diff --git a/default.nix b/default.nix index 85cb538..f3fe942 100644 --- a/default.nix +++ b/default.nix @@ -1,13 +1,15 @@ -(import +( + import ( let lock = builtins.fromJSON (builtins.readFile ./flake.lock); nodeName = lock.nodes.root.inputs.flake-compat; in - fetchTarball { - url = lock.nodes.${nodeName}.locked.url or "https://github.com/edolstra/flake-compat/archive/${lock.nodes.${nodeName}.locked.rev}.tar.gz"; - sha256 = lock.nodes.${nodeName}.locked.narHash; - } + fetchTarball { + url = lock.nodes.${nodeName}.locked.url or "https://github.com/edolstra/flake-compat/archive/${lock.nodes.${nodeName}.locked.rev}.tar.gz"; + sha256 = lock.nodes.${nodeName}.locked.narHash; + } ) - { src = ./.; } -).defaultNix + {src = ./.;} +) +.defaultNix diff --git a/flake/home.nix b/flake/home.nix index c915eb0..6462967 100644 --- a/flake/home.nix +++ b/flake/home.nix @@ -1 +1 @@ -{ ... }: { } +{...}: {} diff --git a/flake/packages.nix b/flake/packages.nix index 4b2c5c4..ea8f50d 100644 --- a/flake/packages.nix +++ b/flake/packages.nix @@ -1,2 +1,2 @@ -{ ... }: { +{...}: { } diff --git a/home/common/default.nix b/home/common/default.nix index c473787..087dacd 100644 --- a/home/common/default.nix +++ b/home/common/default.nix @@ -1,5 +1,4 @@ -{...}: -{ +{...}: { imports = [ ./wm ./nodm.nix diff --git a/home/common/nix.nix b/home/common/nix.nix index 5afecae..51b79a6 100644 --- a/home/common/nix.nix +++ b/home/common/nix.nix @@ -1,5 +1,12 @@ -{ pkgs, lib, config, osConfig ? { }, options, nixpkgs, ... }: -let +{ + pkgs, + lib, + config, + osConfig ? {}, + options, + nixpkgs, + ... +}: let cfg = config.nixfiles.common.nix; standalone = !(osConfig ? home-manager); in { diff --git a/home/common/nodm.nix b/home/common/nodm.nix index 06d6d27..9b785e6 100644 --- a/home/common/nodm.nix +++ b/home/common/nodm.nix @@ -1,28 +1,35 @@ -{ lib, pkgs, config, osConfig ? {}, options, ... }: -let - cfg = config.nixfiles.common.nodm; -in { + lib, + pkgs, + config, + osConfig ? {}, + options, + ... +}: let + cfg = config.nixfiles.common.nodm; +in { config = let - hyprland="${config.wayland.windowManager.hyprland.finalPackage}/bin/Hyprland"; - tty="${pkgs.coreutils}/bin/tty"; - initCommands = - '' - if [[ "$(${tty})" == "/dev/tty1" && -z "''${WAYLAND_DISPLAY:+x}" ]] ; then - ${hyprland} - fi - ''; - in lib.mkIf (cfg.enable && config.wayland.windowManager.hyprland.enable) { - # auto start Hyprland on tty1 - programs.zsh.initExtra = initCommands; - programs.bash.initExtra = initCommands; - }; + hyprland = "${config.wayland.windowManager.hyprland.finalPackage}/bin/Hyprland"; + tty = "${pkgs.coreutils}/bin/tty"; + initCommands = '' + if [[ "$(${tty})" == "/dev/tty1" && -z "''${WAYLAND_DISPLAY:+x}" ]] ; then + ${hyprland} + fi + ''; + in + lib.mkIf (cfg.enable && config.wayland.windowManager.hyprland.enable) { + # auto start Hyprland on tty1 + programs.zsh.initExtra = initCommands; + programs.bash.initExtra = initCommands; + }; options.nixfiles.common.nodm = { enable = lib.mkOption { type = lib.types.bool; description = "Whether to automatically start a desktop session on TTY1, behaving like a rudimentary display manager."; - default = osConfig ? systemd + default = + osConfig + ? systemd && config.nixfiles.meta.graphical && (!( (osConfig.systemd.services.display-manager.enable or false) diff --git a/home/common/shell.nix b/home/common/shell.nix index 290a54d..d6d8c91 100644 --- a/home/common/shell.nix +++ b/home/common/shell.nix @@ -1,5 +1,9 @@ -{ config, lib, pkgs, ... }: -let +{ + config, + lib, + pkgs, + ... +}: let inherit (lib) mkOption mkEnableOption mkIf mkDefault; cfg = config.nixfiles.common.shell; @@ -8,12 +12,13 @@ let history | sed 's:^ \+[0-9]\+ \+::' | grep '^,' | cut -d' ' -f2- | sed 's:^\(-[^ ]\+ \?\)\+::g' | grep . | cut -d' ' -f1 | sort | uniq -c | sort -g } ''; -in -{ +in { options.nixfiles.common.shell = { - enable = lib.mkEnableOption "" // { - description = "Whether to enable the nixfiles shell configuration."; - }; + enable = + lib.mkEnableOption "" + // { + description = "Whether to enable the nixfiles shell configuration."; + }; }; config = mkIf cfg.enable { @@ -43,11 +48,13 @@ in }; programs.zsh = { enable = mkDefault true; - initExtra = '' - export HOME_MANAGER_MANAGED=true - [[ -e ~/dotfiles/shell/.zshrc ]] && . ~/dotfiles/shell/.zshrc ]] - unset HOME_MANAGER_MANAGED - '' + common_functions "zsh"; + initExtra = + '' + export HOME_MANAGER_MANAGED=true + [[ -e ~/dotfiles/shell/.zshrc ]] && . ~/dotfiles/shell/.zshrc ]] + unset HOME_MANAGER_MANAGED + '' + + common_functions "zsh"; oh-my-zsh = { enable = mkDefault true; theme = "robbyrussell"; @@ -59,6 +66,5 @@ in ]; }; }; - }; } diff --git a/home/common/theme.nix b/home/common/theme.nix index 9cb30ef..58556d4 100644 --- a/home/common/theme.nix +++ b/home/common/theme.nix @@ -1,35 +1,51 @@ -{ config, lib, pkgs, ... }: -let +{ + config, + lib, + pkgs, + ... +}: let cfg = config.nixfiles.theming; mkDefaultStylix = lib.mkOverride 999; - toCaps = s: with lib.strings; with builtins; - (toUpper (substring 0 1 s)) + toLower (substring 1 ((stringLength s)-1) s); + toCaps = s: + with lib.strings; + with builtins; + (toUpper (substring 0 1 s)) + toLower (substring 1 ((stringLength s) - 1) s); inherit (lib.strings) toUpper toLower; - mkCtp = flavor: accent: with pkgs; { - names = { - cursors = "catppuccin-${toLower flavor}-${toLower accent}-cursors"; - icons = "Papirus-Dark"; - gtk = let - base = "Catppuccin-${toCaps flavor}-Standard-${toCaps accent}-Dark"; - in { - normal = "${base}"; - hdpi = "${base}-hdpi"; - xhdpi = "${base}-xhdpi"; + mkCtp = flavor: accent: + with pkgs; { + names = { + cursors = "catppuccin-${toLower flavor}-${toLower accent}-cursors"; + icons = "Papirus-Dark"; + gtk = let + base = "Catppuccin-${toCaps flavor}-Standard-${toCaps accent}-Dark"; + in { + normal = "${base}"; + hdpi = "${base}-hdpi"; + xhdpi = "${base}-xhdpi"; + }; + }; + packages = { + cursors = catppuccin-cursors."${toLower flavor}${toCaps accent}"; + kvantum = catppuccin-kvantum.override { + variant = toLower flavor; + accent = toLower accent; + }; + icons = catppuccin-papirus-folders.override { + flavor = toLower flavor; + accent = toLower accent; + }; + gtk = catppuccin-gtk.override { + variant = toLower flavor; + accents = [(toLower accent)]; + }; }; }; - packages = { - cursors = catppuccin-cursors."${toLower flavor}${toCaps accent}"; - kvantum = catppuccin-kvantum.override { variant = toLower flavor; accent = toLower accent; }; - icons = catppuccin-papirus-folders.override { flavor = toLower flavor; accent = toLower accent; }; - gtk = catppuccin-gtk.override { variant = toLower flavor; accents = [ (toLower accent) ]; }; - }; - }; ctp = with cfg.catppuccin; mkCtp flavor accent; in { - options.nixfiles.theming = { + options.nixfiles.theming = { enable = lib.mkEnableOption "nixfiles theming options"; catppuccin = { @@ -54,9 +70,11 @@ in { config = lib.mkIf cfg.enable { fonts.fontconfig.enable = lib.mkDefault true; - home.packages = with pkgs; [ - ubuntu_font_family - ] ++ lib.mapAttrsToList (k: v: v) ctp.packages; + home.packages = with pkgs; + [ + ubuntu_font_family + ] + ++ lib.mapAttrsToList (k: v: v) ctp.packages; gtk = { enable = true; diff --git a/home/common/wm/default.nix b/home/common/wm/default.nix index 18fb389..b6b03c0 100644 --- a/home/common/wm/default.nix +++ b/home/common/wm/default.nix @@ -1,17 +1,22 @@ -{ pkgs, lib, config, osConfig ? {}, options, ...}: -let +{ + pkgs, + lib, + config, + osConfig ? {}, + options, + ... +}: let cfg = config.nixfiles.common.wm; inherit (lib) mkDefault; mkOverrideEach = pri: lib.mapAttrs (_:v: lib.mkOverride pri v); -in -{ +in { options.nixfiles.common.wm = { enable = lib.mkEnableOption "common window manager config"; autostart = lib.mkOption { description = "List of window manager agnostic commnads to run at window manager startup"; type = lib.types.listOf lib.types.str; - default = [ ]; - example = [ "steam -silent" ]; + default = []; + example = ["steam -silent"]; }; }; @@ -51,8 +56,14 @@ in nwg-displays # very consistent (ok it's actually a little better now) - (catppuccin-papirus-folders.override {accent = "mauve"; flavor = "mocha"; }) - (pkgs.catppuccin-kvantum.override {accent = "mauve"; variant = "mocha"; }) + (catppuccin-papirus-folders.override { + accent = "mauve"; + flavor = "mocha"; + }) + (pkgs.catppuccin-kvantum.override { + accent = "mauve"; + variant = "mocha"; + }) catppuccin-cursors.mochaMauve arc-theme @@ -73,19 +84,19 @@ in }; }; - # File associations xdg.mimeApps = { enable = true; defaultApplications = let - defaultBrowser = [ "firefox.desktop" ]; - in mkOverrideEach 50 { - "x-scheme-handler/https" = defaultBrowser; - "x-scheme-handler/http" = defaultBrowser; - "text/html" = defaultBrowser; - "application/xhtml+xml" = defaultBrowser; - "application/pdf" = defaultBrowser; - }; + defaultBrowser = ["firefox.desktop"]; + in + mkOverrideEach 50 { + "x-scheme-handler/https" = defaultBrowser; + "x-scheme-handler/http" = defaultBrowser; + "text/html" = defaultBrowser; + "application/xhtml+xml" = defaultBrowser; + "application/pdf" = defaultBrowser; + }; }; # this makes xdg.mimeApps overwrite mimeapps.list if it has been touched by something else xdg.configFile."mimeapps.list" = { diff --git a/home/common/wm/keybinds.nix b/home/common/wm/keybinds.nix index f91b379..d717ea3 100644 --- a/home/common/wm/keybinds.nix +++ b/home/common/wm/keybinds.nix @@ -1,12 +1,16 @@ -{ pkgs, config, lib, outputs, ... }: -let +{ + pkgs, + config, + lib, + outputs, + ... +}: let df = lib.mkDefault; - mkxf = with lib; mapAttrs' (name: value: nameValuePair ("XF86" + name) (value)); + mkxf = with lib; mapAttrs' (name: value: nameValuePair ("XF86" + name) value); # not rewriting this rn keysetting = "${outputs.packages.${pkgs.system}.wm-helpers}/bin/keysetting"; -in -{ +in { options.nixfiles.common.wm = { keybinds = lib.mkOption { description = '' diff --git a/home/default.nix b/home/default.nix index 6bcb88c..5a03607 100644 --- a/home/default.nix +++ b/home/default.nix @@ -1,10 +1,18 @@ -{ pkgs, config, lib, options, osConfig ? { }, nixpkgs, home-manager, inputs, ... }@args: -let +{ + pkgs, + config, + lib, + options, + osConfig ? {}, + nixpkgs, + home-manager, + inputs, + ... +} @ args: let isStandalone = osConfig ? home-manager; cfg = config.nixfiles; flakeType = cfg.lib.types.flake; -in -{ +in { imports = [ ./common ./package-sets @@ -25,7 +33,7 @@ in lib = lib.mkOption { description = "nixfiles library"; - default = (import ../lib/nixfiles) { inherit pkgs; }; + default = (import ../lib/nixfiles) {inherit pkgs;}; readOnly = true; }; @@ -53,13 +61,13 @@ in meta.graphical = lib.mkOption { description = "Whether to enable graphical home-manager applications"; type = lib.types.bool; - default = (osConfig ? services && osConfig.services.xserver.enable); + default = osConfig ? services && osConfig.services.xserver.enable; example = true; }; meta.wayland = lib.mkOption { description = "Whether to prefer wayland packages and configuration"; type = lib.types.bool; - default = (lib.hasAttrByPath [ "nixfiles" "meta" "wayland" ] osConfig) && osConfig.nixfiles.meta.wayland; + default = (lib.hasAttrByPath ["nixfiles" "meta" "wayland"] osConfig) && osConfig.nixfiles.meta.wayland; example = true; }; diff --git a/home/package-sets/communication.nix b/home/package-sets/communication.nix index b6d874d..5932af0 100644 --- a/home/package-sets/communication.nix +++ b/home/package-sets/communication.nix @@ -1,10 +1,16 @@ -{ pkgs, lib, config, osConfig ? {}, inputs, ... }: -let +{ + pkgs, + lib, + config, + osConfig ? {}, + inputs, + ... +}: let cfg = config.nixfiles.packageSets.communication; - rustdesk-pkg = if (lib.strings.hasInfix "23.11" lib.version) then - inputs.nixpkgs-unstable.legacyPackages.${pkgs.system}.rustdesk-flutter - else - pkgs.rustdesk-flutter; + rustdesk-pkg = + if (lib.strings.hasInfix "23.11" lib.version) + then inputs.nixpkgs-unstable.legacyPackages.${pkgs.system}.rustdesk-flutter + else pkgs.rustdesk-flutter; vesktop-ozone-cmd = let extraFlags = lib.optionalString config.nixfiles.workarounds.nvidiaPrimary " --disable-gpu"; @@ -17,23 +23,21 @@ let done exec "$@" ''; -in -{ +in { options.nixfiles.packageSets.communication = { enable = lib.mkEnableOption "communication package set"; }; config = lib.mkIf cfg.enable { - xdg.desktopEntries.vesktop = lib.mkIf config.nixfiles.meta.graphical { - categories= ["Network" "InstantMessaging" "Chat"]; - exec=vesktop-ozone-cmd + " %U"; - genericName="Internet Messenger"; - icon="vesktop"; - name="Vesktop"; - type="Application"; + categories = ["Network" "InstantMessaging" "Chat"]; + exec = vesktop-ozone-cmd + " %U"; + genericName = "Internet Messenger"; + icon = "vesktop"; + name = "Vesktop"; + type = "Application"; settings = { - StartupWMClass="Vesktop"; - Keywords="discord;vencord;electron;chat"; + StartupWMClass = "Vesktop"; + Keywords = "discord;vencord;electron;chat"; }; }; @@ -41,17 +45,19 @@ in (waitNet + " " + vesktop-ozone-cmd + " --start-minimized") ]; - home.packages = with pkgs; lib.optionals config.nixfiles.meta.graphical [ - element-desktop - telegram-desktop - signal-desktop - thunderbird - vesktop - rustdesk-pkg - tor-browser - onionshare - ] ++ [ - irssi - ]; + home.packages = with pkgs; + lib.optionals config.nixfiles.meta.graphical [ + element-desktop + telegram-desktop + signal-desktop + thunderbird + vesktop + rustdesk-pkg + tor-browser + onionshare + ] + ++ [ + irssi + ]; }; } diff --git a/home/package-sets/default.nix b/home/package-sets/default.nix index a7553ac..515b401 100644 --- a/home/package-sets/default.nix +++ b/home/package-sets/default.nix @@ -1,5 +1,4 @@ -{...}: -{ +{...}: { imports = [ ./communication.nix ./dev.nix diff --git a/home/package-sets/dev.nix b/home/package-sets/dev.nix index ead2fd7..de60891 100644 --- a/home/package-sets/dev.nix +++ b/home/package-sets/dev.nix @@ -1,8 +1,12 @@ -{ pkgs, lib, config, osConfig ? {}, ... }: -let - cfg = config.nixfiles.packageSets.dev; -in { + pkgs, + lib, + config, + osConfig ? {}, + ... +}: let + cfg = config.nixfiles.packageSets.dev; +in { options.nixfiles.packageSets.dev = { enable = lib.mkEnableOption "development package set"; }; diff --git a/home/package-sets/multimedia.nix b/home/package-sets/multimedia.nix index 157da23..ccfc15f 100644 --- a/home/package-sets/multimedia.nix +++ b/home/package-sets/multimedia.nix @@ -1,11 +1,15 @@ -{ config, lib, pkgs, osConfig ? { }, ...}: -let +{ + config, + lib, + pkgs, + osConfig ? {}, + ... +}: let cfg = config.nixfiles.packageSets.multimedia; inherit (lib) optionals mkEnableOption mkIf; default = osConfig ? nixfiles && osConfig.nixfiles.packageSets.multimedia.enable; mkOverrideEach = pri: lib.mapAttrs (_:v: lib.mkOverride pri v); -in -{ +in { options.nixfiles.packageSets.multimedia = { enable = lib.mkOption { description = "Whether to enable multimedia packages"; @@ -16,41 +20,43 @@ in }; config = mkIf cfg.enable { - home.packages = with pkgs; optionals config.nixfiles.meta.graphical [ - mpv - gimp - krita - inkscape - obs-studio - nomacs - audacity - picard - spicetify-cli - (kodi.withPackages (_: [])) # this is required to get python libs - ] ++ [ - yt-dlp - gallery-dl - imagemagick - pngquant - ffmpeg - gifski - ]; + home.packages = with pkgs; + optionals config.nixfiles.meta.graphical [ + mpv + gimp + krita + inkscape + obs-studio + nomacs + audacity + picard + spicetify-cli + (kodi.withPackages (_: [])) # this is required to get python libs + ] + ++ [ + yt-dlp + gallery-dl + imagemagick + pngquant + ffmpeg + gifski + ]; xdg.mimeApps.defaultApplications = lib.mkMerge [ # project files (mkOverrideEach 100 { - "image/x-xcf" = [ "gimp.desktop" ]; - "image/x-compressed-xcf" = [ "gimp.desktop" ]; - "image/x-krita" = [ "krita.desktop" ]; - "application/x-audacity-project" = [ "audacity.desktop" ]; - "application/x-audacity-project+sqlite3" = [ "audacity.desktop" ]; - "image/svg+xml" = [ "org.inkscape.Inkscape.desktop" ]; - "image/svg+xml-compressed" = [ "org.inkscape.Inkscape.desktop" ]; + "image/x-xcf" = ["gimp.desktop"]; + "image/x-compressed-xcf" = ["gimp.desktop"]; + "image/x-krita" = ["krita.desktop"]; + "application/x-audacity-project" = ["audacity.desktop"]; + "application/x-audacity-project+sqlite3" = ["audacity.desktop"]; + "image/svg+xml" = ["org.inkscape.Inkscape.desktop"]; + "image/svg+xml-compressed" = ["org.inkscape.Inkscape.desktop"]; }) # general files - (with pkgs; mkOverrideEach 150 (config.lib.xdg.mimeAssociations [ nomacs mpv ])) + (with pkgs; mkOverrideEach 150 (config.lib.xdg.mimeAssociations [nomacs mpv])) # rest of the files - (with pkgs; mkOverrideEach 200 (config.lib.xdg.mimeAssociations [ inkscape gimp audacity ])) + (with pkgs; mkOverrideEach 200 (config.lib.xdg.mimeAssociations [inkscape gimp audacity])) ]; }; } diff --git a/home/package-sets/productivity.nix b/home/package-sets/productivity.nix index 32a1f63..e3e9dfb 100644 --- a/home/package-sets/productivity.nix +++ b/home/package-sets/productivity.nix @@ -1,33 +1,38 @@ -{ pkgs, lib, config, ... }: -let +{ + pkgs, + lib, + config, + ... +}: let cfg = config.nixfiles.packageSets.productivity; inherit (lib) optionals; -in -{ +in { config = lib.mkIf cfg.enable { - home.packages = with pkgs; optionals config.nixfiles.meta.graphical [ - libreoffice-fresh - obsidian - anki + home.packages = with pkgs; + optionals config.nixfiles.meta.graphical [ + libreoffice-fresh + obsidian + anki - # mapping/GIS - qgis - josm - ] ++ [ - pandoc - ]; + # mapping/GIS + qgis + josm + ] + ++ [ + pandoc + ]; xdg.desktopEntries.obsidian = lib.mkIf config.nixfiles.meta.graphical { - categories = [ "Office" ]; - comment = "Knowledge base"; - exec = let - extraFlags = with lib.strings; - optionalString config.nixfiles.workarounds.nvidiaPrimary " --disable-gpu"; - in "env NIXOS_OZONE_WL=1 obsidian${extraFlags} %u"; - icon = "obsidian"; - mimeType = [ "x-scheme-handler/obsidian" ]; - name = "Obsidian"; - type = "Application"; + categories = ["Office"]; + comment = "Knowledge base"; + exec = let + extraFlags = with lib.strings; + optionalString config.nixfiles.workarounds.nvidiaPrimary " --disable-gpu"; + in "env NIXOS_OZONE_WL=1 obsidian${extraFlags} %u"; + icon = "obsidian"; + mimeType = ["x-scheme-handler/obsidian"]; + name = "Obsidian"; + type = "Application"; }; }; diff --git a/home/profile/base.nix b/home/profile/base.nix index 7ecc515..86e6b98 100644 --- a/home/profile/base.nix +++ b/home/profile/base.nix @@ -1,8 +1,12 @@ -{ lib, pkgs, config, osConfig ? { }, ... }: -let - cfg = config.nixfiles.profile.base; -in { + lib, + pkgs, + config, + osConfig ? {}, + ... +}: let + cfg = config.nixfiles.profile.base; +in { # imports = [ # ./comma.nix # ]; @@ -31,7 +35,8 @@ in "${config.home.profileDirectory}/share/terminfo" "/usr/share/terminfo" ]; - in builtins.concatStringsSep ":" terminfo-dirs; + in + builtins.concatStringsSep ":" terminfo-dirs; }) ]; @@ -47,8 +52,9 @@ in # presense of ~/.gitconfig. git will read from both files, and `git config` # will not write to ~/.gitconfig when the managed config exists unless # ~/.gitconfig also exists - home.activation.git-create-gitconfig = lib.mkIf config.programs.git.enable - (lib.hm.dag.entryAfter [ "writeBoundary" ] '' + home.activation.git-create-gitconfig = + lib.mkIf config.programs.git.enable + (lib.hm.dag.entryAfter ["writeBoundary"] '' _nixfiles_git_create_gitconfig () { if ! [[ -a "$HOME/.gitconfig" ]] ; then touch "$HOME/.gitconfig" @@ -64,16 +70,18 @@ in # defaultTerminal = # if config.programs.kitty.enable then "kitty" # else null; - in { enable = lib.mkDefault true; - settings = lib.mkMerge [{ - use_preview_script = lib.mkDefault true; - preview_files = lib.mkDefault true; - } (lib.mkIf (!(isNull defaultTerminal)) { - preview_images = lib.mkDefault true; - preview_images_method = lib.mkDefault defaultTerminal; - })]; + settings = lib.mkMerge [ + { + use_preview_script = lib.mkDefault true; + preview_files = lib.mkDefault true; + } + (lib.mkIf (!(isNull defaultTerminal)) { + preview_images = lib.mkDefault true; + preview_images_method = lib.mkDefault defaultTerminal; + }) + ]; }; programs.keychain = { @@ -83,7 +91,8 @@ in extraFlags = [ "--quiet" "--systemd" - "--inherit" "any-once" + "--inherit" + "any-once" "--noask" ]; }; @@ -100,77 +109,79 @@ in neofetch-hyfetch-shim = writeShellScriptBin "neofetch" '' exec "${pkgs.hyfetch}/bin/neowofetch" "$@" ''; - in [ - # nix stuff - nvd - nix-tree - nh - nix-output-monitor - attic-client - nix-fast-build + in + [ + # nix stuff + nvd + nix-tree + nh + nix-output-monitor + attic-client + nix-fast-build - git - git-lfs - stow - curl + git + git-lfs + stow + curl - # shell - ripgrep - fd - bat - moreutils - grc - fzf - pv - jq - lsof - xxd - shellcheck + # shell + ripgrep + fd + bat + moreutils + grc + fzf + pv + jq + lsof + xxd + shellcheck - # for icat on all systems - kitty.kitten + # for icat on all systems + kitty.kitten - # pretty - hyfetch - neofetch-hyfetch-shim - fastfetch + # pretty + hyfetch + neofetch-hyfetch-shim + fastfetch - # files - restic - rclone - rmlint - ncdu + # files + restic + rclone + rmlint + ncdu - # compression - atool-wrapped - lzip - plzip - lzop - xz - zip - unzip - arj - rpm - cpio - p7zip + # compression + atool-wrapped + lzip + plzip + lzop + xz + zip + unzip + arj + rpm + cpio + p7zip - # other utilities - tmux - tmuxp - openssh - autossh - mosh - btop - htop - zoxide - asciinema - mtr - ] ++ builtins.map (x: lib.hiPrio x) [ - # terminfo (just the ones i'm likely to use) - kitty.terminfo - alacritty.terminfo - termite.terminfo - tmux.terminfo - ]; + # other utilities + tmux + tmuxp + openssh + autossh + mosh + btop + htop + zoxide + asciinema + mtr + ] + ++ builtins.map (x: lib.hiPrio x) [ + # terminfo (just the ones i'm likely to use) + kitty.terminfo + alacritty.terminfo + termite.terminfo + tmux.terminfo + ]; }; } diff --git a/home/profile/default.nix b/home/profile/default.nix index 5cd0b18..fd26a8a 100644 --- a/home/profile/default.nix +++ b/home/profile/default.nix @@ -1,5 +1,4 @@ -{...}: -{ +{...}: { imports = [ ./base.nix ./pc.nix diff --git a/home/profile/pc.nix b/home/profile/pc.nix index 72676b2..57c63a9 100644 --- a/home/profile/pc.nix +++ b/home/profile/pc.nix @@ -1,9 +1,13 @@ -{ pkgs, config, osConfig ? {}, lib, ...}: -let +{ + pkgs, + config, + osConfig ? {}, + lib, + ... +}: let cfg = config.nixfiles.profile.pc; default = osConfig ? nixfiles && osConfig.nixfiles.profile.pc.enable; -in -{ +in { options.nixfiles.profile.pc.enable = lib.mkOption { description = "Whether to enable the personal computer profile"; type = lib.types.bool; diff --git a/home/programs/comma.nix b/home/programs/comma.nix index ca53b0e..a835db0 100644 --- a/home/programs/comma.nix +++ b/home/programs/comma.nix @@ -1,8 +1,12 @@ -{ lib, pkgs, config, inputs, ... } @args: -let - cfg = config.nixfiles.programs.comma; -in { + lib, + pkgs, + config, + inputs, + ... +} @ args: let + cfg = config.nixfiles.programs.comma; +in { imports = [ inputs.nix-index-database.hmModules.nix-index ]; @@ -13,8 +17,9 @@ in config = { programs.nix-index.symlinkToCacheHome = lib.mkDefault cfg.enable; - home.packages = with pkgs; lib.optionals cfg.enable [ - comma - ]; + home.packages = with pkgs; + lib.optionals cfg.enable [ + comma + ]; }; } diff --git a/home/programs/default.nix b/home/programs/default.nix index a666dff..b4448e7 100644 --- a/home/programs/default.nix +++ b/home/programs/default.nix @@ -1,5 +1,4 @@ -{...}: -{ +{...}: { imports = [ ./comma.nix ./mopidy.nix diff --git a/home/programs/dunst.nix b/home/programs/dunst.nix index 1629287..c583a58 100644 --- a/home/programs/dunst.nix +++ b/home/programs/dunst.nix @@ -1,5 +1,9 @@ -{ config, lib, pkgs, ... }: -let +{ + config, + lib, + pkgs, + ... +}: let cfg = config.nixfiles.programs.dunst; mkd = lib.mkDefault; in { diff --git a/home/programs/hypridle.nix b/home/programs/hypridle.nix index 06fab83..6d55b36 100644 --- a/home/programs/hypridle.nix +++ b/home/programs/hypridle.nix @@ -1,21 +1,25 @@ -{ pkgs, config, lib, ... }: -let +{ + pkgs, + config, + lib, + ... +}: let cfg = config.nixfiles.services.hypridle; inherit (lib.types) str int; -in -{ +in { options.nixfiles.services.hypridle = { enable = lib.mkEnableOption "the hypridle configuration"; timeouts = let - mkTimeout = timeout: desc: lib.mkOption { - description = "${desc}"; - type = int; - default = timeout; - }; + mkTimeout = timeout: desc: + lib.mkOption { + description = "${desc}"; + type = int; + default = timeout; + }; in { - dpms = mkTimeout (300) "DPMS timeout"; - lock = mkTimeout (360) "Lock timeout"; - locked-dpms = mkTimeout (10) "DPMS timeout while locked"; + dpms = mkTimeout 300 "DPMS timeout"; + lock = mkTimeout 360 "Lock timeout"; + locked-dpms = mkTimeout 10 "DPMS timeout while locked"; }; commands = { dpms-off = lib.mkOption { @@ -57,7 +61,6 @@ in lock-dpms = pkgs.writeShellScript "lock-dpms" '' ${pkgs.procps}/bin/pgrep -x swaylock > /dev/null && "${dpms-wrapped}" ''; - in [ { timeout = cfg.timeouts.dpms; diff --git a/home/programs/mopidy.nix b/home/programs/mopidy.nix index 9a97b39..05d0e64 100644 --- a/home/programs/mopidy.nix +++ b/home/programs/mopidy.nix @@ -1,8 +1,13 @@ -{ lib, pkgs, config, outputs, osConfig ? {}, ... }: -let - cfg = config.nixfiles.programs.mopidy; -in { + lib, + pkgs, + config, + outputs, + osConfig ? {}, + ... +}: let + cfg = config.nixfiles.programs.mopidy; +in { options.nixfiles.programs.mopidy = { enable = lib.mkEnableOption "mopidy configuration"; }; @@ -38,7 +43,7 @@ in ]; }; home.packages = with pkgs; [ - (ncmpcpp.override { visualizerSupport = true; }) + (ncmpcpp.override {visualizerSupport = true;}) ]; }; } diff --git a/home/programs/neovim.nix b/home/programs/neovim.nix index 6429a9f..a5f78d8 100644 --- a/home/programs/neovim.nix +++ b/home/programs/neovim.nix @@ -1,8 +1,11 @@ -{ config, lib, pkgs, ... }: -let - cfg = config.nixfiles.programs.neovim; -in { + config, + lib, + pkgs, + ... +}: let + cfg = config.nixfiles.programs.neovim; +in { options.nixfiles.programs.neovim.enable = lib.mkEnableOption "the Neovim configuration"; config = lib.mkIf cfg.enable { programs.neovim = { diff --git a/home/root.nix b/home/root.nix index aee753e..99cf87c 100644 --- a/home/root.nix +++ b/home/root.nix @@ -1,8 +1,12 @@ # Configuration for root user. # TODO this file is sorta an exception to my repo organization, it should # probably be somewhere else. -{ config, lib, pkgs, ... }@args: -{ +{ + config, + lib, + pkgs, + ... +} @ args: { imports = [ ./. ]; diff --git a/home/sessions/default.nix b/home/sessions/default.nix index 38f1999..ecbde3e 100644 --- a/home/sessions/default.nix +++ b/home/sessions/default.nix @@ -1,5 +1,4 @@ -{...}: -{ +{...}: { imports = [ ./hyprland ./plasma.nix diff --git a/home/sessions/hyprland/default.nix b/home/sessions/hyprland/default.nix index 92eefe1..8f8817c 100644 --- a/home/sessions/hyprland/default.nix +++ b/home/sessions/hyprland/default.nix @@ -1,5 +1,12 @@ -{ lib, pkgs, config, osConfig ? {}, outputs, inputs, ... }@args: -let +{ + lib, + pkgs, + config, + osConfig ? {}, + outputs, + inputs, + ... +} @ args: let cfg = config.nixfiles.sessions.hyprland; mkd = lib.mkDefault; hyprland-pkg = config.wayland.windowManager.hyprland.finalPackage; @@ -24,13 +31,15 @@ let lock-cmd = "${swaylock}"; mkKittyHdrop = name: command: let - class = if builtins.isNull (builtins.match "[[:alnum:]_]+" name) then throw "mkKittyHdrop: window name should be an alphanumeric string" else "kitty-${name}"; + class = + if builtins.isNull (builtins.match "[[:alnum:]_]+" name) + then throw "mkKittyHdrop: window name should be an alphanumeric string" + else "kitty-${name}"; wrappedCommand = pkgs.writeShellScript "hdrop-${name}" '' exec bash -c ${lib.escapeShellArg command} ''; in "hdrop -f -c ${class} 'kitty --class=${class} ${wrappedCommand}'"; - # lock-cmd = let # cmd = pkgs.writeShellScript "lock-script" '' # ${swayidle} -w timeout 10 '${hyprctl} dispatch dpms off' resume '${hyprctl} dispatch dpms on' & @@ -48,7 +57,7 @@ let resume 'hyprctl dispatch dpms on' ''; - hypr-dispatcher-package = pkgs.callPackage ./dispatcher { hyprland = hyprland-pkg; }; + hypr-dispatcher-package = pkgs.callPackage ./dispatcher {hyprland = hyprland-pkg;}; hypr-dispatcher = "${hypr-dispatcher-package}/bin/hypr-dispatcher"; wallpaper-package = "${pkgs.nixfiles-assets}"; @@ -56,7 +65,8 @@ let wallpaper-cmd = "${swaybg} -i ${wallpaper-package}/share/wallpapers/${wallpaper}"; # https://github.com/flatpak/xdg-desktop-portal-gtk/issues/440#issuecomment-1900520919 - xdpg-workaround = pkgs.writeShellScript "xdg-desktop-portal-gtk-workaround" + xdpg-workaround = + pkgs.writeShellScript "xdg-desktop-portal-gtk-workaround" '' ${pkgs.coreutils}/bin/sleep 3 ${pkgs.systemd}/bin/systemctl --user import-environment PATH @@ -65,19 +75,20 @@ let bar-cmd = "${pkgs.waybar}/bin/waybar"; # Hyprland workspace configuration - mainWorkspaces = builtins.genList (x: x+1) (9 ++ [0]); + mainWorkspaces = builtins.genList (x: x + 1) (9 ++ [0]); workspaceName = key: let inherit (builtins) hasAttr; keyNames = { "0" = "10"; }; in - if hasAttr key keyNames then keyNames."${key}" else key; + if hasAttr key keyNames + then keyNames."${key}" + else key; inherit (outputs.packages.${pkgs.system}) wm-helpers; keysetting = "${wm-helpers}/bin/keysetting"; -in -{ +in { # FIXME this is temporary just to get it working, need to make wm-common an # option first # imports = [ @@ -88,7 +99,10 @@ in enable = lib.mkOption { description = "Whether to enable hyprland."; type = lib.types.bool; - default = if (builtins.hasAttr "home-manager" osConfig) then osConfig.nixfiles.sessions.hyprland.enable else false; + default = + if (builtins.hasAttr "home-manager" osConfig) + then osConfig.nixfiles.sessions.hyprland.enable + else false; example = true; }; @@ -133,7 +147,6 @@ in enable = true; package = lib.mkIf (osConfig ? programs) (lib.mkDefault osConfig.programs.hyprland.package); settings = { - # enable debug logging debug.disable_logs = mkd false; @@ -150,15 +163,17 @@ in exec-once = let wrapScope = cmd: "systemd-run --user --scope -- ${cmd}"; - in (lib.optional cfg.autolock lock-cmd) ++ (map wrapScope config.nixfiles.common.wm.autostart) ++ - [ - wallpaper-cmd - notifydaemon - polkit-agent - idle-cmd - xdpg-workaround - bar-cmd - ]; + in + (lib.optional cfg.autolock lock-cmd) + ++ (map wrapScope config.nixfiles.common.wm.autostart) + ++ [ + wallpaper-cmd + notifydaemon + polkit-agent + idle-cmd + xdpg-workaround + bar-cmd + ]; # Source a file (multi-file configs) # source = ~/.config/hypr/myColors.conf @@ -166,14 +181,13 @@ in # Some default env vars. # env = mkd "XCURSOR_SIZE,24"; - # For all categories, see https://wiki.hyprland.org/Configuring/Variables/ input = { kb_layout = mkd "us"; - # kb_variant = - # kb_model = - # kb_options = - # kb_rules = + # kb_variant = + # kb_model = + # kb_options = + # kb_rules = kb_options = [ "compose:ralt" ]; @@ -240,18 +254,18 @@ in }; master = { - # See https://wiki.hyprland.org/Configuring/Master-Layout/ for more - # new_is_master = mkd "true"; + # See https://wiki.hyprland.org/Configuring/Master-Layout/ for more + # new_is_master = mkd "true"; }; gestures = { - # See https://wiki.hyprland.org/Configuring/Variables/ for more - workspace_swipe = mkd "false"; + # See https://wiki.hyprland.org/Configuring/Variables/ for more + workspace_swipe = mkd "false"; }; misc = { - # See https://wiki.hyprland.org/Configuring/Variables/ for more - force_default_wallpaper = mkd 0; # Set to 0 to disable the anime mascot wallpapers + # See https://wiki.hyprland.org/Configuring/Variables/ for more + force_default_wallpaper = mkd 0; # Set to 0 to disable the anime mascot wallpapers }; "$mod" = mkd "SUPER"; @@ -263,95 +277,98 @@ in # See https://wiki.hyprland.org/Configuring/Window-Rules/ for more # Example binds, see https://wiki.hyprland.org/Configuring/Binds/ for more - bind = [ - "$mod, Q, exec, ${terminal}" - "$mod, Return, exec, ${terminal}" - "$mod, C, killactive, " - "$mod, M, exit, " - "$mod, E, exec, ${files}" - "$mod, V, togglefloating, " - # run rofi in scope to help oomd not kill everything - "$mod, R, exec, systemd-run --user --scope -- ${rofi} -show drun" - "$mod, P, pseudo," # dwindle" - "$mod, O, togglesplit," # dwindle" + bind = + [ + "$mod, Q, exec, ${terminal}" + "$mod, Return, exec, ${terminal}" + "$mod, C, killactive, " + "$mod, M, exit, " + "$mod, E, exec, ${files}" + "$mod, V, togglefloating, " + # run rofi in scope to help oomd not kill everything + "$mod, R, exec, systemd-run --user --scope -- ${rofi} -show drun" + "$mod, P, pseudo," # dwindle" + "$mod, O, togglesplit," # dwindle" - "$mod, f, fullscreen" - "$mod SHIFT, f, fullscreenstate, -1 2" - "$mod CTRL, f, fullscreen, 1" + "$mod, f, fullscreen" + "$mod SHIFT, f, fullscreenstate, -1 2" + "$mod CTRL, f, fullscreen, 1" - # Move focus with mod + arrow keys - "$mod, left, movefocus, l" - "$mod, right, movefocus, r" - "$mod, up, movefocus, u" - "$mod, down, movefocus, d" + # Move focus with mod + arrow keys + "$mod, left, movefocus, l" + "$mod, right, movefocus, r" + "$mod, up, movefocus, u" + "$mod, down, movefocus, d" - "$mod, h, movefocus, l" - "$mod, j, movefocus, d" - "$mod, k, movefocus, u" - "$mod, l, movefocus, r" + "$mod, h, movefocus, l" + "$mod, j, movefocus, d" + "$mod, k, movefocus, u" + "$mod, l, movefocus, r" - "$mod SHIFT, h, swapwindow, l" - "$mod SHIFT, j, swapwindow, d" - "$mod SHIFT, k, swapwindow, u" - "$mod SHIFT, l, swapwindow, r" + "$mod SHIFT, h, swapwindow, l" + "$mod SHIFT, j, swapwindow, d" + "$mod SHIFT, k, swapwindow, u" + "$mod SHIFT, l, swapwindow, r" - # Switch workspaces with mod + [0-9] - "$mod, 1, workspace, 1" - "$mod, 2, workspace, 2" - "$mod, 3, workspace, 3" - "$mod, 4, workspace, 4" - "$mod, 5, workspace, 5" - "$mod, 6, workspace, 6" - "$mod, 7, workspace, 7" - "$mod, 8, workspace, 8" - "$mod, 9, workspace, 9" - "$mod, 0, workspace, 10" - #] ++ map () [] ++ TODO reconfigure these with workspace helper function - #[ - # Move active window to a workspace with mod + SHIFT + [0-9] - "$mod SHIFT, 1, movetoworkspace, 1" - "$mod SHIFT, 2, movetoworkspace, 2" - "$mod SHIFT, 3, movetoworkspace, 3" - "$mod SHIFT, 4, movetoworkspace, 4" - "$mod SHIFT, 5, movetoworkspace, 5" - "$mod SHIFT, 6, movetoworkspace, 6" - "$mod SHIFT, 7, movetoworkspace, 7" - "$mod SHIFT, 8, movetoworkspace, 8" - "$mod SHIFT, 9, movetoworkspace, 9" - "$mod SHIFT, 0, movetoworkspace, 10" + # Switch workspaces with mod + [0-9] + "$mod, 1, workspace, 1" + "$mod, 2, workspace, 2" + "$mod, 3, workspace, 3" + "$mod, 4, workspace, 4" + "$mod, 5, workspace, 5" + "$mod, 6, workspace, 6" + "$mod, 7, workspace, 7" + "$mod, 8, workspace, 8" + "$mod, 9, workspace, 9" + "$mod, 0, workspace, 10" + #] ++ map () [] ++ TODO reconfigure these with workspace helper function + #[ + # Move active window to a workspace with mod + SHIFT + [0-9] + "$mod SHIFT, 1, movetoworkspace, 1" + "$mod SHIFT, 2, movetoworkspace, 2" + "$mod SHIFT, 3, movetoworkspace, 3" + "$mod SHIFT, 4, movetoworkspace, 4" + "$mod SHIFT, 5, movetoworkspace, 5" + "$mod SHIFT, 6, movetoworkspace, 6" + "$mod SHIFT, 7, movetoworkspace, 7" + "$mod SHIFT, 8, movetoworkspace, 8" + "$mod SHIFT, 9, movetoworkspace, 9" + "$mod SHIFT, 0, movetoworkspace, 10" - # TODO find a different keybind for this because damn you muscle memory - # # Example special workspace (scratchpad) - # "$mod, S, togglespecialworkspace, magic" - # "$mod SHIFT, S, movetoworkspace, special:magic" - "$mod SHIFT, S, exec, ${grimblast} copy area" - "$mod CONTROL SHIFT, S, exec, ${grimblast} copy output" - ",Print, exec, ${grimblast} copy output" + # TODO find a different keybind for this because damn you muscle memory + # # Example special workspace (scratchpad) + # "$mod, S, togglespecialworkspace, magic" + # "$mod SHIFT, S, movetoworkspace, special:magic" + "$mod SHIFT, S, exec, ${grimblast} copy area" + "$mod CONTROL SHIFT, S, exec, ${grimblast} copy output" + ",Print, exec, ${grimblast} copy output" - # lock screen - "$mod SHIFT, x, exec, ${lock-cmd}" + # lock screen + "$mod SHIFT, x, exec, ${lock-cmd}" - # volume mixer - "$mod CTRL, v, exec, ${mkKittyHdrop "pulsemixer" "pulsemixer"}" + # volume mixer + "$mod CTRL, v, exec, ${mkKittyHdrop "pulsemixer" "pulsemixer"}" - # Scroll through existing workspaces with mod + scroll - "$mod, mouse_down, workspace, e+1" - "$mod, mouse_up, workspace, e-1" + # Scroll through existing workspaces with mod + scroll + "$mod, mouse_down, workspace, e+1" + "$mod, mouse_up, workspace, e-1" - # show this file (help) - # ("$mod, slash, exec, ${terminal} -e ${pkgs.neovim}/bin/nvim '+set nomodifiable' '+noremap q :q' " - # + lib.escapeShellArg (args.vars.self.outPath + "/home/sessions/hyprland/default.nix")) + # show this file (help) + # ("$mod, slash, exec, ${terminal} -e ${pkgs.neovim}/bin/nvim '+set nomodifiable' '+noremap q :q' " + # + lib.escapeShellArg (args.vars.self.outPath + "/home/sessions/hyprland/default.nix")) - # edit this file - ("$mod SHIFT, slash, exec, ${terminal} -e ${pkgs.neovim}/bin/nvim " - + lib.escapeShellArg (config.nixfiles.path + "/home/sessions/hyprland/default.nix")) - ] ++ lib.optional config.nixfiles.programs.mopidy.enable + # edit this file + ("$mod SHIFT, slash, exec, ${terminal} -e ${pkgs.neovim}/bin/nvim " + + lib.escapeShellArg (config.nixfiles.path + "/home/sessions/hyprland/default.nix")) + ] + ++ lib.optional config.nixfiles.programs.mopidy.enable "$mod CTRL, n, exec, ${mkKittyHdrop "ncmpcpp" "ncmpcpp"}"; # repeat, ignore mods - bindei = lib.mapAttrsToList (keysym: command: ",${keysym}, exec, ${command}") config.nixfiles.common.wm.finalKeybinds - ++ [ - ]; + bindei = + lib.mapAttrsToList (keysym: command: ",${keysym}, exec, ${command}") config.nixfiles.common.wm.finalKeybinds + ++ [ + ]; bindm = [ # Move/resize windows with mod + LMB/RMB and dragging diff --git a/home/sessions/hyprland/dispatcher/default.nix b/home/sessions/hyprland/dispatcher/default.nix index f3e23c3..fd07cdd 100644 --- a/home/sessions/hyprland/dispatcher/default.nix +++ b/home/sessions/hyprland/dispatcher/default.nix @@ -1,19 +1,20 @@ -{ lib, +{ + lib, stdenvNoCC, socat, coreutils, hyprland, - makeShellWrapper }: -let - wrappedPath = lib.makeBinPath [ coreutils socat hyprland ]; + makeShellWrapper, +}: let + wrappedPath = lib.makeBinPath [coreutils socat hyprland]; in -stdenvNoCC.mkDerivation { - name = "hyprland-dispatcher"; - phases = [ "installPhase" ]; - nativeBuildInputs = [ makeShellWrapper ]; - src = ./.; - installPhase = '' - install -Dm555 $src/dispatcher.sh $out/bin/hypr-dispatcher - wrapProgramShell $out/bin/hypr-dispatcher --prefix PATH : "${wrappedPath}" - ''; -} + stdenvNoCC.mkDerivation { + name = "hyprland-dispatcher"; + phases = ["installPhase"]; + nativeBuildInputs = [makeShellWrapper]; + src = ./.; + installPhase = '' + install -Dm555 $src/dispatcher.sh $out/bin/hypr-dispatcher + wrapProgramShell $out/bin/hypr-dispatcher --prefix PATH : "${wrappedPath}" + ''; + } diff --git a/home/sessions/plasma.nix b/home/sessions/plasma.nix index 2ee1877..a727549 100644 --- a/home/sessions/plasma.nix +++ b/home/sessions/plasma.nix @@ -1,9 +1,13 @@ -{ pkgs, config, lib, osConfig ? {}, ... }: -let +{ + pkgs, + config, + lib, + osConfig ? {}, + ... +}: let inherit (lib) mkOption mkEnableOption; cfg = config.nixfiles.sessions.plasma; -in -{ +in { options.nixfiles.sessions.plasma = { enable = lib.mkOption { description = "Whether to enable the Plasma session home configuration."; @@ -13,12 +17,12 @@ in }; }; config = lib.mkIf cfg.enable { - # TODO make this a generic implementation home.packages = let - startupScript = pkgs.writeShellScript "autostart-script" + startupScript = + pkgs.writeShellScript "autostart-script" (lib.concatStringsSep "\n" - (builtins.map (x: "sh -c ${lib.escapeShellArg x} &") config.nixfiles.common.wm.autostart)); + (builtins.map (x: "sh -c ${lib.escapeShellArg x} &") config.nixfiles.common.wm.autostart)); name = "home-manager-autostart"; desktopFilePkg = pkgs.makeDesktopItem { @@ -30,6 +34,6 @@ in mkdir -p $out/etc/xdg/autostart ln -s "${desktopFilePkg}/share/applications/${name}.desktop" "$out/etc/xdg/autostart/" ''; - in [ autostartPkg ]; + in [autostartPkg]; }; } diff --git a/home/standalone.nix b/home/standalone.nix index 0404ea4..1af2a8d 100644 --- a/home/standalone.nix +++ b/home/standalone.nix @@ -1,7 +1,12 @@ # Home Manager default nixfiles entrypoint. This serves as an alternative to # default.nix, which sets up some more appropriate options for home-manager -{ inputs, pkgs, config, lib, ... }: { + inputs, + pkgs, + config, + lib, + ... +}: { imports = [ ./. inputs.stylix.homeManagerModules.stylix diff --git a/home/stylix.nix b/home/stylix.nix index 6801f59..668e094 100644 --- a/home/stylix.nix +++ b/home/stylix.nix @@ -1,6 +1,11 @@ -{ pkgs, lib, config, inputs, ... }@args: { - imports = [ ]; + pkgs, + lib, + config, + inputs, + ... +} @ args: { + imports = []; config = { stylix = lib.mkMerge [ { diff --git a/hosts/nixos-wsl/configuration.nix b/hosts/nixos-wsl/configuration.nix index 228e40f..9520473 100644 --- a/hosts/nixos-wsl/configuration.nix +++ b/hosts/nixos-wsl/configuration.nix @@ -1,5 +1,10 @@ -{ pkgs, config, lib, vars, ... }: { + pkgs, + config, + lib, + vars, + ... +}: { config = { networking.hostName = "nixos-wsl"; @@ -26,7 +31,7 @@ RemainAfterExit = true; }; description = "WSL startup workaround"; - wantedBy = [ "default.target" ]; + wantedBy = ["default.target"]; }; }; @@ -42,10 +47,9 @@ noto-fonts-cjk-sans ]; - fileSystems."/mnt/wsl/instances/NixOS" = { device = "/"; - options = [ "bind" ]; + options = ["bind"]; }; # standard disclaimer don't change this for any reason whatsoever diff --git a/hosts/nixos-wsl/home.nix b/hosts/nixos-wsl/home.nix index 0a13f33..10141ca 100644 --- a/hosts/nixos-wsl/home.nix +++ b/hosts/nixos-wsl/home.nix @@ -1,7 +1,12 @@ -{ pkgs, lib, config, osConfig ? {}, ... }: { + pkgs, + lib, + config, + osConfig ? {}, + ... +}: { config = { - nixfiles = { + nixfiles = { profile.base.enable = true; packageSets.dev.enable = true; packageSets.multimedia.enable = true; diff --git a/hosts/nullbox/backup.nix b/hosts/nullbox/backup.nix index 9000c17..d59d601 100644 --- a/hosts/nullbox/backup.nix +++ b/hosts/nullbox/backup.nix @@ -1,20 +1,22 @@ -{ config, lib, pkgs, ... }: -let +{ + config, + lib, + pkgs, + ... +}: let inherit (lib) escapeShellArg; secret = name: config.age.secrets."${name}".path; fs = config.fileSystems."/srv/mcserver"; -in -{ +in { config = { - age.secrets.restic-rclone.file = ../../secrets/restic-rclone.age; + age.secrets.restic-rclone.file = ../../secrets/restic-rclone.age; age.secrets.restic-password.file = ../../secrets/restic-password.age; systemd.services.restic-backups-system = { - path = with pkgs; [ btrfs-progs ]; + path = with pkgs; [btrfs-progs]; }; services.restic.backups.system = { - # create an atomic backup backupPrepareCommand = '' set -Eeuxo pipefail @@ -47,7 +49,6 @@ in "--tag=auto" "--group-by=host,tag" ]; - }; }; } diff --git a/hosts/nullbox/configuration.nix b/hosts/nullbox/configuration.nix index 0aec85a..7096947 100644 --- a/hosts/nullbox/configuration.nix +++ b/hosts/nullbox/configuration.nix @@ -1,51 +1,51 @@ -# vim: set ts=2 sw=2 et: +# vim: set ts=2 sw=2 et: # Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running `nixos-help`). - -{ config, lib, pkgs, inputs, ... }: - { + config, + lib, + pkgs, + inputs, + ... +}: { + imports = [ + # Include the results of the hardware scan. + ./hardware-configuration.nix + # Encryption + ./luks.nix + ./mcserver.nix - imports = - [ # Include the results of the hardware scan. - ./hardware-configuration.nix - # Encryption - ./luks.nix - ./mcserver.nix + ./impermanence.nix - ./impermanence.nix - - ./backup.nix - ]; + ./backup.nix + ]; config = { - fileSystems = lib.mkMerge [ { "/ntfs" = { fsType = "ntfs-3g"; device = "/dev/disk/by-uuid/6AC23F0FC23EDF4F"; - options = [ "auto_cache" "nofail" ]; + options = ["auto_cache" "nofail"]; }; "/.btrfsroot" = { - options = [ "subvol=/" ]; + options = ["subvol=/"]; }; } - (lib.genAttrs [ "/.btrfsroot" "/" "/home" "/nix" ] ( fs: { - options = [ "compress=zstd" ]; + (lib.genAttrs ["/.btrfsroot" "/" "/home" "/nix"] (fs: { + options = ["compress=zstd"]; })) ]; specialisation.hyprland.configuration = { - system.nixos.tags = [ "Hyprland" ]; + system.nixos.tags = ["Hyprland"]; nixfiles = { session = "hyprland"; }; }; - hardware.cpu.intel.updateMicrocode = true; services.udev.extraRules = '' @@ -62,7 +62,7 @@ workarounds.nvidiaPrimary = true; programs.greetd = { settings = { - randr = [ "--output" "HDMI-A-3" "--off" ]; + randr = ["--output" "HDMI-A-3" "--off"]; autologin = false; autologinUser = "nullbite"; autolock = false; @@ -118,7 +118,6 @@ # boot.loader.efi.canTouchEfiVariables = true; # see custom-hardware-configuration.nix - # networking.hostName = "nixos"; # Define your hostname. networking.hostName = "nullbox"; # Pick only one of the below networking options. @@ -126,8 +125,7 @@ # networking.networkmanager.enable = true; # Easiest to use and most distros use this by default. # Set your time zone. - time.timeZone = "America/New_York"; - + time.timeZone = "America/New_York"; # Copy the NixOS configuration file and link it from the resulting system # (/run/current-system/configuration.nix). This is useful in case you @@ -142,6 +140,4 @@ # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "23.11"; # Did you read the comment? }; - } - diff --git a/hosts/nullbox/hardware-configuration.nix b/hosts/nullbox/hardware-configuration.nix index bd1de02..50c0c0e 100644 --- a/hosts/nullbox/hardware-configuration.nix +++ b/hosts/nullbox/hardware-configuration.nix @@ -1,73 +1,77 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: - { - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; + config, + lib, + pkgs, + modulesPath, + ... +}: { + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; - boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "usbhid" "sd_mod" "sr_mod" ]; - boot.initrd.kernelModules = [ "dm-snapshot" ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; + boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "usb_storage" "usbhid" "sd_mod" "sr_mod"]; + boot.initrd.kernelModules = ["dm-snapshot"]; + boot.kernelModules = ["kvm-intel"]; + boot.extraModulePackages = []; - fileSystems."/" = - { device = "/dev/disk/by-uuid/e36d1ab4-d18b-434e-80b5-0efca0652eb5"; - fsType = "btrfs"; - options = [ "subvol=nixos/@root" ]; - }; + fileSystems."/" = { + device = "/dev/disk/by-uuid/e36d1ab4-d18b-434e-80b5-0efca0652eb5"; + fsType = "btrfs"; + options = ["subvol=nixos/@root"]; + }; - fileSystems."/nix" = - { device = "/dev/disk/by-uuid/e36d1ab4-d18b-434e-80b5-0efca0652eb5"; - fsType = "btrfs"; - options = [ "subvol=nixos/@nix" ]; - }; + fileSystems."/nix" = { + device = "/dev/disk/by-uuid/e36d1ab4-d18b-434e-80b5-0efca0652eb5"; + fsType = "btrfs"; + options = ["subvol=nixos/@nix"]; + }; - fileSystems."/.btrfsroot" = - { device = "/dev/disk/by-uuid/e36d1ab4-d18b-434e-80b5-0efca0652eb5"; - fsType = "btrfs"; - }; + fileSystems."/.btrfsroot" = { + device = "/dev/disk/by-uuid/e36d1ab4-d18b-434e-80b5-0efca0652eb5"; + fsType = "btrfs"; + }; - fileSystems."/home" = - { device = "/dev/disk/by-uuid/e36d1ab4-d18b-434e-80b5-0efca0652eb5"; - fsType = "btrfs"; - options = [ "subvol=@home" ]; - }; + fileSystems."/home" = { + device = "/dev/disk/by-uuid/e36d1ab4-d18b-434e-80b5-0efca0652eb5"; + fsType = "btrfs"; + options = ["subvol=@home"]; + }; - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/F4D6-20B6"; - fsType = "vfat"; - }; + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/F4D6-20B6"; + fsType = "vfat"; + }; - fileSystems."/srv/mcserver-old" = - { device = "/dev/disk/by-uuid/7204ff85-6404-4bd7-ba0d-3fb23a5cf52c"; - fsType = "btrfs"; - options = [ "subvol=@mcserver" ]; - }; + fileSystems."/srv/mcserver-old" = { + device = "/dev/disk/by-uuid/7204ff85-6404-4bd7-ba0d-3fb23a5cf52c"; + fsType = "btrfs"; + options = ["subvol=@mcserver"]; + }; - fileSystems."/srv/mcserver-old/.snapshots" = - { device = "/dev/disk/by-uuid/7204ff85-6404-4bd7-ba0d-3fb23a5cf52c"; - fsType = "btrfs"; - options = [ "subvol=snapshots/@mcserver" ]; - }; + fileSystems."/srv/mcserver-old/.snapshots" = { + device = "/dev/disk/by-uuid/7204ff85-6404-4bd7-ba0d-3fb23a5cf52c"; + fsType = "btrfs"; + options = ["subvol=snapshots/@mcserver"]; + }; - fileSystems."/srv/mcserver" = - { device = "/dev/disk/by-uuid/e36d1ab4-d18b-434e-80b5-0efca0652eb5"; - fsType = "btrfs"; - options = [ "subvol=@mcserver" ]; - }; + fileSystems."/srv/mcserver" = { + device = "/dev/disk/by-uuid/e36d1ab4-d18b-434e-80b5-0efca0652eb5"; + fsType = "btrfs"; + options = ["subvol=@mcserver"]; + }; - fileSystems."/srv/mcserver/.snapshots" = - { device = "/dev/disk/by-uuid/e36d1ab4-d18b-434e-80b5-0efca0652eb5"; - fsType = "btrfs"; - options = [ "subvol=snapshots/@mcserver" ]; - }; + fileSystems."/srv/mcserver/.snapshots" = { + device = "/dev/disk/by-uuid/e36d1ab4-d18b-434e-80b5-0efca0652eb5"; + fsType = "btrfs"; + options = ["subvol=snapshots/@mcserver"]; + }; - swapDevices = - [ { device = "/dev/disk/by-uuid/4b86cbd6-6fc5-47d4-9d44-35eec59cb785"; } - ]; + swapDevices = [ + {device = "/dev/disk/by-uuid/4b86cbd6-6fc5-47d4-9d44-35eec59cb785";} + ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's diff --git a/hosts/nullbox/home.nix b/hosts/nullbox/home.nix index dfc6ece..2d4a943 100644 --- a/hosts/nullbox/home.nix +++ b/hosts/nullbox/home.nix @@ -1,5 +1,9 @@ -{ lib, pkgs, osConfig, ... }: { + lib, + pkgs, + osConfig, + ... +}: { imports = [ ]; diff --git a/hosts/nullbox/impermanence.nix b/hosts/nullbox/impermanence.nix index 90d2f2e..169393e 100644 --- a/hosts/nullbox/impermanence.nix +++ b/hosts/nullbox/impermanence.nix @@ -1,11 +1,16 @@ -{ pkgs, config, lib, ... }: -let +{ + pkgs, + config, + lib, + ... +}: let inherit (lib) escapeShellArg; # (wip) more configurable than old one, will be used by volatile btrfs module - mkBtrfsInit = { volatileRoot ? "/volatile", - oldRoots ? "/old_roots", - volume }: - '' + mkBtrfsInit = { + volatileRoot ? "/volatile", + oldRoots ? "/old_roots", + volume, + }: '' mkdir -p /btrfs_tmp mount ${escapeShellArg volume} /btrfs_tmp -o subvol=/ @@ -34,7 +39,7 @@ in { neededForBoot = true; device = root_vol; fsType = "btrfs"; - options = [ "subvol=/nixos/@persist" ]; + options = ["subvol=/nixos/@persist"]; }; # TODO volatile btrfs module @@ -47,7 +52,7 @@ in { fileSystems."/" = lib.mkForce { device = root_vol; fsType = "btrfs"; - options = [ "subvol=/nixos/volatile" ]; + options = ["subvol=/nixos/volatile"]; }; # agenix fix @@ -74,15 +79,24 @@ in { # probably NEVER be excluded removed. "/var/lib/nixos/" # password files for user.user..hashedPasswordFile - { directory = "/etc/passfile"; mode = "0700"; } + { + directory = "/etc/passfile"; + mode = "0700"; + } # persistent non-declarative config "/etc/nixos" "/etc/ssh" - { directory = "/etc/wireguard"; mode = "0700"; } + { + directory = "/etc/wireguard"; + mode = "0700"; + } # let's keep the root home dir as well - { directory = "/root"; mode = "0700"; } + { + directory = "/root"; + mode = "0700"; + } # system state "/etc/NetworkManager/system-connections" @@ -93,14 +107,29 @@ in { "/var/lib/power-profiles-daemon" "/var/lib/systemd/rfkill" "/var/lib/systemd/timesync" - { directory = "/var/lib/tailscale"; mode = "0700"; } + { + directory = "/var/lib/tailscale"; + mode = "0700"; + } "/var/lib/unbound" "/var/db/sudo/lectured" # remember login stuff - { directory = "/var/cache/tuigreet"; user = "greeter"; group = "greeter"; } - { directory = "/var/cache/regreet"; user = "greeter"; group = "greeter"; } - { directory = "/var/lib/regreet"; user = "greeter"; group = "greeter"; } + { + directory = "/var/cache/tuigreet"; + user = "greeter"; + group = "greeter"; + } + { + directory = "/var/cache/regreet"; + user = "greeter"; + group = "greeter"; + } + { + directory = "/var/lib/regreet"; + user = "greeter"; + group = "greeter"; + } ]; files = [ diff --git a/hosts/nullbox/luks.nix b/hosts/nullbox/luks.nix index 796bf07..4bb0490 100644 --- a/hosts/nullbox/luks.nix +++ b/hosts/nullbox/luks.nix @@ -1,8 +1,11 @@ -{ pkgs, config, lib, ... }: -let - usb = "903D-DF5B"; -in { + pkgs, + config, + lib, + ... +}: let + usb = "903D-DF5B"; +in { config = { # cryptsetup boot.initrd.kernelModules = ["uas" "usbcore" "usb_storage"]; @@ -16,7 +19,7 @@ in mount -n -t vfat -o ro `findfs UUID=${usb}` /key ''; - device="/dev/disk/by-uuid/85b5f22e-0fa5-4f0d-8fba-f800a0b41671"; + device = "/dev/disk/by-uuid/85b5f22e-0fa5-4f0d-8fba-f800a0b41671"; keyFile = "/key/image.png"; # yes it's literally an image file. bite me allowDiscards = true; fallbackToPassword = true; diff --git a/hosts/nullbox/mcserver.nix b/hosts/nullbox/mcserver.nix index 77b64ab..25e7cfc 100644 --- a/hosts/nullbox/mcserver.nix +++ b/hosts/nullbox/mcserver.nix @@ -1,18 +1,21 @@ -{ pkgs, lib, config, ... }: -let - cfg = config.services.minecraft-servers; -in { + pkgs, + lib, + config, + ... +}: let + cfg = config.services.minecraft-servers; +in { config = { fileSystems = { - "/srv/mcserver".options = [ "compress=zstd" "nofail" ]; - "/srv/mcserver/.snapshots".options = [ "compress=zstd" "nofail" ]; + "/srv/mcserver".options = ["compress=zstd" "nofail"]; + "/srv/mcserver/.snapshots".options = ["compress=zstd" "nofail"]; }; - networking.firewall.trustedInterfaces = [ "wg0" ]; + networking.firewall.trustedInterfaces = ["wg0"]; users = { users = { - nullbite.extraGroups = [ "minecraft" ]; + nullbite.extraGroups = ["minecraft"]; }; }; @@ -45,18 +48,19 @@ in nulllite-staging = let commit = "b8c639a"; packHash = "sha256-HTDVIkcBf0DyLbSCuU08/HnEQuesi3cmXXhB4y4lyko="; - in pkgs.fetchPackwizModpack { - url = "https://gitea.protogen.io/nullbite/nulllite/raw/commit/${commit}/pack.toml"; - inherit packHash; - }; + in + pkgs.fetchPackwizModpack { + url = "https://gitea.protogen.io/nullbite/nulllite/raw/commit/${commit}/pack.toml"; + inherit packHash; + }; in { nulllite-staging = { useRecommendedDefaults = true; enable = true; autoStart = false; modpack = nulllite-staging; - modpackSymlinks = [ "mods" ]; - modpackFiles = [ "config/" ]; + modpackSymlinks = ["mods"]; + modpackFiles = ["config/"]; serverProperties.server-port = 25574; serverProperties.motd = "staging server"; }; @@ -65,8 +69,8 @@ in enable = true; autoStart = true; modpack = pkgs.modpacks.notlite; - modpackSymlinks = [ "config/yosbr" "config/quilt-loader-overrides.json" "mods" ]; - modpackFiles = [ "kubejs/" ]; + modpackSymlinks = ["config/yosbr" "config/quilt-loader-overrides.json" "mods"]; + modpackFiles = ["kubejs/"]; serverProperties = { motd = "owo what's this (nix notlite edition)"; server-port = 25567; @@ -76,11 +80,10 @@ in level-seed = "8555431723250870652"; level-type = "bclib:normal"; }; - }; minecraft-nixtest = let self = cfg.servers.minecraft-nixtest; - package = pkgs.quiltServers.quilt-1_20_1.override { loaderVersion = "0.21.0"; }; + package = pkgs.quiltServers.quilt-1_20_1.override {loaderVersion = "0.21.0";}; in { useRecommendedDefaults = true; enable = false; @@ -92,8 +95,8 @@ in NullBite = "e24e8e0e-7540-4126-b737-90043155bcd4"; Silveere = "468554f1-27cd-4ea1-9308-3dd14a9b1a12"; }; - modpackSymlinks = [ "mods" ]; - modpackFiles = [ "config/" "kubejs/" ]; + modpackSymlinks = ["mods"]; + modpackFiles = ["config/" "kubejs/"]; serverProperties = rec { motd = "owo what's this (nix edition)"; server-port = 25568; diff --git a/hosts/nullbox/unbound.nix b/hosts/nullbox/unbound.nix index 9c72450..b82a48b 100644 --- a/hosts/nullbox/unbound.nix +++ b/hosts/nullbox/unbound.nix @@ -1,5 +1,9 @@ -{ pkgs, lib, config, ... }: { + pkgs, + lib, + config, + ... +}: { config = { networking.networkmanager.dns = "none"; services.unbound.enable = true; diff --git a/hosts/rpi4/authelia.nix b/hosts/rpi4/authelia.nix index 4141e6e..4d2338b 100644 --- a/hosts/rpi4/authelia.nix +++ b/hosts/rpi4/authelia.nix @@ -3,10 +3,10 @@ lib, pkgs, ... -}: -let +}: let inherit (lib) types mkIf optionalString; - inherit (builtins) + inherit + (builtins) isNull any all @@ -20,22 +20,18 @@ let "regular" "basic" ]; - getUpstreamFromInstance = - instance: - let - inherit (config.services.authelia.instances.${instance}.settings) server; - port = server.port or 9091; - host = server.host or "127.0.0.1"; + getUpstreamFromInstance = instance: let + inherit (config.services.authelia.instances.${instance}.settings) server; + port = server.port or 9091; + host = server.host or "127.0.0.1"; - targetHost = - if host == "0.0.0.0" then - "127.0.0.1" - else if lib.hasInfix ":" host then - throw "TODO IPv6 not supported in Authelia server address (hard to parse, can't tell if it is [::])." - else - host; - in - "http://${targetHost}:${toString port}"; + targetHost = + if host == "0.0.0.0" + then "127.0.0.1" + else if lib.hasInfix ":" host + then throw "TODO IPv6 not supported in Authelia server address (hard to parse, can't tell if it is [::])." + else host; + in "http://${targetHost}:${toString port}"; # use this when reverse proxying to authelia (and only authelia because i # like the nixos recommended proxy settings better) @@ -116,212 +112,204 @@ let proxy_set_header X-Forwarded-URI $request_uri; ''; - genAuthConfig = - method: - let - snippet_regular = '' - ## Configure the redirection when the authz failure occurs. Lines starting - ## with 'Modern Method' and 'Legacy Method' should be commented / - ## uncommented as pairs. The modern method uses the session cookies - ## configuration's authelia_url value to determine the redirection URL here. - ## It's much simpler and compatible with the mutli-cookie domain easily. + genAuthConfig = method: let + snippet_regular = '' + ## Configure the redirection when the authz failure occurs. Lines starting + ## with 'Modern Method' and 'Legacy Method' should be commented / + ## uncommented as pairs. The modern method uses the session cookies + ## configuration's authelia_url value to determine the redirection URL here. + ## It's much simpler and compatible with the mutli-cookie domain easily. - ## Modern Method: Set the $redirection_url to the Location header of the - ## response to the Authz endpoint. - auth_request_set $redirection_url $upstream_http_location; + ## Modern Method: Set the $redirection_url to the Location header of the + ## response to the Authz endpoint. + auth_request_set $redirection_url $upstream_http_location; - ## Modern Method: When there is a 401 response code from the authz endpoint - ## redirect to the $redirection_url. - error_page 401 =302 $redirection_url; - ''; - in - '' - ## Send a subrequest to Authelia to verify if the user is authenticated and - # has permission to access the resource. - - auth_request /internal/authelia/authz${optionalString (method == "basic") "/basic"}; - - ## Save the upstream metadata response headers from Authelia to variables. - auth_request_set $user $upstream_http_remote_user; - auth_request_set $groups $upstream_http_remote_groups; - auth_request_set $name $upstream_http_remote_name; - auth_request_set $email $upstream_http_remote_email; - - ## Inject the metadata response headers from the variables into the request - ## made to the backend. - proxy_set_header Remote-User $user; - proxy_set_header Remote-Groups $groups; - proxy_set_header Remote-Name $name; - proxy_set_header Remote-Email $email; - - ${optionalString (method == "regular") snippet_regular} + ## Modern Method: When there is a 401 response code from the authz endpoint + ## redirect to the $redirection_url. + error_page 401 =302 $redirection_url; ''; - genAuthConfigPkg = - method: pkgs.writeText "authelia-authrequest-${method}.conf" (genAuthConfig method); -in -{ + in '' + ## Send a subrequest to Authelia to verify if the user is authenticated and + # has permission to access the resource. + + auth_request /internal/authelia/authz${optionalString (method == "basic") "/basic"}; + + ## Save the upstream metadata response headers from Authelia to variables. + auth_request_set $user $upstream_http_remote_user; + auth_request_set $groups $upstream_http_remote_groups; + auth_request_set $name $upstream_http_remote_name; + auth_request_set $email $upstream_http_remote_email; + + ## Inject the metadata response headers from the variables into the request + ## made to the backend. + proxy_set_header Remote-User $user; + proxy_set_header Remote-Groups $groups; + proxy_set_header Remote-Name $name; + proxy_set_header Remote-Email $email; + + ${optionalString (method == "regular") snippet_regular} + ''; + genAuthConfigPkg = method: pkgs.writeText "authelia-authrequest-${method}.conf" (genAuthConfig method); +in { # authelia - options.services.nginx = - let - mkAttrsOfSubmoduleOpt = module: lib.mkOption { type = with types; attrsOf (submodule module); }; + options.services.nginx = let + mkAttrsOfSubmoduleOpt = module: lib.mkOption {type = with types; attrsOf (submodule module);}; - # make system config accessible from submodules - systemConfig = config; + # make system config accessible from submodules + systemConfig = config; - # submodule definitions - vhostModule = - { name, config, ... }@attrs: - { - options = { - locations = mkAttrsOfSubmoduleOpt (genLocationModule attrs); - authelia = { - endpoint = { - instance = lib.mkOption { - description = '' - Local Authelia instance to act as the authentication endpoint. - This virtualHost will be configured to provide the - public-facing authentication service. - ''; - type = with types; nullOr str; - default = null; - }; - upstream = lib.mkOption { - description = '' - Internal URL of the Authelia endpoint to forward authentication - requests to. - ''; - type = with types; nullOr str; - default = null; - }; - }; - instance = lib.mkOption { - description = '' - Local Authelia instance to use. Setting this option will - automatically configure Authelia on the specified virtualHost - with the given instance of Authelia. - ''; - type = with types; nullOr str; - default = null; - }; - upstream = lib.mkOption { - description = '' - Internal URL of the Authelia endpoint to forward authorization - requests to. This should not be the public-facing authentication - endpoint URL. - ''; - type = with types; nullOr str; - default = null; - }; - method = lib.mkOption { - description = '' - Default Authelia authentication method to use for all locations - in this virtualHost. Authentication is disabled by default for - all locations if this is set to `null`. - ''; - type = with types; nullOr (enum validAuthMethods); - default = "regular"; - example = "basic"; - }; + # submodule definitions + vhostModule = { + name, + config, + ... + } @ attrs: { + options = { + locations = mkAttrsOfSubmoduleOpt (genLocationModule attrs); + authelia = { + endpoint = { + instance = lib.mkOption { + description = '' + Local Authelia instance to act as the authentication endpoint. + This virtualHost will be configured to provide the + public-facing authentication service. + ''; + type = with types; nullOr str; + default = null; + }; + upstream = lib.mkOption { + description = '' + Internal URL of the Authelia endpoint to forward authentication + requests to. + ''; + type = with types; nullOr str; + default = null; }; }; - config = { - authelia.upstream = mkIf (!(isNull config.authelia.instance)) ( - getUpstreamFromInstance config.authelia.instance - ); - authelia.endpoint.upstream = mkIf (!(isNull config.authelia.endpoint.instance)) ( - getUpstreamFromInstance config.authelia.endpoint.instance - ); - - forceSSL = lib.mkIf (!(isNull config.authelia.endpoint.upstream)) true; - - # authelia nginx internal endpoints - locations = - let - api = "${config.authelia.upstream}/api/authz/auth-request"; - in - lib.mkMerge [ - (lib.mkIf (!(isNull config.authelia.upstream)) { - # just setup both, they can't be accessed externally anyways. - "/internal/authelia/authz" = { - proxyPass = api; - recommendedProxySettings = false; - extraConfig = '' - include ${autheliaLocationConfig}; - ''; - }; - "/internal/authelia/authz/basic" = { - proxyPass = "${api}/basic"; - recommendedProxySettings = false; - extraConfig = '' - include ${autheliaBasicLocationConfig}; - ''; - }; - }) - (lib.mkIf (!(isNull config.authelia.endpoint.upstream)) { - "/" = { - extraConfig = '' - include "${autheliaProxyConfig}"; - ''; - proxyPass = "${config.authelia.endpoint.upstream}"; - recommendedProxySettings = false; - }; - "= /api/verify" = { - proxyPass = "${config.authelia.endpoint.upstream}"; - recommendedProxySettings = false; - }; - "/api/authz" = { - proxyPass = "${config.authelia.endpoint.upstream}"; - recommendedProxySettings = false; - }; - }) - ]; - }; - }; - - genLocationModule = - vhostAttrs: - { name, config, ... }: - let - vhostConfig = vhostAttrs.config; - in - { - options.authelia.method = lib.mkOption { + instance = lib.mkOption { description = '' - Authelia authentication method to use for this location. - Authentication is disabled for this location if this is set to - `null`. + Local Authelia instance to use. Setting this option will + automatically configure Authelia on the specified virtualHost + with the given instance of Authelia. + ''; + type = with types; nullOr str; + default = null; + }; + upstream = lib.mkOption { + description = '' + Internal URL of the Authelia endpoint to forward authorization + requests to. This should not be the public-facing authentication + endpoint URL. + ''; + type = with types; nullOr str; + default = null; + }; + method = lib.mkOption { + description = '' + Default Authelia authentication method to use for all locations + in this virtualHost. Authentication is disabled by default for + all locations if this is set to `null`. ''; type = with types; nullOr (enum validAuthMethods); - default = vhostConfig.authelia.method; + default = "regular"; example = "basic"; }; - config = - lib.mkIf - ( - (!(lib.strings.hasPrefix "/internal/authelia/" name)) - && (!(isNull vhostConfig.authelia.upstream)) - && (!(isNull config.authelia.method)) - ) - { + }; + }; + config = { + authelia.upstream = mkIf (!(isNull config.authelia.instance)) ( + getUpstreamFromInstance config.authelia.instance + ); + authelia.endpoint.upstream = mkIf (!(isNull config.authelia.endpoint.instance)) ( + getUpstreamFromInstance config.authelia.endpoint.instance + ); + + forceSSL = lib.mkIf (!(isNull config.authelia.endpoint.upstream)) true; + + # authelia nginx internal endpoints + locations = let + api = "${config.authelia.upstream}/api/authz/auth-request"; + in + lib.mkMerge [ + (lib.mkIf (!(isNull config.authelia.upstream)) { + # just setup both, they can't be accessed externally anyways. + "/internal/authelia/authz" = { + proxyPass = api; + recommendedProxySettings = false; extraConfig = '' - include ${genAuthConfigPkg config.authelia.method}; + include ${autheliaLocationConfig}; ''; }; - }; - - in - { - virtualHosts = mkAttrsOfSubmoduleOpt vhostModule; + "/internal/authelia/authz/basic" = { + proxyPass = "${api}/basic"; + recommendedProxySettings = false; + extraConfig = '' + include ${autheliaBasicLocationConfig}; + ''; + }; + }) + (lib.mkIf (!(isNull config.authelia.endpoint.upstream)) { + "/" = { + extraConfig = '' + include "${autheliaProxyConfig}"; + ''; + proxyPass = "${config.authelia.endpoint.upstream}"; + recommendedProxySettings = false; + }; + "= /api/verify" = { + proxyPass = "${config.authelia.endpoint.upstream}"; + recommendedProxySettings = false; + }; + "/api/authz" = { + proxyPass = "${config.authelia.endpoint.upstream}"; + recommendedProxySettings = false; + }; + }) + ]; + }; }; + genLocationModule = vhostAttrs: { + name, + config, + ... + }: let + vhostConfig = vhostAttrs.config; + in { + options.authelia.method = lib.mkOption { + description = '' + Authelia authentication method to use for this location. + Authentication is disabled for this location if this is set to + `null`. + ''; + type = with types; nullOr (enum validAuthMethods); + default = vhostConfig.authelia.method; + example = "basic"; + }; + config = + lib.mkIf + ( + (!(lib.strings.hasPrefix "/internal/authelia/" name)) + && (!(isNull vhostConfig.authelia.upstream)) + && (!(isNull config.authelia.method)) + ) + { + extraConfig = '' + include ${genAuthConfigPkg config.authelia.method}; + ''; + }; + }; + in { + virtualHosts = mkAttrsOfSubmoduleOpt vhostModule; + }; + # TODO check if any vhosts have authelia configured - config = - let - # TODO later, there are only assertions here - configured = any ( - vhost: (!(isNull vhost.authelia.upstream)) || (!(isNull vhost.authelia.endpoint.upstream)) - ) (attrValues nginx.virtualHosts); - in + config = let + # TODO later, there are only assertions here + configured = any ( + vhost: (!(isNull vhost.authelia.upstream)) || (!(isNull vhost.authelia.endpoint.upstream)) + ) (attrValues nginx.virtualHosts); + in mkIf true { assertions = [ { diff --git a/hosts/rpi4/backup.nix b/hosts/rpi4/backup.nix index 1d95779..85fa868 100644 --- a/hosts/rpi4/backup.nix +++ b/hosts/rpi4/backup.nix @@ -1,10 +1,13 @@ -{ config, lib, pkgs, ... }: -let - secret = name: config.age.secrets."${name}".path; -in { + config, + lib, + pkgs, + ... +}: let + secret = name: config.age.secrets."${name}".path; +in { config = { - age.secrets.restic-rclone.file = ../../secrets/restic-rclone.age; + age.secrets.restic-rclone.file = ../../secrets/restic-rclone.age; age.secrets.restic-password.file = ../../secrets/restic-password.age; services.restic.backups.system = { rcloneConfigFile = secret "restic-rclone"; @@ -38,7 +41,6 @@ in "--tag=auto" "--group-by=host,tag" ]; - }; }; } diff --git a/hosts/rpi4/configuration.nix b/hosts/rpi4/configuration.nix index 427b353..ef98c1b 100644 --- a/hosts/rpi4/configuration.nix +++ b/hosts/rpi4/configuration.nix @@ -1,19 +1,21 @@ # Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page, on # https://search.nixos.org/options and in the NixOS manual (`nixos-help`). - -{ config, lib, pkgs, ... }: - { - imports = - [ # Include the results of the hardware scan. - ./hardware-configuration.nix - ./services.nix + config, + lib, + pkgs, + ... +}: { + imports = [ + # Include the results of the hardware scan. + ./hardware-configuration.nix + ./services.nix - ./media-sync.nix + ./media-sync.nix - ./backup.nix - ]; + ./backup.nix + ]; fileSystems = let mounts = [ @@ -24,8 +26,9 @@ "/opt/hassio" "/opt/hassio/.snapshots" ]; - fn = (x: { options = [ "compress=zstd" "commit=300" "noatime" ];}); - in lib.genAttrs mounts fn; + fn = x: {options = ["compress=zstd" "commit=300" "noatime"];}; + in + lib.genAttrs mounts fn; # Use the extlinux boot loader. (NixOS wants to enable GRUB by default) boot.loader.grub.enable = false; @@ -64,7 +67,7 @@ "wg0" "tailscale0" ]; - networking.firewall.allowedUDPPorts = [ 51820 ]; + networking.firewall.allowedUDPPorts = [51820]; services.openssh = { enable = true; @@ -94,9 +97,6 @@ # Enable the X11 windowing system. # services.xserver.enable = true; - - - # Configure keymap in X11 # services.xserver.xkb.layout = "us"; # services.xserver.xkb.options = "eurosign:e,caps:escape"; @@ -124,11 +124,11 @@ # tree # ]; # }; - users.users.nullbite = { - isNormalUser = true; - extraGroups = [ "wheel" ]; - uid = 1000; - }; + users.users.nullbite = { + isNormalUser = true; + extraGroups = ["wheel"]; + uid = 1000; + }; # List packages installed in system profile. To search, run: # $ nix search wget @@ -182,6 +182,4 @@ # # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion . system.stateVersion = "24.11"; # Did you read the comment? - } - diff --git a/hosts/rpi4/gitea.nix b/hosts/rpi4/gitea.nix index 35229f7..2d4f9ef 100644 --- a/hosts/rpi4/gitea.nix +++ b/hosts/rpi4/gitea.nix @@ -1,8 +1,11 @@ -{ config, lib, pkgs, ... }: -let - cfg = config.services.gitea; -in { + config, + lib, + pkgs, + ... +}: let + cfg = config.services.gitea; +in { config = { services.gitea = { enable = true; @@ -32,19 +35,37 @@ in DEFAULT_THEME = "catppuccin-mocha-pink"; THEMES = let ctpAttrs = { - flavor = [ "latte" "frappe" "macchiato" "mocha" ]; - accent = [ "rosewater" "flamingo" "pink" "mauve" - "red" "maroon" "peach" "yellow" "green" "teal" - "sky" "sapphire" "blue" ]; + flavor = ["latte" "frappe" "macchiato" "mocha"]; + accent = [ + "rosewater" + "flamingo" + "pink" + "mauve" + "red" + "maroon" + "peach" + "yellow" + "green" + "teal" + "sky" + "sapphire" + "blue" + ]; }; - ctpThemes = lib.mapCartesianProduct - ( { flavor, accent }: "catppuccin-${flavor}-${accent}" ) + ctpThemes = + lib.mapCartesianProduct + ({ + flavor, + accent, + }: "catppuccin-${flavor}-${accent}") ctpAttrs; - in lib.concatStringsSep "," ([ - "gitea" - "arc-green" - "auto" - ] ++ ctpThemes); + in + lib.concatStringsSep "," ([ + "gitea" + "arc-green" + "auto" + ] + ++ ctpThemes); }; }; }; diff --git a/hosts/rpi4/hardware-configuration.nix b/hosts/rpi4/hardware-configuration.nix index cdfa0c5..0a10f01 100644 --- a/hosts/rpi4/hardware-configuration.nix +++ b/hosts/rpi4/hardware-configuration.nix @@ -1,75 +1,78 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: - { - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; + config, + lib, + pkgs, + modulesPath, + ... +}: { + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; - boot.initrd.availableKernelModules = [ "xhci_pci" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ ]; - boot.extraModulePackages = [ ]; + boot.initrd.availableKernelModules = ["xhci_pci"]; + boot.initrd.kernelModules = []; + boot.kernelModules = []; + boot.extraModulePackages = []; - fileSystems."/.btrfsroot" = - { device = "/dev/disk/by-uuid/112535b6-4318-4d26-812b-7baf0d65dae5"; - fsType = "btrfs"; - options = [ "subvol=/" ]; - }; + fileSystems."/.btrfsroot" = { + device = "/dev/disk/by-uuid/112535b6-4318-4d26-812b-7baf0d65dae5"; + fsType = "btrfs"; + options = ["subvol=/"]; + }; - fileSystems."/" = - { device = "/dev/disk/by-uuid/112535b6-4318-4d26-812b-7baf0d65dae5"; - fsType = "btrfs"; - options = [ "subvol=nixos/@" ]; - }; + fileSystems."/" = { + device = "/dev/disk/by-uuid/112535b6-4318-4d26-812b-7baf0d65dae5"; + fsType = "btrfs"; + options = ["subvol=nixos/@"]; + }; - fileSystems."/nix" = - { device = "/dev/disk/by-uuid/112535b6-4318-4d26-812b-7baf0d65dae5"; - fsType = "btrfs"; - options = [ "subvol=nixos/@nix" ]; - }; + fileSystems."/nix" = { + device = "/dev/disk/by-uuid/112535b6-4318-4d26-812b-7baf0d65dae5"; + fsType = "btrfs"; + options = ["subvol=nixos/@nix"]; + }; - fileSystems."/home" = - { device = "/dev/disk/by-uuid/112535b6-4318-4d26-812b-7baf0d65dae5"; - fsType = "btrfs"; - options = [ "subvol=@home" ]; - }; + fileSystems."/home" = { + device = "/dev/disk/by-uuid/112535b6-4318-4d26-812b-7baf0d65dae5"; + fsType = "btrfs"; + options = ["subvol=@home"]; + }; - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/18e0dfd8-78bd-478d-9df8-1c28bc0b55df"; - fsType = "ext4"; - }; + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/18e0dfd8-78bd-478d-9df8-1c28bc0b55df"; + fsType = "ext4"; + }; - fileSystems."/srv/syncthing" = - { device = "/dev/disk/by-uuid/112535b6-4318-4d26-812b-7baf0d65dae5"; - fsType = "btrfs"; - options = [ "subvol=/@syncthing" ]; - }; + fileSystems."/srv/syncthing" = { + device = "/dev/disk/by-uuid/112535b6-4318-4d26-812b-7baf0d65dae5"; + fsType = "btrfs"; + options = ["subvol=/@syncthing"]; + }; - fileSystems."/srv/media" = - { device = "/dev/disk/by-uuid/112535b6-4318-4d26-812b-7baf0d65dae5"; - fsType = "btrfs"; - options = [ "subvol=/@media" ]; - }; + fileSystems."/srv/media" = { + device = "/dev/disk/by-uuid/112535b6-4318-4d26-812b-7baf0d65dae5"; + fsType = "btrfs"; + options = ["subvol=/@media"]; + }; - fileSystems."/opt/hassio" = - { device = "/dev/disk/by-uuid/112535b6-4318-4d26-812b-7baf0d65dae5"; - fsType = "btrfs"; - options = [ "subvol=/@hassio" ]; - }; + fileSystems."/opt/hassio" = { + device = "/dev/disk/by-uuid/112535b6-4318-4d26-812b-7baf0d65dae5"; + fsType = "btrfs"; + options = ["subvol=/@hassio"]; + }; - fileSystems."/opt/hassio/.snapshots" = - { device = "/dev/disk/by-uuid/112535b6-4318-4d26-812b-7baf0d65dae5"; - fsType = "btrfs"; - options = [ "subvol=/snapshots/@hassio" ]; - }; + fileSystems."/opt/hassio/.snapshots" = { + device = "/dev/disk/by-uuid/112535b6-4318-4d26-812b-7baf0d65dae5"; + fsType = "btrfs"; + options = ["subvol=/snapshots/@hassio"]; + }; - - swapDevices = - [ { device = "/dev/disk/by-uuid/b8e046b3-28a2-47c5-b305-24be5be42eff"; } - ]; + swapDevices = [ + {device = "/dev/disk/by-uuid/b8e046b3-28a2-47c5-b305-24be5be42eff";} + ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's @@ -81,4 +84,3 @@ nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux"; } - diff --git a/hosts/rpi4/home.nix b/hosts/rpi4/home.nix index 68f23d0..ce5bb68 100644 --- a/hosts/rpi4/home.nix +++ b/hosts/rpi4/home.nix @@ -1,5 +1,4 @@ -{ config, ... }: -{ +{config, ...}: { config = { nixfiles.profile.base.enable = true; programs.keychain.enable = false; diff --git a/hosts/rpi4/media-sync.nix b/hosts/rpi4/media-sync.nix index 61999f8..9196544 100644 --- a/hosts/rpi4/media-sync.nix +++ b/hosts/rpi4/media-sync.nix @@ -1,11 +1,15 @@ -{ config, lib, pkgs, ... }: -let +{ + config, + lib, + pkgs, + ... +}: let in { config = { nixfiles.programs.syncthing.enable = true; systemd.timers.gallery-dl = { - wantedBy = [ "timers.target" ]; + wantedBy = ["timers.target"]; timerConfig = { OnBootSec = "5m"; OnUnitActiveSec = "13"; @@ -13,7 +17,7 @@ in { }; }; systemd.services.gallery-dl = { - path = with pkgs; [ bash coreutils findutils gallery-dl ]; + path = with pkgs; [bash coreutils findutils gallery-dl]; serviceConfig = { # none of your fucking business # TODO move this into an agenix secret probably @@ -24,14 +28,14 @@ in { }; systemd.timers.gallery-dl-dedup = { - wantedBy = [ "timers.target" ]; + wantedBy = ["timers.target"]; timerConfig = { OnCalendar = "03:00"; RandomizedDelaySec = "3h"; }; }; systemd.services.gallery-dl-dedup = { - path = with pkgs ; [ bash coreutils rmlint ]; + path = with pkgs; [bash coreutils rmlint]; serviceConfig = { # likewise ExecStart = "/srv/gallery-dl-dedup.sh"; diff --git a/hosts/rpi4/services.nix b/hosts/rpi4/services.nix index edaefdf..853acc0 100644 --- a/hosts/rpi4/services.nix +++ b/hosts/rpi4/services.nix @@ -1,15 +1,17 @@ -{ config, lib, pkgs, ... }: -let +{ + config, + lib, + pkgs, + ... +}: let inherit (config.age) secrets; inherit (builtins) toString; -in -{ +in { imports = [ ./gitea.nix ./authelia.nix ]; config = { - age.secrets.cloudflaredns = { file = ../../secrets/cloudflare-dns.age; group = "secrets"; @@ -63,7 +65,7 @@ in }; users.groups.secrets = {}; - users.users.acme.extraGroups = [ "secrets" ]; + users.users.acme.extraGroups = ["secrets"]; security.acme = { acceptTerms = true; @@ -97,57 +99,59 @@ in }; }; - users.users.nginx.extraGroups = [ "acme" ]; + users.users.nginx.extraGroups = ["acme"]; networking.firewall.allowedTCPPorts = [ - 80 443 + 80 + 443 # this is needed for node to work for some reason 8123 ]; - users.groups.authelia-shared = { }; - services.authelia.instances = lib.mapAttrs (inst: opts: { - enable = true; - group = "authelia-shared"; - secrets = { - jwtSecretFile = config.age.secrets.authelia-jwt.path; - storageEncryptionKeyFile = config.age.secrets.authelia-storage.path; - sessionSecretFile = config.age.secrets.authelia-session.path; - }; - settings = { - access_control.default_policy = "one_factor"; - storage.local.path = "/var/lib/authelia-${inst}/db.sqlite"; - session.cookies = [ - { - domain = "protogen.io"; - authelia_url = "https://auth.protogen.io"; - default_redirection_url = "https://searx.protogen.io"; - } - { - domain = "nbt.sh"; - authelia_url = "https://auth.nbt.sh"; - default_redirection_url = "https://admin.nbt.sh"; - } - { - domain = "proot.link"; - authelia_url = "https://auth.proot.link"; - default_redirection_url = "https://admin.proot.link"; - } - ]; - session.redis = { - host = config.services.redis.servers.authelia.unixSocket; + users.groups.authelia-shared = {}; + services.authelia.instances = + lib.mapAttrs (inst: opts: { + enable = true; + group = "authelia-shared"; + secrets = { + jwtSecretFile = config.age.secrets.authelia-jwt.path; + storageEncryptionKeyFile = config.age.secrets.authelia-storage.path; + sessionSecretFile = config.age.secrets.authelia-session.path; + }; + settings = { + access_control.default_policy = "one_factor"; + storage.local.path = "/var/lib/authelia-${inst}/db.sqlite"; + session.cookies = [ + { + domain = "protogen.io"; + authelia_url = "https://auth.protogen.io"; + default_redirection_url = "https://searx.protogen.io"; + } + { + domain = "nbt.sh"; + authelia_url = "https://auth.nbt.sh"; + default_redirection_url = "https://admin.nbt.sh"; + } + { + domain = "proot.link"; + authelia_url = "https://auth.proot.link"; + default_redirection_url = "https://admin.proot.link"; + } + ]; + session.redis = { + host = config.services.redis.servers.authelia.unixSocket; + }; + notifier.filesystem.filename = "/var/lib/authelia-${inst}/notification.txt"; + authentication_backend.file.path = config.age.secrets.authelia-users.path; + server.port = lib.mkIf (opts ? port) (opts.port or null); + theme = "auto"; + }; + }) { + main = { + domain = "protogen.io"; + # port = 9091 # default }; - notifier.filesystem.filename = "/var/lib/authelia-${inst}/notification.txt"; - authentication_backend.file.path = config.age.secrets.authelia-users.path; - server.port = lib.mkIf (opts ? port) (opts.port or null); - theme = "auto"; }; - }) { - main = { - domain = "protogen.io"; - # port = 9091 # default - }; - }; services.redis = { servers.authelia = { @@ -157,7 +161,7 @@ in users.users."${config.services.authelia.instances.main.user}".extraGroups = let name = config.services.redis.servers.authelia.user; - in [ name ]; + in [name]; services.nginx = { enable = true; @@ -171,24 +175,30 @@ in virtualHosts = let useACMEHost = "protogen.io"; - mkProxy = args@{ upstream ? "http://127.0.0.1:${builtins.toString args.port}", auth ? false, authelia ? false, extraConfig ? {}, ... }: - lib.mkMerge [ - { - inherit useACMEHost; - forceSSL = true; - locations."/" = { - proxyPass = upstream; - proxyWebsockets = true; - }; - } - (lib.mkIf auth { - basicAuthFile = config.age.secrets.htpasswd.path; - }) - (lib.mkIf authelia { - authelia.instance = lib.mkDefault "main"; - }) - extraConfig - ]; + mkProxy = args @ { + upstream ? "http://127.0.0.1:${builtins.toString args.port}", + auth ? false, + authelia ? false, + extraConfig ? {}, + ... + }: + lib.mkMerge [ + { + inherit useACMEHost; + forceSSL = true; + locations."/" = { + proxyPass = upstream; + proxyWebsockets = true; + }; + } + (lib.mkIf auth { + basicAuthFile = config.age.secrets.htpasswd.path; + }) + (lib.mkIf authelia { + authelia.instance = lib.mkDefault "main"; + }) + extraConfig + ]; # mkReverseProxy = port: { # inherit useACMEHost; @@ -199,149 +209,174 @@ in # }; # }; - mkAuthProxy = port: mkProxy { inherit port; authelia = true; }; - - mkReverseProxy = port: mkProxy { inherit port; }; - in (lib.mapAttrs (domain: instance: { forceSSL = true; inherit useACMEHost; authelia.endpoint = { inherit instance; };}) { - "auth.protogen.io" = "main"; - "auth.nbt.sh" = "main"; - "auth.proot.link" = "main"; - }) // { - "changedetection.protogen.io" = mkReverseProxy 5000; - - # firefly - "firefly.protogen.io" = mkReverseProxy 8083; - "firefly-import.protogen.io" = mkAuthProxy 8084; - - "gitea.protogen.io" = mkReverseProxy 3000; - - # home assistant - "hass.protogen.io" = mkReverseProxy 8123; - "node.protogen.io" = mkReverseProxy 1880; - "z2m.protogen.io" = mkAuthProxy 8124; - "vsc-hass.protogen.io" = mkReverseProxy 1881; - - # jellyfin - "room.protogen.io" = mkReverseProxy 8096; - "deemix.protogen.io" = mkAuthProxy 6595; - - # libreddit auth 8087 - "libreddit.protogen.io" = { - locations."/".return = "302 https://redlib.protogen.io$request_uri"; - forceSSL = true; - useACMEHost = "protogen.io"; - }; - "redlib.protogen.io" = mkAuthProxy 8087; - "rss.protogen.io" = mkReverseProxy 8082; - "blahaj.protogen.io" = mkReverseProxy 8086; - "paper.protogen.io" = mkReverseProxy config.services.paperless.port; - - # octoprint (proxy_addr is 10.10.1.8) - "print.protogen.io" = lib.mkMerge [ (mkProxy { authelia = true; upstream = "http://10.10.1.8:80"; }) - { - locations."/webcam" = { - proxyPass = "http://10.10.1.8:80$request_uri"; - proxyWebsockets = true; - basicAuthFile = config.age.secrets.htpasswd-cam.path; - authelia.method = null; + mkAuthProxy = port: + mkProxy { + inherit port; + authelia = true; }; - }]; - # searx auth 8088 (none for /favicon.ico, /autocompleter, /opensearch.xml) - "search.protogen.io".locations."/".return = "302 https://searx.protogen.io$request_uri"; - "searx.protogen.io" = let - port = 8088; - in mkProxy { authelia = true; inherit port; extraConfig = { - locations = lib.genAttrs [ "/favicon.ico" "/autocompleter" "/opensearch.xml" ] (attr: { - proxyPass = "http://localhost:${builtins.toString port}"; - proxyWebsockets = true; - authelia.method = null; - extraConfig = '' - auth_basic off; - ''; - }); - };}; + mkReverseProxy = port: mkProxy {inherit port;}; + in + (lib.mapAttrs (domain: instance: { + forceSSL = true; + inherit useACMEHost; + authelia.endpoint = {inherit instance;}; + }) { + "auth.protogen.io" = "main"; + "auth.nbt.sh" = "main"; + "auth.proot.link" = "main"; + }) + // { + "changedetection.protogen.io" = mkReverseProxy 5000; - # URL shortener - "nbt.sh" = mkProxy { port = 8090; extraConfig.serverAliases = [ "proot.link" ]; }; - "admin.nbt.sh" = mkProxy { authelia = true; port = 8091; extraConfig.serverAliases = [ "admin.proot.link" ]; }; + # firefly + "firefly.protogen.io" = mkReverseProxy 8083; + "firefly-import.protogen.io" = mkAuthProxy 8084; - # uptime - "uptime.protogen.io" = mkReverseProxy 3001; - "kuma.protogen.io".locations."/".return = "301 https://uptime.protogen.io"; + "gitea.protogen.io" = mkReverseProxy 3000; - "anki.protogen.io" = mkReverseProxy config.services.anki-sync-server.port; + # home assistant + "hass.protogen.io" = mkReverseProxy 8123; + "node.protogen.io" = mkReverseProxy 1880; + "z2m.protogen.io" = mkAuthProxy 8124; + "vsc-hass.protogen.io" = mkReverseProxy 1881; - # homepage - "home.protogen.io" = mkAuthProxy 8089; + # jellyfin + "room.protogen.io" = mkReverseProxy 8096; + "deemix.protogen.io" = mkAuthProxy 6595; - "lounge.protogen.io" = mkAuthProxy 9000; - - "trackmap.protogen.io" = let - root = pkgs.modpacks.notlite-ctm-static; - in { - useACMEHost = "protogen.io"; - forceSSL = true; - authelia.instance = "main"; - locations."/" = { - inherit root; - extraConfig = '' - autoindex off; - ''; + # libreddit auth 8087 + "libreddit.protogen.io" = { + locations."/".return = "302 https://redlib.protogen.io$request_uri"; + forceSSL = true; + useACMEHost = "protogen.io"; }; - locations."/api/" = { - proxyPass = "http://10.10.0.3:3876"; - proxyWebsockets = true; - extraConfig = '' - chunked_transfer_encoding off; - proxy_buffering off; - proxy_cache off; - ''; + "redlib.protogen.io" = mkAuthProxy 8087; + "rss.protogen.io" = mkReverseProxy 8082; + "blahaj.protogen.io" = mkReverseProxy 8086; + "paper.protogen.io" = mkReverseProxy config.services.paperless.port; + + # octoprint (proxy_addr is 10.10.1.8) + "print.protogen.io" = lib.mkMerge [ + (mkProxy { + authelia = true; + upstream = "http://10.10.1.8:80"; + }) + { + locations."/webcam" = { + proxyPass = "http://10.10.1.8:80$request_uri"; + proxyWebsockets = true; + basicAuthFile = config.age.secrets.htpasswd-cam.path; + authelia.method = null; + }; + } + ]; + + # searx auth 8088 (none for /favicon.ico, /autocompleter, /opensearch.xml) + "search.protogen.io".locations."/".return = "302 https://searx.protogen.io$request_uri"; + "searx.protogen.io" = let + port = 8088; + in + mkProxy { + authelia = true; + inherit port; + extraConfig = { + locations = lib.genAttrs ["/favicon.ico" "/autocompleter" "/opensearch.xml"] (attr: { + proxyPass = "http://localhost:${builtins.toString port}"; + proxyWebsockets = true; + authelia.method = null; + extraConfig = '' + auth_basic off; + ''; + }); + }; + }; + + # URL shortener + "nbt.sh" = mkProxy { + port = 8090; + extraConfig.serverAliases = ["proot.link"]; + }; + "admin.nbt.sh" = mkProxy { + authelia = true; + port = 8091; + extraConfig.serverAliases = ["admin.proot.link"]; + }; + + # uptime + "uptime.protogen.io" = mkReverseProxy 3001; + "kuma.protogen.io".locations."/".return = "301 https://uptime.protogen.io"; + + "anki.protogen.io" = mkReverseProxy config.services.anki-sync-server.port; + + # homepage + "home.protogen.io" = mkAuthProxy 8089; + + "lounge.protogen.io" = mkAuthProxy 9000; + + "trackmap.protogen.io" = let + root = pkgs.modpacks.notlite-ctm-static; + in { + useACMEHost = "protogen.io"; + forceSSL = true; + authelia.instance = "main"; + locations."/" = { + inherit root; + extraConfig = '' + autoindex off; + ''; + }; + locations."/api/" = { + proxyPass = "http://10.10.0.3:3876"; + proxyWebsockets = true; + extraConfig = '' + chunked_transfer_encoding off; + proxy_buffering off; + proxy_cache off; + ''; + }; + }; + + # main site + "protogen.io" = { + serverAliases = ["x.protogen.io"]; + useACMEHost = "protogen.io"; + forceSSL = true; + locations."/" = { + root = "/srv/http"; + extraConfig = '' + autoindex on; + ''; + }; + }; + + # fallback for known hosts + "nullbite.com" = { + forceSSL = true; + useACMEHost = "protogen.io"; + locations."/" = { + return = "302 https://protogen.io$request_uri"; + }; + serverAliases = ["www.nullbite.com" "nullbite.dev" "www.nullbite.dev" "www.protogen.io" "nullbite.xyz" "www.nullbite.xyz"]; + }; + + # show blank page for unknown hosts + "localhost" = { + default = true; + addSSL = true; + useACMEHost = "protogen.io"; + locations."/" = { + return = "404"; + }; }; }; - - # main site - "protogen.io" = { - serverAliases = [ "x.protogen.io" ]; - useACMEHost = "protogen.io"; - forceSSL = true; - locations."/" = { - root = "/srv/http"; - extraConfig = '' - autoindex on; - ''; - }; - }; - - # fallback for known hosts - "nullbite.com" = { - forceSSL = true; - useACMEHost = "protogen.io"; - locations."/" = { - return = "302 https://protogen.io$request_uri"; - }; - serverAliases = [ "www.nullbite.com" "nullbite.dev" "www.nullbite.dev" "www.protogen.io" "nullbite.xyz" "www.nullbite.xyz" ]; - }; - - # show blank page for unknown hosts - "localhost" = { - default = true; - addSSL = true; - useACMEHost = "protogen.io"; - locations."/" = { - return = "404"; - }; - }; - - - }; }; # https://gethomepage.dev services.homepage-dashboard = let - entry = name: value: { "${name}" = value; }; - makeBookmark = name: {...}@attrs: entry name [ attrs ]; - makeBookmark' = name: icon: abbr: href: makeBookmark name ({ inherit abbr href; } // lib.optionalAttrs (icon != null) { inherit icon; }); + entry = name: value: {"${name}" = value;}; + makeBookmark = name: {...} @ attrs: entry name [attrs]; + makeBookmark' = name: icon: abbr: href: makeBookmark name ({inherit abbr href;} // lib.optionalAttrs (icon != null) {inherit icon;}); in { enable = true; listenPort = 8089; @@ -369,10 +404,12 @@ in ]; services = let - service = name: subdomain: icon: {...}@attrs: entry name ({ - href = "https://${subdomain}.protogen.io"; - inherit icon; - } // attrs); + service = name: subdomain: icon: {...} @ attrs: + entry name ({ + href = "https://${subdomain}.protogen.io"; + inherit icon; + } + // attrs); basicService = name: subdomain: icon: service name subdomain icon {}; in [ (entry "unsorted" [ @@ -389,13 +426,17 @@ in (basicService "SearXNG" "searx" "searxng") (basicService "TheLounge" "lounge" "thelounge") (basicService "Paperless" "paper" "paperless-ngx") - (entry "Shlink" { href = "https://admin.nbt.sh"; icon = "shlink"; }) + (entry "Shlink" { + href = "https://admin.nbt.sh"; + icon = "shlink"; + }) (basicService "Create Track Map" "trackmap" "") - ((x: service x x x { - widget = { - }; - }) "changedetection") + ((x: + service x x x { + widget = { + }; + }) "changedetection") (service "Uptime Kuma" "uptime" "uptime-kuma" { widget = { @@ -443,7 +484,7 @@ in }; # needed for mDNS in Home Assistant - networking.firewall.allowedUDPPorts = [ 5353 ]; + networking.firewall.allowedUDPPorts = [5353]; systemd.services.redlib.environment = { REDLIB_DEFAULT_SUBSCRIPTIONS = lib.pipe ./reddit-subscriptions.txt [ @@ -488,13 +529,12 @@ in PAPERLESS_URL = "https://paper.protogen.io"; PAPERLESS_TIKA_ENABLED = true; PAPERLESS_TIKA_ENDPOINT = "http://localhost:${toString config.services.tika.port}"; - PAPERLESS_TIKA_GOTENBERG_ENDPOINT = - "http://localhost:${toString config.services.gotenberg.port}"; + PAPERLESS_TIKA_GOTENBERG_ENDPOINT = "http://localhost:${toString config.services.gotenberg.port}"; }; }; users.users."${config.services.paperless.user}".extraGroups = let name = config.services.redis.servers.paperless.group; - in [ name ]; + in [name]; services.gotenberg = { enable = true; diff --git a/hosts/slab/configuration.nix b/hosts/slab/configuration.nix index 302bfd4..a750fb1 100644 --- a/hosts/slab/configuration.nix +++ b/hosts/slab/configuration.nix @@ -1,20 +1,22 @@ -# vim: set ts=2 sw=2 et foldmethod=marker: +# vim: set ts=2 sw=2 et foldmethod=marker: # Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page, on # https://search.nixos.org/options and in the NixOS manual (`nixos-help`). - -{ config, lib, pkgs, vars, ... }: - { - imports = - [ # Include the results of the hardware scan. - ./hardware-configuration.nix - - ../../system # nixfiles modules - ./nvidia-optimus.nix - ./supergfxd.nix - ]; + config, + lib, + pkgs, + vars, + ... +}: { + imports = [ + # Include the results of the hardware scan. + ./hardware-configuration.nix + ../../system # nixfiles modules + ./nvidia-optimus.nix + ./supergfxd.nix + ]; config = { # nix.settings.experimental-features = ["nix-command" "flakes" ]; @@ -26,18 +28,24 @@ device = "/dev/disk/by-uuid/028A49020517BEA9"; }; "/.btrfsroot" = { - options = [ "subvol=/" ]; + options = ["subvol=/"]; }; } # Lanzaboote workaround (nix-community/lanzaboote#173) (lib.mkIf config.boot.lanzaboote.enable { - "/efi/EFI/Linux" = { device = "/boot/EFI/Linux"; options = [ "bind" ]; }; - "/efi/EFI/nixos" = { device = "/boot/EFI/nixos"; options = [ "bind" ]; }; + "/efi/EFI/Linux" = { + device = "/boot/EFI/Linux"; + options = ["bind"]; + }; + "/efi/EFI/nixos" = { + device = "/boot/EFI/nixos"; + options = ["bind"]; + }; }) - (lib.genAttrs [ "/.btrfsroot" "/" "/home" "/nix" ] ( fs: { - options = [ "compress=zstd" ]; + (lib.genAttrs ["/.btrfsroot" "/" "/home" "/nix"] (fs: { + options = ["compress=zstd"]; })) ]; @@ -51,7 +59,7 @@ # }; specialisation.hyprland.configuration = { - system.nixos.tags = [ "Hyprland" ]; + system.nixos.tags = ["Hyprland"]; nixfiles.session = "hyprland"; }; @@ -91,21 +99,20 @@ }; }; - networking.hostName = "slab"; boot.initrd.systemd.enable = true; boot.plymouth.enable = true; - boot.kernelParams = [ "quiet" ]; + boot.kernelParams = ["quiet"]; # annoying ACPI bug boot.consoleLogLevel = 2; # cryptsetup boot.initrd.luks.devices = { lvmroot = { - device="/dev/disk/by-uuid/2872c0f0-e544-45f0-9b6c-ea022af7805a"; + device = "/dev/disk/by-uuid/2872c0f0-e544-45f0-9b6c-ea022af7805a"; allowDiscards = true; fallbackToPassword = lib.mkIf (!config.boot.initrd.systemd.enable) true; preLVM = true; @@ -138,7 +145,7 @@ }; # GPS data from my phone - services.gpsd.devices = lib.mkIf config.nixfiles.hardware.gps.enable [ "tcp://pixel.magpie-moth.ts.net:6000" ]; + services.gpsd.devices = lib.mkIf config.nixfiles.hardware.gps.enable ["tcp://pixel.magpie-moth.ts.net:6000"]; # systemd power/suspend configuration systemd.targets = lib.genAttrs ["suspend" "hybrid-sleep" "suspend-then-hibernate"] (_: { @@ -164,7 +171,6 @@ # boot.loader.efi.canTouchEfiVariables = true; # see custom-hardware-configuration.nix - # networking.hostName = "nixos"; # Define your hostname. # Pick only one of the below networking options. # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. @@ -195,10 +201,8 @@ # services.xserver.displayManager.sddm.enable = true; # services.xserver.desktopManager.plasma5.enable = true; - # Enable flatpak # services.flatpak.enable = true; - # Configure keymap in X11 # services.xserver.xkb.layout = "us"; @@ -218,7 +222,6 @@ # pulse.enable = true; # jack.enable = true; # }; - # Enable touchpad support (enabled default in most desktopManager). # services.xserver.libinput.enable = true; @@ -244,7 +247,6 @@ # shell = pkgs.zsh; # }; - # shell config # programs.zsh.enable = true; # programs.fzf = { @@ -296,7 +298,7 @@ # }}} # Open ports in the firewall. - networking.firewall.allowedTCPPorts = [ 22 ]; + networking.firewall.allowedTCPPorts = [22]; # networking.firewall.allowedUDPPorts = [ ... ]; # Or disable the firewall altogether. # networking.firewall.enable = false; @@ -313,7 +315,5 @@ # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "23.11"; # Did you read the comment? - }; } - diff --git a/hosts/slab/hardware-configuration.nix b/hosts/slab/hardware-configuration.nix index 090b808..a7b6840 100644 --- a/hosts/slab/hardware-configuration.nix +++ b/hosts/slab/hardware-configuration.nix @@ -1,55 +1,59 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: - { - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; + config, + lib, + pkgs, + modulesPath, + ... +}: { + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; - boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "usbhid" "sdhci_pci" ]; - boot.initrd.kernelModules = [ "dm-snapshot" "amdgpu" ]; - boot.kernelModules = [ "kvm-amd" ]; - boot.extraModulePackages = [ ]; + boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "usbhid" "sdhci_pci"]; + boot.initrd.kernelModules = ["dm-snapshot" "amdgpu"]; + boot.kernelModules = ["kvm-amd"]; + boot.extraModulePackages = []; - fileSystems."/" = - { device = "/dev/disk/by-uuid/9c2a06d8-bff5-4587-95a6-e25495e9c4ec"; - fsType = "btrfs"; - options = [ "subvol=nixos/@" ]; - }; + fileSystems."/" = { + device = "/dev/disk/by-uuid/9c2a06d8-bff5-4587-95a6-e25495e9c4ec"; + fsType = "btrfs"; + options = ["subvol=nixos/@"]; + }; - fileSystems."/nix" = - { device = "/dev/disk/by-uuid/9c2a06d8-bff5-4587-95a6-e25495e9c4ec"; - fsType = "btrfs"; - options = [ "subvol=nixos/@nix" ]; - }; + fileSystems."/nix" = { + device = "/dev/disk/by-uuid/9c2a06d8-bff5-4587-95a6-e25495e9c4ec"; + fsType = "btrfs"; + options = ["subvol=nixos/@nix"]; + }; - fileSystems."/home" = - { device = "/dev/disk/by-uuid/9c2a06d8-bff5-4587-95a6-e25495e9c4ec"; - fsType = "btrfs"; - options = [ "subvol=@home" ]; - }; + fileSystems."/home" = { + device = "/dev/disk/by-uuid/9c2a06d8-bff5-4587-95a6-e25495e9c4ec"; + fsType = "btrfs"; + options = ["subvol=@home"]; + }; - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/50D3-45F0"; - fsType = "vfat"; - options = [ "fmask=0022" "dmask=0022" ]; - }; + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/50D3-45F0"; + fsType = "vfat"; + options = ["fmask=0022" "dmask=0022"]; + }; - fileSystems."/efi" = - { device = "/dev/disk/by-uuid/4E1B-8BEE"; - fsType = "vfat"; - options = [ "fmask=0022" "dmask=0022" ]; - }; + fileSystems."/efi" = { + device = "/dev/disk/by-uuid/4E1B-8BEE"; + fsType = "vfat"; + options = ["fmask=0022" "dmask=0022"]; + }; - swapDevices = - [ { device = "/dev/disk/by-uuid/9360890a-4050-4326-bf5f-8fa2bdc6744a"; } - ]; - fileSystems."/.btrfsroot" = - { device = "/dev/disk/by-uuid/9c2a06d8-bff5-4587-95a6-e25495e9c4ec"; - fsType = "btrfs"; - }; + swapDevices = [ + {device = "/dev/disk/by-uuid/9360890a-4050-4326-bf5f-8fa2bdc6744a";} + ]; + fileSystems."/.btrfsroot" = { + device = "/dev/disk/by-uuid/9c2a06d8-bff5-4587-95a6-e25495e9c4ec"; + fsType = "btrfs"; + }; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's diff --git a/hosts/slab/home.nix b/hosts/slab/home.nix index e881524..fda34b1 100644 --- a/hosts/slab/home.nix +++ b/hosts/slab/home.nix @@ -1,5 +1,10 @@ -{ lib, pkgs, osConfig, config, ... }: { + lib, + pkgs, + osConfig, + config, + ... +}: { imports = [ ../../home ]; @@ -9,7 +14,7 @@ profile.base.enable = true; common.wm.keybinds = { - Launch1="playerctl play-pause"; # ROG key + Launch1 = "playerctl play-pause"; # ROG key # Launch3="true"; # AURA fn key # Launch4="true"; # fan control fn key }; @@ -17,8 +22,8 @@ home.stateVersion = "23.11"; # TODO mkif stylix.enable; danth/stylix#216 - home.pointerCursor = lib.mkIf (config.nixfiles.theming.enable && !config.stylix.enable) { size = 32; }; - stylix.cursor = { size = 32; }; + home.pointerCursor = lib.mkIf (config.nixfiles.theming.enable && !config.stylix.enable) {size = 32;}; + stylix.cursor = {size = 32;}; nixfiles.theming.catppuccin.themeDPI = "hdpi"; diff --git a/hosts/slab/nvidia-optimus.nix b/hosts/slab/nvidia-optimus.nix index a195d8b..525c260 100644 --- a/hosts/slab/nvidia-optimus.nix +++ b/hosts/slab/nvidia-optimus.nix @@ -1,11 +1,13 @@ -{ config, lib, pkgs, ... }: - { - + config, + lib, + pkgs, + ... +}: { services.supergfxd.enable = true; specialisation = { nvidia.configuration = { - system.nixos.tags = [ "NVIDIA" ]; + system.nixos.tags = ["NVIDIA"]; nixfiles.supergfxd.profile = "Hybrid"; @@ -15,9 +17,9 @@ hardware.nvidia = { # Use the NVidia open source kernel module (not to be confused with the # independent third-party "nouveau" open source driver). - # Support is limited to the Turing and later architectures. Full list of - # supported GPUs is at: - # https://github.com/NVIDIA/open-gpu-kernel-modules#compatible-gpus + # Support is limited to the Turing and later architectures. Full list of + # supported GPUs is at: + # https://github.com/NVIDIA/open-gpu-kernel-modules#compatible-gpus # Only available from driver 515.43.04+ # Currently alpha-quality/buggy, so false is currently the recommended setting. open = false; @@ -30,7 +32,8 @@ package = let stable = config.boot.kernelPackages.nvidiaPackages.stable; version = stable; - in version; + in + version; prime = { offload = { diff --git a/hosts/slab/supergfxd.nix b/hosts/slab/supergfxd.nix index b62c5bf..8d92c82 100644 --- a/hosts/slab/supergfxd.nix +++ b/hosts/slab/supergfxd.nix @@ -1,5 +1,10 @@ -{ pkgs, lib, config, options, ... }@args: -let +{ + pkgs, + lib, + config, + options, + ... +} @ args: let gfx = { Integrated = { supergfxd = pkgs.writeText "supergfxd-integrated" '' @@ -69,7 +74,8 @@ let isKeyInAttrset = let getKeys = attrset: lib.mapAttrsToList (name: _: name) attrset; isInList = key: list: lib.any (x: x == key) list; - in key: attrset: isInList key (getKeys attrset); + in + key: attrset: isInList key (getKeys attrset); inherit (lib) mkIf mkOption types; in { @@ -83,7 +89,7 @@ in { }; config = { - environment.etc = mkIf (!(builtins.isNull cfg.profile)) { + environment.etc = mkIf (!(builtins.isNull cfg.profile)) { # TODO actually configure the system settings here "supergfxd.conf" = { source = gfx.${cfg.profile}.supergfxd; diff --git a/lib/nixfiles/minecraft.nix b/lib/nixfiles/minecraft.nix index 99aedc9..ed5a7d5 100644 --- a/lib/nixfiles/minecraft.nix +++ b/lib/nixfiles/minecraft.nix @@ -1,14 +1,19 @@ -{ pkgs, ... }: -let +{pkgs, ...}: let inherit (pkgs) lib; -in -{ - mkServer = { modpack ? null, modpackSymlinks ? [], modpackFiles ? [], jvmOpts ? null, ...}@opts: let +in { + mkServer = { + modpack ? null, + modpackSymlinks ? [], + modpackFiles ? [], + jvmOpts ? null, + ... + } @ opts: let # log4j exploit is bad and scary and i have no idea if this is still needed # but it's best to be on the safe side jvmOptsPatched = let requiredJvmOpts = "-Dlog4j2.formatMsgNoLookups=true"; - in if (!(builtins.isNull jvmOpts)) + in + if (!(builtins.isNull jvmOpts)) then requiredJvmOpts + " " + jvmOpts else requiredJvmOpts; @@ -17,51 +22,58 @@ in serverPackage = let mcVersion = modpack.manifest.versions.minecraft; - fixedVersion = lib.replaceStrings [ "." ] [ "_" ] mcVersion; + fixedVersion = lib.replaceStrings ["."] ["_"] mcVersion; quiltVersion = modpack.manifest.versions.quilt or null; fabricVersion = modpack.manifest.versions.fabric or null; - loader = if (!(builtins.isNull quiltVersion)) then "quilt" else "fabric"; - loaderVersion = if loader == "quilt" then quiltVersion else fabricVersion; - in pkgs.minecraftServers."${loader}-${fixedVersion}".override { inherit loaderVersion; }; + loader = + if (!(builtins.isNull quiltVersion)) + then "quilt" + else "fabric"; + loaderVersion = + if loader == "quilt" + then quiltVersion + else fabricVersion; + in + pkgs.minecraftServers."${loader}-${fixedVersion}".override {inherit loaderVersion;}; + in + lib.mkMerge [ + (lib.mkIf (!(builtins.isNull modpack)) { + inherit symlinks files; + package = lib.mkDefault serverPackage; + }) + { + autoStart = lib.mkDefault true; + jvmOpts = jvmOptsPatched; + whitelist = lib.mkDefault { + NullBite = "e24e8e0e-7540-4126-b737-90043155bcd4"; + Silveere = "468554f1-27cd-4ea1-9308-3dd14a9b1a12"; + YzumThreeEye = "3dad78e8-6979-404f-820e-952ce20964a0"; + }; + serverProperties = { + # allows no chat reports to run + enforce-secure-profile = lib.mkDefault false; - in lib.mkMerge [ - (lib.mkIf (!(builtins.isNull modpack)) { - inherit symlinks files; - package = lib.mkDefault serverPackage; - }) - { - autoStart = lib.mkDefault true; - jvmOpts = jvmOptsPatched; - whitelist = lib.mkDefault { - NullBite = "e24e8e0e-7540-4126-b737-90043155bcd4"; - Silveere = "468554f1-27cd-4ea1-9308-3dd14a9b1a12"; - YzumThreeEye = "3dad78e8-6979-404f-820e-952ce20964a0"; - }; - serverProperties = { - # allows no chat reports to run - enforce-secure-profile = lib.mkDefault false; + # whitelist + white-list = lib.mkDefault true; + enforce-whitelist = lib.mkDefault true; - # whitelist - white-list = lib.mkDefault true; - enforce-whitelist = lib.mkDefault true; + motd = lib.mkDefault "owo what's this (nix preset edition)"; + enable-rcon = lib.mkDefault false; - motd = lib.mkDefault "owo what's this (nix preset edition)"; - enable-rcon = lib.mkDefault false; + # btrfs performance fix + sync-chunk-writes = lib.mkDefault false; - # btrfs performance fix - sync-chunk-writes = lib.mkDefault false; + # this helps with some mod support. disable it on public servers. + allow-flight = lib.mkDefault true; - # this helps with some mod support. disable it on public servers. - allow-flight = lib.mkDefault true; + # no telemetry + snooper-enabled = lib.mkDefault false; - # no telemetry - snooper-enabled = lib.mkDefault false; - - # other preferred settings - pvp = lib.mkDefault true; - difficulty = lib.mkDefault "hard"; - }; - } - (builtins.removeAttrs opts [ "modpack" "modpackSymlinks" "modpackFiles" "jvmOpts" ]) - ]; + # other preferred settings + pvp = lib.mkDefault true; + difficulty = lib.mkDefault "hard"; + }; + } + (builtins.removeAttrs opts ["modpack" "modpackSymlinks" "modpackFiles" "jvmOpts"]) + ]; } diff --git a/modules/home-manager/default.nix b/modules/home-manager/default.nix index da2b766..eed7124 100644 --- a/modules/home-manager/default.nix +++ b/modules/home-manager/default.nix @@ -1,2 +1 @@ -_: -{} +_: {} diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix index 76c5b7a..cf09ed2 100644 --- a/modules/nixos/default.nix +++ b/modules/nixos/default.nix @@ -1,3 +1,2 @@ -{...}@moduleInputs: -{ +{...} @ moduleInputs: { } diff --git a/overlays/default.nix b/overlays/default.nix index 6a19958..2cde5f7 100644 --- a/overlays/default.nix +++ b/overlays/default.nix @@ -12,9 +12,10 @@ in { ./modpacks.nix ]; config.flake.overlays = { - default = with cfg; composeManyExtensions [ - backports - mitigations - ]; + default = with cfg; + composeManyExtensions [ + backports + mitigations + ]; }; } diff --git a/pkgs/apps.nix b/pkgs/apps.nix index 73744eb..d191c5b 100644 --- a/pkgs/apps.nix +++ b/pkgs/apps.nix @@ -1,9 +1,15 @@ -{ packages, system, ... }: -let _packages = packages; in -let - packages = _packages.${system}; - mkApp = program: { type = "app"; inherit program; }; -in { + packages, + system, + ... +}: let + _packages = packages; +in let + packages = _packages.${system}; + mkApp = program: { + type = "app"; + inherit program; + }; +in { keysetting = mkApp "${packages.wm-helpers}/bin/keysetting"; } diff --git a/pkgs/atool-wrapped/default.nix b/pkgs/atool-wrapped/default.nix index d54e255..ab72b50 100644 --- a/pkgs/atool-wrapped/default.nix +++ b/pkgs/atool-wrapped/default.nix @@ -1,4 +1,5 @@ -{ lib, +{ + lib, atool, makeBinaryWrapper, stdenvNoCC, @@ -14,24 +15,24 @@ p7zip, unrar, lha, - unfree ? false }: -let + unfree ? false, +}: let wrappedPath = lib.makeBinPath ([lzip plzip lzop xz zip unzip arj rpm cpio p7zip] ++ lib.optionals unfree [unrar lha]); in -stdenvNoCC.mkDerivation { - name = "atool-wrapped"; - phases = [ "installPhase" ]; - nativeBuildInputs = [ makeBinaryWrapper ]; - src = ./.; - installPhase = '' - # symlinking them doesn't work for some reason so i have to build multiple - for i in atool acat adiff als apack arepack aunpack ; do - makeBinaryWrapper "${atool}/bin/$i" "$out/bin/$i" \ - --inherit-argv0 --prefix PATH : "${wrappedPath}" - done + stdenvNoCC.mkDerivation { + name = "atool-wrapped"; + phases = ["installPhase"]; + nativeBuildInputs = [makeBinaryWrapper]; + src = ./.; + installPhase = '' + # symlinking them doesn't work for some reason so i have to build multiple + for i in atool acat adiff als apack arepack aunpack ; do + makeBinaryWrapper "${atool}/bin/$i" "$out/bin/$i" \ + --inherit-argv0 --prefix PATH : "${wrappedPath}" + done - # i have no idea if this is the "right" way to do this - mkdir -p "$out/share" - ln -s "${atool}/share/man" "$out/share/man" - ''; -} + # i have no idea if this is the "right" way to do this + mkdir -p "$out/share" + ln -s "${atool}/share/man" "$out/share/man" + ''; + } diff --git a/pkgs/cofi/shell.nix b/pkgs/cofi/shell.nix index ad025a7..dfa2f40 100644 --- a/pkgs/cofi/shell.nix +++ b/pkgs/cofi/shell.nix @@ -1,16 +1,15 @@ -{ pkgs ? import {} }: -let +{pkgs ? import {}}: let rofi-dmenu-wrapped = pkgs.writeShellScript "rofi-dmenu" '' exec "${pkgs.rofi-wayland}/bin/rofi" -dmenu "$@" ''; in -pkgs.mkShell { - shellHook = '' - export COMMA_PICKER="${rofi-dmenu-wrapped}" - ''; - nativeBuildInputs = with pkgs; [ - rofi-wayland - libnotify - comma - ]; -} + pkgs.mkShell { + shellHook = '' + export COMMA_PICKER="${rofi-dmenu-wrapped}" + ''; + nativeBuildInputs = with pkgs; [ + rofi-wayland + libnotify + comma + ]; + } diff --git a/pkgs/cross-seed/default.nix b/pkgs/cross-seed/default.nix index 6b674d1..70567e3 100644 --- a/pkgs/cross-seed/default.nix +++ b/pkgs/cross-seed/default.nix @@ -1,5 +1,8 @@ -{ lib, buildNpmPackage, fetchFromGitHub }: - +{ + lib, + buildNpmPackage, + fetchFromGitHub, +}: buildNpmPackage rec { pname = "cross-seed"; version = "6.11.0"; diff --git a/pkgs/default.nix b/pkgs/default.nix index cdeea2b..55a7fb4 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -1,17 +1,15 @@ -{ pkgs, ... }: -let +{pkgs, ...}: let inherit (pkgs) callPackage callPackages; mopidyPackages = callPackages ./mopidy { python = pkgs.python3; }; -in -{ - inherit (mopidyPackages) mopidy-autoplay ; - google-fonts = callPackage ./google-fonts { }; - wm-helpers = callPackage ./wm-helpers { }; - atool = callPackage ./atool-wrapped { }; - nixfiles-assets = callPackage ./nixfiles-assets { }; - redlib = callPackage ./redlib { }; - cross-seed = callPackage ./cross-seed { }; +in { + inherit (mopidyPackages) mopidy-autoplay; + google-fonts = callPackage ./google-fonts {}; + wm-helpers = callPackage ./wm-helpers {}; + atool = callPackage ./atool-wrapped {}; + nixfiles-assets = callPackage ./nixfiles-assets {}; + redlib = callPackage ./redlib {}; + cross-seed = callPackage ./cross-seed {}; } diff --git a/pkgs/google-fonts/default.nix b/pkgs/google-fonts/default.nix index bb3fc3a..4034022 100644 --- a/pkgs/google-fonts/default.nix +++ b/pkgs/google-fonts/default.nix @@ -1,9 +1,9 @@ -{ lib -, stdenvNoCC -, fetchFromGitHub -, fonts ? [] +{ + lib, + stdenvNoCC, + fetchFromGitHub, + fonts ? [], }: - stdenvNoCC.mkDerivation { pname = "google-fonts"; version = "unstable-2023-10-20"; @@ -11,7 +11,7 @@ stdenvNoCC.mkDerivation { # Adobe Blank is split out in a separate output, # because it causes crashes with `libfontconfig`. # It has an absurd number of symbols - outputs = [ "out" "adobeBlank" ]; + outputs = ["out" "adobeBlank"]; src = fetchFromGitHub { owner = "google"; @@ -45,26 +45,32 @@ stdenvNoCC.mkDerivation { # FamilyName.ttf. This installs all fonts if fonts is empty and otherwise # only the specified fonts by FamilyName. fonts = map (font: builtins.replaceStrings [" "] [""] font) fonts; - installPhase = '' - adobeBlankDest=$adobeBlank/share/fonts/truetype - install -m 444 -Dt $adobeBlankDest ofl/adobeblank/AdobeBlank-Regular.ttf - rm -r ofl/adobeblank - dest=$out/share/fonts/truetype - '' + (if fonts == [] then '' - find . -name '*.ttf' -exec install -m 444 -Dt $dest '{}' + - '' else '' - for font in $fonts; do - find . \( -name "$font-*.ttf" -o -name "$font[*.ttf" -o -name "$font.ttf" \) -exec install -m 444 -Dt $dest '{}' + - done - ''); + installPhase = + '' + adobeBlankDest=$adobeBlank/share/fonts/truetype + install -m 444 -Dt $adobeBlankDest ofl/adobeblank/AdobeBlank-Regular.ttf + rm -r ofl/adobeblank + dest=$out/share/fonts/truetype + '' + + ( + if fonts == [] + then '' + find . -name '*.ttf' -exec install -m 444 -Dt $dest '{}' + + '' + else '' + for font in $fonts; do + find . \( -name "$font-*.ttf" -o -name "$font[*.ttf" -o -name "$font.ttf" \) -exec install -m 444 -Dt $dest '{}' + + done + '' + ); meta = with lib; { homepage = "https://fonts.google.com"; description = "Font files available from Google Fonts"; - license = with licenses; [ asl20 ofl ufl ]; + license = with licenses; [asl20 ofl ufl]; platforms = platforms.all; hydraPlatforms = []; - maintainers = with maintainers; [ manveru ]; - sourceProvenance = [ sourceTypes.binaryBytecode ]; + maintainers = with maintainers; [manveru]; + sourceProvenance = [sourceTypes.binaryBytecode]; }; } diff --git a/pkgs/lucem/update.nix b/pkgs/lucem/update.nix index 7f7b0f2..b9582f2 100644 --- a/pkgs/lucem/update.nix +++ b/pkgs/lucem/update.nix @@ -1,9 +1,11 @@ -{ nixpkgs ? , pkgs ? (import nixpkgs) { } }: -let +{ + nixpkgs ? , + pkgs ? (import nixpkgs) {}, +}: let inherit (pkgs) callPackage fetchFromSourcehut fetchFromGitHub lib; inherit (lib) escapeShellArg; - lucem = pkgs.callPackage ./. { }; + lucem = pkgs.callPackage ./. {}; nim_lk_patched = pkgs.nim_lk.overrideAttrs (final: prev: { src = pkgs.fetchFromSourcehut { @@ -16,7 +18,6 @@ let ./nim_lk-rev-order-fix.patch ]; }); - in pkgs.stdenvNoCC.mkDerivation { name = "lucem-lock.json"; diff --git a/pkgs/mopidy/autoplay.nix b/pkgs/mopidy/autoplay.nix index a043147..47f9ce6 100644 --- a/pkgs/mopidy/autoplay.nix +++ b/pkgs/mopidy/autoplay.nix @@ -1,5 +1,9 @@ -{ lib, python3Packages, fetchPypi, mopidy }: - +{ + lib, + python3Packages, + fetchPypi, + mopidy, +}: # based on mopidy/jellyfin.nix python3Packages.buildPythonApplication rec { pname = "mopidy-autoplay"; @@ -11,15 +15,15 @@ python3Packages.buildPythonApplication rec { sha256 = "sha256-E2Q+Cn2LWSbfoT/gFzUfChwl67Mv17uKmX2woFz/3YM="; }; - propagatedBuildInputs = [ mopidy ]; + propagatedBuildInputs = [mopidy]; # no tests implemented doCheck = false; - pythonImportsCheck = [ "mopidy_autoplay" ]; + pythonImportsCheck = ["mopidy_autoplay"]; - meta = with lib; { - homepage = "https://codeberg.org/sph/mopidy-autoplay"; - description = "Mopidy extension to automatically pick up where you left off and start playing the last track from the position before Mopidy was shut down."; - license = licenses.asl20; - }; + meta = with lib; { + homepage = "https://codeberg.org/sph/mopidy-autoplay"; + description = "Mopidy extension to automatically pick up where you left off and start playing the last track from the position before Mopidy was shut down."; + license = licenses.asl20; + }; } diff --git a/pkgs/mopidy/default.nix b/pkgs/mopidy/default.nix index 3a996d3..565f69a 100644 --- a/pkgs/mopidy/default.nix +++ b/pkgs/mopidy/default.nix @@ -1,10 +1,14 @@ -{ lib, newScope, python }: - +{ + lib, + newScope, + python, +}: # i have no idea what this is but there's some conflict if i don't do this # based on https://github.com/NixOS/nixpkgs/blob/77f0d2095a8271fdb6e0d08c90a7d93631fd2748/pkgs/applications/audio/mopidy/default.nix -lib.makeScope newScope (self: with self; { - inherit python; - pythonPackages = python.pkgs; +lib.makeScope newScope (self: + with self; { + inherit python; + pythonPackages = python.pkgs; - mopidy-autoplay = callPackage ./autoplay.nix { }; -}) + mopidy-autoplay = callPackage ./autoplay.nix {}; + }) diff --git a/pkgs/nixfiles-assets/default.nix b/pkgs/nixfiles-assets/default.nix index 14ce9e7..91b9317 100644 --- a/pkgs/nixfiles-assets/default.nix +++ b/pkgs/nixfiles-assets/default.nix @@ -1,5 +1,8 @@ -{ lib, stdenvNoCC, fetchFromGitea }: -let +{ + lib, + stdenvNoCC, + fetchFromGitea, +}: let src = fetchFromGitea { domain = "gitea.protogen.io"; owner = "nullbite"; @@ -10,16 +13,16 @@ let fetchLFS = true; }; in -stdenvNoCC.mkDerivation { - pname = "nixfiles-assets"; - version = src.rev; - inherit src; - phases = [ "installPhase" ]; - installPhase = '' - cd $src - pwd - ls - mkdir -p $out/share/ - cp -a wallpapers $out/share/ - ''; -} + stdenvNoCC.mkDerivation { + pname = "nixfiles-assets"; + version = src.rev; + inherit src; + phases = ["installPhase"]; + installPhase = '' + cd $src + pwd + ls + mkdir -p $out/share/ + cp -a wallpapers $out/share/ + ''; + } diff --git a/pkgs/redlib/default.nix b/pkgs/redlib/default.nix index 33ad787..26702cb 100644 --- a/pkgs/redlib/default.nix +++ b/pkgs/redlib/default.nix @@ -1,11 +1,12 @@ -{ lib -, stdenv -, cacert -, nixosTests -, rustPlatform -, fetchFromGitHub -, darwin -, nix-update-script +{ + lib, + stdenv, + cacert, + nixosTests, + rustPlatform, + fetchFromGitHub, + darwin, + nix-update-script, }: rustPlatform.buildRustPackage rec { pname = "redlib"; @@ -58,7 +59,7 @@ rustPlatform.buildRustPackage rec { env = { SSL_CERT_FILE = "${cacert}/etc/ssl/certs/ca-bundle.crt"; - GIT_HASH=src.rev; + GIT_HASH = src.rev; }; doCheck = false; @@ -67,7 +68,7 @@ rustPlatform.buildRustPackage rec { inherit (nixosTests) redlib; }; - passthru.updateScript = nix-update-script { extraArgs = [ "--version=branch=main" ]; }; + passthru.updateScript = nix-update-script {extraArgs = ["--version=branch=main"];}; meta = { changelog = "https://github.com/redlib-org/redlib/releases/tag/v${version}"; @@ -75,6 +76,6 @@ rustPlatform.buildRustPackage rec { homepage = "https://github.com/redlib-org/redlib"; license = lib.licenses.agpl3Only; mainProgram = "redlib"; - maintainers = with lib.maintainers; [ soispha ]; + maintainers = with lib.maintainers; [soispha]; }; } diff --git a/pkgs/wm-helpers/default.nix b/pkgs/wm-helpers/default.nix index fc6908b..cf250b2 100644 --- a/pkgs/wm-helpers/default.nix +++ b/pkgs/wm-helpers/default.nix @@ -1,79 +1,85 @@ -{ pkgs, lib, cap-volume ? true, unmute ? true, ...}: -let - keysetting = pkgs.writeShellScriptBin "keysetting" - '' - wpctl=${pkgs.wireplumber}/bin/wpctl - notify_send=${pkgs.libnotify}/bin/notify-send - brightnessctl=${pkgs.brightnessctl}/bin/brightnessctl - cut=${pkgs.coreutils}/bin/cut - grep=${pkgs.gnugrep}/bin/grep - tr=${pkgs.coreutils}/bin/tr - bc=${pkgs.bc}/bin/bc +{ + pkgs, + lib, + cap-volume ? true, + unmute ? true, + ... +}: let + keysetting = + pkgs.writeShellScriptBin "keysetting" + '' + wpctl=${pkgs.wireplumber}/bin/wpctl + notify_send=${pkgs.libnotify}/bin/notify-send + brightnessctl=${pkgs.brightnessctl}/bin/brightnessctl + cut=${pkgs.coreutils}/bin/cut + grep=${pkgs.gnugrep}/bin/grep + tr=${pkgs.coreutils}/bin/tr + bc=${pkgs.bc}/bin/bc - cap_volume=${pkgs.coreutils}/bin/${lib.boolToString cap-volume} - unmute=${pkgs.coreutils}/bin/${lib.boolToString unmute} + cap_volume=${pkgs.coreutils}/bin/${lib.boolToString cap-volume} + unmute=${pkgs.coreutils}/bin/${lib.boolToString unmute} - notify-send () { - $notify_send -h string:x-canonical-private-synchronous:keysetting "$@" - } + notify-send () { + $notify_send -h string:x-canonical-private-synchronous:keysetting "$@" + } - getvol () { - echo "$(wpctl get-volume @DEFAULT_SINK@ | $tr -dc '[:digit:].')*100/1" | $bc - } + getvol () { + echo "$(wpctl get-volume @DEFAULT_SINK@ | $tr -dc '[:digit:].')*100/1" | $bc + } - notifyvol () { - message="Volume: $(getvol)%" - if $wpctl get-volume @DEFAULT_SINK@ | $grep MUTED > /dev/null ; then - message="$message [MUTED]" - fi - notify-send "$message" - } + notifyvol () { + message="Volume: $(getvol)%" + if $wpctl get-volume @DEFAULT_SINK@ | $grep MUTED > /dev/null ; then + message="$message [MUTED]" + fi + notify-send "$message" + } - setvol () { - $wpctl set-volume @DEFAULT_SINK@ "$1" - notifyvol - } + setvol () { + $wpctl set-volume @DEFAULT_SINK@ "$1" + notifyvol + } - volup () { - if $unmute ; then - $wpctl set-mute @DEFAULT_SINK@ 0 - fi + volup () { + if $unmute ; then + $wpctl set-mute @DEFAULT_SINK@ 0 + fi - if $cap_volume && [[ $(( $(getvol) + 5 )) -gt 100 ]] ; then - setvol 1 - return - fi + if $cap_volume && [[ $(( $(getvol) + 5 )) -gt 100 ]] ; then + setvol 1 + return + fi - setvol 5%+ - # notifyvol - } + setvol 5%+ + # notifyvol + } - voldown () { - if $unmute ; then - $wpctl set-mute @DEFAULT_SINK@ 0 - fi - setvol 5%- - # notifyvol - } + voldown () { + if $unmute ; then + $wpctl set-mute @DEFAULT_SINK@ 0 + fi + setvol 5%- + # notifyvol + } - notifybright () { - notify-send "Brightness: $(($($brightnessctl g)*100/$($brightnessctl m)))%" - } + notifybright () { + notify-send "Brightness: $(($($brightnessctl g)*100/$($brightnessctl m)))%" + } - setbright () { - $brightnessctl s "$1" - notifybright - } - case "$1" in - volumeup) volup ;; - volumedown) voldown ;; - mute) $wpctl set-mute @DEFAULT_SINK@ toggle; notifyvol;; - monup) setbright 5%+;; - mondown) setbright 5%-;; - esac - ''; + setbright () { + $brightnessctl s "$1" + notifybright + } + case "$1" in + volumeup) volup ;; + volumedown) voldown ;; + mute) $wpctl set-mute @DEFAULT_SINK@ toggle; notifyvol;; + monup) setbright 5%+;; + mondown) setbright 5%-;; + esac + ''; in -pkgs.symlinkJoin { - name = "wm-helpers"; - paths = keysetting; -} + pkgs.symlinkJoin { + name = "wm-helpers"; + paths = keysetting; + } diff --git a/secrets/secrets.nix b/secrets/secrets.nix index 0552bd2..e296e39 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -12,22 +12,20 @@ let "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC0enlNbo1V5q0yq6n90gRPsNznoQ/KLEjeo1yOAUyJwPi35cw+b3p4DRN7T55DcSivKKE9Hyh6bpaQWFJSLyP5jAtDrYkuUfNx5GkgrquMwMvwzk3Z+h2/J/WgDyKQZXtm9LHYTgiW8jDU1lBiks39IqCAGrCTLAmAHSaJ39A4ZpJwu6zZ9sQqT22E/UpFm5MBezdZbm8V0G+beX+y3+pp8Kag7goGNY+rgTgx7REDz3jzZz3FBP+CxKoo1H8HHz78RDqBb8HKpVQYNQkwvIBeczKawRHIkJO2Mk+1mc6Ta6beA9+Uyf+puxco2xl6BOnDInvnhWJIRXOJuR5P8/YWprE1o4ixF2N95D2GlJ618V7faEovu/sNj8qIvfA66OF1gG+LOfNAl+u2+3V8ewATF493F0q04zhenoH1ZdrsACJfL8tK9Ev9056ImR6aSJ5BjqCk0tMmnLKTZ7q3R2LoKnB1r/TXe10OH7rx5BDAt4OmD8a5QS0RvVgK3O/iMW0=" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDSAD3bCc9ZHGqU+HoCtp69uU3Px5bbVYYrHbLS3AS1Xku9rPKE/oUU/fz8/AZxp6dLuKhPjQjLzgbFjM0rK57fiOPqBnlw3eAiIymrlB03ALLV3y+GF2OhVf2rkcPkUxjK978dwS9bxgty6WzPAoSjNwilzgf2CcLcHyIzDwwzWCndM9jtpXbUbLhOH6CvsvygBD7j06wakLOorTS+cAFecUvaUkDr6gSu6zpM29DcFiq8T1VoWhBzwC/9IKnxV/XqaZBM3Em7NfPQIzYWcD9A5+Holj2I6jcTSd9xIdMhD4Miqm8IdojPkP2NuVfD9AMxn0ccwbROG/zliyXtcxRj8b3jEquBKuN+yGqF5hexmKlhHmHua9NwhsWnGWjOWWSaPtsp3WOM/fEc7cWpVWZ+W8V5LbdWEY3Ke52Cz35QbOSml09H/gIzsMxZbiZvkJB4PvWKf0FoyZ8ojJWIaGP1/LQdXNMWorqy7tWp3sAw3JcMsR0ezJ3YoI6Y6FOIdL0=" ]; -in -{ - "cloudflare-dns.age".publicKeys = [ rpi4 ] ++ all-user; - "wireguard-rpi4.age".publicKeys = [ rpi4 ] ++ all-user; - "htpasswd.age".publicKeys = [ rpi4 ] ++ all-user; - "htpasswd-cam.age".publicKeys = [ rpi4 ] ++ all-user; - "authelia-users.age".publicKeys = [ rpi4 ] ++ all-user; - "authelia-storage.age".publicKeys = [ rpi4 ] ++ all-user; - "authelia-jwt.age".publicKeys = [ rpi4 ] ++ all-user; - "authelia-session.age".publicKeys = [ rpi4 ] ++ all-user; - "homepage.age".publicKeys = [ rpi4 ] ++ all-user; - "paperless-admin.age".publicKeys = [ rpi4 ] ++ all-user; +in { + "cloudflare-dns.age".publicKeys = [rpi4] ++ all-user; + "wireguard-rpi4.age".publicKeys = [rpi4] ++ all-user; + "htpasswd.age".publicKeys = [rpi4] ++ all-user; + "htpasswd-cam.age".publicKeys = [rpi4] ++ all-user; + "authelia-users.age".publicKeys = [rpi4] ++ all-user; + "authelia-storage.age".publicKeys = [rpi4] ++ all-user; + "authelia-jwt.age".publicKeys = [rpi4] ++ all-user; + "authelia-session.age".publicKeys = [rpi4] ++ all-user; + "homepage.age".publicKeys = [rpi4] ++ all-user; + "paperless-admin.age".publicKeys = [rpi4] ++ all-user; - "restic-rclone.age".publicKeys = [ rpi4 nullbox slab ] ++ all-user; - "restic-password.age".publicKeys = [ rpi4 nullbox slab ] ++ all-user; + "restic-rclone.age".publicKeys = [rpi4 nullbox slab] ++ all-user; + "restic-password.age".publicKeys = [rpi4 nullbox slab] ++ all-user; - "anki-user.age".publicKeys = [ rpi4 ] ++ all-user; + "anki-user.age".publicKeys = [rpi4] ++ all-user; } - diff --git a/system/cachix.nix b/system/cachix.nix index 3a09e06..e251b87 100644 --- a/system/cachix.nix +++ b/system/cachix.nix @@ -1,8 +1,11 @@ -{ pkgs, lib, config, ... }: -let - cfg = config.nixfiles.cachix; -in { + pkgs, + lib, + config, + ... +}: let + cfg = config.nixfiles.cachix; +in { options.nixfiles.cachix.enable = lib.mkOption { description = "Whether to enable the Cachix derivation cache"; type = lib.types.bool; diff --git a/system/common/bootnext.nix b/system/common/bootnext.nix index 497d197..c7aab04 100644 --- a/system/common/bootnext.nix +++ b/system/common/bootnext.nix @@ -1,11 +1,16 @@ -{ config, lib, pkgs, options, ... }: -let +{ + config, + lib, + pkgs, + options, + ... +}: let inherit (lib) types escapeShellArg; cfg = config.nixfiles.common.bootnext; bootNextScriptMain = pkgs.writeShellScript "bootnext-wrapped" '' set -Eeuxo pipefail - PATH=${lib.escapeShellArg (with pkgs; lib.makeBinPath [ gnugrep coreutils efibootmgr ])} + PATH=${lib.escapeShellArg (with pkgs; lib.makeBinPath [gnugrep coreutils efibootmgr])} export PATH function do_bootnext() { @@ -19,9 +24,10 @@ let case "$1" in ${lib.concatStringsSep "\n" ( - lib.mapAttrsToList (name: value: - " ${escapeShellArg name}) do_bootnext ${escapeShellArg value.efiPartUUID} ${escapeShellArg value.name} ;;" - ) cfg.entries + lib.mapAttrsToList ( + name: value: " ${escapeShellArg name}) do_bootnext ${escapeShellArg value.efiPartUUID} ${escapeShellArg value.name} ;;" + ) + cfg.entries )} *) echo "Boot entry \"$1\" not configured."; exit 1;; esac @@ -49,18 +55,17 @@ let bootnextDesktopEntries = pkgs.symlinkJoin { name = "bootnext-desktop-entries"; - paths = lib.mapAttrsToList (name: value: pkgs.makeDesktopItem { + paths = lib.mapAttrsToList (name: value: + pkgs.makeDesktopItem { name = "bootnext-reboot-${name}"; desktopName = "Reboot into ${value.desktopEntry.name}"; comment = "Select the entry defined by the `${name}` configuration in the bootnext script and then reboot."; icon = "${value.desktopEntry.icon}"; - keywords = [ "bootnext" "reboot" "${name}" "${value.desktopEntry.name}" ]; + keywords = ["bootnext" "reboot" "${name}" "${value.desktopEntry.name}"]; exec = "${desktopWrapper} ${name}"; }) (lib.filterAttrs (_: value: value.desktopEntry.enable) cfg.entries); }; - -in -{ +in { options = { nixfiles.common.bootnext = { enable = lib.mkOption { @@ -71,19 +76,25 @@ in default = false; example = true; }; - enableDesktopEntries = lib.mkEnableOption "generation of bootnext Desktop entries" // { default = true; }; + enableDesktopEntries = lib.mkEnableOption "generation of bootnext Desktop entries" // {default = true;}; entries = let - entryModule = {name, config, ... }: { + entryModule = { + name, + config, + ... + }: { options = let - uuidType = with types; lib.mkOptionType { - name = "uuid"; - description = "UUID"; - descriptionClass = "noun"; - check = let - uuidRegex = "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[0-9A-Fa-f]{4}-[0-9A-Fa-f]{4}-[0-9A-Fa-f]{12}$"; - in x: str.check x && (builtins.match uuidRegex x) != null; - inherit (str) merge; - }; + uuidType = with types; + lib.mkOptionType { + name = "uuid"; + description = "UUID"; + descriptionClass = "noun"; + check = let + uuidRegex = "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[0-9A-Fa-f]{4}-[0-9A-Fa-f]{4}-[0-9A-Fa-f]{12}$"; + in + x: str.check x && (builtins.match uuidRegex x) != null; + inherit (str) merge; + }; in { efiPartUUID = lib.mkOption { description = "UUID of EFI partition containing boot entry"; @@ -116,22 +127,26 @@ in }; }; }; - in lib.mkOption { - description = "bootnext entry"; - type = with types; attrsOf (submodule entryModule); - }; + in + lib.mkOption { + description = "bootnext entry"; + type = with types; attrsOf (submodule entryModule); + }; }; }; config = lib.mkIf cfg.enable { - environment.systemPackages = [ bootNextScript ] ++ lib.optional cfg.enableDesktopEntries bootnextDesktopEntries; + environment.systemPackages = [bootNextScript] ++ lib.optional cfg.enableDesktopEntries bootnextDesktopEntries; security.sudo.extraRules = lib.mkAfter [ { commands = [ - { command = "${bootNextScriptMain}"; options = [ "NOPASSWD" ]; } + { + command = "${bootNextScriptMain}"; + options = ["NOPASSWD"]; + } ]; - groups = [ "wheel" ]; + groups = ["wheel"]; } ]; }; diff --git a/system/common/busybox.nix b/system/common/busybox.nix index 4b2d572..235f0c5 100644 --- a/system/common/busybox.nix +++ b/system/common/busybox.nix @@ -1,18 +1,25 @@ -{ config, pkgs, lib, ... }: -let +{ + config, + pkgs, + lib, + ... +}: let cfg = config.nixfiles.common.busybox; in { - options.nixfiles.common.busybox.enable = lib.mkEnableOption "" // { - description = '' - Whether to install Busybox into the system environment as a very low - priority fallback for common commands. This should *never* override a - user-installed package. - ''; - }; + options.nixfiles.common.busybox.enable = + lib.mkEnableOption "" + // { + description = '' + Whether to install Busybox into the system environment as a very low + priority fallback for common commands. This should *never* override a + user-installed package. + ''; + }; config = lib.mkIf cfg.enable { - environment.systemPackages = with pkgs; lib.mkOrder 50 [ - busybox - ]; + environment.systemPackages = with pkgs; + lib.mkOrder 50 [ + busybox + ]; }; } diff --git a/system/common/default.nix b/system/common/default.nix index 6af0e67..7a629cf 100644 --- a/system/common/default.nix +++ b/system/common/default.nix @@ -1,5 +1,4 @@ -{...}: -{ +{...}: { imports = [ ./me.nix ./remote.nix diff --git a/system/common/me.nix b/system/common/me.nix index 1f3eeab..d054bd5 100644 --- a/system/common/me.nix +++ b/system/common/me.nix @@ -1,8 +1,11 @@ -{ config, lib, pkgs, ...}: -let - cfg = config.nixfiles.common.me; -in { + config, + lib, + pkgs, + ... +}: let + cfg = config.nixfiles.common.me; +in { options.nixfiles.common.me = { enable = lib.mkEnableOption "my user account"; }; @@ -12,7 +15,7 @@ in uid = 1000; group = "nullbite"; isNormalUser = true; - extraGroups = [ "wheel" ] ++ lib.optional config.nixfiles.packageSets.fun.enable "input"; + extraGroups = ["wheel"] ++ lib.optional config.nixfiles.packageSets.fun.enable "input"; packages = with pkgs; [ keychain ]; diff --git a/system/common/nix.nix b/system/common/nix.nix index 0909f5a..322d2ae 100644 --- a/system/common/nix.nix +++ b/system/common/nix.nix @@ -1,8 +1,14 @@ -{ pkgs, lib, config, options, inputs, nixpkgs, ... }: -let - cfg = config.nixfiles.common.nix; -in { + pkgs, + lib, + config, + options, + inputs, + nixpkgs, + ... +}: let + cfg = config.nixfiles.common.nix; +in { options.nixfiles.common.nix = { enable = lib.mkEnableOption "common Nix configuration"; registerNixpkgs = lib.mkOption { @@ -11,7 +17,8 @@ in example = "true"; description = "Whether to register the Nixpkgs revision used by Nixfiles to the system's flake registry and make it tye system's channel"; }; - /* # TODO + /* + # TODO register = lib.mkOption { type = lib.types.bool; default = cfg.enable; @@ -22,8 +29,7 @@ in }; config = lib.mkMerge [ - ( lib.mkIf cfg.registerNixpkgs { - + (lib.mkIf cfg.registerNixpkgs { # this makes modern nix tools use the system's version of nixpkgs nix.registry = { # this keeps nixfiles-assets in the store so i can save some GitHub LFS @@ -58,10 +64,9 @@ in # compatibility becasue once `, vkcube` couldn't find the correct opengl # driver or something (also it reduces the download size of temporary shell # closures) - nix.nixPath = [ "nixpkgs=${nixpkgs}" ] ++ options.nix.nixPath.default; + nix.nixPath = ["nixpkgs=${nixpkgs}"] ++ options.nix.nixPath.default; }) - ( lib.mkIf cfg.enable { - + (lib.mkIf cfg.enable { # direnv is a tool to automatically load shell environments upon entering # a directory. nix-direnv has an extensionn to keep nix shells in the # system's gcroots so shells can be used after a gc without rebuilding. diff --git a/system/common/remote.nix b/system/common/remote.nix index 1d5d612..a970cfd 100644 --- a/system/common/remote.nix +++ b/system/common/remote.nix @@ -1,8 +1,11 @@ -{ config, lib, pkgs, ... }: -let - cfg = config.nixfiles.common.remoteAccess; -in { + config, + lib, + pkgs, + ... +}: let + cfg = config.nixfiles.common.remoteAccess; +in { config = lib.mkIf cfg.enable { # Enable the OpenSSH daemon. # services.openssh.enable = true; @@ -10,7 +13,6 @@ in enable = true; openFirewall = true; settings = { - }; }; @@ -27,5 +29,6 @@ in networking.wireguard.enable = true; }; options = { - nixfiles.common.remoteAccess.enable = lib.mkEnableOption "remote access options" ; }; + nixfiles.common.remoteAccess.enable = lib.mkEnableOption "remote access options"; + }; } diff --git a/system/common/wm.nix b/system/common/wm.nix index f2f2353..93a3db4 100644 --- a/system/common/wm.nix +++ b/system/common/wm.nix @@ -1,9 +1,13 @@ -{ pkgs, lib, config, options, ...}: -let +{ + pkgs, + lib, + config, + options, + ... +}: let inherit (lib) mkDefault mkIf mkEnableOption; cfg = config.nixfiles.common.wm; -in -{ +in { config = mkIf cfg.enable { # Common options for standalone window managers; many of these (or # alternatives thereof) are pulled in by desktop environments. diff --git a/system/default.nix b/system/default.nix index b5abfb5..55e1e82 100644 --- a/system/default.nix +++ b/system/default.nix @@ -1,4 +1,14 @@ -{ pkgs, config, lib, options, nixpkgs, home-manager, inputs, utils, ... }@args: +{ + pkgs, + config, + lib, + options, + nixpkgs, + home-manager, + inputs, + utils, + ... +} @ args: # ^ all these args are yucky and non-portable, replace them with a module # called from the scope of the flake that brings relevant # inputs/outputs/overlays/etc into scope. this might even make nixfiles @@ -6,8 +16,7 @@ let cfg = config.nixfiles; flakeType = cfg.lib.types.flake; -in -{ +in { imports = [ ./common ./hardware @@ -50,7 +59,7 @@ in lib = lib.mkOption { description = "nixfiles library"; - default = (import ../lib/nixfiles) { inherit pkgs; }; + default = (import ../lib/nixfiles) {inherit pkgs;}; readOnly = true; type = lib.types.attrs; }; diff --git a/system/fragments/debugging.nix b/system/fragments/debugging.nix index 0bde8b4..95ba76e 100644 --- a/system/fragments/debugging.nix +++ b/system/fragments/debugging.nix @@ -1,5 +1,9 @@ -{ config, lib, pkgs, ...}: { + config, + lib, + pkgs, + ... +}: { environment = { enableDebugInfo = true; systemPackages = with pkgs; [ diff --git a/system/hardware/binfmt.nix b/system/hardware/binfmt.nix index 64afd3f..eb02aba 100644 --- a/system/hardware/binfmt.nix +++ b/system/hardware/binfmt.nix @@ -1,23 +1,28 @@ -{ pkgs, config, lib, options, ... }: -let - - configForSystem = (system: - let - riscv = [ "riscv32-linux" "riscv64-linux" ]; - arm = [ "armv6l-linux" "armv7l-linux" "aarch64-linux" ]; - x86 = [ "i686-linux" "x86_64-linux" ]; - windows = [ "x86_64-windows" "i686-windows" ]; +{ + pkgs, + config, + lib, + options, + ... +}: let + configForSystem = ( + system: let + riscv = ["riscv32-linux" "riscv64-linux"]; + arm = ["armv6l-linux" "armv7l-linux" "aarch64-linux"]; + x86 = ["i686-linux" "x86_64-linux"]; + windows = ["x86_64-windows" "i686-windows"]; systems = { x86_64-linux = riscv ++ arm; aarch64-linux = riscv; }; in - if (systems ? "${system}") then systems."${system}" else [] + if (systems ? "${system}") + then systems."${system}" + else [] ); emulatedSystems = configForSystem "${pkgs.system}"; cfg = config.nixfiles.binfmt; -in -{ +in { options.nixfiles.binfmt = { enable = lib.mkOption { description = "Whether to configure default binfmt emulated systems for the current architecture"; @@ -29,9 +34,10 @@ in config = let enable = cfg.enable && (builtins.length emulatedSystems) > 0; - in lib.mkMerge [ - (lib.mkIf enable { - boot.binfmt = {inherit emulatedSystems;}; - }) - ]; + in + lib.mkMerge [ + (lib.mkIf enable { + boot.binfmt = {inherit emulatedSystems;}; + }) + ]; } diff --git a/system/hardware/bluetooth.nix b/system/hardware/bluetooth.nix index a6916aa..e9fd79e 100644 --- a/system/hardware/bluetooth.nix +++ b/system/hardware/bluetooth.nix @@ -1,8 +1,11 @@ -{ config, lib, pkgs, ...}: -let - cfg = config.nixfiles.hardware.bluetooth; -in { + config, + lib, + pkgs, + ... +}: let + cfg = config.nixfiles.hardware.bluetooth; +in { options.nixfiles.hardware.bluetooth = { enable = lib.mkEnableOption "Bluetooth"; }; diff --git a/system/hardware/default.nix b/system/hardware/default.nix index 1d1362b..953992e 100644 --- a/system/hardware/default.nix +++ b/system/hardware/default.nix @@ -1,5 +1,4 @@ -{...}: -{ +{...}: { imports = [ ./bluetooth.nix ./nvidia.nix diff --git a/system/hardware/gps.nix b/system/hardware/gps.nix index d12a222..359261c 100644 --- a/system/hardware/gps.nix +++ b/system/hardware/gps.nix @@ -1,8 +1,11 @@ -{ config, lib, pkgs, ... }: -let - cfg = config.nixfiles.hardware.gps; -in { + config, + lib, + pkgs, + ... +}: let + cfg = config.nixfiles.hardware.gps; +in { options = { nixfiles.hardware.gps = { enable = lib.mkEnableOption "GPS configuration"; @@ -28,21 +31,21 @@ in # this could probably be a systemd socket but i don't know how to make those systemd.services.gpsd-nmea-bridge = lib.mkIf cfg.gpsdBridge { - path = with pkgs; [ - gpsd - coreutils - socat - ]; - description = "gpsd to Geoclue2 GPS data bridge"; - before = [ "geoclue.service" ]; - wantedBy = [ "geoclue.service" "multi-user.target" ]; - serviceConfig = { - RuntimeDirectory = "gpsd-nmea"; - ExecStart = pkgs.writeShellScript "gpsd-nmea-bridge" '' - exec socat -U UNIX-LISTEN:''${RUNTIME_DIRECTORY}/nmea.sock,fork,reuseaddr,mode=777 SYSTEM:'gpspipe -Br | stdbuf -oL tail -n+4' - ''; - }; + path = with pkgs; [ + gpsd + coreutils + socat + ]; + description = "gpsd to Geoclue2 GPS data bridge"; + before = ["geoclue.service"]; + wantedBy = ["geoclue.service" "multi-user.target"]; + serviceConfig = { + RuntimeDirectory = "gpsd-nmea"; + ExecStart = pkgs.writeShellScript "gpsd-nmea-bridge" '' + exec socat -U UNIX-LISTEN:''${RUNTIME_DIRECTORY}/nmea.sock,fork,reuseaddr,mode=777 SYSTEM:'gpspipe -Br | stdbuf -oL tail -n+4' + ''; }; + }; services.gpsd.enable = lib.mkIf cfg.gpsdBridge true; }; } diff --git a/system/hardware/nvidia.nix b/system/hardware/nvidia.nix index eb05722..b590492 100644 --- a/system/hardware/nvidia.nix +++ b/system/hardware/nvidia.nix @@ -1,7 +1,11 @@ -{ config, lib, pkgs, ...}: -let +{ + config, + lib, + pkgs, + ... +}: let cfg = config.nixfiles.hardware.nvidia; - + rcu_patch = pkgs.fetchpatch { url = "https://github.com/gentoo/gentoo/raw/c64caf53/x11-drivers/nvidia-drivers/files/nvidia-drivers-470.223.02-gpl-pfn_valid.patch"; hash = "sha256-eZiQQp2S/asE7MfGvfe6dA/kdCvek9SYa/FFGp24dVg="; @@ -11,8 +15,8 @@ let version = "555.42.02"; sha256_64bit = "sha256-k7cI3ZDlKp4mT46jMkLaIrc2YUx1lh1wj/J4SVSHWyk="; sha256_aarch64 = lib.fakeSha256; - openSha256 = "sha256-rtDxQjClJ+gyrCLvdZlT56YyHQ4sbaL+d5tL4L4VfkA="; - settingsSha256 = "sha256-rtDxQjClJ+gyrCLvdZlT56YyHQ4sbaL+d5tL4L4VfkA="; + openSha256 = "sha256-rtDxQjClJ+gyrCLvdZlT56YyHQ4sbaL+d5tL4L4VfkA="; + settingsSha256 = "sha256-rtDxQjClJ+gyrCLvdZlT56YyHQ4sbaL+d5tL4L4VfkA="; persistencedSha256 = lib.fakeSha256; }; @@ -24,10 +28,9 @@ let settingsSha256 = "sha256-9wqoDEWY4I7weWW05F4igj1Gj9wjHsREFMztfEmqm10="; persistencedSha256 = "sha256-d0Q3Lk80JqkS1B54Mahu2yY/WocOqFFbZVBh+ToGhaE="; - patches = [ rcu_patch ]; + patches = [rcu_patch]; }; -in -{ +in { # imports = [ # ../opengl.nix # ]; @@ -41,10 +44,9 @@ in nixfiles.hardware.opengl.enable = true; - boot.kernelParams = [ "nvidia-drm.fbdev=1" ]; + boot.kernelParams = ["nvidia-drm.fbdev=1"]; hardware.nvidia = { - # Modesetting is required. modesetting.enable = lib.mkDefault true; @@ -56,9 +58,9 @@ in # Use the NVidia open source kernel module (not to be confused with the # independent third-party "nouveau" open source driver). - # Support is limited to the Turing and later architectures. Full list of - # supported GPUs is at: - # https://github.com/NVIDIA/open-gpu-kernel-modules#compatible-gpus + # Support is limited to the Turing and later architectures. Full list of + # supported GPUs is at: + # https://github.com/NVIDIA/open-gpu-kernel-modules#compatible-gpus # Only available from driver 515.43.04+ # Currently alpha-quality/buggy, so false is currently the recommended setting. open = lib.mkDefault (!(lib.versionOlder config.hardware.nvidia.package.version "560")); @@ -71,7 +73,8 @@ in # Optionally, you may need to select the appropriate driver version for your specific GPU. package = let inherit (config.boot.kernelPackages.nvidiaPackages) production stable latest beta; - in lib.mkDefault latest; + in + lib.mkDefault latest; }; }; } diff --git a/system/hardware/opengl.nix b/system/hardware/opengl.nix index 5e68857..4bea7b5 100644 --- a/system/hardware/opengl.nix +++ b/system/hardware/opengl.nix @@ -1,24 +1,31 @@ -{ config, lib, pkgs, ...}: -let - cfg = config.nixfiles.hardware.opengl; -in { + config, + lib, + pkgs, + ... +}: let + cfg = config.nixfiles.hardware.opengl; +in { options.nixfiles.hardware.opengl.enable = lib.mkEnableOption "OpenGL configuration"; config = lib.mkIf cfg.enable { environment.systemPackages = let offload-enabled = config.hardware.nvidia.prime.offload.enableOffloadCmd; glxinfo = lib.getExe' pkgs.glxinfo "glxinfo"; auto-offload = pkgs.writeShellScriptBin "auto-offload" ( - (if offload-enabled then '' - if nvidia-offload ${glxinfo} > /dev/null 2>&1 ; then - exec nvidia-offload "$@" - fi - '' else "") - + - '' - exec "$@" - ''); - in [ auto-offload ]; + ( + if offload-enabled + then '' + if nvidia-offload ${glxinfo} > /dev/null 2>&1 ; then + exec nvidia-offload "$@" + fi + '' + else "" + ) + + '' + exec "$@" + '' + ); + in [auto-offload]; # Enable OpenGL hardware.graphics = { enable = true; diff --git a/system/hardware/sound.nix b/system/hardware/sound.nix index ddbf648..659c8dc 100644 --- a/system/hardware/sound.nix +++ b/system/hardware/sound.nix @@ -1,9 +1,13 @@ -{ config, lib, pkgs, inputs, ...}: -let +{ + config, + lib, + pkgs, + inputs, + ... +}: let cfg = config.nixfiles.hardware.sound; inherit (lib) optionals mkEnableOption mkIf mkDefault; -in -{ +in { # Enable sound. # sound.enable = true; # hardware.pulseaudio.enable = true; @@ -18,39 +22,42 @@ in }; }; - config = lib.mkMerge [(mkIf cfg.enable { - security.rtkit.enable = mkDefault true; - services.pipewire = { - enable = true; - alsa.enable = mkDefault true; - alsa.support32Bit = mkDefault config.services.pipewire.alsa.enable; - pulse.enable = mkDefault true; - jack.enable = mkDefault true; - extraConfig.pipewire = { - # this should fix the extreme audio crackling in WINE - # note: this increases audio latency to 960/48000 (20ms) - "10-clock-config" = { - "context.properties" = { - "default.clock.min-quantum" = 960; + config = lib.mkMerge [ + (mkIf cfg.enable { + security.rtkit.enable = mkDefault true; + services.pipewire = { + enable = true; + alsa.enable = mkDefault true; + alsa.support32Bit = mkDefault config.services.pipewire.alsa.enable; + pulse.enable = mkDefault true; + jack.enable = mkDefault true; + extraConfig.pipewire = { + # this should fix the extreme audio crackling in WINE + # note: this increases audio latency to 960/48000 (20ms) + "10-clock-config" = { + "context.properties" = { + "default.clock.min-quantum" = 960; + }; }; }; }; - }; - environment.systemPackages = with pkgs; [ - qpwgraph - easyeffects - ] ++ optionals config.services.pipewire.pulse.enable [ - pavucontrol - ncpamixer - pulsemixer - ]; - }) - ({ - # use alsa-ucm-conf from unstable (fixes Scarlett Solo channels) - nixpkgs.overlays = lib.optional cfg.useUnstableUcmConf (final: prev: { - inherit (inputs.nixpkgs-unstable.legacyPackages.${pkgs.system}) alsa-ucm-conf; - }); - }) + environment.systemPackages = with pkgs; + [ + qpwgraph + easyeffects + ] + ++ optionals config.services.pipewire.pulse.enable [ + pavucontrol + ncpamixer + pulsemixer + ]; + }) + { + # use alsa-ucm-conf from unstable (fixes Scarlett Solo channels) + nixpkgs.overlays = lib.optional cfg.useUnstableUcmConf (final: prev: { + inherit (inputs.nixpkgs-unstable.legacyPackages.${pkgs.system}) alsa-ucm-conf; + }); + } ]; } diff --git a/system/minecraft.nix b/system/minecraft.nix index 8c3ce28..dd51793 100644 --- a/system/minecraft.nix +++ b/system/minecraft.nix @@ -1,10 +1,19 @@ -{ config, lib, pkgs, inputs, ... }: { + config, + lib, + pkgs, + inputs, + ... +}: { imports = [ inputs.nix-minecraft.nixosModules.minecraft-servers ]; options.services.minecraft-servers.servers = let - serverModule = { name, config, ... }: { + serverModule = { + name, + config, + ... + }: { options = { useRecommendedDefaults = lib.mkOption { type = lib.types.bool; @@ -21,13 +30,13 @@ modpackFiles = lib.mkOption { description = "List of files from modpack to copy into server directory"; type = with lib.types; listOf str; - default = [ ]; + default = []; }; modpackSymlinks = lib.mkOption { description = "List of files from modpack to symlink into server directory"; type = with lib.types; listOf str; - default = [ ]; + default = []; }; }; @@ -37,8 +46,8 @@ jvmOpts = "-Dlog4j2.formatMsgNoLookups=true"; whitelist = lib.mkDefault { - NullBite = "e24e8e0e-7540-4126-b737-90043155bcd4"; - Silveere = "468554f1-27cd-4ea1-9308-3dd14a9b1a12"; + NullBite = "e24e8e0e-7540-4126-b737-90043155bcd4"; + Silveere = "468554f1-27cd-4ea1-9308-3dd14a9b1a12"; YzumThreeEye = "3dad78e8-6979-404f-820e-952ce20964a0"; }; @@ -75,18 +84,26 @@ inherit (config) modpack; mcVersion = modpack.manifest.versions.minecraft; - fixedVersion = lib.replaceStrings [ "." ] [ "_" ] mcVersion; + fixedVersion = lib.replaceStrings ["."] ["_"] mcVersion; quiltVersion = modpack.manifest.versions.quilt or null; fabricVersion = modpack.manifest.versions.fabric or null; - loader = if (!(builtins.isNull quiltVersion)) then "quilt" else "fabric"; - loaderVersion = if loader == "quilt" then quiltVersion else fabricVersion; + loader = + if (!(builtins.isNull quiltVersion)) + then "quilt" + else "fabric"; + loaderVersion = + if loader == "quilt" + then quiltVersion + else fabricVersion; - serverPackage = pkgs.minecraftServers."${loader}-${fixedVersion}".override { inherit loaderVersion; }; - in lib.mkDefault serverPackage; + serverPackage = pkgs.minecraftServers."${loader}-${fixedVersion}".override {inherit loaderVersion;}; + in + lib.mkDefault serverPackage; }) ]; }; - in lib.mkOption { - type = with lib.types; attrsOf (submodule serverModule); - }; + in + lib.mkOption { + type = with lib.types; attrsOf (submodule serverModule); + }; } diff --git a/system/mitigations.nix b/system/mitigations.nix index d21e53d..3d57e4d 100644 --- a/system/mitigations.nix +++ b/system/mitigations.nix @@ -1,5 +1,11 @@ -{ pkgs, config, lib, inputs, nixpkgs, ... }: -let +{ + pkgs, + config, + lib, + inputs, + nixpkgs, + ... +}: let p5 = config.services.xserver.desktopManager.plasma5.enable; p6 = config.services.desktopManager.plasma6.enable; @@ -7,8 +13,11 @@ let # kernel update newKernelPackages = let - pkgs-new = import inputs.nixpkgs-unstable { inherit (pkgs) system; config.allowUnfree = true; }; - in pkgs-new.linuxPackages_latest; -in -{ + pkgs-new = import inputs.nixpkgs-unstable { + inherit (pkgs) system; + config.allowUnfree = true; + }; + in + pkgs-new.linuxPackages_latest; +in { } diff --git a/system/package-sets/default.nix b/system/package-sets/default.nix index 0f14b91..2bd380b 100644 --- a/system/package-sets/default.nix +++ b/system/package-sets/default.nix @@ -1,5 +1,4 @@ -{...}: -{ +{...}: { imports = [ ./gaming.nix ./multimedia.nix diff --git a/system/package-sets/fun.nix b/system/package-sets/fun.nix index c8d2ae1..bb0b1ee 100644 --- a/system/package-sets/fun.nix +++ b/system/package-sets/fun.nix @@ -1,28 +1,33 @@ -{ pkgs, config, lib, ...}: -let - cfg = config.nixfiles.packageSets.fun; -in { - + pkgs, + config, + lib, + ... +}: let + cfg = config.nixfiles.packageSets.fun; +in { options.nixfiles.packageSets.fun = { enable = lib.mkEnableOption "fun package set"; }; config = lib.mkIf cfg.enable { - environment.systemPackages = with pkgs; [ - cowsay - uwufetch - fortune - pipes - hollywood - sl - figlet - aalib - asciiquarium - ] ++ lib.optionals config.services.xserver.enable [ - oneko - ] ++ lib.optionals config.services.pipewire.enable [ - bucklespring-libinput - espeak - ]; + environment.systemPackages = with pkgs; + [ + cowsay + uwufetch + fortune + pipes + hollywood + sl + figlet + aalib + asciiquarium + ] + ++ lib.optionals config.services.xserver.enable [ + oneko + ] + ++ lib.optionals config.services.pipewire.enable [ + bucklespring-libinput + espeak + ]; }; } diff --git a/system/package-sets/multimedia.nix b/system/package-sets/multimedia.nix index 396b8e3..d82dba9 100644 --- a/system/package-sets/multimedia.nix +++ b/system/package-sets/multimedia.nix @@ -1,28 +1,33 @@ -{ config, lib, pkgs, ...}: -let +{ + config, + lib, + pkgs, + ... +}: let cfg = config.nixfiles.packageSets.multimedia; inherit (lib) optional optionals mkEnableOption mkIf; - nvidiaEnabled = (lib.elem "nvidia" config.services.xserver.videoDrivers); -in -{ + nvidiaEnabled = lib.elem "nvidia" config.services.xserver.videoDrivers; +in { options.nixfiles.packageSets.multimedia = { enable = mkEnableOption "multimedia packages"; }; config = mkIf cfg.enable { - environment.systemPackages = with pkgs; optionals config.services.xserver.enable [ - mpv - gimp - krita - inkscape - obs-studio - ] ++ [ - gallery-dl - yt-dlp - imagemagick - pngquant - gifski - ffmpeg - ]; + environment.systemPackages = with pkgs; + optionals config.services.xserver.enable [ + mpv + gimp + krita + inkscape + obs-studio + ] + ++ [ + gallery-dl + yt-dlp + imagemagick + pngquant + gifski + ffmpeg + ]; # needed for NVENC to work in OBS Studio and FFmpeg boot.kernelModules = optional nvidiaEnabled "nvidia_uvm"; diff --git a/system/profile/base.nix b/system/profile/base.nix index e582566..b7c8cfc 100644 --- a/system/profile/base.nix +++ b/system/profile/base.nix @@ -1,16 +1,21 @@ -{ config, lib, pkgs, options, inputs, outputs, ...}@args: -let - cfg = config.nixfiles.profile.base; -in { + config, + lib, + pkgs, + options, + inputs, + outputs, + ... +} @ args: let + cfg = config.nixfiles.profile.base; +in { options.nixfiles.profile.base = { enable = lib.mkEnableOption "base config"; }; - # TODO was gonna add something but i forgor and now i'm too lazy - # to delete this + # TODO was gonna add something but i forgor and now i'm too lazy + # to delete this config = lib.mkMerge [ (lib.mkIf cfg.enable { - nixfiles.common = { # Enable my account me.enable = lib.mkDefault true; @@ -30,7 +35,7 @@ in }; # Enable flakes - nix.settings.experimental-features = ["nix-command" "flakes" ]; + nix.settings.experimental-features = ["nix-command" "flakes"]; # Allow unfree packages nixpkgs.config.allowUnfree = true; @@ -124,7 +129,7 @@ in ]; # Needed for Kvantum themes to be detected - environment.pathsToLink = [ "/share/Kvantum" ]; + environment.pathsToLink = ["/share/Kvantum"]; # allow for more interactive authentication security.polkit.enable = lib.mkDefault true; diff --git a/system/profile/default.nix b/system/profile/default.nix index 8c12dce..d893208 100644 --- a/system/profile/default.nix +++ b/system/profile/default.nix @@ -1,5 +1,4 @@ -{...}: -{ +{...}: { imports = [ ./base.nix ./pc.nix diff --git a/system/profile/pc.nix b/system/profile/pc.nix index dba0898..ea5362a 100644 --- a/system/profile/pc.nix +++ b/system/profile/pc.nix @@ -1,16 +1,21 @@ -{ pkgs, config, lib, ... }: -let +{ + pkgs, + config, + lib, + ... +}: let cfg = config.nixfiles.profile.pc; inherit (lib) mkDefault; -in -{ - options.nixfiles.profile.pc.enable = lib.mkEnableOption "minimal PC profile" // { - description = '' - Whether to enable the minimal PC profile. This profile configures basic - system configuration for physical PCs, such as enabling sound and - Bluetooth support. - ''; - }; +in { + options.nixfiles.profile.pc.enable = + lib.mkEnableOption "minimal PC profile" + // { + description = '' + Whether to enable the minimal PC profile. This profile configures basic + system configuration for physical PCs, such as enabling sound and + Bluetooth support. + ''; + }; config = lib.mkIf cfg.enable { nixfiles.profile.base.enable = lib.mkDefault true; @@ -20,7 +25,7 @@ in # Pick only one of the below networking options. # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. # FIXME find somewhere else to put this - networking.networkmanager.enable = lib.mkDefault true; # Easiest to use and most distros use this by default. + networking.networkmanager.enable = lib.mkDefault true; # Easiest to use and most distros use this by default. # contains icons for bootnext desktop entries (the Windows icon); there's # probably no reason to *not* include this. diff --git a/system/profile/server.nix b/system/profile/server.nix index 1b2fcab..a974cb5 100644 --- a/system/profile/server.nix +++ b/system/profile/server.nix @@ -1,10 +1,12 @@ -{ config, lib, ... }: -let +{ + config, + lib, + ... +}: let cfg = config.nixfiles.profile.server; inherit (lib) mkEnableOption mkDefault; inherit (lib.types) bool int str; -in -{ +in { options.nixfiles.profile.server.enable = mkEnableOption "server profile"; config = lib.mkIf cfg.enable { diff --git a/system/profile/workstation.nix b/system/profile/workstation.nix index d0a68a4..acbfb30 100644 --- a/system/profile/workstation.nix +++ b/system/profile/workstation.nix @@ -1,17 +1,21 @@ -{ pkgs, config, lib, ... }: -let +{ + pkgs, + config, + lib, + ... +}: let cfg = config.nixfiles.profile.workstation; inherit (lib) mkDefault; -in -{ - options.nixfiles.profile.workstation.enable = lib.mkEnableOption "workstation (featureful PC) profile" // - { - description = '' - Whether to enable the workstation (featureful PC) profile. This profile - enables the base PC profile, as well as installs and configures various - other programs for a more complete computing experience. - ''; - }; +in { + options.nixfiles.profile.workstation.enable = + lib.mkEnableOption "workstation (featureful PC) profile" + // { + description = '' + Whether to enable the workstation (featureful PC) profile. This profile + enables the base PC profile, as well as installs and configures various + other programs for a more complete computing experience. + ''; + }; config = lib.mkIf cfg.enable { nixfiles.profile.pc.enable = lib.mkDefault true; nixfiles.packageSets.multimedia.enable = lib.mkDefault true; @@ -37,7 +41,7 @@ in nerd-fonts.fira-code font-awesome noto-fonts-cjk-sans - (google-fonts.override { fonts = [ "NovaSquare" ];}) + (google-fonts.override {fonts = ["NovaSquare"];}) ]; # TODO this should be defined in home-manager or not at all probably diff --git a/system/programs/android.nix b/system/programs/android.nix index 77bdf7c..bc8dc4e 100644 --- a/system/programs/android.nix +++ b/system/programs/android.nix @@ -1,14 +1,19 @@ -{ config, lib, pkgs, outputs, vars, ...}@args: -let - cfg = config.nixfiles.programs.adb; -in { + config, + lib, + pkgs, + outputs, + vars, + ... +} @ args: let + cfg = config.nixfiles.programs.adb; +in { options.nixfiles.programs.adb = { enable = lib.mkEnableOption "adb configuration"; }; config = lib.mkIf cfg.enable { programs.adb.enable = true; - users.users.${vars.username}.extraGroups = [ "adbusers" ]; + users.users.${vars.username}.extraGroups = ["adbusers"]; }; } diff --git a/system/programs/default.nix b/system/programs/default.nix index 43b619b..4442152 100644 --- a/system/programs/default.nix +++ b/system/programs/default.nix @@ -1,5 +1,4 @@ -{...}: -{ +{...}: { imports = [ ./syncthing.nix ./android.nix diff --git a/system/programs/greetd.nix b/system/programs/greetd.nix index e68bef4..a0a0d2f 100644 --- a/system/programs/greetd.nix +++ b/system/programs/greetd.nix @@ -1,5 +1,10 @@ -{ pkgs, config, lib, options, ... }: -let +{ + pkgs, + config, + lib, + options, + ... +}: let cfg = config.nixfiles.programs.greetd; inherit (lib) types optional optionals escapeShellArg escapeShellArgs; inherit (types) bool enum nullOr str path listOf; @@ -10,17 +15,17 @@ let xsessions = "${sessions}/share/xsessions"; wayland-sessions = "${sessions}/share/wayland-sessions"; - loginwrap=pkgs.writeShellScriptBin "loginwrap" '' + loginwrap = pkgs.writeShellScriptBin "loginwrap" '' exec "$SHELL" -lc 'exec "$@"' "login-wrapper" "$@" ''; - mkPresetOption = x: lib.mkOption { - description = "${x} greetd configuration"; - type = bool; - default = false; - }; -in -{ + mkPresetOption = x: + lib.mkOption { + description = "${x} greetd configuration"; + type = bool; + default = false; + }; +in { config = lib.mkIf cfg.enable { assertions = lib.optionals cfg.settings.autologin [ { @@ -33,7 +38,7 @@ in } ]; - environment.systemPackages = [ loginwrap ]; + environment.systemPackages = [loginwrap]; services.greetd = { enable = true; settings = { @@ -43,23 +48,28 @@ in }; default_session = lib.mkMerge [ - # tuigreet configuration (lib.mkIf cfg.presets.tuigreet.enable { command = let st = cfg.settings; - args = [ "${pkgs.greetd.tuigreet}/bin/tuigreet" "--asterisks" "--remember" "--remember-session" - "--sessions" "${xsessions}:${wayland-sessions}" - ] - ++ optionalsSet st.greeting [ "--greeting" st.greeting ] - ++ optional st.time "--time" - ++ optionalsSet st.command [ "--cmd" st.finalCommand ] + args = + [ + "${pkgs.greetd.tuigreet}/bin/tuigreet" + "--asterisks" + "--remember" + "--remember-session" + "--sessions" + "${xsessions}:${wayland-sessions}" + ] + ++ optionalsSet st.greeting ["--greeting" st.greeting] + ++ optional st.time "--time" + ++ optionalsSet st.command ["--cmd" st.finalCommand] # i think tuigreet might be outdated on nix. disable this because it's not a valid option # ++ optionalsSet st.loginShell [ "--session-wrapper" "loginwrap" ] ; - in lib.escapeShellArgs args; + in + lib.escapeShellArgs args; }) - ]; }; }; @@ -74,15 +84,16 @@ in exec ${escapeShellArg (lib.getExe pkgs.greetd.regreet)} "$@" ''; - in lib.mkIf cfg.presets.regreet.enable { - enable = lib.mkDefault true; - package = wrapperPackage; - settings = { - background.path = cfg.settings.wallpaper; - fit = lib.mkDefault "Fill"; - appearance.greeting_msg = cfg.settings.greeting; + in + lib.mkIf cfg.presets.regreet.enable { + enable = lib.mkDefault true; + package = wrapperPackage; + settings = { + background.path = cfg.settings.wallpaper; + fit = lib.mkDefault "Fill"; + appearance.greeting_msg = cfg.settings.greeting; + }; }; - }; security.pam.services.greetd = { kwallet = lib.mkIf config.services.desktopManager.plasma6.enable { @@ -91,21 +102,20 @@ in }; }; - systemd.tmpfiles.settings."10-regreet" = - let - defaultConfig = { - user = "greeter"; - group = config.users.users.${config.services.greetd.settings.default_session.user}.group; - mode = "0755"; - }; - in lib.mkIf config.programs.regreet.enable + systemd.tmpfiles.settings."10-regreet" = let + defaultConfig = { + user = "greeter"; + group = config.users.users.${config.services.greetd.settings.default_session.user}.group; + mode = "0755"; + }; + in + lib.mkIf config.programs.regreet.enable { "/var/log/regreet".d = defaultConfig; "/var/cache/regreet".d = defaultConfig; "/var/lib/regreet".d = defaultConfig; }; - # self config nixfiles.programs.greetd = { presets.${cfg.preset}.enable = true; @@ -137,17 +147,27 @@ in default = let st = cfg.settings; prevcmd = st.command; - command-login-wrapped = [ "loginwrap" ] ++ prevcmd; - cmd = if (builtins.isNull prevcmd) then null else - (if st.loginShell then command-login-wrapped else prevcmd); - in if builtins.isNull cmd then null else lib.escapeShellArgs cmd; + command-login-wrapped = ["loginwrap"] ++ prevcmd; + cmd = + if (builtins.isNull prevcmd) + then null + else + ( + if st.loginShell + then command-login-wrapped + else prevcmd + ); + in + if builtins.isNull cmd + then null + else lib.escapeShellArgs cmd; readOnly = true; }; command = lib.mkOption { description = "Command to run following successful authentication"; type = nullOr (listOf str); default = null; - example = [ "Hyprland" ]; + example = ["Hyprland"]; }; graphicalInit = lib.mkOption { @@ -160,7 +180,7 @@ in description = "Options to pass to wlr-randr"; type = nullOr (listOf str); default = null; - example = [ "--output" "HDMI-A-3" "--off" ]; + example = ["--output" "HDMI-A-3" "--off"]; }; loginShell = lib.mkOption { diff --git a/system/programs/syncthing.nix b/system/programs/syncthing.nix index a1d4c8e..6df4b40 100644 --- a/system/programs/syncthing.nix +++ b/system/programs/syncthing.nix @@ -1,9 +1,12 @@ -{ config, lib, pkgs, ...}: -let +{ + config, + lib, + pkgs, + ... +}: let inherit (lib) mkEnableOption mkIf; cfg = config.nixfiles.programs.syncthing; -in -{ +in { options.nixfiles.programs.syncthing = { enable = mkEnableOption "Syncthing configuration"; }; @@ -16,7 +19,8 @@ in dataDir = let user = config.services.syncthing.user; dir = config.users.users.${user}.home; - in lib.mkDefault dir; + in + lib.mkDefault dir; }; }; } diff --git a/system/programs/unbound.nix b/system/programs/unbound.nix index cb9b171..8bef0a1 100644 --- a/system/programs/unbound.nix +++ b/system/programs/unbound.nix @@ -1,8 +1,11 @@ -{ pkgs, lib, config, ... }: -let - cfg = config.nixfiles.programs.unbound; -in { + pkgs, + lib, + config, + ... +}: let + cfg = config.nixfiles.programs.unbound; +in { options.nixfiles.programs.unbound = { enable = lib.mkEnableOption "unbound DNS server configuration"; }; diff --git a/system/sessions/default.nix b/system/sessions/default.nix index 217f300..e3b957b 100644 --- a/system/sessions/default.nix +++ b/system/sessions/default.nix @@ -1,12 +1,15 @@ -{ config, lib, options, ... }: -let +{ + config, + lib, + options, + ... +}: let inherit (lib) types; cfg = config.nixfiles.session; -in -{ +in { imports = [ - ./hyprland.nix - ./plasma.nix + ./hyprland.nix + ./plasma.nix ]; options.nixfiles.session = lib.mkOption { diff --git a/system/sessions/hyprland.nix b/system/sessions/hyprland.nix index 389397a..2d59ff7 100644 --- a/system/sessions/hyprland.nix +++ b/system/sessions/hyprland.nix @@ -1,12 +1,16 @@ -{ lib, pkgs, config, inputs, ... }: -let +{ + lib, + pkgs, + config, + inputs, + ... +}: let cfg = config.nixfiles.sessions.hyprland; flake-package = inputs.hyprland.packages.${pkgs.system}.hyprland; flake-portal = inputs.hyprland.packages.${pkgs.system}.xdg-desktop-portal-hyprland; - nvidiaEnabled = (lib.elem "nvidia" config.services.xserver.videoDrivers); -in -{ + nvidiaEnabled = lib.elem "nvidia" config.services.xserver.videoDrivers; +in { # imports = [ # ./desktop-common.nix # # FIXME make this into an option @@ -36,7 +40,7 @@ in nixfiles.programs.greetd = { enable = true; settings = { - command = [ "${config.programs.hyprland.package}/bin/Hyprland" ]; + command = ["${config.programs.hyprland.package}/bin/Hyprland"]; }; }; @@ -56,10 +60,11 @@ in hyprlandMesa = hyprland-pkgs.mesa.drivers; hyprlandMesa32 = hyprland-pkgs.pkgsi686Linux.mesa.drivers; useHyprlandMesa = cfg.useFlake && (config.nixfiles.nixpkgs == inputs.nixpkgs); - in lib.mkIf useHyprlandMesa { - package = hyprlandMesa; - package32 = hyprlandMesa32; - }; + in + lib.mkIf useHyprlandMesa { + package = hyprlandMesa; + package32 = hyprlandMesa32; + }; environment.variables = lib.mkMerge [ { diff --git a/system/sessions/plasma.nix b/system/sessions/plasma.nix index ff47a7f..3861ce8 100644 --- a/system/sessions/plasma.nix +++ b/system/sessions/plasma.nix @@ -1,11 +1,14 @@ -{ config, lib, pkgs, ...}: -let +{ + config, + lib, + pkgs, + ... +}: let sleep = "${pkgs.coreutils}/bin/sleep"; systemctl = "${pkgs.systemd}/bin/systemctl"; inherit (lib) mkIf mkEnableOption mkForce mkDefault; cfg = config.nixfiles.sessions.plasma; -in -{ +in { # imports = [ # ./desktop-common.nix # ]; @@ -16,7 +19,7 @@ in config = mkIf cfg.enable { nixfiles.programs.greetd.enable = lib.mkDefault true; - nixfiles.programs.greetd.settings.command = lib.mkDefault [ "${pkgs.kdePackages.plasma-workspace}/libexec/plasma-dbus-run-session-if-needed" "startplasma-wayland" ]; + nixfiles.programs.greetd.settings.command = lib.mkDefault ["${pkgs.kdePackages.plasma-workspace}/libexec/plasma-dbus-run-session-if-needed" "startplasma-wayland"]; services.xserver.enable = true; services.desktopManager.plasma6.enable = true; @@ -31,9 +34,9 @@ in services.restart-xdg-desktop-portal-kde = { enable = true; description = "hack to fix xdg-desktop-portal on kde"; - wantedBy = [ "graphical-session.target" ]; - after = [ "plasma-core.target" "xdg-desktop-portal.service" ]; - requisite = [ "plasma-core.target" ]; + wantedBy = ["graphical-session.target"]; + after = ["plasma-core.target" "xdg-desktop-portal.service"]; + requisite = ["plasma-core.target"]; serviceConfig = { ExecStart = [ diff --git a/system/stylix.nix b/system/stylix.nix index 2647950..5785b61 100644 --- a/system/stylix.nix +++ b/system/stylix.nix @@ -1,6 +1,11 @@ -{ pkgs, config, lib, inputs, ... }@args: { - imports = [ inputs.stylix.nixosModules.stylix ]; + pkgs, + config, + lib, + inputs, + ... +} @ args: { + imports = [inputs.stylix.nixosModules.stylix]; config = { # stylix defaults (this is an external module so i don't mind setting sane defaults right here). diff --git a/system/testing/default.nix b/system/testing/default.nix index 91ee7be..e4278bd 100644 --- a/system/testing/default.nix +++ b/system/testing/default.nix @@ -1,5 +1,4 @@ -{...}: -{ +{...}: { imports = [ ./mutability.nix ]; diff --git a/system/testing/mutability.nix b/system/testing/mutability.nix index 865c865..1a66234 100644 --- a/system/testing/mutability.nix +++ b/system/testing/mutability.nix @@ -1,5 +1,9 @@ -{ lib, pkgs, config, ... }: -let +{ + lib, + pkgs, + config, + ... +}: let cfg = config.nixfiles.testing.mutability; file = pkgs.writeTextFile { name = "test"; @@ -7,8 +11,7 @@ let meow! ''; }; -in -{ +in { options.nixfiles.testing.mutability = { enable = lib.mkEnableOption "mutability test"; }; diff --git a/users/deck/home.nix b/users/deck/home.nix index 97f2823..d0de2ae 100644 --- a/users/deck/home.nix +++ b/users/deck/home.nix @@ -1,26 +1,30 @@ -{ pkgs, config, lib, ... }: { + pkgs, + config, + lib, + ... +}: { config = { home.packages = [ - (pkgs.writeShellScriptBin "hmup" '' - unset LD_PRELOAD LD_LIBRARY_PATH - - konsole -e bash -c "nix flake metadata --refresh github:Silveere/nixfiles; nh home switch github:Silveere/nixfiles" - '') - ( - pkgs.runCommand "deckwrap" {} '' - mkdir -p $out/bin/ - cat << 'EOF' > $out/bin/deckwrap - #!/bin/sh - #this shebang is a constant between nixos and non-nixos that can be - #used to unset the two things below so we can get to the real command + (pkgs.writeShellScriptBin "hmup" '' unset LD_PRELOAD LD_LIBRARY_PATH - exec "$@" - EOF - chmod +x $out/bin/deckwrap - '' - ) + konsole -e bash -c "nix flake metadata --refresh github:Silveere/nixfiles; nh home switch github:Silveere/nixfiles" + '') + ( + pkgs.runCommand "deckwrap" {} '' + mkdir -p $out/bin/ + cat << 'EOF' > $out/bin/deckwrap + #!/bin/sh + #this shebang is a constant between nixos and non-nixos that can be + #used to unset the two things below so we can get to the real command + unset LD_PRELOAD LD_LIBRARY_PATH + + exec "$@" + EOF + chmod +x $out/bin/deckwrap + '' + ) ]; programs.keychain.enable = false; nixfiles.packageSets.gaming.enable = true; diff --git a/users/nix-on-droid/home.nix b/users/nix-on-droid/home.nix index b4eecd4..e9a2d92 100644 --- a/users/nix-on-droid/home.nix +++ b/users/nix-on-droid/home.nix @@ -1,5 +1,9 @@ -{ pkgs, config, lib, ... }: { + pkgs, + config, + lib, + ... +}: { home.packages = with pkgs; [ ncurses ]; diff --git a/users/testuser/home.nix b/users/testuser/home.nix index e8c4361..7ec1dd0 100644 --- a/users/testuser/home.nix +++ b/users/testuser/home.nix @@ -1,5 +1,9 @@ -{ pkgs, config, lib, ... }: { + pkgs, + config, + lib, + ... +}: { config = { programs.bash.enable = true; };