From 4f0d45e4d54f2a9cca794e68eb76d5d8e7fe7003 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sun, 10 Apr 2022 11:54:58 +0200 Subject: [PATCH] format all code with alejandra --- base/default.nix | 3 +- base/gui-programs.nix | 38 +-- base/networking.nix | 11 +- base/nix.nix | 7 +- base/programs.nix | 21 +- base/users.nix | 11 +- boreal.nix | 3 +- flake.nix | 171 +++++++------ home/alacritty.nix | 20 +- home/bat.nix | 17 +- home/default.nix | 3 +- home/emacs.nix | 27 +- home/env.nix | 3 +- home/firefox.nix | 18 +- home/fish/default.nix | 19 +- home/flameshot.nix | 15 +- home/git.nix | 34 +-- home/laptop.nix | 15 +- home/lorri.nix | 25 +- home/mail.nix | 18 +- home/rbw.nix | 18 +- home/rofi.nix | 18 +- home/ssh.nix | 21 +- home/themes/alacritty.nix | 120 ++++----- home/themes/bat.nix | 22 +- home/themes/color.nix | 24 +- home/themes/default.nix | 27 +- home/themes/i3.nix | 287 +++++++++++----------- home/themes/i3bar.nix | 40 +-- home/themes/solarizedLight/alacritty.nix | 8 +- home/themes/solarizedLight/colors.nix | 30 +-- home/themes/solarizedLight/i3.nix | 8 +- home/themes/solarizedLight/i3bar.nix | 8 +- home/tmux.nix | 22 +- home/tridactyl.nix | 17 +- home/x/cursor.nix | 18 +- home/x/default.nix | 16 +- home/x/i3.nix | 101 ++++---- home/x/i3bar.nix | 171 +++++++------ hosts/boreal/default.nix | 23 +- hosts/boreal/hardware-configuration.nix | 42 ++-- hosts/boreal/home.nix | 19 +- hosts/boreal/secrets.nix | 30 ++- hosts/poseidon/default.nix | 28 ++- hosts/poseidon/hardware-configuration.nix | 65 ++--- hosts/poseidon/home.nix | 4 +- hosts/poseidon/secrets.nix | 60 ++--- hosts/zephyrus/default.nix | 25 +- hosts/zephyrus/hardware-configuration.nix | 73 +++--- hosts/zephyrus/home.nix | 28 ++- hosts/zephyrus/secrets.nix | 30 ++- modules/default.nix | 3 +- modules/sddm.nix | 26 +- modules/secrets/default.nix | 15 +- modules/secrets/secrets.nix | 35 ++- modules/wakeonwlan.nix | 29 ++- overlays/i3status-rust/default.nix | 10 +- pkgs/default.nix | 3 +- pkgs/grafana-dashboards/default.nix | 3 +- pkgs/grafana-dashboards/nginx.nix | 53 ++-- pkgs/grafana-dashboards/node-exporter.nix | 53 ++-- pkgs/kaleidoscope-udev-rules/default.nix | 53 ++-- pkgs/sddm-sugar-candy/default.nix | 7 +- pkgs/spot/default.nix | 32 +-- poseidon.nix | 4 +- services/default.nix | 4 +- services/fail2ban.nix | 14 +- services/fava.nix | 25 +- services/gitea/default.nix | 24 +- services/jellyfin.nix | 14 +- services/lohr.nix | 34 +-- services/matrix.nix | 138 +++++++---- services/media.nix | 22 +- services/miniflux.nix | 20 +- services/monitoring.nix | 28 ++- services/navidrome.nix | 22 +- services/nextcloud.nix | 54 ++-- services/nginx.nix | 55 +++-- services/nuage.nix | 16 +- services/paperless.nix | 25 +- services/pipewire.nix | 20 +- services/postgresql-backup.nix | 19 +- services/postgresql.nix | 5 +- services/restic-backup.nix | 30 ++- services/tailscale.nix | 21 +- services/tgv.nix | 16 +- services/transmission.nix | 61 +++-- services/vaultwarden.nix | 25 +- zephyrus.nix | 3 +- 89 files changed, 1605 insertions(+), 1298 deletions(-) diff --git a/base/default.nix b/base/default.nix index 123b658..1607602 100644 --- a/base/default.nix +++ b/base/default.nix @@ -1,5 +1,4 @@ -{ ... }: -{ +{...}: { imports = [ ./gui-programs.nix ./networking.nix diff --git a/base/gui-programs.nix b/base/gui-programs.nix index 8bc9d33..f23213e 100644 --- a/base/gui-programs.nix +++ b/base/gui-programs.nix @@ -1,12 +1,17 @@ -{ pkgs, lib, config, options, ... }: -let - inherit (lib) +{ + pkgs, + lib, + config, + options, + ... +}: let + inherit + (lib) mkEnableOption mkIf optional - ; -in -{ + ; +in { options.my.gui = { enable = mkEnableOption "System has some kind of screen attached"; isNvidia = mkEnableOption "System a NVIDIA GPU"; @@ -19,8 +24,10 @@ in xserver = { enable = true; # NOTE: could use `mkOptionDefault` but this feels more explicit - videoDrivers = if config.my.gui.isNvidia then [ "nvidia" ] - else options.services.xserver.videoDrivers.default; + videoDrivers = + if config.my.gui.isNvidia + then ["nvidia"] + else options.services.xserver.videoDrivers.default; windowManager.i3.enable = true; layout = "fr"; xkbVariant = "us"; @@ -31,7 +38,8 @@ in }; environment.systemPackages = builtins.attrValues { - inherit (pkgs) + inherit + (pkgs) element-desktop feh firefox @@ -48,7 +56,7 @@ in thunderbird virt-manager zathura - ; + ; inherit (pkgs.gnome) nautilus; @@ -60,11 +68,11 @@ in dispatcherScripts = [ { - source = - let - grep = "${pkgs.gnugrep}/bin/grep"; - nmcli = "${pkgs.networkmanager}/bin/nmcli"; - in pkgs.writeShellScript "disable_wifi_on_ethernet" '' + source = let + grep = "${pkgs.gnugrep}/bin/grep"; + nmcli = "${pkgs.networkmanager}/bin/nmcli"; + in + pkgs.writeShellScript "disable_wifi_on_ethernet" '' export LC_ALL=C enable_disable_wifi () diff --git a/base/networking.nix b/base/networking.nix index e059f5e..02c8982 100644 --- a/base/networking.nix +++ b/base/networking.nix @@ -1,11 +1,10 @@ -{ lib, ... }: -let - inherit (lib) +{lib, ...}: let + inherit + (lib) mkOption types - ; -in -{ + ; +in { options.my.networking.externalInterface = mkOption { type = types.nullOr types.str; default = null; diff --git a/base/nix.nix b/base/nix.nix index c632aa9..b016e0d 100644 --- a/base/nix.nix +++ b/base/nix.nix @@ -1,13 +1,12 @@ -{ pkgs, ... }: -{ +{pkgs, ...}: { nixpkgs.config.allowUnfree = true; nix = { package = pkgs.nixStable; settings = { - experimental-features = [ "nix-command" "flakes" ]; - trusted-users = [ "@wheel" ]; + experimental-features = ["nix-command" "flakes"]; + trusted-users = ["@wheel"]; substituters = [ "https://alarsyo.cachix.org" "https://nix-community.cachix.org" diff --git a/base/programs.nix b/base/programs.nix index ab4ce97..3281f01 100644 --- a/base/programs.nix +++ b/base/programs.nix @@ -1,5 +1,4 @@ -{ pkgs, ... }: -{ +{pkgs, ...}: { programs = { fish.enable = true; gnupg.agent = { @@ -20,8 +19,10 @@ }; environment.systemPackages = builtins.attrValues { - inherit (pkgs) + inherit + (pkgs) # shell usage + fd ripgrep sd @@ -29,8 +30,8 @@ tokei tree wget - # development + alejandra git git-crypt @@ -41,8 +42,8 @@ pinentry-gnome python3 vim - # terminal utilities + bottom dogdns du-dust @@ -51,16 +52,16 @@ tealdeer unzip zip - # nix pkgs lookup + nix-index - agenix - ; + ; - inherit (pkgs.llvmPackages_11) + inherit + (pkgs.llvmPackages_11) bintools clang - ; + ; }; } diff --git a/base/users.nix b/base/users.nix index 2af640f..6f5e441 100644 --- a/base/users.nix +++ b/base/users.nix @@ -1,8 +1,11 @@ -{ config, lib, pkgs, ... }: -let - secrets = config.my.secrets; -in { + config, + lib, + pkgs, + ... +}: let + secrets = config.my.secrets; +in { users.mutableUsers = false; users.users.root = { passwordFile = config.age.secrets."users/root-hashed-password".path; diff --git a/boreal.nix b/boreal.nix index 448fcfb..076f749 100644 --- a/boreal.nix +++ b/boreal.nix @@ -1,5 +1,4 @@ -{ ... }: -{ +{...}: { imports = [ # Default configuration ./base diff --git a/flake.nix b/flake.nix index 17ddf99..0933043 100644 --- a/flake.nix +++ b/flake.nix @@ -51,104 +51,121 @@ }; }; - outputs = { self, nixpkgs, home-manager, agenix, ... } @inputs: { - nixosModules = { - home = { - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - home-manager.users.alarsyo = import ./home; - home-manager.verbose = true; + outputs = { + self, + nixpkgs, + home-manager, + agenix, + ... + } @ inputs: + { + nixosModules = { + home = { + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + home-manager.users.alarsyo = import ./home; + home-manager.verbose = true; + }; + nix-path = { + nix.nixPath = [ + "nixpkgs=${inputs.nixpkgs}" + ]; + }; }; - nix-path = { - nix.nixPath = [ - "nixpkgs=${inputs.nixpkgs}" - ]; - }; - }; - overlays = import ./overlays; + overlays = import ./overlays; - nixosConfigurations = - let + nixosConfigurations = let system = "x86_64-linux"; - shared_overlays = [ - (self: super: { - packages = import ./pkgs { pkgs = super; }; + shared_overlays = + [ + (self: super: { + packages = import ./pkgs {pkgs = super;}; - # packages accessible through pkgs.unstable.package - unstable = import inputs.nixpkgs-unstable-small { - inherit system; - config.allowUnfree = true; - }; + # packages accessible through pkgs.unstable.package + unstable = import inputs.nixpkgs-unstable-small { + inherit system; + config.allowUnfree = true; + }; + }) - }) - - agenix.overlay - ] ++ builtins.attrValues self.overlays; - sharedModules = [ - agenix.nixosModule - home-manager.nixosModule - { nixpkgs.overlays = shared_overlays; } - ] ++ (nixpkgs.lib.attrValues self.nixosModules); + agenix.overlay + ] + ++ builtins.attrValues self.overlays; + sharedModules = + [ + agenix.nixosModule + home-manager.nixosModule + {nixpkgs.overlays = shared_overlays;} + ] + ++ (nixpkgs.lib.attrValues self.nixosModules); in { - poseidon = nixpkgs.lib.nixosSystem rec { inherit system; - modules = [ - ./poseidon.nix - ] ++ sharedModules; + modules = + [ + ./poseidon.nix + ] + ++ sharedModules; }; boreal = nixpkgs.lib.nixosSystem rec { inherit system; - modules = [ - ./boreal.nix + modules = + [ + ./boreal.nix - { - nixpkgs.overlays = [ - inputs.emacs-overlay.overlay + { + nixpkgs.overlays = [ + inputs.emacs-overlay.overlay - # uncomment this to build everything from scratch, fun but takes a - # while - # - # (self: super: { - # stdenv = super.impureUseNativeOptimizations super.stdenv; - # }) - ]; - } - ] ++ sharedModules; + # uncomment this to build everything from scratch, fun but takes a + # while + # + # (self: super: { + # stdenv = super.impureUseNativeOptimizations super.stdenv; + # }) + ]; + } + ] + ++ sharedModules; }; zephyrus = nixpkgs.lib.nixosSystem rec { inherit system; - modules = [ - ./zephyrus.nix + modules = + [ + ./zephyrus.nix - inputs.nixos-hardware.nixosModules.common-cpu-intel - inputs.nixos-hardware.nixosModules.common-pc-laptop - inputs.nixos-hardware.nixosModules.common-pc-ssd + inputs.nixos-hardware.nixosModules.common-cpu-intel + inputs.nixos-hardware.nixosModules.common-pc-laptop + inputs.nixos-hardware.nixosModules.common-pc-ssd - { - nixpkgs.overlays = [ - inputs.emacs-overlay.overlay - ]; - } - ] ++ sharedModules; + { + nixpkgs.overlays = [ + inputs.emacs-overlay.overlay + ]; + } + ] + ++ sharedModules; }; - }; - } // inputs.flake-utils.lib.eachDefaultSystem (system: { - packages = - ( - inputs.flake-utils.lib.flattenTree - (import ./pkgs { pkgs = import nixpkgs { inherit system; }; }) - ) // { - emacsPgtkGcc = ( - import nixpkgs { - inherit system; - overlays = [ inputs.emacs-overlay.overlay ]; - } - ).emacsPgtkGcc; - }; - }); + } + // inputs.flake-utils.lib.eachDefaultSystem (system: { + packages = + ( + inputs.flake-utils.lib.flattenTree + (import ./pkgs {pkgs = import nixpkgs {inherit system;};}) + ) + // { + emacsPgtkGcc = + ( + import nixpkgs { + inherit system; + overlays = [inputs.emacs-overlay.overlay]; + } + ) + .emacsPgtkGcc; + }; + }); } diff --git a/home/alacritty.nix b/home/alacritty.nix index bf9665b..87843d2 100644 --- a/home/alacritty.nix +++ b/home/alacritty.nix @@ -1,15 +1,19 @@ -{ config, lib, pkgs, ... }: -let - inherit (lib) +{ + config, + lib, + pkgs, + ... +}: let + inherit + (lib) mkEnableOption mkIf - ; + ; cfg = config.my.home.alacritty; alacrittyTheme = config.my.theme.alacrittyTheme; -in -{ - options.my.home.alacritty.enable = (mkEnableOption "Alacritty terminal") // { default = config.my.home.x.enable; }; +in { + options.my.home.alacritty.enable = (mkEnableOption "Alacritty terminal") // {default = config.my.home.x.enable;}; config = mkIf cfg.enable { programs.alacritty = { @@ -39,7 +43,7 @@ in }; }; - home.packages = [ pkgs.iosevka-bin ]; + home.packages = [pkgs.iosevka-bin]; # make sure font is discoverable fonts.fontconfig.enable = true; diff --git a/home/bat.nix b/home/bat.nix index 2349985..f2bbfd2 100644 --- a/home/bat.nix +++ b/home/bat.nix @@ -1,16 +1,19 @@ -{ config, lib, ... }: -let - inherit (lib) +{ + config, + lib, + ... +}: let + inherit + (lib) mkEnableOption mkIf - ; + ; cfg = config.my.home.bat; batTheme = config.my.theme.batTheme; -in -{ +in { options.my.home.bat = { - enable = (mkEnableOption "bat code display tool") // { default = true; }; + enable = (mkEnableOption "bat code display tool") // {default = true;}; }; config = mkIf cfg.enable { diff --git a/home/default.nix b/home/default.nix index ab42092..faea7f2 100644 --- a/home/default.nix +++ b/home/default.nix @@ -1,5 +1,4 @@ -{ ... }: -{ +{...}: { imports = [ ./alacritty.nix ./bat.nix diff --git a/home/emacs.nix b/home/emacs.nix index c9ed8f6..536dc5b 100644 --- a/home/emacs.nix +++ b/home/emacs.nix @@ -1,30 +1,35 @@ -{ config, lib, pkgs, ... }: -let - inherit (lib) +{ + config, + lib, + pkgs, + ... +}: let + inherit + (lib) mkEnableOption mkIf - ; -in -{ + ; +in { options.my.home.emacs = { enable = mkEnableOption "Emacs daemon configuration"; }; config = mkIf config.my.home.emacs.enable { - - home.sessionPath = [ "${config.xdg.configHome}/emacs/bin" ]; + home.sessionPath = ["${config.xdg.configHome}/emacs/bin"]; home.sessionVariables = { EDITOR = "emacsclient -t"; }; home.packages = builtins.attrValues { - inherit (pkgs) + inherit + (pkgs) sqlite # needed by org-roam - + # fonts used by my config + emacs-all-the-icons-fonts iosevka-bin - ; + ; }; # make sure above fonts are discoverable fonts.fontconfig.enable = true; diff --git a/home/env.nix b/home/env.nix index 3996dfc..aaeb1b6 100644 --- a/home/env.nix +++ b/home/env.nix @@ -1,5 +1,4 @@ -{ config, ... }: -{ +{config, ...}: { home.sessionPath = [ "${config.home.homeDirectory}/.cargo/bin" "${config.home.homeDirectory}/.local/bin" diff --git a/home/firefox.nix b/home/firefox.nix index 1cfce8a..c633f33 100644 --- a/home/firefox.nix +++ b/home/firefox.nix @@ -1,15 +1,19 @@ -{ config, lib, pkgs, ... }: -let - inherit (lib) +{ + config, + lib, + pkgs, + ... +}: let + inherit + (lib) mkEnableOption mkIf - ; + ; cfg = config.my.home.firefox; -in -{ +in { options.my.home.firefox = { - enable = (mkEnableOption "firefox config") // { default = config.my.home.x.enable; }; + enable = (mkEnableOption "firefox config") // {default = config.my.home.x.enable;}; }; config = mkIf cfg.enable { diff --git a/home/fish/default.nix b/home/fish/default.nix index 0e9d721..6fa9f00 100644 --- a/home/fish/default.nix +++ b/home/fish/default.nix @@ -1,14 +1,17 @@ -{ config, lib, ... }: -let - inherit (lib) +{ + config, + lib, + ... +}: let + inherit + (lib) mkEnableOption mkIf - ; + ; cfg = config.my.home.fish; -in -{ - options.my.home.fish.enable = (mkEnableOption "Fish shell") // { default = true; }; +in { + options.my.home.fish.enable = (mkEnableOption "Fish shell") // {default = true;}; config = mkIf cfg.enable { home.sessionVariables = { @@ -21,6 +24,6 @@ in enable = true; }; - xdg.configFile."fish/functions" = { source = ./. + "/functions"; }; + xdg.configFile."fish/functions" = {source = ./. + "/functions";}; }; } diff --git a/home/flameshot.nix b/home/flameshot.nix index 043d2ce..47e2886 100644 --- a/home/flameshot.nix +++ b/home/flameshot.nix @@ -1,13 +1,16 @@ -{ config, lib, ... }: -let - inherit (lib) +{ + config, + lib, + ... +}: let + inherit + (lib) mkEnableOption mkIf - ; + ; cfg = config.my.home.flameshot; -in -{ +in { options.my.home.flameshot = { enable = mkEnableOption "flameshot autolaunch"; }; diff --git a/home/git.nix b/home/git.nix index 61e8171..1ab8fbf 100644 --- a/home/git.nix +++ b/home/git.nix @@ -1,14 +1,18 @@ -{ config, lib, pkgs, ... }: -let - inherit (lib) +{ + config, + lib, + pkgs, + ... +}: let + inherit + (lib) mkEnableOption mkIf - ; + ; cfg = config.my.home.git; -in -{ - options.my.home.git.enable = (mkEnableOption "Git configuration") // { default = true; }; +in { + options.my.home.git.enable = (mkEnableOption "Git configuration") // {default = true;}; config = mkIf cfg.enable { programs.git = { @@ -26,11 +30,11 @@ in userName = "Antoine Martin"; extraConfig = { - commit = { verbose = true; }; - core = { editor = "vim"; }; - init = { defaultBranch = "main"; }; - pull = { rebase = true; }; - rerere = { enabled = true; }; + commit = {verbose = true;}; + core = {editor = "vim";}; + init = {defaultBranch = "main";}; + pull = {rebase = true;}; + rerere = {enabled = true;}; }; aliases = { @@ -42,15 +46,15 @@ in includes = [ { condition = "gitdir:~/work/lrde/"; - contents = { user = { email = "amartin@lrde.epita.fr"; }; }; + contents = {user = {email = "amartin@lrde.epita.fr";};}; } { condition = "gitdir:~/work/prologin/"; - contents = { user = { email = "antoine.martin@prologin.org"; }; }; + contents = {user = {email = "antoine.martin@prologin.org";};}; } { condition = "gitdir:~/work/epita/"; - contents = { user = { email = "antoine4.martin@epita.fr"; }; }; + contents = {user = {email = "antoine4.martin@epita.fr";};}; } ]; }; diff --git a/home/laptop.nix b/home/laptop.nix index 8d30003..28f1467 100644 --- a/home/laptop.nix +++ b/home/laptop.nix @@ -1,10 +1,13 @@ -{ config, lib, ... }: -let - inherit (lib) - mkEnableOption - ; -in { + config, + lib, + ... +}: let + inherit + (lib) + mkEnableOption + ; +in { options.my.home.laptop = { enable = mkEnableOption "Laptop settings"; }; diff --git a/home/lorri.nix b/home/lorri.nix index 386d282..0d7e2e3 100644 --- a/home/lorri.nix +++ b/home/lorri.nix @@ -1,25 +1,28 @@ -{ config, lib, ... }: -let - inherit (lib) +{ + config, + lib, + ... +}: let + inherit + (lib) mkEnableOption mkIf - ; + ; cfg = config.my.home.lorri; -in -{ +in { options.my.home.lorri = { - enable = (mkEnableOption "lorri daemon setup") // { default = true; }; + enable = (mkEnableOption "lorri daemon setup") // {default = true;}; }; config = mkIf cfg.enable { services.lorri.enable = true; programs.direnv = { + enable = true; + # FIXME: proper file, not lorri.nix + nix-direnv = { enable = true; - # FIXME: proper file, not lorri.nix - nix-direnv = { - enable = true; - }; + }; }; }; } diff --git a/home/mail.nix b/home/mail.nix index f4efcfc..7301600 100644 --- a/home/mail.nix +++ b/home/mail.nix @@ -1,22 +1,26 @@ -{ config, lib, pkgs, ... }: -let - inherit (lib) +{ + config, + lib, + pkgs, + ... +}: let + inherit + (lib) mkEnableOption mkIf - ; + ; myName = "Antoine Martin"; email_perso = "antoine@alarsyo.net"; email_lrde = "amartin@lrde.epita.fr"; cfg = config.my.home.mail; -in -{ +in { options.my.home.mail = { # I *could* read email in a terminal emacs client on a server, but in # practice I don't think it'll happen very often, so let's enable this only # when I'm on a machine with a Xorg server. - enable = (mkEnableOption "email configuration") // { default = config.my.home.x.enable; }; + enable = (mkEnableOption "email configuration") // {default = config.my.home.x.enable;}; }; config = mkIf cfg.enable { diff --git a/home/rbw.nix b/home/rbw.nix index 34ac1b8..98ca2b0 100644 --- a/home/rbw.nix +++ b/home/rbw.nix @@ -1,14 +1,18 @@ -{ config, lib, pkgs, ... }: -let - inherit (lib) +{ + config, + lib, + pkgs, + ... +}: let + inherit + (lib) mkEnableOption mkIf - ; + ; cfg = config.my.home.mail; -in -{ +in { options.my.home.rbw = { - enable = (mkEnableOption "rbw configuration"); + enable = mkEnableOption "rbw configuration"; }; config = mkIf cfg.enable { diff --git a/home/rofi.nix b/home/rofi.nix index b5a9e91..5419209 100644 --- a/home/rofi.nix +++ b/home/rofi.nix @@ -1,15 +1,19 @@ -{ config, lib, pkgs, ... }: -let - inherit (lib) +{ + config, + lib, + pkgs, + ... +}: let + inherit + (lib) mkEnableOption mkIf - ; + ; cfg = config.my.home.rofi; -in -{ +in { options.my.home.rofi = { - enable = (mkEnableOption "rofi configuration") // { default = config.my.home.x.enable; }; + enable = (mkEnableOption "rofi configuration") // {default = config.my.home.x.enable;}; }; config = mkIf cfg.enable { diff --git a/home/ssh.nix b/home/ssh.nix index fc5884e..4b65ea9 100644 --- a/home/ssh.nix +++ b/home/ssh.nix @@ -1,15 +1,18 @@ -{ config, lib, ... }: -let - inherit (lib) +{ + config, + lib, + ... +}: let + inherit + (lib) mkEnableOption mkIf - ; + ; cfg = config.my.home.ssh; -in -{ +in { options.my.home.ssh = { - enable = (mkEnableOption "ssh configuration") // { default = true; }; + enable = (mkEnableOption "ssh configuration") // {default = true;}; }; config = mkIf cfg.enable { @@ -17,8 +20,8 @@ in enable = true; matchBlocks = { - boreal = { hostname = "boreal.alarsyo.net"; }; - poseidon = { hostname = "poseidon.alarsyo.net"; }; + boreal = {hostname = "boreal.alarsyo.net";}; + poseidon = {hostname = "poseidon.alarsyo.net";}; pi = { hostname = "pi.alarsyo.net"; user = "pi"; diff --git a/home/themes/alacritty.nix b/home/themes/alacritty.nix index cc6943b..abdbdc7 100644 --- a/home/themes/alacritty.nix +++ b/home/themes/alacritty.nix @@ -1,11 +1,11 @@ -{ lib }: -let - inherit (lib) +{lib}: let + inherit + (lib) mkOption types - ; + ; - mkColorOption = import ./color.nix { inherit lib; }; + mkColorOption = import ./color.nix {inherit lib;}; primaryColorModule = types.submodule { options = { @@ -34,60 +34,60 @@ let }; }; in -types.submodule { - options = { - primary = mkOption { - type = primaryColorModule; - default = { - foreground = "#c5c8c6"; - background = "#1d1f21"; + types.submodule { + options = { + primary = mkOption { + type = primaryColorModule; + default = { + foreground = "#c5c8c6"; + background = "#1d1f21"; + }; + }; + cursor = mkOption { + type = cursorColorModule; + default = { + text = "#1d1f21"; + cursor = "#c5c8c6"; + }; + }; + normal = mkOption { + type = rainbowColorModule; + default = { + black = "#1d1f21"; + red = "#cc6666"; + green = "#b5bd68"; + yellow = "#f0c674"; + blue = "#81a2be"; + magenta = "#b294bb"; + cyan = "#8abeb7"; + white = "#c5c8c6"; + }; + }; + bright = mkOption { + type = rainbowColorModule; + default = { + black = "#666666"; + red = "#d54e53"; + green = "#b9ca4a"; + yellow = "#e7c547"; + blue = "#7aa6da"; + magenta = "#c397d8"; + cyan = "#70c0b1"; + white = "#eaeaea"; + }; + }; + dim = mkOption { + type = rainbowColorModule; + default = { + black = "#131415"; + red = "#864343"; + green = "#777c44"; + yellow = "#9e824c"; + blue = "#556a7d"; + magenta = "#75617b"; + cyan = "#5b7d78"; + white = "#828482"; + }; }; }; - cursor = mkOption { - type = cursorColorModule; - default = { - text = "#1d1f21"; - cursor = "#c5c8c6"; - }; - }; - normal = mkOption { - type = rainbowColorModule; - default = { - black = "#1d1f21"; - red = "#cc6666"; - green = "#b5bd68"; - yellow = "#f0c674"; - blue = "#81a2be"; - magenta = "#b294bb"; - cyan = "#8abeb7"; - white = "#c5c8c6"; - }; - }; - bright = mkOption { - type = rainbowColorModule; - default = { - black = "#666666"; - red = "#d54e53"; - green = "#b9ca4a"; - yellow = "#e7c547"; - blue = "#7aa6da"; - magenta = "#c397d8"; - cyan = "#70c0b1"; - white = "#eaeaea"; - }; - }; - dim = mkOption { - type = rainbowColorModule; - default = { - black = "#131415"; - red = "#864343"; - green = "#777c44"; - yellow = "#9e824c"; - blue = "#556a7d"; - magenta = "#75617b"; - cyan = "#5b7d78"; - white = "#828482"; - }; - }; - }; -} + } diff --git a/home/themes/bat.nix b/home/themes/bat.nix index df9565e..22e873e 100644 --- a/home/themes/bat.nix +++ b/home/themes/bat.nix @@ -1,15 +1,15 @@ -{ lib }: -let - inherit (lib) +{lib}: let + inherit + (lib) mkOption types - ; + ; in -types.submodule { - options = { - name = mkOption { - type = types.str; - default = ""; + types.submodule { + options = { + name = mkOption { + type = types.str; + default = ""; + }; }; - }; -} + } diff --git a/home/themes/color.nix b/home/themes/color.nix index 5c63963..c1aa5af 100644 --- a/home/themes/color.nix +++ b/home/themes/color.nix @@ -1,14 +1,18 @@ -{ lib }: -let - inherit (lib) +{lib}: let + inherit + (lib) mkOption types - ; + ; - mkColorOption = {default ? "#000000", description ? "" }: mkOption { - inherit description default; - example = "#abcdef"; - type = types.strMatching "#[0-9a-f]{6}"; - }; + mkColorOption = { + default ? "#000000", + description ? "", + }: + mkOption { + inherit description default; + example = "#abcdef"; + type = types.strMatching "#[0-9a-f]{6}"; + }; in -mkColorOption + mkColorOption diff --git a/home/themes/default.nix b/home/themes/default.nix index e19a474..19c4103 100644 --- a/home/themes/default.nix +++ b/home/themes/default.nix @@ -1,35 +1,38 @@ -{ config, lib, ... }: -let - inherit (lib) +{ + config, + lib, + ... +}: let + inherit + (lib) mkOption types - ; + ; themeType = types.submodule { options = { alacrittyTheme = mkOption { - type = import ./alacritty.nix { inherit lib; }; + type = import ./alacritty.nix {inherit lib;}; default = {}; }; batTheme = mkOption { - type = import ./bat.nix { inherit lib; }; + type = import ./bat.nix {inherit lib;}; default = {}; }; i3Theme = mkOption { - type = import ./i3.nix { inherit lib; }; + type = import ./i3.nix {inherit lib;}; default = {}; }; i3BarTheme = mkOption { - type = import ./i3bar.nix { inherit lib; }; + type = import ./i3bar.nix {inherit lib;}; default = {}; }; }; }; -in -{ +in { options.my.theme = mkOption { - type = themeType; - default = {}; + type = themeType; + default = {}; }; options.my.themes = mkOption { diff --git a/home/themes/i3.nix b/home/themes/i3.nix index 6e5b3eb..cd784fd 100644 --- a/home/themes/i3.nix +++ b/home/themes/i3.nix @@ -1,11 +1,11 @@ -{ lib }: -let - inherit (lib) +{lib}: let + inherit + (lib) mkOption types - ; + ; - mkColorOption = import ./color.nix { inherit lib; }; + mkColorOption = import ./color.nix {inherit lib;}; barColorSetModule = types.submodule { options = { @@ -25,165 +25,164 @@ let }; }; in -types.submodule { - options = { - bar = mkOption { - type = types.submodule { - options = { - background = mkColorOption { - default = "#000000"; - description = "Background color of the bar."; - }; - - statusline = mkColorOption { - default = "#ffffff"; - description = "Text color to be used for the statusline."; - }; - - separator = mkColorOption { - default = "#666666"; - description = "Text color to be used for the separator."; - }; - - focusedWorkspace = mkOption { - type = barColorSetModule; - default = { - border = "#4c7899"; - background = "#285577"; - text = "#ffffff"; + types.submodule { + options = { + bar = mkOption { + type = types.submodule { + options = { + background = mkColorOption { + default = "#000000"; + description = "Background color of the bar."; }; - description = '' - Border, background and text color for a workspace button when the workspace has focus. - ''; - }; - activeWorkspace = mkOption { - type = barColorSetModule; - default = { - border = "#333333"; - background = "#5f676a"; - text = "#ffffff"; + statusline = mkColorOption { + default = "#ffffff"; + description = "Text color to be used for the statusline."; }; - description = '' - Border, background and text color for a workspace button when the workspace is active. - ''; - }; - inactiveWorkspace = mkOption { - type = barColorSetModule; - default = { - border = "#333333"; - background = "#222222"; - text = "#888888"; + separator = mkColorOption { + default = "#666666"; + description = "Text color to be used for the separator."; }; - description = '' - Border, background and text color for a workspace button when the workspace does not - have focus and is not active. - ''; - }; - urgentWorkspace = mkOption { - type = barColorSetModule; - default = { - border = "#2f343a"; - background = "#900000"; - text = "#ffffff"; + focusedWorkspace = mkOption { + type = barColorSetModule; + default = { + border = "#4c7899"; + background = "#285577"; + text = "#ffffff"; + }; + description = '' + Border, background and text color for a workspace button when the workspace has focus. + ''; }; - description = '' - Border, background and text color for a workspace button when the workspace contains - a window with the urgency hint set. - ''; - }; - bindingMode = mkOption { - type = barColorSetModule; - default = { - border = "#2f343a"; - background = "#900000"; - text = "#ffffff"; + activeWorkspace = mkOption { + type = barColorSetModule; + default = { + border = "#333333"; + background = "#5f676a"; + text = "#ffffff"; + }; + description = '' + Border, background and text color for a workspace button when the workspace is active. + ''; + }; + + inactiveWorkspace = mkOption { + type = barColorSetModule; + default = { + border = "#333333"; + background = "#222222"; + text = "#888888"; + }; + description = '' + Border, background and text color for a workspace button when the workspace does not + have focus and is not active. + ''; + }; + + urgentWorkspace = mkOption { + type = barColorSetModule; + default = { + border = "#2f343a"; + background = "#900000"; + text = "#ffffff"; + }; + description = '' + Border, background and text color for a workspace button when the workspace contains + a window with the urgency hint set. + ''; + }; + + bindingMode = mkOption { + type = barColorSetModule; + default = { + border = "#2f343a"; + background = "#900000"; + text = "#ffffff"; + }; + description = "Border, background and text color for the binding mode indicator"; }; - description = - "Border, background and text color for the binding mode indicator"; }; }; + + default = {}; }; - default = {}; - }; - - background = mkOption { - type = types.str; - default = "#ffffff"; - description = '' - Background color of the window. Only applications which do not cover - the whole area expose the color. - ''; - }; - - focused = mkOption { - type = colorSetModule; - default = { - border = "#4c7899"; - background = "#285577"; - text = "#ffffff"; - indicator = "#2e9ef4"; - childBorder = "#285577"; + background = mkOption { + type = types.str; + default = "#ffffff"; + description = '' + Background color of the window. Only applications which do not cover + the whole area expose the color. + ''; }; - description = "A window which currently has the focus."; - }; - focusedInactive = mkOption { - type = colorSetModule; - default = { - border = "#333333"; - background = "#5f676a"; - text = "#ffffff"; - indicator = "#484e50"; - childBorder = "#5f676a"; + focused = mkOption { + type = colorSetModule; + default = { + border = "#4c7899"; + background = "#285577"; + text = "#ffffff"; + indicator = "#2e9ef4"; + childBorder = "#285577"; + }; + description = "A window which currently has the focus."; }; - description = '' - A window which is the focused one of its container, - but it does not have the focus at the moment. - ''; - }; - unfocused = mkOption { - type = colorSetModule; - default = { - border = "#333333"; - background = "#222222"; - text = "#888888"; - indicator = "#292d2e"; - childBorder = "#222222"; + focusedInactive = mkOption { + type = colorSetModule; + default = { + border = "#333333"; + background = "#5f676a"; + text = "#ffffff"; + indicator = "#484e50"; + childBorder = "#5f676a"; + }; + description = '' + A window which is the focused one of its container, + but it does not have the focus at the moment. + ''; }; - description = "A window which is not focused."; - }; - urgent = mkOption { - type = colorSetModule; - default = { - border = "#2f343a"; - background = "#900000"; - text = "#ffffff"; - indicator = "#900000"; - childBorder = "#900000"; + unfocused = mkOption { + type = colorSetModule; + default = { + border = "#333333"; + background = "#222222"; + text = "#888888"; + indicator = "#292d2e"; + childBorder = "#222222"; + }; + description = "A window which is not focused."; }; - description = "A window which has its urgency hint activated."; - }; - placeholder = mkOption { - type = colorSetModule; - default = { - border = "#000000"; - background = "#0c0c0c"; - text = "#ffffff"; - indicator = "#000000"; - childBorder = "#0c0c0c"; + urgent = mkOption { + type = colorSetModule; + default = { + border = "#2f343a"; + background = "#900000"; + text = "#ffffff"; + indicator = "#900000"; + childBorder = "#900000"; + }; + description = "A window which has its urgency hint activated."; + }; + + placeholder = mkOption { + type = colorSetModule; + default = { + border = "#000000"; + background = "#0c0c0c"; + text = "#ffffff"; + indicator = "#000000"; + childBorder = "#0c0c0c"; + }; + description = '' + Background and text color are used to draw placeholder window + contents (when restoring layouts). Border and indicator are ignored. + ''; }; - description = '' - Background and text color are used to draw placeholder window - contents (when restoring layouts). Border and indicator are ignored. - ''; }; - }; -} + } diff --git a/home/themes/i3bar.nix b/home/themes/i3bar.nix index 3701116..0df2ff9 100644 --- a/home/themes/i3bar.nix +++ b/home/themes/i3bar.nix @@ -1,28 +1,28 @@ -{ lib }: -let - inherit (lib) +{lib}: let + inherit + (lib) mkOption types - ; + ; - mkColorOption = import ./color.nix { inherit lib; }; + mkColorOption = import ./color.nix {inherit lib;}; in -types.submodule { - options = { - theme = mkOption { - type = types.submodule { - options = { - name = mkOption { - type = types.str; - default = "plain"; - }; - overrides = mkOption { - type = types.attrsOf types.str; - default = {}; + types.submodule { + options = { + theme = mkOption { + type = types.submodule { + options = { + name = mkOption { + type = types.str; + default = "plain"; + }; + overrides = mkOption { + type = types.attrsOf types.str; + default = {}; + }; }; }; + default = {}; }; - default = {}; }; - }; -} + } diff --git a/home/themes/solarizedLight/alacritty.nix b/home/themes/solarizedLight/alacritty.nix index fb22436..7c69411 100644 --- a/home/themes/solarizedLight/alacritty.nix +++ b/home/themes/solarizedLight/alacritty.nix @@ -1,5 +1,6 @@ let - inherit (import ./colors.nix) + inherit + (import ./colors.nix) base0 base00 base01 @@ -16,9 +17,8 @@ let red violet yellow - ; -in -{ + ; +in { primary = { background = base3; foreground = base00; diff --git a/home/themes/solarizedLight/colors.nix b/home/themes/solarizedLight/colors.nix index f4c69b7..2426f51 100644 --- a/home/themes/solarizedLight/colors.nix +++ b/home/themes/solarizedLight/colors.nix @@ -1,18 +1,18 @@ { - base03 = "#002b36"; # brblack - base02 = "#073642"; # black - base01 = "#586e75"; # brgreen - base00 = "#657b83"; # bryellow - base0 = "#839496"; # brblue - base1 = "#93a1a1"; # brcyan - base2 = "#eee8d5"; # white - base3 = "#fdf6e3"; # brwhite - yellow = "#b58900"; # yellow - orange = "#cb4b16"; # brred - red = "#dc322f"; # red + base03 = "#002b36"; # brblack + base02 = "#073642"; # black + base01 = "#586e75"; # brgreen + base00 = "#657b83"; # bryellow + base0 = "#839496"; # brblue + base1 = "#93a1a1"; # brcyan + base2 = "#eee8d5"; # white + base3 = "#fdf6e3"; # brwhite + yellow = "#b58900"; # yellow + orange = "#cb4b16"; # brred + red = "#dc322f"; # red magenta = "#d33682"; # magenta - violet = "#6c71c4"; # brmagenta - blue = "#268bd2"; # blue - cyan = "#2aa198"; # cyan - green = "#859900"; # green + violet = "#6c71c4"; # brmagenta + blue = "#268bd2"; # blue + cyan = "#2aa198"; # cyan + green = "#859900"; # green } diff --git a/home/themes/solarizedLight/i3.nix b/home/themes/solarizedLight/i3.nix index df9634a..a5762ce 100644 --- a/home/themes/solarizedLight/i3.nix +++ b/home/themes/solarizedLight/i3.nix @@ -1,5 +1,6 @@ let - inherit (import ./colors.nix) + inherit + (import ./colors.nix) base00 base2 base3 @@ -8,9 +9,8 @@ let orange red yellow - ; -in -{ + ; +in { bar = { background = base3; statusline = yellow; diff --git a/home/themes/solarizedLight/i3bar.nix b/home/themes/solarizedLight/i3bar.nix index 5b37775..0e450c2 100644 --- a/home/themes/solarizedLight/i3bar.nix +++ b/home/themes/solarizedLight/i3bar.nix @@ -1,5 +1,6 @@ let - inherit (import ./colors.nix) + inherit + (import ./colors.nix) base00 base2 base3 @@ -7,9 +8,8 @@ let green red yellow - ; -in -{ + ; +in { theme = { name = "solarized-light"; overrides = { diff --git a/home/tmux.nix b/home/tmux.nix index 86d6995..3f72959 100644 --- a/home/tmux.nix +++ b/home/tmux.nix @@ -1,15 +1,19 @@ -{ config, lib, pkgs, ... }: -let - inherit (lib) +{ + config, + lib, + pkgs, + ... +}: let + inherit + (lib) mkEnableOption mkIf - ; + ; cfg = config.my.home.tmux; -in -{ +in { options.my.home.tmux = { - enable = (mkEnableOption "tmux dotfiles") // { default = true; }; + enable = (mkEnableOption "tmux dotfiles") // {default = true;}; }; config = mkIf cfg.enable { @@ -19,7 +23,9 @@ in terminal = "screen-256color"; clock24 = true; - plugins = let inherit (pkgs) tmuxPlugins; in [ + plugins = let + inherit (pkgs) tmuxPlugins; + in [ { plugin = tmuxPlugins.cpu; extraConfig = '' diff --git a/home/tridactyl.nix b/home/tridactyl.nix index 9be9906..8b4647c 100644 --- a/home/tridactyl.nix +++ b/home/tridactyl.nix @@ -1,15 +1,18 @@ -{ config, lib, ... }: -let - inherit (lib) +{ + config, + lib, + ... +}: let + inherit + (lib) mkEnableOption mkIf - ; + ; cfg = config.my.home.tridactyl; -in -{ +in { options.my.home.tridactyl = { - enable = (mkEnableOption "tridactyl code display tool") // { default = config.my.home.firefox.enable; }; + enable = (mkEnableOption "tridactyl code display tool") // {default = config.my.home.firefox.enable;}; }; config = mkIf cfg.enable { diff --git a/home/x/cursor.nix b/home/x/cursor.nix index aa4ead7..ae2c2ed 100644 --- a/home/x/cursor.nix +++ b/home/x/cursor.nix @@ -1,14 +1,18 @@ -{ config, lib, pkgs, ... }: -let - inherit (lib) +{ + config, + lib, + pkgs, + ... +}: let + inherit + (lib) mkEnableOption mkIf - ; + ; cfg = config.my.home.x.cursor; -in -{ - options.my.home.x.cursor.enable = (mkEnableOption "X cursor") // { default = config.my.home.x.enable; }; +in { + options.my.home.x.cursor.enable = (mkEnableOption "X cursor") // {default = config.my.home.x.enable;}; config = mkIf cfg.enable { xsession.pointerCursor = { diff --git a/home/x/default.nix b/home/x/default.nix index 4953b9a..5cc058b 100644 --- a/home/x/default.nix +++ b/home/x/default.nix @@ -1,10 +1,14 @@ -{ config, lib, pkgs, ... }: -let - inherit (lib) - mkEnableOption - ; -in { + config, + lib, + pkgs, + ... +}: let + inherit + (lib) + mkEnableOption + ; +in { imports = [ ./cursor.nix ./i3.nix diff --git a/home/x/i3.nix b/home/x/i3.nix index 996a1e1..d528a24 100644 --- a/home/x/i3.nix +++ b/home/x/i3.nix @@ -1,9 +1,14 @@ -{ config, lib, pkgs, ... }: -let - inherit (lib) +{ + config, + lib, + pkgs, + ... +}: let + inherit + (lib) mkIf mkOptionDefault - ; + ; isEnabled = config.my.home.x.enable; @@ -20,14 +25,13 @@ let logoutMode = "[L]ogout, [S]uspend, [P]oweroff, [R]eboot"; i3Theme = config.my.theme.i3Theme; -in -{ +in { config = mkIf isEnabled { my.home = { flameshot.enable = true; }; - home.packages = [ pkgs.betterlockscreen ]; + home.packages = [pkgs.betterlockscreen]; xsession.windowManager.i3 = { enable = true; @@ -35,39 +39,38 @@ in config = { inherit modifier; - bars = - let - barConfigPath = - config.xdg.configFile."i3status-rust/config-top.toml".target; - in - [ - { - statusCommand = "i3status-rs ${barConfigPath}"; - position = "top"; - fonts = { - names = [ "DejaVuSansMono" "FontAwesome5Free" ]; - size = 9.0; - }; + bars = let + barConfigPath = + config.xdg.configFile."i3status-rust/config-top.toml".target; + in [ + { + statusCommand = "i3status-rs ${barConfigPath}"; + position = "top"; + fonts = { + names = ["DejaVuSansMono" "FontAwesome5Free"]; + size = 9.0; + }; - colors = i3Theme.bar; + colors = i3Theme.bar; - trayOutput = "primary"; + trayOutput = "primary"; - # disable mouse scroll wheel in bar - extraConfig = '' - bindsym button4 nop - bindsym button5 nop - ''; - } - ]; + # disable mouse scroll wheel in bar + extraConfig = '' + bindsym button4 nop + bindsym button5 nop + ''; + } + ]; colors = { - inherit (i3Theme) + inherit + (i3Theme) focused focusedInactive unfocused urgent - ; + ; }; focus = { @@ -78,7 +81,7 @@ in workspaceAutoBackAndForth = true; fonts = { - names = [ "DejaVu Sans Mono" ]; + names = ["DejaVu Sans Mono"]; size = 8.0; }; @@ -104,40 +107,44 @@ in "${modifier}+d" = "exec ${pkgs.rofi}/bin/rofi -show run"; }; - modes = - let - makeModeBindings = attrs: attrs // { + modes = let + makeModeBindings = attrs: + attrs + // { "Escape" = "mode default"; "Return" = "mode default"; }; - in - mkOptionDefault { - "${logoutMode}" = makeModeBindings { - "l" = "exec --no-startup-id i3-msg exit, mode default"; - "s" = "exec --no-startup-id betterlockscreen --suspend, mode default"; - "p" = "exec --no-startup-id systemctl poweroff, mode default"; - "r" = "exec --no-startup-id systemctl reboot, mode default"; - }; + in + mkOptionDefault { + "${logoutMode}" = makeModeBindings { + "l" = "exec --no-startup-id i3-msg exit, mode default"; + "s" = "exec --no-startup-id betterlockscreen --suspend, mode default"; + "p" = "exec --no-startup-id systemctl poweroff, mode default"; + "r" = "exec --no-startup-id systemctl reboot, mode default"; }; + }; terminal = myTerminal; assigns = { "10" = [ - { class = "Slack"; } - { class = "discord"; } + {class = "Slack";} + {class = "discord";} ]; }; window.commands = [ - { command = "border pixel 2"; criteria = { class = "Alacritty"; }; } + { + command = "border pixel 2"; + criteria = {class = "Alacritty";}; + } # NOTE: should be done with an assign command, but Spotify doesn't set # its class until after initialization, so has to be done this way. # # See https://i3wm.org/docs/userguide.html#assign_workspace { - criteria = { class = "Spotify"; }; + criteria = {class = "Spotify";}; command = "move --no-auto-back-and-forth to workspace 8"; } ]; diff --git a/home/x/i3bar.nix b/home/x/i3bar.nix index 9e8246f..6498e21 100644 --- a/home/x/i3bar.nix +++ b/home/x/i3bar.nix @@ -1,18 +1,22 @@ -{ config, lib, pkgs, ... }: -let - inherit (lib) +{ + config, + lib, + pkgs, + ... +}: let + inherit + (lib) lists mkIf mkOption optional types - ; + ; isEnabled = config.my.home.x.enable; i3BarTheme = config.my.theme.i3BarTheme; cfg = config.my.home.x.i3bar; -in -{ +in { options.my.home.x.i3bar = { temperature.chip = mkOption { type = types.str; @@ -27,17 +31,19 @@ in networking.throughput_interfaces = mkOption { type = types.listOf types.str; - example = [ "wlp1s0" ]; - default = [ ]; + example = ["wlp1s0"]; + default = []; }; }; config = mkIf isEnabled { home.packages = builtins.attrValues { - inherit (pkgs) + inherit + (pkgs) # FIXME: is this useful? + font-awesome - ; + ; }; programs.i3status-rust = { @@ -49,81 +55,86 @@ in theme = i3BarTheme.theme.name; settings = i3BarTheme; - blocks = [ - { - block = "pomodoro"; - length = 60; - break_length = 10; - notifier = "i3nag"; - } - { - block = "disk_space"; - path = "/"; - alias = "/"; - info_type = "available"; - unit = "GB"; - interval = 60; - warning = 20.0; - alert = 10.0; - } - { - block = "memory"; - display_type = "memory"; - format_mem = "{mem_used;G}/{mem_total;G}"; - warning_mem = 70.0; - critical_mem = 90.0; - # don't show swap - clickable = false; - } - { - block = "cpu"; - interval = 1; - format = "{barchart}"; - } - { - block = "temperature"; - collapsed = false; - interval = 10; - format = "{max}"; - chip = cfg.temperature.chip; - inputs = cfg.temperature.inputs; - } - ] ++ (lists.optionals ((builtins.length cfg.networking.throughput_interfaces) != 0) - (map - (interface: - { + blocks = + [ + { + block = "pomodoro"; + length = 60; + break_length = 10; + notifier = "i3nag"; + } + { + block = "disk_space"; + path = "/"; + alias = "/"; + info_type = "available"; + unit = "GB"; + interval = 60; + warning = 20.0; + alert = 10.0; + } + { + block = "memory"; + display_type = "memory"; + format_mem = "{mem_used;G}/{mem_total;G}"; + warning_mem = 70.0; + critical_mem = 90.0; + # don't show swap + clickable = false; + } + { + block = "cpu"; + interval = 1; + format = "{barchart}"; + } + { + block = "temperature"; + collapsed = false; + interval = 10; + format = "{max}"; + chip = cfg.temperature.chip; + inputs = cfg.temperature.inputs; + } + ] + ++ ( + lists.optionals ((builtins.length cfg.networking.throughput_interfaces) != 0) + (map + (interface: { block = "net"; device = interface; interval = 1; hide_inactive = true; }) - - cfg.networking.throughput_interfaces) - ) ++ [ - { - block = "networkmanager"; - primary_only = true; - } - { - block = "sound"; - driver = "pulseaudio"; - } - ] ++ (optional config.my.home.laptop.enable - { - block = "battery"; - } - ) ++ [ - # { - # block = "notify"; - # } - { - block = "time"; - interval = 5; - format = "%a %d/%m %T"; - locale = "fr_FR"; - timezone = "Europe/Paris"; - } - ]; + cfg.networking.throughput_interfaces) + ) + ++ [ + { + block = "networkmanager"; + primary_only = true; + } + { + block = "sound"; + driver = "pulseaudio"; + } + ] + ++ ( + optional config.my.home.laptop.enable + { + block = "battery"; + } + ) + ++ [ + # { + # block = "notify"; + # } + { + block = "time"; + interval = 5; + format = "%a %d/%m %T"; + locale = "fr_FR"; + timezone = "Europe/Paris"; + } + ]; }; }; }; diff --git a/hosts/boreal/default.nix b/hosts/boreal/default.nix index 61dad07..19771f2 100644 --- a/hosts/boreal/default.nix +++ b/hosts/boreal/default.nix @@ -1,17 +1,20 @@ # Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). - -{ config, lib, pkgs, ... }: { - imports = - [ # Include the results of the hardware scan. - ./hardware-configuration.nix + config, + lib, + pkgs, + ... +}: { + imports = [ + # Include the results of the hardware scan. + ./hardware-configuration.nix - ./home.nix + ./home.nix - ./secrets.nix - ]; + ./secrets.nix + ]; boot.kernelPackages = pkgs.linuxPackages_latest; @@ -27,7 +30,7 @@ services.btrfs = { autoScrub = { enable = true; - fileSystems = [ "/" ]; + fileSystems = ["/"]; }; }; @@ -93,7 +96,7 @@ "rfkill-release" ]; - services.udev.packages = [ pkgs.packages.kaleidoscope-udev-rules ]; + services.udev.packages = [pkgs.packages.kaleidoscope-udev-rules]; hardware.bluetooth = { enable = true; diff --git a/hosts/boreal/hardware-configuration.nix b/hosts/boreal/hardware-configuration.nix index d094221..cc68a01 100644 --- a/hosts/boreal/hardware-configuration.nix +++ b/hosts/boreal/hardware-configuration.nix @@ -1,30 +1,34 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: - { - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; + config, + lib, + pkgs, + modulesPath, + ... +}: { + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; - boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-amd" ]; - boot.extraModulePackages = [ ]; + boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod"]; + boot.initrd.kernelModules = []; + boot.kernelModules = ["kvm-amd"]; + boot.extraModulePackages = []; - fileSystems."/" = - { device = "/dev/disk/by-uuid/1a942915-c1ae-4058-b99d-09d12d40dbd3"; - fsType = "btrfs"; - options = [ "subvol=nixos" "compress=zstd:1" "noatime" ]; - }; + fileSystems."/" = { + device = "/dev/disk/by-uuid/1a942915-c1ae-4058-b99d-09d12d40dbd3"; + fsType = "btrfs"; + options = ["subvol=nixos" "compress=zstd:1" "noatime"]; + }; - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/17C7-368D"; - fsType = "vfat"; - }; + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/17C7-368D"; + fsType = "vfat"; + }; - swapDevices = [ ]; + swapDevices = []; hardware.cpu.amd.updateMicrocode = true; } diff --git a/hosts/boreal/home.nix b/hosts/boreal/home.nix index aabbe6d..24b44de 100644 --- a/hosts/boreal/home.nix +++ b/hosts/boreal/home.nix @@ -1,26 +1,31 @@ -{ config, pkgs, ... }: { + config, + pkgs, + ... +}: { home-manager.users.alarsyo = { # Keyboard settings & i3 settings my.home.x.enable = true; my.home.x.i3bar.temperature.chip = "k10temp-pci-*"; - my.home.x.i3bar.temperature.inputs = [ "Tccd1" ]; - my.home.x.i3bar.networking.throughput_interfaces = [ "enp8s0" "wlp4s0" ]; + my.home.x.i3bar.temperature.inputs = ["Tccd1"]; + my.home.x.i3bar.networking.throughput_interfaces = ["enp8s0" "wlp4s0"]; my.home.emacs.enable = true; my.theme = config.home-manager.users.alarsyo.my.themes.solarizedLight; home.packages = builtins.attrValues { - inherit (pkgs) + inherit + (pkgs) # some websites only work there :( + chromium - # dev + rustup - # keyboard goodness + chrysalis - ; + ; inherit (pkgs.packages) spot; }; diff --git a/hosts/boreal/secrets.nix b/hosts/boreal/secrets.nix index 65d91d1..5d5947b 100644 --- a/hosts/boreal/secrets.nix +++ b/hosts/boreal/secrets.nix @@ -1,19 +1,23 @@ -{ config, lib, options, ... }: - { + config, + lib, + options, + ... +}: { config.age = { - secrets = - let - toSecret = name: { ... }@attrs: { + secrets = let + toSecret = name: {...} @ attrs: + { file = ./../../modules/secrets + "/${name}.age"; - } // attrs; - in - lib.mapAttrs toSecret { - "restic-backup/boreal-credentials" = {}; - "restic-backup/boreal-password" = {}; + } + // attrs; + in + lib.mapAttrs toSecret { + "restic-backup/boreal-credentials" = {}; + "restic-backup/boreal-password" = {}; - "users/alarsyo-hashed-password" = {}; - "users/root-hashed-password" = {}; - }; + "users/alarsyo-hashed-password" = {}; + "users/root-hashed-password" = {}; + }; }; } diff --git a/hosts/poseidon/default.nix b/hosts/poseidon/default.nix index e509ac3..2d61d53 100644 --- a/hosts/poseidon/default.nix +++ b/hosts/poseidon/default.nix @@ -1,31 +1,33 @@ # Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). - -{ config, lib, pkgs, ... }: -let - secrets = config.my.secrets; -in { - imports = - [ # Include the results of the hardware scan. - ./hardware-configuration.nix + config, + lib, + pkgs, + ... +}: let + secrets = config.my.secrets; +in { + imports = [ + # Include the results of the hardware scan. + ./hardware-configuration.nix - ./home.nix - ./secrets.nix - ]; + ./home.nix + ./secrets.nix + ]; # Use the GRUB 2 boot loader. boot.loader.grub.enable = true; boot.loader.grub.version = 2; boot.loader.grub.device = "/dev/sda"; # or "nodev" for efi only - boot.supportedFilesystems = [ "btrfs" ]; + boot.supportedFilesystems = ["btrfs"]; services.btrfs = { autoScrub = { enable = true; - fileSystems = [ "/" ]; + fileSystems = ["/"]; }; }; diff --git a/hosts/poseidon/hardware-configuration.nix b/hosts/poseidon/hardware-configuration.nix index 847f37a..fd1d735 100644 --- a/hosts/poseidon/hardware-configuration.nix +++ b/hosts/poseidon/hardware-configuration.nix @@ -1,40 +1,45 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: -let - inherit (lib) - mkDefault - ; -in { - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") + config, + lib, + pkgs, + modulesPath, + ... +}: let + inherit + (lib) + mkDefault + ; +in { + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = ["ahci" "usbhid"]; + boot.initrd.kernelModules = []; + boot.kernelModules = ["kvm-intel"]; + boot.extraModulePackages = []; + + fileSystems."/" = { + device = "/dev/disk/by-uuid/adcf0158-edfb-402f-82e7-61e4902af989"; + fsType = "btrfs"; + options = [ + "subvol=@nixos" + "compress=zstd" + "noatime" ]; + }; - boot.initrd.availableKernelModules = [ "ahci" "usbhid" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/ff54b622-0e26-4c6e-aa0c-ac2c1e12699a"; + fsType = "ext4"; + }; - fileSystems."/" = - { device = "/dev/disk/by-uuid/adcf0158-edfb-402f-82e7-61e4902af989"; - fsType = "btrfs"; - options = [ - "subvol=@nixos" - "compress=zstd" - "noatime" - ]; - }; - - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/ff54b622-0e26-4c6e-aa0c-ac2c1e12699a"; - fsType = "ext4"; - }; - - swapDevices = - [ { device = "/dev/disk/by-uuid/381a9c5e-4d71-45b4-ac62-e7414b3768fc"; } - ]; + swapDevices = [ + {device = "/dev/disk/by-uuid/381a9c5e-4d71-45b4-ac62-e7414b3768fc";} + ]; powerManagement.cpuFreqGovernor = mkDefault "ondemand"; } diff --git a/hosts/poseidon/home.nix b/hosts/poseidon/home.nix index acdd4fd..3bb7dab 100644 --- a/hosts/poseidon/home.nix +++ b/hosts/poseidon/home.nix @@ -1,7 +1,5 @@ -{ config, ... }: -{ +{config, ...}: { home-manager.users.alarsyo = { - my.theme = config.home-manager.users.alarsyo.my.themes.solarizedLight; }; } diff --git a/hosts/poseidon/secrets.nix b/hosts/poseidon/secrets.nix index f9b390b..66f6673 100644 --- a/hosts/poseidon/secrets.nix +++ b/hosts/poseidon/secrets.nix @@ -1,36 +1,40 @@ -{ config, lib, options, ... }: - { + config, + lib, + options, + ... +}: { config.age = { - secrets = - let - toSecret = name: { ... }@attrs: { + secrets = let + toSecret = name: {...} @ attrs: + { file = ./../../modules/secrets + "/${name}.age"; - } // attrs; - in - lib.mapAttrs toSecret { - "gandi/api-key" = {}; + } + // attrs; + in + lib.mapAttrs toSecret { + "gandi/api-key" = {}; - "lohr/shared-secret" = {}; + "lohr/shared-secret" = {}; - "matrix-synapse/secret-config" = { - owner = "matrix-synapse"; - }; - - "miniflux/admin-credentials" = {}; - - "nextcloud/admin-pass" = { - owner = "nextcloud"; - }; - - "paperless/admin-password" = {}; - "paperless/secret-key" = {}; - - "restic-backup/poseidon-credentials" = {}; - "restic-backup/poseidon-password" = {}; - - "users/alarsyo-hashed-password" = {}; - "users/root-hashed-password" = {}; + "matrix-synapse/secret-config" = { + owner = "matrix-synapse"; }; + + "miniflux/admin-credentials" = {}; + + "nextcloud/admin-pass" = { + owner = "nextcloud"; + }; + + "paperless/admin-password" = {}; + "paperless/secret-key" = {}; + + "restic-backup/poseidon-credentials" = {}; + "restic-backup/poseidon-password" = {}; + + "users/alarsyo-hashed-password" = {}; + "users/root-hashed-password" = {}; + }; }; } diff --git a/hosts/zephyrus/default.nix b/hosts/zephyrus/default.nix index d0c64ef..60a5f74 100644 --- a/hosts/zephyrus/default.nix +++ b/hosts/zephyrus/default.nix @@ -1,15 +1,18 @@ # Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). - -{ config, lib, pkgs, ... }: { - imports = - [ # Include the results of the hardware scan. - ./hardware-configuration.nix - ./home.nix - ./secrets.nix - ]; + config, + lib, + pkgs, + ... +}: { + imports = [ + # Include the results of the hardware scan. + ./hardware-configuration.nix + ./home.nix + ./secrets.nix + ]; boot.kernelPackages = pkgs.linuxPackages; @@ -20,7 +23,7 @@ services.btrfs = { autoScrub = { enable = true; - fileSystems = [ "/" ]; + fileSystems = ["/"]; }; }; @@ -86,9 +89,9 @@ }; my.gui.enable = true; - environment.systemPackages = [ pkgs.arandr pkgs.chrysalis ]; + environment.systemPackages = [pkgs.arandr pkgs.chrysalis]; - services.udev.packages = [ pkgs.packages.kaleidoscope-udev-rules ]; + services.udev.packages = [pkgs.packages.kaleidoscope-udev-rules]; hardware.bluetooth = { enable = true; diff --git a/hosts/zephyrus/hardware-configuration.nix b/hosts/zephyrus/hardware-configuration.nix index cec5cce..a973019 100644 --- a/hosts/zephyrus/hardware-configuration.nix +++ b/hosts/zephyrus/hardware-configuration.nix @@ -1,49 +1,54 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: -let - inherit (lib) - mkDefault - ; -in { - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; + config, + lib, + pkgs, + modulesPath, + ... +}: let + inherit + (lib) + mkDefault + ; +in { + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; - boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; + boot.initrd.availableKernelModules = ["xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc"]; + boot.initrd.kernelModules = []; + boot.kernelModules = ["kvm-intel"]; + boot.extraModulePackages = []; - fileSystems."/" = - { device = "/dev/disk/by-uuid/6395cef1-c30b-450a-917c-cfb3c0380642"; - fsType = "btrfs"; - options = [ "subvol=@" "compress=zstd" "noatime" ]; - }; + fileSystems."/" = { + device = "/dev/disk/by-uuid/6395cef1-c30b-450a-917c-cfb3c0380642"; + fsType = "btrfs"; + options = ["subvol=@" "compress=zstd" "noatime"]; + }; boot.initrd.luks.devices."cryptroot".device = "/dev/disk/by-uuid/c59e7067-e33c-474c-9b8e-96d0e8f59297"; - fileSystems."/home" = - { device = "/dev/disk/by-uuid/6395cef1-c30b-450a-917c-cfb3c0380642"; - fsType = "btrfs"; - options = [ "subvol=@home" "compress=zstd" "noatime" ]; - neededForBoot = true; # agenix needs my key for some root secrets - }; + fileSystems."/home" = { + device = "/dev/disk/by-uuid/6395cef1-c30b-450a-917c-cfb3c0380642"; + fsType = "btrfs"; + options = ["subvol=@home" "compress=zstd" "noatime"]; + neededForBoot = true; # agenix needs my key for some root secrets + }; - fileSystems."/nix" = - { device = "/dev/disk/by-uuid/6395cef1-c30b-450a-917c-cfb3c0380642"; - fsType = "btrfs"; - options = [ "subvol=@nix" "compress=zstd" "noatime" ]; - }; + fileSystems."/nix" = { + device = "/dev/disk/by-uuid/6395cef1-c30b-450a-917c-cfb3c0380642"; + fsType = "btrfs"; + options = ["subvol=@nix" "compress=zstd" "noatime"]; + }; - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/D9DA-F46C"; - fsType = "vfat"; - }; + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/D9DA-F46C"; + fsType = "vfat"; + }; - swapDevices = [ ]; + swapDevices = []; powerManagement.cpuFreqGovernor = mkDefault "powersave"; diff --git a/hosts/zephyrus/home.nix b/hosts/zephyrus/home.nix index 4e3ae63..fdb5c3c 100644 --- a/hosts/zephyrus/home.nix +++ b/hosts/zephyrus/home.nix @@ -1,5 +1,8 @@ -{ config, pkgs, ... }: { + config, + pkgs, + ... +}: { home-manager.users.alarsyo = { my.home.laptop.enable = true; @@ -7,25 +10,26 @@ my.home.x.enable = true; my.home.x.i3bar.temperature.chip = "coretemp-isa-*"; my.home.x.i3bar.temperature.inputs = ["Core 0" "Core 1" "Core 2" "Core 3"]; - my.home.x.i3bar.networking.throughput_interfaces = [ "enp0s31f6" "wlp0s20f3" "enp43s0u1u1" ]; + my.home.x.i3bar.networking.throughput_interfaces = ["enp0s31f6" "wlp0s20f3" "enp43s0u1u1"]; my.home.emacs.enable = true; my.theme = config.home-manager.users.alarsyo.my.themes.solarizedLight; home.packages = builtins.attrValues { - inherit (pkgs) - # some websites only work there :( - chromium - - darktable - - # dev - rustup + inherit + (pkgs) + # some websites only work there :( + + chromium + darktable + # dev + + rustup ; - inherit (pkgs.packages) spot; + inherit (pkgs.packages) spot; - inherit (pkgs.wineWowPackages) stable; + inherit (pkgs.wineWowPackages) stable; }; }; } diff --git a/hosts/zephyrus/secrets.nix b/hosts/zephyrus/secrets.nix index 125bd3f..22afdfd 100644 --- a/hosts/zephyrus/secrets.nix +++ b/hosts/zephyrus/secrets.nix @@ -1,19 +1,23 @@ -{ config, lib, options, ... }: - { + config, + lib, + options, + ... +}: { config.age = { - secrets = - let - toSecret = name: { ... }@attrs: { + secrets = let + toSecret = name: {...} @ attrs: + { file = ./../../modules/secrets + "/${name}.age"; - } // attrs; - in - lib.mapAttrs toSecret { - "restic-backup/zephyrus-credentials" = {}; - "restic-backup/zephyrus-password" = {}; + } + // attrs; + in + lib.mapAttrs toSecret { + "restic-backup/zephyrus-credentials" = {}; + "restic-backup/zephyrus-password" = {}; - "users/alarsyo-hashed-password" = {}; - "users/root-hashed-password" = {}; - }; + "users/alarsyo-hashed-password" = {}; + "users/root-hashed-password" = {}; + }; }; } diff --git a/modules/default.nix b/modules/default.nix index dd987a9..ec72f4c 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -1,5 +1,4 @@ -{ ... }: -{ +{...}: { imports = [ ./sddm.nix ./secrets diff --git a/modules/sddm.nix b/modules/sddm.nix index 9c66ddc..ee50f5e 100644 --- a/modules/sddm.nix +++ b/modules/sddm.nix @@ -1,13 +1,17 @@ -{ config, lib, pkgs, ... }: -let - inherit (lib) +{ + config, + lib, + pkgs, + ... +}: let + inherit + (lib) mkEnableOption mkIf - ; + ; cfg = config.my.displayManager.sddm; -in -{ +in { options.my.displayManager.sddm.enable = mkEnableOption "SDDM setup"; config = mkIf cfg.enable { @@ -17,15 +21,17 @@ in }; environment.systemPackages = builtins.attrValues { - inherit (pkgs.packages) + inherit + (pkgs.packages) sddm-sugar-candy - ; + ; - inherit (pkgs.libsForQt5.qt5) + inherit + (pkgs.libsForQt5.qt5) qtgraphicaleffects qtquickcontrols2 qtsvg - ; + ; }; }; } diff --git a/modules/secrets/default.nix b/modules/secrets/default.nix index dc5d2c9..2710b66 100644 --- a/modules/secrets/default.nix +++ b/modules/secrets/default.nix @@ -1,9 +1,14 @@ -{ config, lib, options, ... }: - { + config, + lib, + options, + ... +}: { config.age = { - identityPaths = options.age.identityPaths.default ++ [ - "/home/alarsyo/.ssh/id_ed25519" - ]; + identityPaths = + options.age.identityPaths.default + ++ [ + "/home/alarsyo/.ssh/id_ed25519" + ]; }; } diff --git a/modules/secrets/secrets.nix b/modules/secrets/secrets.nix index c8b4056..09abfd4 100644 --- a/modules/secrets/secrets.nix +++ b/modules/secrets/secrets.nix @@ -1,36 +1,35 @@ let alarsyo = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH3rrF3VSWI4n4cpguvlmLAaU3uftuX4AVV/39S/8GO9 alarsyo@thinkpad"; - users = [ alarsyo ]; + users = [alarsyo]; boreal = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAagal1aqZh52wEmgsw7fkCzO41o4Cx+nV4wJGZuX1RP root@boreal"; poseidon = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKYhZYMbWQG9TSQ2qze8GgFo2XrZzgu/GuSOGwenByJo root@poseidon"; zephyrus = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILU4JfIADH9MXUnVe+3ezYK9WXsqy/jJcm1zFkmL4aSU root@zephyrus"; - machines = [ boreal poseidon zephyrus ]; + machines = [boreal poseidon zephyrus]; all = users ++ machines; -in -{ - "gandi/api-key.age".publicKeys = [ poseidon ]; +in { + "gandi/api-key.age".publicKeys = [poseidon]; - "lohr/shared-secret.age".publicKeys = [ poseidon ]; + "lohr/shared-secret.age".publicKeys = [poseidon]; - "matrix-synapse/secret-config.age".publicKeys = [ poseidon ]; + "matrix-synapse/secret-config.age".publicKeys = [poseidon]; - "miniflux/admin-credentials.age".publicKeys = [ poseidon ]; + "miniflux/admin-credentials.age".publicKeys = [poseidon]; - "nextcloud/admin-pass.age".publicKeys = [ poseidon ]; + "nextcloud/admin-pass.age".publicKeys = [poseidon]; - "paperless/admin-password.age".publicKeys = [ poseidon ]; - "paperless/secret-key.age".publicKeys = [ poseidon ]; + "paperless/admin-password.age".publicKeys = [poseidon]; + "paperless/secret-key.age".publicKeys = [poseidon]; - "restic-backup/boreal-password.age".publicKeys = [ alarsyo boreal ]; - "restic-backup/boreal-credentials.age".publicKeys = [ alarsyo boreal ]; - "restic-backup/poseidon-password.age".publicKeys = [ alarsyo poseidon ]; - "restic-backup/poseidon-credentials.age".publicKeys = [ alarsyo poseidon ]; - "restic-backup/zephyrus-password.age".publicKeys = [ alarsyo zephyrus ]; - "restic-backup/zephyrus-credentials.age".publicKeys = [ alarsyo zephyrus ]; + "restic-backup/boreal-password.age".publicKeys = [alarsyo boreal]; + "restic-backup/boreal-credentials.age".publicKeys = [alarsyo boreal]; + "restic-backup/poseidon-password.age".publicKeys = [alarsyo poseidon]; + "restic-backup/poseidon-credentials.age".publicKeys = [alarsyo poseidon]; + "restic-backup/zephyrus-password.age".publicKeys = [alarsyo zephyrus]; + "restic-backup/zephyrus-credentials.age".publicKeys = [alarsyo zephyrus]; "users/root-hashed-password.age".publicKeys = machines; - "users/alarsyo-hashed-password.age".publicKeys = machines ++ [ alarsyo ]; + "users/alarsyo-hashed-password.age".publicKeys = machines ++ [alarsyo]; } diff --git a/modules/wakeonwlan.nix b/modules/wakeonwlan.nix index 096515d..d8aae40 100644 --- a/modules/wakeonwlan.nix +++ b/modules/wakeonwlan.nix @@ -1,23 +1,27 @@ -{ config, lib, pkgs, ... }: - -let - inherit (lib) +{ + config, + lib, + pkgs, + ... +}: let + inherit + (lib) concatStringsSep literalExample mapAttrs' mkIf mkOption nameValuePair - ; + ; cfg = config.my.wakeonwlan; mkWowlanService = name: cfg: nameValuePair "wowlan-${name}" { description = "Enable WoWLAN for interface ${name}"; - requires = [ "network.target" ]; - after = [ "network.target" ]; - wantedBy = [ "multi-user.target" ]; + requires = ["network.target"]; + after = ["network.target"]; + wantedBy = ["multi-user.target"]; serviceConfig = { Type = "oneshot"; }; @@ -25,11 +29,12 @@ let ${pkgs.iw}/bin/iw ${name} wowlan enable ${concatStringsSep " " cfg.methods} ''; }; -in -{ - options.my.wakeonwlan = let inherit (lib) types; in { +in { + options.my.wakeonwlan = let + inherit (lib) types; + in { interfaces = mkOption { - default = { }; + default = {}; description = "Wireless interfaces where you want to enable WoWLAN"; example = literalExample '' { diff --git a/overlays/i3status-rust/default.nix b/overlays/i3status-rust/default.nix index 2e4948a..e3487ca 100644 --- a/overlays/i3status-rust/default.nix +++ b/overlays/i3status-rust/default.nix @@ -1,5 +1,4 @@ -final: prev: -{ +final: prev: { # overlay created because nixpkgs's `i3status-rust` depended on `notmuch`, and # `notmuch`'s tests were briefly broken. the features I'm disabling, I don't # need anyway: (at the time of writing) @@ -8,13 +7,14 @@ final: prev: # - maildir i3status-rust = prev.i3status-rust.overrideAttrs (oldAttrs: { buildInputs = builtins.attrValues { - inherit (final) + inherit + (final) dbus lm_sensors openssl pulseaudio - ; + ; }; - cargoBuildFeatures = [ "pulseaudio" ]; + cargoBuildFeatures = ["pulseaudio"]; }); } diff --git a/pkgs/default.nix b/pkgs/default.nix index 97a694b..19307a1 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -1,5 +1,4 @@ -{ pkgs }: -{ +{pkgs}: { sddm-sugar-candy = pkgs.callPackage ./sddm-sugar-candy {}; kaleidoscope-udev-rules = pkgs.callPackage ./kaleidoscope-udev-rules {}; grafanaDashboards = pkgs.recurseIntoAttrs (pkgs.callPackage ./grafana-dashboards {}); diff --git a/pkgs/grafana-dashboards/default.nix b/pkgs/grafana-dashboards/default.nix index f489974..f0618de 100644 --- a/pkgs/grafana-dashboards/default.nix +++ b/pkgs/grafana-dashboards/default.nix @@ -1,5 +1,4 @@ -{ callPackage }: -{ +{callPackage}: { nginx = callPackage ./nginx.nix {}; node-exporter = callPackage ./node-exporter.nix {}; } diff --git a/pkgs/grafana-dashboards/nginx.nix b/pkgs/grafana-dashboards/nginx.nix index e707159..53ca94b 100644 --- a/pkgs/grafana-dashboards/nginx.nix +++ b/pkgs/grafana-dashboards/nginx.nix @@ -1,32 +1,37 @@ -{ stdenv, fetchFromGitHub, lib, ... }: -let - inherit (lib) +{ + stdenv, + fetchFromGitHub, + lib, + ... +}: let + inherit + (lib) licenses - ; + ; version = "0.9.0"; in -stdenv.mkDerivation { - inherit version; - pname = "grafana-dashboard-nginx"; + stdenv.mkDerivation { + inherit version; + pname = "grafana-dashboard-nginx"; - dontBuild = true; + dontBuild = true; - src = fetchFromGitHub { - owner = "nginxinc"; - repo = "nginx-prometheus-exporter"; - rev = "v${version}"; - sha256 = "sha256:04y5vpj2kv2ygdzxy3crpnx4mhpkm1ns2995kxgvjlhnyck7a5rf"; - }; + src = fetchFromGitHub { + owner = "nginxinc"; + repo = "nginx-prometheus-exporter"; + rev = "v${version}"; + sha256 = "sha256:04y5vpj2kv2ygdzxy3crpnx4mhpkm1ns2995kxgvjlhnyck7a5rf"; + }; - installPhase = '' - mkdir -p $out - cp grafana/dashboard.json $out/dashboard.json - ''; + installPhase = '' + mkdir -p $out + cp grafana/dashboard.json $out/dashboard.json + ''; - meta = { - description = "grafana dashboard for NGINX exporter"; - homepage = "https://github.com/nginxinc/nginx-prometheus-exporter"; - license = licenses.asl20; - }; -} + meta = { + description = "grafana dashboard for NGINX exporter"; + homepage = "https://github.com/nginxinc/nginx-prometheus-exporter"; + license = licenses.asl20; + }; + } diff --git a/pkgs/grafana-dashboards/node-exporter.nix b/pkgs/grafana-dashboards/node-exporter.nix index 55fbb6d..42f5961 100644 --- a/pkgs/grafana-dashboards/node-exporter.nix +++ b/pkgs/grafana-dashboards/node-exporter.nix @@ -1,32 +1,37 @@ -{ stdenv, fetchFromGitHub, lib, ... }: -let - inherit (lib) +{ + stdenv, + fetchFromGitHub, + lib, + ... +}: let + inherit + (lib) licenses - ; + ; version = "7d61c79619e5749e629758ecd96748c010028120"; in -stdenv.mkDerivation { - version = "master-${version}"; - pname = "grafana-dashboard-node-exporter"; + stdenv.mkDerivation { + version = "master-${version}"; + pname = "grafana-dashboard-node-exporter"; - dontBuild = true; + dontBuild = true; - src = fetchFromGitHub { - owner = "rfrail3"; - repo = "grafana-dashboards"; - rev = version; - sha256 = "sha256:1z6i76jdiw3jjigbmbqvyi8kyj4ngw0y73fv9yksr2ncjfqlhhv6"; - }; + src = fetchFromGitHub { + owner = "rfrail3"; + repo = "grafana-dashboards"; + rev = version; + sha256 = "sha256:1z6i76jdiw3jjigbmbqvyi8kyj4ngw0y73fv9yksr2ncjfqlhhv6"; + }; - installPhase = '' - mkdir -p $out - cp prometheus/node-exporter-full.json $out/node-exporter-full.json - ''; + installPhase = '' + mkdir -p $out + cp prometheus/node-exporter-full.json $out/node-exporter-full.json + ''; - meta = { - description = "grafana dashboard for node exporter"; - homepage = "https://github.com/rfrail3/grafana-dashboards"; - license = licenses.lgpl3Only; - }; -} + meta = { + description = "grafana dashboard for node exporter"; + homepage = "https://github.com/rfrail3/grafana-dashboards"; + license = licenses.lgpl3Only; + }; + } diff --git a/pkgs/kaleidoscope-udev-rules/default.nix b/pkgs/kaleidoscope-udev-rules/default.nix index aaeaea9..1af8ffc 100644 --- a/pkgs/kaleidoscope-udev-rules/default.nix +++ b/pkgs/kaleidoscope-udev-rules/default.nix @@ -1,33 +1,36 @@ -{ stdenv, lib, fetchFromGitHub }: - -let - inherit (lib) +{ + stdenv, + lib, + fetchFromGitHub, +}: let + inherit + (lib) licenses - ; + ; version = "1.99.3"; in -stdenv.mkDerivation { - inherit version; - pname = "kaleidoscope-udev-rules"; + stdenv.mkDerivation { + inherit version; + pname = "kaleidoscope-udev-rules"; - dontBuild = true; + dontBuild = true; - src = fetchFromGitHub { - owner = "keyboardio"; - repo = "Kaleidoscope"; - rev = "v${version}"; - sha256 = "sha256-4WIl/Hj23j9GLzdMcyEQvg9X7HI4WSInrLkYCkj6yhM="; - }; + src = fetchFromGitHub { + owner = "keyboardio"; + repo = "Kaleidoscope"; + rev = "v${version}"; + sha256 = "sha256-4WIl/Hj23j9GLzdMcyEQvg9X7HI4WSInrLkYCkj6yhM="; + }; - installPhase = '' - mkdir -p $out/lib/udev/rules.d - cp etc/60-kaleidoscope.rules $out/lib/udev/rules.d/ - ''; + installPhase = '' + mkdir -p $out/lib/udev/rules.d + cp etc/60-kaleidoscope.rules $out/lib/udev/rules.d/ + ''; - meta = { - description = "udev rules for kaleidoscope firmware keyboards"; - homepage = "https://github.com/keyboardio/Kaleidoscope"; - license = licenses.gpl3Only; - }; -} + meta = { + description = "udev rules for kaleidoscope firmware keyboards"; + homepage = "https://github.com/keyboardio/Kaleidoscope"; + license = licenses.gpl3Only; + }; + } diff --git a/pkgs/sddm-sugar-candy/default.nix b/pkgs/sddm-sugar-candy/default.nix index f90b6b8..3a31537 100644 --- a/pkgs/sddm-sugar-candy/default.nix +++ b/pkgs/sddm-sugar-candy/default.nix @@ -1,4 +1,7 @@ -{ stdenv, fetchFromGitLab }: +{ + stdenv, + fetchFromGitLab, +}: stdenv.mkDerivation rec { pname = "sddm-sugar-candy"; # latest master commit, no recent tags :( @@ -10,7 +13,7 @@ stdenv.mkDerivation rec { cp -aR . $out/share/sddm/themes/sugar-candy ''; - patches = [ ./custom-conf.patch ]; + patches = [./custom-conf.patch]; src = fetchFromGitLab { domain = "framagit.org"; diff --git a/pkgs/spot/default.nix b/pkgs/spot/default.nix index 99a5659..e3df73b 100644 --- a/pkgs/spot/default.nix +++ b/pkgs/spot/default.nix @@ -1,20 +1,20 @@ -{ stdenv -, fetchurl -, python3 -}: -let +{ + stdenv, + fetchurl, + python3, +}: let version = "2.10.4"; in -stdenv.mkDerivation { - inherit version; - pname = "spot"; + stdenv.mkDerivation { + inherit version; + pname = "spot"; - buildInputs = [ - python3 - ]; + buildInputs = [ + python3 + ]; - src = fetchurl { - url = "https://www.lrde.epita.fr/dload/spot/spot-${version}.tar.gz"; - sha256 = "sha256-6GKc22zOgwd4JpYM0B7OUhPar5ooPW9iqvaa+gYjR4o="; - }; -} + src = fetchurl { + url = "https://www.lrde.epita.fr/dload/spot/spot-${version}.tar.gz"; + sha256 = "sha256-6GKc22zOgwd4JpYM0B7OUhPar5ooPW9iqvaa+gYjR4o="; + }; + } diff --git a/poseidon.nix b/poseidon.nix index 2739352..ecb36c6 100644 --- a/poseidon.nix +++ b/poseidon.nix @@ -1,6 +1,4 @@ -{ ... }: - -{ +{...}: { imports = [ # Default configuration ./base diff --git a/services/default.nix b/services/default.nix index 82e3bf4..9c4af4f 100644 --- a/services/default.nix +++ b/services/default.nix @@ -1,6 +1,4 @@ -{ ... }: - -{ +{...}: { imports = [ ./vaultwarden.nix ./fail2ban.nix diff --git a/services/fail2ban.nix b/services/fail2ban.nix index ccc12f2..0f368c4 100644 --- a/services/fail2ban.nix +++ b/services/fail2ban.nix @@ -1,10 +1,14 @@ -{ config, lib, pkgs, ... }: - -let - inherit (lib) +{ + config, + lib, + pkgs, + ... +}: let + inherit + (lib) mkEnableOption mkIf - ; + ; cfg = config.my.services.fail2ban; in { diff --git a/services/fava.nix b/services/fava.nix index e283022..59494ad 100644 --- a/services/fava.nix +++ b/services/fava.nix @@ -1,19 +1,24 @@ -{ config, lib, pkgs, ... }: - -let - inherit (lib) +{ + config, + lib, + pkgs, + ... +}: let + inherit + (lib) mkEnableOption mkIf mkOption - ; + ; cfg = config.my.services.fava; my = config.my; domain = config.networking.domain; secrets = config.my.secrets; -in -{ - options.my.services.fava = let inherit (lib) types; in { +in { + options.my.services.fava = let + inherit (lib) types; + in { enable = mkEnableOption "Fava"; home = mkOption { @@ -39,7 +44,7 @@ in config = mkIf cfg.enable { systemd.services.fava = { - wantedBy = [ "multi-user.target" ]; + wantedBy = ["multi-user.target"]; serviceConfig = { Environment = []; ExecStart = "${pkgs.fava}/bin/fava -H 127.0.0.1 -p ${toString cfg.port} ${cfg.home}/${cfg.filePath}"; @@ -55,7 +60,7 @@ in createHome = true; group = "fava"; }; - users.groups.fava = { }; + users.groups.fava = {}; services.nginx.virtualHosts = { "fava.${domain}" = { diff --git a/services/gitea/default.nix b/services/gitea/default.nix index 408d29d..6796d88 100644 --- a/services/gitea/default.nix +++ b/services/gitea/default.nix @@ -1,18 +1,24 @@ -{ config, lib, pkgs, ... }: - -let - inherit (lib) +{ + config, + lib, + pkgs, + ... +}: let + inherit + (lib) mkEnableOption mkIf mkOption - ; + ; cfg = config.my.services.gitea; my = config.my; domain = config.networking.domain; in { - options.my.services.gitea = let inherit (lib) types; in { + options.my.services.gitea = let + inherit (lib) types; + in { enable = mkEnableOption "Personal Git hosting with Gitea"; privatePort = mkOption { @@ -33,11 +39,11 @@ in { # the systemd service for the gitea module seems to hardcode the group as # gitea, so, uh, just in case? - extraGroups = [ "gitea" ]; + extraGroups = ["gitea"]; isSystemUser = true; }; - users.groups.git = { }; + users.groups.git = {}; services.gitea = { enable = true; @@ -88,7 +94,7 @@ in { }; services.postgresqlBackup = { - databases = [ "gitea" ]; + databases = ["gitea"]; }; services.nginx = { diff --git a/services/jellyfin.nix b/services/jellyfin.nix index f485d65..4a4ceea 100644 --- a/services/jellyfin.nix +++ b/services/jellyfin.nix @@ -1,10 +1,14 @@ -{ config, lib, pkgs, ... }: - -let - inherit (lib) +{ + config, + lib, + pkgs, + ... +}: let + inherit + (lib) mkEnableOption mkIf - ; + ; cfg = config.my.services.jellyfin; my = config.my; diff --git a/services/lohr.nix b/services/lohr.nix index db33155..b4c54bc 100644 --- a/services/lohr.nix +++ b/services/lohr.nix @@ -1,24 +1,28 @@ -{ config, lib, pkgs, ... }: - -let - inherit (lib) +{ + config, + lib, + pkgs, + ... +}: let + inherit + (lib) mkEnableOption mkIf mkOption - ; + ; cfg = config.my.services.lohr; my = config.my; domain = config.networking.domain; secrets = config.my.secrets; - lohrPkg = - let - flake = builtins.getFlake "github:alarsyo/lohr?rev=58503cc8b95c8b627f6ae7e56740609e91f323cd"; - in + lohrPkg = let + flake = builtins.getFlake "github:alarsyo/lohr?rev=58503cc8b95c8b627f6ae7e56740609e91f323cd"; + in flake.defaultPackage."x86_64-linux"; # FIXME: use correct system -in -{ - options.my.services.lohr = let inherit (lib) types; in { +in { + options.my.services.lohr = let + inherit (lib) types; + in { enable = mkEnableOption "Lohr Mirroring Daemon"; home = mkOption { @@ -38,7 +42,7 @@ in config = mkIf cfg.enable { systemd.services.lohr = { - wantedBy = [ "multi-user.target" ]; + wantedBy = ["multi-user.target"]; serviceConfig = { Environment = [ "ROCKET_PORT=${toString cfg.port}" @@ -52,7 +56,7 @@ in User = "lohr"; Group = "lohr"; }; - path = [ pkgs.git ]; + path = [pkgs.git]; }; users.users.lohr = { @@ -61,7 +65,7 @@ in createHome = true; group = "lohr"; }; - users.groups.lohr = { }; + users.groups.lohr = {}; services.nginx.virtualHosts = { "lohr.${domain}" = { diff --git a/services/matrix.nix b/services/matrix.nix index 19c92f9..82cfb88 100644 --- a/services/matrix.nix +++ b/services/matrix.nix @@ -7,24 +7,36 @@ # - https://github.com/delroth/infra.delroth.net/blob/master/roles/matrix-synapse.nix # - https://nixos.org/manual/nixos/stable/index.html#module-services-matrix # -{ config, lib, pkgs, ... }: - -let - inherit (lib) +{ + config, + lib, + pkgs, + ... +}: let + inherit + (lib) mkEnableOption mkIf mkOption optionals - ; + ; cfg = config.my.services.matrix; my = config.my; - federationPort = { public = 8448; private = 11338; }; - clientPort = { public = 443; private = 11339; }; + federationPort = { + public = 8448; + private = 11338; + }; + clientPort = { + public = 443; + private = 11339; + }; domain = config.networking.domain; in { - options.my.services.matrix = let inherit (lib) types; in { + options.my.services.matrix = let + inherit (lib) types; + in { enable = mkEnableOption "Matrix Synapse"; secretConfigFile = mkOption { @@ -41,7 +53,7 @@ in { }; services.postgresqlBackup = { - databases = [ "matrix-synapse" ]; + databases = ["matrix-synapse"]; }; services.matrix-synapse = { @@ -90,20 +102,30 @@ in { listeners = [ # Federation { - bind_addresses = [ "::1" ]; + bind_addresses = ["::1"]; port = federationPort.private; - tls = false; # Terminated by nginx. + tls = false; # Terminated by nginx. x_forwarded = true; - resources = [ { names = [ "federation" ]; compress = false; } ]; + resources = [ + { + names = ["federation"]; + compress = false; + } + ]; } # Client { - bind_addresses = [ "::1" ]; + bind_addresses = ["::1"]; port = clientPort.private; - tls = false; # Terminated by nginx. + tls = false; # Terminated by nginx. x_forwarded = true; - resources = [ { names = [ "client" ]; compress = false; } ]; + resources = [ + { + names = ["client"]; + compress = false; + } + ]; } ]; @@ -127,26 +149,32 @@ in { onlySSL = true; useACMEHost = domain; - locations = - let - proxyToClientPort = { - proxyPass = "http://[::1]:${toString clientPort.private}"; - }; - in { - # Or do a redirect instead of the 404, or whatever is appropriate - # for you. But do not put a Matrix Web client here! See the - # Element web section below. - "/".return = "404"; - - "/_matrix" = proxyToClientPort; - "/_synapse/client" = proxyToClientPort; + locations = let + proxyToClientPort = { + proxyPass = "http://[::1]:${toString clientPort.private}"; }; + in { + # Or do a redirect instead of the 404, or whatever is appropriate + # for you. But do not put a Matrix Web client here! See the + # Element web section below. + "/".return = "404"; + + "/_matrix" = proxyToClientPort; + "/_synapse/client" = proxyToClientPort; + }; listen = [ - { addr = "0.0.0.0"; port = clientPort.public; ssl = true; } - { addr = "[::]"; port = clientPort.public; ssl = true; } + { + addr = "0.0.0.0"; + port = clientPort.public; + ssl = true; + } + { + addr = "[::]"; + port = clientPort.public; + ssl = true; + } ]; - }; # same as above, but listening on the federation port @@ -162,32 +190,37 @@ in { }; listen = [ - { addr = "0.0.0.0"; port = federationPort.public; ssl = true; } - { addr = "[::]"; port = federationPort.public; ssl = true; } + { + addr = "0.0.0.0"; + port = federationPort.public; + ssl = true; + } + { + addr = "[::]"; + port = federationPort.public; + ssl = true; + } ]; - }; "${domain}" = { forceSSL = true; useACMEHost = domain; - locations."= /.well-known/matrix/server".extraConfig = - let - server = { "m.server" = "matrix.${domain}:${toString federationPort.public}"; }; - in '' + locations."= /.well-known/matrix/server".extraConfig = let + server = {"m.server" = "matrix.${domain}:${toString federationPort.public}";}; + in '' add_header Content-Type application/json; return 200 '${builtins.toJSON server}'; ''; - locations."= /.well-known/matrix/client".extraConfig = - let - client = { - "m.homeserver" = { "base_url" = "https://matrix.${domain}"; }; - "m.identity_server" = { "base_url" = "https://vector.im"; }; - }; - # ACAO required to allow element-web on any URL to request this json file - in '' + locations."= /.well-known/matrix/client".extraConfig = let + client = { + "m.homeserver" = {"base_url" = "https://matrix.${domain}";}; + "m.identity_server" = {"base_url" = "https://vector.im";}; + }; + # ACAO required to allow element-web on any URL to request this json file + in '' add_header Content-Type application/json; add_header Access-Control-Allow-Origin *; return 200 '${builtins.toJSON client}'; @@ -227,7 +260,7 @@ in { }; # For administration tools. - environment.systemPackages = [ pkgs.matrix-synapse ]; + environment.systemPackages = [pkgs.matrix-synapse]; networking.firewall.allowedTCPPorts = [ clientPort.public @@ -236,10 +269,11 @@ in { my.services.restic-backup = let dataDir = config.services.matrix-synapse.dataDir; - in mkIf cfg.enable { - paths = [ dataDir ]; - # this is just caching for other servers media, doesn't need backup - exclude = [ "${dataDir}/media/remote_*" ]; - }; + in + mkIf cfg.enable { + paths = [dataDir]; + # this is just caching for other servers media, doesn't need backup + exclude = ["${dataDir}/media/remote_*"]; + }; }; } diff --git a/services/media.nix b/services/media.nix index 175319e..0d4ee7f 100644 --- a/services/media.nix +++ b/services/media.nix @@ -1,17 +1,21 @@ -{ config, lib, ... }: -let - inherit (lib) +{ + config, + lib, + ... +}: let + inherit + (lib) mkIf - ; + ; mediaServices = builtins.attrValues { - inherit (config.my.services) + inherit + (config.my.services) jellyfin transmission - ; + ; }; needed = builtins.any (service: service.enable) mediaServices; -in -{ - config.users.groups.media = mkIf needed { }; +in { + config.users.groups.media = mkIf needed {}; } diff --git a/services/miniflux.nix b/services/miniflux.nix index 0670711..5738d8e 100644 --- a/services/miniflux.nix +++ b/services/miniflux.nix @@ -1,18 +1,24 @@ -{ config, lib, pkgs, ... }: - -let - inherit (lib) +{ + config, + lib, + pkgs, + ... +}: let + inherit + (lib) mkEnableOption mkIf mkOption - ; + ; cfg = config.my.services.miniflux; my = config.my; domain = config.networking.domain; in { - options.my.services.miniflux = let inherit (lib) types; in { + options.my.services.miniflux = let + inherit (lib) types; + in { enable = mkEnableOption "Serve a Miniflux instance"; adminCredentialsFile = mkOption { @@ -34,7 +40,7 @@ in { # services.postgresql is automatically enabled by services.miniflux, let's # back it up services.postgresqlBackup = { - databases = [ "miniflux" ]; + databases = ["miniflux"]; }; services.miniflux = { diff --git a/services/monitoring.nix b/services/monitoring.nix index 82e20fd..57731ff 100644 --- a/services/monitoring.nix +++ b/services/monitoring.nix @@ -1,16 +1,22 @@ -{ config, lib, pkgs, ... }: - -let - inherit (lib) +{ + config, + lib, + pkgs, + ... +}: let + inherit + (lib) mkEnableOption mkIf mkOption - ; + ; cfg = config.my.services.monitoring; domain = config.networking.domain; in { - options.my.services.monitoring = let inherit (lib) types; in { + options.my.services.monitoring = let + inherit (lib) types; + in { enable = mkEnableOption "Enable monitoring"; domain = mkOption { @@ -74,7 +80,7 @@ in { exporters = { node = { enable = true; - enabledCollectors = [ "systemd" ]; + enabledCollectors = ["systemd"]; port = 9100; listenAddress = "127.0.0.1"; }; @@ -87,9 +93,11 @@ in { scrapeConfigs = [ { job_name = config.networking.hostName; - static_configs = [{ - targets = [ "127.0.0.1:${toString config.services.prometheus.exporters.node.port}" ]; - }]; + static_configs = [ + { + targets = ["127.0.0.1:${toString config.services.prometheus.exporters.node.port}"]; + } + ]; } ]; }; diff --git a/services/navidrome.nix b/services/navidrome.nix index bb350ff..75e6d53 100644 --- a/services/navidrome.nix +++ b/services/navidrome.nix @@ -1,17 +1,23 @@ -{ config, lib, pkgs, ... }: - -let - inherit (lib) +{ + config, + lib, + pkgs, + ... +}: let + inherit + (lib) mkEnableOption mkIf mkOption optional - ; + ; cfg = config.my.services.navidrome; domain = config.networking.domain; in { - options.my.services.navidrome = let inherit (lib) types; in { + options.my.services.navidrome = let + inherit (lib) types; + in { enable = mkEnableOption "Navidrome"; musicFolder = { path = mkOption { @@ -34,8 +40,8 @@ in { }; my.services.restic-backup = { - paths = [ "/var/lib/navidrome" ] ++ optional cfg.musicFolder.backup cfg.musicFolder.path; - exclude = [ "/var/lib/navidrome/cache" ]; + paths = ["/var/lib/navidrome"] ++ optional cfg.musicFolder.backup cfg.musicFolder.path; + exclude = ["/var/lib/navidrome/cache"]; }; services.nginx.virtualHosts."music.${domain}" = { diff --git a/services/nextcloud.nix b/services/nextcloud.nix index 909bd95..0ec642f 100644 --- a/services/nextcloud.nix +++ b/services/nextcloud.nix @@ -1,21 +1,26 @@ -{ lib, config, pkgs, ... }: - +{ + lib, + config, + pkgs, + ... +}: # TODO: setup prometheus exporter - let - inherit (lib) + inherit + (lib) mkEnableOption mkIf mkOption - ; + ; cfg = config.my.services.nextcloud; my = config.my; domain = config.networking.domain; dbName = "nextcloud"; -in -{ - options.my.services.nextcloud = let inherit (lib) types; in { +in { + options.my.services.nextcloud = let + inherit (lib) types; + in { enable = mkEnableOption "NextCloud"; adminpassFile = mkOption { @@ -31,7 +36,7 @@ in services.postgresql = { enable = true; - ensureDatabases = [ dbName ]; + ensureDatabases = [dbName]; ensureUsers = [ { name = "nextcloud"; @@ -43,13 +48,13 @@ in }; # not handled by module - systemd.services.nextcloud-setup= { - requires = [ "postgresql.service" ]; - after = [ "postgresql.service" ]; + systemd.services.nextcloud-setup = { + requires = ["postgresql.service"]; + after = ["postgresql.service"]; }; services.postgresqlBackup = { - databases = [ dbName ]; + databases = [dbName]; }; services.nextcloud = { @@ -87,16 +92,17 @@ in my.services.restic-backup = let nextcloudHome = config.services.nextcloud.home; - in mkIf cfg.enable { - paths = [ nextcloudHome ]; - exclude = [ - # borg can fail if *.part files disappear during backup - "${nextcloudHome}/data/*/uploads" - # image previews can take up a lot of space - "${nextcloudHome}/data/appdata_*/preview" - # specific account for huge files I don't care about losing - "${nextcloudHome}/data/misc" - ]; - }; + in + mkIf cfg.enable { + paths = [nextcloudHome]; + exclude = [ + # borg can fail if *.part files disappear during backup + "${nextcloudHome}/data/*/uploads" + # image previews can take up a lot of space + "${nextcloudHome}/data/appdata_*/preview" + # specific account for huge files I don't care about losing + "${nextcloudHome}/data/misc" + ]; + }; }; } diff --git a/services/nginx.nix b/services/nginx.nix index 42dc015..a69d1ac 100644 --- a/services/nginx.nix +++ b/services/nginx.nix @@ -1,16 +1,20 @@ # Part of config shamelessly stolen from: # # https://github.com/delroth/infra.delroth.net -{ config, lib, pkgs, ... }: -let - inherit (lib) - mkIf - ; -in { + config, + lib, + pkgs, + ... +}: let + inherit + (lib) + mkIf + ; +in { # Whenever something defines an nginx vhost, ensure that nginx defaults are # properly set. - config = mkIf ((builtins.attrNames config.services.nginx.virtualHosts) != [ "localhost" ]) { + config = mkIf ((builtins.attrNames config.services.nginx.virtualHosts) != ["localhost"]) { services.nginx = { enable = true; statusPage = true; # For monitoring scraping. @@ -21,7 +25,7 @@ in recommendedProxySettings = true; }; - networking.firewall.allowedTCPPorts = [ 80 443 ]; + networking.firewall.allowedTCPPorts = [80 443]; services.prometheus = { exporters.nginx = { @@ -32,12 +36,14 @@ in scrapeConfigs = [ { job_name = "nginx"; - static_configs = [{ - targets = [ "127.0.0.1:${toString config.services.prometheus.exporters.nginx.port}" ]; - labels = { - instance = config.networking.hostName; - }; - }]; + static_configs = [ + { + targets = ["127.0.0.1:${toString config.services.prometheus.exporters.nginx.port}"]; + labels = { + instance = config.networking.hostName; + }; + } + ]; } ]; }; @@ -46,18 +52,17 @@ in acceptTerms = true; defaults.email = "antoine97.martin@gmail.com"; - certs = - let - domain = config.networking.domain; - gandiKey = config.my.secrets.gandiKey; - in { - "${domain}" = { - extraDomainNames = [ "*.${domain}" ]; - dnsProvider = "gandiv5"; - credentialsFile = config.age.secrets."gandi/api-key".path; - group = "nginx"; - }; + certs = let + domain = config.networking.domain; + gandiKey = config.my.secrets.gandiKey; + in { + "${domain}" = { + extraDomainNames = ["*.${domain}"]; + dnsProvider = "gandiv5"; + credentialsFile = config.age.secrets."gandi/api-key".path; + group = "nginx"; }; + }; }; }; } diff --git a/services/nuage.nix b/services/nuage.nix index 4c2e65a..52bb402 100644 --- a/services/nuage.nix +++ b/services/nuage.nix @@ -1,15 +1,17 @@ -{ config, lib, ... }: - -let - inherit (lib) +{ + config, + lib, + ... +}: let + inherit + (lib) mkEnableOption mkIf - ; + ; cfg = config.my.services.nuage; my = config.my; -in -{ +in { options.my.services.nuage = { enable = mkEnableOption "Nuage redirect"; }; diff --git a/services/paperless.nix b/services/paperless.nix index 431acd3..9ed9537 100644 --- a/services/paperless.nix +++ b/services/paperless.nix @@ -1,19 +1,24 @@ -{ config, lib, pkgs, ... }: - -let - inherit (lib) +{ + config, + lib, + pkgs, + ... +}: let + inherit + (lib) mkEnableOption mkIf mkOption - ; + ; cfg = config.my.services.paperless; my = config.my; domain = config.networking.domain; paperlessDomain = "paperless.${domain}"; -in -{ - options.my.services.paperless = let inherit (lib) types; in { +in { + options.my.services.paperless = let + inherit (lib) types; + in { enable = mkEnableOption "Paperless"; port = mkOption { @@ -77,7 +82,7 @@ in services.postgresql = { enable = true; - ensureDatabases = [ "paperless" ]; + ensureDatabases = ["paperless"]; ensureUsers = [ { name = "paperless"; @@ -88,7 +93,7 @@ in systemd.services.paperless-ng-server = { # Make sure the DB is available - after = [ "postgresql.service" ]; + after = ["postgresql.service"]; }; services.nginx.virtualHosts = { diff --git a/services/pipewire.nix b/services/pipewire.nix index 0be1e42..04d8135 100644 --- a/services/pipewire.nix +++ b/services/pipewire.nix @@ -1,16 +1,20 @@ -{ config, lib, pkgs, options, ... }: - -let - inherit (lib) +{ + config, + lib, + pkgs, + options, + ... +}: let + inherit + (lib) mkEnableOption mkIf optionalAttrs - ; + ; cfg = config.my.services.pipewire; my = config.my; -in -{ +in { options.my.services.pipewire = { enable = mkEnableOption "Pipewire sound backend"; }; @@ -37,6 +41,6 @@ in # FIXME: a shame pactl isn't available by itself, eventually this should be # replaced by pw-cli or a wrapper, I guess? - environment.systemPackages = [ pkgs.pulseaudio ]; + environment.systemPackages = [pkgs.pulseaudio]; }); } diff --git a/services/postgresql-backup.nix b/services/postgresql-backup.nix index c3642b7..0d8ec05 100644 --- a/services/postgresql-backup.nix +++ b/services/postgresql-backup.nix @@ -1,10 +1,14 @@ -{ config, lib, pkgs, ... }: - -let - inherit (lib) +{ + config, + lib, + pkgs, + ... +}: let + inherit + (lib) mkEnableOption mkIf - ; + ; cfg = config.my.services.postgresql-backup; in { @@ -20,12 +24,11 @@ in { }; my.services.restic-backup = mkIf cfg.enable { - paths = [ "/var/backup/postgresql" ]; + paths = ["/var/backup/postgresql"]; # no need to store previously backed up files, as borg does the snapshoting # for us - exclude = [ "/var/backup/postgresql/*.prev.sql.gz" ]; + exclude = ["/var/backup/postgresql/*.prev.sql.gz"]; }; }; - } diff --git a/services/postgresql.nix b/services/postgresql.nix index 742f0f2..9a37212 100644 --- a/services/postgresql.nix +++ b/services/postgresql.nix @@ -1,5 +1,8 @@ -{ config, pkgs, ... }: { + config, + pkgs, + ... +}: { # set postgresql version so we don't get any bad surprise config.services.postgresql = { package = pkgs.postgresql_13; diff --git a/services/restic-backup.nix b/services/restic-backup.nix index 66e531c..cad1127 100644 --- a/services/restic-backup.nix +++ b/services/restic-backup.nix @@ -1,21 +1,27 @@ -{ config, lib, pkgs, ... }: - -let - inherit (lib) +{ + config, + lib, + pkgs, + ... +}: let + inherit + (lib) attrsets concatStringsSep mkEnableOption mkIf mkOption optional - ; + ; cfg = config.my.services.restic-backup; excludeArg = "--exclude-file=" + (pkgs.writeText "excludes.txt" (concatStringsSep "\n" cfg.exclude)); makePruneOpts = pruneOpts: attrsets.mapAttrsToList (name: value: "--keep-${name} ${toString value}") pruneOpts; in { - options.my.services.restic-backup = let inherit (lib) types; in { + options.my.services.restic-backup = let + inherit (lib) types; + in { enable = mkEnableOption "Enable Restic backups for this host"; repo = mkOption { @@ -23,12 +29,11 @@ in { default = null; example = "/mnt/hdd"; description = "Restic backup repo"; - }; paths = mkOption { type = types.listOf types.str; - default = [ ]; + default = []; example = [ "/var/lib" "/home" @@ -38,7 +43,7 @@ in { exclude = mkOption { type = types.listOf types.str; - default = [ ]; + default = []; example = [ # very large paths "/var/lib/docker" @@ -81,7 +86,7 @@ in { }; config = mkIf cfg.enable { - environment.systemPackages = [ pkgs.restic ]; + environment.systemPackages = [pkgs.restic]; services.restic.backups.backblaze = { initialize = true; @@ -92,8 +97,9 @@ in { passwordFile = cfg.passwordFile; environmentFile = cfg.environmentFile; - extraBackupArgs = [ "--verbose=2" ] - ++ optional (builtins.length cfg.exclude != 0) excludeArg; + extraBackupArgs = + ["--verbose=2"] + ++ optional (builtins.length cfg.exclude != 0) excludeArg; timerConfig = cfg.timerConfig; diff --git a/services/tailscale.nix b/services/tailscale.nix index 4da1d6b..ff3a4b1 100644 --- a/services/tailscale.nix +++ b/services/tailscale.nix @@ -1,14 +1,17 @@ -{ config, lib, pkgs, ... }: - -let - inherit (lib) +{ + config, + lib, + pkgs, + ... +}: let + inherit + (lib) mkEnableOption mkIf - ; + ; cfg = config.my.services.tailscale; -in -{ +in { options.my.services.tailscale = { enable = mkEnableOption "Tailscale"; @@ -23,8 +26,8 @@ in }; networking.firewall = { - trustedInterfaces = [ "tailscale0" ]; - allowedUDPPorts = [ config.services.tailscale.port ]; + trustedInterfaces = ["tailscale0"]; + allowedUDPPorts = [config.services.tailscale.port]; }; # enable IP forwarding to use as exit node diff --git a/services/tgv.nix b/services/tgv.nix index 295a672..25426c9 100644 --- a/services/tgv.nix +++ b/services/tgv.nix @@ -1,15 +1,17 @@ -{ config, lib, ... }: - -let - inherit (lib) +{ + config, + lib, + ... +}: let + inherit + (lib) mkEnableOption mkIf - ; + ; cfg = config.my.services.tgv; my = config.my; -in -{ +in { options.my.services.tgv = { enable = mkEnableOption "TGV redirect"; }; diff --git a/services/transmission.nix b/services/transmission.nix index 7fb7f69..822070c 100644 --- a/services/transmission.nix +++ b/services/transmission.nix @@ -1,11 +1,15 @@ -{ config, lib, ... }: -let - inherit (lib) +{ + config, + lib, + ... +}: let + inherit + (lib) mkEnableOption mkIf mkOption optionalAttrs - ; + ; cfg = config.my.services.transmission; @@ -16,9 +20,10 @@ let transmissionPeerPort = 30251; downloadBase = "/media/torrents/"; -in -{ - options.my.services.transmission = let inherit (lib) types; in { +in { + options.my.services.transmission = let + inherit (lib) types; + in { enable = mkEnableOption "Transmission torrent client"; username = mkOption { @@ -37,32 +42,34 @@ in }; config = mkIf cfg.enable { - services.transmission = { - enable = true; - group = "media"; + services.transmission = + { + enable = true; + group = "media"; - settings = { - download-dir = "${downloadBase}/complete"; - incomplete-dir = "${downloadBase}/incomplete"; + settings = { + download-dir = "${downloadBase}/complete"; + incomplete-dir = "${downloadBase}/incomplete"; - peer-port = transmissionPeerPort; + peer-port = transmissionPeerPort; - rpc-enabled = true; - rpc-port = transmissionRpcPort; - rpc-authentication-required = false; + rpc-enabled = true; + rpc-port = transmissionRpcPort; + rpc-authentication-required = false; - rpc-whitelist-enabled = true; - rpc-whitelist = "127.0.0.1"; + rpc-whitelist-enabled = true; + rpc-whitelist = "127.0.0.1"; - rpc-host-whitelist-enabled = true; - rpc-host-whitelist = webuiDomain; - }; + rpc-host-whitelist-enabled = true; + rpc-host-whitelist = webuiDomain; + }; - # automatically allow transmission.settings.peer-port - openFirewall = true; - } // (optionalAttrs (cfg.secretConfigFile != null) { - credentialsFile = cfg.secretConfigFile; - }); + # automatically allow transmission.settings.peer-port + openFirewall = true; + } + // (optionalAttrs (cfg.secretConfigFile != null) { + credentialsFile = cfg.secretConfigFile; + }); services.nginx.virtualHosts."${webuiDomain}" = { forceSSL = true; diff --git a/services/vaultwarden.nix b/services/vaultwarden.nix index 505678c..2d8d370 100644 --- a/services/vaultwarden.nix +++ b/services/vaultwarden.nix @@ -1,18 +1,24 @@ -{ config, lib, pkgs, ... }: - -let - inherit (lib) +{ + config, + lib, + pkgs, + ... +}: let + inherit + (lib) mkEnableOption mkIf mkOption - ; + ; cfg = config.my.services.vaultwarden; my = config.my; domain = config.networking.domain; in { - options.my.services.vaultwarden = let inherit (lib) types; in { + options.my.services.vaultwarden = let + inherit (lib) types; + in { enable = mkEnableOption "Vaultwarden"; privatePort = mkOption { @@ -36,7 +42,7 @@ in { }; services.postgresqlBackup = { - databases = [ "vaultwarden" ]; + databases = ["vaultwarden"]; }; services.vaultwarden = { @@ -82,8 +88,8 @@ in { # FIXME: should be renamed to vaultwarden eventually my.services.restic-backup = mkIf cfg.enable { - paths = [ "/var/lib/bitwarden_rs" ]; - exclude = [ "/var/lib/bitwarden_rs/icon_cache" ]; + paths = ["/var/lib/bitwarden_rs"]; + exclude = ["/var/lib/bitwarden_rs/icon_cache"]; }; services.fail2ban.jails = { @@ -119,5 +125,4 @@ in { ''; }; }; - } diff --git a/zephyrus.nix b/zephyrus.nix index ed011ae..e818e48 100644 --- a/zephyrus.nix +++ b/zephyrus.nix @@ -1,5 +1,4 @@ -{ ... }: -{ +{...}: { imports = [ # Default configuration ./base