diff --git a/.envrc b/.envrc index a0818f4..3550a30 100644 --- a/.envrc +++ b/.envrc @@ -1,2 +1 @@ -# shellcheck disable=SC2148 use flake diff --git a/.known_hosts b/.known_hosts new file mode 100644 index 0000000..59a5409 --- /dev/null +++ b/.known_hosts @@ -0,0 +1 @@ +etna ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEnkKSd4IV+PM88WKHHfEhSTlknHT0FVXzA0JUcCzOp+ \ No newline at end of file diff --git a/configs/client.nix b/configs/client.nix index 6e5383c..64d993f 100644 --- a/configs/client.nix +++ b/configs/client.nix @@ -1,5 +1,4 @@ -{ pkgs, ... }: -{ +{pkgs, ...}: { imports = [ ./common.nix @@ -8,16 +7,16 @@ ]; environment.systemPackages = with pkgs; [ - (ffmpeg-full.override { withUnfree = true; }) + (ffmpeg-full.override {withUnfree = true;}) fastfetch lazygit - nixd + nil ]; hm.programs.keychain = { enable = true; - agents = [ "ssh" ]; - keys = [ "id_ed25519" ]; + agents = ["ssh"]; + keys = ["id_ed25519"]; }; networking = { @@ -25,7 +24,7 @@ networkmanager = { enable = true; dns = "systemd-resolved"; - plugins = [ pkgs.networkmanager-fortisslvpn ]; + plugins = [pkgs.networkmanager-fortisslvpn]; }; }; diff --git a/configs/common.nix b/configs/common.nix index f7ad2d4..c0291e4 100644 --- a/configs/common.nix +++ b/configs/common.nix @@ -10,25 +10,20 @@ vencord, hydro, ... -}: -let +}: let username = "leo"; stateVersion = "24.11"; - rootPassword = _utils.setupSingleSecret config "rootPassword" { }; + rootPassword = _utils.setupSingleSecret config "rootPassword" {}; secrets = _utils.setupSharedSecrets config { - secrets = [ - "userPassword" - "tailscaleKey" - ]; + secrets = ["userPassword" "tailscaleKey"]; }; -in -{ +in { imports = [ agenix.nixosModules.default home-manager.nixosModules.home-manager - (lib.mkAliasOptionModule [ "hm" ] [ "home-manager" "users" username ]) + (lib.mkAliasOptionModule ["hm"] ["home-manager" "users" username]) rootPassword.generate secrets.generate @@ -40,15 +35,12 @@ in age = { ageBin = lib.getExe pkgs.rage; - identityPaths = [ "/etc/age/key" ]; + identityPaths = ["/etc/age/key"]; }; boot = { kernelPackages = lib.mkDefault pkgs.linuxPackages; # use lts - kernelParams = [ - "quiet" - "loglevel=3" - ]; + kernelParams = ["quiet" "loglevel=3"]; # faster tcp !!! kernel.sysctl = { @@ -73,7 +65,7 @@ in ]; hm = { - home = { inherit stateVersion; }; + home = {inherit stateVersion;}; programs.ssh = { enable = true; @@ -91,17 +83,14 @@ in networking = { useNetworkd = lib.mkDefault true; - nameservers = [ - "1.1.1.1" - "1.0.0.1" - ]; + nameservers = ["1.1.1.1" "1.0.0.1"]; }; nix = { # package = pkgs.nixVersions.latest; channel.enable = false; # The `flake:` syntax in `$NIX_PATH` seems to do some weird copying on Nix 2.24 - nixPath = [ "nixpkgs=${config.nixpkgs.flake.source}" ]; + nixPath = ["nixpkgs=${config.nixpkgs.flake.source}"]; gc = { automatic = true; @@ -121,14 +110,8 @@ in settings = { auto-optimise-store = true; - experimental-features = [ - "nix-command" - "flakes" - ]; - trusted-users = [ - "root" - "@wheel" - ]; + experimental-features = ["nix-command" "flakes"]; + trusted-users = ["root" "@wheel"]; connect-timeout = 5; # fail fast if substituters are not available builders-use-substitutes = true; log-lines = 25; @@ -149,7 +132,7 @@ in nixpkgs = { config.allowUnfree = true; flake.setNixPath = false; - overlays = [ (import ../exprs/overlay.nix { inherit vencord hydro; }) ]; + overlays = [(import ../exprs/overlay.nix {inherit vencord hydro;})]; }; programs = { @@ -189,10 +172,7 @@ in tailscale = { enable = true; useRoutingFeatures = "both"; - extraUpFlags = [ - "--ssh" - "--stateful-filtering" - ]; + extraUpFlags = ["--ssh" "--stateful-filtering"]; authKeyFile = secrets.get "tailscaleKey"; }; }; @@ -217,14 +197,7 @@ in "${username}" = { isNormalUser = true; shell = pkgs.fish; - extraGroups = [ - "networkmanager" - "wheel" - "video" - "libvirtd" - "input" - "docker" - ]; + extraGroups = ["networkmanager" "wheel" "video" "libvirtd" "input" "docker"]; hashedPasswordFile = secrets.get "userPassword"; openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN+7+KfdOrhcnHayxvOENUeMx8rE4XEIV/AxMHiaNUP8" diff --git a/configs/desktop.nix b/configs/desktop.nix index 70ea5dc..3b535d1 100644 --- a/configs/desktop.nix +++ b/configs/desktop.nix @@ -5,8 +5,7 @@ catppuccin, lanzaboote, ... -}: -{ +}: { imports = [ catppuccin.nixosModules.catppuccin lanzaboote.nixosModules.lanzaboote @@ -25,10 +24,10 @@ boot = { kernelPackages = pkgs.linuxPackages_latest; - extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ]; - kernelModules = [ "v4l2loopback" ]; + extraModulePackages = with config.boot.kernelPackages; [v4l2loopback]; + kernelModules = ["v4l2loopback"]; - supportedFilesystems = [ "ntfs" ]; + supportedFilesystems = ["ntfs"]; loader = { systemd-boot.enable = lib.mkForce false; @@ -62,7 +61,7 @@ ]; fontconfig.defaultFonts = { - emoji = [ "Twitter Color Emoji" ]; + emoji = ["Twitter Color Emoji"]; }; }; @@ -92,7 +91,7 @@ strawberry teams-for-linux thunderbird - (vesktop.override { withSystemVencord = true; }) + (vesktop.override {withSystemVencord = true;}) vscode # libreoffice stuff diff --git a/configs/laptop.nix b/configs/laptop.nix index 7f97765..8481bad 100644 --- a/configs/laptop.nix +++ b/configs/laptop.nix @@ -3,11 +3,10 @@ pkgs, config, ... -}: -{ - imports = [ ./desktop.nix ]; +}: { + imports = [./desktop.nix]; - boot.initrd.kernelModules = [ "xe" ]; + boot.initrd.kernelModules = ["xe"]; hardware = { bluetooth.enable = true; @@ -19,7 +18,7 @@ vpl-gpu-rt ]; - extraPackages32 = [ pkgs.driversi686Linux.intel-media-driver ]; + extraPackages32 = [pkgs.driversi686Linux.intel-media-driver]; }; }; @@ -31,7 +30,7 @@ programs.light.enable = true; # hyprland stuff - services.blueman = lib.mkIf config.programs.hyprland.enable { enable = true; }; + services.blueman = lib.mkIf config.programs.hyprland.enable {enable = true;}; hm.wayland.windowManager.hyprland.settings.exec-once = with pkgs; [ "${lib.getExe networkmanagerapplet}" "${lib.getExe' blueman "blueman-applet"}" diff --git a/configs/server.nix b/configs/server.nix index 6c20c6f..b2545cc 100644 --- a/configs/server.nix +++ b/configs/server.nix @@ -2,13 +2,11 @@ config, _utils, ... -}: -let +}: let secrets = _utils.setupSharedSecrets config { - secrets = [ "vmAuthToken" ]; + secrets = ["vmAuthToken"]; }; -in -{ +in { imports = [ ./common.nix secrets.generate @@ -23,7 +21,7 @@ in }; services = { - tailscale.extraUpFlags = [ "--advertise-exit-node" ]; + tailscale.extraUpFlags = ["--advertise-exit-node"]; openssh = { enable = true; @@ -48,22 +46,20 @@ in prometheus.exporters.node = { enable = true; port = 9091; - enabledCollectors = [ "systemd" ]; + enabledCollectors = ["systemd"]; }; vmagent = { enable = true; remoteWrite.url = "https://metrics.uku3lig.net/api/v1/write"; - extraArgs = [ "-remoteWrite.bearerTokenFile=\${CREDENTIALS_DIRECTORY}/vm_auth_token" ]; + extraArgs = ["-remoteWrite.bearerTokenFile=\${CREDENTIALS_DIRECTORY}/vm_auth_token"]; prometheusConfig = { global.scrape_interval = "15s"; scrape_configs = [ { job_name = "node"; - static_configs = [ - { targets = [ "localhost:${builtins.toString config.services.prometheus.exporters.node.port}" ]; } - ]; + static_configs = [{targets = ["localhost:${builtins.toString config.services.prometheus.exporters.node.port}"];}]; relabel_configs = [ { target_label = "instance"; @@ -77,7 +73,7 @@ in }; systemd = { - services.vmagent.serviceConfig.LoadCredential = [ "vm_auth_token:${secrets.get "vmAuthToken"}" ]; + services.vmagent.serviceConfig.LoadCredential = ["vm_auth_token:${secrets.get "vmAuthToken"}"]; # For more detail, see: # https://0pointer.de/blog/projects/watchdog.html diff --git a/exprs/idea-fixed.nix b/exprs/idea-fixed.nix index 5cd5e5a..845d928 100644 --- a/exprs/idea-fixed.nix +++ b/exprs/idea-fixed.nix @@ -22,19 +22,17 @@ pipewire, udev, xrandr, -}: -let +}: let inherit (jetbrains) idea-ultimate; in -symlinkJoin { - name = "idea-ultimate-fixed-${idea-ultimate.version}"; + symlinkJoin { + name = "idea-ultimate-fixed-${idea-ultimate.version}"; - paths = [ idea-ultimate ]; + paths = [idea-ultimate]; - nativeBuildInputs = [ makeWrapper ]; + nativeBuildInputs = [makeWrapper]; - postBuild = - let + postBuild = let runtimeLibs = [ stdenv.cc.cc.lib ## native versions @@ -65,10 +63,9 @@ symlinkJoin { xrandr # needed for LWJGL [2.9.2, 3) https://github.com/LWJGL/lwjgl/issues/128 esbuild ]; - in - '' + in '' wrapProgram $out/bin/idea-ultimate \ --set LD_LIBRARY_PATH ${lib.makeLibraryPath runtimeLibs} \ --prefix PATH : ${lib.makeBinPath runtimePrograms} ''; -} + } diff --git a/exprs/overlay.nix b/exprs/overlay.nix index f961905..651adf4 100644 --- a/exprs/overlay.nix +++ b/exprs/overlay.nix @@ -1,14 +1,16 @@ inputs: final: prev: { - idea-ultimate-fixed = prev.callPackage ./idea-fixed.nix { }; + idea-ultimate-fixed = prev.callPackage ./idea-fixed.nix {}; vencord = prev.vencord.overrideAttrs (old: rec { version = "${old.version}+git.${inputs.vencord.shortRev}"; src = inputs.vencord; - env = old.env // { - VENCORD_REMOTE = "Vendicated/Vencord"; - VENCORD_HASH = src.shortRev; - }; + env = + old.env + // { + VENCORD_REMOTE = "Vendicated/Vencord"; + VENCORD_HASH = src.shortRev; + }; pnpmDeps = old.pnpmDeps.overrideAttrs (_: { outputHash = "sha256-vVzERis1W3QZB/i6SQR9dQR56yDWadKWvFr+nLTQY9Y="; diff --git a/flake.lock b/flake.lock index 40aded4..b3433f1 100644 --- a/flake.lock +++ b/flake.lock @@ -253,6 +253,26 @@ "type": "github" } }, + "nixinate": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1708891350, + "narHash": "sha256-VOQrKK7Df/IVuNki+NshVuGkTa/Tw0GigPjWcZff6kk=", + "owner": "matthewcroughan", + "repo": "nixinate", + "rev": "452f33c60df5b72ad0858f5f2cf224bdf1f17746", + "type": "github" + }, + "original": { + "owner": "matthewcroughan", + "repo": "nixinate", + "type": "github" + } + }, "nixos-wsl": { "inputs": { "flake-compat": [], @@ -305,10 +325,10 @@ "home-manager": "home-manager", "lanzaboote": "lanzaboote", "mystia": "mystia", + "nixinate": "nixinate", "nixos-wsl": "nixos-wsl", "nixpkgs": "nixpkgs", "systems": "systems_2", - "treefmt-nix": "treefmt-nix", "ukubot-rs": "ukubot-rs", "vencord": "vencord", "vscode-extensions": "vscode-extensions" @@ -365,26 +385,6 @@ "type": "github" } }, - "treefmt-nix": { - "inputs": { - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1735135567, - "narHash": "sha256-8T3K5amndEavxnludPyfj3Z1IkcFdRpR23q+T0BVeZE=", - "owner": "numtide", - "repo": "treefmt-nix", - "rev": "9e09d30a644c57257715902efbb3adc56c79cf28", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "treefmt-nix", - "type": "github" - } - }, "ukubot-rs": { "inputs": { "flake-parts": [ diff --git a/flake.nix b/flake.nix index 3b405d4..b3593f8 100644 --- a/flake.nix +++ b/flake.nix @@ -1,34 +1,31 @@ { description = "example flake idk"; - outputs = - { - agenix, - flake-parts, - treefmt-nix, - ... - }@inputs: - flake-parts.lib.mkFlake { inherit inputs; } { - systems = [ - "x86_64-linux" - "aarch64-linux" - ]; + outputs = { + self, + flake-parts, + nixinate, + agenix, + ... + } @ inputs: + flake-parts.lib.mkFlake {inherit inputs;} { + systems = ["x86_64-linux" "aarch64-linux"]; imports = [ - treefmt-nix.flakeModule ./systems ]; - perSystem = - { - pkgs, - system, - self', - ... - }: - { - devShells.default = pkgs.mkShellNoCC { - packages = with pkgs; [ + perSystem = { + pkgs, + system, + self', + ... + }: { + apps = (nixinate.nixinate.${system} self).nixinate; + + devShells.default = with pkgs; + mkShellNoCC { + packages = [ agenix.packages.${system}.default just self'.formatter @@ -36,25 +33,8 @@ ]; }; - treefmt = { - projectRootFile = "flake.nix"; - - settings.excludes = [ - ".envrc" - ".gitignore" - "*.age" - "flake.lock" - "justfile" - "LICENSE" - ]; - - programs = { - nixfmt.enable = true; - prettier.enable = true; - stylua.enable = true; - }; - }; - }; + formatter = pkgs.alejandra; + }; }; inputs = { @@ -114,6 +94,11 @@ inputs.flake-compat.follows = ""; }; + nixinate = { + url = "github:matthewcroughan/nixinate"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + nixos-wsl = { url = "github:nix-community/NixOS-WSL"; inputs.nixpkgs.follows = "nixpkgs"; @@ -124,11 +109,6 @@ # nix's most elaborate, overcomplicated joke systems.url = "github:nix-systems/default"; - treefmt-nix = { - url = "github:numtide/treefmt-nix"; - inputs.nixpkgs.follows = "nixpkgs"; - }; - vscode-extensions = { url = "github:nix-community/nix-vscode-extensions"; inputs.nixpkgs.follows = "nixpkgs"; diff --git a/global/utils.nix b/global/utils.nix index 4981e97..ed75352 100644 --- a/global/utils.nix +++ b/global/utils.nix @@ -1,87 +1,66 @@ -{ lib, ... }: -{ - setupSecrets = - _config: - { - secrets, - extra ? { }, - }: - let - inherit (_config.networking) hostName; - in - { - generate = { - age.secrets = lib.genAttrs secrets (name: extra // { file = ../secrets/${hostName}/${name}.age; }); - }; - get = name: _config.age.secrets.${name}.path; - }; +{lib, ...}: { + setupSecrets = _config: { + secrets, + extra ? {}, + }: let + inherit (_config.networking) hostName; + in { + generate = {age.secrets = lib.genAttrs secrets (name: extra // {file = ../secrets/${hostName}/${name}.age;});}; + get = name: _config.age.secrets.${name}.path; + }; - setupSingleSecret = - _config: name: extra: - let - inherit (_config.networking) hostName; - in - { - generate = { - age.secrets.${name} = extra // { - file = ../secrets/${hostName}/${name}.age; - }; - }; - inherit (_config.age.secrets.${name}) path; - }; + setupSingleSecret = _config: name: extra: let + inherit (_config.networking) hostName; + in { + generate = {age.secrets.${name} = extra // {file = ../secrets/${hostName}/${name}.age;};}; + inherit (_config.age.secrets.${name}) path; + }; - setupSharedSecrets = - _config: - { - secrets, - extra ? { }, - }: - { - generate = { - age.secrets = lib.genAttrs secrets (name: extra // { file = ../secrets/shared/${name}.age; }); - }; - get = name: _config.age.secrets.${name}.path; - }; + setupSharedSecrets = _config: { + secrets, + extra ? {}, + }: { + generate = {age.secrets = lib.genAttrs secrets (name: extra // {file = ../secrets/shared/${name}.age;});}; + get = name: _config.age.secrets.${name}.path; + }; - mkMinecraftServer = - _config: - { - name, - port, - remotePort, - tag ? "java21", - dataDir ? "/var/lib/${name}", - memory ? "4G", - env ? { }, - envFiles ? [ ], - extraPorts ? [ ], - }: - let - inherit (_config.virtualisation.oci-containers) backend; - in - { - virtualisation.oci-containers.containers."mc-${name}" = { - image = "itzg/minecraft-server:${tag}"; - ports = [ "${builtins.toString port}:25565" ] ++ extraPorts; - volumes = [ "${dataDir}:/data" ]; - environmentFiles = envFiles; - environment = { + mkMinecraftServer = _config: { + name, + port, + remotePort, + tag ? "java21", + dataDir ? "/var/lib/${name}", + memory ? "4G", + env ? {}, + envFiles ? [], + extraPorts ? [], + }: let + inherit (_config.virtualisation.oci-containers) backend; + in { + virtualisation.oci-containers.containers."mc-${name}" = { + image = "itzg/minecraft-server:${tag}"; + ports = ["${builtins.toString port}:25565"] ++ extraPorts; + volumes = ["${dataDir}:/data"]; + environmentFiles = envFiles; + environment = + { EULA = "true"; MEMORY = memory; - } // env; - }; - - networking.firewall.allowedTCPPorts = [ port ]; - - services.frp.settings.proxies = [ - { - inherit name remotePort; - type = "tcp"; - localIp = "127.0.0.1"; - localPort = port; } - ]; - - systemd.services."${backend}-mc-${name}".serviceConfig.TimeoutSec = "300"; + // env; }; + + networking.firewall.allowedTCPPorts = [port]; + + services.frp.settings.proxies = [ + { + inherit name remotePort; + type = "tcp"; + localIp = "127.0.0.1"; + localPort = port; + } + ]; + + systemd.services."${backend}-mc-${name}".serviceConfig.TimeoutSec = "300"; + }; } diff --git a/justfile b/justfile index 0226131..b55b0b4 100644 --- a/justfile +++ b/justfile @@ -16,12 +16,8 @@ boot *args: @sudo -v sudo nixos-rebuild boot --flake . --keep-going {{args}} -deploy system user="leo": - #!/usr/bin/env bash - set -euxo pipefail - flake=$(nix eval --impure --raw --expr "(builtins.getFlake \"$PWD\").outPath") - nix copy "$flake" --to "ssh://{{user}}@{{system}}" - ssh -t "{{user}}@{{system}}" "sudo flock -w 60 /dev/shm/deploy-{{system}} nixos-rebuild switch --flake $flake#{{system}}" +deploy system: + nix run .#{{system}} lint *args: statix check -i flake.nix **/hardware-configuration.nix {{args}} diff --git a/programs/alacritty.nix b/programs/alacritty.nix index f59a58f..03db8ef 100644 --- a/programs/alacritty.nix +++ b/programs/alacritty.nix @@ -2,25 +2,22 @@ lib, pkgs, ... -}: -{ - hm.programs.alacritty = - let - theme = pkgs.fetchurl { - # url = "https://raw.githubusercontent.com/catppuccin/alacritty/ce476fb41f307d90f841c1a4fd7f0727c21248b2/catppuccin-macchiato.toml"; - url = "https://raw.githubusercontent.com/rose-pine/alacritty/3c3e36eb5225b0eb6f1aa989f9d9e783a5b47a83/dist/rose-pine.toml"; - hash = "sha256-MheSmzz02ZLAOS2uaclyazu6E//eikcdFydFfkio0/U="; - }; +}: { + hm.programs.alacritty = let + theme = pkgs.fetchurl { + # url = "https://raw.githubusercontent.com/catppuccin/alacritty/ce476fb41f307d90f841c1a4fd7f0727c21248b2/catppuccin-macchiato.toml"; + url = "https://raw.githubusercontent.com/rose-pine/alacritty/3c3e36eb5225b0eb6f1aa989f9d9e783a5b47a83/dist/rose-pine.toml"; + hash = "sha256-MheSmzz02ZLAOS2uaclyazu6E//eikcdFydFfkio0/U="; + }; - themeAttr = builtins.fromTOML (builtins.readFile theme); - in - { - enable = true; - settings = lib.recursiveUpdate themeAttr { - font = { - normal.family = "Iosevka Nerd Font"; - size = 12; - }; + themeAttr = builtins.fromTOML (builtins.readFile theme); + in { + enable = true; + settings = lib.recursiveUpdate themeAttr { + font = { + normal.family = "Iosevka Nerd Font"; + size = 12; }; }; + }; } diff --git a/programs/dotnet.nix b/programs/dotnet.nix index 5be6ac3..ea3c2ac 100644 --- a/programs/dotnet.nix +++ b/programs/dotnet.nix @@ -3,17 +3,14 @@ config, pkgs, ... -}: -let +}: let inherit (config.lib.file) mkOutOfStoreSymlink; -in -{ +in { home = { - packages = [ pkgs.jetbrains.rider ]; + packages = [pkgs.jetbrains.rider]; file = { - ".dotnet/8".source = - mkOutOfStoreSymlink "${pkgs.dotnetCorePackages.dotnet_8.sdk.unwrapped}/share/dotnet"; + ".dotnet/8".source = mkOutOfStoreSymlink "${pkgs.dotnetCorePackages.dotnet_8.sdk.unwrapped}/share/dotnet"; ".dotnet/mono".source = mkOutOfStoreSymlink pkgs.mono; }; }; diff --git a/programs/fish.nix b/programs/fish.nix index 824094b..ae70371 100644 --- a/programs/fish.nix +++ b/programs/fish.nix @@ -1,5 +1,4 @@ -{ pkgs, ... }: -{ +{pkgs, ...}: { programs.fish.enable = true; environment.systemPackages = with pkgs; [ diff --git a/programs/games.nix b/programs/games.nix index 1f08d5d..188b680 100644 --- a/programs/games.nix +++ b/programs/games.nix @@ -1,5 +1,4 @@ -{ pkgs, ... }: -{ +{pkgs, ...}: { hardware = { xone.enable = true; xpadneo.enable = true; @@ -10,11 +9,7 @@ osu-lazer-bin (prismlauncher.override { - jdks = [ - temurin-bin-21 - temurin-bin-17 - temurin-bin-8 - ]; + jdks = [temurin-bin-21 temurin-bin-17 temurin-bin-8]; }) ]; diff --git a/programs/ghostty.nix b/programs/ghostty.nix index 030593e..9935fb5 100644 --- a/programs/ghostty.nix +++ b/programs/ghostty.nix @@ -2,10 +2,9 @@ pkgs, ghostty, ... -}: -{ +}: { hm.home = { - packages = [ ghostty.packages.${pkgs.system}.default ]; + packages = [ghostty.packages.${pkgs.system}.default]; file.".config/ghostty/config".text = '' theme = light:catppuccin-latte,dark:catppuccin-mocha diff --git a/programs/git.nix b/programs/git.nix index 1e0effa..74a8f35 100644 --- a/programs/git.nix +++ b/programs/git.nix @@ -1,5 +1,4 @@ -{ config, ... }: -{ +{config, ...}: { programs.git.enable = true; hm.programs = { diff --git a/programs/gnome.nix b/programs/gnome.nix index 784f4b5..5d03326 100644 --- a/programs/gnome.nix +++ b/programs/gnome.nix @@ -1,5 +1,4 @@ -{ pkgs, ... }: -{ +{pkgs, ...}: { services = { xserver.desktopManager.gnome.enable = true; displayManager = { @@ -14,14 +13,14 @@ hm.programs.gnome-shell = { enable = true; extensions = with pkgs.gnomeExtensions; [ - { package = appindicator; } - { package = dash-to-dock; } - { package = blur-my-shell; } + {package = appindicator;} + {package = dash-to-dock;} + {package = blur-my-shell;} ]; }; environment = with pkgs; { - systemPackages = [ gnome-tweaks ]; + systemPackages = [gnome-tweaks]; gnome.excludePackages = [ gnome-tour diff --git a/programs/hyprland-misc.nix b/programs/hyprland-misc.nix index f37e79e..8e67653 100644 --- a/programs/hyprland-misc.nix +++ b/programs/hyprland-misc.nix @@ -1,5 +1,4 @@ -{ pkgs, ... }: -{ +{pkgs, ...}: { # utility packages for hyprland, since you know it's not a DE hm.home.packages = with pkgs; [ @@ -15,10 +14,7 @@ thunar = { enable = true; - plugins = with pkgs.xfce; [ - thunar-volman - thunar-archive-plugin - ]; + plugins = with pkgs.xfce; [thunar-volman thunar-archive-plugin]; }; }; } diff --git a/programs/hyprland.nix b/programs/hyprland.nix index ae83972..66881bb 100644 --- a/programs/hyprland.nix +++ b/programs/hyprland.nix @@ -2,8 +2,7 @@ lib, pkgs, ... -}: -{ +}: { imports = [ ./hyprland-misc.nix ./alacritty.nix @@ -21,7 +20,7 @@ }; }; - xdg.portal.extraPortals = with pkgs; [ xdg-desktop-portal-gtk ]; + xdg.portal.extraPortals = with pkgs; [xdg-desktop-portal-gtk]; hm = { home.packages = with pkgs; [ @@ -38,24 +37,11 @@ wayland.windowManager.hyprland = { enable = true; - settings = - let - inherit (lib) getExe getExe'; - keys = [ - "ampersand" - "eacute" - "quotedbl" - "apostrophe" - "parenleft" - "minus" - "egrave" - "underscore" - "ccedilla" - "agrave" - ]; - in - with pkgs; - { + settings = let + inherit (lib) getExe getExe'; + keys = ["ampersand" "eacute" "quotedbl" "apostrophe" "parenleft" "minus" "egrave" "underscore" "ccedilla" "agrave"]; + in + with pkgs; { "$mod" = "SUPER"; "$wl-paste" = getExe' wl-clipboard "wl-paste"; "$wpctl" = getExe' wireplumber "wpctl"; @@ -166,18 +152,12 @@ ++ # Switch workspaces with mod + [0-9] # Move active window to a workspace with mod + SHIFT + [0-9] - lib.flatten ( - builtins.map ( - i: - let - key = builtins.elemAt keys (i - 1); - in - [ - "$mod, ${key}, workspace, ${toString i}" - "$mod SHIFT, ${key}, movetoworkspace, ${toString i}" - ] - ) (lib.range 1 10) - ); + lib.flatten (builtins.map (i: let + key = builtins.elemAt keys (i - 1); + in [ + "$mod, ${key}, workspace, ${toString i}" + "$mod SHIFT, ${key}, movetoworkspace, ${toString i}" + ]) (lib.range 1 10)); bindm = [ "$mod, mouse:272, movewindow" diff --git a/programs/java.nix b/programs/java.nix index adcc379..26c1232 100644 --- a/programs/java.nix +++ b/programs/java.nix @@ -3,11 +3,9 @@ config, pkgs, ... -}: -let +}: let inherit (config.lib.file) mkOutOfStoreSymlink; -in -{ +in { home.file = { ".jdks/temurin-21".source = mkOutOfStoreSymlink pkgs.temurin-bin-21; ".jdks/temurin-17".source = mkOutOfStoreSymlink pkgs.temurin-bin-17; diff --git a/programs/kde.nix b/programs/kde.nix index 57b236b..69f0ff8 100644 --- a/programs/kde.nix +++ b/programs/kde.nix @@ -2,8 +2,7 @@ pkgs, camasca, ... -}: -{ +}: { services = { desktopManager.plasma6.enable = true; displayManager.sddm = { diff --git a/programs/neovim/default.nix b/programs/neovim/default.nix index 4bc95e6..6ce438f 100644 --- a/programs/neovim/default.nix +++ b/programs/neovim/default.nix @@ -1,12 +1,11 @@ -{ pkgs, ... }: -{ +{pkgs, ...}: { hm.programs.neovim = { enable = true; defaultEditor = true; extraLuaConfig = builtins.readFile ./init.lua; extraPackages = with pkgs; [ - (lua5_1.withPackages (ps: with ps; [ luarocks ])) + (lua5_1.withPackages (ps: with ps; [luarocks])) tree-sitter ]; diff --git a/programs/neovim/init.lua b/programs/neovim/init.lua index c9ea72f..bc1b2be 100644 --- a/programs/neovim/init.lua +++ b/programs/neovim/init.lua @@ -1,5 +1,5 @@ -- sets the "key", which can be used in shortcuts -vim.g.mapleader = " " +vim.g.mapleader = ' ' vim.g.have_nerd_font = true @@ -8,7 +8,7 @@ vim.g.have_nerd_font = true vim.opt.number = true -- enable mouse -vim.opt.mouse = "a" +vim.opt.mouse = 'a' -- save undo history vim.opt.undofile = true @@ -31,19 +31,21 @@ vim.opt.splitbelow = true vim.opt.list = true -- preview substitutions (:s & :%s) while typing -vim.opt.inccommand = "split" +vim.opt.inccommand = 'split' -- highlight the line the cursor is on vim.opt.cursorline = true -- sync os clipboard and neovim vim.schedule(function() - vim.opt.clipboard = "unnamedplus" + vim.opt.clipboard = 'unnamedplus' end) + -- [[ shortcuts, see `:help vim.keymap.set()` ]] -- hide search results when pressing esc -vim.keymap.set("n", "", "nohlsearch") +vim.keymap.set('n', '', 'nohlsearch') + -- disable arrow keys in normal mode -- vim.keymap.set('n', '', 'echo "Use h to move!!"') @@ -55,10 +57,11 @@ vim.keymap.set("n", "", "nohlsearch") -- Use CTRL+ to switch between windows -- -- See `:help wincmd` for a list of all window commands -vim.keymap.set("n", "", "", { desc = "Move focus to the left window" }) -vim.keymap.set("n", "", "", { desc = "Move focus to the right window" }) -vim.keymap.set("n", "", "", { desc = "Move focus to the lower window" }) -vim.keymap.set("n", "", "", { desc = "Move focus to the upper window" }) +vim.keymap.set('n', '', '', { desc = 'Move focus to the left window' }) +vim.keymap.set('n', '', '', { desc = 'Move focus to the right window' }) +vim.keymap.set('n', '', '', { desc = 'Move focus to the lower window' }) +vim.keymap.set('n', '', '', { desc = 'Move focus to the upper window' }) + -- [[ plugin configuration ]] require("nvim-treesitter.configs").setup({ diff --git a/programs/rust.nix b/programs/rust.nix index ea33595..7d4f590 100644 --- a/programs/rust.nix +++ b/programs/rust.nix @@ -3,20 +3,15 @@ pkgs, config, ... -}: -let - toml = pkgs.formats.toml { }; -in -{ +}: let + toml = pkgs.formats.toml {}; +in { hm.home.file.".cargo/config.toml".source = toml.generate "config.toml" { build.target-dir = "${config.hm.home.homeDirectory}/.cargo/target"; target.x86_64-unknown-linux-gnu = { linker = "${lib.getExe pkgs.clang}"; - rustflags = [ - "-C" - "link-arg=-fuse-ld=${lib.getExe pkgs.mold}" - ]; + rustflags = ["-C" "link-arg=-fuse-ld=${lib.getExe pkgs.mold}"]; }; }; } diff --git a/programs/starship/default.nix b/programs/starship/default.nix index 135da01..4700cd7 100644 --- a/programs/starship/default.nix +++ b/programs/starship/default.nix @@ -1,13 +1,15 @@ { hm.programs.starship = { enable = true; - settings = { - add_newline = false; + settings = + { + add_newline = false; - directory = { - truncation_length = 3; - truncation_symbol = "…/"; - }; - } // (import ./nerd-font.nix); + directory = { + truncation_length = 3; + truncation_symbol = "…/"; + }; + } + // builtins.fromTOML (builtins.readFile ./nerd-font.toml); }; } diff --git a/programs/starship/nerd-font.nix b/programs/starship/nerd-font.nix deleted file mode 100644 index b2e90a0..0000000 --- a/programs/starship/nerd-font.nix +++ /dev/null @@ -1,84 +0,0 @@ -{ - aws.symbol = " "; - buf.symbol = " "; - c.symbol = " "; - conda.symbol = " "; - crystal.symbol = " "; - dart.symbol = " "; - directory.read_only = " 󰌾"; - docker_context.symbol = " "; - elixir.symbol = " "; - elm.symbol = " "; - fennel.symbol = " "; - fossil_branch.symbol = " "; - git_branch.symbol = " "; - golang.symbol = " "; - guix_shell.symbol = " "; - haskell.symbol = " "; - haxe.symbol = " "; - hg_branch.symbol = " "; - hostname.ssh_symbol = " "; - java.symbol = " "; - julia.symbol = " "; - kotlin.symbol = " "; - lua.symbol = " "; - memory_usage.symbol = "󰍛 "; - meson.symbol = "󰔷 "; - nim.symbol = "󰆥 "; - nix_shell.symbol = " "; - nodejs.symbol = " "; - ocaml.symbol = " "; - package.symbol = "󰏗 "; - perl.symbol = " "; - php.symbol = " "; - pijul_channel.symbol = " "; - python.symbol = " "; - rlang.symbol = "󰟔 "; - ruby.symbol = " "; - rust.symbol = " "; - scala.symbol = " "; - swift.symbol = " "; - zig.symbol = " "; - - os.symbols = { - Alpaquita = " "; - Alpine = " "; - Amazon = " "; - Android = " "; - Arch = " "; - Artix = " "; - CentOS = " "; - Debian = " "; - DragonFly = " "; - Emscripten = " "; - EndeavourOS = " "; - Fedora = " "; - FreeBSD = " "; - Garuda = "󰛓 "; - Gentoo = " "; - HardenedBSD = "󰞌 "; - Illumos = "󰈸 "; - Linux = " "; - Mabox = " "; - Macos = " "; - Manjaro = " "; - Mariner = " "; - MidnightBSD = " "; - Mint = " "; - NetBSD = " "; - NixOS = " "; - OpenBSD = "󰈺 "; - openSUSE = " "; - OracleLinux = "󰌷 "; - Pop = " "; - Raspbian = " "; - Redhat = " "; - RedHatEnterprise = " "; - Redox = "󰀘 "; - Solus = "󰠳 "; - SUSE = " "; - Ubuntu = " "; - Unknown = " "; - Windows = "󰍲 "; - }; -} diff --git a/programs/starship/nerd-font.toml b/programs/starship/nerd-font.toml new file mode 100644 index 0000000..540a4fc --- /dev/null +++ b/programs/starship/nerd-font.toml @@ -0,0 +1,160 @@ +[aws] +symbol = " " + +[buf] +symbol = " " + +[c] +symbol = " " + +[conda] +symbol = " " + +[crystal] +symbol = " " + +[dart] +symbol = " " + +[directory] +read_only = " 󰌾" + +[docker_context] +symbol = " " + +[elixir] +symbol = " " + +[elm] +symbol = " " + +[fennel] +symbol = " " + +[fossil_branch] +symbol = " " + +[git_branch] +symbol = " " + +[golang] +symbol = " " + +[guix_shell] +symbol = " " + +[haskell] +symbol = " " + +[haxe] +symbol = " " + +[hg_branch] +symbol = " " + +[hostname] +ssh_symbol = " " + +[java] +symbol = " " + +[julia] +symbol = " " + +[kotlin] +symbol = " " + +[lua] +symbol = " " + +[memory_usage] +symbol = "󰍛 " + +[meson] +symbol = "󰔷 " + +[nim] +symbol = "󰆥 " + +[nix_shell] +symbol = " " + +[nodejs] +symbol = " " + +[ocaml] +symbol = " " + +[os.symbols] +Alpaquita = " " +Alpine = " " +Amazon = " " +Android = " " +Arch = " " +Artix = " " +CentOS = " " +Debian = " " +DragonFly = " " +Emscripten = " " +EndeavourOS = " " +Fedora = " " +FreeBSD = " " +Garuda = "󰛓 " +Gentoo = " " +HardenedBSD = "󰞌 " +Illumos = "󰈸 " +Linux = " " +Mabox = " " +Macos = " " +Manjaro = " " +Mariner = " " +MidnightBSD = " " +Mint = " " +NetBSD = " " +NixOS = " " +OpenBSD = "󰈺 " +openSUSE = " " +OracleLinux = "󰌷 " +Pop = " " +Raspbian = " " +Redhat = " " +RedHatEnterprise = " " +Redox = "󰀘 " +Solus = "󰠳 " +SUSE = " " +Ubuntu = " " +Unknown = " " +Windows = "󰍲 " + +[package] +symbol = "󰏗 " + +[perl] +symbol = " " + +[php] +symbol = " " + +[pijul_channel] +symbol = " " + +[python] +symbol = " " + +[rlang] +symbol = "󰟔 " + +[ruby] +symbol = " " + +[rust] +symbol = " " + +[scala] +symbol = " " + +[swift] +symbol = " " + +[zig] +symbol = " " diff --git a/programs/vscode.nix b/programs/vscode.nix index c2c43ce..ce9dfc1 100644 --- a/programs/vscode.nix +++ b/programs/vscode.nix @@ -2,8 +2,7 @@ pkgs, vscode-extensions, ... -}: -let +}: let inherit (pkgs.stdenv.hostPlatform) system; extensions = vscode-extensions.extensions.${system}; @@ -14,16 +13,14 @@ let rust-lang.rust-analyzer wakatime.vscode-wakatime ]; -in -{ +in { hm.programs.vscode = { enable = true; enableUpdateCheck = false; enableExtensionUpdateCheck = false; mutableExtensionsDir = false; - extensions = - with extensions.vscode-marketplace; + extensions = with extensions.vscode-marketplace; patched ++ [ # style @@ -52,12 +49,8 @@ in # cpp mesonbuild.mesonbuild - (ms-vscode.cmake-tools.overrideAttrs (_: { - sourceRoot = "extension"; - })) - (ms-vscode.makefile-tools.overrideAttrs (_: { - sourceRoot = "extension"; - })) + (ms-vscode.cmake-tools.overrideAttrs (_: {sourceRoot = "extension";})) + (ms-vscode.makefile-tools.overrideAttrs (_: {sourceRoot = "extension";})) twxs.cmake xaver.clang-format diff --git a/programs/waybar/default.nix b/programs/waybar/default.nix index 0290b19..191ab5a 100644 --- a/programs/waybar/default.nix +++ b/programs/waybar/default.nix @@ -3,8 +3,7 @@ pkgs, config, ... -}: -{ +}: { hm.programs.waybar = { enable = true; style = ./style.css; @@ -16,23 +15,15 @@ height = 24; spacing = 2; - modules-left = [ "hyprland/workspaces" ]; - modules-center = [ ]; + modules-left = ["hyprland/workspaces"]; + modules-center = []; modules-right = - [ "memory" ] - ++ lib.optionals (builtins.elem "amdgpu" config.services.xserver.videoDrivers) [ - "custom/gpu-usage" - ] - ++ [ - "cpu" - "wireplumber" - ] - ++ lib.optionals config.services.power-profiles-daemon.enable [ "battery" ] - ++ lib.optionals config.programs.light.enable [ "backlight" ] - ++ [ - "clock" - "tray" - ]; + ["memory"] + ++ lib.optionals (builtins.elem "amdgpu" config.services.xserver.videoDrivers) ["custom/gpu-usage"] + ++ ["cpu" "wireplumber"] + ++ lib.optionals config.services.power-profiles-daemon.enable ["battery"] + ++ lib.optionals config.programs.light.enable ["backlight"] + ++ ["clock" "tray"]; "hyprland/workspaces" = { format = "{name}"; diff --git a/programs/waybar/style.css b/programs/waybar/style.css index a5cb018..ba3d7dc 100644 --- a/programs/waybar/style.css +++ b/programs/waybar/style.css @@ -31,30 +31,28 @@ @define-color rosewater #f4dbd6; * { - font-family: - Jetbrains Mono, - sans-serif; - font-size: 12px; + font-family: Jetbrains Mono, sans-serif; + font-size: 12px; } window#waybar { - background-color: @base; - color: @text; - transition-property: background-color; - transition-duration: 0.5s; + background-color: @base; + color: @text; + transition-property: background-color; + transition-duration: .5s; } button { - /* Use box-shadow instead of border so the text isn't offset */ - box-shadow: inset 0 -3px transparent; - /* Avoid rounded borders under each button name */ - border: none; - border-radius: 0; + /* Use box-shadow instead of border so the text isn't offset */ + box-shadow: inset 0 -3px transparent; + /* Avoid rounded borders under each button name */ + border: none; + border-radius: 0; } /* https://github.com/Alexays/Waybar/wiki/FAQ#the-workspace-buttons-have-a-strange-hover-effect */ button:hover { - background: inherit; + background: inherit; } #clock, @@ -74,93 +72,93 @@ button:hover { #idle_inhibitor, #scratchpad, #mpd { - padding: 0 10px; - color: @crust; + padding: 0 10px; + color: @crust; } #window, #workspaces { - margin: 0 4px; + margin: 0 4px; } /* If workspaces is the leftmost module, omit left margin */ -.modules-left > widget:first-child > #workspaces { - margin-left: 0; +.modules-left>widget:first-child>#workspaces { + margin-left: 0; } /* If workspaces is the rightmost module, omit right margin */ -.modules-right > widget:last-child > #workspaces { - margin-right: 0; +.modules-right>widget:last-child>#workspaces { + margin-right: 0; } #workspaces button { - padding: 0 2px; - background-color: transparent; - color: @text; + padding: 0 2px; + background-color: transparent; + color: @text; } #workspaces button:hover { - background: rgba(0, 0, 0, 0.2); + background: rgba(0, 0, 0, 0.2); } #workspaces button.active { - background-color: @surface1; - box-shadow: inset 0 -3px @yellow; + background-color: @surface1; + box-shadow: inset 0 -3px @yellow; } #workspaces button.urgent { - background-color: @red; + background-color: @red; } #clock { - background-color: @green; + background-color: @green; } #battery { - background-color: @sky; + background-color: @sky; } #battery.low:not(.charging) { - background-color: @red; + background-color: @red; } #cpu { - background-color: @sapphire; + background-color: @sapphire; } #custom-gpu-usage { - background-color: @blue; + background-color: @blue; } #memory { - background-color: @lavender; + background-color: @lavender; } #backlight { - background-color: @teal; + background-color: @teal; } #network { - background-color: @mauve; + background-color: @mauve; } #wireplumber { - background-color: @sapphire; + background-color: @sapphire; } #wireplumber.muted { - color: @base; + color: @base; } #tray { - background-color: @yellow; + background-color: @yellow; } -#tray > .passive { - -gtk-icon-effect: dim; +#tray>.passive { + -gtk-icon-effect: dim; } -#tray > .needs-attention { - -gtk-icon-effect: highlight; - background-color: #eb4d4b; +#tray>.needs-attention { + -gtk-icon-effect: highlight; + background-color: #eb4d4b; } diff --git a/secrets/secrets.nix b/secrets/secrets.nix index d92b862..18a3419 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -5,17 +5,9 @@ let etna = "age1m3jm6c5ywc5zntv5j4xhals0h28mpea88zzddq88zxcshmhteqwqu89qnh"; vesuvio = "age1g2z0tztrv2w7wtludjrd85q7px3lvjms0cjj32zej9dqpjwpscwsle6xhf"; - main = [ - fuji - kilimandjaro - mottarone - ]; - all = main ++ [ - etna - vesuvio - ]; -in -{ + main = [fuji kilimandjaro mottarone]; + all = main ++ [etna vesuvio]; +in { "shared/userPassword.age".publicKeys = all; "shared/tailscaleKey.age".publicKeys = all; "shared/frpToken.age".publicKeys = all; @@ -25,19 +17,19 @@ in "fuji-wsl/rootPassword.age".publicKeys = main; "kilimandjaro/rootPassword.age".publicKeys = main; "mottarone/rootPassword.age".publicKeys = main; - "etna/rootPassword.age".publicKeys = main ++ [ etna ]; - "vesuvio/rootPassword.age".publicKeys = main ++ [ vesuvio ]; + "etna/rootPassword.age".publicKeys = main ++ [etna]; + "vesuvio/rootPassword.age".publicKeys = main ++ [vesuvio]; - "etna/tunnelCreds.age".publicKeys = main ++ [ etna ]; - "etna/apiRsEnv.age".publicKeys = main ++ [ etna ]; - "etna/ukubotRsEnv.age".publicKeys = main ++ [ etna ]; - "etna/minecraftEnv.age".publicKeys = main ++ [ etna ]; - "etna/dendriteKey.age".publicKeys = main ++ [ etna ]; - "etna/nextcloudAdminPass.age".publicKeys = main ++ [ etna ]; - "etna/turnstileSecret.age".publicKeys = main ++ [ etna ]; - "etna/navidromeEnv.age".publicKeys = main ++ [ etna ]; - "etna/forgejoRunnerSecret.age".publicKeys = main ++ [ etna ]; - "etna/vaultwardenEnv.age".publicKeys = main ++ [ etna ]; - "etna/vmauthEnv.age".publicKeys = main ++ [ etna ]; - "etna/upsdUserPass.age".publicKeys = main ++ [ etna ]; + "etna/tunnelCreds.age".publicKeys = main ++ [etna]; + "etna/apiRsEnv.age".publicKeys = main ++ [etna]; + "etna/ukubotRsEnv.age".publicKeys = main ++ [etna]; + "etna/minecraftEnv.age".publicKeys = main ++ [etna]; + "etna/dendriteKey.age".publicKeys = main ++ [etna]; + "etna/nextcloudAdminPass.age".publicKeys = main ++ [etna]; + "etna/turnstileSecret.age".publicKeys = main ++ [etna]; + "etna/navidromeEnv.age".publicKeys = main ++ [etna]; + "etna/forgejoRunnerSecret.age".publicKeys = main ++ [etna]; + "etna/vaultwardenEnv.age".publicKeys = main ++ [etna]; + "etna/vmauthEnv.age".publicKeys = main ++ [etna]; + "etna/upsdUserPass.age".publicKeys = main ++ [etna]; } diff --git a/systems/default.nix b/systems/default.nix index 92a0646..84eb9e7 100644 --- a/systems/default.nix +++ b/systems/default.nix @@ -2,17 +2,15 @@ lib, inputs, ... -}: -let - _utils = import ../global/utils.nix { inherit lib; }; +}: let + _utils = import ../global/utils.nix {inherit lib;}; - toSystem = - name: + toSystem = name: { + role, + system, + }: + inputs.nixpkgs.lib.nixosSystem { - role, - system, - }: - inputs.nixpkgs.lib.nixosSystem { inherit system; modules = [ @@ -20,15 +18,12 @@ let ./${name}/hardware-configuration.nix ../configs/${role}.nix - { networking.hostName = name; } + {networking.hostName = name;} ]; - specialArgs = inputs // { - inherit _utils; - }; + specialArgs = inputs // {inherit _utils;}; }; -in -{ +in { flake.nixosConfigurations = lib.mapAttrs toSystem { fuji = { role = "desktop"; diff --git a/systems/etna/default.nix b/systems/etna/default.nix index db583cc..6ad1d45 100644 --- a/systems/etna/default.nix +++ b/systems/etna/default.nix @@ -4,17 +4,15 @@ config, _utils, ... -}: -let +}: let tunnelId = "57f51ad7-25a0-45f3-b113-0b6ae0b2c3e5"; - secrets = _utils.setupSharedSecrets config { secrets = [ "frpToken" ]; }; + secrets = _utils.setupSharedSecrets config {secrets = ["frpToken"];}; cfTunnelSecret = _utils.setupSingleSecret config "tunnelCreds" { owner = "cloudflared"; group = "cloudflared"; }; -in -{ +in { assertions = [ { assertion = lib.versionAtLeast config.boot.kernelPackages.kernel.version "6.6.31"; @@ -23,7 +21,7 @@ in ]; imports = [ - (lib.mkAliasOptionModule [ "cfTunnels" ] [ "services" "cloudflared" "tunnels" tunnelId "ingress" ]) + (lib.mkAliasOptionModule ["cfTunnels"] ["services" "cloudflared" "tunnels" tunnelId "ingress"]) secrets.generate cfTunnelSecret.generate diff --git a/systems/etna/dendrite.nix b/systems/etna/dendrite.nix index 140111e..689c955 100644 --- a/systems/etna/dendrite.nix +++ b/systems/etna/dendrite.nix @@ -2,64 +2,60 @@ config, _utils, ... -}: -let - secretKey = _utils.setupSingleSecret config "dendriteKey" { }; -in -{ - imports = [ secretKey.generate ]; +}: let + secretKey = _utils.setupSingleSecret config "dendriteKey" {}; +in { + imports = [secretKey.generate]; cfTunnels."m.uku.moe" = "http://localhost:80"; systemd.services.dendrite = { - after = [ "postgresql.service" ]; + after = ["postgresql.service"]; serviceConfig.RestartSec = 10; }; services = { - dendrite = - let - database = { - connection_string = "postgres:///dendrite?host=/run/postgresql"; - max_open_conns = 50; - max_idle_conns = 5; - conn_max_lifetime = -1; + dendrite = let + database = { + connection_string = "postgres:///dendrite?host=/run/postgresql"; + max_open_conns = 50; + max_idle_conns = 5; + conn_max_lifetime = -1; + }; + in { + enable = true; + httpPort = 8008; + loadCredential = ["private_key:${secretKey.path}"]; + + settings = { + global = { + server_name = "m.uku.moe"; + private_key = "$CREDENTIALS_DIRECTORY/private_key"; + inherit database; }; - in - { - enable = true; - httpPort = 8008; - loadCredential = [ "private_key:${secretKey.path}" ]; - settings = { - global = { - server_name = "m.uku.moe"; - private_key = "$CREDENTIALS_DIRECTORY/private_key"; - inherit database; - }; + client_api = { + registration_disabled = true; + }; - client_api = { - registration_disabled = true; - }; - - app_service_api = { inherit database; }; - federation_api = { inherit database; }; - key_server = { inherit database; }; - media_api = { inherit database; }; - mscs = { inherit database; }; - relay_api = { inherit database; }; - room_server = { inherit database; }; - sync_api = { inherit database; }; - user_api = { - account_database = database; - device_database = database; - }; + app_service_api = {inherit database;}; + federation_api = {inherit database;}; + key_server = {inherit database;}; + media_api = {inherit database;}; + mscs = {inherit database;}; + relay_api = {inherit database;}; + room_server = {inherit database;}; + sync_api = {inherit database;}; + user_api = { + account_database = database; + device_database = database; }; }; + }; postgresql = { enable = true; - ensureDatabases = [ "dendrite" ]; + ensureDatabases = ["dendrite"]; ensureUsers = [ { name = "dendrite"; @@ -68,34 +64,28 @@ in ]; }; - nginx.virtualHosts."m.uku.moe".locations = - let - server = { - "m.server" = "m.uku.moe:443"; - }; - client = { - "m.homeserver"."base_url" = "https://m.uku.moe"; - }; - in - { - "=/.well-known/matrix/server" = { - return = "200 '${builtins.toJSON server}'"; - }; - - "=/.well-known/matrix/client" = { - return = "200 '${builtins.toJSON client}'"; - }; - - "/" = { - proxyPass = "http://localhost:8008"; - proxyWebsockets = true; - extraConfig = '' - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_read_timeout 600; - client_max_body_size 100M; - ''; - }; + nginx.virtualHosts."m.uku.moe".locations = let + server = {"m.server" = "m.uku.moe:443";}; + client = {"m.homeserver"."base_url" = "https://m.uku.moe";}; + in { + "=/.well-known/matrix/server" = { + return = "200 '${builtins.toJSON server}'"; }; + + "=/.well-known/matrix/client" = { + return = "200 '${builtins.toJSON client}'"; + }; + + "/" = { + proxyPass = "http://localhost:8008"; + proxyWebsockets = true; + extraConfig = '' + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_read_timeout 600; + client_max_body_size 100M; + ''; + }; + }; }; } diff --git a/systems/etna/forgejo.nix b/systems/etna/forgejo.nix index 7da7460..43bae3a 100644 --- a/systems/etna/forgejo.nix +++ b/systems/etna/forgejo.nix @@ -3,21 +3,16 @@ config, _utils, ... -}: -let +}: let secrets = _utils.setupSecrets config { - secrets = [ - "turnstileSecret" - "forgejoRunnerSecret" - ]; + secrets = ["turnstileSecret" "forgejoRunnerSecret"]; extra = { owner = "forgejo"; group = "forgejo"; }; }; -in -{ - imports = [ secrets.generate ]; +in { + imports = [secrets.generate]; cfTunnels."git.uku3lig.net" = "http://localhost:3000"; diff --git a/systems/etna/hardware-configuration.nix b/systems/etna/hardware-configuration.nix index 2d22270..bfbe08d 100644 --- a/systems/etna/hardware-configuration.nix +++ b/systems/etna/hardware-configuration.nix @@ -7,22 +7,15 @@ pkgs, modulesPath, ... -}: -{ +}: { imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = [ - "xhci_pci" - "ahci" - "usbhid" - "usb_storage" - "sd_mod" - ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; + boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod"]; + boot.initrd.kernelModules = []; + boot.kernelModules = ["kvm-intel"]; + boot.extraModulePackages = []; fileSystems."/" = { device = "/dev/disk/by-uuid/e136f8ad-b8d5-4706-ad24-725926fd50ec"; @@ -32,10 +25,7 @@ fileSystems."/boot" = { device = "/dev/disk/by-uuid/FBB1-A79D"; fsType = "vfat"; - options = [ - "fmask=0022" - "dmask=0022" - ]; + options = ["fmask=0022" "dmask=0022"]; }; fileSystems."/data" = { @@ -44,7 +34,7 @@ }; swapDevices = [ - { device = "/dev/disk/by-uuid/4982538e-5402-44c0-86c6-bf086c856615"; } + {device = "/dev/disk/by-uuid/4982538e-5402-44c0-86c6-bf086c856615";} ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking diff --git a/systems/etna/immich.nix b/systems/etna/immich.nix index 65b520b..e81a55e 100644 --- a/systems/etna/immich.nix +++ b/systems/etna/immich.nix @@ -1,5 +1,4 @@ -{ ... }: -{ +{...}: { services.immich = { enable = true; diff --git a/systems/etna/metrics.nix b/systems/etna/metrics.nix index 186747b..3403138 100644 --- a/systems/etna/metrics.nix +++ b/systems/etna/metrics.nix @@ -3,13 +3,11 @@ mystia, _utils, ... -}: -let +}: let vmcfg = config.services.victoriametrics; - secrets = _utils.setupSharedSecrets config { secrets = [ "vmAuthToken" ]; }; - vmauthEnv = _utils.setupSingleSecret config "vmauthEnv" { }; -in -{ + secrets = _utils.setupSharedSecrets config {secrets = ["vmAuthToken"];}; + vmauthEnv = _utils.setupSingleSecret config "vmauthEnv" {}; +in { imports = [ mystia.nixosModules.vmauth secrets.generate @@ -49,12 +47,12 @@ in scrape_configs = [ { job_name = "victoriametrics"; - static_configs = [ { targets = [ "${builtins.toString vmcfg.listenAddress}" ]; } ]; + static_configs = [{targets = ["${builtins.toString vmcfg.listenAddress}"];}]; } { job_name = "api-rs"; - static_configs = [ { targets = [ "localhost:5001" ]; } ]; + static_configs = [{targets = ["localhost:5001"];}]; } ]; }; diff --git a/systems/etna/minecraft.nix b/systems/etna/minecraft.nix index 29630df..b684192 100644 --- a/systems/etna/minecraft.nix +++ b/systems/etna/minecraft.nix @@ -4,18 +4,17 @@ config, _utils, ... -}: -let +}: let inherit (config.virtualisation.oci-containers) backend; - secret = _utils.setupSingleSecret config "minecraftEnv" { }; + secret = _utils.setupSingleSecret config "minecraftEnv" {}; lynn = _utils.mkMinecraftServer config { name = "lynn"; port = 25567; remotePort = 6002; memory = "4G"; - envFiles = [ secret.path ]; + envFiles = [secret.path]; env = { USE_AIKAR_FLAGS = "true"; TYPE = "MODRINTH"; @@ -28,7 +27,7 @@ let port = 25565; remotePort = 6005; memory = "4G"; - envFiles = [ secret.path ]; + envFiles = [secret.path]; env = { USE_AIKAR_FLAGS = "true"; TYPE = "MODRINTH"; @@ -41,7 +40,7 @@ let port = 25566; remotePort = 6006; memory = "4G"; - envFiles = [ secret.path ]; + envFiles = [secret.path]; env = { USE_AIKAR_FLAGS = "true"; TYPE = "MODRINTH"; @@ -49,8 +48,7 @@ let MODRINTH_PROJECTS = "spark, no-chat-reports"; }; }; -in -{ +in { imports = [ secret.generate @@ -60,7 +58,7 @@ in ]; systemd.services.restart-minecraft-servers = { - wantedBy = [ "multi-user.target" ]; + wantedBy = ["multi-user.target"]; startAt = "*-*-* 05:00:00"; restartIfChanged = false; diff --git a/systems/etna/navidrome.nix b/systems/etna/navidrome.nix index eef7640..fa87255 100644 --- a/systems/etna/navidrome.nix +++ b/systems/etna/navidrome.nix @@ -2,17 +2,15 @@ config, _utils, ... -}: -let +}: let cfg = config.services.navidrome; env = _utils.setupSingleSecret config "navidromeEnv" { inherit (cfg) group; owner = cfg.user; }; -in -{ - imports = [ env.generate ]; +in { + imports = [env.generate]; cfTunnels."navidrome.uku3lig.net" = "http://localhost:4533"; diff --git a/systems/etna/nextcloud.nix b/systems/etna/nextcloud.nix index 0dbf787..2771a6d 100644 --- a/systems/etna/nextcloud.nix +++ b/systems/etna/nextcloud.nix @@ -3,15 +3,13 @@ config, _utils, ... -}: -let +}: let adminPass = _utils.setupSingleSecret config "nextcloudAdminPass" { owner = config.users.users.nextcloud.name; group = config.users.users.nextcloud.name; }; -in -{ - imports = [ adminPass.generate ]; +in { + imports = [adminPass.generate]; # nextcloud generates nginx config cfTunnels."cloud.uku3lig.net" = "http://localhost:80"; diff --git a/systems/etna/reposilite.nix b/systems/etna/reposilite.nix index 974888c..0275786 100644 --- a/systems/etna/reposilite.nix +++ b/systems/etna/reposilite.nix @@ -1,6 +1,5 @@ -{ camasca, ... }: -{ - imports = [ camasca.nixosModules.reposilite ]; +{camasca, ...}: { + imports = [camasca.nixosModules.reposilite]; cfTunnels."maven.uku3lig.net" = "http://localhost:8080"; diff --git a/systems/etna/satisfactory.nix b/systems/etna/satisfactory.nix index 277a3d0..daab588 100644 --- a/systems/etna/satisfactory.nix +++ b/systems/etna/satisfactory.nix @@ -1,15 +1,10 @@ -{ config, ... }: -let +{config, ...}: let inherit (config.virtualisation.oci-containers) backend; -in -{ +in { virtualisation.oci-containers.containers.satisfactory = { image = "wolveix/satisfactory-server:v1.8.5"; - ports = [ - "7777:7777/udp" - "7777:7777/tcp" - ]; - volumes = [ "/var/lib/satisfactory-server:/config" ]; + ports = ["7777:7777/udp" "7777:7777/tcp"]; + volumes = ["/var/lib/satisfactory-server:/config"]; environment = { MAXPLAYERS = "4"; PGID = "1000"; @@ -25,7 +20,7 @@ in }; networking.firewall = { - allowedTCPPorts = [ 7777 ]; - allowedUDPPorts = [ 7777 ]; + allowedTCPPorts = [7777]; + allowedUDPPorts = [7777]; }; } diff --git a/systems/etna/shlink.nix b/systems/etna/shlink.nix index a50fd59..62b4a54 100644 --- a/systems/etna/shlink.nix +++ b/systems/etna/shlink.nix @@ -3,8 +3,8 @@ virtualisation.oci-containers.containers.shlink = { image = "shlinkio/shlink:stable"; - ports = [ "8081:8080" ]; - volumes = [ "/data/shlink/database.sqlite:/etc/shlink/data/database.sqlite" ]; + ports = ["8081:8080"]; + volumes = ["/data/shlink/database.sqlite:/etc/shlink/data/database.sqlite"]; environment = { DEFAULT_DOMAIN = "uku.moe"; IS_HTTPS_ENABLED = "true"; diff --git a/systems/etna/uku.nix b/systems/etna/uku.nix index 6df47f9..ed0e3ad 100644 --- a/systems/etna/uku.nix +++ b/systems/etna/uku.nix @@ -4,16 +4,11 @@ api-rs, ukubot-rs, ... -}: -let +}: let secrets = _utils.setupSecrets config { - secrets = [ - "apiRsEnv" - "ukubotRsEnv" - ]; + secrets = ["apiRsEnv" "ukubotRsEnv"]; }; -in -{ +in { imports = [ api-rs.nixosModules.default ukubot-rs.nixosModules.default diff --git a/systems/etna/ups.nix b/systems/etna/ups.nix index 2e58f12..01b9638 100644 --- a/systems/etna/ups.nix +++ b/systems/etna/ups.nix @@ -2,12 +2,10 @@ _utils, config, ... -}: -let - upsdPass = _utils.setupSingleSecret config "upsdUserPass" { }; -in -{ - imports = [ upsdPass.generate ]; +}: let + upsdPass = _utils.setupSingleSecret config "upsdUserPass" {}; +in { + imports = [upsdPass.generate]; power.ups = { enable = true; @@ -22,11 +20,8 @@ in users.admin = { passwordFile = upsdPass.path; - instcmds = [ "ALL" ]; - actions = [ - "SET" - "FSD" - ]; + instcmds = ["ALL"]; + actions = ["SET" "FSD"]; }; ups.eaton-3s-850 = { @@ -62,10 +57,10 @@ in { job_name = "nut"; metrics_path = "/ups_metrics"; - params.ups = [ "eaton-3s-850" ]; + params.ups = ["eaton-3s-850"]; static_configs = [ { - targets = [ "localhost:${builtins.toString config.services.prometheus.exporters.nut.port}" ]; + targets = ["localhost:${builtins.toString config.services.prometheus.exporters.nut.port}"]; labels.ups = "eaton-3s-850"; } ]; diff --git a/systems/etna/vaultwarden.nix b/systems/etna/vaultwarden.nix index 7bb1735..575c560 100644 --- a/systems/etna/vaultwarden.nix +++ b/systems/etna/vaultwarden.nix @@ -2,12 +2,10 @@ config, _utils, ... -}: -let - envFile = _utils.setupSingleSecret config "vaultwardenEnv" { }; -in -{ - imports = [ envFile.generate ]; +}: let + envFile = _utils.setupSingleSecret config "vaultwardenEnv" {}; +in { + imports = [envFile.generate]; cfTunnels."bw.uku3lig.net" = "http://localhost:8222"; diff --git a/systems/fuji-wsl/default.nix b/systems/fuji-wsl/default.nix index 51acee2..f0a9df2 100644 --- a/systems/fuji-wsl/default.nix +++ b/systems/fuji-wsl/default.nix @@ -3,13 +3,12 @@ pkgs, nixos-wsl, ... -}: -{ +}: { imports = [ nixos-wsl.nixosModules.default ]; - environment.sessionVariables.LD_LIBRARY_PATH = [ "/run/opengl-driver/lib" ]; + environment.sessionVariables.LD_LIBRARY_PATH = ["/run/opengl-driver/lib"]; wsl = { enable = true; diff --git a/systems/fuji/default.nix b/systems/fuji/default.nix index c1fb41a..1cb0878 100644 --- a/systems/fuji/default.nix +++ b/systems/fuji/default.nix @@ -1,11 +1,10 @@ -{ pkgs, ... }: -{ +{pkgs, ...}: { imports = [ ./nvidia.nix ../../programs/games.nix ]; - services.xserver.videoDrivers = [ "amdgpu" ]; + services.xserver.videoDrivers = ["amdgpu"]; hm = { home.packages = with pkgs; [ diff --git a/systems/fuji/hardware-configuration.nix b/systems/fuji/hardware-configuration.nix index b252817..270bc58 100644 --- a/systems/fuji/hardware-configuration.nix +++ b/systems/fuji/hardware-configuration.nix @@ -7,27 +7,20 @@ pkgs, modulesPath, ... -}: -{ +}: { imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = [ - "xhci_pci" - "ahci" - "nvme" - "usbhid" - "sd_mod" - ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; + boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "usbhid" "sd_mod"]; + boot.initrd.kernelModules = []; + boot.kernelModules = ["kvm-intel"]; + boot.extraModulePackages = []; fileSystems."/" = { device = "/dev/disk/by-uuid/660ff32b-308f-411a-815e-959706ec1bcb"; fsType = "btrfs"; - options = [ "subvol=@" ]; + options = ["subvol=@"]; }; fileSystems."/boot" = { @@ -46,7 +39,7 @@ }; swapDevices = [ - { device = "/dev/disk/by-uuid/6ee8ec3d-3b26-4d6d-b43d-174f908fd8fe"; } + {device = "/dev/disk/by-uuid/6ee8ec3d-3b26-4d6d-b43d-174f908fd8fe";} ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking diff --git a/systems/fuji/nvidia.nix b/systems/fuji/nvidia.nix index 5de78ce..a495bd5 100644 --- a/systems/fuji/nvidia.nix +++ b/systems/fuji/nvidia.nix @@ -2,9 +2,8 @@ lib, pkgs, ... -}: -{ - services.xserver.videoDrivers = lib.mkForce [ "nvidia" ]; +}: { + services.xserver.videoDrivers = lib.mkForce ["nvidia"]; boot.kernelParams = [ "nvidia.NVreg_EnableGpuFirmware=0" @@ -17,7 +16,7 @@ }; hardware = { - graphics.extraPackages = [ pkgs.vaapiVdpau ]; + graphics.extraPackages = [pkgs.vaapiVdpau]; nvidia = { # package = config.boot.kernelPackages.nvidiaPackages.production; open = true; diff --git a/systems/kilimandjaro/default.nix b/systems/kilimandjaro/default.nix index a8bdbee..ffdce13 100644 --- a/systems/kilimandjaro/default.nix +++ b/systems/kilimandjaro/default.nix @@ -1,11 +1,10 @@ -{ camasca, ... }: -{ +{camasca, ...}: { imports = [ camasca.nixosModules.asus-numpad ../../programs/games.nix ]; - hm.imports = [ ../../programs/dotnet.nix ]; + hm.imports = [../../programs/dotnet.nix]; services.asus-numpad = { enable = true; diff --git a/systems/kilimandjaro/hardware-configuration.nix b/systems/kilimandjaro/hardware-configuration.nix index f5bc8aa..953b7d7 100644 --- a/systems/kilimandjaro/hardware-configuration.nix +++ b/systems/kilimandjaro/hardware-configuration.nix @@ -7,24 +7,15 @@ pkgs, modulesPath, ... -}: -{ +}: { imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = [ - "xhci_pci" - "thunderbolt" - "vmd" - "nvme" - "usb_storage" - "sd_mod" - "rtsx_usb_sdmmc" - ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; + boot.initrd.availableKernelModules = ["xhci_pci" "thunderbolt" "vmd" "nvme" "usb_storage" "sd_mod" "rtsx_usb_sdmmc"]; + boot.initrd.kernelModules = []; + boot.kernelModules = ["kvm-intel"]; + boot.extraModulePackages = []; fileSystems."/" = { device = "/dev/disk/by-uuid/e082a535-4b7c-4b24-af1c-0373eefd3c05"; @@ -42,7 +33,7 @@ }; swapDevices = [ - { device = "/dev/disk/by-uuid/2a5ce834-4a58-45ab-955f-5b620d503f7b"; } + {device = "/dev/disk/by-uuid/2a5ce834-4a58-45ab-955f-5b620d503f7b";} ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking diff --git a/systems/mottarone/default.nix b/systems/mottarone/default.nix index 580c18b..adbc1e0 100644 --- a/systems/mottarone/default.nix +++ b/systems/mottarone/default.nix @@ -3,11 +3,9 @@ pkgs, camasca, ... -}: -let +}: let inherit (pkgs.stdenv.hostPlatform) system; -in -{ +in { environment.systemPackages = with pkgs; [ gtkterm remmina diff --git a/systems/mottarone/hardware-configuration.nix b/systems/mottarone/hardware-configuration.nix index dce25e1..84f6d3f 100644 --- a/systems/mottarone/hardware-configuration.nix +++ b/systems/mottarone/hardware-configuration.nix @@ -7,23 +7,15 @@ pkgs, modulesPath, ... -}: -{ +}: { imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = [ - "xhci_pci" - "thunderbolt" - "nvme" - "usbhid" - "usb_storage" - "sd_mod" - ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; + boot.initrd.availableKernelModules = ["xhci_pci" "thunderbolt" "nvme" "usbhid" "usb_storage" "sd_mod"]; + boot.initrd.kernelModules = []; + boot.kernelModules = ["kvm-intel"]; + boot.extraModulePackages = []; fileSystems."/" = { device = "/dev/disk/by-uuid/e36f709d-a4ea-4310-8c0d-8752afacba3c"; @@ -33,14 +25,11 @@ fileSystems."/boot" = { device = "/dev/disk/by-uuid/D4AA-EE25"; fsType = "vfat"; - options = [ - "fmask=0022" - "dmask=0022" - ]; + options = ["fmask=0022" "dmask=0022"]; }; swapDevices = [ - { device = "/dev/disk/by-uuid/316ddc44-0359-40ac-9dce-2d78817fbb29"; } + {device = "/dev/disk/by-uuid/316ddc44-0359-40ac-9dce-2d78817fbb29";} ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking diff --git a/systems/vesuvio/default.nix b/systems/vesuvio/default.nix index 04c43a0..086bfc5 100644 --- a/systems/vesuvio/default.nix +++ b/systems/vesuvio/default.nix @@ -3,22 +3,17 @@ config, _utils, ... -}: -let - secrets = _utils.setupSharedSecrets config { secrets = [ "frpToken" ]; }; -in -{ - imports = [ secrets.generate ]; +}: let + secrets = _utils.setupSharedSecrets config {secrets = ["frpToken"];}; +in { + imports = [secrets.generate]; zramSwap.enable = true; - environment.systemPackages = with pkgs; [ - dig - traceroute - ]; + environment.systemPackages = with pkgs; [dig traceroute]; services = { - openssh.ports = [ 4269 ]; + openssh.ports = [4269]; # Needed by the Hetzner Cloud password reset feature. qemuGuest.enable = true; @@ -45,11 +40,11 @@ in frp.serviceConfig.EnvironmentFile = secrets.get "frpToken"; # https://discourse.nixos.org/t/qemu-guest-agent-on-hetzner-cloud-doesnt-work/8864/2 - qemu-guest-agent.path = [ pkgs.shadow ]; + qemu-guest-agent.path = [pkgs.shadow]; }; networking.firewall = { - allowedTCPPorts = [ 22 ]; # forgejo-ssh + allowedTCPPorts = [22]; # forgejo-ssh allowedTCPPortRanges = [ { from = 6000; diff --git a/systems/vesuvio/hardware-configuration.nix b/systems/vesuvio/hardware-configuration.nix index 8a91e02..c0a2379 100644 --- a/systems/vesuvio/hardware-configuration.nix +++ b/systems/vesuvio/hardware-configuration.nix @@ -1,6 +1,5 @@ -{ modulesPath, ... }: -{ - imports = [ "${modulesPath}/profiles/qemu-guest.nix" ]; +{modulesPath, ...}: { + imports = ["${modulesPath}/profiles/qemu-guest.nix"]; boot = { # arm so we can use systemd-boot @@ -12,18 +11,11 @@ # set console because the console defaults to serial and # initialize the display early to get a complete log. # this is required for typing in LUKS passwords on boot too. - kernelParams = [ "console=tty" ]; + kernelParams = ["console=tty"]; initrd = { - availableKernelModules = [ - "ata_piix" - "uhci_hcd" - "xen_blkfront" - ]; - kernelModules = [ - "nvme" - "virtio_gpu" - ]; + availableKernelModules = ["ata_piix" "uhci_hcd" "xen_blkfront"]; + kernelModules = ["nvme" "virtio_gpu"]; }; };