diff --git a/flake.nix b/flake.nix index 4e6e28c..b2d6698 100644 --- a/flake.nix +++ b/flake.nix @@ -31,81 +31,84 @@ nixvim.url = "git+https://git.sajenim.dev/jasmine/nvim.nix.git"; }; - outputs = { self, nixpkgs, home-manager, ... }@inputs: - let - inherit (self) outputs; - # Supported systems for your flake packages, shell, etc. - systems = [ - "aarch64-linux" - "i686-linux" - "x86_64-linux" - "aarch64-darwin" - "x86_64-darwin" - ]; - # This is a function that generates an attribute by calling a function you - # pass to it, with each system as an argument - forAllSystems = nixpkgs.lib.genAttrs systems; - in - { - # Your custom packages - # Acessible through 'nix build', 'nix shell', etc - packages = forAllSystems (system: import ./pkgs nixpkgs.legacyPackages.${system}); - # Formatter for your nix files, available through 'nix fmt' - # Other options beside 'alejandra' include 'nixpkgs-fmt' - formatter = forAllSystems (system: nixpkgs.legacyPackages.${system}.alejandra); + outputs = { + self, + nixpkgs, + home-manager, + ... + } @ inputs: let + inherit (self) outputs; + # Supported systems for your flake packages, shell, etc. + systems = [ + "aarch64-linux" + "i686-linux" + "x86_64-linux" + "aarch64-darwin" + "x86_64-darwin" + ]; + # This is a function that generates an attribute by calling a function you + # pass to it, with each system as an argument + forAllSystems = nixpkgs.lib.genAttrs systems; + in { + # Your custom packages + # Acessible through 'nix build', 'nix shell', etc + packages = forAllSystems (system: import ./pkgs nixpkgs.legacyPackages.${system}); + # Formatter for your nix files, available through 'nix fmt' + # Other options beside 'alejandra' include 'nixpkgs-fmt' + formatter = forAllSystems (system: nixpkgs.legacyPackages.${system}.alejandra); - # Your custom packages and modifications, exported as overlays - overlays = import ./overlays { inherit inputs; }; - # Reusable nixos modules you might want to export - # These are usually stuff you would upstream into nixpkgs - nixosModules = import ./modules/nixos; - # Reusable home-manager modules you might want to export - # These are usually stuff you would upstream into home-manager - homeManagerModules = import ./modules/home-manager; + # Your custom packages and modifications, exported as overlays + overlays = import ./overlays {inherit inputs;}; + # Reusable nixos modules you might want to export + # These are usually stuff you would upstream into nixpkgs + nixosModules = import ./modules/nixos; + # Reusable home-manager modules you might want to export + # These are usually stuff you would upstream into home-manager + homeManagerModules = import ./modules/home-manager; - # Expose the necessary information in your flake so agenix-rekey - # knows where it has too look for secrets and paths. - agenix-rekey = inputs.agenix-rekey.configure { - userFlake = self; - nodes = self.nixosConfigurations; + # Expose the necessary information in your flake so agenix-rekey + # knows where it has too look for secrets and paths. + agenix-rekey = inputs.agenix-rekey.configure { + userFlake = self; + nodes = self.nixosConfigurations; + }; + + # NixOS configuration entrypoint + # Available through 'nixos-rebuild --flake .#your-hostname' + nixosConfigurations = { + fuchsia = nixpkgs.lib.nixosSystem { + specialArgs = {inherit inputs outputs;}; + modules = [ + ./nixos/fuchsia/configuration.nix + ]; }; - # NixOS configuration entrypoint - # Available through 'nixos-rebuild --flake .#your-hostname' - nixosConfigurations = { - fuchsia = nixpkgs.lib.nixosSystem { - specialArgs = { inherit inputs outputs; }; - modules = [ - ./nixos/fuchsia/configuration.nix - ]; - }; - - viridian = nixpkgs.lib.nixosSystem { - specialArgs = { inherit inputs outputs; }; - modules = [ - ./nixos/viridian/configuration.nix - ]; - }; - }; - - # Standalone home-manager configuration entrypoint - # Available through 'home-manager --flake .#your-username@your-hostname' - homeConfigurations = { - "sajenim@fuchsia" = home-manager.lib.homeManagerConfiguration { - pkgs = nixpkgs.legacyPackages.x86_64-linux; - extraSpecialArgs = { inherit inputs outputs; }; - modules = [ - ./home-manager/sajenim/fuchsia.nix - ]; - }; - - "sajenim@viridian" = home-manager.lib.homeManagerConfiguration { - pkgs = nixpkgs.legacyPackages.x86_64-linux; - extraSpecialArgs = { inherit inputs outputs; }; - modules = [ - ./home-manager/sajenim/viridian.nix - ]; - }; + viridian = nixpkgs.lib.nixosSystem { + specialArgs = {inherit inputs outputs;}; + modules = [ + ./nixos/viridian/configuration.nix + ]; }; }; + + # Standalone home-manager configuration entrypoint + # Available through 'home-manager --flake .#your-username@your-hostname' + homeConfigurations = { + "sajenim@fuchsia" = home-manager.lib.homeManagerConfiguration { + pkgs = nixpkgs.legacyPackages.x86_64-linux; + extraSpecialArgs = {inherit inputs outputs;}; + modules = [ + ./home-manager/sajenim/fuchsia.nix + ]; + }; + + "sajenim@viridian" = home-manager.lib.homeManagerConfiguration { + pkgs = nixpkgs.legacyPackages.x86_64-linux; + extraSpecialArgs = {inherit inputs outputs;}; + modules = [ + ./home-manager/sajenim/viridian.nix + ]; + }; + }; + }; } diff --git a/home-manager/sajenim/features/cli/default.nix b/home-manager/sajenim/features/cli/default.nix index 7251ad7..16f4aff 100644 --- a/home-manager/sajenim/features/cli/default.nix +++ b/home-manager/sajenim/features/cli/default.nix @@ -1,6 +1,4 @@ -{ pkgs, ... }: - -{ +{pkgs, ...}: { imports = [ ./git.nix ./nvim.nix diff --git a/home-manager/sajenim/features/cli/git.nix b/home-manager/sajenim/features/cli/git.nix index 863a500..705c89c 100644 --- a/home-manager/sajenim/features/cli/git.nix +++ b/home-manager/sajenim/features/cli/git.nix @@ -1,6 +1,4 @@ -{ pkgs, ... }: - -{ +{pkgs, ...}: { home.packages = with pkgs; [ lazygit ]; diff --git a/home-manager/sajenim/features/cli/nvim.nix b/home-manager/sajenim/features/cli/nvim.nix index 6a9efa9..85a8cc6 100644 --- a/home-manager/sajenim/features/cli/nvim.nix +++ b/home-manager/sajenim/features/cli/nvim.nix @@ -1,7 +1,8 @@ -{ inputs, pkgs, ... }: - { + inputs, + pkgs, + ... +}: { # Install our nixvim configuration for neovim. - home.packages = [ inputs.nixvim.packages.${pkgs.system}.default ]; + home.packages = [inputs.nixvim.packages.${pkgs.system}.default]; } - diff --git a/home-manager/sajenim/features/cli/zsh.nix b/home-manager/sajenim/features/cli/zsh.nix index 876c788..9411919 100644 --- a/home-manager/sajenim/features/cli/zsh.nix +++ b/home-manager/sajenim/features/cli/zsh.nix @@ -1,13 +1,11 @@ -{ pkgs, ... }: - -{ +{pkgs, ...}: { home.packages = with pkgs; [ fzf # command-line fuzzy finder ]; programs.zsh = { enable = true; - + # Enable extra features autosuggestion = { enable = true; @@ -17,17 +15,17 @@ }; enableCompletion = true; dotDir = ".config/zsh"; - + # Commands that should be added to to top of '.zshrc' initExtraFirst = '' ''; # Aliases shellAliases = { - c = "clear"; - r = "cd ~/.repositories"; - p = "cd ~/.print"; - d = "cd ~/.repositories/dotfiles.nix"; + c = "clear"; + r = "cd ~/.repositories"; + p = "cd ~/.print"; + d = "cd ~/.repositories/dotfiles.nix"; la = "ls -a"; ll = "ls -l"; tt = "wezterm cli set-tab-title "; @@ -40,7 +38,7 @@ crkbd = "$HOME/.github/qmk_keymaps/keyboards/crkbd/keymaps/sajenim"; kchrn = "$HOME/.github/qmk_keymaps/keyboards/keychron/q4/ansi_v2/keymaps/sajenim"; }; - + # Install plugins plugins = [ { @@ -53,7 +51,7 @@ }; } ]; - + # Extra commands that should be added to '.zshrc' initExtra = '' eval "$(direnv hook zsh)" @@ -66,4 +64,3 @@ ''; }; } - diff --git a/home-manager/sajenim/features/desktop/awesome/default.nix b/home-manager/sajenim/features/desktop/awesome/default.nix index 68c9549..08af1d1 100644 --- a/home-manager/sajenim/features/desktop/awesome/default.nix +++ b/home-manager/sajenim/features/desktop/awesome/default.nix @@ -1,5 +1,4 @@ -{ pkgs, ... }: -let +{pkgs, ...}: let awesome = pkgs.awesome.overrideAttrs (oa: { version = "ad0290bc1aac3ec2391aa14784146a53ebf9d1f0"; src = pkgs.fetchFromGitHub { @@ -9,16 +8,18 @@ let hash = "sha256-uaskBbnX8NgxrprI4UbPfb5cRqdRsJZv0YXXshfsxFU="; }; - patches = [ ]; + patches = []; postPatch = '' patchShebangs tests/examples/_postprocess.lua ''; }); -in -{ +in { xdg.configFile = { - awesome = { source = ./config; recursive = true; }; + awesome = { + source = ./config; + recursive = true; + }; }; xsession.windowManager.awesome = { @@ -26,4 +27,3 @@ in package = awesome; }; } - diff --git a/home-manager/sajenim/features/desktop/default.nix b/home-manager/sajenim/features/desktop/default.nix index c3c6b4e..adbbfa0 100644 --- a/home-manager/sajenim/features/desktop/default.nix +++ b/home-manager/sajenim/features/desktop/default.nix @@ -1,6 +1,8 @@ -{ inputs, pkgs, ... }: - { + inputs, + pkgs, + ... +}: { imports = [ ./discord ./rofi diff --git a/home-manager/sajenim/features/desktop/discord/default.nix b/home-manager/sajenim/features/desktop/discord/default.nix index 7f58107..838f8fe 100644 --- a/home-manager/sajenim/features/desktop/discord/default.nix +++ b/home-manager/sajenim/features/desktop/discord/default.nix @@ -1,9 +1,7 @@ -{ pkgs, ... }: - -{ +{pkgs, ...}: { nixpkgs.overlays = [ (final: prev: { - discord = prev.discord.override { withOpenASAR = true; }; + discord = prev.discord.override {withOpenASAR = true;}; }) ]; diff --git a/home-manager/sajenim/features/desktop/email.nix b/home-manager/sajenim/features/desktop/email.nix index 967b805..346a889 100644 --- a/home-manager/sajenim/features/desktop/email.nix +++ b/home-manager/sajenim/features/desktop/email.nix @@ -1,6 +1,4 @@ -{ pkgs, ... }: - -{ +{pkgs, ...}: { home.packages = with pkgs; [ # protonmail-bridge requires password manager pass @@ -115,4 +113,3 @@ ]; }; } - diff --git a/home-manager/sajenim/features/desktop/irc.nix b/home-manager/sajenim/features/desktop/irc.nix index 35d37a4..cc6b3f4 100644 --- a/home-manager/sajenim/features/desktop/irc.nix +++ b/home-manager/sajenim/features/desktop/irc.nix @@ -1,6 +1,4 @@ -{ pkgs, ... }: - -{ +{pkgs, ...}: { home.packages = with pkgs; [ weechat ]; @@ -16,4 +14,3 @@ ]; }; } - diff --git a/home-manager/sajenim/features/desktop/mpd.nix b/home-manager/sajenim/features/desktop/mpd.nix index 487d56d..77956cd 100644 --- a/home-manager/sajenim/features/desktop/mpd.nix +++ b/home-manager/sajenim/features/desktop/mpd.nix @@ -1,6 +1,4 @@ -{ pkgs, ... }: - -{ +{pkgs, ...}: { services.mpd = { enable = true; musicDirectory = "nfs://viridian.kanto.dev/srv/multimedia/library/music"; diff --git a/home-manager/sajenim/features/desktop/picom.nix b/home-manager/sajenim/features/desktop/picom.nix index c8f0ff9..3ea617f 100644 --- a/home-manager/sajenim/features/desktop/picom.nix +++ b/home-manager/sajenim/features/desktop/picom.nix @@ -1,6 +1,4 @@ -{ ... }: - -{ +{...}: { services.picom = { enable = true; shadow = true; diff --git a/home-manager/sajenim/features/desktop/rofi/default.nix b/home-manager/sajenim/features/desktop/rofi/default.nix index c4ee9ca..2aff585 100644 --- a/home-manager/sajenim/features/desktop/rofi/default.nix +++ b/home-manager/sajenim/features/desktop/rofi/default.nix @@ -1,6 +1,4 @@ -{ pkgs, ... }: - -{ +{pkgs, ...}: { programs.rofi = { enable = true; font = "Fisa Code 10"; @@ -16,4 +14,3 @@ recursive = true; }; } - diff --git a/home-manager/sajenim/features/desktop/wezterm/default.nix b/home-manager/sajenim/features/desktop/wezterm/default.nix index 3b94c2f..052768a 100644 --- a/home-manager/sajenim/features/desktop/wezterm/default.nix +++ b/home-manager/sajenim/features/desktop/wezterm/default.nix @@ -1,12 +1,12 @@ -{ pkgs, ... }: - -{ +{pkgs, ...}: { home.packages = with pkgs.unstable; [ wezterm ]; xdg.configFile = { - wezterm = { source = ./config; recursive = true; }; + wezterm = { + source = ./config; + recursive = true; + }; }; } - diff --git a/home-manager/sajenim/features/games/default.nix b/home-manager/sajenim/features/games/default.nix index de05e91..ae96cc2 100644 --- a/home-manager/sajenim/features/games/default.nix +++ b/home-manager/sajenim/features/games/default.nix @@ -1,6 +1,4 @@ -{ pkgs, ... }: - -{ +{pkgs, ...}: { imports = [ ./mangohud.nix ]; diff --git a/home-manager/sajenim/features/games/mangohud.nix b/home-manager/sajenim/features/games/mangohud.nix index e442255..dcc7598 100644 --- a/home-manager/sajenim/features/games/mangohud.nix +++ b/home-manager/sajenim/features/games/mangohud.nix @@ -1,6 +1,4 @@ -{ pkgs, ... }: - -{ +{pkgs, ...}: { programs.mangohud = { enable = true; package = pkgs.mangohud; diff --git a/home-manager/sajenim/features/printing/default.nix b/home-manager/sajenim/features/printing/default.nix index a63ca88..8a0b051 100644 --- a/home-manager/sajenim/features/printing/default.nix +++ b/home-manager/sajenim/features/printing/default.nix @@ -1,6 +1,4 @@ -{ pkgs, ... }: - -{ +{pkgs, ...}: { home = { packages = with pkgs; [ blender diff --git a/home-manager/sajenim/fuchsia.nix b/home-manager/sajenim/fuchsia.nix index d6619ed..629f38c 100644 --- a/home-manager/sajenim/fuchsia.nix +++ b/home-manager/sajenim/fuchsia.nix @@ -1,6 +1,4 @@ -{ pkgs, ... }: - -{ +{pkgs, ...}: { imports = [ ./global ./features/desktop @@ -51,4 +49,3 @@ }; }; } - diff --git a/home-manager/sajenim/global/default.nix b/home-manager/sajenim/global/default.nix index 0d75824..20182f4 100644 --- a/home-manager/sajenim/global/default.nix +++ b/home-manager/sajenim/global/default.nix @@ -1,4 +1,8 @@ -{ inputs, outputs, ... }: { +{ + inputs, + outputs, + ... +}: { imports = [ inputs.impermanence.nixosModules.home-manager.impermanence ../features/cli @@ -12,10 +16,10 @@ ]; config = { allowUnfree = true; - allowUnfreePredicate = (_: true); + allowUnfreePredicate = _: true; }; }; - + programs.home-manager.enable = true; home = { diff --git a/home-manager/sajenim/viridian.nix b/home-manager/sajenim/viridian.nix index d95dabc..19c4cfc 100644 --- a/home-manager/sajenim/viridian.nix +++ b/home-manager/sajenim/viridian.nix @@ -1,6 +1,4 @@ -{ ... }: - -{ +{...}: { imports = [ ./global ]; diff --git a/modules/home-manager/default.nix b/modules/home-manager/default.nix index e41f7d9..45aae31 100644 --- a/modules/home-manager/default.nix +++ b/modules/home-manager/default.nix @@ -1,6 +1,5 @@ # Add your reusable home-manager modules to this directory, on their own file (https://nixos.wiki/wiki/Module). # These should be stuff you would like to share with others, not your personal configurations. - { # List your module files here # my-module = import ./my-module.nix; diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix index bec6184..8605069 100644 --- a/modules/nixos/default.nix +++ b/modules/nixos/default.nix @@ -1,6 +1,5 @@ # Add your reusable NixOS modules to this directory, on their own file (https://nixos.wiki/wiki/Module). # These should be stuff you would like to share with others, not your personal configurations. - { # List your module files here # my-module = import ./my-module.nix; diff --git a/nixos/common/global/age.nix b/nixos/common/global/age.nix index f5c6e77..521ff70 100644 --- a/nixos/common/global/age.nix +++ b/nixos/common/global/age.nix @@ -1,8 +1,11 @@ -{ config, pkgs, inputs, ... }: -let - hostname = config.networking.hostName; -in { + config, + pkgs, + inputs, + ... +}: let + hostname = config.networking.hostName; +in { imports = [ inputs.agenix.nixosModules.default inputs.agenix-rekey.nixosModules.default @@ -20,7 +23,7 @@ in # Pubkey for rekeying hostPubkey = ../../${hostname}/ssh_host_ed25519_key.pub; # Master identity used for decryption - masterIdentities = [ ../users/sajenim/agenix-rekey.pub ]; + masterIdentities = [../users/sajenim/agenix-rekey.pub]; # Where we store the rekeyed secrets storageMode = "local"; localStorageDir = ./. + "/secrets/rekeyed/${config.networking.hostName}"; diff --git a/nixos/common/global/default.nix b/nixos/common/global/default.nix index ec6ae97..ac40afd 100644 --- a/nixos/common/global/default.nix +++ b/nixos/common/global/default.nix @@ -1,6 +1,4 @@ -{ outputs, ... }: - -{ +{outputs, ...}: { imports = [ ./age.nix ./env.nix diff --git a/nixos/common/global/env.nix b/nixos/common/global/env.nix index a1e1246..e4dbfc1 100644 --- a/nixos/common/global/env.nix +++ b/nixos/common/global/env.nix @@ -1,35 +1,33 @@ -{ pkgs, ... }: - -{ +{pkgs, ...}: { environment = { binsh = "${pkgs.bash}/bin/bash"; - shells = with pkgs; [ zsh ]; + shells = with pkgs; [zsh]; systemPackages = with pkgs; [ # Ensure home-manager is on all systems home-manager # Useful system utilities - tree # directory structure - bc # basic calculator - vim # editor - ranger # console file manager - htop # system monitor - scrot # screenshot - direnv # load environment - jq # JSON processor - git # version control - nmap # network mapper - xclip # clipboard + tree # directory structure + bc # basic calculator + vim # editor + ranger # console file manager + htop # system monitor + scrot # screenshot + direnv # load environment + jq # JSON processor + git # version control + nmap # network mapper + xclip # clipboard ripgrep # searches the current directory for a regex pattern # HTTP - curl # transfer dato to/from server - wget # download files from web + curl # transfer dato to/from server + wget # download files from web # Archive - unrar # extract roshal archive - unzip # extract zip archive + unrar # extract roshal archive + unzip # extract zip archive ]; - pathsToLink = [ "/share/zsh" ]; + pathsToLink = ["/share/zsh"]; }; } diff --git a/nixos/common/global/nix.nix b/nixos/common/global/nix.nix index 6a35883..22ebea3 100644 --- a/nixos/common/global/nix.nix +++ b/nixos/common/global/nix.nix @@ -1,6 +1,9 @@ -{ config, inputs, lib, ... }: - { + config, + inputs, + lib, + ... +}: { nix = { gc = { # Automatically run the garbage collector an a specified time. @@ -11,7 +14,7 @@ # This will add each flake input as a registry # To make nix commands consistent with your flake - registry = lib.mapAttrs (_: value: { flake = value; }) inputs; + registry = lib.mapAttrs (_: value: {flake = value;}) inputs; # This will additionally add your inputs to the system's legacy channels # Making legacy nix commands consistent as well, awesome! diff --git a/nixos/common/global/ssh.nix b/nixos/common/global/ssh.nix index 32841af..40a41e5 100644 --- a/nixos/common/global/ssh.nix +++ b/nixos/common/global/ssh.nix @@ -1,6 +1,4 @@ -{ ... }: - -{ +{...}: { services.openssh = { enable = true; settings = { @@ -8,7 +6,7 @@ PasswordAuthentication = false; LogLevel = "VERBOSE"; }; - ports = [ 22 ]; + ports = [22]; openFirewall = true; }; diff --git a/nixos/common/optional/ephemeral-btrfs.nix b/nixos/common/optional/ephemeral-btrfs.nix index c0196cf..e6e84cb 100644 --- a/nixos/common/optional/ephemeral-btrfs.nix +++ b/nixos/common/optional/ephemeral-btrfs.nix @@ -1,8 +1,10 @@ -{ lib, config, ... }: -let - hostname = config.networking.hostName; -in { + lib, + config, + ... +}: let + hostname = config.networking.hostName; +in { imports = [ ./persist.nix ]; @@ -36,26 +38,26 @@ in "/" = { device = "/dev/disk/by-label/${hostname}"; fsType = "btrfs"; - options = [ "subvol=root" "compress=zstd" ]; + options = ["subvol=root" "compress=zstd"]; }; "/nix" = { device = "/dev/disk/by-label/${hostname}"; fsType = "btrfs"; - options = [ "subvol=nix" "compress=zstd" ]; + options = ["subvol=nix" "compress=zstd"]; }; "/persist" = { device = "/dev/disk/by-label/${hostname}"; fsType = "btrfs"; - options = [ "subvol=persist" "compress=zstd" ]; + options = ["subvol=persist" "compress=zstd"]; neededForBoot = true; }; "/swap" = { device = "/dev/disk/by-label/${hostname}"; fsType = "btrfs"; - options = [ "subvol=swap" "compress=zstd" ]; + options = ["subvol=swap" "compress=zstd"]; }; }; } diff --git a/nixos/common/optional/key.nix b/nixos/common/optional/key.nix index 6e0aa4c..9c86ebe 100644 --- a/nixos/common/optional/key.nix +++ b/nixos/common/optional/key.nix @@ -1,6 +1,4 @@ -{ pkgs, ... }: - -{ +{pkgs, ...}: { environment.systemPackages = with pkgs; [ # Enables files to be encrypted to age identities stored on YubiKeys age-plugin-yubikey @@ -17,7 +15,7 @@ pinentryPackage = pkgs.pinentry-curses; }; - # Use our yubikey as a user login or for sudo access + # Use our yubikey as a user login or for sudo access security.pam.services = { login.u2fAuth = true; sudo.u2fAuth = true; diff --git a/nixos/common/optional/persist.nix b/nixos/common/optional/persist.nix index d78f48a..bd218b5 100644 --- a/nixos/common/optional/persist.nix +++ b/nixos/common/optional/persist.nix @@ -1,6 +1,4 @@ -{ inputs, ... }: - -{ +{inputs, ...}: { imports = [ inputs.impermanence.nixosModules.impermanence ]; diff --git a/nixos/common/users/sajenim/default.nix b/nixos/common/users/sajenim/default.nix index 7660fa5..7e1678f 100644 --- a/nixos/common/users/sajenim/default.nix +++ b/nixos/common/users/sajenim/default.nix @@ -1,22 +1,26 @@ -{ inputs, outputs, pkgs, config, ... }: - { + inputs, + outputs, + pkgs, + config, + ... +}: { imports = [ inputs.home-manager.nixosModules.home-manager ]; users.users.sajenim = { - isNormalUser = true; - extraGroups = [ "audio" "docker" "networkmanager" "wheel" "adbusers" ]; - shell = pkgs.zsh; - openssh.authorizedKeys.keyFiles = [ - "${inputs.self}/home-manager/sajenim/sajenim_sk.pub" - ]; - hashedPassword = "$y$j9T$qIhW5qL9J9w.w6JWa.bGo/$oddG3HJyOZ1mwHzYnYPJ/MzN38oHEBEvPDc0sB3rAf9"; + isNormalUser = true; + extraGroups = ["audio" "docker" "networkmanager" "wheel" "adbusers"]; + shell = pkgs.zsh; + openssh.authorizedKeys.keyFiles = [ + "${inputs.self}/home-manager/sajenim/sajenim_sk.pub" + ]; + hashedPassword = "$y$j9T$qIhW5qL9J9w.w6JWa.bGo/$oddG3HJyOZ1mwHzYnYPJ/MzN38oHEBEvPDc0sB3rAf9"; }; users.mutableUsers = false; home-manager = { - extraSpecialArgs = { inherit inputs outputs; }; + extraSpecialArgs = {inherit inputs outputs;}; users = { sajenim = import "${inputs.self}/home-manager/sajenim/${config.networking.hostName}.nix"; }; diff --git a/nixos/common/users/sajenim/samba/default.nix b/nixos/common/users/sajenim/samba/default.nix index 1b554d9..9055fed 100644 --- a/nixos/common/users/sajenim/samba/default.nix +++ b/nixos/common/users/sajenim/samba/default.nix @@ -1,12 +1,14 @@ -{ pkgs, config, ... }: - { + pkgs, + config, + ... +}: { age.secrets.smb-secrets = { rekeyFile = ./smb-secrets.age; }; # For mount.cifs, required unless domain name resolution is not needed. - environment.systemPackages = [ pkgs.cifs-utils ]; + environment.systemPackages = [pkgs.cifs-utils]; fileSystems."/home/sajenim/.backup" = { device = "//192.168.20.4/sajenim"; @@ -14,12 +16,10 @@ options = let # this line prevents hanging on network split automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s,user,users"; - - in ["${automount_opts},credentials=/etc/nixos/smb-secrets,uid=1000,gid=100"]; + in ["${automount_opts},credentials=/etc/nixos/smb-secrets,uid=1000,gid=100"]; }; environment.etc = { "nixos/smb-secrets".source = config.age.secrets.smb-secrets.path; }; } - diff --git a/nixos/common/users/sajenim/steam/default.nix b/nixos/common/users/sajenim/steam/default.nix index ba578e0..bb6fcf7 100644 --- a/nixos/common/users/sajenim/steam/default.nix +++ b/nixos/common/users/sajenim/steam/default.nix @@ -1,6 +1,4 @@ -{ ... }: - -{ +{...}: { fileSystems."/home/sajenim/.local/share/Steam" = { device = "/dev/disk/by-label/data"; fsType = "btrfs"; diff --git a/nixos/common/users/spectre/default.nix b/nixos/common/users/spectre/default.nix index 57241bb..776c43e 100644 --- a/nixos/common/users/spectre/default.nix +++ b/nixos/common/users/spectre/default.nix @@ -1,13 +1,15 @@ -{ inputs, pkgs, ... }: - { + inputs, + pkgs, + ... +}: { imports = [ inputs.home-manager.nixosModules.home-manager ]; users.users.spectre = { - isNormalUser = true; - shell = pkgs.zsh; - hashedPassword = "$y$j9T$eCJ0MDPsx3tww9LP0LU8..$sE8u5keO7QNKNAR1t2R6GqsDzvGD0Xn9Fi3to14Gf9/"; + isNormalUser = true; + shell = pkgs.zsh; + hashedPassword = "$y$j9T$eCJ0MDPsx3tww9LP0LU8..$sE8u5keO7QNKNAR1t2R6GqsDzvGD0Xn9Fi3to14Gf9/"; }; users.mutableUsers = false; } diff --git a/nixos/fuchsia/configuration.nix b/nixos/fuchsia/configuration.nix index 5ea26b1..1ff9b8e 100644 --- a/nixos/fuchsia/configuration.nix +++ b/nixos/fuchsia/configuration.nix @@ -1,6 +1,4 @@ -{ pkgs, ... }: - -{ +{pkgs, ...}: { imports = [ ../common/global @@ -15,18 +13,18 @@ ./hardware-configuration.nix ]; - /* Boot configuration */ + # Boot configuration boot = { kernelPackages = pkgs.linuxPackages_latest; - kernelParams = [ + kernelParams = [ # Enable amdgpu driver sysfs API that allows fine grain control of GPU "amdgpu.ppfeaturemask=0xffffffff" ]; - kernelModules = [ "i2c-dev" "i2c-piix4" ]; - initrd.kernelModules = [ "amdgpu" ]; + kernelModules = ["i2c-dev" "i2c-piix4"]; + initrd.kernelModules = ["amdgpu"]; }; - /* Hardware configuration */ + # Hardware configuration hardware = { bluetooth = { enable = true; @@ -49,7 +47,7 @@ }; }; - /* Networking configuration */ + # Networking configuration networking = { hostName = "fuchsia"; networkmanager.enable = true; diff --git a/nixos/fuchsia/hardware-configuration.nix b/nixos/fuchsia/hardware-configuration.nix index b4742db..6cb0aad 100644 --- a/nixos/fuchsia/hardware-configuration.nix +++ b/nixos/fuchsia/hardware-configuration.nix @@ -1,14 +1,16 @@ -{ config, lib, ... }: - { + config, + lib, + ... +}: { imports = [ ../common/optional/ephemeral-btrfs.nix ]; boot = { initrd = { - availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ]; - kernelModules = [ "kvm-amd" ]; + availableKernelModules = ["nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod"]; + kernelModules = ["kvm-amd"]; }; loader = { systemd-boot.enable = true; @@ -25,8 +27,9 @@ }; swapDevices = [ - { device = "/swap/swapfile"; - size = 16*1024; + { + device = "/swap/swapfile"; + size = 16 * 1024; } ]; diff --git a/nixos/fuchsia/programs/default.nix b/nixos/fuchsia/programs/default.nix index 033c41f..d22ced8 100644 --- a/nixos/fuchsia/programs/default.nix +++ b/nixos/fuchsia/programs/default.nix @@ -1,6 +1,4 @@ -{ ... }: - -{ +{...}: { programs = { zsh.enable = true; # Load and unload environment variables. @@ -9,4 +7,3 @@ adb.enable = true; }; } - diff --git a/nixos/fuchsia/services/amdgpu-clocks.nix b/nixos/fuchsia/services/amdgpu-clocks.nix index f0a89e4..2ffadac 100644 --- a/nixos/fuchsia/services/amdgpu-clocks.nix +++ b/nixos/fuchsia/services/amdgpu-clocks.nix @@ -1,6 +1,4 @@ -{ pkgs, ... }: - -{ +{pkgs, ...}: { # Our custom power state environment.etc = { "default/amdgpu-custom-states.card0" = { @@ -26,6 +24,5 @@ }; # Install our overclocking script. - environment.systemPackages = with pkgs; [ amdgpu-clocks ]; + environment.systemPackages = with pkgs; [amdgpu-clocks]; } - diff --git a/nixos/fuchsia/services/default.nix b/nixos/fuchsia/services/default.nix index d402afb..98ec064 100644 --- a/nixos/fuchsia/services/default.nix +++ b/nixos/fuchsia/services/default.nix @@ -1,6 +1,4 @@ -{ ... }: - -{ +{...}: { imports = [ ./amdgpu-clocks.nix ./flatpak.nix diff --git a/nixos/fuchsia/services/flatpak.nix b/nixos/fuchsia/services/flatpak.nix index 974f133..01d397d 100644 --- a/nixos/fuchsia/services/flatpak.nix +++ b/nixos/fuchsia/services/flatpak.nix @@ -1,11 +1,9 @@ -{ pkgs, ... }: - -{ +{pkgs, ...}: { # Required to install flatpak xdg.portal = { enable = true; - config.common.default = [ "gtk" ]; - extraPortals = [ pkgs.xdg-desktop-portal-wlr ]; + config.common.default = ["gtk"]; + extraPortals = [pkgs.xdg-desktop-portal-wlr]; }; services.flatpak.enable = true; diff --git a/nixos/fuchsia/services/libinput.nix b/nixos/fuchsia/services/libinput.nix index c2e056c..5cf6a28 100644 --- a/nixos/fuchsia/services/libinput.nix +++ b/nixos/fuchsia/services/libinput.nix @@ -1,9 +1,7 @@ -{ ... }: - -{ +{...}: { services.libinput = { enable = true; - mouse = { accelProfile = "flat"; }; + mouse = {accelProfile = "flat";}; }; # DBus daemon to configure input devices. diff --git a/nixos/fuchsia/services/ollama.nix b/nixos/fuchsia/services/ollama.nix index 733432d..aaa7917 100644 --- a/nixos/fuchsia/services/ollama.nix +++ b/nixos/fuchsia/services/ollama.nix @@ -1,6 +1,4 @@ -{ ... }: - -{ +{...}: { # Get up and running with large language models locally. services.ollama = { enable = true; diff --git a/nixos/fuchsia/services/udev.nix b/nixos/fuchsia/services/udev.nix index 5ecb734..b97a004 100644 --- a/nixos/fuchsia/services/udev.nix +++ b/nixos/fuchsia/services/udev.nix @@ -1,6 +1,4 @@ -{ pkgs, ... }: - -{ +{pkgs, ...}: { # Enable necessary udev rules. services.udev.packages = with pkgs; [ openrgb diff --git a/nixos/fuchsia/services/xserver.nix b/nixos/fuchsia/services/xserver.nix index 126a074..4caf225 100644 --- a/nixos/fuchsia/services/xserver.nix +++ b/nixos/fuchsia/services/xserver.nix @@ -1,11 +1,9 @@ -{ ... }: - -{ +{...}: { # Setup our display server services.xserver = { enable = true; xkb.layout = "au"; - videoDrivers = [ "amdgpu" ]; + videoDrivers = ["amdgpu"]; displayManager.startx.enable = true; }; } diff --git a/nixos/viridian/configuration.nix b/nixos/viridian/configuration.nix index b30eedc..05ce351 100644 --- a/nixos/viridian/configuration.nix +++ b/nixos/viridian/configuration.nix @@ -1,6 +1,4 @@ -{ pkgs, ... }: - -{ +{pkgs, ...}: { imports = [ ../common/global ../common/users/sajenim @@ -33,24 +31,24 @@ enable = true; allowPing = true; allowedTCPPorts = [ - 53 # adguardhome (DNS) - 80 # traefik (HTTP) - 443 # traefik (HTTPS) + 53 # adguardhome (DNS) + 80 # traefik (HTTP) + 443 # traefik (HTTPS) 32372 # qbittorrent - 6600 # mpd + 6600 # mpd ]; allowedUDPPorts = [ - 53 # adguardhome (DNS) - 80 # traefik (HTTP) - 443 # traefik (HTTPS) + 53 # adguardhome (DNS) + 80 # traefik (HTTP) + 443 # traefik (HTTPS) 32372 # qbittorrent 51820 # Wireguard - 6600 # mpd + 6600 # mpd ]; }; }; - programs = { + programs = { zsh.enable = true; }; @@ -65,4 +63,3 @@ # https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion system.stateVersion = "24.05"; } - diff --git a/nixos/viridian/containers/default.nix b/nixos/viridian/containers/default.nix index 48a91aa..433c9ba 100644 --- a/nixos/viridian/containers/default.nix +++ b/nixos/viridian/containers/default.nix @@ -1,6 +1,4 @@ -{ ... }: - -{ +{...}: { imports = [ ./jellyfin.nix ./jellyseerr.nix diff --git a/nixos/viridian/containers/jellyfin.nix b/nixos/viridian/containers/jellyfin.nix index 389f5fc..d7664de 100644 --- a/nixos/viridian/containers/jellyfin.nix +++ b/nixos/viridian/containers/jellyfin.nix @@ -1,8 +1,6 @@ -{ ... }: -let +{...}: let port = "8096"; -in -{ +in { virtualisation.oci-containers.containers = { # Volunteer-built media solution that puts you in control of your media jellyfin = { @@ -35,7 +33,7 @@ in services.traefik.dynamicConfigOptions.http.routers = { jellyfin = { - rule = "Host(`jellyfin.kanto.dev`)"; + rule = "Host(`jellyfin.kanto.dev`)"; entryPoints = [ "websecure" ]; @@ -48,8 +46,7 @@ in services.traefik.dynamicConfigOptions.http.services = { jellyfin.loadBalancer.servers = [ - { url = "http://127.0.0.1:${port}"; } + {url = "http://127.0.0.1:${port}";} ]; }; } - diff --git a/nixos/viridian/containers/jellyseerr.nix b/nixos/viridian/containers/jellyseerr.nix index e06c7f4..47bb4c5 100644 --- a/nixos/viridian/containers/jellyseerr.nix +++ b/nixos/viridian/containers/jellyseerr.nix @@ -1,8 +1,6 @@ -{ ... }: -let +{...}: let port = "5055"; -in -{ +in { virtualisation.oci-containers.containers = { # Request management jellyseerr = { @@ -39,8 +37,7 @@ in services.traefik.dynamicConfigOptions.http.services = { jellyseerr.loadBalancer.servers = [ - { url = "http://127.0.0.1:${port}"; } + {url = "http://127.0.0.1:${port}";} ]; }; } - diff --git a/nixos/viridian/containers/lidarr.nix b/nixos/viridian/containers/lidarr.nix index f38b396..6956a96 100644 --- a/nixos/viridian/containers/lidarr.nix +++ b/nixos/viridian/containers/lidarr.nix @@ -1,8 +1,6 @@ -{ ... }: -let +{...}: let port = "8686"; -in -{ +in { virtualisation.oci-containers.containers = { # # Music collection manager for Usenet and BitTorrent users lidarr = { @@ -42,8 +40,7 @@ in services.traefik.dynamicConfigOptions.http.services = { lidarr.loadBalancer.servers = [ - { url = "http://127.0.0.1:${port}"; } + {url = "http://127.0.0.1:${port}";} ]; }; } - diff --git a/nixos/viridian/containers/mealie.nix b/nixos/viridian/containers/mealie.nix index 34b550e..0e8b75e 100644 --- a/nixos/viridian/containers/mealie.nix +++ b/nixos/viridian/containers/mealie.nix @@ -1,8 +1,6 @@ -{ ... }: -let +{...}: let port = "9925"; -in -{ +in { virtualisation.oci-containers.containers = { mealie = { autoStart = true; @@ -29,7 +27,7 @@ in services.traefik.dynamicConfigOptions.http.routers = { mealie = { - rule = "Host(`mealie.kanto.dev`)"; + rule = "Host(`mealie.kanto.dev`)"; entryPoints = [ "websecure" ]; @@ -43,9 +41,7 @@ in services.traefik.dynamicConfigOptions.http.services = { mealie.loadBalancer.servers = [ - { url = "http://127.0.0.1:${port}"; } + {url = "http://127.0.0.1:${port}";} ]; }; - } - diff --git a/nixos/viridian/containers/microbin/default.nix b/nixos/viridian/containers/microbin/default.nix index baf1728..26e3316 100644 --- a/nixos/viridian/containers/microbin/default.nix +++ b/nixos/viridian/containers/microbin/default.nix @@ -1,13 +1,11 @@ -{ config, ... }: -let +{config, ...}: let port = "8181"; -in -{ +in { age.secrets.microbin = { - # Environment variables for microbin - rekeyFile = ./environment.age; - owner = "sajenim"; - group = "users"; + # Environment variables for microbin + rekeyFile = ./environment.age; + owner = "sajenim"; + group = "users"; }; virtualisation.oci-containers.containers = { @@ -43,8 +41,7 @@ in services.traefik.dynamicConfigOptions.http.services = { microbin.loadBalancer.servers = [ - { url = "http://127.0.0.1:${port}"; } + {url = "http://127.0.0.1:${port}";} ]; }; } - diff --git a/nixos/viridian/containers/prowlarr.nix b/nixos/viridian/containers/prowlarr.nix index 25474ec..5651cc4 100644 --- a/nixos/viridian/containers/prowlarr.nix +++ b/nixos/viridian/containers/prowlarr.nix @@ -1,8 +1,6 @@ -{ ... }: -let +{...}: let port = "9696"; -in -{ +in { virtualisation.oci-containers.containers = { # Indexer manager/proxy built on the popular arr .net/reactjs base stack to integrate with your various PVR apps. prowlarr = { @@ -36,11 +34,10 @@ in service = "prowlarr"; }; }; - + services.traefik.dynamicConfigOptions.http.services = { prowlarr.loadBalancer.servers = [ - { url = "http://127.0.0.1:${port}"; } + {url = "http://127.0.0.1:${port}";} ]; }; } - diff --git a/nixos/viridian/containers/qbittorrent.nix b/nixos/viridian/containers/qbittorrent.nix index 904afb4..f31b9af 100644 --- a/nixos/viridian/containers/qbittorrent.nix +++ b/nixos/viridian/containers/qbittorrent.nix @@ -1,16 +1,14 @@ -{ ... }: -let +{...}: let port = "8487"; -in -{ +in { virtualisation.oci-containers.containers = { # # Open-source software alternative to µTorrent qbittorrent = { autoStart = true; image = "ghcr.io/hotio/qbittorrent:release-4.6.5"; ports = [ - "${port}:8080/tcp" # WebUI - "32372:32372/tcp" # Transport protocol + "${port}:8080/tcp" # WebUI + "32372:32372/tcp" # Transport protocol ]; volumes = [ # Seedbox @@ -42,8 +40,7 @@ in services.traefik.dynamicConfigOptions.http.services = { qbittorrent.loadBalancer.servers = [ - { url = "http://127.0.0.1:${port}"; } + {url = "http://127.0.0.1:${port}";} ]; }; } - diff --git a/nixos/viridian/containers/radarr.nix b/nixos/viridian/containers/radarr.nix index 62dbf84..acf8a05 100644 --- a/nixos/viridian/containers/radarr.nix +++ b/nixos/viridian/containers/radarr.nix @@ -1,8 +1,6 @@ -{ ... }: -let +{...}: let port = "7878"; -in -{ +in { virtualisation.oci-containers.containers = { # Movie collection manager for Usenet and BitTorrent users radarr = { @@ -41,8 +39,7 @@ in services.traefik.dynamicConfigOptions.http.services = { radarr.loadBalancer.servers = [ - { url = "http://127.0.0.1:${port}"; } + {url = "http://127.0.0.1:${port}";} ]; }; } - diff --git a/nixos/viridian/containers/recyclarr.nix b/nixos/viridian/containers/recyclarr.nix index ed6d5b8..cd7aa60 100644 --- a/nixos/viridian/containers/recyclarr.nix +++ b/nixos/viridian/containers/recyclarr.nix @@ -1,6 +1,4 @@ -{ ... }: - -{ +{...}: { virtualisation.oci-containers.containers = { # Automatically synchronize recommended settings from the TRaSH guides to your Sonarr/Radarr instances recyclarr = { diff --git a/nixos/viridian/containers/sonarr.nix b/nixos/viridian/containers/sonarr.nix index 1ae52a7..be5faed 100644 --- a/nixos/viridian/containers/sonarr.nix +++ b/nixos/viridian/containers/sonarr.nix @@ -1,8 +1,6 @@ -{ ... }: -let +{...}: let port = "8989"; -in -{ +in { virtualisation.oci-containers.containers = { # PVR for Usenet and BitTorrent users sonarr = { @@ -42,8 +40,7 @@ in services.traefik.dynamicConfigOptions.http.services = { sonarr.loadBalancer.servers = [ - { url = "http://127.0.0.1:${port}"; } + {url = "http://127.0.0.1:${port}";} ]; }; } - diff --git a/nixos/viridian/hardware-configuration.nix b/nixos/viridian/hardware-configuration.nix index 956f1f7..5a4ea4c 100644 --- a/nixos/viridian/hardware-configuration.nix +++ b/nixos/viridian/hardware-configuration.nix @@ -1,16 +1,18 @@ -{ config, lib, ... }: -let - hostname = config.networking.hostName; -in { + config, + lib, + ... +}: let + hostname = config.networking.hostName; +in { imports = [ ../common/optional/ephemeral-btrfs.nix ]; boot = { initrd = { - availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ]; - kernelModules = [ "kvm-intel" ]; + availableKernelModules = ["xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod"]; + kernelModules = ["kvm-intel"]; }; loader = { systemd-boot.enable = true; @@ -21,12 +23,12 @@ in }; }; - fileSystems."/boot" = { + fileSystems."/boot" = { device = "/dev/disk/by-label/ESP"; fsType = "vfat"; }; - fileSystems."/srv/multimedia" = { + fileSystems."/srv/multimedia" = { device = "/dev/disk/by-label/multimedia"; fsType = "ext4"; }; @@ -34,30 +36,31 @@ in fileSystems."/srv/containers" = { device = "/dev/disk/by-label/${hostname}"; fsType = "btrfs"; - options = [ "subvol=containers" "compress=zstd" ]; + options = ["subvol=containers" "compress=zstd"]; }; fileSystems."/srv/services" = { device = "/dev/disk/by-label/${hostname}"; fsType = "btrfs"; - options = [ "subvol=services" "compress=zstd" ]; + options = ["subvol=services" "compress=zstd"]; }; fileSystems."/srv/shares" = { device = "/dev/disk/by-label/data"; fsType = "btrfs"; - options = [ "subvol=shares" "compress=zstd" ]; + options = ["subvol=shares" "compress=zstd"]; }; fileSystems."/srv/backup" = { device = "/dev/disk/by-label/data"; fsType = "btrfs"; - options = [ "subvol=backup" "compress=zstd" ]; + options = ["subvol=backup" "compress=zstd"]; }; - swapDevices = [ - { device = "/swap/swapfile"; - size = 16*1024; + swapDevices = [ + { + device = "/swap/swapfile"; + size = 16 * 1024; } ]; diff --git a/nixos/viridian/services/borgbackup.nix b/nixos/viridian/services/borgbackup.nix index d3057a5..d2a226f 100644 --- a/nixos/viridian/services/borgbackup.nix +++ b/nixos/viridian/services/borgbackup.nix @@ -1,6 +1,4 @@ -{ ... }: - -{ +{...}: { services.borgbackup.jobs = { containers = { paths = [ @@ -33,4 +31,3 @@ }; }; } - diff --git a/nixos/viridian/services/crowdsec/default.nix b/nixos/viridian/services/crowdsec/default.nix index 8b5fcaf..b8471d3 100644 --- a/nixos/viridian/services/crowdsec/default.nix +++ b/nixos/viridian/services/crowdsec/default.nix @@ -1,8 +1,11 @@ -{ config, inputs, pkgs, ... }: -let - port = "8080"; -in { + config, + inputs, + pkgs, + ... +}: let + port = "8080"; +in { imports = [ inputs.crowdsec.nixosModules.crowdsec inputs.crowdsec.nixosModules.crowdsec-firewall-bouncer @@ -86,9 +89,12 @@ in environment.persistence."/persist" = { directories = [ - { directory = "/var/lib/crowdsec"; user = "crowdsec"; group = "crowdsec"; } + { + directory = "/var/lib/crowdsec"; + user = "crowdsec"; + group = "crowdsec"; + } ]; hideMounts = true; }; } - diff --git a/nixos/viridian/services/default.nix b/nixos/viridian/services/default.nix index aa4cc04..148afef 100644 --- a/nixos/viridian/services/default.nix +++ b/nixos/viridian/services/default.nix @@ -1,6 +1,4 @@ -{ ... }: - -{ +{...}: { imports = [ ./traefik ./crowdsec diff --git a/nixos/viridian/services/forgejo.nix b/nixos/viridian/services/forgejo.nix index 75f5be5..6890c4a 100644 --- a/nixos/viridian/services/forgejo.nix +++ b/nixos/viridian/services/forgejo.nix @@ -1,6 +1,4 @@ -{ config, ... }: - -{ +{config, ...}: { services.forgejo = { enable = true; stateDir = "/srv/services/forgejo"; @@ -34,8 +32,7 @@ services.traefik.dynamicConfigOptions.http.services = { forgejo.loadBalancer.servers = [ - { url = "http://127.0.0.1:${toString config.services.forgejo.settings.server.HTTP_PORT}"; } + {url = "http://127.0.0.1:${toString config.services.forgejo.settings.server.HTTP_PORT}";} ]; }; } - diff --git a/nixos/viridian/services/grafana.nix b/nixos/viridian/services/grafana.nix index 2e74e7e..e457450 100644 --- a/nixos/viridian/services/grafana.nix +++ b/nixos/viridian/services/grafana.nix @@ -1,6 +1,4 @@ -{ config, ... }: - -{ +{config, ...}: { # Setup grafana our grafana instance. services.grafana = { enable = true; @@ -24,13 +22,15 @@ # Setup our database for grafana. services.mysql = { - ensureUsers = [{ - name = "grafana"; - ensurePermissions = { - "grafana.*" = "ALL PRIVILEGES"; - }; - }]; - ensureDatabases = [ "grafana" ]; + ensureUsers = [ + { + name = "grafana"; + ensurePermissions = { + "grafana.*" = "ALL PRIVILEGES"; + }; + } + ]; + ensureDatabases = ["grafana"]; }; # Setup our traefik router. @@ -50,7 +50,7 @@ # Setup our traefik service. services.traefik.dynamicConfigOptions.http.services = { grafana.loadBalancer.servers = [ - { url = "http://127.0.0.1:${toString config.services.grafana.settings.server.http_port}"; } + {url = "http://127.0.0.1:${toString config.services.grafana.settings.server.http_port}";} ]; }; } diff --git a/nixos/viridian/services/lighttpd.nix b/nixos/viridian/services/lighttpd.nix index db73952..ec976b8 100644 --- a/nixos/viridian/services/lighttpd.nix +++ b/nixos/viridian/services/lighttpd.nix @@ -1,6 +1,4 @@ -{ config, ... }: - -{ +{config, ...}: { services.lighttpd = { enable = true; port = 5624; @@ -23,8 +21,7 @@ services.traefik.dynamicConfigOptions.http.services = { lighttpd.loadBalancer.servers = [ - { url = "http://127.0.0.1:${toString config.services.lighttpd.port}"; } + {url = "http://127.0.0.1:${toString config.services.lighttpd.port}";} ]; }; } - diff --git a/nixos/viridian/services/minecraft/default.nix b/nixos/viridian/services/minecraft/default.nix index 5297994..3e9748e 100644 --- a/nixos/viridian/services/minecraft/default.nix +++ b/nixos/viridian/services/minecraft/default.nix @@ -1,5 +1,10 @@ -{ inputs, pkgs, lib, config, ... }: -let +{ + inputs, + pkgs, + lib, + config, + ... +}: let modpack = pkgs.fetchPackwizModpack rec { version = "7091175a49"; url = "https://git.sajenim.dev/jasmine/minecraft-modpack/raw/commit/${version}/pack.toml"; @@ -7,9 +12,8 @@ let }; mcVersion = modpack.manifest.versions.minecraft; fabricVersion = modpack.manifest.versions.fabric; - serverVersion = lib.replaceStrings [ "." ] [ "_" ] "fabric-${mcVersion}"; -in -{ + serverVersion = lib.replaceStrings ["."] ["_"] "fabric-${mcVersion}"; +in { imports = [ inputs.nix-minecraft.nixosModules.minecraft-servers ]; @@ -27,7 +31,7 @@ in kanto = { enable = true; # The minecraft server package to use. - package = pkgs.fabricServers.${serverVersion}.override { loaderVersion = fabricVersion; }; # Specific fabric loader version. + package = pkgs.fabricServers.${serverVersion}.override {loaderVersion = fabricVersion;}; # Specific fabric loader version. # Allowed players whitelist = { @@ -46,10 +50,10 @@ in server-port = 25565; white-list = true; }; - + # Things to symlink into this server's data directory. symlinks = { - "mods" = "${modpack}/mods"; + "mods" = "${modpack}/mods"; }; # Things to copy into this server's data directory. @@ -90,8 +94,7 @@ in services.traefik.dynamicConfigOptions.http.services = { minecraft.loadBalancer.servers = [ - { url = "http://127.0.0.1:${toString config.services.minecraft-servers.servers.kanto.serverProperties.server-port}"; } + {url = "http://127.0.0.1:${toString config.services.minecraft-servers.servers.kanto.serverProperties.server-port}";} ]; }; } - diff --git a/nixos/viridian/services/mpd.nix b/nixos/viridian/services/mpd.nix index 5665d69..2370e7d 100644 --- a/nixos/viridian/services/mpd.nix +++ b/nixos/viridian/services/mpd.nix @@ -1,6 +1,4 @@ -{ ... }: - -{ +{...}: { services.mpd = { enable = true; musicDirectory = "/srv/multimedia/library/music"; @@ -28,7 +26,7 @@ }; networking.firewall = { # # for NFSv3; view with `rpcinfo -p` - allowedTCPPorts = [ 111 2049 4000 4001 4002 20048 ]; - allowedUDPPorts = [ 111 2049 4000 4001 4002 20048 ]; + allowedTCPPorts = [111 2049 4000 4001 4002 20048]; + allowedUDPPorts = [111 2049 4000 4001 4002 20048]; }; } diff --git a/nixos/viridian/services/mysql.nix b/nixos/viridian/services/mysql.nix index 30c62fa..3ca4267 100644 --- a/nixos/viridian/services/mysql.nix +++ b/nixos/viridian/services/mysql.nix @@ -1,10 +1,7 @@ -{ pkgs, ... }: - -{ +{pkgs, ...}: { services.mysql = { enable = true; package = pkgs.mariadb; dataDir = "/srv/services/mysql"; }; } - diff --git a/nixos/viridian/services/prometheus.nix b/nixos/viridian/services/prometheus.nix index 339a0f9..38a67aa 100644 --- a/nixos/viridian/services/prometheus.nix +++ b/nixos/viridian/services/prometheus.nix @@ -1,9 +1,7 @@ -{ config, ... }: - -{ +{config, ...}: { services.prometheus = { enable = true; - port = 9001; # Port to listen on. + port = 9001; # Port to listen on. # Valid in all configuration contexts, defaults for other configuration sections. globalConfig = { @@ -14,7 +12,7 @@ exporters = { node = { enable = true; - enabledCollectors = [ "systemd" "processes" ]; + enabledCollectors = ["systemd" "processes"]; port = 9100; }; }; @@ -23,11 +21,12 @@ scrapeConfigs = [ { job_name = "node"; - static_configs = [{ - targets = [ "127.0.0.1:${toString config.services.prometheus.exporters.node.port}" ]; - }]; + static_configs = [ + { + targets = ["127.0.0.1:${toString config.services.prometheus.exporters.node.port}"]; + } + ]; } ]; }; } - diff --git a/nixos/viridian/services/samba.nix b/nixos/viridian/services/samba.nix index 0486522..ca92a52 100644 --- a/nixos/viridian/services/samba.nix +++ b/nixos/viridian/services/samba.nix @@ -1,6 +1,4 @@ -{ ... }: - -{ +{...}: { services.samba = { enable = true; securityType = "user"; @@ -9,7 +7,7 @@ workgroup = WORKGROUP server string = smbnix netbios name = smbnix - security = user + security = user #use sendfile = yes #max protocol = smb2 # note: localhost is the ipv6 localhost ::1 @@ -47,5 +45,5 @@ openFirewall = true; }; - environment.persistence."/persist".directories = [ "/var/lib/samba" ]; + environment.persistence."/persist".directories = ["/var/lib/samba"]; } diff --git a/nixos/viridian/services/traefik/default.nix b/nixos/viridian/services/traefik/default.nix index f10cb0e..5466e9d 100644 --- a/nixos/viridian/services/traefik/default.nix +++ b/nixos/viridian/services/traefik/default.nix @@ -1,7 +1,10 @@ -{ inputs, config, pkgs, ... }: - { - disabledModules = [ "services/web-servers/traefik.nix" ]; + inputs, + config, + pkgs, + ... +}: { + disabledModules = ["services/web-servers/traefik.nix"]; imports = [ "${inputs.nixpkgs-unstable}/nixos/modules/services/web-servers/traefik.nix" @@ -86,12 +89,14 @@ # List of domains in our network domains = [ # Internal services - { main = "kanto.dev"; - sans = [ "*.kanto.dev" ]; + { + main = "kanto.dev"; + sans = ["*.kanto.dev"]; } # Public services - { main = "sajenim.dev"; - sans = [ "*.sajenim.dev" ]; + { + main = "sajenim.dev"; + sans = ["*.sajenim.dev"]; } ]; }; @@ -106,7 +111,7 @@ metrics = { prometheus = { entryPoint = "metrics"; - buckets = [ "0.1" "0.3" "1.2" "5.0" ]; + buckets = ["0.1" "0.3" "1.2" "5.0"]; addEntryPointsLabels = true; addRoutersLabels = true; addServicesLabels = true; @@ -144,20 +149,33 @@ services.prometheus.scrapeConfigs = [ { job_name = "traefik"; - static_configs = [{ - targets = [ "127.0.0.1:8082" ]; - }]; + static_configs = [ + { + targets = ["127.0.0.1:8082"]; + } + ]; } ]; # Persist our traefik data & logs environment.persistence."/persist" = { directories = [ - { directory = "/var/lib/traefik"; user = "traefik"; group = "traefik"; } - { directory = "/var/log/traefik"; user = "traefik"; group = "traefik"; } - { directory = "/plugins-storage"; user = "traefik"; group = "traefik"; } + { + directory = "/var/lib/traefik"; + user = "traefik"; + group = "traefik"; + } + { + directory = "/var/log/traefik"; + user = "traefik"; + group = "traefik"; + } + { + directory = "/plugins-storage"; + user = "traefik"; + group = "traefik"; + } ]; hideMounts = true; }; } - diff --git a/nixos/viridian/services/traefik/middlewares.nix b/nixos/viridian/services/traefik/middlewares.nix index a525832..cc0becb 100644 --- a/nixos/viridian/services/traefik/middlewares.nix +++ b/nixos/viridian/services/traefik/middlewares.nix @@ -1,6 +1,4 @@ -{ config, ... }: - -{ +{config, ...}: { # Crowdsec Local API key for the bouncer. age.secrets.traefik-bouncer-key = { rekeyFile = ../crowdsec/traefik-bouncer-key.age; @@ -12,7 +10,7 @@ services.traefik.dynamicConfigOptions.http.middlewares = { # Restrict access to internal networks internal.ipwhitelist.sourcerange = [ - "127.0.0.1/32" # localhost + "127.0.0.1/32" # localhost "192.168.20.1/24" # lan ]; @@ -49,7 +47,7 @@ crowdsec.plugin.bouncer = { enabled = "true"; crowdsecMode = "appsec"; - crowdsecLapiKeyFile = config.age.secrets.traefik-bouncer-key.path; + crowdsecLapiKeyFile = config.age.secrets.traefik-bouncer-key.path; crowdsecLapiScheme = "http"; crowdsecLapiHost = "127.0.0.1:8080"; crowdsecAppsecEnabled = "true"; @@ -57,4 +55,3 @@ }; }; } - diff --git a/nixos/viridian/services/traefik/routers.nix b/nixos/viridian/services/traefik/routers.nix index 0b711fd..0fa790c 100644 --- a/nixos/viridian/services/traefik/routers.nix +++ b/nixos/viridian/services/traefik/routers.nix @@ -1,6 +1,4 @@ -{ ... }: - -{ +{...}: { services.traefik.dynamicConfigOptions.http.routers = { traefik-dashboard = { rule = "Host(`traefik.kanto.dev`)"; @@ -25,4 +23,3 @@ }; }; } - diff --git a/nixos/viridian/services/traefik/services.nix b/nixos/viridian/services/traefik/services.nix index 9ad772b..b03fc0c 100644 --- a/nixos/viridian/services/traefik/services.nix +++ b/nixos/viridian/services/traefik/services.nix @@ -1,10 +1,7 @@ -{ ... }: - -{ +{...}: { services.traefik.dynamicConfigOptions.http.services = { ender1.loadBalancer.servers = [ - { url = "http://192.168.1.103:80"; } + {url = "http://192.168.1.103:80";} ]; }; } - diff --git a/overlays/default.nix b/overlays/default.nix index 9466703..7bfcb4c 100644 --- a/overlays/default.nix +++ b/overlays/default.nix @@ -1,7 +1,5 @@ # This file defines overlays -{ inputs, ... }: - -{ +{inputs, ...}: { # This one brings our custom packages from the 'pkgs' directory additions = final: _prev: import ../pkgs final.pkgs; diff --git a/pkgs/amdgpu-clocks/default.nix b/pkgs/amdgpu-clocks/default.nix index a049817..d21d6be 100644 --- a/pkgs/amdgpu-clocks/default.nix +++ b/pkgs/amdgpu-clocks/default.nix @@ -1,27 +1,27 @@ -{ stdenv -, lib -, fetchFromGitHub -, bash -, subversion -, makeWrapper +{ + stdenv, + lib, + fetchFromGitHub, + bash, + subversion, + makeWrapper, }: - stdenv.mkDerivation { - pname = "amdgpu-clocks"; - version = "973139a"; - src = fetchFromGitHub { - # https://github.com/sibradzic/amdgpu-clocks - owner = "sibradzic"; - repo = "amdgpu-clocks"; - rev = "973139a5933bd315aa99332b642305ef5ef49a32"; - sha256 = "sha256-mZV4ECNG9X6SDIWl6P0nHrxa4kGU1h/hFdMcswbEYrk="; - }; - buildInputs = [ bash subversion ]; - nativeBuildInputs = [ makeWrapper ]; - installPhase = '' - mkdir -p $out/bin - cp amdgpu-clocks $out/bin/amdgpu-clocks - wrapProgram $out/bin/amdgpu-clocks \ - --prefix PATH : ${lib.makeBinPath [ bash subversion ]} - ''; - } - +stdenv.mkDerivation { + pname = "amdgpu-clocks"; + version = "973139a"; + src = fetchFromGitHub { + # https://github.com/sibradzic/amdgpu-clocks + owner = "sibradzic"; + repo = "amdgpu-clocks"; + rev = "973139a5933bd315aa99332b642305ef5ef49a32"; + sha256 = "sha256-mZV4ECNG9X6SDIWl6P0nHrxa4kGU1h/hFdMcswbEYrk="; + }; + buildInputs = [bash subversion]; + nativeBuildInputs = [makeWrapper]; + installPhase = '' + mkdir -p $out/bin + cp amdgpu-clocks $out/bin/amdgpu-clocks + wrapProgram $out/bin/amdgpu-clocks \ + --prefix PATH : ${lib.makeBinPath [bash subversion]} + ''; +} diff --git a/pkgs/default.nix b/pkgs/default.nix index 58b5c32..0a16cb0 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -1,8 +1,7 @@ # Custom packages, that can be defined similarly to ones from nixpkgs # You can build them using 'nix build .#example' - pkgs: { - xmobar = pkgs.callPackage ./xmobar-config { }; - xmonad = pkgs.callPackage ./xmonad-config { }; - amdgpu-clocks = pkgs.callPackage ./amdgpu-clocks { }; + xmobar = pkgs.callPackage ./xmobar-config {}; + xmonad = pkgs.callPackage ./xmonad-config {}; + amdgpu-clocks = pkgs.callPackage ./amdgpu-clocks {}; } diff --git a/pkgs/xmobar-config/default.nix b/pkgs/xmobar-config/default.nix index a6dd3cf..a414727 100644 --- a/pkgs/xmobar-config/default.nix +++ b/pkgs/xmobar-config/default.nix @@ -1,5 +1,4 @@ -{ pkgs }: - +{pkgs}: pkgs.haskellPackages.developPackage { root = ./.; } diff --git a/pkgs/xmobar-config/shell.nix b/pkgs/xmobar-config/shell.nix index e62ec28..fc5f52c 100644 --- a/pkgs/xmobar-config/shell.nix +++ b/pkgs/xmobar-config/shell.nix @@ -1,4 +1,4 @@ -{ pkgs ? import {} }: - pkgs.mkShell { - nativeBuildInputs = with pkgs.buildPackages; [ cabal-install ghc ]; +{pkgs ? import {}}: +pkgs.mkShell { + nativeBuildInputs = with pkgs.buildPackages; [cabal-install ghc]; } diff --git a/pkgs/xmonad-config/default.nix b/pkgs/xmonad-config/default.nix index 35b82c2..251e2f3 100644 --- a/pkgs/xmonad-config/default.nix +++ b/pkgs/xmonad-config/default.nix @@ -1,12 +1,10 @@ -{ pkgs }: - +{pkgs}: pkgs.haskellPackages.developPackage { root = ./.; source-overrides = { - xmonad = (builtins.fetchTarball { + xmonad = builtins.fetchTarball { url = "https://github.com/xmonad/xmonad/archive/refs/tags/v0.18.0.tar.gz"; sha256 = "0jlc60n5jarcxgjxm1vcsgc3s2lwmn3c3n56hialhzx54wfskkbc"; - }); + }; }; } - diff --git a/pkgs/xmonad-config/shell.nix b/pkgs/xmonad-config/shell.nix index e62ec28..fc5f52c 100644 --- a/pkgs/xmonad-config/shell.nix +++ b/pkgs/xmonad-config/shell.nix @@ -1,4 +1,4 @@ -{ pkgs ? import {} }: - pkgs.mkShell { - nativeBuildInputs = with pkgs.buildPackages; [ cabal-install ghc ]; +{pkgs ? import {}}: +pkgs.mkShell { + nativeBuildInputs = with pkgs.buildPackages; [cabal-install ghc]; }