diff --git a/configuration.nix b/configuration.nix index ad7d8a05..9b541016 100644 --- a/configuration.nix +++ b/configuration.nix @@ -1,11 +1,13 @@ -{ self -, lib -, pkgs -, config -, inputs -, outputs -, ... -}: { +{ + self, + lib, + pkgs, + config, + inputs, + outputs, + ... +}: +{ nix = { gc = { automatic = true; diff --git a/flake.nix b/flake.nix index ebec0019..7b5fe700 100644 --- a/flake.nix +++ b/flake.nix @@ -39,15 +39,16 @@ }; outputs = - inputs @ { self - , nixos - , nixpkgs - , nur - , disko - , sops-nix - , lanzaboote - , home-manager - , ... + inputs@{ + self, + nixos, + nixpkgs, + nur, + disko, + sops-nix, + lanzaboote, + home-manager, + ... }: let inherit (nixos) lib; @@ -68,8 +69,9 @@ }; mkPkgs = - { pkgs - , extraOverlays ? [ nur.overlay ] + { + pkgs, + extraOverlays ? [ nur.overlay ], }: import pkgs { inherit system; @@ -78,39 +80,43 @@ }; pkgs = mkPkgs { pkgs = nixos; }; - homeManagerConfig = { - # Use global pkgs configured via nixpkgs.* options - home-manager.useGlobalPkgs = true; - # Install user packages to /etc/profiles instead. - # Necessary for nixos-rebuild build-vm to work. - home-manager.useUserPackages = true; - home-manager.extraSpecialArgs = { - inherit dotfileDir; - }; - home-manager.sharedModules = [ - sops-nix.homeManagerModules.sops - ]; - }; mkNixosConfiguration = - { system ? "x86_64-linux" - , baseModules ? [ + { + system ? "x86_64-linux", + baseModules ? [ ./configuration.nix disko.nixosModules.disko sops-nix.nixosModules.sops lanzaboote.nixosModules.lanzaboote - home-manager.nixosModules.home-manager homeManagerConfig - ] - , hostModules ? [ ] - , userModules ? [ ] - , specialArgs ? { } - , + home-manager.nixosModules.home-manager + { + # Use global pkgs configured via nixpkgs.* options + home-manager.useGlobalPkgs = true; + # Install user packages to /etc/profiles instead. + # Necessary for nixos-rebuild build-vm to work. + home-manager.useUserPackages = true; + home-manager.extraSpecialArgs = { + inherit dotfileDir; + }; + home-manager.sharedModules = [ sops-nix.homeManagerModules.sops ]; + } + ], + hostModules ? [ ], + userModules ? [ ], + specialArgs ? { }, }: nixos.lib.nixosSystem { inherit system; modules = baseModules ++ hostModules ++ userModules; specialArgs = specialArgs // { - inherit inputs pkgs self libutil dotfileDir; + inherit + inputs + pkgs + self + libutil + dotfileDir + ; }; }; in @@ -127,7 +133,7 @@ }; }; formatter = { - ${system} = pkgs.nixpkgs-fmt; + ${system} = pkgs.nixfmt-rfc-style; }; # Reusable nixos modules you might want to export @@ -140,16 +146,10 @@ ./hosts/common ./hosts/carbon ]; - userModules = [ - ./users/alapshin - ]; + userModules = [ ./users/alapshin ]; }; - bifrost = mkNixosConfiguration { - hostModules = [ - ./hosts/bifrost - ]; - }; + bifrost = mkNixosConfiguration { hostModules = [ ./hosts/bifrost ]; }; niflheim = mkNixosConfiguration { hostModules = [ @@ -164,9 +164,7 @@ ./hosts/common ./hosts/desktop ]; - userModules = [ - ./users/alapshin - ]; + userModules = [ ./users/alapshin ]; }; altdesk = mkNixosConfiguration { @@ -174,9 +172,7 @@ ./hosts/common ./hosts/altdesk ]; - userModules = [ - ./users/alapshin - ]; + userModules = [ ./users/alapshin ]; }; }; # Stand-alone home-manager configuration for non NixOS machines diff --git a/hosts/altdesk/bluetooth.nix b/hosts/altdesk/bluetooth.nix index 6991bfbb..6920f93e 100644 --- a/hosts/altdesk/bluetooth.nix +++ b/hosts/altdesk/bluetooth.nix @@ -1,7 +1,5 @@ -{ config -, pkgs -, ... -}: { +{ config, pkgs, ... }: +{ hardware = { bluetooth = { enable = true; diff --git a/hosts/altdesk/default.nix b/hosts/altdesk/default.nix index 9f9718f7..73de362a 100644 --- a/hosts/altdesk/default.nix +++ b/hosts/altdesk/default.nix @@ -1,8 +1,10 @@ -{ lib -, pkgs -, config -, ... -}: { +{ + lib, + pkgs, + config, + ... +}: +{ imports = [ ./backup.nix ./bluetooth.nix diff --git a/hosts/altdesk/graphical-desktop.nix b/hosts/altdesk/graphical-desktop.nix index e559917e..f8bf1d9f 100644 --- a/hosts/altdesk/graphical-desktop.nix +++ b/hosts/altdesk/graphical-desktop.nix @@ -1,8 +1,10 @@ -{ lib -, pkgs -, config -, ... -}: { +{ + lib, + pkgs, + config, + ... +}: +{ services = { colord.enable = true; flatpak.enable = true; @@ -22,9 +24,7 @@ options = "grp:caps_toggle,compose:ralt"; }; - videoDrivers = [ - "nvidia" - ]; + videoDrivers = [ "nvidia" ]; }; }; diff --git a/hosts/altdesk/hardware-configuration.nix b/hosts/altdesk/hardware-configuration.nix index 9399c874..1d4c517c 100644 --- a/hosts/altdesk/hardware-configuration.nix +++ b/hosts/altdesk/hardware-configuration.nix @@ -1,7 +1,8 @@ -{ config -, lib -, pkgs -, ... +{ + config, + lib, + pkgs, + ... }: { boot = { @@ -22,7 +23,13 @@ ''; initrd = { - availableKernelModules = [ "ahci" "nvme" "usbhid" "usb_storage" "xhci_pci" ]; + availableKernelModules = [ + "ahci" + "nvme" + "usbhid" + "usb_storage" + "xhci_pci" + ]; luks.devices."luks-9ebe5c59-eac5-47eb-b517-c82f2ede2ca3" = { device = "/dev/disk/by-uuid/9ebe5c59-eac5-47eb-b517-c82f2ede2ca3"; keyFile = "/dev/sda"; @@ -40,12 +47,18 @@ "/" = { device = "/dev/disk/by-uuid/4a5edb30-f86b-4ec3-a493-8de48c8ee703"; fsType = "btrfs"; - options = [ "subvol=root" "discard=async" ]; + options = [ + "subvol=root" + "discard=async" + ]; }; "/home" = { device = "/dev/disk/by-uuid/4a5edb30-f86b-4ec3-a493-8de48c8ee703"; fsType = "btrfs"; - options = [ "subvol=home" "discard=async" ]; + options = [ + "subvol=home" + "discard=async" + ]; }; }; diff --git a/hosts/altdesk/networking.nix b/hosts/altdesk/networking.nix index 0713b012..53f6fe09 100644 --- a/hosts/altdesk/networking.nix +++ b/hosts/altdesk/networking.nix @@ -1,6 +1,4 @@ -{ config -, pkgs -, ... -}: { +{ config, pkgs, ... }: +{ networking.hostName = "altdesk"; } diff --git a/hosts/bifrost/default.nix b/hosts/bifrost/default.nix index 7912188a..42d25c76 100644 --- a/hosts/bifrost/default.nix +++ b/hosts/bifrost/default.nix @@ -1,8 +1,10 @@ -{ lib -, pkgs -, config -, ... -}: { +{ + lib, + pkgs, + config, + ... +}: +{ imports = [ ./openssh.nix ./secrets.nix diff --git a/hosts/bifrost/disk-config.nix b/hosts/bifrost/disk-config.nix index 652cc71b..9cd463ce 100644 --- a/hosts/bifrost/disk-config.nix +++ b/hosts/bifrost/disk-config.nix @@ -39,4 +39,3 @@ in }; }; } - diff --git a/hosts/bifrost/hardware-configuration.nix b/hosts/bifrost/hardware-configuration.nix index 98c71c99..6da08c7a 100644 --- a/hosts/bifrost/hardware-configuration.nix +++ b/hosts/bifrost/hardware-configuration.nix @@ -1,8 +1,9 @@ -{ config -, lib -, pkgs -, modulesPath -, ... +{ + config, + lib, + pkgs, + modulesPath, + ... }: { imports = [ @@ -20,7 +21,13 @@ }; initrd = { - availableKernelModules = [ "ahci" "nvme" "usbhid" "usb_storage" "xhci_pci" ]; + availableKernelModules = [ + "ahci" + "nvme" + "usbhid" + "usb_storage" + "xhci_pci" + ]; }; }; } diff --git a/hosts/bifrost/networking.nix b/hosts/bifrost/networking.nix index 6131edbb..311716c6 100644 --- a/hosts/bifrost/networking.nix +++ b/hosts/bifrost/networking.nix @@ -1,8 +1,10 @@ -{ lib -, pkgs -, config -, ... -}: { +{ + lib, + pkgs, + config, + ... +}: +{ networking = { hostName = "bifrost"; firewall = { diff --git a/hosts/bifrost/openssh.nix b/hosts/bifrost/openssh.nix index 57ff33d2..122eb862 100644 --- a/hosts/bifrost/openssh.nix +++ b/hosts/bifrost/openssh.nix @@ -1,8 +1,10 @@ -{ lib -, pkgs -, config -, ... -}: { +{ + lib, + pkgs, + config, + ... +}: +{ services = { openssh = { enable = true; @@ -12,4 +14,3 @@ }; }; } - diff --git a/hosts/bifrost/secrets.nix b/hosts/bifrost/secrets.nix index 975d1f91..cb0b1826 100644 --- a/hosts/bifrost/secrets.nix +++ b/hosts/bifrost/secrets.nix @@ -1,7 +1,5 @@ -{ config -, pkgs -, ... -}: { +{ config, pkgs, ... }: +{ sops = { defaultSopsFile = ./secrets.yaml; secrets = { diff --git a/hosts/bifrost/xray-server.nix b/hosts/bifrost/xray-server.nix index d7f6f0b9..01f68a1b 100644 --- a/hosts/bifrost/xray-server.nix +++ b/hosts/bifrost/xray-server.nix @@ -1,8 +1,10 @@ -{ config -, lib -, pkgs -, ... -}: { +{ + config, + lib, + pkgs, + ... +}: +{ sops = { secrets = { "xray/vless_user_id" = { @@ -15,12 +17,14 @@ restartUnits = [ "xray.service" ]; }; }; - templates."xray-config.json".content = builtins.readFile (pkgs.substituteAll { - src = ./xray-config.json; - vless_user_id = config.sops.placeholder."xray/vless_user_id"; - vless_private_key = config.sops.placeholder."xray/vless_private_key"; - shadowsocks_password = config.sops.placeholder."xray/shadowsocks_password"; - }); + templates."xray-config.json".content = builtins.readFile ( + pkgs.substituteAll { + src = ./xray-config.json; + vless_user_id = config.sops.placeholder."xray/vless_user_id"; + vless_private_key = config.sops.placeholder."xray/vless_private_key"; + shadowsocks_password = config.sops.placeholder."xray/shadowsocks_password"; + } + ); }; services.xray = { @@ -31,7 +35,10 @@ networking = { firewall = { allowedUDPPorts = [ 1080 ]; - allowedTCPPorts = [ 1080 8443 ]; + allowedTCPPorts = [ + 1080 + 8443 + ]; }; }; diff --git a/hosts/carbon/bluetooth.nix b/hosts/carbon/bluetooth.nix index 6991bfbb..6920f93e 100644 --- a/hosts/carbon/bluetooth.nix +++ b/hosts/carbon/bluetooth.nix @@ -1,7 +1,5 @@ -{ config -, pkgs -, ... -}: { +{ config, pkgs, ... }: +{ hardware = { bluetooth = { enable = true; diff --git a/hosts/carbon/default.nix b/hosts/carbon/default.nix index 18b08dcc..3e8bfefc 100644 --- a/hosts/carbon/default.nix +++ b/hosts/carbon/default.nix @@ -1,8 +1,10 @@ -{ config -, lib -, pkgs -, ... -}: { +{ + config, + lib, + pkgs, + ... +}: +{ imports = [ ./backup.nix ./secrets.nix diff --git a/hosts/carbon/graphical-desktop.nix b/hosts/carbon/graphical-desktop.nix index 55b8d684..c95195f5 100644 --- a/hosts/carbon/graphical-desktop.nix +++ b/hosts/carbon/graphical-desktop.nix @@ -1,7 +1,5 @@ -{ config -, pkgs -, ... -}: { +{ config, pkgs, ... }: +{ hardware = { graphics = { enable = true; @@ -31,7 +29,10 @@ defaultSession = "plasma"; }; xserver = { - videoDrivers = [ "modesetting" "intel" ]; + videoDrivers = [ + "modesetting" + "intel" + ]; }; desktopManager.plasma6.enable = true; }; @@ -43,6 +44,5 @@ QT_SCALE_FACTOR_ROUNDING_POLICY = "RoundPreferFloor"; }; - environment.systemPackages = with pkgs; [ - ]; + environment.systemPackages = with pkgs; [ ]; } diff --git a/hosts/carbon/hardware-configuration.nix b/hosts/carbon/hardware-configuration.nix index d2199a16..a27691a4 100644 --- a/hosts/carbon/hardware-configuration.nix +++ b/hosts/carbon/hardware-configuration.nix @@ -1,13 +1,16 @@ -{ config -, lib -, pkgs -, ... -}: { +{ + config, + lib, + pkgs, + ... +}: +{ boot = { - kernelModules = [ "kvm-intel" "v4l2loopback" ]; - extraModulePackages = with config.boot.kernelPackages; [ - v4l2loopback + kernelModules = [ + "kvm-intel" + "v4l2loopback" ]; + extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ]; extraModprobeConfig = '' options v4l2loopback exclusive_caps=1 card_label="Virtual Camera" ''; @@ -32,7 +35,13 @@ initrd = { luks.devices."luksroot".device = "/dev/disk/by-uuid/8119ac87-97bb-44fd-889f-79389f22588b"; - availableKernelModules = [ "xhci_pci" "thunderbolt" "nvme" "usb_storage" "sd_mod" ]; + availableKernelModules = [ + "xhci_pci" + "thunderbolt" + "nvme" + "usb_storage" + "sd_mod" + ]; }; }; @@ -54,4 +63,3 @@ }; } - diff --git a/hosts/carbon/networking.nix b/hosts/carbon/networking.nix index b7485efd..867245e1 100644 --- a/hosts/carbon/networking.nix +++ b/hosts/carbon/networking.nix @@ -1,7 +1,5 @@ -{ config -, pkgs -, ... -}: { +{ config, pkgs, ... }: +{ networking = { hostName = "carbon"; }; diff --git a/hosts/carbon/secrets.nix b/hosts/carbon/secrets.nix index fe6c4b0c..40c1b9fd 100644 --- a/hosts/carbon/secrets.nix +++ b/hosts/carbon/secrets.nix @@ -1,7 +1,5 @@ -{ config -, pkgs -, ... -}: { +{ config, pkgs, ... }: +{ sops = { secrets = { "wireguard/public_key" = { diff --git a/hosts/carbon/services.nix b/hosts/carbon/services.nix index cff38fb1..fbb53f63 100644 --- a/hosts/carbon/services.nix +++ b/hosts/carbon/services.nix @@ -1,7 +1,5 @@ -{ pkgs -, config -, ... -}: { +{ pkgs, config, ... }: +{ services = { kmscon = { diff --git a/hosts/carbon/syncthing.nix b/hosts/carbon/syncthing.nix index 69d4821f..b977e41e 100644 --- a/hosts/carbon/syncthing.nix +++ b/hosts/carbon/syncthing.nix @@ -1,7 +1,8 @@ -{ lib -, pkgs -, config -, ... +{ + lib, + pkgs, + config, + ... }: let cfg = config.services.syncthing; @@ -29,9 +30,7 @@ in }; environment = { - systemPackages = with pkgs; [ - bindfs - ]; + systemPackages = with pkgs; [ bindfs ]; }; fileSystems = { @@ -111,17 +110,28 @@ in id = "seedvault"; type = "receiveonly"; label = "SeedVault"; - devices = [ "carbon" "desktop" "pixel" ]; + devices = [ + "carbon" + "desktop" + "pixel" + ]; }; "${cfg.dataDir}/${username}/books" = { id = "books"; label = "Books"; - devices = [ "carbon" "desktop" ]; + devices = [ + "carbon" + "desktop" + ]; }; "${cfg.dataDir}/${username}/documents" = { id = "documents"; label = "Documents"; - devices = [ "carbon" "desktop" "pixel" ]; + devices = [ + "carbon" + "desktop" + "pixel" + ]; versioning = { type = "simple"; params = { @@ -132,7 +142,11 @@ in "${cfg.dataDir}/${username}/syncthing" = { id = "syncthing"; label = "Syncthing"; - devices = [ "carbon" "desktop" "pixel" ]; + devices = [ + "carbon" + "desktop" + "pixel" + ]; versioning = { type = "simple"; params = { diff --git a/hosts/carbon/virtualization.nix b/hosts/carbon/virtualization.nix index efa0a8f1..e560ce7d 100644 --- a/hosts/carbon/virtualization.nix +++ b/hosts/carbon/virtualization.nix @@ -1,7 +1,5 @@ -{ config -, pkgs -, ... -}: { +{ config, pkgs, ... }: +{ virtualisation = { docker = { enable = true; @@ -13,7 +11,5 @@ programs.virt-manager.enable = true; - environment.systemPackages = with pkgs; [ - docker-compose - ]; + environment.systemPackages = with pkgs; [ docker-compose ]; } diff --git a/hosts/common/audio.nix b/hosts/common/audio.nix index 51e84159..5c244676 100644 --- a/hosts/common/audio.nix +++ b/hosts/common/audio.nix @@ -1,8 +1,10 @@ -{ lib -, pkgs -, config -, ... -}: { +{ + lib, + pkgs, + config, + ... +}: +{ services.pipewire = { enable = true; alsa = { diff --git a/hosts/common/backup.nix b/hosts/common/backup.nix index 51b48644..491e21c6 100644 --- a/hosts/common/backup.nix +++ b/hosts/common/backup.nix @@ -1,9 +1,10 @@ -{ lib -, pkgs -, config -, ... -}: -let +{ + lib, + pkgs, + config, + ... +}: +let user = "u399502"; host = "${user}.your-storagebox.de"; jobname = "default"; diff --git a/hosts/common/default.nix b/hosts/common/default.nix index f5ecb470..fb794d85 100644 --- a/hosts/common/default.nix +++ b/hosts/common/default.nix @@ -1,8 +1,10 @@ -{ config -, lib -, pkgs -, ... -}: { +{ + config, + lib, + pkgs, + ... +}: +{ imports = [ ./audio.nix ./backup.nix @@ -17,7 +19,10 @@ kernel.sysctl = { "kernel.sysrq" = 438; }; - kernelModules = [ "kvm-amd" "kvm-intel" ]; + kernelModules = [ + "kvm-amd" + "kvm-intel" + ]; kernelPackages = pkgs.linuxPackages_zen; initrd = { systemd = { @@ -35,18 +40,10 @@ fonts = { fontconfig = { defaultFonts = { - emoji = [ - "Noto Color Emoji" - ]; - serif = [ - "IBM Plex Serif" - ]; - sansSerif = [ - "IBM Plex Sans" - ]; - monospace = [ - "JetBrainsMono Nerd Font Mono" - ]; + emoji = [ "Noto Color Emoji" ]; + serif = [ "IBM Plex Serif" ]; + sansSerif = [ "IBM Plex Sans" ]; + monospace = [ "JetBrainsMono Nerd Font Mono" ]; }; }; enableDefaultPackages = false; diff --git a/hosts/common/graphical-desktop.nix b/hosts/common/graphical-desktop.nix index c4deac22..60696e05 100644 --- a/hosts/common/graphical-desktop.nix +++ b/hosts/common/graphical-desktop.nix @@ -1,7 +1,5 @@ -{ config -, pkgs -, ... -}: { +{ config, pkgs, ... }: +{ qt = { enable = true; platformTheme = "kde"; diff --git a/hosts/common/networking.nix b/hosts/common/networking.nix index 646503a8..a4009c8e 100644 --- a/hosts/common/networking.nix +++ b/hosts/common/networking.nix @@ -1,8 +1,10 @@ -{ lib -, pkgs -, config -, ... -}: { +{ + lib, + pkgs, + config, + ... +}: +{ networking = { firewall.enable = false; wireless.dbusControlled = true; diff --git a/hosts/common/secrets.nix b/hosts/common/secrets.nix index 347f266d..bc92170b 100644 --- a/hosts/common/secrets.nix +++ b/hosts/common/secrets.nix @@ -1,13 +1,13 @@ -{ lib -, pkgs -, config -, ... -}: { +{ + lib, + pkgs, + config, + ... +}: +{ sops = { age = { - sshKeyPaths = [ - "/etc/ssh/ssh_host_ed25519_key" - ]; + sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; }; defaultSopsFile = ./secrets.yaml; }; diff --git a/hosts/common/services.nix b/hosts/common/services.nix index 8e50c42f..6002527b 100644 --- a/hosts/common/services.nix +++ b/hosts/common/services.nix @@ -1,8 +1,10 @@ -{ lib -, pkgs -, config -, ... -}: { +{ + lib, + pkgs, + config, + ... +}: +{ services = { fwupd.enable = true; locate = { diff --git a/hosts/common/xray-client.nix b/hosts/common/xray-client.nix index 0831b6a4..a7b48001 100644 --- a/hosts/common/xray-client.nix +++ b/hosts/common/xray-client.nix @@ -1,8 +1,10 @@ -{ config -, lib -, pkgs -, ... -}: { +{ + config, + lib, + pkgs, + ... +}: +{ sops = { secrets = { "xray/vless_user_id" = { @@ -12,11 +14,13 @@ restartUnits = [ "xray.service" ]; }; }; - templates."xray-config.json".content = builtins.readFile (pkgs.substituteAll { - src = ./xray-config.json; - vless_user_id = config.sops.placeholder."xray/vless_user_id"; - vless_public_key = config.sops.placeholder."xray/vless_public_key"; - }); + templates."xray-config.json".content = builtins.readFile ( + pkgs.substituteAll { + src = ./xray-config.json; + vless_user_id = config.sops.placeholder."xray/vless_user_id"; + vless_public_key = config.sops.placeholder."xray/vless_public_key"; + } + ); }; services.xray = { diff --git a/hosts/desktop/bluetooth.nix b/hosts/desktop/bluetooth.nix index 6991bfbb..6920f93e 100644 --- a/hosts/desktop/bluetooth.nix +++ b/hosts/desktop/bluetooth.nix @@ -1,7 +1,5 @@ -{ config -, pkgs -, ... -}: { +{ config, pkgs, ... }: +{ hardware = { bluetooth = { enable = true; diff --git a/hosts/desktop/default.nix b/hosts/desktop/default.nix index 16fea719..e91a7915 100644 --- a/hosts/desktop/default.nix +++ b/hosts/desktop/default.nix @@ -1,8 +1,10 @@ -{ lib -, pkgs -, config -, ... -}: { +{ + lib, + pkgs, + config, + ... +}: +{ imports = [ ./backup.nix ./bluetooth.nix diff --git a/hosts/desktop/gaming.nix b/hosts/desktop/gaming.nix index 512a5465..3f4580ba 100644 --- a/hosts/desktop/gaming.nix +++ b/hosts/desktop/gaming.nix @@ -1,8 +1,10 @@ -{ lib -, pkgs -, config -, ... -}: { +{ + lib, + pkgs, + config, + ... +}: +{ programs.steam = { enable = true; extest.enable = true; diff --git a/hosts/desktop/graphical-desktop.nix b/hosts/desktop/graphical-desktop.nix index 6a1ff4bf..3d1e57ca 100644 --- a/hosts/desktop/graphical-desktop.nix +++ b/hosts/desktop/graphical-desktop.nix @@ -1,14 +1,10 @@ -{ config -, pkgs -, ... -}: { +{ config, pkgs, ... }: +{ hardware = { graphics = { enable = true; enable32Bit = true; - extraPackages = with pkgs; [ - rocmPackages.clr.icd - ]; + extraPackages = with pkgs; [ rocmPackages.clr.icd ]; }; }; diff --git a/hosts/desktop/hardware-configuration.nix b/hosts/desktop/hardware-configuration.nix index c37d3efb..30275479 100644 --- a/hosts/desktop/hardware-configuration.nix +++ b/hosts/desktop/hardware-configuration.nix @@ -1,7 +1,8 @@ -{ config -, lib -, pkgs -, ... +{ + config, + lib, + pkgs, + ... }: { boot = { @@ -21,9 +22,7 @@ enable = true; ssh = { enable = true; - hostKeys = [ - "/etc/secrets/initrd/host_ed25519" - ]; + hostKeys = [ "/etc/secrets/initrd/host_ed25519" ]; authorizedKeys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGlJo3xdypmwSS2lsHCzf6GsqyEGvr+HzvbU+TGuPjmA" ]; @@ -57,7 +56,10 @@ "/" = { device = "/dev/disk/by-uuid/20b4e7b3-3a81-468e-9ca9-2fdc1b6c2238"; fsType = "btrfs"; - options = [ "subvol=root" "discard=async" ]; + options = [ + "subvol=root" + "discard=async" + ]; }; "/boot" = { device = "/dev/disk/by-uuid/A0D1-44CF"; @@ -66,17 +68,21 @@ "/home" = { device = "/dev/disk/by-uuid/20b4e7b3-3a81-468e-9ca9-2fdc1b6c2238"; fsType = "btrfs"; - options = [ "subvol=home" "discard=async" ]; + options = [ + "subvol=home" + "discard=async" + ]; }; "/mnt/data" = { device = "/dev/disk/by-uuid/1a34979e-9d0a-47bf-a2a8-2034afddec19"; fsType = "btrfs"; - options = [ "subvol=data" "discard=async" ]; + options = [ + "subvol=data" + "discard=async" + ]; }; }; - systemd.tmpfiles.rules = [ - "L+ /opt/rocm/hip - - - - ${pkgs.rocmPackages.clr}" - ]; + systemd.tmpfiles.rules = [ "L+ /opt/rocm/hip - - - - ${pkgs.rocmPackages.clr}" ]; } diff --git a/hosts/desktop/networking.nix b/hosts/desktop/networking.nix index 501cd71e..06b750e2 100644 --- a/hosts/desktop/networking.nix +++ b/hosts/desktop/networking.nix @@ -1,7 +1,5 @@ -{ config -, pkgs -, ... -}: { +{ config, pkgs, ... }: +{ networking = { hostName = "desktop"; interfaces = { diff --git a/hosts/desktop/services.nix b/hosts/desktop/services.nix index 587894ca..ae3a0d5e 100644 --- a/hosts/desktop/services.nix +++ b/hosts/desktop/services.nix @@ -1,8 +1,10 @@ -{ lib -, pkgs -, config -, ... -}: { +{ + lib, + pkgs, + config, + ... +}: +{ services = { avahi = { enable = true; diff --git a/hosts/desktop/syncthing.nix b/hosts/desktop/syncthing.nix index 69d4821f..b977e41e 100644 --- a/hosts/desktop/syncthing.nix +++ b/hosts/desktop/syncthing.nix @@ -1,7 +1,8 @@ -{ lib -, pkgs -, config -, ... +{ + lib, + pkgs, + config, + ... }: let cfg = config.services.syncthing; @@ -29,9 +30,7 @@ in }; environment = { - systemPackages = with pkgs; [ - bindfs - ]; + systemPackages = with pkgs; [ bindfs ]; }; fileSystems = { @@ -111,17 +110,28 @@ in id = "seedvault"; type = "receiveonly"; label = "SeedVault"; - devices = [ "carbon" "desktop" "pixel" ]; + devices = [ + "carbon" + "desktop" + "pixel" + ]; }; "${cfg.dataDir}/${username}/books" = { id = "books"; label = "Books"; - devices = [ "carbon" "desktop" ]; + devices = [ + "carbon" + "desktop" + ]; }; "${cfg.dataDir}/${username}/documents" = { id = "documents"; label = "Documents"; - devices = [ "carbon" "desktop" "pixel" ]; + devices = [ + "carbon" + "desktop" + "pixel" + ]; versioning = { type = "simple"; params = { @@ -132,7 +142,11 @@ in "${cfg.dataDir}/${username}/syncthing" = { id = "syncthing"; label = "Syncthing"; - devices = [ "carbon" "desktop" "pixel" ]; + devices = [ + "carbon" + "desktop" + "pixel" + ]; versioning = { type = "simple"; params = { diff --git a/hosts/desktop/virtualization.nix b/hosts/desktop/virtualization.nix index cc6eeb58..8a3b3544 100644 --- a/hosts/desktop/virtualization.nix +++ b/hosts/desktop/virtualization.nix @@ -1,7 +1,5 @@ -{ config -, pkgs -, ... -}: { +{ config, pkgs, ... }: +{ virtualisation = { docker = { enable = true; diff --git a/hosts/niflheim/acme.nix b/hosts/niflheim/acme.nix index 60fd0e44..2dc320f4 100644 --- a/hosts/niflheim/acme.nix +++ b/hosts/niflheim/acme.nix @@ -1,8 +1,10 @@ -{ lib -, pkgs -, config -, ... -}: { +{ + lib, + pkgs, + config, + ... +}: +{ sops = { secrets = { "porkbun/api_key" = { @@ -16,18 +18,14 @@ users.users = { # Make sops keys available to acme user - acme.extraGroups = [ - config.users.groups.keys.name - ]; + acme.extraGroups = [ config.users.groups.keys.name ]; }; security = { acme = { acceptTerms = true; certs."${config.domain.base}" = { - extraDomainNames = [ - "*.${config.domain.base}" - ]; + extraDomainNames = [ "*.${config.domain.base}" ]; }; defaults = { email = "mail@${config.domain.base}"; diff --git a/hosts/niflheim/ai.nix b/hosts/niflheim/ai.nix index 39642d3b..d96cba31 100644 --- a/hosts/niflheim/ai.nix +++ b/hosts/niflheim/ai.nix @@ -1,7 +1,8 @@ -{ lib -, pkgs -, config -, ... +{ + lib, + pkgs, + config, + ... }: let ollamaHost = config.services.ollama.host; diff --git a/hosts/niflheim/audiobookshelf.nix b/hosts/niflheim/audiobookshelf.nix index a10acb21..470af0e5 100644 --- a/hosts/niflheim/audiobookshelf.nix +++ b/hosts/niflheim/audiobookshelf.nix @@ -1,8 +1,10 @@ -{ lib -, pkgs -, config -, ... -}: { +{ + lib, + pkgs, + config, + ... +}: +{ sops = { secrets = { "audiobookshelf/api_key" = { }; diff --git a/hosts/niflheim/authelia.nix b/hosts/niflheim/authelia.nix index 240ffcc1..7a13ba23 100644 --- a/hosts/niflheim/authelia.nix +++ b/hosts/niflheim/authelia.nix @@ -1,8 +1,9 @@ -{ lib -, pkgs -, config -, inputs -, ... +{ + lib, + pkgs, + config, + inputs, + ... }: let instance = "main"; @@ -69,9 +70,7 @@ in }; postgresql = { - ensureDatabases = [ - dbName - ]; + ensureDatabases = [ dbName ]; ensureUsers = [ { name = dbUser; @@ -137,9 +136,7 @@ in } { policy = "one_factor"; - domain = [ - "*.${config.domain.base}" - ]; + domain = [ "*.${config.domain.base}" ]; } ]; }; @@ -201,9 +198,7 @@ in require_pkce = true; pkce_challenge_method = "S256"; authorization_policy = "one_factor"; - redirect_uris = [ - "https://grafana.${config.domain.base}/login/generic_oauth" - ]; + redirect_uris = [ "https://grafana.${config.domain.base}/login/generic_oauth" ]; } { client_id = "jellyfin"; @@ -212,9 +207,7 @@ in require_pkce = true; pkce_challenge_method = "S256"; authorization_policy = "one_factor"; - redirect_uris = [ - "https://jellyfin.${config.domain.base}/sso/OID/redirect/authelia" - ]; + redirect_uris = [ "https://jellyfin.${config.domain.base}/sso/OID/redirect/authelia" ]; token_endpoint_auth_method = "client_secret_post"; } { @@ -224,18 +217,14 @@ in require_pkce = true; pkce_challenge_method = "S256"; authorization_policy = "one_factor"; - redirect_uris = [ - "https://nextcloud.${config.domain.base}/apps/oidc_login/oidc" - ]; + redirect_uris = [ "https://nextcloud.${config.domain.base}/apps/oidc_login/oidc" ]; } { client_id = "open-webui"; client_name = "Open WebUI"; client_secret = "$pbkdf2-sha512$310000$b6mTChIj/dqB1tgrNWpJCA$L0o17Sn8c2U2G9U3AHmOsI03TsHIwnU9rjiqvw2hEcl/lcbc6r48cBS4aU/Bq4g9PYF9lihl3o2fbhlIOE7fEA"; authorization_policy = "one_factor"; - redirect_uris = [ - "https://owui.${config.domain.base}/oauth/oidc/callback" - ]; + redirect_uris = [ "https://owui.${config.domain.base}/oauth/oidc/callback" ]; } { client_id = "paperless"; @@ -273,9 +262,7 @@ in AUTHELIA_AUTHENTICATION_BACKEND_LDAP_PASSWORD_FILE = "%d/ldap_password"; }; serviceConfig = { - LoadCredential = [ - "ldap_password:${config.sops.secrets."lldap/user_password".path}" - ]; + LoadCredential = [ "ldap_password:${config.sops.secrets."lldap/user_password".path}" ]; }; }; } diff --git a/hosts/niflheim/calibre.nix b/hosts/niflheim/calibre.nix index c37d458f..27265822 100644 --- a/hosts/niflheim/calibre.nix +++ b/hosts/niflheim/calibre.nix @@ -1,9 +1,10 @@ # Setup calibre-server and calibre-web -{ lib -, pkgs -, config -, ... +{ + lib, + pkgs, + config, + ... }: let library = "/mnt/data/books"; diff --git a/hosts/niflheim/changedetection.nix b/hosts/niflheim/changedetection.nix index 02a3c5a2..21497583 100644 --- a/hosts/niflheim/changedetection.nix +++ b/hosts/niflheim/changedetection.nix @@ -1,8 +1,10 @@ -{ lib -, pkgs -, config -, ... -}: { +{ + lib, + pkgs, + config, + ... +}: +{ services = { changedetection-io = { enable = true; diff --git a/hosts/niflheim/dashboard.nix b/hosts/niflheim/dashboard.nix index 426d2384..c94956e7 100644 --- a/hosts/niflheim/dashboard.nix +++ b/hosts/niflheim/dashboard.nix @@ -1,11 +1,17 @@ -{ lib -, pkgs -, config -, libutil -, ... +{ + lib, + pkgs, + config, + libutil, + ... }: let - mkService = { app, description, widget ? { } }: + mkService = + { + app, + description, + widget ? { }, + }: let name = libutil.capitalize app; listenPort = config.services.nginx-ext.applications."${app}".port; @@ -239,7 +245,6 @@ in "calibreweb_username:${config.sops.secrets."calibreweb/admin_username".path}" "calibreweb_password:${config.sops.secrets."calibreweb/admin_password".path}" - "grafana_username:${config.sops.secrets."grafana/admin_username".path}" "grafana_password:${config.sops.secrets."grafana/admin_password".path}" diff --git a/hosts/niflheim/default.nix b/hosts/niflheim/default.nix index 79b58d2a..ac44207b 100644 --- a/hosts/niflheim/default.nix +++ b/hosts/niflheim/default.nix @@ -1,8 +1,10 @@ -{ lib -, pkgs -, config -, ... -}: { +{ + lib, + pkgs, + config, + ... +}: +{ imports = [ ./domain.nix ./secrets.nix diff --git a/hosts/niflheim/disk-config.nix b/hosts/niflheim/disk-config.nix index ab4aea85..762a1b74 100644 --- a/hosts/niflheim/disk-config.nix +++ b/hosts/niflheim/disk-config.nix @@ -1,6 +1,4 @@ -{ lib -, ... -}: +{ lib, ... }: let dataDisk1 = "/dev/sda"; luksData1 = "luks-data1"; @@ -100,7 +98,10 @@ in subvolumes = { "/root" = { mountpoint = "/"; - mountOptions = [ "compress=zstd" "noatime" ]; + mountOptions = [ + "compress=zstd" + "noatime" + ]; }; }; }; @@ -126,7 +127,10 @@ in content = { type = "btrfs"; mountpoint = "/mnt/data"; - mountOptions = [ "compress=zstd" "noatime" ]; + mountOptions = [ + "compress=zstd" + "noatime" + ]; }; }; }; @@ -136,4 +140,3 @@ in }; }; } - diff --git a/hosts/niflheim/domain.nix b/hosts/niflheim/domain.nix index 7ab9a72e..31aeb8a6 100644 --- a/hosts/niflheim/domain.nix +++ b/hosts/niflheim/domain.nix @@ -1,7 +1,8 @@ -{ lib -, pkgs -, config -, ... +{ + lib, + pkgs, + config, + ... }: let diff --git a/hosts/niflheim/grafana.nix b/hosts/niflheim/grafana.nix index 75fa3525..0897a8d1 100644 --- a/hosts/niflheim/grafana.nix +++ b/hosts/niflheim/grafana.nix @@ -1,7 +1,8 @@ -{ lib -, pkgs -, config -, ... +{ + lib, + pkgs, + config, + ... }: let dbUser = "grafana"; @@ -11,9 +12,7 @@ let url = "https://github.com/rfmoz/grafana-dashboards.git"; rev = "cad8539cc4c4ed043935e69b9c1ec23e551806f4"; nonConeMode = true; - sparseCheckout = [ - "/prometheus/node-exporter-full.json" - ]; + sparseCheckout = [ "/prometheus/node-exporter-full.json" ]; sha256 = "sha256-KtUmo5+p49lEWl8C8IFIT3volMYm99SV5CEyRcPsy3U="; }; in @@ -94,9 +93,7 @@ in }; postgresql = { - ensureDatabases = [ - dbName - ]; + ensureDatabases = [ dbName ]; ensureUsers = [ { name = dbUser; @@ -112,8 +109,6 @@ in }; systemd.services."grafana" = { - requires = [ - "postgresql.service" - ]; + requires = [ "postgresql.service" ]; }; } diff --git a/hosts/niflheim/hardware-configuration.nix b/hosts/niflheim/hardware-configuration.nix index bf0cf4c9..37f83d7e 100644 --- a/hosts/niflheim/hardware-configuration.nix +++ b/hosts/niflheim/hardware-configuration.nix @@ -1,8 +1,9 @@ -{ lib -, pkgs -, config -, modulesPath -, ... +{ + lib, + pkgs, + config, + modulesPath, + ... }: { imports = [ @@ -20,8 +21,14 @@ efiInstallAsRemovable = true; devices = lib.mkForce [ ]; # disko adds /boot here, we want /boot1 /boot2 mirroredBoots = [ - { path = "/boot1"; devices = [ "nodev" ]; } - { path = "/boot2"; devices = [ "nodev" ]; } + { + path = "/boot1"; + devices = [ "nodev" ]; + } + { + path = "/boot2"; + devices = [ "nodev" ]; + } ]; }; }; @@ -32,9 +39,7 @@ ssh = { enable = true; port = 2222; - hostKeys = [ - /etc/ssh/ssh_initrd_ed25519_key - ]; + hostKeys = [ /etc/ssh/ssh_initrd_ed25519_key ]; }; }; systemd = { diff --git a/hosts/niflheim/influxdb.nix b/hosts/niflheim/influxdb.nix index e8598a71..73928656 100644 --- a/hosts/niflheim/influxdb.nix +++ b/hosts/niflheim/influxdb.nix @@ -1,7 +1,4 @@ -{ lib -, config -, ... -}: +{ lib, config, ... }: let port = 8086; in diff --git a/hosts/niflheim/jellyfin.nix b/hosts/niflheim/jellyfin.nix index 9928ae53..ebb05ecd 100644 --- a/hosts/niflheim/jellyfin.nix +++ b/hosts/niflheim/jellyfin.nix @@ -1,7 +1,8 @@ -{ lib -, pkgs -, config -, ... +{ + lib, + pkgs, + config, + ... }: let port = 8096; diff --git a/hosts/niflheim/lldap.nix b/hosts/niflheim/lldap.nix index c568b1ec..856e16ea 100644 --- a/hosts/niflheim/lldap.nix +++ b/hosts/niflheim/lldap.nix @@ -1,7 +1,8 @@ -{ lib -, pkgs -, config -, ... +{ + lib, + pkgs, + config, + ... }: let name = "lldap"; @@ -37,9 +38,7 @@ in }; postgresql = { - ensureDatabases = [ - name - ]; + ensureDatabases = [ name ]; ensureUsers = [ { name = name; @@ -55,9 +54,7 @@ in }; systemd.services.lldap = { - requires = [ - "postgresql.service" - ]; + requires = [ "postgresql.service" ]; serviceConfig = { LoadCredential = [ "jwt_secret:${config.sops.secrets."lldap/jwt_secret".path}" diff --git a/hosts/niflheim/navidrome.nix b/hosts/niflheim/navidrome.nix index 8eac24ae..c3523ece 100644 --- a/hosts/niflheim/navidrome.nix +++ b/hosts/niflheim/navidrome.nix @@ -1,8 +1,10 @@ -{ lib -, pkgs -, config -, ... -}: { +{ + lib, + pkgs, + config, + ... +}: +{ sops = { secrets = { "navidrome/salt" = { }; diff --git a/hosts/niflheim/networking.nix b/hosts/niflheim/networking.nix index 5461e06f..2e7de6bf 100644 --- a/hosts/niflheim/networking.nix +++ b/hosts/niflheim/networking.nix @@ -1,14 +1,15 @@ -{ pkgs -, config -, ... -}: { +{ pkgs, config, ... }: +{ networking = { hostName = "niflheim"; useNetworkd = true; firewall = { enable = true; - allowedTCPPorts = [ 80 443 ]; + allowedTCPPorts = [ + 80 + 443 + ]; }; }; diff --git a/hosts/niflheim/nextcloud.nix b/hosts/niflheim/nextcloud.nix index 09dee141..87b5e50a 100644 --- a/hosts/niflheim/nextcloud.nix +++ b/hosts/niflheim/nextcloud.nix @@ -1,7 +1,8 @@ -{ lib -, pkgs -, config -, ... +{ + lib, + pkgs, + config, + ... }: let nextcloudHostname = "nextcloud.${config.domain.base}"; @@ -22,9 +23,7 @@ in users.users = { # Make sops keys available to nextcloud user - nextcloud.extraGroups = [ - config.users.groups.keys.name - ]; + nextcloud.extraGroups = [ config.users.groups.keys.name ]; }; services = { @@ -57,7 +56,6 @@ in }; database.createLocally = true; - settings = { ratelimit.protection.enabled = false; @@ -79,15 +77,24 @@ in secretFile = config.sops.secrets."nextcloud/secrets.json".path; - extraApps = with config.services.nextcloud.package.packages.apps; { - inherit bookmarks calendar contacts gpoddersync tasks; - } // { - oidc_login = pkgs.fetchNextcloudApp { - license = "agpl3Plus"; - url = "https://github.com/pulsejet/nextcloud-oidc-login/releases/download/v3.1.1/oidc_login.tar.gz"; - sha256 = "sha256-b/tKk+y+ZypCHGNDtunDua2msYD6/TzA0haoC0k85F4="; + extraApps = + with config.services.nextcloud.package.packages.apps; + { + inherit + bookmarks + calendar + contacts + gpoddersync + tasks + ; + } + // { + oidc_login = pkgs.fetchNextcloudApp { + license = "agpl3Plus"; + url = "https://github.com/pulsejet/nextcloud-oidc-login/releases/download/v3.1.1/oidc_login.tar.gz"; + sha256 = "sha256-b/tKk+y+ZypCHGNDtunDua2msYD6/TzA0haoC0k85F4="; + }; }; - }; extraAppsEnable = true; }; }; diff --git a/hosts/niflheim/nginx.nix b/hosts/niflheim/nginx.nix index 2e4e46a2..d4a5e5bc 100644 --- a/hosts/niflheim/nginx.nix +++ b/hosts/niflheim/nginx.nix @@ -1,14 +1,13 @@ -{ lib -, pkgs -, config -, ... +{ + lib, + pkgs, + config, + ... }: { users.users = { # Make acme certificates available to nginx user - nginx.extraGroups = [ - config.users.groups.acme.name - ]; + nginx.extraGroups = [ config.users.groups.acme.name ]; }; services = { diff --git a/hosts/niflheim/ntfy.nix b/hosts/niflheim/ntfy.nix index 88439918..8f79f723 100644 --- a/hosts/niflheim/ntfy.nix +++ b/hosts/niflheim/ntfy.nix @@ -1,7 +1,8 @@ -{ lib -, pkgs -, config -, ... +{ + lib, + pkgs, + config, + ... }: let port = 8084; diff --git a/hosts/niflheim/openssh.nix b/hosts/niflheim/openssh.nix index 57ff33d2..122eb862 100644 --- a/hosts/niflheim/openssh.nix +++ b/hosts/niflheim/openssh.nix @@ -1,8 +1,10 @@ -{ lib -, pkgs -, config -, ... -}: { +{ + lib, + pkgs, + config, + ... +}: +{ services = { openssh = { enable = true; @@ -12,4 +14,3 @@ }; }; } - diff --git a/hosts/niflheim/paperless.nix b/hosts/niflheim/paperless.nix index 6e356b3d..bffb405d 100644 --- a/hosts/niflheim/paperless.nix +++ b/hosts/niflheim/paperless.nix @@ -1,7 +1,8 @@ -{ lib -, pkgs -, config -, ... +{ + lib, + pkgs, + config, + ... }: let port = config.services.paperless.port; @@ -16,11 +17,13 @@ in "paperless/password" = { }; "paperless/oidc_client_secret" = { }; }; - templates."paperless.env".content = builtins.readFile (pkgs.substituteAll { - src = ./paperless.env; - server_url = "https://${config.domain.auth}"; - oidc_client_secret = config.sops.placeholder."paperless/oidc_client_secret"; - }); + templates."paperless.env".content = builtins.readFile ( + pkgs.substituteAll { + src = ./paperless.env; + server_url = "https://${config.domain.auth}"; + oidc_client_secret = config.sops.placeholder."paperless/oidc_client_secret"; + } + ); }; services = { @@ -32,9 +35,7 @@ in }; postgresql = { - ensureDatabases = [ - dbName - ]; + ensureDatabases = [ dbName ]; ensureUsers = [ { name = dbUser; diff --git a/hosts/niflheim/photoprism.nix b/hosts/niflheim/photoprism.nix index ecb066b4..487c52d8 100644 --- a/hosts/niflheim/photoprism.nix +++ b/hosts/niflheim/photoprism.nix @@ -1,8 +1,10 @@ -{ lib -, pkgs -, config -, ... -}: { +{ + lib, + pkgs, + config, + ... +}: +{ sops = { secrets = { "photoprism/admin_username" = { }; diff --git a/hosts/niflheim/postgres.nix b/hosts/niflheim/postgres.nix index f83fd90e..95f657e9 100644 --- a/hosts/niflheim/postgres.nix +++ b/hosts/niflheim/postgres.nix @@ -1,7 +1,8 @@ -{ lib -, pkgs -, config -, ... +{ + lib, + pkgs, + config, + ... }: { services.postgresql = { diff --git a/hosts/niflheim/prometheus.nix b/hosts/niflheim/prometheus.nix index b21bb5f8..8dd2618a 100644 --- a/hosts/niflheim/prometheus.nix +++ b/hosts/niflheim/prometheus.nix @@ -1,7 +1,4 @@ -{ lib -, config -, ... -}: +{ lib, config, ... }: { services = { prometheus = { @@ -17,9 +14,9 @@ scrapeConfigs = [ { job_name = "node"; - static_configs = [{ - targets = [ "localhost:${toString config.services.prometheus.exporters.node.port}" ]; - }]; + static_configs = [ + { targets = [ "localhost:${toString config.services.prometheus.exporters.node.port}" ]; } + ]; } ]; }; diff --git a/hosts/niflheim/scrutiny.nix b/hosts/niflheim/scrutiny.nix index c94626b2..90b6529a 100644 --- a/hosts/niflheim/scrutiny.nix +++ b/hosts/niflheim/scrutiny.nix @@ -1,7 +1,4 @@ -{ lib -, config -, ... -}: +{ lib, config, ... }: let org = "homelab"; bucket = "scrutiny"; diff --git a/hosts/niflheim/searx.nix b/hosts/niflheim/searx.nix index 73b8fb8d..22c3a0fc 100644 --- a/hosts/niflheim/searx.nix +++ b/hosts/niflheim/searx.nix @@ -1,8 +1,10 @@ -{ lib -, pkgs -, config -, ... -}: { +{ + lib, + pkgs, + config, + ... +}: +{ sops = { secrets = { "searx/secret_key" = { }; diff --git a/hosts/niflheim/secrets.nix b/hosts/niflheim/secrets.nix index 46e31424..2a062f78 100644 --- a/hosts/niflheim/secrets.nix +++ b/hosts/niflheim/secrets.nix @@ -1,7 +1,5 @@ -{ pkgs -, config -, ... -}: { +{ pkgs, config, ... }: +{ sops = { defaultSopsFile = ./secrets.yaml; secrets = { diff --git a/hosts/niflheim/servarr.nix b/hosts/niflheim/servarr.nix index 2cfa8917..45baa8e7 100644 --- a/hosts/niflheim/servarr.nix +++ b/hosts/niflheim/servarr.nix @@ -1,7 +1,8 @@ -{ lib -, pkgs -, config -, ... +{ + lib, + pkgs, + config, + ... }: let group = config.users.groups.media.name; diff --git a/hosts/niflheim/syncthing.nix b/hosts/niflheim/syncthing.nix index c79c8a3d..bab5e09d 100644 --- a/hosts/niflheim/syncthing.nix +++ b/hosts/niflheim/syncthing.nix @@ -1,8 +1,10 @@ -{ lib -, pkgs -, config -, ... -}: { +{ + lib, + pkgs, + config, + ... +}: +{ sops = { secrets = { diff --git a/hosts/niflheim/transmission.nix b/hosts/niflheim/transmission.nix index 52a50b34..84089390 100644 --- a/hosts/niflheim/transmission.nix +++ b/hosts/niflheim/transmission.nix @@ -1,8 +1,10 @@ -{ lib -, pkgs -, config -, ... -}: { +{ + lib, + pkgs, + config, + ... +}: +{ services = { transmission = { enable = true; diff --git a/hosts/niflheim/wireguard.nix b/hosts/niflheim/wireguard.nix index 49e65fcb..3e43359c 100644 --- a/hosts/niflheim/wireguard.nix +++ b/hosts/niflheim/wireguard.nix @@ -1,7 +1,4 @@ -{ pkgs -, config -, ... -}: +{ pkgs, config, ... }: let wg = "wg0"; wgPort = 51820; @@ -49,9 +46,7 @@ in wireguardPeers = [ { Endpoint = "wg010.njalla.no:51820"; - AllowedIPs = [ - "0.0.0.0/0" - ]; + AllowedIPs = [ "0.0.0.0/0" ]; PublicKey = "UGz2woATzV0P1fqXZ+wjCRoZdFDJ/Kdr1aYuw25u7D4="; # PresharedKeyFile = config.sops.secrets."wireguard/preshared_key".path; PersistentKeepalive = 25; @@ -61,12 +56,8 @@ in }; networks = { "20-wg0" = { - dns = [ - "95.215.19.53" - ]; - address = [ - "10.13.37.228/24" - ]; + dns = [ "95.215.19.53" ]; + address = [ "10.13.37.228/24" ]; matchConfig = { Name = wg; }; diff --git a/hosts/niflheim/xray-server.nix b/hosts/niflheim/xray-server.nix index d062ff14..2025181f 100644 --- a/hosts/niflheim/xray-server.nix +++ b/hosts/niflheim/xray-server.nix @@ -1,8 +1,10 @@ -{ config -, lib -, pkgs -, ... -}: { +{ + config, + lib, + pkgs, + ... +}: +{ sops = { secrets = { "xray/wireguard_private_key" = { @@ -10,10 +12,12 @@ restartUnits = [ "xray.service" ]; }; }; - templates."xray-config.json".content = builtins.readFile (pkgs.substituteAll { - src = ./xray-config.json; - wireguard_private_key = config.sops.placeholder."xray/wireguard_private_key"; - }); + templates."xray-config.json".content = builtins.readFile ( + pkgs.substituteAll { + src = ./xray-config.json; + wireguard_private_key = config.sops.placeholder."xray/wireguard_private_key"; + } + ); }; services.xray = { @@ -24,7 +28,10 @@ networking = { firewall = { allowedUDPPorts = [ 1080 ]; - allowedTCPPorts = [ 1080 8443 ]; + allowedTCPPorts = [ + 1080 + 8443 + ]; }; }; diff --git a/modules/nixos/nginx-ext.nix b/modules/nixos/nginx-ext.nix index f2ee982b..242eecf0 100644 --- a/modules/nixos/nginx-ext.nix +++ b/modules/nixos/nginx-ext.nix @@ -1,7 +1,8 @@ -{ lib -, pkgs -, config -, ... +{ + lib, + pkgs, + config, + ... }: let cfg = config.services.nginx-ext; @@ -27,64 +28,69 @@ in }; applications = mkOption { - type = types.attrsOf (types.submodule { - options = { - port = mkOption { - type = types.port; - description = "Application listen port."; - }; + type = types.attrsOf ( + types.submodule { + options = { + port = mkOption { + type = types.port; + description = "Application listen port."; + }; - auth = mkOption { - type = types.bool; - description = "Whether to support SSO authentication."; - }; + auth = mkOption { + type = types.bool; + description = "Whether to support SSO authentication."; + }; - proxyWebsockets = mkOption { - type = types.bool; - default = false; - description = "Whether to support proxying websocket connections with HTTP/1.1."; + proxyWebsockets = mkOption { + type = types.bool; + default = false; + description = "Whether to support proxying websocket connections with HTTP/1.1."; + }; }; - }; - }); + } + ); }; }; config = { services.nginx = { - upstreams = attrsets.mapAttrs - (app: opts: { - servers = { - "localhost:${toString opts.port}" = { }; - }; - }) - cfg.applications; - - virtualHosts = { - "${cfg.authdomain}" = { - extraConfig = builtins.readFile ./nginx/auth-proxy.conf; + upstreams = attrsets.mapAttrs (app: opts: { + servers = { + "localhost:${toString opts.port}" = { }; }; - } // attrsets.mapAttrs' - (app: opts: nameValuePair ("${app}.${cfg.basedomain}") { - forceSSL = true; - useACMEHost = cfg.basedomain; - locations = { - "/" = { - proxyPass = "http://${app}"; - proxyWebsockets = opts.proxyWebsockets; - extraConfig = mkIf opts.auth (lib.strings.concatStringsSep "\n" [ - (builtins.readFile ./nginx/auth-proxy.conf) - (builtins.readFile ./nginx/auth-request.conf) - ]); - }; + }) cfg.applications; - # Corresponds to https://www.authelia.com/integration/proxies/nginx/#authelia-locationconf - "/internal/authelia/authz" = mkIf opts.auth { - proxyPass = "http://authelia/api/authz/auth-request"; - extraConfig = builtins.readFile ./nginx/auth-location.conf; - }; + virtualHosts = + { + "${cfg.authdomain}" = { + extraConfig = builtins.readFile ./nginx/auth-proxy.conf; }; - }) - cfg.applications; + } + // attrsets.mapAttrs' ( + app: opts: + nameValuePair ("${app}.${cfg.basedomain}") { + forceSSL = true; + useACMEHost = cfg.basedomain; + locations = { + "/" = { + proxyPass = "http://${app}"; + proxyWebsockets = opts.proxyWebsockets; + extraConfig = mkIf opts.auth ( + lib.strings.concatStringsSep "\n" [ + (builtins.readFile ./nginx/auth-proxy.conf) + (builtins.readFile ./nginx/auth-request.conf) + ] + ); + }; + + # Corresponds to https://www.authelia.com/integration/proxies/nginx/#authelia-locationconf + "/internal/authelia/authz" = mkIf opts.auth { + proxyPass = "http://authelia/api/authz/auth-request"; + extraConfig = builtins.readFile ./nginx/auth-location.conf; + }; + }; + } + ) cfg.applications; }; }; } diff --git a/modules/nixos/services/misc/servarr/app.nix b/modules/nixos/services/misc/servarr/app.nix index 1d631fb5..40546c1c 100644 --- a/modules/nixos/services/misc/servarr/app.nix +++ b/modules/nixos/services/misc/servarr/app.nix @@ -1,9 +1,10 @@ app: -{ lib -, pkgs -, config -, ... +{ + lib, + pkgs, + config, + ... }: with lib; @@ -31,8 +32,7 @@ let abort "App ${app} is not supported"; defaultDataDir = - if app == "sonarr" - then + if app == "sonarr" then "${app}/.config/NzbDrone" else if app == "radarr" then "${app}/.config/Radarr" @@ -45,17 +45,17 @@ let else abort "App ${app} is not supported"; - capitalize = str: - lib.strings.toUpper (lib.strings.substring 0 1 str) + - lib.strings.substring 1 (lib.strings.stringLength str) str; + capitalize = + str: + lib.strings.toUpper (lib.strings.substring 0 1 str) + + lib.strings.substring 1 (lib.strings.stringLength str) str; boolToSharpString = b: capitalize (boolToString b); # List of databses used by an application - databases = [ - cfg.postgres.mainDatabase - ] - ++ lib.lists.optional cfg.log.databaseEnabled cfg.postgres.logDatabase - ++ lib.lists.optional (cfg.postgres ? "cacheDatabase") cfg.postgres.cacheDatabase; + databases = + [ cfg.postgres.mainDatabase ] + ++ lib.lists.optional cfg.log.databaseEnabled cfg.postgres.logDatabase + ++ lib.lists.optional (cfg.postgres ? "cacheDatabase") cfg.postgres.cacheDatabase; # Command to alter databse ownership alterDbCmd = db: '' $PSQL -tAc 'ALTER DATABASE "${db}" OWNER TO "${cfg.user}";' @@ -106,143 +106,157 @@ in }; app = mkOption { - type = types.nullOr (types.submodule { - instance = mkOption { - type = types.str; - default = appName; - description = "Instance name"; - }; - }); + type = types.nullOr ( + types.submodule { + instance = mkOption { + type = types.str; + default = appName; + description = "Instance name"; + }; + } + ); default = null; description = "App options"; }; auth = mkOption { - type = types.nullOr (types.submodule { - options = { - method = mkOption { - type = types.nullOr (types.enum [ - "None" - "Basic" - "Forms" - "External" - ]); - default = "None"; - example = "External"; - description = "Authentication method for access to the Web UI"; + type = types.nullOr ( + types.submodule { + options = { + method = mkOption { + type = types.nullOr ( + types.enum [ + "None" + "Basic" + "Forms" + "External" + ] + ); + default = "None"; + example = "External"; + description = "Authentication method for access to the Web UI"; + }; + + type = mkOption { + type = types.nullOr ( + types.enum [ + "Enabled" + "DisabledForLocalAddresses" + ] + ); + default = "Enabled"; + example = "DisabledForLocalAddresses"; + description = "Which addresses authentication is applied to"; + }; }; - - type = mkOption { - type = types.nullOr (types.enum [ - "Enabled" - "DisabledForLocalAddresses" - ]); - default = "Enabled"; - example = "DisabledForLocalAddresses"; - description = "Which addresses authentication is applied to"; - }; - }; - }); + } + ); default = null; description = "Authentication options"; }; log = mkOption { - type = types.nullOr (types.submodule { - options = { - level = mkOption { - type = types.enum [ - "info" - "debug" - "trace" - ]; - default = "info"; - example = "debug"; - description = "Log level"; - }; + type = types.nullOr ( + types.submodule { + options = { + level = mkOption { + type = types.enum [ + "info" + "debug" + "trace" + ]; + default = "info"; + example = "debug"; + description = "Log level"; + }; + + consoleLevel = mkOption { + type = types.nullOr types.enum [ + "info" + "debug" + "trace" + ]; + default = null; + example = "info"; + description = "Console log level"; + }; + + databaseEnabled = mkOption { + type = types.bool; + default = true; + description = "Enable database log storage."; + }; + + analyticsEnabled = mkOption { + type = types.bool; + default = false; + description = "Enable sending of anonymous usage and error information"; + }; - consoleLevel = mkOption { - type = types.nullOr types.enum [ - "info" - "debug" - "trace" - ]; - default = null; - example = "info"; - description = "Console log level"; }; - - databaseEnabled = mkOption { - type = types.bool; - default = true; - description = "Enable database log storage."; - }; - - analyticsEnabled = mkOption { - type = types.bool; - default = false; - description = "Enable sending of anonymous usage and error information"; - }; - - }; - }); + } + ); default = null; description = "Logging options"; }; postgres = mkOption { - type = types.nullOr (types.submodule { - options = { - host = mkOption { - type = types.str; - }; - - port = mkOption { - type = types.port; - default = config.services.postgresql.settings.port; - }; - - logDatabase = mkOption { - type = types.str; - default = "${app}-log"; - description = "Log databse name used to store logs"; - }; - - mainDatabase = mkOption { - type = types.str; - default = "${app}-main"; - description = "Main databse name used to store configuration and history"; - }; - } // lib.optionalAttrs (app == "readarr") { - cacheDatabase = mkOption { - type = types.str; - default = "${app}-cache"; - description = "Cache databse name used to store GoodReads cache"; - }; - }; - }); + type = types.nullOr ( + types.submodule { + options = + { + host = mkOption { type = types.str; }; + + port = mkOption { + type = types.port; + default = config.services.postgresql.settings.port; + }; + + logDatabase = mkOption { + type = types.str; + default = "${app}-log"; + description = "Log databse name used to store logs"; + }; + + mainDatabase = mkOption { + type = types.str; + default = "${app}-main"; + description = "Main databse name used to store configuration and history"; + }; + } + // lib.optionalAttrs (app == "readarr") { + cacheDatabase = mkOption { + type = types.str; + default = "${app}-cache"; + description = "Cache databse name used to store GoodReads cache"; + }; + }; + } + ); default = null; description = "PostgreSQL connection options"; }; server = mkOption { - type = types.nullOr (types.submodule { - options = { - host = mkOption { - type = types.str; - default = "0.0.0.0"; - example = "127.0.0.1"; - description = "The host ${appName} binds to."; + type = types.nullOr ( + types.submodule { + options = { + host = mkOption { + type = types.str; + default = "0.0.0.0"; + example = "127.0.0.1"; + description = "The host ${appName} binds to."; + }; + + port = mkOption { + type = types.port; + default = defaultPort; + example = 9999; + description = "The TCP port ${appName} will listen on."; + }; }; - - port = mkOption { - type = types.port; - default = defaultPort; - example = 9999; - description = "The TCP port ${appName} will listen on."; - }; - }; - }); + } + ); default = null; description = "Server options"; }; @@ -267,9 +281,7 @@ in systemd.services."${app}" = { description = appName; after = [ "network.target" ]; - requires = mkIf (cfg.postgres != null) [ - "postgresql.service" - ]; + requires = mkIf (cfg.postgres != null) [ "postgresql.service" ]; wantedBy = [ "multi-user.target" ]; environment = { @@ -281,8 +293,12 @@ in "${envVarPrefix}__LOG__LEVEL" = mkIf (cfg.log != null) cfg.log.level; "${envVarPrefix}__LOG__CONSOLELEVEL" = mkIf (cfg.log != null) cfg.log.level; - "${envVarPrefix}__LOG__DBENABLED" = mkIf (cfg.log != null) (boolToSharpString cfg.log.analyticsEnabled); - "${envVarPrefix}__LOG__ANALYTICSENABLED" = mkIf (cfg.log != null) (boolToSharpString cfg.log.analyticsEnabled); + "${envVarPrefix}__LOG__DBENABLED" = mkIf (cfg.log != null) ( + boolToSharpString cfg.log.analyticsEnabled + ); + "${envVarPrefix}__LOG__ANALYTICSENABLED" = mkIf (cfg.log != null) ( + boolToSharpString cfg.log.analyticsEnabled + ); "${envVarPrefix}__SERVER__PORT" = mkIf (cfg.server != null) (toString cfg.server.port); "${envVarPrefix}__SERVER__BINDADDRESS" = mkIf (cfg.server != null) cfg.server.host; @@ -304,9 +320,7 @@ in }; }; - networking.firewall = mkIf cfg.openFirewall { - allowedTCPPorts = [ cfg.port ]; - }; + networking.firewall = mkIf cfg.openFirewall { allowedTCPPorts = [ cfg.port ]; }; users.users = mkIf (cfg.user == userName) { "${userName}" = { @@ -326,11 +340,7 @@ in }; services.postgresql = mkIf (cfg.postgres != null) { - ensureUsers = [ - { - name = cfg.user; - } - ]; + ensureUsers = [ { name = cfg.user; } ]; ensureDatabases = databases; }; diff --git a/modules/nixos/services/misc/servarr/default.nix b/modules/nixos/services/misc/servarr/default.nix index 6c6e7981..718251ca 100644 --- a/modules/nixos/services/misc/servarr/default.nix +++ b/modules/nixos/services/misc/servarr/default.nix @@ -1,4 +1,9 @@ -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: { imports = [ diff --git a/overlays/default.nix b/overlays/default.nix index 849043a7..b1e360b6 100644 --- a/overlays/default.nix +++ b/overlays/default.nix @@ -1,4 +1,5 @@ -{ inputs, ... }: { +{ inputs, ... }: +{ # This one brings our custom packages from the 'packages' directory additions = final: prev: import ../packages { inherit final prev; }; @@ -6,18 +7,10 @@ # This one contains whatever you want to overlay # You can change versions, add patches, set compilation flags, anything really. modifications = final: prev: { - nerdfonts = prev.nerdfonts.override { - fonts = [ - "JetBrainsMono" - ]; - }; + nerdfonts = prev.nerdfonts.override { fonts = [ "JetBrainsMono" ]; }; }; # When applied, the unstable nixpkgs set (declared in the flake inputs) will # be accessible through 'pkgs.unstable' - unstable-packages = final: _prev: { - unstable = import inputs.nixpkgs { - system = final.system; - }; - }; + unstable-packages = final: _prev: { unstable = import inputs.nixpkgs { system = final.system; }; }; } diff --git a/packages/android-fhs-env/default.nix b/packages/android-fhs-env/default.nix index 58776905..d3457a7a 100644 --- a/packages/android-fhs-env/default.nix +++ b/packages/android-fhs-env/default.nix @@ -1,9 +1,9 @@ -{ stdenv -, buildFHSEnv -, runtimeShell -, writeScript -, extraPkgs ? pkgs: [ ] -, +{ + stdenv, + buildFHSEnv, + runtimeShell, + writeScript, + extraPkgs ? pkgs: [ ], }: buildFHSEnv { name = "android-fhs-env"; @@ -14,7 +14,8 @@ buildFHSEnv { export JAVA_HOME="/usr/lib64/openjdk/" ''; - targetPkgs = pkgs: + targetPkgs = + pkgs: with pkgs; [ zsh @@ -37,8 +38,5 @@ buildFHSEnv { ] ++ extraPkgs pkgs; - multiPkgs = pkgs: - with pkgs; [ - zlib - ]; + multiPkgs = pkgs: with pkgs; [ zlib ]; } diff --git a/packages/autobean/default.nix b/packages/autobean/default.nix index bc3d12e8..d0726cc5 100644 --- a/packages/autobean/default.nix +++ b/packages/autobean/default.nix @@ -1,12 +1,13 @@ -{ lib -, beancount3 -, beancount-plugin-utils -, fetchFromGitHub -, buildPythonPackage -, pdm-pep517 -, pyyaml -, python-dateutil -, requests +{ + lib, + beancount3, + beancount-plugin-utils, + fetchFromGitHub, + buildPythonPackage, + pdm-pep517, + pyyaml, + python-dateutil, + requests, }: buildPythonPackage rec { @@ -21,9 +22,7 @@ buildPythonPackage rec { sha256 = "sha256-Qc8erF9yF8HnxhKQmyTAbJ196C93NgiaDBr+7kBjLDs="; }; - build-system = [ - pdm-pep517 - ]; + build-system = [ pdm-pep517 ]; dependencies = [ beancount3 diff --git a/packages/beancount-plugin-utils/default.nix b/packages/beancount-plugin-utils/default.nix index 4b8913bb..b040cbe7 100644 --- a/packages/beancount-plugin-utils/default.nix +++ b/packages/beancount-plugin-utils/default.nix @@ -1,11 +1,12 @@ -{ lib -, beancount3 -, buildPythonPackage -, fetchFromGitHub -, pytest-bdd -, pytestCheckHook -, regex -, setuptools +{ + lib, + beancount3, + buildPythonPackage, + fetchFromGitHub, + pytest-bdd, + pytestCheckHook, + regex, + setuptools, }: buildPythonPackage rec { @@ -20,13 +21,9 @@ buildPythonPackage rec { hash = "sha256-oyfL2K/sS4zZ7cq1P36h0dTcW1m5GUyQ9+IyZGfpb2E="; }; - build-system = [ - setuptools - ]; + build-system = [ setuptools ]; - dependencies = [ - beancount3 - ]; + dependencies = [ beancount3 ]; nativeCheckInputs = [ pytest-bdd @@ -34,13 +31,9 @@ buildPythonPackage rec { regex ]; - pytestFlagsArray = [ - "--fixtures tests/" - ]; + pytestFlagsArray = [ "--fixtures tests/" ]; - pythonImportsCheck = [ - "beancount" - ]; + pythonImportsCheck = [ "beancount" ]; meta = with lib; { homepage = "https://github.com/Akuukis/beancount_plugin_utils"; diff --git a/packages/beancount/default.nix b/packages/beancount/default.nix index 478d90ce..b0e9c97c 100644 --- a/packages/beancount/default.nix +++ b/packages/beancount/default.nix @@ -1,20 +1,20 @@ -{ lib -, buildPythonPackage -, fetchPypi -, isPy3k -, beautifulsoup4 -, bottle -, chardet -, python-dateutil -, google-api-python-client -, google-auth-oauthlib -, lxml -, oauth2client -, ply -, pytest -, python-magic -, requests -, +{ + lib, + buildPythonPackage, + fetchPypi, + isPy3k, + beautifulsoup4, + bottle, + chardet, + python-dateutil, + google-api-python-client, + google-auth-oauthlib, + lxml, + oauth2client, + ply, + pytest, + python-magic, + requests, }: buildPythonPackage rec { diff --git a/packages/beanquery/default.nix b/packages/beanquery/default.nix index cda730f6..d0bd8738 100644 --- a/packages/beanquery/default.nix +++ b/packages/beanquery/default.nix @@ -1,12 +1,13 @@ -{ lib -, beancount3 -, click -, buildPythonPackage -, fetchFromGitHub -, python-dateutil -, pytestCheckHook -, setuptools -, tatsu +{ + lib, + beancount3, + click, + buildPythonPackage, + fetchFromGitHub, + python-dateutil, + pytestCheckHook, + setuptools, + tatsu, }: buildPythonPackage rec { pname = "beanquery"; @@ -20,9 +21,7 @@ buildPythonPackage rec { hash = "sha256-xFhlkFlD+VG0n6WfKLjuhm7Cwz3t2V6GxmMXc5TgIPc="; }; - build-system = [ - setuptools - ]; + build-system = [ setuptools ]; dependencies = [ beancount3 @@ -31,13 +30,9 @@ buildPythonPackage rec { tatsu ]; - pythonRelaxDeps = [ - "tatsu" - ]; + pythonRelaxDeps = [ "tatsu" ]; - nativeCheckInputs = [ - pytestCheckHook - ]; + nativeCheckInputs = [ pytestCheckHook ]; pythonImportsCheck = [ "beancount" diff --git a/packages/default.nix b/packages/default.nix index c640ab8a..49036578 100644 --- a/packages/default.nix +++ b/packages/default.nix @@ -1,12 +1,8 @@ -{ final -, prev -, -}: { +{ final, prev }: +{ android-fhs-env = final.callPackage ./android-fhs-env { }; - androidStudioPackages = - final.recurseIntoAttrs - (final.callPackage ./android-studio { }); + androidStudioPackages = final.recurseIntoAttrs (final.callPackage ./android-studio { }); customHunspellDicts = prev.recurseIntoAttrs (prev.callPackages ./hunspell/dictionaries.nix { }); @@ -30,25 +26,21 @@ # See nixos/modules/services/x11/extra-layouts.nix # xkeyboard-config with customized Serbo-Croatian variant of US layout xkbconfig_custom = final.xorg.xkeyboardconfig.overrideAttrs (oldAttrs: rec { - patches = [ - ./xkb/custom-us-hbs.patch - ]; + patches = [ ./xkb/custom-us-hbs.patch ]; }); firefox-addons = final.recurseIntoAttrs (final.callPackage ./firefox-addons { }); beanprice = prev.python3.pkgs.callPackage ./beanprice { }; - pythonPackagesExtensions = - prev.pythonPackagesExtensions - ++ [ - (python-final: python-prev: { - - autobean = python-final.callPackage ./autobean { }; - beancount3 = python-final.callPackage ./beancount { }; - # Install standalone beanprice - beanquery = python-final.callPackage ./beanquery { }; - beancount-plugin-utils = python-final.callPackage ./beancount-plugin-utils { }; - }) - ]; + pythonPackagesExtensions = prev.pythonPackagesExtensions ++ [ + (python-final: python-prev: { + + autobean = python-final.callPackage ./autobean { }; + beancount3 = python-final.callPackage ./beancount { }; + # Install standalone beanprice + beanquery = python-final.callPackage ./beanquery { }; + beancount-plugin-utils = python-final.callPackage ./beancount-plugin-utils { }; + }) + ]; } diff --git a/packages/firefox-addons/default.nix b/packages/firefox-addons/default.nix index 0d683b2b..446a83c1 100644 --- a/packages/firefox-addons/default.nix +++ b/packages/firefox-addons/default.nix @@ -1,19 +1,20 @@ -{ fetchurl -, lib -, stdenv -, -} @ args: +{ + fetchurl, + lib, + stdenv, +}@args: let buildFirefoxXpiAddon = lib.makeOverridable ( - { stdenv ? args.stdenv - , fetchurl ? args.fetchurl - , pname - , version - , addonId - , url - , sha256 - , meta - , ... + { + stdenv ? args.stdenv, + fetchurl ? args.fetchurl, + pname, + version, + addonId, + url, + sha256, + meta, + ... }: stdenv.mkDerivation { name = "${pname}-${version}"; diff --git a/packages/hunspell/dictionaries.nix b/packages/hunspell/dictionaries.nix index 8cbd8b9b..89dbc2b1 100644 --- a/packages/hunspell/dictionaries.nix +++ b/packages/hunspell/dictionaries.nix @@ -1,46 +1,56 @@ -{ lib -, stdenv -, fetchurl -, fetchzip -, fetchFromGitHub -, bash -, unzip -, coreutils -, which -, zip -, ispell -, perl -, python3 -, hunspell +{ + lib, + stdenv, + fetchurl, + fetchzip, + fetchFromGitHub, + bash, + unzip, + coreutils, + which, + zip, + ispell, + perl, + python3, + hunspell, }: let mkDict = - { pname, readmeFile, dictFileName, ... }@args: - stdenv.mkDerivation ({ - inherit pname; - installPhase = '' - runHook preInstall - # hunspell dicts - install -dm755 "$out/share/hunspell" - install -m644 ${dictFileName}.dic "$out/share/hunspell/" - install -m644 ${dictFileName}.aff "$out/share/hunspell/" - # myspell dicts symlinks - install -dm755 "$out/share/myspell/dicts" - ln -sv "$out/share/hunspell/${dictFileName}.dic" "$out/share/myspell/dicts/" - ln -sv "$out/share/hunspell/${dictFileName}.aff" "$out/share/myspell/dicts/" - # docs - install -dm755 "$out/share/doc" - install -m644 ${readmeFile} $out/share/doc/${pname}.txt - runHook postInstall - ''; - } // args); + { + pname, + readmeFile, + dictFileName, + ... + }@args: + stdenv.mkDerivation ( + { + inherit pname; + installPhase = '' + runHook preInstall + # hunspell dicts + install -dm755 "$out/share/hunspell" + install -m644 ${dictFileName}.dic "$out/share/hunspell/" + install -m644 ${dictFileName}.aff "$out/share/hunspell/" + # myspell dicts symlinks + install -dm755 "$out/share/myspell/dicts" + ln -sv "$out/share/hunspell/${dictFileName}.dic" "$out/share/myspell/dicts/" + ln -sv "$out/share/hunspell/${dictFileName}.aff" "$out/share/myspell/dicts/" + # docs + install -dm755 "$out/share/doc" + install -m644 ${readmeFile} $out/share/doc/${pname}.txt + runHook postInstall + ''; + } + // args + ); mkDictFromLibreOffice = - { shortName - , shortDescription - , dictFileName - , license - , readmeFile ? "README_${dictFileName}.txt" - , sourceRoot ? dictFileName + { + shortName, + shortDescription, + dictFileName, + license, + readmeFile ? "README_${dictFileName}.txt", + sourceRoot ? dictFileName, }: mkDict rec { pname = "hunspell-dict-${shortName}-libreoffice"; @@ -70,7 +80,10 @@ rec { dictFileName = "sr"; shortDescription = "Serbian"; readmeFile = "README.txt"; - license = with lib.licenses; [ gpl2 lgpl21 mpl11 ]; + license = with lib.licenses; [ + gpl2 + lgpl21 + mpl11 + ]; }; } - diff --git a/users/alapshin/default.nix b/users/alapshin/default.nix index c613b745..843dda5d 100644 --- a/users/alapshin/default.nix +++ b/users/alapshin/default.nix @@ -1,8 +1,9 @@ -{ config -, lib -, pkgs -, ... -} @ args: +{ + config, + lib, + pkgs, + ... +}@args: let username = builtins.baseNameOf ./.; @@ -63,26 +64,31 @@ let ]; pythonPackages = with pkgs; [ - ( - python3.withPackages (ps: - with ps; [ - autobean - beancount3 - beanquery - ipython - notebook - matplotlib - numpy - pandas - scikit-learn - seaborn - ]) - ) + (python3.withPackages ( + ps: with ps; [ + autobean + beancount3 + beanquery + ipython + notebook + matplotlib + numpy + pandas + scikit-learn + seaborn + ] + )) ]; in { imports = [ - (import ./home (args // { inherit username; isNixOS = true; })) + (import ./home ( + args + // { + inherit username; + isNixOS = true; + } + )) ]; programs = { @@ -115,7 +121,8 @@ in "wheel" ]; - packages = with pkgs; + packages = + with pkgs; [ anki calibre diff --git a/users/alapshin/home/default.nix b/users/alapshin/home/default.nix index 6aa50880..9561057c 100644 --- a/users/alapshin/home/default.nix +++ b/users/alapshin/home/default.nix @@ -1,3 +1,4 @@ -{ username, ... } @ args: { +{ username, ... }@args: +{ home-manager.users."${username}" = import ./home.nix args; } diff --git a/users/alapshin/home/development.nix b/users/alapshin/home/development.nix index 43a47ce6..530c7dbe 100644 --- a/users/alapshin/home/development.nix +++ b/users/alapshin/home/development.nix @@ -1,6 +1,5 @@ -{ pkgs -, ... -}: { +{ pkgs, ... }: +{ home.packages = with pkgs; [ # hurl httpie diff --git a/users/alapshin/home/firefox.nix b/users/alapshin/home/firefox.nix index 4643fb62..a83ee5da 100644 --- a/users/alapshin/home/firefox.nix +++ b/users/alapshin/home/firefox.nix @@ -1,16 +1,15 @@ -{ pkgs -, osConfig -, dotfileDir -, ... +{ + pkgs, + osConfig, + dotfileDir, + ... }: { programs.firefox = { enable = true; package = pkgs.firefox.override { cfg = { - nativeMessagingHosts.packages = [ - pkgs.kdePackages.plasma-browser-integration - ]; + nativeMessagingHosts.packages = [ pkgs.kdePackages.plasma-browser-integration ]; }; }; @@ -63,9 +62,8 @@ default = { id = 0; extensions = - (with pkgs.firefox-addons; [ - linguist-translator - ]) ++ (with pkgs.nur.repos.rycee.firefox-addons; [ + (with pkgs.firefox-addons; [ linguist-translator ]) + ++ (with pkgs.nur.repos.rycee.firefox-addons; [ floccus omnivore metamask diff --git a/users/alapshin/home/git.nix b/users/alapshin/home/git.nix index c076e09a..7f4bb1ab 100644 --- a/users/alapshin/home/git.nix +++ b/users/alapshin/home/git.nix @@ -1,8 +1,10 @@ -{ pkgs -, config -, dotfileDir -, ... -}: { +{ + pkgs, + config, + dotfileDir, + ... +}: +{ home = { packages = with pkgs; [ git-extras @@ -39,9 +41,7 @@ side-by-side = true; }; }; - includes = [ - { path = /. + dotfileDir + "/git/config"; } - ]; + includes = [ { path = /. + dotfileDir + "/git/config"; } ]; }; lazygit = { @@ -51,8 +51,14 @@ border = "rounded"; expandFocusedSidePanel = true; theme = { - selectedLineBgColor = [ "default" "bold" ]; - selectedRangeBgColor = [ "reverse" "bold" ]; + selectedLineBgColor = [ + "default" + "bold" + ]; + selectedRangeBgColor = [ + "reverse" + "bold" + ]; }; }; git = { diff --git a/users/alapshin/home/gnupg.nix b/users/alapshin/home/gnupg.nix index 972d0f98..10d4f1db 100644 --- a/users/alapshin/home/gnupg.nix +++ b/users/alapshin/home/gnupg.nix @@ -1,7 +1,5 @@ -{ pkgs -, config -, ... -}: { +{ pkgs, config, ... }: +{ programs.gpg = { enable = true; homedir = "${config.xdg.dataHome}/gnupg"; diff --git a/users/alapshin/home/home.nix b/users/alapshin/home/home.nix index e3bd8b40..ce5aa1fb 100644 --- a/users/alapshin/home/home.nix +++ b/users/alapshin/home/home.nix @@ -1,9 +1,10 @@ -{ pkgs -, lib -, isNixOS -, username -, dotfileDir -, ... +{ + pkgs, + lib, + isNixOS, + username, + dotfileDir, + ... }: { home.stateVersion = "23.11"; @@ -11,23 +12,25 @@ home.username = username; home.homeDirectory = "/home/${username}"; - imports = [ - ./development.nix - ./git.nix - ./gnupg.nix - ./ssh.nix - ./shell.nix - # ./plasma.nix - ./neovim.nix - ./texlive.nix + imports = + [ + ./development.nix + ./git.nix + ./gnupg.nix + ./ssh.nix + ./shell.nix + # ./plasma.nix + ./neovim.nix + ./texlive.nix - ./theming.nix - ./packages.nix - ./variables.nix - ] ++ (lib.lists.optionals isNixOS [ - ./firefox.nix - ./thunderbird.nix - ]); + ./theming.nix + ./packages.nix + ./variables.nix + ] + ++ (lib.lists.optionals isNixOS [ + ./firefox.nix + ./thunderbird.nix + ]); programs.home-manager.enable = true; diff --git a/users/alapshin/home/neovim.nix b/users/alapshin/home/neovim.nix index 93c5591a..275049fb 100644 --- a/users/alapshin/home/neovim.nix +++ b/users/alapshin/home/neovim.nix @@ -1,7 +1,4 @@ -{ config -, pkgs -, ... -}: +{ config, pkgs, ... }: { programs.neovim = { enable = true; diff --git a/users/alapshin/home/packages.nix b/users/alapshin/home/packages.nix index 22fca8dc..dca2408b 100644 --- a/users/alapshin/home/packages.nix +++ b/users/alapshin/home/packages.nix @@ -1,6 +1,5 @@ -{ pkgs -, ... -}: { +{ pkgs, ... }: +{ home.packages = with pkgs; [ # CLI age diff --git a/users/alapshin/home/plasma.nix b/users/alapshin/home/plasma.nix index 5043ba44..d48461f9 100644 --- a/users/alapshin/home/plasma.nix +++ b/users/alapshin/home/plasma.nix @@ -1,7 +1,5 @@ -{ config -, pkgs -, ... -}: { +{ config, pkgs, ... }: +{ programs.plasma = { enable = true; workspace.clickItemTo = "select"; diff --git a/users/alapshin/home/services.nix b/users/alapshin/home/services.nix index 7d8288f2..bf459153 100644 --- a/users/alapshin/home/services.nix +++ b/users/alapshin/home/services.nix @@ -1,8 +1,10 @@ -{ pkgs -, osConfig -, dotfileDir -, ... -}: { +{ + pkgs, + osConfig, + dotfileDir, + ... +}: +{ services = { nextcloud-client = { enable = true; diff --git a/users/alapshin/home/shell.nix b/users/alapshin/home/shell.nix index 079c0b99..dea254e3 100644 --- a/users/alapshin/home/shell.nix +++ b/users/alapshin/home/shell.nix @@ -1,7 +1,5 @@ -{ pkgs -, dotfileDir -, ... -}: { +{ pkgs, dotfileDir, ... }: +{ home.packages = with pkgs; [ dog duf @@ -79,12 +77,18 @@ starship = { enable = true; enableZshIntegration = true; - settings = { - format = "$all"; - } // builtins.fromTOML (builtins.readFile (pkgs.fetchurl { - url = "https://raw.githubusercontent.com/starship/starship/v1.19.0/docs/public/presets/toml/plain-text-symbols.toml"; - hash = "sha256-SRos2o/ZaBK3QOCumqopiFLKnK3mf5wehTkKWpO7OqQ="; - })); + settings = + { + format = "$all"; + } + // builtins.fromTOML ( + builtins.readFile ( + pkgs.fetchurl { + url = "https://raw.githubusercontent.com/starship/starship/v1.19.0/docs/public/presets/toml/plain-text-symbols.toml"; + hash = "sha256-SRos2o/ZaBK3QOCumqopiFLKnK3mf5wehTkKWpO7OqQ="; + } + ) + ); }; tealdeer = { diff --git a/users/alapshin/home/ssh.nix b/users/alapshin/home/ssh.nix index e2553f56..38b20ed0 100644 --- a/users/alapshin/home/ssh.nix +++ b/users/alapshin/home/ssh.nix @@ -1,8 +1,10 @@ -{ pkgs -, config -, dotfileDir -, ... -}: { +{ + pkgs, + config, + dotfileDir, + ... +}: +{ services = { ssh-agent = { enable = true; diff --git a/users/alapshin/home/texlive.nix b/users/alapshin/home/texlive.nix index 3d3f8027..4e10a1c8 100644 --- a/users/alapshin/home/texlive.nix +++ b/users/alapshin/home/texlive.nix @@ -1,11 +1,11 @@ -{ lib -, pkgs -, config -, ... -}: { - home.packages = with pkgs; [ - typst - ]; +{ + lib, + pkgs, + config, + ... +}: +{ + home.packages = with pkgs; [ typst ]; programs.texlive = { enable = true; packageSet = pkgs.texlive; diff --git a/users/alapshin/home/theming.nix b/users/alapshin/home/theming.nix index 814cb424..f0f0ea0b 100644 --- a/users/alapshin/home/theming.nix +++ b/users/alapshin/home/theming.nix @@ -1,11 +1,11 @@ -{ pkgs -, config -, ... -}: +{ pkgs, config, ... }: let accent = "sky"; flavor = "latte"; - catppuccin = pkgs.catppuccin.override { inherit accent; variant = flavor; }; + catppuccin = pkgs.catppuccin.override { + inherit accent; + variant = flavor; + }; in { programs = { diff --git a/users/alapshin/home/thunderbird.nix b/users/alapshin/home/thunderbird.nix index 0ba72a29..7eb94701 100644 --- a/users/alapshin/home/thunderbird.nix +++ b/users/alapshin/home/thunderbird.nix @@ -1,13 +1,12 @@ -{ pkgs -, lib -, config -, ... +{ + pkgs, + lib, + config, + ... }: let cfg = config.programs.thunderbird; - accounts = builtins.fromJSON ( - builtins.readFile ./../secrets/build/accounts.json - ); + accounts = builtins.fromJSON (builtins.readFile ./../secrets/build/accounts.json); in { accounts.email.accounts = lib.mkIf cfg.enable { diff --git a/users/alapshin/home/variables.nix b/users/alapshin/home/variables.nix index 5e10a6f6..489f8aa6 100644 --- a/users/alapshin/home/variables.nix +++ b/users/alapshin/home/variables.nix @@ -1,4 +1,5 @@ -{ config, ... }: { +{ config, ... }: +{ # Enforce XDG directories usage for some apps home.sessionVariables = { ANDROID_SDK_ROOT = "$HOME/opt/android-sdk"; diff --git a/util-lib/default.nix b/util-lib/default.nix index fba3a0f0..2d331e79 100644 --- a/util-lib/default.nix +++ b/util-lib/default.nix @@ -1,6 +1,7 @@ { lib }: rec { - capitalize = str: - lib.strings.toUpper (lib.strings.substring 0 1 str) + - lib.strings.substring 1 (lib.strings.stringLength str) str; + capitalize = + str: + lib.strings.toUpper (lib.strings.substring 0 1 str) + + lib.strings.substring 1 (lib.strings.stringLength str) str; }