reformat --> alejandra

2025-03-06 09:51:33 -06:00 · 2025-03-06 09:51:33 -06:00 · e6e258feeb
commit e6e258feeb
parent f4e15b7e90
89 changed files with 875 additions and 901 deletions
--- a/.archive/home/modules/programs/de/gnome/default.nix
+++ b/.archive/home/modules/programs/de/gnome/default.nix
@ -6,8 +6,7 @@
  osConfig,
  ...
 }:
-with lib.hm.gvariant;
-{
+with lib.hm.gvariant; {
  config = lib.mkIf osConfig.mySystem.de.gnome.enable {
    # add user packages
    home.packages = with pkgs; [
--- a/.archive/hosts/durincore/default.nix
+++ b/.archive/hosts/durincore/default.nix
@ -1,5 +1,4 @@
-{ ... }:
-{
+{...}: {
  config = {
    networking.hostId = "ad4380db";
    networking.hostName = "durincore";
@ -48,6 +47,5 @@
        "wlp4s0"
      ];
    };
-
  };
 }
--- a/.archive/hosts/gandalf/config/incus-preseed.nix
+++ b/.archive/hosts/gandalf/config/incus-preseed.nix
@ -1,5 +1,4 @@
-{ ... }:
-{
+{...}: {
  config = {
    "core.https_address" = "10.1.1.15:8445"; # Need quotes around key
  };
--- a/.archive/hosts/gandalf/config/samba-config.nix
+++ b/.archive/hosts/gandalf/config/samba-config.nix
@ -1,5 +1,4 @@
-{ ... }:
-{
+{...}: {
  global = {
    "workgroup" = "WORKGROUP";
    "server string" = "gandalf";
--- a/.archive/hosts/gandalf/config/sanoid.nix
+++ b/.archive/hosts/gandalf/config/sanoid.nix
@ -1,5 +1,4 @@
-{ ... }:
-{
+{...}: {
  outputs = {
    # ZFS automated snapshots
    templates = {
--- a/.archive/hosts/legiondary/default.nix
+++ b/.archive/hosts/legiondary/default.nix
@ -6,9 +6,7 @@
  lib,
  modulesPath,
  ...
-}:
-
-{
+}: {
  imports = [
    (modulesPath + "/installer/scan/not-detected.nix")
  ];
--- a/.archive/modules/nixos/containers/lego-auto/default.nix
+++ b/.archive/modules/nixos/containers/lego-auto/default.nix
@ -1,6 +1,9 @@
-{ lib, config, ... }:
-with lib;
-let
+{
+  lib,
+  config,
+  ...
+}:
+with lib; let
  app = "lego-auto";
  image = "ghcr.io/bjw-s/lego-auto:v0.3.0";
  user = "999"; # string
@ -8,8 +11,7 @@ let
  port = 9898; # int
  cfg = config.mySystem.services.${app};
  appFolder = "/eru/containers/volumes/${app}";
-in
-{
+in {
  options.mySystem.services.${app} = {
    enable = mkEnableOption "${app}";
    dnsimpleTokenPath = mkOption {
@ -56,9 +58,11 @@ in
          DNSIMPLE_OAUTH_TOKEN_FILE = "/config/dnsimple-token";
        };

-      volumes = [
+      volumes =
+        [
          "${appFolder}/cert:/cert"
-      ] ++ optionals (cfg.provider == "dnsimple") [ "${cfg.dnsimpleTokenPath}:/config/dnsimple-token" ];
+        ]
+        ++ optionals (cfg.provider == "dnsimple") ["${cfg.dnsimpleTokenPath}:/config/dnsimple-token"];
    };
  };
 }
--- a/.archive/modules/nixos/containers/unifi/default.nix
+++ b/.archive/modules/nixos/containers/unifi/default.nix
@ -1,6 +1,9 @@
-{ lib, config, ... }:
-with lib;
-let
+{
+  lib,
+  config,
+  ...
+}:
+with lib; let
  app = "unifi";
  # renovate: depName=goofball222/unifi datasource=github-releases
  version = "8.4.62";
--- a/.archive/modules/nixos/de/gnome.nix
+++ b/.archive/modules/nixos/de/gnome.nix
@ -3,24 +3,27 @@
  config,
  pkgs,
  ...
-}:
-let
+}: let
  cfg = config.mySystem.de.gnome;
-in
-{
+in {
  options = {
    mySystem.de.gnome = {
-      enable = lib.mkEnableOption "GNOME" // {
+      enable =
+        lib.mkEnableOption "GNOME"
+        // {
          default = false;
        };
-      systrayicons = lib.mkEnableOption "Enable systray icons" // {
+      systrayicons =
+        lib.mkEnableOption "Enable systray icons"
+        // {
          default = true;
        };
-      gsconnect = lib.mkEnableOption "Enable gsconnect (KDEConnect for GNOME)" // {
+      gsconnect =
+        lib.mkEnableOption "Enable gsconnect (KDEConnect for GNOME)"
+        // {
          default = true;
        };
    };
-
  };

  config = lib.mkIf cfg.enable {
@ -55,8 +58,7 @@ in
    # systyray icons
    # extra pkgs and extensions
    environment = {
-      systemPackages =
-        with pkgs;
+      systemPackages = with pkgs;
        [
          wl-clipboard # ls ~/Downloads | wl-copy or wl-paste > clipboard.txt
          playerctl # gsconnect play/pause command
--- a/.archive/modules/nixos/de/kde.nix
+++ b/.archive/modules/nixos/de/kde.nix
@ -3,15 +3,15 @@
  config,
  pkgs,
  ...
-}:
-let
+}: let
  cfg = config.mySystem.de.kde;
  flameshotOverride = pkgs.unstable.flameshot.override {enableWlrSupport = true;};
-in
-{
+in {
  options = {
    mySystem.de.kde = {
-      enable = lib.mkEnableOption "KDE" // {
+      enable =
+        lib.mkEnableOption "KDE"
+        // {
          default = false;
        };
    };
--- a/.archive/modules/nixos/services/cockpit/default.nix
+++ b/.archive/modules/nixos/services/cockpit/default.nix
@ -4,11 +4,9 @@
  pkgs,
  ...
 }:
-with lib;
-let
+with lib; let
  cfg = config.mySystem.services.cockpit;
-in
-{
+in {
  options.mySystem.services.cockpit.enable = mkEnableOption "Cockpit";

  config.services.cockpit = mkIf cfg.enable {
--- a/.archive/modules/nixos/services/vault/default.nix
+++ b/.archive/modules/nixos/services/vault/default.nix
@ -3,11 +3,9 @@
  lib,
  pkgs,
  ...
-}:
-let
+}: let
  cfg = config.mySystem.services.vault;
-in
-{
+in {
  options.mySystem.services.vault = {
    enable = lib.mkEnableOption "vault";
    address = lib.mkOption {
--- a/.archive/profiles/hw-legion-15arh05h.nix
+++ b/.archive/profiles/hw-legion-15arh05h.nix
@ -1,5 +1,8 @@
-{ lib, pkgs, ... }:
 {
+  lib,
+  pkgs,
+  ...
+}: {
  # Support windows partition
  mySystem = {
    security.wheelNeedsSudoPassword = false;
--- a/.archive/profiles/hw-thinkpad-t470.nix
+++ b/.archive/profiles/hw-thinkpad-t470.nix
@ -1,5 +1,8 @@
-{ config, lib, ... }:
 {
+  config,
+  lib,
+  ...
+}: {
  boot = {
    # Use the systemd-boot EFI boot loader.
    loader = {
--- a/.archive/profiles/role-gaming.nix
+++ b/.archive/profiles/role-gaming.nix
@ -1,5 +1,8 @@
-{ lib, pkgs, ... }:
 {
+  lib,
+  pkgs,
+  ...
+}: {
  # Enable module for NVIDIA graphics
  mySystem = {
    hardware.nvidia.enable = true;
@ -35,5 +38,4 @@
    pulse.enable = true;
    jack.enable = true;
  };
-
 }
--- a/nixos/home/jahanson/server.nix
+++ b/nixos/home/jahanson/server.nix
@ -1,5 +1,4 @@
-{ ... }:
-{
+{...}: {
  imports = [
    ./global.nix
  ];
--- a/nixos/home/modules/programs/browsers/default.nix
+++ b/nixos/home/modules/programs/browsers/default.nix
@ -1,5 +1,4 @@
-{ ... }:
-{
+{...}: {
  imports = [
    ./firefox
  ];
--- a/nixos/home/modules/programs/thunderbird/default.nix
+++ b/nixos/home/modules/programs/thunderbird/default.nix
@ -3,8 +3,7 @@
  pkgs,
  lib,
  ...
-}:
-let
+}: let
  cfg = config.myHome.programs.thunderbird;

  policies = {
@ -25,8 +24,7 @@ let
      };
    };
  };
-in
-{
+in {
  options.myHome.programs.thunderbird.enable = lib.mkEnableOption "Thunderbird";

  config = lib.mkIf cfg.enable {
--- a/nixos/home/modules/security/default.nix
+++ b/nixos/home/modules/security/default.nix
@ -1,5 +1,4 @@
-{ ... }:
-{
+{...}: {
  imports = [
    ./ssh
  ];
--- a/nixos/home/modules/security/ssh/default.nix
+++ b/nixos/home/modules/security/ssh/default.nix
@ -1,9 +1,11 @@
-{ config, lib, ... }:
-with lib;
-let
-  cfg = config.myHome.security.ssh;
-in
 {
+  config,
+  lib,
+  ...
+}:
+with lib; let
+  cfg = config.myHome.security.ssh;
+in {
  options.myHome.security.ssh = {
    enable = mkEnableOption "ssh";
    matchBlocks = mkOption {
--- a/nixos/home/modules/shell/atuind/default.nix
+++ b/nixos/home/modules/shell/atuind/default.nix
@ -4,11 +4,9 @@
  lib,
  ...
 }:
-with lib;
-let
+with lib; let
  cfg = config.myHome.shell.atuind;
-in
-{
+in {
  options.myHome.shell.atuind = {
    enable = mkEnableOption "atuind";
  };
--- a/nixos/home/modules/shell/default.nix
+++ b/nixos/home/modules/shell/default.nix
@ -1,5 +1,4 @@
-{ ... }:
-{
+{...}: {
  imports = [
    ./atuind
    ./fish
--- a/nixos/home/modules/shell/starship/default.nix
+++ b/nixos/home/modules/shell/starship/default.nix
@ -3,11 +3,9 @@
  config,
  ...
 }:
-with lib;
-let
+with lib; let
  cfg = config.myHome.shell.starship;
-in
-{
+in {
  options.myHome.shell.starship = {
    enable = mkEnableOption "starship";
  };
--- a/nixos/home/modules/shell/wezterm/default.nix
+++ b/nixos/home/modules/shell/wezterm/default.nix
@ -4,11 +4,9 @@
  lib,
  ...
 }:
-with lib;
-let
+with lib; let
  cfg = config.myHome.shell.wezterm;
-in
-{
+in {
  options.myHome.shell.wezterm = {
    enable = mkEnableOption "wezterm";
    configPath = mkOption {
--- a/nixos/hosts/shadowfax/config/incus-preseed.nix
+++ b/nixos/hosts/shadowfax/config/incus-preseed.nix
@ -1,5 +1,4 @@
-{ ... }:
-{
+{...}: {
  config = {
    "core.https_address" = "10.1.1.61:8443"; # Need quotes around key
  };
--- a/nixos/hosts/shadowfax/config/sanoid.nix
+++ b/nixos/hosts/shadowfax/config/sanoid.nix
@ -1,5 +1,4 @@
-{ ... }:
-{
+{...}: {
  outputs = {
    # ZFS automated snapshots
    templates = {
--- a/nixos/hosts/telperion/config/bind.nix
+++ b/nixos/hosts/telperion/config/bind.nix
@ -1,5 +1,4 @@
-{ config, ... }:
-''
+{config, ...}: ''
  include "${config.sops.secrets."bind/rndc-keys/externaldns".path}";

  acl trusted {
--- a/nixos/hosts/telperion/config/haproxy.nix
+++ b/nixos/hosts/telperion/config/haproxy.nix
@ -1,5 +1,4 @@
-{ ... }:
-''
+{...}: ''
  global
    log /dev/log local0
    log /dev/log local1 notice
--- a/nixos/hosts/telperion/default.nix
+++ b/nixos/hosts/telperion/default.nix
@ -7,9 +7,7 @@
  modulesPath,
  pkgs,
  ...
-}:
-
-{
+}: {
  imports = [
    (modulesPath + "/installer/scan/not-detected.nix")
  ];
--- a/nixos/hosts/varda/resources/prune-backup.nix
+++ b/nixos/hosts/varda/resources/prune-backup.nix
@ -1,11 +1,8 @@
-{ pkgs, ... }:
-
-let
+{pkgs, ...}: let
  cleanupScript = pkgs.writeShellScriptBin "cleanup-backups.sh" (
    builtins.readFile ./prune-backups.sh
  );
-in
-{
+in {
  systemd.timers.cleanup-backups = {
    wantedBy = ["timers.target"];
    timerConfig = {
--- a/nixos/modules/nixos/containers/scrutiny/default.nix
+++ b/nixos/modules/nixos/containers/scrutiny/default.nix
@ -1,12 +1,14 @@
-{ lib, config, ... }:
-with lib;
-let
+{
+  lib,
+  config,
+  ...
+}:
+with lib; let
  app = "scrutiny";
  # renovate: depName=AnalogJ/scrutiny datasource=github-releases
  version = "v0.8.1";
  cfg = config.mySystem.services.${app};
-in
-{
+in {
  options.mySystem.services.${app} = {
    enable = mkEnableOption "${app}";

--- a/nixos/modules/nixos/de/kde.nix
+++ b/nixos/modules/nixos/de/kde.nix
@ -3,15 +3,15 @@
  config,
  pkgs,
  ...
-}:
-let
+}: let
  cfg = config.mySystem.de.kde;
  flameshotOverride = pkgs.unstable.flameshot.override {enableWlrSupport = true;};
-in
-{
+in {
  options = {
    mySystem.de.kde = {
-      enable = lib.mkEnableOption "KDE" // {
+      enable =
+        lib.mkEnableOption "KDE"
+        // {
          default = false;
        };
    };
--- a/nixos/modules/nixos/editor/vim.nix
+++ b/nixos/modules/nixos/editor/vim.nix
@ -1,12 +1,13 @@
 # /home/jahanson/projects/mochi/nixos/modules/nixos/editor/vim.nix
-
-{ config, lib, ... }:
-with lib;
-let
+{
+  config,
+  lib,
+  ...
+}:
+with lib; let
  cfg = config.mySystem.editor.vim;
  users = ["jahanson"];
-in
-{
+in {
  options.mySystem.editor.vim.enable = mkEnableOption "vim";
  config = mkIf cfg.enable {
    # Enable vim and set as default editor
@ -27,7 +28,8 @@ in
          map (u: {
            name = u;
            value = {};
-            }) users
+          })
+          users
        )
      );
  };
--- a/nixos/modules/nixos/games/steam/steam.nix
+++ b/nixos/modules/nixos/games/steam/steam.nix
@ -3,11 +3,9 @@
  lib,
  pkgs,
  ...
-}:
-let
+}: let
  cfg = config.mySystem.games.steam;
-in
-{
+in {
  options.mySystem.games.steam = {
    enable = lib.mkEnableOption "Steam";
  };
@ -24,6 +22,5 @@ in
    environment.systemPackages = with pkgs; [
      protonup-qt
    ];
-
  };
 }
--- a/nixos/modules/nixos/hardware/nvidia/default.nix
+++ b/nixos/modules/nixos/hardware/nvidia/default.nix
@ -4,15 +4,12 @@
  pkgs,
  ...
 }:
-with lib;
-let
+with lib; let
  cfg = config.mySystem.hardware.nvidia;
-in
-{
+in {
  options.mySystem.hardware.nvidia.enable = mkEnableOption "NVIDIA config";

  config = mkIf cfg.enable {
-
    environment.sessionVariables.NIXOS_OZONE_WL = "1";
    # ref: https://nixos.wiki/wiki/Nvidia
    # Enable OpenGL
@ -30,7 +27,6 @@ in
      # This is for the benefit of VSCODE running natively in wayland

      nvidia = {
-
        # Modesetting is required.
        modesetting.enable = true;

--- a/nixos/modules/nixos/programs/shell/fish.nix
+++ b/nixos/modules/nixos/programs/shell/fish.nix
@ -1,9 +1,11 @@
-{ lib, config, ... }:
-with lib;
-let
-  cfg = config.mySystem.shell.fish;
-in
 {
+  lib,
+  config,
+  ...
+}:
+with lib; let
+  cfg = config.mySystem.shell.fish;
+in {
  options.mySystem.shell.fish = {
    enable = mkEnableOption "Fish";
    enablePlugins = mkOption {
@ -22,5 +24,4 @@ in
      functions.enable = true;
    };
  };
-
 }
--- a/nixos/modules/nixos/security/1password/default.nix
+++ b/nixos/modules/nixos/security/1password/default.nix
@ -1,10 +1,12 @@
-{ config, lib, ... }:
-with lib;
-let
+{
+  config,
+  lib,
+  ...
+}:
+with lib; let
  cfg = config.mySystem.security._1password;
  user = "jahanson";
-in
-{
+in {
  options.mySystem.security._1password = {
    enable = mkEnableOption "_1password";
  };
--- a/nixos/modules/nixos/security/acme/default.nix
+++ b/nixos/modules/nixos/security/acme/default.nix
@ -1,9 +1,11 @@
-{ lib, config, ... }:
-with lib;
-let
-  cfg = config.mySystem.security.acme;
-in
 {
+  lib,
+  config,
+  ...
+}:
+with lib; let
+  cfg = config.mySystem.security.acme;
+in {
  options.mySystem.security.acme.enable = mkEnableOption "acme";

  config = mkIf cfg.enable {
--- a/nixos/modules/nixos/security/default.nix
+++ b/nixos/modules/nixos/security/default.nix
@ -1,5 +1,4 @@
-{ ... }:
-{
+{...}: {
  imports = [
    ./1password
    ./acme
--- a/nixos/modules/nixos/services/bind/default.nix
+++ b/nixos/modules/nixos/services/bind/default.nix
@ -4,11 +4,9 @@
  pkgs,
  ...
 }:
-with lib;
-let
+with lib; let
  cfg = config.mySystem.services.bind;
-in
-{
+in {
  options.mySystem.services.bind = {
    enable = mkEnableOption "bind";
    package = mkPackageOption pkgs "bind" {};
--- a/nixos/modules/nixos/services/dnsmasq/default.nix
+++ b/nixos/modules/nixos/services/dnsmasq/default.nix
@ -4,11 +4,9 @@
  pkgs,
  ...
 }:
-with lib;
-let
+with lib; let
  cfg = config.mySystem.services.dnsmasq;
-in
-{
+in {
  options.mySystem.services.dnsmasq = {
    enable = mkEnableOption "dnsmasq";
    package = mkPackageOption pkgs "dnsmasq" {};
--- a/nixos/modules/nixos/services/libvirt-qemu/default.nix
+++ b/nixos/modules/nixos/services/libvirt-qemu/default.nix
@ -5,11 +5,9 @@
  inputs,
  ...
 }:
-with lib;
-let
+with lib; let
  cfg = config.mySystem.services.libvirt-qemu;
-in
-{
+in {
  imports = [inputs.nixvirt-git.nixosModules.default];
  options.mySystem.services.libvirt-qemu = {
    enable = mkEnableOption "libvirt-qemu";
--- a/nixos/modules/nixos/services/matchbox/default.nix
+++ b/nixos/modules/nixos/services/matchbox/default.nix
@ -4,11 +4,9 @@
  pkgs,
  ...
 }:
-with lib;
-let
+with lib; let
  cfg = config.mySystem.services.matchbox;
-in
-{
+in {
  options.mySystem.services.matchbox = {
    enable = mkEnableOption "matchbox";
    package = mkPackageOption pkgs "matchbox-server" {};
--- a/nixos/modules/nixos/services/nginx/default.nix
+++ b/nixos/modules/nixos/services/nginx/default.nix
@ -1,13 +1,14 @@
-{ lib, config, ... }:
-with lib;
-let
-  cfg = config.mySystem.services.nginx;
-in
 {
+  lib,
+  config,
+  ...
+}:
+with lib; let
+  cfg = config.mySystem.services.nginx;
+in {
  options.mySystem.services.nginx.enable = mkEnableOption "nginx";

  config = mkIf cfg.enable {
-
    services.nginx = {
      enable = true;

--- a/nixos/modules/nixos/services/nix-index-daily/default.nix
+++ b/nixos/modules/nixos/services/nix-index-daily/default.nix
@ -3,11 +3,9 @@
  lib,
  pkgs,
  ...
-}:
-let
+}: let
  cfg = config.mySystem.services.nix-index-daily;
-in
-{
+in {
  options.mySystem.services.nix-index-daily = {
    enable = lib.mkEnableOption "Automatic daily nix-index database updates";

--- a/nixos/modules/nixos/services/onepassword-connect/default.nix
+++ b/nixos/modules/nixos/services/onepassword-connect/default.nix
@ -1,9 +1,11 @@
-{ lib, config, ... }:
-with lib;
-let
-  cfg = config.mySystem.services.onepassword-connect;
-in
 {
+  lib,
+  config,
+  ...
+}:
+with lib; let
+  cfg = config.mySystem.services.onepassword-connect;
+in {
  options.mySystem.services.onepassword-connect = {
    enable = mkEnableOption "onepassword-connect";
    apiVersion = lib.mkOption {
--- a/nixos/modules/nixos/services/podman/default.nix
+++ b/nixos/modules/nixos/services/podman/default.nix
@ -4,11 +4,9 @@
  pkgs,
  ...
 }:
-with lib;
-let
+with lib; let
  cfg = config.mySystem.services.podman;
-in
-{
+in {
  options.mySystem.services.podman.enable = mkEnableOption "Podman";

  config = mkIf cfg.enable {
--- a/nixos/modules/nixos/services/qbittorrent/default.nix
+++ b/nixos/modules/nixos/services/qbittorrent/default.nix
@ -4,11 +4,9 @@
  pkgs,
  ...
 }:
-with lib;
-let
+with lib; let
  cfg = config.mySystem.services.qbittorrent;
-in
-{
+in {
  options.mySystem.services.qbittorrent = {
    enable = mkEnableOption "qBittorrent";

--- a/nixos/modules/nixos/services/reboot-required-check.nix
+++ b/nixos/modules/nixos/services/reboot-required-check.nix
@ -1,9 +1,11 @@
-{ lib, config, ... }:
-with lib;
-let
-  cfg = config.mySystem.services.rebootRequiredCheck;
-in
 {
+  lib,
+  config,
+  ...
+}:
+with lib; let
+  cfg = config.mySystem.services.rebootRequiredCheck;
+in {
  options.mySystem.services.rebootRequiredCheck.enable = mkEnableOption "Reboot required check";

  config = mkIf cfg.enable {
--- a/nixos/modules/nixos/services/sanoid/default.nix
+++ b/nixos/modules/nixos/services/sanoid/default.nix
@ -4,11 +4,9 @@
  pkgs,
  ...
 }:
-with lib;
-let
+with lib; let
  cfg = config.mySystem.services.sanoid;
-in
-{
+in {
  options.mySystem.services.sanoid = {
    enable = mkEnableOption "sanoid";
    package = mkPackageOption pkgs "sanoid" {};
--- a/nixos/modules/nixos/services/syncthing/config/default.nix
+++ b/nixos/modules/nixos/services/syncthing/config/default.nix
@ -1,5 +1,4 @@
-{ sops, ... }:
-{
+{sops, ...}: {
  gui = {
    user = sops.secrets.username;
    password = sops.secrets.password;
--- a/nixos/modules/nixos/services/syncthing/default.nix
+++ b/nixos/modules/nixos/services/syncthing/default.nix
@ -2,11 +2,9 @@
  config,
  lib,
  ...
-}:
-let
+}: let
  cfg = config.mySystem.services.syncthing;
-in
-{
+in {
  options.mySystem.services.syncthing = {
    enable = lib.mkEnableOption "Syncthing";
    publicCertPath = lib.mkOption {
--- a/nixos/modules/nixos/services/unpackerr/default.nix
+++ b/nixos/modules/nixos/services/unpackerr/default.nix
@ -4,13 +4,9 @@
  pkgs,
  ...
 }:
-
-with lib;
-
-let
+with lib; let
  cfg = config.mySystem.services.unpackerr;
-in
-{
+in {
  options.mySystem.services.unpackerr = {
    enable = mkEnableOption "Unpackerr";

@ -66,9 +62,11 @@ in
          ]
        );

-        EnvironmentFile = lib.optional (
+        EnvironmentFile =
+          lib.optional (
            cfg.extraEnvVarsFile != null && cfg.extraEnvVarsFile != ""
-        ) cfg.extraEnvVarsFile;
+          )
+          cfg.extraEnvVarsFile;
      };
    };
  };
--- a/nixos/modules/nixos/system/borg/borgbackup/default.nix
+++ b/nixos/modules/nixos/system/borg/borgbackup/default.nix
@ -1,8 +1,10 @@
-{ lib, config, ... }:
-let
-  cfg = config.mySystem.system.borgbackup;
-in
 {
+  lib,
+  config,
+  ...
+}: let
+  cfg = config.mySystem.system.borgbackup;
+in {
  options.mySystem.system.borgbackup = {
    enable = lib.mkEnableOption "borgbackup";
    paths = lib.mkOption {
--- a/nixos/modules/nixos/system/borg/default.nix
+++ b/nixos/modules/nixos/system/borg/default.nix
@ -1,5 +1,4 @@
-{ ... }:
-{
+{...}: {
  imports = [
    ./borgbackup
    ./pikabackup
--- a/nixos/modules/nixos/system/borg/pikabackup/default.nix
+++ b/nixos/modules/nixos/system/borg/pikabackup/default.nix
@ -3,12 +3,10 @@
  config,
  pkgs,
  ...
-}:
-let
+}: let
  cfg = config.mySystem.system.borg.pika-backup;
  user = "jahanson";
-in
-{
+in {
  options.mySystem.system.borg.pika-backup = {
    enable = lib.mkEnableOption "pika-backup";
  };
--- a/nixos/modules/nixos/system/incus/default.nix
+++ b/nixos/modules/nixos/system/incus/default.nix
@ -3,12 +3,10 @@
  pkgs,
  lib,
  ...
-}:
-let
+}: let
  cfg = config.mySystem.system.incus;
  user = "jahanson";
-in
-{
+in {
  # sops.secrets.secret-domain-0 = {
  #   sopsFile = ./secret.sops.yaml;
  # };
@ -27,7 +25,6 @@ in
  };

  config = lib.mkIf cfg.enable {
-
    virtualisation.incus = {
      inherit (cfg) preseed;
      enable = true;
--- a/nixos/modules/nixos/system/motd/default.nix
+++ b/nixos/modules/nixos/system/motd/default.nix
@ -3,8 +3,7 @@
  lib,
  pkgs,
  ...
-}:
-let
+}: let
  motd = pkgs.writeShellScriptBin "motd" ''
    #! /usr/bin/env bash
    source /etc/os-release
@ -41,8 +40,7 @@ let
    printf "\n"
    ${lib.strings.concatStrings (
      lib.lists.forEach cfg.networkInterfaces (
-        x:
-        "printf \"$BOLD  * %-20s$ENDCOLOR %s\\n\" \"IPv4 ${x}\" \"$(ip -4 addr show ${x} | grep -oP '(?<=inet\\s)\\d+(\\.\\d+){3}')\"\n"
+        x: "printf \"$BOLD  * %-20s$ENDCOLOR %s\\n\" \"IPv4 ${x}\" \"$(ip -4 addr show ${x} | grep -oP '(?<=inet\\s)\\d+(\\.\\d+){3}')\"\n"
      )
    )}
    printf "$BOLD  * %-20s$ENDCOLOR %s\n" "Release" "$PRETTY_NAME"
@ -82,8 +80,7 @@ let
    fi
  '';
  cfg = config.mySystem.system.motd;
-in
-{
+in {
  options.mySystem.system.motd = {
    enable = lib.mkEnableOption "MOTD";
    networkInterfaces = lib.mkOption {
@ -92,7 +89,6 @@ in
      # default = lib.mapAttrsToList (_: val: val.interface)
      default = [];
    };
-
  };
  config = lib.mkIf cfg.enable {
    environment.systemPackages = [
--- a/nixos/modules/nixos/system/nfs/default.nix
+++ b/nixos/modules/nixos/system/nfs/default.nix
@ -1,8 +1,10 @@
-{ lib, config, ... }:
-let
-  cfg = config.mySystem.system.nfs;
-in
 {
+  lib,
+  config,
+  ...
+}: let
+  cfg = config.mySystem.system.nfs;
+in {
  options.mySystem.system.nfs = {
    enable = lib.mkEnableOption "nfs";
    exports = lib.mkOption {
--- a/nixos/modules/nixos/system/nix.nix
+++ b/nixos/modules/nixos/system/nix.nix
@ -1,9 +1,11 @@
-{ lib, config, ... }:
-with lib;
-let
-  cfg = config.mySystem.nix;
-in
 {
+  lib,
+  config,
+  ...
+}:
+with lib; let
+  cfg = config.mySystem.nix;
+in {
  options.mySystem.nix = {
    autoOptimiseStore = mkOption {
      type = lib.types.bool;
@ -11,7 +13,9 @@ in
      default = true;
    };
    gc = {
-      enable = mkEnableOption "automatic garbage collection" // {
+      enable =
+        mkEnableOption "automatic garbage collection"
+        // {
          default = true;
        };
      persistent = mkOption {
--- a/nixos/modules/nixos/system/openssh.nix
+++ b/nixos/modules/nixos/system/openssh.nix
@ -1,11 +1,15 @@
-{ lib, config, ... }:
-with lib;
-let
-  cfg = config.mySystem.services.openssh;
-in
 {
+  lib,
+  config,
+  ...
+}:
+with lib; let
+  cfg = config.mySystem.services.openssh;
+in {
  options.mySystem.services.openssh = {
-    enable = mkEnableOption "openssh" // {
+    enable =
+      mkEnableOption "openssh"
+      // {
        default = true;
      };
    passwordAuthentication = mkOption {
--- a/nixos/modules/nixos/system/pushover/default.nix
+++ b/nixos/modules/nixos/system/pushover/default.nix
@ -4,19 +4,16 @@
  pkgs,
  ...
 }:
-with lib;
-let
+with lib; let
  cfg = config.mySystem.system.systemd.pushover-alerts;
-in
-{
+in {
  options.mySystem.system.systemd.pushover-alerts.enable =
    mkEnableOption "Pushover alerts for systemd failures"
    // {
      default = true;
    };
  options.systemd.services = mkOption {
-    type =
-      with types;
+    type = with types;
      attrsOf (submodule {
        config.onFailure = ["notify-pushover@%n.service"];
      });
--- a/nixos/modules/nixos/system/security.nix
+++ b/nixos/modules/nixos/system/security.nix
@ -1,9 +1,11 @@
-{ lib, config, ... }:
-with lib;
-let
-  cfg = config.mySystem.security;
-in
 {
+  lib,
+  config,
+  ...
+}:
+with lib; let
+  cfg = config.mySystem.security;
+in {
  options.mySystem.security = {
    sshAgentAuth.enable = lib.mkEnableOption "openssh";
    wheelNeedsSudoPassword = lib.mkOption {
--- a/nixos/modules/nixos/system/systempackages.nix
+++ b/nixos/modules/nixos/system/systempackages.nix
@ -1,9 +1,11 @@
-{ lib, config, ... }:
-with lib;
-let
-  cfg = config.mySystem.system;
-in
 {
+  lib,
+  config,
+  ...
+}:
+with lib; let
+  cfg = config.mySystem.system;
+in {
  options.mySystem.system = {
    packages = mkOption {
      type = with types; listOf package;
--- a/nixos/modules/nixos/system/time.nix
+++ b/nixos/modules/nixos/system/time.nix
@ -1,8 +1,10 @@
-{ lib, config, ... }:
-let
-  cfg = config.mySystem.time;
-in
 {
+  lib,
+  config,
+  ...
+}: let
+  cfg = config.mySystem.time;
+in {
  options.mySystem.time = {
    timeZone = lib.mkOption {
      type = lib.types.str;
--- a/nixos/modules/nixos/system/wifi_swap/default.nix
+++ b/nixos/modules/nixos/system/wifi_swap/default.nix
@ -5,8 +5,7 @@
  pkgs,
  ...
 }:
-with lib;
-let
+with lib; let
  cfg = config.mySystem.framework_wifi_swap;
  wifiSwap = pkgs.writeShellScriptBin "wifi_swap" ''
    #! /usr/bin/env bash
@ -34,10 +33,11 @@ let
        ;;
    esac
  '';
-in
-{
+in {
  options.mySystem.framework_wifi_swap = {
-    enable = mkEnableOption "framework_wifi_swap" // {
+    enable =
+      mkEnableOption "framework_wifi_swap"
+      // {
        default = false;
      };
  };
--- a/nixos/modules/nixos/system/zfs.nix
+++ b/nixos/modules/nixos/system/zfs.nix
@ -3,12 +3,10 @@
  config,
  pkgs,
  ...
-}:
-let
+}: let
  cfg = config.mySystem.system.zfs;
 in
-with lib;
-{
+  with lib; {
    options.mySystem.system.zfs = {
      enable = lib.mkEnableOption "zfs";
      mountPoolsAtBoot = lib.mkOption {
--- a/nixos/overlays/cargo-tauri/default.nix
+++ b/nixos/overlays/cargo-tauri/default.nix
@ -1,5 +1,4 @@
-{ ... }:
-let
+{...}: let
  finalVersion = "tauri-v2.0.4";
 in
  final: prev: {
--- a/nixos/overlays/coder/default.nix
+++ b/nixos/overlays/coder/default.nix
@ -8,9 +8,7 @@
  stdenvNoCC,
  unzip,
  nixosTests,
-}:
-
-let
+}: let
  inherit (stdenvNoCC.hostPlatform) system;

  channels = {
@ -40,8 +38,7 @@ stdenvNoCC.mkDerivation (finalAttrs: {
    src = fetchurl {
      hash = (channels.${channel}.hash).${system};

-    url =
-      let
+      url = let
        systemName =
          {
            x86_64-linux = "linux_amd64";
@ -59,8 +56,7 @@ stdenvNoCC.mkDerivation (finalAttrs: {
            aarch64-darwin = "zip";
          }
          .${system};
-      in
-      "https://github.com/coder/coder/releases/download/v${finalAttrs.version}/coder_${finalAttrs.version}_${systemName}.${ext}";
+      in "https://github.com/coder/coder/releases/download/v${finalAttrs.version}/coder_${finalAttrs.version}_${systemName}.${ext}";
    };

    nativeBuildInputs = [
--- a/nixos/overlays/smartmontools/default.nix
+++ b/nixos/overlays/smartmontools/default.nix
@ -1,5 +1,4 @@
-{ ... }:
-let
+{...}: let
  dbrev = "5613";
  drivedbBranch = "RELEASE_7_4";
 in
--- a/nixos/overlays/talosctl/default.nix
+++ b/nixos/overlays/talosctl/default.nix
@ -5,7 +5,6 @@
  installShellFiles,
  git,
 }:
-
 buildGoModule rec {
  pname = "talosctl";
  version = "1.9.0";
--- a/nixos/overlays/termius/default.nix
+++ b/nixos/overlays/termius/default.nix
@ -12,7 +12,6 @@
  udev,
  wrapGAppsHook3,
 }:
-
 stdenv.mkDerivation rec {
  pname = "termius";
  version = "9.5.0";
--- a/nixos/overlays/vivaldi/default.nix
+++ b/nixos/overlays/vivaldi/default.nix
@ -62,11 +62,15 @@
  libpulseaudio,
  kerberosSupport ? true,
  libkrb5,
-}:
-
-let
-  branch = if isSnapshot then "snapshot" else "stable";
-  vivaldiName = if isSnapshot then "vivaldi-snapshot" else "vivaldi";
+}: let
+  branch =
+    if isSnapshot
+    then "snapshot"
+    else "stable";
+  vivaldiName =
+    if isSnapshot
+    then "vivaldi-snapshot"
+    else "vivaldi";
 in
  stdenv.mkDerivation rec {
    pname = "vivaldi";
@ -77,7 +81,8 @@ stdenv.mkDerivation rec {
        aarch64-linux = "arm64";
        x86_64-linux = "amd64";
      }
-    .${stdenv.hostPlatform.system} or (throw "Unsupported system: ${stdenv.hostPlatform.system}");
+      .${stdenv.hostPlatform.system}
+      or (throw "Unsupported system: ${stdenv.hostPlatform.system}");

    src = fetchurl {
      url = "https://downloads.vivaldi.com/${branch}/vivaldi-${branch}_${version}-1_${suffix}.deb";
@ -86,7 +91,8 @@ stdenv.mkDerivation rec {
          aarch64-linux = "sha256-kYTnWad/jrJt9z+AhjXzHYxVSIwIIO3RKD7szuPEg2s=";
          x86_64-linux = "sha256-+h7SHci8gZ+epKFHD0PiXyME2xT+loD2KXpJGFCfIFg=";
        }
-      .${stdenv.hostPlatform.system} or (throw "Unsupported system: ${stdenv.hostPlatform.system}");
+        .${stdenv.hostPlatform.system}
+        or (throw "Unsupported system: ${stdenv.hostPlatform.system}");
    };

    unpackPhase = ''
--- a/nixos/overlays/vivaldi/ffmpeg-codecs.nix
+++ b/nixos/overlays/vivaldi/ffmpeg-codecs.nix
@ -4,7 +4,6 @@
  lib,
  stdenv,
 }:
-
 # This derivation roughly follows the update-ffmpeg script that ships with the official Vivaldi
 # downloads at https://vivaldi.com/download/
 stdenv.mkDerivation rec {
--- a/nixos/overlays/xpipe/ptb.nix
+++ b/nixos/overlays/xpipe/ptb.nix
@ -25,9 +25,7 @@
  util-linux,
  socat,
  hicolor-icon-theme,
-}:
-
-let
+}: let
  inherit (stdenvNoCC.hostPlatform) system;
  throwSystem = throw "Unsupported system: ${system}";

@ -36,17 +34,18 @@ let
      x86_64-linux = "x86_64";
      aarch64-linux = "arm64";
    }
-    .${system} or throwSystem;
+    .${system}
+    or throwSystem;

  hash =
    {
      x86_64-linux = "sha256-O4gl0WulhDyqL9lDwqR1oxNAzVjHn+3q0UB8KP0/sBk=";
      aarch64-linux = "";
    }
-    .${system} or throwSystem;
+    .${system}
+    or throwSystem;

  displayname = "XPipe PTB";
-
 in
  stdenvNoCC.mkDerivation rec {
    pname = "xpipe-ptb";
--- a/nixos/overlays/zed-editor/default.nix
+++ b/nixos/overlays/zed-editor/default.nix
@ -1,5 +1,4 @@
-{ ... }:
-let
+{...}: let
  finalVersion = "0.149.3";
 in
  final: prev: {
--- a/nixos/profiles/disko-nixos.nix
+++ b/nixos/profiles/disko-nixos.nix
@ -1,8 +1,4 @@
-{
-  disks ? [ "/dev/sda" ],
-  ...
-}:
-{
+{disks ? ["/dev/sda"], ...}: {
  disko.devices = {
    disk = {
      main = {
--- a/nixos/profiles/global/nix.nix
+++ b/nixos/profiles/global/nix.nix
@ -1,5 +1,8 @@
-{ lib, nixpkgs, ... }:
 {
+  lib,
+  nixpkgs,
+  ...
+}: {
  ## Below is to align shell/system to flake's nixpkgs
  ## ref: https://nixos-and-flakes.thiscute.world/best-practices/nix-path-and-flake-registry

--- a/nixos/profiles/global/sops.nix
+++ b/nixos/profiles/global/sops.nix
@ -1,5 +1,4 @@
-{ ... }:
-{
+{...}: {
  sops.age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"];
  # Secret for machine-specific pushover
  sops.secrets = {
--- a/nixos/profiles/global/system.nix
+++ b/nixos/profiles/global/system.nix
@ -1,5 +1,8 @@
-{ lib, pkgs, ... }:
 {
+  lib,
+  pkgs,
+  ...
+}: {
  system = {
    # Enable printing changes on nix build etc with nvd
    activationScripts.report-changes = ''
--- a/nixos/profiles/hw-generic-x86.nix
+++ b/nixos/profiles/hw-generic-x86.nix
@ -1,8 +1,10 @@
-{ lib, pkgs, ... }:
-with lib;
 {
+  lib,
+  pkgs,
+  ...
+}:
+with lib; {
  boot = {
-
    initrd.availableKernelModules = [
      "nvme"
      "xhci_pci"
@ -21,10 +23,8 @@ with lib;
      systemd-boot.enable = true;
      efi.canTouchEfiVariables = true;
      grub.memtest86.enable = true;
-
    };
  };

  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
-
 }
--- a/nixos/profiles/hw-hetzner-cax.nix
+++ b/nixos/profiles/hw-hetzner-cax.nix
@ -1,5 +1,4 @@
-{ lib, ... }:
-{
+{lib, ...}: {
  imports = [];

  boot = {
--- a/nixos/profiles/hw-hp-s01.nix
+++ b/nixos/profiles/hw-hp-s01.nix
@ -1,5 +1,4 @@
-{ lib, ... }:
-{
+{lib, ...}: {
  mySystem = {
    security.wheelNeedsSudoPassword = false;
  };
--- a/nixos/profiles/hw-supermicro.nix
+++ b/nixos/profiles/hw-supermicro.nix
@ -1,5 +1,8 @@
-{ lib, pkgs, ... }:
 {
+  lib,
+  pkgs,
+  ...
+}: {
  boot = {
    # for managing/mounting nfs
    supportedFilesystems = ["nfs"];
--- a/nixos/profiles/role-server.nix
+++ b/nixos/profiles/role-server.nix
@ -1,7 +1,10 @@
-{ lib, pkgs, ... }:
-# Role for headless servers
-with lib;
 {
+  lib,
+  pkgs,
+  ...
+}:
+# Role for headless servers
+with lib; {
  config = {
    mySystem = {
      services.rebootRequiredCheck.enable = true;