From 9de84971135e1176418eb6c04a3aee05ab4f319f Mon Sep 17 00:00:00 2001 From: Ivan Bushchik Date: Wed, 6 Sep 2023 16:10:11 +0300 Subject: [PATCH] Call nixfmt for the first time Signed-off-by: Ivan Bushchik --- common/default.nix | 2 +- common/git.nix | 9 ++-- common/laptop.nix | 7 +-- common/locale.nix | 4 +- common/networking.nix | 9 ++-- common/remote-access.nix | 8 ++-- common/stateless.nix | 2 +- common/user.nix | 11 ++--- default.nix | 7 +-- flake.nix | 77 +++++++++++++++----------------- hardware/rpi4.nix | 5 ++- machines/celerrime/default.nix | 17 +++---- machines/celerrime/hardware.nix | 32 +++++++------ machines/example/default.nix | 4 +- machines/rubusidaeus/default.nix | 9 +--- machines/stella/default.nix | 13 ++---- machines/stella/hardware.nix | 36 +++++++-------- machines/vetus/default.nix | 15 +++---- machines/vetus/hardware.nix | 30 +++++++------ pkgs/ivabus-dev.nix | 2 +- roles/default.nix | 2 +- roles/design.nix | 12 ++--- roles/devel.nix | 41 ++++++++++------- roles/gaming.nix | 43 +++++++++--------- roles/graphical.nix | 6 +-- roles/latex.nix | 18 ++++---- roles/media-client.nix | 15 +++---- roles/ntp-server.nix | 9 ++-- roles/server/ivabus-dev.nix | 11 +++-- roles/server/nginx.nix | 11 +++-- roles/torrent.nix | 13 +++--- roles/virtualisation.nix | 13 +++--- roles/yggdrasil-client.nix | 8 ++-- secrets.nix | 14 +++--- shells/crossShell.nix | 23 +++------- 35 files changed, 239 insertions(+), 299 deletions(-) diff --git a/common/default.nix b/common/default.nix index 28ddaa4..722056a 100644 --- a/common/default.nix +++ b/common/default.nix @@ -10,4 +10,4 @@ ./stateless.nix ./user.nix ]; -} \ No newline at end of file +} diff --git a/common/git.nix b/common/git.nix index a40fef2..bd61d4d 100644 --- a/common/git.nix +++ b/common/git.nix @@ -1,11 +1,8 @@ { config, pkgs, lib, ... }: -let - cfg = config.my.git; +let cfg = config.my.git; in { - options = { - my.git.enable = lib.mkEnableOption "Enable git configuration"; - }; + options = { my.git.enable = lib.mkEnableOption "Enable git configuration"; }; config = lib.mkIf (cfg.enable) { home-manager.useGlobalPkgs = true; @@ -22,4 +19,4 @@ in { home.stateVersion = "23.05"; }; }; -} \ No newline at end of file +} diff --git a/common/laptop.nix b/common/laptop.nix index bc68a54..d3e369e 100644 --- a/common/laptop.nix +++ b/common/laptop.nix @@ -1,7 +1,6 @@ { config, pkgs, lib, ... }: -let - cfg = config.my.laptop; +let cfg = config.my.laptop; in { options = { my.laptop.enable = lib.mkEnableOption "Laptop-specific configuration"; @@ -9,9 +8,7 @@ in { config = lib.mkIf (cfg.enable) { networking.wireless.iwd.enable = true; - environment.systemPackages = with pkgs; [ - lm_sensors - ]; + environment.systemPackages = with pkgs; [ lm_sensors ]; hardware.bluetooth.enable = true; services.blueman.enable = true; diff --git a/common/locale.nix b/common/locale.nix index 9df910e..0288abb 100644 --- a/common/locale.nix +++ b/common/locale.nix @@ -4,10 +4,10 @@ time.timeZone = "Europe/Moscow"; i18n.defaultLocale = "ru_RU.UTF-8"; - + console = { font = "${pkgs.terminus_font}/share/consolefonts/ter-u24b.psf.gz"; keyMap = "us"; packages = with pkgs; [ terminus_font ]; }; -} \ No newline at end of file +} diff --git a/common/networking.nix b/common/networking.nix index 38d2e82..75ced12 100644 --- a/common/networking.nix +++ b/common/networking.nix @@ -16,10 +16,8 @@ }; # Used by systemd-resolved, not directly by resolv.conf. - networking.nameservers = [ - "8.8.8.8#dns.google" - "1.0.0.1#cloudflare-dns.com" - ]; + networking.nameservers = + [ "8.8.8.8#dns.google" "1.0.0.1#cloudflare-dns.com" ]; networking.enableIPv6 = true; @@ -37,7 +35,8 @@ }; services.chrony.enable = true; - networking.timeServers = [ "ntp1.vniiftri.ru" "0.ru.pool.ntp.org" "0.pool.ntp.org" ]; + networking.timeServers = + [ "ntp1.vniiftri.ru" "0.ru.pool.ntp.org" "0.pool.ntp.org" ]; # Useful tools boot.kernelModules = [ "af_packet" ]; diff --git a/common/remote-access.nix b/common/remote-access.nix index 401f008..36d5792 100644 --- a/common/remote-access.nix +++ b/common/remote-access.nix @@ -4,14 +4,14 @@ services.openssh = { enable = true; settings.PasswordAuthentication = false; - + # Cute banner, r-right? banner = '' -Authorized access only! + Authorized access only! -If you are not authorized to access or use this system, disconnect now! + If you are not authorized to access or use this system, disconnect now! ''; }; -} \ No newline at end of file +} diff --git a/common/stateless.nix b/common/stateless.nix index eca8dbd..4aa8090 100644 --- a/common/stateless.nix +++ b/common/stateless.nix @@ -5,4 +5,4 @@ "vm.panic_on_oom" = true; "kernel.panic" = 3; }; -} \ No newline at end of file +} diff --git a/common/user.nix b/common/user.nix index 85bcfd5..fe58c80 100644 --- a/common/user.nix +++ b/common/user.nix @@ -1,7 +1,6 @@ { config, pkgs, ... }: -let - my = import ../.; +let my = import ../.; in rec { users.mutableUsers = false; @@ -33,15 +32,13 @@ in rec { hashedPassword = my.secrets.hashed-password; }; - users.users.root = { hashedPassword = null; - openssh.authorizedKeys.keys = users.users.ivabus.openssh.authorizedKeys.keys; + openssh.authorizedKeys.keys = + users.users.ivabus.openssh.authorizedKeys.keys; }; - programs.zsh = { - enable = true; - }; + programs.zsh = { enable = true; }; programs.gnupg.agent.enable = true; programs.ssh.startAgent = true; diff --git a/default.nix b/default.nix index 937d195..7b1eb6e 100644 --- a/default.nix +++ b/default.nix @@ -3,10 +3,5 @@ rec { roles = import ./roles; secrets = import ./secrets.nix; - modules = { pkgs, ... }: { - imports = [ - common - roles - ]; - }; + modules = { pkgs, ... }: { imports = [ common roles ]; }; } diff --git a/flake.nix b/flake.nix index a1c5fde..60c2e74 100644 --- a/flake.nix +++ b/flake.nix @@ -11,57 +11,50 @@ apple-silicon-support.url = "github:tpwrules/nixos-apple-silicon"; }; + outputs = + { self, nixpkgs, home-manager, apple-silicon-support, ... }@inputs: { + # Stella = Unchartevice 6540 (Ryzen 3 3250U, 16GB RAM) + nixosConfigurations."stella" = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ home-manager.nixosModules.home-manager ./machines/stella ]; + }; - outputs = { self, nixpkgs, home-manager, apple-silicon-support, ... }@inputs: { - # Stella = Unchartevice 6540 (Ryzen 3 3250U, 16GB RAM) - nixosConfigurations."stella" = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - modules = [ - home-manager.nixosModules.home-manager - ./machines/stella - ]; - }; + # Vetus = iMac 27" 2017, i5, 64 GB RAM + nixosConfigurations."vetus" = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ home-manager.nixosModules.home-manager ./machines/vetus ]; + }; - # Vetus = iMac 27" 2017, i5, 64 GB RAM - nixosConfigurations."vetus" = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - modules = [ - home-manager.nixosModules.home-manager - ./machines/vetus - ]; - }; + # Celerrime = MacBook Air M2 + nixosConfigurations."celerrime" = nixpkgs.lib.nixosSystem { + system = "aarch64-linux"; + modules = [ + home-manager.nixosModules.home-manager + apple-silicon-support.nixosModules.apple-silicon-support + ./machines/celerrime + ]; + }; - # Celerrime = MacBook Air M2 - nixosConfigurations."celerrime" = nixpkgs.lib.nixosSystem { - system = "aarch64-linux"; - modules = [ - home-manager.nixosModules.home-manager - apple-silicon-support.nixosModules.apple-silicon-support - ./machines/celerrime - ]; - }; - - # Raspberry Pi 4B 2GB RAM - nixosConfigurations."rubusidaeus" = nixpkgs.lib.nixosSystem { + # Raspberry Pi 4B 2GB RAM + nixosConfigurations."rubusidaeus" = nixpkgs.lib.nixosSystem { system = "aarch64-linux"; modules = [ "${nixpkgs}/nixos/modules/installer/sd-card/sd-image-aarch64.nix" home-manager.nixosModules.home-manager ./machines/rubusidaeus ]; - }; + }; - /* These machines will be configured later. */ - /* - # Effundam = MacBook Air M1 (server usage). Will not be added to flake.nix until thunderbolt and apfs proper support - nixosConfigurations."effundam" = nixpkgs.lib.nixosSystem { - system = "aarch64-linux"; - modules = [ - home-manager.nixosModules.home-manager - apple-silicon-support.nixosModules.apple-silicon-support - ./machines/effundam - ]; + # These machines will be configured later. + /* # Effundam = MacBook Air M1 (server usage). Will not be added to flake.nix until thunderbolt and apfs proper support + nixosConfigurations."effundam" = nixpkgs.lib.nixosSystem { + system = "aarch64-linux"; + modules = [ + home-manager.nixosModules.home-manager + apple-silicon-support.nixosModules.apple-silicon-support + ./machines/effundam + ]; + }; + */ }; - */ - }; } diff --git a/hardware/rpi4.nix b/hardware/rpi4.nix index 8eedd4b..c442215 100644 --- a/hardware/rpi4.nix +++ b/hardware/rpi4.nix @@ -1,10 +1,11 @@ - { config, pkgs, lib, ... }: let overlay = final: super: { makeModulesClosure = x: - super.makeModulesClosure (x // { allowMissing = true; }); # Ignores missing kernel modules (can't build image without this fix) + super.makeModulesClosure (x // { + allowMissing = true; + }); # Ignores missing kernel modules (can't build image without this fix) }; in { diff --git a/machines/celerrime/default.nix b/machines/celerrime/default.nix index 7314d8d..319c9a5 100644 --- a/machines/celerrime/default.nix +++ b/machines/celerrime/default.nix @@ -1,12 +1,8 @@ { config, pkgs, ... }: -let - my = import ../..; +let my = import ../..; in { - imports = [ - ./hardware.nix - my.modules - ]; + imports = [ ./hardware.nix my.modules ]; networking.hostName = "celerrime"; @@ -28,9 +24,7 @@ in { virtualisation.enable = false; yggdrasil-client.enable = true; - server = { - ivabus-dev.enable = true; - }; + server = { ivabus-dev.enable = true; }; }; networking.useDHCP = true; @@ -40,9 +34,8 @@ in { hardware.asahi.addEdgeKernelConfig = true; hardware.asahi.useExperimentalGPUDriver = true; - environment.systemPackages = with pkgs; [ - (retroarch.override { cores = with libretro; [ np2kai ];}) - ]; + environment.systemPackages = with pkgs; + [ (retroarch.override { cores = with libretro; [ np2kai ]; }) ]; system.stateVersion = "23.05"; } diff --git a/machines/celerrime/hardware.nix b/machines/celerrime/hardware.nix index ba62a90..157b54e 100644 --- a/machines/celerrime/hardware.nix +++ b/machines/celerrime/hardware.nix @@ -1,32 +1,30 @@ { config, lib, pkgs, modulesPath, ... }: { - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; + imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; boot.initrd.availableKernelModules = [ "usb_storage" ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ ]; boot.extraModulePackages = [ ]; - fileSystems."/" = - { device = "/dev/disk/by-uuid/aed0b311-8954-4164-afc3-9e7c6a2d8c2a"; - fsType = "ext4"; - }; + fileSystems."/" = { + device = "/dev/disk/by-uuid/aed0b311-8954-4164-afc3-9e7c6a2d8c2a"; + fsType = "ext4"; + }; - boot.initrd.luks.devices."cryptroot".device = "/dev/disk/by-uuid/8551d309-afe6-4a25-b571-b2cb1eff7c09"; + boot.initrd.luks.devices."cryptroot".device = + "/dev/disk/by-uuid/8551d309-afe6-4a25-b571-b2cb1eff7c09"; - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/771E-1309"; - fsType = "vfat"; - }; + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/771E-1309"; + fsType = "vfat"; + }; - swapDevices = - [ { - device = "/dev/disk/by-partuuid/dace6477-697e-4bba-aede-eb0e9f7a28ff"; - randomEncryption.enable = true; - } ]; + swapDevices = [{ + device = "/dev/disk/by-partuuid/dace6477-697e-4bba-aede-eb0e9f7a28ff"; + randomEncryption.enable = true; + }]; networking.useDHCP = lib.mkDefault true; diff --git a/machines/example/default.nix b/machines/example/default.nix index 3927a4f..bfc2406 100644 --- a/machines/example/default.nix +++ b/machines/example/default.nix @@ -1,8 +1,6 @@ - { config, pkgs, lib, ... }: -let - my = import ../..; +let my = import ../..; in { imports = [ ./hardware.nix # Use nixos-generate-config --show-hardware-config > /etc/nixos/machines/MACHINE/hardware.nix diff --git a/machines/rubusidaeus/default.nix b/machines/rubusidaeus/default.nix index 744f931..fb9d39b 100644 --- a/machines/rubusidaeus/default.nix +++ b/machines/rubusidaeus/default.nix @@ -1,13 +1,8 @@ - { config, pkgs, lib, ... }: -let - my = import ../..; +let my = import ../..; in { - imports = [ - my.modules - ../../hardware/rpi4.nix - ]; + imports = [ my.modules ../../hardware/rpi4.nix ]; networking.hostName = "rubusidaeus"; diff --git a/machines/stella/default.nix b/machines/stella/default.nix index 4963a70..466e6e7 100644 --- a/machines/stella/default.nix +++ b/machines/stella/default.nix @@ -1,13 +1,8 @@ - { config, pkgs, lib, ... }: -let - my = import ../..; +let my = import ../..; in { - imports = [ - ./hardware.nix - my.modules - ]; + imports = [ ./hardware.nix my.modules ]; boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; @@ -28,8 +23,8 @@ in { yggdrasil-client.enable = true; }; - services.xserver.videoDrivers=["amdgpu"]; - boot.initrd.kernelModules=["amdgpu"]; + services.xserver.videoDrivers = [ "amdgpu" ]; + boot.initrd.kernelModules = [ "amdgpu" ]; powerManagement = { enable = true; diff --git a/machines/stella/hardware.nix b/machines/stella/hardware.nix index 5875c23..b439340 100644 --- a/machines/stella/hardware.nix +++ b/machines/stella/hardware.nix @@ -1,36 +1,36 @@ - { config, lib, pkgs, modulesPath, ... }: { - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; + imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "sd_mod" ]; + boot.initrd.availableKernelModules = + [ "xhci_pci" "ahci" "usb_storage" "sd_mod" ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-amd" "nct6775" ]; boot.extraModulePackages = [ ]; environment.etc = { - "sysconfig/lm_sensors".text = '' - HWMON_MODULES="lm75" - ''; + "sysconfig/lm_sensors".text = '' + HWMON_MODULES="lm75" + ''; }; - fileSystems."/" = - { device = "/dev/disk/by-uuid/e9d47776-8f25-490b-9ea3-ee80ab9d6110"; - fsType = "btrfs"; - }; + fileSystems."/" = { + device = "/dev/disk/by-uuid/e9d47776-8f25-490b-9ea3-ee80ab9d6110"; + fsType = "btrfs"; + }; - boot.initrd.luks.devices."cryptroot".device = "/dev/disk/by-uuid/c2e3757b-b29c-4797-9535-084eb71351e9"; + boot.initrd.luks.devices."cryptroot".device = + "/dev/disk/by-uuid/c2e3757b-b29c-4797-9535-084eb71351e9"; - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/4F73-6FFF"; - fsType = "vfat"; - }; + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/4F73-6FFF"; + fsType = "vfat"; + }; swapDevices = [ ]; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + hardware.cpu.amd.updateMicrocode = + lib.mkDefault config.hardware.enableRedistributableFirmware; } diff --git a/machines/vetus/default.nix b/machines/vetus/default.nix index aafd03c..dd3aae8 100644 --- a/machines/vetus/default.nix +++ b/machines/vetus/default.nix @@ -1,13 +1,8 @@ - { config, pkgs, ... }: -let - my = import ../..; +let my = import ../..; in { - imports = [ - ./hardware.nix - my.modules - ]; + imports = [ ./hardware.nix my.modules ]; boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; @@ -28,9 +23,9 @@ in { networking.useDHCP = true; - services.xserver.videoDrivers=["amdgpu"]; - boot.initrd.kernelModules=["amdgpu"]; - + services.xserver.videoDrivers = [ "amdgpu" ]; + boot.initrd.kernelModules = [ "amdgpu" ]; + system.stateVersion = "23.05"; } diff --git a/machines/vetus/hardware.nix b/machines/vetus/hardware.nix index 2b77266..bba4db2 100644 --- a/machines/vetus/hardware.nix +++ b/machines/vetus/hardware.nix @@ -1,29 +1,31 @@ { config, lib, pkgs, modulesPath, ... }: { - imports = - [ (modulesPath + "/hardware/network/broadcom-43xx.nix") - (modulesPath + "/installer/scan/not-detected.nix") - ]; + imports = [ + (modulesPath + "/hardware/network/broadcom-43xx.nix") + (modulesPath + "/installer/scan/not-detected.nix") + ]; - boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" "sdhci_pci" ]; + boot.initrd.availableKernelModules = + [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" "sdhci_pci" ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-intel" ]; boot.extraModulePackages = [ ]; - fileSystems."/" = - { device = "/dev/nvme0n1p2"; - fsType = "btrfs"; - }; + fileSystems."/" = { + device = "/dev/nvme0n1p2"; + fsType = "btrfs"; + }; - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/B167-E1D3"; - fsType = "vfat"; - }; + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/B167-E1D3"; + fsType = "vfat"; + }; swapDevices = [ ]; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + hardware.cpu.intel.updateMicrocode = + lib.mkDefault config.hardware.enableRedistributableFirmware; } diff --git a/pkgs/ivabus-dev.nix b/pkgs/ivabus-dev.nix index a33725b..bbca9d0 100644 --- a/pkgs/ivabus-dev.nix +++ b/pkgs/ivabus-dev.nix @@ -1,4 +1,4 @@ -{ pkgs ? import {}, bundlerEnv, ... }: +{ pkgs ? import { }, bundlerEnv, ... }: let version = "130812885aee9f2e0a5f6a4b534a3b6b68431554"; repo = builtins.fetchGit { diff --git a/roles/default.nix b/roles/default.nix index fede684..e7624b2 100644 --- a/roles/default.nix +++ b/roles/default.nix @@ -14,4 +14,4 @@ ./server/nginx.nix ./server/ivabus-dev.nix ]; -} \ No newline at end of file +} diff --git a/roles/design.nix b/roles/design.nix index c70e039..f6a5447 100644 --- a/roles/design.nix +++ b/roles/design.nix @@ -1,14 +1,10 @@ { config, lib, pkgs, ... }: -let - cfg = config.my.roles.design; +let cfg = config.my.roles.design; in { - options.my.roles.design.enable = lib.mkEnableOption "Enable design-specific programs"; + options.my.roles.design.enable = + lib.mkEnableOption "Enable design-specific programs"; config = lib.mkIf (cfg.enable) { - environment.systemPackages = with pkgs; [ - inkscape - gimp - imagemagick - ]; + environment.systemPackages = with pkgs; [ inkscape gimp imagemagick ]; }; } diff --git a/roles/devel.nix b/roles/devel.nix index cb12f50..7961094 100644 --- a/roles/devel.nix +++ b/roles/devel.nix @@ -1,10 +1,11 @@ { config, pkgs, lib, ... }: -let - cfg = config.my.roles.devel; +let cfg = config.my.roles.devel; in { - options.my.roles.devel.enable = lib.mkEnableOption "Enable tools for development programs"; - config = lib.mkIf (cfg.enable) ( lib.mkMerge [{ + options.my.roles.devel.enable = + lib.mkEnableOption "Enable tools for development programs"; + config = lib.mkIf (cfg.enable) (lib.mkMerge [ + { nixpkgs.config.allowUnfree = true; environment.systemPackages = with pkgs; [ rustc @@ -25,21 +26,27 @@ in { ]; } # Architecture-specific packages and configuration - (lib.mkIf (!pkgs.stdenv.isAarch64) {boot.binfmt.emulatedSystems = [ "aarch64-linux" ];}) - (lib.mkIf (!pkgs.stdenv.isAarch32) {boot.binfmt.emulatedSystems = [ "armv6l-linux" ];}) - (lib.mkIf (!pkgs.stdenv.isx86_64) {boot.binfmt.emulatedSystems = [ "x86_64-linux" "i686-linux" ];}) + (lib.mkIf (!pkgs.stdenv.isAarch64) { + boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; + }) + (lib.mkIf (!pkgs.stdenv.isAarch32) { + boot.binfmt.emulatedSystems = [ "armv6l-linux" ]; + }) + (lib.mkIf (!pkgs.stdenv.isx86_64) { + boot.binfmt.emulatedSystems = [ "x86_64-linux" "i686-linux" ]; + }) # Remove CLion from builds while I'm semi-online # Install CLion only if we are on x86_64 - /*(lib.mkIf (pkgs.stdenv.isx86_64) { - environment.systemPackages = with pkgs; [ - jetbrains.clion - ]; - })*/ + /* (lib.mkIf (pkgs.stdenv.isx86_64) { + environment.systemPackages = with pkgs; [ + jetbrains.clion + ]; + }) + */ # Install vscode only if we are on x86_64 or aarch64 or aarch32 - (lib.mkIf (pkgs.stdenv.isx86_64 || pkgs.stdenv.isAarch64 || pkgs.stdenv.isAarch32) { - environment.systemPackages = with pkgs; [ - vscode - ]; - }) + (lib.mkIf + (pkgs.stdenv.isx86_64 || pkgs.stdenv.isAarch64 || pkgs.stdenv.isAarch32) { + environment.systemPackages = with pkgs; [ vscode ]; + }) ]); } diff --git a/roles/gaming.nix b/roles/gaming.nix index e759d92..b8789a4 100644 --- a/roles/gaming.nix +++ b/roles/gaming.nix @@ -1,28 +1,29 @@ { config, pkgs, lib, ... }: -let - cfg = config.my.roles.gaming; +let cfg = config.my.roles.gaming; in { options.my.roles.gaming.enable = lib.mkEnableOption "Enable wine & steam"; - config = lib.mkIf (cfg.enable) ( lib.mkMerge [{ - nixpkgs.config.allowUnfree = true; - hardware.opengl.driSupport32Bit = true; - services.pipewire.alsa.support32Bit = true; - environment.systemPackages = with pkgs; [ - wineWowPackages.stable - wine - (wine.override { wineBuild = "wine64"; }) - wineWowPackages.staging - winetricks - wineWowPackages.waylandFull - (retroarch.override { cores = with libretro; [ np2kai ];}) - ]; - } - # Enable steam only on x86_64 (since I have hosts with ARM, but I don't think I will enable my.roles.gaming on ARM system soon) - (lib.mkIf(pkgs.stdenv.isx86_64) { - programs.steam.enable = true; # Firewall ports used by Steam in-home streaming. - networking.firewall.allowedTCPPorts = [ 27036 27037 ]; - networking.firewall.allowedUDPPorts = [ 27031 27036 ]; + config = lib.mkIf (cfg.enable) (lib.mkMerge [ + { + nixpkgs.config.allowUnfree = true; + hardware.opengl.driSupport32Bit = true; + services.pipewire.alsa.support32Bit = true; + environment.systemPackages = with pkgs; [ + wineWowPackages.stable + wine + (wine.override { wineBuild = "wine64"; }) + wineWowPackages.staging + winetricks + wineWowPackages.waylandFull + (retroarch.override { cores = with libretro; [ np2kai ]; }) + ]; + } + # Enable steam only on x86_64 (since I have hosts with ARM, but I don't think I will enable my.roles.gaming on ARM system soon) + (lib.mkIf (pkgs.stdenv.isx86_64) { + programs.steam.enable = + true; # Firewall ports used by Steam in-home streaming. + networking.firewall.allowedTCPPorts = [ 27036 27037 ]; + networking.firewall.allowedUDPPorts = [ 27031 27036 ]; }) ]); } diff --git a/roles/graphical.nix b/roles/graphical.nix index 68cdd2e..390f26c 100644 --- a/roles/graphical.nix +++ b/roles/graphical.nix @@ -1,7 +1,6 @@ { config, pkgs, lib, ... }: -let - cfg = config.my.roles.graphical; +let cfg = config.my.roles.graphical; in { options.my.roles.graphical.enable = lib.mkEnableOption "Enable GUI"; config = lib.mkIf (cfg.enable) { @@ -85,7 +84,8 @@ in { roboto-mono kochi-substitute ]; - environment.sessionVariables.NIXOS_OZONE_WL = "1"; # Enable wayland for electron + environment.sessionVariables.NIXOS_OZONE_WL = + "1"; # Enable wayland for electron home-manager.users.ivabus = { gtk = { enable = true; diff --git a/roles/latex.nix b/roles/latex.nix index a1d21a0..079d55f 100644 --- a/roles/latex.nix +++ b/roles/latex.nix @@ -1,14 +1,14 @@ { config, pkgs, lib, ... }: -let - cfg = config.my.roles.latex; +let cfg = config.my.roles.latex; in { options.my.roles.latex.enable = lib.mkEnableOption "Enable latex stuff"; - config = lib.mkIf (cfg.enable){ - environment.systemPackages = with pkgs; [ - # Maybe I don't need to use -full variant of texlive - # TODO: I should find distribution I actually need - texlive.combined.scheme-full - ]; + config = lib.mkIf (cfg.enable) { + environment.systemPackages = with pkgs; + [ + # Maybe I don't need to use -full variant of texlive + # TODO: I should find distribution I actually need + texlive.combined.scheme-full + ]; }; -} \ No newline at end of file +} diff --git a/roles/media-client.nix b/roles/media-client.nix index b4dca4a..eab727a 100644 --- a/roles/media-client.nix +++ b/roles/media-client.nix @@ -1,13 +1,10 @@ { config, pkgs, lib, ... }: -let - cfg = config.my.roles.media-client; +let cfg = config.my.roles.media-client; in { - options.my.roles.media-client.enable = lib.mkEnableOption "Enable media players, downloaders, etc."; - config = lib.mkIf (cfg.enable){ - environment.systemPackages = with pkgs; [ - vlc - yt-dlp ffmpeg - ]; + options.my.roles.media-client.enable = + lib.mkEnableOption "Enable media players, downloaders, etc."; + config = lib.mkIf (cfg.enable) { + environment.systemPackages = with pkgs; [ vlc yt-dlp ffmpeg ]; }; -} \ No newline at end of file +} diff --git a/roles/ntp-server.nix b/roles/ntp-server.nix index 9d9a393..9dae1a1 100644 --- a/roles/ntp-server.nix +++ b/roles/ntp-server.nix @@ -1,13 +1,12 @@ { config, pkgs, lib, ... }: -let - cfg = config.my.roles.ntp-server; +let cfg = config.my.roles.ntp-server; in { options.my.roles.ntp-server.enable = lib.mkEnableOption "Enable NTP server"; config = lib.mkIf (cfg.enable) { - services.chrony.extraConfig = '' -allow 192.168.0.0/16 - ''; + services.chrony.extraConfig = '' + allow 192.168.0.0/16 + ''; networking.firewall.allowedUDPPorts = [ 123 ]; }; } diff --git a/roles/server/ivabus-dev.nix b/roles/server/ivabus-dev.nix index 1daba6c..dd56b48 100644 --- a/roles/server/ivabus-dev.nix +++ b/roles/server/ivabus-dev.nix @@ -1,15 +1,14 @@ { config, lib, pkgs, ... }: -let - cfg = config.my.roles.server.ivabus-dev; -in -{ - options.my.roles.server.ivabus-dev.enable = lib.mkEnableOption "Serve ivabus.dev"; +let cfg = config.my.roles.server.ivabus-dev; +in { + options.my.roles.server.ivabus-dev.enable = + lib.mkEnableOption "Serve ivabus.dev"; config = lib.mkIf (cfg.enable) { my.roles.server.nginx.enable = true; services.nginx = { virtualHosts."ivabus.dev" = { # i don't want to call package like this - root = pkgs.callPackage ../../pkgs/ivabus-dev.nix {}; + root = pkgs.callPackage ../../pkgs/ivabus-dev.nix { }; extraConfig = '' error_page 404 /404.html; diff --git a/roles/server/nginx.nix b/roles/server/nginx.nix index 78d5042..163e3a2 100644 --- a/roles/server/nginx.nix +++ b/roles/server/nginx.nix @@ -1,10 +1,9 @@ { config, lib, pkgs, ... }: -let - cfg = config.my.roles.server.nginx; -in -{ +let cfg = config.my.roles.server.nginx; +in { # Don't call from machine setup, services will enable it automatically - options.my.roles.server.nginx.enable = lib.mkEnableOption "Initial nginx setup"; + options.my.roles.server.nginx.enable = + lib.mkEnableOption "Initial nginx setup"; config = lib.mkIf (cfg.enable) { services.nginx = { enable = true; @@ -14,4 +13,4 @@ in recommendedTlsSettings = true; }; }; -} \ No newline at end of file +} diff --git a/roles/torrent.nix b/roles/torrent.nix index 07723eb..d8ad402 100644 --- a/roles/torrent.nix +++ b/roles/torrent.nix @@ -1,13 +1,12 @@ { config, pkgs, lib, ... }: -let - cfg = config.my.roles.torrent; +let cfg = config.my.roles.torrent; in { - options.my.roles.torrent.enable = lib.mkEnableOption "Enable torrent support."; + options.my.roles.torrent.enable = + lib.mkEnableOption "Enable torrent support."; # TODO: do something about systems without GUI (i don't use any at the moment) config = lib.mkIf (cfg.enable) { - environment.systemPackages = with pkgs; [ - (transmission.override {enableGTK3 = true;}) - ]; + environment.systemPackages = with pkgs; + [ (transmission.override { enableGTK3 = true; }) ]; }; -} \ No newline at end of file +} diff --git a/roles/virtualisation.nix b/roles/virtualisation.nix index d456513..8c01c72 100644 --- a/roles/virtualisation.nix +++ b/roles/virtualisation.nix @@ -1,15 +1,12 @@ { pkgs, config, lib, ... }: -let - cfg = config.my.roles.virtualisation; +let cfg = config.my.roles.virtualisation; in { - options.my.roles.virtualisation.enable = lib.mkEnableOption "Enable tools for virtualisation"; + options.my.roles.virtualisation.enable = + lib.mkEnableOption "Enable tools for virtualisation"; config = lib.mkIf (cfg.enable) { # TODO: Think if I ever need virtualisation virtualisation.libvirtd.enable = true; - environment.systemPackages = with pkgs; [ - qemu_full - qemu-utils - ]; + environment.systemPackages = with pkgs; [ qemu_full qemu-utils ]; }; -} \ No newline at end of file +} diff --git a/roles/yggdrasil-client.nix b/roles/yggdrasil-client.nix index 5139fa0..9a469fb 100644 --- a/roles/yggdrasil-client.nix +++ b/roles/yggdrasil-client.nix @@ -1,9 +1,9 @@ { config, lib, ... }: -let - cfg = config.my.roles.yggdrasil-client; +let cfg = config.my.roles.yggdrasil-client; in { - options.my.roles.yggdrasil-client.enable = lib.mkEnableOption "Enable yggdrasil"; + options.my.roles.yggdrasil-client.enable = + lib.mkEnableOption "Enable yggdrasil"; config = lib.mkIf (cfg.enable) { services.yggdrasil = { enable = true; @@ -16,4 +16,4 @@ in { }; }; }; -} \ No newline at end of file +} diff --git a/secrets.nix b/secrets.nix index 12ad542..1763240 100644 --- a/secrets.nix +++ b/secrets.nix @@ -1,9 +1,9 @@ - let canaryHash = builtins.hashFile "sha256" ./secrets/canary; - expectedHash = "bc6f38a927602241c5e0996b61ebd3a90d5356ca76dc968ec14df3cd45c6612c"; -in - if canaryHash != expectedHash then abort "Secrets are not readable. Have you run `git-crypt unlock`?" - else { - hashed-password = builtins.readFile ./secrets/hashed-password; - } \ No newline at end of file + expectedHash = + "bc6f38a927602241c5e0996b61ebd3a90d5356ca76dc968ec14df3cd45c6612c"; +in if canaryHash != expectedHash then + abort "Secrets are not readable. Have you run `git-crypt unlock`?" +else { + hashed-password = builtins.readFile ./secrets/hashed-password; +} diff --git a/shells/crossShell.nix b/shells/crossShell.nix index 068c568..1828eb0 100644 --- a/shells/crossShell.nix +++ b/shells/crossShell.nix @@ -1,18 +1,9 @@ { crossSystem ? "aarch64-unknown-linux-musl" }: -let pkgs = import { - crossSystem = { - config = crossSystem; - }; -}; -in - pkgs.pkgsStatic.callPackage ( - {mkShell, pkg-config, zlib, file}: - mkShell { - nativeBuildInputs = [ pkg-config file ]; - buildInputs = [ zlib ]; - env = { - CROSS_COMPILE = crossSystem; - }; - } - ) {} +let pkgs = import { crossSystem = { config = crossSystem; }; }; +in pkgs.pkgsStatic.callPackage ({ mkShell, pkg-config, zlib, file }: + mkShell { + nativeBuildInputs = [ pkg-config file ]; + buildInputs = [ zlib ]; + env = { CROSS_COMPILE = crossSystem; }; + }) { }