From a64ee9533d285b2ac4aee085f09ee728754beb13 Mon Sep 17 00:00:00 2001 From: Chris Kruining Date: Fri, 28 Mar 2025 20:59:01 +0100 Subject: [PATCH] initial himmelblau setup --- flake.lock | 83 ++++++++++++++------ flake.nix | 13 +-- hosts/orome/default.nix | 2 + modules/system/authentication/himmelblau.nix | 23 ++++++ 4 files changed, 94 insertions(+), 27 deletions(-) create mode 100644 modules/system/authentication/himmelblau.nix diff --git a/flake.lock b/flake.lock index 8b9be12..c538be4 100644 --- a/flake.lock +++ b/flake.lock @@ -265,6 +265,24 @@ } }, "flake-utils_4": { + "inputs": { + "systems": "systems_4" + }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_5": { "inputs": { "systems": [ "stylix", @@ -384,6 +402,28 @@ "type": "github" } }, + "himmelblau": { + "inputs": { + "flake-utils": "flake-utils_2", + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1742578960, + "narHash": "sha256-pBH9qjodl+yHC1eFDdMYs4qlRitaWkDDj7vwNIF5aKw=", + "owner": "himmelblau-idm", + "repo": "himmelblau", + "rev": "2bb9815cf518e3358544e2561d5f432944a582b4", + "type": "github" + }, + "original": { + "owner": "himmelblau-idm", + "ref": "main", + "repo": "himmelblau", + "type": "github" + } + }, "home-manager": { "inputs": { "nixpkgs": [ @@ -488,7 +528,7 @@ "nix-minecraft": { "inputs": { "flake-compat": "flake-compat_2", - "flake-utils": "flake-utils_2", + "flake-utils": "flake-utils_3", "nixpkgs": "nixpkgs_3" }, "locked": { @@ -566,22 +606,6 @@ "type": "github" } }, - "nixpkgs-unstable": { - "locked": { - "lastModified": 1742422364, - "narHash": "sha256-mNqIplmEohk5jRkqYqG19GA8MbQ/D4gQSK0Mu4LvfRQ=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "a84ebe20c6bc2ecbcfb000a50776219f48d134cc", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, "nixpkgs_2": { "locked": { "lastModified": 1712608508, @@ -736,12 +760,12 @@ "nvf": { "inputs": { "flake-parts": "flake-parts", - "flake-utils": "flake-utils_3", + "flake-utils": "flake-utils_4", "mnw": "mnw", "nil": "nil", "nixpkgs": "nixpkgs_5", "nmd": "nmd", - "systems": "systems_4" + "systems": "systems_5" }, "locked": { "lastModified": 1742745896, @@ -785,11 +809,11 @@ "fenix": "fenix", "firefox": "firefox", "flux": "flux", + "himmelblau": "himmelblau", "home-manager": "home-manager", "nix-minecraft": "nix-minecraft", "nixos-boot": "nixos-boot", "nixpkgs": "nixpkgs_4", - "nixpkgs-unstable": "nixpkgs-unstable", "nvf": "nvf", "plasma-manager": "plasma-manager", "sops-nix": "sops-nix", @@ -862,13 +886,13 @@ "base16-vim": "base16-vim", "firefox-gnome-theme": "firefox-gnome-theme", "flake-compat": "flake-compat_3", - "flake-utils": "flake-utils_4", + "flake-utils": "flake-utils_5", "git-hooks": "git-hooks", "gnome-shell": "gnome-shell", "home-manager": "home-manager_2", "nixpkgs": "nixpkgs_7", "nur": "nur", - "systems": "systems_5", + "systems": "systems_6", "tinted-foot": "tinted-foot", "tinted-kitty": "tinted-kitty", "tinted-schemes": "tinted-schemes", @@ -964,6 +988,21 @@ "type": "github" } }, + "systems_6": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, "tinted-foot": { "flake": false, "locked": { diff --git a/flake.nix b/flake.nix index f21ad28..80d16b1 100644 --- a/flake.nix +++ b/flake.nix @@ -3,7 +3,6 @@ inputs = { nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; - nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; home-manager = { url = "github:nix-community/home-manager"; @@ -32,14 +31,20 @@ zen-browser.url = "github:MarceColl/zen-browser-flake"; nix-minecraft.url = "github:Infinidoge/nix-minecraft"; + flux.url = "github:IogaMaster/flux"; sops-nix.url = "github:Mic92/sops-nix"; + + himmelblau = { + url = "github:himmelblau-idm/himmelblau/main"; + inputs.nixpkgs.follows = "nixpkgs"; + }; }; - outputs = inputs @ { self, nixpkgs, nixpkgs-unstable, nix-minecraft, flux, ... }: + outputs = inputs @ { self, nixpkgs, nix-minecraft, flux, ... }: let - inherit (lib.my) mapModules mapModulesRec mapHosts; + inherit (lib.my) mapModulesRec mapHosts; system = "x86_64-linux"; @@ -54,7 +59,6 @@ overlays = extraOverlays ++ (lib.attrValues self.overlays); }; pkgs = mkPkgs nixpkgs [self.overlays.default nix-minecraft.overlay flux.overlays.default]; - pkgs-unstable = mkPkgs nixpkgs-unstable []; lib = nixpkgs.lib.extend (final: prev: { my = import ./lib { @@ -69,7 +73,6 @@ overlays = { default = final: prev: { - unstable = pkgs-unstable; my = self.packages.${system}; }; }; diff --git a/hosts/orome/default.nix b/hosts/orome/default.nix index 0355ff7..480e796 100644 --- a/hosts/orome/default.nix +++ b/hosts/orome/default.nix @@ -4,6 +4,8 @@ system.audio.enable = true; system.bluetooth.enable = true; + authentication.himmelblau.enable = true; + root = { user = { full_name = "__ROOT__"; diff --git a/modules/system/authentication/himmelblau.nix b/modules/system/authentication/himmelblau.nix new file mode 100644 index 0000000..caaf86a --- /dev/null +++ b/modules/system/authentication/himmelblau.nix @@ -0,0 +1,23 @@ +{ inputs, lib, pkgs, config, ... }: let + inherit (lib) mkEnableOption mkIf; + + cfg = config.modules.authentication.himmelblau; +in +{ + imports = [ inputs.himmelblau.nixosModules.himmelblau ]; + + options.modules.authentication.himmelblau = { + enable = mkEnableOption "enable azure entra ID authentication"; + }; + + config = mkIf cfg.enable { + services.himmelblau = { + enable = true; + settings = { + domains = []; + pam_allow_groups = []; + local_groups = []; + }; + }; + }; +}