From 03e5a0ffdaab9b1331ab95ca3e730aaec1d7c151 Mon Sep 17 00:00:00 2001 From: teutat3s Date: Mon, 19 Aug 2024 12:38:46 +0200 Subject: [PATCH] style: format using nixfmt-rfc-style --- default.nix | 25 +- flake.nix | 109 ++-- hosts/PubSolarOS.nix | 10 +- hosts/bootstrap.nix | 21 +- hosts/default.nix | 14 +- hosts/dumpyourvms/default.nix | 3 +- hosts/dumpyourvms/dumpyourvms.nix | 78 +-- hosts/dumpyourvms/hardware-configuration.nix | 17 +- hosts/dumpyourvms/networking.nix | 153 +++--- hosts/fae/default.nix | 3 +- hosts/fae/fae.nix | 16 +- hosts/fae/invoiceplane.nix | 16 +- hosts/fae/paperless.nix | 10 +- hosts/iso/default.nix | 5 +- hosts/powder/default.nix | 7 +- hosts/powder/hardware-configuration.nix | 21 +- hosts/powder/powder.nix | 3 +- hosts/ryzensun/default.nix | 3 +- hosts/ryzensun/hardware-configuration.nix | 24 +- hosts/ryzensun/networking.nix | 96 ++-- hosts/ryzensun/ryzensun.nix | 5 +- lib/compat/default.nix | 28 +- lib/compat/nixos/default.nix | 5 +- lib/default.nix | 28 +- lib/deploy.nix | 15 +- lib/recursive-merge.nix | 16 - modules/acme/default.nix | 3 +- modules/adb/default.nix | 5 +- modules/arduino/default.nix | 5 +- modules/audio/default.nix | 10 +- modules/bluetooth/default.nix | 7 +- modules/core/boot.nix | 5 +- modules/core/default.nix | 11 +- modules/core/hibernation.nix | 7 +- modules/core/networking.nix | 3 +- modules/core/packages.nix | 3 +- modules/crypto/default.nix | 11 +- ...kit-gnome-authentication-agent.service.nix | 8 +- modules/ddclient/default.nix | 82 ++- modules/default.nix | 5 +- modules/desktop-extended/default.nix | 9 +- modules/docker/default.nix | 9 +- modules/email/default.nix | 21 +- modules/gaming/default.nix | 7 +- modules/graphical/default.nix | 20 +- .../network-manager-applet.service.nix | 8 +- .../sway/config/config.d/mode_system.conf.nix | 48 +- modules/graphical/sway/config/config.nix | 7 +- .../graphical/sway/config/wayvnc/config.nix | 6 +- modules/graphical/sway/default.nix | 29 +- modules/graphical/sway/gammastep.service.nix | 13 +- .../sway/libinput-gestures.service.nix | 11 +- modules/graphical/sway/mako.service.nix | 13 +- .../graphical/sway/sway-session.target.nix | 11 +- modules/graphical/sway/sway.service.nix | 11 +- modules/graphical/sway/swayidle.service.nix | 15 +- .../sway/swaynotificationcenter.service.nix | 10 +- modules/graphical/sway/waybar.service.nix | 20 +- modules/graphical/sway/xsettingsd.service.nix | 13 +- modules/graphical/sway/ydotool.service.nix | 11 +- modules/hm-system-defaults.nix | 6 +- modules/invoiceplane/default.nix | 470 ++++++++++-------- modules/nextcloud/default.nix | 3 +- modules/nextcloud/nextcloud.service.nix | 10 +- modules/nix/default.nix | 47 +- modules/office/default.nix | 3 +- modules/printing/default.nix | 12 +- modules/terminal-life/bash/default.nix | 21 +- modules/terminal-life/default.nix | 75 +-- modules/terminal-life/fzf/default.nix | 5 +- modules/terminal-life/nvim/default.nix | 170 ++++--- modules/user/default.nix | 23 +- modules/user/home.nix | 7 +- modules/user/mimeapps.nix | 44 +- modules/user/session-variables.nix | 35 +- modules/virtualisation/default.nix | 11 +- modules/wireguard-client/default.nix | 5 +- overlays/blesh.nix | 8 +- overlays/default.nix | 62 ++- overlays/mdbook-multilang.nix | 12 +- overlays/neovim-plugins.nix | 40 +- overlays/nix-index.nix | 12 +- overlays/prr.nix | 4 +- pkgs/cockroach.nix | 40 +- pkgs/default.nix | 13 +- pkgs/drone-docker-runner.nix | 3 +- pkgs/gpu-switch.nix | 3 +- pkgs/import-gtk-settings.nix | 3 +- pkgs/lgcl.nix | 11 +- pkgs/mailto-mutt.nix | 3 +- pkgs/mopidy-jellyfin.nix | 37 +- pkgs/mu.nix | 3 +- pkgs/notes.nix | 3 +- pkgs/prison-break.nix | 6 +- pkgs/psos-docs.nix | 45 +- pkgs/psos.nix | 3 +- pkgs/record-screen.nix | 3 +- pkgs/s.nix | 3 +- pkgs/scan2paperless.nix | 3 +- pkgs/sway-launcher.nix | 3 +- pkgs/swaylock-bg.nix | 3 +- pkgs/toggle-kbd-layout.nix | 3 +- pkgs/uhk-agent.nix | 48 +- pkgs/wcwd.nix | 3 +- secrets/secrets.nix | 18 +- tests/first-test.nix | 86 ++-- tests/second-test.nix | 16 +- users/nixos/default.nix | 6 +- users/pub-solar/default.nix | 3 +- users/root/default.nix | 2 +- users/teutat3s/concepts-and-training.nix | 3 +- users/teutat3s/default.nix | 10 +- users/teutat3s/home.nix | 9 +- users/teutat3s/mnx.nix | 27 +- users/teutat3s/session-variables.nix | 28 +- 115 files changed, 1506 insertions(+), 1217 deletions(-) delete mode 100644 lib/recursive-merge.nix diff --git a/default.nix b/default.nix index 3d5b5f96..5f258521 100644 --- a/default.nix +++ b/default.nix @@ -8,28 +8,17 @@ let "x86_64-linux" ]; - filterSystems = - lib.filterAttrs - (system: _: lib.elem system ciSystems); + filterSystems = lib.filterAttrs (system: _: lib.elem system ciSystems); recurseIntoAttrsRecursive = lib.mapAttrs ( - _: v: - if lib.isAttrs v - then recurseIntoAttrsRecursive (lib.recurseIntoAttrs v) - else v + _: v: if lib.isAttrs v then recurseIntoAttrsRecursive (lib.recurseIntoAttrs v) else v ); - systemOutputs = - lib.filterAttrs - ( - name: set: - lib.isAttrs set - && lib.any - (system: set ? ${system} && name != "legacyPackages") - ciSystems - ) - default.outputs; + systemOutputs = lib.filterAttrs ( + name: set: + lib.isAttrs set && lib.any (system: set ? ${system} && name != "legacyPackages") ciSystems + ) default.outputs; ciDrvs = lib.mapAttrs (_: system: filterSystems system) systemOutputs; in - (recurseIntoAttrsRecursive ciDrvs) // {shell = import ./shell.nix;} +(recurseIntoAttrsRecursive ciDrvs) // { shell = import ./shell.nix; } diff --git a/flake.nix b/flake.nix index 13939ce1..3a0f7c9e 100644 --- a/flake.nix +++ b/flake.nix @@ -53,7 +53,8 @@ wayland-pipewire-idle-inhibit.inputs.flake-parts.follows = "flake-parts"; }; - outputs = inputs@{ self, ...}: + outputs = + inputs@{ self, ... }: inputs.flake-parts.lib.mkFlake { inherit inputs; } { systems = [ "x86_64-linux" @@ -71,66 +72,74 @@ ./overlays ]; - perSystem = args@{ system, pkgs, config, ... }: { - _module.args = { - inherit inputs; - pkgs = import inputs.nixpkgs { - inherit system; - overlays = [ - inputs.agenix.overlays.default + perSystem = + args@{ + system, + pkgs, + config, + ... + }: + { + _module.args = { + inherit inputs; + pkgs = import inputs.nixpkgs { + inherit system; + overlays = [ inputs.agenix.overlays.default ]; + }; + unstable = import inputs.unstable { inherit system; }; + master = import inputs.master { inherit system; }; + }; + + devShells.default = pkgs.mkShell { + buildInputs = with pkgs; [ + agenix + cachix + deploy-rs + nixd + nixos-generators + nvfetcher + + editorconfig-checker + nodePackages.prettier + shellcheck + shfmt + treefmt ]; }; - unstable = import inputs.unstable { inherit system; }; - master = import inputs.master { inherit system; }; }; - devShells.default = pkgs.mkShell { - buildInputs = with pkgs; [ - agenix - cachix - deploy-rs - nixd - nixos-generators - nvfetcher - - editorconfig-checker - nodePackages.prettier - shellcheck - shfmt - treefmt - ]; - }; - }; - flake = { formatter."x86_64-linux" = inputs.unstable.legacyPackages."x86_64-linux".nixfmt-rfc-style; deploy.nodes = self.lib.deploy.mkDeployNodes self.nixosConfigurations { - #example = { - # hostname = "example.com:22"; - # sshUser = "bartender"; - # fastConnect = true; - # profilesOrder = ["system" "direnv"]; - # profiles.direnv = { - # user = "bartender"; - # path = self.pkgs.x86_64-linux.nixos.deploy-rs.lib.x86_64-linux.activate.home-manager self.homeConfigurationsPortable.x86_64-linux.bartender; - # }; - #}; + #example = { + # hostname = "example.com:22"; + # sshUser = "bartender"; + # fastConnect = true; + # profilesOrder = ["system" "direnv"]; + # profiles.direnv = { + # user = "bartender"; + # path = self.pkgs.x86_64-linux.nixos.deploy-rs.lib.x86_64-linux.activate.home-manager self.homeConfigurationsPortable.x86_64-linux.bartender; + # }; + #}; - fae = { - hostname = "192.168.13.35"; - sshUser = "pub-solar"; - }; - powder = { - hostname = "80.71.153.194"; - sshUser = "root"; - profilesOrder = ["system" "direnv"]; - profiles.direnv = { - user = "pub-solar"; - path = self.pkgs.x86_64-linux.nixos.deploy-rs.lib.x86_64-linux.activate.home-manager self.homeConfigurationsPortable.x86_64-linux.pub-solar; + fae = { + hostname = "192.168.13.35"; + sshUser = "pub-solar"; + }; + powder = { + hostname = "80.71.153.194"; + sshUser = "root"; + profilesOrder = [ + "system" + "direnv" + ]; + profiles.direnv = { + user = "pub-solar"; + path = self.pkgs.x86_64-linux.nixos.deploy-rs.lib.x86_64-linux.activate.home-manager self.homeConfigurationsPortable.x86_64-linux.pub-solar; + }; }; }; }; }; - }; } diff --git a/hosts/PubSolarOS.nix b/hosts/PubSolarOS.nix index da0375cd..311a0072 100644 --- a/hosts/PubSolarOS.nix +++ b/hosts/PubSolarOS.nix @@ -1,15 +1,17 @@ -{suites, ...}: { +{ suites, ... }: +{ ### root password is empty by default ### ### default password: pub-solar, optional: add your SSH keys - imports = - suites.iso; + imports = suites.iso; boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; networking.networkmanager.enable = true; - fileSystems."/" = {device = "/dev/disk/by-label/nixos";}; + fileSystems."/" = { + device = "/dev/disk/by-label/nixos"; + }; # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions diff --git a/hosts/bootstrap.nix b/hosts/bootstrap.nix index b1841c47..5441ec6d 100644 --- a/hosts/bootstrap.nix +++ b/hosts/bootstrap.nix @@ -10,15 +10,16 @@ let # Gets hostname of host to be bundled inside iso # Copied from https://github.com/divnix/digga/blob/30ffa0b02272dc56c94fd3c7d8a5a0f07ca197bf/modules/bootstrap-iso.nix#L3-L11 - getFqdn = config: let - net = config.networking; - fqdn = - if (net ? domain) && (net.domain != null) - then "${net.hostName}.${net.domain}" - else net.hostName; - in + getFqdn = + config: + let + net = config.networking; + fqdn = + if (net ? domain) && (net.domain != null) then "${net.hostName}.${net.domain}" else net.hostName; + in fqdn; -in { +in +{ # build with: `nix build ".#nixosConfigurations.bootstrap.config.system.build.isoImage"` imports = [ # profiles.networking @@ -33,7 +34,9 @@ in { boot.loader.systemd-boot.enable = true; # will be overridden by the bootstrapIso instrumentation - fileSystems."/" = {device = "/dev/disk/by-label/nixos";}; + fileSystems."/" = { + device = "/dev/disk/by-label/nixos"; + }; system.nixos.label = "PubSolarOS-" + config.system.nixos.version; diff --git a/hosts/default.nix b/hosts/default.nix index 399768e2..e71a5c50 100644 --- a/hosts/default.nix +++ b/hosts/default.nix @@ -1,4 +1,9 @@ -{ withSystem, self, inputs, ...}: +{ + withSystem, + self, + inputs, + ... +}: { flake = { nixosConfigurations = { @@ -91,7 +96,12 @@ self.nixosModules.graphical self.nixosModules.audio self.nixosModules.bluetooth - ({ ... }: { pub-solar.graphical.wayland.software-renderer.enable = true; }) + ( + { ... }: + { + pub-solar.graphical.wayland.software-renderer.enable = true; + } + ) ]; }; }; diff --git a/hosts/dumpyourvms/default.nix b/hosts/dumpyourvms/default.nix index 9d4cb903..2ed7fd5b 100644 --- a/hosts/dumpyourvms/default.nix +++ b/hosts/dumpyourvms/default.nix @@ -1,4 +1,5 @@ -{ ... }: { +{ ... }: +{ imports = [ ./dumpyourvms.nix ./hardware-configuration.nix diff --git a/hosts/dumpyourvms/dumpyourvms.nix b/hosts/dumpyourvms/dumpyourvms.nix index b85a246f..1c94a33a 100644 --- a/hosts/dumpyourvms/dumpyourvms.nix +++ b/hosts/dumpyourvms/dumpyourvms.nix @@ -7,7 +7,8 @@ let psCfg = config.pub-solar; xdg = config.home-manager.users."${psCfg.user.name}".xdg; -in { +in +{ pub-solar = { terminal-life.full = true; core.hibernation = { @@ -23,13 +24,19 @@ in { # Explicitly set amdgpu support in place of radeon # Source: https://github.com/NixOS/nixos-hardware/blob/master/common/gpu/amd/southern-islands/default.nix # Try again after https://lists.freedesktop.org/archives/amd-gfx/2023-March/090096.html lands - boot.kernelParams = ["acpi_backlight=video" "hid_apple.fnmode=2" "intel_pstate=passive" "radeon.si_support=0" "amdgpu.si_support=1"]; + boot.kernelParams = [ + "acpi_backlight=video" + "hid_apple.fnmode=2" + "intel_pstate=passive" + "radeon.si_support=0" + "amdgpu.si_support=1" + ]; boot.loader.efi.canTouchEfiVariables = true; # Fix for Error switching console mode to 1: unsupported on startup boot.loader.systemd-boot.consoleMode = lib.mkForce "0"; - boot.binfmt.emulatedSystems = ["aarch64-linux"]; + boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; systemd.sleep.extraConfig = '' HibernateMode=shutdown @@ -39,8 +46,8 @@ in { cpu.intel.updateMicrocode = true; facetimehd.enable = true; opengl = { - extraPackages = with pkgs; [intel-vaapi-driver]; # i7-4870HQ older hardware like haswell (crystall well) - extraPackages32 = with pkgs.pkgsi686Linux; [intel-vaapi-driver]; + extraPackages = with pkgs; [ intel-vaapi-driver ]; # i7-4870HQ older hardware like haswell (crystall well) + extraPackages32 = with pkgs.pkgsi686Linux; [ intel-vaapi-driver ]; }; }; @@ -66,15 +73,15 @@ in { #programs.droidcam.enable = true; #services.mozillavpn.enable = true; - security.pki.certificateFiles = [./consul-agent-ca.pem]; + security.pki.certificateFiles = [ ./consul-agent-ca.pem ]; # Power off dedicated GPU, use only integrated Intel GPU to save battery # https://github.com/NixOS/nixpkgs/pull/33915 # https://ubuntuforums.org/showthread.php?t=2409856 systemd.services."amd-hybrid-graphics-power-save" = { - path = [pkgs.bash]; + path = [ pkgs.bash ]; description = "Power Off dedicated AMD Card to reduce power usage"; - requires = ["sys-kernel-debug.mount"]; + requires = [ "sys-kernel-debug.mount" ]; enable = true; serviceConfig = { Type = "oneshot"; @@ -82,14 +89,14 @@ in { ExecStart = "${pkgs.bash}/bin/sh -c 'sleep 7 && if grep --quiet 'IGD:+' /sys/kernel/debug/vgaswitcheroo/switch; then echo -e \"IGD\\nOFF\" > /sys/kernel/debug/vgaswitcheroo/switch; fi'"; ExecStop = "${pkgs.bash}/bin/sh -c 'echo ON >/sys/kernel/debug/vgaswitcheroo/switch'"; }; - wantedBy = ["multi-user.target"]; + wantedBy = [ "multi-user.target" ]; }; # Increase console font size for HiDPI display console = { earlySetup = true; font = lib.mkForce "ter-i32b"; - packages = [pkgs.terminus_font]; + packages = [ pkgs.terminus_font ]; }; # Thunderbolt tools @@ -113,24 +120,22 @@ in { # to be powered on. powerUpCommands = lib.mkBefore ( "${pkgs.kmod}/bin/modprobe brcmfmac" - + lib.optionalString - (lib.versionAtLeast config.boot.kernelPackages.kernel.version "6.2") " brcmfmac_wcc" + + lib.optionalString (lib.versionAtLeast config.boot.kernelPackages.kernel.version "6.2") " brcmfmac_wcc" ); powerDownCommands = lib.mkBefore ( - lib.optionalString - (lib.versionAtLeast config.boot.kernelPackages.kernel.version "6.2") - "${pkgs.kmod}/bin/rmmod brcmfmac_wcc\n" + lib.optionalString (lib.versionAtLeast config.boot.kernelPackages.kernel.version "6.2") "${pkgs.kmod}/bin/rmmod brcmfmac_wcc\n" + '' ${pkgs.kmod}/bin/rmmod brcmfmac ${pkgs.systemd}/bin/systemctl stop amd-hybrid-graphics-power-save.service '' ); resumeCommands = - if config.systemd.services."amd-hybrid-graphics-power-save".enable == true - then '' - ${pkgs.systemd}/bin/systemctl start amd-hybrid-graphics-power-save.service - '' - else ""; + if config.systemd.services."amd-hybrid-graphics-power-save".enable == true then + '' + ${pkgs.systemd}/bin/systemctl start amd-hybrid-graphics-power-save.service + '' + else + ""; }; # Change lid switch behaviour @@ -150,23 +155,28 @@ in { services.udev.extraRules = # Disable XHC1 wakeup signal to avoid resume getting triggered some time # after suspend. Reboot required for this to take effect. - lib.optionalString - (lib.versionAtLeast config.boot.kernelPackages.kernel.version "3.13") - ''SUBSYSTEM=="pci", KERNEL=="0000:00:14.0", ATTR{power/wakeup}="disabled"''; + lib.optionalString (lib.versionAtLeast config.boot.kernelPackages.kernel.version "3.13") + ''SUBSYSTEM=="pci", KERNEL=="0000:00:14.0", ATTR{power/wakeup}="disabled"''; - home-manager = pkgs.lib.setAttrByPath ["users" psCfg.user.name] { - # Custom device sway configs - xdg.configFile = { - "sway/config.d/10-applications.conf".source = ./.config/sway/config.d/applications.conf; - "sway/config.d/autostart.conf".source = ./.config/sway/config.d/autostart.conf; - "sway/config.d/10-custom-keybindings.conf".source = ./.config/sway/config.d/custom-keybindings.conf; - "sway/config.d/input-defaults.conf".source = ./.config/sway/config.d/input-defaults.conf; - "sway/config.d/screens.conf".source = ./.config/sway/config.d/screens.conf; - }; - }; + home-manager = + pkgs.lib.setAttrByPath + [ + "users" + psCfg.user.name + ] + { + # Custom device sway configs + xdg.configFile = { + "sway/config.d/10-applications.conf".source = ./.config/sway/config.d/applications.conf; + "sway/config.d/autostart.conf".source = ./.config/sway/config.d/autostart.conf; + "sway/config.d/10-custom-keybindings.conf".source = ./.config/sway/config.d/custom-keybindings.conf; + "sway/config.d/input-defaults.conf".source = ./.config/sway/config.d/input-defaults.conf; + "sway/config.d/screens.conf".source = ./.config/sway/config.d/screens.conf; + }; + }; # WLAN frequency compliance (e.g. check for radar with DFS) - hardware.firmware = with pkgs; [wireless-regdb]; + hardware.firmware = with pkgs; [ wireless-regdb ]; boot.extraModprobeConfig = '' options cfg80211 ieee80211_regdom="DE" diff --git a/hosts/dumpyourvms/hardware-configuration.nix b/hosts/dumpyourvms/hardware-configuration.nix index caa04640..fc7194b2 100644 --- a/hosts/dumpyourvms/hardware-configuration.nix +++ b/hosts/dumpyourvms/hardware-configuration.nix @@ -7,16 +7,23 @@ pkgs, modulesPath, ... -}: { +}: +{ imports = [ #(modulesPath + "/hardware/network/broadcom-43xx.nix") (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = ["xhci_pci" "nvme" "usbhid" "usb_storage" "sd_mod"]; - boot.initrd.kernelModules = []; - boot.kernelModules = ["kvm-intel"]; - boot.extraModulePackages = []; + boot.initrd.availableKernelModules = [ + "xhci_pci" + "nvme" + "usbhid" + "usb_storage" + "sd_mod" + ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; fileSystems."/" = { device = "/dev/disk/by-uuid/17bbb016-d27c-47da-8805-58c6395891e8"; diff --git a/hosts/dumpyourvms/networking.nix b/hosts/dumpyourvms/networking.nix index 131fb94d..f808792f 100644 --- a/hosts/dumpyourvms/networking.nix +++ b/hosts/dumpyourvms/networking.nix @@ -1,8 +1,4 @@ -{ - pkgs, - lib, - ... -}: +{ pkgs, lib, ... }: { systemd.services.wg-quick-wg5.serviceConfig.Type = lib.mkForce "simple"; systemd.services.wg-quick-wg5.serviceConfig.Restart = "on-failure"; @@ -16,48 +12,61 @@ #]; hosts = { - "10.0.0.42" = ["nomad.service.consul" "nomad.service.cgn-1.consul"]; - "10.0.0.66" = ["consul.service.cgn-1.consul"]; - "10.0.1.9" = ["consul.service.lev-1.consul"]; - "10.0.0.70" = ["vault.service.consul" "vault.service.cgn-1.consul"]; - "10.0.0.200" = ["headnode.cgn-1"]; - "10.0.0.201" = ["cn01.cgn-1"]; - "10.0.0.202" = ["cn02.cgn-1"]; - "10.0.0.205" = ["cn05.cgn-1"]; - "10.0.0.206" = ["cn06.cgn-1"]; - "10.0.0.207" = ["cn07.cgn-1"]; - "10.0.0.208" = ["cn08.cgn-1"]; - "10.0.1.200" = ["headnode.lev-1"]; - "10.0.1.201" = ["cn01.lev-1"]; - "10.0.1.202" = ["cn02.lev-1"]; - "10.0.1.203" = ["cn03.lev-1"]; - "10.0.1.204" = ["cn04.lev-1"]; - "10.0.1.205" = ["cn05.lev-1"]; - "10.0.1.206" = ["cn00.lev-1"]; - "10.0.1.207" = ["cn06.lev-1"]; - "10.0.1.208" = ["cn07.lev-1"]; - "10.101.64.10" = ["wifi.bahn.de"]; - "80.71.153.29" = ["eu-central.manta.greenbaum.cloud"]; - "85.88.23.37" = ["git.greenbaum.cloud"]; - "10.0.1.17" = ["drone.greenbaum.cloud"]; - "10.0.1.2" = ["lev-1.adminui.greenbaum.cloud"]; - "80.71.153.10" = ["lev-1.api.greenbaum.cloud"]; - "80.71.153.12" = ["lev-1.docker.greenbaum.cloud"]; - "80.71.153.56" = ["lev-1.monitor.greenbaum.cloud"]; - "192.168.13.25" = ["ryzensun.local" "cloudapi.coal-1.mnx.io"]; + "10.0.0.42" = [ + "nomad.service.consul" + "nomad.service.cgn-1.consul" + ]; + "10.0.0.66" = [ "consul.service.cgn-1.consul" ]; + "10.0.1.9" = [ "consul.service.lev-1.consul" ]; + "10.0.0.70" = [ + "vault.service.consul" + "vault.service.cgn-1.consul" + ]; + "10.0.0.200" = [ "headnode.cgn-1" ]; + "10.0.0.201" = [ "cn01.cgn-1" ]; + "10.0.0.202" = [ "cn02.cgn-1" ]; + "10.0.0.205" = [ "cn05.cgn-1" ]; + "10.0.0.206" = [ "cn06.cgn-1" ]; + "10.0.0.207" = [ "cn07.cgn-1" ]; + "10.0.0.208" = [ "cn08.cgn-1" ]; + "10.0.1.200" = [ "headnode.lev-1" ]; + "10.0.1.201" = [ "cn01.lev-1" ]; + "10.0.1.202" = [ "cn02.lev-1" ]; + "10.0.1.203" = [ "cn03.lev-1" ]; + "10.0.1.204" = [ "cn04.lev-1" ]; + "10.0.1.205" = [ "cn05.lev-1" ]; + "10.0.1.206" = [ "cn00.lev-1" ]; + "10.0.1.207" = [ "cn06.lev-1" ]; + "10.0.1.208" = [ "cn07.lev-1" ]; + "10.101.64.10" = [ "wifi.bahn.de" ]; + "80.71.153.29" = [ "eu-central.manta.greenbaum.cloud" ]; + "85.88.23.37" = [ "git.greenbaum.cloud" ]; + "10.0.1.17" = [ "drone.greenbaum.cloud" ]; + "10.0.1.2" = [ "lev-1.adminui.greenbaum.cloud" ]; + "80.71.153.10" = [ "lev-1.api.greenbaum.cloud" ]; + "80.71.153.12" = [ "lev-1.docker.greenbaum.cloud" ]; + "80.71.153.56" = [ "lev-1.monitor.greenbaum.cloud" ]; + "192.168.13.25" = [ + "ryzensun.local" + "cloudapi.coal-1.mnx.io" + ]; }; wireguard.enable = true; wg-quick.interfaces = { wg0 = { autostart = false; - address = ["10.8.8.6/32"]; + address = [ "10.8.8.6/32" ]; privateKeyFile = "/etc/wireguard/wg0.privatekey"; peers = [ { publicKey = "l0DJLicCrcrixNP6zAWTXNSEaNM2jML253BXEZ1KpiU="; - allowedIPs = ["10.8.8.16/32" "10.0.0.0/24" "10.88.88.0/24"]; + allowedIPs = [ + "10.8.8.16/32" + "10.0.0.0/24" + "10.88.88.0/24" + ]; endpoint = "85.88.23.16:51820"; persistentKeepalive = 25; } @@ -65,13 +74,13 @@ }; wg1 = { autostart = false; - address = ["192.168.188.203/24"]; + address = [ "192.168.188.203/24" ]; privateKeyFile = "/etc/wireguard/wg1.privatekey"; peers = [ { publicKey = "iZkgeA/mFxBRclCa5SJYdqffClly/uho5krebcUloCY="; - allowedIPs = ["192.168.188.0/24"]; + allowedIPs = [ "192.168.188.0/24" ]; presharedKeyFile = "/etc/wireguard/wg1.presharedkey"; #endpoint = "85.214.70.91:50163"; #endpoint = "7gwzft61sc8txc4r.myfritz.net:50163"; @@ -81,21 +90,24 @@ ]; }; wg2 = { - address = ["10.6.6.4/32"]; + address = [ "10.6.6.4/32" ]; privateKeyFile = "/etc/wireguard/wg2.privatekey"; peers = [ { publicKey = "nYMmaCIW8lZ7SokivN8HXxYDch+SS1G7ab1SC9meDAw="; presharedKeyFile = "/etc/wireguard/wg2.presharedkey"; - allowedIPs = ["10.6.6.1/32" "10.1.1.0/24"]; + allowedIPs = [ + "10.6.6.1/32" + "10.1.1.0/24" + ]; endpoint = "85.88.23.127:51820"; persistentKeepalive = 16; } ]; }; wg3 = { - address = ["10.11.11.2/32"]; + address = [ "10.11.11.2/32" ]; privateKeyFile = "/etc/wireguard/wg3.privatekey"; mtu = 1300; @@ -103,14 +115,18 @@ { publicKey = "7RRgfZSneqAtAHBeI6+aaYLqz9e1jikg/lIK8mhW928="; presharedKeyFile = "/etc/wireguard/wg3.presharedkey"; - allowedIPs = ["10.11.11.0/24" "192.168.1.0/24" "10.0.1.0/24"]; + allowedIPs = [ + "10.11.11.0/24" + "192.168.1.0/24" + "10.0.1.0/24" + ]; endpoint = "80.71.153.1:51820"; persistentKeepalive = 16; } ]; }; wg4 = { - address = ["fdaa:1:3234:a7b:16a9:0:a:202/120"]; + address = [ "fdaa:1:3234:a7b:16a9:0:a:202/120" ]; privateKeyFile = "/etc/wireguard/wg4.privatekey"; postUp = "resolvectl dns wg4 fdaa:1:3234::3; resolvectl domain wg4 ~internal"; preDown = "resolvectl revert wg4"; @@ -121,7 +137,7 @@ peers = [ { publicKey = "yUyg63j5+17YeJ7gRhxoQuF6rvdX0JF59M6skytJFTQ="; - allowedIPs = ["fdaa:1:3234::/48"]; + allowedIPs = [ "fdaa:1:3234::/48" ]; #endpoint = "ams1.gateway.6pn.dev:51820"; endpoint = "176.58.93.206:51820"; persistentKeepalive = 15; @@ -130,7 +146,7 @@ }; wg5 = { autostart = false; - address = ["192.168.13.201/24"]; + address = [ "192.168.13.201/24" ]; privateKeyFile = "/etc/wireguard/wg5.privatekey"; postUp = "resolvectl dnsovertls wg5 no; resolvectl dns wg5 192.168.13.1; resolvectl domain wg5 ~fritz.box"; preDown = "resolvectl revert wg5"; @@ -147,33 +163,52 @@ ]; }; wg6 = { - address = ["10.7.6.201/32" "fd00:fae:fae:fae:fae:201::/96"]; + address = [ + "10.7.6.201/32" + "fd00:fae:fae:fae:fae:201::/96" + ]; privateKeyFile = "/etc/wireguard/wg6.privatekey"; peers = [ - { # nachtigall.pub.solar + { + # nachtigall.pub.solar publicKey = "qzNywKY9RvqTnDO8eLik75/SHveaSk9OObilDzv+xkk="; - allowedIPs = [ "10.7.6.1/32" "fd00:fae:fae:fae:fae:1::/96" ]; + allowedIPs = [ + "10.7.6.1/32" + "fd00:fae:fae:fae:fae:1::/96" + ]; #endpoint = "138.201.80.102:51820"; endpoint = "[2a01:4f8:172:1c25::1]:51820"; persistentKeepalive = 15; } - { # flora-6.pub.solar + { + # flora-6.pub.solar publicKey = "jtSR5G2P/nm9s8WrVc26Xc/SQLupRxyXE+5eIeqlsTU="; - allowedIPs = [ "10.7.6.2/32" "fd00:fae:fae:fae:fae:2::/96" ]; + allowedIPs = [ + "10.7.6.2/32" + "fd00:fae:fae:fae:fae:2::/96" + ]; endpoint = "80.71.153.210:51820"; persistentKeepalive = 15; } - { # metronom.pub.solar + { + # metronom.pub.solar publicKey = "zOSYGO7MfnOOUnzaTcWiKRQM0qqxR3JQrwx/gtEtHmo="; - allowedIPs = [ "10.7.6.3/32" "fd00:fae:fae:fae:fae:3::/96" ]; + allowedIPs = [ + "10.7.6.3/32" + "fd00:fae:fae:fae:fae:3::/96" + ]; endpoint = "49.13.236.167:51820"; #endpoint = "[2a01:4f8:c2c:7082::]:51820"; persistentKeepalive = 15; } - { # tankstelle.pub.solar + { + # tankstelle.pub.solar publicKey = "iRTlY1lB7nPXf2eXzX8ZZDkfMmXyGjff5/joccbP8Cg="; - allowedIPs = [ "10.7.6.4/32" "fd00:fae:fae:fae:fae:4::/96" ]; + allowedIPs = [ + "10.7.6.4/32" + "fd00:fae:fae:fae:fae:4::/96" + ]; #endpoint = "80.244.242.5:51820"; endpoint = "[2001:4d88:1ffa:26::5]:51820"; persistentKeepalive = 15; @@ -183,7 +218,10 @@ # mozillavpn moz0 = { autostart = false; - address = ["10.142.131.196/32" "fc00:bbbb:bbbb:bb01:d:0:e:83c4/128"]; + address = [ + "10.142.131.196/32" + "fc00:bbbb:bbbb:bb01:d:0:e:83c4/128" + ]; privateKeyFile = "/etc/wireguard/moz0.privatekey"; #postUp = "resolvectl dns wg4 fdaa:1:3234::3; resolvectl domain wg4 ~internal"; #preDown = "resolvectl revert wg4"; @@ -194,7 +232,10 @@ peers = [ { publicKey = "ku1NYeOAGbY65YL/JKZhrqVzDJKXQiVj9USXbfkOBA0="; - allowedIPs = ["0.0.0.0/0" "::/0"]; + allowedIPs = [ + "0.0.0.0/0" + "::/0" + ]; endpoint = "185.254.75.3:36294"; } ]; diff --git a/hosts/fae/default.nix b/hosts/fae/default.nix index 365767ff..b6fc66d7 100644 --- a/hosts/fae/default.nix +++ b/hosts/fae/default.nix @@ -1,4 +1,5 @@ -{...}: { +{ ... }: +{ imports = [ ./paperless.nix ./invoiceplane.nix diff --git a/hosts/fae/fae.nix b/hosts/fae/fae.nix index b2d1eebf..55129be9 100644 --- a/hosts/fae/fae.nix +++ b/hosts/fae/fae.nix @@ -3,7 +3,8 @@ lib, pkgs, ... -}: { +}: +{ config = { pub-solar.core.disk-encryption-active = false; @@ -11,7 +12,7 @@ "/" = { device = "/dev/disk/by-label/NIXOS_SD"; fsType = "ext4"; - options = ["noatime"]; + options = [ "noatime" ]; }; }; @@ -23,9 +24,7 @@ allowSFTP = true; }; - boot.kernelParams = [ - "boot.shell_on_fail=1" - ]; + boot.kernelParams = [ "boot.shell_on_fail=1" ]; # Would decrease closure size, but currenly broken (cairo) #environment.noXlibs = true; @@ -38,8 +37,11 @@ settings = { auto-optimise-store = true; sandbox = true; - allowed-users = ["@wheel"]; - trusted-users = ["root" "@wheel"]; + allowed-users = [ "@wheel" ]; + trusted-users = [ + "root" + "@wheel" + ]; }; extraOptions = '' diff --git a/hosts/fae/invoiceplane.nix b/hosts/fae/invoiceplane.nix index 0664ec58..206c0bb9 100644 --- a/hosts/fae/invoiceplane.nix +++ b/hosts/fae/invoiceplane.nix @@ -4,13 +4,15 @@ pkgs, lib, ... -}: let +}: +let psCfg = config.pub-solar; xdg = config.home-manager.users."${psCfg.user.name}".xdg; backupDir = "/var/lib/invoiceplane/backup"; -in { +in +{ security.acme.certs = { - "billing.faenix.eu" = {}; + "billing.faenix.eu" = { }; }; services.nginx.virtualHosts = { @@ -25,7 +27,9 @@ in { sites."billing.faenix.eu" = { enable = true; - invoiceTemplates = [ flake.self.inputs.invoiceplane-template.packages.${pkgs.system}.invoiceplane-template ]; + invoiceTemplates = [ + flake.self.inputs.invoiceplane-template.packages.${pkgs.system}.invoiceplane-template + ]; settings = { IP_URL = "https://billing.faenix.eu"; @@ -49,9 +53,7 @@ in { }; }; - systemd.tmpfiles.rules = [ - "d '${backupDir}' 0700 root root - -" - ]; + systemd.tmpfiles.rules = [ "d '${backupDir}' 0700 root root - -" ]; #services.restic.backups = { # invoiceplane = { diff --git a/hosts/fae/paperless.nix b/hosts/fae/paperless.nix index 3d0594c5..408c43bd 100644 --- a/hosts/fae/paperless.nix +++ b/hosts/fae/paperless.nix @@ -13,7 +13,8 @@ let backupDir = "${xdg.dataHome}/PaperlessBackup"; consumptionDir = "/home/${psCfg.user.name}/.local/share/scandir"; -in { +in +{ services.paperless = { enable = true; user = psCfg.user.name; @@ -43,7 +44,7 @@ in { }; security.acme.certs = { - "paperless.faenix.eu" = {}; + "paperless.faenix.eu" = { }; }; services.nginx = { @@ -81,7 +82,10 @@ in { # }; #}; - networking.firewall.allowedTCPPorts = [ 80 443 ]; + networking.firewall.allowedTCPPorts = [ + 80 + 443 + ]; systemd.tmpfiles.rules = [ "d /home/${psCfg.user.name}/.local 0700 ${psCfg.user.name} users - -" diff --git a/hosts/iso/default.nix b/hosts/iso/default.nix index 6ccfabc7..32659a58 100644 --- a/hosts/iso/default.nix +++ b/hosts/iso/default.nix @@ -1,8 +1,5 @@ +{ pkgs, lib, ... }: { - pkgs, - lib, - ... -}: { pub-solar.core.disk-encryption-active = false; isoImage.squashfsCompression = "gzip -Xcompression-level 1"; systemd.services.sshd.wantedBy = lib.mkForce [ "multi-user.target" ]; diff --git a/hosts/powder/default.nix b/hosts/powder/default.nix index 7259003f..dc9df535 100644 --- a/hosts/powder/default.nix +++ b/hosts/powder/default.nix @@ -1,5 +1,4 @@ -{...}: { - imports = [ - ./powder.nix - ]; +{ ... }: +{ + imports = [ ./powder.nix ]; } diff --git a/hosts/powder/hardware-configuration.nix b/hosts/powder/hardware-configuration.nix index 958cffda..bd11df91 100644 --- a/hosts/powder/hardware-configuration.nix +++ b/hosts/powder/hardware-configuration.nix @@ -7,13 +7,20 @@ pkgs, modulesPath, ... -}: { - imports = []; +}: +{ + imports = [ ]; - boot.initrd.availableKernelModules = ["ahci" "virtio_pci" "xhci_pci" "sr_mod" "virtio_blk"]; - boot.initrd.kernelModules = []; - boot.kernelModules = []; - boot.extraModulePackages = []; + boot.initrd.availableKernelModules = [ + "ahci" + "virtio_pci" + "xhci_pci" + "sr_mod" + "virtio_blk" + ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ ]; + boot.extraModulePackages = [ ]; fileSystems."/" = { device = "/dev/disk/by-label/nixos"; @@ -35,7 +42,7 @@ ]; }; - swapDevices = []; + swapDevices = [ ]; networking.useDHCP = lib.mkDefault false; diff --git a/hosts/powder/powder.nix b/hosts/powder/powder.nix index f94467f3..13658d2e 100644 --- a/hosts/powder/powder.nix +++ b/hosts/powder/powder.nix @@ -5,7 +5,8 @@ pkgs, profiles, ... -}: { +}: +{ imports = [ # Include the results of the hardware scan. ./hardware-configuration.nix diff --git a/hosts/ryzensun/default.nix b/hosts/ryzensun/default.nix index dbcb87cb..e103848d 100644 --- a/hosts/ryzensun/default.nix +++ b/hosts/ryzensun/default.nix @@ -1,4 +1,5 @@ -{ ... }: { +{ ... }: +{ imports = [ ./ryzensun.nix ./hardware-configuration.nix diff --git a/hosts/ryzensun/hardware-configuration.nix b/hosts/ryzensun/hardware-configuration.nix index dcbd9969..da7266bb 100644 --- a/hosts/ryzensun/hardware-configuration.nix +++ b/hosts/ryzensun/hardware-configuration.nix @@ -7,15 +7,21 @@ pkgs, modulesPath, ... -}: { - imports = [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; +}: +{ + imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "ahci" "usbhid" "sd_mod" "sr_mod"]; - boot.initrd.kernelModules = []; - boot.kernelModules = ["kvm-amd"]; - boot.extraModulePackages = []; + boot.initrd.availableKernelModules = [ + "nvme" + "xhci_pci" + "ahci" + "usbhid" + "sd_mod" + "sr_mod" + ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-amd" ]; + boot.extraModulePackages = [ ]; fileSystems."/" = { device = "/dev/disk/by-uuid/bad2e49e-c8e7-4516-a6f8-77db999d12b0"; @@ -29,5 +35,5 @@ fsType = "vfat"; }; - swapDevices = []; + swapDevices = [ ]; } diff --git a/hosts/ryzensun/networking.nix b/hosts/ryzensun/networking.nix index 0818ee31..5db54bd0 100644 --- a/hosts/ryzensun/networking.nix +++ b/hosts/ryzensun/networking.nix @@ -1,26 +1,32 @@ { networking = { hosts = { - "10.0.0.42" = ["nomad.service.consul" "nomad.service.cgn-1.consul"]; - "10.0.0.66" = ["consul.service.cgn-1.consul"]; - "10.0.1.9" = ["consul.service.lev-1.consul"]; - "10.0.0.70" = ["vault.service.consul" "vault.service.cgn-1.consul"]; - "10.0.0.200" = ["headnode.cgn-1"]; - "10.0.0.201" = ["cn01.cgn-1"]; - "10.0.0.202" = ["cn02.cgn-1"]; - "10.0.0.205" = ["cn05.cgn-1"]; - "10.0.0.206" = ["cn06.cgn-1"]; - "10.0.0.207" = ["cn07.cgn-1"]; - "10.0.0.208" = ["cn08.cgn-1"]; - "10.0.1.200" = ["headnode.lev-1"]; - "10.0.1.201" = ["cn01.lev-1"]; - "10.0.1.202" = ["cn02.lev-1"]; - "10.0.1.203" = ["cn03.lev-1"]; - "10.0.1.204" = ["cn04.lev-1"]; - "10.0.1.205" = ["cn05.lev-1"]; - "10.0.1.206" = ["cn00.lev-1"]; - "10.0.1.207" = ["cn06.lev-1"]; - "10.0.1.208" = ["cn07.lev-1"]; + "10.0.0.42" = [ + "nomad.service.consul" + "nomad.service.cgn-1.consul" + ]; + "10.0.0.66" = [ "consul.service.cgn-1.consul" ]; + "10.0.1.9" = [ "consul.service.lev-1.consul" ]; + "10.0.0.70" = [ + "vault.service.consul" + "vault.service.cgn-1.consul" + ]; + "10.0.0.200" = [ "headnode.cgn-1" ]; + "10.0.0.201" = [ "cn01.cgn-1" ]; + "10.0.0.202" = [ "cn02.cgn-1" ]; + "10.0.0.205" = [ "cn05.cgn-1" ]; + "10.0.0.206" = [ "cn06.cgn-1" ]; + "10.0.0.207" = [ "cn07.cgn-1" ]; + "10.0.0.208" = [ "cn08.cgn-1" ]; + "10.0.1.200" = [ "headnode.lev-1" ]; + "10.0.1.201" = [ "cn01.lev-1" ]; + "10.0.1.202" = [ "cn02.lev-1" ]; + "10.0.1.203" = [ "cn03.lev-1" ]; + "10.0.1.204" = [ "cn04.lev-1" ]; + "10.0.1.205" = [ "cn05.lev-1" ]; + "10.0.1.206" = [ "cn00.lev-1" ]; + "10.0.1.207" = [ "cn06.lev-1" ]; + "10.0.1.208" = [ "cn07.lev-1" ]; }; interfaces.enp4s0.wakeOnLan.enable = true; @@ -28,20 +34,24 @@ wireguard.enable = true; wg-quick.interfaces = { wg0 = { - address = ["10.8.8.7/32"]; + address = [ "10.8.8.7/32" ]; privateKeyFile = "/etc/wireguard/wg0.privatekey"; peers = [ { publicKey = "l0DJLicCrcrixNP6zAWTXNSEaNM2jML253BXEZ1KpiU="; - allowedIPs = ["10.8.8.16/32" "10.0.0.0/24" "10.88.88.0/24"]; + allowedIPs = [ + "10.8.8.16/32" + "10.0.0.0/24" + "10.88.88.0/24" + ]; endpoint = "85.88.23.16:51820"; persistentKeepalive = 25; } ]; }; wg1 = { - address = ["10.11.11.6/32"]; + address = [ "10.11.11.6/32" ]; privateKeyFile = "/etc/wireguard/wg1.privatekey"; mtu = 1300; @@ -49,40 +59,60 @@ { publicKey = "7RRgfZSneqAtAHBeI6+aaYLqz9e1jikg/lIK8mhW928="; presharedKeyFile = "/etc/wireguard/wg1.presharedkey"; - allowedIPs = ["10.11.11.0/24" "192.168.1.0/24" "10.0.1.0/24"]; + allowedIPs = [ + "10.11.11.0/24" + "192.168.1.0/24" + "10.0.1.0/24" + ]; endpoint = "80.71.153.1:51820"; #persistentKeepalive = 16; } ]; }; wg2 = { - address = ["10.7.6.204/32"]; + address = [ "10.7.6.204/32" ]; privateKeyFile = "/etc/wireguard/wg2.privatekey"; peers = [ - { # nachtigall.pub.solar + { + # nachtigall.pub.solar publicKey = "qzNywKY9RvqTnDO8eLik75/SHveaSk9OObilDzv+xkk="; - allowedIPs = [ "10.7.6.1/32" "fd00:fae:fae:fae:fae:1::/96" ]; + allowedIPs = [ + "10.7.6.1/32" + "fd00:fae:fae:fae:fae:1::/96" + ]; #endpoint = "138.201.80.102:51820"; endpoint = "[2a01:4f8:172:1c25::1]:51820"; persistentKeepalive = 15; } - { # flora-6.pub.solar + { + # flora-6.pub.solar publicKey = "jtSR5G2P/nm9s8WrVc26Xc/SQLupRxyXE+5eIeqlsTU="; - allowedIPs = [ "10.7.6.2/32" "fd00:fae:fae:fae:fae:2::/96" ]; + allowedIPs = [ + "10.7.6.2/32" + "fd00:fae:fae:fae:fae:2::/96" + ]; endpoint = "80.71.153.210:51820"; persistentKeepalive = 15; } - { # metronom.pub.solar + { + # metronom.pub.solar publicKey = "zOSYGO7MfnOOUnzaTcWiKRQM0qqxR3JQrwx/gtEtHmo="; - allowedIPs = [ "10.7.6.3/32" "fd00:fae:fae:fae:fae:3::/96" ]; + allowedIPs = [ + "10.7.6.3/32" + "fd00:fae:fae:fae:fae:3::/96" + ]; endpoint = "49.13.236.167:51820"; #endpoint = "[2a01:4f8:c2c:7082::]:51820"; persistentKeepalive = 15; } - { # tankstelle.pub.solar + { + # tankstelle.pub.solar publicKey = "iRTlY1lB7nPXf2eXzX8ZZDkfMmXyGjff5/joccbP8Cg="; - allowedIPs = [ "10.7.6.4/32" "fd00:fae:fae:fae:fae:4::/96" ]; + allowedIPs = [ + "10.7.6.4/32" + "fd00:fae:fae:fae:fae:4::/96" + ]; #endpoint = "80.244.242.5:51820"; endpoint = "[2001:4d88:1ffa:26::5]:51820"; persistentKeepalive = 15; diff --git a/hosts/ryzensun/ryzensun.nix b/hosts/ryzensun/ryzensun.nix index 12ffd387..1a326735 100644 --- a/hosts/ryzensun/ryzensun.nix +++ b/hosts/ryzensun/ryzensun.nix @@ -8,7 +8,8 @@ let psCfg = config.pub-solar; xdg = config.home-manager.users."${psCfg.user.name}".xdg; -in { +in +{ config = { age.secrets.docker-ci-runner-secrets = { file = "${flake.self}/secrets/docker-ci-runner-secrets.age"; @@ -26,7 +27,7 @@ in { # runnerVarsFile = config.age.secrets.docker-ci-runner-secrets.path; #}; - boot.binfmt.emulatedSystems = ["aarch64-linux"]; + boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; # Required for WakeOnLan boot.initrd = { diff --git a/lib/compat/default.nix b/lib/compat/default.nix index fc1bc0cc..b5d6a195 100644 --- a/lib/compat/default.nix +++ b/lib/compat/default.nix @@ -1,21 +1,21 @@ let - lock = builtins.fromJSON (builtins.readFile builtins.path { - path = ../../flake.lock; - name = "lockPath"; - }); + lock = builtins.fromJSON ( + builtins.readFile builtins.path { + path = ../../flake.lock; + name = "lockPath"; + } + ); flake = import - ( - fetchTarball { + (fetchTarball { url = "https://github.com/edolstra/flake-compat/archive/${lock.nodes.flake-compat.locked.rev}.tar.gz"; sha256 = lock.nodes.flake-compat.locked.narHash; - } - ) - { - src = builtins.path { - path = ../../.; - name = "projectRoot"; + }) + { + src = builtins.path { + path = ../../.; + name = "projectRoot"; + }; }; - }; in - flake +flake diff --git a/lib/compat/nixos/default.nix b/lib/compat/nixos/default.nix index 617c6a93..83f05f9f 100644 --- a/lib/compat/nixos/default.nix +++ b/lib/compat/nixos/default.nix @@ -1,4 +1,5 @@ -{...}: let +{ ... }: +let inherit (default.inputs.nixos) lib; host = configs.${hostname} or configs.PubSolarOS; @@ -6,4 +7,4 @@ default = (import ../.).defaultNix; hostname = lib.fileContents /etc/hostname; in - host +host diff --git a/lib/default.nix b/lib/default.nix index d1234dfe..9dd5f221 100644 --- a/lib/default.nix +++ b/lib/default.nix @@ -1,18 +1,20 @@ -{ lib, inputs, ... }: { +{ lib, inputs, ... }: +{ # Configuration common to all Linux systems flake = { - lib = let - callLibs = file: import file {inherit lib;}; - in rec { - ## Define your own library functions here! - #id = x: x; - ## Or in files, containing functions that take {lib} - #foo = callLibs ./foo.nix; - ## In configs, they can be used under "lib.our" + lib = + let + callLibs = file: import file { inherit lib; }; + in + rec { + ## Define your own library functions here! + #id = x: x; + ## Or in files, containing functions that take {lib} + #foo = callLibs ./foo.nix; + ## In configs, they can be used under "lib.our" - deploy = import ./deploy.nix { inherit inputs lib; }; - addLocalHostname = callLibs ./add-local-hostname.nix; - recursiveMerge = callLibs ./recursive-merge.nix; - }; + deploy = import ./deploy.nix { inherit inputs lib; }; + addLocalHostname = callLibs ./add-local-hostname.nix; + }; }; } diff --git a/lib/deploy.nix b/lib/deploy.nix index e97dfe35..200ce72b 100644 --- a/lib/deploy.nix +++ b/lib/deploy.nix @@ -1,9 +1,9 @@ /* - * The contents of this file are adapted from digga - * https://github.com/divnix/digga - * - * Licensed under the MIT license - */ + The contents of this file are adapted from digga + https://github.com/divnix/digga + + Licensed under the MIT license +*/ { lib, inputs }: let @@ -15,7 +15,8 @@ let if (net ? domain) && (net.domain != null) then "${net.hostName}.${net.domain}" else net.hostName; in fqdn; -in { +in +{ mkDeployNodes = systemConfigurations: extraConfig: /* @@ -48,7 +49,7 @@ in { ``` * */ - lib.recursiveUpdate (lib.mapAttrs ( _: c: { + lib.recursiveUpdate (lib.mapAttrs (_: c: { hostname = getFqdn c; profiles.system = let diff --git a/lib/recursive-merge.nix b/lib/recursive-merge.nix deleted file mode 100644 index 1b2c37e0..00000000 --- a/lib/recursive-merge.nix +++ /dev/null @@ -1,16 +0,0 @@ -{ lib }: -attrList: -let - f = attrPath: - zipAttrsWith ( - n: values: - if tail values == [] - then head values - else if all isList values - then unique (concatLists values) - else if all isAttrs values - then f (attrPath ++ [n]) values - else last values - ); -in - f [] attrList; diff --git a/modules/acme/default.nix b/modules/acme/default.nix index 77b6187c..3ca1050f 100644 --- a/modules/acme/default.nix +++ b/modules/acme/default.nix @@ -4,7 +4,8 @@ pkgs, lib, ... -}: { +}: +{ age.secrets."hosting-de-acme-secrets" = { file = "${flake.self}/secrets/hosting-de-acme-secrets.age"; mode = "400"; diff --git a/modules/adb/default.nix b/modules/adb/default.nix index c8d14b61..257f3785 100644 --- a/modules/adb/default.nix +++ b/modules/adb/default.nix @@ -6,10 +6,11 @@ }: let psCfg = config.pub-solar; -in { +in +{ programs.adb.enable = true; users.users."${psCfg.user.name}" = { - extraGroups = ["adbusers"]; + extraGroups = [ "adbusers" ]; }; } diff --git a/modules/arduino/default.nix b/modules/arduino/default.nix index bf6f9566..78246b37 100644 --- a/modules/arduino/default.nix +++ b/modules/arduino/default.nix @@ -6,9 +6,10 @@ }: let psCfg = config.pub-solar; -in { +in +{ users.users."${psCfg.user.name}" = { - extraGroups = ["dialout"]; + extraGroups = [ "dialout" ]; packages = with pkgs; [ arduino arduino-cli diff --git a/modules/audio/default.nix b/modules/audio/default.nix index 564678ec..220ca375 100644 --- a/modules/audio/default.nix +++ b/modules/audio/default.nix @@ -7,9 +7,10 @@ let psCfg = config.pub-solar; xdg = config.home-manager.users."${psCfg.user.name}".xdg; -in { +in +{ users.users."${psCfg.user.name}" = { - extraGroups = ["audio"]; + extraGroups = [ "audio" ]; packages = with pkgs; [ # easyeffects, e.g. for microphone noise filtering easyeffects @@ -42,7 +43,10 @@ in { "context.properties" = { default = { "clock.rate" = 48000; # Pipewire default - "clock.allowed-rates" = [ 44100 48000 ]; + "clock.allowed-rates" = [ + 44100 + 48000 + ]; }; }; }; diff --git a/modules/bluetooth/default.nix b/modules/bluetooth/default.nix index 99b71ad6..afad2e1c 100644 --- a/modules/bluetooth/default.nix +++ b/modules/bluetooth/default.nix @@ -3,15 +3,14 @@ config, pkgs, ... -}: { +}: +{ hardware.bluetooth = { enable = true; # Disable bluetooth on startup to save battery powerOnBoot = false; # Disable useless SIM Access Profile plugin - disabledPlugins = [ - "sap" - ]; + disabledPlugins = [ "sap" ]; settings = { General = { # Enables experimental features and interfaces. diff --git a/modules/core/boot.nix b/modules/core/boot.nix index 8f6f3a93..18c71a4e 100644 --- a/modules/core/boot.nix +++ b/modules/core/boot.nix @@ -6,7 +6,8 @@ }: let cfg = config.pub-solar.core; -in { +in +{ options.pub-solar.core.disk-encryption-active = lib.mkOption { type = lib.types.bool; default = true; @@ -29,7 +30,7 @@ in { kernelPackages = lib.mkDefault pkgs.linuxPackages_6_6; # Support ntfs drives - supportedFilesystems = ["ntfs"]; + supportedFilesystems = [ "ntfs" ]; }; }; } diff --git a/modules/core/default.nix b/modules/core/default.nix index fa0a52ef..b1906e74 100644 --- a/modules/core/default.nix +++ b/modules/core/default.nix @@ -1,12 +1,9 @@ -{ - config, - lib, - ... -}: +{ config, lib, ... }: let cfg = config.pub-solar.core; psCfg = config.pub-solar; -in { +in +{ imports = [ ./boot.nix ./hibernation.nix @@ -32,7 +29,7 @@ in { # Remove the complete default environment of packages like # nano, perl and rsync - environment.defaultPackages = lib.mkForce []; + environment.defaultPackages = lib.mkForce [ ]; # fileSystems."/".options = [ "noexec" ]; } diff --git a/modules/core/hibernation.nix b/modules/core/hibernation.nix index 12a38806..4cdedff0 100644 --- a/modules/core/hibernation.nix +++ b/modules/core/hibernation.nix @@ -7,7 +7,8 @@ let cfg = config.pub-solar.core.hibernation; inherit (lib) mkOption types mkIf; -in { +in +{ options.pub-solar.core.hibernation = { enable = mkOption { type = types.bool; @@ -31,7 +32,9 @@ in { config = { boot = mkIf cfg.enable { resumeDevice = mkIf (cfg.resumeDevice != null) cfg.resumeDevice; - kernelParams = mkIf (cfg.resumeOffset != null) ["resume_offset=${builtins.toString cfg.resumeOffset}"]; + kernelParams = mkIf (cfg.resumeOffset != null) [ + "resume_offset=${builtins.toString cfg.resumeOffset}" + ]; }; }; } diff --git a/modules/core/networking.nix b/modules/core/networking.nix index ef1ffb32..86072cd8 100644 --- a/modules/core/networking.nix +++ b/modules/core/networking.nix @@ -4,7 +4,8 @@ pkgs, lib, ... -}: { +}: +{ # disable NetworkManager and systemd-networkd -wait-online by default systemd.services.NetworkManager-wait-online.enable = lib.mkDefault false; systemd.services.systemd-networkd-wait-online.enable = lib.mkDefault false; diff --git a/modules/core/packages.nix b/modules/core/packages.nix index b1428f35..f0ee4f5c 100644 --- a/modules/core/packages.nix +++ b/modules/core/packages.nix @@ -7,7 +7,8 @@ let psCfg = config.pub-solar; cfg = config.pub-solar.core; -in { +in +{ environment.systemPackages = with pkgs; [ # Core unix utility packages coreutils-full diff --git a/modules/crypto/default.nix b/modules/crypto/default.nix index 7e18a867..62853756 100644 --- a/modules/crypto/default.nix +++ b/modules/crypto/default.nix @@ -6,16 +6,15 @@ }: let psCfg = config.pub-solar; -in { - services.udev.packages = [pkgs.yubikey-personalization]; - services.dbus.packages = [pkgs.gcr]; +in +{ + services.udev.packages = [ pkgs.yubikey-personalization ]; + services.dbus.packages = [ pkgs.gcr ]; services.pcscd.enable = true; services.gnome.gnome-keyring.enable = true; - users.users."${psCfg.user.name}".packages = with pkgs; [ - libsecret - ]; + users.users."${psCfg.user.name}".packages = with pkgs; [ libsecret ]; home-manager.users."${psCfg.user.name}" = { systemd.user.services.polkit-gnome-authentication-agent = import ./polkit-gnome-authentication-agent.service.nix pkgs; diff --git a/modules/crypto/polkit-gnome-authentication-agent.service.nix b/modules/crypto/polkit-gnome-authentication-agent.service.nix index ffa5b78d..eb8e7e1f 100644 --- a/modules/crypto/polkit-gnome-authentication-agent.service.nix +++ b/modules/crypto/polkit-gnome-authentication-agent.service.nix @@ -1,15 +1,15 @@ pkgs: { Unit = { Description = "Legacy polkit authentication agent for GNOME"; - Documentation = ["https://gitlab.freedesktop.org/polkit/polkit/"]; - BindsTo = ["sway-session.target"]; - After = ["sway-session.target"]; + Documentation = [ "https://gitlab.freedesktop.org/polkit/polkit/" ]; + BindsTo = [ "sway-session.target" ]; + After = [ "sway-session.target" ]; }; Service = { Type = "simple"; ExecStart = "${pkgs.polkit_gnome}/libexec/polkit-gnome-authentication-agent-1"; }; Install = { - WantedBy = ["sway-session.target"]; + WantedBy = [ "sway-session.target" ]; }; } diff --git a/modules/ddclient/default.nix b/modules/ddclient/default.nix index e3ee366d..af9bebc9 100644 --- a/modules/ddclient/default.nix +++ b/modules/ddclient/default.nix @@ -22,11 +22,16 @@ let cache=${dataDir}/ddclient.cache foreground=yes login=${cfg.username} - password=${if cfg.protocol == "nsupdate" then "/run/${RuntimeDirectory}/ddclient.key" else "@password_placeholder@"} + password=${ + if cfg.protocol == "nsupdate" then + "/run/${RuntimeDirectory}/ddclient.key" + else + "@password_placeholder@" + } protocol=${cfg.protocol} ${lib.optionalString (cfg.script != "") "script=${cfg.script}"} ${lib.optionalString (cfg.server != "") "server=${cfg.server}"} - ${lib.optionalString (cfg.zone != "") "zone=${cfg.zone}"} + ${lib.optionalString (cfg.zone != "") "zone=${cfg.zone}"} ssl=${boolToStr cfg.ssl} wildcard=yes quiet=${boolToStr cfg.quiet} @@ -38,26 +43,60 @@ let preStart = '' install --mode=600 --owner=$USER ${configFile} /run/${RuntimeDirectory}/ddclient.conf - ${lib.optionalString (cfg.configFile == null) (if (cfg.protocol == "nsupdate") then '' - install --mode=600 --owner=$USER ${cfg.passwordFile} /run/${RuntimeDirectory}/ddclient.key - '' else if (cfg.passwordFile != null) then '' - "${pkgs.replace-secret}/bin/replace-secret" "@password_placeholder@" "${cfg.passwordFile}" "/run/${RuntimeDirectory}/ddclient.conf" - '' else '' - sed -i '/^password=@password_placeholder@$/d' /run/${RuntimeDirectory}/ddclient.conf - '')} + ${lib.optionalString (cfg.configFile == null) ( + if (cfg.protocol == "nsupdate") then + '' + install --mode=600 --owner=$USER ${cfg.passwordFile} /run/${RuntimeDirectory}/ddclient.key + '' + else if (cfg.passwordFile != null) then + '' + "${pkgs.replace-secret}/bin/replace-secret" "@password_placeholder@" "${cfg.passwordFile}" "/run/${RuntimeDirectory}/ddclient.conf" + '' + else + '' + sed -i '/^password=@password_placeholder@$/d' /run/${RuntimeDirectory}/ddclient.conf + '' + )} ''; -in with lib; { - disabledModules = [ - "services/networking/ddclient.nix" - ]; +in +with lib; +{ + disabledModules = [ "services/networking/ddclient.nix" ]; imports = [ - (mkChangedOptionModule [ "services" "ddclient" "domain" ] [ "services" "ddclient" "domains" ] - (config: - let value = getAttrFromPath [ "services" "ddclient" "domain" ] config; - in if value != "" then [ value ] else [])) - (mkRemovedOptionModule [ "services" "ddclient" "homeDir" ] "") - (mkRemovedOptionModule [ "services" "ddclient" "password" ] "Use services.ddclient.passwordFile instead.") + (mkChangedOptionModule + [ + "services" + "ddclient" + "domain" + ] + [ + "services" + "ddclient" + "domains" + ] + ( + config: + let + value = getAttrFromPath [ + "services" + "ddclient" + "domain" + ] config; + in + if value != "" then [ value ] else [ ] + ) + ) + (mkRemovedOptionModule [ + "services" + "ddclient" + "homeDir" + ] "") + (mkRemovedOptionModule [ + "services" + "ddclient" + "password" + ] "Use services.ddclient.passwordFile instead.") ]; ###### interface @@ -91,7 +130,9 @@ in with lib; { username = mkOption { # For `nsupdate` username contains the path to the nsupdate executable - default = lib.optionalString (config.services.ddclient.protocol == "nsupdate") "${pkgs.bind.dnsutils}/bin/nsupdate"; + default = lib.optionalString ( + config.services.ddclient.protocol == "nsupdate" + ) "${pkgs.bind.dnsutils}/bin/nsupdate"; defaultText = ""; type = str; description = lib.mdDoc '' @@ -212,7 +253,6 @@ in with lib; { }; }; - ###### implementation config = mkIf config.services.ddclient.enable { diff --git a/modules/default.nix b/modules/default.nix index 7dc2ea0a..4424dca8 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -1,8 +1,5 @@ +{ self, inputs, ... }: { - self, - inputs, - ... -}: { flake = { nixosModules = rec { acme = import ./acme; diff --git a/modules/desktop-extended/default.nix b/modules/desktop-extended/default.nix index 43ea496e..058c000b 100644 --- a/modules/desktop-extended/default.nix +++ b/modules/desktop-extended/default.nix @@ -1,11 +1,8 @@ -{ - config, - pkgs, - ... -}: +{ config, pkgs, ... }: let psCfg = config.pub-solar; -in { +in +{ users.users."${psCfg.user.name}".packages = with pkgs; [ ungoogled-chromium diff --git a/modules/docker/default.nix b/modules/docker/default.nix index 7df09a9d..012dcfb4 100644 --- a/modules/docker/default.nix +++ b/modules/docker/default.nix @@ -6,14 +6,13 @@ }: let psCfg = config.pub-solar; -in { +in +{ virtualisation.docker.enable = true; users.users."${psCfg.user.name}" = { - extraGroups = ["docker"]; + extraGroups = [ "docker" ]; }; - environment.systemPackages = with pkgs; [ - docker-compose - ]; + environment.systemPackages = with pkgs; [ docker-compose ]; } diff --git a/modules/email/default.nix b/modules/email/default.nix index 73f7d8cd..7ff4dbe2 100644 --- a/modules/email/default.nix +++ b/modules/email/default.nix @@ -6,7 +6,8 @@ }: let psCfg = config.pub-solar; -in { +in +{ users.users."${psCfg.user.name}".packages = with pkgs; [ w3m urlscan @@ -37,17 +38,23 @@ in { macro index 'source $XDG_CONFIG_HOME/mutt/admins@pub.solar.muttrc!' macro index 'source $XDG_CONFIG_HOME/mutt/crew@pub.solar.muttrc!' ''; - xdg.configFile."mutt/hello@benjaminbaedorf.eu.muttrc".source = ./.config/mutt + "/hello@benjaminbaedorf.eu.muttrc"; - xdg.configFile."mutt/benjamin.baedorf@rwth-aachen.de.muttrc".source = ./.config/mutt + "/benjamin.baedorf@rwth-aachen.de.muttrc"; - xdg.configFile."mutt/hello@benjaminbaedorf.eu.signature".source = ./.config/mutt + "/hello@benjaminbaedorf.eu.signature"; + xdg.configFile."mutt/hello@benjaminbaedorf.eu.muttrc".source = + ./.config/mutt + "/hello@benjaminbaedorf.eu.muttrc"; + xdg.configFile."mutt/benjamin.baedorf@rwth-aachen.de.muttrc".source = + ./.config/mutt + "/benjamin.baedorf@rwth-aachen.de.muttrc"; + xdg.configFile."mutt/hello@benjaminbaedorf.eu.signature".source = + ./.config/mutt + "/hello@benjaminbaedorf.eu.signature"; xdg.configFile."mutt/byb@miom.space.muttrc".source = ./.config/mutt + "/byb@miom.space.muttrc"; - xdg.configFile."mutt/byb@miom.space.signature".source = ./.config/mutt + "/byb@miom.space.signature"; + xdg.configFile."mutt/byb@miom.space.signature".source = + ./.config/mutt + "/byb@miom.space.signature"; xdg.configFile."mutt/mail@b12f.io.muttrc".source = ./.config/mutt + "/mail@b12f.io.muttrc"; xdg.configFile."mutt/mail@b12f.io.signature".source = ./.config/mutt + "/mail@b12f.io.signature"; xdg.configFile."mutt/admins@pub.solar.muttrc".source = ./.config/mutt + "/admins@pub.solar.muttrc"; - xdg.configFile."mutt/admins@pub.solar.signature".source = ./.config/mutt + "/admins@pub.solar.signature"; + xdg.configFile."mutt/admins@pub.solar.signature".source = + ./.config/mutt + "/admins@pub.solar.signature"; xdg.configFile."mutt/crew@pub.solar.muttrc".source = ./.config/mutt + "/crew@pub.solar.muttrc"; - xdg.configFile."mutt/crew@pub.solar.signature".source = ./.config/mutt + "/crew@pub.solar.signature"; + xdg.configFile."mutt/crew@pub.solar.signature".source = + ./.config/mutt + "/crew@pub.solar.signature"; xdg.configFile."offlineimap/config".source = ./.config/offlineimap/config; xdg.configFile."msmtp/config".source = ./.config/msmtp/config; }; diff --git a/modules/gaming/default.nix b/modules/gaming/default.nix index 20220706..5c0a0218 100644 --- a/modules/gaming/default.nix +++ b/modules/gaming/default.nix @@ -6,11 +6,10 @@ }: let psCfg = config.pub-solar; -in { +in +{ programs.steam.enable = true; - nixpkgs.config.packageOverrides = pkgs: { - steam = pkgs.steam.override {}; - }; + nixpkgs.config.packageOverrides = pkgs: { steam = pkgs.steam.override { }; }; users.users."${psCfg.user.name}".packages = with pkgs; [ playonlinux diff --git a/modules/graphical/default.nix b/modules/graphical/default.nix index fff73b72..9066ed43 100644 --- a/modules/graphical/default.nix +++ b/modules/graphical/default.nix @@ -6,20 +6,16 @@ }: let psCfg = config.pub-solar; - tomlFormat = pkgs.formats.toml {}; + tomlFormat = pkgs.formats.toml { }; sessionVariables = { - WLR_RENDERER = - if psCfg.graphical.wayland.software-renderer.enable - then "pixman" - else "gles2"; + WLR_RENDERER = if psCfg.graphical.wayland.software-renderer.enable then "pixman" else "gles2"; # Fix KeepassXC rendering issue # https://github.com/void-linux/void-packages/issues/23517 QT_AUTO_SCREEN_SCALE_FACTOR = "0"; }; -in { - imports = [ - ./sway - ]; +in +{ + imports = [ ./sway ]; options.pub-solar.graphical = { wayland.software-renderer.enable = lib.mkOption { @@ -63,7 +59,7 @@ in { style = "gtk2"; }; - services.udev.packages = with pkgs; [gnome3.gnome-settings-daemon]; + services.udev.packages = with pkgs; [ gnome3.gnome-settings-daemon ]; # Enable Sushi, a quick previewer for nautilus services.gnome.sushi.enable = true; # Enable GVfs, a userspace virtual filesystem @@ -79,8 +75,8 @@ in { enableDefaultPackages = true; fontconfig.enable = true; fontconfig.defaultFonts = { - monospace = ["DejaVu Sans Mono for Powerline"]; - sansSerif = ["DejaVu Sans"]; + monospace = [ "DejaVu Sans Mono for Powerline" ]; + sansSerif = [ "DejaVu Sans" ]; }; }; diff --git a/modules/graphical/network-manager-applet.service.nix b/modules/graphical/network-manager-applet.service.nix index a3214651..57b8deaa 100644 --- a/modules/graphical/network-manager-applet.service.nix +++ b/modules/graphical/network-manager-applet.service.nix @@ -1,15 +1,15 @@ pkgs: { Unit = { Description = "Network Manager applet"; - BindsTo = ["sway-session.target"]; - After = ["sway-session.target"]; + BindsTo = [ "sway-session.target" ]; + After = [ "sway-session.target" ]; # ConditionEnvironment requires systemd v247 to work correctly - ConditionEnvironment = ["WAYLAND_DISPLAY"]; + ConditionEnvironment = [ "WAYLAND_DISPLAY" ]; }; Service = { ExecStart = "${pkgs.networkmanagerapplet}/bin/nm-applet --sm-disable --indicator"; }; Install = { - WantedBy = ["sway-session.target"]; + WantedBy = [ "sway-session.target" ]; }; } diff --git a/modules/graphical/sway/config/config.d/mode_system.conf.nix b/modules/graphical/sway/config/config.d/mode_system.conf.nix index 68ab6b26..428dd77d 100644 --- a/modules/graphical/sway/config/config.d/mode_system.conf.nix +++ b/modules/graphical/sway/config/config.d/mode_system.conf.nix @@ -1,19 +1,16 @@ -{ - pkgs, - psCfg, - ... -}: +{ pkgs, psCfg, ... }: '' # Set shut down, restart and locking features '' + ( - if psCfg.core.hibernation.enable - then '' - set $mode_system (e)xit, (h)ibernate, (l)ock, (s)uspend, (r)eboot, (Shift+s)hutdown - '' - else '' - set $mode_system (e)xit, (l)ock, (s)uspend, (r)eboot, (Shift+s)hutdown - '' + if psCfg.core.hibernation.enable then + '' + set $mode_system (e)xit, (h)ibernate, (l)ock, (s)uspend, (r)eboot, (Shift+s)hutdown + '' + else + '' + set $mode_system (e)xit, (l)ock, (s)uspend, (r)eboot, (Shift+s)hutdown + '' ) + '' bindsym $mod+Ctrl+0 mode "$mode_system" @@ -22,20 +19,21 @@ bindsym e exec swaymsg exit, mode "default" '' + ( - if psCfg.core.hibernation.enable - then '' - bindsym h exec systemctl hibernate, mode "default" - '' - else "" + if psCfg.core.hibernation.enable then + '' + bindsym h exec systemctl hibernate, mode "default" + '' + else + "" ) + '' - bindsym l exec ${pkgs.swaylock-bg}/bin/swaylock-bg, mode "default" - bindsym s exec systemctl suspend, mode "default" - bindsym r exec systemctl reboot, mode "default" - bindsym Shift+s exec systemctl poweroff, mode "default" + bindsym l exec ${pkgs.swaylock-bg}/bin/swaylock-bg, mode "default" + bindsym s exec systemctl suspend, mode "default" + bindsym r exec systemctl reboot, mode "default" + bindsym Shift+s exec systemctl poweroff, mode "default" - # exit system mode: "Enter" or "Escape" - bindsym Return mode "default" - bindsym Escape mode "default" -} + # exit system mode: "Enter" or "Escape" + bindsym Return mode "default" + bindsym Escape mode "default" + } '' diff --git a/modules/graphical/sway/config/config.nix b/modules/graphical/sway/config/config.nix index b811c302..eee41504 100644 --- a/modules/graphical/sway/config/config.nix +++ b/modules/graphical/sway/config/config.nix @@ -1,8 +1,5 @@ -{ - config, - pkgs, - ... -}: '' +{ config, pkgs, ... }: +'' # Default config for sway # # Copy this to ~/.config/sway/config and edit it to your liking. diff --git a/modules/graphical/sway/config/wayvnc/config.nix b/modules/graphical/sway/config/wayvnc/config.nix index 23a885d4..900a1af0 100644 --- a/modules/graphical/sway/config/wayvnc/config.nix +++ b/modules/graphical/sway/config/wayvnc/config.nix @@ -1,7 +1,5 @@ -{ - psCfg, - pkgs, -}: " +{ psCfg, pkgs }: +" address=0.0.0.0 enable_auth=true username=${psCfg.user.name} diff --git a/modules/graphical/sway/default.nix b/modules/graphical/sway/default.nix index 119623cf..3868eea6 100644 --- a/modules/graphical/sway/default.nix +++ b/modules/graphical/sway/default.nix @@ -8,7 +8,8 @@ let psCfg = config.pub-solar; inherit (lib) mkIf mkOption types; -in { +in +{ options.pub-solar.graphical = { v4l2loopback.enable = mkOption { type = types.bool; @@ -19,8 +20,8 @@ in { config = { boot = mkIf psCfg.graphical.v4l2loopback.enable { - extraModulePackages = with config.boot.kernelPackages; [v4l2loopback]; - kernelModules = ["v4l2loopback"]; + extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ]; + kernelModules = [ "v4l2loopback" ]; extraModprobeConfig = '' options v4l2loopback exclusive_caps=1 devices=3 ''; @@ -44,7 +45,7 @@ in { }; }; }; - extraPortals = with pkgs; [xdg-desktop-portal-gtk]; + extraPortals = with pkgs; [ xdg-desktop-portal-gtk ]; }; services.pipewire.enable = true; @@ -80,9 +81,7 @@ in { ]; home-manager.users."${psCfg.user.name}" = { - imports = [ - flake.self.inputs.wayland-pipewire-idle-inhibit.homeModules.default - ]; + imports = [ flake.self.inputs.wayland-pipewire-idle-inhibit.homeModules.default ]; services.wayland-pipewire-idle-inhibit = { enable = true; @@ -106,18 +105,20 @@ in { #programs.waybar.systemd.enable = true; systemd.user.services.swaynotificationcenter = import ./swaynotificationcenter.service.nix pkgs; - systemd.user.services.sway = import ./sway.service.nix {inherit pkgs psCfg;}; - systemd.user.services.swayidle = import ./swayidle.service.nix {inherit pkgs psCfg;}; - systemd.user.services.xsettingsd = import ./xsettingsd.service.nix {inherit pkgs psCfg;}; - systemd.user.services.waybar = import ./waybar.service.nix {inherit pkgs psCfg;}; - systemd.user.targets.sway-session = import ./sway-session.target.nix {inherit pkgs psCfg;}; + systemd.user.services.sway = import ./sway.service.nix { inherit pkgs psCfg; }; + systemd.user.services.swayidle = import ./swayidle.service.nix { inherit pkgs psCfg; }; + systemd.user.services.xsettingsd = import ./xsettingsd.service.nix { inherit pkgs psCfg; }; + systemd.user.services.waybar = import ./waybar.service.nix { inherit pkgs psCfg; }; + systemd.user.targets.sway-session = import ./sway-session.target.nix { inherit pkgs psCfg; }; - xdg.configFile."sway/config".text = import ./config/config.nix {inherit config pkgs;}; + xdg.configFile."sway/config".text = import ./config/config.nix { inherit config pkgs; }; xdg.configFile."sway/config.d/colorscheme.conf".source = ./config/config.d/colorscheme.conf; xdg.configFile."sway/config.d/theme.conf".source = ./config/config.d/theme.conf; xdg.configFile."sway/config.d/gaps.conf".source = ./config/config.d/gaps.conf; xdg.configFile."sway/config.d/custom-keybindings.conf".source = ./config/config.d/custom-keybindings.conf; - xdg.configFile."sway/config.d/mode_system.conf".text = import ./config/config.d/mode_system.conf.nix {inherit pkgs psCfg;}; + xdg.configFile."sway/config.d/mode_system.conf".text = + import ./config/config.d/mode_system.conf.nix + { inherit pkgs psCfg; }; xdg.configFile."sway/config.d/applications.conf".source = ./config/config.d/applications.conf; xdg.configFile."sway/config.d/systemd.conf".source = ./config/config.d/systemd.conf; }; diff --git a/modules/graphical/sway/gammastep.service.nix b/modules/graphical/sway/gammastep.service.nix index d488ea5c..3960d1ae 100644 --- a/modules/graphical/sway/gammastep.service.nix +++ b/modules/graphical/sway/gammastep.service.nix @@ -1,17 +1,18 @@ -{pkgs, ...}: { +{ pkgs, ... }: +{ Unit = { Description = "set color temperature of display according to time of day"; - Documentation = ["man:gammastep(1)"]; - BindsTo = ["sway-session.target"]; - After = ["sway-session.target"]; + Documentation = [ "man:gammastep(1)" ]; + BindsTo = [ "sway-session.target" ]; + After = [ "sway-session.target" ]; # ConditionEnvironment requires systemd v247 to work correctly - ConditionEnvironment = ["WAYLAND_DISPLAY"]; + ConditionEnvironment = [ "WAYLAND_DISPLAY" ]; }; Service = { Type = "simple"; ExecStart = "${pkgs.gammastep}/bin/gammastep -l geoclue2 -m wayland -v"; }; Install = { - WantedBy = ["sway-session.target"]; + WantedBy = [ "sway-session.target" ]; }; } diff --git a/modules/graphical/sway/libinput-gestures.service.nix b/modules/graphical/sway/libinput-gestures.service.nix index eed95180..798d10d6 100644 --- a/modules/graphical/sway/libinput-gestures.service.nix +++ b/modules/graphical/sway/libinput-gestures.service.nix @@ -1,9 +1,10 @@ -{pkgs, ...}: { +{ pkgs, ... }: +{ Unit = { Description = "Actions gestures on your touchpad using libinput"; - Documentation = ["https://github.com/bulletmark/libinput-gestures"]; - BindsTo = ["sway-session.target"]; - After = ["sway-session.target"]; + Documentation = [ "https://github.com/bulletmark/libinput-gestures" ]; + BindsTo = [ "sway-session.target" ]; + After = [ "sway-session.target" ]; }; Service = { Type = "simple"; @@ -13,6 +14,6 @@ TimeoutStopSec = "10"; }; Install = { - WantedBy = ["sway-session.target"]; + WantedBy = [ "sway-session.target" ]; }; } diff --git a/modules/graphical/sway/mako.service.nix b/modules/graphical/sway/mako.service.nix index 22524d32..1f210c74 100644 --- a/modules/graphical/sway/mako.service.nix +++ b/modules/graphical/sway/mako.service.nix @@ -1,10 +1,11 @@ -{pkgs, ...}: { +{ pkgs, ... }: +{ Unit = { Description = "Lightweight Wayland notification daemon"; - Documentation = ["man:mako(1)"]; - BindsTo = ["sway-session.target"]; - After = ["sway-session.target"]; - ConditionEnvironment = ["WAYLAND_DISPLAY"]; + Documentation = [ "man:mako(1)" ]; + BindsTo = [ "sway-session.target" ]; + After = [ "sway-session.target" ]; + ConditionEnvironment = [ "WAYLAND_DISPLAY" ]; }; Service = { Type = "dbus"; @@ -13,6 +14,6 @@ ExecReload = "${pkgs.mako}/bin/makoctl reload"; }; Install = { - WantedBy = ["sway-session.target"]; + WantedBy = [ "sway-session.target" ]; }; } diff --git a/modules/graphical/sway/sway-session.target.nix b/modules/graphical/sway/sway-session.target.nix index f35ed280..7b25376a 100644 --- a/modules/graphical/sway/sway-session.target.nix +++ b/modules/graphical/sway/sway-session.target.nix @@ -1,9 +1,10 @@ -{pkgs, ...}: { +{ pkgs, ... }: +{ Unit = { Description = "sway compositor session"; - Documentation = ["man:systemd.special(7)"]; - BindsTo = ["graphical-session.target"]; - Wants = ["graphical-session-pre.target"]; - After = ["graphical-session-pre.target"]; + Documentation = [ "man:systemd.special(7)" ]; + BindsTo = [ "graphical-session.target" ]; + Wants = [ "graphical-session-pre.target" ]; + After = [ "graphical-session-pre.target" ]; }; } diff --git a/modules/graphical/sway/sway.service.nix b/modules/graphical/sway/sway.service.nix index 253df4ac..dde4eb9d 100644 --- a/modules/graphical/sway/sway.service.nix +++ b/modules/graphical/sway/sway.service.nix @@ -1,10 +1,11 @@ -{pkgs, ...}: { +{ pkgs, ... }: +{ Unit = { Description = "sway - SirCmpwn's Wayland window manager"; - Documentation = ["man:sway(5)"]; - BindsTo = ["graphical-session.target"]; - Wants = ["graphical-session-pre.target"]; - After = ["graphical-session-pre.target"]; + Documentation = [ "man:sway(5)" ]; + BindsTo = [ "graphical-session.target" ]; + Wants = [ "graphical-session-pre.target" ]; + After = [ "graphical-session-pre.target" ]; }; Service = { Type = "simple"; diff --git a/modules/graphical/sway/swayidle.service.nix b/modules/graphical/sway/swayidle.service.nix index de984e7d..e911cc28 100644 --- a/modules/graphical/sway/swayidle.service.nix +++ b/modules/graphical/sway/swayidle.service.nix @@ -1,14 +1,11 @@ +{ pkgs, psCfg, ... }: { - pkgs, - psCfg, - ... -}: { Unit = { Description = "Idle manager for Wayland"; - Documentation = ["man:swayidle(1)"]; - BindsTo = ["graphical-session.target"]; - Wants = ["graphical-session-pre.target"]; - After = ["graphical-session-pre.target"]; + Documentation = [ "man:swayidle(1)" ]; + BindsTo = [ "graphical-session.target" ]; + Wants = [ "graphical-session-pre.target" ]; + After = [ "graphical-session-pre.target" ]; }; Service = { Type = "simple"; @@ -21,6 +18,6 @@ ''; }; Install = { - WantedBy = ["sway-session.target"]; + WantedBy = [ "sway-session.target" ]; }; } diff --git a/modules/graphical/sway/swaynotificationcenter.service.nix b/modules/graphical/sway/swaynotificationcenter.service.nix index 44d22bdc..6443335d 100644 --- a/modules/graphical/sway/swaynotificationcenter.service.nix +++ b/modules/graphical/sway/swaynotificationcenter.service.nix @@ -2,11 +2,11 @@ pkgs: { Unit = { Description = "Swaync notification daemon"; Documentation = "https://github.com/ErikReider/SwayNotificationCenter"; - BindsTo = ["sway-session.target"]; - After = ["sway-session.target"]; - Requisite = ["graphical-session.target"]; + BindsTo = [ "sway-session.target" ]; + After = [ "sway-session.target" ]; + Requisite = [ "graphical-session.target" ]; # ConditionEnvironment requires systemd v247 to work correctly - ConditionEnvironment = ["WAYLAND_DISPLAY"]; + ConditionEnvironment = [ "WAYLAND_DISPLAY" ]; }; Service = { Type = "dbus"; @@ -16,6 +16,6 @@ pkgs: { Restart = "on-failure"; }; Install = { - WantedBy = ["sway-session.target"]; + WantedBy = [ "sway-session.target" ]; }; } diff --git a/modules/graphical/sway/waybar.service.nix b/modules/graphical/sway/waybar.service.nix index 4715fe81..70916eed 100644 --- a/modules/graphical/sway/waybar.service.nix +++ b/modules/graphical/sway/waybar.service.nix @@ -1,11 +1,19 @@ -{pkgs, ...}: { +{ pkgs, ... }: +{ Unit = { Description = "Highly customizable Wayland bar for Sway and Wlroots based compositors."; Documentation = "https://github.com/Alexays/Waybar/wiki/"; - BindsTo = ["sway-session.target"]; - After = ["sway-session.target" "network-online.target"]; - Wants = ["graphical-session-pre.target" "network-online.target" "blueman-applet.service"]; - ConditionEnvironment = ["WAYLAND_DISPLAY"]; + BindsTo = [ "sway-session.target" ]; + After = [ + "sway-session.target" + "network-online.target" + ]; + Wants = [ + "graphical-session-pre.target" + "network-online.target" + "blueman-applet.service" + ]; + ConditionEnvironment = [ "WAYLAND_DISPLAY" ]; }; Service = { @@ -16,6 +24,6 @@ }; Install = { - WantedBy = ["sway-session.target"]; + WantedBy = [ "sway-session.target" ]; }; } diff --git a/modules/graphical/sway/xsettingsd.service.nix b/modules/graphical/sway/xsettingsd.service.nix index 39057264..db3e842c 100644 --- a/modules/graphical/sway/xsettingsd.service.nix +++ b/modules/graphical/sway/xsettingsd.service.nix @@ -1,11 +1,12 @@ -{pkgs, ...}: { +{ pkgs, ... }: +{ Unit = { Description = "X Settings Daemon"; - Documentation = ["https://github.com/derat/xsettingsd/wiki/Installation"]; - BindsTo = ["sway-session.target"]; - After = ["sway-session.target"]; + Documentation = [ "https://github.com/derat/xsettingsd/wiki/Installation" ]; + BindsTo = [ "sway-session.target" ]; + After = [ "sway-session.target" ]; # ConditionEnvironment requires systemd v247 to work correctly - ConditionEnvironment = ["WAYLAND_DISPLAY"]; + ConditionEnvironment = [ "WAYLAND_DISPLAY" ]; }; Service = { Type = "simple"; @@ -13,6 +14,6 @@ ExecStop = "/run/current-system/sw/bin/env pkill xsettingsd"; }; Install = { - WantedBy = ["sway-session.target"]; + WantedBy = [ "sway-session.target" ]; }; } diff --git a/modules/graphical/sway/ydotool.service.nix b/modules/graphical/sway/ydotool.service.nix index 4ef76464..24b64432 100644 --- a/modules/graphical/sway/ydotool.service.nix +++ b/modules/graphical/sway/ydotool.service.nix @@ -1,9 +1,10 @@ -{pkgs, ...}: { +{ pkgs, ... }: +{ Unit = { Description = "ydotool - Generic command-line automation tool (no X!)"; - Documentation = ["https://github.com/ReimuNotMoe/ydotool"]; - BindsTo = ["sway-session.target"]; - After = ["sway-session.target"]; + Documentation = [ "https://github.com/ReimuNotMoe/ydotool" ]; + BindsTo = [ "sway-session.target" ]; + After = [ "sway-session.target" ]; }; Service = { Type = "simple"; @@ -13,6 +14,6 @@ TimeoutStopSec = "10"; }; Install = { - WantedBy = ["sway-session.target"]; + WantedBy = [ "sway-session.target" ]; }; } diff --git a/modules/hm-system-defaults.nix b/modules/hm-system-defaults.nix index 4bc6cf67..196aa064 100644 --- a/modules/hm-system-defaults.nix +++ b/modules/hm-system-defaults.nix @@ -1,11 +1,11 @@ -{config, ...}: { +{ config, ... }: +{ home-manager.sharedModules = [ { home.sessionVariables = { inherit (config.environment.sessionVariables) NIX_PATH; }; - xdg.configFile."nix/registry.json".text = - config.environment.etc."nix/registry.json".text; + xdg.configFile."nix/registry.json".text = config.environment.etc."nix/registry.json".text; } ]; } diff --git a/modules/invoiceplane/default.nix b/modules/invoiceplane/default.nix index fad23ed7..29e854fe 100644 --- a/modules/invoiceplane/default.nix +++ b/modules/invoiceplane/default.nix @@ -1,4 +1,9 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: let inherit (lib) @@ -24,79 +29,99 @@ let mkOption nameValuePair optionalString - types; + types + ; cfg = config.services.invoiceplane; eachSite = cfg.sites; user = "invoiceplane"; webserver = config.services.${cfg.webserver}; - invoiceplane-config = hostName: cfg: pkgs.writeText "ipconfig.php" '' - IP_URL=http://${hostName} - ENABLE_DEBUG=false - DISABLE_SETUP=false - REMOVE_INDEXPHP=false - DB_HOSTNAME=${cfg.database.host} - DB_USERNAME=${cfg.database.user} - # NOTE: file_get_contents adds newline at the end of returned string - DB_PASSWORD=${optionalString (cfg.database.passwordFile != null) "trim(file_get_contents('${cfg.database.passwordFile}'), \"\\r\\n\")"} - DB_DATABASE=${cfg.database.name} - DB_PORT=${toString cfg.database.port} - SESS_EXPIRATION=864000 - ENABLE_INVOICE_DELETION=false - DISABLE_READ_ONLY=false - ENCRYPTION_KEY= - ENCRYPTION_CIPHER=AES-256 - SETUP_COMPLETED=false - REMOVE_INDEXPHP=true - ''; + invoiceplane-config = + hostName: cfg: + pkgs.writeText "ipconfig.php" '' + IP_URL=http://${hostName} + ENABLE_DEBUG=false + DISABLE_SETUP=false + REMOVE_INDEXPHP=false + DB_HOSTNAME=${cfg.database.host} + DB_USERNAME=${cfg.database.user} + # NOTE: file_get_contents adds newline at the end of returned string + DB_PASSWORD=${ + optionalString ( + cfg.database.passwordFile != null + ) "trim(file_get_contents('${cfg.database.passwordFile}'), \"\\r\\n\")" + } + DB_DATABASE=${cfg.database.name} + DB_PORT=${toString cfg.database.port} + SESS_EXPIRATION=864000 + ENABLE_INVOICE_DELETION=false + DISABLE_READ_ONLY=false + ENCRYPTION_KEY= + ENCRYPTION_CIPHER=AES-256 + SETUP_COMPLETED=false + REMOVE_INDEXPHP=true + ''; - mkPhpValue = v: - if isString v then escapeShellArg v + mkPhpValue = + v: + if isString v then + escapeShellArg v # NOTE: If any value contains a , (comma) this will not get escaped - else if isList v && any lib.strings.isCoercibleToString v then escapeShellArg (concatMapStringsSep "," toString v) - else if isInt v then toString v - else if isBool v then boolToString v - else abort "The Invoiceplane config value ${lib.generators.toPretty {} v} can not be encoded." - ; + else if isList v && any lib.strings.isCoercibleToString v then + escapeShellArg (concatMapStringsSep "," toString v) + else if isInt v then + toString v + else if isBool v then + boolToString v + else + abort "The Invoiceplane config value ${lib.generators.toPretty { } v} can not be encoded."; - extraConfig = hostName: cfg: let - settings = mapAttrsToList (k: v: "${k}=${mkPhpValue v}") cfg.settings; - in pkgs.writeText "extraConfig.php" (concatStringsSep "\n" settings); + extraConfig = + hostName: cfg: + let + settings = mapAttrsToList (k: v: "${k}=${mkPhpValue v}") cfg.settings; + in + pkgs.writeText "extraConfig.php" (concatStringsSep "\n" settings); - pkg = hostName: cfg: pkgs.stdenv.mkDerivation rec { - pname = "invoiceplane-${hostName}"; - version = src.version; - src = pkgs.invoiceplane; + pkg = + hostName: cfg: + pkgs.stdenv.mkDerivation rec { + pname = "invoiceplane-${hostName}"; + version = src.version; + src = pkgs.invoiceplane; - postPatch = '' - # Patch index.php file to load additional config file - substituteInPlace index.php \ - --replace-fail "require('vendor/autoload.php');" "require('vendor/autoload.php'); \$dotenv = Dotenv\Dotenv::createImmutable(__DIR__, 'extraConfig.php'); \$dotenv->load();"; - ''; + postPatch = '' + # Patch index.php file to load additional config file + substituteInPlace index.php \ + --replace-fail "require('vendor/autoload.php');" "require('vendor/autoload.php'); \$dotenv = Dotenv\Dotenv::createImmutable(__DIR__, 'extraConfig.php'); \$dotenv->load();"; + ''; - installPhase = '' - mkdir -p $out - cp -r * $out/ + installPhase = '' + mkdir -p $out + cp -r * $out/ - # symlink uploads and log directories - rm -r $out/uploads $out/application/logs $out/vendor/mpdf/mpdf/tmp - ln -sf ${cfg.stateDir}/uploads $out/ - ln -sf ${cfg.stateDir}/logs $out/application/ - ln -sf ${cfg.stateDir}/tmp $out/vendor/mpdf/mpdf/ + # symlink uploads and log directories + rm -r $out/uploads $out/application/logs $out/vendor/mpdf/mpdf/tmp + ln -sf ${cfg.stateDir}/uploads $out/ + ln -sf ${cfg.stateDir}/logs $out/application/ + ln -sf ${cfg.stateDir}/tmp $out/vendor/mpdf/mpdf/ - # symlink the InvoicePlane config - ln -s ${cfg.stateDir}/ipconfig.php $out/ipconfig.php + # symlink the InvoicePlane config + ln -s ${cfg.stateDir}/ipconfig.php $out/ipconfig.php - # symlink the extraConfig file - ln -s ${extraConfig hostName cfg} $out/extraConfig.php + # symlink the extraConfig file + ln -s ${extraConfig hostName cfg} $out/extraConfig.php - # symlink additional templates - ${concatMapStringsSep "\n" (template: "cp -r ${template}/. $out/application/views/invoice_templates/pdf/") cfg.invoiceTemplates} - ''; - }; + # symlink additional templates + ${concatMapStringsSep "\n" ( + template: "cp -r ${template}/. $out/application/views/invoice_templates/pdf/" + ) cfg.invoiceTemplates} + ''; + }; - siteOpts = { name, ... }: + siteOpts = + { name, ... }: { options = { @@ -156,7 +181,7 @@ let invoiceTemplates = mkOption { type = types.listOf types.path; - default = []; + default = [ ]; description = '' List of path(s) to respective template(s) which are copied from the 'invoice_templates/pdf' directory. @@ -187,7 +212,13 @@ let }; poolConfig = mkOption { - type = with types; attrsOf (oneOf [ str int bool ]); + type = + with types; + attrsOf (oneOf [ + str + int + bool + ]); default = { "pm" = "dynamic"; "pm.max_children" = 32; @@ -204,7 +235,7 @@ let settings = mkOption { type = types.attrsOf types.anything; - default = {}; + default = { }; description = '' Structural InvoicePlane configuration. Refer to @@ -241,9 +272,7 @@ let }; in { - disabledModules = [ - "services/web-apps/invoiceplane.nix" - ]; + disabledModules = [ "services/web-apps/invoiceplane.nix" ]; # interface options = { @@ -252,12 +281,15 @@ in options.sites = mkOption { type = types.attrsOf (types.submodule siteOpts); - default = {}; + default = { }; description = "Specification of one or more WordPress sites to serve"; }; options.webserver = mkOption { - type = types.enum [ "caddy" "nginx" ]; + type = types.enum [ + "caddy" + "nginx" + ]; default = "caddy"; example = "nginx"; description = '' @@ -265,167 +297,185 @@ in ''; }; }; - default = {}; + default = { }; description = "InvoicePlane configuration."; }; }; # implementation - config = mkIf (eachSite != {}) (mkMerge [{ + config = mkIf (eachSite != { }) (mkMerge [ + { - assertions = flatten (mapAttrsToList (hostName: cfg: [ - { assertion = cfg.database.createLocally -> cfg.database.user == user; - message = ''services.invoiceplane.sites."${hostName}".database.user must be ${user} if the database is to be automatically provisioned''; - } - { assertion = cfg.database.createLocally -> cfg.database.passwordFile == null; - message = ''services.invoiceplane.sites."${hostName}".database.passwordFile cannot be specified if services.invoiceplane.sites."${hostName}".database.createLocally is set to true.''; - } - { assertion = cfg.cron.enable -> cfg.cron.key != null; - message = ''services.invoiceplane.sites."${hostName}".cron.key must be set in order to use cron service.''; - } - ]) eachSite); + assertions = flatten ( + mapAttrsToList (hostName: cfg: [ + { + assertion = cfg.database.createLocally -> cfg.database.user == user; + message = ''services.invoiceplane.sites."${hostName}".database.user must be ${user} if the database is to be automatically provisioned''; + } + { + assertion = cfg.database.createLocally -> cfg.database.passwordFile == null; + message = ''services.invoiceplane.sites."${hostName}".database.passwordFile cannot be specified if services.invoiceplane.sites."${hostName}".database.createLocally is set to true.''; + } + { + assertion = cfg.cron.enable -> cfg.cron.key != null; + message = ''services.invoiceplane.sites."${hostName}".cron.key must be set in order to use cron service.''; + } + ]) eachSite + ); - services.mysql = mkIf (any (v: v.database.createLocally) (attrValues eachSite)) { - enable = true; - package = mkDefault pkgs.mariadb; - ensureDatabases = mapAttrsToList (hostName: cfg: cfg.database.name) eachSite; - ensureUsers = mapAttrsToList (hostName: cfg: - { name = cfg.database.user; - ensurePermissions = { "${cfg.database.name}.*" = "ALL PRIVILEGES"; }; - } - ) eachSite; - }; - - services.phpfpm = { - phpPackage = pkgs.php81; - pools = mapAttrs' (hostName: cfg: ( - nameValuePair "invoiceplane-${hostName}" { - inherit user; - group = webserver.group; - settings = { - "listen.owner" = webserver.user; - "listen.group" = webserver.group; - } // cfg.poolConfig; - } - )) eachSite; - }; - - } - - { - - systemd.tmpfiles.rules = flatten (mapAttrsToList (hostName: cfg: [ - "d ${cfg.stateDir} 0750 ${user} ${webserver.group} - -" - "f ${cfg.stateDir}/ipconfig.php 0750 ${user} ${webserver.group} - -" - "d ${cfg.stateDir}/logs 0750 ${user} ${webserver.group} - -" - "d ${cfg.stateDir}/uploads 0750 ${user} ${webserver.group} - -" - "d ${cfg.stateDir}/uploads/archive 0750 ${user} ${webserver.group} - -" - "d ${cfg.stateDir}/uploads/customer_files 0750 ${user} ${webserver.group} - -" - "d ${cfg.stateDir}/uploads/temp 0750 ${user} ${webserver.group} - -" - "d ${cfg.stateDir}/uploads/temp/mpdf 0750 ${user} ${webserver.group} - -" - "d ${cfg.stateDir}/tmp 0750 ${user} ${webserver.group} - -" - ]) eachSite); - - systemd.services.invoiceplane-config = { - serviceConfig.Type = "oneshot"; - script = concatStrings (mapAttrsToList (hostName: cfg: - '' - mkdir -p ${cfg.stateDir}/logs \ - ${cfg.stateDir}/uploads - if ! grep -q IP_URL "${cfg.stateDir}/ipconfig.php"; then - cp "${invoiceplane-config hostName cfg}" "${cfg.stateDir}/ipconfig.php" - fi - '') eachSite); - wantedBy = [ "multi-user.target" ]; - }; - - users.users.${user} = { - group = webserver.group; - isSystemUser = true; - }; - - } - { - - # Cron service implementation - - systemd.timers = mapAttrs' (hostName: cfg: ( - nameValuePair "invoiceplane-cron-${hostName}" (mkIf cfg.cron.enable { - wantedBy = [ "timers.target" ]; - timerConfig = { - OnBootSec = "5m"; - OnUnitActiveSec = "5m"; - Unit = "invoiceplane-cron-${hostName}.service"; - }; - }) - )) eachSite; - - systemd.services = - mapAttrs' (hostName: cfg: ( - nameValuePair "invoiceplane-cron-${hostName}" (mkIf cfg.cron.enable { - serviceConfig = { - Type = "oneshot"; - User = user; - ExecStart = "${pkgs.curl}/bin/curl --header 'Host: ${hostName}' http://localhost/invoices/cron/recur/${cfg.cron.key}"; + services.mysql = mkIf (any (v: v.database.createLocally) (attrValues eachSite)) { + enable = true; + package = mkDefault pkgs.mariadb; + ensureDatabases = mapAttrsToList (hostName: cfg: cfg.database.name) eachSite; + ensureUsers = mapAttrsToList (hostName: cfg: { + name = cfg.database.user; + ensurePermissions = { + "${cfg.database.name}.*" = "ALL PRIVILEGES"; }; - }) - )) eachSite; + }) eachSite; + }; - } + services.phpfpm = { + phpPackage = pkgs.php81; + pools = mapAttrs' ( + hostName: cfg: + (nameValuePair "invoiceplane-${hostName}" { + inherit user; + group = webserver.group; + settings = { + "listen.owner" = webserver.user; + "listen.group" = webserver.group; + } // cfg.poolConfig; + }) + ) eachSite; + }; - (mkIf (cfg.webserver == "caddy") { - services.caddy = { - enable = true; - virtualHosts = mapAttrs' (hostName: cfg: ( - nameValuePair "http://${hostName}" { - extraConfig = '' - root * ${pkg hostName cfg} - file_server - php_fastcgi unix/${config.services.phpfpm.pools."invoiceplane-${hostName}".socket} - ''; - } - )) eachSite; - }; - }) + } - (mkIf (cfg.webserver == "nginx") { - services.nginx = { - enable = true; - virtualHosts = mapAttrs' (hostName: cfg: ( - nameValuePair hostName { - root = pkg hostName cfg; - extraConfig = '' - index index.php index.html index.htm; + { - if (!-e $request_filename){ - rewrite ^(.*)$ /index.php break; - } - ''; + systemd.tmpfiles.rules = flatten ( + mapAttrsToList (hostName: cfg: [ + "d ${cfg.stateDir} 0750 ${user} ${webserver.group} - -" + "f ${cfg.stateDir}/ipconfig.php 0750 ${user} ${webserver.group} - -" + "d ${cfg.stateDir}/logs 0750 ${user} ${webserver.group} - -" + "d ${cfg.stateDir}/uploads 0750 ${user} ${webserver.group} - -" + "d ${cfg.stateDir}/uploads/archive 0750 ${user} ${webserver.group} - -" + "d ${cfg.stateDir}/uploads/customer_files 0750 ${user} ${webserver.group} - -" + "d ${cfg.stateDir}/uploads/temp 0750 ${user} ${webserver.group} - -" + "d ${cfg.stateDir}/uploads/temp/mpdf 0750 ${user} ${webserver.group} - -" + "d ${cfg.stateDir}/tmp 0750 ${user} ${webserver.group} - -" + ]) eachSite + ); - locations = { - "/setup".extraConfig = - let - scheme = if config.services.nginx.virtualHosts.${hostName}.forceSSL then "https" else "http"; - in - '' - rewrite ^(.*)$ ${scheme}://${hostName}/ redirect; - ''; + systemd.services.invoiceplane-config = { + serviceConfig.Type = "oneshot"; + script = concatStrings ( + mapAttrsToList (hostName: cfg: '' + mkdir -p ${cfg.stateDir}/logs \ + ${cfg.stateDir}/uploads + if ! grep -q IP_URL "${cfg.stateDir}/ipconfig.php"; then + cp "${invoiceplane-config hostName cfg}" "${cfg.stateDir}/ipconfig.php" + fi + '') eachSite + ); + wantedBy = [ "multi-user.target" ]; + }; - "~ .php$" = { - extraConfig = '' - fastcgi_split_path_info ^(.+\.php)(/.+)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass unix:${config.services.phpfpm.pools."invoiceplane-${hostName}".socket}; - include ${config.services.nginx.package}/conf/fastcgi_params; - include ${config.services.nginx.package}/conf/fastcgi.conf; - ''; + users.users.${user} = { + group = webserver.group; + isSystemUser = true; + }; + + } + { + + # Cron service implementation + + systemd.timers = mapAttrs' ( + hostName: cfg: + (nameValuePair "invoiceplane-cron-${hostName}" ( + mkIf cfg.cron.enable { + wantedBy = [ "timers.target" ]; + timerConfig = { + OnBootSec = "5m"; + OnUnitActiveSec = "5m"; + Unit = "invoiceplane-cron-${hostName}.service"; }; - }; - } - )) eachSite; - }; - }) + } + )) + ) eachSite; + + systemd.services = mapAttrs' ( + hostName: cfg: + (nameValuePair "invoiceplane-cron-${hostName}" ( + mkIf cfg.cron.enable { + serviceConfig = { + Type = "oneshot"; + User = user; + ExecStart = "${pkgs.curl}/bin/curl --header 'Host: ${hostName}' http://localhost/invoices/cron/recur/${cfg.cron.key}"; + }; + } + )) + ) eachSite; + + } + + (mkIf (cfg.webserver == "caddy") { + services.caddy = { + enable = true; + virtualHosts = mapAttrs' ( + hostName: cfg: + (nameValuePair "http://${hostName}" { + extraConfig = '' + root * ${pkg hostName cfg} + file_server + php_fastcgi unix/${config.services.phpfpm.pools."invoiceplane-${hostName}".socket} + ''; + }) + ) eachSite; + }; + }) + + (mkIf (cfg.webserver == "nginx") { + services.nginx = { + enable = true; + virtualHosts = mapAttrs' ( + hostName: cfg: + (nameValuePair hostName { + root = pkg hostName cfg; + extraConfig = '' + index index.php index.html index.htm; + + if (!-e $request_filename){ + rewrite ^(.*)$ /index.php break; + } + ''; + + locations = { + "/setup".extraConfig = + let + scheme = if config.services.nginx.virtualHosts.${hostName}.forceSSL then "https" else "http"; + in + '' + rewrite ^(.*)$ ${scheme}://${hostName}/ redirect; + ''; + + "~ .php$" = { + extraConfig = '' + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass unix:${config.services.phpfpm.pools."invoiceplane-${hostName}".socket}; + include ${config.services.nginx.package}/conf/fastcgi_params; + include ${config.services.nginx.package}/conf/fastcgi.conf; + ''; + }; + }; + }) + ) eachSite; + }; + }) ]); } diff --git a/modules/nextcloud/default.nix b/modules/nextcloud/default.nix index f72ae94a..ea71207f 100644 --- a/modules/nextcloud/default.nix +++ b/modules/nextcloud/default.nix @@ -6,7 +6,8 @@ }: let psCfg = config.pub-solar; -in { +in +{ home-manager.users."${psCfg.user.name}" = { systemd.user.services.nextcloud-client = import ./nextcloud.service.nix pkgs; }; diff --git a/modules/nextcloud/nextcloud.service.nix b/modules/nextcloud/nextcloud.service.nix index f326797c..a97c843e 100644 --- a/modules/nextcloud/nextcloud.service.nix +++ b/modules/nextcloud/nextcloud.service.nix @@ -1,11 +1,11 @@ pkgs: { Unit = { Description = "Nextcloud Client"; - BindsTo = ["sway-session.target"]; - Wants = ["graphical-session-pre.target"]; - After = ["graphical-session-pre.target"]; + BindsTo = [ "sway-session.target" ]; + Wants = [ "graphical-session-pre.target" ]; + After = [ "graphical-session-pre.target" ]; # ConditionEnvironment requires systemd v247 to work correctly - ConditionEnvironment = ["WAYLAND_DISPLAY"]; + ConditionEnvironment = [ "WAYLAND_DISPLAY" ]; }; Service = { Type = "simple"; @@ -15,6 +15,6 @@ pkgs: { Restart = "on-failure"; }; Install = { - WantedBy = ["sway-session.target"]; + WantedBy = [ "sway-session.target" ]; }; } diff --git a/modules/nix/default.nix b/modules/nix/default.nix index 7d4d9494..dbd611ca 100644 --- a/modules/nix/default.nix +++ b/modules/nix/default.nix @@ -4,22 +4,25 @@ lib, flake, ... -}: { - nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [ - "1password" - "1password-cli" - "brscan5" - "brscan5-etc-files" - "facetimehd-firmware" - "slack" - "uhk-agent" - "uhk-udev-rules" - "veracrypt" - "zoom" - ]; +}: +{ + nixpkgs.config.allowUnfreePredicate = + pkg: + builtins.elem (lib.getName pkg) [ + "1password" + "1password-cli" + "brscan5" + "brscan5-etc-files" + "facetimehd-firmware" + "slack" + "uhk-agent" + "uhk-udev-rules" + "veracrypt" + "zoom" + ]; system.activationScripts.diff-closures = { - text ='' + text = '' if [[ -e /run/current-system ]]; then ${config.nix.package}/bin/nix store diff-closures \ /run/current-system "$systemConfig" \ @@ -42,24 +45,22 @@ system.flake = flake.self; }; - settings = { # Improve nix store disk usage auto-optimise-store = true; # Prevents impurities in builds sandbox = true; # Give root and @wheel special privileges with nix - trusted-users = ["root" "@wheel"]; + trusted-users = [ + "root" + "@wheel" + ]; # Allow only group wheel to connect to the nix daemon - allowed-users = ["@wheel"]; + allowed-users = [ "@wheel" ]; - substituters = [ - "https://pub-solar.cachix.org/" - ]; + substituters = [ "https://pub-solar.cachix.org/" ]; - trusted-public-keys = [ - "pub-solar.cachix.org-1:ZicXIxKgdxMtgSJECWR8iihZxHRvu8ObL4n2cuBmtos=" - ]; + trusted-public-keys = [ "pub-solar.cachix.org-1:ZicXIxKgdxMtgSJECWR8iihZxHRvu8ObL4n2cuBmtos=" ]; }; # Generally useful nix option defaults diff --git a/modules/office/default.nix b/modules/office/default.nix index dbaa9bc7..e283d028 100644 --- a/modules/office/default.nix +++ b/modules/office/default.nix @@ -6,7 +6,8 @@ }: let psCfg = config.pub-solar; -in { +in +{ programs.evince.enable = true; users.users."${psCfg.user.name}".packages = with pkgs; [ diff --git a/modules/printing/default.nix b/modules/printing/default.nix index 3a177336..c34cfe01 100644 --- a/modules/printing/default.nix +++ b/modules/printing/default.nix @@ -7,7 +7,8 @@ }: let psCfg = config.pub-solar; -in { +in +{ services.avahi.enable = true; services.avahi.ipv6 = true; services.avahi.nssmdns4 = true; @@ -16,7 +17,7 @@ in { services.printing.enable = true; services.printing.browsing = true; - services.printing.listenAddresses = ["localhost:631"]; + services.printing.listenAddresses = [ "localhost:631" ]; services.printing.defaultShared = lib.mkDefault false; services.printing.drivers = [ @@ -30,10 +31,13 @@ in { }; users.users."${psCfg.user.name}" = { - extraGroups = ["lp" "scanner"]; + extraGroups = [ + "lp" + "scanner" + ]; }; - networking.hosts = flake.self.lib.addLocalHostname ["cups.local"]; + networking.hosts = flake.self.lib.addLocalHostname [ "cups.local" ]; # Allow port 8612, used by sane-pixma(5) for scanner detection networking.firewall.allowedTCPPorts = [ 8612 ]; diff --git a/modules/terminal-life/bash/default.nix b/modules/terminal-life/bash/default.nix index 1eb76ddd..b71294a0 100644 --- a/modules/terminal-life/bash/default.nix +++ b/modules/terminal-life/bash/default.nix @@ -3,19 +3,28 @@ flake, pkgs, ... -}: let +}: +let psCfg = config.pub-solar; xdg = config.home-manager.users."${psCfg.user.name}".xdg; -in { +in +{ enable = true; - historyControl = ["ignoredups" "ignorespace"]; + historyControl = [ + "ignoredups" + "ignorespace" + ]; historyFileSize = 300000; # Run when initializing a login shell - profileExtra = if config.programs.sway.enable then '' - [ "$(tty)" = "/dev/tty1" ] && exec systemd-cat --identifier=sway ${pkgs.sway}/bin/sway - '' else ""; + profileExtra = + if config.programs.sway.enable then + '' + [ "$(tty)" = "/dev/tty1" ] && exec systemd-cat --identifier=sway ${pkgs.sway}/bin/sway + '' + else + ""; # Run when initializing an interactive shell initExtra = '' diff --git a/modules/terminal-life/default.nix b/modules/terminal-life/default.nix index 7722ccf5..a84e13ec 100644 --- a/modules/terminal-life/default.nix +++ b/modules/terminal-life/default.nix @@ -8,7 +8,8 @@ let psCfg = config.pub-solar; cfg = config.pub-solar.terminal-life; -in { +in +{ options.pub-solar.terminal-life = { full = lib.mkOption { description = '' @@ -26,39 +27,43 @@ in { # until https://github.com/nix-community/nix-index/pull/227 is merged programs.nix-index.enableBashIntegration = false; - users.users."${psCfg.user.name}".packages = with pkgs; [ - asciinema - bat - blesh - delta - eza - fd - jump - (nnn.overrideAttrs (o: { - patches = - (o.patches or []) - ++ [ - ./nnn/0001-feat-use-wasd-keybindings-for-jkli.patch - ]; - })) - powerline - ripgrep - screen - watson - ] ++ (if cfg.full then [ - binutils - jq + users.users."${psCfg.user.name}".packages = + with pkgs; + [ + asciinema + bat + blesh + delta + eza + fd + jump + (nnn.overrideAttrs (o: { + patches = (o.patches or [ ]) ++ [ ./nnn/0001-feat-use-wasd-keybindings-for-jkli.patch ]; + })) + powerline + ripgrep + screen + watson + ] + ++ ( + if cfg.full then + [ + binutils + jq - # Nix specific utilities - manix - nix-index - nix-tree - nix-inspect - nvd - nixpkgs-review - nix-update - nix-search-cli - ] else []); + # Nix specific utilities + manix + nix-index + nix-tree + nix-inspect + nvd + nixpkgs-review + nix-update + nix-search-cli + ] + else + [ ] + ); # Get completion for system packages # https://nix-community.github.io/home-manager/options.xhtml#opt-programs.bash.enableCompletion @@ -111,7 +116,7 @@ in { xdg.dataFile."nvim/json-schemas/caddy_schema.json".source = .local/share/nvim/json-schemas/caddy_schema.json; xdg.dataFile."nvim/templates/.keep".text = ""; - programs.git = import ./git {}; + programs.git = import ./git { }; xdg.configFile."git/config".text = import ./.config/git/config.nix { inherit config; inherit pkgs; @@ -125,7 +130,7 @@ in { inherit pkgs; }; - programs.direnv = import ./direnv {}; + programs.direnv = import ./direnv { }; }; }; } diff --git a/modules/terminal-life/fzf/default.nix b/modules/terminal-life/fzf/default.nix index 88e60592..5721c6f5 100644 --- a/modules/terminal-life/fzf/default.nix +++ b/modules/terminal-life/fzf/default.nix @@ -1,8 +1,5 @@ +{ config, pkgs, ... }: { - config, - pkgs, - ... -}: { enable = true; defaultCommand = "fd --hidden --type f --exclude .git"; defaultOptions = [ diff --git a/modules/terminal-life/nvim/default.nix b/modules/terminal-life/nvim/default.nix index 8f92392c..ded36cbb 100644 --- a/modules/terminal-life/nvim/default.nix +++ b/modules/terminal-life/nvim/default.nix @@ -3,11 +3,13 @@ pkgs, lib, ... -}: let +}: +let psCfg = config.pub-solar; cfg = config.pub-solar.terminal-life; xdg = config.home-manager.users."${psCfg.user.name}".xdg; -in { +in +{ enable = true; viAlias = true; @@ -44,98 +46,114 @@ in { # terraform-ls ]; - plugins = with pkgs.vimPlugins; [ - # The status bar in the bottom of the screen with the mode indication and file location - vim-airline + plugins = + with pkgs.vimPlugins; + [ + # The status bar in the bottom of the screen with the mode indication and file location + vim-airline - # Automatically load editorconfig files in repos to configure nvim settings - editorconfig-vim + # Automatically load editorconfig files in repos to configure nvim settings + editorconfig-vim - # File browser. Use n to access - nnn-vim + # File browser. Use n to access + nnn-vim - # Highlight characters when using f, F, t, and T - quick-scope + # Highlight characters when using f, F, t, and T + quick-scope - # Undo history etc. per project - vim-workspace-nvfetcher + # Undo history etc. per project + vim-workspace-nvfetcher - # Neovim colorschemes / themes - sonokai - vim-hybrid-material - vim-airline-themes - vim-apprentice-nvfetcher + # Neovim colorschemes / themes + sonokai + vim-hybrid-material + vim-airline-themes + vim-apprentice-nvfetcher - # Git integrations - # A Git wrapper so awesome, it should be illegal - fugitive - # Shows git diff markers in the sign column - vim-gitgutter - # GitHub extension for fugitive - vim-rhubarb - # Ease your git workflow within Vim - vimagit-nvfetcher + # Git integrations + # A Git wrapper so awesome, it should be illegal + fugitive + # Shows git diff markers in the sign column + vim-gitgutter + # GitHub extension for fugitive + vim-rhubarb + # Ease your git workflow within Vim + vimagit-nvfetcher - # Telescope fuzzy finder - telescope-nvim - telescope-fzf-native-nvim + # Telescope fuzzy finder + telescope-nvim + telescope-fzf-native-nvim - # Make the yanked region apparent - vim-highlightedyank + # Make the yanked region apparent + vim-highlightedyank - # :Beautify Code beautifier - vim-beautify-nvfetcher + # :Beautify Code beautifier + vim-beautify-nvfetcher - # Unload, delete or wipe a buffer without closing the window - vim-bufkill + # Unload, delete or wipe a buffer without closing the window + vim-bufkill - # Defaults everyone can agree on - vim-sensible + # Defaults everyone can agree on + vim-sensible - # Single tabpage interface for easily cycling through diffs for all modified files - diffview-nvim + # Single tabpage interface for easily cycling through diffs for all modified files + diffview-nvim - # Work with tags files - vim-gutentags - ] ++ (if cfg.full then [ - nvim-treesitter.withAllGrammars + # Work with tags files + vim-gutentags + ] + ++ ( + if cfg.full then + [ + nvim-treesitter.withAllGrammars - # Dependencies for nvim-lspconfig - nvim-cmp - cmp-nvim-lsp - cmp_luasnip - luasnip + # Dependencies for nvim-lspconfig + nvim-cmp + cmp-nvim-lsp + cmp_luasnip + luasnip - # Quickstart configs for neovim LSP - lsp_extensions-nvim - nvim-lspconfig + # Quickstart configs for neovim LSP + lsp_extensions-nvim + nvim-lspconfig - # Collaborative editing in Neovim using built-in capabilities - instant-nvim-nvfetcher + # Collaborative editing in Neovim using built-in capabilities + instant-nvim-nvfetcher - # Caddyfile syntax support for Vim - vim-caddyfile-nvfetcher + # Caddyfile syntax support for Vim + vim-caddyfile-nvfetcher - # JSON schemas - SchemaStore-nvim - ] else []); + # JSON schemas + SchemaStore-nvim + ] + else + [ ] + ); - extraConfig = builtins.concatStringsSep "\n" ([ - '' - " Persistent undo - set undofile - set undodir=${xdg.cacheHome}/nvim/undo + extraConfig = builtins.concatStringsSep "\n" ( + [ + '' + " Persistent undo + set undofile + set undodir=${xdg.cacheHome}/nvim/undo - set backupdir=${xdg.dataHome}/nvim/backup - set directory=${xdg.dataHome}/nvim/swap/ - '' - (builtins.readFile ./init.vim) - (builtins.readFile ./plugins.vim) - (builtins.readFile ./clipboard.vim) - (builtins.readFile ./ui.vim) - (builtins.readFile ./lastplace.lua) - ] ++ (if cfg.full then [ - (builtins.readFile ./lsp.vim) - (builtins.readFile ./cmp.vim) - ] else [])); + set backupdir=${xdg.dataHome}/nvim/backup + set directory=${xdg.dataHome}/nvim/swap/ + '' + (builtins.readFile ./init.vim) + (builtins.readFile ./plugins.vim) + (builtins.readFile ./clipboard.vim) + (builtins.readFile ./ui.vim) + (builtins.readFile ./lastplace.lua) + ] + ++ ( + if cfg.full then + [ + (builtins.readFile ./lsp.vim) + (builtins.readFile ./cmp.vim) + ] + else + [ ] + ) + ); } diff --git a/modules/user/default.nix b/modules/user/default.nix index 4c18a33d..951363ab 100644 --- a/modules/user/default.nix +++ b/modules/user/default.nix @@ -3,14 +3,13 @@ pkgs, lib, ... -}: let +}: +let psCfg = config.pub-solar; inherit (lib) mkIf mkOption types; in { - imports = [ - ./home.nix - ]; + imports = [ ./home.nix ]; options.pub-solar = { user = { @@ -37,7 +36,7 @@ in publicKeys = mkOption { description = "User SSH public keys"; type = types.listOf types.str; - default = []; + default = [ ]; }; fullName = mkOption { description = "User full name"; @@ -74,24 +73,18 @@ in "wheel" ]; shell = pkgs.bash; - initialHashedPassword = - if psCfg.user.password != null - then psCfg.user.password - else ""; - openssh.authorizedKeys.keys = - if psCfg.user.publicKeys != null - then psCfg.user.publicKeys - else []; + initialHashedPassword = if psCfg.user.password != null then psCfg.user.password else ""; + openssh.authorizedKeys.keys = if psCfg.user.publicKeys != null then psCfg.user.publicKeys else [ ]; }; }; security.sudo.extraRules = mkIf psCfg.user.passwordlessSudo [ { - users = ["${psCfg.user.name}"]; + users = [ "${psCfg.user.name}" ]; commands = [ { command = "ALL"; - options = ["NOPASSWD"]; + options = [ "NOPASSWD" ]; } ]; } diff --git a/modules/user/home.nix b/modules/user/home.nix index a3a8c520..5a373e00 100644 --- a/modules/user/home.nix +++ b/modules/user/home.nix @@ -7,10 +7,9 @@ let psCfg = config.pub-solar; xdg = config.home-manager.users."${psCfg.user.name}".xdg; -in { - imports = [ - ./session-variables.nix - ]; +in +{ + imports = [ ./session-variables.nix ]; home-manager.users."${psCfg.user.name}" = { # Let Home Manager install and manage itself. diff --git a/modules/user/mimeapps.nix b/modules/user/mimeapps.nix index ab3fd495..395c1b87 100644 --- a/modules/user/mimeapps.nix +++ b/modules/user/mimeapps.nix @@ -1,27 +1,27 @@ { enable = true; defaultApplications = { - "application/octet-stream" = ["firefox.desktop"]; - "application/pdf" = ["org.gnome.Evince.desktop"]; - "application/x-bittorrent" = ["deluge.desktop"]; - "application/x-extension-htm" = ["firefox.desktop"]; - "application/x-extension-html" = ["firefox.desktop"]; - "application/x-extension-shtml" = ["firefox.desktop"]; - "application/x-extension-xhtml" = ["firefox.desktop"]; - "application/x-extension-xht" = ["firefox.desktop"]; - "application/xhtml+xml" = ["firefox.desktop"]; - "image/jpeg" = ["org.gnome.eog.desktop"]; - "image/png" = ["org.gnome.eog.desktop"]; - "message/rfc822" = ["userapp-Thunderbird.desktop"]; - "text/html" = ["firefox.desktop"]; - "text/plain" = ["firefox.desktop"]; - "video/mp4" = ["vlc.desktop"]; - "x-scheme-handler/chrome" = ["firefox.desktop"]; - "x-scheme-handler/ftp" = ["firefox.desktop"]; - "x-scheme-handler/http" = ["firefox.desktop"]; - "x-scheme-handler/https" = ["firefox.desktop"]; - "x-scheme-handler/mailto" = ["userapp-Thunderbird.desktop"]; - "x-scheme-handler/msteams" = ["teams.desktop"]; - "x-scheme-handler/tg" = ["userapp-Telegram Desktop-JBKFU0.desktop"]; + "application/octet-stream" = [ "firefox.desktop" ]; + "application/pdf" = [ "org.gnome.Evince.desktop" ]; + "application/x-bittorrent" = [ "deluge.desktop" ]; + "application/x-extension-htm" = [ "firefox.desktop" ]; + "application/x-extension-html" = [ "firefox.desktop" ]; + "application/x-extension-shtml" = [ "firefox.desktop" ]; + "application/x-extension-xhtml" = [ "firefox.desktop" ]; + "application/x-extension-xht" = [ "firefox.desktop" ]; + "application/xhtml+xml" = [ "firefox.desktop" ]; + "image/jpeg" = [ "org.gnome.eog.desktop" ]; + "image/png" = [ "org.gnome.eog.desktop" ]; + "message/rfc822" = [ "userapp-Thunderbird.desktop" ]; + "text/html" = [ "firefox.desktop" ]; + "text/plain" = [ "firefox.desktop" ]; + "video/mp4" = [ "vlc.desktop" ]; + "x-scheme-handler/chrome" = [ "firefox.desktop" ]; + "x-scheme-handler/ftp" = [ "firefox.desktop" ]; + "x-scheme-handler/http" = [ "firefox.desktop" ]; + "x-scheme-handler/https" = [ "firefox.desktop" ]; + "x-scheme-handler/mailto" = [ "userapp-Thunderbird.desktop" ]; + "x-scheme-handler/msteams" = [ "teams.desktop" ]; + "x-scheme-handler/tg" = [ "userapp-Telegram Desktop-JBKFU0.desktop" ]; }; } diff --git a/modules/user/session-variables.nix b/modules/user/session-variables.nix index 72dcf95d..a21de2f1 100644 --- a/modules/user/session-variables.nix +++ b/modules/user/session-variables.nix @@ -3,7 +3,8 @@ pkgs, lib, ... -}: let +}: +let psCfg = config.pub-solar; xdg = config.home-manager.users."${psCfg.user.name}".xdg; variables = { @@ -84,23 +85,25 @@ FZF_DEFAULT_OPTS = lib.mkForce "--color=bg+:#2d2a2e,bg:#1a181a,spinner:#ef9062,hl:#7accd7 --color=fg:#d3d1d4,header:#7accd7,info:#e5c463,pointer:#ef9062 --color=marker:#ef9062,fg+:#d3d1d4,prompt:#e5c463,hl+:#7accd7"; # nnn theme colors - NNN_FCOLORS = let - BLK = "04"; - CHR = "04"; - DIR = "04"; - EXE = "02"; - REG = "00"; - HARDLINK = "01"; - SYMLINK = "01"; - MISSING = "01"; - ORPHAN = "07"; - FIFO = "05"; - SOCK = "05"; - OTHER = "02"; - in + NNN_FCOLORS = + let + BLK = "04"; + CHR = "04"; + DIR = "04"; + EXE = "02"; + REG = "00"; + HARDLINK = "01"; + SYMLINK = "01"; + MISSING = "01"; + ORPHAN = "07"; + FIFO = "05"; + SOCK = "05"; + OTHER = "02"; + in BLK + CHR + DIR + EXE + REG + HARDLINK + SYMLINK + MISSING + ORPHAN + FIFO + SOCK + OTHER; }; -in { +in +{ environment.variables = variables; home-manager.users."${psCfg.user.name}" = { diff --git a/modules/virtualisation/default.nix b/modules/virtualisation/default.nix index fe2b1ce4..e0fc6cf5 100644 --- a/modules/virtualisation/default.nix +++ b/modules/virtualisation/default.nix @@ -6,7 +6,8 @@ }: let psCfg = config.pub-solar; -in { +in +{ boot.kernelParams = [ "amd_iommu=on" "intel_iommu=on" @@ -18,7 +19,7 @@ in { qemu.ovmf.enable = true; }; users.users."${psCfg.user.name}" = { - extraGroups = ["libvirtd"]; + extraGroups = [ "libvirtd" ]; }; environment.systemPackages = with pkgs; [ @@ -37,12 +38,10 @@ in { home-manager.users."${psCfg.user.name}" = { xdg.dataFile."libvirt/.keep".text = "# this file is here to generate the directory"; - home.packages = [pkgs.obs-studio-plugins.looking-glass-obs]; + home.packages = [ pkgs.obs-studio-plugins.looking-glass-obs ]; }; - systemd.tmpfiles.rules = [ - "f /dev/shm/looking-glass 0660 ${psCfg.user.name} kvm" - ]; + systemd.tmpfiles.rules = [ "f /dev/shm/looking-glass 0660 ${psCfg.user.name} kvm" ]; #networking.bridges.virbr1.interfaces = []; #networking.interfaces.virbr1 = { # ipv4.addresses = [ diff --git a/modules/wireguard-client/default.nix b/modules/wireguard-client/default.nix index b7a2adbb..602dab67 100644 --- a/modules/wireguard-client/default.nix +++ b/modules/wireguard-client/default.nix @@ -8,7 +8,8 @@ let psCfg = config.pub-solar; cfg = config.pub-solar.wireguard-client; inherit (lib) mkOption types; -in { +in +{ options.pub-solar.wireguard-client = { ownIPs = mkOption { description = '' @@ -26,7 +27,7 @@ in { }; config = { - networking.firewall.allowedUDPPorts = [51899]; + networking.firewall.allowedUDPPorts = [ 51899 ]; networking.wg-quick.interfaces = { wg0 = { diff --git a/overlays/blesh.nix b/overlays/blesh.nix index a26034ed..5f5d7a6f 100644 --- a/overlays/blesh.nix +++ b/overlays/blesh.nix @@ -3,18 +3,14 @@ final: prev: { inherit (prev.sources.blesh-nvfetcher) version src; dontBuild = false; - buildInputs = [ - prev.gitMinimal - ]; + buildInputs = [ prev.gitMinimal ]; patchPhase = '' substituteInPlace GNUmakefile \ --replace "git submodule update --init --recursive" "" ''; - installFlags = [ - "PREFIX=$(out)" - ]; + installFlags = [ "PREFIX=$(out)" ]; installPhase = '' source $stdenv/setup diff --git a/overlays/default.nix b/overlays/default.nix index f05bce84..5f016b15 100644 --- a/overlays/default.nix +++ b/overlays/default.nix @@ -3,35 +3,43 @@ lib, inputs, ... -}: { +}: +{ flake = { nixosModules = rec { - overlays = ({ ... }: { - nixpkgs.overlays = [ - (final: prev: - let - unstable = import inputs.unstable { - system = prev.system; - config.allowUnfreePredicate = pkg: builtins.elem (prev.lib.getName pkg) [ - "1password" - "1password-cli" - "slack" - ]; - }; - in - { - neovim-unwrapped = unstable.neovim-unwrapped; - vimPlugins = unstable.vimPlugins; - #vimPlugins = prev.vimPlugins // {inherit (unstable.vimPlugins) nvim-lspconfig;}; - }) - (import ../pkgs) - (import ./blesh.nix) - (import ./mdbook-multilang.nix inputs) - (import ./nix-index.nix) - (import ./prr.nix) - (import ./neovim-plugins.nix) - ]; - }); + overlays = ( + { ... }: + { + nixpkgs.overlays = [ + ( + final: prev: + let + unstable = import inputs.unstable { + system = prev.system; + config.allowUnfreePredicate = + pkg: + builtins.elem (prev.lib.getName pkg) [ + "1password" + "1password-cli" + "slack" + ]; + }; + in + { + neovim-unwrapped = unstable.neovim-unwrapped; + vimPlugins = unstable.vimPlugins; + #vimPlugins = prev.vimPlugins // {inherit (unstable.vimPlugins) nvim-lspconfig;}; + } + ) + (import ../pkgs) + (import ./blesh.nix) + (import ./mdbook-multilang.nix inputs) + (import ./nix-index.nix) + (import ./prr.nix) + (import ./neovim-plugins.nix) + ]; + } + ); }; }; } diff --git a/overlays/mdbook-multilang.nix b/overlays/mdbook-multilang.nix index 56e3b3b4..3bdfa5f0 100644 --- a/overlays/mdbook-multilang.nix +++ b/overlays/mdbook-multilang.nix @@ -11,10 +11,12 @@ inputs: final: prev: { sha256 = "sha256-gJnQKHssO2ChiT4d037Lncd7hiOa5uh756p8TzPzbgQ="; }; - cargoDeps = oldAttrs.cargoDeps.overrideAttrs (prev.lib.const { - name = "${pname}-vendor.tar.gz"; - inherit src; - outputHash = "sha256-QCEyl5FZqECYYb5eRm8mn+R6owt+CLQwCq/AMMPygE0="; - }); + cargoDeps = oldAttrs.cargoDeps.overrideAttrs ( + prev.lib.const { + name = "${pname}-vendor.tar.gz"; + inherit src; + outputHash = "sha256-QCEyl5FZqECYYb5eRm8mn+R6owt+CLQwCq/AMMPygE0="; + } + ); }); } diff --git a/overlays/neovim-plugins.nix b/overlays/neovim-plugins.nix index 1bb2c399..93fd878c 100644 --- a/overlays/neovim-plugins.nix +++ b/overlays/neovim-plugins.nix @@ -1,24 +1,22 @@ final: prev: { - vimPlugins = - prev.vimPlugins - // { - instant-nvim-nvfetcher = prev.vimUtils.buildVimPlugin { - inherit (prev.sources.instant-nvim-nvfetcher) pname version src; - }; - vimagit-nvfetcher = prev.vimUtils.buildVimPlugin { - inherit (prev.sources.vimagit-nvfetcher) pname version src; - }; - vim-caddyfile-nvfetcher = prev.vimUtils.buildVimPlugin { - inherit (prev.sources.vim-caddyfile-nvfetcher) pname version src; - }; - vim-workspace-nvfetcher = prev.vimUtils.buildVimPlugin { - inherit (prev.sources.vim-workspace-nvfetcher) pname version src; - }; - vim-beautify-nvfetcher = prev.vimUtils.buildVimPlugin { - inherit (prev.sources.vim-beautify-nvfetcher) pname version src; - }; - vim-apprentice-nvfetcher = prev.vimUtils.buildVimPlugin { - inherit (prev.sources.vim-apprentice-nvfetcher) pname version src; - }; + vimPlugins = prev.vimPlugins // { + instant-nvim-nvfetcher = prev.vimUtils.buildVimPlugin { + inherit (prev.sources.instant-nvim-nvfetcher) pname version src; }; + vimagit-nvfetcher = prev.vimUtils.buildVimPlugin { + inherit (prev.sources.vimagit-nvfetcher) pname version src; + }; + vim-caddyfile-nvfetcher = prev.vimUtils.buildVimPlugin { + inherit (prev.sources.vim-caddyfile-nvfetcher) pname version src; + }; + vim-workspace-nvfetcher = prev.vimUtils.buildVimPlugin { + inherit (prev.sources.vim-workspace-nvfetcher) pname version src; + }; + vim-beautify-nvfetcher = prev.vimUtils.buildVimPlugin { + inherit (prev.sources.vim-beautify-nvfetcher) pname version src; + }; + vim-apprentice-nvfetcher = prev.vimUtils.buildVimPlugin { + inherit (prev.sources.vim-apprentice-nvfetcher) pname version src; + }; + }; } diff --git a/overlays/nix-index.nix b/overlays/nix-index.nix index ea1ac11c..6f624b36 100644 --- a/overlays/nix-index.nix +++ b/overlays/nix-index.nix @@ -9,11 +9,13 @@ final: prev: { }; version = "unstable-2024-06-12"; - cargoDeps = oldAttrs.cargoDeps.overrideAttrs (prev.lib.const { - name = "${pname}-vendor.tar.gz"; - inherit src; - outputHash = "sha256-pZCGeZK5AJrxcrqXC5NZhGDda+90rRdWXy00CYD8SYY="; - }); + cargoDeps = oldAttrs.cargoDeps.overrideAttrs ( + prev.lib.const { + name = "${pname}-vendor.tar.gz"; + inherit src; + outputHash = "sha256-pZCGeZK5AJrxcrqXC5NZhGDda+90rRdWXy00CYD8SYY="; + } + ); postInstall = '' substituteInPlace etc/command-not-found.* \ diff --git a/overlays/prr.nix b/overlays/prr.nix index 1ec990a6..8a31e5f4 100644 --- a/overlays/prr.nix +++ b/overlays/prr.nix @@ -23,8 +23,8 @@ final: prev: { meta = with prev.lib; { homepage = "https://github.com/TritonDataCenter/prr"; description = "Tooling to assist with GitHub pull requests"; - platforms = ["x86_64-linux"]; - maintainers = with maintainers; [teutat3s]; + platforms = [ "x86_64-linux" ]; + maintainers = with maintainers; [ teutat3s ]; }; }; } diff --git a/pkgs/cockroach.nix b/pkgs/cockroach.nix index 7894ffdf..ef40d9c5 100644 --- a/pkgs/cockroach.nix +++ b/pkgs/cockroach.nix @@ -1,24 +1,24 @@ self: with self; - stdenv.mkDerivation rec { - pname = "cockroachdb"; - version = "22.2.7"; +stdenv.mkDerivation rec { + pname = "cockroachdb"; + version = "22.2.7"; - src = fetchurl { - url = "https://binaries.cockroachdb.com/cockroach-v${version}.linux-amd64.tgz"; - sha256 = "sha256-do426BaZdPqXcc/aQnRAgVTBCJ/OiNbSuCpwVTM2m0I="; - }; - buildInputs = [stdenv.cc.cc]; - nativeBuildInputs = [autoPatchelfHook]; + src = fetchurl { + url = "https://binaries.cockroachdb.com/cockroach-v${version}.linux-amd64.tgz"; + sha256 = "sha256-do426BaZdPqXcc/aQnRAgVTBCJ/OiNbSuCpwVTM2m0I="; + }; + buildInputs = [ stdenv.cc.cc ]; + nativeBuildInputs = [ autoPatchelfHook ]; - installPhase = '' - install -D -m755 cockroach $out/bin/cockroach - cp -r lib $out/lib - ''; - meta = { - homepage = "https://www.cockroachlabs.com"; - description = "A scalable, survivable, strongly-consistent SQL database"; - platforms = ["x86_64-linux"]; - maintainers = [ lib.maintainers.mic92 ]; - }; - } + installPhase = '' + install -D -m755 cockroach $out/bin/cockroach + cp -r lib $out/lib + ''; + meta = { + homepage = "https://www.cockroachlabs.com"; + description = "A scalable, survivable, strongly-consistent SQL database"; + platforms = [ "x86_64-linux" ]; + maintainers = [ lib.maintainers.mic92 ]; + }; +} diff --git a/pkgs/default.nix b/pkgs/default.nix index 2187b152..9c2c9b8a 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -1,10 +1,11 @@ -final: prev: -with prev; { +final: prev: with prev; { # keep sources this first - sources = callPackage (import ./_sources/generated.nix) {}; + sources = callPackage (import ./_sources/generated.nix) { }; # then, call packages with `final.callPackage` gpu-switch = writeShellScriptBin "gpu-switch" (import ./gpu-switch.nix final); - import-gtk-settings = writeShellScriptBin "import-gtk-settings" (import ./import-gtk-settings.nix final); + import-gtk-settings = writeShellScriptBin "import-gtk-settings" ( + import ./import-gtk-settings.nix final + ); lgcl = writeShellScriptBin "lgcl" (import ./lgcl.nix final); mailto-mutt = writeShellScriptBin "mailto-mutt" (import ./mailto-mutt.nix final); mopidy-jellyfin = import ./mopidy-jellyfin.nix final; @@ -18,7 +19,9 @@ with prev; { swaylock-bg = writeShellScriptBin "swaylock-bg" (import ./swaylock-bg.nix final); toggle-kbd-layout = writeShellScriptBin "toggle-kbd-layout" (import ./toggle-kbd-layout.nix final); wcwd = writeShellScriptBin "wcwd" (import ./wcwd.nix final); - drone-docker-runner = writeShellScriptBin "drone-docker-runner" (import ./drone-docker-runner.nix final); + drone-docker-runner = writeShellScriptBin "drone-docker-runner" ( + import ./drone-docker-runner.nix final + ); record-screen = writeShellScriptBin "record-screen" (import ./record-screen.nix final); cockroach-bin = import ./cockroach.nix final; prison-break = import ./prison-break.nix final; diff --git a/pkgs/drone-docker-runner.nix b/pkgs/drone-docker-runner.nix index bb3e8b82..e1773d5a 100644 --- a/pkgs/drone-docker-runner.nix +++ b/pkgs/drone-docker-runner.nix @@ -1,5 +1,4 @@ -self: -with self; '' +self: with self; '' case $1 in start) ${self.docker}/bin/docker run --detach \ diff --git a/pkgs/gpu-switch.nix b/pkgs/gpu-switch.nix index 02b8c7fb..a6045ff9 100644 --- a/pkgs/gpu-switch.nix +++ b/pkgs/gpu-switch.nix @@ -1,5 +1,4 @@ -self: -with self; '' +self: with self; '' # Copyright (c) 2014-2015 Bruno Bierbaumer, Andreas Heider readonly sysfs_efi_vars='/sys/firmware/efi/efivars' diff --git a/pkgs/import-gtk-settings.nix b/pkgs/import-gtk-settings.nix index 2a4bf0f0..f4b12b92 100644 --- a/pkgs/import-gtk-settings.nix +++ b/pkgs/import-gtk-settings.nix @@ -1,5 +1,4 @@ -self: -with self; '' +self: with self; '' # usage: import-gsettings : : ... expression="" diff --git a/pkgs/lgcl.nix b/pkgs/lgcl.nix index 73f91124..7ed86006 100644 --- a/pkgs/lgcl.nix +++ b/pkgs/lgcl.nix @@ -1,8 +1,13 @@ self: -with self; let +with self; +let looking-glass-client = self.looking-glass-client.overrideAttrs (old: { - meta.platforms = ["x86_64-linux" "aarch64-linux"]; + meta.platforms = [ + "x86_64-linux" + "aarch64-linux" + ]; }); -in '' +in +'' ${looking-glass-client}/bin/looking-glass-client -f /dev/shm/looking-glass input:ignoreWindowsKeys=yes input:grabKeyboardOnFocus=no '' diff --git a/pkgs/mailto-mutt.nix b/pkgs/mailto-mutt.nix index 7e014e0f..80543277 100644 --- a/pkgs/mailto-mutt.nix +++ b/pkgs/mailto-mutt.nix @@ -1,5 +1,4 @@ -self: -with self; '' +self: with self; '' mkdir -p $XDG_CACHE_HOME/log LOGFILE=$XDG_CACHE_HOME/log/mailto.log diff --git a/pkgs/mopidy-jellyfin.nix b/pkgs/mopidy-jellyfin.nix index b507ba17..a8618ae5 100644 --- a/pkgs/mopidy-jellyfin.nix +++ b/pkgs/mopidy-jellyfin.nix @@ -1,5 +1,6 @@ self: -with self; let +with self; +let websocket-client = python3.pkgs.buildPythonPackage rec { pname = "websocket-client"; version = "1.2.1"; @@ -10,20 +11,20 @@ with self; let }; }; in - python3.pkgs.buildPythonPackage rec { - pname = "Mopidy-Jellyfin"; - version = "1.0.2"; - doCheck = false; - propagatedBuildInputs = with python3.pkgs; [ - unidecode - websocket-client - requests - setuptools - pykka - mopidy - ]; - src = python3.pkgs.fetchPypi { - inherit pname version; - sha256 = "sha256-5XimIIQSpvNyQbSOFtSTkA0jhA0V68BbyQEQNnov+0g="; - }; - } +python3.pkgs.buildPythonPackage rec { + pname = "Mopidy-Jellyfin"; + version = "1.0.2"; + doCheck = false; + propagatedBuildInputs = with python3.pkgs; [ + unidecode + websocket-client + requests + setuptools + pykka + mopidy + ]; + src = python3.pkgs.fetchPypi { + inherit pname version; + sha256 = "sha256-5XimIIQSpvNyQbSOFtSTkA0jhA0V68BbyQEQNnov+0g="; + }; +} diff --git a/pkgs/mu.nix b/pkgs/mu.nix index 3b4c351f..90afaa4a 100644 --- a/pkgs/mu.nix +++ b/pkgs/mu.nix @@ -1,4 +1,3 @@ -self: -with self; '' +self: with self; '' exec ${alacritty}/bin/alacritty --class mu_vimpc --option dimensions.columns=120 --option dimensions.lines=80 -e vimpc -- "$@" '' diff --git a/pkgs/notes.nix b/pkgs/notes.nix index 3553c4cf..2932c648 100644 --- a/pkgs/notes.nix +++ b/pkgs/notes.nix @@ -1,5 +1,4 @@ -self: -with self; '' +self: with self; '' # # ack recursively through notes # diff --git a/pkgs/prison-break.nix b/pkgs/prison-break.nix index e605c899..286f26bc 100644 --- a/pkgs/prison-break.nix +++ b/pkgs/prison-break.nix @@ -27,15 +27,13 @@ python3.pkgs.buildPythonPackage { rev = "15079bb094d37eeba92e17abfb98523076c5800c"; sha256 = "sha256-MDzAmeJ6wsTm5+unIsYAZmErVN4sEAfih3YwbXkVIPg="; }; - propagatedBuildInputs = with python3.pkgs;[ + propagatedBuildInputs = with python3.pkgs; [ docopt requests beautifulsoup4 notify2 straight-plugin ]; - patches = [ - ./prison-break-url.patch - ]; + patches = [ ./prison-break-url.patch ]; checkInputs = [ python3.pkgs.black ]; } diff --git a/pkgs/psos-docs.nix b/pkgs/psos-docs.nix index 24e86bff..f909dfe0 100644 --- a/pkgs/psos-docs.nix +++ b/pkgs/psos-docs.nix @@ -1,27 +1,30 @@ self: with self; - stdenv.mkDerivation rec { - pname = "psos-docs"; - version = "0.0.1"; - buildInputs = [ - mdbook - mdbook-pdf - ]; +stdenv.mkDerivation rec { + pname = "psos-docs"; + version = "0.0.1"; + buildInputs = [ + mdbook + mdbook-pdf + ]; - src = ../docs/..; # wut + src = ../docs/..; # wut - phases = ["buildPhase" "installPhase"]; + phases = [ + "buildPhase" + "installPhase" + ]; - buildPhase = '' - cp -r $src/doc ./doc - cp $src/README.md ./README.md - chmod ug+w -R . - ls -la . - mdbook build doc - ''; + buildPhase = '' + cp -r $src/doc ./doc + cp $src/README.md ./README.md + chmod ug+w -R . + ls -la . + mdbook build doc + ''; - installPhase = '' - mkdir -p $out/lib/ - cp -r doc/book $out/lib/html - ''; - } + installPhase = '' + mkdir -p $out/lib/ + cp -r doc/book $out/lib/html + ''; +} diff --git a/pkgs/psos.nix b/pkgs/psos.nix index 7846f80a..eb050bfb 100644 --- a/pkgs/psos.nix +++ b/pkgs/psos.nix @@ -1,5 +1,4 @@ -self: -with self; '' +self: with self; '' case $1 in rebuild) shift; diff --git a/pkgs/record-screen.nix b/pkgs/record-screen.nix index eb2d0bf1..d8d7f4a3 100644 --- a/pkgs/record-screen.nix +++ b/pkgs/record-screen.nix @@ -1,5 +1,4 @@ -self: -with self; '' +self: with self; '' mkdir -p "$HOME/Videos/Screenrecordings" GEOMETRY="$(slurp -d -b \#ffffff11)" RESOLUTION="$(echo $GEOMETRY | awk '{print $2}')" diff --git a/pkgs/s.nix b/pkgs/s.nix index 1b003b6b..668d5553 100644 --- a/pkgs/s.nix +++ b/pkgs/s.nix @@ -1,5 +1,4 @@ -self: -with self; '' +self: with self; '' case $1 in d) shift; diff --git a/pkgs/scan2paperless.nix b/pkgs/scan2paperless.nix index 106ebf33..bdbd14cc 100644 --- a/pkgs/scan2paperless.nix +++ b/pkgs/scan2paperless.nix @@ -1,5 +1,4 @@ -self: -with self; '' +self: with self; '' echo "$@" DUPLEX=,Duplex removeempty="true" diff --git a/pkgs/sway-launcher.nix b/pkgs/sway-launcher.nix index 8eddd857..d5a5bbf5 100644 --- a/pkgs/sway-launcher.nix +++ b/pkgs/sway-launcher.nix @@ -1,5 +1,4 @@ -self: -with self; '' +self: with self; '' #!/usr/bin/env bash # terminal application launcher for sway, using fzf # original command: diff --git a/pkgs/swaylock-bg.nix b/pkgs/swaylock-bg.nix index 0da998c0..ef830b45 100644 --- a/pkgs/swaylock-bg.nix +++ b/pkgs/swaylock-bg.nix @@ -1,5 +1,4 @@ -self: -with self; '' +self: with self; '' # Dependencies: # swaylock IMAGE="$XDG_CONFIG_HOME/wallpaper.jpg" diff --git a/pkgs/toggle-kbd-layout.nix b/pkgs/toggle-kbd-layout.nix index a35de234..6418d043 100644 --- a/pkgs/toggle-kbd-layout.nix +++ b/pkgs/toggle-kbd-layout.nix @@ -1,5 +1,4 @@ -self: -with self; '' +self: with self; '' set -e current_layout=$(${sway}/bin/swaymsg -t get_inputs | ${jq}/bin/jq -r '.[] | select(.type == "keyboard") | .xkb_active_layout_index' | head -1) diff --git a/pkgs/uhk-agent.nix b/pkgs/uhk-agent.nix index 1293fc4b..0174a73d 100644 --- a/pkgs/uhk-agent.nix +++ b/pkgs/uhk-agent.nix @@ -1,5 +1,6 @@ self: -with self; let +with self; +let uhk-agent-bin = stdenv.mkDerivation rec { pname = "uhk-agent-bin"; version = "1.5.14"; @@ -7,7 +8,10 @@ with self; let url = "https://github.com/UltimateHackingKeyboard/agent/releases/download/v1.5.14/UHK.Agent-1.5.14-linux-x86_64.AppImage"; sha256 = "sha256:1yzh4ixy0cqg02xf84vcqj3h67mkxyzs6jf1h935ay582n70nyqg"; }; - phases = ["installPhase" "patchPhase"]; + phases = [ + "installPhase" + "patchPhase" + ]; installPhase = '' mkdir -p $out/bin cp $src $out/bin/uhk-agent @@ -21,24 +25,28 @@ with self; let ${appimage-run}/bin/appimage-run ${uhk-agent-bin}/bin/uhk-agent ''; in - stdenv.mkDerivation rec { - pname = "uhk-agent"; - version = "1.5.14"; - buildInputs = [ - bash - uhk-agent-bin - appimage-run - ]; +stdenv.mkDerivation rec { + pname = "uhk-agent"; + version = "1.5.14"; + buildInputs = [ + bash + uhk-agent-bin + appimage-run + ]; - phases = ["buildPhase" "installPhase" "patchPhase"]; + phases = [ + "buildPhase" + "installPhase" + "patchPhase" + ]; - buildPhase = '' - echo "${script}" >> uhk-agent - ''; + buildPhase = '' + echo "${script}" >> uhk-agent + ''; - installPhase = '' - mkdir -p $out/bin - cp uhk-agent $out/bin/uhk-agent - chmod +x $out/bin/uhk-agent - ''; - } + installPhase = '' + mkdir -p $out/bin + cp uhk-agent $out/bin/uhk-agent + chmod +x $out/bin/uhk-agent + ''; +} diff --git a/pkgs/wcwd.nix b/pkgs/wcwd.nix index 7e6737a5..6785bb08 100644 --- a/pkgs/wcwd.nix +++ b/pkgs/wcwd.nix @@ -1,5 +1,4 @@ -self: -with self; '' +self: with self; '' pid=$(${sway}/bin/swaymsg -t get_tree | ${jq}/bin/jq '.. | select(.type?) | select(.type=="con") | select(.focused==true).pid') ppid=$(${procps}/bin/pgrep --newest --parent ''${pid}) readlink /proc/''${ppid}/cwd || echo $HOME diff --git a/secrets/secrets.nix b/secrets/secrets.nix index 47955d72..78765814 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -9,8 +9,14 @@ let teutat3s = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHcU6KPy4b1MQXd6EJhcYwbJu7E+0IrBZF/IP6T7gbMf teutat3s@dumpyourvms"; teutat3s-5-nfc = "age1yubikey1qdxpc9qenrkhqxnu2p6sgyfxhnxcvz99jcaq36uqcztuzsy92q596shqxkf"; }; - allKeys = [machines.dumpyourvms machines.ryzensun users.teutat3s users.teutat3s-5-nfc]; -in { + allKeys = [ + machines.dumpyourvms + machines.ryzensun + users.teutat3s + users.teutat3s-5-nfc + ]; +in +{ "example-secret.age".publicKeys = allKeys; "environment-secrets.age".publicKeys = allKeys; "github-api-token.age".publicKeys = allKeys; @@ -19,6 +25,10 @@ in { "mnx-bonanza-pf1.ovpn.age".publicKeys = allKeys; "mnx-bonanza-pf1.p12.age".publicKeys = allKeys; "docker-ci-runner-secrets.age".publicKeys = allKeys; - "test-secret.age".publicKeys = [users.teutat3s-5-nfc]; - "hosting-de-acme-secrets.age".publicKeys = [machines.fae users.teutat3s users.teutat3s-5-nfc]; + "test-secret.age".publicKeys = [ users.teutat3s-5-nfc ]; + "hosting-de-acme-secrets.age".publicKeys = [ + machines.fae + users.teutat3s + users.teutat3s-5-nfc + ]; } diff --git a/tests/first-test.nix b/tests/first-test.nix index 248dd638..fe5aba39 100644 --- a/tests/first-test.nix +++ b/tests/first-test.nix @@ -1,54 +1,60 @@ +{ pkgs, lib, ... }: { - pkgs, - lib, - ... -}: { name = "firstTest"; - nodes.test-machine = {suites ? null, ...}: { - imports = suites.iso; + nodes.test-machine = + { + suites ? null, + ... + }: + { + imports = suites.iso; - home-manager.users.pub-solar.programs.bash.shellAliases = { - test-x11 = "glinfo | tee /tmp/test-x11.out && touch /tmp/test-x11-exit-ok"; - test-wayland = "wayland-info | tee /tmp/test-wayland.out && touch /tmp/test-wayland-exit-ok"; - }; - - # source: https://github.com/NixOS/nixpkgs/blob/nixos-unstable/nixos/tests/sway.nix - environment = { - # For glinfo and wayland-info: - systemPackages = with pkgs; [mesa-demos wayland-utils alacritty]; - # Use a fixed SWAYSOCK path (for swaymsg): - variables = { - "SWAYSOCK" = "/tmp/sway-ipc.sock"; - # TODO: Investigate if we can get hardware acceleration to work (via - # virtio-gpu and Virgil). We currently have to use the Pixman software - # renderer since the GLES2 renderer doesn't work inside the VM (even - # with WLR_RENDERER_ALLOW_SOFTWARE): - # "WLR_RENDERER_ALLOW_SOFTWARE" = "1"; - "WLR_RENDERER" = "pixman"; + home-manager.users.pub-solar.programs.bash.shellAliases = { + test-x11 = "glinfo | tee /tmp/test-x11.out && touch /tmp/test-x11-exit-ok"; + test-wayland = "wayland-info | tee /tmp/test-wayland.out && touch /tmp/test-wayland-exit-ok"; }; - # To help with OCR: - etc."xdg/foot/foot.ini".text = lib.generators.toINI {} { - main = { - font = "inconsolata:size=14"; + # source: https://github.com/NixOS/nixpkgs/blob/nixos-unstable/nixos/tests/sway.nix + environment = { + # For glinfo and wayland-info: + systemPackages = with pkgs; [ + mesa-demos + wayland-utils + alacritty + ]; + # Use a fixed SWAYSOCK path (for swaymsg): + variables = { + "SWAYSOCK" = "/tmp/sway-ipc.sock"; + # TODO: Investigate if we can get hardware acceleration to work (via + # virtio-gpu and Virgil). We currently have to use the Pixman software + # renderer since the GLES2 renderer doesn't work inside the VM (even + # with WLR_RENDERER_ALLOW_SOFTWARE): + # "WLR_RENDERER_ALLOW_SOFTWARE" = "1"; + "WLR_RENDERER" = "pixman"; }; - colors = rec { - foreground = "000000"; - background = "ffffff"; - regular2 = foreground; + + # To help with OCR: + etc."xdg/foot/foot.ini".text = lib.generators.toINI { } { + main = { + font = "inconsolata:size=14"; + }; + colors = rec { + foreground = "000000"; + background = "ffffff"; + regular2 = foreground; + }; }; }; + + fonts.fonts = [ pkgs.inconsolata ]; + + # Need to switch to a different GPU driver than the default one (-vga std) so that Sway can launch: + virtualisation.qemu.options = [ "-vga none -device virtio-gpu-pci" ]; + virtualisation.cores = 4; + virtualisation.memorySize = 2048; }; - fonts.fonts = [pkgs.inconsolata]; - - # Need to switch to a different GPU driver than the default one (-vga std) so that Sway can launch: - virtualisation.qemu.options = ["-vga none -device virtio-gpu-pci"]; - virtualisation.cores = 4; - virtualisation.memorySize = 2048; - }; - enableOCR = true; testScript = '' diff --git a/tests/second-test.nix b/tests/second-test.nix index ac007d0d..89aead88 100644 --- a/tests/second-test.nix +++ b/tests/second-test.nix @@ -1,11 +1,15 @@ -{}: { +{ }: +{ name = "secondTest"; - nodes.test-machine2 = {suites ? null, ...}: { - imports = [ - suites.iso - ]; - }; + nodes.test-machine2 = + { + suites ? null, + ... + }: + { + imports = [ suites.iso ]; + }; testScript = '' machines[0].systemctl("is-system-running --wait") diff --git a/users/nixos/default.nix b/users/nixos/default.nix index e0bf4b37..9671b733 100644 --- a/users/nixos/default.nix +++ b/users/nixos/default.nix @@ -3,9 +3,11 @@ pkgs, lib, ... -}: let +}: +let psCfg = config.pub-solar; -in { +in +{ config = { pub-solar = { # These are your personal settings diff --git a/users/pub-solar/default.nix b/users/pub-solar/default.nix index c500b324..506d6c7f 100644 --- a/users/pub-solar/default.nix +++ b/users/pub-solar/default.nix @@ -1,4 +1,5 @@ -{config, pkgs, ...}: { +{ config, pkgs, ... }: +{ pub-solar = { # These are your personal settings # The only required settings are `name` and `password`, diff --git a/users/root/default.nix b/users/root/default.nix index 745a0843..7d6d6fa3 100644 --- a/users/root/default.nix +++ b/users/root/default.nix @@ -1,4 +1,4 @@ -{...}: +{ ... }: { users.users.root.hashedPassword = ""; } diff --git a/users/teutat3s/concepts-and-training.nix b/users/teutat3s/concepts-and-training.nix index 53dfc655..a5a3cbdc 100644 --- a/users/teutat3s/concepts-and-training.nix +++ b/users/teutat3s/concepts-and-training.nix @@ -8,7 +8,8 @@ let psCfg = config.pub-solar; xdg = config.home-manager.users."${psCfg.user.name}".xdg; -in { +in +{ age.secrets."cat-testenv.ovpn" = { file = "${flake.self}/secrets/cat-testenv.ovpn.age"; mode = "600"; diff --git a/users/teutat3s/default.nix b/users/teutat3s/default.nix index fdaac67e..b02abe35 100644 --- a/users/teutat3s/default.nix +++ b/users/teutat3s/default.nix @@ -4,13 +4,13 @@ lib, flake, ... -}: let +}: +let psCfg = config.pub-solar; xdg = config.home-manager.users.${psCfg.user.name}.xdg; -in { - imports = [ - ./home.nix - ]; +in +{ + imports = [ ./home.nix ]; config = { age.secrets.environment-secrets = { diff --git a/users/teutat3s/home.nix b/users/teutat3s/home.nix index d672cf28..0a676926 100644 --- a/users/teutat3s/home.nix +++ b/users/teutat3s/home.nix @@ -10,7 +10,8 @@ let psCfg = config.pub-solar; xdg = config.home-manager.users."${psCfg.user.name}".xdg; tritonshell = flake.inputs.tritonshell; -in { +in +{ imports = [ ./session-variables.nix ./concepts-and-training.nix @@ -36,7 +37,7 @@ in { #services.keybase.enable = true; users.users."${psCfg.user.name}" = { - extraGroups = ["dialout"]; + extraGroups = [ "dialout" ]; }; home-manager.users.${psCfg.user.name} = { xdg.configFile."git/config".text = import ./.config/git/config.nix { @@ -126,7 +127,9 @@ in { } complete -F _tailscale tailscale - complete -C ${flake.inputs.nixos-22-05.legacyPackages.${pkgs.system}.terraform}/bin/terraform terraform + complete -C ${ + flake.inputs.nixos-22-05.legacyPackages.${pkgs.system}.terraform + }/bin/terraform terraform complete -C ${pkgs.opentofu}/bin/tofu tofu ''; diff --git a/users/teutat3s/mnx.nix b/users/teutat3s/mnx.nix index 384b6d38..a47bf38b 100644 --- a/users/teutat3s/mnx.nix +++ b/users/teutat3s/mnx.nix @@ -8,7 +8,8 @@ let psCfg = config.pub-solar; xdg = config.home-manager.users."${psCfg.user.name}".xdg; -in { +in +{ config = { age.secrets."mnx-bonanza-pf1.ovpn" = { file = "${flake.self}/secrets/mnx-bonanza-pf1.ovpn.age"; @@ -32,17 +33,23 @@ in { programs._1password-gui = { enable = true; - polkitPolicyOwners = ["teutat3s"]; + polkitPolicyOwners = [ "teutat3s" ]; }; programs._1password.enable = true; - home-manager = pkgs.lib.setAttrByPath ["users" psCfg.user.name] { - home.packages = with pkgs; [ - zoom-us - slack - prr - tmate - ]; - }; + home-manager = + pkgs.lib.setAttrByPath + [ + "users" + psCfg.user.name + ] + { + home.packages = with pkgs; [ + zoom-us + slack + prr + tmate + ]; + }; }; } diff --git a/users/teutat3s/session-variables.nix b/users/teutat3s/session-variables.nix index 4f12da02..9cffe3a0 100644 --- a/users/teutat3s/session-variables.nix +++ b/users/teutat3s/session-variables.nix @@ -1,15 +1,19 @@ -{ - config, - pkgs, - ... -}: let +{ config, pkgs, ... }: +let psCfg = config.pub-solar; xdg = config.home-manager.users."${psCfg.user.name}".xdg; -in { - home-manager = pkgs.lib.setAttrByPath ["users" psCfg.user.name] { - home.sessionVariables = { - DRONE_SERVER = "https://ci.pub.solar"; - GOPATH = "/home/${psCfg.user.name}/.local/share/go"; - }; - }; +in +{ + home-manager = + pkgs.lib.setAttrByPath + [ + "users" + psCfg.user.name + ] + { + home.sessionVariables = { + DRONE_SERVER = "https://ci.pub.solar"; + GOPATH = "/home/${psCfg.user.name}/.local/share/go"; + }; + }; }