redo lib, make global vars for key lists

13 files changed, 57 insertions, 32 deletions

diff --git a/files/keys/wsl.pub b/files/keys/wsl.pub
new file mode 100644
index 0000000..02b7331
--- /dev/null
+++ b/files/keys/wsl.pub
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPu1tcXlU6rKw8HKWnDhKq52BhKXf4KIyzYzvYyL2eZK freya@wsl
diff --git a/files/keys/ssh.pub b/files/keys/yubikey.pub
index e2e88e8..e2e88e8 100644
--- a/files/keys/ssh.pub
+++ b/files/keys/yubikey.pub
diff --git a/flake.nix b/flake.nix
index 94ff7d2..c1eea02 100644
--- a/flake.nix
+++ b/flake.nix
@@ -33,7 +33,7 @@
     nixos-wsl.inputs.nixpkgs.follows = "nixpkgs";
   };
 
-  outputs = {nixpkgs, ...} @ inputs: let
+  outputs = {self, nixpkgs, ...} @ inputs: let
     options = import ./options.nix;
     systems = ["x86_64-linux"];
     perSystem = func:
@@ -49,7 +49,7 @@
     buildSystem = file: system:
       inputs.nixpkgs.lib.nixosSystem {
         inherit system;
-        specialArgs = {inherit inputs;};
+        specialArgs = {inherit self inputs;};
         modules = [
           options
           ./home
diff --git a/home/gpg.nix b/home/gpg.nix
index a2deed2..e40ad92 100644
--- a/home/gpg.nix
+++ b/home/gpg.nix
@@ -2,12 +2,9 @@
   config,
   lib,
   pkgs,
+  self,
   ...
-}: let
-  keysDir = ../files/keys;
-  keys = lib.attrsets.mapAttrsToList (name: type: "${keysDir}/${name}") (builtins.readDir keysDir);
-  gpgKeys = builtins.filter (path: lib.strings.hasSuffix "asc" path) keys;
-in {
+}: {
   home-manager.users.${config.user} = {
     # install keys into gpg keyring
     programs.gpg = {
@@ -17,7 +14,7 @@ in {
           source = path;
           trust = 5;
         })
-        gpgKeys;
+        self.lib.gpgKeys;
     };
 
     # global gpg agent
diff --git a/home/neovim/config.nix b/home/neovim/config.nix
index ae10243..4ded0e9 100644
--- a/home/neovim/config.nix
+++ b/home/neovim/config.nix
@@ -1,8 +1,8 @@
 {
   config,
-  inputs,
+  self,
 }:
-inputs.self.lib.lua.fmt {
+self.lib.toLua {
   # Width of tabs in the editor
   tabwidth = 4;
   # If tabs should be expanded to spaces
diff --git a/home/neovim/default.nix b/home/neovim/default.nix
index c1ed000..559bdf0 100644
--- a/home/neovim/default.nix
+++ b/home/neovim/default.nix
@@ -1,11 +1,11 @@
 {
-  inputs,
   config,
   lib,
   pkgs,
+  self,
   ...
 }: let
-  lua_cfg = import ./config.nix {inherit config inputs;};
+  lua_cfg = import ./config.nix {inherit config self;};
   lua = builtins.readFile ./init.lua;
 in {
   environment.variables.EDITOR = "nvim";
diff --git a/home/ssh/config b/home/ssh/config
index d1a3d1d..f240610 100644
--- a/home/ssh/config
+++ b/home/ssh/config
@@ -1,3 +1,7 @@
+HostkeyAlgorithms +ssh-rsa
+PubkeyAcceptedKeyTypes +ssh-rsa
+KexAlgorithms -sntrup761x25519-sha512@openssh.com
+
 Match Host * exec "gpg-connect-agent UPDATESTARTUPTTY /bye"
 
 Host *.in.freya.cat cid.freya.cat alivemc.net
@@ -8,8 +12,3 @@ Host *.cs.rit.edu
 
 Host *.redcom.com
     User fmurphy
-
-Host *
-    HostkeyAlgorithms +ssh-rsa
-    PubkeyAcceptedKeyTypes +ssh-rsa
-    KexAlgorithms -sntrup761x25519-sha512@openssh.com
diff --git a/hosts/wsl/default.nix b/hosts/wsl/default.nix
index 55feeb2..dae77b5 100644
--- a/hosts/wsl/default.nix
+++ b/hosts/wsl/default.nix
@@ -16,4 +16,11 @@
     sphinx
     inputs.self.packages.${system}.arcanist
   ];
+
+  # wsl ssh key
+  home-manager.users.${config.user} = {
+    programs.ssh = {
+      extraConfig = "IdentityFile ~/.ssh/id_wsl\n";
+    };
+  };
 }
diff --git a/lib/default.nix b/lib/default.nix
index 574a348..d342bf8 100644
--- a/lib/default.nix
+++ b/lib/default.nix
@@ -1,5 +1,8 @@
 {...} @ inputs: let
   callLibs = file: import file inputs;
-in {
   lua = callLibs ./lua.nix;
+  files = callLibs ./files.nix;
+in {
+  inherit (lua) toLua;
+  inherit (files) getFiles certs sshKeys gpgKeys;
 }
diff --git a/lib/files.nix b/lib/files.nix
new file mode 100644
index 0000000..18439d9
--- /dev/null
+++ b/lib/files.nix
@@ -0,0 +1,23 @@
+{lib, ...}: let
+
+  # gets list of files from a directory
+  getFiles = folder:
+    lib.attrsets.mapAttrsToList (name: type: "${folder}/${name}") (builtins.readDir folder);
+
+  # gets custom set of root certs
+  certs = getFiles ../files/certs;
+
+  # set of ssh keys
+  sshKeys = builtins.filter
+    (path: lib.strings.hasSuffix "pub" path) (getFiles ../files/keys);
+
+  # set of gpg keys
+  gpgKeys = builtins.filter
+    (path: lib.strings.hasSuffix "asc" path) (getFiles ../files/keys);
+
+in {
+  inherit getFiles;
+  inherit certs;
+  inherit sshKeys;
+  inherit gpgKeys;
+}
diff --git a/lib/lua.nix b/lib/lua.nix
index 704cdfa..6f6389e 100644
--- a/lib/lua.nix
+++ b/lib/lua.nix
@@ -1,6 +1,6 @@
 {lib, ...}: let
-  fmt = val:
-  # nil
+  toLua = val:
+    # nil
     if val == null
     then "nil"
     # boolean
@@ -17,16 +17,16 @@
     then "'${val}'"
     # table (array)
     else if builtins.isList val
-    then "{ " + (lib.concatStringsSep ", " (map fmt val)) + " }"
+    then "{ " + (lib.concatStringsSep ", " (map toLua val)) + " }"
     # table (object)
     else if builtins.isAttrs val
     then
       "{ "
       + (lib.concatStringsSep ", "
-        (lib.mapAttrsToList (k: v: "${k} = ${fmt v}") val))
+        (lib.mapAttrsToList (k: v: "${k} = ${toLua v}") val))
       + " }"
     # invalid
     else throw "Unsupported value: ${toString val}";
 in {
-  fmt = fmt;
+  inherit toLua;
 }
diff --git a/system/default.nix b/system/default.nix
index 1a710d7..ae04066 100644
--- a/system/default.nix
+++ b/system/default.nix
@@ -1,7 +1,7 @@
 {
-  inputs,
   config,
   pkgs,
+  self,
   ...
 }: {
   imports = [
@@ -136,8 +136,5 @@
   };
 
   # certs
-  security.pki.certificateFiles = [
-    ../files/certs/freyanet.crt
-    ../files/certs/tinternet.crt
-  ];
+  security.pki.certificateFiles = self.lib.certs;
 }
diff --git a/system/sshd.nix b/system/sshd.nix
index 0e0f1a2..d9e11f3 100644
--- a/system/sshd.nix
+++ b/system/sshd.nix
@@ -1,4 +1,4 @@
-{config, ...}: {
+{config, self, ...}: {
   # sshd
   services.openssh = {
     enable = true;
@@ -26,8 +26,6 @@
 
   # add authorized keys
   users.users.${config.user} = {
-    openssh.authorizedKeys.keyFiles = [
-      ../files/keys/ssh.pub
-    ];
+    openssh.authorizedKeys.keyFiles = self.lib.sshKeys;
   };
 }