feat: initial m3ta-home structure

- flake.nix with nixpkgs, home-manager, nix-colors, m3ta-nixpkgs, agenix, NUR inputs - lib/mkHome.nix: compose HM config from user + identity + context + sets - profiles/base: shell, cli-tools, secrets (always loaded) - profiles/contexts/desktop: WM, apps, theme, ghostty - profiles/contexts/server: minimal headless - profiles/sets/coding: core (git, direnv, jq, rg), editor, lsp, languages, agents - profiles/sets/gaming: steam, gamescope, gpu - profiles/sets/media: obs, ffmpeg, kdenlive, handbrake, yt-dlp - users/m3tam3re/identities: private.nix, work.nix (git, jj, ssh per identity) - users/m3tam3re/preferences: cliphist, difftastic, base packages
2026-05-02 09:08:40 +02:00
commit fbc31450de
73 changed files with 3368 additions and 0 deletions
--- a/users/m3tam3re/identities/private.nix
+++ b/users/m3tam3re/identities/private.nix
@@ -0,0 +1,148 @@
+# users/m3tam3re/identities/private.nix — Private identity (m3tam3re).
+#
+# Sets git identity, jujutsu identity, and SSH match blocks for private infrastructure.
+# This module is loaded when identity = "private" in mkHome.
+{
+  config,
+  lib,
+  ...
+}: {
+  # ── User identity ──
+  home.username = lib.mkForce "m3tam3re";
+  home.homeDirectory = lib.mkForce "/home/m3tam3re";
+
+  # ── Git configuration ──
+  programs.git = {
+    enable = true;
+    signing.format = null;
+    settings = {
+      user = {
+        name = "m3tm3re";
+        email = "p@m3ta.dev";
+      };
+      core.excludesfile = "~/.gitignore_global";
+      init.defaultBranch = "master";
+      alias = {
+        st = "status";
+        logd = "log --graph --pretty=format:'%Cred%h%Creset -%C(yellow)%d%Creset %s %Cgreen(%cr) %C(bold blue)<%an>%Creset' --abbrev-commit";
+      };
+    };
+  };
+
+  # ── Jujutsu configuration ──
+  programs.jujutsu = {
+    enable = true;
+    settings = {
+      user = {
+        email = "m@m3tam3re.com";
+        name = "Sascha Koenig";
+      };
+    };
+  };
+
+  # ── SSH configuration ──
+  programs.ssh = {
+    enable = true;
+    enableDefaultConfig = false;
+    matchBlocks = {
+      "github.com" = {
+        hostname = "github.com";
+        user = "m3tam3re";
+        port = 22;
+        identityFile = "~/.ssh/github";
+      };
+      "code.m3ta.dev" = {
+        hostname = "code.m3ta.dev";
+        user = "m3tam3re";
+        identityFile = "~/.ssh/gitea";
+      };
+      "nikhil" = {
+        hostname = "91.99.176.80";
+        user = "nikhilmaddirala";
+        identityFile = "~/.ssh/m3tam3re";
+      };
+      "lkk-nix-1" = {
+        hostname = "89.58.10.189";
+        user = "lkk-admin";
+        identityFile = "~/.ssh/lkk-admin";
+      };
+      "m3-r1" = {
+        hostname = "202.61.226.110";
+        user = "m3tam3re";
+        identityFile = "~/.ssh/m3tam3re";
+      };
+      "lkk-prod-test" = {
+        hostname = "192.168.122.215";
+        user = "root";
+        identityFile = "~/.ssh/m3tam3re";
+      };
+      "lkk-prod-1" = {
+        hostname = "192.168.0.24";
+        user = "root";
+        identityFile = "~/.ssh/m3tam3re";
+      };
+      "lkk-prod-2" = {
+        hostname = "192.168.0.20";
+        user = "root";
+        identityFile = "~/.ssh/m3tam3re";
+      };
+      "m3-deck" = {
+        hostname = "192.168.178.193";
+        user = "m3tam3re";
+        identityFile = "~/.ssh/m3tam3re";
+      };
+      "m3-kratos-vm" = {
+        hostname = "192.168.122.43";
+        user = "m3tam3re";
+        identityFile = "~/.ssh/m3tam3re";
+      };
+      "m3-helios" = {
+        hostname = "192.168.178.210";
+        user = "m3tam3re";
+        identityFile = "~/.ssh/m3tam3re";
+      };
+      "m3-ares" = {
+        hostname = "192.168.1.30";
+        user = "m3tam3re";
+        identityFile = "~/.ssh/m3tam3re";
+      };
+      "m3-atlas" = {
+        hostname = "152.53.85.162";
+        user = "m3tam3re";
+        identityFile = "~/.ssh/m3tam3re";
+      };
+      "m3-hermes" = {
+        hostname = "204.168.229.93";
+        user = "m3tam3re";
+        identityFile = "~/.ssh/m3tam3re";
+      };
+      "m3-zelda" = {
+        hostname = "95.217.189.186";
+        user = "m3tam3re";
+        identityFile = "~/.ssh/m3tam3re";
+      };
+      "m3-skynet" = {
+        hostname = "m3-skynet";
+        user = "admin";
+        identityFile = "~/.ssh/m3tam3re";
+      };
+      "m3-prox-1" = {
+        hostname = "192.168.1.110";
+        user = "root";
+        identityFile = "~/.ssh/m3tam3re";
+      };
+      "shp-old" = {
+        hostname = "95.217.3.250";
+        port = 2222;
+        user = "m3tam3re";
+        identityFile = "~/.ssh/self-host-playbook";
+      };
+      "shp-1" = {
+        hostname = "95.217.189.186";
+        port = 2222;
+        user = "m3tam3re";
+        identityFile = "~/.ssh/self-host-playbook";
+      };
+    };
+  };
+}
--- a/users/m3tam3re/identities/work.nix
+++ b/users/m3tam3re/identities/work.nix
@@ -0,0 +1,68 @@
+# users/m3tam3re/identities/work.nix — Work identity (sascha.koenig).
+#
+# Sets git identity, jujutsu identity, and SSH match blocks for work infrastructure.
+# This module is loaded when identity = "work" in mkHome.
+{
+  config,
+  lib,
+  ...
+}: {
+  # ── User identity ──
+  home.username = lib.mkForce "sascha.koenig";
+  home.homeDirectory = lib.mkForce "/home/sascha.koenig";
+
+  # ── Git configuration ──
+  programs.git = {
+    enable = true;
+    signing.format = null;
+    settings = {
+      user = {
+        name = "Sascha König";
+        email = "sascha.koenig@azintec.com";
+      };
+      core.excludesfile = "~/.gitignore_global";
+      init.defaultBranch = "master";
+      alias = {
+        st = "status";
+        logd = "log --graph --pretty=format:'%Cred%h%Creset -%C(yellow)%d%Creset %s %Cgreen(%cr) %C(bold blue)<%an>%Creset' --abbrev-commit";
+      };
+    };
+  };
+
+  # ── Jujutsu configuration ──
+  programs.jujutsu = {
+    enable = true;
+    settings = {
+      user = {
+        email = "sascha.koenig@azintec.com";
+        name = "Sascha König";
+      };
+    };
+  };
+
+  # ── SSH configuration (work servers) ──
+  programs.ssh = {
+    enable = true;
+    enableDefaultConfig = false;
+    matchBlocks = {
+      "AZ-CLD-1" = {
+        hostname = "152.53.186.119";
+        user = "sascha.koenig";
+        port = 2022;
+        identityFile = "~/.ssh/sascha.koenig";
+      };
+      "AZ-PRM-1" = {
+        hostname = "192.168.152.76";
+        user = "sascha.koenig";
+        port = 2022;
+        identityFile = "~/.ssh/sascha.koenig";
+      };
+      "git.az-gruppe.com" = {
+        hostname = "git.az-gruppe.com";
+        port = 2022;
+        user = "sascha.koenig";
+        identityFile = "~/.ssh/sascha.koenig";
+      };
+    };
+  };
+}
--- a/users/m3tam3re/preferences/default.nix
+++ b/users/m3tam3re/preferences/default.nix
@@ -0,0 +1,28 @@
+# users/m3tam3re/preferences/default.nix — User preferences (portable across identities).
+#
+# These settings are the same regardless of whether you're "private" or "work":
+#   - Shell style and aliases
+#   - Editor preferences
+#   - CLI appearance (starship theme, bat theme, etc.)
+#   - Clipboard manager
+#   - difftastic
+{
+  config,
+  pkgs,
+  lib,
+  ...
+}: {
+  # ── Clipboard ──
+  services.cliphist = {
+    enable = true;
+    allowImages = true;
+  };
+
+  # ── Difftastic ──
+  programs.difftastic.enable = true;
+
+  # ── Home username/directory defaults ──
+  # These are overridden by the identity module, but provide safe defaults.
+  home.username = lib.mkDefault "m3tam3re";
+  home.homeDirectory = lib.mkDefault "/home/${config.home.username}";
+}