alarsyo/nixos-config
alarsyo/nixos-config
1
1
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

nix: exorcise all with <expr>; uses

Browse source
This commit is contained in:
Antoine Martin 2022-01-11 16:08:21 +01:00
parent ef59fd800e
commit 912073bee6
67 changed files with 576 additions and 259 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

24
base/gui-programs.nix
View file

@ -1,11 +1,18 @@
{ pkgs, lib, config, options, ... }:
let
inherit (lib)
mkEnableOption
mkIf
optional
;
in
{
options.my.gui = {
enable = lib.mkEnableOption "System has some kind of screen attached";
isNvidia = lib.mkEnableOption "System a NVIDIA GPU";
enable = mkEnableOption "System has some kind of screen attached";
isNvidia = mkEnableOption "System a NVIDIA GPU";
};
config = lib.mkIf config.my.gui.enable {
config = mkIf config.my.gui.enable {
my.displayManager.sddm.enable = true;
services = {
@ -21,13 +28,13 @@
};
};
environment.systemPackages = with pkgs; [
environment.systemPackages = builtins.attrValues {
inherit (pkgs)
element-desktop
feh
firefox
ffmpeg
gimp
gnome.nautilus
imagemagick
mpv
obs-studio
@ -39,9 +46,12 @@
thunderbird
virt-manager
zathura
;
unstable.discord
];
inherit (pkgs.gnome) nautilus;
inherit (pkgs.unstable) discord;
};
networking.networkmanager.enable = true;
programs.nm-applet.enable = true;

8
base/networking.nix
View file

@ -1,6 +1,12 @@
{ lib, ... }:
let
inherit (lib)
mkOption
types
;
in
{
options.my.networking.externalInterface = with lib; mkOption {
options.my.networking.externalInterface = mkOption {
type = types.nullOr types.str;
default = null;
example = "eth0";

13
base/programs.nix
View file

@ -19,7 +19,8 @@
bandwhich.enable = true;
};
environment.systemPackages = with pkgs; [
environment.systemPackages = builtins.attrValues {
inherit (pkgs)
# shell usage
fd
ripgrep
@ -39,8 +40,6 @@
pinentry-curses
python3
vim
clang_11
llvmPackages_11.bintools
# terminal utilities
bottom
@ -54,5 +53,11 @@
# nix pkgs lookup
nix-index
];
;
inherit (pkgs.llvmPackages_11)
bintools
clang
;
};
}

14
home/alacritty.nix
View file

@ -1,12 +1,17 @@
{ config, lib, pkgs, ... }:
let
inherit (lib)
mkEnableOption
mkIf
;
cfg = config.my.home.alacritty;
alacrittyTheme = config.my.theme.alacrittyTheme;
in
{
options.my.home.alacritty.enable = (lib.mkEnableOption "Alacritty terminal") // { default = config.my.home.x.enable; };
options.my.home.alacritty.enable = (mkEnableOption "Alacritty terminal") // { default = config.my.home.x.enable; };
config = lib.mkIf cfg.enable {
config = mkIf cfg.enable {
programs.alacritty = {
enable = true;
@ -34,9 +39,8 @@ in
};
};
home.packages = with pkgs; [
iosevka-bin
];
home.packages = [ pkgs.iosevka-bin ];
# make sure font is discoverable
fonts.fontconfig.enable = true;
};

9
home/bat.nix
View file

@ -1,14 +1,19 @@
{ config, lib, ... }:
let
inherit (lib)
mkEnableOption
mkIf
;
cfg = config.my.home.bat;
batTheme = config.my.theme.batTheme;
in
{
options.my.home.bat = with lib; {
options.my.home.bat = {
enable = (mkEnableOption "bat code display tool") // { default = true; };
};
config = lib.mkIf cfg.enable {
config = mkIf cfg.enable {
programs.bat = {
enable = true;

16
home/emacs.nix
View file

@ -1,23 +1,31 @@
{ config, lib, pkgs, ... }:
let
inherit (lib)
mkEnableOption
mkIf
;
in
{
options.my.home.emacs = with lib; {
options.my.home.emacs = {
enable = mkEnableOption "Emacs daemon configuration";
};
config = lib.mkIf config.my.home.emacs.enable {
config = mkIf config.my.home.emacs.enable {
home.sessionPath = [ "${config.xdg.configHome}/emacs/bin" ];
home.sessionVariables = {
EDITOR = "emacsclient -t";
};
home.packages = with pkgs; [
home.packages = builtins.attrValues {
inherit (pkgs)
sqlite # needed by org-roam
# fonts used by my config
emacs-all-the-icons-fonts
iosevka-bin
];
;
};
# make sure above fonts are discoverable
fonts.fontconfig.enable = true;

9
home/firefox.nix
View file

@ -1,13 +1,18 @@
{ config, lib, pkgs, ... }:
let
inherit (lib)
mkEnableOption
mkIf
;
cfg = config.my.home.firefox;
in
{
options.my.home.firefox = with lib; {
options.my.home.firefox = {
enable = (mkEnableOption "firefox config") // { default = config.my.home.x.enable; };
};
config = lib.mkIf cfg.enable {
config = mkIf cfg.enable {
programs.firefox = {
enable = true;
package = pkgs.firefox.override {

9
home/fish/default.nix
View file

@ -1,11 +1,16 @@
{ config, lib, ... }:
let
inherit (lib)
mkEnableOption
mkIf
;
cfg = config.my.home.fish;
in
{
options.my.home.fish.enable = (lib.mkEnableOption "Fish shell") // { default = true; };
options.my.home.fish.enable = (mkEnableOption "Fish shell") // { default = true; };
config = lib.mkIf cfg.enable {
config = mkIf cfg.enable {
programs.fish = {
enable = true;
};

9
home/flameshot.nix
View file

@ -1,13 +1,18 @@
{ config, lib, ... }:
let
inherit (lib)
mkEnableOption
mkIf
;
cfg = config.my.home.flameshot;
in
{
options.my.home.flameshot = with lib; {
options.my.home.flameshot = {
enable = mkEnableOption "flameshot autolaunch";
};
config.services.flameshot = lib.mkIf cfg.enable {
config.services.flameshot = mkIf cfg.enable {
enable = true;
};
}

9
home/git.nix
View file

@ -1,11 +1,16 @@
{ config, lib, pkgs, ... }:
let
inherit (lib)
mkEnableOption
mkIf
;
cfg = config.my.home.git;
in
{
options.my.home.git.enable = (lib.mkEnableOption "Git configuration") // { default = true; };
options.my.home.git.enable = (mkEnableOption "Git configuration") // { default = true; };
config = lib.mkIf cfg.enable {
config = mkIf cfg.enable {
programs.git = {
enable = true;

7
home/laptop.nix
View file

@ -1,6 +1,11 @@
{ config, lib, ... }:
let
inherit (lib)
mkEnableOption
;
in
{
options.my.home.laptop = with lib; {
options.my.home.laptop = {
enable = mkEnableOption "Laptop settings";
};
}

9
home/lorri.nix
View file

@ -1,13 +1,18 @@
{ config, lib, ... }:
let
inherit (lib)
mkEnableOption
mkIf
;
cfg = config.my.home.lorri;
in
{
options.my.home.lorri = with lib; {
options.my.home.lorri = {
enable = (mkEnableOption "lorri daemon setup") // { default = true; };
};
config = lib.mkIf cfg.enable {
config = mkIf cfg.enable {
services.lorri.enable = true;
programs.direnv = {
enable = true;

9
home/rofi.nix
View file

@ -1,13 +1,18 @@
{ config, lib, pkgs, ... }:
let
inherit (lib)
mkEnableOption
mkIf
;
cfg = config.my.home.rofi;
in
{
options.my.home.rofi = with lib; {
options.my.home.rofi = {
enable = (mkEnableOption "rofi configuration") // { default = config.my.home.x.enable; };
};
config = lib.mkIf cfg.enable {
config = mkIf cfg.enable {
programs.rofi = {
enable = true;

8
home/secrets/default.nix
View file

@ -1,5 +1,11 @@
{ lib, ... }:
with lib;
let
inherit (lib)
fileContents
mkOption
types
;
in
{
options.my.secrets = mkOption {
type = types.attrs;

9
home/ssh.nix
View file

@ -1,13 +1,18 @@
{ config, lib, ... }:
let
inherit (lib)
mkEnableOption
mkIf
;
cfg = config.my.home.ssh;
in
{
options.my.home.ssh = with lib; {
options.my.home.ssh = {
enable = (mkEnableOption "ssh configuration") // { default = true; };
};
config = lib.mkIf cfg.enable {
config = mkIf cfg.enable {
programs.ssh = {
enable = true;

6
home/themes/alacritty.nix
View file

@ -1,6 +1,10 @@
{ lib }:
with lib;
let
inherit (lib)
mkOption
types
;
mkColorOption = import ./color.nix { inherit lib; };
primaryColorModule = types.submodule {

7
home/themes/bat.nix
View file

@ -1,5 +1,10 @@
{ lib }:
with lib;
let
inherit (lib)
mkOption
types
;
in
types.submodule {
options = {
name = mkOption {

7
home/themes/color.nix
View file

@ -1,6 +1,11 @@
{ lib }:
let
mkColorOption = with lib; {default ? "#000000", description ? "" }: mkOption {
inherit (lib)
mkOption
types
;
mkColorOption = {default ? "#000000", description ? "" }: mkOption {
inherit description default;
example = "#abcdef";
type = types.strMatching "#[0-9a-f]{6}";

8
home/themes/default.nix
View file

@ -1,6 +1,10 @@
{ config, lib, ... }:
with lib;
let
inherit (lib)
mkOption
types
;
themeType = types.submodule {
options = {
alacrittyTheme = mkOption {
@ -29,7 +33,7 @@ in
};
options.my.themes = mkOption {
type = with types; attrsOf themeType;
type = types.attrsOf themeType;
};
config.my.themes = {

6
home/themes/i3.nix
View file

@ -1,6 +1,10 @@
{ lib }:
with lib;
let
inherit (lib)
mkOption
types
;
mkColorOption = import ./color.nix { inherit lib; };
barColorSetModule = types.submodule {

6
home/themes/i3bar.nix
View file

@ -1,6 +1,10 @@
{ lib }:
with lib;
let
inherit (lib)
mkOption
types
;
mkColorOption = import ./color.nix { inherit lib; };
in
types.submodule {

20
home/themes/solarizedLight/alacritty.nix
View file

@ -1,7 +1,23 @@
let
colors = import ./colors.nix;
inherit (import ./colors.nix)
base0
base00
base01
base02
base03
base1
base2
base3
blue
cyan
green
magenta
orange
red
violet
yellow
;
in
with colors;
{
primary = {
background = base3;

12
home/themes/solarizedLight/i3.nix
View file

@ -1,7 +1,15 @@
let
colors = import ./colors.nix;
inherit (import ./colors.nix)
base00
base2
base3
blue
magenta
orange
red
yellow
;
in
with colors;
{
bar = {
background = base3;

11
home/themes/solarizedLight/i3bar.nix
View file

@ -1,7 +1,14 @@
let
colors = import ./colors.nix;
inherit (import ./colors.nix)
base00
base2
base3
blue
green
red
yellow
;
in
with colors;
{
theme = {
name = "solarized-light";

11
home/tmux.nix
View file

@ -1,20 +1,25 @@
{ config, lib, pkgs, ... }:
let
inherit (lib)
mkEnableOption
mkIf
;
cfg = config.my.home.tmux;
in
{
options.my.home.tmux = with lib; {
options.my.home.tmux = {
enable = (mkEnableOption "tmux dotfiles") // { default = true; };
};
config = lib.mkIf cfg.enable {
config = mkIf cfg.enable {
programs.tmux = {
enable = true;
baseIndex = 1;
terminal = "screen-256color";
clock24 = true;
plugins = with pkgs; [
plugins = let inherit (pkgs) tmuxPlugins; in [
{
plugin = tmuxPlugins.cpu;
extraConfig = ''

9
home/tridactyl.nix
View file

@ -1,13 +1,18 @@
{ config, lib, ... }:
let
inherit (lib)
mkEnableOption
mkIf
;
cfg = config.my.home.tridactyl;
in
{
options.my.home.tridactyl = with lib; {
options.my.home.tridactyl = {
enable = (mkEnableOption "tridactyl code display tool") // { default = config.my.home.firefox.enable; };
};
config = lib.mkIf cfg.enable {
config = mkIf cfg.enable {
xdg.configFile."tridactyl/tridactylrc".source = ./tridactylrc;
};
}

9
home/x/cursor.nix
View file

@ -1,11 +1,16 @@
{ config, lib, pkgs, ... }:
let
inherit (lib)
mkEnableOption
mkIf
;
cfg = config.my.home.x.cursor;
in
{
options.my.home.x.cursor.enable = (lib.mkEnableOption "X cursor") // { default = config.my.home.x.enable; };
options.my.home.x.cursor.enable = (mkEnableOption "X cursor") // { default = config.my.home.x.enable; };
config = lib.mkIf cfg.enable {
config = mkIf cfg.enable {
xsession.pointerCursor = {
package = pkgs.capitaine-cursors;
name = "capitaine-cursors";

7
home/x/default.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
let
inherit (lib)
mkEnableOption
;
in
{
imports = [
./cursor.nix
@ -6,7 +11,7 @@
./i3bar.nix
];
options.my.home.x = with lib; {
options.my.home.x = {
enable = mkEnableOption "X server configuration";
};
}

15
home/x/i3.nix
View file

@ -1,5 +1,10 @@
{ config, lib, pkgs, ... }:
let
inherit (lib)
mkIf
mkOptionDefault
;
isEnabled = config.my.home.x.enable;
myTerminal =
@ -17,14 +22,12 @@ let
i3Theme = config.my.theme.i3Theme;
in
{
config = lib.mkIf isEnabled {
config = mkIf isEnabled {
my.home = {
flameshot.enable = true;
};
home.packages = with pkgs; [
betterlockscreen
];
home.packages = [ pkgs.betterlockscreen ];
xsession.windowManager.i3 = {
enable = true;
@ -77,7 +80,7 @@ in
size = 8.0;
};
keybindings = lib.mkOptionDefault {
keybindings = mkOptionDefault {
"${modifier}+Shift+e" = ''mode "${logoutMode}"'';
"${modifier}+i" = "exec emacsclient -c";
@ -106,7 +109,7 @@ in
"Return" = "mode default";
};
in
lib.mkOptionDefault {
mkOptionDefault {
"${logoutMode}" = makeModeBindings {
"l" = "exec --no-startup-id i3-msg exit, mode default";
"s" = "exec --no-startup-id betterlockscreen --suspend, mode default";

24
home/x/i3bar.nix
View file

@ -1,11 +1,19 @@
{ config, lib, pkgs, ... }:
let
inherit (lib)
lists
mkIf
mkOption
optional
types
;
isEnabled = config.my.home.x.enable;
i3BarTheme = config.my.theme.i3BarTheme;
cfg = config.my.home.x.i3bar;
in
{
options.my.home.x.i3bar = with lib; {
options.my.home.x.i3bar = {
temperature.chip = mkOption {
type = types.str;
example = "coretemp-isa-*";
@ -24,12 +32,14 @@ in
};
};
config = lib.mkIf isEnabled {
home.packages = with pkgs; [
config = mkIf isEnabled {
home.packages = builtins.attrValues {
inherit (pkgs)
iw # Used by `net` block
lm_sensors # Used by `temperature` block
font-awesome
];
;
};
programs.i3status-rust = {
enable = true;
@ -79,7 +89,7 @@ in
chip = cfg.temperature.chip;
inputs = cfg.temperature.inputs;
}
] ++ (lib.lists.optionals ((builtins.length cfg.networking.throughput_interfaces) != 0)
] ++ (lists.optionals ((builtins.length cfg.networking.throughput_interfaces) != 0)
(map
(interface:
{
@ -105,11 +115,11 @@ in
block = "sound";
driver = "pulseaudio";
}
] ++ (lib.lists.optionals config.my.home.laptop.enable [
] ++ (optional config.my.home.laptop.enable
{
block = "battery";
}
]) ++ [
) ++ [
# {
# block = "notify";
# }

4
hosts/boreal/default.nix
View file

@ -105,9 +105,7 @@ in
"rfkill-release"
];
services.udev.packages = with pkgs; [
packages.kaleidoscope-udev-rules
];
services.udev.packages = [ pkgs.packages.kaleidoscope-udev-rules ];
hardware.bluetooth = {
enable = true;

8
hosts/boreal/home.nix
View file

@ -10,7 +10,8 @@
my.theme = config.home-manager.users.alarsyo.my.themes.solarizedLight;
home.packages = with pkgs; [
home.packages = builtins.attrValues {
inherit (pkgs)
# some websites only work there :(
chromium
@ -19,8 +20,9 @@
# keyboard goodness
chrysalis
;
packages.spot
];
inherit (pkgs.packages) spot;
};
};
}

8
hosts/poseidon/hardware-configuration.nix
View file

@ -2,7 +2,11 @@
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
let
inherit (lib)
mkDefault
;
in
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
@ -32,5 +36,5 @@
[ { device = "/dev/disk/by-uuid/381a9c5e-4d71-45b4-ac62-e7414b3768fc"; }
];
powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
powerManagement.cpuFreqGovernor = mkDefault "ondemand";
}

4
hosts/zephyrus/default.nix
View file

@ -56,9 +56,7 @@ in
};
my.gui.enable = true;
environment.systemPackages = with pkgs; [
arandr
];
environment.systemPackages = [ pkgs.arandr ];
hardware.bluetooth = {
enable = true;

8
hosts/zephyrus/hardware-configuration.nix
View file

@ -2,7 +2,11 @@
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
let
inherit (lib)
mkDefault
;
in
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
@ -40,7 +44,7 @@
swapDevices = [ ];
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
powerManagement.cpuFreqGovernor = mkDefault "powersave";
hardware.enableRedistributableFirmware = true;
}

12
hosts/zephyrus/home.nix
View file

@ -12,18 +12,20 @@
my.theme = config.home-manager.users.alarsyo.my.themes.solarizedLight;
home.packages = with pkgs; [
home.packages = builtins.attrValues {
inherit (pkgs)
# some websites only work there :(
chromium
wineWowPackages.stable
darktable
# dev
rustup
;
packages.spot
];
inherit (pkgs.packages) spot;
inherit (pkgs.wineWowPackages) stable;
};
};
}

26
modules/sddm.nix
View file

@ -1,23 +1,31 @@
{ config, lib, pkgs, ... }:
let
inherit (lib)
mkEnableOption
mkIf
;
cfg = config.my.displayManager.sddm;
in
{
options.my.displayManager.sddm.enable = lib.mkEnableOption "SDDM setup";
options.my.displayManager.sddm.enable = mkEnableOption "SDDM setup";
config = lib.mkIf cfg.enable {
config = mkIf cfg.enable {
services.xserver.displayManager.sddm = {
enable = true;
theme = "sugar-candy";
};
environment.systemPackages = with pkgs; [
packages.sddm-sugar-candy
environment.systemPackages = builtins.attrValues {
inherit (pkgs.packages)
sddm-sugar-candy
;
# dependencies for sugar-candy theme
libsForQt5.qt5.qtgraphicaleffects
libsForQt5.qt5.qtquickcontrols2
libsForQt5.qt5.qtsvg
];
inherit (pkgs.libsForQt5.qt5)
qtgraphicaleffects
qtquickcontrols2
qtsvg
;
};
};
}

13
modules/wakeonwlan.nix
View file

@ -1,8 +1,15 @@
{ config, lib, pkgs, ... }:
with lib;
let
inherit (lib)
concatStringsSep
literalExample
mapAttrs'
mkIf
mkOption
nameValuePair
;
cfg = config.my.wakeonwlan;
mkWowlanService = name: cfg:
@ -20,7 +27,7 @@ let
};
in
{
options.my.wakeonwlan = {
options.my.wakeonwlan = let inherit (lib) types; in {
interfaces = mkOption {
default = { };
description = "Wireless interfaces where you want to enable WoWLAN";

6
pkgs/grafana-dashboards/nginx.nix
View file

@ -1,5 +1,9 @@
{ stdenv, fetchFromGitHub, lib, ... }:
let
inherit (lib)
licenses
;
version = "0.9.0";
in
stdenv.mkDerivation {
@ -20,7 +24,7 @@ stdenv.mkDerivation {
cp grafana/dashboard.json $out/dashboard.json
'';
meta = with lib; {
meta = {
description = "grafana dashboard for NGINX exporter";
homepage = "https://github.com/nginxinc/nginx-prometheus-exporter";
license = licenses.asl20;

6
pkgs/grafana-dashboards/node-exporter.nix
View file

@ -1,5 +1,9 @@
{ stdenv, fetchFromGitHub, lib, ... }:
let
inherit (lib)
licenses
;
version = "7d61c79619e5749e629758ecd96748c010028120";
in
stdenv.mkDerivation {
@ -20,7 +24,7 @@ stdenv.mkDerivation {
cp prometheus/node-exporter-full.json $out/node-exporter-full.json
'';
meta = with lib; {
meta = {
description = "grafana dashboard for node exporter";
homepage = "https://github.com/rfrail3/grafana-dashboards";
license = licenses.lgpl3Only;

6
pkgs/kaleidoscope-udev-rules/default.nix
View file

@ -1,6 +1,10 @@
{ stdenv, lib, fetchFromGitHub }:
let
inherit (lib)
licenses
;
version = "1.99.3";
in
stdenv.mkDerivation {
@ -21,7 +25,7 @@ stdenv.mkDerivation {
cp etc/60-kaleidoscope.rules $out/lib/udev/rules.d/
'';
meta = with lib; {
meta = {
description = "udev rules for kaleidoscope firmware keyboards";
homepage = "https://github.com/keyboardio/Kaleidoscope";
license = licenses.gpl3Only;

9
secrets/borg-backup/default.nix
View file

@ -1,5 +1,10 @@
{ lib }:
let
inherit (lib)
fileContents
;
in
{
boreal-repo = lib.fileContents ./boreal-repo.secret;
poseidon-repo = lib.fileContents ./poseidon-repo.secret;
boreal-repo = fileContents ./boreal-repo.secret;
poseidon-repo = fileContents ./poseidon-repo.secret;
}

26
secrets/default.nix
View file

@ -1,20 +1,24 @@
{ pkgs, lib, config, ... }:
with lib;
{
options.my.secrets = mkOption {
let
inherit (lib)
fileContents
mkOption
;
in {
options.my.secrets = let inherit (lib) types; in mkOption {
type = types.attrs;
};
config.my.secrets = {
matrix-registration-shared-secret = lib.fileContents ./matrix-registration-shared-secret.secret;
shadow-hashed-password-alarsyo = lib.fileContents ./shadow-hashed-password-alarsyo.secret;
shadow-hashed-password-root = lib.fileContents ./shadow-hashed-password-root.secret;
miniflux-admin-credentials = lib.fileContents ./miniflux-admin-credentials.secret;
transmission-password = lib.fileContents ./transmission.secret;
matrix-registration-shared-secret = fileContents ./matrix-registration-shared-secret.secret;
shadow-hashed-password-alarsyo = fileContents ./shadow-hashed-password-alarsyo.secret;
shadow-hashed-password-root = fileContents ./shadow-hashed-password-root.secret;
miniflux-admin-credentials = fileContents ./miniflux-admin-credentials.secret;
transmission-password = fileContents ./transmission.secret;
nextcloud-admin-pass = ./nextcloud-admin-pass.secret;
nextcloud-admin-user = lib.fileContents ./nextcloud-admin-user.secret;
lohr-shared-secret = lib.fileContents ./lohr-shared-secret.secret;
gandiKey = lib.fileContents ./gandi-api-key.secret;
nextcloud-admin-user = fileContents ./nextcloud-admin-user.secret;
lohr-shared-secret = fileContents ./lohr-shared-secret.secret;
gandiKey = fileContents ./gandi-api-key.secret;
borg-backup = import ./borg-backup { inherit lib; };
paperless = import ./paperless { inherit lib; };

9
secrets/paperless/default.nix
View file

@ -1,5 +1,10 @@
{ lib }:
let
inherit (lib)
fileContents
;
in
{
secretKey = lib.fileContents ./secret-key-file.secret;
adminPassword = lib.fileContents ./admin-password.secret;
secretKey = fileContents ./secret-key-file.secret;
adminPassword = fileContents ./admin-password.secret;
}

7
secrets/restic-backup/default.nix
View file

@ -1,4 +1,9 @@
{ lib }:
let
inherit (lib)
fileContents
;
in
{
poseidon-repo = lib.fileContents ./poseidon-repo.secret;
poseidon-repo = fileContents ./poseidon-repo.secret;
}

12
services/borg-backup.nix
View file

@ -1,10 +1,14 @@
{ config, lib, pkgs, ... }:
with lib;
let cfg = config.my.services.borg-backup;
let
inherit (lib)
mkEnableOption
mkIf
mkOption
;
cfg = config.my.services.borg-backup;
in {
options.my.services.borg-backup = {
options.my.services.borg-backup = let inherit (lib) types; in {
enable = mkEnableOption "Enable Borg backups for this host";
repo = mkOption {

6
services/fail2ban.nix
View file

@ -1,7 +1,11 @@
{ config, lib, pkgs, ... }:
with lib;
let
inherit (lib)
mkEnableOption
mkIf
;
cfg = config.my.services.fail2ban;
in {
options.my.services.fail2ban = {

13
services/fava.nix
View file

@ -1,16 +1,20 @@
{ config, lib, pkgs, ... }:
with lib;
let
inherit (lib)
mkEnableOption
mkIf
mkOption
;
cfg = config.my.services.fava;
my = config.my;
domain = config.networking.domain;
secrets = config.my.secrets;
in
{
options.my.services.fava = {
enable = lib.mkEnableOption "Fava";
options.my.services.fava = let inherit (lib) types; in {
enable = mkEnableOption "Fava";
home = mkOption {
type = types.str;
@ -43,7 +47,6 @@ in
User = "fava";
Group = "fava";
};
path = with pkgs; [];
};
users.users.fava = {

10
services/gitea/default.nix
View file

@ -1,14 +1,18 @@
{ config, lib, pkgs, ... }:
with lib;
let
inherit (lib)
mkEnableOption
mkIf
mkOption
;
cfg = config.my.services.gitea;
my = config.my;
domain = config.networking.domain;
in {
options.my.services.gitea = {
options.my.services.gitea = let inherit (lib) types; in {
enable = mkEnableOption "Personal Git hosting with Gitea";
privatePort = mkOption {

9
services/jellyfin.nix
View file

@ -1,8 +1,11 @@
{ config, lib, pkgs, ... }:
with lib;
let
inherit (lib)
mkEnableOption
mkIf
;
cfg = config.my.services.jellyfin;
my = config.my;
@ -15,7 +18,7 @@ in {
enable = mkEnableOption "Jellyfin";
};
config = lib.mkIf cfg.enable {
config = mkIf cfg.enable {
services.jellyfin = {
enable = true;
group = "media";

16
services/lohr.nix
View file

@ -1,8 +1,12 @@
{ config, lib, pkgs, ... }:
with lib;
let
inherit (lib)
mkEnableOption
mkIf
mkOption
;
cfg = config.my.services.lohr;
my = config.my;
domain = config.networking.domain;
@ -14,8 +18,8 @@ let
flake.defaultPackage."x86_64-linux"; # FIXME: use correct system
in
{
options.my.services.lohr = {
enable = lib.mkEnableOption "Lohr Mirroring Daemon";
options.my.services.lohr = let inherit (lib) types; in {
enable = mkEnableOption "Lohr Mirroring Daemon";
home = mkOption {
type = types.str;
@ -49,9 +53,7 @@ in
User = "lohr";
Group = "lohr";
};
path = with pkgs; [
git
];
path = [ pkgs.git ];
};
users.users.lohr = {

16
services/matrix.nix
View file

@ -9,9 +9,13 @@
#
{ config, lib, pkgs, ... }:
with lib;
let
inherit (lib)
mkEnableOption
mkIf
mkOption
;
cfg = config.my.services.matrix;
my = config.my;
@ -19,10 +23,10 @@ let
clientPort = { public = 443; private = 11339; };
domain = config.networking.domain;
in {
options.my.services.matrix = {
enable = lib.mkEnableOption "Matrix Synapse";
options.my.services.matrix = let inherit (lib) types; in {
enable = mkEnableOption "Matrix Synapse";
registration_shared_secret = lib.mkOption {
registration_shared_secret = mkOption {
type = types.str;
default = null;
example = "deadbeef";
@ -61,7 +65,7 @@ in {
};
};
config = lib.mkIf cfg.enable {
config = mkIf cfg.enable {
services.postgresql = {
enable = true;
};

12
services/media.nix
View file

@ -1,11 +1,17 @@
{ config, lib, ... }:
let
mediaServices = with config.my.services; [
inherit (lib)
mkIf
;
mediaServices = builtins.attrValues {
inherit (config.my.services)
jellyfin
transmission
];
;
};
needed = builtins.any (service: service.enable) mediaServices;
in
{
config.users.groups.media = lib.mkIf needed { };
config.users.groups.media = mkIf needed { };
}

10
services/miniflux.nix
View file

@ -1,14 +1,18 @@
{ config, lib, pkgs, ... }:
with lib;
let
inherit (lib)
mkEnableOption
mkIf
mkOption
;
cfg = config.my.services.miniflux;
my = config.my;
domain = config.networking.domain;
in {
options.my.services.miniflux = {
options.my.services.miniflux = let inherit (lib) types; in {
enable = mkEnableOption "Serve a Miniflux instance";
adminCredentialsFile = mkOption {

10
services/monitoring.nix
View file

@ -1,12 +1,16 @@
{ config, lib, pkgs, ... }:
with lib;
let
inherit (lib)
mkEnableOption
mkIf
mkOption
;
cfg = config.my.services.monitoring;
domain = config.networking.domain;
in {
options.my.services.monitoring = {
options.my.services.monitoring = let inherit (lib) types; in {
enable = mkEnableOption "Enable monitoring";
domain = mkOption {

13
services/navidrome.nix
View file

@ -1,12 +1,17 @@
{ config, lib, pkgs, ... }:
with lib;
let
inherit (lib)
mkEnableOption
mkIf
mkOption
optional
;
cfg = config.my.services.navidrome;
domain = config.networking.domain;
in {
options.my.services.navidrome = {
options.my.services.navidrome = let inherit (lib) types; in {
enable = mkEnableOption "Navidrome";
musicFolder = {
path = mkOption {
@ -17,7 +22,7 @@ in {
};
};
config = lib.mkIf cfg.enable {
config = mkIf cfg.enable {
services.navidrome = {
enable = true;
settings = {

11
services/nextcloud.nix
View file

@ -3,6 +3,11 @@
# TODO: setup prometheus exporter
let
inherit (lib)
mkEnableOption
mkIf
;
cfg = config.my.services.nextcloud;
my = config.my;
domain = config.networking.domain;
@ -10,10 +15,10 @@ let
in
{
options.my.services.nextcloud = {
enable = lib.mkEnableOption "NextCloud";
enable = mkEnableOption "NextCloud";
};
config = lib.mkIf cfg.enable {
config = mkIf cfg.enable {
services.postgresql = {
enable = true;
@ -73,7 +78,7 @@ in
my.services.restic-backup = let
nextcloudHome = config.services.nextcloud.home;
in lib.mkIf cfg.enable {
in mkIf cfg.enable {
paths = [ nextcloudHome ];
exclude = [
# borg can fail if *.part files disappear during backup

7
services/nginx.nix
View file

@ -2,10 +2,15 @@
#
# https://github.com/delroth/infra.delroth.net
{ config, lib, pkgs, ... }:
let
inherit (lib)
mkIf
;
in
{
# Whenever something defines an nginx vhost, ensure that nginx defaults are
# properly set.
config = lib.mkIf ((builtins.attrNames config.services.nginx.virtualHosts) != [ "localhost" ]) {
config = mkIf ((builtins.attrNames config.services.nginx.virtualHosts) != [ "localhost" ]) {
services.nginx = {
enable = true;
statusPage = true; # For monitoring scraping.

9
services/nuage.nix
View file

@ -1,14 +1,17 @@
{ config, lib, ... }:
with lib;
let
inherit (lib)
mkEnableOption
mkIf
;
cfg = config.my.services.nuage;
my = config.my;
in
{
options.my.services.nuage = {
enable = lib.mkEnableOption "Nuage redirect";
enable = mkEnableOption "Nuage redirect";
};
config = mkIf cfg.enable {

12
services/paperless.nix
View file

@ -1,8 +1,12 @@
{ config, lib, pkgs, ... }:
with lib;
let
inherit (lib)
mkEnableOption
mkIf
mkOption
;
cfg = config.my.services.paperless;
my = config.my;
domain = config.networking.domain;
@ -10,8 +14,8 @@ let
secretKeyFile = pkgs.writeText "paperless-secret-key-file.env" my.secrets.paperless.secretKey;
in
{
options.my.services.paperless = {
enable = lib.mkEnableOption "Paperless";
options.my.services.paperless = let inherit (lib) types; in {
enable = mkEnableOption "Paperless";
port = mkOption {
type = types.port;

12
services/pipewire.nix
View file

@ -1,14 +1,18 @@
{ config, lib, pkgs, options, ... }:
with lib;
let
inherit (lib)
mkEnableOption
mkIf
optionalAttrs
;
cfg = config.my.services.pipewire;
my = config.my;
in
{
options.my.services.pipewire = {
enable = lib.mkEnableOption "Pipewire sound backend";
enable = mkEnableOption "Pipewire sound backend";
};
# HACK: services.pipewire.alsa doesn't exist on 20.09, avoid evaluating this
@ -69,6 +73,6 @@ in
# FIXME: a shame pactl isn't available by itself, eventually this should be
# replaced by pw-cli or a wrapper, I guess?
environment.systemPackages = with pkgs; [ pulseaudio ];
environment.systemPackages = [ pkgs.pulseaudio ];
});
}

7
services/postgresql-backup.nix
View file

@ -1,8 +1,11 @@
{ config, lib, pkgs, ... }:
with lib;
let
inherit (lib)
mkEnableOption
mkIf
;
cfg = config.my.services.postgresql-backup;
in {
options.my.services.postgresql-backup = {

20
services/restic-backup.nix
View file

@ -1,16 +1,22 @@
{ config, lib, pkgs, ... }:
with lib;
let
inherit (lib)
attrsets
concatStringsSep
mkEnableOption
mkIf
mkOption
optional
;
cfg = config.my.services.restic-backup;
secrets = config.my.secrets;
excludeArg = with builtins; with pkgs;
"--exclude-file=" + (writeText "excludes.txt" (concatStringsSep "\n" cfg.exclude));
excludeArg = "--exclude-file=" + (pkgs.writeText "excludes.txt" (concatStringsSep "\n" cfg.exclude));
makePruneOpts = pruneOpts:
attrsets.mapAttrsToList (name: value: "--keep-${name} ${toString value}") pruneOpts;
in {
options.my.services.restic-backup = {
options.my.services.restic-backup = let inherit (lib) types; in {
enable = mkEnableOption "Enable Restic backups for this host";
repo = mkOption {
@ -22,7 +28,7 @@ in {
};
paths = mkOption {
type = with types; listOf str;
type = types.listOf types.str;
default = [ ];
example = [
"/var/lib"
@ -32,7 +38,7 @@ in {
};
exclude = mkOption {
type = with types; listOf str;
type = types.listOf types.str;
default = [ ];
example = [
# very large paths

11
services/tailscale.nix
View file

@ -1,16 +1,19 @@
{ config, lib, pkgs, ... }:
with lib;
let
inherit (lib)
mkEnableOption
mkIf
;
cfg = config.my.services.tailscale;
in
{
options.my.services.tailscale = {
enable = lib.mkEnableOption "Tailscale";
enable = mkEnableOption "Tailscale";
# NOTE: still have to do `tailscale up --advertise-exit-node`
exitNode = lib.mkEnableOption "Use as exit node";
exitNode = mkEnableOption "Use as exit node";
};
config = mkIf cfg.enable {

9
services/tgv.nix
View file

@ -1,14 +1,17 @@
{ config, lib, ... }:
with lib;
let
inherit (lib)
mkEnableOption
mkIf
;
cfg = config.my.services.tgv;
my = config.my;
in
{
options.my.services.tgv = {
enable = lib.mkEnableOption "TGV redirect";
enable = mkEnableOption "TGV redirect";
};
config = mkIf cfg.enable {

10
services/transmission.nix
View file

@ -1,5 +1,11 @@
{ config, lib, ... }:
let
inherit (lib)
mkEnableOption
mkIf
mkOption
;
cfg = config.my.services.transmission;
domain = config.networking.domain;
@ -11,7 +17,7 @@ let
downloadBase = "/media/torrents/";
in
{
options.my.services.transmission = with lib; {
options.my.services.transmission = let inherit (lib) types; in {
enable = mkEnableOption "Transmission torrent client";
username = mkOption {
@ -28,7 +34,7 @@ in
};
};
config = lib.mkIf cfg.enable {
config = mkIf cfg.enable {
services.transmission = {
enable = true;
group = "media";

10
services/vaultwarden.nix
View file

@ -1,14 +1,18 @@
{ config, lib, pkgs, ... }:
with lib;
let
inherit (lib)
mkEnableOption
mkIf
mkOption
;
cfg = config.my.services.vaultwarden;
my = config.my;
domain = config.networking.domain;
in {
options.my.services.vaultwarden = {
options.my.services.vaultwarden = let inherit (lib) types; in {
enable = mkEnableOption "Vaultwarden";
privatePort = mkOption {