nix: exorcise all with <expr>; uses

2022-01-11 16:08:21 +01:00 · 2022-01-11 16:08:21 +01:00 · 912073bee6
parent ef59fd800e
commit 912073bee6
67 changed files with 576 additions and 259 deletions
--- a/base/gui-programs.nix
+++ b/base/gui-programs.nix
@ -1,11 +1,18 @@
 { pkgs, lib, config, options, ... }:
 let
  inherit (lib)
    mkEnableOption
    mkIf
    optional
  ;
 in
 {
  options.my.gui = {
-    enable = lib.mkEnableOption "System has some kind of screen attached";
+    enable = mkEnableOption "System has some kind of screen attached";
-    isNvidia = lib.mkEnableOption "System a NVIDIA GPU";
+    isNvidia = mkEnableOption "System a NVIDIA GPU";
  };
-  config = lib.mkIf config.my.gui.enable {
+  config = mkIf config.my.gui.enable {
    my.displayManager.sddm.enable = true;
    services = {
@ -21,27 +28,30 @@
      };
    };
-    environment.systemPackages = with pkgs; [
+    environment.systemPackages = builtins.attrValues {
-      element-desktop
+      inherit (pkgs)
-      feh
+        element-desktop
-      firefox
+        feh
-      ffmpeg
+        firefox
-      gimp
+        ffmpeg
-      gnome.nautilus
+        gimp
-      imagemagick
+        imagemagick
-      mpv
+        mpv
-      obs-studio
+        obs-studio
-      pavucontrol
+        pavucontrol
-      slack
+        slack
-      spotify
+        spotify
-      tdesktop
+        tdesktop
-      teams
+        teams
-      thunderbird
+        thunderbird
-      virt-manager
+        virt-manager
-      zathura
+        zathura
      ;
-      unstable.discord
+      inherit (pkgs.gnome) nautilus;
-    ];
+
      inherit (pkgs.unstable) discord;
    };
    networking.networkmanager.enable = true;
    programs.nm-applet.enable = true;
--- a/base/networking.nix
+++ b/base/networking.nix
@ -1,6 +1,12 @@
 { lib, ... }:
 let
  inherit (lib)
    mkOption
    types
  ;
 in
 {
-  options.my.networking.externalInterface = with lib; mkOption {
+  options.my.networking.externalInterface = mkOption {
    type = types.nullOr types.str;
    default = null;
    example = "eth0";
--- a/base/programs.nix
+++ b/base/programs.nix
@ -19,40 +19,45 @@
    bandwhich.enable = true;
  };
-  environment.systemPackages = with pkgs; [
+  environment.systemPackages = builtins.attrValues {
-    # shell usage
+    inherit (pkgs)
-    fd
+      # shell usage
-    ripgrep
+      fd
-    sd
+      ripgrep
-    tmux
+      sd
-    tokei
+      tmux
-    tree
+      tokei
-    wget
+      tree
      wget
-    # development
+      # development
-    git
+      git
-    git-crypt
+      git-crypt
-    git-lfs
+      git-lfs
-    gnumake
+      gnumake
-    gnupg
+      gnupg
-    kakoune
+      kakoune
-    pinentry-curses
+      pinentry-curses
-    python3
+      python3
-    vim
+      vim
    clang_11
    llvmPackages_11.bintools
-    # terminal utilities
+      # terminal utilities
-    bottom
+      bottom
-    dogdns
+      dogdns
-    du-dust
+      du-dust
-    htop
+      htop
-    ldns # drill
+      ldns # drill
-    tealdeer
+      tealdeer
-    unzip
+      unzip
-    zip
+      zip
-    # nix pkgs lookup
+      # nix pkgs lookup
-    nix-index
+      nix-index
-  ];
+    ;
    inherit (pkgs.llvmPackages_11)
      bintools
      clang
    ;
  };
 }
--- a/home/alacritty.nix
+++ b/home/alacritty.nix
@ -1,12 +1,17 @@
 { config, lib, pkgs, ... }:
 let
  inherit (lib)
    mkEnableOption
    mkIf
  ;
  cfg = config.my.home.alacritty;
  alacrittyTheme = config.my.theme.alacrittyTheme;
 in
 {
-  options.my.home.alacritty.enable = (lib.mkEnableOption "Alacritty terminal") // { default = config.my.home.x.enable; };
+  options.my.home.alacritty.enable = (mkEnableOption "Alacritty terminal") // { default = config.my.home.x.enable; };
-  config = lib.mkIf cfg.enable {
+  config = mkIf cfg.enable {
    programs.alacritty = {
      enable = true;
@ -34,9 +39,8 @@ in
      };
    };
-    home.packages = with pkgs; [
+    home.packages = [ pkgs.iosevka-bin ];
-      iosevka-bin
+
    ];
    # make sure font is discoverable
    fonts.fontconfig.enable = true;
  };
--- a/home/bat.nix
+++ b/home/bat.nix
@ -1,14 +1,19 @@
 { config, lib, ... }:
 let
  inherit (lib)
    mkEnableOption
    mkIf
  ;
  cfg = config.my.home.bat;
  batTheme = config.my.theme.batTheme;
 in
 {
-  options.my.home.bat = with lib; {
+  options.my.home.bat = {
    enable = (mkEnableOption "bat code display tool") // { default = true; };
  };
-  config = lib.mkIf cfg.enable {
+  config = mkIf cfg.enable {
    programs.bat = {
      enable = true;
--- a/home/emacs.nix
+++ b/home/emacs.nix
@ -1,23 +1,31 @@
 { config, lib, pkgs, ... }:
 let
  inherit (lib)
    mkEnableOption
    mkIf
  ;
 in
 {
-  options.my.home.emacs = with lib; {
+  options.my.home.emacs = {
    enable = mkEnableOption "Emacs daemon configuration";
  };
-  config = lib.mkIf config.my.home.emacs.enable {
+  config = mkIf config.my.home.emacs.enable {
    home.sessionPath = [ "${config.xdg.configHome}/emacs/bin" ];
    home.sessionVariables = {
      EDITOR = "emacsclient -t";
    };
-    home.packages = with pkgs; [
+    home.packages = builtins.attrValues {
-      sqlite # needed by org-roam
+      inherit (pkgs)
        sqlite # needed by org-roam
-      # fonts used by my config
+        # fonts used by my config
-      emacs-all-the-icons-fonts
+        emacs-all-the-icons-fonts
-      iosevka-bin
+        iosevka-bin
-    ];
+      ;
    };
    # make sure above fonts are discoverable
    fonts.fontconfig.enable = true;
--- a/home/firefox.nix
+++ b/home/firefox.nix
@ -1,13 +1,18 @@
 { config, lib, pkgs, ... }:
 let
  inherit (lib)
    mkEnableOption
    mkIf
  ;
  cfg = config.my.home.firefox;
 in
 {
-  options.my.home.firefox = with lib; {
+  options.my.home.firefox = {
    enable = (mkEnableOption "firefox config") // { default = config.my.home.x.enable; };
  };
-  config = lib.mkIf cfg.enable {
+  config = mkIf cfg.enable {
    programs.firefox = {
      enable = true;
      package = pkgs.firefox.override {
--- a/home/fish/default.nix
+++ b/home/fish/default.nix
@ -1,11 +1,16 @@
 { config, lib, ... }:
 let
  inherit (lib)
    mkEnableOption
    mkIf
  ;
  cfg = config.my.home.fish;
 in
 {
-  options.my.home.fish.enable = (lib.mkEnableOption "Fish shell") // { default = true; };
+  options.my.home.fish.enable = (mkEnableOption "Fish shell") // { default = true; };
-  config = lib.mkIf cfg.enable {
+  config = mkIf cfg.enable {
    programs.fish = {
      enable = true;
    };
--- a/home/flameshot.nix
+++ b/home/flameshot.nix
@ -1,13 +1,18 @@
 { config, lib, ... }:
 let
  inherit (lib)
    mkEnableOption
    mkIf
  ;
  cfg = config.my.home.flameshot;
 in
 {
-  options.my.home.flameshot = with lib; {
+  options.my.home.flameshot = {
    enable = mkEnableOption "flameshot autolaunch";
  };
-  config.services.flameshot = lib.mkIf cfg.enable {
+  config.services.flameshot = mkIf cfg.enable {
    enable = true;
  };
 }
--- a/home/git.nix
+++ b/home/git.nix
@ -1,11 +1,16 @@
 { config, lib, pkgs, ... }:
 let
  inherit (lib)
    mkEnableOption
    mkIf
  ;
  cfg = config.my.home.git;
 in
 {
-  options.my.home.git.enable = (lib.mkEnableOption "Git configuration") // { default = true; };
+  options.my.home.git.enable = (mkEnableOption "Git configuration") // { default = true; };
-  config = lib.mkIf cfg.enable {
+  config = mkIf cfg.enable {
    programs.git = {
      enable = true;
--- a/home/laptop.nix
+++ b/home/laptop.nix
@ -1,6 +1,11 @@
 { config, lib, ... }:
 let
  inherit (lib)
    mkEnableOption
  ;
 in
 {
-  options.my.home.laptop = with lib; {
+  options.my.home.laptop = {
    enable = mkEnableOption "Laptop settings";
  };
 }
--- a/home/lorri.nix
+++ b/home/lorri.nix
@ -1,13 +1,18 @@
 { config, lib, ... }:
 let
  inherit (lib)
    mkEnableOption
    mkIf
  ;
  cfg = config.my.home.lorri;
 in
 {
-  options.my.home.lorri = with lib; {
+  options.my.home.lorri = {
    enable = (mkEnableOption "lorri daemon setup") // { default = true; };
  };
-  config = lib.mkIf cfg.enable {
+  config = mkIf cfg.enable {
    services.lorri.enable = true;
    programs.direnv = {
        enable = true;
--- a/home/rofi.nix
+++ b/home/rofi.nix
@ -1,13 +1,18 @@
 { config, lib, pkgs, ... }:
 let
  inherit (lib)
    mkEnableOption
    mkIf
  ;
  cfg = config.my.home.rofi;
 in
 {
-  options.my.home.rofi = with lib; {
+  options.my.home.rofi = {
    enable = (mkEnableOption "rofi configuration") // { default = config.my.home.x.enable; };
  };
-  config = lib.mkIf cfg.enable {
+  config = mkIf cfg.enable {
    programs.rofi = {
      enable = true;
--- a/home/secrets/default.nix
+++ b/home/secrets/default.nix
@ -1,5 +1,11 @@
 { lib, ... }:
-with lib;
+let
  inherit (lib)
    fileContents
    mkOption
    types
  ;
 in
 {
  options.my.secrets = mkOption {
    type = types.attrs;
--- a/home/ssh.nix
+++ b/home/ssh.nix
@ -1,13 +1,18 @@
 { config, lib, ... }:
 let
  inherit (lib)
    mkEnableOption
    mkIf
  ;
  cfg = config.my.home.ssh;
 in
 {
-  options.my.home.ssh = with lib; {
+  options.my.home.ssh = {
    enable = (mkEnableOption "ssh configuration") // { default = true; };
  };
-  config = lib.mkIf cfg.enable {
+  config = mkIf cfg.enable {
    programs.ssh = {
      enable = true;
--- a/home/themes/alacritty.nix
+++ b/home/themes/alacritty.nix
@ -1,6 +1,10 @@
 { lib }:
 with lib;
 let
  inherit (lib)
    mkOption
    types
  ;
  mkColorOption = import ./color.nix { inherit lib; };
  primaryColorModule = types.submodule {
--- a/home/themes/bat.nix
+++ b/home/themes/bat.nix
@ -1,5 +1,10 @@
 { lib }:
-with lib;
+let
  inherit (lib)
    mkOption
    types
  ;
 in
 types.submodule {
  options = {
    name = mkOption {
--- a/home/themes/color.nix
+++ b/home/themes/color.nix
@ -1,6 +1,11 @@
 { lib }:
 let
-  mkColorOption = with lib; {default ? "#000000", description ? "" }: mkOption {
+  inherit (lib)
    mkOption
    types
  ;
  mkColorOption = {default ? "#000000", description ? "" }: mkOption {
    inherit description default;
    example = "#abcdef";
    type = types.strMatching "#[0-9a-f]{6}";
--- a/home/themes/default.nix
+++ b/home/themes/default.nix
@ -1,6 +1,10 @@
 { config, lib, ... }:
 with lib;
 let
  inherit (lib)
    mkOption
    types
  ;
  themeType = types.submodule {
    options = {
      alacrittyTheme = mkOption {
@ -29,7 +33,7 @@ in
  };
  options.my.themes = mkOption {
-    type = with types; attrsOf themeType;
+    type = types.attrsOf themeType;
  };
  config.my.themes = {
--- a/home/themes/i3.nix
+++ b/home/themes/i3.nix
@ -1,6 +1,10 @@
 { lib }:
 with lib;
 let
  inherit (lib)
    mkOption
    types
  ;
  mkColorOption = import ./color.nix { inherit lib; };
  barColorSetModule = types.submodule {
--- a/home/themes/i3bar.nix
+++ b/home/themes/i3bar.nix
@ -1,6 +1,10 @@
 { lib }:
 with lib;
 let
  inherit (lib)
    mkOption
    types
  ;
  mkColorOption = import ./color.nix { inherit lib; };
 in
 types.submodule {
--- a/home/themes/solarizedLight/alacritty.nix
+++ b/home/themes/solarizedLight/alacritty.nix
@ -1,7 +1,23 @@
 let
-  colors = import ./colors.nix;
+  inherit (import ./colors.nix)
    base0
    base00
    base01
    base02
    base03
    base1
    base2
    base3
    blue
    cyan
    green
    magenta
    orange
    red
    violet
    yellow
  ;
 in
 with colors;
 {
  primary = {
    background = base3;
--- a/home/themes/solarizedLight/i3.nix
+++ b/home/themes/solarizedLight/i3.nix
@ -1,7 +1,15 @@
 let
-  colors = import ./colors.nix;
+  inherit (import ./colors.nix)
    base00
    base2
    base3
    blue
    magenta
    orange
    red
    yellow
  ;
 in
 with colors;
 {
  bar = {
    background = base3;
--- a/home/themes/solarizedLight/i3bar.nix
+++ b/home/themes/solarizedLight/i3bar.nix
@ -1,7 +1,14 @@
 let
-  colors = import ./colors.nix;
+  inherit (import ./colors.nix)
    base00
    base2
    base3
    blue
    green
    red
    yellow
  ;
 in
 with colors;
 {
  theme = {
    name = "solarized-light";
--- a/home/tmux.nix
+++ b/home/tmux.nix
@ -1,20 +1,25 @@
 { config, lib, pkgs, ... }:
 let
  inherit (lib)
    mkEnableOption
    mkIf
  ;
  cfg = config.my.home.tmux;
 in
 {
-  options.my.home.tmux = with lib; {
+  options.my.home.tmux = {
    enable = (mkEnableOption "tmux dotfiles") // { default = true; };
  };
-  config = lib.mkIf cfg.enable {
+  config = mkIf cfg.enable {
    programs.tmux = {
      enable = true;
      baseIndex = 1;
      terminal = "screen-256color";
      clock24 = true;
-      plugins = with pkgs; [
+      plugins = let inherit (pkgs) tmuxPlugins; in [
        {
          plugin = tmuxPlugins.cpu;
          extraConfig = ''
--- a/home/tridactyl.nix
+++ b/home/tridactyl.nix
@ -1,13 +1,18 @@
 { config, lib, ... }:
 let
  inherit (lib)
    mkEnableOption
    mkIf
  ;
  cfg = config.my.home.tridactyl;
 in
 {
-  options.my.home.tridactyl = with lib; {
+  options.my.home.tridactyl = {
    enable = (mkEnableOption "tridactyl code display tool") // { default = config.my.home.firefox.enable; };
  };
-  config = lib.mkIf cfg.enable {
+  config = mkIf cfg.enable {
    xdg.configFile."tridactyl/tridactylrc".source = ./tridactylrc;
  };
 }
--- a/home/x/cursor.nix
+++ b/home/x/cursor.nix
@ -1,11 +1,16 @@
 { config, lib, pkgs, ... }:
 let
  inherit (lib)
    mkEnableOption
    mkIf
  ;
  cfg = config.my.home.x.cursor;
 in
 {
-  options.my.home.x.cursor.enable = (lib.mkEnableOption "X cursor") // { default = config.my.home.x.enable; };
+  options.my.home.x.cursor.enable = (mkEnableOption "X cursor") // { default = config.my.home.x.enable; };
-  config = lib.mkIf cfg.enable {
+  config = mkIf cfg.enable {
    xsession.pointerCursor = {
      package = pkgs.capitaine-cursors;
      name = "capitaine-cursors";
--- a/home/x/default.nix
+++ b/home/x/default.nix
@ -1,4 +1,9 @@
 { config, lib, pkgs, ... }:
 let
  inherit (lib)
    mkEnableOption
  ;
 in
 {
  imports = [
    ./cursor.nix
@ -6,7 +11,7 @@
    ./i3bar.nix
  ];
-  options.my.home.x = with lib; {
+  options.my.home.x = {
    enable = mkEnableOption "X server configuration";
  };
 }
--- a/home/x/i3.nix
+++ b/home/x/i3.nix
@ -1,5 +1,10 @@
 { config, lib, pkgs, ... }:
 let
  inherit (lib)
    mkIf
    mkOptionDefault
  ;
  isEnabled = config.my.home.x.enable;
  myTerminal =
@ -17,14 +22,12 @@ let
  i3Theme = config.my.theme.i3Theme;
 in
 {
-  config = lib.mkIf isEnabled {
+  config = mkIf isEnabled {
    my.home = {
      flameshot.enable = true;
    };
-    home.packages = with pkgs; [
+    home.packages = [ pkgs.betterlockscreen ];
      betterlockscreen
    ];
    xsession.windowManager.i3 = {
      enable = true;
@ -77,7 +80,7 @@ in
          size = 8.0;
        };
-        keybindings = lib.mkOptionDefault {
+        keybindings = mkOptionDefault {
          "${modifier}+Shift+e" = ''mode "${logoutMode}"'';
          "${modifier}+i" = "exec emacsclient -c";
@ -106,7 +109,7 @@ in
              "Return" = "mode default";
            };
          in
-            lib.mkOptionDefault {
+            mkOptionDefault {
              "${logoutMode}" = makeModeBindings {
                "l" = "exec --no-startup-id i3-msg exit, mode default";
                "s" = "exec --no-startup-id betterlockscreen --suspend, mode default";
--- a/home/x/i3bar.nix
+++ b/home/x/i3bar.nix
@ -1,11 +1,19 @@
 { config, lib, pkgs, ... }:
 let
  inherit (lib)
    lists
    mkIf
    mkOption
    optional
    types
  ;
  isEnabled = config.my.home.x.enable;
  i3BarTheme = config.my.theme.i3BarTheme;
  cfg = config.my.home.x.i3bar;
 in
 {
-  options.my.home.x.i3bar = with lib; {
+  options.my.home.x.i3bar = {
    temperature.chip = mkOption {
      type = types.str;
      example = "coretemp-isa-*";
@ -24,12 +32,14 @@ in
    };
  };
-  config = lib.mkIf isEnabled {
+  config = mkIf isEnabled {
-    home.packages = with pkgs; [
+    home.packages = builtins.attrValues {
-      iw # Used by `net` block
+      inherit (pkgs)
-      lm_sensors # Used by `temperature` block
+        iw # Used by `net` block
-      font-awesome
+        lm_sensors # Used by `temperature` block
-    ];
+        font-awesome
      ;
    };
    programs.i3status-rust = {
      enable = true;
@ -79,7 +89,7 @@ in
              chip = cfg.temperature.chip;
              inputs = cfg.temperature.inputs;
            }
-          ] ++ (lib.lists.optionals ((builtins.length cfg.networking.throughput_interfaces) != 0)
+          ] ++ (lists.optionals ((builtins.length cfg.networking.throughput_interfaces) != 0)
            (map
              (interface:
                {
@ -105,11 +115,11 @@ in
              block = "sound";
              driver = "pulseaudio";
            }
-          ] ++ (lib.lists.optionals config.my.home.laptop.enable [
+          ] ++ (optional config.my.home.laptop.enable
            {
              block = "battery";
            }
-          ]) ++ [
+          ) ++ [
            # {
            #   block = "notify";
            # }
--- a/hosts/boreal/default.nix
+++ b/hosts/boreal/default.nix
@ -105,9 +105,7 @@ in
    "rfkill-release"
  ];
-  services.udev.packages = with pkgs; [
+  services.udev.packages = [ pkgs.packages.kaleidoscope-udev-rules ];
    packages.kaleidoscope-udev-rules
  ];
  hardware.bluetooth = {
    enable = true;
--- a/hosts/boreal/home.nix
+++ b/hosts/boreal/home.nix
@ -10,7 +10,8 @@
    my.theme = config.home-manager.users.alarsyo.my.themes.solarizedLight;
-    home.packages = with pkgs; [
+    home.packages = builtins.attrValues {
      inherit (pkgs)
        # some websites only work there :(
        chromium
@ -19,8 +20,9 @@
        # keyboard goodness
        chrysalis
      ;
-        packages.spot
+      inherit (pkgs.packages) spot;
-    ];
+    };
  };
 }
--- a/hosts/poseidon/hardware-configuration.nix
+++ b/hosts/poseidon/hardware-configuration.nix
@ -2,7 +2,11 @@
 # and may be overwritten by future invocations.  Please make changes
 # to /etc/nixos/configuration.nix instead.
 { config, lib, pkgs, modulesPath, ... }:
-
+let
  inherit (lib)
    mkDefault
  ;
 in
 {
  imports =
    [ (modulesPath + "/installer/scan/not-detected.nix")
@ -32,5 +36,5 @@
    [ { device = "/dev/disk/by-uuid/381a9c5e-4d71-45b4-ac62-e7414b3768fc"; }
    ];
-  powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
+  powerManagement.cpuFreqGovernor = mkDefault "ondemand";
 }
--- a/hosts/zephyrus/default.nix
+++ b/hosts/zephyrus/default.nix
@ -56,9 +56,7 @@ in
  };
  my.gui.enable = true;
-  environment.systemPackages = with pkgs; [
+  environment.systemPackages = [ pkgs.arandr ];
    arandr
  ];
  hardware.bluetooth = {
    enable = true;
--- a/hosts/zephyrus/hardware-configuration.nix
+++ b/hosts/zephyrus/hardware-configuration.nix
@ -2,7 +2,11 @@
 # and may be overwritten by future invocations.  Please make changes
 # to /etc/nixos/configuration.nix instead.
 { config, lib, pkgs, modulesPath, ... }:
-
+let
  inherit (lib)
    mkDefault
  ;
 in
 {
  imports =
    [ (modulesPath + "/installer/scan/not-detected.nix")
@ -40,7 +44,7 @@
  swapDevices = [ ];
-  powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
+  powerManagement.cpuFreqGovernor = mkDefault "powersave";
  hardware.enableRedistributableFirmware = true;
 }
--- a/hosts/zephyrus/home.nix
+++ b/hosts/zephyrus/home.nix
@ -12,18 +12,20 @@
    my.theme = config.home-manager.users.alarsyo.my.themes.solarizedLight;
-    home.packages = with pkgs; [
+    home.packages = builtins.attrValues {
-        # some websites only work there :(
+        inherit (pkgs)
-        chromium
+          # some websites only work there :(
          chromium
-        wineWowPackages.stable
+          darktable
-        darktable
+          # dev
          rustup
        ;
-        # dev
+        inherit (pkgs.packages) spot;
        rustup
-        packages.spot
+        inherit (pkgs.wineWowPackages) stable;
-    ];
+    };
  };
 }
--- a/modules/sddm.nix
+++ b/modules/sddm.nix
@ -1,23 +1,31 @@
 { config, lib, pkgs, ... }:
 let
  inherit (lib)
    mkEnableOption
    mkIf
  ;
  cfg = config.my.displayManager.sddm;
 in
 {
-  options.my.displayManager.sddm.enable = lib.mkEnableOption "SDDM setup";
+  options.my.displayManager.sddm.enable = mkEnableOption "SDDM setup";
-  config = lib.mkIf cfg.enable {
+  config = mkIf cfg.enable {
    services.xserver.displayManager.sddm = {
      enable = true;
      theme = "sugar-candy";
    };
-    environment.systemPackages = with pkgs; [
+    environment.systemPackages = builtins.attrValues {
-      packages.sddm-sugar-candy
+      inherit (pkgs.packages)
        sddm-sugar-candy
      ;
-      # dependencies for sugar-candy theme
+      inherit (pkgs.libsForQt5.qt5)
-      libsForQt5.qt5.qtgraphicaleffects
+        qtgraphicaleffects
-      libsForQt5.qt5.qtquickcontrols2
+        qtquickcontrols2
-      libsForQt5.qt5.qtsvg
+        qtsvg
-    ];
+      ;
    };
  };
 }
--- a/modules/wakeonwlan.nix
+++ b/modules/wakeonwlan.nix
@ -1,8 +1,15 @@
 { config, lib, pkgs, ... }:
 with lib;
 let
  inherit (lib)
    concatStringsSep
    literalExample
    mapAttrs'
    mkIf
    mkOption
    nameValuePair
  ;
  cfg = config.my.wakeonwlan;
  mkWowlanService = name: cfg:
@ -20,7 +27,7 @@ let
    };
 in
 {
-  options.my.wakeonwlan = {
+  options.my.wakeonwlan = let inherit (lib) types; in {
    interfaces = mkOption {
      default = { };
      description = "Wireless interfaces where you want to enable WoWLAN";
--- a/pkgs/grafana-dashboards/nginx.nix
+++ b/pkgs/grafana-dashboards/nginx.nix
@ -1,5 +1,9 @@
 { stdenv, fetchFromGitHub, lib, ... }:
 let
  inherit (lib)
    licenses
  ;
  version = "0.9.0";
 in
 stdenv.mkDerivation {
@ -20,7 +24,7 @@ stdenv.mkDerivation {
    cp grafana/dashboard.json $out/dashboard.json
  '';
-  meta = with lib; {
+  meta = {
    description = "grafana dashboard for NGINX exporter";
    homepage = "https://github.com/nginxinc/nginx-prometheus-exporter";
    license = licenses.asl20;
--- a/pkgs/grafana-dashboards/node-exporter.nix
+++ b/pkgs/grafana-dashboards/node-exporter.nix
@ -1,5 +1,9 @@
 { stdenv, fetchFromGitHub, lib, ... }:
 let
  inherit (lib)
    licenses
  ;
  version = "7d61c79619e5749e629758ecd96748c010028120";
 in
 stdenv.mkDerivation {
@ -20,7 +24,7 @@ stdenv.mkDerivation {
    cp prometheus/node-exporter-full.json $out/node-exporter-full.json
  '';
-  meta = with lib; {
+  meta = {
    description = "grafana dashboard for node exporter";
    homepage = "https://github.com/rfrail3/grafana-dashboards";
    license = licenses.lgpl3Only;
--- a/pkgs/kaleidoscope-udev-rules/default.nix
+++ b/pkgs/kaleidoscope-udev-rules/default.nix
@ -1,6 +1,10 @@
 { stdenv, lib, fetchFromGitHub }:
 let
  inherit (lib)
    licenses
  ;
  version = "1.99.3";
 in
 stdenv.mkDerivation {
@ -21,7 +25,7 @@ stdenv.mkDerivation {
    cp etc/60-kaleidoscope.rules $out/lib/udev/rules.d/
  '';
-  meta = with lib; {
+  meta = {
    description = "udev rules for kaleidoscope firmware keyboards";
    homepage = "https://github.com/keyboardio/Kaleidoscope";
    license = licenses.gpl3Only;
--- a/secrets/borg-backup/default.nix
+++ b/secrets/borg-backup/default.nix
@ -1,5 +1,10 @@
 { lib }:
 let
  inherit (lib)
    fileContents
  ;
 in
 {
-  boreal-repo = lib.fileContents ./boreal-repo.secret;
+  boreal-repo = fileContents ./boreal-repo.secret;
-  poseidon-repo = lib.fileContents ./poseidon-repo.secret;
+  poseidon-repo = fileContents ./poseidon-repo.secret;
 }
--- a/secrets/default.nix
+++ b/secrets/default.nix
@ -1,20 +1,24 @@
 { pkgs, lib, config, ... }:
-with lib;
+let
-{
+  inherit (lib)
-  options.my.secrets = mkOption {
+    fileContents
    mkOption
  ;
 in {
  options.my.secrets = let inherit (lib) types; in mkOption {
    type = types.attrs;
  };
  config.my.secrets = {
-    matrix-registration-shared-secret = lib.fileContents ./matrix-registration-shared-secret.secret;
+    matrix-registration-shared-secret = fileContents ./matrix-registration-shared-secret.secret;
-    shadow-hashed-password-alarsyo = lib.fileContents ./shadow-hashed-password-alarsyo.secret;
+    shadow-hashed-password-alarsyo = fileContents ./shadow-hashed-password-alarsyo.secret;
-    shadow-hashed-password-root = lib.fileContents ./shadow-hashed-password-root.secret;
+    shadow-hashed-password-root = fileContents ./shadow-hashed-password-root.secret;
-    miniflux-admin-credentials = lib.fileContents ./miniflux-admin-credentials.secret;
+    miniflux-admin-credentials = fileContents ./miniflux-admin-credentials.secret;
-    transmission-password = lib.fileContents ./transmission.secret;
+    transmission-password = fileContents ./transmission.secret;
    nextcloud-admin-pass = ./nextcloud-admin-pass.secret;
-    nextcloud-admin-user = lib.fileContents ./nextcloud-admin-user.secret;
+    nextcloud-admin-user = fileContents ./nextcloud-admin-user.secret;
-    lohr-shared-secret = lib.fileContents ./lohr-shared-secret.secret;
+    lohr-shared-secret = fileContents ./lohr-shared-secret.secret;
-    gandiKey = lib.fileContents ./gandi-api-key.secret;
+    gandiKey = fileContents ./gandi-api-key.secret;
    borg-backup = import ./borg-backup { inherit lib; };
    paperless = import ./paperless { inherit lib; };
--- a/secrets/paperless/default.nix
+++ b/secrets/paperless/default.nix
@ -1,5 +1,10 @@
 { lib }:
 let
  inherit (lib)
    fileContents
  ;
 in
 {
-  secretKey = lib.fileContents ./secret-key-file.secret;
+  secretKey = fileContents ./secret-key-file.secret;
-  adminPassword = lib.fileContents ./admin-password.secret;
+  adminPassword = fileContents ./admin-password.secret;
 }
--- a/secrets/restic-backup/default.nix
+++ b/secrets/restic-backup/default.nix
@ -1,4 +1,9 @@
 { lib }:
 let
  inherit (lib)
    fileContents
  ;
 in
 {
-  poseidon-repo = lib.fileContents ./poseidon-repo.secret;
+  poseidon-repo = fileContents ./poseidon-repo.secret;
 }
--- a/services/borg-backup.nix
+++ b/services/borg-backup.nix
@ -1,10 +1,14 @@
 { config, lib, pkgs, ... }:
-with lib;
+let
-
+  inherit (lib)
-let cfg = config.my.services.borg-backup;
+    mkEnableOption
    mkIf
    mkOption
  ;
  cfg = config.my.services.borg-backup;
 in {
-  options.my.services.borg-backup = {
+  options.my.services.borg-backup = let inherit (lib) types; in {
    enable = mkEnableOption "Enable Borg backups for this host";
    repo = mkOption {
--- a/services/fail2ban.nix
+++ b/services/fail2ban.nix
@ -1,7 +1,11 @@
 { config, lib, pkgs, ... }:
 with lib;
 let
  inherit (lib)
    mkEnableOption
    mkIf
  ;
  cfg = config.my.services.fail2ban;
 in {
  options.my.services.fail2ban = {
--- a/services/fava.nix
+++ b/services/fava.nix
@ -1,16 +1,20 @@
 { config, lib, pkgs, ... }:
 with lib;
 let
  inherit (lib)
    mkEnableOption
    mkIf
    mkOption
  ;
  cfg = config.my.services.fava;
  my = config.my;
  domain = config.networking.domain;
  secrets = config.my.secrets;
 in
 {
-  options.my.services.fava = {
+  options.my.services.fava = let inherit (lib) types; in {
-    enable = lib.mkEnableOption "Fava";
+    enable = mkEnableOption "Fava";
    home = mkOption {
      type = types.str;
@ -43,7 +47,6 @@ in
        User = "fava";
        Group = "fava";
      };
      path = with pkgs; [];
    };
    users.users.fava = {
--- a/services/gitea/default.nix
+++ b/services/gitea/default.nix
@ -1,14 +1,18 @@
 { config, lib, pkgs, ... }:
 with lib;
 let
  inherit (lib)
    mkEnableOption
    mkIf
    mkOption
  ;
  cfg = config.my.services.gitea;
  my = config.my;
  domain = config.networking.domain;
 in {
-  options.my.services.gitea = {
+  options.my.services.gitea = let inherit (lib) types; in {
    enable = mkEnableOption "Personal Git hosting with Gitea";
    privatePort = mkOption {
--- a/services/jellyfin.nix
+++ b/services/jellyfin.nix
@ -1,8 +1,11 @@
 { config, lib, pkgs, ... }:
 with lib;
 let
  inherit (lib)
    mkEnableOption
    mkIf
  ;
  cfg = config.my.services.jellyfin;
  my = config.my;
@ -15,7 +18,7 @@ in {
    enable = mkEnableOption "Jellyfin";
  };
-  config = lib.mkIf cfg.enable {
+  config = mkIf cfg.enable {
    services.jellyfin = {
      enable = true;
      group = "media";
--- a/services/lohr.nix
+++ b/services/lohr.nix
@ -1,8 +1,12 @@
 { config, lib, pkgs, ... }:
 with lib;
 let
  inherit (lib)
    mkEnableOption
    mkIf
    mkOption
  ;
  cfg = config.my.services.lohr;
  my = config.my;
  domain = config.networking.domain;
@ -14,8 +18,8 @@ let
    flake.defaultPackage."x86_64-linux"; # FIXME: use correct system
 in
 {
-  options.my.services.lohr = {
+  options.my.services.lohr = let inherit (lib) types; in {
-    enable = lib.mkEnableOption "Lohr Mirroring Daemon";
+    enable = mkEnableOption "Lohr Mirroring Daemon";
    home = mkOption {
      type = types.str;
@ -49,9 +53,7 @@ in
        User = "lohr";
        Group = "lohr";
      };
-      path = with pkgs; [
+      path = [ pkgs.git ];
        git
      ];
    };
    users.users.lohr = {
--- a/services/matrix.nix
+++ b/services/matrix.nix
@ -9,9 +9,13 @@
 #
 { config, lib, pkgs, ... }:
 with lib;
 let
  inherit (lib)
    mkEnableOption
    mkIf
    mkOption
  ;
  cfg = config.my.services.matrix;
  my = config.my;
@ -19,10 +23,10 @@ let
  clientPort = { public = 443; private = 11339; };
  domain = config.networking.domain;
 in {
-  options.my.services.matrix = {
+  options.my.services.matrix = let inherit (lib) types; in {
-    enable = lib.mkEnableOption "Matrix Synapse";
+    enable = mkEnableOption "Matrix Synapse";
-    registration_shared_secret = lib.mkOption {
+    registration_shared_secret = mkOption {
      type = types.str;
      default = null;
      example = "deadbeef";
@ -61,7 +65,7 @@ in {
    };
  };
-  config = lib.mkIf cfg.enable {
+  config = mkIf cfg.enable {
    services.postgresql = {
      enable = true;
    };
--- a/services/media.nix
+++ b/services/media.nix
@ -1,11 +1,17 @@
 { config, lib, ... }:
 let
-  mediaServices = with config.my.services; [
+  inherit (lib)
-    jellyfin
+    mkIf
-    transmission
+  ;
-  ];
+
  mediaServices = builtins.attrValues {
    inherit (config.my.services)
      jellyfin
      transmission
    ;
  };
  needed = builtins.any (service: service.enable) mediaServices;
 in
 {
-  config.users.groups.media = lib.mkIf needed { };
+  config.users.groups.media = mkIf needed { };
 }
--- a/services/miniflux.nix
+++ b/services/miniflux.nix
@ -1,14 +1,18 @@
 { config, lib, pkgs, ... }:
 with lib;
 let
  inherit (lib)
    mkEnableOption
    mkIf
    mkOption
  ;
  cfg = config.my.services.miniflux;
  my = config.my;
  domain = config.networking.domain;
 in {
-  options.my.services.miniflux = {
+  options.my.services.miniflux = let inherit (lib) types; in {
    enable = mkEnableOption "Serve a Miniflux instance";
    adminCredentialsFile = mkOption {
--- a/services/monitoring.nix
+++ b/services/monitoring.nix
@ -1,12 +1,16 @@
 { config, lib, pkgs, ... }:
 with lib;
 let
  inherit (lib)
    mkEnableOption
    mkIf
    mkOption
  ;
  cfg = config.my.services.monitoring;
  domain = config.networking.domain;
 in {
-  options.my.services.monitoring = {
+  options.my.services.monitoring = let inherit (lib) types; in {
    enable = mkEnableOption "Enable monitoring";
    domain = mkOption {
--- a/services/navidrome.nix
+++ b/services/navidrome.nix
@ -1,12 +1,17 @@
 { config, lib, pkgs, ... }:
 with lib;
 let
  inherit (lib)
    mkEnableOption
    mkIf
    mkOption
    optional
  ;
  cfg = config.my.services.navidrome;
  domain = config.networking.domain;
 in {
-  options.my.services.navidrome = {
+  options.my.services.navidrome = let inherit (lib) types; in {
    enable = mkEnableOption "Navidrome";
    musicFolder = {
      path = mkOption {
@ -17,7 +22,7 @@ in {
    };
  };
-  config = lib.mkIf cfg.enable {
+  config = mkIf cfg.enable {
    services.navidrome = {
      enable = true;
      settings = {
--- a/services/nextcloud.nix
+++ b/services/nextcloud.nix
@ -3,6 +3,11 @@
 # TODO: setup prometheus exporter
 let
  inherit (lib)
    mkEnableOption
    mkIf
  ;
  cfg = config.my.services.nextcloud;
  my = config.my;
  domain = config.networking.domain;
@ -10,10 +15,10 @@ let
 in
 {
  options.my.services.nextcloud = {
-    enable = lib.mkEnableOption "NextCloud";
+    enable = mkEnableOption "NextCloud";
  };
-  config = lib.mkIf cfg.enable {
+  config = mkIf cfg.enable {
    services.postgresql = {
      enable = true;
@ -73,7 +78,7 @@ in
    my.services.restic-backup = let
      nextcloudHome = config.services.nextcloud.home;
-    in lib.mkIf cfg.enable  {
+    in mkIf cfg.enable  {
      paths = [ nextcloudHome ];
      exclude = [
        # borg can fail if *.part files disappear during backup
--- a/services/nginx.nix
+++ b/services/nginx.nix
@ -2,10 +2,15 @@
 #
 # https://github.com/delroth/infra.delroth.net
 { config, lib, pkgs, ... }:
 let
  inherit (lib)
    mkIf
  ;
 in
 {
  # Whenever something defines an nginx vhost, ensure that nginx defaults are
  # properly set.
-  config = lib.mkIf ((builtins.attrNames config.services.nginx.virtualHosts) != [ "localhost" ]) {
+  config = mkIf ((builtins.attrNames config.services.nginx.virtualHosts) != [ "localhost" ]) {
    services.nginx = {
      enable = true;
      statusPage = true; # For monitoring scraping.
--- a/services/nuage.nix
+++ b/services/nuage.nix
@ -1,14 +1,17 @@
 { config, lib, ... }:
 with lib;
 let
  inherit (lib)
    mkEnableOption
    mkIf
  ;
  cfg = config.my.services.nuage;
  my = config.my;
 in
 {
  options.my.services.nuage = {
-    enable = lib.mkEnableOption "Nuage redirect";
+    enable = mkEnableOption "Nuage redirect";
  };
  config = mkIf cfg.enable {
--- a/services/paperless.nix
+++ b/services/paperless.nix
@ -1,8 +1,12 @@
 { config, lib, pkgs, ... }:
 with lib;
 let
  inherit (lib)
    mkEnableOption
    mkIf
    mkOption
  ;
  cfg = config.my.services.paperless;
  my = config.my;
  domain = config.networking.domain;
@ -10,8 +14,8 @@ let
  secretKeyFile = pkgs.writeText "paperless-secret-key-file.env" my.secrets.paperless.secretKey;
 in
 {
-  options.my.services.paperless = {
+  options.my.services.paperless = let inherit (lib) types; in {
-    enable = lib.mkEnableOption "Paperless";
+    enable = mkEnableOption "Paperless";
    port = mkOption {
      type = types.port;
--- a/services/pipewire.nix
+++ b/services/pipewire.nix
@ -1,14 +1,18 @@
 { config, lib, pkgs, options, ... }:
 with lib;
 let
  inherit (lib)
    mkEnableOption
    mkIf
    optionalAttrs
  ;
  cfg = config.my.services.pipewire;
  my = config.my;
 in
 {
  options.my.services.pipewire = {
-    enable = lib.mkEnableOption "Pipewire sound backend";
+    enable = mkEnableOption "Pipewire sound backend";
  };
  # HACK: services.pipewire.alsa doesn't exist on 20.09, avoid evaluating this
@ -69,6 +73,6 @@ in
    # FIXME: a shame pactl isn't available by itself, eventually this should be
    #        replaced by pw-cli or a wrapper, I guess?
-    environment.systemPackages = with pkgs; [ pulseaudio ];
+    environment.systemPackages = [ pkgs.pulseaudio ];
  });
 }
--- a/services/postgresql-backup.nix
+++ b/services/postgresql-backup.nix
@ -1,8 +1,11 @@
 { config, lib, pkgs, ... }:
 with lib;
 let
  inherit (lib)
    mkEnableOption
    mkIf
  ;
  cfg = config.my.services.postgresql-backup;
 in {
  options.my.services.postgresql-backup = {
--- a/services/restic-backup.nix
+++ b/services/restic-backup.nix
@ -1,16 +1,22 @@
 { config, lib, pkgs, ... }:
 with lib;
 let
  inherit (lib)
    attrsets
    concatStringsSep
    mkEnableOption
    mkIf
    mkOption
    optional
  ;
  cfg = config.my.services.restic-backup;
  secrets = config.my.secrets;
-  excludeArg = with builtins; with pkgs;
+  excludeArg = "--exclude-file=" + (pkgs.writeText "excludes.txt" (concatStringsSep "\n" cfg.exclude));
    "--exclude-file=" + (writeText "excludes.txt" (concatStringsSep "\n" cfg.exclude));
  makePruneOpts = pruneOpts:
    attrsets.mapAttrsToList (name: value: "--keep-${name} ${toString value}") pruneOpts;
 in {
-  options.my.services.restic-backup = {
+  options.my.services.restic-backup = let inherit (lib) types; in {
    enable = mkEnableOption "Enable Restic backups for this host";
    repo = mkOption {
@ -22,7 +28,7 @@ in {
    };
    paths = mkOption {
-      type = with types; listOf str;
+      type = types.listOf types.str;
      default = [ ];
      example = [
        "/var/lib"
@ -32,7 +38,7 @@ in {
    };
    exclude = mkOption {
-      type = with types; listOf str;
+      type = types.listOf types.str;
      default = [ ];
      example = [
        # very large paths
@ -71,7 +77,7 @@ in {
      environmentFile = "/root/restic/creds";
      extraBackupArgs = [ "--verbose=2" ]
-        ++ optional (builtins.length cfg.exclude != 0) excludeArg;
+                        ++ optional (builtins.length cfg.exclude != 0) excludeArg;
      timerConfig = {
        OnCalendar = "daily";
--- a/services/tailscale.nix
+++ b/services/tailscale.nix
@ -1,16 +1,19 @@
 { config, lib, pkgs, ... }:
 with lib;
 let
  inherit (lib)
    mkEnableOption
    mkIf
  ;
  cfg = config.my.services.tailscale;
 in
 {
  options.my.services.tailscale = {
-    enable = lib.mkEnableOption "Tailscale";
+    enable = mkEnableOption "Tailscale";
    # NOTE: still have to do `tailscale up --advertise-exit-node`
-    exitNode = lib.mkEnableOption "Use as exit node";
+    exitNode = mkEnableOption "Use as exit node";
  };
  config = mkIf cfg.enable {
--- a/services/tgv.nix
+++ b/services/tgv.nix
@ -1,14 +1,17 @@
 { config, lib, ... }:
 with lib;
 let
  inherit (lib)
    mkEnableOption
    mkIf
  ;
  cfg = config.my.services.tgv;
  my = config.my;
 in
 {
  options.my.services.tgv = {
-    enable = lib.mkEnableOption "TGV redirect";
+    enable = mkEnableOption "TGV redirect";
  };
  config = mkIf cfg.enable {
--- a/services/transmission.nix
+++ b/services/transmission.nix
@ -1,5 +1,11 @@
 { config, lib, ... }:
 let
  inherit (lib)
    mkEnableOption
    mkIf
    mkOption
  ;
  cfg = config.my.services.transmission;
  domain = config.networking.domain;
@ -11,7 +17,7 @@ let
  downloadBase = "/media/torrents/";
 in
 {
-  options.my.services.transmission = with lib; {
+  options.my.services.transmission = let inherit (lib) types; in {
    enable = mkEnableOption "Transmission torrent client";
    username = mkOption {
@ -28,7 +34,7 @@ in
    };
  };
-  config = lib.mkIf cfg.enable {
+  config = mkIf cfg.enable {
    services.transmission = {
      enable = true;
      group = "media";
--- a/services/vaultwarden.nix
+++ b/services/vaultwarden.nix
@ -1,14 +1,18 @@
 { config, lib, pkgs, ... }:
 with lib;
 let
  inherit (lib)
    mkEnableOption
    mkIf
    mkOption
  ;
  cfg = config.my.services.vaultwarden;
  my = config.my;
  domain = config.networking.domain;
 in {
-  options.my.services.vaultwarden = {
+  options.my.services.vaultwarden = let inherit (lib) types; in {
    enable = mkEnableOption "Vaultwarden";
    privatePort = mkOption {