From 77b69bb0a0aa17d5b9809cb00fee5f1345b1595e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Patrick=20Gro=C3=9Fmann?= <patrickdgro@gmail.com>
Date: Tue, 7 Feb 2023 14:30:39 +0100
Subject: [PATCH] Fix: removed unusable warning in rekey module

---
 apps/rekey.nix           |   7 +-
 configuration.nix        |  11 +-
 flake.lock               |  12 +-
 modules/rekey-drv.nix    |  16 +-
 modules/rekey.nix        |  25 ++-
 users/common/polybar.nix | 417 +++++++++++++++++++++++++++++++++++----
 users/patrick.nix        |   2 +-
 7 files changed, 411 insertions(+), 79 deletions(-)

diff --git a/apps/rekey.nix b/apps/rekey.nix
index 6876440..869a4c3 100644
--- a/apps/rekey.nix
+++ b/apps/rekey.nix
@@ -9,12 +9,7 @@ with nixpkgs.lib; let
   rekeyCommandForHost = hostName: hostAttrs: let
     masterIdentities = strings.concatMapStrings (x: "-i ${x} ") hostAttrs.config.rekey.masterIdentityPaths;
 
-    pubKeyStr = let
-      pubKey = hostAttrs.config.rekey.pubKey;
-    in
-      if isPath pubKey
-      then readFile pubKey
-      else pubKey;
+    pubKeyStr = hostAttrs.config.rekey.pubKey;
     secretPath = "/tmp/nix-rekey.d/${builtins.hashString "sha1" pubKeyStr}/";
 
     rekeyCommand = secretName: secretAttrs: let
diff --git a/configuration.nix b/configuration.nix
index f67ffce..a3a376f 100644
--- a/configuration.nix
+++ b/configuration.nix
@@ -28,7 +28,6 @@
   rekey.masterIdentityPaths = [./secrets/NIXOSc.key ./secrets/NIXOSa.key];
 
   rekey.pubKey = ./keys + "/${config.networking.hostName}.pub";
-  rekey.plugins = [pkgs.age-plugin-yubikey];
 
   networking.wireless.iwd.enable = true;
   rekey.secrets.eduroam = {
@@ -88,24 +87,30 @@
 
   powerManagement.powertop.enable = true;
 
+  # Disable mutable Users, any option can only be set by the nix config
+  users.mutableUsers = false;
+
+  rekey.secrets.patrick.file = ./secrets/patrick.passwd.age;
   # Define a user account. Don't forget to set a password with ‘passwd’.
   users.users.patrick = {
     isNormalUser = true;
     uid = 1000;
     createHome = true;
-    extraGroups = ["wheel" "audio" "video" "input"]; # Enable ‘sudo’ for the user.
+    extraGroups = ["wheel" "audio" "video" "input"];
     group = "patrick";
     shell = pkgs.zsh;
+	passwordFile = config.rekey.secrets.patrick.path;
   };
   users.groups.patrick.gid = 1000;
 
+  rekey.secrets.root.file = ./secrets/root.passwd.age;
   users.users.root = {
-    initialPassword = "ctie";
     openssh.authorizedKeys.keys = [
       "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDZixkix0KfKuq7Q19whS5FQQg51/AJGB5BiNF/7h/LM"
       "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHxD4GOrwrBTG4/qQhm5hoSB2CP7W9g1LPWP11oLGOjQ"
     ];
     shell = pkgs.zsh;
+	passwordFile = config.rekey.secrets.root.path;
   };
 
   security.sudo.enable = false;
diff --git a/flake.lock b/flake.lock
index 9af2e3a..20c33c8 100644
--- a/flake.lock
+++ b/flake.lock
@@ -66,11 +66,11 @@
         "utils": "utils"
       },
       "locked": {
-        "lastModified": 1675462931,
-        "narHash": "sha256-JiOUSERBtA1lN/s9YTKGZoZ3XUicHDwr+C8swaPSh3M=",
+        "lastModified": 1675637696,
+        "narHash": "sha256-tilJS8zCS3PaDfVOfsBZ4zspuam8tc7IMZxtGa/K/uo=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "e2c1756e3ae001ca8696912016dd31cb1503ccf3",
+        "rev": "c43d4a3d6d9ef8ddbe2438362f5c775b4186000b",
         "type": "github"
       },
       "original": {
@@ -81,11 +81,11 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1675362331,
-        "narHash": "sha256-VmcnKPj5gJLxWK7Bxlhg2LoQvhKRss7Ax+uoFjd3qKY=",
+        "lastModified": 1675545634,
+        "narHash": "sha256-TbQeQcM5TA/wIho6xtzG+inUfiGzUXi8ewwttiQWYJE=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "a100acd7bbf105915b0004427802286c37738fef",
+        "rev": "0591d6b57bfeb55dfeec99a671843337bc2c3323",
         "type": "github"
       },
       "original": {
diff --git a/modules/rekey-drv.nix b/modules/rekey-drv.nix
index 0f5d818..58e15a8 100644
--- a/modules/rekey-drv.nix
+++ b/modules/rekey-drv.nix
@@ -1,18 +1,13 @@
 pkgs: config: (
+  # Derivation to copy the rekeyd secrets for tmp to the nix store
+  # Agenix will read them from the store for decryption
   pkgs.stdenv.mkDerivation rec {
     pname = "host-secrets";
     version = "1";
     description = "Rekeyed secrets for this host";
-    pubKeyStr = let
-      pubKey = config.rekey.pubKey;
-    in
-      if builtins.isPath pubKey
-      then builtins.readFile pubKey
-      else pubKey;
-
+    # Set all keys and secrets as input so the derivation gets rebuild if any of them change
+    pubKeyStr = config.rekey.pubKey;
     secretFiles = pkgs.lib.mapAttrsToList (_: x: x.file) config.rekey.secrets;
-    srcs = secretFiles;
-    sourceRoot = ".";
 
     dontMakeSourcesWriteable = true;
     dontUnpack = true;
@@ -20,7 +15,8 @@ pkgs: config: (
     dontBuild = true;
 
     installPhase = ''
-      cp -r /tmp/nix-rekey.d/${builtins.hashString "sha1" pubKeyStr}/. $out
+      cp -r /tmp/nix-rekey.d/${builtins.hashString "sha1" pubKeyStr}/. $out \
+	  || { echo "Warning Secrets not available. Maybe you forgot to run 'nix run .#rekey' to rekey them?"; exit 1; }
     '';
   }
 )
diff --git a/modules/rekey.nix b/modules/rekey.nix
index 8762cc3..036ec9e 100644
--- a/modules/rekey.nix
+++ b/modules/rekey.nix
@@ -11,6 +11,7 @@
     drv = import ./rekey-drv.nix pkgs config;
   in
     mkIf (config.rekey.secrets != {}) {
+	  # export all secrets to agenix with rewritten path from rekey
       age = {
         secrets = let
           secretPath = "${drv}/";
@@ -18,16 +19,22 @@
         in
           mapAttrs (name: value: value // {file = newPath name;}) config.rekey.secrets;
       };
-      warnings = optional (! pathExists (removeSuffix ".drv" drv.drvPath)) ''
-           Rekeyed secrets not available.
-        Maybe you forgot to run "nix run '.#rekey'" to rekey them?
-      '';
+
+      # Warn if rekey has to been executed
+	  # use the drvPath to prevent nix from building the derivation in this step
+	  # drvPath is not outPath so this warning does not work
+	  # to fix it you would need some kind of way to access the outPath without evaluating the derivation
+      #warnings = optional ( ! pathExists (removeSuffix ".drv" drv.drvPath)) ''
+	  #  Path ${drv.drvPath}
+      #  Rekeyed secrets not available.
+      #  Maybe you forgot to run "nix run '.#rekey'" to rekey them?
+      #'';
     };
 
   options = with lib; {
     rekey.secrets = options.age.secrets;
     rekey.pubKey = mkOption {
-      type = types.either types.path types.str;
+      type = types.coercedTo types.path builtins.readFile types.str;
       description = ''
         The age public key set as a recipient when rekeying.
         either a path to a public key file or a string public key
@@ -46,13 +53,5 @@
       '';
     };
 
-    rekey.plugins = mkOption {
-      type = types.listOf types.package;
-      default = [];
-      description = ''
-        A list of plugins that should be available in your path when rekeying.
-      '';
-      example = [pkgs.age-plugin-yubikey];
-    };
   };
 }
diff --git a/users/common/polybar.nix b/users/common/polybar.nix
index 55e84ad..26a2f8c 100644
--- a/users/common/polybar.nix
+++ b/users/common/polybar.nix
@@ -1,50 +1,387 @@
-{
-	config,
-	...
-}:
-let
+# Polybar config
+# Polybar is kinda weird in two regards:
+# 1. polybar allows a superkey and subkey to both have values eg:
+# a = "lel"
+# a.b = "lul"
+# since nix does not allow this you have to hardcode the key with a '-'
+# instead of using actual nix subkeys witt '.' eg:
+# a = "lel"
+# a-b = "lul"
+# 2. polybar allows integer keys. In nix these have to be quoted
+
+
+{config, ...}: let
   color = {
-	bground = ;
-	fground = ;
-in
-{
-	services.polybar = {
-		enable = true;
-		settings = {
-			"bar/main" = {
-				monitor = "DP-1";
-				monitro.fallback = "eDP-1";
-				bottom = true;
+    shade1 = "#311B92";
+    shade2 = "#4527A0";
+    shade3 = "#512DA8";
+    shade4 = "#5E35B1";
+    shade5 = "#673AB7";
+    shade6 = "#7E57C2";
+    shade7 = "#9575CD";
+    shade8 = "#B39DDB";
 
-				dpi = 96;
-				heigh = 22;
+    bground = "#1D1F28";
+    fground = "#f7f7f7";
+    borderbg = "#f7f7f7";
+    accent = "#5E35B1";
+    modulefg = "#f7f7f7";
+    modulefg-alt = "#f7f7f7";
 
-				background = color.bground;
-				foreground = color.fground;
+    trans = "#00000000";
+    white = "#FFFFFF";
+    black = "#000000";
 
-				font = {
-					0 = "FiraCode Nerd Font Mono:style=Medium:size=13";
-					1 = "";
-					2 = "Iosevka Nerd Font:style=Medium:size=16";
-					3 = "Font Awesome 5 Pro:style=Solid:size=13";
-					4 = "Font Awesome 5 Pro:style=Regular:size=13";
-					5 = "Font Awesome 5 Pro:style=Light:size=13";
-				};
+    # Material Colors
+    red = "#e53935";
+    pink = "#d81b60";
+    purple = "#8e24aa";
+    deep-purple = "#5e35b1";
+    indigo = "#3949ab";
+    blue = "#1e88e5";
+    light-blue = "#039be5";
+    cyan = "#00acc1";
+    teal = "#00897b";
+    green = "#43a047";
+    light-green = "#7cb342";
+    lime = "#c0ca33";
+    yellow = "#fdd835";
+    amber = "#ffb300";
+    orange = "#fb8c00";
+    deep-orange = "#f4511e";
+    brown = "#6d4c41";
+    grey = "#757575";
+    blue-gray = "#546e7a";
+  };
+in {
+  services.polybar = {
+    enable = true;
+    settings = {
+      "bar/main" = {
+        monitor = "DP-1";
+        monitro.fallback = "eDP-1";
+        bottom = true;
 
-				modules = {
-					left = [ "icon" "left1" "title" "left2" ];
-					center = [ "workspaces" ];
-					right = [ "right5" "alsa" "right4" "battery" "right3" "network" "date" "right1" "keyboardswitcher" ];
-				};
+        dpi = 96;
+        height = 22;
 
-				tray = {
-					position = "right";
-					background = color.shade1;
-				};
+        background = color.bground;
+        foreground = color.fground;
 
-				enable.ipc = true;
+        font = {
+          "0" = "FiraCode Nerd Font Mono:style=Medium:size=13";
+          "1" = "";
+          "2" = "Iosevka Nerd Font:style=Medium:size=16";
+          "3" = "Font Awesome 5 Pro:style=Solid:size=13";
+          "4" = "Font Awesome 5 Pro:style=Regular:size=13";
+          "5" = "Font Awesome 5 Pro:style=Light:size=13";
+        };
 
+        modules = {
+          left = ["icon" "left1" "title" "left2"];
+          center = ["workspaces"];
+          right = ["right5" "alsa" "right4" "battery" "right3" "network" "date" "right1" "keyboardswitcher"];
+        };
 
-			};
-	};
+        tray = {
+          position = "right";
+          background = color.shade1;
+        };
+
+        enable.ipc = true;
+      };
+      # _._._._._._._._._._._._._._._._._._._._._._
+      # Functional MODULES
+      # _._._._._._._._._._._._._._._._._._._._._._
+
+      "module/title" = {
+        type = "internal/xwindow";
+
+        format = "<label>";
+        format-background = color.shade2;
+        format-foreground = color.modulefg;
+        format-padding = "1";
+
+        label = "%title%";
+        label-maxlen = "30";
+
+        label-empty = "NixOS";
+        label-empty-foreground = "#707880";
+      };
+
+      "module/workspaces" = {
+        type = "internal/xworkspaces";
+
+        pin.workspaces = "true";
+        enable.click = "true";
+        enable.scroll = "true";
+
+        label.active = "  %{T1}%{T-}";
+        label.occupied = "%{T1}%{T-}";
+        label.urgent = "  %{T1}%{T-}";
+        label.empty = "   %{T1}%{T-}";
+
+        format = "<label.state>";
+
+        label.monitor = "%name%";
+        label.active-foreground = color.accent;
+        label.occupied-foreground = color.yellow;
+        label.urgent-foreground = color.red;
+        label.empty-foreground = color.modulefg.alt;
+
+        label.active-padding = "1";
+        label.urgent-padding = "1";
+        label.occupied-padding = "1";
+        label.empty-padding = "1";
+      };
+
+      "module/alsa" = {
+        type = "internal/pulseaudio";
+
+        format.volume = "<ramp.volume> <label.volume>";
+        format.volume-background = color.shade5;
+        format.volume-foreground = color.modulefg;
+        format.volume-padding = "1";
+
+        label.volume = "%percentage%%";
+
+        format.muted.prefix = "%{T1}婢%{T-}";
+        label.muted = " Mute";
+        format.muted.background = color.shade5;
+        format.muted.foreground = color.modulefg;
+        format.muted.padding = "1";
+
+        ramp.volume."0" = "%{T1}奄%{T-}";
+        ramp.volume."1" = "%{T1}奔%{T-}";
+        ramp.volume."2" = "%{T1}墳%{T-}";
+      };
+      "module/backlight" = {
+        type = "internal/xbacklight";
+
+        card = "intel_backlight";
+
+        format = "<ramp> <label>";
+        format-background = color.shade4;
+        format-foreground = color.modulefg;
+        format-padding = "1";
+
+        label = "%percentage%%";
+
+        ramp."0" = "";
+        ramp."1" = "";
+        ramp."2" = "";
+        ramp."3" = "";
+        ramp."4" = "";
+      };
+      "module/battery" = {
+        type = "internal/battery";
+
+        full.at = "99";
+
+        battery = "BAT0";
+        adapter = "ADP1";
+
+        poll.interval = "2";
+        time.format = "%H:%M";
+
+        format.charging = "<animation.charging> <label.charging>";
+        format.charging-background = color.shade4;
+        format.charging-foreground = color.modulefg;
+        format.charging-padding = "1";
+
+        format.discharging = "<ramp.capacity> <label.discharging>";
+        format.discharging-background = color.shade4;
+        format.discharging-foreground = color.modulefg;
+        format.discharging-padding = "1";
+
+        label.charging = "%percentage%%";
+        label.discharging = "%percentage%%";
+
+        label.full = "Fully Charged";
+        label.full-background = color.shade4;
+        label.full-foreground = color.modulefg;
+        label.full-padding = "1";
+
+        # Capacity ramp
+        ramp.capacity.font = "5";
+        ramp.capacity."0" = "  %{T1}warning%{T-}  ";
+        ramp.capacity."0-foreground" = "#000000";
+        ramp.capacity."0-background" = "#df2c00";
+        ramp.capacity."1" = "";
+        ramp.capacity."1-foreground" = "#df2c00";
+        ramp.capacity."2" = "";
+        ramp.capacity."2-foreground" = "#df4c00";
+        ramp.capacity."3" = "";
+        ramp.capacity."3-foreground" = "#df8c00";
+        ramp.capacity."4" = "";
+        ramp.capacity."4-foreground" = "#dfcc00";
+        ramp.capacity."5" = "";
+        ramp.capacity."5-foreground" = "#dfcc00";
+        ramp.capacity."6" = "";
+        ramp.capacity."7" = "";
+        ramp.capacity."8" = "";
+        ramp.capacity."9" = "";
+
+        animation.charging.font = "5";
+        animation.charging."0" = "";
+        animation.charging."1" = "";
+        animation.charging."2" = "";
+        animation.charging."3" = "";
+        animation.charging."4" = "";
+        animation.charging."5" = "";
+        animation.charging."6" = "";
+        animation.charging."7" = "";
+        animation.charging."8" = "";
+        animation.charging.framerate = "750";
+      };
+      "module/date" = {
+        type = "internal/date";
+
+        interval = "1.0";
+        format = "<label>";
+        format-background = color.shade2;
+        format-foreground = color.modulefg;
+        format-padding = "1";
+        label = "%date% %time%";
+
+        # Normal date and time format
+        #date.alt = "%%{T5}%%{T-} %{F#808080}%Y.%m.%{F.}%d";
+        #time.alt = "%%{T5}%%{T-} %H:%M";
+
+        # Alternative date and time format
+        date = "%%{T5}%%{T-} %a, %d %{F#808080}%b %Y%{F.}";
+        time = "%%{T5}%%{T-} %H:%M:%S";
+      };
+
+      "module/powermenu" = {
+        type = "custom/text";
+        content = "%{T1}%{T-}";
+
+        expand.right = "false";
+
+        click.left = "/home/patrick/.config/rofi/powermenu/powermenu.sh";
+
+        content-background = color.shade1;
+        content-foreground = color.modulefg;
+        content-padding = "1";
+
+        label.open = "%{T1}%{T-}";
+        label.close = "%{T1}%{T-}";
+        label.separator = "|";
+      };
+
+      "module/network" = {
+        type = "internal/network";
+        interface = "wlan0";
+
+        interval = "1.0";
+        accumulate.stats = "true";
+        unknown.as.up = "true";
+
+        format-connected = "<ramp.signal> <label.connected>";
+        format-connected-background = color.shade3;
+        format-connected-foreground = color.modulefg;
+        format-connected-padding = "1";
+        label.connected = "%{F#808080}%ifname%%{F.} %{F#808080}%upspeed:8%   %downspeed:8% %{F.}";
+
+        format.disconnected = "<label.disconnected>";
+        format.disconnected-background = color.shade3;
+        format.disconnected-foreground = color.modulefg;
+        format.disconnected-padding = "1";
+
+        ramp.signal.font = "4";
+        ramp.signal."0" = "%{F#333}%{F. O.22}";
+        ramp.signal."1" = "%{F#333}%{F. O.22}";
+        ramp.signal."2" = "%{F#333}%{F. O.22}";
+        ramp.signal."3" = "%{F#333}%{F. O.22}";
+        ramp.signal."4" = "%{F#333}%{F. O.22}";
+      };
+      "module/keyboardswitcher" = {
+        type = "custom/menu";
+
+        expand.right = "true";
+
+        format.background = color.shade1;
+        format.foreground = color.modulefg;
+
+        label.open = "%{T3}  %{T-}";
+        label.close = " x ";
+        label.separator = " | ";
+
+        menu."0"."0" = "bone";
+        menu."0"."0-exec" = "/usr/bin/setxkbmap de bone";
+        menu."0"."1" = "neo";
+        menu."0"."1-exec" = "/usr/bin/setxkbmap de neo";
+        menu."0"."2" = "qwertz";
+        menu."0"."2-exec" = "/usr/bin/setxkbmap de";
+      };
+
+      # _._._._._._._._._._._._._._._._._._._._._._
+      # AESTHETIC MODULES
+      # _._._._._._._._._._._._._._._._._._._._._._
+
+      "module/left1" = {
+        type = "custom/text";
+        "content-background" = color.shade2;
+        "content-foreground" = color.shade1;
+        content = "%{T3}%{T-}";
+      };
+
+      "module/left2" = {
+        type = "custom/text";
+        "content-background" = color.bground;
+        "content-foreground" = color.shade2;
+        content = "%{T3}%{T-}";
+      };
+
+      "module/right1" = {
+        type = "custom/text";
+        "content-background" = color.shade2;
+        "content-foreground" = color.shade1;
+        content = "%{T3}%{T-}";
+      };
+
+      "module/right2" = {
+        type = custom/text;
+        "content-background" = color.shade3;
+        "content-foreground" = color.shade2;
+        content = "%{T3}%{T-}";
+      };
+
+      "module/right3" = {
+        type = "custom/text";
+        "content-background" = color.shade4;
+        "content-foreground" = color.shade3;
+        content = "%{T3}%{T-}";
+      };
+
+      "module/right4" = {
+        type = "custom/text";
+        "content-background" = color.shade5;
+        "content-foreground" = color.shade4;
+        content = "%{T3}%{T-}";
+      };
+
+      "module/right5" = {
+        type = "custom/text";
+        "content-background" = color.bground;
+        "content-foreground" = color.shade5;
+        content = "%{T3}%{T-}";
+      };
+
+      "module/right6" = {
+        type = "custom/text";
+        "content-background" = color.shade7;
+        "content-foreground" = color.shade6;
+        content = "%{T3}%{T-}";
+      };
+
+      "module/right7" = {
+        type = "custom/text";
+        "content-background" = color.bground;
+        "content-foreground" = color.shade7;
+        content = "%{T3}%{T-}";
+      };
+    };
+  };
 }
diff --git a/users/patrick.nix b/users/patrick.nix
index e6516d7..905d546 100644
--- a/users/patrick.nix
+++ b/users/patrick.nix
@@ -8,7 +8,7 @@
     common/herbstluftwm.nix
     common/autorandr.nix
     common/desktop.nix
-    # common/polybar.nix
+    #common/polybar.nix
     ./common
   ];