From 0bc49cc3f989b8adeda4aa06a93ee2e24591a131 Mon Sep 17 00:00:00 2001
From: oddlama <oddlama@oddlama.org>
Date: Mon, 27 Mar 2023 16:58:07 +0200
Subject: [PATCH] chore: only warn when hostkey is missing

---
 README.md                                      |  7 ++++++-
 flake.lock                                     | 18 +++++++++---------
 hosts/common/core/default.nix                  |  2 +-
 .../nom.pub => hosts/nom/secrets/host.pub      |  0
 .../ward.pub => hosts/ward/secrets/host.pub    |  0
 .../zackbiene/secrets/host.pub                 |  0
 nix/colmena.nix                                |  6 +++++-
 users/common/default.nix                       |  8 ++++----
 users/common/nushell.nix                       |  9 +++++++++
 9 files changed, 34 insertions(+), 16 deletions(-)
 rename secrets/pubkeys/nom.pub => hosts/nom/secrets/host.pub (100%)
 rename secrets/pubkeys/ward.pub => hosts/ward/secrets/host.pub (100%)
 rename secrets/pubkeys/zackbiene.pub => hosts/zackbiene/secrets/host.pub (100%)
 create mode 100644 users/common/nushell.nix

diff --git a/README.md b/README.md
index 68f6a26..32ac5a8 100644
--- a/README.md
+++ b/README.md
@@ -1,3 +1,8 @@
+# About
+
+
+## Stuff
+
 This is my personal nix config.
 
 - Secrets can be created/edited by running `nix run .#edit-secret some/secret.age`
@@ -16,7 +21,7 @@ all commands using these extra parameters, or permanently add the following the
 	extra-builtins-file = /path/to/nix-config/nix/extra-builtins.nix
 	```
 
-# Misc
+## Misc
 
 Generate self-signed cert:
 
diff --git a/flake.lock b/flake.lock
index 22be4d9..816a6d3 100644
--- a/flake.lock
+++ b/flake.lock
@@ -166,11 +166,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1679480702,
-        "narHash": "sha256-npuRD61YmxUPitI1TqKwlxLrU6iGl5E+BPT196LgUDo=",
+        "lastModified": 1679756596,
+        "narHash": "sha256-wQp7CoYqREPGssf1F0JKx2A4tScbu3iNgI1kS74ib/8=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "363c46b2480f1b73ec37cf68caac61f5daa82a2e",
+        "rev": "225d1fb77e6c9f9be1ffd65c8e5eb9cf583aa698",
         "type": "github"
       },
       "original": {
@@ -196,11 +196,11 @@
     },
     "nixos-hardware": {
       "locked": {
-        "lastModified": 1679224149,
-        "narHash": "sha256-TSY37Zv0icF/aijR3/KWGLVBlnKKHlG9QTj7vHbF/UU=",
+        "lastModified": 1679598117,
+        "narHash": "sha256-Vs1f/7imI77OkMOQhO3xgx4jalN2Gx3D3C2wmnlpWJM=",
         "owner": "NixOS",
         "repo": "nixos-hardware",
-        "rev": "a4bc66709604ab78abc575b60baa6d23ae027a59",
+        "rev": "648021dcb2b65498eed3ea3a7339cdfc3bea4d82",
         "type": "github"
       },
       "original": {
@@ -211,11 +211,11 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1679262748,
-        "narHash": "sha256-DQCrrAFrkxijC6haUzOC5ZoFqpcv/tg2WxnyW3np1Cc=",
+        "lastModified": 1679705136,
+        "narHash": "sha256-MDlZUR7wJ3PlPtqwwoGQr3euNOe0vdSSteVVOef7tBY=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "60c1d71f2ba4c80178ec84523c2ca0801522e0a6",
+        "rev": "8f40f2f90b9c9032d1b824442cfbbe0dbabd0dbd",
         "type": "github"
       },
       "original": {
diff --git a/hosts/common/core/default.nix b/hosts/common/core/default.nix
index f404c21..931d876 100644
--- a/hosts/common/core/default.nix
+++ b/hosts/common/core/default.nix
@@ -73,7 +73,7 @@ in {
       ln -sv ${../../../nix/overlays} $out/overlays
     '';
 
-    stateVersion = "22.11";
+    stateVersion = "23.05";
   };
 
   systemd = {
diff --git a/secrets/pubkeys/nom.pub b/hosts/nom/secrets/host.pub
similarity index 100%
rename from secrets/pubkeys/nom.pub
rename to hosts/nom/secrets/host.pub
diff --git a/secrets/pubkeys/ward.pub b/hosts/ward/secrets/host.pub
similarity index 100%
rename from secrets/pubkeys/ward.pub
rename to hosts/ward/secrets/host.pub
diff --git a/secrets/pubkeys/zackbiene.pub b/hosts/zackbiene/secrets/host.pub
similarity index 100%
rename from secrets/pubkeys/zackbiene.pub
rename to hosts/zackbiene/secrets/host.pub
diff --git a/nix/colmena.nix b/nix/colmena.nix
index 4490706..11d431c 100644
--- a/nix/colmena.nix
+++ b/nix/colmena.nix
@@ -26,7 +26,11 @@ with nixpkgs.lib; let
         };
         # Setup parameters for Secrets
         rekey.forceRekeyOnSystem = "x86_64-linux";
-        rekey.hostPubkey = ../secrets/pubkeys + "/${config.networking.hostName}.pub";
+        rekey.hostPubkey = let
+          pubkeyPath = ../hosts + "/${hostName}/secrets/host.pub";
+        in
+          mkIf (pathExists pubkeyPath || trace "Missing pubkey for ${hostName}: ${toString pubkeyPath} not found, using dummy replacement key for now." false)
+          pubkeyPath;
         rekey.masterIdentities = self.secrets.masterIdentities;
         rekey.extraEncryptionPubkeys = self.secrets.extraEncryptionPubkeys;
       })
diff --git a/users/common/default.nix b/users/common/default.nix
index 859533a..66fa51a 100644
--- a/users/common/default.nix
+++ b/users/common/default.nix
@@ -2,13 +2,12 @@
   imports = [
     ./modules/uid.nix
 
-    #./atuin.nix
-    #./bash.nix
     #./btop.nix
-    ./fish.nix
+    #./fish.nix
     ./git.nix
     ./htop.nix
     ./neovim
+    ./nushell.nix
     #./ssh.nix
     ./starship.nix
     #./tmux.nix
@@ -17,7 +16,7 @@
   ];
 
   home = {
-    stateVersion = "22.11";
+    stateVersion = "23.05";
     packages = with pkgs; [
       bandwhich
       btop
@@ -26,6 +25,7 @@
       neofetch
       rclone
       ripgrep
+      rnr
       rsync
       sd
       tree
diff --git a/users/common/nushell.nix b/users/common/nushell.nix
new file mode 100644
index 0000000..093bd1d
--- /dev/null
+++ b/users/common/nushell.nix
@@ -0,0 +1,9 @@
+{
+  lib,
+  pkgs,
+  ...
+}: {
+  programs.nushell = {
+    enable = true;
+  };
+}