Update docker.io/1password/connect-sync Docker tag to v1.7.3

2024-07-27 19:32:09 +00:00
20 changed files with 45 additions and 108 deletions
--- a/.forgejo/workflows/build.yaml
+++ b/.forgejo/workflows/build.yaml
@ -22,7 +22,14 @@ jobs:
      - name: Checkout repository
        uses: https://github.com/actions/checkout@v4
        with:
-          fetch-depth: 0        
+          fetch-depth: 0
+      - name: Write ssh key
+        id: sshkey
+        uses: https://github.com/timheuer/base64-to-file@v1
+        with:
+          encodedString: "${{ secrets.SSH_USER }}"
+          fileName: id_ed25519
+          fileDir: ~/.ssh
      - uses: https://github.com/cachix/cachix-action@v15
        if: ${{ !github.event.pull_request.head.repo.fork }}
        with:
--- a/.gitignore
+++ b/.gitignore
@ -4,4 +4,3 @@ age.key
 result*
 .direnv
 .kube
-.github
--- a/nixos/home/jahanson/global.nix
+++ b/nixos/home/jahanson/global.nix
@ -33,6 +33,7 @@ with config;
        p7zip

        # cli
+        _1password
        bat
        dbus
        direnv
--- a/nixos/home/jahanson/workstation.nix
+++ b/nixos/home/jahanson/workstation.nix
@ -5,20 +5,19 @@ with config;
    ./global.nix
  ];

-  myHome = {
-    programs.firefox.enable = true;
-    shell = {
-      starship.enable = true;
-      fish.enable = true;
-      wezterm.enable = true;
-      atuind.enable = true;
+  myHome.programs.firefox.enable = true;

-      git = {
-        enable = true;
-        username = "Joseph Hanson";
-        email = "joe@veri.dev";
-        signingKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIDSAmssproxG+KsVn2DfuteBAemHrmmAFzCtldpKl4J";
-      };
+  myHome.shell = {
+    starship.enable = true;
+    fish.enable = true;
+    wezterm.enable = true;
+    atuind.enable = true;
+
+    git = {
+      enable = true;
+      username = "Joseph Hanson";
+      email = "joe@veri.dev";
+      signingKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIDSAmssproxG+KsVn2DfuteBAemHrmmAFzCtldpKl4J";
    };
  };

@ -27,6 +26,7 @@ with config;
    packages = with pkgs;
      [
        #apps
+        _1password-gui
        discord
        flameshot
        jetbrains.datagrip
--- a/nixos/hosts/gandalf/default.nix
+++ b/nixos/hosts/gandalf/default.nix
@ -84,8 +84,6 @@ in
      samba.extraConfig = import ./config/samba-config.nix { };
      resticBackup.local.enable = false;
      resticBackup.remote.enable = false;
-      resticBackup.local.noWarning = true;
-      resticBackup.remote.noWarning = true;
      # Borg
      borgbackup = {
        enable = true;
--- a/nixos/hosts/telchar/default.nix
+++ b/nixos/hosts/telchar/default.nix
@ -46,6 +46,5 @@
  mySystem = {
    purpose = "Development";
    system.motd.networkInterfaces = [ "wlp1s0" ];
-    security._1password.enable = true;
  };
 }
--- a/nixos/hosts/telperion/default.nix
+++ b/nixos/hosts/telperion/default.nix
@ -68,8 +68,6 @@
    system.motd.networkInterfaces = [ "enp2s0" "wlp3s0" ];
    system.resticBackup.local.enable = false;
    system.resticBackup.remote.enable = false;
-    system.resticBackup.local.noWarning = true;
-    system.resticBackup.remote.noWarning = true;

    services = {
      podman.enable = true;
--- a/nixos/modules/nixos/editor/default.nix
+++ b/nixos/modules/nixos/editor/default.nix
@ -56,7 +56,7 @@ in
    # Enable vscode & addons
    environment.systemPackages = with pkgs; [
      (vscode-with-extensions.override {
-        inherit (unstable) vscode;
+        vscode = unstable.vscode;
        # Merge all the extension packages together.
        vscodeExtensions =
          vscodeCommunityExtensionsPackages ++ nixpkgsExtensionsPackages ++ marketplaceExtensionsPackages;
--- a/nixos/modules/nixos/security/1password/config/1password-startup.desktop
+++ b/nixos/modules/nixos/security/1password/config/1password-startup.desktop
@ -1,10 +0,0 @@
-[Desktop Entry]
-Name=1Password
-Exec=1password %U --silent
-Terminal=false
-Type=Application
-Icon=1password
-StartupWMClass=1Password
-Comment=Password manager and secure wallet
-MimeType=x-scheme-handler/onepassword;
-Categories=Office;
--- a/nixos/modules/nixos/security/1password/default.nix
+++ b/nixos/modules/nixos/security/1password/default.nix
@ -1,35 +0,0 @@
-{ config, lib, ... }:
-with lib; let
-  cfg = config.mySystem.security._1password;
-  user = "jahanson";
-in
-{
-  options.mySystem.security._1password = {
-    enable = mkEnableOption "_1password";
-  };
-
-  config = mkIf cfg.enable {
-    programs = {
-      _1password.enable = true;
-      _1password-gui = {
-        enable = true;
-        polkitPolicyOwners = [ "${user}" ];
-      };
-    };
-
-    home-manager.users.${user} = {
-      home.file = {
-        ".config/autostart/1password-startup.desktop".source = ./config/1password-startup.desktop;
-      };
-    };
-
-    environment.etc = {
-      "1password/custom_allowed_browsers" = {
-        text = ''
-          vivaldi-bin
-        '';
-        mode = "0755";
-      };
-    };
-  };
-}
--- a/nixos/modules/nixos/security/default.nix
+++ b/nixos/modules/nixos/security/default.nix
@ -1,7 +1,6 @@
 { ... }:
 {
  imports = [
-    ./1password
    ./acme
  ];
 }
--- a/nixos/modules/nixos/services/bind/default.nix
+++ b/nixos/modules/nixos/services/bind/default.nix
@ -26,7 +26,7 @@ in
    services.bind = {
      enable = true;
      inherit (cfg) package;
-      inherit (cfg) extraConfig;
+      extraConfig = cfg.extraConfig;
    };

    # Clean up journal files
--- a/nixos/modules/nixos/services/haproxy/default.nix
+++ b/nixos/modules/nixos/services/haproxy/default.nix
@ -32,7 +32,7 @@ in
    services.haproxy = {
      enable = true;
      inherit (cfg) package;
-      inherit (cfg) config;
+      config = cfg.config;
    };
  };
 }
--- a/nixos/modules/nixos/services/restic/default.nix
+++ b/nixos/modules/nixos/services/restic/default.nix
@ -7,12 +7,6 @@ in
  options.mySystem.system.resticBackup = {
    local = {
      enable = mkEnableOption "Local backups" // { default = true; };
-      noWarning = mkOption
-        {
-          type = types.bool;
-          description = "Disable warning for local backups";
-          default = false;
-        };
      location = mkOption
        {
          type = types.str;
@ -22,12 +16,6 @@ in
    };
    remote = {
      enable = mkEnableOption "Remote backups" // { default = true; };
-      noWarning = mkOption
-        {
-          type = types.bool;
-          description = "Disable warning for remote backups";
-          default = false;
-        };
      location = mkOption
        {
          type = types.str;
@ -46,8 +34,8 @@ in

    # Warn if backups are disable and machine isnt a dev box
    warnings = [
-      (mkIf (!cfg.local.noWarning && !cfg.local.enable && config.mySystem.purpose != "Development") "WARNING: Local backups are disabled for ${config.system.name}!")
-      (mkIf (!cfg.remote.noWarning && !cfg.remote.enable && config.mySystem.purpose != "Development") "WARNING: Remote backups are disabled for ${config.system.name}!")
+      (mkIf (!cfg.local.enable && config.mySystem.purpose != "Development") "WARNING: Local backups are disabled for ${config.system.name}!")
+      (mkIf (!cfg.remote.enable && config.mySystem.purpose != "Development") "WARNING: Remote backups are disabled for ${config.system.name}!")
    ];

    sops.secrets = mkIf (cfg.local.enable || cfg.remote.enable) {
--- a/nixos/modules/nixos/system/borg/default.nix
+++ b/nixos/modules/nixos/system/borg/default.nix
@ -27,9 +27,9 @@ in

  config = lib.mkIf cfg.enable {
    services.borgbackup.jobs."borgbackup" = {
-      inherit (cfg) paths;
-      inherit (cfg) exclude;
-      inherit (cfg) repo;
+      paths = cfg.paths;
+      exclude = cfg.exclude;
+      repo = cfg.repo;
      encryption = {
        mode = "repokey-blake2";
        passCommand = "cat ${cfg.repoKeyPath}";
--- a/nixos/overlays/go/default.nix
+++ b/nixos/overlays/go/default.nix
@ -2,7 +2,7 @@
 let
  finalVersion = "1.22.5";
 in
-final: prev: {
+(final: prev: {
  go_1_22 = prev.go_1_22.overrideAttrs (oldAttrs: { 
    version = finalVersion;
    src = prev.fetchurl {
@ -10,4 +10,4 @@ final: prev: {
      hash = "sha256-rJxyPyJJaa7mJLw0/TTJ4T8qIS11xxyAfeZEu0bhEvY=";
    };
  });
-}
+})
--- a/nixos/overlays/talosctl/default.nix
+++ b/nixos/overlays/talosctl/default.nix
@ -2,7 +2,7 @@
 let
  finalVersion = "1.7.5";
 in
-final: prev: {
+(final: prev: {
  talosctl = prev.talosctl.overrideAttrs (oldAttrs: { 
    version = finalVersion;
    src = prev.fetchFromGitHub {
@ -16,4 +16,4 @@ final: prev: {
      updateScript = ./update.sh;
    };
  });
-}
+})
--- a/nixos/overlays/warp-terminal/default.nix
+++ b/nixos/overlays/warp-terminal/default.nix
@ -2,12 +2,12 @@
 let 
  versions = lib.importJSON ./versions.json;
 in
-final: prev: {
+(final: prev: {
  warp-terminal = prev.warp-terminal.overrideAttrs (oldAttrs: { 
-    inherit (versions.linux) version;
+    version = versions.linux.version;
    src = prev.fetchurl {
      url = "https://releases.warp.dev/stable/v${versions.linux.version}/warp-terminal-v${versions.linux.version}-1-x86_64.pkg.tar.zst";
-      inherit (versions.linux) hash;
+      hash = versions.linux.hash;
    };
  });
-}
+})
--- a/shell.nix
+++ b/shell.nix
@ -17,16 +17,15 @@ pkgs.mkShell {
  NIX_CONFIG = "experimental-features = nix-command flakes";

  nativeBuildInputs = with pkgs; [
-    cachix
-    git
-    gitleaks
-    go-task
-    home-manager
-    nil
    nix
+    home-manager
+    git
+    nil
    nixpkgs-fmt
-    pre-commit
+    go-task
    sops
-    statix
+    pre-commit
+    gitleaks
+    cachix
  ];
 }
--- a/statix.toml
+++ b/statix.toml
@ -1,6 +0,0 @@
-disabled = [
-    "empty_pattern"
-]
-nix_version = '2.4'
-ignore = ['.direnv']
-