diff --git a/base/default.nix b/base/default.nix index 1607602..123b658 100644 --- a/base/default.nix +++ b/base/default.nix @@ -1,4 +1,5 @@ -{...}: { +{ ... }: +{ imports = [ ./gui-programs.nix ./networking.nix diff --git a/base/gui-programs.nix b/base/gui-programs.nix index f23213e..8bc9d33 100644 --- a/base/gui-programs.nix +++ b/base/gui-programs.nix @@ -1,17 +1,12 @@ -{ - pkgs, - lib, - config, - options, - ... -}: let - inherit - (lib) +{ pkgs, lib, config, options, ... }: +let + inherit (lib) mkEnableOption mkIf optional - ; -in { + ; +in +{ options.my.gui = { enable = mkEnableOption "System has some kind of screen attached"; isNvidia = mkEnableOption "System a NVIDIA GPU"; @@ -24,10 +19,8 @@ in { xserver = { enable = true; # NOTE: could use `mkOptionDefault` but this feels more explicit - videoDrivers = - if config.my.gui.isNvidia - then ["nvidia"] - else options.services.xserver.videoDrivers.default; + videoDrivers = if config.my.gui.isNvidia then [ "nvidia" ] + else options.services.xserver.videoDrivers.default; windowManager.i3.enable = true; layout = "fr"; xkbVariant = "us"; @@ -38,8 +31,7 @@ in { }; environment.systemPackages = builtins.attrValues { - inherit - (pkgs) + inherit (pkgs) element-desktop feh firefox @@ -56,7 +48,7 @@ in { thunderbird virt-manager zathura - ; + ; inherit (pkgs.gnome) nautilus; @@ -68,11 +60,11 @@ in { dispatcherScripts = [ { - source = let - grep = "${pkgs.gnugrep}/bin/grep"; - nmcli = "${pkgs.networkmanager}/bin/nmcli"; - in - pkgs.writeShellScript "disable_wifi_on_ethernet" '' + source = + let + grep = "${pkgs.gnugrep}/bin/grep"; + nmcli = "${pkgs.networkmanager}/bin/nmcli"; + in pkgs.writeShellScript "disable_wifi_on_ethernet" '' export LC_ALL=C enable_disable_wifi () diff --git a/base/networking.nix b/base/networking.nix index 02c8982..e059f5e 100644 --- a/base/networking.nix +++ b/base/networking.nix @@ -1,10 +1,11 @@ -{lib, ...}: let - inherit - (lib) +{ lib, ... }: +let + inherit (lib) mkOption types - ; -in { + ; +in +{ options.my.networking.externalInterface = mkOption { type = types.nullOr types.str; default = null; diff --git a/base/nix.nix b/base/nix.nix index b016e0d..c632aa9 100644 --- a/base/nix.nix +++ b/base/nix.nix @@ -1,12 +1,13 @@ -{pkgs, ...}: { +{ pkgs, ... }: +{ nixpkgs.config.allowUnfree = true; nix = { package = pkgs.nixStable; settings = { - experimental-features = ["nix-command" "flakes"]; - trusted-users = ["@wheel"]; + experimental-features = [ "nix-command" "flakes" ]; + trusted-users = [ "@wheel" ]; substituters = [ "https://alarsyo.cachix.org" "https://nix-community.cachix.org" diff --git a/base/programs.nix b/base/programs.nix index 3281f01..ebc83e6 100644 --- a/base/programs.nix +++ b/base/programs.nix @@ -1,4 +1,5 @@ -{pkgs, ...}: { +{ pkgs, ... }: +{ programs = { fish.enable = true; gnupg.agent = { @@ -19,10 +20,8 @@ }; environment.systemPackages = builtins.attrValues { - inherit - (pkgs) + inherit (pkgs) # shell usage - fd ripgrep sd @@ -30,9 +29,8 @@ tokei tree wget + # development - - alejandra git git-crypt git-lfs @@ -42,8 +40,8 @@ pinentry-gnome python3 vim + # terminal utilities - bottom dogdns du-dust @@ -52,16 +50,16 @@ tealdeer unzip zip - # nix pkgs lookup - - nix-index - agenix - ; - inherit - (pkgs.llvmPackages_11) + # nix pkgs lookup + nix-index + + agenix + ; + + inherit (pkgs.llvmPackages_11) bintools clang - ; + ; }; } diff --git a/base/users.nix b/base/users.nix index 6f5e441..2af640f 100644 --- a/base/users.nix +++ b/base/users.nix @@ -1,11 +1,8 @@ -{ - config, - lib, - pkgs, - ... -}: let +{ config, lib, pkgs, ... }: +let secrets = config.my.secrets; -in { +in +{ users.mutableUsers = false; users.users.root = { passwordFile = config.age.secrets."users/root-hashed-password".path; diff --git a/boreal.nix b/boreal.nix index 076f749..448fcfb 100644 --- a/boreal.nix +++ b/boreal.nix @@ -1,4 +1,5 @@ -{...}: { +{ ... }: +{ imports = [ # Default configuration ./base diff --git a/flake.nix b/flake.nix index 0933043..17ddf99 100644 --- a/flake.nix +++ b/flake.nix @@ -51,121 +51,104 @@ }; }; - outputs = { - self, - nixpkgs, - home-manager, - agenix, - ... - } @ inputs: - { - nixosModules = { - home = { - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - home-manager.users.alarsyo = import ./home; - home-manager.verbose = true; - }; - nix-path = { - nix.nixPath = [ - "nixpkgs=${inputs.nixpkgs}" - ]; - }; + outputs = { self, nixpkgs, home-manager, agenix, ... } @inputs: { + nixosModules = { + home = { + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + home-manager.users.alarsyo = import ./home; + home-manager.verbose = true; }; + nix-path = { + nix.nixPath = [ + "nixpkgs=${inputs.nixpkgs}" + ]; + }; + }; - overlays = import ./overlays; + overlays = import ./overlays; - nixosConfigurations = let + nixosConfigurations = + let system = "x86_64-linux"; - shared_overlays = - [ - (self: super: { - packages = import ./pkgs {pkgs = super;}; + shared_overlays = [ + (self: super: { + packages = import ./pkgs { pkgs = super; }; - # packages accessible through pkgs.unstable.package - unstable = import inputs.nixpkgs-unstable-small { - inherit system; - config.allowUnfree = true; - }; - }) + # packages accessible through pkgs.unstable.package + unstable = import inputs.nixpkgs-unstable-small { + inherit system; + config.allowUnfree = true; + }; - agenix.overlay - ] - ++ builtins.attrValues self.overlays; - sharedModules = - [ - agenix.nixosModule - home-manager.nixosModule - {nixpkgs.overlays = shared_overlays;} - ] - ++ (nixpkgs.lib.attrValues self.nixosModules); + }) + + agenix.overlay + ] ++ builtins.attrValues self.overlays; + sharedModules = [ + agenix.nixosModule + home-manager.nixosModule + { nixpkgs.overlays = shared_overlays; } + ] ++ (nixpkgs.lib.attrValues self.nixosModules); in { + poseidon = nixpkgs.lib.nixosSystem rec { inherit system; - modules = - [ - ./poseidon.nix - ] - ++ sharedModules; + modules = [ + ./poseidon.nix + ] ++ sharedModules; }; boreal = nixpkgs.lib.nixosSystem rec { inherit system; - modules = - [ - ./boreal.nix + modules = [ + ./boreal.nix - { - nixpkgs.overlays = [ - inputs.emacs-overlay.overlay + { + nixpkgs.overlays = [ + inputs.emacs-overlay.overlay - # uncomment this to build everything from scratch, fun but takes a - # while - # - # (self: super: { - # stdenv = super.impureUseNativeOptimizations super.stdenv; - # }) - ]; - } - ] - ++ sharedModules; + # uncomment this to build everything from scratch, fun but takes a + # while + # + # (self: super: { + # stdenv = super.impureUseNativeOptimizations super.stdenv; + # }) + ]; + } + ] ++ sharedModules; }; zephyrus = nixpkgs.lib.nixosSystem rec { inherit system; - modules = - [ - ./zephyrus.nix + modules = [ + ./zephyrus.nix - inputs.nixos-hardware.nixosModules.common-cpu-intel - inputs.nixos-hardware.nixosModules.common-pc-laptop - inputs.nixos-hardware.nixosModules.common-pc-ssd + inputs.nixos-hardware.nixosModules.common-cpu-intel + inputs.nixos-hardware.nixosModules.common-pc-laptop + inputs.nixos-hardware.nixosModules.common-pc-ssd - { - nixpkgs.overlays = [ - inputs.emacs-overlay.overlay - ]; - } - ] - ++ sharedModules; + { + nixpkgs.overlays = [ + inputs.emacs-overlay.overlay + ]; + } + ] ++ sharedModules; }; + }; - } - // inputs.flake-utils.lib.eachDefaultSystem (system: { - packages = - ( - inputs.flake-utils.lib.flattenTree - (import ./pkgs {pkgs = import nixpkgs {inherit system;};}) - ) - // { - emacsPgtkGcc = - ( - import nixpkgs { - inherit system; - overlays = [inputs.emacs-overlay.overlay]; - } - ) - .emacsPgtkGcc; - }; - }); + } // inputs.flake-utils.lib.eachDefaultSystem (system: { + packages = + ( + inputs.flake-utils.lib.flattenTree + (import ./pkgs { pkgs = import nixpkgs { inherit system; }; }) + ) // { + emacsPgtkGcc = ( + import nixpkgs { + inherit system; + overlays = [ inputs.emacs-overlay.overlay ]; + } + ).emacsPgtkGcc; + }; + }); } diff --git a/home/alacritty.nix b/home/alacritty.nix index 87843d2..bf9665b 100644 --- a/home/alacritty.nix +++ b/home/alacritty.nix @@ -1,19 +1,15 @@ -{ - config, - lib, - pkgs, - ... -}: let - inherit - (lib) +{ config, lib, pkgs, ... }: +let + inherit (lib) mkEnableOption mkIf - ; + ; cfg = config.my.home.alacritty; alacrittyTheme = config.my.theme.alacrittyTheme; -in { - options.my.home.alacritty.enable = (mkEnableOption "Alacritty terminal") // {default = config.my.home.x.enable;}; +in +{ + options.my.home.alacritty.enable = (mkEnableOption "Alacritty terminal") // { default = config.my.home.x.enable; }; config = mkIf cfg.enable { programs.alacritty = { @@ -43,7 +39,7 @@ in { }; }; - home.packages = [pkgs.iosevka-bin]; + home.packages = [ pkgs.iosevka-bin ]; # make sure font is discoverable fonts.fontconfig.enable = true; diff --git a/home/bat.nix b/home/bat.nix index f2bbfd2..2349985 100644 --- a/home/bat.nix +++ b/home/bat.nix @@ -1,19 +1,16 @@ -{ - config, - lib, - ... -}: let - inherit - (lib) +{ config, lib, ... }: +let + inherit (lib) mkEnableOption mkIf - ; + ; cfg = config.my.home.bat; batTheme = config.my.theme.batTheme; -in { +in +{ options.my.home.bat = { - enable = (mkEnableOption "bat code display tool") // {default = true;}; + enable = (mkEnableOption "bat code display tool") // { default = true; }; }; config = mkIf cfg.enable { diff --git a/home/default.nix b/home/default.nix index faea7f2..ab42092 100644 --- a/home/default.nix +++ b/home/default.nix @@ -1,4 +1,5 @@ -{...}: { +{ ... }: +{ imports = [ ./alacritty.nix ./bat.nix diff --git a/home/emacs.nix b/home/emacs.nix index 536dc5b..c9ed8f6 100644 --- a/home/emacs.nix +++ b/home/emacs.nix @@ -1,35 +1,30 @@ -{ - config, - lib, - pkgs, - ... -}: let - inherit - (lib) +{ config, lib, pkgs, ... }: +let + inherit (lib) mkEnableOption mkIf - ; -in { + ; +in +{ options.my.home.emacs = { enable = mkEnableOption "Emacs daemon configuration"; }; config = mkIf config.my.home.emacs.enable { - home.sessionPath = ["${config.xdg.configHome}/emacs/bin"]; + + home.sessionPath = [ "${config.xdg.configHome}/emacs/bin" ]; home.sessionVariables = { EDITOR = "emacsclient -t"; }; home.packages = builtins.attrValues { - inherit - (pkgs) + inherit (pkgs) sqlite # needed by org-roam - + # fonts used by my config - emacs-all-the-icons-fonts iosevka-bin - ; + ; }; # make sure above fonts are discoverable fonts.fontconfig.enable = true; diff --git a/home/env.nix b/home/env.nix index aaeb1b6..3996dfc 100644 --- a/home/env.nix +++ b/home/env.nix @@ -1,4 +1,5 @@ -{config, ...}: { +{ config, ... }: +{ home.sessionPath = [ "${config.home.homeDirectory}/.cargo/bin" "${config.home.homeDirectory}/.local/bin" diff --git a/home/firefox.nix b/home/firefox.nix index c633f33..1cfce8a 100644 --- a/home/firefox.nix +++ b/home/firefox.nix @@ -1,19 +1,15 @@ -{ - config, - lib, - pkgs, - ... -}: let - inherit - (lib) +{ config, lib, pkgs, ... }: +let + inherit (lib) mkEnableOption mkIf - ; + ; cfg = config.my.home.firefox; -in { +in +{ options.my.home.firefox = { - enable = (mkEnableOption "firefox config") // {default = config.my.home.x.enable;}; + enable = (mkEnableOption "firefox config") // { default = config.my.home.x.enable; }; }; config = mkIf cfg.enable { diff --git a/home/fish/default.nix b/home/fish/default.nix index 6fa9f00..0e9d721 100644 --- a/home/fish/default.nix +++ b/home/fish/default.nix @@ -1,17 +1,14 @@ -{ - config, - lib, - ... -}: let - inherit - (lib) +{ config, lib, ... }: +let + inherit (lib) mkEnableOption mkIf - ; + ; cfg = config.my.home.fish; -in { - options.my.home.fish.enable = (mkEnableOption "Fish shell") // {default = true;}; +in +{ + options.my.home.fish.enable = (mkEnableOption "Fish shell") // { default = true; }; config = mkIf cfg.enable { home.sessionVariables = { @@ -24,6 +21,6 @@ in { enable = true; }; - xdg.configFile."fish/functions" = {source = ./. + "/functions";}; + xdg.configFile."fish/functions" = { source = ./. + "/functions"; }; }; } diff --git a/home/flameshot.nix b/home/flameshot.nix index 47e2886..043d2ce 100644 --- a/home/flameshot.nix +++ b/home/flameshot.nix @@ -1,16 +1,13 @@ -{ - config, - lib, - ... -}: let - inherit - (lib) +{ config, lib, ... }: +let + inherit (lib) mkEnableOption mkIf - ; + ; cfg = config.my.home.flameshot; -in { +in +{ options.my.home.flameshot = { enable = mkEnableOption "flameshot autolaunch"; }; diff --git a/home/git.nix b/home/git.nix index 1ab8fbf..61e8171 100644 --- a/home/git.nix +++ b/home/git.nix @@ -1,18 +1,14 @@ -{ - config, - lib, - pkgs, - ... -}: let - inherit - (lib) +{ config, lib, pkgs, ... }: +let + inherit (lib) mkEnableOption mkIf - ; + ; cfg = config.my.home.git; -in { - options.my.home.git.enable = (mkEnableOption "Git configuration") // {default = true;}; +in +{ + options.my.home.git.enable = (mkEnableOption "Git configuration") // { default = true; }; config = mkIf cfg.enable { programs.git = { @@ -30,11 +26,11 @@ in { userName = "Antoine Martin"; extraConfig = { - commit = {verbose = true;}; - core = {editor = "vim";}; - init = {defaultBranch = "main";}; - pull = {rebase = true;}; - rerere = {enabled = true;}; + commit = { verbose = true; }; + core = { editor = "vim"; }; + init = { defaultBranch = "main"; }; + pull = { rebase = true; }; + rerere = { enabled = true; }; }; aliases = { @@ -46,15 +42,15 @@ in { includes = [ { condition = "gitdir:~/work/lrde/"; - contents = {user = {email = "amartin@lrde.epita.fr";};}; + contents = { user = { email = "amartin@lrde.epita.fr"; }; }; } { condition = "gitdir:~/work/prologin/"; - contents = {user = {email = "antoine.martin@prologin.org";};}; + contents = { user = { email = "antoine.martin@prologin.org"; }; }; } { condition = "gitdir:~/work/epita/"; - contents = {user = {email = "antoine4.martin@epita.fr";};}; + contents = { user = { email = "antoine4.martin@epita.fr"; }; }; } ]; }; diff --git a/home/laptop.nix b/home/laptop.nix index 28f1467..8d30003 100644 --- a/home/laptop.nix +++ b/home/laptop.nix @@ -1,13 +1,10 @@ -{ - config, - lib, - ... -}: let - inherit - (lib) +{ config, lib, ... }: +let + inherit (lib) mkEnableOption - ; -in { + ; +in +{ options.my.home.laptop = { enable = mkEnableOption "Laptop settings"; }; diff --git a/home/lorri.nix b/home/lorri.nix index 0d7e2e3..386d282 100644 --- a/home/lorri.nix +++ b/home/lorri.nix @@ -1,28 +1,25 @@ -{ - config, - lib, - ... -}: let - inherit - (lib) +{ config, lib, ... }: +let + inherit (lib) mkEnableOption mkIf - ; + ; cfg = config.my.home.lorri; -in { +in +{ options.my.home.lorri = { - enable = (mkEnableOption "lorri daemon setup") // {default = true;}; + enable = (mkEnableOption "lorri daemon setup") // { default = true; }; }; config = mkIf cfg.enable { services.lorri.enable = true; programs.direnv = { - enable = true; - # FIXME: proper file, not lorri.nix - nix-direnv = { enable = true; - }; + # FIXME: proper file, not lorri.nix + nix-direnv = { + enable = true; + }; }; }; } diff --git a/home/mail.nix b/home/mail.nix index 7301600..f4efcfc 100644 --- a/home/mail.nix +++ b/home/mail.nix @@ -1,26 +1,22 @@ -{ - config, - lib, - pkgs, - ... -}: let - inherit - (lib) +{ config, lib, pkgs, ... }: +let + inherit (lib) mkEnableOption mkIf - ; + ; myName = "Antoine Martin"; email_perso = "antoine@alarsyo.net"; email_lrde = "amartin@lrde.epita.fr"; cfg = config.my.home.mail; -in { +in +{ options.my.home.mail = { # I *could* read email in a terminal emacs client on a server, but in # practice I don't think it'll happen very often, so let's enable this only # when I'm on a machine with a Xorg server. - enable = (mkEnableOption "email configuration") // {default = config.my.home.x.enable;}; + enable = (mkEnableOption "email configuration") // { default = config.my.home.x.enable; }; }; config = mkIf cfg.enable { diff --git a/home/rbw.nix b/home/rbw.nix index 98ca2b0..34ac1b8 100644 --- a/home/rbw.nix +++ b/home/rbw.nix @@ -1,18 +1,14 @@ -{ - config, - lib, - pkgs, - ... -}: let - inherit - (lib) +{ config, lib, pkgs, ... }: +let + inherit (lib) mkEnableOption mkIf - ; + ; cfg = config.my.home.mail; -in { +in +{ options.my.home.rbw = { - enable = mkEnableOption "rbw configuration"; + enable = (mkEnableOption "rbw configuration"); }; config = mkIf cfg.enable { diff --git a/home/rofi.nix b/home/rofi.nix index 5419209..b5a9e91 100644 --- a/home/rofi.nix +++ b/home/rofi.nix @@ -1,19 +1,15 @@ -{ - config, - lib, - pkgs, - ... -}: let - inherit - (lib) +{ config, lib, pkgs, ... }: +let + inherit (lib) mkEnableOption mkIf - ; + ; cfg = config.my.home.rofi; -in { +in +{ options.my.home.rofi = { - enable = (mkEnableOption "rofi configuration") // {default = config.my.home.x.enable;}; + enable = (mkEnableOption "rofi configuration") // { default = config.my.home.x.enable; }; }; config = mkIf cfg.enable { diff --git a/home/ssh.nix b/home/ssh.nix index 4b65ea9..fc5884e 100644 --- a/home/ssh.nix +++ b/home/ssh.nix @@ -1,18 +1,15 @@ -{ - config, - lib, - ... -}: let - inherit - (lib) +{ config, lib, ... }: +let + inherit (lib) mkEnableOption mkIf - ; + ; cfg = config.my.home.ssh; -in { +in +{ options.my.home.ssh = { - enable = (mkEnableOption "ssh configuration") // {default = true;}; + enable = (mkEnableOption "ssh configuration") // { default = true; }; }; config = mkIf cfg.enable { @@ -20,8 +17,8 @@ in { enable = true; matchBlocks = { - boreal = {hostname = "boreal.alarsyo.net";}; - poseidon = {hostname = "poseidon.alarsyo.net";}; + boreal = { hostname = "boreal.alarsyo.net"; }; + poseidon = { hostname = "poseidon.alarsyo.net"; }; pi = { hostname = "pi.alarsyo.net"; user = "pi"; diff --git a/home/themes/alacritty.nix b/home/themes/alacritty.nix index abdbdc7..cc6943b 100644 --- a/home/themes/alacritty.nix +++ b/home/themes/alacritty.nix @@ -1,11 +1,11 @@ -{lib}: let - inherit - (lib) +{ lib }: +let + inherit (lib) mkOption types - ; + ; - mkColorOption = import ./color.nix {inherit lib;}; + mkColorOption = import ./color.nix { inherit lib; }; primaryColorModule = types.submodule { options = { @@ -34,60 +34,60 @@ }; }; in - types.submodule { - options = { - primary = mkOption { - type = primaryColorModule; - default = { - foreground = "#c5c8c6"; - background = "#1d1f21"; - }; - }; - cursor = mkOption { - type = cursorColorModule; - default = { - text = "#1d1f21"; - cursor = "#c5c8c6"; - }; - }; - normal = mkOption { - type = rainbowColorModule; - default = { - black = "#1d1f21"; - red = "#cc6666"; - green = "#b5bd68"; - yellow = "#f0c674"; - blue = "#81a2be"; - magenta = "#b294bb"; - cyan = "#8abeb7"; - white = "#c5c8c6"; - }; - }; - bright = mkOption { - type = rainbowColorModule; - default = { - black = "#666666"; - red = "#d54e53"; - green = "#b9ca4a"; - yellow = "#e7c547"; - blue = "#7aa6da"; - magenta = "#c397d8"; - cyan = "#70c0b1"; - white = "#eaeaea"; - }; - }; - dim = mkOption { - type = rainbowColorModule; - default = { - black = "#131415"; - red = "#864343"; - green = "#777c44"; - yellow = "#9e824c"; - blue = "#556a7d"; - magenta = "#75617b"; - cyan = "#5b7d78"; - white = "#828482"; - }; +types.submodule { + options = { + primary = mkOption { + type = primaryColorModule; + default = { + foreground = "#c5c8c6"; + background = "#1d1f21"; }; }; - } + cursor = mkOption { + type = cursorColorModule; + default = { + text = "#1d1f21"; + cursor = "#c5c8c6"; + }; + }; + normal = mkOption { + type = rainbowColorModule; + default = { + black = "#1d1f21"; + red = "#cc6666"; + green = "#b5bd68"; + yellow = "#f0c674"; + blue = "#81a2be"; + magenta = "#b294bb"; + cyan = "#8abeb7"; + white = "#c5c8c6"; + }; + }; + bright = mkOption { + type = rainbowColorModule; + default = { + black = "#666666"; + red = "#d54e53"; + green = "#b9ca4a"; + yellow = "#e7c547"; + blue = "#7aa6da"; + magenta = "#c397d8"; + cyan = "#70c0b1"; + white = "#eaeaea"; + }; + }; + dim = mkOption { + type = rainbowColorModule; + default = { + black = "#131415"; + red = "#864343"; + green = "#777c44"; + yellow = "#9e824c"; + blue = "#556a7d"; + magenta = "#75617b"; + cyan = "#5b7d78"; + white = "#828482"; + }; + }; + }; +} diff --git a/home/themes/bat.nix b/home/themes/bat.nix index 22e873e..df9565e 100644 --- a/home/themes/bat.nix +++ b/home/themes/bat.nix @@ -1,15 +1,15 @@ -{lib}: let - inherit - (lib) +{ lib }: +let + inherit (lib) mkOption types - ; + ; in - types.submodule { - options = { - name = mkOption { - type = types.str; - default = ""; - }; +types.submodule { + options = { + name = mkOption { + type = types.str; + default = ""; }; - } + }; +} diff --git a/home/themes/color.nix b/home/themes/color.nix index c1aa5af..5c63963 100644 --- a/home/themes/color.nix +++ b/home/themes/color.nix @@ -1,18 +1,14 @@ -{lib}: let - inherit - (lib) +{ lib }: +let + inherit (lib) mkOption types - ; + ; - mkColorOption = { - default ? "#000000", - description ? "", - }: - mkOption { - inherit description default; - example = "#abcdef"; - type = types.strMatching "#[0-9a-f]{6}"; - }; + mkColorOption = {default ? "#000000", description ? "" }: mkOption { + inherit description default; + example = "#abcdef"; + type = types.strMatching "#[0-9a-f]{6}"; + }; in - mkColorOption +mkColorOption diff --git a/home/themes/default.nix b/home/themes/default.nix index 19c4103..e19a474 100644 --- a/home/themes/default.nix +++ b/home/themes/default.nix @@ -1,38 +1,35 @@ -{ - config, - lib, - ... -}: let - inherit - (lib) +{ config, lib, ... }: +let + inherit (lib) mkOption types - ; + ; themeType = types.submodule { options = { alacrittyTheme = mkOption { - type = import ./alacritty.nix {inherit lib;}; + type = import ./alacritty.nix { inherit lib; }; default = {}; }; batTheme = mkOption { - type = import ./bat.nix {inherit lib;}; + type = import ./bat.nix { inherit lib; }; default = {}; }; i3Theme = mkOption { - type = import ./i3.nix {inherit lib;}; + type = import ./i3.nix { inherit lib; }; default = {}; }; i3BarTheme = mkOption { - type = import ./i3bar.nix {inherit lib;}; + type = import ./i3bar.nix { inherit lib; }; default = {}; }; }; }; -in { +in +{ options.my.theme = mkOption { - type = themeType; - default = {}; + type = themeType; + default = {}; }; options.my.themes = mkOption { diff --git a/home/themes/i3.nix b/home/themes/i3.nix index cd784fd..6e5b3eb 100644 --- a/home/themes/i3.nix +++ b/home/themes/i3.nix @@ -1,11 +1,11 @@ -{lib}: let - inherit - (lib) +{ lib }: +let + inherit (lib) mkOption types - ; + ; - mkColorOption = import ./color.nix {inherit lib;}; + mkColorOption = import ./color.nix { inherit lib; }; barColorSetModule = types.submodule { options = { @@ -25,164 +25,165 @@ }; }; in - types.submodule { - options = { - bar = mkOption { - type = types.submodule { - options = { - background = mkColorOption { - default = "#000000"; - description = "Background color of the bar."; - }; +types.submodule { + options = { + bar = mkOption { + type = types.submodule { + options = { + background = mkColorOption { + default = "#000000"; + description = "Background color of the bar."; + }; - statusline = mkColorOption { - default = "#ffffff"; - description = "Text color to be used for the statusline."; - }; + statusline = mkColorOption { + default = "#ffffff"; + description = "Text color to be used for the statusline."; + }; - separator = mkColorOption { - default = "#666666"; - description = "Text color to be used for the separator."; - }; + separator = mkColorOption { + default = "#666666"; + description = "Text color to be used for the separator."; + }; - focusedWorkspace = mkOption { - type = barColorSetModule; - default = { - border = "#4c7899"; - background = "#285577"; - text = "#ffffff"; - }; - description = '' - Border, background and text color for a workspace button when the workspace has focus. - ''; + focusedWorkspace = mkOption { + type = barColorSetModule; + default = { + border = "#4c7899"; + background = "#285577"; + text = "#ffffff"; }; + description = '' + Border, background and text color for a workspace button when the workspace has focus. + ''; + }; - activeWorkspace = mkOption { - type = barColorSetModule; - default = { - border = "#333333"; - background = "#5f676a"; - text = "#ffffff"; - }; - description = '' - Border, background and text color for a workspace button when the workspace is active. - ''; + activeWorkspace = mkOption { + type = barColorSetModule; + default = { + border = "#333333"; + background = "#5f676a"; + text = "#ffffff"; }; + description = '' + Border, background and text color for a workspace button when the workspace is active. + ''; + }; - inactiveWorkspace = mkOption { - type = barColorSetModule; - default = { - border = "#333333"; - background = "#222222"; - text = "#888888"; - }; - description = '' - Border, background and text color for a workspace button when the workspace does not - have focus and is not active. - ''; + inactiveWorkspace = mkOption { + type = barColorSetModule; + default = { + border = "#333333"; + background = "#222222"; + text = "#888888"; }; + description = '' + Border, background and text color for a workspace button when the workspace does not + have focus and is not active. + ''; + }; - urgentWorkspace = mkOption { - type = barColorSetModule; - default = { - border = "#2f343a"; - background = "#900000"; - text = "#ffffff"; - }; - description = '' - Border, background and text color for a workspace button when the workspace contains - a window with the urgency hint set. - ''; + urgentWorkspace = mkOption { + type = barColorSetModule; + default = { + border = "#2f343a"; + background = "#900000"; + text = "#ffffff"; }; + description = '' + Border, background and text color for a workspace button when the workspace contains + a window with the urgency hint set. + ''; + }; - bindingMode = mkOption { - type = barColorSetModule; - default = { - border = "#2f343a"; - background = "#900000"; - text = "#ffffff"; - }; - description = "Border, background and text color for the binding mode indicator"; + bindingMode = mkOption { + type = barColorSetModule; + default = { + border = "#2f343a"; + background = "#900000"; + text = "#ffffff"; }; + description = + "Border, background and text color for the binding mode indicator"; }; }; - - default = {}; }; - background = mkOption { - type = types.str; - default = "#ffffff"; - description = '' - Background color of the window. Only applications which do not cover - the whole area expose the color. - ''; - }; - - focused = mkOption { - type = colorSetModule; - default = { - border = "#4c7899"; - background = "#285577"; - text = "#ffffff"; - indicator = "#2e9ef4"; - childBorder = "#285577"; - }; - description = "A window which currently has the focus."; - }; - - focusedInactive = mkOption { - type = colorSetModule; - default = { - border = "#333333"; - background = "#5f676a"; - text = "#ffffff"; - indicator = "#484e50"; - childBorder = "#5f676a"; - }; - description = '' - A window which is the focused one of its container, - but it does not have the focus at the moment. - ''; - }; - - unfocused = mkOption { - type = colorSetModule; - default = { - border = "#333333"; - background = "#222222"; - text = "#888888"; - indicator = "#292d2e"; - childBorder = "#222222"; - }; - description = "A window which is not focused."; - }; - - urgent = mkOption { - type = colorSetModule; - default = { - border = "#2f343a"; - background = "#900000"; - text = "#ffffff"; - indicator = "#900000"; - childBorder = "#900000"; - }; - description = "A window which has its urgency hint activated."; - }; - - placeholder = mkOption { - type = colorSetModule; - default = { - border = "#000000"; - background = "#0c0c0c"; - text = "#ffffff"; - indicator = "#000000"; - childBorder = "#0c0c0c"; - }; - description = '' - Background and text color are used to draw placeholder window - contents (when restoring layouts). Border and indicator are ignored. - ''; - }; + default = {}; }; - } + + background = mkOption { + type = types.str; + default = "#ffffff"; + description = '' + Background color of the window. Only applications which do not cover + the whole area expose the color. + ''; + }; + + focused = mkOption { + type = colorSetModule; + default = { + border = "#4c7899"; + background = "#285577"; + text = "#ffffff"; + indicator = "#2e9ef4"; + childBorder = "#285577"; + }; + description = "A window which currently has the focus."; + }; + + focusedInactive = mkOption { + type = colorSetModule; + default = { + border = "#333333"; + background = "#5f676a"; + text = "#ffffff"; + indicator = "#484e50"; + childBorder = "#5f676a"; + }; + description = '' + A window which is the focused one of its container, + but it does not have the focus at the moment. + ''; + }; + + unfocused = mkOption { + type = colorSetModule; + default = { + border = "#333333"; + background = "#222222"; + text = "#888888"; + indicator = "#292d2e"; + childBorder = "#222222"; + }; + description = "A window which is not focused."; + }; + + urgent = mkOption { + type = colorSetModule; + default = { + border = "#2f343a"; + background = "#900000"; + text = "#ffffff"; + indicator = "#900000"; + childBorder = "#900000"; + }; + description = "A window which has its urgency hint activated."; + }; + + placeholder = mkOption { + type = colorSetModule; + default = { + border = "#000000"; + background = "#0c0c0c"; + text = "#ffffff"; + indicator = "#000000"; + childBorder = "#0c0c0c"; + }; + description = '' + Background and text color are used to draw placeholder window + contents (when restoring layouts). Border and indicator are ignored. + ''; + }; + }; +} diff --git a/home/themes/i3bar.nix b/home/themes/i3bar.nix index 0df2ff9..3701116 100644 --- a/home/themes/i3bar.nix +++ b/home/themes/i3bar.nix @@ -1,28 +1,28 @@ -{lib}: let - inherit - (lib) +{ lib }: +let + inherit (lib) mkOption types - ; + ; - mkColorOption = import ./color.nix {inherit lib;}; + mkColorOption = import ./color.nix { inherit lib; }; in - types.submodule { - options = { - theme = mkOption { - type = types.submodule { - options = { - name = mkOption { - type = types.str; - default = "plain"; - }; - overrides = mkOption { - type = types.attrsOf types.str; - default = {}; - }; +types.submodule { + options = { + theme = mkOption { + type = types.submodule { + options = { + name = mkOption { + type = types.str; + default = "plain"; + }; + overrides = mkOption { + type = types.attrsOf types.str; + default = {}; }; }; - default = {}; }; + default = {}; }; - } + }; +} diff --git a/home/themes/solarizedLight/alacritty.nix b/home/themes/solarizedLight/alacritty.nix index 7c69411..fb22436 100644 --- a/home/themes/solarizedLight/alacritty.nix +++ b/home/themes/solarizedLight/alacritty.nix @@ -1,6 +1,5 @@ let - inherit - (import ./colors.nix) + inherit (import ./colors.nix) base0 base00 base01 @@ -17,8 +16,9 @@ let red violet yellow - ; -in { + ; +in +{ primary = { background = base3; foreground = base00; diff --git a/home/themes/solarizedLight/colors.nix b/home/themes/solarizedLight/colors.nix index 2426f51..f4c69b7 100644 --- a/home/themes/solarizedLight/colors.nix +++ b/home/themes/solarizedLight/colors.nix @@ -1,18 +1,18 @@ { - base03 = "#002b36"; # brblack - base02 = "#073642"; # black - base01 = "#586e75"; # brgreen - base00 = "#657b83"; # bryellow - base0 = "#839496"; # brblue - base1 = "#93a1a1"; # brcyan - base2 = "#eee8d5"; # white - base3 = "#fdf6e3"; # brwhite - yellow = "#b58900"; # yellow - orange = "#cb4b16"; # brred - red = "#dc322f"; # red + base03 = "#002b36"; # brblack + base02 = "#073642"; # black + base01 = "#586e75"; # brgreen + base00 = "#657b83"; # bryellow + base0 = "#839496"; # brblue + base1 = "#93a1a1"; # brcyan + base2 = "#eee8d5"; # white + base3 = "#fdf6e3"; # brwhite + yellow = "#b58900"; # yellow + orange = "#cb4b16"; # brred + red = "#dc322f"; # red magenta = "#d33682"; # magenta - violet = "#6c71c4"; # brmagenta - blue = "#268bd2"; # blue - cyan = "#2aa198"; # cyan - green = "#859900"; # green + violet = "#6c71c4"; # brmagenta + blue = "#268bd2"; # blue + cyan = "#2aa198"; # cyan + green = "#859900"; # green } diff --git a/home/themes/solarizedLight/i3.nix b/home/themes/solarizedLight/i3.nix index a5762ce..df9634a 100644 --- a/home/themes/solarizedLight/i3.nix +++ b/home/themes/solarizedLight/i3.nix @@ -1,6 +1,5 @@ let - inherit - (import ./colors.nix) + inherit (import ./colors.nix) base00 base2 base3 @@ -9,8 +8,9 @@ let orange red yellow - ; -in { + ; +in +{ bar = { background = base3; statusline = yellow; diff --git a/home/themes/solarizedLight/i3bar.nix b/home/themes/solarizedLight/i3bar.nix index 0e450c2..5b37775 100644 --- a/home/themes/solarizedLight/i3bar.nix +++ b/home/themes/solarizedLight/i3bar.nix @@ -1,6 +1,5 @@ let - inherit - (import ./colors.nix) + inherit (import ./colors.nix) base00 base2 base3 @@ -8,8 +7,9 @@ let green red yellow - ; -in { + ; +in +{ theme = { name = "solarized-light"; overrides = { diff --git a/home/tmux.nix b/home/tmux.nix index 3f72959..86d6995 100644 --- a/home/tmux.nix +++ b/home/tmux.nix @@ -1,19 +1,15 @@ -{ - config, - lib, - pkgs, - ... -}: let - inherit - (lib) +{ config, lib, pkgs, ... }: +let + inherit (lib) mkEnableOption mkIf - ; + ; cfg = config.my.home.tmux; -in { +in +{ options.my.home.tmux = { - enable = (mkEnableOption "tmux dotfiles") // {default = true;}; + enable = (mkEnableOption "tmux dotfiles") // { default = true; }; }; config = mkIf cfg.enable { @@ -23,9 +19,7 @@ in { terminal = "screen-256color"; clock24 = true; - plugins = let - inherit (pkgs) tmuxPlugins; - in [ + plugins = let inherit (pkgs) tmuxPlugins; in [ { plugin = tmuxPlugins.cpu; extraConfig = '' diff --git a/home/tridactyl.nix b/home/tridactyl.nix index 8b4647c..9be9906 100644 --- a/home/tridactyl.nix +++ b/home/tridactyl.nix @@ -1,18 +1,15 @@ -{ - config, - lib, - ... -}: let - inherit - (lib) +{ config, lib, ... }: +let + inherit (lib) mkEnableOption mkIf - ; + ; cfg = config.my.home.tridactyl; -in { +in +{ options.my.home.tridactyl = { - enable = (mkEnableOption "tridactyl code display tool") // {default = config.my.home.firefox.enable;}; + enable = (mkEnableOption "tridactyl code display tool") // { default = config.my.home.firefox.enable; }; }; config = mkIf cfg.enable { diff --git a/home/x/cursor.nix b/home/x/cursor.nix index ae2c2ed..aa4ead7 100644 --- a/home/x/cursor.nix +++ b/home/x/cursor.nix @@ -1,18 +1,14 @@ -{ - config, - lib, - pkgs, - ... -}: let - inherit - (lib) +{ config, lib, pkgs, ... }: +let + inherit (lib) mkEnableOption mkIf - ; + ; cfg = config.my.home.x.cursor; -in { - options.my.home.x.cursor.enable = (mkEnableOption "X cursor") // {default = config.my.home.x.enable;}; +in +{ + options.my.home.x.cursor.enable = (mkEnableOption "X cursor") // { default = config.my.home.x.enable; }; config = mkIf cfg.enable { xsession.pointerCursor = { diff --git a/home/x/default.nix b/home/x/default.nix index 5cc058b..4953b9a 100644 --- a/home/x/default.nix +++ b/home/x/default.nix @@ -1,14 +1,10 @@ -{ - config, - lib, - pkgs, - ... -}: let - inherit - (lib) +{ config, lib, pkgs, ... }: +let + inherit (lib) mkEnableOption - ; -in { + ; +in +{ imports = [ ./cursor.nix ./i3.nix diff --git a/home/x/i3.nix b/home/x/i3.nix index d528a24..996a1e1 100644 --- a/home/x/i3.nix +++ b/home/x/i3.nix @@ -1,14 +1,9 @@ -{ - config, - lib, - pkgs, - ... -}: let - inherit - (lib) +{ config, lib, pkgs, ... }: +let + inherit (lib) mkIf mkOptionDefault - ; + ; isEnabled = config.my.home.x.enable; @@ -25,13 +20,14 @@ logoutMode = "[L]ogout, [S]uspend, [P]oweroff, [R]eboot"; i3Theme = config.my.theme.i3Theme; -in { +in +{ config = mkIf isEnabled { my.home = { flameshot.enable = true; }; - home.packages = [pkgs.betterlockscreen]; + home.packages = [ pkgs.betterlockscreen ]; xsession.windowManager.i3 = { enable = true; @@ -39,38 +35,39 @@ in { config = { inherit modifier; - bars = let - barConfigPath = - config.xdg.configFile."i3status-rust/config-top.toml".target; - in [ - { - statusCommand = "i3status-rs ${barConfigPath}"; - position = "top"; - fonts = { - names = ["DejaVuSansMono" "FontAwesome5Free"]; - size = 9.0; - }; + bars = + let + barConfigPath = + config.xdg.configFile."i3status-rust/config-top.toml".target; + in + [ + { + statusCommand = "i3status-rs ${barConfigPath}"; + position = "top"; + fonts = { + names = [ "DejaVuSansMono" "FontAwesome5Free" ]; + size = 9.0; + }; - colors = i3Theme.bar; + colors = i3Theme.bar; - trayOutput = "primary"; + trayOutput = "primary"; - # disable mouse scroll wheel in bar - extraConfig = '' - bindsym button4 nop - bindsym button5 nop - ''; - } - ]; + # disable mouse scroll wheel in bar + extraConfig = '' + bindsym button4 nop + bindsym button5 nop + ''; + } + ]; colors = { - inherit - (i3Theme) + inherit (i3Theme) focused focusedInactive unfocused urgent - ; + ; }; focus = { @@ -81,7 +78,7 @@ in { workspaceAutoBackAndForth = true; fonts = { - names = ["DejaVu Sans Mono"]; + names = [ "DejaVu Sans Mono" ]; size = 8.0; }; @@ -107,44 +104,40 @@ in { "${modifier}+d" = "exec ${pkgs.rofi}/bin/rofi -show run"; }; - modes = let - makeModeBindings = attrs: - attrs - // { + modes = + let + makeModeBindings = attrs: attrs // { "Escape" = "mode default"; "Return" = "mode default"; }; - in - mkOptionDefault { - "${logoutMode}" = makeModeBindings { - "l" = "exec --no-startup-id i3-msg exit, mode default"; - "s" = "exec --no-startup-id betterlockscreen --suspend, mode default"; - "p" = "exec --no-startup-id systemctl poweroff, mode default"; - "r" = "exec --no-startup-id systemctl reboot, mode default"; + in + mkOptionDefault { + "${logoutMode}" = makeModeBindings { + "l" = "exec --no-startup-id i3-msg exit, mode default"; + "s" = "exec --no-startup-id betterlockscreen --suspend, mode default"; + "p" = "exec --no-startup-id systemctl poweroff, mode default"; + "r" = "exec --no-startup-id systemctl reboot, mode default"; + }; }; - }; terminal = myTerminal; assigns = { "10" = [ - {class = "Slack";} - {class = "discord";} + { class = "Slack"; } + { class = "discord"; } ]; }; window.commands = [ - { - command = "border pixel 2"; - criteria = {class = "Alacritty";}; - } + { command = "border pixel 2"; criteria = { class = "Alacritty"; }; } # NOTE: should be done with an assign command, but Spotify doesn't set # its class until after initialization, so has to be done this way. # # See https://i3wm.org/docs/userguide.html#assign_workspace { - criteria = {class = "Spotify";}; + criteria = { class = "Spotify"; }; command = "move --no-auto-back-and-forth to workspace 8"; } ]; diff --git a/home/x/i3bar.nix b/home/x/i3bar.nix index 6498e21..9e8246f 100644 --- a/home/x/i3bar.nix +++ b/home/x/i3bar.nix @@ -1,22 +1,18 @@ -{ - config, - lib, - pkgs, - ... -}: let - inherit - (lib) +{ config, lib, pkgs, ... }: +let + inherit (lib) lists mkIf mkOption optional types - ; + ; isEnabled = config.my.home.x.enable; i3BarTheme = config.my.theme.i3BarTheme; cfg = config.my.home.x.i3bar; -in { +in +{ options.my.home.x.i3bar = { temperature.chip = mkOption { type = types.str; @@ -31,19 +27,17 @@ in { networking.throughput_interfaces = mkOption { type = types.listOf types.str; - example = ["wlp1s0"]; - default = []; + example = [ "wlp1s0" ]; + default = [ ]; }; }; config = mkIf isEnabled { home.packages = builtins.attrValues { - inherit - (pkgs) + inherit (pkgs) # FIXME: is this useful? - font-awesome - ; + ; }; programs.i3status-rust = { @@ -55,86 +49,81 @@ in { theme = i3BarTheme.theme.name; settings = i3BarTheme; - blocks = - [ - { - block = "pomodoro"; - length = 60; - break_length = 10; - notifier = "i3nag"; - } - { - block = "disk_space"; - path = "/"; - alias = "/"; - info_type = "available"; - unit = "GB"; - interval = 60; - warning = 20.0; - alert = 10.0; - } - { - block = "memory"; - display_type = "memory"; - format_mem = "{mem_used;G}/{mem_total;G}"; - warning_mem = 70.0; - critical_mem = 90.0; - # don't show swap - clickable = false; - } - { - block = "cpu"; - interval = 1; - format = "{barchart}"; - } - { - block = "temperature"; - collapsed = false; - interval = 10; - format = "{max}"; - chip = cfg.temperature.chip; - inputs = cfg.temperature.inputs; - } - ] - ++ ( - lists.optionals ((builtins.length cfg.networking.throughput_interfaces) != 0) - (map - (interface: { + blocks = [ + { + block = "pomodoro"; + length = 60; + break_length = 10; + notifier = "i3nag"; + } + { + block = "disk_space"; + path = "/"; + alias = "/"; + info_type = "available"; + unit = "GB"; + interval = 60; + warning = 20.0; + alert = 10.0; + } + { + block = "memory"; + display_type = "memory"; + format_mem = "{mem_used;G}/{mem_total;G}"; + warning_mem = 70.0; + critical_mem = 90.0; + # don't show swap + clickable = false; + } + { + block = "cpu"; + interval = 1; + format = "{barchart}"; + } + { + block = "temperature"; + collapsed = false; + interval = 10; + format = "{max}"; + chip = cfg.temperature.chip; + inputs = cfg.temperature.inputs; + } + ] ++ (lists.optionals ((builtins.length cfg.networking.throughput_interfaces) != 0) + (map + (interface: + { block = "net"; device = interface; interval = 1; hide_inactive = true; }) - cfg.networking.throughput_interfaces) - ) - ++ [ - { - block = "networkmanager"; - primary_only = true; - } - { - block = "sound"; - driver = "pulseaudio"; - } - ] - ++ ( - optional config.my.home.laptop.enable - { - block = "battery"; - } - ) - ++ [ - # { - # block = "notify"; - # } - { - block = "time"; - interval = 5; - format = "%a %d/%m %T"; - locale = "fr_FR"; - timezone = "Europe/Paris"; - } - ]; + + cfg.networking.throughput_interfaces) + ) ++ [ + { + block = "networkmanager"; + primary_only = true; + } + { + block = "sound"; + driver = "pulseaudio"; + } + ] ++ (optional config.my.home.laptop.enable + { + block = "battery"; + } + ) ++ [ + # { + # block = "notify"; + # } + { + block = "time"; + interval = 5; + format = "%a %d/%m %T"; + locale = "fr_FR"; + timezone = "Europe/Paris"; + } + ]; }; }; }; diff --git a/hosts/boreal/default.nix b/hosts/boreal/default.nix index 19771f2..61dad07 100644 --- a/hosts/boreal/default.nix +++ b/hosts/boreal/default.nix @@ -1,20 +1,17 @@ # Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, lib, pkgs, ... }: { - config, - lib, - pkgs, - ... -}: { - imports = [ - # Include the results of the hardware scan. - ./hardware-configuration.nix + imports = + [ # Include the results of the hardware scan. + ./hardware-configuration.nix - ./home.nix + ./home.nix - ./secrets.nix - ]; + ./secrets.nix + ]; boot.kernelPackages = pkgs.linuxPackages_latest; @@ -30,7 +27,7 @@ services.btrfs = { autoScrub = { enable = true; - fileSystems = ["/"]; + fileSystems = [ "/" ]; }; }; @@ -96,7 +93,7 @@ "rfkill-release" ]; - services.udev.packages = [pkgs.packages.kaleidoscope-udev-rules]; + services.udev.packages = [ pkgs.packages.kaleidoscope-udev-rules ]; hardware.bluetooth = { enable = true; diff --git a/hosts/boreal/hardware-configuration.nix b/hosts/boreal/hardware-configuration.nix index cc68a01..d094221 100644 --- a/hosts/boreal/hardware-configuration.nix +++ b/hosts/boreal/hardware-configuration.nix @@ -1,34 +1,30 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + { - config, - lib, - pkgs, - modulesPath, - ... -}: { - imports = [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; - boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod"]; - boot.initrd.kernelModules = []; - boot.kernelModules = ["kvm-amd"]; - boot.extraModulePackages = []; + boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-amd" ]; + boot.extraModulePackages = [ ]; - fileSystems."/" = { - device = "/dev/disk/by-uuid/1a942915-c1ae-4058-b99d-09d12d40dbd3"; - fsType = "btrfs"; - options = ["subvol=nixos" "compress=zstd:1" "noatime"]; - }; + fileSystems."/" = + { device = "/dev/disk/by-uuid/1a942915-c1ae-4058-b99d-09d12d40dbd3"; + fsType = "btrfs"; + options = [ "subvol=nixos" "compress=zstd:1" "noatime" ]; + }; - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/17C7-368D"; - fsType = "vfat"; - }; + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/17C7-368D"; + fsType = "vfat"; + }; - swapDevices = []; + swapDevices = [ ]; hardware.cpu.amd.updateMicrocode = true; } diff --git a/hosts/boreal/home.nix b/hosts/boreal/home.nix index 24b44de..aabbe6d 100644 --- a/hosts/boreal/home.nix +++ b/hosts/boreal/home.nix @@ -1,31 +1,26 @@ +{ config, pkgs, ... }: { - config, - pkgs, - ... -}: { home-manager.users.alarsyo = { # Keyboard settings & i3 settings my.home.x.enable = true; my.home.x.i3bar.temperature.chip = "k10temp-pci-*"; - my.home.x.i3bar.temperature.inputs = ["Tccd1"]; - my.home.x.i3bar.networking.throughput_interfaces = ["enp8s0" "wlp4s0"]; + my.home.x.i3bar.temperature.inputs = [ "Tccd1" ]; + my.home.x.i3bar.networking.throughput_interfaces = [ "enp8s0" "wlp4s0" ]; my.home.emacs.enable = true; my.theme = config.home-manager.users.alarsyo.my.themes.solarizedLight; home.packages = builtins.attrValues { - inherit - (pkgs) + inherit (pkgs) # some websites only work there :( - chromium + # dev - rustup + # keyboard goodness - chrysalis - ; + ; inherit (pkgs.packages) spot; }; diff --git a/hosts/boreal/secrets.nix b/hosts/boreal/secrets.nix index 5d5947b..65d91d1 100644 --- a/hosts/boreal/secrets.nix +++ b/hosts/boreal/secrets.nix @@ -1,23 +1,19 @@ -{ - config, - lib, - options, - ... -}: { - config.age = { - secrets = let - toSecret = name: {...} @ attrs: - { - file = ./../../modules/secrets + "/${name}.age"; - } - // attrs; - in - lib.mapAttrs toSecret { - "restic-backup/boreal-credentials" = {}; - "restic-backup/boreal-password" = {}; +{ config, lib, options, ... }: - "users/alarsyo-hashed-password" = {}; - "users/root-hashed-password" = {}; - }; +{ + config.age = { + secrets = + let + toSecret = name: { ... }@attrs: { + file = ./../../modules/secrets + "/${name}.age"; + } // attrs; + in + lib.mapAttrs toSecret { + "restic-backup/boreal-credentials" = {}; + "restic-backup/boreal-password" = {}; + + "users/alarsyo-hashed-password" = {}; + "users/root-hashed-password" = {}; + }; }; } diff --git a/hosts/poseidon/default.nix b/hosts/poseidon/default.nix index 2d61d53..e509ac3 100644 --- a/hosts/poseidon/default.nix +++ b/hosts/poseidon/default.nix @@ -1,33 +1,31 @@ # Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ - config, - lib, - pkgs, - ... -}: let - secrets = config.my.secrets; -in { - imports = [ - # Include the results of the hardware scan. - ./hardware-configuration.nix - ./home.nix - ./secrets.nix - ]; +{ config, lib, pkgs, ... }: +let + secrets = config.my.secrets; +in +{ + imports = + [ # Include the results of the hardware scan. + ./hardware-configuration.nix + + ./home.nix + ./secrets.nix + ]; # Use the GRUB 2 boot loader. boot.loader.grub.enable = true; boot.loader.grub.version = 2; boot.loader.grub.device = "/dev/sda"; # or "nodev" for efi only - boot.supportedFilesystems = ["btrfs"]; + boot.supportedFilesystems = [ "btrfs" ]; services.btrfs = { autoScrub = { enable = true; - fileSystems = ["/"]; + fileSystems = [ "/" ]; }; }; diff --git a/hosts/poseidon/hardware-configuration.nix b/hosts/poseidon/hardware-configuration.nix index fd1d735..847f37a 100644 --- a/hosts/poseidon/hardware-configuration.nix +++ b/hosts/poseidon/hardware-configuration.nix @@ -1,45 +1,40 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ - config, - lib, - pkgs, - modulesPath, - ... -}: let - inherit - (lib) +{ config, lib, pkgs, modulesPath, ... }: +let + inherit (lib) mkDefault - ; -in { - imports = [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; - - boot.initrd.availableKernelModules = ["ahci" "usbhid"]; - boot.initrd.kernelModules = []; - boot.kernelModules = ["kvm-intel"]; - boot.extraModulePackages = []; - - fileSystems."/" = { - device = "/dev/disk/by-uuid/adcf0158-edfb-402f-82e7-61e4902af989"; - fsType = "btrfs"; - options = [ - "subvol=@nixos" - "compress=zstd" - "noatime" + ; +in +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") ]; - }; - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/ff54b622-0e26-4c6e-aa0c-ac2c1e12699a"; - fsType = "ext4"; - }; + boot.initrd.availableKernelModules = [ "ahci" "usbhid" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; - swapDevices = [ - {device = "/dev/disk/by-uuid/381a9c5e-4d71-45b4-ac62-e7414b3768fc";} - ]; + fileSystems."/" = + { device = "/dev/disk/by-uuid/adcf0158-edfb-402f-82e7-61e4902af989"; + fsType = "btrfs"; + options = [ + "subvol=@nixos" + "compress=zstd" + "noatime" + ]; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/ff54b622-0e26-4c6e-aa0c-ac2c1e12699a"; + fsType = "ext4"; + }; + + swapDevices = + [ { device = "/dev/disk/by-uuid/381a9c5e-4d71-45b4-ac62-e7414b3768fc"; } + ]; powerManagement.cpuFreqGovernor = mkDefault "ondemand"; } diff --git a/hosts/poseidon/home.nix b/hosts/poseidon/home.nix index 3bb7dab..acdd4fd 100644 --- a/hosts/poseidon/home.nix +++ b/hosts/poseidon/home.nix @@ -1,5 +1,7 @@ -{config, ...}: { +{ config, ... }: +{ home-manager.users.alarsyo = { + my.theme = config.home-manager.users.alarsyo.my.themes.solarizedLight; }; } diff --git a/hosts/poseidon/secrets.nix b/hosts/poseidon/secrets.nix index 66f6673..f9b390b 100644 --- a/hosts/poseidon/secrets.nix +++ b/hosts/poseidon/secrets.nix @@ -1,40 +1,36 @@ +{ config, lib, options, ... }: + { - config, - lib, - options, - ... -}: { config.age = { - secrets = let - toSecret = name: {...} @ attrs: - { + secrets = + let + toSecret = name: { ... }@attrs: { file = ./../../modules/secrets + "/${name}.age"; - } - // attrs; - in - lib.mapAttrs toSecret { - "gandi/api-key" = {}; + } // attrs; + in + lib.mapAttrs toSecret { + "gandi/api-key" = {}; - "lohr/shared-secret" = {}; + "lohr/shared-secret" = {}; - "matrix-synapse/secret-config" = { - owner = "matrix-synapse"; + "matrix-synapse/secret-config" = { + owner = "matrix-synapse"; + }; + + "miniflux/admin-credentials" = {}; + + "nextcloud/admin-pass" = { + owner = "nextcloud"; + }; + + "paperless/admin-password" = {}; + "paperless/secret-key" = {}; + + "restic-backup/poseidon-credentials" = {}; + "restic-backup/poseidon-password" = {}; + + "users/alarsyo-hashed-password" = {}; + "users/root-hashed-password" = {}; }; - - "miniflux/admin-credentials" = {}; - - "nextcloud/admin-pass" = { - owner = "nextcloud"; - }; - - "paperless/admin-password" = {}; - "paperless/secret-key" = {}; - - "restic-backup/poseidon-credentials" = {}; - "restic-backup/poseidon-password" = {}; - - "users/alarsyo-hashed-password" = {}; - "users/root-hashed-password" = {}; - }; }; } diff --git a/hosts/zephyrus/default.nix b/hosts/zephyrus/default.nix index 60a5f74..d0c64ef 100644 --- a/hosts/zephyrus/default.nix +++ b/hosts/zephyrus/default.nix @@ -1,18 +1,15 @@ # Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, lib, pkgs, ... }: { - config, - lib, - pkgs, - ... -}: { - imports = [ - # Include the results of the hardware scan. - ./hardware-configuration.nix - ./home.nix - ./secrets.nix - ]; + imports = + [ # Include the results of the hardware scan. + ./hardware-configuration.nix + ./home.nix + ./secrets.nix + ]; boot.kernelPackages = pkgs.linuxPackages; @@ -23,7 +20,7 @@ services.btrfs = { autoScrub = { enable = true; - fileSystems = ["/"]; + fileSystems = [ "/" ]; }; }; @@ -89,9 +86,9 @@ }; my.gui.enable = true; - environment.systemPackages = [pkgs.arandr pkgs.chrysalis]; + environment.systemPackages = [ pkgs.arandr pkgs.chrysalis ]; - services.udev.packages = [pkgs.packages.kaleidoscope-udev-rules]; + services.udev.packages = [ pkgs.packages.kaleidoscope-udev-rules ]; hardware.bluetooth = { enable = true; diff --git a/hosts/zephyrus/hardware-configuration.nix b/hosts/zephyrus/hardware-configuration.nix index a973019..cec5cce 100644 --- a/hosts/zephyrus/hardware-configuration.nix +++ b/hosts/zephyrus/hardware-configuration.nix @@ -1,54 +1,49 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ - config, - lib, - pkgs, - modulesPath, - ... -}: let - inherit - (lib) +{ config, lib, pkgs, modulesPath, ... }: +let + inherit (lib) mkDefault - ; -in { - imports = [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; + ; +in +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; - boot.initrd.availableKernelModules = ["xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc"]; - boot.initrd.kernelModules = []; - boot.kernelModules = ["kvm-intel"]; - boot.extraModulePackages = []; + boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; - fileSystems."/" = { - device = "/dev/disk/by-uuid/6395cef1-c30b-450a-917c-cfb3c0380642"; - fsType = "btrfs"; - options = ["subvol=@" "compress=zstd" "noatime"]; - }; + fileSystems."/" = + { device = "/dev/disk/by-uuid/6395cef1-c30b-450a-917c-cfb3c0380642"; + fsType = "btrfs"; + options = [ "subvol=@" "compress=zstd" "noatime" ]; + }; boot.initrd.luks.devices."cryptroot".device = "/dev/disk/by-uuid/c59e7067-e33c-474c-9b8e-96d0e8f59297"; - fileSystems."/home" = { - device = "/dev/disk/by-uuid/6395cef1-c30b-450a-917c-cfb3c0380642"; - fsType = "btrfs"; - options = ["subvol=@home" "compress=zstd" "noatime"]; - neededForBoot = true; # agenix needs my key for some root secrets - }; + fileSystems."/home" = + { device = "/dev/disk/by-uuid/6395cef1-c30b-450a-917c-cfb3c0380642"; + fsType = "btrfs"; + options = [ "subvol=@home" "compress=zstd" "noatime" ]; + neededForBoot = true; # agenix needs my key for some root secrets + }; - fileSystems."/nix" = { - device = "/dev/disk/by-uuid/6395cef1-c30b-450a-917c-cfb3c0380642"; - fsType = "btrfs"; - options = ["subvol=@nix" "compress=zstd" "noatime"]; - }; + fileSystems."/nix" = + { device = "/dev/disk/by-uuid/6395cef1-c30b-450a-917c-cfb3c0380642"; + fsType = "btrfs"; + options = [ "subvol=@nix" "compress=zstd" "noatime" ]; + }; - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/D9DA-F46C"; - fsType = "vfat"; - }; + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/D9DA-F46C"; + fsType = "vfat"; + }; - swapDevices = []; + swapDevices = [ ]; powerManagement.cpuFreqGovernor = mkDefault "powersave"; diff --git a/hosts/zephyrus/home.nix b/hosts/zephyrus/home.nix index fdb5c3c..4e3ae63 100644 --- a/hosts/zephyrus/home.nix +++ b/hosts/zephyrus/home.nix @@ -1,8 +1,5 @@ +{ config, pkgs, ... }: { - config, - pkgs, - ... -}: { home-manager.users.alarsyo = { my.home.laptop.enable = true; @@ -10,26 +7,25 @@ my.home.x.enable = true; my.home.x.i3bar.temperature.chip = "coretemp-isa-*"; my.home.x.i3bar.temperature.inputs = ["Core 0" "Core 1" "Core 2" "Core 3"]; - my.home.x.i3bar.networking.throughput_interfaces = ["enp0s31f6" "wlp0s20f3" "enp43s0u1u1"]; + my.home.x.i3bar.networking.throughput_interfaces = [ "enp0s31f6" "wlp0s20f3" "enp43s0u1u1" ]; my.home.emacs.enable = true; my.theme = config.home-manager.users.alarsyo.my.themes.solarizedLight; home.packages = builtins.attrValues { - inherit - (pkgs) - # some websites only work there :( - - chromium - darktable - # dev - - rustup + inherit (pkgs) + # some websites only work there :( + chromium + + darktable + + # dev + rustup ; - inherit (pkgs.packages) spot; + inherit (pkgs.packages) spot; - inherit (pkgs.wineWowPackages) stable; + inherit (pkgs.wineWowPackages) stable; }; }; } diff --git a/hosts/zephyrus/secrets.nix b/hosts/zephyrus/secrets.nix index 22afdfd..125bd3f 100644 --- a/hosts/zephyrus/secrets.nix +++ b/hosts/zephyrus/secrets.nix @@ -1,23 +1,19 @@ -{ - config, - lib, - options, - ... -}: { - config.age = { - secrets = let - toSecret = name: {...} @ attrs: - { - file = ./../../modules/secrets + "/${name}.age"; - } - // attrs; - in - lib.mapAttrs toSecret { - "restic-backup/zephyrus-credentials" = {}; - "restic-backup/zephyrus-password" = {}; +{ config, lib, options, ... }: - "users/alarsyo-hashed-password" = {}; - "users/root-hashed-password" = {}; - }; +{ + config.age = { + secrets = + let + toSecret = name: { ... }@attrs: { + file = ./../../modules/secrets + "/${name}.age"; + } // attrs; + in + lib.mapAttrs toSecret { + "restic-backup/zephyrus-credentials" = {}; + "restic-backup/zephyrus-password" = {}; + + "users/alarsyo-hashed-password" = {}; + "users/root-hashed-password" = {}; + }; }; } diff --git a/modules/default.nix b/modules/default.nix index ec72f4c..dd987a9 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -1,4 +1,5 @@ -{...}: { +{ ... }: +{ imports = [ ./sddm.nix ./secrets diff --git a/modules/sddm.nix b/modules/sddm.nix index ee50f5e..9c66ddc 100644 --- a/modules/sddm.nix +++ b/modules/sddm.nix @@ -1,17 +1,13 @@ -{ - config, - lib, - pkgs, - ... -}: let - inherit - (lib) +{ config, lib, pkgs, ... }: +let + inherit (lib) mkEnableOption mkIf - ; + ; cfg = config.my.displayManager.sddm; -in { +in +{ options.my.displayManager.sddm.enable = mkEnableOption "SDDM setup"; config = mkIf cfg.enable { @@ -21,17 +17,15 @@ in { }; environment.systemPackages = builtins.attrValues { - inherit - (pkgs.packages) + inherit (pkgs.packages) sddm-sugar-candy - ; + ; - inherit - (pkgs.libsForQt5.qt5) + inherit (pkgs.libsForQt5.qt5) qtgraphicaleffects qtquickcontrols2 qtsvg - ; + ; }; }; } diff --git a/modules/secrets/default.nix b/modules/secrets/default.nix index 2710b66..dc5d2c9 100644 --- a/modules/secrets/default.nix +++ b/modules/secrets/default.nix @@ -1,14 +1,9 @@ +{ config, lib, options, ... }: + { - config, - lib, - options, - ... -}: { config.age = { - identityPaths = - options.age.identityPaths.default - ++ [ - "/home/alarsyo/.ssh/id_ed25519" - ]; + identityPaths = options.age.identityPaths.default ++ [ + "/home/alarsyo/.ssh/id_ed25519" + ]; }; } diff --git a/modules/secrets/secrets.nix b/modules/secrets/secrets.nix index 09abfd4..c8b4056 100644 --- a/modules/secrets/secrets.nix +++ b/modules/secrets/secrets.nix @@ -1,35 +1,36 @@ let alarsyo = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH3rrF3VSWI4n4cpguvlmLAaU3uftuX4AVV/39S/8GO9 alarsyo@thinkpad"; - users = [alarsyo]; + users = [ alarsyo ]; boreal = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAagal1aqZh52wEmgsw7fkCzO41o4Cx+nV4wJGZuX1RP root@boreal"; poseidon = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKYhZYMbWQG9TSQ2qze8GgFo2XrZzgu/GuSOGwenByJo root@poseidon"; zephyrus = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILU4JfIADH9MXUnVe+3ezYK9WXsqy/jJcm1zFkmL4aSU root@zephyrus"; - machines = [boreal poseidon zephyrus]; + machines = [ boreal poseidon zephyrus ]; all = users ++ machines; -in { - "gandi/api-key.age".publicKeys = [poseidon]; +in +{ + "gandi/api-key.age".publicKeys = [ poseidon ]; - "lohr/shared-secret.age".publicKeys = [poseidon]; + "lohr/shared-secret.age".publicKeys = [ poseidon ]; - "matrix-synapse/secret-config.age".publicKeys = [poseidon]; + "matrix-synapse/secret-config.age".publicKeys = [ poseidon ]; - "miniflux/admin-credentials.age".publicKeys = [poseidon]; + "miniflux/admin-credentials.age".publicKeys = [ poseidon ]; - "nextcloud/admin-pass.age".publicKeys = [poseidon]; + "nextcloud/admin-pass.age".publicKeys = [ poseidon ]; - "paperless/admin-password.age".publicKeys = [poseidon]; - "paperless/secret-key.age".publicKeys = [poseidon]; + "paperless/admin-password.age".publicKeys = [ poseidon ]; + "paperless/secret-key.age".publicKeys = [ poseidon ]; - "restic-backup/boreal-password.age".publicKeys = [alarsyo boreal]; - "restic-backup/boreal-credentials.age".publicKeys = [alarsyo boreal]; - "restic-backup/poseidon-password.age".publicKeys = [alarsyo poseidon]; - "restic-backup/poseidon-credentials.age".publicKeys = [alarsyo poseidon]; - "restic-backup/zephyrus-password.age".publicKeys = [alarsyo zephyrus]; - "restic-backup/zephyrus-credentials.age".publicKeys = [alarsyo zephyrus]; + "restic-backup/boreal-password.age".publicKeys = [ alarsyo boreal ]; + "restic-backup/boreal-credentials.age".publicKeys = [ alarsyo boreal ]; + "restic-backup/poseidon-password.age".publicKeys = [ alarsyo poseidon ]; + "restic-backup/poseidon-credentials.age".publicKeys = [ alarsyo poseidon ]; + "restic-backup/zephyrus-password.age".publicKeys = [ alarsyo zephyrus ]; + "restic-backup/zephyrus-credentials.age".publicKeys = [ alarsyo zephyrus ]; "users/root-hashed-password.age".publicKeys = machines; - "users/alarsyo-hashed-password.age".publicKeys = machines ++ [alarsyo]; + "users/alarsyo-hashed-password.age".publicKeys = machines ++ [ alarsyo ]; } diff --git a/modules/wakeonwlan.nix b/modules/wakeonwlan.nix index d8aae40..096515d 100644 --- a/modules/wakeonwlan.nix +++ b/modules/wakeonwlan.nix @@ -1,27 +1,23 @@ -{ - config, - lib, - pkgs, - ... -}: let - inherit - (lib) +{ config, lib, pkgs, ... }: + +let + inherit (lib) concatStringsSep literalExample mapAttrs' mkIf mkOption nameValuePair - ; + ; cfg = config.my.wakeonwlan; mkWowlanService = name: cfg: nameValuePair "wowlan-${name}" { description = "Enable WoWLAN for interface ${name}"; - requires = ["network.target"]; - after = ["network.target"]; - wantedBy = ["multi-user.target"]; + requires = [ "network.target" ]; + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; serviceConfig = { Type = "oneshot"; }; @@ -29,12 +25,11 @@ ${pkgs.iw}/bin/iw ${name} wowlan enable ${concatStringsSep " " cfg.methods} ''; }; -in { - options.my.wakeonwlan = let - inherit (lib) types; - in { +in +{ + options.my.wakeonwlan = let inherit (lib) types; in { interfaces = mkOption { - default = {}; + default = { }; description = "Wireless interfaces where you want to enable WoWLAN"; example = literalExample '' { diff --git a/overlays/i3status-rust/default.nix b/overlays/i3status-rust/default.nix index e3487ca..2e4948a 100644 --- a/overlays/i3status-rust/default.nix +++ b/overlays/i3status-rust/default.nix @@ -1,4 +1,5 @@ -final: prev: { +final: prev: +{ # overlay created because nixpkgs's `i3status-rust` depended on `notmuch`, and # `notmuch`'s tests were briefly broken. the features I'm disabling, I don't # need anyway: (at the time of writing) @@ -7,14 +8,13 @@ final: prev: { # - maildir i3status-rust = prev.i3status-rust.overrideAttrs (oldAttrs: { buildInputs = builtins.attrValues { - inherit - (final) + inherit (final) dbus lm_sensors openssl pulseaudio - ; + ; }; - cargoBuildFeatures = ["pulseaudio"]; + cargoBuildFeatures = [ "pulseaudio" ]; }); } diff --git a/pkgs/default.nix b/pkgs/default.nix index 19307a1..97a694b 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -1,4 +1,5 @@ -{pkgs}: { +{ pkgs }: +{ sddm-sugar-candy = pkgs.callPackage ./sddm-sugar-candy {}; kaleidoscope-udev-rules = pkgs.callPackage ./kaleidoscope-udev-rules {}; grafanaDashboards = pkgs.recurseIntoAttrs (pkgs.callPackage ./grafana-dashboards {}); diff --git a/pkgs/grafana-dashboards/default.nix b/pkgs/grafana-dashboards/default.nix index f0618de..f489974 100644 --- a/pkgs/grafana-dashboards/default.nix +++ b/pkgs/grafana-dashboards/default.nix @@ -1,4 +1,5 @@ -{callPackage}: { +{ callPackage }: +{ nginx = callPackage ./nginx.nix {}; node-exporter = callPackage ./node-exporter.nix {}; } diff --git a/pkgs/grafana-dashboards/nginx.nix b/pkgs/grafana-dashboards/nginx.nix index 53ca94b..e707159 100644 --- a/pkgs/grafana-dashboards/nginx.nix +++ b/pkgs/grafana-dashboards/nginx.nix @@ -1,37 +1,32 @@ -{ - stdenv, - fetchFromGitHub, - lib, - ... -}: let - inherit - (lib) +{ stdenv, fetchFromGitHub, lib, ... }: +let + inherit (lib) licenses - ; + ; version = "0.9.0"; in - stdenv.mkDerivation { - inherit version; - pname = "grafana-dashboard-nginx"; +stdenv.mkDerivation { + inherit version; + pname = "grafana-dashboard-nginx"; - dontBuild = true; + dontBuild = true; - src = fetchFromGitHub { - owner = "nginxinc"; - repo = "nginx-prometheus-exporter"; - rev = "v${version}"; - sha256 = "sha256:04y5vpj2kv2ygdzxy3crpnx4mhpkm1ns2995kxgvjlhnyck7a5rf"; - }; + src = fetchFromGitHub { + owner = "nginxinc"; + repo = "nginx-prometheus-exporter"; + rev = "v${version}"; + sha256 = "sha256:04y5vpj2kv2ygdzxy3crpnx4mhpkm1ns2995kxgvjlhnyck7a5rf"; + }; - installPhase = '' - mkdir -p $out - cp grafana/dashboard.json $out/dashboard.json - ''; + installPhase = '' + mkdir -p $out + cp grafana/dashboard.json $out/dashboard.json + ''; - meta = { - description = "grafana dashboard for NGINX exporter"; - homepage = "https://github.com/nginxinc/nginx-prometheus-exporter"; - license = licenses.asl20; - }; - } + meta = { + description = "grafana dashboard for NGINX exporter"; + homepage = "https://github.com/nginxinc/nginx-prometheus-exporter"; + license = licenses.asl20; + }; +} diff --git a/pkgs/grafana-dashboards/node-exporter.nix b/pkgs/grafana-dashboards/node-exporter.nix index 42f5961..55fbb6d 100644 --- a/pkgs/grafana-dashboards/node-exporter.nix +++ b/pkgs/grafana-dashboards/node-exporter.nix @@ -1,37 +1,32 @@ -{ - stdenv, - fetchFromGitHub, - lib, - ... -}: let - inherit - (lib) +{ stdenv, fetchFromGitHub, lib, ... }: +let + inherit (lib) licenses - ; + ; version = "7d61c79619e5749e629758ecd96748c010028120"; in - stdenv.mkDerivation { - version = "master-${version}"; - pname = "grafana-dashboard-node-exporter"; +stdenv.mkDerivation { + version = "master-${version}"; + pname = "grafana-dashboard-node-exporter"; - dontBuild = true; + dontBuild = true; - src = fetchFromGitHub { - owner = "rfrail3"; - repo = "grafana-dashboards"; - rev = version; - sha256 = "sha256:1z6i76jdiw3jjigbmbqvyi8kyj4ngw0y73fv9yksr2ncjfqlhhv6"; - }; + src = fetchFromGitHub { + owner = "rfrail3"; + repo = "grafana-dashboards"; + rev = version; + sha256 = "sha256:1z6i76jdiw3jjigbmbqvyi8kyj4ngw0y73fv9yksr2ncjfqlhhv6"; + }; - installPhase = '' - mkdir -p $out - cp prometheus/node-exporter-full.json $out/node-exporter-full.json - ''; + installPhase = '' + mkdir -p $out + cp prometheus/node-exporter-full.json $out/node-exporter-full.json + ''; - meta = { - description = "grafana dashboard for node exporter"; - homepage = "https://github.com/rfrail3/grafana-dashboards"; - license = licenses.lgpl3Only; - }; - } + meta = { + description = "grafana dashboard for node exporter"; + homepage = "https://github.com/rfrail3/grafana-dashboards"; + license = licenses.lgpl3Only; + }; +} diff --git a/pkgs/kaleidoscope-udev-rules/default.nix b/pkgs/kaleidoscope-udev-rules/default.nix index 1af8ffc..aaeaea9 100644 --- a/pkgs/kaleidoscope-udev-rules/default.nix +++ b/pkgs/kaleidoscope-udev-rules/default.nix @@ -1,36 +1,33 @@ -{ - stdenv, - lib, - fetchFromGitHub, -}: let - inherit - (lib) +{ stdenv, lib, fetchFromGitHub }: + +let + inherit (lib) licenses - ; + ; version = "1.99.3"; in - stdenv.mkDerivation { - inherit version; - pname = "kaleidoscope-udev-rules"; +stdenv.mkDerivation { + inherit version; + pname = "kaleidoscope-udev-rules"; - dontBuild = true; + dontBuild = true; - src = fetchFromGitHub { - owner = "keyboardio"; - repo = "Kaleidoscope"; - rev = "v${version}"; - sha256 = "sha256-4WIl/Hj23j9GLzdMcyEQvg9X7HI4WSInrLkYCkj6yhM="; - }; + src = fetchFromGitHub { + owner = "keyboardio"; + repo = "Kaleidoscope"; + rev = "v${version}"; + sha256 = "sha256-4WIl/Hj23j9GLzdMcyEQvg9X7HI4WSInrLkYCkj6yhM="; + }; - installPhase = '' - mkdir -p $out/lib/udev/rules.d - cp etc/60-kaleidoscope.rules $out/lib/udev/rules.d/ - ''; + installPhase = '' + mkdir -p $out/lib/udev/rules.d + cp etc/60-kaleidoscope.rules $out/lib/udev/rules.d/ + ''; - meta = { - description = "udev rules for kaleidoscope firmware keyboards"; - homepage = "https://github.com/keyboardio/Kaleidoscope"; - license = licenses.gpl3Only; - }; - } + meta = { + description = "udev rules for kaleidoscope firmware keyboards"; + homepage = "https://github.com/keyboardio/Kaleidoscope"; + license = licenses.gpl3Only; + }; +} diff --git a/pkgs/sddm-sugar-candy/default.nix b/pkgs/sddm-sugar-candy/default.nix index 3a31537..f90b6b8 100644 --- a/pkgs/sddm-sugar-candy/default.nix +++ b/pkgs/sddm-sugar-candy/default.nix @@ -1,7 +1,4 @@ -{ - stdenv, - fetchFromGitLab, -}: +{ stdenv, fetchFromGitLab }: stdenv.mkDerivation rec { pname = "sddm-sugar-candy"; # latest master commit, no recent tags :( @@ -13,7 +10,7 @@ stdenv.mkDerivation rec { cp -aR . $out/share/sddm/themes/sugar-candy ''; - patches = [./custom-conf.patch]; + patches = [ ./custom-conf.patch ]; src = fetchFromGitLab { domain = "framagit.org"; diff --git a/pkgs/spot/default.nix b/pkgs/spot/default.nix index e3df73b..99a5659 100644 --- a/pkgs/spot/default.nix +++ b/pkgs/spot/default.nix @@ -1,20 +1,20 @@ -{ - stdenv, - fetchurl, - python3, -}: let +{ stdenv +, fetchurl +, python3 +}: +let version = "2.10.4"; in - stdenv.mkDerivation { - inherit version; - pname = "spot"; +stdenv.mkDerivation { + inherit version; + pname = "spot"; - buildInputs = [ - python3 - ]; + buildInputs = [ + python3 + ]; - src = fetchurl { - url = "https://www.lrde.epita.fr/dload/spot/spot-${version}.tar.gz"; - sha256 = "sha256-6GKc22zOgwd4JpYM0B7OUhPar5ooPW9iqvaa+gYjR4o="; - }; - } + src = fetchurl { + url = "https://www.lrde.epita.fr/dload/spot/spot-${version}.tar.gz"; + sha256 = "sha256-6GKc22zOgwd4JpYM0B7OUhPar5ooPW9iqvaa+gYjR4o="; + }; +} diff --git a/poseidon.nix b/poseidon.nix index ecb36c6..2739352 100644 --- a/poseidon.nix +++ b/poseidon.nix @@ -1,4 +1,6 @@ -{...}: { +{ ... }: + +{ imports = [ # Default configuration ./base diff --git a/services/default.nix b/services/default.nix index 9c4af4f..82e3bf4 100644 --- a/services/default.nix +++ b/services/default.nix @@ -1,4 +1,6 @@ -{...}: { +{ ... }: + +{ imports = [ ./vaultwarden.nix ./fail2ban.nix diff --git a/services/fail2ban.nix b/services/fail2ban.nix index 0f368c4..ccc12f2 100644 --- a/services/fail2ban.nix +++ b/services/fail2ban.nix @@ -1,14 +1,10 @@ -{ - config, - lib, - pkgs, - ... -}: let - inherit - (lib) +{ config, lib, pkgs, ... }: + +let + inherit (lib) mkEnableOption mkIf - ; + ; cfg = config.my.services.fail2ban; in { diff --git a/services/fava.nix b/services/fava.nix index 59494ad..e283022 100644 --- a/services/fava.nix +++ b/services/fava.nix @@ -1,24 +1,19 @@ -{ - config, - lib, - pkgs, - ... -}: let - inherit - (lib) +{ config, lib, pkgs, ... }: + +let + inherit (lib) mkEnableOption mkIf mkOption - ; + ; cfg = config.my.services.fava; my = config.my; domain = config.networking.domain; secrets = config.my.secrets; -in { - options.my.services.fava = let - inherit (lib) types; - in { +in +{ + options.my.services.fava = let inherit (lib) types; in { enable = mkEnableOption "Fava"; home = mkOption { @@ -44,7 +39,7 @@ in { config = mkIf cfg.enable { systemd.services.fava = { - wantedBy = ["multi-user.target"]; + wantedBy = [ "multi-user.target" ]; serviceConfig = { Environment = []; ExecStart = "${pkgs.fava}/bin/fava -H 127.0.0.1 -p ${toString cfg.port} ${cfg.home}/${cfg.filePath}"; @@ -60,7 +55,7 @@ in { createHome = true; group = "fava"; }; - users.groups.fava = {}; + users.groups.fava = { }; services.nginx.virtualHosts = { "fava.${domain}" = { diff --git a/services/gitea/default.nix b/services/gitea/default.nix index 6796d88..408d29d 100644 --- a/services/gitea/default.nix +++ b/services/gitea/default.nix @@ -1,24 +1,18 @@ -{ - config, - lib, - pkgs, - ... -}: let - inherit - (lib) +{ config, lib, pkgs, ... }: + +let + inherit (lib) mkEnableOption mkIf mkOption - ; + ; cfg = config.my.services.gitea; my = config.my; domain = config.networking.domain; in { - options.my.services.gitea = let - inherit (lib) types; - in { + options.my.services.gitea = let inherit (lib) types; in { enable = mkEnableOption "Personal Git hosting with Gitea"; privatePort = mkOption { @@ -39,11 +33,11 @@ in { # the systemd service for the gitea module seems to hardcode the group as # gitea, so, uh, just in case? - extraGroups = ["gitea"]; + extraGroups = [ "gitea" ]; isSystemUser = true; }; - users.groups.git = {}; + users.groups.git = { }; services.gitea = { enable = true; @@ -94,7 +88,7 @@ in { }; services.postgresqlBackup = { - databases = ["gitea"]; + databases = [ "gitea" ]; }; services.nginx = { diff --git a/services/jellyfin.nix b/services/jellyfin.nix index 4a4ceea..f485d65 100644 --- a/services/jellyfin.nix +++ b/services/jellyfin.nix @@ -1,14 +1,10 @@ -{ - config, - lib, - pkgs, - ... -}: let - inherit - (lib) +{ config, lib, pkgs, ... }: + +let + inherit (lib) mkEnableOption mkIf - ; + ; cfg = config.my.services.jellyfin; my = config.my; diff --git a/services/lohr.nix b/services/lohr.nix index b4c54bc..db33155 100644 --- a/services/lohr.nix +++ b/services/lohr.nix @@ -1,28 +1,24 @@ -{ - config, - lib, - pkgs, - ... -}: let - inherit - (lib) +{ config, lib, pkgs, ... }: + +let + inherit (lib) mkEnableOption mkIf mkOption - ; + ; cfg = config.my.services.lohr; my = config.my; domain = config.networking.domain; secrets = config.my.secrets; - lohrPkg = let - flake = builtins.getFlake "github:alarsyo/lohr?rev=58503cc8b95c8b627f6ae7e56740609e91f323cd"; - in + lohrPkg = + let + flake = builtins.getFlake "github:alarsyo/lohr?rev=58503cc8b95c8b627f6ae7e56740609e91f323cd"; + in flake.defaultPackage."x86_64-linux"; # FIXME: use correct system -in { - options.my.services.lohr = let - inherit (lib) types; - in { +in +{ + options.my.services.lohr = let inherit (lib) types; in { enable = mkEnableOption "Lohr Mirroring Daemon"; home = mkOption { @@ -42,7 +38,7 @@ in { config = mkIf cfg.enable { systemd.services.lohr = { - wantedBy = ["multi-user.target"]; + wantedBy = [ "multi-user.target" ]; serviceConfig = { Environment = [ "ROCKET_PORT=${toString cfg.port}" @@ -56,7 +52,7 @@ in { User = "lohr"; Group = "lohr"; }; - path = [pkgs.git]; + path = [ pkgs.git ]; }; users.users.lohr = { @@ -65,7 +61,7 @@ in { createHome = true; group = "lohr"; }; - users.groups.lohr = {}; + users.groups.lohr = { }; services.nginx.virtualHosts = { "lohr.${domain}" = { diff --git a/services/matrix.nix b/services/matrix.nix index 82cfb88..19c92f9 100644 --- a/services/matrix.nix +++ b/services/matrix.nix @@ -7,36 +7,24 @@ # - https://github.com/delroth/infra.delroth.net/blob/master/roles/matrix-synapse.nix # - https://nixos.org/manual/nixos/stable/index.html#module-services-matrix # -{ - config, - lib, - pkgs, - ... -}: let - inherit - (lib) +{ config, lib, pkgs, ... }: + +let + inherit (lib) mkEnableOption mkIf mkOption optionals - ; + ; cfg = config.my.services.matrix; my = config.my; - federationPort = { - public = 8448; - private = 11338; - }; - clientPort = { - public = 443; - private = 11339; - }; + federationPort = { public = 8448; private = 11338; }; + clientPort = { public = 443; private = 11339; }; domain = config.networking.domain; in { - options.my.services.matrix = let - inherit (lib) types; - in { + options.my.services.matrix = let inherit (lib) types; in { enable = mkEnableOption "Matrix Synapse"; secretConfigFile = mkOption { @@ -53,7 +41,7 @@ in { }; services.postgresqlBackup = { - databases = ["matrix-synapse"]; + databases = [ "matrix-synapse" ]; }; services.matrix-synapse = { @@ -102,30 +90,20 @@ in { listeners = [ # Federation { - bind_addresses = ["::1"]; + bind_addresses = [ "::1" ]; port = federationPort.private; - tls = false; # Terminated by nginx. + tls = false; # Terminated by nginx. x_forwarded = true; - resources = [ - { - names = ["federation"]; - compress = false; - } - ]; + resources = [ { names = [ "federation" ]; compress = false; } ]; } # Client { - bind_addresses = ["::1"]; + bind_addresses = [ "::1" ]; port = clientPort.private; - tls = false; # Terminated by nginx. + tls = false; # Terminated by nginx. x_forwarded = true; - resources = [ - { - names = ["client"]; - compress = false; - } - ]; + resources = [ { names = [ "client" ]; compress = false; } ]; } ]; @@ -149,32 +127,26 @@ in { onlySSL = true; useACMEHost = domain; - locations = let - proxyToClientPort = { - proxyPass = "http://[::1]:${toString clientPort.private}"; - }; - in { - # Or do a redirect instead of the 404, or whatever is appropriate - # for you. But do not put a Matrix Web client here! See the - # Element web section below. - "/".return = "404"; + locations = + let + proxyToClientPort = { + proxyPass = "http://[::1]:${toString clientPort.private}"; + }; + in { + # Or do a redirect instead of the 404, or whatever is appropriate + # for you. But do not put a Matrix Web client here! See the + # Element web section below. + "/".return = "404"; - "/_matrix" = proxyToClientPort; - "/_synapse/client" = proxyToClientPort; - }; + "/_matrix" = proxyToClientPort; + "/_synapse/client" = proxyToClientPort; + }; listen = [ - { - addr = "0.0.0.0"; - port = clientPort.public; - ssl = true; - } - { - addr = "[::]"; - port = clientPort.public; - ssl = true; - } + { addr = "0.0.0.0"; port = clientPort.public; ssl = true; } + { addr = "[::]"; port = clientPort.public; ssl = true; } ]; + }; # same as above, but listening on the federation port @@ -190,37 +162,32 @@ in { }; listen = [ - { - addr = "0.0.0.0"; - port = federationPort.public; - ssl = true; - } - { - addr = "[::]"; - port = federationPort.public; - ssl = true; - } + { addr = "0.0.0.0"; port = federationPort.public; ssl = true; } + { addr = "[::]"; port = federationPort.public; ssl = true; } ]; + }; "${domain}" = { forceSSL = true; useACMEHost = domain; - locations."= /.well-known/matrix/server".extraConfig = let - server = {"m.server" = "matrix.${domain}:${toString federationPort.public}";}; - in '' + locations."= /.well-known/matrix/server".extraConfig = + let + server = { "m.server" = "matrix.${domain}:${toString federationPort.public}"; }; + in '' add_header Content-Type application/json; return 200 '${builtins.toJSON server}'; ''; - locations."= /.well-known/matrix/client".extraConfig = let - client = { - "m.homeserver" = {"base_url" = "https://matrix.${domain}";}; - "m.identity_server" = {"base_url" = "https://vector.im";}; - }; - # ACAO required to allow element-web on any URL to request this json file - in '' + locations."= /.well-known/matrix/client".extraConfig = + let + client = { + "m.homeserver" = { "base_url" = "https://matrix.${domain}"; }; + "m.identity_server" = { "base_url" = "https://vector.im"; }; + }; + # ACAO required to allow element-web on any URL to request this json file + in '' add_header Content-Type application/json; add_header Access-Control-Allow-Origin *; return 200 '${builtins.toJSON client}'; @@ -260,7 +227,7 @@ in { }; # For administration tools. - environment.systemPackages = [pkgs.matrix-synapse]; + environment.systemPackages = [ pkgs.matrix-synapse ]; networking.firewall.allowedTCPPorts = [ clientPort.public @@ -269,11 +236,10 @@ in { my.services.restic-backup = let dataDir = config.services.matrix-synapse.dataDir; - in - mkIf cfg.enable { - paths = [dataDir]; - # this is just caching for other servers media, doesn't need backup - exclude = ["${dataDir}/media/remote_*"]; - }; + in mkIf cfg.enable { + paths = [ dataDir ]; + # this is just caching for other servers media, doesn't need backup + exclude = [ "${dataDir}/media/remote_*" ]; + }; }; } diff --git a/services/media.nix b/services/media.nix index 0d4ee7f..175319e 100644 --- a/services/media.nix +++ b/services/media.nix @@ -1,21 +1,17 @@ -{ - config, - lib, - ... -}: let - inherit - (lib) +{ config, lib, ... }: +let + inherit (lib) mkIf - ; + ; mediaServices = builtins.attrValues { - inherit - (config.my.services) + inherit (config.my.services) jellyfin transmission - ; + ; }; needed = builtins.any (service: service.enable) mediaServices; -in { - config.users.groups.media = mkIf needed {}; +in +{ + config.users.groups.media = mkIf needed { }; } diff --git a/services/miniflux.nix b/services/miniflux.nix index 5738d8e..0670711 100644 --- a/services/miniflux.nix +++ b/services/miniflux.nix @@ -1,24 +1,18 @@ -{ - config, - lib, - pkgs, - ... -}: let - inherit - (lib) +{ config, lib, pkgs, ... }: + +let + inherit (lib) mkEnableOption mkIf mkOption - ; + ; cfg = config.my.services.miniflux; my = config.my; domain = config.networking.domain; in { - options.my.services.miniflux = let - inherit (lib) types; - in { + options.my.services.miniflux = let inherit (lib) types; in { enable = mkEnableOption "Serve a Miniflux instance"; adminCredentialsFile = mkOption { @@ -40,7 +34,7 @@ in { # services.postgresql is automatically enabled by services.miniflux, let's # back it up services.postgresqlBackup = { - databases = ["miniflux"]; + databases = [ "miniflux" ]; }; services.miniflux = { diff --git a/services/monitoring.nix b/services/monitoring.nix index 57731ff..82e20fd 100644 --- a/services/monitoring.nix +++ b/services/monitoring.nix @@ -1,22 +1,16 @@ -{ - config, - lib, - pkgs, - ... -}: let - inherit - (lib) +{ config, lib, pkgs, ... }: + +let + inherit (lib) mkEnableOption mkIf mkOption - ; + ; cfg = config.my.services.monitoring; domain = config.networking.domain; in { - options.my.services.monitoring = let - inherit (lib) types; - in { + options.my.services.monitoring = let inherit (lib) types; in { enable = mkEnableOption "Enable monitoring"; domain = mkOption { @@ -80,7 +74,7 @@ in { exporters = { node = { enable = true; - enabledCollectors = ["systemd"]; + enabledCollectors = [ "systemd" ]; port = 9100; listenAddress = "127.0.0.1"; }; @@ -93,11 +87,9 @@ in { scrapeConfigs = [ { job_name = config.networking.hostName; - static_configs = [ - { - targets = ["127.0.0.1:${toString config.services.prometheus.exporters.node.port}"]; - } - ]; + static_configs = [{ + targets = [ "127.0.0.1:${toString config.services.prometheus.exporters.node.port}" ]; + }]; } ]; }; diff --git a/services/navidrome.nix b/services/navidrome.nix index 75e6d53..bb350ff 100644 --- a/services/navidrome.nix +++ b/services/navidrome.nix @@ -1,23 +1,17 @@ -{ - config, - lib, - pkgs, - ... -}: let - inherit - (lib) +{ config, lib, pkgs, ... }: + +let + inherit (lib) mkEnableOption mkIf mkOption optional - ; + ; cfg = config.my.services.navidrome; domain = config.networking.domain; in { - options.my.services.navidrome = let - inherit (lib) types; - in { + options.my.services.navidrome = let inherit (lib) types; in { enable = mkEnableOption "Navidrome"; musicFolder = { path = mkOption { @@ -40,8 +34,8 @@ in { }; my.services.restic-backup = { - paths = ["/var/lib/navidrome"] ++ optional cfg.musicFolder.backup cfg.musicFolder.path; - exclude = ["/var/lib/navidrome/cache"]; + paths = [ "/var/lib/navidrome" ] ++ optional cfg.musicFolder.backup cfg.musicFolder.path; + exclude = [ "/var/lib/navidrome/cache" ]; }; services.nginx.virtualHosts."music.${domain}" = { diff --git a/services/nextcloud.nix b/services/nextcloud.nix index 0ec642f..909bd95 100644 --- a/services/nextcloud.nix +++ b/services/nextcloud.nix @@ -1,26 +1,21 @@ -{ - lib, - config, - pkgs, - ... -}: +{ lib, config, pkgs, ... }: + # TODO: setup prometheus exporter + let - inherit - (lib) + inherit (lib) mkEnableOption mkIf mkOption - ; + ; cfg = config.my.services.nextcloud; my = config.my; domain = config.networking.domain; dbName = "nextcloud"; -in { - options.my.services.nextcloud = let - inherit (lib) types; - in { +in +{ + options.my.services.nextcloud = let inherit (lib) types; in { enable = mkEnableOption "NextCloud"; adminpassFile = mkOption { @@ -36,7 +31,7 @@ in { services.postgresql = { enable = true; - ensureDatabases = [dbName]; + ensureDatabases = [ dbName ]; ensureUsers = [ { name = "nextcloud"; @@ -48,13 +43,13 @@ in { }; # not handled by module - systemd.services.nextcloud-setup = { - requires = ["postgresql.service"]; - after = ["postgresql.service"]; + systemd.services.nextcloud-setup= { + requires = [ "postgresql.service" ]; + after = [ "postgresql.service" ]; }; services.postgresqlBackup = { - databases = [dbName]; + databases = [ dbName ]; }; services.nextcloud = { @@ -92,17 +87,16 @@ in { my.services.restic-backup = let nextcloudHome = config.services.nextcloud.home; - in - mkIf cfg.enable { - paths = [nextcloudHome]; - exclude = [ - # borg can fail if *.part files disappear during backup - "${nextcloudHome}/data/*/uploads" - # image previews can take up a lot of space - "${nextcloudHome}/data/appdata_*/preview" - # specific account for huge files I don't care about losing - "${nextcloudHome}/data/misc" - ]; - }; + in mkIf cfg.enable { + paths = [ nextcloudHome ]; + exclude = [ + # borg can fail if *.part files disappear during backup + "${nextcloudHome}/data/*/uploads" + # image previews can take up a lot of space + "${nextcloudHome}/data/appdata_*/preview" + # specific account for huge files I don't care about losing + "${nextcloudHome}/data/misc" + ]; + }; }; } diff --git a/services/nginx.nix b/services/nginx.nix index a69d1ac..42dc015 100644 --- a/services/nginx.nix +++ b/services/nginx.nix @@ -1,20 +1,16 @@ # Part of config shamelessly stolen from: # # https://github.com/delroth/infra.delroth.net -{ - config, - lib, - pkgs, - ... -}: let - inherit - (lib) +{ config, lib, pkgs, ... }: +let + inherit (lib) mkIf - ; -in { + ; +in +{ # Whenever something defines an nginx vhost, ensure that nginx defaults are # properly set. - config = mkIf ((builtins.attrNames config.services.nginx.virtualHosts) != ["localhost"]) { + config = mkIf ((builtins.attrNames config.services.nginx.virtualHosts) != [ "localhost" ]) { services.nginx = { enable = true; statusPage = true; # For monitoring scraping. @@ -25,7 +21,7 @@ in { recommendedProxySettings = true; }; - networking.firewall.allowedTCPPorts = [80 443]; + networking.firewall.allowedTCPPorts = [ 80 443 ]; services.prometheus = { exporters.nginx = { @@ -36,14 +32,12 @@ in { scrapeConfigs = [ { job_name = "nginx"; - static_configs = [ - { - targets = ["127.0.0.1:${toString config.services.prometheus.exporters.nginx.port}"]; - labels = { - instance = config.networking.hostName; - }; - } - ]; + static_configs = [{ + targets = [ "127.0.0.1:${toString config.services.prometheus.exporters.nginx.port}" ]; + labels = { + instance = config.networking.hostName; + }; + }]; } ]; }; @@ -52,17 +46,18 @@ in { acceptTerms = true; defaults.email = "antoine97.martin@gmail.com"; - certs = let - domain = config.networking.domain; - gandiKey = config.my.secrets.gandiKey; - in { - "${domain}" = { - extraDomainNames = ["*.${domain}"]; - dnsProvider = "gandiv5"; - credentialsFile = config.age.secrets."gandi/api-key".path; - group = "nginx"; + certs = + let + domain = config.networking.domain; + gandiKey = config.my.secrets.gandiKey; + in { + "${domain}" = { + extraDomainNames = [ "*.${domain}" ]; + dnsProvider = "gandiv5"; + credentialsFile = config.age.secrets."gandi/api-key".path; + group = "nginx"; + }; }; - }; }; }; } diff --git a/services/nuage.nix b/services/nuage.nix index 52bb402..4c2e65a 100644 --- a/services/nuage.nix +++ b/services/nuage.nix @@ -1,17 +1,15 @@ -{ - config, - lib, - ... -}: let - inherit - (lib) +{ config, lib, ... }: + +let + inherit (lib) mkEnableOption mkIf - ; + ; cfg = config.my.services.nuage; my = config.my; -in { +in +{ options.my.services.nuage = { enable = mkEnableOption "Nuage redirect"; }; diff --git a/services/paperless.nix b/services/paperless.nix index 9ed9537..431acd3 100644 --- a/services/paperless.nix +++ b/services/paperless.nix @@ -1,24 +1,19 @@ -{ - config, - lib, - pkgs, - ... -}: let - inherit - (lib) +{ config, lib, pkgs, ... }: + +let + inherit (lib) mkEnableOption mkIf mkOption - ; + ; cfg = config.my.services.paperless; my = config.my; domain = config.networking.domain; paperlessDomain = "paperless.${domain}"; -in { - options.my.services.paperless = let - inherit (lib) types; - in { +in +{ + options.my.services.paperless = let inherit (lib) types; in { enable = mkEnableOption "Paperless"; port = mkOption { @@ -82,7 +77,7 @@ in { services.postgresql = { enable = true; - ensureDatabases = ["paperless"]; + ensureDatabases = [ "paperless" ]; ensureUsers = [ { name = "paperless"; @@ -93,7 +88,7 @@ in { systemd.services.paperless-ng-server = { # Make sure the DB is available - after = ["postgresql.service"]; + after = [ "postgresql.service" ]; }; services.nginx.virtualHosts = { diff --git a/services/pipewire.nix b/services/pipewire.nix index 04d8135..0be1e42 100644 --- a/services/pipewire.nix +++ b/services/pipewire.nix @@ -1,20 +1,16 @@ -{ - config, - lib, - pkgs, - options, - ... -}: let - inherit - (lib) +{ config, lib, pkgs, options, ... }: + +let + inherit (lib) mkEnableOption mkIf optionalAttrs - ; + ; cfg = config.my.services.pipewire; my = config.my; -in { +in +{ options.my.services.pipewire = { enable = mkEnableOption "Pipewire sound backend"; }; @@ -41,6 +37,6 @@ in { # FIXME: a shame pactl isn't available by itself, eventually this should be # replaced by pw-cli or a wrapper, I guess? - environment.systemPackages = [pkgs.pulseaudio]; + environment.systemPackages = [ pkgs.pulseaudio ]; }); } diff --git a/services/postgresql-backup.nix b/services/postgresql-backup.nix index 0d8ec05..c3642b7 100644 --- a/services/postgresql-backup.nix +++ b/services/postgresql-backup.nix @@ -1,14 +1,10 @@ -{ - config, - lib, - pkgs, - ... -}: let - inherit - (lib) +{ config, lib, pkgs, ... }: + +let + inherit (lib) mkEnableOption mkIf - ; + ; cfg = config.my.services.postgresql-backup; in { @@ -24,11 +20,12 @@ in { }; my.services.restic-backup = mkIf cfg.enable { - paths = ["/var/backup/postgresql"]; + paths = [ "/var/backup/postgresql" ]; # no need to store previously backed up files, as borg does the snapshoting # for us - exclude = ["/var/backup/postgresql/*.prev.sql.gz"]; + exclude = [ "/var/backup/postgresql/*.prev.sql.gz" ]; }; }; + } diff --git a/services/postgresql.nix b/services/postgresql.nix index 9a37212..742f0f2 100644 --- a/services/postgresql.nix +++ b/services/postgresql.nix @@ -1,8 +1,5 @@ +{ config, pkgs, ... }: { - config, - pkgs, - ... -}: { # set postgresql version so we don't get any bad surprise config.services.postgresql = { package = pkgs.postgresql_13; diff --git a/services/restic-backup.nix b/services/restic-backup.nix index cad1127..66e531c 100644 --- a/services/restic-backup.nix +++ b/services/restic-backup.nix @@ -1,27 +1,21 @@ -{ - config, - lib, - pkgs, - ... -}: let - inherit - (lib) +{ config, lib, pkgs, ... }: + +let + inherit (lib) attrsets concatStringsSep mkEnableOption mkIf mkOption optional - ; + ; cfg = config.my.services.restic-backup; excludeArg = "--exclude-file=" + (pkgs.writeText "excludes.txt" (concatStringsSep "\n" cfg.exclude)); makePruneOpts = pruneOpts: attrsets.mapAttrsToList (name: value: "--keep-${name} ${toString value}") pruneOpts; in { - options.my.services.restic-backup = let - inherit (lib) types; - in { + options.my.services.restic-backup = let inherit (lib) types; in { enable = mkEnableOption "Enable Restic backups for this host"; repo = mkOption { @@ -29,11 +23,12 @@ in { default = null; example = "/mnt/hdd"; description = "Restic backup repo"; + }; paths = mkOption { type = types.listOf types.str; - default = []; + default = [ ]; example = [ "/var/lib" "/home" @@ -43,7 +38,7 @@ in { exclude = mkOption { type = types.listOf types.str; - default = []; + default = [ ]; example = [ # very large paths "/var/lib/docker" @@ -86,7 +81,7 @@ in { }; config = mkIf cfg.enable { - environment.systemPackages = [pkgs.restic]; + environment.systemPackages = [ pkgs.restic ]; services.restic.backups.backblaze = { initialize = true; @@ -97,9 +92,8 @@ in { passwordFile = cfg.passwordFile; environmentFile = cfg.environmentFile; - extraBackupArgs = - ["--verbose=2"] - ++ optional (builtins.length cfg.exclude != 0) excludeArg; + extraBackupArgs = [ "--verbose=2" ] + ++ optional (builtins.length cfg.exclude != 0) excludeArg; timerConfig = cfg.timerConfig; diff --git a/services/tailscale.nix b/services/tailscale.nix index ff3a4b1..4da1d6b 100644 --- a/services/tailscale.nix +++ b/services/tailscale.nix @@ -1,17 +1,14 @@ -{ - config, - lib, - pkgs, - ... -}: let - inherit - (lib) +{ config, lib, pkgs, ... }: + +let + inherit (lib) mkEnableOption mkIf - ; + ; cfg = config.my.services.tailscale; -in { +in +{ options.my.services.tailscale = { enable = mkEnableOption "Tailscale"; @@ -26,8 +23,8 @@ in { }; networking.firewall = { - trustedInterfaces = ["tailscale0"]; - allowedUDPPorts = [config.services.tailscale.port]; + trustedInterfaces = [ "tailscale0" ]; + allowedUDPPorts = [ config.services.tailscale.port ]; }; # enable IP forwarding to use as exit node diff --git a/services/tgv.nix b/services/tgv.nix index 25426c9..295a672 100644 --- a/services/tgv.nix +++ b/services/tgv.nix @@ -1,17 +1,15 @@ -{ - config, - lib, - ... -}: let - inherit - (lib) +{ config, lib, ... }: + +let + inherit (lib) mkEnableOption mkIf - ; + ; cfg = config.my.services.tgv; my = config.my; -in { +in +{ options.my.services.tgv = { enable = mkEnableOption "TGV redirect"; }; diff --git a/services/transmission.nix b/services/transmission.nix index 822070c..7fb7f69 100644 --- a/services/transmission.nix +++ b/services/transmission.nix @@ -1,15 +1,11 @@ -{ - config, - lib, - ... -}: let - inherit - (lib) +{ config, lib, ... }: +let + inherit (lib) mkEnableOption mkIf mkOption optionalAttrs - ; + ; cfg = config.my.services.transmission; @@ -20,10 +16,9 @@ transmissionPeerPort = 30251; downloadBase = "/media/torrents/"; -in { - options.my.services.transmission = let - inherit (lib) types; - in { +in +{ + options.my.services.transmission = let inherit (lib) types; in { enable = mkEnableOption "Transmission torrent client"; username = mkOption { @@ -42,34 +37,32 @@ in { }; config = mkIf cfg.enable { - services.transmission = - { - enable = true; - group = "media"; + services.transmission = { + enable = true; + group = "media"; - settings = { - download-dir = "${downloadBase}/complete"; - incomplete-dir = "${downloadBase}/incomplete"; + settings = { + download-dir = "${downloadBase}/complete"; + incomplete-dir = "${downloadBase}/incomplete"; - peer-port = transmissionPeerPort; + peer-port = transmissionPeerPort; - rpc-enabled = true; - rpc-port = transmissionRpcPort; - rpc-authentication-required = false; + rpc-enabled = true; + rpc-port = transmissionRpcPort; + rpc-authentication-required = false; - rpc-whitelist-enabled = true; - rpc-whitelist = "127.0.0.1"; + rpc-whitelist-enabled = true; + rpc-whitelist = "127.0.0.1"; - rpc-host-whitelist-enabled = true; - rpc-host-whitelist = webuiDomain; - }; + rpc-host-whitelist-enabled = true; + rpc-host-whitelist = webuiDomain; + }; - # automatically allow transmission.settings.peer-port - openFirewall = true; - } - // (optionalAttrs (cfg.secretConfigFile != null) { - credentialsFile = cfg.secretConfigFile; - }); + # automatically allow transmission.settings.peer-port + openFirewall = true; + } // (optionalAttrs (cfg.secretConfigFile != null) { + credentialsFile = cfg.secretConfigFile; + }); services.nginx.virtualHosts."${webuiDomain}" = { forceSSL = true; diff --git a/services/vaultwarden.nix b/services/vaultwarden.nix index 2d8d370..505678c 100644 --- a/services/vaultwarden.nix +++ b/services/vaultwarden.nix @@ -1,24 +1,18 @@ -{ - config, - lib, - pkgs, - ... -}: let - inherit - (lib) +{ config, lib, pkgs, ... }: + +let + inherit (lib) mkEnableOption mkIf mkOption - ; + ; cfg = config.my.services.vaultwarden; my = config.my; domain = config.networking.domain; in { - options.my.services.vaultwarden = let - inherit (lib) types; - in { + options.my.services.vaultwarden = let inherit (lib) types; in { enable = mkEnableOption "Vaultwarden"; privatePort = mkOption { @@ -42,7 +36,7 @@ in { }; services.postgresqlBackup = { - databases = ["vaultwarden"]; + databases = [ "vaultwarden" ]; }; services.vaultwarden = { @@ -88,8 +82,8 @@ in { # FIXME: should be renamed to vaultwarden eventually my.services.restic-backup = mkIf cfg.enable { - paths = ["/var/lib/bitwarden_rs"]; - exclude = ["/var/lib/bitwarden_rs/icon_cache"]; + paths = [ "/var/lib/bitwarden_rs" ]; + exclude = [ "/var/lib/bitwarden_rs/icon_cache" ]; }; services.fail2ban.jails = { @@ -125,4 +119,5 @@ in { ''; }; }; + } diff --git a/zephyrus.nix b/zephyrus.nix index e818e48..ed011ae 100644 --- a/zephyrus.nix +++ b/zephyrus.nix @@ -1,4 +1,5 @@ -{...}: { +{ ... }: +{ imports = [ # Default configuration ./base