.configFile."resticprofile/profiles.yaml".source = yamlFormat.generate "profiles" {
         version = "2";

homeManagerModules/ssh.nix

@@ -11,9 +11,18 @@
       {
         "*" = {
           user = "john";
-          forwardAgent = true;
+
-          serverAliveInterval = 60;
+          # From the help text about the deprecation of the default config:
-          serverAliveCountMax = 2;
+          forwardAgent = false;
+          addKeysToAgent = "no";
+          compression = false;
+          serverAliveInterval = 0;
+          serverAliveCountMax = 3;
+          hashKnownHosts = false;
+          userKnownHostsFile = "~/.ssh/known_hosts";
+          controlMaster = "no";
+          controlPath = "~/.ssh/master-%r@%n:%p";
+          controlPersist = "no";
         };
       }
       (lib.mkIf (config.profile == "personal") {
@@ -29,6 +38,10 @@
           hostname = "192.168.1.110";
           user = "root";
         };
+        "gitea" = {
+          hostname = "192.168.1.104";
+          user = "john";
+        };
         "hermes" = {
           hostname = "192.168.1.150";
           user = "root";
@@ -57,6 +70,28 @@
           hostname = "192.168.1.129";
           user = "root";
         };
+        "janus" = {
+          hostname = "janus.john-stream.com";
+          user = "root";
+          identitiesOnly = true;
+          identityFile = "~/.ssh/id_ed25519";
+          certificateFile = "~/.ssh/id_ed25519-cert.pub";
+        };
+        "soteria" = {
+          hostname = "soteria.john-stream.com";
+          user = "john";
+          identitiesOnly = true;
+          identityFile = "~/.ssh/id_ed25519";
+          certificateFile = "~/.ssh/id_ed25519-cert.pub";
+        };
+        "*.john-stream.com" = {
+          user = "john";
+          identitiesOnly = true;
+          identityFile = "~/.ssh/id_ed25519";
+          certificateFile = "~/.ssh/id_ed25519-cert.pub";
+          addKeysToAgent = "yes";
+          forwardAgent = true;
+        };
       })
       (lib.mkIf (config.profile == "work") {
         "ubuntu-nvidia" = {