From e6e258feeb042cff0506b34ecb4505557aae1514 Mon Sep 17 00:00:00 2001 From: Joseph Hanson Date: Thu, 6 Mar 2025 09:51:33 -0600 Subject: [PATCH] reformat --> alejandra --- .archive/flake.nix | 6 +- .../modules/programs/de/gnome/default.nix | 5 +- .archive/hosts/durincore/default.nix | 12 +- .../hosts/gandalf/config/incus-preseed.nix | 7 +- .../hosts/gandalf/config/samba-config.nix | 3 +- .archive/hosts/gandalf/config/sanoid.nix | 15 +- .archive/hosts/gandalf/default.nix | 14 +- .archive/hosts/legiondary/default.nix | 12 +- .../nixos/containers/lego-auto/default.nix | 20 +- .../nixos/containers/unifi/default.nix | 89 ++--- .archive/modules/nixos/de/gnome.nix | 38 +- .archive/modules/nixos/de/kde.nix | 16 +- .../nixos/services/cockpit/default.nix | 6 +- .../modules/nixos/services/vault/default.nix | 6 +- .archive/profiles/disko-telchar.nix | 6 +- .archive/profiles/hw-legion-15arh05h.nix | 7 +- .archive/profiles/hw-thinkpad-t470.nix | 5 +- .archive/profiles/role-gaming.nix | 8 +- nixos/home/jahanson/server.nix | 3 +- .../modules/programs/browsers/default.nix | 3 +- .../modules/programs/thunderbird/default.nix | 8 +- nixos/home/modules/security/default.nix | 3 +- nixos/home/modules/security/ssh/default.nix | 14 +- nixos/home/modules/shell/atuind/default.nix | 10 +- nixos/home/modules/shell/default.nix | 3 +- nixos/home/modules/shell/starship/default.nix | 6 +- nixos/home/modules/shell/wezterm/default.nix | 6 +- .../hosts/shadowfax/config/incus-preseed.nix | 7 +- nixos/hosts/shadowfax/config/sanoid.nix | 15 +- nixos/hosts/telperion/config/bind.nix | 3 +- nixos/hosts/telperion/config/haproxy.nix | 3 +- nixos/hosts/telperion/default.nix | 16 +- nixos/hosts/varda/resources/prune-backup.nix | 9 +- .../nixos/containers/scrutiny/default.nix | 14 +- nixos/modules/nixos/de/kde.nix | 16 +- nixos/modules/nixos/editor/vim.nix | 44 +-- nixos/modules/nixos/games/steam/steam.nix | 7 +- .../modules/nixos/hardware/nvidia/default.nix | 8 +- nixos/modules/nixos/programs/shell/fish.nix | 13 +- .../nixos/security/1password/default.nix | 14 +- nixos/modules/nixos/security/acme/default.nix | 14 +- nixos/modules/nixos/security/default.nix | 3 +- nixos/modules/nixos/services/bind/default.nix | 12 +- .../nixos/services/dnsmasq/default.nix | 10 +- .../nixos/services/libvirt-qemu/default.nix | 10 +- .../nixos/services/matchbox/default.nix | 16 +- .../modules/nixos/services/nginx/default.nix | 15 +- .../services/nix-index-daily/default.nix | 10 +- .../services/onepassword-connect/default.nix | 18 +- .../modules/nixos/services/podman/default.nix | 14 +- .../nixos/services/qbittorrent/default.nix | 14 +- .../nixos/services/reboot-required-check.nix | 14 +- .../modules/nixos/services/sanoid/default.nix | 8 +- .../services/syncthing/config/default.nix | 11 +- .../nixos/services/syncthing/default.nix | 12 +- .../nixos/services/unpackerr/default.nix | 24 +- .../nixos/system/borg/borgbackup/default.nix | 14 +- nixos/modules/nixos/system/borg/default.nix | 3 +- .../nixos/system/borg/pikabackup/default.nix | 6 +- nixos/modules/nixos/system/incus/default.nix | 9 +- nixos/modules/nixos/system/motd/default.nix | 12 +- nixos/modules/nixos/system/nfs/default.nix | 10 +- nixos/modules/nixos/system/nix.nix | 20 +- nixos/modules/nixos/system/openssh.nix | 20 +- .../modules/nixos/system/pushover/default.nix | 13 +- nixos/modules/nixos/system/security.nix | 12 +- nixos/modules/nixos/system/systempackages.nix | 14 +- nixos/modules/nixos/system/time.nix | 10 +- .../nixos/system/wifi_swap/default.nix | 14 +- nixos/modules/nixos/system/zfs.nix | 70 ++-- nixos/overlays/cargo-tauri/default.nix | 15 +- nixos/overlays/coder/default.nix | 126 +++---- nixos/overlays/smartmontools/default.nix | 23 +- nixos/overlays/talosctl/default.nix | 5 +- nixos/overlays/termius/default.nix | 9 +- nixos/overlays/vivaldi/default.nix | 348 +++++++++--------- nixos/overlays/vivaldi/ffmpeg-codecs.nix | 7 +- nixos/overlays/xpipe/ptb.nix | 175 +++++---- nixos/overlays/zed-editor/default.nix | 25 +- nixos/profiles/disko-nixos.nix | 6 +- nixos/profiles/global/nix.nix | 7 +- nixos/profiles/global/sops.nix | 5 +- nixos/profiles/global/system.nix | 5 +- nixos/profiles/hw-generic-x86.nix | 16 +- nixos/profiles/hw-hetzner-cax.nix | 11 +- nixos/profiles/hw-hp-s01.nix | 3 +- nixos/profiles/hw-supermicro.nix | 9 +- nixos/profiles/role-server.nix | 11 +- shell.nix | 38 +- 89 files changed, 875 insertions(+), 901 deletions(-) diff --git a/.archive/flake.nix b/.archive/flake.nix index 3c283ff..4c18f43 100644 --- a/.archive/flake.nix +++ b/.archive/flake.nix @@ -11,7 +11,7 @@ profileModules = [ ./nixos/profiles/role-workstation.nix ./nixos/profiles/role-dev.nix - { home-manager.users.jahanson = ./nixos/home/jahanson/workstation.nix; } + {home-manager.users.jahanson = ./nixos/home/jahanson/workstation.nix;} ]; }; @@ -24,13 +24,13 @@ inputs.nixos-hardware.nixosModules.lenovo-legion-15arh05h ./nixos/profiles/hw-legion-15arh05h.nix disko.nixosModules.disko - (import ./nixos/profiles/disko-nixos.nix { disks = [ "/dev/nvme0n1" ]; }) + (import ./nixos/profiles/disko-nixos.nix {disks = ["/dev/nvme0n1"];}) ]; profileModules = [ ./nixos/profiles/role-dev.nix ./nixos/profiles/role-gaming.nix ./nixos/profiles/role-workstation.nix - { home-manager.users.jahanson = ./nixos/home/jahanson/workstation.nix; } + {home-manager.users.jahanson = ./nixos/home/jahanson/workstation.nix;} ]; }; } diff --git a/.archive/home/modules/programs/de/gnome/default.nix b/.archive/home/modules/programs/de/gnome/default.nix index 55ed6fb..cc3a744 100644 --- a/.archive/home/modules/programs/de/gnome/default.nix +++ b/.archive/home/modules/programs/de/gnome/default.nix @@ -6,8 +6,7 @@ osConfig, ... }: -with lib.hm.gvariant; -{ +with lib.hm.gvariant; { config = lib.mkIf osConfig.mySystem.de.gnome.enable { # add user packages home.packages = with pkgs; [ @@ -23,7 +22,7 @@ with lib.hm.gvariant; workspaces-only-on-primary = false; }; "org/gnome/settings-daemon/plugins/media-keys" = { - home = [ "e" ]; + home = ["e"]; }; "org/gnome/desktop/wm/preferences" = { workspace-names = [ diff --git a/.archive/hosts/durincore/default.nix b/.archive/hosts/durincore/default.nix index e820c14..539b63a 100644 --- a/.archive/hosts/durincore/default.nix +++ b/.archive/hosts/durincore/default.nix @@ -1,5 +1,4 @@ -{ ... }: -{ +{...}: { config = { networking.hostId = "ad4380db"; networking.hostName = "durincore"; @@ -12,10 +11,10 @@ "usb_storage" "sd_mod" ]; - kernelModules = [ ]; + kernelModules = []; }; - kernelModules = [ "kvm-intel" ]; - extraModulePackages = [ ]; + kernelModules = ["kvm-intel"]; + extraModulePackages = []; }; fileSystems = { @@ -39,7 +38,7 @@ }; }; - swapDevices = [ ]; + swapDevices = []; # System settings and services. mySystem = { @@ -48,6 +47,5 @@ "wlp4s0" ]; }; - }; } diff --git a/.archive/hosts/gandalf/config/incus-preseed.nix b/.archive/hosts/gandalf/config/incus-preseed.nix index 797c446..e1d3975 100644 --- a/.archive/hosts/gandalf/config/incus-preseed.nix +++ b/.archive/hosts/gandalf/config/incus-preseed.nix @@ -1,5 +1,4 @@ -{ ... }: -{ +{...}: { config = { "core.https_address" = "10.1.1.15:8445"; # Need quotes around key }; @@ -27,7 +26,7 @@ ]; profiles = [ { - config = { }; + config = {}; description = ""; devices = { eth0 = { @@ -44,6 +43,6 @@ name = "default"; } ]; - projects = [ ]; + projects = []; cluster = null; } diff --git a/.archive/hosts/gandalf/config/samba-config.nix b/.archive/hosts/gandalf/config/samba-config.nix index b6c1062..5e0afa6 100644 --- a/.archive/hosts/gandalf/config/samba-config.nix +++ b/.archive/hosts/gandalf/config/samba-config.nix @@ -1,5 +1,4 @@ -{ ... }: -{ +{...}: { global = { "workgroup" = "WORKGROUP"; "server string" = "gandalf"; diff --git a/.archive/hosts/gandalf/config/sanoid.nix b/.archive/hosts/gandalf/config/sanoid.nix index 328cc82..ccf98f2 100644 --- a/.archive/hosts/gandalf/config/sanoid.nix +++ b/.archive/hosts/gandalf/config/sanoid.nix @@ -1,5 +1,4 @@ -{ ... }: -{ +{...}: { outputs = { # ZFS automated snapshots templates = { @@ -14,22 +13,22 @@ }; datasets = { "eru/xen-backups" = { - useTemplate = [ "production" ]; + useTemplate = ["production"]; }; "eru/hansonhive" = { - useTemplate = [ "production" ]; + useTemplate = ["production"]; }; "eru/tm_joe" = { - useTemplate = [ "production" ]; + useTemplate = ["production"]; }; "eru/tm_elisia" = { - useTemplate = [ "production" ]; + useTemplate = ["production"]; }; "eru/containers/volumes/xo-data" = { - useTemplate = [ "production" ]; + useTemplate = ["production"]; }; "eru/containers/volumes/xo-redis-data" = { - useTemplate = [ "production" ]; + useTemplate = ["production"]; }; }; }; diff --git a/.archive/hosts/gandalf/default.nix b/.archive/hosts/gandalf/default.nix index fa41b2b..dac3f88 100644 --- a/.archive/hosts/gandalf/default.nix +++ b/.archive/hosts/gandalf/default.nix @@ -17,7 +17,7 @@ imports = [ (modulesPath + "/installer/scan/not-detected.nix") inputs.disko.nixosModules.disko - (import ../../profiles/disko-nixos.nix { disks = [ "/dev/sda" ]; }) + (import ../../profiles/disko-nixos.nix {disks = ["/dev/sda"];}) ]; boot = { @@ -31,8 +31,8 @@ "usb_storage" "sd_mod" ]; - kernelModules = [ "nfs" ]; - supportedFilesystems = [ "nfs" ]; + kernelModules = ["nfs"]; + supportedFilesystems = ["nfs"]; }; kernelModules = [ @@ -42,7 +42,7 @@ "vfio_pci" "vfio_virqfd" ]; - extraModulePackages = [ ]; + extraModulePackages = []; kernelParams = [ "iommu=pt" "intel_iommu=on" @@ -50,7 +50,7 @@ ]; # 100GB }; - swapDevices = [ ]; + swapDevices = []; users.users.root.openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAGSFTSVPt43PBpSMSF1dGTzN2JbxztDZUml7g4+PnWe CSI-Driver@talos" @@ -107,13 +107,13 @@ sopsFile = ./secrets.sops.yaml; owner = "jahanson"; mode = "400"; - restartUnits = [ "syncthing.service" ]; + restartUnits = ["syncthing.service"]; }; "syncthing/privateKey" = { sopsFile = ./secrets.sops.yaml; owner = "jahanson"; mode = "400"; - restartUnits = [ "syncthing.service" ]; + restartUnits = ["syncthing.service"]; }; }; }; diff --git a/.archive/hosts/legiondary/default.nix b/.archive/hosts/legiondary/default.nix index c39f6a5..bf1cfdc 100644 --- a/.archive/hosts/legiondary/default.nix +++ b/.archive/hosts/legiondary/default.nix @@ -6,9 +6,7 @@ lib, modulesPath, ... -}: - -{ +}: { imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; @@ -24,9 +22,9 @@ "usbhid" "sd_mod" ]; - initrd.kernelModules = [ ]; - kernelModules = [ "kvm-amd" ]; - extraModulePackages = [ ]; + initrd.kernelModules = []; + kernelModules = ["kvm-amd"]; + extraModulePackages = []; }; fileSystems = { @@ -57,7 +55,7 @@ # options = [ "fmask=0022" "dmask=0022" ]; # }; - swapDevices = [ ]; + swapDevices = []; hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; diff --git a/.archive/modules/nixos/containers/lego-auto/default.nix b/.archive/modules/nixos/containers/lego-auto/default.nix index ba95df8..89672fb 100644 --- a/.archive/modules/nixos/containers/lego-auto/default.nix +++ b/.archive/modules/nixos/containers/lego-auto/default.nix @@ -1,6 +1,9 @@ -{ lib, config, ... }: -with lib; -let +{ + lib, + config, + ... +}: +with lib; let app = "lego-auto"; image = "ghcr.io/bjw-s/lego-auto:v0.3.0"; user = "999"; # string @@ -8,8 +11,7 @@ let port = 9898; # int cfg = config.mySystem.services.${app}; appFolder = "/eru/containers/volumes/${app}"; -in -{ +in { options.mySystem.services.${app} = { enable = mkEnableOption "${app}"; dnsimpleTokenPath = mkOption { @@ -56,9 +58,11 @@ in DNSIMPLE_OAUTH_TOKEN_FILE = "/config/dnsimple-token"; }; - volumes = [ - "${appFolder}/cert:/cert" - ] ++ optionals (cfg.provider == "dnsimple") [ "${cfg.dnsimpleTokenPath}:/config/dnsimple-token" ]; + volumes = + [ + "${appFolder}/cert:/cert" + ] + ++ optionals (cfg.provider == "dnsimple") ["${cfg.dnsimpleTokenPath}:/config/dnsimple-token"]; }; }; } diff --git a/.archive/modules/nixos/containers/unifi/default.nix b/.archive/modules/nixos/containers/unifi/default.nix index 0f5fbe6..2c63ae2 100644 --- a/.archive/modules/nixos/containers/unifi/default.nix +++ b/.archive/modules/nixos/containers/unifi/default.nix @@ -1,54 +1,57 @@ -{ lib, config, ... }: -with lib; -let +{ + lib, + config, + ... +}: +with lib; let app = "unifi"; # renovate: depName=goofball222/unifi datasource=github-releases version = "8.4.62"; cfg = config.mySystem.services.${app}; appFolder = "/eru/containers/volumes/${app}"; in -# persistentFolder = "${config.mySystem.persistentFolder}/var/lib/${appFolder}"; -{ - options.mySystem.services.${app} = { - enable = mkEnableOption "${app}"; - }; + # persistentFolder = "${config.mySystem.persistentFolder}/var/lib/${appFolder}"; + { + options.mySystem.services.${app} = { + enable = mkEnableOption "${app}"; + }; - config = mkIf cfg.enable { - networking.firewall.interfaces = { - enp130s0f0 = { - allowedTCPPorts = [ 8443 ]; + config = mkIf cfg.enable { + networking.firewall.interfaces = { + enp130s0f0 = { + allowedTCPPorts = [8443]; + }; + podman0 = { + allowedTCPPorts = [ + 8080 + 8443 + 8880 + 8843 + ]; + allowedUDPPorts = [3478]; + }; }; - podman0 = { - allowedTCPPorts = [ - 8080 - 8443 - 8880 - 8843 + virtualisation.oci-containers.containers.${app} = { + image = "ghcr.io/goofball222/unifi:${version}"; + autoStart = true; + ports = [ + "3478:3478/udp" # STUN + "8080:8080" # inform controller + "8443:8443" # https + "8880:8880" # HTTP portal redirect + "8843:8843" # HTTPS portal redirect + ]; + environment = { + TZ = "America/Chicago"; + RUNAS_UID0 = "false"; + PGID = "102"; + PUID = "999"; + }; + volumes = [ + "${appFolder}/cert:/usr/lib/unifi/cert" + "${appFolder}/data:/usr/lib/unifi/data" + "${appFolder}/logs:/usr/lib/unifi/logs" ]; - allowedUDPPorts = [ 3478 ]; }; }; - virtualisation.oci-containers.containers.${app} = { - image = "ghcr.io/goofball222/unifi:${version}"; - autoStart = true; - ports = [ - "3478:3478/udp" # STUN - "8080:8080" # inform controller - "8443:8443" # https - "8880:8880" # HTTP portal redirect - "8843:8843" # HTTPS portal redirect - ]; - environment = { - TZ = "America/Chicago"; - RUNAS_UID0 = "false"; - PGID = "102"; - PUID = "999"; - }; - volumes = [ - "${appFolder}/cert:/usr/lib/unifi/cert" - "${appFolder}/data:/usr/lib/unifi/data" - "${appFolder}/logs:/usr/lib/unifi/logs" - ]; - }; - }; -} + } diff --git a/.archive/modules/nixos/de/gnome.nix b/.archive/modules/nixos/de/gnome.nix index bef2eee..da0b393 100644 --- a/.archive/modules/nixos/de/gnome.nix +++ b/.archive/modules/nixos/de/gnome.nix @@ -3,24 +3,27 @@ config, pkgs, ... -}: -let +}: let cfg = config.mySystem.de.gnome; -in -{ +in { options = { mySystem.de.gnome = { - enable = lib.mkEnableOption "GNOME" // { - default = false; - }; - systrayicons = lib.mkEnableOption "Enable systray icons" // { - default = true; - }; - gsconnect = lib.mkEnableOption "Enable gsconnect (KDEConnect for GNOME)" // { - default = true; - }; + enable = + lib.mkEnableOption "GNOME" + // { + default = false; + }; + systrayicons = + lib.mkEnableOption "Enable systray icons" + // { + default = true; + }; + gsconnect = + lib.mkEnableOption "Enable gsconnect (KDEConnect for GNOME)" + // { + default = true; + }; }; - }; config = lib.mkIf cfg.enable { @@ -49,14 +52,13 @@ in }; }; - udev.packages = lib.optionals cfg.systrayicons [ pkgs.gnome.gnome-settings-daemon ]; # support appindicator + udev.packages = lib.optionals cfg.systrayicons [pkgs.gnome.gnome-settings-daemon]; # support appindicator }; # systyray icons # extra pkgs and extensions environment = { - systemPackages = - with pkgs; + systemPackages = with pkgs; [ wl-clipboard # ls ~/Downloads | wl-copy or wl-paste > clipboard.txt playerctl # gsconnect play/pause command @@ -70,7 +72,7 @@ in gnomeExtensions.caffeine gnomeExtensions.dash-to-dock ] - ++ optionals cfg.systrayicons [ pkgs.gnomeExtensions.appindicator ]; + ++ optionals cfg.systrayicons [pkgs.gnomeExtensions.appindicator]; }; # enable gsconnect diff --git a/.archive/modules/nixos/de/kde.nix b/.archive/modules/nixos/de/kde.nix index bf9adc7..e9622ff 100644 --- a/.archive/modules/nixos/de/kde.nix +++ b/.archive/modules/nixos/de/kde.nix @@ -3,17 +3,17 @@ config, pkgs, ... -}: -let +}: let cfg = config.mySystem.de.kde; - flameshotOverride = pkgs.unstable.flameshot.override { enableWlrSupport = true; }; -in -{ + flameshotOverride = pkgs.unstable.flameshot.override {enableWlrSupport = true;}; +in { options = { mySystem.de.kde = { - enable = lib.mkEnableOption "KDE" // { - default = false; - }; + enable = + lib.mkEnableOption "KDE" + // { + default = false; + }; }; }; diff --git a/.archive/modules/nixos/services/cockpit/default.nix b/.archive/modules/nixos/services/cockpit/default.nix index 3e584d1..c3813f0 100644 --- a/.archive/modules/nixos/services/cockpit/default.nix +++ b/.archive/modules/nixos/services/cockpit/default.nix @@ -4,11 +4,9 @@ pkgs, ... }: -with lib; -let +with lib; let cfg = config.mySystem.services.cockpit; -in -{ +in { options.mySystem.services.cockpit.enable = mkEnableOption "Cockpit"; config.services.cockpit = mkIf cfg.enable { diff --git a/.archive/modules/nixos/services/vault/default.nix b/.archive/modules/nixos/services/vault/default.nix index 611c13a..697bc44 100644 --- a/.archive/modules/nixos/services/vault/default.nix +++ b/.archive/modules/nixos/services/vault/default.nix @@ -3,11 +3,9 @@ lib, pkgs, ... -}: -let +}: let cfg = config.mySystem.services.vault; -in -{ +in { options.mySystem.services.vault = { enable = lib.mkEnableOption "vault"; address = lib.mkOption { diff --git a/.archive/profiles/disko-telchar.nix b/.archive/profiles/disko-telchar.nix index 7d9b69c..e110869 100644 --- a/.archive/profiles/disko-telchar.nix +++ b/.archive/profiles/disko-telchar.nix @@ -23,7 +23,7 @@ size = "100%"; content = { type = "btrfs"; - extraArgs = [ "-f" ]; # Override existing partition + extraArgs = ["-f"]; # Override existing partition # Subvolumes must set a mountpoint in order to be mounted, # unless their parent is mounted subvolumes = { @@ -33,11 +33,11 @@ }; # Subvolume name is the same as the mountpoint "/home" = { - mountOptions = [ "compress=zstd" ]; + mountOptions = ["compress=zstd"]; mountpoint = "/home"; }; # Sub(sub)volume doesn't need a mountpoint as its parent is mounted - "/home/user" = { }; + "/home/user" = {}; # Parent is not mounted so the mountpoint must be set "/nix" = { mountOptions = [ diff --git a/.archive/profiles/hw-legion-15arh05h.nix b/.archive/profiles/hw-legion-15arh05h.nix index c777f24..82fa8e2 100644 --- a/.archive/profiles/hw-legion-15arh05h.nix +++ b/.archive/profiles/hw-legion-15arh05h.nix @@ -1,5 +1,8 @@ -{ lib, pkgs, ... }: { + lib, + pkgs, + ... +}: { # Support windows partition mySystem = { security.wheelNeedsSudoPassword = false; @@ -22,7 +25,7 @@ device = "nodev"; mirroredBoots = [ { - devices = [ "nodev" ]; + devices = ["nodev"]; path = "/boot"; } ]; diff --git a/.archive/profiles/hw-thinkpad-t470.nix b/.archive/profiles/hw-thinkpad-t470.nix index 36134ba..8895e6a 100644 --- a/.archive/profiles/hw-thinkpad-t470.nix +++ b/.archive/profiles/hw-thinkpad-t470.nix @@ -1,5 +1,8 @@ -{ config, lib, ... }: { + config, + lib, + ... +}: { boot = { # Use the systemd-boot EFI boot loader. loader = { diff --git a/.archive/profiles/role-gaming.nix b/.archive/profiles/role-gaming.nix index 687cb3c..6979d79 100644 --- a/.archive/profiles/role-gaming.nix +++ b/.archive/profiles/role-gaming.nix @@ -1,12 +1,15 @@ -{ lib, pkgs, ... }: { + lib, + pkgs, + ... +}: { # Enable module for NVIDIA graphics mySystem = { hardware.nvidia.enable = true; }; # set xserver videodrivers for NVIDIA gpu - services.xserver.videoDrivers = [ "nvidia" ]; + services.xserver.videoDrivers = ["nvidia"]; # Install steam systemwide programs.steam = { enable = true; @@ -35,5 +38,4 @@ pulse.enable = true; jack.enable = true; }; - } diff --git a/nixos/home/jahanson/server.nix b/nixos/home/jahanson/server.nix index 4ff97db..3a69f66 100644 --- a/nixos/home/jahanson/server.nix +++ b/nixos/home/jahanson/server.nix @@ -1,5 +1,4 @@ -{ ... }: -{ +{...}: { imports = [ ./global.nix ]; diff --git a/nixos/home/modules/programs/browsers/default.nix b/nixos/home/modules/programs/browsers/default.nix index 70a8be5..372d666 100644 --- a/nixos/home/modules/programs/browsers/default.nix +++ b/nixos/home/modules/programs/browsers/default.nix @@ -1,5 +1,4 @@ -{ ... }: -{ +{...}: { imports = [ ./firefox ]; diff --git a/nixos/home/modules/programs/thunderbird/default.nix b/nixos/home/modules/programs/thunderbird/default.nix index 1601b5f..cde2cf5 100644 --- a/nixos/home/modules/programs/thunderbird/default.nix +++ b/nixos/home/modules/programs/thunderbird/default.nix @@ -3,8 +3,7 @@ pkgs, lib, ... -}: -let +}: let cfg = config.myHome.programs.thunderbird; policies = { @@ -25,15 +24,14 @@ let }; }; }; -in -{ +in { options.myHome.programs.thunderbird.enable = lib.mkEnableOption "Thunderbird"; config = lib.mkIf cfg.enable { programs.thunderbird = { enable = true; package = pkgs.thunderbird-128.override (old: { - extraPolicies = (old.extrapPolicies or { }) // policies; + extraPolicies = (old.extrapPolicies or {}) // policies; }); profiles.default.isDefault = true; diff --git a/nixos/home/modules/security/default.nix b/nixos/home/modules/security/default.nix index 837aa1e..50d32df 100644 --- a/nixos/home/modules/security/default.nix +++ b/nixos/home/modules/security/default.nix @@ -1,5 +1,4 @@ -{ ... }: -{ +{...}: { imports = [ ./ssh ]; diff --git a/nixos/home/modules/security/ssh/default.nix b/nixos/home/modules/security/ssh/default.nix index 04e20e3..1e0784d 100644 --- a/nixos/home/modules/security/ssh/default.nix +++ b/nixos/home/modules/security/ssh/default.nix @@ -1,14 +1,16 @@ -{ config, lib, ... }: -with lib; -let - cfg = config.myHome.security.ssh; -in { + config, + lib, + ... +}: +with lib; let + cfg = config.myHome.security.ssh; +in { options.myHome.security.ssh = { enable = mkEnableOption "ssh"; matchBlocks = mkOption { type = types.attrs; - default = { }; + default = {}; }; }; diff --git a/nixos/home/modules/shell/atuind/default.nix b/nixos/home/modules/shell/atuind/default.nix index 15150e1..a42b5a5 100644 --- a/nixos/home/modules/shell/atuind/default.nix +++ b/nixos/home/modules/shell/atuind/default.nix @@ -4,11 +4,9 @@ lib, ... }: -with lib; -let +with lib; let cfg = config.myHome.shell.atuind; -in -{ +in { options.myHome.shell.atuind = { enable = mkEnableOption "atuind"; }; @@ -17,10 +15,10 @@ in (mkIf cfg.enable { systemd.user.services.atuind = { Install = { - WantedBy = [ "default.target" ]; + WantedBy = ["default.target"]; }; Unit = { - After = [ "network.target" ]; + After = ["network.target"]; }; Service = { Environment = "ATUIN_LOG=info"; diff --git a/nixos/home/modules/shell/default.nix b/nixos/home/modules/shell/default.nix index 5c5aa4c..05eef2f 100644 --- a/nixos/home/modules/shell/default.nix +++ b/nixos/home/modules/shell/default.nix @@ -1,5 +1,4 @@ -{ ... }: -{ +{...}: { imports = [ ./atuind ./fish diff --git a/nixos/home/modules/shell/starship/default.nix b/nixos/home/modules/shell/starship/default.nix index 2b3d56b..a3038d1 100644 --- a/nixos/home/modules/shell/starship/default.nix +++ b/nixos/home/modules/shell/starship/default.nix @@ -3,11 +3,9 @@ config, ... }: -with lib; -let +with lib; let cfg = config.myHome.shell.starship; -in -{ +in { options.myHome.shell.starship = { enable = mkEnableOption "starship"; }; diff --git a/nixos/home/modules/shell/wezterm/default.nix b/nixos/home/modules/shell/wezterm/default.nix index 28190c5..eed69c5 100644 --- a/nixos/home/modules/shell/wezterm/default.nix +++ b/nixos/home/modules/shell/wezterm/default.nix @@ -4,11 +4,9 @@ lib, ... }: -with lib; -let +with lib; let cfg = config.myHome.shell.wezterm; -in -{ +in { options.myHome.shell.wezterm = { enable = mkEnableOption "wezterm"; configPath = mkOption { diff --git a/nixos/hosts/shadowfax/config/incus-preseed.nix b/nixos/hosts/shadowfax/config/incus-preseed.nix index a2738a2..9937fec 100644 --- a/nixos/hosts/shadowfax/config/incus-preseed.nix +++ b/nixos/hosts/shadowfax/config/incus-preseed.nix @@ -1,5 +1,4 @@ -{ ... }: -{ +{...}: { config = { "core.https_address" = "10.1.1.61:8443"; # Need quotes around key }; @@ -27,7 +26,7 @@ ]; profiles = [ { - config = { }; + config = {}; description = ""; devices = { eth0 = { @@ -44,6 +43,6 @@ name = "default"; } ]; - projects = [ ]; + projects = []; cluster = null; } diff --git a/nixos/hosts/shadowfax/config/sanoid.nix b/nixos/hosts/shadowfax/config/sanoid.nix index 14ba3fa..7357a81 100644 --- a/nixos/hosts/shadowfax/config/sanoid.nix +++ b/nixos/hosts/shadowfax/config/sanoid.nix @@ -1,5 +1,4 @@ -{ ... }: -{ +{...}: { outputs = { # ZFS automated snapshots templates = { @@ -14,27 +13,27 @@ datasets = { "nahar/qbittorrent" = { - useTemplate = [ "production" ]; + useTemplate = ["production"]; recursive = true; }; "nahar/sabnzbd" = { - useTemplate = [ "production" ]; + useTemplate = ["production"]; recursive = true; }; "nahar/containers/volumes/jellyfin" = { - useTemplate = [ "production" ]; + useTemplate = ["production"]; recursive = true; }; "nahar/containers/volumes/plex" = { - useTemplate = [ "production" ]; + useTemplate = ["production"]; recursive = true; }; "nahar/containers/volumes/scrutiny" = { - useTemplate = [ "production" ]; + useTemplate = ["production"]; recursive = true; }; "nahar/containers/volumes/scrypted" = { - useTemplate = [ "production" ]; + useTemplate = ["production"]; recursive = true; }; }; diff --git a/nixos/hosts/telperion/config/bind.nix b/nixos/hosts/telperion/config/bind.nix index 6c4ab6b..11a0005 100644 --- a/nixos/hosts/telperion/config/bind.nix +++ b/nixos/hosts/telperion/config/bind.nix @@ -1,5 +1,4 @@ -{ config, ... }: -'' +{config, ...}: '' include "${config.sops.secrets."bind/rndc-keys/externaldns".path}"; acl trusted { diff --git a/nixos/hosts/telperion/config/haproxy.nix b/nixos/hosts/telperion/config/haproxy.nix index f4a3cd2..4ea2f57 100644 --- a/nixos/hosts/telperion/config/haproxy.nix +++ b/nixos/hosts/telperion/config/haproxy.nix @@ -1,5 +1,4 @@ -{ ... }: -'' +{...}: '' global log /dev/log local0 log /dev/log local1 notice diff --git a/nixos/hosts/telperion/default.nix b/nixos/hosts/telperion/default.nix index 1617920..bf06ad5 100644 --- a/nixos/hosts/telperion/default.nix +++ b/nixos/hosts/telperion/default.nix @@ -7,9 +7,7 @@ modulesPath, pkgs, ... -}: - -{ +}: { imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; @@ -25,9 +23,9 @@ "usb_storage" "sd_mod" ]; - initrd.kernelModules = [ ]; - kernelModules = [ "kvm-intel" ]; - extraModulePackages = [ ]; + initrd.kernelModules = []; + kernelModules = ["kvm-intel"]; + extraModulePackages = []; }; fileSystems = { "/" = { @@ -51,7 +49,7 @@ }; }; - swapDevices = [ ]; + swapDevices = []; hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; # Until I can figure out why the tftp port is not opening, disable the firewall. @@ -118,12 +116,12 @@ bind = { enable = true; - extraConfig = import ./config/bind.nix { inherit config; }; + extraConfig = import ./config/bind.nix {inherit config;}; }; haproxy = { enable = true; - config = import ./config/haproxy.nix { inherit config; }; + config = import ./config/haproxy.nix {inherit config;}; tcpPorts = [ 6443 6444 diff --git a/nixos/hosts/varda/resources/prune-backup.nix b/nixos/hosts/varda/resources/prune-backup.nix index 240acdf..36e63f5 100644 --- a/nixos/hosts/varda/resources/prune-backup.nix +++ b/nixos/hosts/varda/resources/prune-backup.nix @@ -1,13 +1,10 @@ -{ pkgs, ... }: - -let +{pkgs, ...}: let cleanupScript = pkgs.writeShellScriptBin "cleanup-backups.sh" ( builtins.readFile ./prune-backups.sh ); -in -{ +in { systemd.timers.cleanup-backups = { - wantedBy = [ "timers.target" ]; + wantedBy = ["timers.target"]; timerConfig = { OnCalendar = "daily"; Persistent = true; diff --git a/nixos/modules/nixos/containers/scrutiny/default.nix b/nixos/modules/nixos/containers/scrutiny/default.nix index d804c2d..ff6ebe4 100644 --- a/nixos/modules/nixos/containers/scrutiny/default.nix +++ b/nixos/modules/nixos/containers/scrutiny/default.nix @@ -1,12 +1,14 @@ -{ lib, config, ... }: -with lib; -let +{ + lib, + config, + ... +}: +with lib; let app = "scrutiny"; # renovate: depName=AnalogJ/scrutiny datasource=github-releases version = "v0.8.1"; cfg = config.mySystem.services.${app}; -in -{ +in { options.mySystem.services.${app} = { enable = mkEnableOption "${app}"; @@ -33,7 +35,7 @@ in # --device /dev/disk/by-id/nvme-XXXXXXXXXXXXXXXXXXXXXXXXXXXX devices = mkOption { type = types.listOf types.str; - default = [ ]; + default = []; description = '' Devices to monitor on Scrutiny. ''; diff --git a/nixos/modules/nixos/de/kde.nix b/nixos/modules/nixos/de/kde.nix index bf9adc7..e9622ff 100644 --- a/nixos/modules/nixos/de/kde.nix +++ b/nixos/modules/nixos/de/kde.nix @@ -3,17 +3,17 @@ config, pkgs, ... -}: -let +}: let cfg = config.mySystem.de.kde; - flameshotOverride = pkgs.unstable.flameshot.override { enableWlrSupport = true; }; -in -{ + flameshotOverride = pkgs.unstable.flameshot.override {enableWlrSupport = true;}; +in { options = { mySystem.de.kde = { - enable = lib.mkEnableOption "KDE" // { - default = false; - }; + enable = + lib.mkEnableOption "KDE" + // { + default = false; + }; }; }; diff --git a/nixos/modules/nixos/editor/vim.nix b/nixos/modules/nixos/editor/vim.nix index 45395e7..23dcaac 100644 --- a/nixos/modules/nixos/editor/vim.nix +++ b/nixos/modules/nixos/editor/vim.nix @@ -1,12 +1,13 @@ # /home/jahanson/projects/mochi/nixos/modules/nixos/editor/vim.nix - -{ config, lib, ... }: -with lib; -let - cfg = config.mySystem.editor.vim; - users = [ "jahanson" ]; -in { + config, + lib, + ... +}: +with lib; let + cfg = config.mySystem.editor.vim; + users = ["jahanson"]; +in { options.mySystem.editor.vim.enable = mkEnableOption "vim"; config = mkIf cfg.enable { # Enable vim and set as default editor @@ -16,19 +17,20 @@ in # Visual mode off and syntax highlighting on home-manager.users = mapAttrs - (user: _: { - home.file.".vimrc".text = '' - set mouse-=a - syntax on - ''; - }) - ( - listToAttrs ( - map (u: { - name = u; - value = { }; - }) users - ) - ); + (user: _: { + home.file.".vimrc".text = '' + set mouse-=a + syntax on + ''; + }) + ( + listToAttrs ( + map (u: { + name = u; + value = {}; + }) + users + ) + ); }; } diff --git a/nixos/modules/nixos/games/steam/steam.nix b/nixos/modules/nixos/games/steam/steam.nix index 5bccfec..371e34d 100644 --- a/nixos/modules/nixos/games/steam/steam.nix +++ b/nixos/modules/nixos/games/steam/steam.nix @@ -3,11 +3,9 @@ lib, pkgs, ... -}: -let +}: let cfg = config.mySystem.games.steam; -in -{ +in { options.mySystem.games.steam = { enable = lib.mkEnableOption "Steam"; }; @@ -24,6 +22,5 @@ in environment.systemPackages = with pkgs; [ protonup-qt ]; - }; } diff --git a/nixos/modules/nixos/hardware/nvidia/default.nix b/nixos/modules/nixos/hardware/nvidia/default.nix index 86cc5dd..97190d8 100644 --- a/nixos/modules/nixos/hardware/nvidia/default.nix +++ b/nixos/modules/nixos/hardware/nvidia/default.nix @@ -4,15 +4,12 @@ pkgs, ... }: -with lib; -let +with lib; let cfg = config.mySystem.hardware.nvidia; -in -{ +in { options.mySystem.hardware.nvidia.enable = mkEnableOption "NVIDIA config"; config = mkIf cfg.enable { - environment.sessionVariables.NIXOS_OZONE_WL = "1"; # ref: https://nixos.wiki/wiki/Nvidia # Enable OpenGL @@ -30,7 +27,6 @@ in # This is for the benefit of VSCODE running natively in wayland nvidia = { - # Modesetting is required. modesetting.enable = true; diff --git a/nixos/modules/nixos/programs/shell/fish.nix b/nixos/modules/nixos/programs/shell/fish.nix index b4b1729..dbd7d98 100644 --- a/nixos/modules/nixos/programs/shell/fish.nix +++ b/nixos/modules/nixos/programs/shell/fish.nix @@ -1,9 +1,11 @@ -{ lib, config, ... }: -with lib; -let - cfg = config.mySystem.shell.fish; -in { + lib, + config, + ... +}: +with lib; let + cfg = config.mySystem.shell.fish; +in { options.mySystem.shell.fish = { enable = mkEnableOption "Fish"; enablePlugins = mkOption { @@ -22,5 +24,4 @@ in functions.enable = true; }; }; - } diff --git a/nixos/modules/nixos/security/1password/default.nix b/nixos/modules/nixos/security/1password/default.nix index 062ba26..ca8cd73 100644 --- a/nixos/modules/nixos/security/1password/default.nix +++ b/nixos/modules/nixos/security/1password/default.nix @@ -1,10 +1,12 @@ -{ config, lib, ... }: -with lib; -let +{ + config, + lib, + ... +}: +with lib; let cfg = config.mySystem.security._1password; user = "jahanson"; -in -{ +in { options.mySystem.security._1password = { enable = mkEnableOption "_1password"; }; @@ -14,7 +16,7 @@ in _1password.enable = true; _1password-gui = { enable = true; - polkitPolicyOwners = [ "${user}" ]; + polkitPolicyOwners = ["${user}"]; }; }; diff --git a/nixos/modules/nixos/security/acme/default.nix b/nixos/modules/nixos/security/acme/default.nix index 5111da2..257aea6 100644 --- a/nixos/modules/nixos/security/acme/default.nix +++ b/nixos/modules/nixos/security/acme/default.nix @@ -1,15 +1,17 @@ -{ lib, config, ... }: -with lib; -let - cfg = config.mySystem.security.acme; -in { + lib, + config, + ... +}: +with lib; let + cfg = config.mySystem.security.acme; +in { options.mySystem.security.acme.enable = mkEnableOption "acme"; config = mkIf cfg.enable { sops.secrets = { "security/acme/env".sopsFile = ./secrets.sops.yaml; - "security/acme/env".restartUnits = [ "lego.service" ]; + "security/acme/env".restartUnits = ["lego.service"]; }; security.acme = { diff --git a/nixos/modules/nixos/security/default.nix b/nixos/modules/nixos/security/default.nix index 27d3074..bc90c28 100644 --- a/nixos/modules/nixos/security/default.nix +++ b/nixos/modules/nixos/security/default.nix @@ -1,5 +1,4 @@ -{ ... }: -{ +{...}: { imports = [ ./1password ./acme diff --git a/nixos/modules/nixos/services/bind/default.nix b/nixos/modules/nixos/services/bind/default.nix index 4fbfb33..907149d 100644 --- a/nixos/modules/nixos/services/bind/default.nix +++ b/nixos/modules/nixos/services/bind/default.nix @@ -4,14 +4,12 @@ pkgs, ... }: -with lib; -let +with lib; let cfg = config.mySystem.services.bind; -in -{ +in { options.mySystem.services.bind = { enable = mkEnableOption "bind"; - package = mkPackageOption pkgs "bind" { }; + package = mkPackageOption pkgs "bind" {}; extraConfig = mkOption { type = types.str; }; @@ -19,8 +17,8 @@ in config = mkIf cfg.enable { networking.firewall = { - allowedTCPPorts = [ 53 ]; - allowedUDPPorts = [ 53 ]; + allowedTCPPorts = [53]; + allowedUDPPorts = [53]; }; # Forces the machine to use the resolver provided by the network diff --git a/nixos/modules/nixos/services/dnsmasq/default.nix b/nixos/modules/nixos/services/dnsmasq/default.nix index 102dcc1..f89db08 100644 --- a/nixos/modules/nixos/services/dnsmasq/default.nix +++ b/nixos/modules/nixos/services/dnsmasq/default.nix @@ -4,14 +4,12 @@ pkgs, ... }: -with lib; -let +with lib; let cfg = config.mySystem.services.dnsmasq; -in -{ +in { options.mySystem.services.dnsmasq = { enable = mkEnableOption "dnsmasq"; - package = mkPackageOption pkgs "dnsmasq" { }; + package = mkPackageOption pkgs "dnsmasq" {}; bootAsset = mkOption { type = types.str; example = "http://10.1.1.57:8086/boot.ipxe"; @@ -48,7 +46,7 @@ in settings = { # Disables only the DNS port. port = 0; - dhcp-range = [ "10.1.1.1,proxy,255.255.255.0" ]; + dhcp-range = ["10.1.1.1,proxy,255.255.255.0"]; # serves TFTP from dnsmasq enable-tftp = true; tftp-root = cfg.tftpRoot; diff --git a/nixos/modules/nixos/services/libvirt-qemu/default.nix b/nixos/modules/nixos/services/libvirt-qemu/default.nix index ca6ef85..6c6a96a 100644 --- a/nixos/modules/nixos/services/libvirt-qemu/default.nix +++ b/nixos/modules/nixos/services/libvirt-qemu/default.nix @@ -5,12 +5,10 @@ inputs, ... }: -with lib; -let +with lib; let cfg = config.mySystem.services.libvirt-qemu; -in -{ - imports = [ inputs.nixvirt-git.nixosModules.default ]; +in { + imports = [inputs.nixvirt-git.nixosModules.default]; options.mySystem.services.libvirt-qemu = { enable = mkEnableOption "libvirt-qemu"; }; @@ -30,7 +28,7 @@ in qemu = { package = pkgs.qemu_kvm; ovmf.enable = true; - ovmf.packages = [ pkgs.OVMFFull.fd ]; + ovmf.packages = [pkgs.OVMFFull.fd]; }; }; }; diff --git a/nixos/modules/nixos/services/matchbox/default.nix b/nixos/modules/nixos/services/matchbox/default.nix index e2742c7..988f84d 100644 --- a/nixos/modules/nixos/services/matchbox/default.nix +++ b/nixos/modules/nixos/services/matchbox/default.nix @@ -4,14 +4,12 @@ pkgs, ... }: -with lib; -let +with lib; let cfg = config.mySystem.services.matchbox; -in -{ +in { options.mySystem.services.matchbox = { enable = mkEnableOption "matchbox"; - package = mkPackageOption pkgs "matchbox-server" { }; + package = mkPackageOption pkgs "matchbox-server" {}; dataPath = mkOption { type = types.str; example = "/var/lib/matchbox"; @@ -38,10 +36,10 @@ in networking.firewall = { # HTTP communication - allowedTCPPorts = [ 8086 ]; + allowedTCPPorts = [8086]; }; - users.groups.matchbox = { }; + users.groups.matchbox = {}; users.users = { matchbox = { home = cfg.dataPath; @@ -51,8 +49,8 @@ in }; systemd.services.matchbox = { - wantedBy = [ "multi-user.target" ]; - after = [ "network.target" ]; + wantedBy = ["multi-user.target"]; + after = ["network.target"]; serviceConfig = { ExecStart = "${pkgs.matchbox-server}/bin/matchbox -address=0.0.0.0:8086 -data-path=${cfg.dataPath} -assets-path=${cfg.assetPath} -log-level=debug"; Restart = "on-failure"; diff --git a/nixos/modules/nixos/services/nginx/default.nix b/nixos/modules/nixos/services/nginx/default.nix index 87fcdb2..e422b25 100644 --- a/nixos/modules/nixos/services/nginx/default.nix +++ b/nixos/modules/nixos/services/nginx/default.nix @@ -1,13 +1,14 @@ -{ lib, config, ... }: -with lib; -let - cfg = config.mySystem.services.nginx; -in { + lib, + config, + ... +}: +with lib; let + cfg = config.mySystem.services.nginx; +in { options.mySystem.services.nginx.enable = mkEnableOption "nginx"; config = mkIf cfg.enable { - services.nginx = { enable = true; @@ -63,6 +64,6 @@ in }; # required for using acme certs - users.users.nginx.extraGroups = [ "acme" ]; + users.users.nginx.extraGroups = ["acme"]; }; } diff --git a/nixos/modules/nixos/services/nix-index-daily/default.nix b/nixos/modules/nixos/services/nix-index-daily/default.nix index 9241d31..09f2a0c 100644 --- a/nixos/modules/nixos/services/nix-index-daily/default.nix +++ b/nixos/modules/nixos/services/nix-index-daily/default.nix @@ -3,11 +3,9 @@ lib, pkgs, ... -}: -let +}: let cfg = config.mySystem.services.nix-index-daily; -in -{ +in { options.mySystem.services.nix-index-daily = { enable = lib.mkEnableOption "Automatic daily nix-index database updates"; @@ -29,8 +27,8 @@ in systemd.user = { # Timer for nix-index update timers.nix-index-update = { - wantedBy = [ "timers.target" ]; - partOf = [ "nix-index-update.service" ]; + wantedBy = ["timers.target"]; + partOf = ["nix-index-update.service"]; timerConfig = { OnCalendar = cfg.startTime; Persistent = true; diff --git a/nixos/modules/nixos/services/onepassword-connect/default.nix b/nixos/modules/nixos/services/onepassword-connect/default.nix index bbeba10..7f24de8 100644 --- a/nixos/modules/nixos/services/onepassword-connect/default.nix +++ b/nixos/modules/nixos/services/onepassword-connect/default.nix @@ -1,9 +1,11 @@ -{ lib, config, ... }: -with lib; -let - cfg = config.mySystem.services.onepassword-connect; -in { + lib, + config, + ... +}: +with lib; let + cfg = config.mySystem.services.onepassword-connect; +in { options.mySystem.services.onepassword-connect = { enable = mkEnableOption "onepassword-connect"; apiVersion = lib.mkOption { @@ -27,7 +29,7 @@ in config = mkIf cfg.enable { # Create data dir - system.activationScripts.makeOnePasswordConnectDataDir = lib.stringAfter [ "var" ] '' + system.activationScripts.makeOnePasswordConnectDataDir = lib.stringAfter ["var"] '' mkdir -p "${cfg.dataDir}" chown -R 999:999 ${cfg.dataDir} ''; @@ -37,7 +39,7 @@ in onepassword-connect-api = { image = "docker.io/1password/connect-api:${cfg.apiVersion}"; autoStart = true; - ports = [ "8080:8080" ]; + ports = ["8080:8080"]; volumes = [ "${cfg.credentialsFile}:/home/opuser/.op/1password-credentials.json" "${cfg.dataDir}:/home/opuser/.op/data" @@ -47,7 +49,7 @@ in onepassword-connect-sync = { image = "docker.io/1password/connect-sync:${cfg.syncVersion}"; autoStart = true; - ports = [ "8081:8080" ]; + ports = ["8081:8080"]; volumes = [ "${cfg.credentialsFile}:/home/opuser/.op/1password-credentials.json" "${cfg.dataDir}:/home/opuser/.op/data" diff --git a/nixos/modules/nixos/services/podman/default.nix b/nixos/modules/nixos/services/podman/default.nix index ac45902..f7d1517 100644 --- a/nixos/modules/nixos/services/podman/default.nix +++ b/nixos/modules/nixos/services/podman/default.nix @@ -4,11 +4,9 @@ pkgs, ... }: -with lib; -let +with lib; let cfg = config.mySystem.services.podman; -in -{ +in { options.mySystem.services.podman.enable = mkEnableOption "Podman"; config = mkIf cfg.enable { @@ -16,7 +14,7 @@ in enable = true; dockerCompat = true; - extraPackages = [ pkgs.zfs ]; + extraPackages = [pkgs.zfs]; # regular cleanup autoPrune.enable = true; @@ -42,16 +40,16 @@ in lazypodman = "sudo DOCKER_HOST=unix:///run/podman/podman.sock lazydocker"; }; - networking.firewall.interfaces.podman0.allowedUDPPorts = [ 53 ]; + networking.firewall.interfaces.podman0.allowedUDPPorts = [53]; # extra user for containers - users.groups.kah = { }; + users.groups.kah = {}; users.users = { kah = { uid = 568; group = "kah"; }; - jahanson.extraGroups = [ "kah" ]; + jahanson.extraGroups = ["kah"]; }; }; } diff --git a/nixos/modules/nixos/services/qbittorrent/default.nix b/nixos/modules/nixos/services/qbittorrent/default.nix index 311f51e..5a18a4e 100644 --- a/nixos/modules/nixos/services/qbittorrent/default.nix +++ b/nixos/modules/nixos/services/qbittorrent/default.nix @@ -4,11 +4,9 @@ pkgs, ... }: -with lib; -let +with lib; let cfg = config.mySystem.services.qbittorrent; -in -{ +in { options.mySystem.services.qbittorrent = { enable = mkEnableOption "qBittorrent"; @@ -68,7 +66,7 @@ in }; config = mkIf cfg.enable { - users.groups.${cfg.group} = { }; + users.groups.${cfg.group} = {}; users.users = mkIf (cfg.user == "qbittorrent") { qbittorrent = { inherit (cfg) group; @@ -108,8 +106,8 @@ in Group = cfg.group; } (lib.mkIf cfg.hardening { - CapabilityBoundingSet = [ "" ]; - DeviceAllow = [ "" ]; + CapabilityBoundingSet = [""]; + DeviceAllow = [""]; DevicePolicy = "closed"; LockPersonality = true; MemoryDenyWriteExecute = true; @@ -154,7 +152,7 @@ in cfg.webuiPort cfg.qbittorrentPort ]; - allowedUDPPorts = [ cfg.qbittorrentPort ]; + allowedUDPPorts = [cfg.qbittorrentPort]; }; }; } diff --git a/nixos/modules/nixos/services/reboot-required-check.nix b/nixos/modules/nixos/services/reboot-required-check.nix index c1446c6..123eb3f 100644 --- a/nixos/modules/nixos/services/reboot-required-check.nix +++ b/nixos/modules/nixos/services/reboot-required-check.nix @@ -1,15 +1,17 @@ -{ lib, config, ... }: -with lib; -let - cfg = config.mySystem.services.rebootRequiredCheck; -in { + lib, + config, + ... +}: +with lib; let + cfg = config.mySystem.services.rebootRequiredCheck; +in { options.mySystem.services.rebootRequiredCheck.enable = mkEnableOption "Reboot required check"; config = mkIf cfg.enable { # Enable timer systemd.timers."reboot-required-check" = { - wantedBy = [ "timers.target" ]; + wantedBy = ["timers.target"]; timerConfig = { # start at boot OnBootSec = "0m"; diff --git a/nixos/modules/nixos/services/sanoid/default.nix b/nixos/modules/nixos/services/sanoid/default.nix index 168e7ca..65c12e8 100644 --- a/nixos/modules/nixos/services/sanoid/default.nix +++ b/nixos/modules/nixos/services/sanoid/default.nix @@ -4,14 +4,12 @@ pkgs, ... }: -with lib; -let +with lib; let cfg = config.mySystem.services.sanoid; -in -{ +in { options.mySystem.services.sanoid = { enable = mkEnableOption "sanoid"; - package = mkPackageOption pkgs "sanoid" { }; + package = mkPackageOption pkgs "sanoid" {}; datasets = mkOption { type = lib.types.attrsOf (lib.types.attrsOf lib.types.unspecified); }; diff --git a/nixos/modules/nixos/services/syncthing/config/default.nix b/nixos/modules/nixos/services/syncthing/config/default.nix index 3a9819d..f560509 100644 --- a/nixos/modules/nixos/services/syncthing/config/default.nix +++ b/nixos/modules/nixos/services/syncthing/config/default.nix @@ -1,5 +1,4 @@ -{ sops, ... }: -{ +{sops, ...}: { gui = { user = sops.secrets.username; password = sops.secrets.password; @@ -9,22 +8,22 @@ gandalf = { name = "gandalf"; id = "2VYHSOB-4QE3UIJ-EFKAD4D-J7YTLYG-4KF36C2-3SOLD4G-MFR6NK3-C2VSAQV"; - addresses = [ "tcp://10.1.1.13:22000" ]; + addresses = ["tcp://10.1.1.13:22000"]; }; legiondary = { name = "legiondary"; id = "O4WI2YC-BZBPF2W-2ALNQ2D-UOP3BK5-ZDSEHVH-DIHS2FG-BSVJCXG-GF47XAE"; - addresses = [ "dynamic" ]; + addresses = ["dynamic"]; }; shadowfax = { name = "shadowfax"; id = "U3DS7CW-GBZT44M-IFP3MOB-AV6SHVY-YFVEL5P-HE3ACC5-NDDGAOB-HOTKJAC"; - addresses = [ "tcp://10.1.1.61:22000" ]; + addresses = ["tcp://10.1.1.61:22000"]; }; telchar = { name = "telchar"; id = "ENO4NVK-DUKOLUT-ASJZOEI-IFBVBTA-GDNWKWS-DQF3TZW-JJ72VVB-VWTHNAH"; - addresses = [ "dynamic" ]; + addresses = ["dynamic"]; }; }; diff --git a/nixos/modules/nixos/services/syncthing/default.nix b/nixos/modules/nixos/services/syncthing/default.nix index 7df9f66..47286c0 100644 --- a/nixos/modules/nixos/services/syncthing/default.nix +++ b/nixos/modules/nixos/services/syncthing/default.nix @@ -2,11 +2,9 @@ config, lib, ... -}: -let +}: let cfg = config.mySystem.services.syncthing; -in -{ +in { options.mySystem.services.syncthing = { enable = lib.mkEnableOption "Syncthing"; publicCertPath = lib.mkOption { @@ -30,13 +28,13 @@ in sopsFile = ./secrets.sops.yaml; owner = "jahanson"; mode = "400"; - restartUnits = [ "syncthing.service" ]; + restartUnits = ["syncthing.service"]; }; "password" = { sopsFile = ./secrets.sops.yaml; owner = "jahanson"; mode = "400"; - restartUnits = [ "syncthing.service" ]; + restartUnits = ["syncthing.service"]; }; }; @@ -48,7 +46,7 @@ in openDefaultPorts = true; key = "${cfg.privateKeyPath}"; cert = "${cfg.publicCertPath}"; - settings = import ./config { inherit (config) sops; }; + settings = import ./config {inherit (config) sops;}; }; }; # Don't create default ~/Sync folder diff --git a/nixos/modules/nixos/services/unpackerr/default.nix b/nixos/modules/nixos/services/unpackerr/default.nix index 144b978..7c49c2b 100644 --- a/nixos/modules/nixos/services/unpackerr/default.nix +++ b/nixos/modules/nixos/services/unpackerr/default.nix @@ -4,17 +4,13 @@ pkgs, ... }: - -with lib; - -let +with lib; let cfg = config.mySystem.services.unpackerr; -in -{ +in { options.mySystem.services.unpackerr = { enable = mkEnableOption "Unpackerr"; - package = mkPackageOption pkgs "unpackerr" { }; + package = mkPackageOption pkgs "unpackerr" {}; user = mkOption { type = types.str; @@ -43,7 +39,7 @@ in }; config = mkIf cfg.enable { - users.groups.${cfg.group} = { }; + users.groups.${cfg.group} = {}; users.users = mkIf (cfg.user == "unpackerr") { unpackerr = { inherit (cfg) group; @@ -53,8 +49,8 @@ in systemd.services.unpackerr = { description = "Unpackerr service"; - after = [ "network.target" ]; - wantedBy = [ "multi-user.target" ]; + after = ["network.target"]; + wantedBy = ["multi-user.target"]; serviceConfig = { User = cfg.user; Group = cfg.group; @@ -66,9 +62,11 @@ in ] ); - EnvironmentFile = lib.optional ( - cfg.extraEnvVarsFile != null && cfg.extraEnvVarsFile != "" - ) cfg.extraEnvVarsFile; + EnvironmentFile = + lib.optional ( + cfg.extraEnvVarsFile != null && cfg.extraEnvVarsFile != "" + ) + cfg.extraEnvVarsFile; }; }; }; diff --git a/nixos/modules/nixos/system/borg/borgbackup/default.nix b/nixos/modules/nixos/system/borg/borgbackup/default.nix index 20be51b..90e3a2b 100644 --- a/nixos/modules/nixos/system/borg/borgbackup/default.nix +++ b/nixos/modules/nixos/system/borg/borgbackup/default.nix @@ -1,17 +1,19 @@ -{ lib, config, ... }: -let - cfg = config.mySystem.system.borgbackup; -in { + lib, + config, + ... +}: let + cfg = config.mySystem.system.borgbackup; +in { options.mySystem.system.borgbackup = { enable = lib.mkEnableOption "borgbackup"; paths = lib.mkOption { type = lib.types.listOf lib.types.str; - default = [ ]; + default = []; }; exclude = lib.mkOption { type = lib.types.listOf lib.types.str; - default = [ ]; + default = []; }; repo = lib.mkOption { example = "borgbackup@myserver:repo"; diff --git a/nixos/modules/nixos/system/borg/default.nix b/nixos/modules/nixos/system/borg/default.nix index 2fbaedf..d1b52e0 100644 --- a/nixos/modules/nixos/system/borg/default.nix +++ b/nixos/modules/nixos/system/borg/default.nix @@ -1,5 +1,4 @@ -{ ... }: -{ +{...}: { imports = [ ./borgbackup ./pikabackup diff --git a/nixos/modules/nixos/system/borg/pikabackup/default.nix b/nixos/modules/nixos/system/borg/pikabackup/default.nix index 116835e..afbe702 100644 --- a/nixos/modules/nixos/system/borg/pikabackup/default.nix +++ b/nixos/modules/nixos/system/borg/pikabackup/default.nix @@ -3,12 +3,10 @@ config, pkgs, ... -}: -let +}: let cfg = config.mySystem.system.borg.pika-backup; user = "jahanson"; -in -{ +in { options.mySystem.system.borg.pika-backup = { enable = lib.mkEnableOption "pika-backup"; }; diff --git a/nixos/modules/nixos/system/incus/default.nix b/nixos/modules/nixos/system/incus/default.nix index 33752c3..3f3d784 100644 --- a/nixos/modules/nixos/system/incus/default.nix +++ b/nixos/modules/nixos/system/incus/default.nix @@ -3,12 +3,10 @@ pkgs, lib, ... -}: -let +}: let cfg = config.mySystem.system.incus; user = "jahanson"; -in -{ +in { # sops.secrets.secret-domain-0 = { # sopsFile = ./secret.sops.yaml; # }; @@ -27,14 +25,13 @@ in }; config = lib.mkIf cfg.enable { - virtualisation.incus = { inherit (cfg) preseed; enable = true; ui.enable = true; }; - users.users.${user}.extraGroups = [ "incus-admin" ]; + users.users.${user}.extraGroups = ["incus-admin"]; # systemd.services.incus-preseed.postStart = "${oidcSetup}"; diff --git a/nixos/modules/nixos/system/motd/default.nix b/nixos/modules/nixos/system/motd/default.nix index 28d82d9..23656a5 100644 --- a/nixos/modules/nixos/system/motd/default.nix +++ b/nixos/modules/nixos/system/motd/default.nix @@ -3,8 +3,7 @@ lib, pkgs, ... -}: -let +}: let motd = pkgs.writeShellScriptBin "motd" '' #! /usr/bin/env bash source /etc/os-release @@ -41,8 +40,7 @@ let printf "\n" ${lib.strings.concatStrings ( lib.lists.forEach cfg.networkInterfaces ( - x: - "printf \"$BOLD * %-20s$ENDCOLOR %s\\n\" \"IPv4 ${x}\" \"$(ip -4 addr show ${x} | grep -oP '(?<=inet\\s)\\d+(\\.\\d+){3}')\"\n" + x: "printf \"$BOLD * %-20s$ENDCOLOR %s\\n\" \"IPv4 ${x}\" \"$(ip -4 addr show ${x} | grep -oP '(?<=inet\\s)\\d+(\\.\\d+){3}')\"\n" ) )} printf "$BOLD * %-20s$ENDCOLOR %s\n" "Release" "$PRETTY_NAME" @@ -82,17 +80,15 @@ let fi ''; cfg = config.mySystem.system.motd; -in -{ +in { options.mySystem.system.motd = { enable = lib.mkEnableOption "MOTD"; networkInterfaces = lib.mkOption { description = "Network interfaces to monitor"; type = lib.types.listOf lib.types.str; # default = lib.mapAttrsToList (_: val: val.interface) - default = [ ]; + default = []; }; - }; config = lib.mkIf cfg.enable { environment.systemPackages = [ diff --git a/nixos/modules/nixos/system/nfs/default.nix b/nixos/modules/nixos/system/nfs/default.nix index dfaa293..f06c56d 100644 --- a/nixos/modules/nixos/system/nfs/default.nix +++ b/nixos/modules/nixos/system/nfs/default.nix @@ -1,8 +1,10 @@ -{ lib, config, ... }: -let - cfg = config.mySystem.system.nfs; -in { + lib, + config, + ... +}: let + cfg = config.mySystem.system.nfs; +in { options.mySystem.system.nfs = { enable = lib.mkEnableOption "nfs"; exports = lib.mkOption { diff --git a/nixos/modules/nixos/system/nix.nix b/nixos/modules/nixos/system/nix.nix index 164b04b..6cf67d6 100644 --- a/nixos/modules/nixos/system/nix.nix +++ b/nixos/modules/nixos/system/nix.nix @@ -1,9 +1,11 @@ -{ lib, config, ... }: -with lib; -let - cfg = config.mySystem.nix; -in { + lib, + config, + ... +}: +with lib; let + cfg = config.mySystem.nix; +in { options.mySystem.nix = { autoOptimiseStore = mkOption { type = lib.types.bool; @@ -11,9 +13,11 @@ in default = true; }; gc = { - enable = mkEnableOption "automatic garbage collection" // { - default = true; - }; + enable = + mkEnableOption "automatic garbage collection" + // { + default = true; + }; persistent = mkOption { type = lib.types.bool; description = "Persistent timer for gc, runs at startup if timer missed"; diff --git a/nixos/modules/nixos/system/openssh.nix b/nixos/modules/nixos/system/openssh.nix index ce37dbc..3b406db 100644 --- a/nixos/modules/nixos/system/openssh.nix +++ b/nixos/modules/nixos/system/openssh.nix @@ -1,13 +1,17 @@ -{ lib, config, ... }: -with lib; -let - cfg = config.mySystem.services.openssh; -in { + lib, + config, + ... +}: +with lib; let + cfg = config.mySystem.services.openssh; +in { options.mySystem.services.openssh = { - enable = mkEnableOption "openssh" // { - default = true; - }; + enable = + mkEnableOption "openssh" + // { + default = true; + }; passwordAuthentication = mkOption { type = lib.types.bool; description = "If password can be accepted for ssh (commonly disable for security hardening)"; diff --git a/nixos/modules/nixos/system/pushover/default.nix b/nixos/modules/nixos/system/pushover/default.nix index 8992700..939fce7 100644 --- a/nixos/modules/nixos/system/pushover/default.nix +++ b/nixos/modules/nixos/system/pushover/default.nix @@ -4,21 +4,18 @@ pkgs, ... }: -with lib; -let +with lib; let cfg = config.mySystem.system.systemd.pushover-alerts; -in -{ +in { options.mySystem.system.systemd.pushover-alerts.enable = mkEnableOption "Pushover alerts for systemd failures" // { default = true; }; options.systemd.services = mkOption { - type = - with types; + type = with types; attrsOf (submodule { - config.onFailure = [ "notify-pushover@%n.service" ]; + config.onFailure = ["notify-pushover@%n.service"]; }); }; @@ -32,7 +29,7 @@ in systemd.services."notify-pushover@" = mkIf cfg.enable { enable = true; - onFailure = lib.mkForce [ ]; # cant refer to itself on failure + onFailure = lib.mkForce []; # cant refer to itself on failure description = "Notify on failed unit %i"; serviceConfig = { Type = "oneshot"; diff --git a/nixos/modules/nixos/system/security.nix b/nixos/modules/nixos/system/security.nix index 69f0585..5b9d9d1 100644 --- a/nixos/modules/nixos/system/security.nix +++ b/nixos/modules/nixos/system/security.nix @@ -1,9 +1,11 @@ -{ lib, config, ... }: -with lib; -let - cfg = config.mySystem.security; -in { + lib, + config, + ... +}: +with lib; let + cfg = config.mySystem.security; +in { options.mySystem.security = { sshAgentAuth.enable = lib.mkEnableOption "openssh"; wheelNeedsSudoPassword = lib.mkOption { diff --git a/nixos/modules/nixos/system/systempackages.nix b/nixos/modules/nixos/system/systempackages.nix index ba05893..0f38c3e 100644 --- a/nixos/modules/nixos/system/systempackages.nix +++ b/nixos/modules/nixos/system/systempackages.nix @@ -1,14 +1,16 @@ -{ lib, config, ... }: -with lib; -let - cfg = config.mySystem.system; -in { + lib, + config, + ... +}: +with lib; let + cfg = config.mySystem.system; +in { options.mySystem.system = { packages = mkOption { type = with types; listOf package; description = "List of system level package installs"; - default = [ ]; + default = []; }; }; # System packages deployed globally. diff --git a/nixos/modules/nixos/system/time.nix b/nixos/modules/nixos/system/time.nix index c1af81e..ba5ecda 100644 --- a/nixos/modules/nixos/system/time.nix +++ b/nixos/modules/nixos/system/time.nix @@ -1,8 +1,10 @@ -{ lib, config, ... }: -let - cfg = config.mySystem.time; -in { + lib, + config, + ... +}: let + cfg = config.mySystem.time; +in { options.mySystem.time = { timeZone = lib.mkOption { type = lib.types.str; diff --git a/nixos/modules/nixos/system/wifi_swap/default.nix b/nixos/modules/nixos/system/wifi_swap/default.nix index ca34121..f584695 100644 --- a/nixos/modules/nixos/system/wifi_swap/default.nix +++ b/nixos/modules/nixos/system/wifi_swap/default.nix @@ -5,8 +5,7 @@ pkgs, ... }: -with lib; -let +with lib; let cfg = config.mySystem.framework_wifi_swap; wifiSwap = pkgs.writeShellScriptBin "wifi_swap" '' #! /usr/bin/env bash @@ -34,12 +33,13 @@ let ;; esac ''; -in -{ +in { options.mySystem.framework_wifi_swap = { - enable = mkEnableOption "framework_wifi_swap" // { - default = false; - }; + enable = + mkEnableOption "framework_wifi_swap" + // { + default = false; + }; }; config = mkIf cfg.enable { # Create bash script and add it to nix store diff --git a/nixos/modules/nixos/system/zfs.nix b/nixos/modules/nixos/system/zfs.nix index 9be78bc..a6b08d9 100644 --- a/nixos/modules/nixos/system/zfs.nix +++ b/nixos/modules/nixos/system/zfs.nix @@ -3,45 +3,43 @@ config, pkgs, ... -}: -let +}: let cfg = config.mySystem.system.zfs; in -with lib; -{ - options.mySystem.system.zfs = { - enable = lib.mkEnableOption "zfs"; - mountPoolsAtBoot = lib.mkOption { - type = lib.types.listOf lib.types.str; - default = [ ]; - }; - }; - config = lib.mkIf cfg.enable { - # setup boot - boot = { - supportedFilesystems = [ - "zfs" - ]; - zfs = { - forceImportRoot = false; # if stuck on boot, modify grub options, force importing isnt secure - extraPools = cfg.mountPoolsAtBoot; + with lib; { + options.mySystem.system.zfs = { + enable = lib.mkEnableOption "zfs"; + mountPoolsAtBoot = lib.mkOption { + type = lib.types.listOf lib.types.str; + default = []; }; }; + config = lib.mkIf cfg.enable { + # setup boot + boot = { + supportedFilesystems = [ + "zfs" + ]; + zfs = { + forceImportRoot = false; # if stuck on boot, modify grub options, force importing isnt secure + extraPools = cfg.mountPoolsAtBoot; + }; + }; - services.zfs = { - autoScrub.enable = true; - autoScrub.interval = "weekly"; - trim.enable = true; + services.zfs = { + autoScrub.enable = true; + autoScrub.interval = "weekly"; + trim.enable = true; + }; + + # Pushover notifications + environment.systemPackages = with pkgs; [ + busybox + ]; + + services.zfs.zed.settings = { + ZED_PUSHOVER_TOKEN = "$(${pkgs.busybox}/bin/cat ${config.sops.secrets.pushover-api-key.path})"; + ZED_PUSHOVER_USER = "$(${pkgs.busybox}/bin/cat ${config.sops.secrets.pushover-user-key.path})"; + }; }; - - # Pushover notifications - environment.systemPackages = with pkgs; [ - busybox - ]; - - services.zfs.zed.settings = { - ZED_PUSHOVER_TOKEN = "$(${pkgs.busybox}/bin/cat ${config.sops.secrets.pushover-api-key.path})"; - ZED_PUSHOVER_USER = "$(${pkgs.busybox}/bin/cat ${config.sops.secrets.pushover-user-key.path})"; - }; - }; -} + } diff --git a/nixos/overlays/cargo-tauri/default.nix b/nixos/overlays/cargo-tauri/default.nix index 389bbfd..60b2b22 100644 --- a/nixos/overlays/cargo-tauri/default.nix +++ b/nixos/overlays/cargo-tauri/default.nix @@ -1,10 +1,9 @@ -{ ... }: -let +{...}: let finalVersion = "tauri-v2.0.4"; in -final: prev: { - cargo-tauri = prev.cargo-tauri.overrideAttrs (oldAttrs: { - version = finalVersion; - vendorHash = "sha256-aTtvVpL979BUvSBwBqRqCWSWIBBmmty9vBD97Q5P4+E="; - }); -} + final: prev: { + cargo-tauri = prev.cargo-tauri.overrideAttrs (oldAttrs: { + version = finalVersion; + vendorHash = "sha256-aTtvVpL979BUvSBwBqRqCWSWIBBmmty9vBD97Q5P4+E="; + }); + } diff --git a/nixos/overlays/coder/default.nix b/nixos/overlays/coder/default.nix index 17ad078..950bb13 100644 --- a/nixos/overlays/coder/default.nix +++ b/nixos/overlays/coder/default.nix @@ -8,9 +8,7 @@ stdenvNoCC, unzip, nixosTests, -}: - -let +}: let inherit (stdenvNoCC.hostPlatform) system; channels = { @@ -34,14 +32,13 @@ let }; }; in -stdenvNoCC.mkDerivation (finalAttrs: { - pname = "coder"; - version = channels.${channel}.version; - src = fetchurl { - hash = (channels.${channel}.hash).${system}; + stdenvNoCC.mkDerivation (finalAttrs: { + pname = "coder"; + version = channels.${channel}.version; + src = fetchurl { + hash = (channels.${channel}.hash).${system}; - url = - let + url = let systemName = { x86_64-linux = "linux_amd64"; @@ -59,59 +56,58 @@ stdenvNoCC.mkDerivation (finalAttrs: { aarch64-darwin = "zip"; } .${system}; - in - "https://github.com/coder/coder/releases/download/v${finalAttrs.version}/coder_${finalAttrs.version}_${systemName}.${ext}"; - }; - - nativeBuildInputs = [ - installShellFiles - makeBinaryWrapper - unzip - ]; - - unpackPhase = '' - runHook preUnpack - - case $src in - *.tar.gz) tar -xz -f "$src" ;; - *.zip) unzip "$src" ;; - esac - - runHook postUnpack - ''; - - installPhase = '' - runHook preInstall - - install -D -m755 coder $out/bin/coder - - runHook postInstall - ''; - - postInstall = '' - wrapProgram $out/bin/coder \ - --prefix PATH : ${lib.makeBinPath [ terraform ]} - ''; - - # integration tests require network access - doCheck = false; - - meta = { - description = "Provision remote development environments via Terraform"; - homepage = "https://coder.com"; - license = lib.licenses.agpl3Only; - mainProgram = "coder"; - maintainers = with lib.maintainers; [ - ghuntley - kylecarbs - urandom - ]; - }; - - passthru = { - updateScript = ./update.sh; - tests = { - inherit (nixosTests) coder; + in "https://github.com/coder/coder/releases/download/v${finalAttrs.version}/coder_${finalAttrs.version}_${systemName}.${ext}"; }; - }; -}) + + nativeBuildInputs = [ + installShellFiles + makeBinaryWrapper + unzip + ]; + + unpackPhase = '' + runHook preUnpack + + case $src in + *.tar.gz) tar -xz -f "$src" ;; + *.zip) unzip "$src" ;; + esac + + runHook postUnpack + ''; + + installPhase = '' + runHook preInstall + + install -D -m755 coder $out/bin/coder + + runHook postInstall + ''; + + postInstall = '' + wrapProgram $out/bin/coder \ + --prefix PATH : ${lib.makeBinPath [terraform]} + ''; + + # integration tests require network access + doCheck = false; + + meta = { + description = "Provision remote development environments via Terraform"; + homepage = "https://coder.com"; + license = lib.licenses.agpl3Only; + mainProgram = "coder"; + maintainers = with lib.maintainers; [ + ghuntley + kylecarbs + urandom + ]; + }; + + passthru = { + updateScript = ./update.sh; + tests = { + inherit (nixosTests) coder; + }; + }; + }) diff --git a/nixos/overlays/smartmontools/default.nix b/nixos/overlays/smartmontools/default.nix index d2f8d4f..6bc459f 100644 --- a/nixos/overlays/smartmontools/default.nix +++ b/nixos/overlays/smartmontools/default.nix @@ -1,15 +1,14 @@ -{ ... }: -let +{...}: let dbrev = "5613"; drivedbBranch = "RELEASE_7_4"; in -final: prev: { - smartmontools = prev.smartmontools.overrideAttrs (oldAttrs: { - inherit dbrev drivedbBranch; - driverdb = builtins.fetchurl { - url = "https://sourceforge.net/p/smartmontools/code/${dbrev}/tree/trunk/smartmontools/drivedb.h?format=raw"; - sha256 = "sha256-6r7Pd298Ea55AXOLijUEQoJq+Km5cE+Ygti65yacdoM="; - name = "smartmontools-drivedb.h"; - }; - }); -} + final: prev: { + smartmontools = prev.smartmontools.overrideAttrs (oldAttrs: { + inherit dbrev drivedbBranch; + driverdb = builtins.fetchurl { + url = "https://sourceforge.net/p/smartmontools/code/${dbrev}/tree/trunk/smartmontools/drivedb.h?format=raw"; + sha256 = "sha256-6r7Pd298Ea55AXOLijUEQoJq+Km5cE+Ygti65yacdoM="; + name = "smartmontools-drivedb.h"; + }; + }); + } diff --git a/nixos/overlays/talosctl/default.nix b/nixos/overlays/talosctl/default.nix index c808fe2..b683f70 100644 --- a/nixos/overlays/talosctl/default.nix +++ b/nixos/overlays/talosctl/default.nix @@ -5,7 +5,6 @@ installShellFiles, git, }: - buildGoModule rec { pname = "talosctl"; version = "1.9.0"; @@ -24,7 +23,7 @@ buildGoModule rec { "-w" ]; - subPackages = [ "cmd/talosctl" ]; + subPackages = ["cmd/talosctl"]; doCheck = false; @@ -58,7 +57,7 @@ buildGoModule rec { description = "A CLI for out-of-band management of Kubernetes nodes created by Talos"; homepage = "https://www.talos.dev/"; license = licenses.mpl20; - maintainers = with maintainers; [ flokli ]; + maintainers = with maintainers; [flokli]; mainProgram = "talosctl"; }; } diff --git a/nixos/overlays/termius/default.nix b/nixos/overlays/termius/default.nix index cc3a04d..f88d7a8 100644 --- a/nixos/overlays/termius/default.nix +++ b/nixos/overlays/termius/default.nix @@ -12,7 +12,6 @@ udev, wrapGAppsHook3, }: - stdenv.mkDerivation rec { pname = "termius"; version = "9.5.0"; @@ -31,7 +30,7 @@ stdenv.mkDerivation rec { }; desktopItem = makeDesktopItem { - categories = [ "Network" ]; + categories = ["Network"]; comment = "The SSH client that works on Desktop and Mobile"; desktopName = "Termius"; exec = "termius-app"; @@ -82,7 +81,7 @@ stdenv.mkDerivation rec { install -Dm644 meta/gui/icon.png $out/share/icons/hicolor/128x128/apps/termius-app.png ''; - runtimeDependencies = [ (lib.getLib udev) ]; + runtimeDependencies = [(lib.getLib udev)]; postFixup = '' makeWrapper $out/opt/termius/termius-app $out/bin/termius-app \ @@ -93,13 +92,13 @@ stdenv.mkDerivation rec { description = "A cross-platform SSH client with cloud data sync and more"; homepage = "https://termius.com/"; downloadPage = "https://termius.com/linux/"; - sourceProvenance = with sourceTypes; [ binaryNativeCode ]; + sourceProvenance = with sourceTypes; [binaryNativeCode]; license = licenses.unfree; maintainers = with maintainers; [ Br1ght0ne th0rgal ]; - platforms = [ "x86_64-linux" ]; + platforms = ["x86_64-linux"]; mainProgram = "termius-app"; }; } diff --git a/nixos/overlays/vivaldi/default.nix b/nixos/overlays/vivaldi/default.nix index a4dbbaf..ed35530 100644 --- a/nixos/overlays/vivaldi/default.nix +++ b/nixos/overlays/vivaldi/default.nix @@ -62,183 +62,189 @@ libpulseaudio, kerberosSupport ? true, libkrb5, -}: - -let - branch = if isSnapshot then "snapshot" else "stable"; - vivaldiName = if isSnapshot then "vivaldi-snapshot" else "vivaldi"; +}: let + branch = + if isSnapshot + then "snapshot" + else "stable"; + vivaldiName = + if isSnapshot + then "vivaldi-snapshot" + else "vivaldi"; in -stdenv.mkDerivation rec { - pname = "vivaldi"; - version = "6.9.3447.37"; + stdenv.mkDerivation rec { + pname = "vivaldi"; + version = "6.9.3447.37"; - suffix = - { - aarch64-linux = "arm64"; - x86_64-linux = "amd64"; - } - .${stdenv.hostPlatform.system} or (throw "Unsupported system: ${stdenv.hostPlatform.system}"); - - src = fetchurl { - url = "https://downloads.vivaldi.com/${branch}/vivaldi-${branch}_${version}-1_${suffix}.deb"; - hash = + suffix = { - aarch64-linux = "sha256-kYTnWad/jrJt9z+AhjXzHYxVSIwIIO3RKD7szuPEg2s="; - x86_64-linux = "sha256-+h7SHci8gZ+epKFHD0PiXyME2xT+loD2KXpJGFCfIFg="; + aarch64-linux = "arm64"; + x86_64-linux = "amd64"; } - .${stdenv.hostPlatform.system} or (throw "Unsupported system: ${stdenv.hostPlatform.system}"); - }; + .${stdenv.hostPlatform.system} + or (throw "Unsupported system: ${stdenv.hostPlatform.system}"); - unpackPhase = '' - ar vx $src - tar -xvf data.tar.xz - ''; + src = fetchurl { + url = "https://downloads.vivaldi.com/${branch}/vivaldi-${branch}_${version}-1_${suffix}.deb"; + hash = + { + aarch64-linux = "sha256-kYTnWad/jrJt9z+AhjXzHYxVSIwIIO3RKD7szuPEg2s="; + x86_64-linux = "sha256-+h7SHci8gZ+epKFHD0PiXyME2xT+loD2KXpJGFCfIFg="; + } + .${stdenv.hostPlatform.system} + or (throw "Unsupported system: ${stdenv.hostPlatform.system}"); + }; - nativeBuildInputs = [ - patchelf - makeWrapper - ]; - - dontWrapQtApps = true; - - buildInputs = - [ - stdenv.cc.cc - stdenv.cc.libc - zlib - libX11 - libXt - libXext - libSM - libICE - libxcb - libxkbcommon - libxshmfence - libXi - libXft - libXcursor - libXfixes - libXScrnSaver - libXcomposite - libXdamage - libXtst - libXrandr - atk - at-spi2-atk - at-spi2-core - alsa-lib - dbus - cups - gtk3 - gdk-pixbuf - libexif - ffmpeg - systemd - libva - qt5.qtbase - freetype - fontconfig - libXrender - libuuid - expat - glib - nss - nspr - libGL - libxml2 - pango - cairo - libdrm - mesa - vulkan-loader - wayland - pipewire - ] - ++ lib.optional proprietaryCodecs vivaldi-ffmpeg-codecs - ++ lib.optional pulseSupport libpulseaudio - ++ lib.optional kerberosSupport libkrb5; - - libPath = - lib.makeLibraryPath buildInputs - + lib.optionalString (stdenv.is64bit) (":" + lib.makeSearchPathOutput "lib" "lib64" buildInputs) - + ":$out/opt/${vivaldiName}/lib"; - - buildPhase = - '' - runHook preBuild - echo "Patching Vivaldi binaries" - for f in chrome_crashpad_handler vivaldi-bin vivaldi-sandbox ; do - patchelf \ - --set-interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)" \ - --set-rpath "${libPath}" \ - opt/${vivaldiName}/$f - done - - for f in libGLESv2.so libqt5_shim.so ; do - patchelf --set-rpath "${libPath}" opt/${vivaldiName}/$f - done - '' - + lib.optionalString proprietaryCodecs '' - ln -s ${vivaldi-ffmpeg-codecs}/lib/libffmpeg.so opt/${vivaldiName}/libffmpeg.so.''${version%\.*\.*} - '' - + '' - echo "Finished patching Vivaldi binaries" - runHook postBuild + unpackPhase = '' + ar vx $src + tar -xvf data.tar.xz ''; - dontPatchELF = true; - dontStrip = true; - - installPhase = - '' - runHook preInstall - mkdir -p "$out" - cp -r opt "$out" - mkdir "$out/bin" - ln -s "$out/opt/${vivaldiName}/${vivaldiName}" "$out/bin/vivaldi" - mkdir -p "$out/share" - cp -r usr/share/{applications,xfce4} "$out"/share - substituteInPlace "$out"/share/applications/*.desktop \ - --replace /usr/bin/${vivaldiName} "$out"/bin/vivaldi - substituteInPlace "$out"/share/applications/*.desktop \ - --replace vivaldi-stable vivaldi - local d - for d in 16 22 24 32 48 64 128 256; do - mkdir -p "$out"/share/icons/hicolor/''${d}x''${d}/apps - ln -s \ - "$out"/opt/${vivaldiName}/product_logo_''${d}.png \ - "$out"/share/icons/hicolor/''${d}x''${d}/apps/vivaldi.png - done - wrapProgram "$out/bin/vivaldi" \ - --add-flags ${lib.escapeShellArg commandLineArgs} \ - --add-flags "\''${NIXOS_OZONE_WL:+\''${WAYLAND_DISPLAY:+--ozone-platform-hint=auto --enable-features=WaylandWindowDecorations}}" \ - --set-default FONTCONFIG_FILE "${fontconfig.out}/etc/fonts/fonts.conf" \ - --set-default FONTCONFIG_PATH "${fontconfig.out}/etc/fonts" \ - --suffix XDG_DATA_DIRS : ${gtk3}/share/gsettings-schemas/${gtk3.name}/ \ - ${lib.optionalString enableWidevine "--suffix LD_LIBRARY_PATH : ${libPath}"} - '' - + lib.optionalString enableWidevine '' - ln -sf ${widevine-cdm}/share/google/chrome/WidevineCdm $out/opt/${vivaldiName}/WidevineCdm - '' - + '' - runHook postInstall - ''; - - passthru.updateScript = ./update-vivaldi.sh; - - meta = with lib; { - description = "Browser for our Friends, powerful and personal"; - homepage = "https://vivaldi.com"; - license = licenses.unfree; - sourceProvenance = with sourceTypes; [ binaryNativeCode ]; - mainProgram = "vivaldi"; - maintainers = with maintainers; [ - otwieracz - badmutex + nativeBuildInputs = [ + patchelf + makeWrapper ]; - platforms = [ - "x86_64-linux" - "aarch64-linux" - ]; - }; -} + + dontWrapQtApps = true; + + buildInputs = + [ + stdenv.cc.cc + stdenv.cc.libc + zlib + libX11 + libXt + libXext + libSM + libICE + libxcb + libxkbcommon + libxshmfence + libXi + libXft + libXcursor + libXfixes + libXScrnSaver + libXcomposite + libXdamage + libXtst + libXrandr + atk + at-spi2-atk + at-spi2-core + alsa-lib + dbus + cups + gtk3 + gdk-pixbuf + libexif + ffmpeg + systemd + libva + qt5.qtbase + freetype + fontconfig + libXrender + libuuid + expat + glib + nss + nspr + libGL + libxml2 + pango + cairo + libdrm + mesa + vulkan-loader + wayland + pipewire + ] + ++ lib.optional proprietaryCodecs vivaldi-ffmpeg-codecs + ++ lib.optional pulseSupport libpulseaudio + ++ lib.optional kerberosSupport libkrb5; + + libPath = + lib.makeLibraryPath buildInputs + + lib.optionalString (stdenv.is64bit) (":" + lib.makeSearchPathOutput "lib" "lib64" buildInputs) + + ":$out/opt/${vivaldiName}/lib"; + + buildPhase = + '' + runHook preBuild + echo "Patching Vivaldi binaries" + for f in chrome_crashpad_handler vivaldi-bin vivaldi-sandbox ; do + patchelf \ + --set-interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)" \ + --set-rpath "${libPath}" \ + opt/${vivaldiName}/$f + done + + for f in libGLESv2.so libqt5_shim.so ; do + patchelf --set-rpath "${libPath}" opt/${vivaldiName}/$f + done + '' + + lib.optionalString proprietaryCodecs '' + ln -s ${vivaldi-ffmpeg-codecs}/lib/libffmpeg.so opt/${vivaldiName}/libffmpeg.so.''${version%\.*\.*} + '' + + '' + echo "Finished patching Vivaldi binaries" + runHook postBuild + ''; + + dontPatchELF = true; + dontStrip = true; + + installPhase = + '' + runHook preInstall + mkdir -p "$out" + cp -r opt "$out" + mkdir "$out/bin" + ln -s "$out/opt/${vivaldiName}/${vivaldiName}" "$out/bin/vivaldi" + mkdir -p "$out/share" + cp -r usr/share/{applications,xfce4} "$out"/share + substituteInPlace "$out"/share/applications/*.desktop \ + --replace /usr/bin/${vivaldiName} "$out"/bin/vivaldi + substituteInPlace "$out"/share/applications/*.desktop \ + --replace vivaldi-stable vivaldi + local d + for d in 16 22 24 32 48 64 128 256; do + mkdir -p "$out"/share/icons/hicolor/''${d}x''${d}/apps + ln -s \ + "$out"/opt/${vivaldiName}/product_logo_''${d}.png \ + "$out"/share/icons/hicolor/''${d}x''${d}/apps/vivaldi.png + done + wrapProgram "$out/bin/vivaldi" \ + --add-flags ${lib.escapeShellArg commandLineArgs} \ + --add-flags "\''${NIXOS_OZONE_WL:+\''${WAYLAND_DISPLAY:+--ozone-platform-hint=auto --enable-features=WaylandWindowDecorations}}" \ + --set-default FONTCONFIG_FILE "${fontconfig.out}/etc/fonts/fonts.conf" \ + --set-default FONTCONFIG_PATH "${fontconfig.out}/etc/fonts" \ + --suffix XDG_DATA_DIRS : ${gtk3}/share/gsettings-schemas/${gtk3.name}/ \ + ${lib.optionalString enableWidevine "--suffix LD_LIBRARY_PATH : ${libPath}"} + '' + + lib.optionalString enableWidevine '' + ln -sf ${widevine-cdm}/share/google/chrome/WidevineCdm $out/opt/${vivaldiName}/WidevineCdm + '' + + '' + runHook postInstall + ''; + + passthru.updateScript = ./update-vivaldi.sh; + + meta = with lib; { + description = "Browser for our Friends, powerful and personal"; + homepage = "https://vivaldi.com"; + license = licenses.unfree; + sourceProvenance = with sourceTypes; [binaryNativeCode]; + mainProgram = "vivaldi"; + maintainers = with maintainers; [ + otwieracz + badmutex + ]; + platforms = [ + "x86_64-linux" + "aarch64-linux" + ]; + }; + } diff --git a/nixos/overlays/vivaldi/ffmpeg-codecs.nix b/nixos/overlays/vivaldi/ffmpeg-codecs.nix index 0872fd8..9fe6bf0 100644 --- a/nixos/overlays/vivaldi/ffmpeg-codecs.nix +++ b/nixos/overlays/vivaldi/ffmpeg-codecs.nix @@ -4,7 +4,6 @@ lib, stdenv, }: - # This derivation roughly follows the update-ffmpeg script that ships with the official Vivaldi # downloads at https://vivaldi.com/download/ stdenv.mkDerivation rec { @@ -16,7 +15,7 @@ stdenv.mkDerivation rec { hash = "sha256-a1peHhku+OaGvPyChvLdh6/7zT+v8OHNwt60QUq7VvU="; }; - buildInputs = [ squashfsTools ]; + buildInputs = [squashfsTools]; unpackPhase = '' unsquashfs -dest . $src @@ -29,13 +28,13 @@ stdenv.mkDerivation rec { meta = with lib; { description = "Additional support for proprietary codecs for Vivaldi"; homepage = "https://ffmpeg.org/"; - sourceProvenance = with sourceTypes; [ binaryNativeCode ]; + sourceProvenance = with sourceTypes; [binaryNativeCode]; license = licenses.lgpl21; maintainers = with maintainers; [ betaboon cawilliamson fptje ]; - platforms = [ "x86_64-linux" ]; + platforms = ["x86_64-linux"]; }; } diff --git a/nixos/overlays/xpipe/ptb.nix b/nixos/overlays/xpipe/ptb.nix index 2401499..aa69372 100644 --- a/nixos/overlays/xpipe/ptb.nix +++ b/nixos/overlays/xpipe/ptb.nix @@ -25,9 +25,7 @@ util-linux, socat, hicolor-icon-theme, -}: - -let +}: let inherit (stdenvNoCC.hostPlatform) system; throwSystem = throw "Unsupported system: ${system}"; @@ -36,99 +34,100 @@ let x86_64-linux = "x86_64"; aarch64-linux = "arm64"; } - .${system} or throwSystem; + .${system} + or throwSystem; hash = { x86_64-linux = "sha256-O4gl0WulhDyqL9lDwqR1oxNAzVjHn+3q0UB8KP0/sBk="; aarch64-linux = ""; } - .${system} or throwSystem; + .${system} + or throwSystem; displayname = "XPipe PTB"; - in -stdenvNoCC.mkDerivation rec { - pname = "xpipe-ptb"; - version = "13.0-10"; + stdenvNoCC.mkDerivation rec { + pname = "xpipe-ptb"; + version = "13.0-10"; - src = fetchzip { - url = "https://github.com/xpipe-io/${pname}/releases/download/${version}/xpipe-portable-linux-${arch}.tar.gz"; - inherit hash; - }; + src = fetchzip { + url = "https://github.com/xpipe-io/${pname}/releases/download/${version}/xpipe-portable-linux-${arch}.tar.gz"; + inherit hash; + }; - nativeBuildInputs = [ - autoPatchelfHook - makeShellWrapper - ]; + nativeBuildInputs = [ + autoPatchelfHook + makeShellWrapper + ]; - # Ignore libavformat dependencies as we don't need them - autoPatchelfIgnoreMissingDeps = true; + # Ignore libavformat dependencies as we don't need them + autoPatchelfIgnoreMissingDeps = true; - buildInputs = [ - fontconfig - zlib - udev - freetype - gtk3 - alsa-lib - libX11 - libX11 - libXext - libXdamage - libXfixes - libxcb - libXcomposite - libXcursor - libXi - libXrender - libXtst - libXxf86vm - ]; + buildInputs = [ + fontconfig + zlib + udev + freetype + gtk3 + alsa-lib + libX11 + libX11 + libXext + libXdamage + libXfixes + libxcb + libXcomposite + libXcursor + libXi + libXrender + libXtst + libXxf86vm + ]; - desktopItem = makeDesktopItem { - categories = [ "Network" ]; - comment = "XPipe (Public Test Build) releases"; - desktopName = displayname; - exec = "/opt/${pname}/cli/bin/xpipe open %U"; - genericName = "Shell connection hub"; - icon = "/opt/${pname}/logo.png"; - name = displayname; - }; + desktopItem = makeDesktopItem { + categories = ["Network"]; + comment = "XPipe (Public Test Build) releases"; + desktopName = displayname; + exec = "/opt/${pname}/cli/bin/xpipe open %U"; + genericName = "Shell connection hub"; + icon = "/opt/${pname}/logo.png"; + name = displayname; + }; - installPhase = '' - runHook preInstall + installPhase = '' + runHook preInstall - pkg="${pname}" - mkdir -p $out/opt/$pkg - cp -r ./ $out/opt/$pkg + pkg="${pname}" + mkdir -p $out/opt/$pkg + cp -r ./ $out/opt/$pkg - mkdir -p "$out/bin" - ln -s "$out/opt/$pkg/cli/bin/xpipe" "$out/bin/$pkg" + mkdir -p "$out/bin" + ln -s "$out/opt/$pkg/cli/bin/xpipe" "$out/bin/$pkg" - mkdir -p "$out/share/applications" - cp -r "${desktopItem}/share/applications/" "$out/share/" + mkdir -p "$out/share/applications" + cp -r "${desktopItem}/share/applications/" "$out/share/" - mkdir -p "$out/etc/bash_completion.d" - ln -s "$out/opt/$pkg/cli/xpipe_completion" "$out/etc/bash_completion.d/$pkg" + mkdir -p "$out/etc/bash_completion.d" + ln -s "$out/opt/$pkg/cli/xpipe_completion" "$out/etc/bash_completion.d/$pkg" - substituteInPlace "$out/share/applications/${displayname}.desktop" --replace "Exec=" "Exec=$out" - substituteInPlace "$out/share/applications/${displayname}.desktop" --replace "Icon=" "Icon=$out" + substituteInPlace "$out/share/applications/${displayname}.desktop" --replace "Exec=" "Exec=$out" + substituteInPlace "$out/share/applications/${displayname}.desktop" --replace "Icon=" "Icon=$out" - mv "$out/opt/$pkg/app/bin/xpiped" "$out/opt/$pkg/app/bin/xpiped_raw" - mv "$out/opt/$pkg/app/lib/app/xpiped.cfg" "$out/opt/$pkg/app/lib/app/xpiped_raw.cfg" - mv "$out/opt/$pkg/app/scripts/xpiped_debug.sh" "$out/opt/$pkg/app/scripts/xpiped_debug_raw.sh" + mv "$out/opt/$pkg/app/bin/xpiped" "$out/opt/$pkg/app/bin/xpiped_raw" + mv "$out/opt/$pkg/app/lib/app/xpiped.cfg" "$out/opt/$pkg/app/lib/app/xpiped_raw.cfg" + mv "$out/opt/$pkg/app/scripts/xpiped_debug.sh" "$out/opt/$pkg/app/scripts/xpiped_debug_raw.sh" - makeShellWrapper "$out/opt/$pkg/app/bin/xpiped_raw" "$out/opt/$pkg/app/bin/xpiped" \ - --prefix LD_LIBRARY_PATH : "${ + makeShellWrapper "$out/opt/$pkg/app/bin/xpiped_raw" "$out/opt/$pkg/app/bin/xpiped" \ + --prefix LD_LIBRARY_PATH : "${ lib.makeLibraryPath [ fontconfig gtk3 udev ] }" - makeShellWrapper "$out/opt/$pkg/app/scripts/xpiped_debug_raw.sh" "$out/opt/$pkg/app/scripts/xpiped_debug.sh" \ - --prefix LD_LIBRARY_PATH : "${ + makeShellWrapper "$out/opt/$pkg/app/scripts/xpiped_debug_raw.sh" "$out/opt/$pkg/app/scripts/xpiped_debug.sh" \ + --prefix LD_LIBRARY_PATH : "${ lib.makeLibraryPath [ fontconfig gtk3 @@ -136,24 +135,24 @@ stdenvNoCC.mkDerivation rec { ] }" - runHook postInstall - ''; + runHook postInstall + ''; - meta = with lib; { - description = "XPipe (Public Test Build) releases"; - homepage = "https://github.com/xpipe-io/${pname}"; - downloadPage = "https://github.com/xpipe-io/${pname}/releases/latest"; - sourceProvenance = with sourceTypes; [ binaryNativeCode ]; - changelog = "https://github.com/xpipe-io/${pname}/releases/tag/${version}"; - license = [ - licenses.asl20 - licenses.unfree - ]; - maintainers = with maintainers; [ crschnick ]; - platforms = [ - "x86_64-linux" - "aarch64-linux" - ]; - mainProgram = pname; - }; -} + meta = with lib; { + description = "XPipe (Public Test Build) releases"; + homepage = "https://github.com/xpipe-io/${pname}"; + downloadPage = "https://github.com/xpipe-io/${pname}/releases/latest"; + sourceProvenance = with sourceTypes; [binaryNativeCode]; + changelog = "https://github.com/xpipe-io/${pname}/releases/tag/${version}"; + license = [ + licenses.asl20 + licenses.unfree + ]; + maintainers = with maintainers; [crschnick]; + platforms = [ + "x86_64-linux" + "aarch64-linux" + ]; + mainProgram = pname; + }; + } diff --git a/nixos/overlays/zed-editor/default.nix b/nixos/overlays/zed-editor/default.nix index a121dcc..d89ef47 100644 --- a/nixos/overlays/zed-editor/default.nix +++ b/nixos/overlays/zed-editor/default.nix @@ -1,15 +1,14 @@ -{ ... }: -let +{...}: let finalVersion = "0.149.3"; in -final: prev: { - zed-editor = prev.zed-editor.overrideAttrs (oldAttrs: { - version = finalVersion; - src = prev.fetchFromGithub { - hash = "sha256-ed6/QQObmclSA36g+civhii1aFKTBSjqB+LOyp2LUPg="; - }; - cargoLock = prev.outputHashes { - "blade-graphics-0.4.0" = "sha256-sGXhXmgtd7Wx/Gf7HCWro4RsQOGS4pQt8+S3T+2wMfY="; - }; - }); -} + final: prev: { + zed-editor = prev.zed-editor.overrideAttrs (oldAttrs: { + version = finalVersion; + src = prev.fetchFromGithub { + hash = "sha256-ed6/QQObmclSA36g+civhii1aFKTBSjqB+LOyp2LUPg="; + }; + cargoLock = prev.outputHashes { + "blade-graphics-0.4.0" = "sha256-sGXhXmgtd7Wx/Gf7HCWro4RsQOGS4pQt8+S3T+2wMfY="; + }; + }); + } diff --git a/nixos/profiles/disko-nixos.nix b/nixos/profiles/disko-nixos.nix index acbb46d..18c113f 100644 --- a/nixos/profiles/disko-nixos.nix +++ b/nixos/profiles/disko-nixos.nix @@ -1,8 +1,4 @@ -{ - disks ? [ "/dev/sda" ], - ... -}: -{ +{disks ? ["/dev/sda"], ...}: { disko.devices = { disk = { main = { diff --git a/nixos/profiles/global/nix.nix b/nixos/profiles/global/nix.nix index 68905ee..ab3f0db 100644 --- a/nixos/profiles/global/nix.nix +++ b/nixos/profiles/global/nix.nix @@ -1,5 +1,8 @@ -{ lib, nixpkgs, ... }: { + lib, + nixpkgs, + ... +}: { ## Below is to align shell/system to flake's nixpkgs ## ref: https://nixos-and-flakes.thiscute.world/best-practices/nix-path-and-flake-registry @@ -10,7 +13,7 @@ registry.nixpkgs.flake = nixpkgs; channel.enable = false; # remove nix-channel related tools & configs, we use flakes instead. - nixPath = [ "nixpkgs=${nixpkgs}" ]; + nixPath = ["nixpkgs=${nixpkgs}"]; settings = { # but NIX_PATH is still used by many useful tools, so we set it to the same value as the one used by this flake. diff --git a/nixos/profiles/global/sops.nix b/nixos/profiles/global/sops.nix index 2cb0a94..02d16e9 100644 --- a/nixos/profiles/global/sops.nix +++ b/nixos/profiles/global/sops.nix @@ -1,6 +1,5 @@ -{ ... }: -{ - sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; +{...}: { + sops.age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"]; # Secret for machine-specific pushover sops.secrets = { "services/pushover/env" = { diff --git a/nixos/profiles/global/system.nix b/nixos/profiles/global/system.nix index 1f02ad5..2647963 100644 --- a/nixos/profiles/global/system.nix +++ b/nixos/profiles/global/system.nix @@ -1,5 +1,8 @@ -{ lib, pkgs, ... }: { + lib, + pkgs, + ... +}: { system = { # Enable printing changes on nix build etc with nvd activationScripts.report-changes = '' diff --git a/nixos/profiles/hw-generic-x86.nix b/nixos/profiles/hw-generic-x86.nix index 02281dc..c7f473a 100644 --- a/nixos/profiles/hw-generic-x86.nix +++ b/nixos/profiles/hw-generic-x86.nix @@ -1,8 +1,10 @@ -{ lib, pkgs, ... }: -with lib; { + lib, + pkgs, + ... +}: +with lib; { boot = { - initrd.availableKernelModules = [ "nvme" "xhci_pci" @@ -11,20 +13,18 @@ with lib; "usb_storage" "sd_mod" ]; - kernelModules = [ ]; - extraModulePackages = [ ]; + kernelModules = []; + extraModulePackages = []; # for managing/mounting nfs - supportedFilesystems = [ "nfs" ]; + supportedFilesystems = ["nfs"]; loader = { systemd-boot.enable = true; efi.canTouchEfiVariables = true; grub.memtest86.enable = true; - }; }; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - } diff --git a/nixos/profiles/hw-hetzner-cax.nix b/nixos/profiles/hw-hetzner-cax.nix index 6b9ba0b..57fcd03 100644 --- a/nixos/profiles/hw-hetzner-cax.nix +++ b/nixos/profiles/hw-hetzner-cax.nix @@ -1,6 +1,5 @@ -{ lib, ... }: -{ - imports = [ ]; +{lib, ...}: { + imports = []; boot = { loader.systemd-boot.enable = true; @@ -12,9 +11,9 @@ "usbhid" "sr_mod" ]; - initrd.kernelModules = [ ]; - kernelModules = [ ]; - extraModulePackages = [ ]; + initrd.kernelModules = []; + kernelModules = []; + extraModulePackages = []; }; mySystem = { diff --git a/nixos/profiles/hw-hp-s01.nix b/nixos/profiles/hw-hp-s01.nix index b52c508..621f642 100644 --- a/nixos/profiles/hw-hp-s01.nix +++ b/nixos/profiles/hw-hp-s01.nix @@ -1,5 +1,4 @@ -{ lib, ... }: -{ +{lib, ...}: { mySystem = { security.wheelNeedsSudoPassword = false; }; diff --git a/nixos/profiles/hw-supermicro.nix b/nixos/profiles/hw-supermicro.nix index cd63ce9..0697d37 100644 --- a/nixos/profiles/hw-supermicro.nix +++ b/nixos/profiles/hw-supermicro.nix @@ -1,8 +1,11 @@ -{ lib, pkgs, ... }: { + lib, + pkgs, + ... +}: { boot = { # for managing/mounting nfs - supportedFilesystems = [ "nfs" ]; + supportedFilesystems = ["nfs"]; loader = { grub = { @@ -11,7 +14,7 @@ efiInstallAsRemovable = true; mirroredBoots = [ { - devices = [ "nodev" ]; + devices = ["nodev"]; path = "/boot"; } ]; diff --git a/nixos/profiles/role-server.nix b/nixos/profiles/role-server.nix index 9b287a3..e687e6b 100644 --- a/nixos/profiles/role-server.nix +++ b/nixos/profiles/role-server.nix @@ -1,7 +1,10 @@ -{ lib, pkgs, ... }: -# Role for headless servers -with lib; { + lib, + pkgs, + ... +}: +# Role for headless servers +with lib; { config = { mySystem = { services.rebootRequiredCheck.enable = true; @@ -20,7 +23,7 @@ with lib; }; environment = { - systemPackages = [ pkgs.unstable.lazygit ]; + systemPackages = [pkgs.unstable.lazygit]; }; documentation = { diff --git a/shell.nix b/shell.nix index 1ee0f3d..54e6bbe 100644 --- a/shell.nix +++ b/shell.nix @@ -1,24 +1,24 @@ # Need the unstable nixpkgs to get latest dev tools let nixpkgs = fetchTarball "https://github.com/NixOS/nixpkgs/archive/nixos-unstable.tar.gz"; - pkgs = import nixpkgs { allowUnfree = true; }; + pkgs = import nixpkgs {allowUnfree = true;}; in -pkgs.mkShell { - # Enable experimental features without having to specify the argument - NIX_CONFIG = "experimental-features = nix-command flakes"; - shellHook = '' - export TMP=$(mktemp -d "/tmp/nix-shell-XXXXXX") - export TEMP=$TMP - export TMPDIR=$TMP - ''; + pkgs.mkShell { + # Enable experimental features without having to specify the argument + NIX_CONFIG = "experimental-features = nix-command flakes"; + shellHook = '' + export TMP=$(mktemp -d "/tmp/nix-shell-XXXXXX") + export TEMP=$TMP + export TMPDIR=$TMP + ''; - nativeBuildInputs = with pkgs; [ - cachix - git - gitleaks - go-task - pre-commit - sops - statix - ]; -} + nativeBuildInputs = with pkgs; [ + cachix + git + gitleaks + go-task + pre-commit + sops + statix + ]; + }