chore: inital pre-commit tidy

.gitignore

@@ -1,3 +1,3 @@
 .mozilla
 **/*.tmp.sops.yaml
-result
+result

flake.nix

@@ -17,12 +17,14 @@
       url = "github:nix-community/nix-vscode-extensions";
       inputs.nixpkgs.follows = "nixpkgs";
     };
-
   };
-  outputs = { self, nixpkgs, sops-nix, ... }@inputs:
+  outputs = {
-    with inputs;
+    self,
-    {
+    nixpkgs,
-
+    sops-nix,
+    ...
+  } @ inputs:
+    with inputs; {
       # Use nixpkgs-fmt for 'nix fmt'
       formatter.x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.nixpkgs-fmt;
 
@@ -33,12 +35,11 @@
         (x: {
           name = x;
           value = nixpkgs.lib.nixosSystem {
-
             # Make inputs and the flake itself accessible as module parameters.
             # Technically, adding the inputs is redundant as they can be also
             # accessed with flake-self.inputs.X, but adding them individually
             # allows to only pass what is needed to each module.
-            specialArgs = { flake-self = self; } // inputs;
+            specialArgs = {flake-self = self;} // inputs;
 
             system = "x86_64-linux";
 

iso/iso.nix

@@ -1,5 +1,8 @@
-{ config, pkgs, ... }:
 {
+  config,
+  pkgs,
+  ...
+}: {
   imports = [
     <nixpkgs/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix>
 
@@ -15,12 +18,10 @@
     pkgs.vim
     pkgs.git
     pkgs.dnsutils
-
   ];
 
-  systemd.services.sshd.wantedBy = pkgs.lib.mkForce [ "multi-user.target" ];
+  systemd.services.sshd.wantedBy = pkgs.lib.mkForce ["multi-user.target"];
   users.users.root.openssh.authorizedKeys.keys = [
     "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMZS9J1ydflZ4iJdJgO8+vnN8nNSlEwyn9tbWU9OcysW truxnell@home"
   ];
-
 }

nixos/home-manager/.gitkeep

@@ -1,4 +1,4 @@
-My home infrastructure, 
+My home infrastructure,
 
 ![](https://imgur.com/ISNnzgN.png)
 
@@ -23,7 +23,7 @@ My home infrastructure,
     - [work_laptop](hosts/work_laptop/README.md) (nix-darwin running on a MacBook Pro)
   - [modules](modules) (Custom NixOS and home-manager modules)
   - [overlays](overlays) (Custom overlays, primarily used for packages currently)
-  - [pkgs](pkgs) (Custom Packages, mainly items not yet in official nixpkgs) 
+  - [pkgs](pkgs) (Custom Packages, mainly items not yet in official nixpkgs)
 - [shell.nix](shell.nix) (Shell for bootstrapping flake-enabled nix and home-manager)
 - [nixpkgs.nix](nixpkgs.nix) (Used by shell.nix - useful to avoid using channels when using legacy nix commands)
 

nixos/hosts/bootstrap/configuration.nix

@@ -1,16 +1,16 @@
 # Edit this configuration file to define what should be installed on
 # your system. Help is available in the configuration.nix(5) man page, on
 # https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
-
-{ config, lib, pkgs, ... }:
-
 {
-  imports =
+  config,
-    [ 
+  lib,
-      # Host-specific
+  pkgs,
-      ./hardware-configuration.nix
+  ...
-
+}: {
-    ];
+  imports = [
+    # Host-specific
+    ./hardware-configuration.nix
+  ];
 
   boot.loader.systemd-boot.enable = true;
   boot.loader.efi.canTouchEfiVariables = true;
@@ -63,7 +63,6 @@
     ];
   };
 
-
   # List packages installed in system profile. To search, run:
   # $ nix search wget
   environment.systemPackages = with pkgs; [
@@ -88,7 +87,6 @@
     };
   };
 
-
   # Some programs need SUID wrappers, can be configured further or are
   # started in user sessions.
   # programs.mtr.enable = true;
@@ -104,7 +102,7 @@
   services.openssh.enable = true;
 
   users.users.root.openssh.authorizedKeys.keys = [
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMZS9J1ydflZ4iJdJgO8+vnN8nNSlEwyn9tbWU9OcysW truxnell@home"
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMZS9J1ydflZ4iJdJgO8+vnN8nNSlEwyn9tbWU9OcysW truxnell@home"
   ];
 
   # may fix issues with network service failing during a nixos-rebuild
@@ -139,6 +137,4 @@
   #
   # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
   system.stateVersion = "23.11"; # Did you read the comment?
-
 }
-

nixos/hosts/common/nixos/default.nix

@@ -1,12 +1,20 @@
-{ inputs, outputs, config, sops-nix, ... }: {
+{
-  imports = [
+  inputs,
-    # inputs.home-manager.nixosModules.home-manager
+  outputs,
-    #inputs.sops-nix.nixosModules.sops
+  config,
-    ./locale.nix
+  sops-nix,
-    ./nix.nix
+  ...
-    ./openssh.nix
+}: {
-    ./packages.nix
+  imports =
-  ] ++ (builtins.attrValues {});
+    [
+      # inputs.home-manager.nixosModules.home-manager
+      #inputs.sops-nix.nixosModules.sops
+      ./locale.nix
+      ./nix.nix
+      ./openssh.nix
+      ./packages.nix
+    ]
+    ++ (builtins.attrValues {});
 
   # home-manager.extraSpecialArgs = { inherit inputs outputs; }; TODO Home-manager
 

nixos/hosts/common/nixos/locale.nix

@@ -1,4 +1,4 @@
-{ lib, ... }: {
+{lib, ...}: {
   i18n = {
     defaultLocale = lib.mkDefault "en_US.UTF-8";
   };

nixos/hosts/common/nixos/nix.nix

@@ -1,8 +1,11 @@
-{ inputs, lib, ... }:
 {
+  inputs,
+  lib,
+  ...
+}: {
   nix = {
     settings = {
-      experimental-features = [ "nix-command" "flakes" ];
+      experimental-features = ["nix-command" "flakes"];
     };
     gc = {
       automatic = true;

nixos/hosts/common/nixos/openssh.nix

@@ -1,11 +1,12 @@
-{ outputs, lib, config, ... }:
+{
-
+  outputs,
-let
+  lib,
+  config,
+  ...
+}: let
   inherit (config.networking) hostName;
   hosts = outputs.nixosConfigurations;
-
+in {
-in
-{
   services.openssh = {
     enable = true;
     settings = {

nixos/hosts/common/nixos/packages.nix

@@ -1,5 +1,9 @@
-{ config, pkgs, lib, ... }:
 {
+  config,
+  pkgs,
+  lib,
+  ...
+}: {
   environment.systemPackages = with pkgs; [
     bat
     jq
@@ -10,13 +14,14 @@
     git
     dnsutils
     nvd
+    gh
 
     # TODO Move
-    nixpkgs-fmt
-    nil
-    gh
-    sops
   ];
-
+  programs.direnv = {
+    # TODO move to home-manager
+    enable = true;
+    nix-direnv.enable = true;
+  };
   programs.mtr.enable = true;
 }

nixos/hosts/common/nixos/users/truxnell/default.nix

@@ -1,24 +1,29 @@
-{ pkgs, config, ... }:
-let ifTheyExist = groups: builtins.filter (group: builtins.hasAttr group config.users.groups) groups;
-in
 {
+  pkgs,
+  config,
+  ...
+}: let
+  ifTheyExist = groups: builtins.filter (group: builtins.hasAttr group config.users.groups) groups;
+in {
   users.users.truxnell = {
     isNormalUser = true;
     shell = pkgs.fish;
     # passwordFile = config.sops.secrets.taylor-password.path;
     # initialHashedPassword = ""; # TODO add key
-    extraGroups = [
+    extraGroups =
-      "wheel"
+      [
-    ] ++ ifTheyExist [
+        "wheel"
-      "network"
+      ]
-      "samba-users"
+      ++ ifTheyExist [
-    ];
+        "network"
+        "samba-users"
+      ];
 
     openssh.authorizedKeys.keys = [
       "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMZS9J1ydflZ4iJdJgO8+vnN8nNSlEwyn9tbWU9OcysW truxnell@home"
     ];
 
-    packages = [ pkgs.home-manager ];
+    packages = [pkgs.home-manager];
   };
 
   # home-manager.users.taylor = import ../../../../../home-manager/taylor_${config.networking.hostName}.nix; TODO home-manager?

nixos/hosts/common/optional/chrony.nix

@@ -1,6 +1,11 @@
-{ inputs, outputs, config, ... }: {
+{
+  inputs,
+  outputs,
+  config,
+  ...
+}: {
   # Time
-  networking.timeServers = [ "10.8.10.1" ];
+  networking.timeServers = ["10.8.10.1"];
   services.chrony = {
     enable = true;
   };

nixos/hosts/common/optional/cloudflare-dyndns.nix

@@ -1,5 +1,8 @@
-{ config, lib, ... }: {
+{
-
+  config,
+  lib,
+  ...
+}: {
   # Current nixpkgs cf-ddns only supports using a env file for the apitoken
   # but not for domains, which makes them hard to find.
   # To circumvent this, I put both in the 'apiTokenFile' var
@@ -13,8 +16,7 @@
   config.sops.secrets."system/networking/cloudflare-dyndns/apiTokenFile".sopsFile = ./cloudflare-dyndns.sops.yaml;
 
   # Restart when secret changes
-  config.sops.secrets."system/networking/cloudflare-dyndns/apiTokenFile".restartUnits = [ "cloudflare-dyndns" ];
+  config.sops.secrets."system/networking/cloudflare-dyndns/apiTokenFile".restartUnits = ["cloudflare-dyndns"];
-
 
   # Cloudflare dynamic dns to keep my DNS records pointed at home
   config.services.cloudflare-dyndns = {
@@ -22,11 +24,6 @@
     ipv6 = false;
     proxied = true;
     apiTokenFile = config.sops.secrets."system/networking/cloudflare-dyndns/apiTokenFile".path;
-    domains = [ ];
+    domains = [];
   };
-
 }
-
-
-
-

nixos/hosts/common/optional/dnscrypt-proxy2.nix

@@ -1,14 +1,18 @@
 # Ref: https://nixos.wiki/wiki/Encrypted_DNS#dnscrypt-proxy2
-
+{
-{ inputs, outputs, pkgs, config, ... }: {
+  inputs,
-
+  outputs,
+  pkgs,
+  config,
+  ...
+}: {
   # Disable resolvd to ensure it doesnt re-write /etc/resolv.conf
   config.services.resolved.enable = false;
 
   # Fix this devices DNS resolv.conf else resolvd will point it to dnscrypt
   # causing a risk of no dns if service fails.
   config.networking = {
-    nameservers = [ "10.8.10.1" ]; # TODO make varible IP
+    nameservers = ["10.8.10.1"]; # TODO make varible IP
 
     dhcpcd.extraConfig = "nohook resolv.conf";
   };
@@ -18,7 +22,7 @@
   config.sops.secrets."system/networking/dnscrypt-proxy2/forwarding-rules".mode = "0444"; # This is world-readable but theres nothing security related in the file
 
   # Restart dnscrypt when secret changes
-  config.sops.secrets."system/networking/dnscrypt-proxy2/forwarding-rules".restartUnits = [ "dnscrypt-proxy2" ];
+  config.sops.secrets."system/networking/dnscrypt-proxy2/forwarding-rules".restartUnits = ["dnscrypt-proxy2"];
 
   config.services.dnscrypt-proxy2 = {
     enable = true;
@@ -26,7 +30,7 @@
       require_dnssec = true;
       forwarding_rules = config.sops.secrets."system/networking/dnscrypt-proxy2/forwarding-rules".path;
 
-      server_names = [ "NextDNS-f6fe35" ];
+      server_names = ["NextDNS-f6fe35"];
 
       static = {
         "NextDNS-f6fe35" = {

nixos/hosts/common/optional/editors/vscode/default.nix

@@ -1,138 +1,137 @@
-{ config, pkgs, lib, ... }:
-
 {
-
+  config,
+  pkgs,
+  lib,
+  ...
+}: {
   # Enable vscode & addons
   environment.systemPackages = with pkgs; [
     (vscode-with-extensions.override {
       vscode = vscodium;
-      vscodeExtensions = with vscode-extensions; [
+      vscodeExtensions = with vscode-extensions;
-        bbenoist.nix
+        [
+          bbenoist.nix
+        ]
+        ++ pkgs.vscode-utils.extensionsFromVscodeMarketplace [
+          {
+            name = "prettier-vscode";
+            publisher = "esbenp";
+            version = "10.1.0";
+            sha256 = "01s0vi2h917mqfpdrhqhp2ijwkibw95yk2js0l587wvajbbry2s9";
+          }
 
-      ] ++ pkgs.vscode-utils.extensionsFromVscodeMarketplace [
+          {
+            name = "vscode-docker";
+            publisher = "ms-azuretools";
+            version = "1.28.0";
+            sha256 = "0nmc3pdgxpmr6k2ksdczkv9bbwszncfczik0xjympqnd2k0ra9h0";
+          }
 
-        {
+          {
-          name = "prettier-vscode";
+            name = "gitlens";
-          publisher = "esbenp";
+            publisher = "eamodio";
-          version = "10.1.0";
+            version = "14.7.0";
-          sha256 = "01s0vi2h917mqfpdrhqhp2ijwkibw95yk2js0l587wvajbbry2s9";
+            sha256 = "07f9fryaci8lsrdahgll5yhlzf5rhscpy1zd258hi211ymvkxlmy";
-        }
+          }
 
-        {
+          {
-          name = "vscode-docker";
+            name = "remote-containers";
-          publisher = "ms-azuretools";
+            publisher = "ms-vscode-remote";
-          version = "1.28.0";
+            version = "0.327.0";
-          sha256 = "0nmc3pdgxpmr6k2ksdczkv9bbwszncfczik0xjympqnd2k0ra9h0";
+            sha256 = "0asswm55bx5gpz08cgpmgfvnb0494irj0gsvzx5nwknqfzpj07lz";
-        }
+          }
 
-        {
+          {
-          name = "gitlens";
+            name = "remote-ssh";
-          publisher = "eamodio";
+            publisher = "ms-vscode-remote";
-          version = "14.7.0";
+            version = "0.107.1";
-          sha256 = "07f9fryaci8lsrdahgll5yhlzf5rhscpy1zd258hi211ymvkxlmy";
+            sha256 = "1q9xp8id9afhjx67zc7a61zb572f296apvdz305xd5v4brqd9xrf";
-        }
+          }
 
-        {
+          {
-          name = "remote-containers";
+            name = "vscode-yaml";
-          publisher = "ms-vscode-remote";
+            publisher = "redhat";
-          version = "0.327.0";
+            version = "1.14.0";
-          sha256 = "0asswm55bx5gpz08cgpmgfvnb0494irj0gsvzx5nwknqfzpj07lz";
+            sha256 = "0pww9qndd2vsizsibjsvscz9fbfx8srrj67x4vhmwr581q674944";
-        }
+          }
 
-        {
+          {
-          name = "remote-ssh";
+            name = "todo-tree";
-          publisher = "ms-vscode-remote";
+            publisher = "gruntfuggly";
-          version = "0.107.1";
+            version = "0.0.226";
-          sha256 = "1q9xp8id9afhjx67zc7a61zb572f296apvdz305xd5v4brqd9xrf";
+            sha256 = "0yrc9qbdk7zznd823bqs1g6n2i5xrda0f9a7349kknj9wp1mqgqn";
-        }
+          }
 
-        {
+          {
-          name = "vscode-yaml";
+            name = "path-autocomplete";
-          publisher = "redhat";
+            publisher = "ionutvmi";
-          version = "1.14.0";
+            version = "1.25.0";
-          sha256 = "0pww9qndd2vsizsibjsvscz9fbfx8srrj67x4vhmwr581q674944";
+            sha256 = "0jjqh3p456p1aafw1gl6xgxw4cqqzs3hssr74mdsmh77bjizcgcb";
-        }
+          }
 
+          {
+            name = "even-better-toml";
+            publisher = "tamasfe";
+            version = "0.19.2";
+            sha256 = "0q9z98i446cc8bw1h1mvrddn3dnpnm2gwmzwv2s3fxdni2ggma14";
+          }
 
+          {
+            name = "linter";
+            publisher = "fnando";
+            version = "0.0.19";
+            sha256 = "13bllbxd7sy4qlclh37qvvnjp1v13al11nskcf2a8pmnmj455v4g";
+          }
 
-        {
+          {
-          name = "todo-tree";
+            name = "catppuccin-vsc";
-          publisher = "gruntfuggly";
+            publisher = "catppuccin";
-          version = "0.0.226";
+            version = "3.11.0";
-          sha256 = "0yrc9qbdk7zznd823bqs1g6n2i5xrda0f9a7349kknj9wp1mqgqn";
+            sha256 = "12bzx1pv9pxbm08dhvl8pskpz1vg2whxmasl0qk2x54swa2rhi4d";
-        }
+          }
 
-        {
+          {
-          name = "path-autocomplete";
+            name = "catppuccin-vsc-icons";
-          publisher = "ionutvmi";
+            publisher = "catppuccin";
-          version = "1.25.0";
+            version = "1.8.0";
-          sha256 = "0jjqh3p456p1aafw1gl6xgxw4cqqzs3hssr74mdsmh77bjizcgcb";
+            sha256 = "12sw9f00vnmppmvhwbamyjcap3acjs1f67mdmyv6ka52mav58z8z";
-        }
+          }
 
-        {
+          {
-          name = "even-better-toml";
+            name = "nix-ide";
-          publisher = "tamasfe";
+            publisher = "jnoortheen";
-          version = "0.19.2";
+            version = "0.2.2";
-          sha256 = "0q9z98i446cc8bw1h1mvrddn3dnpnm2gwmzwv2s3fxdni2ggma14";
+            sha256 = "1264027sjh9a112si0y0p3pk3y36shj5b4qkpsj207z7lbxqq0wg";
-        }
+          }
 
-        {
+          {
-          name = "linter";
+            name = "vscode-swissknife";
-          publisher = "fnando";
+            publisher = "luisfontes19";
-          version = "0.0.19";
+            version = "1.8.1";
-          sha256 = "13bllbxd7sy4qlclh37qvvnjp1v13al11nskcf2a8pmnmj455v4g";
+            sha256 = "1rpk8zayzkn2kg4jjdd2fy6xl50kib71dqg73v46326cr4dwxa7c";
-        }
+          }
 
-        {
+          {
-          name = "catppuccin-vsc";
+            name = "pre-commit-helper";
-          publisher = "catppuccin";
+            publisher = "elagil";
-          version = "3.11.0";
+            version = "0.5.0";
-          sha256 = "12bzx1pv9pxbm08dhvl8pskpz1vg2whxmasl0qk2x54swa2rhi4d";
+            sha256 = "05cs1ndnha9dgv1ys23z81ajk300wpixqmks0lfmrj1zwyjg2wlj";
-        }
+          }
 
-        {
+          {
-          name = "catppuccin-vsc-icons";
+            name = "sops-edit";
-          publisher = "catppuccin";
+            publisher = "shipitsmarter";
-          version = "1.8.0";
+            version = "1.0.0";
-          sha256 = "12sw9f00vnmppmvhwbamyjcap3acjs1f67mdmyv6ka52mav58z8z";
+            sha256 = "0b2z9khiwrpf6gxdb9y315ayqkibvgixmvx82in5rlp8pndb6sq4";
-        }
+          }
 
-        {
+          {
-          name = "nix-ide";
+            name = "json5-for-vscode";
-          publisher = "jnoortheen";
+            publisher = "tudoudou";
-          version = "0.2.2";
+            version = "0.0.3";
-          sha256 = "1264027sjh9a112si0y0p3pk3y36shj5b4qkpsj207z7lbxqq0wg";
+            sha256 = "1d1c18mr91ll5fsp0l0aszyi7nx0ad352ssm0fm40z81m4dmzm0w";
-        }
+          }
-
+        ];
-        {
-          name = "vscode-swissknife";
-          publisher = "luisfontes19";
-          version = "1.8.1";
-          sha256 = "1rpk8zayzkn2kg4jjdd2fy6xl50kib71dqg73v46326cr4dwxa7c";
-        }
-
-        {
-          name = "pre-commit-helper";
-          publisher = "elagil";
-          version = "0.5.0";
-          sha256 = "05cs1ndnha9dgv1ys23z81ajk300wpixqmks0lfmrj1zwyjg2wlj";
-        }
-
-        {
-          name = "sops-edit";
-          publisher = "shipitsmarter";
-          version = "1.0.0";
-          sha256 = "0b2z9khiwrpf6gxdb9y315ayqkibvgixmvx82in5rlp8pndb6sq4";
-        }
-
-        {
-          name = "json5-for-vscode";
-          publisher = "tudoudou";
-          version = "0.0.3";
-          sha256 = "1d1c18mr91ll5fsp0l0aszyi7nx0ad352ssm0fm40z81m4dmzm0w";
-        }
-
-      ];
     })
   ];
 }

nixos/hosts/common/optional/editors/vscode/extensions.nix

@@ -1,12 +1,7 @@
 # Warning, this file is autogenerated by nix4vscode. Don't modify this manually.
-
+{pkgs}: let
-{ pkgs }:
-
-let
   vscode-utils = pkgs.vscode-utils;
-in
+in {
-{
-
   "ms-python"."python" = vscode-utils.extensionFromVscodeMarketplace {
     name = "python";
     publisher = "ms-python";

nixos/hosts/common/optional/firefox.nix

@@ -1,8 +1,10 @@
-{ config, pkgs, lib, ... }:
 {
-
+  config,
+  pkgs,
+  lib,
+  ...
+}: {
   programs.firefox = {
     enable = true;
   };
-
+}
-}

nixos/hosts/common/optional/gnome.nix

@@ -1,6 +1,9 @@
-{ config, pkgs, lib, ... }:
-
 {
+  config,
+  pkgs,
+  lib,
+  ...
+}: {
   # Ref: https://nixos.wiki/wiki/GNOME
 
   # GNOME plz
@@ -12,32 +15,32 @@
       defaultSession = "gnome"; # TODO move to config overlay
       autoLogin.user = "truxnell"; # TODO move to config overlay
     };
-    layout = "us"; # `localctl` will give you 
+    layout = "us"; # `localctl` will give you
   };
 
-
   # And dconf
   programs.dconf.enable = true;
   # dconf write /org/gnome/mutter/experimental-features "['scale-monitor-framebuffer']"
 
   # Exclude default GNOME packages that dont interest me.
-  environment.gnome.excludePackages = (with pkgs; [
+  environment.gnome.excludePackages =
-    gnome-photos
+    (with pkgs; [
-    gnome-tour
+      gnome-photos
-  ]) ++ (with pkgs.gnome; [
+      gnome-tour
-    cheese # webcam tool
+    ])
-    gnome-music
+    ++ (with pkgs.gnome; [
-    gnome-terminal
+      cheese # webcam tool
-    gedit # text editor
+      gnome-music
-    epiphany # web browser
+      gnome-terminal
-    geary # email reader
+      gedit # text editor
-    evince # document viewer
+      epiphany # web browser
-    gnome-characters
+      geary # email reader
-    totem # video player
+      evince # document viewer
-    tali # poker game
+      gnome-characters
-    iagno # go game
+      totem # video player
-    hitori # sudoku game
+      tali # poker game
-    atomix # puzzle game
+      iagno # go game
-  ]);
+      hitori # sudoku game
-
+      atomix # puzzle game
+    ]);
 }

nixos/hosts/common/optional/maddy.conf

@@ -27,4 +27,4 @@ target.smtp remote_smtp {
     require_tls yes
     auth plain {env:SMTP_USERNAME} {env:SMTP_PASSWORD}
     targets tls://{env:SMTP_SERVER}:{env:SMTP_PORT}
-}
+}

nixos/hosts/common/optional/maddy.nix

@@ -1,5 +1,9 @@
-{ inputs, outputs, config, ... }: {
+{
-
+  inputs,
+  outputs,
+  config,
+  ...
+}: {
   # init secret
   config.sops.secrets."system/mail/maddy/envFile" = {
     sopsFile = ./maddy.sops.yaml;
@@ -8,15 +12,12 @@
   };
 
   # Restart dnscrypt when secret changes
-  config.sops.secrets."system/mail/maddy/envFile".restartUnits = [ "maddy" ];
+  config.sops.secrets."system/mail/maddy/envFile".restartUnits = ["maddy"];
 
-
+  #
-  # 
   config.services.maddy = {
     enable = true;
-    secrets = [ config.sops.secrets."system/mail/maddy/envFile".path ];
+    secrets = [config.sops.secrets."system/mail/maddy/envFile".path];
     config = builtins.readFile ./maddy.conf;
-
   };
-
 }

nixos/hosts/common/optional/monitoring.nix

@@ -1,6 +1,9 @@
-{ config, pkgs, lib, ... }:
-
 {
+  config,
+  pkgs,
+  lib,
+  ...
+}: {
   services.prometheus.exporters = {
     node = {
       enable = true;
@@ -20,10 +23,9 @@
       enable = true;
     };
   };
-  
+
   networking.firewall.allowedTCPPorts = [
     config.services.prometheus.exporters.node.port
     config.services.prometheus.exporters.smartctl.port
   ];
-
+}
-}

nixos/hosts/common/optional/sops-nix.nix

@@ -1,7 +1,11 @@
-{ inputs, outputs, config, ... }: {
+{
-  # SOPS settings 
+  inputs,
+  outputs,
+  config,
+  ...
+}: {
+  # SOPS settings
   # https://github.com/Mic92/sops-nix
 
-  sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
+  sops.age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"];
-
 }

nixos/hosts/nixosvm/default.nix

@@ -1,31 +1,30 @@
 # Edit this configuration file to define what should be installed on
 # your system. Help is available in the configuration.nix(5) man page, on
 # https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
-
-{ config, lib, pkgs, ... }:
-
 {
-  imports =
+  config,
-    [
+  lib,
-      # Host-specific
+  pkgs,
-      ./hardware-configuration.nix
+  ...
+}: {
+  imports = [
+    # Host-specific
+    ./hardware-configuration.nix
 
-      # Common imports
+    # Common imports
-      ../common/nixos
+    ../common/nixos
-      ../common/nixos/users/truxnell
+    ../common/nixos/users/truxnell
-      ../common/optional/fish.nix
+    ../common/optional/fish.nix
-      ../common/optional/monitoring.nix
+    ../common/optional/monitoring.nix
-      ../common/optional/reboot-required.nix
+    ../common/optional/reboot-required.nix
-      ../common/optional/dnscrypt-proxy2.nix
+    ../common/optional/dnscrypt-proxy2.nix
-      ../common/optional/gnome.nix
+    ../common/optional/gnome.nix
-      ../common/optional/editors/vscode
+    ../common/optional/editors/vscode
-      ../common/optional/firefox.nix
+    ../common/optional/firefox.nix
-      ../common/optional/sops-nix.nix
+    ../common/optional/sops-nix.nix
-      ../common/optional/cloudflare-dyndns.nix
+    ../common/optional/cloudflare-dyndns.nix
-      ../common/optional/maddy.nix
+    ../common/optional/maddy.nix
-
+  ];
-
-    ];
 
   boot.loader.systemd-boot.enable = true;
   boot.loader.efi.canTouchEfiVariables = true;
@@ -51,9 +50,6 @@
   # Enable the X11 windowing system.
   # services.xserver.enable = true;
 
-
-
-
   # Configure keymap in X11
   # services.xserver.xkb.layout = "us";
   # services.xserver.xkb.options = "eurosign:e,caps:escape";
@@ -68,7 +64,6 @@
   # Enable touchpad support (enabled default in most desktopManager).
   # services.xserver.libinput.enable = true;
 
-
   # Some programs need SUID wrappers, can be configured further or are
   # started in user sessions.
   # programs.mtr.enable = true;
@@ -107,6 +102,4 @@
   #
   # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
   system.stateVersion = "23.11"; # Did you read the comment?
-
 }
-

nixos/hosts/nixosvm/hardware-configuration.nix

@@ -1,30 +1,31 @@
 # Do not modify this file!  It was generated by ‘nixos-generate-config’
 # and may be overwritten by future invocations.  Please make changes
 # to /etc/nixos/configuration.nix instead.
-{ config, lib, pkgs, modulesPath, ... }:
-
 {
-  imports = [ ];
+  config,
+  lib,
+  pkgs,
+  modulesPath,
+  ...
+}: {
+  imports = [];
 
-  boot.initrd.availableKernelModules = [ "ata_piix" "mptspi" "uhci_hcd" "ehci_pci" "sd_mod" "sr_mod" ];
+  boot.initrd.availableKernelModules = ["ata_piix" "mptspi" "uhci_hcd" "ehci_pci" "sd_mod" "sr_mod"];
-  boot.initrd.kernelModules = [ ];
+  boot.initrd.kernelModules = [];
-  boot.kernelModules = [ "kvm-amd" ];
+  boot.kernelModules = ["kvm-amd"];
-  boot.extraModulePackages = [ ];
+  boot.extraModulePackages = [];
 
-  fileSystems."/" =
+  fileSystems."/" = {
-    {
+    device = "/dev/disk/by-label/nixos";
-      device = "/dev/disk/by-label/nixos";
+    fsType = "ext4";
-      fsType = "ext4";
+  };
-    };
 
-  fileSystems."/boot" =
+  fileSystems."/boot" = {
-    {
+    device = "/dev/disk/by-label/boot";
-      device = "/dev/disk/by-label/boot";
+    fsType = "vfat";
-      fsType = "vfat";
+  };
-    };
 
-  swapDevices =
+  swapDevices = [{device = "/dev/sda2";}];
-    [{ device = "/dev/sda2"; }];
 
   # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
   # (the default) this is the recommended approach. When using systemd-networkd it's
@@ -37,6 +38,4 @@
   virtualisation.vmware.guest.enable = true;
   virtualisation.virtualbox.guest.enable = true;
   virtualisation.virtualbox.guest.x11 = true;
-
-
 }

nixos/hosts/playground/default.nix

@@ -1,7 +1,9 @@
-{ config, lib, ... }:
-
 {
-  imports = [ ./playground.nix ];
+  config,
+  lib,
+  ...
+}: {
+  imports = [./playground.nix];
   boot.isContainer = true;
   nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
   networking = {

nixos/hosts/playground/playground.nix

@@ -1,3 +1,8 @@
-{ config, pkgs, lib, inputs, outputs, ... }:
+{
-
+  config,
-{ }
+  pkgs,
+  lib,
+  inputs,
+  outputs,
+  ...
+}: {}

nixos/overlays/default.nix

@@ -1,5 +1,4 @@
-{ inputs, ... }:
+{inputs, ...}: {
-{
   unstable-packages = final: _prev: {
     unstable = import inputs.nixpkgs-unstable {
       system = final.system;

shell.nix

@@ -0,0 +1,26 @@
+# Shell for bootstrapping flake-enabled nix and other tooling
+{
+  pkgs ?
+  # If pkgs is not defined, instanciate nixpkgs from locked commit
+  let
+    lock =
+      (builtins.fromJSON (builtins.readFile ./flake.lock)).nodes.nixpkgs.locked;
+    nixpkgs = fetchTarball {
+      url = "https://github.com/nixos/nixpkgs/archive/${lock.rev}.tar.gz";
+      sha256 = lock.narHash;
+    };
+  in
+    import nixpkgs {overlays = [];},
+  ...
+}:
+pkgs.mkShell {
+  NIX_CONFIG = "extra-experimental-features = nix-command flakes repl-flake";
+  nativeBuildInputs = with pkgs; [
+    nixpkgs-fmt
+    nil
+    sops
+    pre-commit
+    go-task
+    alejandra
+  ];
+}