Call nixfmt for the first time

Signed-off-by: Ivan Bushchik <ivabus@ivabus.dev>
This commit is contained in:
Ivan Bushchik 2023-09-06 16:10:11 +03:00
parent 6c7e4a2946
commit 9de8497113
No known key found for this signature in database
GPG key ID: 2F16FBF3262E090C
35 changed files with 239 additions and 299 deletions

View file

@ -1,11 +1,8 @@
{ config, pkgs, lib, ... }:
let
cfg = config.my.git;
let cfg = config.my.git;
in {
options = {
my.git.enable = lib.mkEnableOption "Enable git configuration";
};
options = { my.git.enable = lib.mkEnableOption "Enable git configuration"; };
config = lib.mkIf (cfg.enable) {
home-manager.useGlobalPkgs = true;

View file

@ -1,7 +1,6 @@
{ config, pkgs, lib, ... }:
let
cfg = config.my.laptop;
let cfg = config.my.laptop;
in {
options = {
my.laptop.enable = lib.mkEnableOption "Laptop-specific configuration";
@ -9,9 +8,7 @@ in {
config = lib.mkIf (cfg.enable) {
networking.wireless.iwd.enable = true;
environment.systemPackages = with pkgs; [
lm_sensors
];
environment.systemPackages = with pkgs; [ lm_sensors ];
hardware.bluetooth.enable = true;
services.blueman.enable = true;

View file

@ -16,10 +16,8 @@
};
# Used by systemd-resolved, not directly by resolv.conf.
networking.nameservers = [
"8.8.8.8#dns.google"
"1.0.0.1#cloudflare-dns.com"
];
networking.nameservers =
[ "8.8.8.8#dns.google" "1.0.0.1#cloudflare-dns.com" ];
networking.enableIPv6 = true;
@ -37,7 +35,8 @@
};
services.chrony.enable = true;
networking.timeServers = [ "ntp1.vniiftri.ru" "0.ru.pool.ntp.org" "0.pool.ntp.org" ];
networking.timeServers =
[ "ntp1.vniiftri.ru" "0.ru.pool.ntp.org" "0.pool.ntp.org" ];
# Useful tools
boot.kernelModules = [ "af_packet" ];

View file

@ -8,9 +8,9 @@
# Cute banner, r-right?
banner = ''
Authorized access only!
Authorized access only!
If you are not authorized to access or use this system, disconnect now!
If you are not authorized to access or use this system, disconnect now!
'';
};

View file

@ -1,7 +1,6 @@
{ config, pkgs, ... }:
let
my = import ../.;
let my = import ../.;
in rec {
users.mutableUsers = false;
@ -33,15 +32,13 @@ in rec {
hashedPassword = my.secrets.hashed-password;
};
users.users.root = {
hashedPassword = null;
openssh.authorizedKeys.keys = users.users.ivabus.openssh.authorizedKeys.keys;
openssh.authorizedKeys.keys =
users.users.ivabus.openssh.authorizedKeys.keys;
};
programs.zsh = {
enable = true;
};
programs.zsh = { enable = true; };
programs.gnupg.agent.enable = true;
programs.ssh.startAgent = true;

View file

@ -3,10 +3,5 @@ rec {
roles = import ./roles;
secrets = import ./secrets.nix;
modules = { pkgs, ... }: {
imports = [
common
roles
];
};
modules = { pkgs, ... }: { imports = [ common roles ]; };
}

View file

@ -11,24 +11,18 @@
apple-silicon-support.url = "github:tpwrules/nixos-apple-silicon";
};
outputs = { self, nixpkgs, home-manager, apple-silicon-support, ... }@inputs: {
outputs =
{ self, nixpkgs, home-manager, apple-silicon-support, ... }@inputs: {
# Stella = Unchartevice 6540 (Ryzen 3 3250U, 16GB RAM)
nixosConfigurations."stella" = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [
home-manager.nixosModules.home-manager
./machines/stella
];
modules = [ home-manager.nixosModules.home-manager ./machines/stella ];
};
# Vetus = iMac 27" 2017, i5, 64 GB RAM
nixosConfigurations."vetus" = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [
home-manager.nixosModules.home-manager
./machines/vetus
];
modules = [ home-manager.nixosModules.home-manager ./machines/vetus ];
};
# Celerrime = MacBook Air M2
@ -51,9 +45,8 @@
];
};
/* These machines will be configured later. */
/*
# Effundam = MacBook Air M1 (server usage). Will not be added to flake.nix until thunderbolt and apfs proper support
# These machines will be configured later.
/* # Effundam = MacBook Air M1 (server usage). Will not be added to flake.nix until thunderbolt and apfs proper support
nixosConfigurations."effundam" = nixpkgs.lib.nixosSystem {
system = "aarch64-linux";
modules = [

View file

@ -1,10 +1,11 @@
{ config, pkgs, lib, ... }:
let
overlay = final: super: {
makeModulesClosure = x:
super.makeModulesClosure (x // { allowMissing = true; }); # Ignores missing kernel modules (can't build image without this fix)
super.makeModulesClosure (x // {
allowMissing = true;
}); # Ignores missing kernel modules (can't build image without this fix)
};
in {

View file

@ -1,12 +1,8 @@
{ config, pkgs, ... }:
let
my = import ../..;
let my = import ../..;
in {
imports = [
./hardware.nix
my.modules
];
imports = [ ./hardware.nix my.modules ];
networking.hostName = "celerrime";
@ -28,9 +24,7 @@ in {
virtualisation.enable = false;
yggdrasil-client.enable = true;
server = {
ivabus-dev.enable = true;
};
server = { ivabus-dev.enable = true; };
};
networking.useDHCP = true;
@ -40,9 +34,8 @@ in {
hardware.asahi.addEdgeKernelConfig = true;
hardware.asahi.useExperimentalGPUDriver = true;
environment.systemPackages = with pkgs; [
(retroarch.override { cores = with libretro; [ np2kai ];})
];
environment.systemPackages = with pkgs;
[ (retroarch.override { cores = with libretro; [ np2kai ]; }) ];
system.stateVersion = "23.05";
}

View file

@ -1,32 +1,30 @@
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.initrd.availableKernelModules = [ "usb_storage" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/aed0b311-8954-4164-afc3-9e7c6a2d8c2a";
fileSystems."/" = {
device = "/dev/disk/by-uuid/aed0b311-8954-4164-afc3-9e7c6a2d8c2a";
fsType = "ext4";
};
boot.initrd.luks.devices."cryptroot".device = "/dev/disk/by-uuid/8551d309-afe6-4a25-b571-b2cb1eff7c09";
boot.initrd.luks.devices."cryptroot".device =
"/dev/disk/by-uuid/8551d309-afe6-4a25-b571-b2cb1eff7c09";
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/771E-1309";
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/771E-1309";
fsType = "vfat";
};
swapDevices =
[ {
swapDevices = [{
device = "/dev/disk/by-partuuid/dace6477-697e-4bba-aede-eb0e9f7a28ff";
randomEncryption.enable = true;
} ];
}];
networking.useDHCP = lib.mkDefault true;

View file

@ -1,8 +1,6 @@
{ config, pkgs, lib, ... }:
let
my = import ../..;
let my = import ../..;
in {
imports = [
./hardware.nix # Use nixos-generate-config --show-hardware-config > /etc/nixos/machines/MACHINE/hardware.nix

View file

@ -1,13 +1,8 @@
{ config, pkgs, lib, ... }:
let
my = import ../..;
let my = import ../..;
in {
imports = [
my.modules
../../hardware/rpi4.nix
];
imports = [ my.modules ../../hardware/rpi4.nix ];
networking.hostName = "rubusidaeus";

View file

@ -1,13 +1,8 @@
{ config, pkgs, lib, ... }:
let
my = import ../..;
let my = import ../..;
in {
imports = [
./hardware.nix
my.modules
];
imports = [ ./hardware.nix my.modules ];
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
@ -28,8 +23,8 @@ in {
yggdrasil-client.enable = true;
};
services.xserver.videoDrivers=["amdgpu"];
boot.initrd.kernelModules=["amdgpu"];
services.xserver.videoDrivers = [ "amdgpu" ];
boot.initrd.kernelModules = [ "amdgpu" ];
powerManagement = {
enable = true;

View file

@ -1,12 +1,10 @@
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "sd_mod" ];
boot.initrd.availableKernelModules =
[ "xhci_pci" "ahci" "usb_storage" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" "nct6775" ];
boot.extraModulePackages = [ ];
@ -17,20 +15,22 @@
'';
};
fileSystems."/" =
{ device = "/dev/disk/by-uuid/e9d47776-8f25-490b-9ea3-ee80ab9d6110";
fileSystems."/" = {
device = "/dev/disk/by-uuid/e9d47776-8f25-490b-9ea3-ee80ab9d6110";
fsType = "btrfs";
};
boot.initrd.luks.devices."cryptroot".device = "/dev/disk/by-uuid/c2e3757b-b29c-4797-9535-084eb71351e9";
boot.initrd.luks.devices."cryptroot".device =
"/dev/disk/by-uuid/c2e3757b-b29c-4797-9535-084eb71351e9";
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/4F73-6FFF";
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/4F73-6FFF";
fsType = "vfat";
};
swapDevices = [ ];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
hardware.cpu.amd.updateMicrocode =
lib.mkDefault config.hardware.enableRedistributableFirmware;
}

View file

@ -1,13 +1,8 @@
{ config, pkgs, ... }:
let
my = import ../..;
let my = import ../..;
in {
imports = [
./hardware.nix
my.modules
];
imports = [ ./hardware.nix my.modules ];
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
@ -28,8 +23,8 @@ in {
networking.useDHCP = true;
services.xserver.videoDrivers=["amdgpu"];
boot.initrd.kernelModules=["amdgpu"];
services.xserver.videoDrivers = [ "amdgpu" ];
boot.initrd.kernelModules = [ "amdgpu" ];
system.stateVersion = "23.05";
}

View file

@ -1,23 +1,24 @@
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/hardware/network/broadcom-43xx.nix")
imports = [
(modulesPath + "/hardware/network/broadcom-43xx.nix")
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" "sdhci_pci" ];
boot.initrd.availableKernelModules =
[ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" "sdhci_pci" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/nvme0n1p2";
fileSystems."/" = {
device = "/dev/nvme0n1p2";
fsType = "btrfs";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/B167-E1D3";
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/B167-E1D3";
fsType = "vfat";
};
@ -25,5 +26,6 @@
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
hardware.cpu.intel.updateMicrocode =
lib.mkDefault config.hardware.enableRedistributableFirmware;
}

View file

@ -1,4 +1,4 @@
{ pkgs ? import <nixpkgs> {}, bundlerEnv, ... }:
{ pkgs ? import <nixpkgs> { }, bundlerEnv, ... }:
let
version = "130812885aee9f2e0a5f6a4b534a3b6b68431554";
repo = builtins.fetchGit {

View file

@ -1,14 +1,10 @@
{ config, lib, pkgs, ... }:
let
cfg = config.my.roles.design;
let cfg = config.my.roles.design;
in {
options.my.roles.design.enable = lib.mkEnableOption "Enable design-specific programs";
options.my.roles.design.enable =
lib.mkEnableOption "Enable design-specific programs";
config = lib.mkIf (cfg.enable) {
environment.systemPackages = with pkgs; [
inkscape
gimp
imagemagick
];
environment.systemPackages = with pkgs; [ inkscape gimp imagemagick ];
};
}

View file

@ -1,10 +1,11 @@
{ config, pkgs, lib, ... }:
let
cfg = config.my.roles.devel;
let cfg = config.my.roles.devel;
in {
options.my.roles.devel.enable = lib.mkEnableOption "Enable tools for development programs";
config = lib.mkIf (cfg.enable) ( lib.mkMerge [{
options.my.roles.devel.enable =
lib.mkEnableOption "Enable tools for development programs";
config = lib.mkIf (cfg.enable) (lib.mkMerge [
{
nixpkgs.config.allowUnfree = true;
environment.systemPackages = with pkgs; [
rustc
@ -25,21 +26,27 @@ in {
];
}
# Architecture-specific packages and configuration
(lib.mkIf (!pkgs.stdenv.isAarch64) {boot.binfmt.emulatedSystems = [ "aarch64-linux" ];})
(lib.mkIf (!pkgs.stdenv.isAarch32) {boot.binfmt.emulatedSystems = [ "armv6l-linux" ];})
(lib.mkIf (!pkgs.stdenv.isx86_64) {boot.binfmt.emulatedSystems = [ "x86_64-linux" "i686-linux" ];})
(lib.mkIf (!pkgs.stdenv.isAarch64) {
boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
})
(lib.mkIf (!pkgs.stdenv.isAarch32) {
boot.binfmt.emulatedSystems = [ "armv6l-linux" ];
})
(lib.mkIf (!pkgs.stdenv.isx86_64) {
boot.binfmt.emulatedSystems = [ "x86_64-linux" "i686-linux" ];
})
# Remove CLion from builds while I'm semi-online
# Install CLion only if we are on x86_64
/*(lib.mkIf (pkgs.stdenv.isx86_64) {
/* (lib.mkIf (pkgs.stdenv.isx86_64) {
environment.systemPackages = with pkgs; [
jetbrains.clion
];
})*/
})
*/
# Install vscode only if we are on x86_64 or aarch64 or aarch32
(lib.mkIf (pkgs.stdenv.isx86_64 || pkgs.stdenv.isAarch64 || pkgs.stdenv.isAarch32) {
environment.systemPackages = with pkgs; [
vscode
];
(lib.mkIf
(pkgs.stdenv.isx86_64 || pkgs.stdenv.isAarch64 || pkgs.stdenv.isAarch32) {
environment.systemPackages = with pkgs; [ vscode ];
})
]);
}

View file

@ -1,10 +1,10 @@
{ config, pkgs, lib, ... }:
let
cfg = config.my.roles.gaming;
let cfg = config.my.roles.gaming;
in {
options.my.roles.gaming.enable = lib.mkEnableOption "Enable wine & steam";
config = lib.mkIf (cfg.enable) ( lib.mkMerge [{
config = lib.mkIf (cfg.enable) (lib.mkMerge [
{
nixpkgs.config.allowUnfree = true;
hardware.opengl.driSupport32Bit = true;
services.pipewire.alsa.support32Bit = true;
@ -15,12 +15,13 @@ in {
wineWowPackages.staging
winetricks
wineWowPackages.waylandFull
(retroarch.override { cores = with libretro; [ np2kai ];})
(retroarch.override { cores = with libretro; [ np2kai ]; })
];
}
# Enable steam only on x86_64 (since I have hosts with ARM, but I don't think I will enable my.roles.gaming on ARM system soon)
(lib.mkIf(pkgs.stdenv.isx86_64) {
programs.steam.enable = true; # Firewall ports used by Steam in-home streaming.
(lib.mkIf (pkgs.stdenv.isx86_64) {
programs.steam.enable =
true; # Firewall ports used by Steam in-home streaming.
networking.firewall.allowedTCPPorts = [ 27036 27037 ];
networking.firewall.allowedUDPPorts = [ 27031 27036 ];
})

View file

@ -1,7 +1,6 @@
{ config, pkgs, lib, ... }:
let
cfg = config.my.roles.graphical;
let cfg = config.my.roles.graphical;
in {
options.my.roles.graphical.enable = lib.mkEnableOption "Enable GUI";
config = lib.mkIf (cfg.enable) {
@ -85,7 +84,8 @@ in {
roboto-mono
kochi-substitute
];
environment.sessionVariables.NIXOS_OZONE_WL = "1"; # Enable wayland for electron
environment.sessionVariables.NIXOS_OZONE_WL =
"1"; # Enable wayland for electron
home-manager.users.ivabus = {
gtk = {
enable = true;

View file

@ -1,11 +1,11 @@
{ config, pkgs, lib, ... }:
let
cfg = config.my.roles.latex;
let cfg = config.my.roles.latex;
in {
options.my.roles.latex.enable = lib.mkEnableOption "Enable latex stuff";
config = lib.mkIf (cfg.enable){
environment.systemPackages = with pkgs; [
config = lib.mkIf (cfg.enable) {
environment.systemPackages = with pkgs;
[
# Maybe I don't need to use -full variant of texlive
# TODO: I should find distribution I actually need
texlive.combined.scheme-full

View file

@ -1,13 +1,10 @@
{ config, pkgs, lib, ... }:
let
cfg = config.my.roles.media-client;
let cfg = config.my.roles.media-client;
in {
options.my.roles.media-client.enable = lib.mkEnableOption "Enable media players, downloaders, etc.";
config = lib.mkIf (cfg.enable){
environment.systemPackages = with pkgs; [
vlc
yt-dlp ffmpeg
];
options.my.roles.media-client.enable =
lib.mkEnableOption "Enable media players, downloaders, etc.";
config = lib.mkIf (cfg.enable) {
environment.systemPackages = with pkgs; [ vlc yt-dlp ffmpeg ];
};
}

View file

@ -1,12 +1,11 @@
{ config, pkgs, lib, ... }:
let
cfg = config.my.roles.ntp-server;
let cfg = config.my.roles.ntp-server;
in {
options.my.roles.ntp-server.enable = lib.mkEnableOption "Enable NTP server";
config = lib.mkIf (cfg.enable) {
services.chrony.extraConfig = ''
allow 192.168.0.0/16
allow 192.168.0.0/16
'';
networking.firewall.allowedUDPPorts = [ 123 ];
};

View file

@ -1,15 +1,14 @@
{ config, lib, pkgs, ... }:
let
cfg = config.my.roles.server.ivabus-dev;
in
{
options.my.roles.server.ivabus-dev.enable = lib.mkEnableOption "Serve ivabus.dev";
let cfg = config.my.roles.server.ivabus-dev;
in {
options.my.roles.server.ivabus-dev.enable =
lib.mkEnableOption "Serve ivabus.dev";
config = lib.mkIf (cfg.enable) {
my.roles.server.nginx.enable = true;
services.nginx = {
virtualHosts."ivabus.dev" = {
# i don't want to call package like this
root = pkgs.callPackage ../../pkgs/ivabus-dev.nix {};
root = pkgs.callPackage ../../pkgs/ivabus-dev.nix { };
extraConfig = ''
error_page 404 /404.html;

View file

@ -1,10 +1,9 @@
{ config, lib, pkgs, ... }:
let
cfg = config.my.roles.server.nginx;
in
{
let cfg = config.my.roles.server.nginx;
in {
# Don't call from machine setup, services will enable it automatically
options.my.roles.server.nginx.enable = lib.mkEnableOption "Initial nginx setup";
options.my.roles.server.nginx.enable =
lib.mkEnableOption "Initial nginx setup";
config = lib.mkIf (cfg.enable) {
services.nginx = {
enable = true;

View file

@ -1,13 +1,12 @@
{ config, pkgs, lib, ... }:
let
cfg = config.my.roles.torrent;
let cfg = config.my.roles.torrent;
in {
options.my.roles.torrent.enable = lib.mkEnableOption "Enable torrent support.";
options.my.roles.torrent.enable =
lib.mkEnableOption "Enable torrent support.";
# TODO: do something about systems without GUI (i don't use any at the moment)
config = lib.mkIf (cfg.enable) {
environment.systemPackages = with pkgs; [
(transmission.override {enableGTK3 = true;})
];
environment.systemPackages = with pkgs;
[ (transmission.override { enableGTK3 = true; }) ];
};
}

View file

@ -1,15 +1,12 @@
{ pkgs, config, lib, ... }:
let
cfg = config.my.roles.virtualisation;
let cfg = config.my.roles.virtualisation;
in {
options.my.roles.virtualisation.enable = lib.mkEnableOption "Enable tools for virtualisation";
options.my.roles.virtualisation.enable =
lib.mkEnableOption "Enable tools for virtualisation";
config = lib.mkIf (cfg.enable) {
# TODO: Think if I ever need virtualisation
virtualisation.libvirtd.enable = true;
environment.systemPackages = with pkgs; [
qemu_full
qemu-utils
];
environment.systemPackages = with pkgs; [ qemu_full qemu-utils ];
};
}

View file

@ -1,9 +1,9 @@
{ config, lib, ... }:
let
cfg = config.my.roles.yggdrasil-client;
let cfg = config.my.roles.yggdrasil-client;
in {
options.my.roles.yggdrasil-client.enable = lib.mkEnableOption "Enable yggdrasil";
options.my.roles.yggdrasil-client.enable =
lib.mkEnableOption "Enable yggdrasil";
config = lib.mkIf (cfg.enable) {
services.yggdrasil = {
enable = true;

View file

@ -1,9 +1,9 @@
let
canaryHash = builtins.hashFile "sha256" ./secrets/canary;
expectedHash = "bc6f38a927602241c5e0996b61ebd3a90d5356ca76dc968ec14df3cd45c6612c";
in
if canaryHash != expectedHash then abort "Secrets are not readable. Have you run `git-crypt unlock`?"
else {
expectedHash =
"bc6f38a927602241c5e0996b61ebd3a90d5356ca76dc968ec14df3cd45c6612c";
in if canaryHash != expectedHash then
abort "Secrets are not readable. Have you run `git-crypt unlock`?"
else {
hashed-password = builtins.readFile ./secrets/hashed-password;
}
}

View file

@ -1,18 +1,9 @@
{ crossSystem ? "aarch64-unknown-linux-musl" }:
let pkgs = import <nixpkgs> {
crossSystem = {
config = crossSystem;
};
};
in
pkgs.pkgsStatic.callPackage (
{mkShell, pkg-config, zlib, file}:
let pkgs = import <nixpkgs> { crossSystem = { config = crossSystem; }; };
in pkgs.pkgsStatic.callPackage ({ mkShell, pkg-config, zlib, file }:
mkShell {
nativeBuildInputs = [ pkg-config file ];
buildInputs = [ zlib ];
env = {
CROSS_COMPILE = crossSystem;
};
}
) {}
env = { CROSS_COMPILE = crossSystem; };
}) { }