From 7711e69e5c0207e4049d01f8b2473e8cf866cccb Mon Sep 17 00:00:00 2001
From: foosinn <stefan@f2o.io>
Date: Sat, 13 Jun 2020 23:17:19 +0200
Subject: [PATCH 1/4] add admin role

---
 configuration.nix |  1 +
 roles/admin.nix   | 46 ++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 47 insertions(+)
 create mode 100644 roles/admin.nix

diff --git a/configuration.nix b/configuration.nix
index 61c4758..ace14f5 100644
--- a/configuration.nix
+++ b/configuration.nix
@@ -13,6 +13,7 @@
       # Include the results of the hardware scan.
       ./hardware-configuration.nix
 
+      ./roles/admin.nix
       ./roles/dev.nix
       ./roles/base.nix
       ./roles/desktop.nix
diff --git a/roles/admin.nix b/roles/admin.nix
new file mode 100644
index 0000000..dfeb70d
--- /dev/null
+++ b/roles/admin.nix
@@ -0,0 +1,46 @@
+{ pkgs, options, ...}:
+
+{
+  environment.systemPackages = with pkgs; [
+    kubectl
+
+    # podman
+    conmon
+    fuse-overlayfs
+    podman
+    podman-compose
+    runc
+    slirp4netns
+  ];
+
+  users.users.stefan.subUidRanges = [{ startUid = 100000; count = 65536; }];
+  users.users.stefan.subGidRanges = [{ startGid = 100000; count = 65536; }];
+
+  environment.etc."containers/policy.json" = {
+    mode="0644";
+    text=''
+      {
+        "default": [
+          {
+            "type": "insecureAcceptAnything"
+          }
+        ],
+        "transports":
+          {
+            "docker-daemon":
+              {
+                "": [{"type":"insecureAcceptAnything"}]
+              }
+          }
+      }
+    '';
+  };
+
+  environment.etc."containers/registries.conf" = {
+    mode="0644";
+    text=''
+      [registries.search]
+      registries = ['docker.io', 'quay.io']
+    '';
+  };
+}

From d5165d670e7c30b0ad26691b7a53079796349ea7 Mon Sep 17 00:00:00 2001
From: foosinn <stefan@f2o.io>
Date: Sat, 13 Jun 2020 23:19:34 +0200
Subject: [PATCH 2/4] use starship

---
 dotfiles/starship.toml |  7 +++++++
 roles/base.nix         | 25 +++++++++++++------------
 2 files changed, 20 insertions(+), 12 deletions(-)
 create mode 100644 dotfiles/starship.toml

diff --git a/dotfiles/starship.toml b/dotfiles/starship.toml
new file mode 100644
index 0000000..192cb4b
--- /dev/null
+++ b/dotfiles/starship.toml
@@ -0,0 +1,7 @@
+add_newline = false
+
+[username]
+show_always = true
+
+[hostname]
+ssh_only = false
diff --git a/roles/base.nix b/roles/base.nix
index 4bd2dce..b6af0a3 100644
--- a/roles/base.nix
+++ b/roles/base.nix
@@ -1,9 +1,8 @@
-# Do not modify this file!  It was generated by ‘nixos-generate-config’
-# and may be overwritten by future invocations.  Please make changes
-# to /etc/nixos/configuration.nix instead.
 { config, lib, pkgs, ... }:
 
-{
+let
+  unstable = import <nixos-unstable> {};
+in {
   environment.systemPackages = with pkgs; [
     bash
     bat
@@ -15,13 +14,23 @@
     jq
     ripgrep
     z-lua
+    unstable.starship
     (import ../packages/neovim.nix)
   ];
 
+  environment = {
+    etc = {
+      "starship.toml".source = ../dotfiles/starship.toml;
+    };
+  };
 
   programs.bash = {
+    promptInit = ''
+      . <(starship init bash)
+    '';
     interactiveShellInit = ''
       export EDITOR=nvim
+      export STARSHIP_CONFIG=/etc/starship.toml
 
       if [ -z "$SSH_AUTH_SOCK" ]; then
           eval $(ssh-agent)
@@ -43,14 +52,6 @@
           fi
       }
       
-      git_branch(){
-          branch=$(git branch 2> /dev/null) || exit 0
-          branch=$(sed -n '/^*/ s/* \(.*\)/\1/p' <<< $branch)
-          status=$(git status 2> /dev/null \
-            | grep -q "nothing to commit, working tree clean" || e    cho -n '*')
-          echo "$branch$status "
-      }
-
       . "$(fzf-share)/key-bindings.bash"
       . "$(fzf-share)/completion.bash"
       . <(z --init bash)

From 2c8feae00ca7108b72106f365428d19ecaf7d32d Mon Sep 17 00:00:00 2001
From: foosinn <stefan@f2o.io>
Date: Sat, 13 Jun 2020 23:20:10 +0200
Subject: [PATCH 3/4] use keepasscx from unstable

---
 roles/desktop.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/desktop.nix b/roles/desktop.nix
index 3713972..a8a3602 100644
--- a/roles/desktop.nix
+++ b/roles/desktop.nix
@@ -43,10 +43,10 @@ in {
   environment.systemPackages = with pkgs; [
     alacritty
     firefox
-    unstable.keepassxc
     neofetch
     pulseaudio
     pulsemixer
+    unstable.keepassxc
     (
       pkgs.writeTextFile {
         name = "startsway";

From fb4b98e023244345dfea40615c46111ec127aaa1 Mon Sep 17 00:00:00 2001
From: foosinn <stefan@f2o.io>
Date: Sat, 13 Jun 2020 23:20:39 +0200
Subject: [PATCH 4/4] tools

---
 roles/base.nix    | 2 ++
 roles/desktop.nix | 1 +
 roles/dev.nix     | 4 +++-
 3 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/roles/base.nix b/roles/base.nix
index b6af0a3..b44a0de 100644
--- a/roles/base.nix
+++ b/roles/base.nix
@@ -10,8 +10,10 @@ in {
     fd 
     fzf
     git
+    gnupg
     htop
     jq
+    ncdu
     ripgrep
     z-lua
     unstable.starship
diff --git a/roles/desktop.nix b/roles/desktop.nix
index a8a3602..4375e8d 100644
--- a/roles/desktop.nix
+++ b/roles/desktop.nix
@@ -43,6 +43,7 @@ in {
   environment.systemPackages = with pkgs; [
     alacritty
     firefox
+    mumble
     neofetch
     pulseaudio
     pulsemixer
diff --git a/roles/dev.nix b/roles/dev.nix
index b975189..a42a09a 100644
--- a/roles/dev.nix
+++ b/roles/dev.nix
@@ -5,7 +5,7 @@
 
 let
   unstable = import <nixos-unstable> {};
-  mozilla_overlay = import <mozilla> {};
+  mozilla = import <mozilla> {};
 
 in {
   environment.systemPackages = with pkgs; [
@@ -15,6 +15,8 @@ in {
     python37Packages.pyls-isort
     python37Packages.pyls-mypy
     rustup
+    sops
+    tig
     unstable.gopls
     unstable.rust-analyzer
   ];