diff --git a/flake.lock b/flake.lock index 2058aa7d..1448ca8e 100644 --- a/flake.lock +++ b/flake.lock @@ -230,22 +230,6 @@ "type": "github" } }, - "flake-compat_4": { - "flake": false, - "locked": { - "lastModified": 1668681692, - "narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "009399224d5e398d03b22badca40a37ac85412a1", - "type": "github" - }, - "original": { - "owner": "edolstra", - "repo": "flake-compat", - "type": "github" - } - }, "flake-utils": { "locked": { "lastModified": 1642700792, @@ -311,21 +295,6 @@ } }, "flake-utils_4": { - "locked": { - "lastModified": 1667395993, - "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "flake-utils_5": { "locked": { "lastModified": 1653893745, "narHash": "sha256-0jntwV3Z8//YwuOjzhV2sgJJPt+HY6KhU7VZUL0fKZQ=", @@ -546,28 +515,6 @@ "type": "indirect" } }, - "nvfetcher": { - "inputs": { - "flake-compat": "flake-compat_4", - "flake-utils": "flake-utils_4", - "nixpkgs": [ - "nixos" - ] - }, - "locked": { - "lastModified": 1672979485, - "narHash": "sha256-LrY0K1yya3nvRlGDc98wm68ozVj7E6a1EXXEr7eHp8E=", - "owner": "berberman", - "repo": "nvfetcher", - "rev": "0a9ac5fd07b52467d81163b1f8c94c12e5c9aff9", - "type": "github" - }, - "original": { - "owner": "berberman", - "repo": "nvfetcher", - "type": "github" - } - }, "root": { "inputs": { "agenix": "agenix", @@ -583,13 +530,12 @@ "nixos-generators": "nixos-generators", "nixos-hardware": "nixos-hardware", "nur": "nur", - "nvfetcher": "nvfetcher", "triton-vmtools": "triton-vmtools" } }, "triton-vmtools": { "inputs": { - "flake-utils": "flake-utils_5", + "flake-utils": "flake-utils_4", "nixpkgs": [ "nixos" ] diff --git a/flake.nix b/flake.nix index f3d9af49..7d89572d 100644 --- a/flake.nix +++ b/flake.nix @@ -38,8 +38,6 @@ nixos-generators.url = "github:nix-community/nixos-generators"; - nixos-generators.url = "github:nix-community/nixos-generators"; - triton-vmtools.url = "git+https://git.b12f.io/pub-solar/infra?ref=main&dir=vmtools"; triton-vmtools.inputs.nixpkgs.follows = "nixos"; @@ -47,19 +45,19 @@ keycloak-theme-pub-solar.inputs.nixpkgs.follows = "nixos"; }; - outputs = - { self - , digga - , nixos - , home - , nixos-hardware - , nur - , agenix - , deploy - , triton-vmtools - , keycloak-theme-pub-solar - , ... - } @ inputs: + outputs = { + self, + digga, + nixos, + home, + nixos-hardware, + nur, + agenix, + deploy, + triton-vmtools, + keycloak-theme-pub-solar, + ... + } @ inputs: digga.lib.mkFlake { inherit self inputs; @@ -142,31 +140,31 @@ anonymous = [pubsolaros users.pub-solar]; }; }; + }; - home = { - imports = [ (digga.lib.importExportableModules ./users/modules) ]; - modules = [ ]; - importables = rec { - profiles = digga.lib.rakeLeaves ./users/profiles; - suites = with profiles; rec { - base = [ direnv git ]; - }; + home = { + imports = [(digga.lib.importExportableModules ./users/modules)]; + modules = []; + importables = rec { + profiles = digga.lib.rakeLeaves ./users/profiles; + suites = with profiles; rec { + base = [direnv git]; }; - users = { - pub-solar = { suites, ... }: { imports = suites.base; }; - barkeeper = { suites, ... }: { imports = suites.base; }; - }; # digga.lib.importers.rakeLeaves ./users/hm; }; + users = { + pub-solar = {suites, ...}: {imports = suites.base;}; + barkeeper = {suites, ...}: {imports = suites.base;}; + }; # digga.lib.importers.rakeLeaves ./users/hm; + }; - devshell = ./shell; + devshell = ./shell; - homeConfigurations = digga.lib.mkHomeConfigurations self.nixosConfigurations; + homeConfigurations = digga.lib.mkHomeConfigurations self.nixosConfigurations; - deploy.nodes = digga.lib.mkDeployNodes self.nixosConfigurations { - flora-6 = { - sshUser = "barkeeper"; - hostname = "flora-6.pub.solar"; - }; + deploy.nodes = digga.lib.mkDeployNodes self.nixosConfigurations { + flora-6 = { + sshUser = "barkeeper"; + hostname = "flora-6.pub.solar"; }; }; }; diff --git a/hosts/flora-6/caddy.nix b/hosts/flora-6/caddy.nix index 58a64a5b..03bea7e9 100644 --- a/hosts/flora-6/caddy.nix +++ b/hosts/flora-6/caddy.nix @@ -1,10 +1,10 @@ -{ config -, lib -, pkgs -, self -, ... -}: { + config, + lib, + pkgs, + self, + ... +}: { services.caddy = { enable = lib.mkForce true; email = "admins@pub.solar"; @@ -79,8 +79,7 @@ reverse_proxy obs-portal.svc.e5756d08-36fd-424b-f8bc-acdb92ca7b82.lev-1.int.greenbaum.zone:3000 ''; }; - }; }; - networking.firewall.allowedTCPPorts = [ 80 443 ]; + networking.firewall.allowedTCPPorts = [80 443]; } diff --git a/hosts/flora-6/default.nix b/hosts/flora-6/default.nix index 931ec771..98269bfe 100644 --- a/hosts/flora-6/default.nix +++ b/hosts/flora-6/default.nix @@ -1,5 +1,4 @@ -{ ... }: -{ +{...}: { imports = [ ./flora-6.nix ]; diff --git a/hosts/flora-6/flora-6.nix b/hosts/flora-6/flora-6.nix index 6ba08836..5f324077 100644 --- a/hosts/flora-6/flora-6.nix +++ b/hosts/flora-6/flora-6.nix @@ -1,16 +1,15 @@ -{ config -, latestModulesPath -, lib -, inputs -, pkgs -, profiles -, self -, ... -}: -let - psCfg = config.pub-solar; -in { + config, + latestModulesPath, + lib, + inputs, + pkgs, + profiles, + self, + ... +}: let + psCfg = config.pub-solar; +in { imports = [ # Include the results of the hardware scan. ./hardware-configuration.nix @@ -46,11 +45,11 @@ in # Allow sudo without a password for the barkeeper user security.sudo.extraRules = [ { - users = [ "${psCfg.user.name}" ]; + users = ["${psCfg.user.name}"]; commands = [ { command = "ALL"; - options = [ "NOPASSWD" ]; + options = ["NOPASSWD"]; } ]; } @@ -65,7 +64,7 @@ in isSystemUser = true; }; - users.groups.hakkonaut = { }; + users.groups.hakkonaut = {}; # # # # # # Triton host specific options diff --git a/hosts/flora-6/gitea.nix b/hosts/flora-6/gitea.nix index e783c0d5..091be889 100644 --- a/hosts/flora-6/gitea.nix +++ b/hosts/flora-6/gitea.nix @@ -1,10 +1,10 @@ -{ config -, lib -, pkgs -, self -, ... -}: { + config, + lib, + pkgs, + self, + ... +}: { age.secrets.gitea-database-password = { file = "${self}/secrets/gitea-database-password.age"; mode = "600"; diff --git a/hosts/flora-6/hardware-configuration.nix b/hosts/flora-6/hardware-configuration.nix index 5c17d5a0..be3cc858 100644 --- a/hosts/flora-6/hardware-configuration.nix +++ b/hosts/flora-6/hardware-configuration.nix @@ -1,40 +1,41 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: - { - imports = [ ]; + config, + lib, + pkgs, + modulesPath, + ... +}: { + imports = []; - boot.initrd.availableKernelModules = [ "ahci" "virtio_pci" "xhci_pci" "sr_mod" "virtio_blk" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ ]; - boot.extraModulePackages = [ ]; + boot.initrd.availableKernelModules = ["ahci" "virtio_pci" "xhci_pci" "sr_mod" "virtio_blk"]; + boot.initrd.kernelModules = []; + boot.kernelModules = []; + boot.extraModulePackages = []; - fileSystems."/" = - { - device = "/dev/disk/by-label/nixos"; - autoResize = true; - fsType = "ext4"; - }; + fileSystems."/" = { + device = "/dev/disk/by-label/nixos"; + autoResize = true; + fsType = "ext4"; + }; - fileSystems."/boot" = - { - device = "/dev/disk/by-label/boot"; - fsType = "vfat"; - }; + fileSystems."/boot" = { + device = "/dev/disk/by-label/boot"; + fsType = "vfat"; + }; - fileSystems."/data" = - { - device = "/dev/disk/by-label/ephemeral0"; - fsType = "ext4"; - options = [ - "defaults" - "nofail" - ]; - }; + fileSystems."/data" = { + device = "/dev/disk/by-label/ephemeral0"; + fsType = "ext4"; + options = [ + "defaults" + "nofail" + ]; + }; - swapDevices = [ ]; + swapDevices = []; networking.useDHCP = lib.mkDefault false; networking.networkmanager.enable = lib.mkForce false; diff --git a/hosts/flora-6/keycloak.nix b/hosts/flora-6/keycloak.nix index 7f5c9984..14f91bfc 100644 --- a/hosts/flora-6/keycloak.nix +++ b/hosts/flora-6/keycloak.nix @@ -1,11 +1,11 @@ -{ config -, lib -, inputs -, pkgs -, self -, ... -}: { + config, + lib, + inputs, + pkgs, + self, + ... +}: { age.secrets.keycloak-database-password = { file = "${self}/secrets/keycloak-database-password.age"; mode = "700"; diff --git a/hosts/flora-6/triton-vmtools.nix b/hosts/flora-6/triton-vmtools.nix index 4d0896a8..19b838d2 100644 --- a/hosts/flora-6/triton-vmtools.nix +++ b/hosts/flora-6/triton-vmtools.nix @@ -1,5 +1,8 @@ -{ pkgs, inputs, ... }: { + pkgs, + inputs, + ... +}: { environment.systemPackages = with pkgs; [ inputs.triton-vmtools.packages.${pkgs.system}.default ]; diff --git a/modules/core/networking.nix b/modules/core/networking.nix index 564c892b..f5bd201d 100644 --- a/modules/core/networking.nix +++ b/modules/core/networking.nix @@ -1,12 +1,12 @@ -{ config -, pkgs -, lib -, ... +{ + config, + pkgs, + lib, + ... }: with lib; let cfg = config.pub-solar.core; -in -{ +in { options.pub-solar.core = { enableCaddy = mkOption { type = types.bool; @@ -19,12 +19,12 @@ in binaryCaches = mkOption { type = types.listOf types.str; - default = [ ]; + default = []; description = "Binary caches to use."; }; publicKeys = mkOption { type = types.listOf types.str; - default = [ ]; + default = []; description = "Public keys of binary caches."; }; }; @@ -48,10 +48,10 @@ in # These entries get added to /etc/hosts networking.hosts = { "127.0.0.1" = - [ ] - ++ lib.optionals cfg.enableCaddy [ "caddy.local" ] - ++ lib.optionals config.pub-solar.printing.enable [ "cups.local" ] - ++ lib.optionals cfg.enableHelp [ "help.local" ]; + [] + ++ lib.optionals cfg.enableCaddy ["caddy.local"] + ++ lib.optionals config.pub-solar.printing.enable ["cups.local"] + ++ lib.optionals cfg.enableHelp ["help.local"]; }; # Caddy reverse proxy for local services like cups diff --git a/modules/core/nix.nix b/modules/core/nix.nix index cfaa0af1..711304ba 100644 --- a/modules/core/nix.nix +++ b/modules/core/nix.nix @@ -1,8 +1,9 @@ -{ config -, pkgs -, lib -, inputs -, ... +{ + config, + pkgs, + lib, + inputs, + ... }: { nix = { # Use default version alias for nix package @@ -15,9 +16,9 @@ # Prevents impurities in builds sandbox = true; # give root and @wheel special privileges with nix - trusted-users = [ "root" "@wheel" ]; + trusted-users = ["root" "@wheel"]; # This is just a representation of the nix default - system-features = [ "nixos-test" "benchmark" "big-parallel" "kvm" ]; + system-features = ["nixos-test" "benchmark" "big-parallel" "kvm"]; }; # Generally useful nix option defaults extraOptions = '' diff --git a/modules/docker/default.nix b/modules/docker/default.nix index c5071f21..ef733b45 100644 --- a/modules/docker/default.nix +++ b/modules/docker/default.nix @@ -1,13 +1,13 @@ -{ lib -, config -, pkgs -, ... +{ + lib, + config, + pkgs, + ... }: with lib; let psCfg = config.pub-solar; cfg = config.pub-solar.docker; -in -{ +in { options.pub-solar.docker = { enable = mkEnableOption "Life in metal boxes"; }; @@ -15,8 +15,8 @@ in config = mkIf cfg.enable { virtualisation.docker.enable = true; users.users = with pkgs; - pkgs.lib.setAttrByPath [ psCfg.user.name ] { - extraGroups = [ "docker" ]; + pkgs.lib.setAttrByPath [psCfg.user.name] { + extraGroups = ["docker"]; }; environment.systemPackages = with pkgs; [ diff --git a/modules/sway/default.nix b/modules/sway/default.nix index ab25840f..019119bd 100644 --- a/modules/sway/default.nix +++ b/modules/sway/default.nix @@ -1,12 +1,12 @@ -{ lib -, config -, pkgs -, ... +{ + lib, + config, + pkgs, + ... }: with lib; let psCfg = config.pub-solar; -in -{ +in { options.pub-solar.sway = { enable = mkEnableOption "Life in boxes"; @@ -25,8 +25,8 @@ in config = mkIf psCfg.sway.enable (mkMerge [ (mkIf (psCfg.sway.v4l2loopback.enable) { - boot.extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ]; - boot.kernelModules = [ "v4l2loopback" ]; + boot.extraModulePackages = with config.boot.kernelPackages; [v4l2loopback]; + boot.kernelModules = ["v4l2loopback"]; boot.extraModprobeConfig = '' options v4l2loopback exclusive_caps=1 devices=3 ''; @@ -51,13 +51,13 @@ in }; }; }; - extraPortals = with pkgs; [ xdg-desktop-portal-gtk ]; + extraPortals = with pkgs; [xdg-desktop-portal-gtk]; }; services.pipewire.enable = true; home-manager = with pkgs; - pkgs.lib.setAttrByPath [ "users" psCfg.user.name ] { + pkgs.lib.setAttrByPath ["users" psCfg.user.name] { home.packages = with pkgs; [ sway grim @@ -96,12 +96,12 @@ in systemd.user.services.waybar = import ./waybar.service.nix {inherit pkgs psCfg;}; systemd.user.targets.sway-session = import ./sway-session.target.nix {inherit pkgs psCfg;}; - xdg.configFile."sway/config".text = import ./config/config.nix { inherit config pkgs; }; + xdg.configFile."sway/config".text = import ./config/config.nix {inherit config pkgs;}; xdg.configFile."sway/config.d/colorscheme.conf".source = ./config/config.d/colorscheme.conf; xdg.configFile."sway/config.d/theme.conf".source = ./config/config.d/theme.conf; xdg.configFile."sway/config.d/gaps.conf".source = ./config/config.d/gaps.conf; xdg.configFile."sway/config.d/custom-keybindings.conf".source = ./config/config.d/custom-keybindings.conf; - xdg.configFile."sway/config.d/mode_system.conf".text = import ./config/config.d/mode_system.conf.nix { inherit pkgs psCfg; }; + xdg.configFile."sway/config.d/mode_system.conf".text = import ./config/config.d/mode_system.conf.nix {inherit pkgs psCfg;}; xdg.configFile."sway/config.d/applications.conf".source = ./config/config.d/applications.conf; xdg.configFile."sway/config.d/systemd.conf".source = ./config/config.d/systemd.conf; }; diff --git a/modules/terminal-life/default.nix b/modules/terminal-life/default.nix index a214a092..f540790e 100644 --- a/modules/terminal-life/default.nix +++ b/modules/terminal-life/default.nix @@ -40,8 +40,9 @@ in { screen ]; - home-manager = with pkgs; pkgs.lib.setAttrByPath [ "users" psCfg.user.name ] { - home.packages = [ + home-manager = with pkgs; + pkgs.lib.setAttrByPath ["users" psCfg.user.name] { + home.packages = [ ack asciinema bat @@ -54,7 +55,7 @@ in { silver-searcher vifm watson - ]; + ]; programs.neovim = import ./nvim { inherit config; diff --git a/pkgs/lgcl.nix b/pkgs/lgcl.nix index 235fbe5e..73f91124 100644 --- a/pkgs/lgcl.nix +++ b/pkgs/lgcl.nix @@ -1,4 +1,5 @@ -self: with self; let +self: +with self; let looking-glass-client = self.looking-glass-client.overrideAttrs (old: { meta.platforms = ["x86_64-linux" "aarch64-linux"]; }); diff --git a/pkgs/mopidy-jellyfin.nix b/pkgs/mopidy-jellyfin.nix index ec0d64a5..f28f79fc 100644 --- a/pkgs/mopidy-jellyfin.nix +++ b/pkgs/mopidy-jellyfin.nix @@ -1,4 +1,5 @@ -self: with self; let +self: +with self; let websocket-client = python39.pkgs.buildPythonPackage rec { pname = "websocket-client"; version = "1.2.1"; diff --git a/pkgs/uhk-agent.nix b/pkgs/uhk-agent.nix index bccf06db..1293fc4b 100644 --- a/pkgs/uhk-agent.nix +++ b/pkgs/uhk-agent.nix @@ -1,4 +1,5 @@ -self: with self; let +self: +with self; let uhk-agent-bin = stdenv.mkDerivation rec { pname = "uhk-agent-bin"; version = "1.5.14"; diff --git a/profiles/cachix/default.nix b/profiles/cachix/default.nix index 7f8b9740..9b810da7 100644 --- a/profiles/cachix/default.nix +++ b/profiles/cachix/default.nix @@ -1,14 +1,13 @@ -{ pkgs -, lib -, ... -}: -let +{ + pkgs, + lib, + ... +}: let folder = ./.; toImport = name: value: folder + ("/" + name); filterCaches = key: value: value == "regular" && lib.hasSuffix ".nix" key && key != "default.nix"; imports = lib.mapAttrsToList toImport (lib.filterAttrs filterCaches (builtins.readDir folder)); -in -{ +in { inherit imports; - nix.settings.substituters = [ "https://cache.nixos.org/" ]; + nix.settings.substituters = ["https://cache.nixos.org/"]; } diff --git a/secrets/secrets.nix b/secrets/secrets.nix index 74cf761c..1df8061c 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -2,10 +2,9 @@ let # set ssh public keys here for your system and user teutat3s = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHcU6KPy4b1MQXd6EJhcYwbJu7E+0IrBZF/IP6T7gbMf teutat3s@dumpyourvms"; flora-6 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGP1InpTBN4AlF/4V8HHumAMLJzeO8DpzjUv9Co/+J09 root@pub-solar-infra-vm-1"; - allKeys = [ flora-6 teutat3s ]; - deployKeys = [ flora-6 teutat3s ]; -in -{ + allKeys = [flora-6 teutat3s]; + deployKeys = [flora-6 teutat3s]; +in { "gitea-database-password.age".publicKeys = deployKeys; "gitea-mailer-password.age".publicKeys = deployKeys; "keycloak-database-password.age".publicKeys = deployKeys; diff --git a/users/barkeeper/default.nix b/users/barkeeper/default.nix index 003b14ca..6d484d8f 100644 --- a/users/barkeeper/default.nix +++ b/users/barkeeper/default.nix @@ -1,10 +1,14 @@ -{ config, hmUsers, pkgs, lib, ... }: -let - psCfg = config.pub-solar; -in { + config, + hmUsers, + pkgs, + lib, + ... +}: let + psCfg = config.pub-solar; +in { config = { - home-manager.users = { inherit (hmUsers) barkeeper; }; + home-manager.users = {inherit (hmUsers) barkeeper;}; pub-solar = { # These are your personal settings