diff --git a/flake.nix b/flake.nix index 67979726..897f7e7f 100644 --- a/flake.nix +++ b/flake.nix @@ -1,198 +1,211 @@ { description = "NixOS configuration with flakes"; - outputs = { self, flake-utils, flake-compat, home-manager - , nixpkgs-nixos-unstable, nixpkgs-master, nixpkgs-stable, darwin - , nixos-hardware, nur, sops, nil, helix, alejandra, nixpkgs-rust-analyzer - , endless-sky, disko }@inputs: - let - mkServer = pkgs: system: hostname: - pkgs.lib.nixosSystem { - inherit system; - modules = [ - (./. + "/nixos/boxes/${hostname}") - (import ./nixos/server-common.nix) - sops.nixosModules.sops - disko.nixosModules.disko - ]; - specialArgs = { inherit inputs system; }; - }; - mkRaspi = pkgs: hostname: - pkgs.lib.nixosSystem { - system = "aarch64-linux"; - modules = [ (./. + "/nixos/boxes/${hostname}") - sops.nixosModules.sops - ]; - specialArgs = { inherit inputs; }; - }; - mkKiosk = pkgs: system: hostname: - pkgs.lib.nixosSystem { - inherit system; - modules = [ - (./. + "/nixos/boxes/${hostname}") - (import ./nixos/common.nix) - sops.nixosModules.sops - - home-manager.nixosModules.home-manager - { - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - home-manager.users.cyryl = { - imports = - [ ./nixos/home-manager ./nixos/home-manager/linux.nix ]; - _module.args.inputs = inputs; - _module.args.system = system; - }; - } - ]; - specialArgs = { - inherit inputs system; - nixpkgs-nixos-stable-and-unfree = import nixpkgs-stable { - inherit system; - config = { allowUnfree = true; }; - }; - nixpkgs-nixos-unstable-and-unfree = import nixpkgs-nixos-unstable { - inherit system; - config = { allowUnfree = true; }; - }; - }; - }; - mkWorkstation = pkgs: system: hostname: - pkgs.lib.nixosSystem { - inherit system; - modules = [ - (./. + "/nixos/boxes/${hostname}") - (import ./nixos/email-accounts.nix) - (import ./nixos/common.nix) - sops.nixosModules.sops - disko.nixosModules.disko - home-manager.nixosModules.home-manager - { - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - home-manager.users.cyryl = { - imports = - [ ./nixos/home-manager ./nixos/home-manager/linux.nix ]; - _module.args.inputs = inputs; - _module.args.system = system; - }; - } - ]; - specialArgs = { - inherit inputs system; - nixpkgs-nixos-stable-and-unfree = import nixpkgs-stable { - inherit system; - config = { allowUnfree = true; }; - }; - nixpkgs-nixos-unstable-and-unfree = import nixpkgs-nixos-unstable { - inherit system; - config = { allowUnfree = true; }; - }; - }; - }; - mkShell = packageSet: system: - let pkgs = packageSet.legacyPackages.${system}; - in pkgs.mkShell { - packages = with pkgs; [ - inputs.alejandra.defaultPackage.${system} - cacert - git - git-lfs - nixpkgs-fmt - openssh - openssl - pkg-config - statix - ]; - }; - in { - devShells = { - "x86_64-darwin".default = mkShell nixpkgs-stable "x86_64-darwin"; - "x86_64-linux".default = mkShell nixpkgs-stable "x86_64-linux"; + outputs = { + self, + flake-utils, + flake-compat, + home-manager, + nixpkgs-nixos-unstable, + nixpkgs-master, + nixpkgs-stable, + darwin, + nixos-hardware, + nur, + sops, + nil, + helix, + alejandra, + nixpkgs-rust-analyzer, + endless-sky, + disko, + } @ inputs: let + mkServer = pkgs: system: hostname: + pkgs.lib.nixosSystem { + inherit system; + modules = [ + (./. + "/nixos/boxes/${hostname}") + (import ./nixos/server-common.nix) + sops.nixosModules.sops + disko.nixosModules.disko + ]; + specialArgs = {inherit inputs system;}; }; - darwinConfigurations = { - "FORM3-CYRYLPLOTN" = darwin.lib.darwinSystem rec { - system = "x86_64-darwin"; - modules = [ - (./. + "/nixos/boxes/form3") - home-manager.darwinModules.home-manager - { - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - home-manager.users.cyryl = { - imports = [ ./nixos/home-manager ]; - _module.args.inputs = inputs; - _module.args.system = system; - }; - } - ]; + mkRaspi = pkgs: hostname: + pkgs.lib.nixosSystem { + system = "aarch64-linux"; + modules = [ + (./. + "/nixos/boxes/${hostname}") + sops.nixosModules.sops + ]; + specialArgs = {inherit inputs;}; + }; + mkKiosk = pkgs: system: hostname: + pkgs.lib.nixosSystem { + inherit system; + modules = [ + (./. + "/nixos/boxes/${hostname}") + (import ./nixos/common.nix) + sops.nixosModules.sops + + home-manager.nixosModules.home-manager + { + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + home-manager.users.cyryl = { + imports = [./nixos/home-manager ./nixos/home-manager/linux.nix]; + _module.args.inputs = inputs; + _module.args.system = system; + }; + } + ]; + specialArgs = { + inherit inputs system; + nixpkgs-nixos-stable-and-unfree = import nixpkgs-stable { + inherit system; + config = {allowUnfree = true;}; + }; + nixpkgs-nixos-unstable-and-unfree = import nixpkgs-nixos-unstable { + inherit system; + config = {allowUnfree = true;}; + }; }; }; - - nixosConfigurations = { - foryog = mkWorkstation nixpkgs-stable "x86_64-linux" "foryog"; - thinky = mkWorkstation nixpkgs-stable "x86_64-linux" "thinky"; - bolty = mkServer nixpkgs-stable "x86_64-linux" "bolty"; - vpsfree1 = mkServer nixpkgs-stable"x86_64-linux" "vpsfree1"; - mb1 = mkServer nixpkgs-stable "x86_64-linux" "mb1"; - homescreen = mkRaspi nixpkgs-stable "homescreen"; - - bootstrap = nixpkgs-stable.lib.nixosSystem rec { - system = "x86_64-linux"; - modules = [ (./. + "/nixos/boxes/bootstrap") sops.nixosModules.sops ]; - specialArgs = { - inherit inputs system; - nixpkgs-nixos-unstable-and-unfree = import nixpkgs-nixos-unstable { - inherit system; - config = { allowUnfree = true; }; + mkWorkstation = pkgs: system: hostname: + pkgs.lib.nixosSystem { + inherit system; + modules = [ + (./. + "/nixos/boxes/${hostname}") + (import ./nixos/email-accounts.nix) + (import ./nixos/common.nix) + sops.nixosModules.sops + disko.nixosModules.disko + home-manager.nixosModules.home-manager + { + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + home-manager.users.cyryl = { + imports = [./nixos/home-manager ./nixos/home-manager/linux.nix]; + _module.args.inputs = inputs; + _module.args.system = system; }; + } + ]; + specialArgs = { + inherit inputs system; + nixpkgs-nixos-stable-and-unfree = import nixpkgs-stable { + inherit system; + config = {allowUnfree = true;}; + }; + nixpkgs-nixos-unstable-and-unfree = import nixpkgs-nixos-unstable { + inherit system; + config = {allowUnfree = true;}; }; }; - # nix build .#nixosConfigurations.raspiimage.config.system.build.sdImage - # sudo dd if=result/sd-image/nixos-sd-image-21.11.20211201.a640d83-aarch64-linux.img of=/dev/sda bs=4M conv=fsync status=progress - # make sure to update eeprom https://nixos.wiki/wiki/NixOS_on_ARM/Raspberry_Pi_4#Board-specific_installation_notes - raspiimage = nixpkgs-stable.lib.nixosSystem { - system = "aarch64-linux"; - modules = [ - (import - "${inputs.nixpkgs-stable}/nixos/modules/installer/sd-card/sd-image-aarch64-installer.nix") - { - environment.systemPackages = - with nixpkgs-nixos-unstable.legacyPackages."aarch64-linux"; [ - neovim - htop - btop - atop - ]; - - networking.networkmanager.enable = false; - hardware.enableRedistributableFirmware = true; - networking.wireless.enable = true; - - services.openssh = { - enable = true; - permitRootLogin = - nixpkgs-stable.lib.mkForce "prohibit-password"; - passwordAuthentication = false; - }; - - services.xserver = { - enable = true; - displayManager.lightdm.enable = true; - desktopManager.gnome.enable = true; - libinput.enable = true; - }; - - users.extraUsers.root.openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEo4R+6J3h6Ix3xWpOMdU7Es1/YxFchHw0c+kcCOJxFb cyryl@foureighty" - ]; - sdImage.compressImage = false; - console.earlySetup = true; - } - ]; - specialArgs = { inherit inputs; }; - }; + }; + mkShell = packageSet: system: let + pkgs = packageSet.legacyPackages.${system}; + in + pkgs.mkShell { + packages = with pkgs; [ + inputs.alejandra.defaultPackage.${system} + cacert + git + git-lfs + nixpkgs-fmt + openssh + openssl + pkg-config + statix + ]; + }; + in { + devShells = { + "x86_64-darwin".default = mkShell nixpkgs-stable "x86_64-darwin"; + "x86_64-linux".default = mkShell nixpkgs-stable "x86_64-linux"; + }; + darwinConfigurations = { + "FORM3-CYRYLPLOTN" = darwin.lib.darwinSystem rec { + system = "x86_64-darwin"; + modules = [ + (./. + "/nixos/boxes/form3") + home-manager.darwinModules.home-manager + { + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + home-manager.users.cyryl = { + imports = [./nixos/home-manager]; + _module.args.inputs = inputs; + _module.args.system = system; + }; + } + ]; }; }; + + nixosConfigurations = { + foryog = mkWorkstation nixpkgs-stable "x86_64-linux" "foryog"; + thinky = mkWorkstation nixpkgs-stable "x86_64-linux" "thinky"; + bolty = mkServer nixpkgs-stable "x86_64-linux" "bolty"; + vpsfree1 = mkServer nixpkgs-stable "x86_64-linux" "vpsfree1"; + mb1 = mkServer nixpkgs-stable "x86_64-linux" "mb1"; + homescreen = mkRaspi nixpkgs-stable "homescreen"; + + bootstrap = nixpkgs-stable.lib.nixosSystem rec { + system = "x86_64-linux"; + modules = [(./. + "/nixos/boxes/bootstrap") sops.nixosModules.sops]; + specialArgs = { + inherit inputs system; + nixpkgs-nixos-unstable-and-unfree = import nixpkgs-nixos-unstable { + inherit system; + config = {allowUnfree = true;}; + }; + }; + }; + # nix build .#nixosConfigurations.raspiimage.config.system.build.sdImage + # sudo dd if=result/sd-image/nixos-sd-image-21.11.20211201.a640d83-aarch64-linux.img of=/dev/sda bs=4M conv=fsync status=progress + # make sure to update eeprom https://nixos.wiki/wiki/NixOS_on_ARM/Raspberry_Pi_4#Board-specific_installation_notes + raspiimage = nixpkgs-stable.lib.nixosSystem { + system = "aarch64-linux"; + modules = [ + (import + "${inputs.nixpkgs-stable}/nixos/modules/installer/sd-card/sd-image-aarch64-installer.nix") + { + environment.systemPackages = with nixpkgs-nixos-unstable.legacyPackages."aarch64-linux"; [ + neovim + htop + btop + atop + ]; + + networking.networkmanager.enable = false; + hardware.enableRedistributableFirmware = true; + networking.wireless.enable = true; + + services.openssh = { + enable = true; + permitRootLogin = + nixpkgs-stable.lib.mkForce "prohibit-password"; + passwordAuthentication = false; + }; + + services.xserver = { + enable = true; + displayManager.lightdm.enable = true; + desktopManager.gnome.enable = true; + libinput.enable = true; + }; + + users.extraUsers.root.openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEo4R+6J3h6Ix3xWpOMdU7Es1/YxFchHw0c+kcCOJxFb cyryl@foureighty" + ]; + sdImage.compressImage = false; + console.earlySetup = true; + } + ]; + specialArgs = {inherit inputs;}; + }; + }; + }; inputs = { nixpkgs-master = { type = "github"; diff --git a/nixos/boot.nix b/nixos/boot.nix index 1bfc7292..88fd82d5 100644 --- a/nixos/boot.nix +++ b/nixos/boot.nix @@ -1,5 +1,10 @@ -{ config, pkgs, lib, ... }: { - fileSystems."/".options = [ "noatime" "nodiratime" "discard" ]; +{ + config, + pkgs, + lib, + ... +}: { + fileSystems."/".options = ["noatime" "nodiratime" "discard"]; hardware.enableRedistributableFirmware = lib.mkDefault true; boot = { diff --git a/nixos/boxes/bolty/bolty-boot.nix b/nixos/boxes/bolty/bolty-boot.nix index 99c8e396..16026d5a 100644 --- a/nixos/boxes/bolty/bolty-boot.nix +++ b/nixos/boxes/bolty/bolty-boot.nix @@ -1,26 +1,29 @@ -{ config, pkgs, ... }: { +{ + config, + pkgs, + ... +}: { boot = { kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages; - initrd.availableKernelModules = - [ "nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" "sdhci_acpi" ]; - initrd.kernelModules = [ "dm-snapshot" ]; - kernelModules = [ "kvm-amd" ]; - extraModulePackages = [ ]; + initrd.availableKernelModules = ["nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" "sdhci_acpi"]; + initrd.kernelModules = ["dm-snapshot"]; + kernelModules = ["kvm-amd"]; + extraModulePackages = []; loader.systemd-boot.enable = true; loader.efi.canTouchEfiVariables = false; - supportedFilesystems = [ "zfs" ]; + supportedFilesystems = ["zfs"]; zfs.forceImportRoot = false; }; services.btrfs.autoScrub.enable = true; services.zfs.autoScrub.enable = true; services.zfs.trim.enable = true; - - boot.kernelParams = [ "zfs.zfs_arc_max=8589934592" ]; - boot.zfs.extraPools = [ "data" ]; + boot.kernelParams = ["zfs.zfs_arc_max=8589934592"]; - fileSystems."/" = { + boot.zfs.extraPools = ["data"]; + + fileSystems."/" = { device = "/dev/disk/by-uuid/28afab71-ff3d-4f1a-b7e4-2129572706dd"; fsType = "btrfs"; }; @@ -30,7 +33,7 @@ fsType = "vfat"; }; - swapDevices = [ ]; + swapDevices = []; nix.settings = { max-jobs = 8; diff --git a/nixos/boxes/bolty/default.nix b/nixos/boxes/bolty/default.nix index 28a013a6..bb8af938 100644 --- a/nixos/boxes/bolty/default.nix +++ b/nixos/boxes/bolty/default.nix @@ -1,4 +1,10 @@ -{ config, pkgs, inputs, lib, ... }: { +{ + config, + pkgs, + inputs, + lib, + ... +}: { imports = [ ../cli.nix ./bolty-boot.nix @@ -15,7 +21,7 @@ ./tailscale-cert.nix ./virtualisation.nix ]; - boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; + boot.binfmt.emulatedSystems = ["aarch64-linux"]; programs.ccache.enable = true; networking.hostName = "bolty"; networking.hostId = "f05dd3b4"; diff --git a/nixos/boxes/bolty/gitea-runner.nix b/nixos/boxes/bolty/gitea-runner.nix index 1ac41941..3fe30078 100644 --- a/nixos/boxes/bolty/gitea-runner.nix +++ b/nixos/boxes/bolty/gitea-runner.nix @@ -1,9 +1,14 @@ -{ config, pkgs, inputs, lib, system, ... }: -let +{ + config, + pkgs, + inputs, + lib, + system, + ... +}: let unstable = inputs.nixpkgs-nixos-unstable; package = unstable.legacyPackages."${system}".gitea-actions-runner; -in -{ +in { sops.secrets."gitea-runner-token" = { sopsFile = ./gitea-runner-token.sops; format = "binary"; @@ -11,11 +16,11 @@ in virtualisation.docker = { enable = true; autoPrune.enable = true; - daemon.settings = { + daemon.settings = { }; }; - disabledModules = [ "services/continuous-integration/gitea-actions-runner.nix" ]; - imports = [ "${unstable}/nixos/modules/services/continuous-integration/gitea-actions-runner.nix" ]; + disabledModules = ["services/continuous-integration/gitea-actions-runner.nix"]; + imports = ["${unstable}/nixos/modules/services/continuous-integration/gitea-actions-runner.nix"]; services.gitea-actions-runner = { inherit package; diff --git a/nixos/boxes/bolty/grafana.nix b/nixos/boxes/bolty/grafana.nix index 8a21fdd7..f6097a74 100644 --- a/nixos/boxes/bolty/grafana.nix +++ b/nixos/boxes/bolty/grafana.nix @@ -1,12 +1,17 @@ -{ config, pkgs, inputs, lib, ... }: -let +{ + config, + pkgs, + inputs, + lib, + ... +}: let fqdn = "bolty.raptor-carp.ts.net"; port = 30001; path = "/data/grafana"; certPath = "${path}/cert.pem"; keyPath = "${path}/key.pem"; in { - networking.firewall.allowedTCPPorts = [ port ]; + networking.firewall.allowedTCPPorts = [port]; systemd.services.grafana-prep = { script = '' @@ -19,15 +24,15 @@ in { Type = "oneshot"; ReloadPropagatedFrom = "tailscale-cert.service"; }; - before = [ "grafana.service" ]; - wantedBy = [ "multi-user.target" ]; + before = ["grafana.service"]; + wantedBy = ["multi-user.target"]; after = [ "network.target" "network-online.target" "tailscaled.service" "tailscale-cert.service" ]; - wants = [ "tailscale-cert.service" ]; + wants = ["tailscale-cert.service"]; }; systemd.services.grafana = { diff --git a/nixos/boxes/bolty/home-assistant.nix b/nixos/boxes/bolty/home-assistant.nix index dc46a828..57d0db39 100644 --- a/nixos/boxes/bolty/home-assistant.nix +++ b/nixos/boxes/bolty/home-assistant.nix @@ -1,15 +1,20 @@ -{ config, pkgs, inputs, lib, ... }: -let +{ + config, + pkgs, + inputs, + lib, + ... +}: let port = 8123; path = "/data/nginx"; certPath = "${path}/cert.pem"; keyPath = "${path}/key.pem"; in { - imports = [ ../nginx.nix ./virtualisation.nix ]; + imports = [../nginx.nix ./virtualisation.nix]; - networking.firewall.allowedTCPPorts = [ port 1883 ]; + networking.firewall.allowedTCPPorts = [port 1883]; services.mosquitto = { - enable = true; + enable = true; listeners = [ { port = 1883; @@ -18,8 +23,9 @@ in { settings = { allow_anonymous = true; }; - acl = [ "topic readwrite #" ]; - }]; + acl = ["topic readwrite #"]; + } + ]; }; services.nginx = { @@ -48,15 +54,14 @@ in { Type = "oneshot"; ReloadPropagatedFrom = "tailscale-cert.service"; }; - before = [ "nginx.service" ]; - wantedBy = [ "multi-user.target" ]; + before = ["nginx.service"]; + wantedBy = ["multi-user.target"]; after = [ "network.target" "network-online.target" "tailscaled.service" "tailscale-cert.service" ]; - wants = [ "tailscale-cert.service" ]; + wants = ["tailscale-cert.service"]; }; - } diff --git a/nixos/boxes/bolty/home-security.nix b/nixos/boxes/bolty/home-security.nix index a85bbc7f..6867444d 100644 --- a/nixos/boxes/bolty/home-security.nix +++ b/nixos/boxes/bolty/home-security.nix @@ -1,2 +1,8 @@ -{ config, pkgs, inputs, lib, ... }: { +{ + config, + pkgs, + inputs, + lib, + ... +}: { } diff --git a/nixos/boxes/bolty/influxdb.nix b/nixos/boxes/bolty/influxdb.nix index f8772d1b..706a25bb 100644 --- a/nixos/boxes/bolty/influxdb.nix +++ b/nixos/boxes/bolty/influxdb.nix @@ -1,12 +1,17 @@ -{ config, pkgs, inputs, lib, ... }: -let +{ + config, + pkgs, + inputs, + lib, + ... +}: let fqdn = "bolty.raptor-carp.ts.net"; port = 8086; path = "/data/influxdb"; certPath = "${path}/cert.pem"; keyPath = "${path}/key.pem"; in { - networking.firewall.allowedTCPPorts = [ port ]; + networking.firewall.allowedTCPPorts = [port]; systemd.services.influxdb2-prep = { script = '' @@ -19,15 +24,15 @@ in { Type = "oneshot"; ReloadPropagatedFrom = "tailscale-cert.service"; }; - before = [ "influxdb2.service" ]; - wantedBy = [ "multi-user.target" ]; + before = ["influxdb2.service"]; + wantedBy = ["multi-user.target"]; after = [ "network.target" "network-online.target" "tailscaled.service" "tailscale-cert.service" ]; - wants = [ "tailscale-cert.service" ]; + wants = ["tailscale-cert.service"]; }; systemd.services.influxdb2 = { @@ -48,5 +53,4 @@ in { tls-key = "${keyPath}"; }; }; - } diff --git a/nixos/boxes/bolty/nas.nix b/nixos/boxes/bolty/nas.nix index 9c350b60..11e96657 100644 --- a/nixos/boxes/bolty/nas.nix +++ b/nixos/boxes/bolty/nas.nix @@ -1,5 +1,11 @@ -{ config, pkgs, inputs, lib, ... }: { - networking.firewall.allowedTCPPorts = [ 2049 ]; +{ + config, + pkgs, + inputs, + lib, + ... +}: { + networking.firewall.allowedTCPPorts = [2049]; services.nfs.server.enable = true; services.nfs.server.exports = '' /data/nfs 10.0.0.244/24(rw,sync,insecure,no_subtree_check,fsid=0) 100.81.212.51(rw,sync,insecure,no_subtree_check) @@ -7,5 +13,4 @@ /data/nfs/home_assistant/media 10.0.0.244/24(rw,sync,insecure,no_subtree_check) 100.81.212.51(rw,sync,insecure,no_subtree_check) /data/nfs/home_assistant/backups 10.0.0.244/24(rw,sync,insecure,no_subtree_check) 100.81.212.51(rw,sync,insecure,no_subtree_check) ''; - -} \ No newline at end of file +} diff --git a/nixos/boxes/bolty/networking.nix b/nixos/boxes/bolty/networking.nix index 133adfa1..20f1ba7b 100644 --- a/nixos/boxes/bolty/networking.nix +++ b/nixos/boxes/bolty/networking.nix @@ -1,4 +1,10 @@ -{ config, pkgs, inputs, lib, ... }: { +{ + config, + pkgs, + inputs, + lib, + ... +}: { networking.hostName = "bolty"; systemd.network.enable = true; networking.networkmanager.enable = false; @@ -8,10 +14,10 @@ }; systemd.network.networks."br0" = { name = "br0"; - address = [ "10.0.0.8/24" ]; - gateway = [ "10.0.0.1" ]; + address = ["10.0.0.8/24"]; + gateway = ["10.0.0.1"]; DHCP = "no"; - dns = [ "100.100.100.100" "9.9.9.9" ]; + dns = ["100.100.100.100" "9.9.9.9"]; }; systemd.network.networks."eth" = { diff --git a/nixos/boxes/bolty/nix-store-server.nix b/nixos/boxes/bolty/nix-store-server.nix index b4795842..4f73bf17 100644 --- a/nixos/boxes/bolty/nix-store-server.nix +++ b/nixos/boxes/bolty/nix-store-server.nix @@ -1,5 +1,9 @@ -{ config, pkgs, ... }: { - nix.settings.trusted-users = [ "nix-ssh" ]; +{ + config, + pkgs, + ... +}: { + nix.settings.trusted-users = ["nix-ssh"]; nix.sshServe = { enable = true; write = true; diff --git a/nixos/boxes/bolty/print-server.nix b/nixos/boxes/bolty/print-server.nix index c55d99b1..c87022ab 100644 --- a/nixos/boxes/bolty/print-server.nix +++ b/nixos/boxes/bolty/print-server.nix @@ -1,39 +1,45 @@ -{ config, pkgs, lib, ... }: { +{ + config, + pkgs, + lib, + ... +}: { networking.firewall.enable = true; - networking.firewall.allowedTCPPorts = [ 631 6566 ]; - networking.firewall.allowedUDPPorts = [ 631 6566 ]; + networking.firewall.allowedTCPPorts = [631 6566]; + networking.firewall.allowedUDPPorts = [631 6566]; services.printing = { enable = true; - drivers = with pkgs; [ epson-escpr ]; - listenAddresses = [ "*:631" ]; + drivers = with pkgs; [epson-escpr]; + listenAddresses = ["*:631"]; defaultShared = true; browsing = true; - allowFrom = [ "all" ]; + allowFrom = ["all"]; extraConf = '' ServerAlias * DefaultEncryption Never ''; }; - hardware.printers.ensurePrinters = [{ - description = "Epson XP-540"; - location = "connected to bolty"; - name = "epson_xp540"; - deviceUri = - "usb://EPSON/XP-540%20Series?serial=583245393030303936&interface=1"; - model = "raw"; - ppdOptions = { PageSize = "A4"; }; - }]; + hardware.printers.ensurePrinters = [ + { + description = "Epson XP-540"; + location = "connected to bolty"; + name = "epson_xp540"; + deviceUri = "usb://EPSON/XP-540%20Series?serial=583245393030303936&interface=1"; + model = "raw"; + ppdOptions = {PageSize = "A4";}; + } + ]; hardware.sane = { enable = true; - extraBackends = with pkgs; [ sane-airscan gawk ]; + extraBackends = with pkgs; [sane-airscan gawk]; snapshot = true; }; - services.udev.packages = [ ]; + services.udev.packages = []; - environment.systemPackages = with pkgs; [ gawk ]; + environment.systemPackages = with pkgs; [gawk]; services.saned = { enable = true; extraConfig = '' diff --git a/nixos/boxes/bolty/tailscale-cert.nix b/nixos/boxes/bolty/tailscale-cert.nix index 1b9f1c10..4fbc6a17 100644 --- a/nixos/boxes/bolty/tailscale-cert.nix +++ b/nixos/boxes/bolty/tailscale-cert.nix @@ -1,34 +1,39 @@ -{ config, pkgs, inputs, lib, ... }: -let +{ + config, + pkgs, + inputs, + lib, + ... +}: let fqdn = "bolty.raptor-carp.ts.net"; basePath = "/var/lib/tailscale-certs"; keyPath = "${basePath}/key.pem"; certPath = "${basePath}/cert.pem"; in { - imports = [ ]; + imports = []; systemd.services.tailscale-cert-make-path = { script = '' mkdir -p ${basePath} ''; - serviceConfig = { Type = "oneshot"; }; - before = [ "tailscale-cert.service" ]; - wantedBy = [ "multi-user.target" ]; + serviceConfig = {Type = "oneshot";}; + before = ["tailscale-cert.service"]; + wantedBy = ["multi-user.target"]; }; systemd.services.tailscale-cert = { - after = [ "network.target" "network-online.target" "tailscaled.service" ]; - wants = [ "tailscaled.service" ]; - wantedBy = [ "multi-user.target" ]; + after = ["network.target" "network-online.target" "tailscaled.service"]; + wants = ["tailscaled.service"]; + wantedBy = ["multi-user.target"]; - path = with pkgs; [ tailscale ]; + path = with pkgs; [tailscale]; serviceConfig = { Type = "oneshot"; UMask = 22; StateDirectoryMode = 750; ProtectSystem = "strict"; - ReadWritePaths = [ "${basePath}" ]; + ReadWritePaths = ["${basePath}"]; PrivateTmp = true; WorkingDirectory = "${basePath}"; NoNewPrivileges = true; @@ -36,16 +41,16 @@ in { ProtectClock = true; ProtectHome = true; ProtectHostname = true; - StateDirectory = [ "${basePath}" ]; + StateDirectory = ["${basePath}"]; }; script = '' - tailscale cert --cert-file ${certPath} --key-file ${keyPath} ${fqdn} + tailscale cert --cert-file ${certPath} --key-file ${keyPath} ${fqdn} ''; }; systemd.timers.tailscale-renew = { - wantedBy = [ "timers.target" ]; + wantedBy = ["timers.target"]; description = "Renew tailscale server cert"; timerConfig = { OnCalendar = "weekly"; diff --git a/nixos/boxes/bolty/virtualisation.nix b/nixos/boxes/bolty/virtualisation.nix index 3cb4c791..6fcdfcbf 100644 --- a/nixos/boxes/bolty/virtualisation.nix +++ b/nixos/boxes/bolty/virtualisation.nix @@ -1,10 +1,16 @@ -{ config, pkgs, inputs, lib, ... }: { - boot.kernelModules = [ "kvm_amd" ]; +{ + config, + pkgs, + inputs, + lib, + ... +}: { + boot.kernelModules = ["kvm_amd"]; virtualisation = { libvirtd = { enable = true; qemu.ovmf.enable = true; - allowedBridges = [ "br0" ]; + allowedBridges = ["br0"]; }; }; environment.systemPackages = with pkgs; [ @@ -14,8 +20,7 @@ virt-viewer lm_sensors ]; - networking.firewall.allowedTCPPorts = [ 5900 ]; + networking.firewall.allowedTCPPorts = [5900]; security.allowUserNamespaces = true; - } diff --git a/nixos/boxes/bootstrap/default.nix b/nixos/boxes/bootstrap/default.nix index 959f8e8f..f1c8e52d 100644 --- a/nixos/boxes/bootstrap/default.nix +++ b/nixos/boxes/bootstrap/default.nix @@ -16,5 +16,5 @@ boot.kernelPackages = pkgs.linuxPackages_latest; time.timeZone = "Europe/London"; - programs.zsh.enable=true; + programs.zsh.enable = true; } diff --git a/nixos/boxes/cli.nix b/nixos/boxes/cli.nix index 68039e29..65d1cd5f 100644 --- a/nixos/boxes/cli.nix +++ b/nixos/boxes/cli.nix @@ -1,4 +1,8 @@ -{ config, pkgs, ... }: { +{ + config, + pkgs, + ... +}: { environment.systemPackages = with pkgs; [ atop btop diff --git a/nixos/boxes/form3/default.nix b/nixos/boxes/form3/default.nix index f5fa75b9..1eea23b4 100644 --- a/nixos/boxes/form3/default.nix +++ b/nixos/boxes/form3/default.nix @@ -1,14 +1,21 @@ -{ config, pkgs, inputs, lib, nixpkgs-nixos-unstable-and-unfree, ... }: -let +{ + config, + pkgs, + inputs, + lib, + nixpkgs-nixos-unstable-and-unfree, + ... +}: let system_cert_bundle_path = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; form3_cert_path = ./form3-palo-alto.pem; - form3_cert_bundle = builtins.toFile "form3-cert-bundle.crt" + form3_cert_bundle = + builtins.toFile "form3-cert-bundle.crt" (builtins.readFile system_cert_bundle_path + builtins.readFile form3_cert_path); in { - environment.systemPackages = with pkgs; [ vim nixfmt ]; + environment.systemPackages = with pkgs; [vim nixfmt]; - imports = [ ../../git ../../mercurial ]; + imports = [../../git ../../mercurial]; services.nix-daemon.enable = true; nix = { useDaemon = true; @@ -30,7 +37,7 @@ in { source-code-pro weather-icons ]; - security.pki.certificateFiles = [ form3_cert_path system_cert_bundle_path ]; + security.pki.certificateFiles = [form3_cert_path system_cert_bundle_path]; environment.variables = { SSL_CERT_FILE = form3_cert_bundle; NIX_SSL_CERT_FILE = form3_cert_bundle; @@ -41,9 +48,9 @@ in { system.stateVersion = 4; - home-manager.users.cyryl = { ... }: { - imports = [ ]; - home.packages = with pkgs; [ awscli kubectl cargo-update ]; + home-manager.users.cyryl = {...}: { + imports = []; + home.packages = with pkgs; [awscli kubectl cargo-update]; programs.git.userEmail = lib.mkForce "cyryl.plotnicki@form3.tech"; programs.git.extraConfig = { user.signingkey = "6441B1BC81F8FB1561C9AFF5534222210FE423ED"; diff --git a/nixos/boxes/foryog/default.nix b/nixos/boxes/foryog/default.nix index 3758d0e3..793943dd 100644 --- a/nixos/boxes/foryog/default.nix +++ b/nixos/boxes/foryog/default.nix @@ -26,7 +26,7 @@ fileSystems."/" = {options = ["compress=zstd"];}; services.restic.backups.home-to-b2 = { - repository = lib.mkForce "b2:cyplo-restic-foureighty:/"; + repository = lib.mkForce "b2:cyplo-restic-foureighty:/"; }; boot.kernelParams = ["initcall_debug" ''dyndbg="file suspend.c +p"'' "no_console_suspend"]; boot.tmp.cleanOnBoot = true; diff --git a/nixos/boxes/foryog/hardware-configuration.nix b/nixos/boxes/foryog/hardware-configuration.nix index 6df72b45..c374f016 100644 --- a/nixos/boxes/foryog/hardware-configuration.nix +++ b/nixos/boxes/foryog/hardware-configuration.nix @@ -1,11 +1,16 @@ -{ config, lib, pkgs, inputs, ... }: { +{ + config, + lib, + pkgs, + inputs, + ... +}: { boot = { - kernelModules = [ "kvm-intel" ]; + kernelModules = ["kvm-intel"]; initrd = { - kernelModules = [ "dm-snapshot" ]; - availableKernelModules = - [ "xhci_pci" "nvme" "usbhid" "usb_storage" "sd_mod" ]; + kernelModules = ["dm-snapshot"]; + availableKernelModules = ["xhci_pci" "nvme" "usbhid" "usb_storage" "sd_mod"]; }; loader.systemd-boot.enable = true; @@ -13,9 +18,8 @@ loader.efi.efiSysMountPoint = "/boot/efi"; }; - boot.initrd.secrets = { "/crypto_keyfile.bin" = null; }; - boot.initrd.luks.devices."luks-43a80125-4089-45be-9561-fab93f984916".device = - "/dev/disk/by-uuid/43a80125-4089-45be-9561-fab93f984916"; + boot.initrd.secrets = {"/crypto_keyfile.bin" = null;}; + boot.initrd.luks.devices."luks-43a80125-4089-45be-9561-fab93f984916".device = "/dev/disk/by-uuid/43a80125-4089-45be-9561-fab93f984916"; fileSystems."/boot/efi" = { device = "/dev/disk/by-uuid/D6C0-1A9D"; @@ -25,8 +29,8 @@ fileSystems."/" = { device = "/dev/disk/by-uuid/98f3597c-183a-45fb-b2a4-b598c18d089a"; fsType = "btrfs"; - options = [ "subvol=@" ]; + options = ["subvol=@"]; }; - swapDevices = [ ]; + swapDevices = []; } diff --git a/nixos/boxes/foureighty/default.nix b/nixos/boxes/foureighty/default.nix index 05c607c2..f265a9f1 100644 --- a/nixos/boxes/foureighty/default.nix +++ b/nixos/boxes/foureighty/default.nix @@ -1,4 +1,11 @@ -{ config, pkgs, inputs, lib, nixpkgs-nixos-unstable-and-unfree, ... }: { +{ + config, + pkgs, + inputs, + lib, + nixpkgs-nixos-unstable-and-unfree, + ... +}: { networking.hostName = "foureighty"; imports = [ @@ -17,9 +24,9 @@ ../../sdr.nix ]; - fileSystems."/" = { options = [ "compress=zstd" ]; }; + fileSystems."/" = {options = ["compress=zstd"];}; - boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; + boot.binfmt.emulatedSystems = ["aarch64-linux"]; boot.plymouth = { enable = true; logo = ./boot.png; @@ -56,9 +63,9 @@ }; }; }; - services.fprintd = { enable = true; }; + services.fprintd = {enable = true;}; programs.ccache.enable = true; - hardware.opengl.extraPackages = with pkgs; [ libva ]; + hardware.opengl.extraPackages = with pkgs; [libva]; programs.steam.enable = true; nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [ @@ -71,15 +78,11 @@ "vscode" ]; - home-manager.users.cyryl = { ... }: { - imports = - [ ../../home-manager/programs/alacritty.nix ../../gui/vscode.nix ]; - home.packages = - with inputs.nixpkgs-nixos-unstable.legacyPackages."x86_64-linux"; - [ bisq-desktop ] ++ - - (with pkgs; [ lutris ]) - ++ (with inputs.endless-sky.legacyPackages."x86_64-linux"; - [ endless-sky ]); + home-manager.users.cyryl = {...}: { + imports = [../../home-manager/programs/alacritty.nix ../../gui/vscode.nix]; + home.packages = with inputs.nixpkgs-nixos-unstable.legacyPackages."x86_64-linux"; + [bisq-desktop] + ++ (with pkgs; [lutris]) + ++ (with inputs.endless-sky.legacyPackages."x86_64-linux"; [endless-sky]); }; } diff --git a/nixos/boxes/homescreen/default.nix b/nixos/boxes/homescreen/default.nix index 58b72f20..0a9701f8 100644 --- a/nixos/boxes/homescreen/default.nix +++ b/nixos/boxes/homescreen/default.nix @@ -1,14 +1,19 @@ -{ config, pkgs, inputs, lib, ... }: { - imports = - [ inputs.nixos-hardware.nixosModules.raspberry-pi-4 ../../tailscale ]; +{ + config, + pkgs, + inputs, + lib, + ... +}: { + imports = [inputs.nixos-hardware.nixosModules.raspberry-pi-4 ../../tailscale]; networking = { hostName = "homescreen"; - networkmanager = { enable = true; }; + networkmanager = {enable = true;}; }; hardware.enableRedistributableFirmware = true; - environment.systemPackages = with pkgs; [ neovim htop btop atop ]; + environment.systemPackages = with pkgs; [neovim htop btop atop]; services.fail2ban.enable = true; @@ -33,7 +38,7 @@ users = { mutableUsers = false; - users.kiosk = { isNormalUser = true; }; + users.kiosk = {isNormalUser = true;}; }; users.extraUsers.root.openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEo4R+6J3h6Ix3xWpOMdU7Es1/YxFchHw0c+kcCOJxFb cyryl@foureighty" @@ -42,12 +47,12 @@ "/" = { device = "/dev/disk/by-label/NIXOS_SD"; fsType = "ext4"; - options = [ "noatime" ]; + options = ["noatime"]; }; "/boot/firmware" = { device = "/dev/disk/by-label/FIRMWARE"; fsType = "vfat"; - options = [ "nofail" "noauto" ]; + options = ["nofail" "noauto"]; }; }; powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; diff --git a/nixos/boxes/mb1/atuin.nix b/nixos/boxes/mb1/atuin.nix index f0b969ec..dda7dc71 100644 --- a/nixos/boxes/mb1/atuin.nix +++ b/nixos/boxes/mb1/atuin.nix @@ -1,16 +1,22 @@ -{ config, pkgs, inputs, lib, ... }: { +{ + config, + pkgs, + inputs, + lib, + ... +}: { imports = [ "${inputs.nixpkgs-nixos-unstable}/nixos/modules/services/misc/atuin.nix" ../nginx.nix ]; - disabledModules = [ "services/misc/atuin.nix" ]; + disabledModules = ["services/misc/atuin.nix"]; services.nginx = { virtualHosts = { "atuin.cyplo.dev" = { forceSSL = true; enableACME = true; - locations."/" = { proxyPass = "http://127.0.0.1:8888"; }; + locations."/" = {proxyPass = "http://127.0.0.1:8888";}; }; }; }; diff --git a/nixos/boxes/mb1/blog.nix b/nixos/boxes/mb1/blog.nix index 5d7913c9..a75a41d5 100644 --- a/nixos/boxes/mb1/blog.nix +++ b/nixos/boxes/mb1/blog.nix @@ -1,16 +1,18 @@ -{ config, pkgs, ... }: -let - path = "/var/www/blog/"; -in { - imports = [ ../nginx.nix ]; + config, + pkgs, + ... +}: let + path = "/var/www/blog/"; +in { + imports = [../nginx.nix]; services.nginx = { virtualHosts = { "blog.cyplo.dev" = { forceSSL = true; enableACME = true; locations."/" = { - root = path; + root = path; }; }; "blog.cyplo.net" = { @@ -24,12 +26,12 @@ in users.extraUsers.blog = { openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILqDeXcIQwLXxuueu9KTC6y6NPUUzDRdF4Q5NUk+nFwt upload@blog" - ]; + ]; group = "nginx"; isSystemUser = false; isNormalUser = true; - home = path; - createHome = true; - homeMode = "750"; + home = path; + createHome = true; + homeMode = "750"; }; } diff --git a/nixos/boxes/mb1/boot.nix b/nixos/boxes/mb1/boot.nix index 70ab34d6..dc76bd18 100644 --- a/nixos/boxes/mb1/boot.nix +++ b/nixos/boxes/mb1/boot.nix @@ -1,10 +1,15 @@ -{ config, pkgs, inputs, lib, ... }: { +{ + config, + pkgs, + inputs, + lib, + ... +}: { boot.kernelPackages = pkgs.linuxPackages_latest; boot.loader.grub = { - devices = [ "/dev/vda" ]; + devices = ["/dev/vda"]; efiSupport = true; efiInstallAsRemovable = true; }; - } diff --git a/nixos/boxes/mb1/default.nix b/nixos/boxes/mb1/default.nix index 86b4bc1b..3145f6b7 100644 --- a/nixos/boxes/mb1/default.nix +++ b/nixos/boxes/mb1/default.nix @@ -1,4 +1,10 @@ -{ config, pkgs, inputs, lib, ... }: { +{ + config, + pkgs, + inputs, + lib, + ... +}: { imports = [ "${inputs.nixpkgs-stable}/nixos/modules/profiles/qemu-guest.nix" ../cli.nix @@ -10,7 +16,6 @@ ]; networking.hostName = "mb1"; - zramSwap = { enable = true; algorithm = "zstd"; @@ -18,5 +23,4 @@ }; time.timeZone = "Europe/London"; - } diff --git a/nixos/boxes/mb1/disks.nix b/nixos/boxes/mb1/disks.nix index e6320545..2512d237 100644 --- a/nixos/boxes/mb1/disks.nix +++ b/nixos/boxes/mb1/disks.nix @@ -12,7 +12,7 @@ _: { name = "boot"; start = "0"; end = "1M"; - flags = [ "bios_grub" ]; + flags = ["bios_grub"]; } { name = "ESP"; diff --git a/nixos/boxes/mb1/search.nix b/nixos/boxes/mb1/search.nix index a39d32e6..399f410d 100644 --- a/nixos/boxes/mb1/search.nix +++ b/nixos/boxes/mb1/search.nix @@ -1,11 +1,14 @@ -{ config, pkgs, ... }: { - imports = [ ../nginx.nix ]; +{ + config, + pkgs, + ... +}: { + imports = [../nginx.nix]; virtualisation.oci-containers.containers.searxng = { - image = - "searxng/searxng@sha256:650c0b183a129e10c2493126bb27c3541ffebbead6e0255fab91831457211b06"; - volumes = [ ]; - environment = { BASE_URL = "https://search.cyplo.dev"; }; - ports = [ "9999:8080" ]; + image = "searxng/searxng@sha256:650c0b183a129e10c2493126bb27c3541ffebbead6e0255fab91831457211b06"; + volumes = []; + environment = {BASE_URL = "https://search.cyplo.dev";}; + ports = ["9999:8080"]; }; services.nginx = { virtualHosts = { @@ -28,5 +31,4 @@ }; }; }; - } diff --git a/nixos/boxes/thinky/default.nix b/nixos/boxes/thinky/default.nix index 5310e50e..a5fdf876 100644 --- a/nixos/boxes/thinky/default.nix +++ b/nixos/boxes/thinky/default.nix @@ -1,4 +1,9 @@ -{ config, pkgs, lib,... }: { +{ + config, + pkgs, + lib, + ... +}: { networking.hostName = "thinky"; imports = [ @@ -28,7 +33,7 @@ builtins.elem (lib.getName pkg) [ "spotify" ]; - home-manager.users.cyryl = { ... }: { - imports = [ ../../home-manager/programs/termite.nix ]; + home-manager.users.cyryl = {...}: { + imports = [../../home-manager/programs/termite.nix]; }; } diff --git a/nixos/boxes/thinky/hardware-configuration.nix b/nixos/boxes/thinky/hardware-configuration.nix index 2955df1f..81d149e0 100644 --- a/nixos/boxes/thinky/hardware-configuration.nix +++ b/nixos/boxes/thinky/hardware-configuration.nix @@ -1,11 +1,16 @@ -{ config, lib, pkgs, inputs, ... }: { +{ + config, + lib, + pkgs, + inputs, + ... +}: { boot = { - kernelModules = [ "kvm-intel" ]; + kernelModules = ["kvm-intel"]; initrd = { - kernelModules = [ "dm-snapshot" ]; - availableKernelModules = - [ "ata_generic" "uhci_hcd" "ehci_pci" "ahci" "usb_storage" "sd_mod" ]; + kernelModules = ["dm-snapshot"]; + availableKernelModules = ["ata_generic" "uhci_hcd" "ehci_pci" "ahci" "usb_storage" "sd_mod"]; }; loader.grub.enable = true; @@ -17,15 +22,14 @@ fsType = "btrfs"; }; - boot.initrd.luks.devices."crypt".device = - "/dev/disk/by-uuid/8d51b38a-5d90-4a7a-a86a-0d57648fd82d"; + boot.initrd.luks.devices."crypt".device = "/dev/disk/by-uuid/8d51b38a-5d90-4a7a-a86a-0d57648fd82d"; fileSystems."/boot" = { device = "/dev/disk/by-uuid/195b3f15-885e-4123-879f-6e4591a58317"; fsType = "ext2"; }; - swapDevices = [ ]; + swapDevices = []; nix.settings = { max-jobs = 2; diff --git a/nixos/boxes/vpsfree1/backups.nix b/nixos/boxes/vpsfree1/backups.nix index a6086158..4d6c8434 100644 --- a/nixos/boxes/vpsfree1/backups.nix +++ b/nixos/boxes/vpsfree1/backups.nix @@ -1,9 +1,12 @@ -{ config, pkgs, ... }: -let +{ + config, + pkgs, + ... +}: let genericBackupPath = "/var/lib/backups/"; containersBackupPath = "${genericBackupPath}/oci-containers/"; in rec { - environment.systemPackages = with pkgs; [ restic ]; + environment.systemPackages = with pkgs; [restic]; sops.secrets."restic-backups-b2-repo-password" = { sopsFile = ./restic.sops.yaml; @@ -31,14 +34,13 @@ in rec { backupCleanupCommand = '' systemctl start container@mastodon.service ''; - timerConfig = { OnCalendar = "daily"; }; - environmentFile = - "${config.sops.secrets.restic-backups-b2-environment.path}"; + timerConfig = {OnCalendar = "daily";}; + environmentFile = "${config.sops.secrets.restic-backups-b2-environment.path}"; }; }; systemd.services.restic-backups-b2 = { - environment = { GOMAXPROCS = "1"; }; + environment = {GOMAXPROCS = "1";}; serviceConfig = { Nice = 19; IOSchedulingClass = "idle"; diff --git a/nixos/boxes/vpsfree1/cryptpad.nix b/nixos/boxes/vpsfree1/cryptpad.nix index 7fb688de..e54cccd3 100644 --- a/nixos/boxes/vpsfree1/cryptpad.nix +++ b/nixos/boxes/vpsfree1/cryptpad.nix @@ -1,12 +1,18 @@ -{ config, pkgs, inputs, lib, ... }: { - imports = [ ../nginx.nix ]; +{ + config, + pkgs, + inputs, + lib, + ... +}: { + imports = [../nginx.nix]; services.nginx = { virtualHosts = { "notes.purrfect.estate" = { forceSSL = true; enableACME = true; - serverAliases = [ "notes-sandbox.purrfect.estate" ]; + serverAliases = ["notes-sandbox.purrfect.estate"]; locations."/" = { proxyPass = "http://127.0.0.1:9005"; proxyWebsockets = true; @@ -15,8 +21,7 @@ }; }; virtualisation.oci-containers.containers.cryptpad = { - image = - "promasu/cryptpad@sha256:29c61f69e41173188c0592e72f2273cf23a83f48e7d143337e2cd7fea441ed87"; + image = "promasu/cryptpad@sha256:29c61f69e41173188c0592e72f2273cf23a83f48e7d143337e2cd7fea441ed87"; volumes = [ "${./cryptpad.config.js}:/cryptpad/config/config.js" @@ -34,6 +39,6 @@ CPAD_TRUSTED_PROXY = "0.0.0.0/0"; CPAD_HTTP2_DISABLE = "true"; }; - ports = [ "9005:80" ]; + ports = ["9005:80"]; }; } diff --git a/nixos/boxes/vpsfree1/default.nix b/nixos/boxes/vpsfree1/default.nix index a266e4a9..0060a49b 100644 --- a/nixos/boxes/vpsfree1/default.nix +++ b/nixos/boxes/vpsfree1/default.nix @@ -1,4 +1,10 @@ -{ config, pkgs, inputs, lib, ... }: { +{ + config, + pkgs, + inputs, + lib, + ... +}: { networking.hostName = "vpsfree1"; imports = [ @@ -20,7 +26,7 @@ DefaultTimeoutStartSec=900s ''; - boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; + boot.binfmt.emulatedSystems = ["aarch64-linux"]; time.timeZone = "Europe/London"; nix.settings.cores = 8; } diff --git a/nixos/boxes/vpsfree1/fossil.nix b/nixos/boxes/vpsfree1/fossil.nix index 7d32a77e..25689305 100644 --- a/nixos/boxes/vpsfree1/fossil.nix +++ b/nixos/boxes/vpsfree1/fossil.nix @@ -1,71 +1,85 @@ -{ config, pkgs, inputs, lib, ... }: -let +{ + config, + pkgs, + inputs, + lib, + ... +}: let port = 8081; domain = "fossil.cyplo.dev"; baseurl = "https://${domain}"; path = "/var/lib/fossil"; in { - imports = [ ../nginx.nix ]; + imports = [../nginx.nix]; services.nginx = { virtualHosts = { "${domain}" = { forceSSL = true; enableACME = true; - locations."/" = { proxyPass = "http://localhost:" + toString port; }; + locations."/" = {proxyPass = "http://localhost:" + toString port;}; }; }; }; containers.fossil = { autoStart = true; - forwardPorts = [{ - containerPort = port; - hostPort = port; - }]; + forwardPorts = [ + { + containerPort = port; + hostPort = port; + } + ]; bindMounts = { "${path}" = { hostPath = "${path}"; isReadOnly = false; }; }; - config = { config, pkgs, ... }: - let - user = "fossil"; - group = "fossil"; - in { - system.stateVersion = "23.05"; - environment.systemPackages = [ pkgs.fossil ]; - users.groups = { "${group}" = { }; }; - users.users = { - fossil = { - inherit group; - description = "Fossil Service"; - home = path; - useDefaultShell = true; - isSystemUser = true; - }; - }; - - systemd.tmpfiles.rules = [ "d '${path}' 0770 ${user} ${group} - -" ]; - systemd.services.fossil = { - description = "fossil server"; - after = [ "network-online.target" ]; - wantedBy = [ "multi-user.target" ]; - path = [ pkgs.fossil pkgs.git ]; - - serviceConfig = { - User = user; - Group = group; - WorkingDirectory = path; - ReadWritePaths = [ path ]; - ExecStart = "${pkgs.fossil}/bin/fossil server" + " --localhost" - + " --https" + " --port ${toString port}" - + " --baseurl ${baseurl}" + " --repolist ${path}"; - Restart = "always"; - RestartSec = 3; - }; + config = { + config, + pkgs, + ... + }: let + user = "fossil"; + group = "fossil"; + in { + system.stateVersion = "23.05"; + environment.systemPackages = [pkgs.fossil]; + users.groups = {"${group}" = {};}; + users.users = { + fossil = { + inherit group; + description = "Fossil Service"; + home = path; + useDefaultShell = true; + isSystemUser = true; }; }; + + systemd.tmpfiles.rules = ["d '${path}' 0770 ${user} ${group} - -"]; + systemd.services.fossil = { + description = "fossil server"; + after = ["network-online.target"]; + wantedBy = ["multi-user.target"]; + path = [pkgs.fossil pkgs.git]; + + serviceConfig = { + User = user; + Group = group; + WorkingDirectory = path; + ReadWritePaths = [path]; + ExecStart = + "${pkgs.fossil}/bin/fossil server" + + " --localhost" + + " --https" + + " --port ${toString port}" + + " --baseurl ${baseurl}" + + " --repolist ${path}"; + Restart = "always"; + RestartSec = 3; + }; + }; + }; }; } diff --git a/nixos/boxes/vpsfree1/foundryvtt.nix b/nixos/boxes/vpsfree1/foundryvtt.nix index b0fcd73d..1e35c845 100644 --- a/nixos/boxes/vpsfree1/foundryvtt.nix +++ b/nixos/boxes/vpsfree1/foundryvtt.nix @@ -1,5 +1,10 @@ -{ config, pkgs, inputs, lib, ... }: -let +{ + config, + pkgs, + inputs, + lib, + ... +}: let foundryvtt = pkgs.fetchzip { name = "foundryvtt"; url = "file:///" + ./FoundryVTT-11.306.zip; @@ -8,7 +13,7 @@ let stripRoot = false; }; in { - imports = [ ../nginx.nix ]; + imports = [../nginx.nix]; services.nginx = { clientMaxBodySize = "300M"; @@ -26,21 +31,27 @@ in { containers.foundryvtt = { autoStart = true; - forwardPorts = [{ - containerPort = 30000; - hostPort = 30000; - }]; + forwardPorts = [ + { + containerPort = 30000; + hostPort = 30000; + } + ]; bindMounts = { "/var/lib/foundryvtt" = { hostPath = "/var/lib/foundryvtt"; isReadOnly = false; }; }; - config = { config, pkgs, ... }: { + config = { + config, + pkgs, + ... + }: { system.stateVersion = "23.05"; systemd.services."foundryvtt" = { - requires = [ "network-online.target" ]; - wantedBy = [ "multi-user.target" ]; + requires = ["network-online.target"]; + wantedBy = ["multi-user.target"]; script = '' mkdir -p /var/lib/foundryvtt ${pkgs.nodejs-18_x}/bin/node ${foundryvtt}/resources/app/main.js --dataPath=/var/lib/foundryvtt diff --git a/nixos/boxes/vpsfree1/gitea.nix b/nixos/boxes/vpsfree1/gitea.nix index ea585a20..5bbc50b7 100644 --- a/nixos/boxes/vpsfree1/gitea.nix +++ b/nixos/boxes/vpsfree1/gitea.nix @@ -1,5 +1,11 @@ -{ config, pkgs, inputs, lib, system, ... }: -let +{ + config, + pkgs, + inputs, + lib, + system, + ... +}: let unstable = inputs.nixpkgs-nixos-unstable; package = unstable.legacyPackages."${system}".gitea; httpPort = 8083; @@ -23,18 +29,18 @@ let }; groups."${systemGroupName}" = { inherit gid; - members = [ "${systemUserName}" "nginx" ]; + members = ["${systemUserName}" "nginx"]; }; }; in { - imports = [ ../nginx.nix ]; + imports = [../nginx.nix]; inherit users; - boot.kernel.sysctl = { "net.ipv4.ip_unprivileged_port_start" = 0; }; + boot.kernel.sysctl = {"net.ipv4.ip_unprivileged_port_start" = 0;}; systemd.services.systemd-sysctl.enable = lib.mkForce true; - networking.firewall.allowedTCPPorts = [ sshPort ]; + networking.firewall.allowedTCPPorts = [sshPort]; services.nginx = { virtualHosts = { "${domain}" = { @@ -76,15 +82,21 @@ in { isReadOnly = true; }; }; - config = { config, pkgs, lib, ... }: { + config = { + config, + pkgs, + lib, + ... + }: { system.stateVersion = "23.05"; - users = users // { - mutableUsers = false; - allowNoPasswordLogin = true; - }; - disabledModules = [ "services/misc/gitea.nix" ]; - imports = - [ "${unstable}/nixos/modules/services/misc/gitea.nix" ]; + users = + users + // { + mutableUsers = false; + allowNoPasswordLogin = true; + }; + disabledModules = ["services/misc/gitea.nix"]; + imports = ["${unstable}/nixos/modules/services/misc/gitea.nix"]; services.gitea = { enable = true; inherit package; @@ -101,8 +113,7 @@ in { "markup.mermaid" = { ENABLED = true; FILE_EXTENSIONS = ".md"; - RENDER_COMMAND = - "${pkgs.asciidoc-full}/bin/asciidoc --out-file=- -"; + RENDER_COMMAND = "${pkgs.asciidoc-full}/bin/asciidoc --out-file=- -"; IS_INPUT_FILE = false; }; server = { diff --git a/nixos/boxes/vpsfree1/mastodon.nix b/nixos/boxes/vpsfree1/mastodon.nix index e1e9494f..598379d9 100644 --- a/nixos/boxes/vpsfree1/mastodon.nix +++ b/nixos/boxes/vpsfree1/mastodon.nix @@ -1,5 +1,10 @@ -{ config, pkgs, inputs, lib, ... }: -let +{ + config, + pkgs, + inputs, + lib, + ... +}: let newestPackages = inputs.nixpkgs-master.legacyPackages.${pkgs.system}; package = newestPackages.mastodon; domain = "peninsula.industries"; @@ -24,7 +29,7 @@ let }; groups."${systemGroupName}" = { inherit gid; - members = [ "${systemUserName}" "nginx" ]; + members = ["${systemUserName}" "nginx"]; }; }; secretSettings = { @@ -33,7 +38,7 @@ let }; publicPath = "${path}/public-system/"; in { - imports = [ ../nginx.nix ]; + imports = [../nginx.nix]; system.stateVersion = "23.05"; services.nginx = { @@ -43,7 +48,7 @@ in { enableACME = true; root = "${package}/public/"; - locations."/" = { tryFiles = "$uri @proxy"; }; + locations."/" = {tryFiles = "$uri @proxy";}; locations."/system/".alias = "${publicPath}"; locations."@proxy" = { @@ -58,14 +63,18 @@ in { }; }; - sops.secrets."${mailgunSmtpSecretName}" = { - sopsFile = ./mailgun.sops.yaml; - path = mailgunSmtpPasswordPath; - } // secretSettings; - sops.secrets."${mastodonDbSecretName}" = { - sopsFile = ./mastodon-db.sops.yaml; - path = mastodonDbSecretPath; - } // secretSettings; + sops.secrets."${mailgunSmtpSecretName}" = + { + sopsFile = ./mailgun.sops.yaml; + path = mailgunSmtpPasswordPath; + } + // secretSettings; + sops.secrets."${mastodonDbSecretName}" = + { + sopsFile = ./mastodon-db.sops.yaml; + path = mastodonDbSecretPath; + } + // secretSettings; inherit users; @@ -80,8 +89,8 @@ in { chmod -R g+r ${publicPath} chmod -R u+rwX ${publicPath} ''; - serviceConfig = { Type = "oneshot"; }; - before = [ "container@mastodon.service" ]; + serviceConfig = {Type = "oneshot";}; + before = ["container@mastodon.service"]; }; containers.mastodon = { @@ -110,13 +119,20 @@ in { isReadOnly = true; }; }; - config = { config, pkgs, lib, ... }: { + config = { + config, + pkgs, + lib, + ... + }: { system.stateVersion = "23.05"; services.postgresql.port = postgresPort; - users = users // { - mutableUsers = false; - allowNoPasswordLogin = true; - }; + users = + users + // { + mutableUsers = false; + allowNoPasswordLogin = true; + }; systemd.services.mastodon-media-auto-remove = { description = "Mastodon media auto remove"; serviceConfig = { diff --git a/nixos/boxes/vpsfree1/rss.nix b/nixos/boxes/vpsfree1/rss.nix index e2f98403..7b773cf9 100644 --- a/nixos/boxes/vpsfree1/rss.nix +++ b/nixos/boxes/vpsfree1/rss.nix @@ -1,65 +1,77 @@ -{ config, pkgs, inputs, lib, ... }: -let +{ + config, + pkgs, + inputs, + lib, + ... +}: let port = 8080; domain = "news.cyplo.dev"; postgresPort = 5435; in { - imports = [ ../nginx.nix ]; + imports = [../nginx.nix]; services.nginx = { virtualHosts = { "${domain}" = { forceSSL = true; enableACME = true; - locations."/" = { proxyPass = "http://127.0.0.1:" + toString port; }; + locations."/" = {proxyPass = "http://127.0.0.1:" + toString port;}; }; }; }; containers.rss = { autoStart = true; - forwardPorts = [{ - containerPort = port; - hostPort = port; - }]; - config = { config, pkgs, ... }: - let - inherit (config.services.tt-rss) pool; - inherit (config.services.tt-rss) root; - in { - system.stateVersion = "23.05"; - services.postgresql.port = postgresPort; - services.tt-rss = { - enable = true; - selfUrlPath = "https://${domain}"; - virtualHost = null; - registration.enable = false; - simpleUpdateMode = true; - database.port = postgresPort; - }; - services.nginx = { - enable = true; - virtualHosts = { - "${domain}" = { - listen = [{ + forwardPorts = [ + { + containerPort = port; + hostPort = port; + } + ]; + config = { + config, + pkgs, + ... + }: let + inherit (config.services.tt-rss) pool; + inherit (config.services.tt-rss) root; + in { + system.stateVersion = "23.05"; + services.postgresql.port = postgresPort; + services.tt-rss = { + enable = true; + selfUrlPath = "https://${domain}"; + virtualHost = null; + registration.enable = false; + simpleUpdateMode = true; + database.port = postgresPort; + }; + services.nginx = { + enable = true; + virtualHosts = { + "${domain}" = { + listen = [ + { inherit port; addr = "0.0.0.0"; - }]; - root = "${root}/www"; - locations."/" = { index = "index.php"; }; - locations."^~ /feed-icons" = { root = "${root}"; }; - locations."~ \\.php$" = { - extraConfig = '' - fastcgi_split_path_info ^(.+\.php)(/.+)$; - fastcgi_pass unix:${ - config.services.phpfpm.pools.${pool}.socket - }; - fastcgi_index index.php; - ''; - }; + } + ]; + root = "${root}/www"; + locations."/" = {index = "index.php";}; + locations."^~ /feed-icons" = {root = "${root}";}; + locations."~ \\.php$" = { + extraConfig = '' + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_pass unix:${ + config.services.phpfpm.pools.${pool}.socket + }; + fastcgi_index index.php; + ''; }; }; }; }; + }; }; } diff --git a/nixos/boxes/yoga/default.nix b/nixos/boxes/yoga/default.nix index 761e790d..c41e2280 100644 --- a/nixos/boxes/yoga/default.nix +++ b/nixos/boxes/yoga/default.nix @@ -1,18 +1,30 @@ -{ config, pkgs, inputs, lib, system, nixpkgs-nixos-unstable-and-unfree, ... }: { +{ + config, + pkgs, + inputs, + lib, + system, + nixpkgs-nixos-unstable-and-unfree, + ... +}: { networking.hostName = "yoga"; - imports = [ ./hardware-configuration.nix ../../boot.nix ../../git ../../gui + imports = [ + ./hardware-configuration.nix + ../../boot.nix + ../../git + ../../gui ../../vim -]; + ]; boot.kernelPackages = pkgs.linuxPackages_latest; hardware.trackpoint.enable = true; services.hardware.bolt.enable = true; - services.fprintd = { enable = true; }; + services.fprintd = {enable = true;}; - home-manager.users.cyryl = { lib, ... }: { home.packages = with pkgs; [ ]; }; + home-manager.users.cyryl = {lib, ...}: {home.packages = with pkgs; [];}; networking.networkmanager.enable = true; @@ -61,8 +73,8 @@ users.users.cyryl = { isNormalUser = true; description = "cyryl"; - extraGroups = [ "networkmanager" "wheel" ]; - packages = with pkgs; [ ]; + extraGroups = ["networkmanager" "wheel"]; + packages = with pkgs; []; }; services.fwupd.enable = true; @@ -73,5 +85,4 @@ # Workaround for GNOME autologin: https://github.com/NixOS/nixpkgs/issues/103746#issuecomment-945091229 systemd.services."getty@tty1".enable = false; systemd.services."autovt@tty1".enable = false; - } diff --git a/nixos/boxes/yoga/hardware-configuration.nix b/nixos/boxes/yoga/hardware-configuration.nix index f1c24611..c73adc04 100644 --- a/nixos/boxes/yoga/hardware-configuration.nix +++ b/nixos/boxes/yoga/hardware-configuration.nix @@ -1,33 +1,37 @@ -{ config, lib, pkgs, modulesPath, ... }: { - imports = [ ]; +{ + config, + lib, + pkgs, + modulesPath, + ... +}: { + imports = []; - boot.initrd.availableKernelModules = - [ "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; + boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" "rtsx_pci_sdmmc"]; + boot.initrd.kernelModules = []; + boot.kernelModules = ["kvm-intel"]; + boot.extraModulePackages = []; boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.efiSysMountPoint = "/boot/efi"; # Setup keyfile - boot.initrd.secrets = { "/crypto_keyfile.bin" = null; }; + boot.initrd.secrets = {"/crypto_keyfile.bin" = null;}; fileSystems."/" = { device = "/dev/disk/by-uuid/a43a1c42-9166-47dc-9e78-20e0975c75c5"; fsType = "btrfs"; - options = [ "subvol=@" ]; + options = ["subvol=@"]; }; - boot.initrd.luks.devices."luks-99498047-118a-484a-8c2a-987ca68d4943".device = - "/dev/disk/by-uuid/99498047-118a-484a-8c2a-987ca68d4943"; + boot.initrd.luks.devices."luks-99498047-118a-484a-8c2a-987ca68d4943".device = "/dev/disk/by-uuid/99498047-118a-484a-8c2a-987ca68d4943"; fileSystems."/boot/efi" = { device = "/dev/disk/by-uuid/F179-A4EA"; fsType = "vfat"; }; - swapDevices = [ ]; + swapDevices = []; networking.useDHCP = lib.mkDefault true; diff --git a/nixos/common-hardware.nix b/nixos/common-hardware.nix index bb26c17c..6089b4b0 100644 --- a/nixos/common-hardware.nix +++ b/nixos/common-hardware.nix @@ -1,33 +1,41 @@ -{ config, pkgs, nixpkgs-nixos-unstable-and-unfree, lib, ... }: { - boot.kernelModules = [ "fuse" ]; +{ + config, + pkgs, + nixpkgs-nixos-unstable-and-unfree, + lib, + ... +}: { + boot.kernelModules = ["fuse"]; services.smartd.enable = true; sound.enable = true; networking.networkmanager = { enable = true; - dispatcherScripts = [{ - source = pkgs.writeText "upHook" '' - enable_disable_wifi () - { - result=$(nmcli dev | grep "ethernet" | grep -w "connected") - if [ -n "$result" ]; then - nmcli radio wifi off - else - nmcli radio wifi on + dispatcherScripts = [ + { + source = pkgs.writeText "upHook" '' + enable_disable_wifi () + { + result=$(nmcli dev | grep "ethernet" | grep -w "connected") + if [ -n "$result" ]; then + nmcli radio wifi off + else + nmcli radio wifi on + fi + } + + if [ "$2" = "up" ]; then + enable_disable_wifi fi - } - if [ "$2" = "up" ]; then - enable_disable_wifi - fi - - if [ "$2" = "down" ]; then - enable_disable_wifi - fi - ''; - type = "basic"; - }]; + if [ "$2" = "down" ]; then + enable_disable_wifi + fi + ''; + type = "basic"; + } + ]; }; hardware.enableRedistributableFirmware = true; @@ -36,7 +44,7 @@ hardware.bluetooth = { enable = true; package = pkgs.bluezFull; - settings = { General = { Enable = "Source,Sink,Media,Socket"; }; }; + settings = {General = {Enable = "Source,Sink,Media,Socket";};}; }; services.blueman.enable = true; @@ -55,7 +63,7 @@ # no need to redefine it in your config for now) #media-session.enable = true; }; - environment.systemPackages = with pkgs; [ ghostscript poppler ]; + environment.systemPackages = with pkgs; [ghostscript poppler]; services.printing = { enable = true; drivers = with pkgs; [ @@ -73,8 +81,7 @@ description = "Epson XP-540 via bolty"; name = "epson_xp540_via_bolty"; deviceUri = "ipp://bolty:631/printers/epson_xp540"; - model = - "epson-inkjet-printer-escpr/Epson-XP-540_Series-epson-escpr-en.ppd"; + model = "epson-inkjet-printer-escpr/Epson-XP-540_Series-epson-escpr-en.ppd"; ppdOptions = { PageSize = "A4"; Duplex = "DuplexNoTumble"; @@ -83,8 +90,7 @@ { description = "Samsung SCX-4623 Series"; name = "samsung-SCX-4623"; - deviceUri = - "usb://Samsung/SCX-4623%20Series?serial=Z2TYBFFZC01007W&interface=1"; + deviceUri = "usb://Samsung/SCX-4623%20Series?serial=Z2TYBFFZC01007W&interface=1"; model = "samsung/SCX-4623FW.ppd"; ppdOptions = { PageSize = "A4"; @@ -93,7 +99,7 @@ } ]; - services.udev.packages = [ ]; + services.udev.packages = []; hardware.sane = { enable = true; snapshot = true; diff --git a/nixos/common-services.nix b/nixos/common-services.nix index be992da4..bdf2568f 100644 --- a/nixos/common-services.nix +++ b/nixos/common-services.nix @@ -1,9 +1,12 @@ -{ config, pkgs, ... }: { - +{ + config, + pkgs, + ... +}: { console.keyMap = "pl2"; - imports = [ ./tailscale ]; + imports = [./tailscale]; services = { - udev.packages = [ pkgs.android-udev-rules ]; + udev.packages = [pkgs.android-udev-rules]; ratbagd.enable = true; fwupd = { diff --git a/nixos/common.nix b/nixos/common.nix index 4d945509..9fe9e4e9 100644 --- a/nixos/common.nix +++ b/nixos/common.nix @@ -1,5 +1,11 @@ -{ config, pkgs, lib, inputs, nixpkgs-nixos-unstable-and-unfree, ... }: -let +{ + config, + pkgs, + lib, + inputs, + nixpkgs-nixos-unstable-and-unfree, + ... +}: let stateVersion = "23.05"; username = "cyryl"; in { @@ -54,10 +60,9 @@ in { shell = pkgs.zsh; }; - networking.nameservers = - [ "9.9.9.9" "2620:fe::fe" "149.112.112.112" "2620:fe::9" ]; + networking.nameservers = ["9.9.9.9" "2620:fe::fe" "149.112.112.112" "2620:fe::9"]; - networking.hosts = { "10.11.99.1" = [ "remarkable" ]; }; + networking.hosts = {"10.11.99.1" = ["remarkable"];}; programs.light.enable = true; programs.adb.enable = true; @@ -74,13 +79,13 @@ in { enable = true; autoPrune.enable = true; daemon.settings = { - "insecure-registries" = [ "vpsfree1.raptor-carp.ts.net:5000" ]; + "insecure-registries" = ["vpsfree1.raptor-carp.ts.net:5000"]; }; }; fonts.fontconfig = { enable = true; - defaultFonts.monospace = [ "BerkeleyMono Nerd Font" ]; + defaultFonts.monospace = ["BerkeleyMono Nerd Font"]; }; fonts.fonts = with pkgs; [ @@ -106,7 +111,7 @@ in { ''; }; - system = { inherit stateVersion; }; + system = {inherit stateVersion;}; system.activationScripts.diff = '' ${pkgs.nvd}/bin/nvd --nix-bin-dir=${pkgs.nix}/bin diff /run/current-system "$systemConfig" ''; diff --git a/nixos/distributed-builds.nix b/nixos/distributed-builds.nix index ad2e4d6f..ed0aa7f1 100644 --- a/nixos/distributed-builds.nix +++ b/nixos/distributed-builds.nix @@ -1,21 +1,25 @@ -{ config, pkgs, ... }: { - nix.buildMachines = [{ - hostName = "bolty"; - sshUser = "nix-builder"; - sshKey = "/home/cyryl/.ssh/id_ed25519"; - systems = [ "i686-linux" "x86_64-linux" "aarch64-linux" ]; - maxJobs = 2; - speedFactor = 1; - supportedFeatures = [ "kvm" "big-parallel" ]; - mandatoryFeatures = [ ]; - }]; +{ + config, + pkgs, + ... +}: { + nix.buildMachines = [ + { + hostName = "bolty"; + sshUser = "nix-builder"; + sshKey = "/home/cyryl/.ssh/id_ed25519"; + systems = ["i686-linux" "x86_64-linux" "aarch64-linux"]; + maxJobs = 2; + speedFactor = 1; + supportedFeatures = ["kvm" "big-parallel"]; + mandatoryFeatures = []; + } + ]; nix.extraOptions = '' builders-use-substitutes = true ''; nix.distributedBuilds = true; - nix.settings.substituters = - [ "https://cache.nixos.org/" "ssh://nix-ssh@bolty.raptor-carp.ts.net" ]; - nix.settings.trusted-public-keys = - [ "cyplodev-store-key:a/+PEufePs7giWqYyRqy+TgUKLMbY+RQuJQu2aUjdl8=" ]; + nix.settings.substituters = ["https://cache.nixos.org/" "ssh://nix-ssh@bolty.raptor-carp.ts.net"]; + nix.settings.trusted-public-keys = ["cyplodev-store-key:a/+PEufePs7giWqYyRqy+TgUKLMbY+RQuJQu2aUjdl8="]; } diff --git a/nixos/emacs/home.nix b/nixos/emacs/home.nix index 2c0da346..9cad40af 100644 --- a/nixos/emacs/home.nix +++ b/nixos/emacs/home.nix @@ -23,7 +23,7 @@ (setq make-backup-files nil) (setq auto-save-default nil) - + (require 'helm) (require 'helm-config) diff --git a/nixos/gnome/home.nix b/nixos/gnome/home.nix index 213cea09..55a86ece 100644 --- a/nixos/gnome/home.nix +++ b/nixos/gnome/home.nix @@ -1,9 +1,14 @@ -{ config, pkgs, ... }: { - services = { }; +{ + config, + pkgs, + ... +}: { + services = {}; - xsession = { enable = false; }; + xsession = {enable = false;}; - home.packages = (with pkgs; [ gnome-usage gnome3.gnome-tweaks ]) + home.packages = + (with pkgs; [gnome-usage gnome3.gnome-tweaks]) ++ (with pkgs.gnomeExtensions; [ caffeine clipboard-indicator @@ -13,7 +18,7 @@ dconf.settings = { "org/gnome/mutter" = { # https://github.com/NixOS/nixpkgs/issues/114514#issuecomment-1177709271 - experimental-features = [ "scale-monitor-framebuffer" ]; + experimental-features = ["scale-monitor-framebuffer"]; }; "org/gnome/shell" = { disable-user-extensions = false; diff --git a/nixos/gnome/system.nix b/nixos/gnome/system.nix index 2c5f0f34..3781d92e 100644 --- a/nixos/gnome/system.nix +++ b/nixos/gnome/system.nix @@ -1,4 +1,8 @@ -{ config, pkgs, ... }: { +{ + config, + pkgs, + ... +}: { services.xserver = { enable = true; displayManager.gdm.enable = true; diff --git a/nixos/gui/default.nix b/nixos/gui/default.nix index e6cf1b08..d9481e1e 100644 --- a/nixos/gui/default.nix +++ b/nixos/gui/default.nix @@ -1,12 +1,18 @@ -{ config, pkgs, discord, inputs, nixpkgs-nixos-stable-and-unfree -, nixpkgs-nixos-unstable-and-unfree, ... }: -let +{ + config, + pkgs, + discord, + inputs, + nixpkgs-nixos-stable-and-unfree, + nixpkgs-nixos-unstable-and-unfree, + ... +}: let unstable = inputs.nixpkgs-nixos-unstable.legacyPackages.${pkgs.system}; nixpkgs-master = inputs.nixpkgs-master.legacyPackages.${pkgs.system}; in { security.chromiumSuidSandbox.enable = true; - home-manager.users.cyryl = { ... }: { + home-manager.users.cyryl = {...}: { gtk = { enable = true; iconTheme = { @@ -21,13 +27,13 @@ in { style.package = pkgs.adwaita-qt; }; - imports = [ ]; + imports = []; programs.chromium.enable = true; programs.firefox.enable = true; home.packages = with pkgs; - with pkgs.gnome3; - with pkgs.python38Packages; + with pkgs.gnome3; + with pkgs.python38Packages; [ anarchism calibre @@ -81,7 +87,9 @@ in { yubikey-manager-qt yubikey-personalization yubikey-personalization-gui - ] ++ (with unstable; [ glaxnimate gnucash kicad thunderbird ]) ++ [ + ] + ++ (with unstable; [glaxnimate gnucash kicad thunderbird]) + ++ [ nixpkgs-nixos-stable-and-unfree.discord nixpkgs-nixos-unstable-and-unfree.hopper ]; diff --git a/nixos/gui/vscode.nix b/nixos/gui/vscode.nix index 23c1f222..d3f4f6cc 100644 --- a/nixos/gui/vscode.nix +++ b/nixos/gui/vscode.nix @@ -1,159 +1,163 @@ -{ config, pkgs, inputs, ... }: { - home.packages = with pkgs; - [ - (vscode-with-extensions.override { - vscodeExtensions = with vscode-extensions; - [ - ms-python.python - inputs.nixpkgs-rust-analyzer.legacyPackages.x86_64-linux.vscode-extensions.rust-lang.rust-analyzer - (vscode-utils.buildVscodeExtension { - vscodeExtUniqueId = "vadimcn.vscode-lldb"; - vscodeExtPublisher = "vadimcn"; - vscodeExtName = "vscode-lldb"; - version = "1.6.10"; - name = "vadimcn.vscode-lldb-1.6.10"; - src = fetchurl { - name = "vadimcn.vscode-lldb.zip"; - url = - "https://github.com/vadimcn/vscode-lldb/releases/download/v1.6.10/codelldb-${pkgs.system}.vsix"; - sha256 = "sha256-QWbpe6ofacjrTCyWSKljwHDWWeHGmKNqi7cpw8Qy5Tw="; - }; - buildInputs = with pkgs; [ llvm lldb python38 autoPatchelfHook ]; - }) - ] ++ vscode-utils.extensionsFromVscodeMarketplace [ - { - publisher = "bierner"; - name = "markdown-mermaid"; - version = "1.18.1"; - sha256 = "sha256-JWeSs7V/LZ345vGWOLeUgGi68Fot/eA2k+CzWL/Wp4w="; - } - { - publisher = "arrterian"; - name = "nix-env-selector"; - version = "1.0.9"; - sha256 = "sha256-TkxqWZ8X+PAonzeXQ+sI9WI+XlqUHll7YyM7N9uErk0="; - } - { - publisher = "vscodevim"; - name = "vim"; - version = "1.21.7"; - sha256 = "sha256-nCcDafZ2CUhTjVha+6Mjxoil61xMGboO5lajc7dGEJg="; - } - { - publisher = "bbenoist"; - name = "nix"; - version = "1.0.1"; - sha256 = "sha256-qwxqOGublQeVP2qrLF94ndX/Be9oZOn+ZMCFX1yyoH0="; - } - { - publisher = "hashicorp"; - name = "terraform"; - version = "2.19.0"; - sha256 = "sha256-k/fcEJuELz0xkwivSrP6Nxtz861BLq1wR2ZDMXVrvkY="; - } - { - publisher = "be5invis"; - name = "toml"; - version = "0.6.0"; - sha256 = "sha256-yk7buEyQIw6aiUizAm+sgalWxUibIuP9crhyBaOjC2E="; - } - { - publisher = "ms-vscode"; - name = "cpptools-extension-pack"; - version = "1.1.0"; - sha256 = "sha256-XKHBwoRXNHIpy7gDR9/xEFdEdB4S0B9L9Jbk53f/Vbc="; - } - { - publisher = "tiehuis"; - name = "zig"; - version = "0.2.5"; - sha256 = "sha256-P8Sep0OtdchTfnudxFNvIK+SW++TyibGVI9zd+B5tu4="; - } - { - publisher = "sjhuangx"; - name = "vscode-scheme"; - version = "0.4.0"; - sha256 = "07vjfymvfv98s5r5a4b5iqhgfz1wpgq2l8h3wlq1bnhhhvmq5pq4"; - } - { - publisher = "shaunlebron"; - name = "vscode-parinfer"; - version = "0.6.2"; - sha256 = "0h4v4rnximy6rbh83y4s2qj1cqbj66g9wld39mzd0zwgi6ig9syd"; - } - { - publisher = "swyphcosmo"; - name = "spellchecker"; - version = "1.2.13"; - sha256 = "1lr33lf01afgi74c1a9gylk92li4hyq24l8bki4l6ggl4z4c2h3w"; - } - { - publisher = "asabil"; - name = "meson"; - version = "1.1.1"; - sha256 = "00cc28a2nb325f54bx51wf5q15x1pmsn0j9z6rnxxqxwii1dm5cl"; - } - { - publisher = "codezombiech"; - name = "gitignore"; - version = "0.6.0"; - sha256 = "0gnc0691pwkd9s8ldqabmpfvj0236rw7bxvkf0bvmww32kv1ia0b"; - } - { - publisher = "DavidAnson"; - name = "vscode-markdownlint"; - version = "0.26.0"; - sha256 = "0g4pssvajn7d8p2547v7313gjyqx4pzs7cbjws2s3v2fk1sw7vbj"; - } - { - publisher = "esbenp"; - name = "prettier-vscode"; - version = "1.8.1"; - sha256 = "0qcm2784n9qc4p77my1kwqrswpji7bp895ay17yzs5g84cj010ln"; - } - { - publisher = "hbenl"; - name = "vscode-test-explorer"; - version = "2.9.3"; - sha256 = "1yf85hgvganxq5n5jff9ckn3smxd6xi79cgn6k53qi5w1r5rahy0"; - } - { - publisher = "lextudio"; - name = "restructuredtext"; - version = "106.0.0"; - sha256 = "096r8071202nxi1is6z7dghcmpsh0f0mm3mp3cfh1yj2mnyzlaxa"; - } - { - publisher = "lostintangent"; - name = "vsls-pomodoro"; - version = "0.1.0"; - sha256 = "1b73zbkhlhacvi18cx4g3n6randy3hw9cab1gkw5gzb3375w7w3p"; - } - { - publisher = "lostintangent"; - name = "vsls-whiteboard"; - version = "0.0.8"; - sha256 = "13fcay9bs861msb5y694casbw66dmhl504xm5cvprssx1qka186p"; - } - { - publisher = "mechatroner"; - name = "rainbow-csv"; - version = "1.0.0"; - sha256 = "1fyamgm7zq31r3c00cn6pcb66rrkfhwfmp72qnhrajydmnvcnbg6"; - } - { - publisher = "ronnidc"; - name = "nunjucks"; - version = "0.2.3"; - sha256 = "119xgyn1dggw2rcqkn2mnz364iw5jlrxg7pcydbijsqj5d3zdfsf"; - } - { - publisher = "serayuzgur"; - name = "crates"; - version = "0.4.2"; - sha256 = "1knspsc98cfw4mhc0yaz0f2185sxdf9kn9qsysfs6c82g9wjaqcj"; - } - ]; - }) - ]; +{ + config, + pkgs, + inputs, + ... +}: { + home.packages = with pkgs; [ + (vscode-with-extensions.override { + vscodeExtensions = with vscode-extensions; + [ + ms-python.python + inputs.nixpkgs-rust-analyzer.legacyPackages.x86_64-linux.vscode-extensions.rust-lang.rust-analyzer + (vscode-utils.buildVscodeExtension { + vscodeExtUniqueId = "vadimcn.vscode-lldb"; + vscodeExtPublisher = "vadimcn"; + vscodeExtName = "vscode-lldb"; + version = "1.6.10"; + name = "vadimcn.vscode-lldb-1.6.10"; + src = fetchurl { + name = "vadimcn.vscode-lldb.zip"; + url = "https://github.com/vadimcn/vscode-lldb/releases/download/v1.6.10/codelldb-${pkgs.system}.vsix"; + sha256 = "sha256-QWbpe6ofacjrTCyWSKljwHDWWeHGmKNqi7cpw8Qy5Tw="; + }; + buildInputs = with pkgs; [llvm lldb python38 autoPatchelfHook]; + }) + ] + ++ vscode-utils.extensionsFromVscodeMarketplace [ + { + publisher = "bierner"; + name = "markdown-mermaid"; + version = "1.18.1"; + sha256 = "sha256-JWeSs7V/LZ345vGWOLeUgGi68Fot/eA2k+CzWL/Wp4w="; + } + { + publisher = "arrterian"; + name = "nix-env-selector"; + version = "1.0.9"; + sha256 = "sha256-TkxqWZ8X+PAonzeXQ+sI9WI+XlqUHll7YyM7N9uErk0="; + } + { + publisher = "vscodevim"; + name = "vim"; + version = "1.21.7"; + sha256 = "sha256-nCcDafZ2CUhTjVha+6Mjxoil61xMGboO5lajc7dGEJg="; + } + { + publisher = "bbenoist"; + name = "nix"; + version = "1.0.1"; + sha256 = "sha256-qwxqOGublQeVP2qrLF94ndX/Be9oZOn+ZMCFX1yyoH0="; + } + { + publisher = "hashicorp"; + name = "terraform"; + version = "2.19.0"; + sha256 = "sha256-k/fcEJuELz0xkwivSrP6Nxtz861BLq1wR2ZDMXVrvkY="; + } + { + publisher = "be5invis"; + name = "toml"; + version = "0.6.0"; + sha256 = "sha256-yk7buEyQIw6aiUizAm+sgalWxUibIuP9crhyBaOjC2E="; + } + { + publisher = "ms-vscode"; + name = "cpptools-extension-pack"; + version = "1.1.0"; + sha256 = "sha256-XKHBwoRXNHIpy7gDR9/xEFdEdB4S0B9L9Jbk53f/Vbc="; + } + { + publisher = "tiehuis"; + name = "zig"; + version = "0.2.5"; + sha256 = "sha256-P8Sep0OtdchTfnudxFNvIK+SW++TyibGVI9zd+B5tu4="; + } + { + publisher = "sjhuangx"; + name = "vscode-scheme"; + version = "0.4.0"; + sha256 = "07vjfymvfv98s5r5a4b5iqhgfz1wpgq2l8h3wlq1bnhhhvmq5pq4"; + } + { + publisher = "shaunlebron"; + name = "vscode-parinfer"; + version = "0.6.2"; + sha256 = "0h4v4rnximy6rbh83y4s2qj1cqbj66g9wld39mzd0zwgi6ig9syd"; + } + { + publisher = "swyphcosmo"; + name = "spellchecker"; + version = "1.2.13"; + sha256 = "1lr33lf01afgi74c1a9gylk92li4hyq24l8bki4l6ggl4z4c2h3w"; + } + { + publisher = "asabil"; + name = "meson"; + version = "1.1.1"; + sha256 = "00cc28a2nb325f54bx51wf5q15x1pmsn0j9z6rnxxqxwii1dm5cl"; + } + { + publisher = "codezombiech"; + name = "gitignore"; + version = "0.6.0"; + sha256 = "0gnc0691pwkd9s8ldqabmpfvj0236rw7bxvkf0bvmww32kv1ia0b"; + } + { + publisher = "DavidAnson"; + name = "vscode-markdownlint"; + version = "0.26.0"; + sha256 = "0g4pssvajn7d8p2547v7313gjyqx4pzs7cbjws2s3v2fk1sw7vbj"; + } + { + publisher = "esbenp"; + name = "prettier-vscode"; + version = "1.8.1"; + sha256 = "0qcm2784n9qc4p77my1kwqrswpji7bp895ay17yzs5g84cj010ln"; + } + { + publisher = "hbenl"; + name = "vscode-test-explorer"; + version = "2.9.3"; + sha256 = "1yf85hgvganxq5n5jff9ckn3smxd6xi79cgn6k53qi5w1r5rahy0"; + } + { + publisher = "lextudio"; + name = "restructuredtext"; + version = "106.0.0"; + sha256 = "096r8071202nxi1is6z7dghcmpsh0f0mm3mp3cfh1yj2mnyzlaxa"; + } + { + publisher = "lostintangent"; + name = "vsls-pomodoro"; + version = "0.1.0"; + sha256 = "1b73zbkhlhacvi18cx4g3n6randy3hw9cab1gkw5gzb3375w7w3p"; + } + { + publisher = "lostintangent"; + name = "vsls-whiteboard"; + version = "0.0.8"; + sha256 = "13fcay9bs861msb5y694casbw66dmhl504xm5cvprssx1qka186p"; + } + { + publisher = "mechatroner"; + name = "rainbow-csv"; + version = "1.0.0"; + sha256 = "1fyamgm7zq31r3c00cn6pcb66rrkfhwfmp72qnhrajydmnvcnbg6"; + } + { + publisher = "ronnidc"; + name = "nunjucks"; + version = "0.2.3"; + sha256 = "119xgyn1dggw2rcqkn2mnz364iw5jlrxg7pcydbijsqj5d3zdfsf"; + } + { + publisher = "serayuzgur"; + name = "crates"; + version = "0.4.2"; + sha256 = "1knspsc98cfw4mhc0yaz0f2185sxdf9kn9qsysfs6c82g9wjaqcj"; + } + ]; + }) + ]; } diff --git a/nixos/home-manager/cli.nix b/nixos/home-manager/cli.nix index f6941457..b793a7ec 100644 --- a/nixos/home-manager/cli.nix +++ b/nixos/home-manager/cli.nix @@ -1,4 +1,10 @@ -{ config, pkgs, inputs, system, ... }: { +{ + config, + pkgs, + inputs, + system, + ... +}: { home.packages = with pkgs; [ (pass.withExtensions (ext: [ ext.pass-otp diff --git a/nixos/home-manager/default.nix b/nixos/home-manager/default.nix index a91738f4..c75d153c 100644 --- a/nixos/home-manager/default.nix +++ b/nixos/home-manager/default.nix @@ -1,5 +1,11 @@ -{ config, pkgs, inputs, lib, ... }: -let username = "cyryl"; +{ + config, + pkgs, + inputs, + lib, + ... +}: let + username = "cyryl"; in { home.sessionVariables = { LC_ALL = "en_GB.UTF-8"; @@ -9,7 +15,7 @@ in { news.display = "show"; - home.packages = with pkgs; [ ]; + home.packages = with pkgs; []; home.username = username; home.homeDirectory = lib.mkDefault "/home/${username}"; diff --git a/nixos/home-manager/linux.nix b/nixos/home-manager/linux.nix index c1d7d09d..3f509968 100644 --- a/nixos/home-manager/linux.nix +++ b/nixos/home-manager/linux.nix @@ -1,4 +1,9 @@ -{ config, pkgs, inputs, ... }: { +{ + config, + pkgs, + inputs, + ... +}: { services.gpg-agent = { enable = true; pinentryFlavor = "curses"; diff --git a/nixos/home-manager/programs.nix b/nixos/home-manager/programs.nix index a180e122..645757d7 100644 --- a/nixos/home-manager/programs.nix +++ b/nixos/home-manager/programs.nix @@ -1,4 +1,8 @@ -{ config, pkgs, ... }: { +{ + config, + pkgs, + ... +}: { programs = { home-manager.enable = true; @@ -11,7 +15,7 @@ gpg = { enable = true; - settings = { }; + settings = {}; }; taskwarrior.enable = true; diff --git a/nixos/home-manager/programs/alacritty.nix b/nixos/home-manager/programs/alacritty.nix index 65705235..7237cab0 100644 --- a/nixos/home-manager/programs/alacritty.nix +++ b/nixos/home-manager/programs/alacritty.nix @@ -1,16 +1,22 @@ -{ config, pkgs, ... }: { - home.sessionVariables = { TERMINAL = "alacritty"; }; +{ + config, + pkgs, + ... +}: { + home.sessionVariables = {TERMINAL = "alacritty";}; programs.alacritty = { enable = true; settings = { window.decorations = "none"; - mouse_bindings = [{ - mouse = "Middle"; - mode = "~Vi"; - action = "None"; - }]; + mouse_bindings = [ + { + mouse = "Middle"; + mode = "~Vi"; + action = "None"; + } + ]; scrolling = { history = 32000; multiplier = 3; diff --git a/nixos/home-manager/programs/helix.nix b/nixos/home-manager/programs/helix.nix index b34db250..a35a4d17 100644 --- a/nixos/home-manager/programs/helix.nix +++ b/nixos/home-manager/programs/helix.nix @@ -9,10 +9,18 @@ alejandra = lib.getExe inputs.alejandra.packages.${system}.default; nil = lib.getExe inputs.nil.packages.${system}.default; in { - - home.sessionVariables = { EDITOR = "vim"; VISUAL="vim"; }; - programs.zsh.sessionVariables = { EDITOR = "vim"; VISUAL="vim"; }; - systemd.user.sessionVariables = { EDITOR = "vim"; VISUAL="vim"; }; + home.sessionVariables = { + EDITOR = "vim"; + VISUAL = "vim"; + }; + programs.zsh.sessionVariables = { + EDITOR = "vim"; + VISUAL = "vim"; + }; + systemd.user.sessionVariables = { + EDITOR = "vim"; + VISUAL = "vim"; + }; programs.helix = { enable = true; diff --git a/nixos/home-manager/programs/kitty.nix b/nixos/home-manager/programs/kitty.nix index 94b5add9..a86e82af 100644 --- a/nixos/home-manager/programs/kitty.nix +++ b/nixos/home-manager/programs/kitty.nix @@ -1,5 +1,9 @@ -{ config, pkgs, ... }: { - home.sessionVariables = { TERMINAL = "kitty"; }; +{ + config, + pkgs, + ... +}: { + home.sessionVariables = {TERMINAL = "kitty";}; programs.kitty = { enable = true; diff --git a/nixos/home-manager/programs/ssh.nix b/nixos/home-manager/programs/ssh.nix index 010d111b..2f5f0bea 100644 --- a/nixos/home-manager/programs/ssh.nix +++ b/nixos/home-manager/programs/ssh.nix @@ -1,4 +1,8 @@ -{ config, pkgs, ... }: { +{ + config, + pkgs, + ... +}: { programs.ssh.extraConfig = '' Host vpsfree1 vpsfree1.cyplo.dev vpsfree1.raptor-carp.ts.net HostName vpsfree1 diff --git a/nixos/home-manager/programs/termite.nix b/nixos/home-manager/programs/termite.nix index 500e843c..6c171955 100644 --- a/nixos/home-manager/programs/termite.nix +++ b/nixos/home-manager/programs/termite.nix @@ -1,5 +1,9 @@ -{ config, pkgs, ... }: { - home.sessionVariables = { TERMINAL = "termite"; }; +{ + config, + pkgs, + ... +}: { + home.sessionVariables = {TERMINAL = "termite";}; programs.termite = { enable = true; allowBold = true; diff --git a/nixos/i3/default.nix b/nixos/i3/default.nix index bcfe3582..33ac2414 100644 --- a/nixos/i3/default.nix +++ b/nixos/i3/default.nix @@ -1,28 +1,36 @@ -{ config, pkgs, ... }: { - imports = [ ./autorandr.nix ./openweathermap-secrets.nix ]; - environment.systemPackages = with pkgs; [ dconf ]; +{ + config, + pkgs, + ... +}: { + imports = [./autorandr.nix ./openweathermap-secrets.nix]; + environment.systemPackages = with pkgs; [dconf]; programs.dconf.enable = true; security.sudo.extraRules = [ { - users = [ "cyryl" ]; - commands = [{ - command = "${pkgs.i3}/bin/i3-msg"; - options = [ "NOPASSWD" ]; - }]; + users = ["cyryl"]; + commands = [ + { + command = "${pkgs.i3}/bin/i3-msg"; + options = ["NOPASSWD"]; + } + ]; } { - users = [ "cyryl" ]; - commands = [{ - command = "${pkgs.intel-gpu-tools}/bin/intel_gpu_top"; - options = [ "NOPASSWD" ]; - }]; + users = ["cyryl"]; + commands = [ + { + command = "${pkgs.intel-gpu-tools}/bin/intel_gpu_top"; + options = ["NOPASSWD"]; + } + ]; } ]; xdg.portal = { enable = true; - extraPortals = with pkgs; [ xdg-desktop-portal-gtk xdg-desktop-portal-kde ]; + extraPortals = with pkgs; [xdg-desktop-portal-gtk xdg-desktop-portal-kde]; }; services = { @@ -32,7 +40,7 @@ allowAnyUser = true; }; - dbus = { packages = with pkgs; [ gnome2.GConf dconf ]; }; + dbus = {packages = with pkgs; [gnome2.GConf dconf];}; fractalart.enable = true; colord.enable = true; @@ -42,8 +50,8 @@ enableHidpi = true; }; }; - home-manager.users.cyryl = { ... }: { - imports = [ ./home.nix ]; - home.packages = with pkgs; [ ]; + home-manager.users.cyryl = {...}: { + imports = [./home.nix]; + home.packages = with pkgs; []; }; } diff --git a/nixos/i3/dunst.nix b/nixos/i3/dunst.nix index 2d8987a7..e5460237 100644 --- a/nixos/i3/dunst.nix +++ b/nixos/i3/dunst.nix @@ -1,4 +1,8 @@ -{ config, pkgs, ... }: { +{ + config, + pkgs, + ... +}: { services.dunst = { enable = true; settings = { diff --git a/nixos/i3/i3-status.nix b/nixos/i3/i3-status.nix index f3d6d6cd..1f866bc3 100644 --- a/nixos/i3/i3-status.nix +++ b/nixos/i3/i3-status.nix @@ -1,12 +1,16 @@ -{ config, pkgs, ... }: { +{ + config, + pkgs, + ... +}: { programs.i3status = { enable = true; enableDefault = false; modules = { - "load" = { position = 1; }; + "load" = {position = 1;}; "disk /" = { position = 2; - settings = { format = " %avail"; }; + settings = {format = " %avail";}; }; "memory" = { settings = { @@ -27,7 +31,7 @@ position = 3; }; "time" = { - settings = { format = "%a %d/%m %H:%M"; }; + settings = {format = "%a %d/%m %H:%M";}; position = 9; }; }; diff --git a/nixos/i3/i3.nix b/nixos/i3/i3.nix index 7bf7b219..075669fd 100644 --- a/nixos/i3/i3.nix +++ b/nixos/i3/i3.nix @@ -1,7 +1,11 @@ -{ config, pkgs, ... }: -let mod = "Mod4"; +{ + config, + pkgs, + ... +}: let + mod = "Mod4"; in { - home.packages = with pkgs; [ font-awesome intel-gpu-tools ]; + home.packages = with pkgs; [font-awesome intel-gpu-tools]; xsession.windowManager.i3 = { enable = true; @@ -23,8 +27,7 @@ in { notification = false; } { - command = - "exec xdg-mime default org.gnome.Evince.desktop application/pdf"; + command = "exec xdg-mime default org.gnome.Evince.desktop application/pdf"; always = false; notification = false; } @@ -42,18 +45,20 @@ in { }; workspaceLayout = "tabbed"; - bars = [{ - statusCommand = "${pkgs.i3status}/bin/i3status"; - position = "top"; - colors.background = "#001e26"; - colors.statusline = "#708183"; - fonts = { - names = [ "BerkeleyMono Nerd Font" ]; - size = 10.0; - }; + bars = [ + { + statusCommand = "${pkgs.i3status}/bin/i3status"; + position = "top"; + colors.background = "#001e26"; + colors.statusline = "#708183"; + fonts = { + names = ["BerkeleyMono Nerd Font"]; + size = 10.0; + }; - trayOutput = "primary"; - }]; + trayOutput = "primary"; + } + ]; modifier = mod; keybindings = { @@ -64,25 +69,17 @@ in { "${mod}+Shift+l" = "exec physlock -d"; "${mod}+Return" = "exec i3-sensible-terminal"; - "XF86AudioRaiseVolume" = - "exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-volume @DEFAULT_SINK@ +5%"; - "XF86AudioLowerVolume" = - "exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-volume @DEFAULT_SINK@ -5%"; - "XF86AudioMute" = - "exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-mute @DEFAULT_SINK@ toggle"; - "XF86AudioMicMute" = - "exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-source-mute @DEFAULT_SOURCE@ toggle"; + "XF86AudioRaiseVolume" = "exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-volume @DEFAULT_SINK@ +5%"; + "XF86AudioLowerVolume" = "exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-volume @DEFAULT_SINK@ -5%"; + "XF86AudioMute" = "exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-mute @DEFAULT_SINK@ toggle"; + "XF86AudioMicMute" = "exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-source-mute @DEFAULT_SOURCE@ toggle"; - "XF86MonBrightnessUp" = - "exec light -s sysfs/backlight/intel_backlight -A 5"; - "XF86MonBrightnessDown" = - "exec light -s sysfs/backlight/intel_backlight -U 5"; + "XF86MonBrightnessUp" = "exec light -s sysfs/backlight/intel_backlight -A 5"; + "XF86MonBrightnessDown" = "exec light -s sysfs/backlight/intel_backlight -U 5"; - "Print" = - "exec ${pkgs.gnome3.gnome-screenshot}/bin/gnome-screenshot -i"; + "Print" = "exec ${pkgs.gnome3.gnome-screenshot}/bin/gnome-screenshot -i"; - "${mod}+r" = - "exec ${pkgs.rofi}/bin/rofi -show combi -combi-modi window#run#ssh -modi combi"; + "${mod}+r" = "exec ${pkgs.rofi}/bin/rofi -show combi -combi-modi window#run#ssh -modi combi"; "${mod}+c" = "exec ${pkgs.clipmenu}/bin/clipmenu"; "${mod}+q" = "kill"; "${mod}+f" = "fullscreen toggle"; diff --git a/nixos/i3/rofi.nix b/nixos/i3/rofi.nix index 75380b02..a3b5cfea 100644 --- a/nixos/i3/rofi.nix +++ b/nixos/i3/rofi.nix @@ -1,4 +1,8 @@ -{ config, pkgs, ... }: { +{ + config, + pkgs, + ... +}: { programs.rofi = { enable = true; font = "BerkeleyMono Nerd Font 16"; diff --git a/nixos/sdr.nix b/nixos/sdr.nix index 02eafaa4..658dcd62 100644 --- a/nixos/sdr.nix +++ b/nixos/sdr.nix @@ -1,20 +1,21 @@ -{ config, pkgs, inputs, ... }: - { - home-manager.users.cyryl = { ... }: { - imports = [ ]; - home.packages = - with inputs.nixpkgs-nixos-unstable.legacyPackages."x86_64-linux"; - with gnuradio3_8Packages; - [ gnuradio3_8 osmosdr gqrx audacity rtl-sdr inspectrum ] ++ - - (with pkgs; [ ]); + config, + pkgs, + inputs, + ... +}: { + home-manager.users.cyryl = {...}: { + imports = []; + home.packages = with inputs.nixpkgs-nixos-unstable.legacyPackages."x86_64-linux"; + with gnuradio3_8Packages; + [gnuradio3_8 osmosdr gqrx audacity rtl-sdr inspectrum] + ++ (with pkgs; []); }; - users.extraUsers.cyryl.extraGroups = [ "plugdev" ]; - users.groups = { "plugdev" = { }; }; + users.extraUsers.cyryl.extraGroups = ["plugdev"]; + users.groups = {"plugdev" = {};}; services.udev = { - packages = [ pkgs.rtl-sdr ]; + packages = [pkgs.rtl-sdr]; extraRules = '' # RTL2832U OEM vid/pid, e.g. ezcap EzTV668 (E4000), Newsky TV28T (E4000/R820T) etc. SUBSYSTEMS=="usb", ATTRS{idVendor}=="0bda", ATTRS{idProduct}=="2838", ENV{ID_SOFTWARE_RADIO}="1", MODE="0660", GROUP="plugdev" @@ -22,5 +23,5 @@ }; # dont load DVB-T modules automatically - boot.blacklistedKernelModules = [ "dvb_usb_rtl28xxu" ]; + boot.blacklistedKernelModules = ["dvb_usb_rtl28xxu"]; } diff --git a/nixos/server-common.nix b/nixos/server-common.nix index 3b8981c8..7288b6ec 100644 --- a/nixos/server-common.nix +++ b/nixos/server-common.nix @@ -1,5 +1,9 @@ -{ config, pkgs, ... }: { - imports = [ ./server-security.nix ./tailscale ]; +{ + config, + pkgs, + ... +}: { + imports = [./server-security.nix ./tailscale]; networking.nameservers = [ "100.100.100.100" "9.9.9.9" diff --git a/nixos/server-security.nix b/nixos/server-security.nix index 0f32f80e..e8252e1a 100644 --- a/nixos/server-security.nix +++ b/nixos/server-security.nix @@ -1,5 +1,8 @@ -{ config, pkgs, ... }: -let +{ + config, + pkgs, + ... +}: let authorizedKeys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEo4R+6J3h6Ix3xWpOMdU7Es1/YxFchHw0c+kcCOJxFb cyryl@foureighty" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDN/2C59i+ucvSa9FLCHlVPJp0zebLOcw0+hnBYwy0cY cyryl@skinnyv" @@ -7,7 +10,7 @@ let "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBDa2qAxpUEFeBYl2wlzDa/x37TAAy5pOBHv50OXUrV5 cyryl@thinky" ]; in { - imports = [ ./security.nix ]; + imports = [./security.nix]; security.acme.defaults.email = "admin@cyplo.dev"; security.acme.acceptTerms = true; @@ -27,7 +30,7 @@ in { openssh.authorizedKeys.keys = authorizedKeys; }; - nix.settings.trusted-users = [ "root" "nix-builder" ]; + nix.settings.trusted-users = ["root" "nix-builder"]; nix.sshServe.enable = true; nix.sshServe.keys = authorizedKeys; } diff --git a/nixos/sway/default.nix b/nixos/sway/default.nix index 9c0669fc..dc5b9d3f 100644 --- a/nixos/sway/default.nix +++ b/nixos/sway/default.nix @@ -1,7 +1,11 @@ -{ config, pkgs, ... }: -let mod = "Mod4"; +{ + config, + pkgs, + ... +}: let + mod = "Mod4"; in { - services.dbus.packages = with pkgs; [ ]; + services.dbus.packages = with pkgs; []; programs.dconf.enable = true; systemd.defaultUnit = "graphical.target"; security.polkit.enable = true; @@ -13,10 +17,10 @@ in { fi ''; - home-manager.users.cyryl = { ... }: { + home-manager.users.cyryl = {...}: { programs.mako.enable = true; - imports = [ ./keybindings.nix ../home-manager/programs/alacritty.nix ]; + imports = [./keybindings.nix ../home-manager/programs/alacritty.nix]; home.pointerCursor = { name = "Adwaita"; @@ -73,16 +77,17 @@ in { titlebar = false; border = 0; }; - bars = [{ - position = "top"; - command = "${pkgs.waybar}/bin/waybar"; - }]; + bars = [ + { + position = "top"; + command = "${pkgs.waybar}/bin/waybar"; + } + ]; startup = [ { - command = - "${pkgs.wl-clipboard}/bin/wl-paste -t text --watch ${pkgs.clipman}/bin/clipman store"; + command = "${pkgs.wl-clipboard}/bin/wl-paste -t text --watch ${pkgs.clipman}/bin/clipman store"; } - { command = "${pkgs.clipman}/bin/clipman restore"; } + {command = "${pkgs.clipman}/bin/clipman restore";} { command = '' swayidle -w timeout 300 'swaylock -f -c 000000' timeout 600 'swaymsg "output * dpms off" && systemctl suspend' resume 'swaymsg "output * dpms on"' before-sleep 'swaylock -f -c 657b83' @@ -94,7 +99,7 @@ in { xkb_layout = "pl"; xkb_options = "caps:ctrl_modifier"; }; - input."2:7:SynPS/2_Synaptics_TouchPad" = { tap = "enabled"; }; + input."2:7:SynPS/2_Synaptics_TouchPad" = {tap = "enabled";}; }; }; }; diff --git a/nixos/sway/keybindings.nix b/nixos/sway/keybindings.nix index 46254bd2..91df3a3d 100644 --- a/nixos/sway/keybindings.nix +++ b/nixos/sway/keybindings.nix @@ -1,5 +1,9 @@ -{ config, pkgs, ... }: -let mod = "Mod4"; +{ + config, + pkgs, + ... +}: let + mod = "Mod4"; in { wayland.windowManager.sway.config.keybindings = { "${mod}+Shift+e" = "exit"; @@ -7,19 +11,13 @@ in { "${mod}+Shift+l" = "exec swaylock -c 657b83"; "${mod}+Return" = "exec ${pkgs.alacritty}/bin/alacritty"; - "XF86AudioRaiseVolume" = - "exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-volume @DEFAULT_SINK@ +5%"; - "XF86AudioLowerVolume" = - "exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-volume @DEFAULT_SINK@ -5%"; - "XF86AudioMute" = - "exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-mute @DEFAULT_SINK@ toggle"; - "XF86AudioMicMute" = - "exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-source-mute @DEFAULT_SOURCE@ toggle"; + "XF86AudioRaiseVolume" = "exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-volume @DEFAULT_SINK@ +5%"; + "XF86AudioLowerVolume" = "exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-volume @DEFAULT_SINK@ -5%"; + "XF86AudioMute" = "exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-mute @DEFAULT_SINK@ toggle"; + "XF86AudioMicMute" = "exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-source-mute @DEFAULT_SOURCE@ toggle"; - "XF86MonBrightnessUp" = - "exec light -s sysfs/backlight/intel_backlight -A 5"; - "XF86MonBrightnessDown" = - "exec light -s sysfs/backlight/intel_backlight -U 5"; + "XF86MonBrightnessUp" = "exec light -s sysfs/backlight/intel_backlight -A 5"; + "XF86MonBrightnessDown" = "exec light -s sysfs/backlight/intel_backlight -U 5"; "Print" = "exec ${pkgs.gnome3.gnome-screenshot}/bin/gnome-screenshot -i"; diff --git a/nixos/syncthing.nix b/nixos/syncthing.nix index c37b58ef..3b43e9d6 100644 --- a/nixos/syncthing.nix +++ b/nixos/syncthing.nix @@ -1,7 +1,11 @@ -{ config, pkgs, inputs, ... }: -let - workstations = [ "skinnyv" "foryog" "thinky" ]; - workstations_plus_phone = [ "OnePlus9" ] ++ workstations; +{ + config, + pkgs, + inputs, + ... +}: let + workstations = ["skinnyv" "foryog" "thinky"]; + workstations_plus_phone = ["OnePlus9"] ++ workstations; in { services.syncthing = { enable = true; @@ -41,12 +45,12 @@ in { "/home/cyryl/vaults" = { id = "vaults"; label = "vaults"; - devices = workstations_plus_phone ++ [ "hagath" ]; + devices = workstations_plus_phone ++ ["hagath"]; }; "/home/cyryl/Documents" = { id = "documents"; label = "documents"; - devices = workstations_plus_phone ++ [ "hagath" ]; + devices = workstations_plus_phone ++ ["hagath"]; }; "/home/cyryl/camera" = { id = "camera"; @@ -71,7 +75,7 @@ in { "/home/cyryl/Photos" = { id = "photos"; label = "photos"; - devices = workstations ++ [ "hagath" ]; + devices = workstations ++ ["hagath"]; }; "/home/cyryl/gopro" = { id = "gopro"; @@ -81,12 +85,12 @@ in { "/home/cyryl/Videos" = { id = "videos"; label = "videos"; - devices = workstations ++ [ "hagath" ]; + devices = workstations ++ ["hagath"]; }; "/home/cyryl/rodzice_sync" = { id = "rodzice"; label = "rodzice"; - devices = workstations ++ [ "hagath" "mama" "janusz" "danuta" ]; + devices = workstations ++ ["hagath" "mama" "janusz" "danuta"]; }; }; extraOptions = { diff --git a/nixos/tailscale/default.nix b/nixos/tailscale/default.nix index 2ec962db..c949af53 100644 --- a/nixos/tailscale/default.nix +++ b/nixos/tailscale/default.nix @@ -1,28 +1,34 @@ -{ config, pkgs, inputs, ... }: -let - inherit (inputs.nixpkgs-nixos-unstable.legacyPackages."x86_64-linux") - tailscale; +{ + config, + pkgs, + inputs, + ... +}: let + inherit + (inputs.nixpkgs-nixos-unstable.legacyPackages."x86_64-linux") + tailscale + ; in { - environment.systemPackages = [ tailscale ]; + environment.systemPackages = [tailscale]; services.tailscale = { enable = true; package = tailscale; }; networking.firewall = { - trustedInterfaces = [ "tailscale0" ]; - allowedUDPPorts = [ config.services.tailscale.port ]; + trustedInterfaces = ["tailscale0"]; + allowedUDPPorts = [config.services.tailscale.port]; }; sops.secrets."tailscale-key-${config.networking.hostName}" = { sopsFile = ./keys.sops.yaml; - restartUnits = [ "tailscale-auth.service" ]; + restartUnits = ["tailscale-auth.service"]; }; systemd.services.tailscale-auth = { description = "Auth with tailscale"; - after = [ "network-pre.target" "tailscale.service" ]; - wants = [ "network-pre.target" "tailscale.service" ]; - wantedBy = [ "multi-user.target" ]; + after = ["network-pre.target" "tailscale.service"]; + wants = ["network-pre.target" "tailscale.service"]; + wantedBy = ["multi-user.target"]; serviceConfig.Type = "oneshot"; diff --git a/nixos/vim/default.nix b/nixos/vim/default.nix index af40b32f..c9fdf504 100644 --- a/nixos/vim/default.nix +++ b/nixos/vim/default.nix @@ -1,5 +1,10 @@ -{ config, pkgs, lib, ... }: { +{ + config, + pkgs, + lib, + ... +}: { programs.zsh.enable = true; - home-manager.users.cyryl = { ... }: { imports = [ ./home.nix ]; }; + home-manager.users.cyryl = {...}: {imports = [./home.nix];}; } diff --git a/nixos/vim/home.nix b/nixos/vim/home.nix index 40587871..629ffc06 100644 --- a/nixos/vim/home.nix +++ b/nixos/vim/home.nix @@ -1,15 +1,30 @@ -{ config, pkgs, lib, inputs, system, ... }: -let +{ + config, + pkgs, + lib, + inputs, + system, + ... +}: let unstablePackages = inputs.nixpkgs-nixos-unstable.legacyPackages."${system}"; nil = inputs.nil.packages."${system}".default; cocPackage = unstablePackages.vimPlugins.coc-nvim; nvimPackage = unstablePackages.neovim-unwrapped; in { home.file.".vimrc".source = ../../.vimrc; - home.packages = with pkgs; [ ripgrep ]; - home.sessionVariables = { EDITOR = "vim"; VISUAL="vim"; }; - programs.zsh.sessionVariables = { EDITOR = "vim"; VISUAL="vim"; }; - systemd.user.sessionVariables = { EDITOR = "vim"; VISUAL="vim"; }; + home.packages = with pkgs; [ripgrep]; + home.sessionVariables = { + EDITOR = "vim"; + VISUAL = "vim"; + }; + programs.zsh.sessionVariables = { + EDITOR = "vim"; + VISUAL = "vim"; + }; + systemd.user.sessionVariables = { + EDITOR = "vim"; + VISUAL = "vim"; + }; programs.neovim = { enable = true; @@ -26,8 +41,8 @@ in { languageserver = { nix = { command = "${nil}/bin/nil"; - rootPatterns = [ "flake.nix" ]; - filetypes = [ "nix" ]; + rootPatterns = ["flake.nix"]; + filetypes = ["nix"]; }; }; }; @@ -40,58 +55,58 @@ in { withRuby = true; plugins = with pkgs; - with pkgs.vimPlugins; [ - (vimUtils.buildVimPluginFrom2Nix rec { - pname = "vim-tada"; - version = "2022-04-22"; - src = fetchFromGitHub { - owner = "dewyze"; - repo = pname; - rev = "acfda7229fc487ee6da44650164cb770d1cc608c"; - sha256 = "sha256-9kvLbzrVjtBTjbXmhJ7JTggXgFvGVF7sc2YiVW9fUGY="; - }; - }) - (vimUtils.buildVimPluginFrom2Nix rec { - pname = "srht.vim"; - version = "2022-01-04"; - src = fetchFromSourcehut { - owner = "~willdurand"; - repo = pname; - rev = "825e685f75464cbd41a5f8eded974e46f416355e"; - sha256 = "sha256-9/Yeqmq/1ZIIsEgsrLLZ7o0cjOt/wlUgeLEzJoK7eco="; - }; - }) - ack-vim - coc-go - coc-highlight - coc-rust-analyzer - coc-yaml - committia-vim - ctrlp-vim - editorconfig-vim - fzf-vim - lsp-colors-nvim - nvim-tree-lua - nvim-web-devicons - quickfix-reflector-vim - rainbow - tabular - vim-airline - vim-airline-themes - vim-autoformat - vim-colors-solarized - vim-devicons - vim-dirdiff - vim-dispatch - vim-fugitive - vim-gitgutter - vim-markdown - vim-nix - vim-sensible - vim-startify - vim-surround - vim-toml - ]; + with pkgs.vimPlugins; [ + (vimUtils.buildVimPluginFrom2Nix rec { + pname = "vim-tada"; + version = "2022-04-22"; + src = fetchFromGitHub { + owner = "dewyze"; + repo = pname; + rev = "acfda7229fc487ee6da44650164cb770d1cc608c"; + sha256 = "sha256-9kvLbzrVjtBTjbXmhJ7JTggXgFvGVF7sc2YiVW9fUGY="; + }; + }) + (vimUtils.buildVimPluginFrom2Nix rec { + pname = "srht.vim"; + version = "2022-01-04"; + src = fetchFromSourcehut { + owner = "~willdurand"; + repo = pname; + rev = "825e685f75464cbd41a5f8eded974e46f416355e"; + sha256 = "sha256-9/Yeqmq/1ZIIsEgsrLLZ7o0cjOt/wlUgeLEzJoK7eco="; + }; + }) + ack-vim + coc-go + coc-highlight + coc-rust-analyzer + coc-yaml + committia-vim + ctrlp-vim + editorconfig-vim + fzf-vim + lsp-colors-nvim + nvim-tree-lua + nvim-web-devicons + quickfix-reflector-vim + rainbow + tabular + vim-airline + vim-airline-themes + vim-autoformat + vim-colors-solarized + vim-devicons + vim-dirdiff + vim-dispatch + vim-fugitive + vim-gitgutter + vim-markdown + vim-nix + vim-sensible + vim-startify + vim-surround + vim-toml + ]; extraConfig = '' if filereadable($HOME . "/.vimrc") source $HOME/.vimrc diff --git a/nixos/zsh/default.nix b/nixos/zsh/default.nix index e0d69452..7c6dc526 100644 --- a/nixos/zsh/default.nix +++ b/nixos/zsh/default.nix @@ -1,4 +1,9 @@ -{ config, pkgs, lib, ... }: { +{ + config, + pkgs, + lib, + ... +}: { programs.zsh.enable = true; - home-manager.users.cyryl = { ... }: { imports = [ ./home.nix ]; }; + home-manager.users.cyryl = {...}: {imports = [./home.nix];}; } diff --git a/nixos/zsh/home.nix b/nixos/zsh/home.nix index dcaacfc3..5e7a41ba 100644 --- a/nixos/zsh/home.nix +++ b/nixos/zsh/home.nix @@ -1,4 +1,8 @@ -{ config, pkgs, ... }: { +{ + config, + pkgs, + ... +}: { programs.atuin.enableZshIntegration = true; programs.zsh = { enable = true; @@ -15,7 +19,7 @@ oh-my-zsh = { enable = true; - plugins = [ "vi-mode" "git" "python" "history-substring-search" "tmux" ]; + plugins = ["vi-mode" "git" "python" "history-substring-search" "tmux"]; }; initExtra = '' @@ -65,7 +69,7 @@ programs.direnv = { enable = true; enableZshIntegration = true; - nix-direnv = { enable = true; }; + nix-direnv = {enable = true;}; }; home.file.".config/starship.toml".text = ''