From 28c116337cdbd850d6f48cf92b6773c08bdf9e1f Mon Sep 17 00:00:00 2001 From: Stefan Junker Date: Tue, 7 Feb 2023 18:23:51 +0100 Subject: [PATCH] format and change --- _archive/environments/dev/cross.nix | 3 +- _archive/environments/dev/go/default.nix | 41 +- _archive/environments/dev/go/neovim-go.nix | 23 +- _archive/environments/dev/pandoc.nix | 55 +- _archive/environments/dev/rkt.nix | 10 +- _archive/environments/dev/rust/default.nix | 52 +- _archive/environments/dev/vim-go.nix | 36 +- _archive/environments/dev/vim-pandoc.nix | 32 +- _archive/environments/dev/vim-rust.nix | 77 +-- _archive/environments/fhs/android.nix | 73 ++- _archive/environments/fhs/vscode.nix | 55 +- .../nixos-configuration/common/pkg/neovim.nix | 6 +- .../nixos-configuration/common/pkg/vim.nix | 6 +- .../common/user/steveej.nix | 8 +- default.nix | 7 +- nix/container-images/default.nix | 87 +-- nix/default.nix | 30 +- .../configuration/graphical-fullblown.nix | 524 +++++++++--------- .../configuration/graphical-gnome3.nix | 204 +++---- .../configuration/graphical-removable.nix | 208 +++---- .../configuration/text-minimal.nix | 44 +- nix/home-manager/lib.nix | 15 +- nix/home-manager/profiles/common.nix | 38 +- nix/home-manager/profiles/dotfiles.nix | 10 +- .../profiles/dotfiles/vcsh.tmpl.nix | 72 +-- nix/home-manager/profiles/nix-channels.nix | 45 +- nix/home-manager/profiles/qtile-desktop.nix | 75 +-- nix/home-manager/programs/chromium.nix | 11 +- nix/home-manager/programs/emacs.nix | 16 +- nix/home-manager/programs/firefox.nix | 12 +- .../programs/holochain-launcher.nix | 6 +- nix/home-manager/programs/homeshick.nix | 43 +- nix/home-manager/programs/libreoffice.nix | 6 +- nix/home-manager/programs/neovim.nix | 14 +- nix/home-manager/programs/pass.nix | 12 +- nix/home-manager/programs/podman.nix | 21 +- nix/home-manager/programs/radicale.nix | 20 +- nix/home-manager/programs/vscode/default.nix | 15 +- nix/home-manager/programs/zsh.nix | 49 +- nix/ops/nano/configuration.nix | 11 +- nix/ops/nano/hardware-configuration.nix | 18 +- nix/ops/nanos@kn.nix | 20 +- nix/os/containers/backup-target.nix | 72 ++- nix/os/containers/backup.nix | 51 +- nix/os/containers/ipxe.nix | 29 +- nix/os/containers/mailserver.nix | 34 +- nix/os/containers/syncthing.nix | 20 +- nix/os/containers/webserver.nix | 33 +- nix/os/devices/167.233.1.14/boot.nix | 6 +- nix/os/devices/167.233.1.14/configuration.nix | 6 +- nix/os/devices/167.233.1.14/hw.nix | 14 +- nix/os/devices/167.233.1.14/pkg.nix | 50 +- nix/os/devices/167.233.1.14/system.nix | 39 +- nix/os/devices/167.233.1.14/versions.nix | 1 - nix/os/devices/167.233.1.14/versions.tmpl.nix | 1 - nix/os/devices/default.nix | 61 +- nix/os/devices/disk.nix | 43 +- nix/os/devices/elias-e525/boot.nix | 4 +- nix/os/devices/elias-e525/configuration.nix | 4 +- nix/os/devices/elias-e525/hw.nix | 4 +- nix/os/devices/elias-e525/pkg.nix | 23 +- nix/os/devices/elias-e525/system.nix | 17 +- nix/os/devices/elias-e525/user.nix | 11 +- nix/os/devices/elias-e525/versions.nix | 3 +- nix/os/devices/elias-e525/versions.tmpl.nix | 3 +- nix/os/devices/fwhost1/boot.nix | 4 +- nix/os/devices/fwhost1/configuration.nix | 4 +- nix/os/devices/fwhost1/hw.nix | 5 +- nix/os/devices/fwhost1/pkg.nix | 21 +- nix/os/devices/fwhost1/system.nix | 45 +- nix/os/devices/fwhost1/user.nix | 13 +- nix/os/devices/fwhost1/versions.nix | 3 +- nix/os/devices/fwhost1/versions.tmpl.nix | 3 +- nix/os/devices/fwhost2/boot.nix | 4 +- nix/os/devices/fwhost2/configuration.nix | 4 +- nix/os/devices/fwhost2/hw.nix | 5 +- nix/os/devices/fwhost2/pkg.nix | 21 +- nix/os/devices/fwhost2/system.nix | 46 +- nix/os/devices/fwhost2/user.nix | 11 +- nix/os/devices/fwhost2/versions.nix | 3 +- nix/os/devices/fwhost2/versions.tmpl.nix | 3 +- .../srv0.home-ch.stefanjunker.de/boot.nix | 6 +- .../configuration.nix | 6 +- .../srv0.home-ch.stefanjunker.de/hw.nix | 5 +- .../srv0.home-ch.stefanjunker.de/pkg.nix | 36 +- .../srv0.home-ch.stefanjunker.de/system.nix | 21 +- .../srv0.home-ch.stefanjunker.de/versions.nix | 1 - .../versions.tmpl.nix | 1 - .../steveej-nuc7pjyh-work/configuration.nix | 4 +- nix/os/devices/steveej-nuc7pjyh-work/hw.nix | 4 +- .../devices/steveej-nuc7pjyh-work/system.nix | 10 +- nix/os/devices/steveej-nuc7pjyh-work/user.nix | 33 +- nix/os/devices/steveej-pa600/boot.nix | 4 +- .../devices/steveej-pa600/configuration.nix | 4 +- nix/os/devices/steveej-pa600/hw.nix | 5 +- nix/os/devices/steveej-pa600/pkg.nix | 19 +- nix/os/devices/steveej-pa600/system.nix | 18 +- nix/os/devices/steveej-pa600/user.nix | 11 +- nix/os/devices/steveej-pa600/versions.nix | 3 +- .../devices/steveej-pa600/versions.tmpl.nix | 3 +- .../configuration.nix | 4 +- .../steveej-rmvbl-mmc-SL32G_0x259093f6/hw.nix | 4 +- .../system.nix | 7 +- .../steveej-rmvbl-sdep0/configuration.nix | 12 +- nix/os/devices/steveej-rmvbl-sdep0/hw.nix | 4 +- nix/os/devices/steveej-rmvbl-sdep0/system.nix | 4 +- .../devices/steveej-rmvbl-sdep0/versions.nix | 3 +- nix/os/devices/steveej-t14/boot.nix | 11 +- nix/os/devices/steveej-t14/configuration.nix | 4 +- nix/os/devices/steveej-t14/hw.nix | 5 +- nix/os/devices/steveej-t14/pkg.nix | 19 +- nix/os/devices/steveej-t14/system.nix | 37 +- nix/os/devices/steveej-t14/user.nix | 13 +- nix/os/devices/steveej-t14/versions.nix | 3 +- nix/os/devices/steveej-t14/versions.tmpl.nix | 3 +- .../steveej-t480s-work/configuration.nix | 6 +- nix/os/devices/steveej-t480s-work/hw.nix | 5 +- nix/os/devices/steveej-t480s-work/pkg.nix | 19 +- nix/os/devices/steveej-t480s-work/system.nix | 31 +- nix/os/devices/steveej-t480s-work/user.nix | 13 +- .../devices/steveej-t480s-work/versions.nix | 3 +- .../steveej-t480s-work/versions.tmpl.nix | 3 +- .../steveej-utilitepro/configuration.nix | 372 +++++++------ .../hardware-configuration.nix | 17 +- .../vmd102066.contaboserver.net/boot.nix | 6 +- .../configuration.nix | 6 +- .../vmd102066.contaboserver.net/hw.nix | 5 +- .../vmd102066.contaboserver.net/pkg.nix | 49 +- .../vmd102066.contaboserver.net/system.nix | 36 +- .../vmd102066.contaboserver.net/versions.nix | 1 - .../versions.tmpl.nix | 1 - .../vmd32387.contaboserver.net/boot.nix | 6 +- .../configuration.nix | 6 +- .../devices/vmd32387.contaboserver.net/hw.nix | 5 +- .../vmd32387.contaboserver.net/pkg.nix | 49 +- .../vmd32387.contaboserver.net/system.nix | 36 +- .../vmd32387.contaboserver.net/versions.nix | 1 - .../versions.tmpl.nix | 1 - nix/os/lib/default.nix | 29 +- nix/os/modules/ddclient-ovh.nix | 17 +- nix/os/modules/initrd-network.nix | 31 +- nix/os/modules/natrouter.nix | 8 +- nix/os/modules/opinionatedDisk.nix | 58 +- nix/os/profiles/common/boot.nix | 7 +- nix/os/profiles/common/configuration.nix | 6 +- nix/os/profiles/common/hw.nix | 7 +- nix/os/profiles/common/pkg.nix | 17 +- nix/os/profiles/common/system.nix | 15 +- nix/os/profiles/common/user.nix | 14 +- nix/os/profiles/containers/configuration.nix | 8 +- nix/os/profiles/graphical/boot.nix | 4 +- nix/os/profiles/graphical/configuration.nix | 6 +- nix/os/profiles/graphical/hw.nix | 4 +- nix/os/profiles/graphical/system.nix | 12 +- nix/os/profiles/install-medium/iso/iso.nix | 55 +- nix/os/profiles/podman/configuration.nix | 6 +- nix/os/profiles/removable-medium/boot.nix | 6 +- .../removable-medium/configuration.nix | 4 +- nix/os/profiles/removable-medium/hw.nix | 4 +- nix/os/profiles/removable-medium/pkg.nix | 11 +- nix/os/profiles/removable-medium/system.nix | 12 +- nix/overlays/overrides.nix | 28 +- nix/overlays/pkgs.nix | 14 +- nix/overlays/posh.nix | 9 +- nix/pkgs/browserpass/default.nix | 46 +- nix/pkgs/default.nix | 150 ++--- nix/pkgs/duplicacy/default.nix | 6 +- nix/pkgs/duplicacy/shell.nix | 24 +- nix/pkgs/mfcl3770cdw.nix | 40 +- nix/pkgs/nozbe/default.nix | 105 ++-- nix/pkgs/posh.nix | 98 ++-- nix/pkgs/slirp4netns.nix | 15 +- nix/pkgs/staruml.nix | 122 ++-- nix/sources.nix | 289 ++++++---- nix/tests/buildvmwithbootloader/build-vm.nix | 48 +- .../buildvmwithbootloader/configuration.nix | 29 +- nix/tests/test-vm.nix | 8 +- nix/variables/passwords.crypt.nix | Bin 2266 -> 2234 bytes nix/variables/versions.nix | 15 +- nix/variables/versions.tmpl.nix | 3 +- shell.nix | 98 ++-- 181 files changed, 2748 insertions(+), 2578 deletions(-) diff --git a/_archive/environments/dev/cross.nix b/_archive/environments/dev/cross.nix index 9031875..65e6c09 100644 --- a/_archive/environments/dev/cross.nix +++ b/_archive/environments/dev/cross.nix @@ -45,7 +45,7 @@ import /home/steveej/src/github/NixOS/nixpkgs/default.nix { # # we'll also add one of our own patches # { patch = ./dts.patch; name = "dts-fix"; } # ]; -# +# # # add "CONFIG_PPP_FILTER y" option to the set of kernel options # extraConfig = '' # HAVE_IMX_ANATOP y @@ -87,3 +87,4 @@ import /home/steveej/src/github/NixOS/nixpkgs/default.nix { # }; # }; # }; + diff --git a/_archive/environments/dev/go/default.nix b/_archive/environments/dev/go/default.nix index 19366f6..c92aa9d 100644 --- a/_archive/environments/dev/go/default.nix +++ b/_archive/environments/dev/go/default.nix @@ -1,6 +1,11 @@ -{ gitpkgs ? import /home/steveej/src/github/NixOS/nixpkgs { }, pkgs ? gitpkgs -, name ? "generic", version, extraBuildInputs ? [ ], extraShellHook ? "" }: -let +{ + gitpkgs ? import /home/steveej/src/github/NixOS/nixpkgs {}, + pkgs ? gitpkgs, + name ? "generic", + version, + extraBuildInputs ? [], + extraShellHook ? "", +}: let go = builtins.getAttr "go_${version}" pkgs; commonVimRC = '' let g:tagbar_type_go = { @@ -66,19 +71,19 @@ let # ( import ./vim-go.nix { pkgs=gitpkgs; commonRC=commonVimRC; } ) # ( import ./neovim-go.nix { pkgs=gitpkgs; commonRC=commonVimRC; } ) ]; +in + pkgs.stdenv.mkDerivation { + inherit name; + buildInputs = extraBuildInputs ++ buildInputs; + shellHook = '' + goname=${go.version}_$name + # FIXME: setPS1 $goname + export GOROOT=${go}/share/go + export GOPATH="$HOME/.gopath_$goname" + export PATH="$HOME/.gopath_$goname/bin:$PATH" + unset name + unset SSL_CERT_FILE -in pkgs.stdenv.mkDerivation { - inherit name; - buildInputs = extraBuildInputs ++ buildInputs; - shellHook = '' - goname=${go.version}_$name - # FIXME: setPS1 $goname - export GOROOT=${go}/share/go - export GOPATH="$HOME/.gopath_$goname" - export PATH="$HOME/.gopath_$goname/bin:$PATH" - unset name - unset SSL_CERT_FILE - - ${extraShellHook} - ''; -} + ${extraShellHook} + ''; + } diff --git a/_archive/environments/dev/go/neovim-go.nix b/_archive/environments/dev/go/neovim-go.nix index 771398a..1bbc4dc 100644 --- a/_archive/environments/dev/go/neovim-go.nix +++ b/_archive/environments/dev/go/neovim-go.nix @@ -1,11 +1,12 @@ -{ commonRC, ... }@args: - -(import ../../pkg-configuration/vim-derivates/neovim.nix args // { - additionalRC = commonRC + '' - " deoplete { - let g:deoplete#enable_at_startup = 1 - let g:deoplete#enable_smart_case = 1 - " } - ''; - additionalPlugins = [ "deoplete-go" "deoplete-nvim" "vim-go" ]; -}) +{commonRC, ...} @ args: (import ../../pkg-configuration/vim-derivates/neovim.nix args + // { + additionalRC = + commonRC + + '' + " deoplete { + let g:deoplete#enable_at_startup = 1 + let g:deoplete#enable_smart_case = 1 + " } + ''; + additionalPlugins = ["deoplete-go" "deoplete-nvim" "vim-go"]; + }) diff --git a/_archive/environments/dev/pandoc.nix b/_archive/environments/dev/pandoc.nix index 19e7ecd..fc4a298 100644 --- a/_archive/environments/dev/pandoc.nix +++ b/_archive/environments/dev/pandoc.nix @@ -1,24 +1,31 @@ -{ gitpkgs ? import /home/steveej/src/github/NixOS/nixpkgs { }, pkgs ? gitpkgs -, name ? "generic", version ? "Stable", extraBuildInputs ? [ ] }: -let commonVimRC = ""; -in pkgs.stdenv.mkDerivation { - inherit name; - buildInputs = with pkgs; - [ - (import ./vim-pandoc.nix { - pkgs = gitpkgs; - commonRC = commonVimRC; - }) - pandoc - texlive.combined.scheme-medium - python27Packages.pandocfilters - python27Packages.htmltreediff - python27Packages.html5lib - python27Packages.dbus-python - ] ++ extraBuildInputs; - shellHook = '' - pandocname=pandoc_${pkgs.pandoc.version} - setPS1 $pandocname - unset name - ''; -} +{ + gitpkgs ? import /home/steveej/src/github/NixOS/nixpkgs {}, + pkgs ? gitpkgs, + name ? "generic", + version ? "Stable", + extraBuildInputs ? [], +}: let + commonVimRC = ""; +in + pkgs.stdenv.mkDerivation { + inherit name; + buildInputs = with pkgs; + [ + (import ./vim-pandoc.nix { + pkgs = gitpkgs; + commonRC = commonVimRC; + }) + pandoc + texlive.combined.scheme-medium + python27Packages.pandocfilters + python27Packages.htmltreediff + python27Packages.html5lib + python27Packages.dbus-python + ] + ++ extraBuildInputs; + shellHook = '' + pandocname=pandoc_${pkgs.pandoc.version} + setPS1 $pandocname + unset name + ''; + } diff --git a/_archive/environments/dev/rkt.nix b/_archive/environments/dev/rkt.nix index ddac04d..aa01935 100644 --- a/_archive/environments/dev/rkt.nix +++ b/_archive/environments/dev/rkt.nix @@ -1,6 +1,8 @@ -{ pkgs ? import /home/steveej/src/github/NixOS/nixpkgs { } -, mkGoEnv ? import ./go.nix, rktPath, }: -let +{ + pkgs ? import /home/steveej/src/github/NixOS/nixpkgs {}, + mkGoEnv ? import ./go.nix, + rktPath, +}: let rktBasebuildInputs = with pkgs; [ glibc.out glibc.static @@ -28,7 +30,7 @@ let TARGET=$GOPATH/src/github.com/coreos/rkt if [[ -e ${rktPath}/rkt/rkt.go ]]; then pushd ${rktPath} - else + else echo rktPath must be run the rkt repository clone, but got '${rktPath}' exit 1 fi diff --git a/_archive/environments/dev/rust/default.nix b/_archive/environments/dev/rust/default.nix index c0c8958..11caffa 100644 --- a/_archive/environments/dev/rust/default.nix +++ b/_archive/environments/dev/rust/default.nix @@ -1,29 +1,39 @@ -{ gitpkgs ? import /home/steveej/src/github/NixOS/nixpkgs { }, pkgs ? gitpkgs -, name ? "generic", version ? "Stable", extraBuildInputs ? [ ] }: -let +{ + gitpkgs ? import /home/steveej/src/github/NixOS/nixpkgs {}, + pkgs ? gitpkgs, + name ? "generic", + version ? "Stable", + extraBuildInputs ? [], +}: let rustPackages = builtins.getAttr "rust${version}" pkgs; rustc = rustPackages.rustc; - rustShellHook = { rustc, name }: '' + rustShellHook = { + rustc, + name, + }: '' rustname=rust_${rustc.version}_${name} setPS1 $rustname unset name ''; commonVimRC = ""; -in pkgs.stdenv.mkDerivation { - inherit name; - buildInputs = with rustPackages; - [ - (import ./vim-rust.nix { - pkgs = gitpkgs; - commonRC = commonVimRC; - inherit rustc; - racerd = pkgs.rustracerd; - }) - rustc - cargo - ] ++ [ pkgs.rustfmt ] ++ extraBuildInputs; - shellHook = (rustShellHook) { +in + pkgs.stdenv.mkDerivation { inherit name; - inherit rustc; - }; -} + buildInputs = with rustPackages; + [ + (import ./vim-rust.nix { + pkgs = gitpkgs; + commonRC = commonVimRC; + inherit rustc; + racerd = pkgs.rustracerd; + }) + rustc + cargo + ] + ++ [pkgs.rustfmt] + ++ extraBuildInputs; + shellHook = rustShellHook { + inherit name; + inherit rustc; + }; + } diff --git a/_archive/environments/dev/vim-go.nix b/_archive/environments/dev/vim-go.nix index e93bdf5..6eacc45 100644 --- a/_archive/environments/dev/vim-go.nix +++ b/_archive/environments/dev/vim-go.nix @@ -1,17 +1,19 @@ -{ commonRC, ... }@args: - -import ../../pkg-configuration/vim-derivates/vim.nix (args // { - name = "vim-for-go"; - additionalRC = commonRC + '' - " Disable AutoComplPop. - let g:acp_enableAtStartup = 0 - " Use neocomplete. - let g:neocomplete#enable_at_startup = 1 - " Use smartcase. - let g:neocomplete#enable_smart_case = 1 - if !exists('g:neocomplete#sources#omni#input_patterns') - let g:neocomplete#sources#omni#input_patterns = {} - endif - ''; - additionalPlugins = [ "neocomplete" "vim-go" ]; -}) +{commonRC, ...} @ args: +import ../../pkg-configuration/vim-derivates/vim.nix (args + // { + name = "vim-for-go"; + additionalRC = + commonRC + + '' + " Disable AutoComplPop. + let g:acp_enableAtStartup = 0 + " Use neocomplete. + let g:neocomplete#enable_at_startup = 1 + " Use smartcase. + let g:neocomplete#enable_smart_case = 1 + if !exists('g:neocomplete#sources#omni#input_patterns') + let g:neocomplete#sources#omni#input_patterns = {} + endif + ''; + additionalPlugins = ["neocomplete" "vim-go"]; + }) diff --git a/_archive/environments/dev/vim-pandoc.nix b/_archive/environments/dev/vim-pandoc.nix index ad9b782..7fc03f2 100644 --- a/_archive/environments/dev/vim-pandoc.nix +++ b/_archive/environments/dev/vim-pandoc.nix @@ -1,16 +1,18 @@ -{ commonRC, ... }@args: +{commonRC, ...} @ args: +import ../../pkg-configuration/vim-derivates/vim.nix (args + // { + name = "vim-for-pandoc"; + additionalRC = + commonRC + + '' + set statusline+=%#warningmsg# + set statusline+=%{SyntasticStatuslineFlag()} + set statusline+=%* -import ../../pkg-configuration/vim-derivates/vim.nix (args // { - name = "vim-for-pandoc"; - additionalRC = commonRC + '' - set statusline+=%#warningmsg# - set statusline+=%{SyntasticStatuslineFlag()} - set statusline+=%* - - let g:syntastic_always_populate_loc_list = 1 - let g:syntastic_auto_loc_list = 1 - let g:syntastic_check_on_open = 1 - let g:syntastic_check_on_wq = 0 - ''; - additionalPlugins = [ "vim-pandoc" "vim-pandoc-syntax" "vimpreviewpandoc" ]; -}) + let g:syntastic_always_populate_loc_list = 1 + let g:syntastic_auto_loc_list = 1 + let g:syntastic_check_on_open = 1 + let g:syntastic_check_on_wq = 0 + ''; + additionalPlugins = ["vim-pandoc" "vim-pandoc-syntax" "vimpreviewpandoc"]; + }) diff --git a/_archive/environments/dev/vim-rust.nix b/_archive/environments/dev/vim-rust.nix index 233c95a..56e3c7d 100644 --- a/_archive/environments/dev/vim-rust.nix +++ b/_archive/environments/dev/vim-rust.nix @@ -1,41 +1,48 @@ -{ commonRC, rustc, racerd, ... }@args: +{ + commonRC, + rustc, + racerd, + ... +} @ args: +import ../../pkg-configuration/vim-derivates/vim.nix (args + // { + name = "vim-for-rust"; + additionalRC = + commonRC + + '' + set statusline+=%#warningmsg# + set statusline+=%{SyntasticStatuslineFlag()} + set statusline+=%* -import ../../pkg-configuration/vim-derivates/vim.nix (args // { - name = "vim-for-rust"; - additionalRC = commonRC + '' - set statusline+=%#warningmsg# - set statusline+=%{SyntasticStatuslineFlag()} - set statusline+=%* + let g:syntastic_always_populate_loc_list = 1 + let g:syntastic_auto_loc_list = 1 + let g:syntastic_check_on_open = 1 + let g:syntastic_check_on_wq = 0 - let g:syntastic_always_populate_loc_list = 1 - let g:syntastic_auto_loc_list = 1 - let g:syntastic_check_on_open = 1 - let g:syntastic_check_on_wq = 0 + " tagbar + let g:tagbar_type_rust = { + \ 'ctagstype' : 'rust', + \ 'kinds' : [ + \'T:types,type definitions', + \'f:functions,function definitions', + \'g:enum,enumeration names', + \'s:structure names', + \'m:modules,module names', + \'c:consts,static constants', + \'t:traits,traits', + \'i:impls,trait implementations', + \] + \} - " tagbar - let g:tagbar_type_rust = { - \ 'ctagstype' : 'rust', - \ 'kinds' : [ - \'T:types,type definitions', - \'f:functions,function definitions', - \'g:enum,enumeration names', - \'s:structure names', - \'m:modules,module names', - \'c:consts,static constants', - \'t:traits,traits', - \'i:impls,trait implementations', - \] - \} + let g:syntastic_rust_checkers = ["rustc"] - let g:syntastic_rust_checkers = ["rustc"] + "rustfmt + let g:rustfmt_autosave = 1 - "rustfmt - let g:rustfmt_autosave = 1 + let g:ycm_auto_trigger = 1 + let g:ycm_rust_src_path = '${rustc.src}/src' + let g:ycm_racerd_binary_path = '${racerd.out}/bin/racerd' - let g:ycm_auto_trigger = 1 - let g:ycm_rust_src_path = '${rustc.src}/src' - let g:ycm_racerd_binary_path = '${racerd.out}/bin/racerd' - - ''; - additionalPlugins = [ "rust-vim" ]; -}) + ''; + additionalPlugins = ["rust-vim"]; + }) diff --git a/_archive/environments/fhs/android.nix b/_archive/environments/fhs/android.nix index 3ff6787..074469e 100644 --- a/_archive/environments/fhs/android.nix +++ b/_archive/environments/fhs/android.nix @@ -1,43 +1,42 @@ -{ pkgs ? import { } }: - +{pkgs ? import {}}: (pkgs.buildFHSUserEnv { name = "devfhs"; - multiPkgs = pkgs: - (with pkgs; [ - android-udev-rules - sudo - gawk - bzip2 - file - gcc - getopt - git - gnumake - ncurses - openssl - patch - perl - pkgconfig - python - openssh - subversion - unzip - wget - which - vim - zlib - libusb - libusb1 - systemd - strace - swt - xorg.libXtst - glib - gtk2 - gnome.gtk - ]); + multiPkgs = pkgs: (with pkgs; [ + android-udev-rules + sudo + gawk + bzip2 + file + gcc + getopt + git + gnumake + ncurses + openssl + patch + perl + pkgconfig + python + openssh + subversion + unzip + wget + which + vim + zlib + libusb + libusb1 + systemd + strace + swt + xorg.libXtst + glib + gtk2 + gnome.gtk + ]); profile = '' export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/lib:/lib64:/lib32:/usr/lib32:/usr/lib64:${pkgs.xorg.libXtst}/lib:${pkgs.glib}/lib:${pkgs.gtk2}/lib ''; runScript = "bash"; -}).env +}) +.env diff --git a/_archive/environments/fhs/vscode.nix b/_archive/environments/fhs/vscode.nix index 23a39e2..da08700 100644 --- a/_archive/environments/fhs/vscode.nix +++ b/_archive/environments/fhs/vscode.nix @@ -1,37 +1,36 @@ -{ pkgs ? import { } }: - +{pkgs ? import {}}: (pkgs.buildFHSUserEnv { name = "everydayFHS"; - targetPkgs = pkgs: - (with pkgs; [ - which - gitFull - zsh - file - direnv + targetPkgs = pkgs: (with pkgs; [ + which + gitFull + zsh + file + direnv - xdg_utils - xsel + xdg_utils + xsel - vscode + vscode - # vscode live share - gnome3.gcr - libgnome_keyring3 - liburcu - libunwind - lttng-ust - curl - openssl - libkrb5 - libuuid - icu - zlib - libsecret - ]); - multiPkgs = pkgs: (with pkgs; [ ]); + # vscode live share + gnome3.gcr + libgnome_keyring3 + liburcu + libunwind + lttng-ust + curl + openssl + libkrb5 + libuuid + icu + zlib + libsecret + ]); + multiPkgs = pkgs: (with pkgs; []); profile = '' export SHELL=/bin/zsh ''; # FIXME runScript = "$SHELL"; -}).env +}) +.env diff --git a/_archive/nixos-configuration/common/pkg/neovim.nix b/_archive/nixos-configuration/common/pkg/neovim.nix index 8852392..a6d50b8 100644 --- a/_archive/nixos-configuration/common/pkg/neovim.nix +++ b/_archive/nixos-configuration/common/pkg/neovim.nix @@ -1,6 +1,8 @@ -{ config, pkgs, ... }@args: - { + config, + pkgs, + ... +} @ args: { environment.systemPackages = [ pkgs.xsel (import ../../../pkg-configuration/vim-derivates/neovim.nix args) diff --git a/_archive/nixos-configuration/common/pkg/vim.nix b/_archive/nixos-configuration/common/pkg/vim.nix index ee76e6d..79a3384 100644 --- a/_archive/nixos-configuration/common/pkg/vim.nix +++ b/_archive/nixos-configuration/common/pkg/vim.nix @@ -1,9 +1,7 @@ -{ pkgs, ... }@args: - -{ +{pkgs, ...} @ args: { environment.systemPackages = [ pkgs.xsel (import ../../../pkg-configuration/vim-derivates/vim.nix - (args // { name = "vim"; })) + (args // {name = "vim";})) ]; } diff --git a/_archive/nixos-configuration/common/user/steveej.nix b/_archive/nixos-configuration/common/user/steveej.nix index b3e68cd..9cd4c3e 100644 --- a/_archive/nixos-configuration/common/user/steveej.nix +++ b/_archive/nixos-configuration/common/user/steveej.nix @@ -1,6 +1,8 @@ -{ config, pkgs, ... }: - -let +{ + config, + pkgs, + ... +}: let passwords = import ../passwords.crypt.nix; keys = import ../keys.nix; inherit (import ../lib) mkUser; diff --git a/default.nix b/default.nix index bc8ccf6..e386421 100644 --- a/default.nix +++ b/default.nix @@ -4,10 +4,7 @@ # Having pkgs default to is fine though, and it lets you use short # commands such as: # nix-build -A mypackage - -{ pkgs ? import { } }: - -{ +{pkgs ? import {}}: { overlays = import ./nix/overlays; - pkgs = import ./nix/pkgs { inherit pkgs; }; + pkgs = import ./nix/pkgs {inherit pkgs;}; } diff --git a/nix/container-images/default.nix b/nix/container-images/default.nix index 691c0ce..7dcab2a 100644 --- a/nix/container-images/default.nix +++ b/nix/container-images/default.nix @@ -1,9 +1,6 @@ -{ pkgs ? import { } }: - -let baseEnv = [ "SSL_CERT_FILE=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt" ]; - +{pkgs ? import {}}: let + baseEnv = ["SSL_CERT_FILE=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"]; in rec { - base = pkgs.dockerTools.buildImage rec { name = "base"; @@ -24,9 +21,9 @@ in rec { interactive_base = pkgs.dockerTools.buildImage { name = "interactive_base"; fromImage = base; - contents = with pkgs; [ procps zsh coreutils neovim ]; + contents = with pkgs; [procps zsh coreutils neovim]; - config = { Cmd = [ "/bin/zsh" ]; }; + config = {Cmd = ["/bin/zsh"];}; }; s3ql = let @@ -50,7 +47,7 @@ in rec { set -x - if [ "$S3QL_SKIP_FSCK" != "1" ]; then + if [ "$S3QL_SKIP_FSCK" != "1" ]; then fsck.s3ql \ --authfile $S3QL_AUTHINFO2 \ --log none \ @@ -70,37 +67,40 @@ in rec { "$S3QL_STORAGE_URL" \ /bucket - # FIXME: touch .isbucket after mount + # FIXME: touch .isbucket after mount ''; - in pkgs.dockerTools.buildImage { - name = "s3ql"; - fromImage = interactive_base; - contents = [ pkgs.s3ql pkgs.fuse ]; + in + pkgs.dockerTools.buildImage { + name = "s3ql"; + fromImage = interactive_base; + contents = [pkgs.s3ql pkgs.fuse]; - runAsRoot = '' - #!${pkgs.stdenv.shell} - mkdir -p /usr/bin - cp -a ${pkgs.fuse}/bin/fusermount /usr/bin - chmod +s /usr/bin/fusermount - echo user_allow_other >> /etc/fuse.conf - ''; + runAsRoot = '' + #!${pkgs.stdenv.shell} + mkdir -p /usr/bin + cp -a ${pkgs.fuse}/bin/fusermount /usr/bin + chmod +s /usr/bin/fusermount + echo user_allow_other >> /etc/fuse.conf + ''; - config = { - Env = baseEnv ++ [ - "HOME=/home/s3ql" - "S3QL_CACHE_DIR=/var/cache/s3ql" - "S3QL_AUTHINFO2=/etc/s3ql/authinfo2" - "CONTAINER_ENTRYPOINT=${entrypoint}" - ]; - Cmd = [ entrypoint ]; - Volumes = { - "/var/cache/s3ql" = { }; - "/etc/s3ql/authinfo2" = { }; - "/buckets" = { }; - "/tmp" = { }; + config = { + Env = + baseEnv + ++ [ + "HOME=/home/s3ql" + "S3QL_CACHE_DIR=/var/cache/s3ql" + "S3QL_AUTHINFO2=/etc/s3ql/authinfo2" + "CONTAINER_ENTRYPOINT=${entrypoint}" + ]; + Cmd = [entrypoint]; + Volumes = { + "/var/cache/s3ql" = {}; + "/etc/s3ql/authinfo2" = {}; + "/buckets" = {}; + "/tmp" = {}; + }; }; }; - }; syncthing = let entrypoint = pkgs.writeScript "entrypoint" '' @@ -125,15 +125,16 @@ in rec { -gui-address=$SYNCTHING_GUI_ADDRESS \ -no-browser ''; - in pkgs.dockerTools.buildImage { - name = "syncthing"; - fromImage = interactive_base; - contents = pkgs.syncthing; + in + pkgs.dockerTools.buildImage { + name = "syncthing"; + fromImage = interactive_base; + contents = pkgs.syncthing; - config = { - Env = baseEnv ++ [ "SYNCTHING_HOME=/home/syncthing" ]; - Cmd = [ entrypoint ]; - Volumes = { "/data" = { }; }; + config = { + Env = baseEnv ++ ["SYNCTHING_HOME=/home/syncthing"]; + Cmd = [entrypoint]; + Volumes = {"/data" = {};}; + }; }; - }; } diff --git a/nix/default.nix b/nix/default.nix index 6aab683..888a4e9 100644 --- a/nix/default.nix +++ b/nix/default.nix @@ -1,23 +1,25 @@ -{ versionsPath }: - -let - channelVersions = (import versionsPath); - mkChannelSource = name: - let channelVersion = builtins.getAttr name channelVersions; - in builtins.fetchGit { +{versionsPath}: let + channelVersions = import versionsPath; + mkChannelSource = name: let + channelVersion = builtins.getAttr name channelVersions; + in + builtins.fetchGit { # Descriptive name to make the store path easier to identify inherit name; inherit (channelVersion) url ref rev; }; - nixPath = builtins.concatStringsSep ":" (builtins.map (elemName: - let + nixPath = builtins.concatStringsSep ":" (builtins.map + (elemName: let elem = builtins.getAttr elemName channelVersions; - elemPath = (mkChannelSource elemName); - suffix = if builtins.hasAttr "suffix" elem then elem.suffix else ""; - in builtins.concatStringsSep "=" [ elemName elemPath ] + suffix) + elemPath = mkChannelSource elemName; + suffix = + if builtins.hasAttr "suffix" elem + then elem.suffix + else ""; + in + builtins.concatStringsSep "=" [elemName elemPath] + suffix) (builtins.attrNames channelVersions)); - pkgs = import (mkChannelSource "nixpkgs") { }; - + pkgs = import (mkChannelSource "nixpkgs") {}; in { inherit nixPath; channelSources = pkgs.writeText "channels.rc" '' diff --git a/nix/home-manager/configuration/graphical-fullblown.nix b/nix/home-manager/configuration/graphical-fullblown.nix index e7c515e..ce84d9b 100644 --- a/nix/home-manager/configuration/graphical-fullblown.nix +++ b/nix/home-manager/configuration/graphical-fullblown.nix @@ -1,289 +1,305 @@ -{ pkgs }: +{pkgs}: let + zshCurried = import ../programs/zsh.nix {inherit pkgs;}; +in + { + pkgs, + config, + ... + }: let + # gitpkgs = import /home/steveej/src/github/NixOS/nixpkgs {}; + unstablepkgs = + import {config = config.nixpkgs.config;}; + masterpkgs = import {config = config.nixpkgs.config;}; + in { + imports = [ + ../profiles/common.nix + ../profiles/qtile-desktop.nix + ../profiles/dotfiles.nix + ../programs/firefox.nix + ../programs/chromium.nix + # FIXME: fix homeshick when no WAN connection is available + # ../programs/homeshick.nix + ../programs/libreoffice.nix + ../programs/neovim.nix + ../programs/pass.nix + zshCurried + ../programs/podman.nix + ../programs/vscode + ../programs/holochain-launcher.nix + ../programs/radicale.nix + ]; -let zshCurried = import ../programs/zsh.nix { inherit pkgs; }; + nixpkgs.config = { + pidgin = { + openssl = true; + gnutls = true; + }; -in { pkgs, config, ... }: - -let - # gitpkgs = import /home/steveej/src/github/NixOS/nixpkgs {}; - unstablepkgs = - import { config = config.nixpkgs.config; }; - masterpkgs = import { config = config.nixpkgs.config; }; - -in { - imports = [ - ../profiles/common.nix - ../profiles/qtile-desktop.nix - ../profiles/dotfiles.nix - ../programs/firefox.nix - ../programs/chromium.nix - # FIXME: fix homeshick when no WAN connection is available - # ../programs/homeshick.nix - ../programs/libreoffice.nix - ../programs/neovim.nix - ../programs/pass.nix - zshCurried - ../programs/podman.nix - ../programs/vscode - ../programs/holochain-launcher.nix - ../programs/radicale.nix - ]; - - nixpkgs.config = { - pidgin = { - openssl = true; - gnutls = true; + packageOverrides = pkgs: with pkgs; {}; }; - packageOverrides = pkgs: with pkgs; { }; - }; + home.sessionVariables = { + # TODO: find a way to prevent using a store path for the current file + # HM_CONFIG_PATH=builtins.toString "${./.}"; + HM_CONFIG = "graphical-fullblown"; - home.sessionVariables = { - # TODO: find a way to prevent using a store path for the current file - # HM_CONFIG_PATH=builtins.toString "${./.}"; - HM_CONFIG = "graphical-fullblown"; + GOPATH = "$HOME/src/go"; - GOPATH = "$HOME/src/go"; + PATH = pkgs.lib.concatStringsSep ":" ["$HOME/.local/bin" "$PATH"]; + }; - PATH = pkgs.lib.concatStringsSep ":" [ "$HOME/.local/bin" "$PATH" ]; - }; + home.packages = + [] + ++ (with pkgs; [ + # Authentication + cacert + fprintd + openssl + mkpasswd - home.packages = [ ] ++ (with pkgs; [ - # Authentication - cacert - fprintd - openssl - mkpasswd + # Nix package related tools + patchelf + nix-index + nox + nix-prefetch-scripts + nix-prefetch-github - # Nix package related tools - patchelf - nix-index - nox - nix-prefetch-scripts - nix-prefetch-github + # Version Control Systems + pijul + gitless + gitRepo + git-lfs - # Version Control Systems - pijul - gitless - gitRepo - git-lfs + # Process/System Administration + htop + gnome.gnome-tweaks + xorg.xhost + dmidecode + evtest - # Process/System Administration - htop - gnome.gnome-tweaks - xorg.xhost - dmidecode - evtest + # Archive Managers + sshfs-fuse + xarchive + p7zip + zip + unzip + gzip + lzop - # Archive Managers - sshfs-fuse - xarchive - p7zip - zip - unzip - gzip - lzop + # Password Management + gnupg + yubikey-manager + yubikey-manager-qt + yubikey-personalization + yubikey-personalization-gui + gnome.gnome-keyring + gnome.seahorse - # Password Management - gnupg - yubikey-manager - yubikey-manager-qt - yubikey-personalization - yubikey-personalization-gui - gnome.gnome-keyring - gnome.seahorse + # Language Support + hunspellDicts.en-us + hunspellDicts.de-de - # Language Support - hunspellDicts.en-us - hunspellDicts.de-de + # Messaging/Communication + signal-desktop + pidgin + hexchat + aspellDicts.en + aspellDicts.de + skypeforlinux + unstablepkgs.jitsi-meet-electron + zoom-us + thunderbird + evolution # gnome4.glib_networking + masterpkgs.kotatogram-desktop + gnome.cheese + masterpkgs.discord - # Messaging/Communication - signal-desktop - pidgin - hexchat - aspellDicts.en - aspellDicts.de - skypeforlinux - unstablepkgs.jitsi-meet-electron - unstablepkgs.zoom-us - thunderbird - evolution # gnome4.glib_networking - masterpkgs.kotatogram-desktop - gnome.cheese - masterpkgs.discord + # Virtualization + virtmanager + # (pkgs.lib.hiPrio qemu) + # virtualbox + # vagrant + # docker_compose + # unstablepkgs.kubernetes + # unstablepkgs.minikube + # unstablepkgs.openshift + # (unstablepkgs.minikube.overrideAttrs (oldAttrs: { + # patches = oldAttrs.patches ++ [ + # (builtins.fetchurl { url ="https://patch-diff.githubusercontent.com/raw/kubernetes/minikube/pull/2517.diff"; }) + # ]; + # })) + appimage-run - # Virtualization - virtmanager - # (pkgs.lib.hiPrio qemu) - # virtualbox - # vagrant - # docker_compose - # unstablepkgs.kubernetes - # unstablepkgs.minikube - # unstablepkgs.openshift - # (unstablepkgs.minikube.overrideAttrs (oldAttrs: { - # patches = oldAttrs.patches ++ [ - # (builtins.fetchurl { url ="https://patch-diff.githubusercontent.com/raw/kubernetes/minikube/pull/2517.diff"; }) - # ]; - # })) - appimage-run + # Remote Control Tools + remmina + freerdp + teamviewer + rustdesk - # Remote Control Tools - remmina - freerdp - teamviewer - rustdesk + # Audio/Video Players + ffmpeg + vlc + audacity + spotify + youtube-dl-light + libwebcam - # Audio/Video Players - ffmpeg - vlc - audacity - spotify - youtube-dl-light - libwebcam + # Network Tools + openvpn + tcpdump + iftop + iperf + bind + socat + # 2019-03-05: broken on 19.03 linssid + iptraf-ng + ipmitool - # Network Tools - openvpn - tcpdump - iftop - iperf - bind - socat - # 2019-03-05: broken on 19.03 linssid - iptraf-ng - ipmitool + # samba + iptables + nftables + wireshark - # samba - iptables - nftables - wireshark + # Code Editors + # unstablepkgs.atom + xclip + xsel - # Code Editors - # unstablepkgs.atom - xclip - xsel + # Image/Graphic/Design Tools + gnome.eog + gimp + imagemagick + exiv2 + graphviz + inkscape + # barcode + qrencode + zbar + feh + # digikam - # Image/Graphic/Design Tools - gnome.eog - gimp - imagemagick - exiv2 - graphviz - inkscape - # barcode - qrencode - zbar - feh - # digikam + # Modelling Tools + # plantuml + # umlet + # staruml + # eclipses.eclipse-modeling + # dia + # astah-community - # Modelling Tools - # plantuml - # umlet - # staruml - # eclipses.eclipse-modeling - # dia - # astah-community + # Misc Development Tools + qrcode + # travis + jq + # prometheus + cdrtools - # Misc Development Tools - qrcode - # travis - jq - # prometheus - cdrtools + # Document Processing and Management + # zathura + mendeley + # zotero + pandoc + unstablepkgs.logseq - # Document Processing and Management - # zathura - mendeley - # zotero - pandoc - unstablepkgs.logseq + # has an EOL version of electron + # obsidian - # has an EOL version of electron - # obsidian + # LaTeX + perlPackages.YAMLTiny + perlPackages.FileHomeDir + perlPackages.UnicodeLineBreak + (texlive.combine { + inherit + (texlive) + scheme-small + texlive-de + texlive-en + texlive-scripts + collection-langgerman + latexindent + latexmk + algorithms + cm-super + preprint + enumitem + draftwatermark + everypage + ulem + placeins + minted + ifplatform + fvextra + xstring + framed + ; + }) - # LaTeX - perlPackages.YAMLTiny - perlPackages.FileHomeDir - perlPackages.UnicodeLineBreak - (texlive.combine { - inherit (texlive) - scheme-small texlive-de texlive-en texlive-scripts collection-langgerman + pdftk + # broken as of 2021-04-24 + # masterpdfeditor - latexindent latexmk + # File Synchronzation + # seafile-client + # grive2 + dropbox + rsync - algorithms cm-super + # Filesystem Tools + ntfs3g + ddrescue + ncdu + woeusb + unetbootin + pcmanfm + hdparm + testdisk + binwalk + gptfdisk + gparted + smartmontools - preprint enumitem draftwatermark everypage ulem placeins minted - ifplatform fvextra xstring framed; - }) + ## Android + androidenv.androidPkgs_9_0.platform-tools - pdftk - # broken as of 2021-04-24 - # masterpdfeditor + ## Python + myPython - # File Synchronzation - # seafile-client - # grive2 - dropbox - rsync + # Code generators + # unstablepkgs.swagger-codegen - # Filesystem Tools - ntfs3g - ddrescue - ncdu - woeusb - unetbootin - pcmanfm - hdparm - testdisk - binwalk - gptfdisk - gparted - smartmontools + # Misc Desktop Tools + # TODO: this may be required if brightness control isn't working + # brightnessctl + ltunify + # solaar # TODO: conflicts with solar over udev rules + dex + # kitty + busyboxStatic + xorg.xbacklight + coreutils + lsof + x11_ssh_askpass + xdotool + xdg_utils + xdg-user-dirs + dconf + picocom + glib.dev # contains gdbus tool + alacritty + unstablepkgs.wally-cli + man-pages - ## Android - androidenv.androidPkgs_9_0.platform-tools + # Screen recording + # gtk-recordmydesktop # can't select the window + # qt-recordmydesktop + # vokoscreen + # shutter + # kazam # doesn't start + # xvidcap # doesn't keep the recording rectangle + obs-studio + screenkey + # shotcut + # openshot-qt - ## Python - myPython - - # Code generators - # unstablepkgs.swagger-codegen - - # Misc Desktop Tools - # TODO: this may be required if brightness control isn't working - # brightnessctl - ltunify - # solaar # TODO: conflicts with solar over udev rules - dex - # kitty - busyboxStatic - xorg.xbacklight - coreutils - lsof - x11_ssh_askpass - xdotool - xdg_utils - xdg-user-dirs - dconf - picocom - glib.dev # contains gdbus tool - alacritty - unstablepkgs.wally-cli - man-pages - - # Screen recording - # gtk-recordmydesktop # can't select the window - # qt-recordmydesktop - # vokoscreen - # shutter - # kazam # doesn't start - # xvidcap # doesn't keep the recording rectangle - obs-studio - screenkey - # shotcut - # openshot-qt - - unstablepkgs.ledger-live-desktop - ]); -} + unstablepkgs.ledger-live-desktop + ]); + } diff --git a/nix/home-manager/configuration/graphical-gnome3.nix b/nix/home-manager/configuration/graphical-gnome3.nix index 1d36934..2bc669f 100644 --- a/nix/home-manager/configuration/graphical-gnome3.nix +++ b/nix/home-manager/configuration/graphical-gnome3.nix @@ -1,122 +1,124 @@ -{ pkgs }: +{pkgs}: let + zshCurried = import ../programs/zsh.nix {inherit pkgs;}; +in + { + pkgs, + config, + ... + }: let + unstablepkgs = + import {config = config.nixpkgs.config;}; + in { + imports = [ + ../profiles/common.nix + ../programs/firefox.nix + # ../programs/chromium.nix + # FIXME: fix homeshick when no WAN connection is available + # ../programs/homeshick.nix + ../programs/libreoffice.nix + ../programs/neovim.nix + ../programs/pass.nix + zshCurried + ]; -let zshCurried = import ../programs/zsh.nix { inherit pkgs; }; + nixpkgs.config = { + pidgin = { + openssl = true; + gnutls = true; + }; -in { pkgs, config, ... }: - -let - unstablepkgs = - import { config = config.nixpkgs.config; }; - -in { - imports = [ - ../profiles/common.nix - ../programs/firefox.nix - # ../programs/chromium.nix - # FIXME: fix homeshick when no WAN connection is available - # ../programs/homeshick.nix - ../programs/libreoffice.nix - ../programs/neovim.nix - ../programs/pass.nix - zshCurried - ]; - - nixpkgs.config = { - pidgin = { - openssl = true; - gnutls = true; + packageOverrides = pkgs: with pkgs; {}; }; - packageOverrides = pkgs: with pkgs; { }; - }; + home.sessionVariables = {}; - home.sessionVariables = { }; + home.packages = + [] + ++ (with pkgs; [ + # Nix package related tools + patchelf + nix-index + nix-prefetch-scripts - home.packages = [ ] ++ (with pkgs; [ - # Nix package related tools - patchelf - nix-index - nix-prefetch-scripts + # Version Control Systems + gitless - # Version Control Systems - gitless + # Process/System Administration + htop + gnome.gnome-tweaks + xorg.xhost + dmidecode + evtest - # Process/System Administration - htop - gnome.gnome-tweaks - xorg.xhost - dmidecode - evtest + # Archive Managers + sshfs-fuse + xarchive + p7zip + zip + unzip + gzip + lzop - # Archive Managers - sshfs-fuse - xarchive - p7zip - zip - unzip - gzip - lzop + # Password Management + gnome.gnome-keyring + gnome.seahorse - # Password Management - gnome.gnome-keyring - gnome.seahorse + # Remote Control Tools + remmina + freerdp - # Remote Control Tools - remmina - freerdp + # Network Tools + openvpn + tcpdump + iftop + iperf + bind + socat - # Network Tools - openvpn - tcpdump - iftop - iperf - bind - socat + # samba + iptables + nftables + wireshark - # samba - iptables - nftables - wireshark + # Code Editors + xclip + xsel + unstablepkgs.vscode - # Code Editors - xclip - xsel - unstablepkgs.vscode + # Image/Graphic/Design Tools + gnome.eog + gimp + inkscape - # Image/Graphic/Design Tools - gnome.eog - gimp - inkscape + # Misc Development Tools + qrcode + jq + cdrtools - # Misc Development Tools - qrcode - jq - cdrtools + # Document Processing and Management + zathura - # Document Processing and Management - zathura + # File Synchronzation + rsync - # File Synchronzation - rsync + # Filesystem Tools + ntfs3g + ddrescue + ncdu + unstablepkgs.woeusb + unetbootin + pcmanfm + hdparm + testdisk + python38Packages.binwalk + gptfdisk - # Filesystem Tools - ntfs3g - ddrescue - ncdu - unstablepkgs.woeusb - unetbootin - pcmanfm - hdparm - testdisk - python38Packages.binwalk - gptfdisk + ## Python + myPython - ## Python - myPython + busyboxStatic - busyboxStatic - - # Virtualization - virtmanager - ]); -} + # Virtualization + virtmanager + ]); + } diff --git a/nix/home-manager/configuration/graphical-removable.nix b/nix/home-manager/configuration/graphical-removable.nix index b1a7a4a..dea1f8d 100644 --- a/nix/home-manager/configuration/graphical-removable.nix +++ b/nix/home-manager/configuration/graphical-removable.nix @@ -1,124 +1,126 @@ -{ pkgs }: +{pkgs}: let + zshCurried = import ../programs/zsh.nix {inherit pkgs;}; +in + { + pkgs, + config, + ... + }: let + unstablepkgs = + import {config = config.nixpkgs.config;}; + in { + imports = [ + ../profiles/common.nix + ../profiles/qtile-desktop.nix + ../profiles/dotfiles.nix + ../programs/firefox.nix + ../programs/chromium.nix + # FIXME: fix homeshick when no WAN connection is available + # ../programs/homeshick.nix + ../programs/libreoffice.nix + ../programs/neovim.nix + ../programs/pass.nix + zshCurried + ]; -let zshCurried = import ../programs/zsh.nix { inherit pkgs; }; + nixpkgs.config = { + pidgin = { + openssl = true; + gnutls = true; + }; -in { pkgs, config, ... }: - -let - unstablepkgs = - import { config = config.nixpkgs.config; }; - -in { - imports = [ - ../profiles/common.nix - ../profiles/qtile-desktop.nix - ../profiles/dotfiles.nix - ../programs/firefox.nix - ../programs/chromium.nix - # FIXME: fix homeshick when no WAN connection is available - # ../programs/homeshick.nix - ../programs/libreoffice.nix - ../programs/neovim.nix - ../programs/pass.nix - zshCurried - ]; - - nixpkgs.config = { - pidgin = { - openssl = true; - gnutls = true; + packageOverrides = pkgs: with pkgs; {}; }; - packageOverrides = pkgs: with pkgs; { }; - }; + home.sessionVariables = {}; - home.sessionVariables = { }; + home.packages = + [] + ++ (with pkgs; [ + # Nix package related tools + patchelf + nix-index + nix-prefetch-scripts - home.packages = [ ] ++ (with pkgs; [ - # Nix package related tools - patchelf - nix-index - nix-prefetch-scripts + # Version Control Systems + gitless - # Version Control Systems - gitless + # Process/System Administration + htop + gnome.gnome-tweaks + xorg.xhost + dmidecode + evtest - # Process/System Administration - htop - gnome.gnome-tweaks - xorg.xhost - dmidecode - evtest + # Archive Managers + sshfs-fuse + xarchive + p7zip + zip + unzip + gzip + lzop - # Archive Managers - sshfs-fuse - xarchive - p7zip - zip - unzip - gzip - lzop + # Password Management + gnome.gnome-keyring + gnome.seahorse - # Password Management - gnome.gnome-keyring - gnome.seahorse + # Remote Control Tools + remmina + freerdp - # Remote Control Tools - remmina - freerdp + # Network Tools + openvpn + tcpdump + iftop + iperf + bind + socat - # Network Tools - openvpn - tcpdump - iftop - iperf - bind - socat + # samba + iptables + nftables + wireshark - # samba - iptables - nftables - wireshark + # Code Editors + xclip + xsel + unstablepkgs.vscode - # Code Editors - xclip - xsel - unstablepkgs.vscode + # Image/Graphic/Design Tools + gnome.eog + gimp + inkscape - # Image/Graphic/Design Tools - gnome.eog - gimp - inkscape + # Misc Development Tools + qrcode + jq + cdrtools - # Misc Development Tools - qrcode - jq - cdrtools + # Document Processing and Management + zathura - # Document Processing and Management - zathura + # File Synchronzation + rsync - # File Synchronzation - rsync + # Filesystem Tools + ntfs3g + ddrescue + ncdu + unstablepkgs.woeusb + unetbootin + pcmanfm + hdparm + testdisk + binwalk + gptfdisk - # Filesystem Tools - ntfs3g - ddrescue - ncdu - unstablepkgs.woeusb - unetbootin - pcmanfm - hdparm - testdisk - binwalk - gptfdisk + ## Python + myPython - ## Python - myPython + busyboxStatic - busyboxStatic - - # Virtualization - virtmanager - ]); -} + # Virtualization + virtmanager + ]); + } diff --git a/nix/home-manager/configuration/text-minimal.nix b/nix/home-manager/configuration/text-minimal.nix index 9440cd1..60a2be6 100644 --- a/nix/home-manager/configuration/text-minimal.nix +++ b/nix/home-manager/configuration/text-minimal.nix @@ -1,23 +1,27 @@ -{ pkgs, extraPackages ? [ ] }: +{ + pkgs, + extraPackages ? [], +}: let + zshCurried = import ../programs/zsh.nix {inherit pkgs;}; +in + { + pkgs, + config, + ... + }: let + in { + imports = [ + ../profiles/common.nix + # ../profiles/nix-channels.nix + ../programs/neovim.nix + zshCurried + ]; -let zshCurried = import ../programs/zsh.nix { inherit pkgs; }; + nixpkgs.config = {packageOverrides = pkgs: with pkgs; {};}; -in { pkgs, config, ... }: + home.sessionVariables = {}; -let - -in { - imports = [ - ../profiles/common.nix - # ../profiles/nix-channels.nix - ../programs/neovim.nix - zshCurried - ]; - - nixpkgs.config = { packageOverrides = pkgs: with pkgs; { }; }; - - home.sessionVariables = { }; - - home.packages = extraPackages - ++ (with pkgs; [ iperf3 inetutils speedtest-cli ]); -} + home.packages = + extraPackages + ++ (with pkgs; [iperf3 inetutils speedtest-cli]); + } diff --git a/nix/home-manager/lib.nix b/nix/home-manager/lib.nix index 333e0e3..3801ee0 100644 --- a/nix/home-manager/lib.nix +++ b/nix/home-manager/lib.nix @@ -1,17 +1,14 @@ -{ }: - -let - +{}: let in { - mkSimpleTrayService = { execStart }: { + mkSimpleTrayService = {execStart}: { Unit = { Description = "pasystray applet"; - After = [ "graphical-session-pre.target" ]; - PartOf = [ "graphical-session.target" ]; + After = ["graphical-session-pre.target"]; + PartOf = ["graphical-session.target"]; }; - Install = { WantedBy = [ "graphical-session.target" ]; }; + Install = {WantedBy = ["graphical-session.target"];}; - Service = { ExecStart = execStart; }; + Service = {ExecStart = execStart;}; }; } diff --git a/nix/home-manager/profiles/common.nix b/nix/home-manager/profiles/common.nix index 3d6b171..2d08388 100644 --- a/nix/home-manager/profiles/common.nix +++ b/nix/home-manager/profiles/common.nix @@ -1,6 +1,4 @@ -{ pkgs, ... }: - -let +{pkgs, ...}: let in { # TODO: re-enable this with the appropriate version # programs.home-manager.enable = true; @@ -12,13 +10,11 @@ in { allowBroken = false; allowUnfree = true; - permittedInsecurePackages = [ ]; + permittedInsecurePackages = []; }; - nix.settings = { - experimental-features = - [ "nix-command" "flakes" "impure-derivations" "ca-derivations" ]; - }; + nix.settings.experimental-features = ["nix-command" "flakes" "impure-derivations" "ca-derivations" "recursive-nix"]; + nix.settings.sandbox = "relaxed"; home.keyboard = { layout = "us"; @@ -41,20 +37,22 @@ in { programs.command-not-found.enable = true; programs.fzf.enable = true; - home.packages = [ ] ++ (with pkgs; [ - # git helpers - git-crypt + home.packages = + [] + ++ (with pkgs; [ + # git helpers + git-crypt - vcsh - # Authentication - cacert - openssl - mkpasswd + vcsh + # Authentication + cacert + openssl + mkpasswd - just - ripgrep - du-dust - ]); + just + ripgrep + du-dust + ]); home.stateVersion = "22.05"; } diff --git a/nix/home-manager/profiles/dotfiles.nix b/nix/home-manager/profiles/dotfiles.nix index 496c569..95b5248 100644 --- a/nix/home-manager/profiles/dotfiles.nix +++ b/nix/home-manager/profiles/dotfiles.nix @@ -1,7 +1,9 @@ -{ pkgs, config, ... }: - -let vcshActivationScript = pkgs.callPackage ./dotfiles/vcsh.nix { }; - +{ + pkgs, + config, + ... +}: let + vcshActivationScript = pkgs.callPackage ./dotfiles/vcsh.nix {}; in { # TODO: fix the dotfiles # home.activation.vcsh = config.lib.dag.entryAfter["linkGeneration"] '' diff --git a/nix/home-manager/profiles/dotfiles/vcsh.tmpl.nix b/nix/home-manager/profiles/dotfiles/vcsh.tmpl.nix index 87a45a0..84d629f 100644 --- a/nix/home-manager/profiles/dotfiles/vcsh.tmpl.nix +++ b/nix/home-manager/profiles/dotfiles/vcsh.tmpl.nix @@ -1,36 +1,40 @@ -{ pkgs, repoHttps ? "https://gitlab.com/steveeJ/dotfiles.git" -, repoSsh ? "git@gitlab.com:/steveeJ/dotfiles.git", ... }: +{ + pkgs, + repoHttps ? "https://gitlab.com/steveeJ/dotfiles.git", + repoSsh ? "git@gitlab.com:/steveeJ/dotfiles.git", + ... +}: let + repoBareLocal = + pkgs.runCommand "fetchbare" + { + outputHashMode = "recursive"; + outputHashAlgo = "sha256"; + outputHash = "0000000000000000000000000000000000000000000000000000"; + } '' + ( + set -xe + export GIT_SSL_CAINFO=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt + export SSL_CERT_FILE=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt + ${pkgs.git}/bin/git clone --mirror ${repoHttps} $out + ) + ''; +in + pkgs.writeScript "activation-script" '' + export HOST=$(hostname -s) -let - repoBareLocal = pkgs.runCommand "fetchbare" { - outputHashMode = "recursive"; - outputHashAlgo = "sha256"; - outputHash = "0000000000000000000000000000000000000000000000000000"; - } '' - ( - set -xe - export GIT_SSL_CAINFO=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt - export SSL_CERT_FILE=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt - ${pkgs.git}/bin/git clone --mirror ${repoHttps} $out - ) - ''; + function set_remotes { + ${pkgs.vcsh}/bin/vcsh dotfiles remote set-url origin $1 + ${pkgs.vcsh}/bin/vcsh dotfiles remote set-url --push origin $2 + } -in pkgs.writeScript "activation-script" '' - export HOST=$(hostname -s) - - function set_remotes { - ${pkgs.vcsh}/bin/vcsh dotfiles remote set-url origin $1 - ${pkgs.vcsh}/bin/vcsh dotfiles remote set-url --push origin $2 - } - - if ! test -d $HOME/.config/vcsh/repo.d/dotfiles.git; then - echo Cloning dotfiles for $HOST... - ${pkgs.vcsh}/bin/vcsh clone -b $HOST ${repoBareLocal} dotfiles - set_remotes ${repoHttps} ${repoSsh} - else - set_remotes ${repoBareLocal} ${repoSsh} - echo Updating dotfiles for $HOST... - ${pkgs.vcsh}/bin/vcsh pull $HOST || true - set_remotes ${repoHttps} ${repoSsh} - fi -'' + if ! test -d $HOME/.config/vcsh/repo.d/dotfiles.git; then + echo Cloning dotfiles for $HOST... + ${pkgs.vcsh}/bin/vcsh clone -b $HOST ${repoBareLocal} dotfiles + set_remotes ${repoHttps} ${repoSsh} + else + set_remotes ${repoBareLocal} ${repoSsh} + echo Updating dotfiles for $HOST... + ${pkgs.vcsh}/bin/vcsh pull $HOST || true + set_remotes ${repoHttps} ${repoSsh} + fi + '' diff --git a/nix/home-manager/profiles/nix-channels.nix b/nix/home-manager/profiles/nix-channels.nix index 7a1d1de..68f21c7 100644 --- a/nix/home-manager/profiles/nix-channels.nix +++ b/nix/home-manager/profiles/nix-channels.nix @@ -1,27 +1,28 @@ -{ pkgs, config, ... }: - -let +{ + pkgs, + config, + ... +}: let in { home.file.".nix-channels".text = ""; - home.activation.removeExistingNixChannels = - config.lib.dag.entryBefore [ "checkLinkTargets" ] '' - $DRY_RUN_CMD ${ - pkgs.writeScript "activation-script" '' - set -ex - if test -f $HOME/.nix-channels; then - echo Uninstalling available channels... - if test -f $HOME/.nix-channel; then - while read url channel; do - nix-channel --remove $channel - done < $HOME/.nix-channel - fi - echo Moving existing file away... - touch $HOME/.nix-channels.dummy - mv --backup=numbered $HOME/.nix-channels.dummy $HOME/.nix-channels - rm $HOME/.nix-channels + home.activation.removeExistingNixChannels = config.lib.dag.entryBefore ["checkLinkTargets"] '' + $DRY_RUN_CMD ${ + pkgs.writeScript "activation-script" '' + set -ex + if test -f $HOME/.nix-channels; then + echo Uninstalling available channels... + if test -f $HOME/.nix-channel; then + while read url channel; do + nix-channel --remove $channel + done < $HOME/.nix-channel fi - '' - }; - ''; + echo Moving existing file away... + touch $HOME/.nix-channels.dummy + mv --backup=numbered $HOME/.nix-channels.dummy $HOME/.nix-channels + rm $HOME/.nix-channels + fi + '' + }; + ''; } diff --git a/nix/home-manager/profiles/qtile-desktop.nix b/nix/home-manager/profiles/qtile-desktop.nix index 05e8daa..6cc9b1f 100644 --- a/nix/home-manager/profiles/qtile-desktop.nix +++ b/nix/home-manager/profiles/qtile-desktop.nix @@ -1,14 +1,12 @@ -{ pkgs, ... }: - -let +{pkgs, ...}: let passwords = import ../../variables/passwords.crypt.nix; - inherit (import ../lib.nix { }) mkSimpleTrayService; + inherit (import ../lib.nix {}) mkSimpleTrayService; audio = pkgs.writeShellScript "audio" '' export PATH=${ with pkgs; - lib.makeBinPath [ pulseaudio findutils gnugrep ] + lib.makeBinPath [pulseaudio findutils gnugrep] }:$PATH export MUTEFILE=''${TEMPDIR:-/tmp}/.qtilemute @@ -33,7 +31,7 @@ let terminalCommand = "${pkgs.alacritty}/bin/alacritty"; dpmsScript = pkgs.writeShellScript "dpmsScript" '' - export PATH=${with pkgs; lib.makeBinPath [ xorg.xset ]}:$PATH + export PATH=${with pkgs; lib.makeBinPath [xorg.xset]}:$PATH set -xe @@ -56,7 +54,7 @@ let ''; screenLockCommand = pkgs.writeShellScript "screenLock" '' - export PATH=${with pkgs; lib.makeBinPath [ i3lock ]}:$PATH + export PATH=${with pkgs; lib.makeBinPath [i3lock]}:$PATH revert() { ${dpmsScript} default @@ -251,11 +249,10 @@ let def print_new_window(window): print("new window: ", window) ''; - in { systemd.user = { startServices = true; - services = { }; + services = {}; }; # systemd.user.sockets.gpg-agent.Socket.Accept = true; @@ -310,40 +307,44 @@ in { { trigger = ":vpos"; replace = "{{output}}"; - vars = [{ - name = "output"; - type = "script"; - params = { - args = [ - (pkgs.writeScript "espanso" '' - #! ${pkgs.python3}/bin/python - import subprocess, os, math, datetime + vars = [ + { + name = "output"; + type = "script"; + params = { + args = [ + (pkgs.writeScript "espanso" '' + #! ${pkgs.python3}/bin/python + import subprocess, os, math, datetime - id=str(os.getuid()) - result=subprocess.run(args=["${pkgs.playerctl}/bin/playerctl", "position"], env={"DBUS_SESSION_BUS_ADDRESS": "unix:path=/run/user/"+id+"/bus"},capture_output=True) - result.check_returncode() + id=str(os.getuid()) + result=subprocess.run(args=["${pkgs.playerctl}/bin/playerctl", "position"], env={"DBUS_SESSION_BUS_ADDRESS": "unix:path=/run/user/"+id+"/bus"},capture_output=True) + result.check_returncode() - position_secs = math.trunc(float(result.stdout)) - position_human = datetime.timedelta(seconds=position_secs) - print("%s - %s" % (position_human, position_secs)) - '') - ]; - }; - }]; + position_secs = math.trunc(float(result.stdout)) + position_human = datetime.timedelta(seconds=position_secs) + print("%s - %s" % (position_human, position_secs)) + '') + ]; + }; + } + ]; } { trigger = ":vtit"; replace = "{{output}}"; - vars = [{ - name = "output"; - type = "script"; - params = { - args = [ - (pkgs.writeShellScript "espanso" - "${playerctl} metadata title") - ]; - }; - }]; + vars = [ + { + name = "output"; + type = "script"; + params = { + args = [ + (pkgs.writeShellScript "espanso" + "${playerctl} metadata title") + ]; + }; + } + ]; } { trigger = ":dunno"; diff --git a/nix/home-manager/programs/chromium.nix b/nix/home-manager/programs/chromium.nix index d9caecf..bc528d0 100644 --- a/nix/home-manager/programs/chromium.nix +++ b/nix/home-manager/programs/chromium.nix @@ -1,9 +1,7 @@ -{ ... }: +{...}: { + programs.chromium = {enable = true;}; -{ - programs.chromium = { enable = true; }; - - programs.brave = { enable = true; }; + programs.brave = {enable = true;}; nixpkgs.config = { chromium = { @@ -12,6 +10,5 @@ }; }; - programs.browserpass = { browsers = [ "chromium" "brave" ]; }; + programs.browserpass = {browsers = ["chromium" "brave"];}; } - diff --git a/nix/home-manager/programs/emacs.nix b/nix/home-manager/programs/emacs.nix index 5dce7f8..10e0ad5 100644 --- a/nix/home-manager/programs/emacs.nix +++ b/nix/home-manager/programs/emacs.nix @@ -1,6 +1,4 @@ -{ pkgs, ... }: - -{ +{pkgs, ...}: { programs.emacs = { enable = true; extraPackages = epkgs: @@ -10,13 +8,15 @@ zerodark-theme # ; Nicolas' theme undo-tree # ; to show the undo tree # zoom-frm # ; increase/decrease font size for all buffers %lt;C-x C-+> - ]) ++ (with epkgs.melpaPackages; [ evil ]) ++ (with epkgs.elpaPackages; [ + ]) + ++ (with epkgs.melpaPackages; [evil]) + ++ (with epkgs.elpaPackages; [ auctex # ; LaTeX mode beacon # ; highlight my cursor when scrolling nameless # ; hide current package name everywhere in elisp code - ]) ++ (with pkgs; - [ - pkgs.notmuch # From main packages set - ]); + ]) + ++ (with pkgs; [ + pkgs.notmuch # From main packages set + ]); }; } diff --git a/nix/home-manager/programs/firefox.nix b/nix/home-manager/programs/firefox.nix index e8531c6..d635426 100644 --- a/nix/home-manager/programs/firefox.nix +++ b/nix/home-manager/programs/firefox.nix @@ -1,14 +1,10 @@ -{ pkgs, ... }: - -{ - programs.firefox = { enable = true; }; +{pkgs, ...}: { + programs.firefox = {enable = true;}; programs.browserpass = { enable = true; - browsers = [ "firefox" ]; + browsers = ["firefox"]; }; - home.file.".mozilla/native-messaging-hosts/passff.json".source = - "${pkgs.passff-host}/share/passff-host/passff.json"; + home.file.".mozilla/native-messaging-hosts/passff.json".source = "${pkgs.passff-host}/share/passff-host/passff.json"; } - diff --git a/nix/home-manager/programs/holochain-launcher.nix b/nix/home-manager/programs/holochain-launcher.nix index 14ba625..0cc4e15 100644 --- a/nix/home-manager/programs/holochain-launcher.nix +++ b/nix/home-manager/programs/holochain-launcher.nix @@ -1,5 +1,3 @@ -{ pkgs, ... }: - -{ - home.packages = [ pkgs.holochain-launcher ]; +{pkgs, ...}: { + home.packages = [pkgs.holochain-launcher]; } diff --git a/nix/home-manager/programs/homeshick.nix b/nix/home-manager/programs/homeshick.nix index 57236ae..ba83ae1 100644 --- a/nix/home-manager/programs/homeshick.nix +++ b/nix/home-manager/programs/homeshick.nix @@ -1,31 +1,30 @@ -{ pkgs, config, ... }: - -let +{ + pkgs, + config, + ... +}: let # TODO: clean up the impurity in here - in { - home.sessionVariables = { HOMESHICK_DIR = "${pkgs.homeshick}"; }; + home.sessionVariables = {HOMESHICK_DIR = "${pkgs.homeshick}";}; - home.activation.bootstrapRepos = - config.lib.dag.entryAfter [ "writeBoundary" ] '' - $DRY_RUN_CMD ${ - pkgs.writeScript "activation-script" '' - set -e - echo home-manager path is ${config.home.path} - echo home is $HOME + home.activation.bootstrapRepos = config.lib.dag.entryAfter ["writeBoundary"] '' + $DRY_RUN_CMD ${ + pkgs.writeScript "activation-script" '' + set -e + echo home-manager path is ${config.home.path} + echo home is $HOME - source ${pkgs.homeshick}/homeshick.sh - type homeshick - - # echo Updating homeshick - # ln -sfT ${pkgs.homeshick} "$HOMESICK_REPOS"/.homeshick - # mv -Tf "$HOMESICK_REPOS"/{.,}homeshick - '' - }; - ''; + source ${pkgs.homeshick}/homeshick.sh + type homeshick + + # echo Updating homeshick + # ln -sfT ${pkgs.homeshick} "$HOMESICK_REPOS"/.homeshick + # mv -Tf "$HOMESICK_REPOS"/{.,}homeshick + '' + }; + ''; nixpkgs.config = { - packageOverrides = pkgs: with pkgs; { homeshick = builtins.fetchGit { diff --git a/nix/home-manager/programs/libreoffice.nix b/nix/home-manager/programs/libreoffice.nix index 49b166a..3f9c077 100644 --- a/nix/home-manager/programs/libreoffice.nix +++ b/nix/home-manager/programs/libreoffice.nix @@ -1,10 +1,8 @@ -{ pkgs, ... }: - -{ +{pkgs, ...}: { home.sessionVariables = { # Workaround for Libreoffice to force gtk3 SAL_USE_VCLPLUGIN = "gtk3"; }; - home.packages = with pkgs; [ libreoffice-fresh ]; + home.packages = with pkgs; [libreoffice-fresh]; } diff --git a/nix/home-manager/programs/neovim.nix b/nix/home-manager/programs/neovim.nix index c63f33d..66d7fc5 100644 --- a/nix/home-manager/programs/neovim.nix +++ b/nix/home-manager/programs/neovim.nix @@ -1,14 +1,11 @@ -{ pkgs, ... }: - -let - +{pkgs, ...}: let in { - home.sessionVariables = { EDITOR = "nvim"; }; + home.sessionVariables = {EDITOR = "nvim";}; programs.neovim = { enable = true; - extraPython3Packages = (ps: with ps; [ ]); + extraPython3Packages = ps: with ps; []; extraConfig = builtins.readFile ./neovim/vimrc; @@ -24,7 +21,7 @@ in { rev = "890ccd8e5370808d569e96dbb06cbeca2cf5993a"; sha256 = "018z6xcwrq58q6lj6gwhrifjaxkmrlkkg0n86s6mjjlwkbs2qa4m"; }; - buildInputs = [ zip vim ]; + buildInputs = [zip vim]; }; } @@ -77,7 +74,8 @@ in { }; }; } - ] ++ (with pkgs.vimPlugins; [ + ] + ++ (with pkgs.vimPlugins; [ delimitMate vim-airline vim-airline-themes diff --git a/nix/home-manager/programs/pass.nix b/nix/home-manager/programs/pass.nix index a952454..9a1b9c4 100644 --- a/nix/home-manager/programs/pass.nix +++ b/nix/home-manager/programs/pass.nix @@ -1,15 +1,11 @@ -{ pkgs, ... }: - -{ +{pkgs, ...}: { home.sessionVariables = { # required by pass-otp - PASSWORD_STORE_EXTENSIONS_DIR = - "$HOME/.nix-profile/lib/password-store/extensions"; + PASSWORD_STORE_EXTENSIONS_DIR = "$HOME/.nix-profile/lib/password-store/extensions"; PASSWORD_STORE_ENABLE_EXTENSIONS = "true"; }; - programs.browserpass = { enable = true; }; + programs.browserpass = {enable = true;}; - home.packages = with pkgs; [ pass qtpass rofi-pass gnupg ]; + home.packages = with pkgs; [pass qtpass rofi-pass gnupg]; } - diff --git a/nix/home-manager/programs/podman.nix b/nix/home-manager/programs/podman.nix index 0a24db3..f663743 100644 --- a/nix/home-manager/programs/podman.nix +++ b/nix/home-manager/programs/podman.nix @@ -1,6 +1,4 @@ -{ pkgs, ... }: - -let +{pkgs, ...}: let cniConfigDir = let loopback = pkgs.writeText "00-loopback.conf" '' { @@ -36,12 +34,13 @@ let ] } ''; - in pkgs.runCommand "cniConfig" { } '' - set -x - mkdir $out; - ln -s ${loopback} $out/${loopback.name} - ln -s ${podman-bridge} $out/${podman-bridge.name} - ''; + in + pkgs.runCommand "cniConfig" {} '' + set -x + mkdir $out; + ln -s ${loopback} $out/${loopback.name} + ln -s ${podman-bridge} $out/${podman-bridge.name} + ''; containersConf = pkgs.writeText "containers.conf" '' # containers.conf is the default configuration file for all tools using libpod to @@ -60,7 +59,7 @@ let image_default_transport = "docker://" # Paths to search for the conmon container manager binary. If the paths are empty or no valid path was found, then the $PATH environment variable will be used as the fallback. - conmon_path = [ + conmon_path = [ "${pkgs.conmon}/bin/conmon" ] @@ -105,7 +104,7 @@ let default_network = "podman" ''; in { - home.packages = with pkgs; [ podman ]; + home.packages = with pkgs; [podman]; home.file.".config/containers/containers.conf".source = containersConf; diff --git a/nix/home-manager/programs/radicale.nix b/nix/home-manager/programs/radicale.nix index b9b026f..6631be6 100644 --- a/nix/home-manager/programs/radicale.nix +++ b/nix/home-manager/programs/radicale.nix @@ -1,6 +1,9 @@ -{ config, pkgs, lib, ... }: - -let +{ + config, + pkgs, + lib, + ... +}: let passwords = import ../../variables/passwords.crypt.nix; libdecsync = pkgs.python3Packages.buildPythonPackage rec { @@ -21,12 +24,13 @@ let hash = "sha256-X+0MT5o2PjsKxca5EDI+rYyQDmUtbRoELDr6e4YXKCg="; }; - buildInputs = [ pkgs.radicale ]; - propagatedBuildInputs = [ libdecsync pkgs.python3Packages.setuptools ]; + buildInputs = [pkgs.radicale]; + propagatedBuildInputs = [libdecsync pkgs.python3Packages.setuptools]; }; radicale-decsync = pkgs.radicale.overrideAttrs (old: { - propagatedBuildInputs = old.propagatedBuildInputs - ++ [ radicale-storage-decsync ]; + propagatedBuildInputs = + old.propagatedBuildInputs + ++ [radicale-storage-decsync]; }); radicale-config = pkgs.writeText "radicale-config" '' [auth] @@ -50,6 +54,6 @@ in { ExecStart = "${radicale-decsync}/bin/radicale -C ${radicale-config}"; Restart = "on-failure"; }; - Install.WantedBy = [ "default.target" ]; + Install.WantedBy = ["default.target"]; }; } diff --git a/nix/home-manager/programs/vscode/default.nix b/nix/home-manager/programs/vscode/default.nix index 8363975..71996cd 100644 --- a/nix/home-manager/programs/vscode/default.nix +++ b/nix/home-manager/programs/vscode/default.nix @@ -1,6 +1,4 @@ -{ pkgs, ... }: - -let +{pkgs, ...}: let packagedExtensions = with pkgs.vscode-extensions; [ # bbenoist.Nix ms-vscode-remote.remote-ssh @@ -462,24 +460,22 @@ let sha256 = "1jmmbz3i0hxq5ka4rsk07mynxh3pkh5g736d9ryv1czhnrb06lwf"; } ]; - in { programs.vscode = { enable = true; - extensions = [ ] ++ packagedExtensions + extensions = + [] ++ packagedExtensions # ++ marketPlaceExtensions - ; + ; }; - home.packages = [ pkgs.nixpkgs-fmt pkgs.nixfmt ]; + home.packages = [pkgs.nixpkgs-fmt pkgs.alejandra]; } - # TODO: automate # rustup install stable # rustup component add rust-analysis --toolchain stable # rustup component add rust-src --toolchain stable # rustup component add rls --toolchain stable - ### original list: # 74th.Theme-NaturalContrast-With-HC # AlanWalk.markdown-toc @@ -553,3 +549,4 @@ in { # xyz.plsql-language # yzane.markdown-pdf # zxh404.vscode-proto3 + diff --git a/nix/home-manager/programs/zsh.nix b/nix/home-manager/programs/zsh.nix index 0fa0f33..9e64278 100644 --- a/nix/home-manager/programs/zsh.nix +++ b/nix/home-manager/programs/zsh.nix @@ -1,8 +1,4 @@ -{ pkgs }: - -{ ... }: - -let +{pkgs}: {...}: let just-plugin = let plugin_file = pkgs.writeText "_just" '' #compdef just @@ -22,19 +18,18 @@ let _describe 'command' subcmds ''; - - in pkgs.stdenv.mkDerivation { - name = "just-completions"; - version = "0.1.0"; - phases = "installPhase"; - installPhase = '' - PLUGIN_PATH=$out/share/oh-my-zsh/plugins/just - mkdir -p $PLUGIN_PATH - cp ${plugin_file} $PLUGIN_PATH/_just - chmod --recursive a-w $out - ''; - }; - + in + pkgs.stdenv.mkDerivation { + name = "just-completions"; + version = "0.1.0"; + phases = "installPhase"; + installPhase = '' + PLUGIN_PATH=$out/share/oh-my-zsh/plugins/just + mkdir -p $PLUGIN_PATH + cp ${plugin_file} $PLUGIN_PATH/_just + chmod --recursive a-w $out + ''; + }; in { programs.zsh = { enable = true; @@ -42,7 +37,8 @@ in { # will be called again by oh-my-zsh enableCompletion = false; enableAutosuggestions = true; - initExtra = let inNixShell = ''$([[ -n "$IN_NIX_SHELL" ]] && printf " 🐚")''; + initExtra = let + inNixShell = ''$([[ -n "$IN_NIX_SHELL" ]] && printf " 🐚")''; in '' PROMPT='%F{%(!.red.green)}%n%f@%m %(?.%F{green}✓%f.%F{red}✗ ($?%))%f %F{blue}%~%f${inNixShell}%F{magenta}$(git_prompt_info)%f$prompt_newline%_%F{%(!.red.green)}$(prompt_char)%f ' RPROMPT="" @@ -54,11 +50,14 @@ in { . $HOME/.shrc.d/sh_aliases fi - ${if builtins.hasAttr "homeshick" pkgs then '' - source ${pkgs.homeshick}/homeshick.sh - fpath=(${pkgs.homeshick}/completions $fpath) - '' else - ""} + ${ + if builtins.hasAttr "homeshick" pkgs + then '' + source ${pkgs.homeshick}/homeshick.sh + fpath=(${pkgs.homeshick}/completions $fpath) + '' + else "" + } # Disable intercepting of ctrl-s and ctrl-q as flow control. stty stop ''' -ixoff -ixon @@ -115,7 +114,7 @@ in { oh-my-zsh = { enable = true; theme = "tjkirch"; - plugins = [ "git" "sudo" ]; + plugins = ["git" "sudo"]; }; }; } diff --git a/nix/ops/nano/configuration.nix b/nix/ops/nano/configuration.nix index 9c10eaf..cf5070e 100644 --- a/nix/ops/nano/configuration.nix +++ b/nix/ops/nano/configuration.nix @@ -1,11 +1,13 @@ # Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). - -{ n, pkgs, ... }: - { - imports = [ # Include the results of the hardware scan. + n, + pkgs, + ... +}: { + imports = [ + # Include the results of the hardware scan. ./hardware-configuration.nix ]; @@ -60,5 +62,4 @@ # The NixOS release to be compatible with for stateful data such as databases. system.stateVersion = "16.03"; - } diff --git a/nix/ops/nano/hardware-configuration.nix b/nix/ops/nano/hardware-configuration.nix index d23eb0f..0297e9c 100644 --- a/nix/ops/nano/hardware-configuration.nix +++ b/nix/ops/nano/hardware-configuration.nix @@ -1,22 +1,24 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, ... }: - { - imports = [ ]; + config, + lib, + pkgs, + ... +}: { + imports = []; - boot.initrd.availableKernelModules = - [ "xhci_pci" "ehci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; + boot.initrd.availableKernelModules = ["xhci_pci" "ehci_pci" "ahci" "usb_storage" "usbhid" "sd_mod"]; + boot.kernelModules = ["kvm-intel"]; + boot.extraModulePackages = []; fileSystems."/" = { device = "/dev/disk/by-uuid/e02a410e-5044-440f-90e9-b573e51f1315"; fsType = "ext4"; }; - swapDevices = [ ]; + swapDevices = []; nix.maxJobs = 2; } diff --git a/nix/ops/nanos@kn.nix b/nix/ops/nanos@kn.nix index 028b8ac..3d45a49 100644 --- a/nix/ops/nanos@kn.nix +++ b/nix/ops/nanos@kn.nix @@ -1,18 +1,18 @@ -{ nixpkgs ? import { }, nrNanos ? 1 # Number of nanos -}: - -let +{ + nixpkgs ? import {}, + nrNanos ? 1, # Number of nanos +}: let pkgs = nixpkgs; webserver = { services.httpd.enable = true; services.httpd.adminAddr = "mail@stefanjunker.de"; services.httpd.documentRoot = "${pkgs.nixops}/share/doc/nixops/"; - networking.firewall.allowedTCPPorts = [ 80 ]; + networking.firewall.allowedTCPPorts = [80]; }; - mkNano = { n }: { + mkNano = {n}: { imports = [ - (import ./nano/configuration.nix { inherit pkgs n; }) + (import ./nano/configuration.nix {inherit pkgs n;}) ../configuration/common/user/root.nix ]; deployment.targetEnv = "none"; @@ -20,6 +20,6 @@ let }; mkNanos = n: - nixpkgs.lib.nameValuePair "nano${toString n}" (mkNano { inherit n; }); - -in nixpkgs.lib.listToAttrs (map mkNanos (nixpkgs.lib.range 0 (nrNanos - 1))) + nixpkgs.lib.nameValuePair "nano${toString n}" (mkNano {inherit n;}); +in + nixpkgs.lib.listToAttrs (map mkNanos (nixpkgs.lib.range 0 (nrNanos - 1))) diff --git a/nix/os/containers/backup-target.nix b/nix/os/containers/backup-target.nix index 68fb0e4..d1ff1f0 100644 --- a/nix/os/containers/backup-target.nix +++ b/nix/os/containers/backup-target.nix @@ -1,9 +1,19 @@ -{ hostAddress, localAddress, containerBackupCfg -, sshPort ? containerBackupCfg.portInt, autoStart ? false }: { - config = { config, pkgs, lib, ... }: { +{ + hostAddress, + localAddress, + containerBackupCfg, + sshPort ? containerBackupCfg.portInt, + autoStart ? false, +}: { + config = { + config, + pkgs, + lib, + ... + }: { system.stateVersion = "22.05"; # Did you read the comment? - imports = [ ../profiles/containers/configuration.nix ]; + imports = [../profiles/containers/configuration.nix]; networking.firewall.enable = false; @@ -23,30 +33,32 @@ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDNI3H0BRSYOZ/MbTs9J80doJwSd1HymFOP5quNt0J48vxZ5FPVrT2FHpQiNrCcYbCKRsU4X8AiGUHiXC0PapQQ3JDkqp6WZoqBNDx6BI7RadyH1TqVQPlou3pQmCAogzfBInruR53YTDmQqXiPwfM0okPOXgiBNjDfZXOX4+CyUfkmZZwASoicTInqWGkn1sFnh4tyXIkgWflg0njlVmfkVvH71+evvKLYHtoNpVXazkQ0SXbyuW5f3mSta7TNkpC3HbBm+4n+WxYGySrlRLWQhTo+aoWUKk9h5zvECDNpwRtbqzt+bA9nKrdg180ceu8hruwvWNiC6PPA2GW9Z1+VKROviGu1C3dliE/pPCBtK+ZoRVv2CGE+pmAuQsB9Nif9tk5tY6HJhuLNxKYiMfQkiLsDYv6KdZXUIVK/4BIDkZuQNnjhdOQBLnea0ANOhutA9gnjxnsd3UT6ovfazg5gud7n3u4yBtzjTkRrqWZ63eM1NmUVOgMWHQ715pV+hJfOFGqzRBEe3g/p3bWNgpROBYJbG1H8l9DN7emG4FGWsb1HeNFwQ5lS0Zsezb7qzahr4vSmHNugVw7w8ONt5dPbPI9wQnWvkkuHH76P/NYy6OC6lHrN1rXyA1okqdPr06YAZnCot+Pqdgn/ijxgp06J3dtkhin+Q7PoQbGff3ERIw== bkp" ]; - packages = with pkgs; [ btrfs-progs ]; + packages = with pkgs; [btrfs-progs]; isSystemUser = true; }; security.sudo = { enable = true; - extraRules = [{ - users = [ "bkp" ]; - commands = [ - { - command = "/etc/profiles/per-user/bkp/bin/btrfs"; - options = [ "NOPASSWD" ]; - } - { - command = "/run/current-system/sw/bin/readlink"; - options = [ "NOPASSWD" ]; - } - { - command = "/run/current-system/sw/bin/test"; - options = [ "NOPASSWD" ]; - } - ]; - }]; + extraRules = [ + { + users = ["bkp"]; + commands = [ + { + command = "/etc/profiles/per-user/bkp/bin/btrfs"; + options = ["NOPASSWD"]; + } + { + command = "/run/current-system/sw/bin/readlink"; + options = ["NOPASSWD"]; + } + { + command = "/run/current-system/sw/bin/test"; + options = ["NOPASSWD"]; + } + ]; + } + ]; }; }; @@ -59,15 +71,17 @@ }; }; - extraFlags = [ "--resolv-conf=bind-host" ]; + extraFlags = ["--resolv-conf=bind-host"]; privateNetwork = true; - forwardPorts = [{ - # ssh - containerPort = 22; - hostPort = sshPort; - protocol = "tcp"; - }]; + forwardPorts = [ + { + # ssh + containerPort = 22; + hostPort = sshPort; + protocol = "tcp"; + } + ]; inherit hostAddress localAddress; } diff --git a/nix/os/containers/backup.nix b/nix/os/containers/backup.nix index 16b8719..864aa20 100644 --- a/nix/os/containers/backup.nix +++ b/nix/os/containers/backup.nix @@ -1,17 +1,20 @@ -{ config, hostAddress, localAddress, subvolumes, targetPathSuffix ? "" -, autoStart ? false }: - -let +{ + config, + hostAddress, + localAddress, + subvolumes, + targetPathSuffix ? "", + autoStart ? false, +}: let passwords = import ../../variables/passwords.crypt.nix; subvolumeParentDir = "/var/lib/container-volumes"; - in { - config = { pkgs, ... }: { + config = {pkgs, ...}: { system.stateVersion = "20.03"; # Did you read the comment? - imports = [ ../profiles/containers/configuration.nix ]; + imports = [../profiles/containers/configuration.nix]; - environment.systemPackages = with pkgs; [ btrfs-progs btrbk ]; + environment.systemPackages = with pkgs; [btrfs-progs btrbk]; networking.firewall.enable = true; @@ -19,13 +22,13 @@ in { enable = true; description = "bkp-sync service"; - serviceConfig = { Type = "oneshot"; }; + serviceConfig = {Type = "oneshot";}; - after = [ "bkp-run.service" ]; + after = ["bkp-run.service"]; - requires = [ "bkp-run.service" ]; + requires = ["bkp-run.service"]; - path = with pkgs; [ utillinux ]; + path = with pkgs; [utillinux]; script = '' set -x true @@ -36,11 +39,11 @@ in { enable = true; description = "bkp-run"; - serviceConfig = { Type = "oneshot"; }; + serviceConfig = {Type = "oneshot";}; - partOf = [ "bkp-sync.service" ]; + partOf = ["bkp-sync.service"]; - path = with pkgs; [ btrfs-progs btrbk coreutils ]; + path = with pkgs; [btrfs-progs btrbk coreutils]; script = let btrbkConf = pkgs.writeText "cfg" '' @@ -60,7 +63,7 @@ in { volume ${subvolumeParentDir} target ${passwords.storage.backupTarget.target}/container-volumes/${targetPathSuffix} ${builtins.foldl' (sum: elem: sum + " subvolume " + elem + "\n") "" - subvolumes} + subvolumes} ''; in '' #! ${pkgs.bash}/bin/bash @@ -73,7 +76,7 @@ in { systemd.timers."bkp" = { description = "Timer to trigger bkp periodically"; enable = true; - wantedBy = [ "timer.target" "multi-user.target" ]; + wantedBy = ["timer.target" "multi-user.target"]; timerConfig = { # Obtained using `systemd-analyze calendar "Wed 23:00"` # OnCalendar = "Wed *-*-* 23:00:00"; @@ -104,15 +107,17 @@ in { }; }; - allowedDevices = [{ - node = "/dev/fuse"; - modifier = "rw"; - }]; + allowedDevices = [ + { + node = "/dev/fuse"; + modifier = "rw"; + } + ]; - extraFlags = [ "--resolv-conf=bind-host" ]; + extraFlags = ["--resolv-conf=bind-host"]; privateNetwork = true; - forwardPorts = [ ]; + forwardPorts = []; inherit hostAddress localAddress; } diff --git a/nix/os/containers/ipxe.nix b/nix/os/containers/ipxe.nix index fdcc481..3623b44 100644 --- a/nix/os/containers/ipxe.nix +++ b/nix/os/containers/ipxe.nix @@ -1,9 +1,18 @@ -{ hostAddress, localAddress, httpPort ? 80, httpsPort ? 443 }: - -let passwords = import ../../variables/passwords.crypt.nix; +{ + hostAddress, + localAddress, + httpPort ? 80, + httpsPort ? 443, +}: let + passwords = import ../../variables/passwords.crypt.nix; in { - config = { config, pkgs, lib, ... }: { - imports = [ ../profiles/containers/configuration.nix ]; + config = { + config, + pkgs, + lib, + ... + }: { + imports = [../profiles/containers/configuration.nix]; networking.firewall.enable = false; @@ -48,7 +57,7 @@ in { # sslCertificate = "/etc/secrets/stefanjunker.de/nginx/nginx.crt"; # sslCertificateKey = "/etc/secrets/stefanjunker.de/nginx/nginx.key"; - locations."/fi" = { index = "index.php"; }; + locations."/fi" = {index = "index.php";}; locations."~ ^(.+.php)(.*)$".extraConfig = '' fastcgi_split_path_info ^(.+\.php)(.*)$; @@ -57,13 +66,12 @@ in { fastcgi_index index.php; ''; - locations."/hedgedoc/" = { proxyPass = "http://127.0.0.1:3000/"; }; + locations."/hedgedoc/" = {proxyPass = "http://127.0.0.1:3000/";}; locations."/hedgedoc/socket.io/" = { proxyPass = "http://127.0.0.1:3000/socket.io/"; proxyWebsockets = true; }; - }; services.phpfpm.pools.mypool = { @@ -78,14 +86,13 @@ in { "pm.max_spare_servers" = 3; "pm.max_requests" = 500; - "php_admin_value[error_reporting]" = - "E_ALL & ~E_NOTICE & ~E_WARNING & ~E_STRICT & ~E_DEPRECATED"; + "php_admin_value[error_reporting]" = "E_ALL & ~E_NOTICE & ~E_WARNING & ~E_STRICT & ~E_DEPRECATED"; }; }; # the custom php5 we're using here has no fpm-systemd, so the default `Type = "notify"` won't work systemd.services."phpfpm-mypool" = { - serviceConfig = { Type = lib.mkForce "simple"; }; + serviceConfig = {Type = lib.mkForce "simple";}; }; services.mysql = { diff --git a/nix/os/containers/mailserver.nix b/nix/os/containers/mailserver.nix index 3c1d882..1bde00d 100644 --- a/nix/os/containers/mailserver.nix +++ b/nix/os/containers/mailserver.nix @@ -1,15 +1,16 @@ -{ hostAddress, localAddress, imapsPort ? 993, sievePort ? 4190 -, autoStart ? false }: - -let passwords = import ../../variables/passwords.crypt.nix; - +{ + hostAddress, + localAddress, + imapsPort ? 993, + sievePort ? 4190, + autoStart ? false, +}: let + passwords = import ../../variables/passwords.crypt.nix; in { - - config = { pkgs, ... }: { + config = {pkgs, ...}: { system.stateVersion = "21.11"; # Did you read the comment? - imports = - [ ../profiles/containers/configuration.nix ../profiles/common/user.nix ]; + imports = [../profiles/containers/configuration.nix ../profiles/common/user.nix]; networking.firewall.enable = false; @@ -21,8 +22,8 @@ in { services.dovecot2 = { enable = true; - modules = [ pkgs.dovecot_pigeonhole ]; - protocols = [ "sieve" ]; + modules = [pkgs.dovecot_pigeonhole]; + protocols = ["sieve"]; enableImap = true; enableLmtp = true; @@ -51,7 +52,6 @@ in { mail_max_userip_connections = 64 } ''; - }; environment.etc."dovecot/users".text = '' @@ -60,13 +60,13 @@ in { systemd.services.steveej-getmail-stefanjunker = { enable = true; - wantedBy = [ "multi-user.target" ]; + wantedBy = ["multi-user.target"]; serviceConfig.User = "steveej"; serviceConfig.Group = "dovecot2"; serviceConfig.RestartSec = 600; serviceConfig.Restart = "always"; description = "Getmail service"; - path = [ pkgs.getmail6 ]; + path = [pkgs.getmail6]; script = let rc = pkgs.writeText "mailATstefanjunker.de.getmail.rc" '' [options] @@ -93,11 +93,11 @@ in { systemd.services.steveej-getmail-webde = { enable = true; - wantedBy = [ "multi-user.target" ]; + wantedBy = ["multi-user.target"]; serviceConfig.User = "steveej"; serviceConfig.Group = "dovecot2"; description = "Getmail service"; - path = [ pkgs.getmail6 ]; + path = [pkgs.getmail6]; serviceConfig.RestartSec = 1000; serviceConfig.Restart = "always"; script = let @@ -139,7 +139,7 @@ in { }; }; - extraFlags = [ "--resolv-conf=bind-host" ]; + extraFlags = ["--resolv-conf=bind-host"]; privateNetwork = true; forwardPorts = [ diff --git a/nix/os/containers/syncthing.nix b/nix/os/containers/syncthing.nix index d07bd73..d67728b 100644 --- a/nix/os/containers/syncthing.nix +++ b/nix/os/containers/syncthing.nix @@ -1,12 +1,18 @@ -{ hostAddress, localAddress, syncthingPort ? 22000 -, syncthingLocalAnnouncePort ? 21027, autoStart ? false }: - { - - config = { config, pkgs, ... }: { + hostAddress, + localAddress, + syncthingPort ? 22000, + syncthingLocalAnnouncePort ? 21027, + autoStart ? false, +}: { + config = { + config, + pkgs, + ... + }: { system.stateVersion = "20.05"; # Did you read the comment? - imports = [ ../profiles/containers/configuration.nix ]; + imports = [../profiles/containers/configuration.nix]; networking.firewall.enable = true; networking.firewall.allowedTCPPorts = [ @@ -30,7 +36,7 @@ }; }; - extraFlags = [ "--resolv-conf=bind-host" ]; + extraFlags = ["--resolv-conf=bind-host"]; privateNetwork = true; forwardPorts = [ diff --git a/nix/os/containers/webserver.nix b/nix/os/containers/webserver.nix index 9d7345d..40af570 100644 --- a/nix/os/containers/webserver.nix +++ b/nix/os/containers/webserver.nix @@ -1,12 +1,21 @@ -{ hostAddress, localAddress, httpPort ? 80, httpsPort ? 443, autoStart ? false -}: - -let passwords = import ../../variables/passwords.crypt.nix; +{ + hostAddress, + localAddress, + httpPort ? 80, + httpsPort ? 443, + autoStart ? false, +}: let + passwords = import ../../variables/passwords.crypt.nix; in { - config = { config, pkgs, lib, ... }: { + config = { + config, + pkgs, + lib, + ... + }: { system.stateVersion = "22.05"; # Did you read the comment? - imports = [ ../profiles/containers/configuration.nix ]; + imports = [../profiles/containers/configuration.nix]; networking.firewall.enable = false; @@ -51,7 +60,7 @@ in { # sslCertificate = "/etc/secrets/stefanjunker.de/nginx/nginx.crt"; # sslCertificateKey = "/etc/secrets/stefanjunker.de/nginx/nginx.key"; - locations."/fi" = { index = "index.php"; }; + locations."/fi" = {index = "index.php";}; locations."~ ^(.+.php)(.*)$".extraConfig = '' fastcgi_split_path_info ^(.+\.php)(.*)$; @@ -60,13 +69,12 @@ in { fastcgi_index index.php; ''; - locations."/hedgedoc/" = { proxyPass = "http://127.0.0.1:3000/"; }; + locations."/hedgedoc/" = {proxyPass = "http://127.0.0.1:3000/";}; locations."/hedgedoc/socket.io/" = { proxyPass = "http://127.0.0.1:3000/socket.io/"; proxyWebsockets = true; }; - }; services.phpfpm.pools.mypool = { @@ -81,14 +89,13 @@ in { "pm.max_spare_servers" = 3; "pm.max_requests" = 500; - "php_admin_value[error_reporting]" = - "E_ALL & ~E_NOTICE & ~E_WARNING & ~E_STRICT & ~E_DEPRECATED"; + "php_admin_value[error_reporting]" = "E_ALL & ~E_NOTICE & ~E_WARNING & ~E_STRICT & ~E_DEPRECATED"; }; }; # the custom php5 we're using here has no fpm-systemd, so the default `Type = "notify"` won't work systemd.services."phpfpm-mypool" = { - serviceConfig = { Type = lib.mkForce "simple"; }; + serviceConfig = {Type = lib.mkForce "simple";}; }; services.mysql = { @@ -146,7 +153,7 @@ in { }; }; - extraFlags = [ "--resolv-conf=bind-host" ]; + extraFlags = ["--resolv-conf=bind-host"]; privateNetwork = true; forwardPorts = [ diff --git a/nix/os/devices/167.233.1.14/boot.nix b/nix/os/devices/167.233.1.14/boot.nix index 8a093b9..5713789 100644 --- a/nix/os/devices/167.233.1.14/boot.nix +++ b/nix/os/devices/167.233.1.14/boot.nix @@ -1,6 +1,4 @@ -{ lib, ... }: - -{ +{lib, ...}: { boot.loader.grub.efiSupport = lib.mkForce false; - boot.extraModulePackages = [ ]; + boot.extraModulePackages = []; } diff --git a/nix/os/devices/167.233.1.14/configuration.nix b/nix/os/devices/167.233.1.14/configuration.nix index e76498f..a405714 100644 --- a/nix/os/devices/167.233.1.14/configuration.nix +++ b/nix/os/devices/167.233.1.14/configuration.nix @@ -1,7 +1,5 @@ -{ ... }: - -{ - disabledModules = [ ]; +{...}: { + disabledModules = []; imports = [ ../../profiles/common/configuration.nix diff --git a/nix/os/devices/167.233.1.14/hw.nix b/nix/os/devices/167.233.1.14/hw.nix index ae957f6..31cd4e2 100644 --- a/nix/os/devices/167.233.1.14/hw.nix +++ b/nix/os/devices/167.233.1.14/hw.nix @@ -1,6 +1,4 @@ -{ ... }: - -let +{...}: let stage1Modules = [ "virtio_balloon" "virtio_scsi" @@ -17,7 +15,6 @@ let "pata_acpi" "ata_generic" ]; - in { fileSystems."/boot" = { device = "/dev/disk/by-uuid/354fb107-2f4a-42ad-80dd-9dddb61bfd02"; @@ -27,21 +24,20 @@ in { fileSystems."/" = { device = "/dev/disk/by-uuid/993cce35-cc1f-40cc-b07a-5ea58b99fb5b"; fsType = "btrfs"; - options = [ "subvol=root" ]; + options = ["subvol=root"]; neededForBoot = true; }; fileSystems."/home" = { device = "/dev/disk/by-uuid/993cce35-cc1f-40cc-b07a-5ea58b99fb5b"; fsType = "btrfs"; - options = [ "subvol=home" ]; + options = ["subvol=home"]; neededForBoot = true; }; - swapDevices = - [{ device = "/dev/disk/by-uuid/d16b5f4a-f38c-41c6-8aae-1625be815f9d"; }]; + swapDevices = [{device = "/dev/disk/by-uuid/d16b5f4a-f38c-41c6-8aae-1625be815f9d";}]; - boot.loader.grub = { device = "/dev/vda"; }; + boot.loader.grub = {device = "/dev/vda";}; boot.initrd.availableKernelModules = stage1Modules; boot.initrd.kernelModules = stage1Modules; diff --git a/nix/os/devices/167.233.1.14/pkg.nix b/nix/os/devices/167.233.1.14/pkg.nix index b41fb5d..ea9d216 100644 --- a/nix/os/devices/167.233.1.14/pkg.nix +++ b/nix/os/devices/167.233.1.14/pkg.nix @@ -1,29 +1,35 @@ -{ config, pkgs, lib, ... }: - { + config, + pkgs, + lib, + ... +}: { nixpkgs.config.packageOverrides = pkgs: with pkgs; { - nixPath = (import ../../../default.nix { - versionsPath = ./versions.nix; - }).nixPath; + nixPath = + (import ../../../default.nix { + versionsPath = ./versions.nix; + }) + .nixPath; }; - home-manager.users.steveej = - import ../../../home-manager/configuration/text-minimal.nix { - inherit pkgs; - extraPackages = [ - # required by vscode's remote-ssh plugin - pkgs.nodejs + home-manager.users.steveej = import ../../../home-manager/configuration/text-minimal.nix { + inherit pkgs; + extraPackages = [ + # required by vscode's remote-ssh plugin + pkgs.nodejs - # allow clipboard exchanges - pkgs.xsel - pkgs.xclip - ]; - }; + # allow clipboard exchanges + pkgs.xsel + pkgs.xclip + ]; + }; - nix.buildMachines = [{ - hostName = "localhost"; - system = "x86_64-linux"; - supportedFeatures = [ "kvm" "nixos-test" "big-parallel" "benchmark" ]; - maxJobs = 4; - }]; + nix.buildMachines = [ + { + hostName = "localhost"; + system = "x86_64-linux"; + supportedFeatures = ["kvm" "nixos-test" "big-parallel" "benchmark"]; + maxJobs = 4; + } + ]; } diff --git a/nix/os/devices/167.233.1.14/system.nix b/nix/os/devices/167.233.1.14/system.nix index 48ff5b1..76f35e0 100644 --- a/nix/os/devices/167.233.1.14/system.nix +++ b/nix/os/devices/167.233.1.14/system.nix @@ -1,9 +1,12 @@ -{ pkgs, lib, config, ... }: - -let keys = import ../../../variables/keys.nix; - +{ + pkgs, + lib, + config, + ... +}: let + keys = import ../../../variables/keys.nix; in { - nix.binaryCaches = [ "https://cache.holo.host" ]; + nix.binaryCaches = ["https://cache.holo.host"]; nix.binaryCachePublicKeys = [ "cache.holo.host-1:lNXIXtJgS9Iuw4Cu6X0HINLu9sTfcjEntnrgwMQIMcE=" @@ -26,11 +29,13 @@ in { networking.interfaces.eth0 = { mtu = 1400; useDHCP = false; - ipv4.addresses = [{ - "address" = "167.233.1.14"; - "prefixLength" = 29; - }]; - ipv6.addresses = [ ]; + ipv4.addresses = [ + { + "address" = "167.233.1.14"; + "prefixLength" = 29; + } + ]; + ipv6.addresses = []; }; networking.defaultGateway = { @@ -43,11 +48,11 @@ in { interface = "eth0"; }; - networking.nameservers = [ "1.1.1.1" ]; + networking.nameservers = ["1.1.1.1"]; networking.nat = { enable = true; - internalInterfaces = [ "ve-+" ]; + internalInterfaces = ["ve-+"]; externalInterface = "eth0"; }; @@ -55,7 +60,7 @@ in { # services.kubernetes.roles = ["master" "node"]; # virtualization - virtualisation = { docker.enable = true; }; + virtualisation = {docker.enable = true;}; services.spice-vdagentd.enable = true; services.qemuGuest.enable = true; @@ -63,18 +68,18 @@ in { systemd.services."sshd-status" = { enable = true; description = "sshd-status service"; - path = [ pkgs.systemd ]; + path = [pkgs.systemd]; script = '' systemctl status sshd | grep -i tasks ''; }; - systemd.services.sshd.serviceConfig = { TasksMax = 32; }; + systemd.services.sshd.serviceConfig = {TasksMax = 32;}; systemd.timers."sshd-status" = { description = "Timer to trigger sshd-status periodically"; enable = true; - wantedBy = [ "timer.target" "multi-user.target" ]; + wantedBy = ["timer.target" "multi-user.target"]; timerConfig = { OnActiveSec = "360s"; OnUnitActiveSec = "360s"; @@ -83,7 +88,7 @@ in { }; }; - nix.gc = { automatic = true; }; + nix.gc = {automatic = true;}; networking.useHostResolvConf = true; diff --git a/nix/os/devices/167.233.1.14/versions.nix b/nix/os/devices/167.233.1.14/versions.nix index 29e6ef6..95d0174 100644 --- a/nix/os/devices/167.233.1.14/versions.nix +++ b/nix/os/devices/167.233.1.14/versions.nix @@ -4,7 +4,6 @@ let ref = "nixos-21.11"; rev = "e34c5379866833f41e2a36f309912fa675d687c7"; }; - in { inherit nixpkgs; "channels-nixos-stable" = nixpkgs; diff --git a/nix/os/devices/167.233.1.14/versions.tmpl.nix b/nix/os/devices/167.233.1.14/versions.tmpl.nix index 6c25db6..88ee53e 100644 --- a/nix/os/devices/167.233.1.14/versions.tmpl.nix +++ b/nix/os/devices/167.233.1.14/versions.tmpl.nix @@ -6,7 +6,6 @@ let <% git ls-remote https://github.com/nixos/nixpkgs nixos-21.11 | awk '{ print $1 }' | tr -d ' ' -%>''; }; - in { inherit nixpkgs; "channels-nixos-stable" = nixpkgs; diff --git a/nix/os/devices/default.nix b/nix/os/devices/default.nix index 3016aa2..82f3009 100644 --- a/nix/os/devices/default.nix +++ b/nix/os/devices/default.nix @@ -1,15 +1,20 @@ -{ dir, pkgs ? import { } -, ownLib ? import ../lib/default.nix { }, gitRoot ? - "$(git rev-parse --show-toplevel)" - +{ + dir, + pkgs ? import {}, + ownLib ? import ../lib/default.nix {}, + gitRoot ? "$(git rev-parse --show-toplevel)", # FIXME: why do these need explicit mentioning? -, moreargs ? "", rebuildarg ? "", ... }@args: - -let - rebuildargsSudo = [ "switch" "boot" ]; - rebuild = { gitRoot, rebuildarg ? "dry-activate", moreargs ? "" - - , ... }: + moreargs ? "", + rebuildarg ? "", + ... +} @ args: let + rebuildargsSudo = ["switch" "boot"]; + rebuild = { + gitRoot, + rebuildarg ? "dry-activate", + moreargs ? "", + ... + }: pkgs.writeScript "script" '' #!/usr/bin/env bash set -xe @@ -23,23 +28,27 @@ let rm result fi - ${if (builtins.elem rebuildarg rebuildargsSudo) - && (builtins.match ".*--target-host.*" moreargs) == null then - "sudo -E \\" - else - ""} + ${ + if + (builtins.elem rebuildarg rebuildargsSudo) + && (builtins.match ".*--target-host.*" moreargs) == null + then "sudo -E \\" + else "" + } nixos-rebuild --show-trace -I nixos-config=''${NIXOS_CONFIG} ${rebuildarg} ${moreargs} ''; - in { - recipes = { - rebuild = rebuild { - inherit gitRoot; - inherit moreargs; - inherit rebuildarg; + recipes = + { + rebuild = + rebuild { + inherit gitRoot; + inherit moreargs; + inherit rebuildarg; + } + # // pkgs.lib.attrsets.optionalAttrs (moreargs != "") { inherit moreargs; } + # // pkgs.lib.attrsets.optionalAttrs (rebuildarg != "") { inherit rebuildarg; } + ; } - # // pkgs.lib.attrsets.optionalAttrs (moreargs != "") { inherit moreargs; } - # // pkgs.lib.attrsets.optionalAttrs (rebuildarg != "") { inherit rebuildarg; } - ; - } // (import ./disk.nix (args // { inherit pkgs ownLib gitRoot; })); + // (import ./disk.nix (args // {inherit pkgs ownLib gitRoot;})); } diff --git a/nix/os/devices/disk.nix b/nix/os/devices/disk.nix index 81310d7..f62c6a9 100644 --- a/nix/os/devices/disk.nix +++ b/nix/os/devices/disk.nix @@ -1,13 +1,24 @@ -{ pkgs, ownLib, dir, gitRoot, diskId ? - (import ((builtins.getEnv "PWD") + "/${dir}/hw.nix") - { }).hardware.opinionatedDisk.diskId, encrypted ? - (import ((builtins.getEnv "PWD") + "/${dir}/hw.nix") - { }).hardware.opinionatedDisk.encrypted, previousDiskId ? "" - -, ... }: - -let mntRootVol = "/mnt/${diskId}-root"; - +{ + pkgs, + ownLib, + dir, + gitRoot, + diskId ? + (import ((builtins.getEnv "PWD") + "/${dir}/hw.nix") + {}) + .hardware + .opinionatedDisk + .diskId, + encrypted ? + (import ((builtins.getEnv "PWD") + "/${dir}/hw.nix") + {}) + .hardware + .opinionatedDisk + .encrypted, + previousDiskId ? "", + ... +}: let + mntRootVol = "/mnt/${diskId}-root"; in rec { diskMount = pkgs.writeScript "script" '' #!/usr/bin/env bash @@ -177,12 +188,12 @@ in rec { if test "${previousDiskId}"; then ${ - pkgs.lib.strings.optionalString encrypted '' - sudo cryptsetup luksOpen ${ownLib.disk.bootLuksDevice diskId} ${ - ownLib.disk.luksName diskId - } - '' - } + pkgs.lib.strings.optionalString encrypted '' + sudo cryptsetup luksOpen ${ownLib.disk.bootLuksDevice diskId} ${ + ownLib.disk.luksName diskId + } + '' + } sync sleep 1 if sudo vgs ${previousDiskId}; then diff --git a/nix/os/devices/elias-e525/boot.nix b/nix/os/devices/elias-e525/boot.nix index a7eeb2c..4d8c1d1 100644 --- a/nix/os/devices/elias-e525/boot.nix +++ b/nix/os/devices/elias-e525/boot.nix @@ -1,6 +1,4 @@ -{ lib, ... }: - -{ +{lib, ...}: { boot.loader.grub.efiInstallAsRemovable = lib.mkForce true; boot.loader.efi.canTouchEfiVariables = lib.mkForce false; } diff --git a/nix/os/devices/elias-e525/configuration.nix b/nix/os/devices/elias-e525/configuration.nix index b78c268..37f4c61 100644 --- a/nix/os/devices/elias-e525/configuration.nix +++ b/nix/os/devices/elias-e525/configuration.nix @@ -1,6 +1,4 @@ -{ ... }: - -{ +{...}: { imports = [ ../../profiles/common/configuration.nix ../../profiles/graphical/configuration.nix diff --git a/nix/os/devices/elias-e525/hw.nix b/nix/os/devices/elias-e525/hw.nix index fe78fa5..269281c 100644 --- a/nix/os/devices/elias-e525/hw.nix +++ b/nix/os/devices/elias-e525/hw.nix @@ -1,6 +1,4 @@ -{ ... }: - -{ +{...}: { # TASK: new device hardware.opinionatedDisk = { enable = true; diff --git a/nix/os/devices/elias-e525/pkg.nix b/nix/os/devices/elias-e525/pkg.nix index c4619b9..d07c68c 100644 --- a/nix/os/devices/elias-e525/pkg.nix +++ b/nix/os/devices/elias-e525/pkg.nix @@ -1,6 +1,8 @@ -{ pkgs, lib, ... }: - -let +{ + pkgs, + lib, + ... +}: let homeEnv = keyboard: { imports = [ (import ../../../home-manager/configuration/graphical-gnome3.nix { @@ -18,13 +20,14 @@ let jitsi ]; }; - in { nixpkgs.config.packageOverrides = pkgs: with pkgs; { - nixPath = (import ../../../default.nix { - versionsPath = ./versions.nix; - }).nixPath; + nixPath = + (import ../../../default.nix { + versionsPath = ./versions.nix; + }) + .nixPath; }; services.gnome = builtins.mapAttrs (attr: value: lib.mkForce value) { @@ -39,19 +42,19 @@ in { home-manager.users.steveej = homeEnv { layout = "en"; - options = [ "nodeadkey" ]; + options = ["nodeadkey"]; variant = "altgr-intl"; }; home-manager.users.elias = homeEnv { layout = "de"; - options = [ ]; + options = []; variant = ""; }; home-manager.users.justyna = homeEnv { layout = "de"; - options = [ ]; + options = []; variant = ""; }; diff --git a/nix/os/devices/elias-e525/system.nix b/nix/os/devices/elias-e525/system.nix index 4535a60..3cb10d3 100644 --- a/nix/os/devices/elias-e525/system.nix +++ b/nix/os/devices/elias-e525/system.nix @@ -1,7 +1,9 @@ -{ pkgs, lib, config, ... }: - -let - +{ + pkgs, + lib, + config, + ... +}: let in { # TASK: new device networking.hostName = "elias-e525"; # Define your hostname. @@ -17,7 +19,7 @@ in { services.printing = { enable = true; - drivers = with pkgs; [ mfcl3770cdw.driver mfcl3770cdw.cupswrapper ]; + drivers = with pkgs; [mfcl3770cdw.driver mfcl3770cdw.cupswrapper]; }; services.fprintd.enable = true; @@ -41,10 +43,9 @@ in { # udev.packages = [ pkgs.gnome3.gnome-settings-daemon ]; }; - security.pki.certificateFiles = - [ "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt" ]; + security.pki.certificateFiles = ["${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"]; - services.xserver.videoDrivers = [ "modesetting" ]; + services.xserver.videoDrivers = ["modesetting"]; boot.kernelPackages = lib.mkForce pkgs.linuxPackages_latest; } diff --git a/nix/os/devices/elias-e525/user.nix b/nix/os/devices/elias-e525/user.nix index df45914..1fe7f71 100644 --- a/nix/os/devices/elias-e525/user.nix +++ b/nix/os/devices/elias-e525/user.nix @@ -1,10 +1,11 @@ -{ config, pkgs, ... }: - -let +{ + config, + pkgs, + ... +}: let passwords = import ../../../variables/passwords.crypt.nix; keys = import ../../../variables/keys.nix; - inherit (import ../../lib/default.nix { }) mkUser; - + inherit (import ../../lib/default.nix {}) mkUser; in { users.extraUsers.elias = mkUser { uid = 1001; diff --git a/nix/os/devices/elias-e525/versions.nix b/nix/os/devices/elias-e525/versions.nix index 6a35f50..81a71e6 100644 --- a/nix/os/devices/elias-e525/versions.nix +++ b/nix/os/devices/elias-e525/versions.nix @@ -4,10 +4,9 @@ let ref = "nixos-21.11"; rev = "386234e2a61e1e8acf94dfa3a3d3ca19a6776efb"; }; - in { inherit nixpkgs; - nixos = nixpkgs // { suffix = "/nixos"; }; + nixos = nixpkgs // {suffix = "/nixos";}; "channels-nixos-stable" = nixpkgs; "channels-nixos-unstable" = { url = "https://github.com/NixOS/nixpkgs/"; diff --git a/nix/os/devices/elias-e525/versions.tmpl.nix b/nix/os/devices/elias-e525/versions.tmpl.nix index 6a5f864..ea299fb 100644 --- a/nix/os/devices/elias-e525/versions.tmpl.nix +++ b/nix/os/devices/elias-e525/versions.tmpl.nix @@ -6,10 +6,9 @@ let <% git ls-remote https://github.com/nixos/nixpkgs nixos-21.11 | awk '{ print $1 }' | tr -d ' ' -%>''; }; - in { inherit nixpkgs; - nixos = nixpkgs // { suffix = "/nixos"; }; + nixos = nixpkgs // {suffix = "/nixos";}; "channels-nixos-stable" = nixpkgs; "channels-nixos-unstable" = { url = "https://github.com/NixOS/nixpkgs/"; diff --git a/nix/os/devices/fwhost1/boot.nix b/nix/os/devices/fwhost1/boot.nix index a7eeb2c..4d8c1d1 100644 --- a/nix/os/devices/fwhost1/boot.nix +++ b/nix/os/devices/fwhost1/boot.nix @@ -1,6 +1,4 @@ -{ lib, ... }: - -{ +{lib, ...}: { boot.loader.grub.efiInstallAsRemovable = lib.mkForce true; boot.loader.efi.canTouchEfiVariables = lib.mkForce false; } diff --git a/nix/os/devices/fwhost1/configuration.nix b/nix/os/devices/fwhost1/configuration.nix index eedc768..ed238cb 100644 --- a/nix/os/devices/fwhost1/configuration.nix +++ b/nix/os/devices/fwhost1/configuration.nix @@ -1,6 +1,4 @@ -{ ... }: - -{ +{...}: { imports = [ ../../profiles/common/configuration.nix ../../modules/opinionatedDisk.nix diff --git a/nix/os/devices/fwhost1/hw.nix b/nix/os/devices/fwhost1/hw.nix index 90d54ab..6c1aaaf 100644 --- a/nix/os/devices/fwhost1/hw.nix +++ b/nix/os/devices/fwhost1/hw.nix @@ -1,7 +1,4 @@ -{ ... }: - -let - +{...}: let in { # TASK: new device hardware.opinionatedDisk = { diff --git a/nix/os/devices/fwhost1/pkg.nix b/nix/os/devices/fwhost1/pkg.nix index 049c046..6650ad9 100644 --- a/nix/os/devices/fwhost1/pkg.nix +++ b/nix/os/devices/fwhost1/pkg.nix @@ -1,18 +1,17 @@ -{ pkgs, ... }: - -{ +{pkgs, ...}: { nixpkgs.config.packageOverrides = pkgs: with pkgs; { - nixPath = (import ../../../default.nix { - versionsPath = ./versions.nix; - }).nixPath; - }; - home-manager.users.steveej = - import ../../../home-manager/configuration/text-minimal.nix { - inherit pkgs; + nixPath = + (import ../../../default.nix { + versionsPath = ./versions.nix; + }) + .nixPath; }; + home-manager.users.steveej = import ../../../home-manager/configuration/text-minimal.nix { + inherit pkgs; + }; - environment.systemPackages = with pkgs; [ iw wirelesstools ]; + environment.systemPackages = with pkgs; [iw wirelesstools]; system.stateVersion = "21.11"; } diff --git a/nix/os/devices/fwhost1/system.nix b/nix/os/devices/fwhost1/system.nix index d1ef0b2..abe1717 100644 --- a/nix/os/devices/fwhost1/system.nix +++ b/nix/os/devices/fwhost1/system.nix @@ -1,10 +1,12 @@ -{ pkgs, lib, config, ... }: - -let +{ + pkgs, + lib, + config, + ... +}: let keys = import ../../../variables/keys.nix; passwords = import ../../../variables/passwords.crypt.nix; in { - # TASK: new device networking.hostName = "fwhost1"; # Define your hostname. @@ -19,34 +21,40 @@ in { networking.firewall.logRefusedConnections = false; networking.usePredictableInterfaceNames = false; - networking.bridges.breth.interfaces = [ "eth0" "eth1" ]; + networking.bridges.breth.interfaces = ["eth0" "eth1"]; networking.bridges.breth.rstp = true; networking.defaultGateway.address = "172.172.171.10"; - networking.nameservers = [ "172.172.171.10" ]; + networking.nameservers = ["172.172.171.10"]; # WAN interfaces, currently unused because the OPNsense guest acts as a router. networking.vlans.wan1.id = 3; networking.vlans.wan1.interface = "breth"; - networking.interfaces.wan1.ipv4.addresses = [{ - address = "192.168.0.15"; - prefixLength = 24; - }]; + networking.interfaces.wan1.ipv4.addresses = [ + { + address = "192.168.0.15"; + prefixLength = 24; + } + ]; networking.vlans.wan2.id = 4; networking.vlans.wan2.interface = "breth"; - networking.interfaces.wan2.ipv4.addresses = [{ - address = "172.16.0.15"; - prefixLength = 12; - }]; + networking.interfaces.wan2.ipv4.addresses = [ + { + address = "172.16.0.15"; + prefixLength = 12; + } + ]; # Local interfaces, all accessed via VLAN tags on the main bridge networking.vlans.lan.id = 1; networking.vlans.lan.interface = "breth"; - networking.interfaces.lan.ipv4.addresses = [{ - address = "172.172.171.15"; - prefixLength = 24; - }]; + networking.interfaces.lan.ipv4.addresses = [ + { + address = "172.172.171.15"; + prefixLength = 24; + } + ]; networking.vlans.dmz.id = 5; networking.vlans.dmz.interface = "breth"; @@ -77,4 +85,3 @@ in { boot.kernelPackages = lib.mkForce pkgs.linuxPackages_latest; } - diff --git a/nix/os/devices/fwhost1/user.nix b/nix/os/devices/fwhost1/user.nix index de3779b..98f59ba 100644 --- a/nix/os/devices/fwhost1/user.nix +++ b/nix/os/devices/fwhost1/user.nix @@ -1,8 +1,9 @@ -{ config, pkgs, ... }: - -let +{ + config, + pkgs, + ... +}: let passwords = import ../../../variables/passwords.crypt.nix; keys = import ../../../variables/keys.nix; - inherit (import ../../lib/default.nix { }) mkUser; - -in { } + inherit (import ../../lib/default.nix {}) mkUser; +in {} diff --git a/nix/os/devices/fwhost1/versions.nix b/nix/os/devices/fwhost1/versions.nix index ef4ba9d..c6dac79 100644 --- a/nix/os/devices/fwhost1/versions.nix +++ b/nix/os/devices/fwhost1/versions.nix @@ -4,10 +4,9 @@ let ref = "nixos-21.11"; rev = "386234e2a61e1e8acf94dfa3a3d3ca19a6776efb"; }; - in { inherit nixpkgs; - nixos = nixpkgs // { suffix = "/nixos"; }; + nixos = nixpkgs // {suffix = "/nixos";}; "channels-nixos-stable" = nixpkgs; "channels-nixos-unstable" = { diff --git a/nix/os/devices/fwhost1/versions.tmpl.nix b/nix/os/devices/fwhost1/versions.tmpl.nix index 63dae61..c9dc8a9 100644 --- a/nix/os/devices/fwhost1/versions.tmpl.nix +++ b/nix/os/devices/fwhost1/versions.tmpl.nix @@ -6,10 +6,9 @@ let <% git ls-remote https://github.com/nixos/nixpkgs nixos-21.11 | awk '{ print $1 }' | tr -d ' ' -%>''; }; - in { inherit nixpkgs; - nixos = nixpkgs // { suffix = "/nixos"; }; + nixos = nixpkgs // {suffix = "/nixos";}; "channels-nixos-stable" = nixpkgs; "channels-nixos-unstable" = { diff --git a/nix/os/devices/fwhost2/boot.nix b/nix/os/devices/fwhost2/boot.nix index a7eeb2c..4d8c1d1 100644 --- a/nix/os/devices/fwhost2/boot.nix +++ b/nix/os/devices/fwhost2/boot.nix @@ -1,6 +1,4 @@ -{ lib, ... }: - -{ +{lib, ...}: { boot.loader.grub.efiInstallAsRemovable = lib.mkForce true; boot.loader.efi.canTouchEfiVariables = lib.mkForce false; } diff --git a/nix/os/devices/fwhost2/configuration.nix b/nix/os/devices/fwhost2/configuration.nix index eedc768..ed238cb 100644 --- a/nix/os/devices/fwhost2/configuration.nix +++ b/nix/os/devices/fwhost2/configuration.nix @@ -1,6 +1,4 @@ -{ ... }: - -{ +{...}: { imports = [ ../../profiles/common/configuration.nix ../../modules/opinionatedDisk.nix diff --git a/nix/os/devices/fwhost2/hw.nix b/nix/os/devices/fwhost2/hw.nix index 0aee8f0..c207b8c 100644 --- a/nix/os/devices/fwhost2/hw.nix +++ b/nix/os/devices/fwhost2/hw.nix @@ -1,7 +1,4 @@ -{ ... }: - -let - +{...}: let in { # TASK: new device hardware.opinionatedDisk = { diff --git a/nix/os/devices/fwhost2/pkg.nix b/nix/os/devices/fwhost2/pkg.nix index 049c046..6650ad9 100644 --- a/nix/os/devices/fwhost2/pkg.nix +++ b/nix/os/devices/fwhost2/pkg.nix @@ -1,18 +1,17 @@ -{ pkgs, ... }: - -{ +{pkgs, ...}: { nixpkgs.config.packageOverrides = pkgs: with pkgs; { - nixPath = (import ../../../default.nix { - versionsPath = ./versions.nix; - }).nixPath; - }; - home-manager.users.steveej = - import ../../../home-manager/configuration/text-minimal.nix { - inherit pkgs; + nixPath = + (import ../../../default.nix { + versionsPath = ./versions.nix; + }) + .nixPath; }; + home-manager.users.steveej = import ../../../home-manager/configuration/text-minimal.nix { + inherit pkgs; + }; - environment.systemPackages = with pkgs; [ iw wirelesstools ]; + environment.systemPackages = with pkgs; [iw wirelesstools]; system.stateVersion = "21.11"; } diff --git a/nix/os/devices/fwhost2/system.nix b/nix/os/devices/fwhost2/system.nix index ac12837..54da0ba 100644 --- a/nix/os/devices/fwhost2/system.nix +++ b/nix/os/devices/fwhost2/system.nix @@ -1,10 +1,13 @@ -{ pkgs, lib, config, utils, ... }: - -let +{ + pkgs, + lib, + config, + utils, + ... +}: let keys = import ../../../variables/keys.nix; passwords = import ../../../variables/passwords.crypt.nix; in { - # TASK: new device networking.hostName = "fwhost2"; # Define your hostname. @@ -19,34 +22,40 @@ in { networking.firewall.logRefusedConnections = false; networking.usePredictableInterfaceNames = false; - networking.bridges.breth.interfaces = [ "eth0" "eth1" ]; + networking.bridges.breth.interfaces = ["eth0" "eth1"]; networking.bridges.breth.rstp = true; networking.defaultGateway.address = "172.172.171.10"; - networking.nameservers = [ "172.172.171.10" ]; + networking.nameservers = ["172.172.171.10"]; # WAN interfaces, currently unused because the OPNsense guest acts as a router. networking.vlans.wan1.id = 3; networking.vlans.wan1.interface = "breth"; - networking.interfaces.wan1.ipv4.addresses = [{ - address = "192.168.0.16"; - prefixLength = 24; - }]; + networking.interfaces.wan1.ipv4.addresses = [ + { + address = "192.168.0.16"; + prefixLength = 24; + } + ]; networking.vlans.wan2.id = 4; networking.vlans.wan2.interface = "breth"; - networking.interfaces.wan2.ipv4.addresses = [{ - address = "172.16.0.16"; - prefixLength = 12; - }]; + networking.interfaces.wan2.ipv4.addresses = [ + { + address = "172.16.0.16"; + prefixLength = 12; + } + ]; # Local interfaces, all accessed via VLAN tags on the main bridge networking.vlans.lan.id = 1; networking.vlans.lan.interface = "breth"; - networking.interfaces.lan.ipv4.addresses = [{ - address = "172.172.171.16"; - prefixLength = 24; - }]; + networking.interfaces.lan.ipv4.addresses = [ + { + address = "172.172.171.16"; + prefixLength = 24; + } + ]; networking.vlans.dmz.id = 5; networking.vlans.dmz.interface = "breth"; @@ -77,4 +86,3 @@ in { boot.kernelPackages = lib.mkForce pkgs.linuxPackages_latest; } - diff --git a/nix/os/devices/fwhost2/user.nix b/nix/os/devices/fwhost2/user.nix index 2e63acd..8210554 100644 --- a/nix/os/devices/fwhost2/user.nix +++ b/nix/os/devices/fwhost2/user.nix @@ -1,10 +1,11 @@ -{ config, pkgs, ... }: - -let +{ + config, + pkgs, + ... +}: let passwords = import ../../../variables/passwords.crypt.nix; keys = import ../../../variables/keys.nix; - inherit (import ../../lib/default.nix { }) mkUser; - + inherit (import ../../lib/default.nix {}) mkUser; in { # users.extraUsers.steveej2 = mkUser { # uid = 1001; diff --git a/nix/os/devices/fwhost2/versions.nix b/nix/os/devices/fwhost2/versions.nix index ef4ba9d..c6dac79 100644 --- a/nix/os/devices/fwhost2/versions.nix +++ b/nix/os/devices/fwhost2/versions.nix @@ -4,10 +4,9 @@ let ref = "nixos-21.11"; rev = "386234e2a61e1e8acf94dfa3a3d3ca19a6776efb"; }; - in { inherit nixpkgs; - nixos = nixpkgs // { suffix = "/nixos"; }; + nixos = nixpkgs // {suffix = "/nixos";}; "channels-nixos-stable" = nixpkgs; "channels-nixos-unstable" = { diff --git a/nix/os/devices/fwhost2/versions.tmpl.nix b/nix/os/devices/fwhost2/versions.tmpl.nix index 63dae61..c9dc8a9 100644 --- a/nix/os/devices/fwhost2/versions.tmpl.nix +++ b/nix/os/devices/fwhost2/versions.tmpl.nix @@ -6,10 +6,9 @@ let <% git ls-remote https://github.com/nixos/nixpkgs nixos-21.11 | awk '{ print $1 }' | tr -d ' ' -%>''; }; - in { inherit nixpkgs; - nixos = nixpkgs // { suffix = "/nixos"; }; + nixos = nixpkgs // {suffix = "/nixos";}; "channels-nixos-stable" = nixpkgs; "channels-nixos-unstable" = { diff --git a/nix/os/devices/srv0.home-ch.stefanjunker.de/boot.nix b/nix/os/devices/srv0.home-ch.stefanjunker.de/boot.nix index fb03c06..fe0b621 100644 --- a/nix/os/devices/srv0.home-ch.stefanjunker.de/boot.nix +++ b/nix/os/devices/srv0.home-ch.stefanjunker.de/boot.nix @@ -1,6 +1,4 @@ -{ lib, ... }: - -{ +{lib, ...}: { boot.loader.grub.efiSupport = true; - boot.extraModulePackages = [ ]; + boot.extraModulePackages = []; } diff --git a/nix/os/devices/srv0.home-ch.stefanjunker.de/configuration.nix b/nix/os/devices/srv0.home-ch.stefanjunker.de/configuration.nix index 5dfb10f..28a63fb 100644 --- a/nix/os/devices/srv0.home-ch.stefanjunker.de/configuration.nix +++ b/nix/os/devices/srv0.home-ch.stefanjunker.de/configuration.nix @@ -1,7 +1,5 @@ -{ ... }: - -{ - disabledModules = [ ]; +{...}: { + disabledModules = []; imports = [ ../../profiles/common/configuration.nix ../../modules/opinionatedDisk.nix diff --git a/nix/os/devices/srv0.home-ch.stefanjunker.de/hw.nix b/nix/os/devices/srv0.home-ch.stefanjunker.de/hw.nix index f6d866a..8815036 100644 --- a/nix/os/devices/srv0.home-ch.stefanjunker.de/hw.nix +++ b/nix/os/devices/srv0.home-ch.stefanjunker.de/hw.nix @@ -1,6 +1,4 @@ -{ ... }: - -let +{...}: let stage1Modules = [ "aesni_intel" "kvm-intel" @@ -19,7 +17,6 @@ let "xhci_hcd" "xhci_pci" ]; - in { # TASK: new device hardware.opinionatedDisk = { diff --git a/nix/os/devices/srv0.home-ch.stefanjunker.de/pkg.nix b/nix/os/devices/srv0.home-ch.stefanjunker.de/pkg.nix index 34ccdce..b6c8038 100644 --- a/nix/os/devices/srv0.home-ch.stefanjunker.de/pkg.nix +++ b/nix/os/devices/srv0.home-ch.stefanjunker.de/pkg.nix @@ -1,23 +1,29 @@ -{ config, pkgs, lib, ... }: - { + config, + pkgs, + lib, + ... +}: { nixpkgs.config.packageOverrides = pkgs: with pkgs; { - nixPath = (import ../../../default.nix { - versionsPath = ./versions.nix; - }).nixPath; - }; - home-manager.users.steveej = - import ../../../home-manager/configuration/text-minimal.nix { - inherit pkgs; + nixPath = + (import ../../../default.nix { + versionsPath = ./versions.nix; + }) + .nixPath; }; + home-manager.users.steveej = import ../../../home-manager/configuration/text-minimal.nix { + inherit pkgs; + }; - nix.buildMachines = [{ - hostName = "localhost"; - system = "x86_64-linux"; - supportedFeatures = [ "kvm" "nixos-test" "big-parallel" "benchmark" ]; - maxJobs = 4; - }]; + nix.buildMachines = [ + { + hostName = "localhost"; + system = "x86_64-linux"; + supportedFeatures = ["kvm" "nixos-test" "big-parallel" "benchmark"]; + maxJobs = 4; + } + ]; # services.hydra = { # enable = false; diff --git a/nix/os/devices/srv0.home-ch.stefanjunker.de/system.nix b/nix/os/devices/srv0.home-ch.stefanjunker.de/system.nix index 314e7c4..e677958 100644 --- a/nix/os/devices/srv0.home-ch.stefanjunker.de/system.nix +++ b/nix/os/devices/srv0.home-ch.stefanjunker.de/system.nix @@ -1,7 +1,10 @@ -{ pkgs, lib, config, ... }: - -let keys = import ../../../variables/keys.nix; - +{ + pkgs, + lib, + config, + ... +}: let + keys = import ../../../variables/keys.nix; in { # TASK: new device networking.hostName = "srv0"; # Define your hostname. @@ -34,7 +37,7 @@ in { networking.nat = { enable = true; - internalInterfaces = [ "ve-+" ]; + internalInterfaces = ["ve-+"]; externalInterface = "eth0"; }; @@ -42,14 +45,14 @@ in { # services.kubernetes.roles = ["master" "node"]; # virtualization - virtualisation = { docker.enable = true; }; + virtualisation = {docker.enable = true;}; - nix.gc = { automatic = true; }; + nix.gc = {automatic = true;}; networking.useHostResolvConf = false; - services.resolved = { enable = true; }; + services.resolved = {enable = true;}; - containers = { }; + containers = {}; # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions diff --git a/nix/os/devices/srv0.home-ch.stefanjunker.de/versions.nix b/nix/os/devices/srv0.home-ch.stefanjunker.de/versions.nix index 3d90d33..bb546e6 100644 --- a/nix/os/devices/srv0.home-ch.stefanjunker.de/versions.nix +++ b/nix/os/devices/srv0.home-ch.stefanjunker.de/versions.nix @@ -4,7 +4,6 @@ let ref = "nixos-22.05"; rev = "040c6d8374d090f46ab0e99f1f7c27a4529ecffd"; }; - in { inherit nixpkgs; "channels-nixos-stable" = nixpkgs; diff --git a/nix/os/devices/srv0.home-ch.stefanjunker.de/versions.tmpl.nix b/nix/os/devices/srv0.home-ch.stefanjunker.de/versions.tmpl.nix index 623673e..511138c 100644 --- a/nix/os/devices/srv0.home-ch.stefanjunker.de/versions.tmpl.nix +++ b/nix/os/devices/srv0.home-ch.stefanjunker.de/versions.tmpl.nix @@ -6,7 +6,6 @@ let <% git ls-remote https://github.com/nixos/nixpkgs nixos-22.05 | awk '{ print $1 }' | tr -d ' ' -%>''; }; - in { inherit nixpkgs; "channels-nixos-stable" = nixpkgs; diff --git a/nix/os/devices/steveej-nuc7pjyh-work/configuration.nix b/nix/os/devices/steveej-nuc7pjyh-work/configuration.nix index 40aeaeb..a15e1aa 100644 --- a/nix/os/devices/steveej-nuc7pjyh-work/configuration.nix +++ b/nix/os/devices/steveej-nuc7pjyh-work/configuration.nix @@ -1,6 +1,4 @@ -{ ... }: - -{ +{...}: { imports = [ ../../profiles/common/configuration.nix ../../profiles/graphical/configuration.nix diff --git a/nix/os/devices/steveej-nuc7pjyh-work/hw.nix b/nix/os/devices/steveej-nuc7pjyh-work/hw.nix index 30186d1..6d8eadd 100644 --- a/nix/os/devices/steveej-nuc7pjyh-work/hw.nix +++ b/nix/os/devices/steveej-nuc7pjyh-work/hw.nix @@ -1,6 +1,4 @@ -{ ... }: - -{ +{...}: { # TASK: new device hardware.encryptedDisk = { enable = true; diff --git a/nix/os/devices/steveej-nuc7pjyh-work/system.nix b/nix/os/devices/steveej-nuc7pjyh-work/system.nix index 65bb989..73d39d9 100644 --- a/nix/os/devices/steveej-nuc7pjyh-work/system.nix +++ b/nix/os/devices/steveej-nuc7pjyh-work/system.nix @@ -1,9 +1,11 @@ -{ pkgs, lib, ... }: - -let +{ + pkgs, + lib, + ... +}: let in { services.udev.extraRules = ''SUBSYSTEM=="sgx", MODE="0660", GROUP="sgx"''; - users.groups.sgx = { }; + users.groups.sgx = {}; networking.hostName = "steveej-nuc7pjyh-work"; # Define your hostname. boot.kernelPackages = lib.mkForce pkgs.linuxPackages_sgx_latest; } diff --git a/nix/os/devices/steveej-nuc7pjyh-work/user.nix b/nix/os/devices/steveej-nuc7pjyh-work/user.nix index e112591..bf0d943 100644 --- a/nix/os/devices/steveej-nuc7pjyh-work/user.nix +++ b/nix/os/devices/steveej-nuc7pjyh-work/user.nix @@ -1,10 +1,11 @@ -{ config, pkgs, ... }: - -let +{ + config, + pkgs, + ... +}: let passwords = import ../../../variables/passwords.crypt.nix; keys = import ../../../variables/keys.nix; - inherit (import ../../lib/default.nix { }) mkUser; - + inherit (import ../../lib/default.nix {}) mkUser; in { users.extraUsers.sjunker = mkUser { uid = 1001; @@ -13,15 +14,19 @@ in { image = "quay.io/enarx/fedora"; run_args = "-v /dev/sgx:/dev/sgx"; }; - extraGroups = [ "sgx" ]; + extraGroups = ["sgx"]; - subUidRanges = [{ - startUid = 100000; - count = 65536; - }]; - subGidRanges = [{ - startGid = 100000; - count = 65536; - }]; + subUidRanges = [ + { + startUid = 100000; + count = 65536; + } + ]; + subGidRanges = [ + { + startGid = 100000; + count = 65536; + } + ]; }; } diff --git a/nix/os/devices/steveej-pa600/boot.nix b/nix/os/devices/steveej-pa600/boot.nix index a7eeb2c..4d8c1d1 100644 --- a/nix/os/devices/steveej-pa600/boot.nix +++ b/nix/os/devices/steveej-pa600/boot.nix @@ -1,6 +1,4 @@ -{ lib, ... }: - -{ +{lib, ...}: { boot.loader.grub.efiInstallAsRemovable = lib.mkForce true; boot.loader.efi.canTouchEfiVariables = lib.mkForce false; } diff --git a/nix/os/devices/steveej-pa600/configuration.nix b/nix/os/devices/steveej-pa600/configuration.nix index b78c268..37f4c61 100644 --- a/nix/os/devices/steveej-pa600/configuration.nix +++ b/nix/os/devices/steveej-pa600/configuration.nix @@ -1,6 +1,4 @@ -{ ... }: - -{ +{...}: { imports = [ ../../profiles/common/configuration.nix ../../profiles/graphical/configuration.nix diff --git a/nix/os/devices/steveej-pa600/hw.nix b/nix/os/devices/steveej-pa600/hw.nix index da9e319..a563c1a 100644 --- a/nix/os/devices/steveej-pa600/hw.nix +++ b/nix/os/devices/steveej-pa600/hw.nix @@ -1,6 +1,4 @@ -{ ... }: - -let +{...}: let stage1Modules = [ "aesni_intel" "kvm-intel" @@ -9,7 +7,6 @@ let "xhci_pci" "hxci_hcd" ]; - in { # TASK: new device hardware.opinionatedDisk = { diff --git a/nix/os/devices/steveej-pa600/pkg.nix b/nix/os/devices/steveej-pa600/pkg.nix index 7d68b41..9897dc2 100644 --- a/nix/os/devices/steveej-pa600/pkg.nix +++ b/nix/os/devices/steveej-pa600/pkg.nix @@ -1,16 +1,15 @@ -{ pkgs, ... }: - -{ +{pkgs, ...}: { nixpkgs.config.packageOverrides = pkgs: with pkgs; { - nixPath = (import ../../../default.nix { - versionsPath = ./versions.nix; - }).nixPath; - }; - home-manager.users.steveej = - import ../../../home-manager/configuration/graphical-fullblown.nix { - inherit pkgs; + nixPath = + (import ../../../default.nix { + versionsPath = ./versions.nix; + }) + .nixPath; }; + home-manager.users.steveej = import ../../../home-manager/configuration/graphical-fullblown.nix { + inherit pkgs; + }; services.teamviewer.enable = true; system.stateVersion = "20.09"; } diff --git a/nix/os/devices/steveej-pa600/system.nix b/nix/os/devices/steveej-pa600/system.nix index 45cb6c9..02256d8 100644 --- a/nix/os/devices/steveej-pa600/system.nix +++ b/nix/os/devices/steveej-pa600/system.nix @@ -1,8 +1,11 @@ -{ pkgs, lib, config, ... }: - -let keys = import ../../../variables/keys.nix; +{ + pkgs, + lib, + config, + ... +}: let + keys = import ../../../variables/keys.nix; in { - # TASK: new device networking.hostName = "steveej-pa600"; # Define your hostname. @@ -17,7 +20,7 @@ in { services.printing = { enable = true; - drivers = with pkgs; [ hplip mfcl3770cdw.driver mfcl3770cdw.cupswrapper ]; + drivers = with pkgs; [hplip mfcl3770cdw.driver mfcl3770cdw.cupswrapper]; }; services.fprintd.enable = true; @@ -26,10 +29,9 @@ in { sudo.fprintAuth = true; }; - security.pki.certificateFiles = - [ "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt" ]; + security.pki.certificateFiles = ["${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"]; - services.xserver.videoDrivers = [ "modesetting" ]; + services.xserver.videoDrivers = ["modesetting"]; services.xserver.serverFlagsSection = '' Option "BlankTime" "0" Option "StandbyTime" "0" diff --git a/nix/os/devices/steveej-pa600/user.nix b/nix/os/devices/steveej-pa600/user.nix index fd906b1..04e5489 100644 --- a/nix/os/devices/steveej-pa600/user.nix +++ b/nix/os/devices/steveej-pa600/user.nix @@ -1,10 +1,11 @@ -{ config, pkgs, ... }: - -let +{ + config, + pkgs, + ... +}: let passwords = import ../../../variables/passwords.crypt.nix; keys = import ../../../variables/keys.nix; - inherit (import ../../lib/default.nix { }) mkUser; - + inherit (import ../../lib/default.nix {}) mkUser; in { users.extraUsers.steveej2 = mkUser { uid = 1001; diff --git a/nix/os/devices/steveej-pa600/versions.nix b/nix/os/devices/steveej-pa600/versions.nix index a88fb19..ce6b116 100644 --- a/nix/os/devices/steveej-pa600/versions.nix +++ b/nix/os/devices/steveej-pa600/versions.nix @@ -4,10 +4,9 @@ let ref = "nixos-20.09"; rev = "e065200fc90175a8f6e50e76ef10a48786126e1c"; }; - in { inherit nixpkgs; - nixos = nixpkgs // { suffix = "/nixos"; }; + nixos = nixpkgs // {suffix = "/nixos";}; "channels-nixos-stable" = nixpkgs; "channels-nixos-unstable" = { url = "https://github.com/NixOS/nixpkgs/"; diff --git a/nix/os/devices/steveej-pa600/versions.tmpl.nix b/nix/os/devices/steveej-pa600/versions.tmpl.nix index 562ad1a..96f7be3 100644 --- a/nix/os/devices/steveej-pa600/versions.tmpl.nix +++ b/nix/os/devices/steveej-pa600/versions.tmpl.nix @@ -6,10 +6,9 @@ let <% git ls-remote https://github.com/nixos/nixpkgs nixos-20.09 | awk '{ print $1 }' | tr -d ' ' -%>''; }; - in { inherit nixpkgs; - nixos = nixpkgs // { suffix = "/nixos"; }; + nixos = nixpkgs // {suffix = "/nixos";}; "channels-nixos-stable" = nixpkgs; "channels-nixos-unstable" = { url = "https://github.com/NixOS/nixpkgs/"; diff --git a/nix/os/devices/steveej-rmvbl-mmc-SL32G_0x259093f6/configuration.nix b/nix/os/devices/steveej-rmvbl-mmc-SL32G_0x259093f6/configuration.nix index 87284bc..b32a198 100644 --- a/nix/os/devices/steveej-rmvbl-mmc-SL32G_0x259093f6/configuration.nix +++ b/nix/os/devices/steveej-rmvbl-mmc-SL32G_0x259093f6/configuration.nix @@ -1,6 +1,4 @@ -{ ... }: - -{ +{...}: { imports = [ ../../profiles/common/configuration.nix ../../profiles/graphical/configuration.nix diff --git a/nix/os/devices/steveej-rmvbl-mmc-SL32G_0x259093f6/hw.nix b/nix/os/devices/steveej-rmvbl-mmc-SL32G_0x259093f6/hw.nix index 1c7f7a3..14df96a 100644 --- a/nix/os/devices/steveej-rmvbl-mmc-SL32G_0x259093f6/hw.nix +++ b/nix/os/devices/steveej-rmvbl-mmc-SL32G_0x259093f6/hw.nix @@ -1,6 +1,4 @@ -{ ... }: - -{ +{...}: { # TASK: new device hardware.encryptedDisk = { enable = true; diff --git a/nix/os/devices/steveej-rmvbl-mmc-SL32G_0x259093f6/system.nix b/nix/os/devices/steveej-rmvbl-mmc-SL32G_0x259093f6/system.nix index 7c34733..4329e5c 100644 --- a/nix/os/devices/steveej-rmvbl-mmc-SL32G_0x259093f6/system.nix +++ b/nix/os/devices/steveej-rmvbl-mmc-SL32G_0x259093f6/system.nix @@ -1,6 +1,3 @@ -{ ... }: - -{ - networking.hostName = - "steveej-rmvbl-mmc-SL32G_0x259093f6"; # Define your hostname. +{...}: { + networking.hostName = "steveej-rmvbl-mmc-SL32G_0x259093f6"; # Define your hostname. } diff --git a/nix/os/devices/steveej-rmvbl-sdep0/configuration.nix b/nix/os/devices/steveej-rmvbl-sdep0/configuration.nix index 2c067e6..d49dbd3 100644 --- a/nix/os/devices/steveej-rmvbl-sdep0/configuration.nix +++ b/nix/os/devices/steveej-rmvbl-sdep0/configuration.nix @@ -1,11 +1,11 @@ -{ ... }: - -{ +{...}: { nixpkgs.config.packageOverrides = pkgs: with pkgs; { - nixPath = (import ../../../default.nix { - versionsPath = ./versions.nix; - }).nixPath; + nixPath = + (import ../../../default.nix { + versionsPath = ./versions.nix; + }) + .nixPath; }; imports = [ diff --git a/nix/os/devices/steveej-rmvbl-sdep0/hw.nix b/nix/os/devices/steveej-rmvbl-sdep0/hw.nix index 71e983e..408b2a9 100644 --- a/nix/os/devices/steveej-rmvbl-sdep0/hw.nix +++ b/nix/os/devices/steveej-rmvbl-sdep0/hw.nix @@ -1,6 +1,4 @@ -{ ... }: - -{ +{...}: { # TASK: new device hardware.opinionatedDisk.diskId = "usb-SanDisk_Extreme_Pro_12345978EC62-0:0"; hardware.opinionatedDisk.encrypted = true; diff --git a/nix/os/devices/steveej-rmvbl-sdep0/system.nix b/nix/os/devices/steveej-rmvbl-sdep0/system.nix index 9b547f3..5bad73f 100644 --- a/nix/os/devices/steveej-rmvbl-sdep0/system.nix +++ b/nix/os/devices/steveej-rmvbl-sdep0/system.nix @@ -1,6 +1,4 @@ -{ ... }: - -{ +{...}: { networking.hostName = "steveej-rmvbl-sdep0"; # Define your hostname. system.stateVersion = "21.05"; } diff --git a/nix/os/devices/steveej-rmvbl-sdep0/versions.nix b/nix/os/devices/steveej-rmvbl-sdep0/versions.nix index 4477d98..508839d 100644 --- a/nix/os/devices/steveej-rmvbl-sdep0/versions.nix +++ b/nix/os/devices/steveej-rmvbl-sdep0/versions.nix @@ -4,10 +4,9 @@ let ref = "nixos-21.11"; rev = "386234e2a61e1e8acf94dfa3a3d3ca19a6776efb"; }; - in { inherit nixpkgs; - nixos = nixpkgs // { suffix = "/nixos"; }; + nixos = nixpkgs // {suffix = "/nixos";}; "channels-nixos-stable" = nixpkgs; # "channels-nixos-21.05" = { diff --git a/nix/os/devices/steveej-t14/boot.nix b/nix/os/devices/steveej-t14/boot.nix index 9936b30..c48bdc6 100644 --- a/nix/os/devices/steveej-t14/boot.nix +++ b/nix/os/devices/steveej-t14/boot.nix @@ -1,7 +1,14 @@ -{ lib, pkgs, ... }: - { + lib, + pkgs, + ... +}: { boot.loader.grub.efiInstallAsRemovable = lib.mkForce true; boot.loader.efi.canTouchEfiVariables = lib.mkForce false; boot.kernelPackages = lib.mkForce pkgs.linuxPackages_latest; + + # boot.tmpOnTmpfs = lib.mkForce false; + boot.tmpOnTmpfsSize = "100%"; + # TODO: make this work + # systemd.tmpfiles.rules = lib.mkForce [ "d /tmp 1777 root root 1d" ]; } diff --git a/nix/os/devices/steveej-t14/configuration.nix b/nix/os/devices/steveej-t14/configuration.nix index f03e698..d710849 100644 --- a/nix/os/devices/steveej-t14/configuration.nix +++ b/nix/os/devices/steveej-t14/configuration.nix @@ -1,6 +1,4 @@ -{ ... }: - -{ +{...}: { imports = [ ../../profiles/common/configuration.nix ../../profiles/graphical/configuration.nix diff --git a/nix/os/devices/steveej-t14/hw.nix b/nix/os/devices/steveej-t14/hw.nix index 9f95077..551617e 100644 --- a/nix/os/devices/steveej-t14/hw.nix +++ b/nix/os/devices/steveej-t14/hw.nix @@ -1,6 +1,4 @@ -{ ... }: - -let +{...}: let stage1Modules = [ "aesni_intel" "kvm_amd" @@ -10,7 +8,6 @@ let "thunderbolt" "e1000e" ]; - in { # TASK: new device hardware.opinionatedDisk = { diff --git a/nix/os/devices/steveej-t14/pkg.nix b/nix/os/devices/steveej-t14/pkg.nix index 7d68b41..9897dc2 100644 --- a/nix/os/devices/steveej-t14/pkg.nix +++ b/nix/os/devices/steveej-t14/pkg.nix @@ -1,16 +1,15 @@ -{ pkgs, ... }: - -{ +{pkgs, ...}: { nixpkgs.config.packageOverrides = pkgs: with pkgs; { - nixPath = (import ../../../default.nix { - versionsPath = ./versions.nix; - }).nixPath; - }; - home-manager.users.steveej = - import ../../../home-manager/configuration/graphical-fullblown.nix { - inherit pkgs; + nixPath = + (import ../../../default.nix { + versionsPath = ./versions.nix; + }) + .nixPath; }; + home-manager.users.steveej = import ../../../home-manager/configuration/graphical-fullblown.nix { + inherit pkgs; + }; services.teamviewer.enable = true; system.stateVersion = "20.09"; } diff --git a/nix/os/devices/steveej-t14/system.nix b/nix/os/devices/steveej-t14/system.nix index 20d60ca..fcfdb17 100644 --- a/nix/os/devices/steveej-t14/system.nix +++ b/nix/os/devices/steveej-t14/system.nix @@ -1,30 +1,34 @@ -{ pkgs, lib, config, ... }: - -let +{ + pkgs, + lib, + config, + ... +}: let keys = import ../../../variables/keys.nix; passwords = import ../../../variables/passwords.crypt.nix; - in { nix = { - binaryCaches = - [ "https://holochain-ci.cachix.org" "https://cache.holo.host/" ]; + binaryCaches = ["https://holochain-ci.cachix.org" "https://cache.holo.host/"]; binaryCachePublicKeys = [ "holochain-ci.cachix.org-1:5IUSkZc0aoRS53rfkvH9Kid40NpyjwCMCzwRTXy+QN8=" "cache.holo.host-1:lNXIXtJgS9Iuw4Cu6X0HINLu9sTfcjEntnrgwMQIMcE=" "cache.holo.host-2:ZJCkX3AUYZ8soxTLfTb60g+F3MkWD7hkH9y8CgqwhDQ=" ]; - settings = { extra-experimental-features = [ "impure-derivations" ]; }; + settings.extra-experimental-features = ["impure-derivations"]; + settings.system-features = ["recursive-nix"]; }; # TASK: new device networking.hostName = "steveej-t14"; # Define your hostname. - networking.bridges."virbr1".interfaces = [ ]; - networking.interfaces."virbr1".ipv4.addresses = [{ - address = "10.254.254.254"; - prefixLength = 24; - }]; + networking.bridges."virbr1".interfaces = []; + networking.interfaces."virbr1".ipv4.addresses = [ + { + address = "10.254.254.254"; + prefixLength = 24; + } + ]; networking.firewall.enable = true; networking.firewall.allowedTCPPorts = [ @@ -40,7 +44,7 @@ in { services.printing = { enable = true; - drivers = with pkgs; [ hplip mfcl3770cdw.driver mfcl3770cdw.cupswrapper ]; + drivers = with pkgs; [hplip mfcl3770cdw.driver mfcl3770cdw.cupswrapper]; }; services.fprintd.enable = true; @@ -51,7 +55,7 @@ in { # virtualization virtualisation = { - libvirtd = { enable = true; }; + libvirtd = {enable = true;}; virtualbox.host = { enable = false; @@ -68,10 +72,9 @@ in { # client min protocol = NT1 ''; - security.pki.certificateFiles = - [ "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt" ]; + security.pki.certificateFiles = ["${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"]; - services.xserver.videoDrivers = lib.mkForce [ "amdgpu" ]; + services.xserver.videoDrivers = lib.mkForce ["amdgpu"]; services.xserver.serverFlagsSection = '' Option "BlankTime" "0" Option "StandbyTime" "0" diff --git a/nix/os/devices/steveej-t14/user.nix b/nix/os/devices/steveej-t14/user.nix index afb1aa8..e284b53 100644 --- a/nix/os/devices/steveej-t14/user.nix +++ b/nix/os/devices/steveej-t14/user.nix @@ -1,15 +1,16 @@ -{ config, pkgs, ... }: - -let +{ + config, + pkgs, + ... +}: let passwords = import ../../../variables/passwords.crypt.nix; keys = import ../../../variables/keys.nix; - inherit (import ../../lib/default.nix { }) mkUser; - + inherit (import ../../lib/default.nix {}) mkUser; in { users.extraUsers.steveej2 = mkUser { uid = 1001; openssh.authorizedKeys.keys = keys.users.steveej.openssh; }; - nix.settings.trusted-users = [ "steveej" ]; + nix.settings.trusted-users = ["steveej"]; } diff --git a/nix/os/devices/steveej-t14/versions.nix b/nix/os/devices/steveej-t14/versions.nix index 469eee4..e8417f5 100644 --- a/nix/os/devices/steveej-t14/versions.nix +++ b/nix/os/devices/steveej-t14/versions.nix @@ -5,10 +5,9 @@ let rev = '' 0218941ea68b4c625533bead7bbb94ccce52dceb''; }; - in { inherit nixpkgs; - nixos = nixpkgs // { suffix = "/nixos"; }; + nixos = nixpkgs // {suffix = "/nixos";}; "channels-nixos-stable" = nixpkgs; "channels-nixos-unstable" = { url = "https://github.com/NixOS/nixpkgs/"; diff --git a/nix/os/devices/steveej-t14/versions.tmpl.nix b/nix/os/devices/steveej-t14/versions.tmpl.nix index 0ac19c9..a0fa34a 100644 --- a/nix/os/devices/steveej-t14/versions.tmpl.nix +++ b/nix/os/devices/steveej-t14/versions.tmpl.nix @@ -6,10 +6,9 @@ let <% git ls-remote https://github.com/nixos/nixpkgs nixos-22.11 | awk '{ print $1 }' | tr -d ' ' -%>''; }; - in { inherit nixpkgs; - nixos = nixpkgs // { suffix = "/nixos"; }; + nixos = nixpkgs // {suffix = "/nixos";}; "channels-nixos-stable" = nixpkgs; "channels-nixos-unstable" = { url = "https://github.com/NixOS/nixpkgs/"; diff --git a/nix/os/devices/steveej-t480s-work/configuration.nix b/nix/os/devices/steveej-t480s-work/configuration.nix index 46b105a..061d8c8 100644 --- a/nix/os/devices/steveej-t480s-work/configuration.nix +++ b/nix/os/devices/steveej-t480s-work/configuration.nix @@ -1,7 +1,5 @@ -{ ... }: - -{ - disabledModules = [ "system/boot/initrd-network.nix" ]; +{...}: { + disabledModules = ["system/boot/initrd-network.nix"]; imports = [ ../../modules/initrd-network.nix diff --git a/nix/os/devices/steveej-t480s-work/hw.nix b/nix/os/devices/steveej-t480s-work/hw.nix index 673323e..988e624 100644 --- a/nix/os/devices/steveej-t480s-work/hw.nix +++ b/nix/os/devices/steveej-t480s-work/hw.nix @@ -1,6 +1,4 @@ -{ ... }: - -let +{...}: let stage1Modules = [ "aesni_intel" "kvm-intel" @@ -14,7 +12,6 @@ let "xhci_pci" "hxci_hcd" ]; - in { # TASK: new device hardware.encryptedDisk = { diff --git a/nix/os/devices/steveej-t480s-work/pkg.nix b/nix/os/devices/steveej-t480s-work/pkg.nix index 9c304d3..557ede1 100644 --- a/nix/os/devices/steveej-t480s-work/pkg.nix +++ b/nix/os/devices/steveej-t480s-work/pkg.nix @@ -1,16 +1,15 @@ -{ pkgs, ... }: - -{ +{pkgs, ...}: { nixpkgs.config.packageOverrides = pkgs: with pkgs; { - nixPath = (import ../../../default.nix { - versionsPath = ./versions.nix; - }).nixPath; - }; - home-manager.users.steveej = - import ../../../home-manager/configuration/graphical-fullblown.nix { - inherit pkgs; + nixPath = + (import ../../../default.nix { + versionsPath = ./versions.nix; + }) + .nixPath; }; + home-manager.users.steveej = import ../../../home-manager/configuration/graphical-fullblown.nix { + inherit pkgs; + }; services.teamviewer.enable = true; system.stateVersion = "19.09"; } diff --git a/nix/os/devices/steveej-t480s-work/system.nix b/nix/os/devices/steveej-t480s-work/system.nix index 85fe73d..ec4c317 100644 --- a/nix/os/devices/steveej-t480s-work/system.nix +++ b/nix/os/devices/steveej-t480s-work/system.nix @@ -1,8 +1,11 @@ -{ pkgs, lib, config, ... }: - -let keys = import ../../../variables/keys.nix; +{ + pkgs, + lib, + config, + ... +}: let + keys = import ../../../variables/keys.nix; in { - # TASK: new device networking.hostName = "steveej-t480s-work"; # Define your hostname. @@ -18,15 +21,17 @@ in { networking.firewall.enable = lib.mkForce false; networking.firewall.checkReversePath = false; - networking.bridges."virbr1".interfaces = [ ]; - networking.interfaces."virbr1".ipv4.addresses = [{ - address = "10.254.254.254"; - prefixLength = 24; - }]; + networking.bridges."virbr1".interfaces = []; + networking.interfaces."virbr1".ipv4.addresses = [ + { + address = "10.254.254.254"; + prefixLength = 24; + } + ]; services.printing = { enable = true; - drivers = with pkgs; [ hplip mfcl3770cdw.driver mfcl3770cdw.cupswrapper ]; + drivers = with pkgs; [hplip mfcl3770cdw.driver mfcl3770cdw.cupswrapper]; }; services.fprintd.enable = true; @@ -40,7 +45,7 @@ in { # virtualization virtualisation = { - libvirtd = { enable = true; }; + libvirtd = {enable = true;}; virtualbox.host = { enable = false; @@ -56,7 +61,7 @@ in { boot.initrd.network = { enable = true; useDHCP = true; - udhcpc.extraArgs = [ "-x hostname:${config.networking.hostName}" ]; + udhcpc.extraArgs = ["-x hostname:${config.networking.hostName}"]; ssh = { enable = true; @@ -73,7 +78,7 @@ in { ../../../../certificates/sat-r220-02.lab.eng.rdu2.redhat.com.crt ]; - services.xserver.videoDrivers = [ "modesetting" ]; + services.xserver.videoDrivers = ["modesetting"]; services.xserver.serverFlagsSection = '' Option "BlankTime" "0" Option "StandbyTime" "0" diff --git a/nix/os/devices/steveej-t480s-work/user.nix b/nix/os/devices/steveej-t480s-work/user.nix index 899efcd..156c71b 100644 --- a/nix/os/devices/steveej-t480s-work/user.nix +++ b/nix/os/devices/steveej-t480s-work/user.nix @@ -1,10 +1,11 @@ -{ config, pkgs, ... }: - -let +{ + config, + pkgs, + ... +}: let passwords = import ../../../variables/passwords.crypt.nix; keys = import ../../../variables/keys.nix; - inherit (import ../../lib/default.nix { }) mkUser; - + inherit (import ../../lib/default.nix {}) mkUser; in { users.extraUsers.steveej2 = mkUser { uid = 1001; @@ -14,6 +15,6 @@ in { users.extraUsers.steveej3 = mkUser { uid = 1002; openssh.authorizedKeys.keys = keys.users.steveej.openssh; - shell = pkgs.posh { image = "quay.io/enarx/fedora"; }; + shell = pkgs.posh {image = "quay.io/enarx/fedora";}; }; } diff --git a/nix/os/devices/steveej-t480s-work/versions.nix b/nix/os/devices/steveej-t480s-work/versions.nix index b7b90a8..0e3479b 100644 --- a/nix/os/devices/steveej-t480s-work/versions.nix +++ b/nix/os/devices/steveej-t480s-work/versions.nix @@ -4,10 +4,9 @@ let ref = "nixos-20.09"; rev = "b94726217f7cdc02ddf277b65553762d520da196"; }; - in { inherit nixpkgs; - nixos = nixpkgs // { suffix = "/nixos"; }; + nixos = nixpkgs // {suffix = "/nixos";}; "channels-nixos-stable" = nixpkgs; "channels-nixos-unstable" = { url = "https://github.com/NixOS/nixpkgs/"; diff --git a/nix/os/devices/steveej-t480s-work/versions.tmpl.nix b/nix/os/devices/steveej-t480s-work/versions.tmpl.nix index 562ad1a..96f7be3 100644 --- a/nix/os/devices/steveej-t480s-work/versions.tmpl.nix +++ b/nix/os/devices/steveej-t480s-work/versions.tmpl.nix @@ -6,10 +6,9 @@ let <% git ls-remote https://github.com/nixos/nixpkgs nixos-20.09 | awk '{ print $1 }' | tr -d ' ' -%>''; }; - in { inherit nixpkgs; - nixos = nixpkgs // { suffix = "/nixos"; }; + nixos = nixpkgs // {suffix = "/nixos";}; "channels-nixos-stable" = nixpkgs; "channels-nixos-unstable" = { url = "https://github.com/NixOS/nixpkgs/"; diff --git a/nix/os/devices/steveej-utilitepro/configuration.nix b/nix/os/devices/steveej-utilitepro/configuration.nix index e342904..7762fab 100644 --- a/nix/os/devices/steveej-utilitepro/configuration.nix +++ b/nix/os/devices/steveej-utilitepro/configuration.nix @@ -1,10 +1,12 @@ # Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). - -{ config, pkgs, ... }: - -let passwords = import ../common/passwords.crypt.nix; +{ + config, + pkgs, + ... +}: let + passwords = import ../common/passwords.crypt.nix; in { # The NixOS release to be compatible with for stateful data such as databases. system.stateVersion = "16.03"; @@ -17,12 +19,13 @@ in { ''; nixpkgs.config = { - - packageOverrides = super: - let self = super.pkgs; - in { - linux_4_1 = super.linux_4_1.override { - kernelPatches = super.linux_4_1.kernelPatches ++ [ + packageOverrides = super: let + self = super.pkgs; + in { + linux_4_1 = super.linux_4_1.override { + kernelPatches = + super.linux_4_1.kernelPatches + ++ [ { patch = ./patches/utilitepro-kernel-dts.patch; name = "utilitepro-dts"; @@ -32,192 +35,193 @@ in { name = "utilitepro-dts-Makefile"; } ]; - # add "CONFIG_PPP_FILTER y" option to the set of kernel options - extraConfig = '' - BTRFS_FS y - BTRFS_FS_POSIX_ACL y - FUSE_FS y - OVERLAY_FS y + # add "CONFIG_PPP_FILTER y" option to the set of kernel options + extraConfig = '' + BTRFS_FS y + BTRFS_FS_POSIX_ACL y + FUSE_FS y + OVERLAY_FS y - BLK_DEV_DM y - DM_THIN_PROVISIONING y + BLK_DEV_DM y + DM_THIN_PROVISIONING y - NAMESPACES y - NET_NS y - PID_NS y - IPC_NS y - UTS_NS y - DEVPTS_MULTIPLE_INSTANCES y - CGROUPS y - CGROUP_CPUACCT y - CGROUP_DEVICE y - CGROUP_FREEZER y - CGROUP_SCHED y - CPUSETS y - MEMCG y - POSIX_MQUEUE y + NAMESPACES y + NET_NS y + PID_NS y + IPC_NS y + UTS_NS y + DEVPTS_MULTIPLE_INSTANCES y + CGROUPS y + CGROUP_CPUACCT y + CGROUP_DEVICE y + CGROUP_FREEZER y + CGROUP_SCHED y + CPUSETS y + MEMCG y + POSIX_MQUEUE y - MACVLAN m - VETH m - BRIDGE m + MACVLAN m + VETH m + BRIDGE m - NF_TABLES m - NETFILTER y - NETFILTER_ADVANCED y - NF_NAT_IPV4 m - IP_NF_FILTER m - IP_NF_TARGET_MASQUERADE m - NETFILTER_XT_MATCH_ADDRTYPE m - NETFILTER_XT_MATCH_CONNTRACK m - NF_NAT m - NF_NAT_NEEDED m - BRIDGE_NETFILTER m - NETFILTER_INGRESS y - NETFILTER_NETLINK m - NETFILTER_NETLINK_ACCT m - NETFILTER_NETLINK_QUEUE m - NETFILTER_NETLINK_LOG m - NETFILTER_SYNPROXY m - NETFILTER_XTABLES m - NETFILTER_XT_MARK m - NETFILTER_XT_CONNMARK m - NETFILTER_XT_SET m - NETFILTER_XT_TARGET_AUDIT m - NETFILTER_XT_TARGET_CHECKSUM m - NETFILTER_XT_TARGET_CLASSIFY m - NETFILTER_XT_TARGET_CONNMARK m - NETFILTER_XT_TARGET_CONNSECMARK m - NETFILTER_XT_TARGET_CT m - NETFILTER_XT_TARGET_DSCP m - NETFILTER_XT_TARGET_HL m - NETFILTER_XT_TARGET_HMARK m - NETFILTER_XT_TARGET_IDLETIMER m - NETFILTER_XT_TARGET_LED m - NETFILTER_XT_TARGET_LOG m - NETFILTER_XT_TARGET_MARK m - NETFILTER_XT_NAT m - NETFILTER_XT_TARGET_NETMAP m - NETFILTER_XT_TARGET_NFLOG m - NETFILTER_XT_TARGET_NFQUEUE m - NETFILTER_XT_TARGET_NOTRACK m - NETFILTER_XT_TARGET_RATEEST m - NETFILTER_XT_TARGET_REDIRECT m - NETFILTER_XT_TARGET_TEE m - NETFILTER_XT_TARGET_TPROXY m - NETFILTER_XT_TARGET_TRACE m - NETFILTER_XT_TARGET_SECMARK m - NETFILTER_XT_TARGET_TCPMSS m - NETFILTER_XT_TARGET_TCPOPTSTRIP m - NETFILTER_XT_MATCH_ADDRTYPE m - NETFILTER_XT_MATCH_BPF m - NETFILTER_XT_MATCH_CGROUP m - NETFILTER_XT_MATCH_CLUSTER m - NETFILTER_XT_MATCH_COMMENT m - NETFILTER_XT_MATCH_CONNBYTES m - NETFILTER_XT_MATCH_CONNLABEL m - NETFILTER_XT_MATCH_CONNLIMIT m - NETFILTER_XT_MATCH_CONNMARK m - NETFILTER_XT_MATCH_CONNTRACK m - NETFILTER_XT_MATCH_CPU m - NETFILTER_XT_MATCH_DCCP m - NETFILTER_XT_MATCH_DEVGROUP m - NETFILTER_XT_MATCH_DSCP m - NETFILTER_XT_MATCH_ECN m - NETFILTER_XT_MATCH_ESP m - NETFILTER_XT_MATCH_HASHLIMIT m - NETFILTER_XT_MATCH_HELPER m - NETFILTER_XT_MATCH_HL m - NETFILTER_XT_MATCH_IPCOMP m - NETFILTER_XT_MATCH_IPRANGE m - NETFILTER_XT_MATCH_IPVS m - NETFILTER_XT_MATCH_L2TP m - NETFILTER_XT_MATCH_LENGTH m - NETFILTER_XT_MATCH_LIMIT m - NETFILTER_XT_MATCH_MAC m - NETFILTER_XT_MATCH_MARK m - NETFILTER_XT_MATCH_MULTIPORT m - NETFILTER_XT_MATCH_NFACCT m - NETFILTER_XT_MATCH_OSF m - NETFILTER_XT_MATCH_OWNER m - NETFILTER_XT_MATCH_POLICY m - NETFILTER_XT_MATCH_PHYSDEV m - NETFILTER_XT_MATCH_PKTTYPE m - NETFILTER_XT_MATCH_QUOTA m - NETFILTER_XT_MATCH_RATEEST m - NETFILTER_XT_MATCH_REALM m - NETFILTER_XT_MATCH_RECENT m - NETFILTER_XT_MATCH_SCTP m - NETFILTER_XT_MATCH_SOCKET m - NETFILTER_XT_MATCH_STATE m - NETFILTER_XT_MATCH_STATISTIC m - NETFILTER_XT_MATCH_STRING m - NETFILTER_XT_MATCH_TCPMSS m - NETFILTER_XT_MATCH_TIME m - NETFILTER_XT_MATCH_U32 m + NF_TABLES m + NETFILTER y + NETFILTER_ADVANCED y + NF_NAT_IPV4 m + IP_NF_FILTER m + IP_NF_TARGET_MASQUERADE m + NETFILTER_XT_MATCH_ADDRTYPE m + NETFILTER_XT_MATCH_CONNTRACK m + NF_NAT m + NF_NAT_NEEDED m + BRIDGE_NETFILTER m + NETFILTER_INGRESS y + NETFILTER_NETLINK m + NETFILTER_NETLINK_ACCT m + NETFILTER_NETLINK_QUEUE m + NETFILTER_NETLINK_LOG m + NETFILTER_SYNPROXY m + NETFILTER_XTABLES m + NETFILTER_XT_MARK m + NETFILTER_XT_CONNMARK m + NETFILTER_XT_SET m + NETFILTER_XT_TARGET_AUDIT m + NETFILTER_XT_TARGET_CHECKSUM m + NETFILTER_XT_TARGET_CLASSIFY m + NETFILTER_XT_TARGET_CONNMARK m + NETFILTER_XT_TARGET_CONNSECMARK m + NETFILTER_XT_TARGET_CT m + NETFILTER_XT_TARGET_DSCP m + NETFILTER_XT_TARGET_HL m + NETFILTER_XT_TARGET_HMARK m + NETFILTER_XT_TARGET_IDLETIMER m + NETFILTER_XT_TARGET_LED m + NETFILTER_XT_TARGET_LOG m + NETFILTER_XT_TARGET_MARK m + NETFILTER_XT_NAT m + NETFILTER_XT_TARGET_NETMAP m + NETFILTER_XT_TARGET_NFLOG m + NETFILTER_XT_TARGET_NFQUEUE m + NETFILTER_XT_TARGET_NOTRACK m + NETFILTER_XT_TARGET_RATEEST m + NETFILTER_XT_TARGET_REDIRECT m + NETFILTER_XT_TARGET_TEE m + NETFILTER_XT_TARGET_TPROXY m + NETFILTER_XT_TARGET_TRACE m + NETFILTER_XT_TARGET_SECMARK m + NETFILTER_XT_TARGET_TCPMSS m + NETFILTER_XT_TARGET_TCPOPTSTRIP m + NETFILTER_XT_MATCH_ADDRTYPE m + NETFILTER_XT_MATCH_BPF m + NETFILTER_XT_MATCH_CGROUP m + NETFILTER_XT_MATCH_CLUSTER m + NETFILTER_XT_MATCH_COMMENT m + NETFILTER_XT_MATCH_CONNBYTES m + NETFILTER_XT_MATCH_CONNLABEL m + NETFILTER_XT_MATCH_CONNLIMIT m + NETFILTER_XT_MATCH_CONNMARK m + NETFILTER_XT_MATCH_CONNTRACK m + NETFILTER_XT_MATCH_CPU m + NETFILTER_XT_MATCH_DCCP m + NETFILTER_XT_MATCH_DEVGROUP m + NETFILTER_XT_MATCH_DSCP m + NETFILTER_XT_MATCH_ECN m + NETFILTER_XT_MATCH_ESP m + NETFILTER_XT_MATCH_HASHLIMIT m + NETFILTER_XT_MATCH_HELPER m + NETFILTER_XT_MATCH_HL m + NETFILTER_XT_MATCH_IPCOMP m + NETFILTER_XT_MATCH_IPRANGE m + NETFILTER_XT_MATCH_IPVS m + NETFILTER_XT_MATCH_L2TP m + NETFILTER_XT_MATCH_LENGTH m + NETFILTER_XT_MATCH_LIMIT m + NETFILTER_XT_MATCH_MAC m + NETFILTER_XT_MATCH_MARK m + NETFILTER_XT_MATCH_MULTIPORT m + NETFILTER_XT_MATCH_NFACCT m + NETFILTER_XT_MATCH_OSF m + NETFILTER_XT_MATCH_OWNER m + NETFILTER_XT_MATCH_POLICY m + NETFILTER_XT_MATCH_PHYSDEV m + NETFILTER_XT_MATCH_PKTTYPE m + NETFILTER_XT_MATCH_QUOTA m + NETFILTER_XT_MATCH_RATEEST m + NETFILTER_XT_MATCH_REALM m + NETFILTER_XT_MATCH_RECENT m + NETFILTER_XT_MATCH_SCTP m + NETFILTER_XT_MATCH_SOCKET m + NETFILTER_XT_MATCH_STATE m + NETFILTER_XT_MATCH_STATISTIC m + NETFILTER_XT_MATCH_STRING m + NETFILTER_XT_MATCH_TCPMSS m + NETFILTER_XT_MATCH_TIME m + NETFILTER_XT_MATCH_U32 m - MEMCG_KMEM y - MEMCG_SWAP y - MEMCG_SWAP_ENABLED y - BLK_CGROUP y - IOSCHED_CFQ y - BLK_DEV_THROTTLING y - CGROUP_PERF y - CGROUP_HUGETLB y - NET_CLS_CGROUP y - CGROUP_NET_PRIO y - CFS_BANDWIDTH y - FAIR_GROUP_SCHED y - RT_GROUP_SCHED y - EXT3_FS y - EXT3_FS_XATTR y - EXT3_FS_POSIX_ACL y - EXT3_FS_SECURITY y + MEMCG_KMEM y + MEMCG_SWAP y + MEMCG_SWAP_ENABLED y + BLK_CGROUP y + IOSCHED_CFQ y + BLK_DEV_THROTTLING y + CGROUP_PERF y + CGROUP_HUGETLB y + NET_CLS_CGROUP y + CGROUP_NET_PRIO y + CFS_BANDWIDTH y + FAIR_GROUP_SCHED y + RT_GROUP_SCHED y + EXT3_FS y + EXT3_FS_XATTR y + EXT3_FS_POSIX_ACL y + EXT3_FS_SECURITY y - PPP_FILTER y - HAVE_IMX_ANATOP y - HAVE_IMX_GPC y - HAVE_IMX_MMDC y - HAVE_IMX_SRC y - SOC_IMX6 y - SOC_IMX6Q y - SOC_IMX6SL y - PCI_IMX6 y - ARM_IMX6Q_CPUFREQ y - IMX_WEIM y - AHCI_IMX y - SERIAL_IMX y - SERIAL_IMX_CONSOLE y - I2C_IMX y - SPI_IMX y - PINCTRL_IMX y - PINCTRL_IMX6Q y - PINCTRL_IMX6SL y - POWER_RESET_IMX y - IMX_THERMAL y - IMX2_WDT y - IMX_IPUV3_CORE y - DRM_IMX y - DRM_IMX_FB_HELPER y - DRM_IMX_PARALLEL_DISPLAY y - DRM_IMX_TVE y - DRM_IMX_LDB y - DRM_IMX_IPUV3 y - DRM_IMX_HDMI y - MMC_SDHCI_ESDHC_IMX y - IMX_SDMA y - PWM_IMX y - DEBUG_IMX6Q_UART y + PPP_FILTER y + HAVE_IMX_ANATOP y + HAVE_IMX_GPC y + HAVE_IMX_MMDC y + HAVE_IMX_SRC y + SOC_IMX6 y + SOC_IMX6Q y + SOC_IMX6SL y + PCI_IMX6 y + ARM_IMX6Q_CPUFREQ y + IMX_WEIM y + AHCI_IMX y + SERIAL_IMX y + SERIAL_IMX_CONSOLE y + I2C_IMX y + SPI_IMX y + PINCTRL_IMX y + PINCTRL_IMX6Q y + PINCTRL_IMX6SL y + POWER_RESET_IMX y + IMX_THERMAL y + IMX2_WDT y + IMX_IPUV3_CORE y + DRM_IMX y + DRM_IMX_FB_HELPER y + DRM_IMX_PARALLEL_DISPLAY y + DRM_IMX_TVE y + DRM_IMX_LDB y + DRM_IMX_IPUV3 y + DRM_IMX_HDMI y + MMC_SDHCI_ESDHC_IMX y + IMX_SDMA y + PWM_IMX y + DEBUG_IMX6Q_UART y - ''; - }; - # pkgs.linux_4_2 = "/nix/store/jc1h6mcc6sq420q2i572qba4b0xzw4gm-linux-4.3-armv7l-unknown-linux-gnueabi"; + ''; }; + # pkgs.linux_4_2 = "/nix/store/jc1h6mcc6sq420q2i572qba4b0xzw4gm-linux-4.3-armv7l-unknown-linux-gnueabi"; + }; allowUnfree = true; }; - imports = [ # Include the results of the hardware scan. + imports = [ + # Include the results of the hardware scan. ./hardware-configuration.nix ]; @@ -274,7 +278,7 @@ in { uid = 1000; isNormalUser = true; home = "/home/steveej"; - extraGroups = [ "wheel" "libvirtd" ]; + extraGroups = ["wheel" "libvirtd"]; hashedPassword = passwords.users.steveej; openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3niN5KcIYikRhXTYZCSehI1ZQs+vvG/dZ7KxNVHslfsS+p1yTycXcZFtDDn5vtG2fAo3yksxCk+G10/AWQ+NMOcFKuAi5qTOYSLbEcHVlZ4ko8sDUe3fF79vrCqY7IWbKKjZ4DH77Qs6SXk5GIlNaIzxut8Dpv8qHnkPiPuFgrJC4oGk60ZKmCPvOEpgg9twcdI6ykIxD4Fg+hHgG1p07uSEcm9EADli8RsU3UJ1UBhXMohMC6HrKVBkBX9wTo+zY+xqXxxem6xGNnkNiZLACfhCnjXv39zh85pgFuNv7R8SzVZQ9iRoCmax/w3JtWdDjqoTGgLfJyhMMjNdjVHOx steveej@steveej-laptop" diff --git a/nix/os/devices/steveej-utilitepro/hardware-configuration.nix b/nix/os/devices/steveej-utilitepro/hardware-configuration.nix index c6ce2e6..a325b30 100644 --- a/nix/os/devices/steveej-utilitepro/hardware-configuration.nix +++ b/nix/os/devices/steveej-utilitepro/hardware-configuration.nix @@ -1,14 +1,17 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, ... }: - { - imports = [ ]; + config, + lib, + pkgs, + ... +}: { + imports = []; - boot.initrd.availableKernelModules = [ ]; - boot.kernelModules = [ ]; - boot.extraModulePackages = [ ]; + boot.initrd.availableKernelModules = []; + boot.kernelModules = []; + boot.extraModulePackages = []; hardware.enableAllFirmware = true; @@ -21,5 +24,5 @@ device = "/dev/disk/by-uuid/f1e7e913-93a0-4258-88f9-f65041d91d66"; }; - swapDevices = [ ]; + swapDevices = []; } diff --git a/nix/os/devices/vmd102066.contaboserver.net/boot.nix b/nix/os/devices/vmd102066.contaboserver.net/boot.nix index 8a093b9..5713789 100644 --- a/nix/os/devices/vmd102066.contaboserver.net/boot.nix +++ b/nix/os/devices/vmd102066.contaboserver.net/boot.nix @@ -1,6 +1,4 @@ -{ lib, ... }: - -{ +{lib, ...}: { boot.loader.grub.efiSupport = lib.mkForce false; - boot.extraModulePackages = [ ]; + boot.extraModulePackages = []; } diff --git a/nix/os/devices/vmd102066.contaboserver.net/configuration.nix b/nix/os/devices/vmd102066.contaboserver.net/configuration.nix index 5dfb10f..28a63fb 100644 --- a/nix/os/devices/vmd102066.contaboserver.net/configuration.nix +++ b/nix/os/devices/vmd102066.contaboserver.net/configuration.nix @@ -1,7 +1,5 @@ -{ ... }: - -{ - disabledModules = [ ]; +{...}: { + disabledModules = []; imports = [ ../../profiles/common/configuration.nix ../../modules/opinionatedDisk.nix diff --git a/nix/os/devices/vmd102066.contaboserver.net/hw.nix b/nix/os/devices/vmd102066.contaboserver.net/hw.nix index 35beaa2..e09b10e 100644 --- a/nix/os/devices/vmd102066.contaboserver.net/hw.nix +++ b/nix/os/devices/vmd102066.contaboserver.net/hw.nix @@ -1,6 +1,4 @@ -{ ... }: - -let +{...}: let stage1Modules = [ "aesni_intel" "kvm-intel" @@ -13,7 +11,6 @@ let "virtio" "scsi_mod" ]; - in { # TASK: new device hardware.opinionatedDisk = { diff --git a/nix/os/devices/vmd102066.contaboserver.net/pkg.nix b/nix/os/devices/vmd102066.contaboserver.net/pkg.nix index a792e72..821775e 100644 --- a/nix/os/devices/vmd102066.contaboserver.net/pkg.nix +++ b/nix/os/devices/vmd102066.contaboserver.net/pkg.nix @@ -1,31 +1,36 @@ -{ config, pkgs, lib, ... }: - { + config, + pkgs, + lib, + ... +}: { nixpkgs.config.packageOverrides = pkgs: with pkgs; { - nixPath = (import ../../../default.nix { - versionsPath = ./versions.nix; - }).nixPath; - }; - home-manager.users.steveej = - import ../../../home-manager/configuration/text-minimal.nix { - inherit pkgs; + nixPath = + (import ../../../default.nix { + versionsPath = ./versions.nix; + }) + .nixPath; }; + home-manager.users.steveej = import ../../../home-manager/configuration/text-minimal.nix { + inherit pkgs; + }; - nix.buildMachines = [{ - hostName = "localhost"; - system = "x86_64-linux"; - supportedFeatures = [ "kvm" "nixos-test" "big-parallel" "benchmark" ]; - maxJobs = 4; - }]; + nix.buildMachines = [ + { + hostName = "localhost"; + system = "x86_64-linux"; + supportedFeatures = ["kvm" "nixos-test" "big-parallel" "benchmark"]; + maxJobs = 4; + } + ]; services.hydra = { enable = false; hydraURL = "http://localhost:3000"; # externally visible URL - notificationSender = - "hydra@${config.networking.hostName}.stefanjunker.de"; # e-mail of hydra service + notificationSender = "hydra@${config.networking.hostName}.stefanjunker.de"; # e-mail of hydra service # a standalone hydra will require you to unset the buildMachinesFiles list to avoid using a nonexistant /etc/nix/machines - buildMachinesFiles = [ ]; + buildMachinesFiles = []; # you will probably also want, otherwise *everything* will be built from scratch useSubstitutes = true; }; @@ -33,7 +38,7 @@ services.gitlab-runner = { enable = false; - extraPackages = with pkgs; [ bash gitlab-runner nix gitFull git-crypt ]; + extraPackages = with pkgs; [bash gitlab-runner nix gitFull git-crypt]; concurrent = 2; checkInterval = 0; @@ -41,11 +46,9 @@ nixRunner = { executor = "shell"; runUntagged = true; - registrationConfigFile = - "/etc/secrets/gitlab-runner/nix-runner.registration"; - tagList = [ "nix" ]; + registrationConfigFile = "/etc/secrets/gitlab-runner/nix-runner.registration"; + tagList = ["nix"]; }; }; - }; } diff --git a/nix/os/devices/vmd102066.contaboserver.net/system.nix b/nix/os/devices/vmd102066.contaboserver.net/system.nix index f918024..861689d 100644 --- a/nix/os/devices/vmd102066.contaboserver.net/system.nix +++ b/nix/os/devices/vmd102066.contaboserver.net/system.nix @@ -1,9 +1,11 @@ -{ pkgs, lib, config, ... }: - -let +{ + pkgs, + lib, + config, + ... +}: let keys = import ../../../variables/keys.nix; passwords = import ../../../variables/passwords.crypt.nix; - in { # TASK: new device networking.hostName = "vmd102066"; # Define your hostname. @@ -24,10 +26,12 @@ in { networking.interfaces.eth0 = { useDHCP = true; - ipv6.addresses = [{ - address = "2a02:c206:3010:2066::1"; - prefixLength = 64; - }]; + ipv6.addresses = [ + { + address = "2a02:c206:3010:2066::1"; + prefixLength = 64; + } + ]; }; networking.defaultGateway6 = { address = "fe80::1"; @@ -36,7 +40,7 @@ in { networking.nat = { enable = true; - internalInterfaces = [ "ve-+" ]; + internalInterfaces = ["ve-+"]; externalInterface = "eth0"; }; @@ -44,7 +48,7 @@ in { # services.kubernetes.roles = ["master" "node"]; # virtualization - virtualisation = { docker.enable = true; }; + virtualisation = {docker.enable = true;}; services.spice-vdagentd.enable = true; services.qemuGuest.enable = true; @@ -52,18 +56,18 @@ in { systemd.services."sshd-status" = { enable = true; description = "sshd-status service"; - path = [ pkgs.systemd ]; + path = [pkgs.systemd]; script = '' systemctl status sshd | grep -i tasks ''; }; - systemd.services.sshd.serviceConfig = { TasksMax = 32; }; + systemd.services.sshd.serviceConfig = {TasksMax = 32;}; systemd.timers."sshd-status" = { description = "Timer to trigger sshd-status periodically"; enable = true; - wantedBy = [ "timer.target" "multi-user.target" ]; + wantedBy = ["timer.target" "multi-user.target"]; timerConfig = { OnActiveSec = "5s"; OnUnitActiveSec = "5s"; @@ -72,11 +76,11 @@ in { }; }; - nix.gc = { automatic = true; }; + nix.gc = {automatic = true;}; boot.initrd.network = { enable = true; - udhcpc.extraArgs = [ "-x hostname:${config.networking.hostName}" ]; + udhcpc.extraArgs = ["-x hostname:${config.networking.hostName}"]; ssh = { enable = true; @@ -134,7 +138,7 @@ in { inherit config; hostAddress = "192.168.100.16"; localAddress = "192.168.100.17"; - subvolumes = [ "mailserver" "webserver" "backup" "syncthing" ]; + subvolumes = ["mailserver" "webserver" "backup" "syncthing"]; }; bkpTarget = import ../../containers/backup-target.nix { diff --git a/nix/os/devices/vmd102066.contaboserver.net/versions.nix b/nix/os/devices/vmd102066.contaboserver.net/versions.nix index 2a08164..c15fcee 100644 --- a/nix/os/devices/vmd102066.contaboserver.net/versions.nix +++ b/nix/os/devices/vmd102066.contaboserver.net/versions.nix @@ -4,7 +4,6 @@ let ref = "nixos-22.05"; rev = "b3a8f7ed267e0a7ed100eb7d716c9137ff120fe3"; }; - in { inherit nixpkgs; "channels-nixos-stable" = nixpkgs; diff --git a/nix/os/devices/vmd102066.contaboserver.net/versions.tmpl.nix b/nix/os/devices/vmd102066.contaboserver.net/versions.tmpl.nix index 623673e..511138c 100644 --- a/nix/os/devices/vmd102066.contaboserver.net/versions.tmpl.nix +++ b/nix/os/devices/vmd102066.contaboserver.net/versions.tmpl.nix @@ -6,7 +6,6 @@ let <% git ls-remote https://github.com/nixos/nixpkgs nixos-22.05 | awk '{ print $1 }' | tr -d ' ' -%>''; }; - in { inherit nixpkgs; "channels-nixos-stable" = nixpkgs; diff --git a/nix/os/devices/vmd32387.contaboserver.net/boot.nix b/nix/os/devices/vmd32387.contaboserver.net/boot.nix index 8a093b9..5713789 100644 --- a/nix/os/devices/vmd32387.contaboserver.net/boot.nix +++ b/nix/os/devices/vmd32387.contaboserver.net/boot.nix @@ -1,6 +1,4 @@ -{ lib, ... }: - -{ +{lib, ...}: { boot.loader.grub.efiSupport = lib.mkForce false; - boot.extraModulePackages = [ ]; + boot.extraModulePackages = []; } diff --git a/nix/os/devices/vmd32387.contaboserver.net/configuration.nix b/nix/os/devices/vmd32387.contaboserver.net/configuration.nix index 5dfb10f..28a63fb 100644 --- a/nix/os/devices/vmd32387.contaboserver.net/configuration.nix +++ b/nix/os/devices/vmd32387.contaboserver.net/configuration.nix @@ -1,7 +1,5 @@ -{ ... }: - -{ - disabledModules = [ ]; +{...}: { + disabledModules = []; imports = [ ../../profiles/common/configuration.nix ../../modules/opinionatedDisk.nix diff --git a/nix/os/devices/vmd32387.contaboserver.net/hw.nix b/nix/os/devices/vmd32387.contaboserver.net/hw.nix index 35beaa2..e09b10e 100644 --- a/nix/os/devices/vmd32387.contaboserver.net/hw.nix +++ b/nix/os/devices/vmd32387.contaboserver.net/hw.nix @@ -1,6 +1,4 @@ -{ ... }: - -let +{...}: let stage1Modules = [ "aesni_intel" "kvm-intel" @@ -13,7 +11,6 @@ let "virtio" "scsi_mod" ]; - in { # TASK: new device hardware.opinionatedDisk = { diff --git a/nix/os/devices/vmd32387.contaboserver.net/pkg.nix b/nix/os/devices/vmd32387.contaboserver.net/pkg.nix index a792e72..821775e 100644 --- a/nix/os/devices/vmd32387.contaboserver.net/pkg.nix +++ b/nix/os/devices/vmd32387.contaboserver.net/pkg.nix @@ -1,31 +1,36 @@ -{ config, pkgs, lib, ... }: - { + config, + pkgs, + lib, + ... +}: { nixpkgs.config.packageOverrides = pkgs: with pkgs; { - nixPath = (import ../../../default.nix { - versionsPath = ./versions.nix; - }).nixPath; - }; - home-manager.users.steveej = - import ../../../home-manager/configuration/text-minimal.nix { - inherit pkgs; + nixPath = + (import ../../../default.nix { + versionsPath = ./versions.nix; + }) + .nixPath; }; + home-manager.users.steveej = import ../../../home-manager/configuration/text-minimal.nix { + inherit pkgs; + }; - nix.buildMachines = [{ - hostName = "localhost"; - system = "x86_64-linux"; - supportedFeatures = [ "kvm" "nixos-test" "big-parallel" "benchmark" ]; - maxJobs = 4; - }]; + nix.buildMachines = [ + { + hostName = "localhost"; + system = "x86_64-linux"; + supportedFeatures = ["kvm" "nixos-test" "big-parallel" "benchmark"]; + maxJobs = 4; + } + ]; services.hydra = { enable = false; hydraURL = "http://localhost:3000"; # externally visible URL - notificationSender = - "hydra@${config.networking.hostName}.stefanjunker.de"; # e-mail of hydra service + notificationSender = "hydra@${config.networking.hostName}.stefanjunker.de"; # e-mail of hydra service # a standalone hydra will require you to unset the buildMachinesFiles list to avoid using a nonexistant /etc/nix/machines - buildMachinesFiles = [ ]; + buildMachinesFiles = []; # you will probably also want, otherwise *everything* will be built from scratch useSubstitutes = true; }; @@ -33,7 +38,7 @@ services.gitlab-runner = { enable = false; - extraPackages = with pkgs; [ bash gitlab-runner nix gitFull git-crypt ]; + extraPackages = with pkgs; [bash gitlab-runner nix gitFull git-crypt]; concurrent = 2; checkInterval = 0; @@ -41,11 +46,9 @@ nixRunner = { executor = "shell"; runUntagged = true; - registrationConfigFile = - "/etc/secrets/gitlab-runner/nix-runner.registration"; - tagList = [ "nix" ]; + registrationConfigFile = "/etc/secrets/gitlab-runner/nix-runner.registration"; + tagList = ["nix"]; }; }; - }; } diff --git a/nix/os/devices/vmd32387.contaboserver.net/system.nix b/nix/os/devices/vmd32387.contaboserver.net/system.nix index cb9e5ce..bc741f7 100644 --- a/nix/os/devices/vmd32387.contaboserver.net/system.nix +++ b/nix/os/devices/vmd32387.contaboserver.net/system.nix @@ -1,9 +1,11 @@ -{ pkgs, lib, config, ... }: - -let +{ + pkgs, + lib, + config, + ... +}: let keys = import ../../../variables/keys.nix; passwords = import ../../../variables/passwords.crypt.nix; - in { # TASK: new device networking.hostName = "vmd32387"; # Define your hostname. @@ -24,10 +26,12 @@ in { networking.interfaces.eth0 = { useDHCP = true; - ipv6.addresses = [{ - address = "2a02:c207:3003:2387::1"; - prefixLength = 64; - }]; + ipv6.addresses = [ + { + address = "2a02:c207:3003:2387::1"; + prefixLength = 64; + } + ]; }; networking.defaultGateway6 = { address = "fe80::1"; @@ -36,7 +40,7 @@ in { networking.nat = { enable = true; - internalInterfaces = [ "ve-+" ]; + internalInterfaces = ["ve-+"]; externalInterface = "eth0"; }; @@ -44,7 +48,7 @@ in { # services.kubernetes.roles = ["master" "node"]; # virtualization - virtualisation = { docker.enable = true; }; + virtualisation = {docker.enable = true;}; services.spice-vdagentd.enable = true; services.qemuGuest.enable = true; @@ -52,18 +56,18 @@ in { systemd.services."sshd-status" = { enable = true; description = "sshd-status service"; - path = [ pkgs.systemd ]; + path = [pkgs.systemd]; script = '' systemctl status sshd | grep -i tasks ''; }; - systemd.services.sshd.serviceConfig = { TasksMax = 32; }; + systemd.services.sshd.serviceConfig = {TasksMax = 32;}; systemd.timers."sshd-status" = { description = "Timer to trigger sshd-status periodically"; enable = true; - wantedBy = [ "timer.target" "multi-user.target" ]; + wantedBy = ["timer.target" "multi-user.target"]; timerConfig = { OnActiveSec = "5s"; OnUnitActiveSec = "5s"; @@ -72,11 +76,11 @@ in { }; }; - nix.gc = { automatic = true; }; + nix.gc = {automatic = true;}; boot.initrd.network = { enable = true; - udhcpc.extraArgs = [ "-x hostname:${config.networking.hostName}" ]; + udhcpc.extraArgs = ["-x hostname:${config.networking.hostName}"]; ssh = { enable = true; @@ -98,7 +102,7 @@ in { networking.useHostResolvConf = true; - containers = { }; + containers = {}; # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions diff --git a/nix/os/devices/vmd32387.contaboserver.net/versions.nix b/nix/os/devices/vmd32387.contaboserver.net/versions.nix index 2a08164..c15fcee 100644 --- a/nix/os/devices/vmd32387.contaboserver.net/versions.nix +++ b/nix/os/devices/vmd32387.contaboserver.net/versions.nix @@ -4,7 +4,6 @@ let ref = "nixos-22.05"; rev = "b3a8f7ed267e0a7ed100eb7d716c9137ff120fe3"; }; - in { inherit nixpkgs; "channels-nixos-stable" = nixpkgs; diff --git a/nix/os/devices/vmd32387.contaboserver.net/versions.tmpl.nix b/nix/os/devices/vmd32387.contaboserver.net/versions.tmpl.nix index 623673e..511138c 100644 --- a/nix/os/devices/vmd32387.contaboserver.net/versions.tmpl.nix +++ b/nix/os/devices/vmd32387.contaboserver.net/versions.tmpl.nix @@ -6,7 +6,6 @@ let <% git ls-remote https://github.com/nixos/nixpkgs nixos-22.05 | awk '{ print $1 }' | tr -d ' ' -%>''; }; - in { inherit nixpkgs; "channels-nixos-stable" = nixpkgs; diff --git a/nix/os/lib/default.nix b/nix/os/lib/default.nix index abeadd9..caa0738 100644 --- a/nix/os/lib/default.nix +++ b/nix/os/lib/default.nix @@ -1,14 +1,19 @@ -{ keys ? import ../../variables/keys.nix -, passwords ? import ../../variables/passwords.crypt.nix }: - { - mkRoot = { }@args: + keys ? import ../../variables/keys.nix, + passwords ? import ../../variables/passwords.crypt.nix, +}: { + mkRoot = {} @ args: { hashedPassword = passwords.users.root; openssh.authorizedKeys.keys = keys.users.steveej.openssh; - } // args; + } + // args; - mkUser = { uid, hashedPassword ? passwords.users.steveej, ... }@args: + mkUser = { + uid, + hashedPassword ? passwords.users.steveej, + ... + } @ args: { inherit uid hashedPassword; isNormalUser = true; @@ -26,7 +31,8 @@ "adbusers" ]; openssh.authorizedKeys.keys = keys.users.steveej.openssh; - } // args; + } + // args; disk = rec { # TODO: verify the GPT PARTLABEL cap at 36 chars @@ -34,7 +40,7 @@ # LVM doesn't allow most characters in VG names # TODO: replace this with a whitelist for: [a-zA-Z0-9.-_+] - volumeGroup = diskId: builtins.replaceStrings [ ":" ] [ "" ] diskId; + volumeGroup = diskId: builtins.replaceStrings [":"] [""] diskId; # This is important at install-time bootGrubDevice = diskId: "/dev/disk/by-id/" + diskId; @@ -52,9 +58,8 @@ luksName = diskId: (volumeGroup diskId) + "pv"; luksPhysicalVolume = diskId: "/dev/mapper/" + (luksName diskId); lvmPv = diskId: encrypted: - if encrypted == true then - luksPhysicalVolume diskId - else - bootLuksDevice diskId; + if encrypted == true + then luksPhysicalVolume diskId + else bootLuksDevice diskId; }; } diff --git a/nix/os/modules/ddclient-ovh.nix b/nix/os/modules/ddclient-ovh.nix index 3dc4445..d12383a 100644 --- a/nix/os/modules/ddclient-ovh.nix +++ b/nix/os/modules/ddclient-ovh.nix @@ -1,15 +1,15 @@ -{ lib, config, ... }: - -let +{ + lib, + config, + ... +}: let cfg = config.services.ddclientovh; passwords = import ../../variables/passwords.crypt.nix; - in { - options.services.ddclientovh = with lib; { enable = mkEnableOption "Enable ddclient-ovh"; - domain = mkOption { type = types.str; }; + domain = mkOption {type = types.str;}; }; config = lib.mkIf cfg.enable { @@ -18,10 +18,11 @@ in { protocol = "dyndns2"; server = "www.ovh.com"; ssl = true; - domains = [ cfg.domain ]; + domains = [cfg.domain]; use = "web"; inherit (passwords.dyndns.${cfg.domain}) username; - passwordFile = builtins.toFile passwords.dyndns._filename + passwordFile = + builtins.toFile passwords.dyndns._filename passwords.dyndns.${cfg.domain}.password; }; }; diff --git a/nix/os/modules/initrd-network.nix b/nix/os/modules/initrd-network.nix index 820eb55..e517d62 100644 --- a/nix/os/modules/initrd-network.nix +++ b/nix/os/modules/initrd-network.nix @@ -1,9 +1,10 @@ -{ config, lib, pkgs, ... }: - -with lib; - -let - +{ + config, + lib, + pkgs, + ... +}: +with lib; let cfg = config.boot.initrd.network; udhcpcScript = pkgs.writeScript "udhcp-script" '' @@ -24,11 +25,8 @@ let ''; udhcpcArgs = toString cfg.udhcpc.extraArgs; - in { - options = { - boot.initrd.network.enable = mkOption { type = types.bool; default = false; @@ -48,7 +46,7 @@ in { }; boot.initrd.network.udhcpc.extraArgs = mkOption { - default = [ ]; + default = []; type = types.listOf types.str; description = '' Additional command-line arguments passed verbatim to udhcpc if @@ -73,14 +71,12 @@ in { Whether to enable DHCP for the network interfaces. ''; }; - }; config = mkIf cfg.enable { + warnings = ["Enabled SSH for stage1"]; - warnings = [ "Enabled SSH for stage1" ]; - - boot.initrd.kernelModules = [ "af_packet" ]; + boot.initrd.kernelModules = ["af_packet"]; boot.initrd.extraUtilsCommands = '' copy_bin_and_libs ${pkgs.mkinitcpio-nfs-utils}/bin/ipconfig @@ -97,7 +93,6 @@ in { esac done '' - # Otherwise, use DHCP. + optionalString cfg.useDHCP '' if [ -z "$hasNetwork" ]; then @@ -113,14 +108,12 @@ in { udhcpc --quit --now --script ${udhcpcScript} ${udhcpcArgs} && hasNetwork=1 fi '' - + '' if [ -n "$hasNetwork" ]; then echo "networking is up!" ${cfg.postCommands} fi - ''); - + '' + ); }; - } diff --git a/nix/os/modules/natrouter.nix b/nix/os/modules/natrouter.nix index ba864b6..62af2a8 100644 --- a/nix/os/modules/natrouter.nix +++ b/nix/os/modules/natrouter.nix @@ -1,7 +1,9 @@ -{ lib, config, ... }: -with lib; - { + lib, + config, + ... +}: +with lib; { # TODO # Provide a NAT/DHCP Router # diff --git a/nix/os/modules/opinionatedDisk.nix b/nix/os/modules/opinionatedDisk.nix index c51c1e5..22b4b4e 100644 --- a/nix/os/modules/opinionatedDisk.nix +++ b/nix/os/modules/opinionatedDisk.nix @@ -1,13 +1,15 @@ -{ lib, config, ... }: -with lib; - -let +{ + lib, + config, + ... +}: +with lib; let cfg = config.hardware.opinionatedDisk; - ownLib = import ../lib/default.nix { }; + ownLib = import ../lib/default.nix {}; in { options.hardware.opinionatedDisk = { enable = mkEnableOption "Enable opinionated filesystem layout"; - diskId = mkOption { type = types.str; }; + diskId = mkOption {type = types.str;}; encrypted = mkOption { default = true; type = types.bool; @@ -16,41 +18,45 @@ in { config = lib.mkIf cfg.enable { fileSystems."/boot" = { - device = (ownLib.disk.bootFsDevice cfg.diskId); + device = ownLib.disk.bootFsDevice cfg.diskId; fsType = "vfat"; }; fileSystems."/" = { - device = (ownLib.disk.rootFsDevice cfg.diskId); + device = ownLib.disk.rootFsDevice cfg.diskId; fsType = "btrfs"; - options = [ "subvol=nixos" ]; + options = ["subvol=nixos"]; }; fileSystems."/home" = { - device = (ownLib.disk.rootFsDevice cfg.diskId); + device = ownLib.disk.rootFsDevice cfg.diskId; fsType = "btrfs"; - options = [ "subvol=home" ]; + options = ["subvol=home"]; }; - swapDevices = [{ device = (ownLib.disk.swapFsDevice cfg.diskId); }]; + swapDevices = [{device = ownLib.disk.swapFsDevice cfg.diskId;}]; boot.loader.grub = { - device = (ownLib.disk.bootGrubDevice cfg.diskId); + device = ownLib.disk.bootGrubDevice cfg.diskId; enableCryptodisk = cfg.encrypted; }; - boot.initrd.luks.devices = lib.optionalAttrs cfg.encrypted - (builtins.listToAttrs [{ - name = let - splitstring = - builtins.split "/" (ownLib.disk.bootLuksDevice cfg.diskId); - lastelem = (builtins.length splitstring) - 1; - in builtins.elemAt splitstring lastelem; - value = { - device = (ownLib.disk.bootLuksDevice cfg.diskId); - preLVM = true; - allowDiscards = true; - }; - }]); + boot.initrd.luks.devices = + lib.optionalAttrs cfg.encrypted + (builtins.listToAttrs [ + { + name = let + splitstring = + builtins.split "/" (ownLib.disk.bootLuksDevice cfg.diskId); + lastelem = (builtins.length splitstring) - 1; + in + builtins.elemAt splitstring lastelem; + value = { + device = ownLib.disk.bootLuksDevice cfg.diskId; + preLVM = true; + allowDiscards = true; + }; + } + ]); }; } diff --git a/nix/os/profiles/common/boot.nix b/nix/os/profiles/common/boot.nix index 01be27f..7946772 100644 --- a/nix/os/profiles/common/boot.nix +++ b/nix/os/profiles/common/boot.nix @@ -1,6 +1,4 @@ -{ pkgs, ... }: - -{ +{pkgs, ...}: { boot.kernelPackages = pkgs.linuxPackages; boot.loader.grub = { enable = true; @@ -14,6 +12,5 @@ boot.tmpOnTmpfs = true; # Workaround for nm-pptp to enforce module load - boot.kernelModules = [ "nf_conntrack_proto_gre" "nf_conntrack_pptp" ]; + boot.kernelModules = ["nf_conntrack_proto_gre" "nf_conntrack_pptp"]; } - diff --git a/nix/os/profiles/common/configuration.nix b/nix/os/profiles/common/configuration.nix index 5030ea5..80f92dd 100644 --- a/nix/os/profiles/common/configuration.nix +++ b/nix/os/profiles/common/configuration.nix @@ -1,7 +1,5 @@ -{ ... }: - -{ +{...}: { nixpkgs.overlays = builtins.attrValues (import ../../../overlays); - imports = [ ./boot.nix ./pkg.nix ./user.nix ./system.nix ./hw.nix ]; + imports = [./boot.nix ./pkg.nix ./user.nix ./system.nix ./hw.nix]; } diff --git a/nix/os/profiles/common/hw.nix b/nix/os/profiles/common/hw.nix index 9e4a6a3..80bdc31 100644 --- a/nix/os/profiles/common/hw.nix +++ b/nix/os/profiles/common/hw.nix @@ -1,8 +1,5 @@ -{ ... }: - -{ +{...}: { hardware.trackpoint.emulateWheel = true; - boot.initrd.availableKernelModules = - [ "xhci_pci" "ahci" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" "cryptd" ]; + boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" "cryptd"]; } diff --git a/nix/os/profiles/common/pkg.nix b/nix/os/profiles/common/pkg.nix index a6eba09..e855acf 100644 --- a/nix/os/profiles/common/pkg.nix +++ b/nix/os/profiles/common/pkg.nix @@ -1,17 +1,18 @@ -{ config, pkgs, ... }: - { - imports = [ "${}/nixos" ]; - home-manager.users.root = - import ../../../home-manager/configuration/text-minimal.nix { - inherit pkgs; - }; + config, + pkgs, + ... +}: { + imports = ["${}/nixos"]; + home-manager.users.root = import ../../../home-manager/configuration/text-minimal.nix { + inherit pkgs; + }; nixpkgs.config = { allowBroken = false; allowUnfree = true; - packageOverrides = pkgs: with pkgs; { }; + packageOverrides = pkgs: with pkgs; {}; }; environment.systemPackages = with pkgs; [ diff --git a/nix/os/profiles/common/system.nix b/nix/os/profiles/common/system.nix index f6b8bf1..72c7a7f 100644 --- a/nix/os/profiles/common/system.nix +++ b/nix/os/profiles/common/system.nix @@ -1,6 +1,9 @@ -{ config, pkgs, lib, ... }: - { + config, + pkgs, + lib, + ... +}: { nix.binaryCachePublicKeys = [ # "hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs=" ]; @@ -25,14 +28,14 @@ } ''; - environment.variables = { NIX_PATH = lib.mkForce pkgs.nixPath; }; + environment.variables = {NIX_PATH = lib.mkForce pkgs.nixPath;}; # Fonts, I18N, Date ... - fonts.fonts = [ pkgs.corefonts ]; + fonts.fonts = [pkgs.corefonts]; console.font = "lat9w-16"; - i18n = { defaultLocale = "en_US.UTF-8"; }; + i18n = {defaultLocale = "en_US.UTF-8";}; time.timeZone = "Etc/UTC"; services.gpm.enable = true; @@ -65,6 +68,6 @@ programs.zsh.enable = true; users.defaultUserShell = pkgs.zsh; - environment.pathsToLink = [ "/share/zsh" ]; + environment.pathsToLink = ["/share/zsh"]; programs.fuse.userAllowOther = true; } diff --git a/nix/os/profiles/common/user.nix b/nix/os/profiles/common/user.nix index 180d936..d93de5e 100644 --- a/nix/os/profiles/common/user.nix +++ b/nix/os/profiles/common/user.nix @@ -1,13 +1,15 @@ -{ config, pkgs, ... }: - -let +{ + config, + pkgs, + ... +}: let passwords = import ../../../variables/passwords.crypt.nix; - inherit (import ../../lib/default.nix { }) mkUser mkRoot; + inherit (import ../../lib/default.nix {}) mkUser mkRoot; in { users.mutableUsers = false; - users.extraUsers.root = mkRoot { }; - users.extraUsers.steveej = mkUser { uid = 1000; }; + users.extraUsers.root = mkRoot {}; + users.extraUsers.steveej = mkUser {uid = 1000;}; security.pam.u2f.enable = true; security.pam.services.steveej.u2fAuth = true; diff --git a/nix/os/profiles/containers/configuration.nix b/nix/os/profiles/containers/configuration.nix index 3c76707..765752d 100644 --- a/nix/os/profiles/containers/configuration.nix +++ b/nix/os/profiles/containers/configuration.nix @@ -1,10 +1,8 @@ -{ ... }: - -{ +{...}: { nixpkgs.overlays = builtins.attrValues (import ../../../overlays); networking.useHostResolvConf = false; - services.resolved = { enable = true; }; + services.resolved = {enable = true;}; - imports = [ ../../modules/ddclient-ovh.nix ]; + imports = [../../modules/ddclient-ovh.nix]; } diff --git a/nix/os/profiles/graphical/boot.nix b/nix/os/profiles/graphical/boot.nix index e5d01b9..f6d9452 100644 --- a/nix/os/profiles/graphical/boot.nix +++ b/nix/os/profiles/graphical/boot.nix @@ -1,3 +1 @@ -{ lib, ... }: - -{ } +{lib, ...}: {} diff --git a/nix/os/profiles/graphical/configuration.nix b/nix/os/profiles/graphical/configuration.nix index 82b3382..b9cf53e 100644 --- a/nix/os/profiles/graphical/configuration.nix +++ b/nix/os/profiles/graphical/configuration.nix @@ -1,5 +1,3 @@ -{ pkgs, ... }: - -{ - imports = [ ./boot.nix ./system.nix ./hw.nix ]; +{pkgs, ...}: { + imports = [./boot.nix ./system.nix ./hw.nix]; } diff --git a/nix/os/profiles/graphical/hw.nix b/nix/os/profiles/graphical/hw.nix index a858670..abb1e68 100644 --- a/nix/os/profiles/graphical/hw.nix +++ b/nix/os/profiles/graphical/hw.nix @@ -1,5 +1,3 @@ -{ ... }: - -{ +{...}: { hardware.enableAllFirmware = true; } diff --git a/nix/os/profiles/graphical/system.nix b/nix/os/profiles/graphical/system.nix index 0f5d18f..ff22960 100644 --- a/nix/os/profiles/graphical/system.nix +++ b/nix/os/profiles/graphical/system.nix @@ -1,6 +1,4 @@ -{ pkgs, ... }: - -{ +{pkgs, ...}: { networking.networkmanager = { enable = true; dns = "systemd-resolved"; @@ -28,7 +26,7 @@ }; }; # required for running blueman-applet in user sessions - services.dbus.packages = with pkgs; [ blueman ]; + services.dbus.packages = with pkgs; [blueman]; services.blueman.enable = true; services.xserver = { @@ -68,8 +66,7 @@ lightdm = { enable = true; - background = - "${pkgs.nixos-artwork.wallpapers.simple-blue}/share/artwork/gnome/nix-wallpaper-simple-blue.png"; + background = "${pkgs.nixos-artwork.wallpapers.simple-blue}/share/artwork/gnome/nix-wallpaper-simple-blue.png"; }; sessionCommands = ""; @@ -102,8 +99,7 @@ }; # More Services - services.udev.packages = - [ pkgs.libu2f-host pkgs.yubikey-personalization pkgs.android-udev-rules ]; + services.udev.packages = [pkgs.libu2f-host pkgs.yubikey-personalization pkgs.android-udev-rules]; services.udev.extraRules = '' # OnePlusOne ATTR{idVendor}=="05c6", ATTR{idProduct}=="6764", SYMLINK+="libmtp-%k", MODE="660", GROUP="audio", ENV{ID_MTP_DEVICE}="1", ENV{ID_MEDIA_PLAYER}="1", TAG+="uaccess" diff --git a/nix/os/profiles/install-medium/iso/iso.nix b/nix/os/profiles/install-medium/iso/iso.nix index f236694..394aece 100644 --- a/nix/os/profiles/install-medium/iso/iso.nix +++ b/nix/os/profiles/install-medium/iso/iso.nix @@ -1,26 +1,29 @@ # This module defines a small NixOS installation CD. It does not # contain any graphical stuff. -{ config, pkgs, lib, ... }: - -let +{ + config, + pkgs, + lib, + ... +}: let nixos-init-script = '' #!${pkgs.stdenv.shell} export HOME=/root export PATH=${ - pkgs.lib.makeBinPath [ - config.nix.package - pkgs.systemd - pkgs.gnugrep - pkgs.gnused - config.system.build.nixos-rebuild - config.system.build.nixos-install - pkgs.utillinux - pkgs.e2fsprogs - pkgs.coreutils - pkgs.hdparm - ] - }:$PATH + pkgs.lib.makeBinPath [ + config.nix.package + pkgs.systemd + pkgs.gnugrep + pkgs.gnused + config.system.build.nixos-rebuild + config.system.build.nixos-install + pkgs.utillinux + pkgs.e2fsprogs + pkgs.coreutils + pkgs.hdparm + ] + }:$PATH export NIX_PATH=/nix/var/nix/profiles/per-user/root/channels/nixos:nixos-config=/etc/nixos/configuration.nix:/nix/var/nix/profiles/per-user/root/channels set -xe @@ -57,7 +60,7 @@ let nix-channel --update nixos-install reboot - ''; + ''; in { imports = [ @@ -67,12 +70,13 @@ in { # ]; - isoImage.isoName = lib.mkForce + isoImage.isoName = + lib.mkForce "${config.isoImage.isoBaseName}-${pkgs.stdenv.hostPlatform.system}.iso"; boot.loader.timeout = lib.mkForce 0; boot.postBootCommands = ""; - environment.systemPackages = [ ]; + environment.systemPackages = []; users.users.root = { openssh.authorizedKeys.keys = [ @@ -81,19 +85,18 @@ in { }; services.gpm.enable = true; - systemd.services.sshd.wantedBy = lib.mkForce [ "multi-user.target" ]; + systemd.services.sshd.wantedBy = lib.mkForce ["multi-user.target"]; systemd.services.nixos-init = { script = nixos-init-script; - path = with pkgs; [ ]; + path = with pkgs; []; - description = - "Initialize /dev/vda from configuration.nix found at /dev/vdb"; + description = "Initialize /dev/vda from configuration.nix found at /dev/vdb"; enable = true; - wantedBy = [ "multi-user.target" ]; - after = [ "multi-user.target" ]; - requires = [ "network-online.target" ]; + wantedBy = ["multi-user.target"]; + after = ["multi-user.target"]; + requires = ["network-online.target"]; restartIfChanged = false; unitConfig.X-StopOnRemoval = false; diff --git a/nix/os/profiles/podman/configuration.nix b/nix/os/profiles/podman/configuration.nix index bb0508b..b70ff6c 100644 --- a/nix/os/profiles/podman/configuration.nix +++ b/nix/os/profiles/podman/configuration.nix @@ -1,6 +1,8 @@ -{ config, pkgs, ... }: - { + config, + pkgs, + ... +}: { environment.systemPackages = with pkgs; [ podman runc diff --git a/nix/os/profiles/removable-medium/boot.nix b/nix/os/profiles/removable-medium/boot.nix index 2796760..e0938bd 100644 --- a/nix/os/profiles/removable-medium/boot.nix +++ b/nix/os/profiles/removable-medium/boot.nix @@ -1,7 +1,5 @@ -{ lib, ... }: - -{ +{lib, ...}: { boot.loader.grub.efiInstallAsRemovable = lib.mkForce true; boot.loader.efi.canTouchEfiVariables = lib.mkForce false; - boot.extraModulePackages = [ ]; + boot.extraModulePackages = []; } diff --git a/nix/os/profiles/removable-medium/configuration.nix b/nix/os/profiles/removable-medium/configuration.nix index 4d4720f..95ca049 100644 --- a/nix/os/profiles/removable-medium/configuration.nix +++ b/nix/os/profiles/removable-medium/configuration.nix @@ -1,6 +1,4 @@ -{ ... }: - -{ +{...}: { imports = [ ../../modules/opinionatedDisk.nix diff --git a/nix/os/profiles/removable-medium/hw.nix b/nix/os/profiles/removable-medium/hw.nix index 6121e79..17c16b0 100644 --- a/nix/os/profiles/removable-medium/hw.nix +++ b/nix/os/profiles/removable-medium/hw.nix @@ -1,6 +1,4 @@ -{ ... }: - -{ +{...}: { hardware.opinionatedDisk.enable = true; hardware.enableAllFirmware = true; } diff --git a/nix/os/profiles/removable-medium/pkg.nix b/nix/os/profiles/removable-medium/pkg.nix index 4fc2a08..5a54115 100644 --- a/nix/os/profiles/removable-medium/pkg.nix +++ b/nix/os/profiles/removable-medium/pkg.nix @@ -1,8 +1,5 @@ -{ pkgs, ... }: - -{ - home-manager.users.steveej = - import ../../../home-manager/configuration/graphical-removable.nix { - inherit pkgs; - }; +{pkgs, ...}: { + home-manager.users.steveej = import ../../../home-manager/configuration/graphical-removable.nix { + inherit pkgs; + }; } diff --git a/nix/os/profiles/removable-medium/system.nix b/nix/os/profiles/removable-medium/system.nix index 5753942..10a18ef 100644 --- a/nix/os/profiles/removable-medium/system.nix +++ b/nix/os/profiles/removable-medium/system.nix @@ -1,9 +1,11 @@ -{ config, lib, pkgs, ... }: - -let - +{ + config, + lib, + pkgs, + ... +}: let in { - services.printing = { enable = false; }; + services.printing = {enable = false;}; services.spice-vdagentd.enable = true; services.qemuGuest.enable = true; diff --git a/nix/overlays/overrides.nix b/nix/overlays/overrides.nix index 7352956..ab37a6d 100644 --- a/nix/overlays/overrides.nix +++ b/nix/overlays/overrides.nix @@ -1,16 +1,12 @@ # This overlay is used for overriding upstream packages. - -self: super: - -let +self: super: let sources = import ../../nix/sources.nix; - nixpkgs-master = import { inherit (super) config; }; + nixpkgs-master = import {inherit (super) config;}; nixpkgs-unstable = - import { inherit (super) config; }; + import {inherit (super) config;}; pr-holochain-launcher-bin = - import sources.pr-holochain-launcher-bin { inherit (super) config; }; - + import sources.pr-holochain-launcher-bin {inherit (super) config;}; in { inherit nixpkgs-master; inherit nixpkgs-unstable; @@ -18,7 +14,7 @@ in { # alacritty = nixpkgs-master.alacritty; alacritty = super.stdenv.mkDerivation { name = "alacritty-custom"; - buildInputs = [ super.makeWrapper ]; + buildInputs = [super.makeWrapper]; phases = "installPhase"; installPhase = '' makeWrapper ${super.alacritty}/bin/alacritty $out/bin/alacritty \ @@ -27,13 +23,13 @@ in { }; qtile = super.qtile.overrideAttrs (oldAttrs: { - propagatedBuildInputs = oldAttrs.passthru.unwrapped.propagatedBuildInputs - ++ (with self.python3Packages; - [ - # python-wifi - # iwlib - keyring - ]); + propagatedBuildInputs = + oldAttrs.passthru.unwrapped.propagatedBuildInputs + ++ (with self.python3Packages; [ + # python-wifi + # iwlib + keyring + ]); }); inherit (pr-holochain-launcher-bin) holochain-launcher; diff --git a/nix/overlays/pkgs.nix b/nix/overlays/pkgs.nix index fcabcd3..2459f2c 100644 --- a/nix/overlays/pkgs.nix +++ b/nix/overlays/pkgs.nix @@ -2,17 +2,13 @@ # The code is copied from the NUR repository [0]. # # [0]: https://github.com/nix-community/nur-packages-template/blob/2610a5b60bd926cea3e6395511da8f0d14c613b9/overlay.nix - -self: super: - -let - +self: super: let isReserved = n: n == "lib" || n == "overlays" || n == "modules"; nameValuePair = n: v: { name = n; value = v; }; - nurAttrs = import ../pkgs { pkgs = super; }; - -in builtins.listToAttrs (map (n: nameValuePair n nurAttrs.${n}) - (builtins.filter (n: !isReserved n) (builtins.attrNames nurAttrs))) + nurAttrs = import ../pkgs {pkgs = super;}; +in + builtins.listToAttrs (map (n: nameValuePair n nurAttrs.${n}) + (builtins.filter (n: !isReserved n) (builtins.attrNames nurAttrs))) diff --git a/nix/overlays/posh.nix b/nix/overlays/posh.nix index d101303..e7ce1b6 100644 --- a/nix/overlays/posh.nix +++ b/nix/overlays/posh.nix @@ -1,7 +1,5 @@ -self: super: - -let - nixpkgs-master = import { }; +self: super: let + nixpkgs-master = import {}; inherit (nixpkgs-master) crun; crun_10_6_0 = crun.overrideAttrs (oldAttrs: rec { @@ -12,8 +10,7 @@ let sha256 = "0v1hrlpnln0c976fb0k2ig4jv11qbyzf95z0wy92fd8r8in16rc1"; }; }); - in { inherit (nixpkgs-master) podman conmon slirp4netns; - posh = self.callPackage ../pkgs/posh.nix { }; + posh = self.callPackage ../pkgs/posh.nix {}; } diff --git a/nix/pkgs/browserpass/default.nix b/nix/pkgs/browserpass/default.nix index 56cc257..5b13732 100644 --- a/nix/pkgs/browserpass/default.nix +++ b/nix/pkgs/browserpass/default.nix @@ -1,29 +1,27 @@ -with import { }; +with import {}; + stdenv.mkDerivation rec { + broken = true; -stdenv.mkDerivation rec { - broken = true; + name = "browserpass"; + version = "2.0.9"; - name = "browserpass"; - version = "2.0.9"; + src = fetchzip { + url = "https://github.com/dannyvankooten/browserpass/releases/download/${version}/${name}-linux64.zip"; + sha256 = "1nygcfjhyrcvbdmz4hjphcnmr4lm9y24lpdkdcjix6vbsjs0hipw"; + stripRoot = false; + }; - src = fetchzip { - url = - "https://github.com/dannyvankooten/browserpass/releases/download/${version}/${name}-linux64.zip"; - sha256 = "1nygcfjhyrcvbdmz4hjphcnmr4lm9y24lpdkdcjix6vbsjs0hipw"; - stripRoot = false; - }; + buildPhase = ":"; - buildPhase = ":"; + libPath = lib.makeLibraryPath []; + installPhase = '' + set -x + patchelf --set-interpreter ${glibc}/lib/ld-linux-x86-64.so.2 browserpass-linux64 - libPath = lib.makeLibraryPath [ ]; - installPhase = '' - set -x - patchelf --set-interpreter ${glibc}/lib/ld-linux-x86-64.so.2 browserpass-linux64 - - mkdir -p $out/bin - cp -a * $out/bin/ - # wrapProgram $out/bin/browserpass-linux64 \ - # --prefix LD_LIBRARY_PATH : "${libPath}" - # - ''; -} + mkdir -p $out/bin + cp -a * $out/bin/ + # wrapProgram $out/bin/browserpass-linux64 \ + # --prefix LD_LIBRARY_PATH : "${libPath}" + # + ''; + } diff --git a/nix/pkgs/default.nix b/nix/pkgs/default.nix index 2ab8ee7..959d466 100644 --- a/nix/pkgs/default.nix +++ b/nix/pkgs/default.nix @@ -1,31 +1,34 @@ -{ pkgs }: -let - +{pkgs}: let in rec { - nixpkgs-master = import { }; + nixpkgs-master = import {}; linuxPackages_sgx_540rc3 = let - linux_sgx_pkg = { fetchurl, buildLinux, ... }@args: + linux_sgx_pkg = { + fetchurl, + buildLinux, + ... + } @ args: + buildLinux (args + // rec { + version = "5.4.0-rc3"; + modDirVersion = version; - buildLinux (args // rec { - version = "5.4.0-rc3"; - modDirVersion = version; + src = fetchurl { + url = "https://github.com/jsakkine-intel/linux-sgx/archive/v23.tar.gz"; + sha256 = "11rwlwv7s071ia889dk1dgrxprxiwgi7djhg47vi56dj81jgib20"; + }; + kernelPatches = []; - src = fetchurl { - url = - "https://github.com/jsakkine-intel/linux-sgx/archive/v23.tar.gz"; - sha256 = "11rwlwv7s071ia889dk1dgrxprxiwgi7djhg47vi56dj81jgib20"; - }; - kernelPatches = [ ]; + extraConfig = '' + INTEL_SGX y + ''; - extraConfig = '' - INTEL_SGX y - ''; - - extraMeta.branch = "5.4"; - } // (args.argsOverride or { })); - linux_sgx = pkgs.callPackage linux_sgx_pkg { }; - in pkgs.recurseIntoAttrs (pkgs.linuxPackagesFor linux_sgx); + extraMeta.branch = "5.4"; + } + // (args.argsOverride or {})); + linux_sgx = pkgs.callPackage linux_sgx_pkg {}; + in + pkgs.recurseIntoAttrs (pkgs.linuxPackagesFor linux_sgx); linuxPackages_sgx_latest = linuxPackages_sgx_540rc3; busyboxStatic = pkgs.busybox.override { @@ -36,7 +39,7 @@ in rec { CONFIG_INSTALL_APPLET_SYMLINKS n ''; }; - dropbearStatic = pkgs.dropbear.override { enableStatic = true; }; + dropbearStatic = pkgs.dropbear.override {enableStatic = true;}; php5 = let nixpkgsWithPhp5 = pkgs.fetchFromGitHub { @@ -45,38 +48,42 @@ in rec { rev = "846d8f8305192dcc3a63139102698b4ac6b9ef9f"; sha256 = "1qifgc1q2i4g0ivpfjnxp4jl2cc82gfjws08dsllgw7q7kw4b4rb"; }; - php5 = (pkgs.callPackage - "${nixpkgsWithPhp5}/pkgs/development/interpreters/php/default.nix" { - config = (pkgs.lib.attrsets.recursiveUpdate pkgs.config { - php = { - imap = false; - openssl = false; - curl = false; - ldap = false; - mcrypt = false; + php5 = + (pkgs.callPackage + "${nixpkgsWithPhp5}/pkgs/development/interpreters/php/default.nix" + { + config = pkgs.lib.attrsets.recursiveUpdate pkgs.config { + php = { + imap = false; + openssl = false; + curl = false; + ldap = false; + mcrypt = false; + }; }; - }); - stdenv = pkgs.llvmPackages_6.stdenv; # broken - icu = pkgs.icu60; - }).php56; - in php5.overrideAttrs (attrs: rec { - # See https://secure.php.net/ChangeLog-5.php - version = "5.6.40"; - name = "php-${version}"; + stdenv = pkgs.llvmPackages_6.stdenv; # broken + icu = pkgs.icu60; + }) + .php56; + in + php5.overrideAttrs (attrs: rec { + # See https://secure.php.net/ChangeLog-5.php + version = "5.6.40"; + name = "php-${version}"; - sha256 = "005s7w167dypl41wlrf51niryvwy1hfv53zxyyr3lm938v9jbl7z"; - src = pkgs.fetchurl { - url = "http://www.php.net/distributions/php-${version}.tar.bz2"; - inherit sha256; - }; + sha256 = "005s7w167dypl41wlrf51niryvwy1hfv53zxyyr3lm938v9jbl7z"; + src = pkgs.fetchurl { + url = "http://www.php.net/distributions/php-${version}.tar.bz2"; + inherit sha256; + }; - configureFlags = attrs.configureFlags ++ [ "--without-fpm-systemd" ]; + configureFlags = attrs.configureFlags ++ ["--without-fpm-systemd"]; - meta.license = null; - }); + meta.license = null; + }); - duplicacy = pkgs.callPackage ../pkgs/duplicacy { }; - mfcl3770cdw = pkgs.callPackage ../pkgs/mfcl3770cdw.nix { }; + duplicacy = pkgs.callPackage ../pkgs/duplicacy {}; + mfcl3770cdw = pkgs.callPackage ../pkgs/mfcl3770cdw.nix {}; staruml = pkgs.callPackage ../pkgs/staruml.nix { inherit (pkgs.gnome2) GConf; libgcrypt = pkgs.libgcrypt_1_5; @@ -85,27 +92,28 @@ in rec { pythonPackages = myPython; myPython = pkgs.python310.withPackages (ps: with ps; - [ - pep8 - yapf - flake8 - # autopep8 (broken) - # pylint (broken) - ipython - llfuse - dugong - defusedxml - wheel - pip - virtualenv - cffi - pyopenssl - urllib3 - # mistune (insecure) - sympy + [ + pep8 + yapf + flake8 + # autopep8 (broken) + # pylint (broken) + ipython + llfuse + dugong + defusedxml + wheel + pip + virtualenv + cffi + pyopenssl + urllib3 + # mistune (insecure) + sympy - flask + flask - pyaml - ] ++ [ pkgs.pypi2nix pkgs.libffi ]); + pyaml + ] + ++ [pkgs.pypi2nix pkgs.libffi]); } diff --git a/nix/pkgs/duplicacy/default.nix b/nix/pkgs/duplicacy/default.nix index 07d50e7..7a3fc19 100644 --- a/nix/pkgs/duplicacy/default.nix +++ b/nix/pkgs/duplicacy/default.nix @@ -1,5 +1,7 @@ -{ buildGoPackage, fetchFromGitHub }: - +{ + buildGoPackage, + fetchFromGitHub, +}: buildGoPackage rec { name = "duplicay-${version}"; version = "2.1.2"; diff --git a/nix/pkgs/duplicacy/shell.nix b/nix/pkgs/duplicacy/shell.nix index 045572c..051e832 100644 --- a/nix/pkgs/duplicacy/shell.nix +++ b/nix/pkgs/duplicacy/shell.nix @@ -1,12 +1,12 @@ -with import { }; -stdenv.mkDerivation { - name = "env"; - buildInputs = [ - zsh - go - go2nix - dep2nix - nix-prefetch-github - (callPackage ./default.nix { }) - ]; -} +with import {}; + stdenv.mkDerivation { + name = "env"; + buildInputs = [ + zsh + go + go2nix + dep2nix + nix-prefetch-github + (callPackage ./default.nix {}) + ]; + } diff --git a/nix/pkgs/mfcl3770cdw.nix b/nix/pkgs/mfcl3770cdw.nix index 79919a5..5c04cbf 100644 --- a/nix/pkgs/mfcl3770cdw.nix +++ b/nix/pkgs/mfcl3770cdw.nix @@ -1,22 +1,30 @@ -{ pkgsi686Linux, stdenv, fetchurl, dpkg, makeWrapper, coreutils, ghostscript -, gnugrep, gnused, which, perl, lib }: - -let +{ + pkgsi686Linux, + stdenv, + fetchurl, + dpkg, + makeWrapper, + coreutils, + ghostscript, + gnugrep, + gnused, + which, + perl, + lib, +}: let model = "mfcl3770cdw"; version = "1.0.2-0"; src = fetchurl { - url = - "https://download.brother.com/welcome/dlf103935/${model}pdrv-${version}.i386.deb"; + url = "https://download.brother.com/welcome/dlf103935/${model}pdrv-${version}.i386.deb"; sha256 = "09fhbzhpjymhkwxqyxzv24b06ybmajr6872yp7pri39595mhrvay"; }; reldir = "opt/brother/Printers/${model}/"; - in rec { driver = stdenv.mkDerivation rec { inherit src version; name = "${model}drv-${version}"; - nativeBuildInputs = [ dpkg makeWrapper ]; + nativeBuildInputs = [dpkg makeWrapper]; unpackPhase = "dpkg-deb -x $src $out"; @@ -28,8 +36,8 @@ in rec { --replace "PRINTER =~" "PRINTER = \"${model}\"; #" wrapProgram $dir/lpd/filter_${model} \ --prefix PATH : ${ - lib.makeBinPath [ coreutils ghostscript gnugrep gnused which ] - } + lib.makeBinPath [coreutils ghostscript gnugrep gnused which] + } # need to use i686 glibc here, these are 32bit proprietary binaries interpreter=${pkgsi686Linux.glibc}/lib/ld-linux.so.2 patchelf --set-interpreter "$interpreter" $dir/lpd/brmfcl3770cdwfilter @@ -39,8 +47,8 @@ in rec { description = "Brother ${lib.strings.toUpper model} driver"; homepage = "http://www.brother.com/"; license = lib.licenses.unfree; - platforms = [ "x86_64-linux" "i686-linux" ]; - maintainers = [ lib.maintainers.steveej ]; + platforms = ["x86_64-linux" "i686-linux"]; + maintainers = [lib.maintainers.steveej]; }; }; @@ -48,7 +56,7 @@ in rec { inherit version src; name = "${model}cupswrapper-${version}"; - nativeBuildInputs = [ dpkg makeWrapper ]; + nativeBuildInputs = [dpkg makeWrapper]; unpackPhase = "dpkg-deb -x $src $out"; @@ -60,7 +68,7 @@ in rec { --replace "basedir =~" "basedir = \"$basedir\"; #" \ --replace "PRINTER =~" "PRINTER = \"${model}\"; #" wrapProgram $dir/cupswrapper/brother_lpdwrapper_${model} \ - --prefix PATH : ${lib.makeBinPath [ coreutils gnugrep gnused ]} + --prefix PATH : ${lib.makeBinPath [coreutils gnugrep gnused]} mkdir -p $out/lib/cups/filter mkdir -p $out/share/cups/model ln $dir/cupswrapper/brother_lpdwrapper_${model} $out/lib/cups/filter @@ -71,8 +79,8 @@ in rec { description = "Brother ${lib.strings.toUpper model} CUPS wrapper driver"; homepage = "http://www.brother.com/"; license = lib.licenses.gpl2; - platforms = [ "x86_64-linux" "i686-linux" ]; - maintainers = [ lib.maintainers.steveej ]; + platforms = ["x86_64-linux" "i686-linux"]; + maintainers = [lib.maintainers.steveej]; }; }; } diff --git a/nix/pkgs/nozbe/default.nix b/nix/pkgs/nozbe/default.nix index ed2c728..368add8 100644 --- a/nix/pkgs/nozbe/default.nix +++ b/nix/pkgs/nozbe/default.nix @@ -1,61 +1,60 @@ -with import { }; +with import {}; + stdenv.mkDerivation rec { + name = "nozbe"; + version = "3.6.3"; -stdenv.mkDerivation rec { - name = "nozbe"; - version = "3.6.3"; + src = fetchzip { + url = "https://files.nozbe.com/linux/linux64_newest.tar.gz"; + sha256 = "08hag0kv23psqa1pl9kardz90scgk21rsr5xxfg8jvmnxy2nc858"; + stripRoot = false; + }; - src = fetchzip { - url = "https://files.nozbe.com/linux/linux64_newest.tar.gz"; - sha256 = "08hag0kv23psqa1pl9kardz90scgk21rsr5xxfg8jvmnxy2nc858"; - stripRoot = false; - }; + buildInputs = [makeWrapper]; - buildInputs = [ makeWrapper ]; + buildPhase = ":"; - buildPhase = ":"; + libPath = lib.makeLibraryPath [ + alsaLib + atk + cairo + cups + dbus + expat + freetype + fontconfig + gnome3.gconf + gcc.cc + gdk_pixbuf + gtk2-x11 + glib + pango + nss + nspr + systemd.lib + xorg.libX11 + xorg.libXcursor + xorg.libXcomposite + xorg.libXext + xorg.libXfixes + xorg.libXdamage + xorg.libXi + xorg.libXrandr + xorg.libXrender + xorg.libXtst + xorg.libXScrnSaver + ]; + installPhase = '' + pushd Nozbe-${version} + ls -lha - libPath = lib.makeLibraryPath [ - alsaLib - atk - cairo - cups - dbus - expat - freetype - fontconfig - gnome3.gconf - gcc.cc - gdk_pixbuf - gtk2-x11 - glib - pango - nss - nspr - systemd.lib - xorg.libX11 - xorg.libXcursor - xorg.libXcomposite - xorg.libXext - xorg.libXfixes - xorg.libXdamage - xorg.libXi - xorg.libXrandr - xorg.libXrender - xorg.libXtst - xorg.libXScrnSaver - ]; - installPhase = '' - pushd Nozbe-${version} - ls -lha + patchelf --set-interpreter ${stdenv.glibc}/lib/ld-linux-x86-64.so.2 Nozbe - patchelf --set-interpreter ${stdenv.glibc}/lib/ld-linux-x86-64.so.2 Nozbe + mkdir -p $out/bin + cp -a * $out/ - mkdir -p $out/bin - cp -a * $out/ + wrapProgram $out/Nozbe \ + --prefix LD_LIBRARY_PATH : "${libPath}" - wrapProgram $out/Nozbe \ - --prefix LD_LIBRARY_PATH : "${libPath}" - - ln -sf ../Nozbe $out/bin/ - ''; -} + ln -sf ../Nozbe $out/bin/ + ''; + } diff --git a/nix/pkgs/posh.nix b/nix/pkgs/posh.nix index ee49e51..4d993ba 100644 --- a/nix/pkgs/posh.nix +++ b/nix/pkgs/posh.nix @@ -1,7 +1,5 @@ # posh makes use of podman to run an encapsulated shell session -{ pkgs, ... }: - -let +{pkgs, ...}: let cniConfigDir = let loopback = pkgs.writeText "00-loopback.conf" '' { @@ -37,12 +35,13 @@ let ] } ''; - in pkgs.runCommand "cniConfig" { } '' - set -x - mkdir $out; - ln -s ${loopback} $out/${loopback.name} - ln -s ${podman-bridge} $out/${podman-bridge.name} - ''; + in + pkgs.runCommand "cniConfig" {} '' + set -x + mkdir $out; + ln -s ${loopback} $out/${loopback.name} + ln -s ${podman-bridge} $out/${podman-bridge.name} + ''; podmanConfig = pkgs.writeText "libpod.conf" '' # libpod.conf is the default configuration file for all tools using libpod to @@ -125,46 +124,55 @@ let } } ''; +in + { + image, + pull ? "always", + global_args ? "", + run_args ? "", + userns ? "keep-id", + }: + (pkgs.writeScriptBin "posh" '' + #! ${pkgs.bash}/bin/bash + source /etc/profile -in { image, pull ? "always", global_args ? "", run_args ? "", userns ? "keep-id" -}: + test -S "$SSH_AUTH_SOCK" && ssh="-v $SSH_AUTH_SOCK:$SSH_AUTH_SOCK -e SSH_AUTH_SOCK" + tty -s && tty="-t" entrypoint=--entrypoint='["/usr/bin/env","bash","-il"]' || quiet="-q" -(pkgs.writeScriptBin "posh" '' - #! ${pkgs.bash}/bin/bash - source /etc/profile + # define these as variables so we can override them at runtime + POSH_IMAGE=${image} + POSH_PULL=${pull} - test -S "$SSH_AUTH_SOCK" && ssh="-v $SSH_AUTH_SOCK:$SSH_AUTH_SOCK -e SSH_AUTH_SOCK" - tty -s && tty="-t" entrypoint=--entrypoint='["/usr/bin/env","bash","-il"]' || quiet="-q" + if [ "$1" == "-c" ]; then + # We've most likely been spawned by sshd and are interested in $2 whitch contains the command string + shift + # TODO parse the beginning of the command for POSH_* overrides + fi - # define these as variables so we can override them at runtime - POSH_IMAGE=${image} - POSH_PULL=${pull} + test "$@" && cmd=( -c "$@") - if [ "$1" == "-c" ]; then - # We've most likely been spawned by sshd and are interested in $2 whitch contains the command string - shift - # TODO parse the beginning of the command for POSH_* overrides - fi - - test "$@" && cmd=( -c "$@") - - HOME_CONTAINERS_CONFIGDIR="$HOME/.config/containers" - HOME_POLICY_JSON="$HOME_CONTAINERS_CONFIGDIR/policy.json" - test -d $HOME_CONTAINERS_CONFIGIDR || mkdir $HOME_CONTAINERS_CONFIGIDR - ln -sf ${policy-json} $HOME_POLICY_JSON + HOME_CONTAINERS_CONFIGDIR="$HOME/.config/containers" + HOME_POLICY_JSON="$HOME_CONTAINERS_CONFIGDIR/policy.json" + test -d $HOME_CONTAINERS_CONFIGIDR || mkdir $HOME_CONTAINERS_CONFIGIDR + ln -sf ${policy-json} $HOME_POLICY_JSON - set -x - exec ${pkgs.podman}/bin/podman \ - --cgroup-manager=cgroupfs \ - ${global_args} \ - run \ - --annotation=io.crun.keep_original_groups=1 \ - --config ${podmanConfig} \ - --conmon ${pkgs.conmon}/bin/conmon --runtime ${pkgs.crun}/bin/crun \ - --rm -i --network host --pull=''${POSH_PULL} \ - $tty $ssh -e HOME -v $HOME:$HOME -w $HOME \ - ${if userns != null then "--userns=" + userns else ""} \ - ${run_args} \ - ''${POSH_IMAGE} /usr/bin/env bash -l "''${cmd[@]}" -'').overrideAttrs (attrs: attrs // { passthru = { shellPath = "/bin/posh"; }; }) + set -x + exec ${pkgs.podman}/bin/podman \ + --cgroup-manager=cgroupfs \ + ${global_args} \ + run \ + --annotation=io.crun.keep_original_groups=1 \ + --config ${podmanConfig} \ + --conmon ${pkgs.conmon}/bin/conmon --runtime ${pkgs.crun}/bin/crun \ + --rm -i --network host --pull=''${POSH_PULL} \ + $tty $ssh -e HOME -v $HOME:$HOME -w $HOME \ + ${ + if userns != null + then "--userns=" + userns + else "" + } \ + ${run_args} \ + ''${POSH_IMAGE} /usr/bin/env bash -l "''${cmd[@]}" + '') + .overrideAttrs (attrs: attrs // {passthru = {shellPath = "/bin/posh";};}) diff --git a/nix/pkgs/slirp4netns.nix b/nix/pkgs/slirp4netns.nix index 2eaf77a..ffcc730 100644 --- a/nix/pkgs/slirp4netns.nix +++ b/nix/pkgs/slirp4netns.nix @@ -1,5 +1,12 @@ -{ stdenv, fetchFromGitHub, autoconf, automake, libtool, gnumake, gcc }: - +{ + stdenv, + fetchFromGitHub, + autoconf, + automake, + libtool, + gnumake, + gcc, +}: stdenv.mkDerivation rec { name = "slirp4netns-${version}"; version = "v0.2.1"; @@ -11,7 +18,7 @@ stdenv.mkDerivation rec { sha256 = "0kqncza4kgqkqiki569j7ym9pvp7879i6q2z0djvda9y0i6b80w4"; }; - buildInputs = [ autoconf automake libtool gnumake gcc ]; + buildInputs = [autoconf automake libtool gnumake gcc]; configurePhase = '' ./autogen.sh @@ -30,7 +37,7 @@ stdenv.mkDerivation rec { description = "User-mode networking for unprivileged network namespaces"; homepage = "https://github.com/rootless-containers/slirp4netns"; license = null; - maintainers = [ maintainers.steveej ]; + maintainers = [maintainers.steveej]; platforms = platforms.all; }; } diff --git a/nix/pkgs/staruml.nix b/nix/pkgs/staruml.nix index 62087a9..a0e9d90 100644 --- a/nix/pkgs/staruml.nix +++ b/nix/pkgs/staruml.nix @@ -1,7 +1,21 @@ -{ stdenv, fetchurl, makeWrapper, dpkg, patchelf, gtk2, glib, gdk_pixbuf, alsaLib -, nss, nspr, GConf, cups, libgcrypt, dbus, systemd }: - -let +{ + stdenv, + fetchurl, + makeWrapper, + dpkg, + patchelf, + gtk2, + glib, + gdk_pixbuf, + alsaLib, + nss, + nspr, + GConf, + cups, + libgcrypt, + dbus, + systemd, +}: let inherit (stdenv) lib; LD_LIBRARY_PATH = lib.makeLibraryPath [ glib @@ -15,54 +29,56 @@ let libgcrypt dbus ]; -in stdenv.mkDerivation rec { - version = "2.8.1"; - name = "staruml-${version}"; +in + stdenv.mkDerivation rec { + version = "2.8.1"; + name = "staruml-${version}"; - src = if stdenv.system == "i686-linux" then - fetchurl { - url = - "http://staruml.io/download/release/v${version}/StarUML-v${version}-32-bit.deb"; - sha256 = "0vb3k9m3l6pmsid4shlk0xdjsriq3gxzm8q7l04didsppg0vvq1n"; - } - else - fetchurl { - url = - "https://s3.amazonaws.com/staruml-bucket/releases-v2/StarUML-v${version}-64-bit.deb"; - sha256 = "05gzrnlssjkhyh0wv019d4r7p40lxnsa1sghazll6f233yrqmxb0"; + src = + if stdenv.system == "i686-linux" + then + fetchurl + { + url = "http://staruml.io/download/release/v${version}/StarUML-v${version}-32-bit.deb"; + sha256 = "0vb3k9m3l6pmsid4shlk0xdjsriq3gxzm8q7l04didsppg0vvq1n"; + } + else + fetchurl { + url = "https://s3.amazonaws.com/staruml-bucket/releases-v2/StarUML-v${version}-64-bit.deb"; + sha256 = "05gzrnlssjkhyh0wv019d4r7p40lxnsa1sghazll6f233yrqmxb0"; + }; + + buildInputs = [dpkg]; + + nativeBuildInputs = [makeWrapper]; + + unpackPhase = '' + mkdir pkg + dpkg-deb -x $src pkg + sourceRoot=pkg + ''; + + installPhase = '' + mkdir $out + mv opt/staruml $out/bin + + mkdir -p $out/lib + ln -s ${stdenv.cc.cc.lib}/lib/libstdc++.so.6 $out/lib/ + ln -s ${systemd.lib}/lib/libudev.so.1 $out/lib/libudev.so.0 + + for binary in StarUML Brackets-node; do + ${patchelf}/bin/patchelf \ + --interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)" \ + $out/bin/$binary + wrapProgram $out/bin/$binary \ + --prefix LD_LIBRARY_PATH : $out/lib:${LD_LIBRARY_PATH} + done + ''; + + meta = with stdenv.lib; { + description = "A sophisticated software modeler"; + homepage = "http://staruml.io/"; + license = licenses.unfree; + platforms = ["i686-linux" "x86_64-linux"]; }; - - buildInputs = [ dpkg ]; - - nativeBuildInputs = [ makeWrapper ]; - - unpackPhase = '' - mkdir pkg - dpkg-deb -x $src pkg - sourceRoot=pkg - ''; - - installPhase = '' - mkdir $out - mv opt/staruml $out/bin - - mkdir -p $out/lib - ln -s ${stdenv.cc.cc.lib}/lib/libstdc++.so.6 $out/lib/ - ln -s ${systemd.lib}/lib/libudev.so.1 $out/lib/libudev.so.0 - - for binary in StarUML Brackets-node; do - ${patchelf}/bin/patchelf \ - --interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)" \ - $out/bin/$binary - wrapProgram $out/bin/$binary \ - --prefix LD_LIBRARY_PATH : $out/lib:${LD_LIBRARY_PATH} - done - ''; - - meta = with stdenv.lib; { - description = "A sophisticated software modeler"; - homepage = "http://staruml.io/"; - license = licenses.unfree; - platforms = [ "i686-linux" "x86_64-linux" ]; - }; -} + } diff --git a/nix/sources.nix b/nix/sources.nix index 8df8308..bc16516 100644 --- a/nix/sources.nix +++ b/nix/sources.nix @@ -1,15 +1,15 @@ # This file has been generated by Niv. - let - # # The fetchers. fetch_ fetches specs of type . # - - fetch_file = pkgs: name: spec: - let name' = sanitizeName name + "-src"; - in if spec.builtin or true then - builtins_fetchurl { + fetch_file = pkgs: name: spec: let + name' = sanitizeName name + "-src"; + in + if spec.builtin or true + then + builtins_fetchurl + { inherit (spec) url sha256; name = name'; } @@ -19,10 +19,13 @@ let name = name'; }; - fetch_tarball = pkgs: name: spec: - let name' = sanitizeName name + "-src"; - in if spec.builtin or true then - builtins_fetchTarball { + fetch_tarball = pkgs: name: spec: let + name' = sanitizeName name + "-src"; + in + if spec.builtin or true + then + builtins_fetchTarball + { name = name'; inherit (spec) url sha256; } @@ -32,36 +35,46 @@ let inherit (spec) url sha256; }; - fetch_git = name: spec: - let - ref = if spec ? ref then - spec.ref - else if spec ? branch then - "refs/heads/${spec.branch}" - else if spec ? tag then - "refs/tags/${spec.tag}" + fetch_git = name: spec: let + ref = + if spec ? ref + then spec.ref + else if spec ? branch + then "refs/heads/${spec.branch}" + else if spec ? tag + then "refs/tags/${spec.tag}" else abort "In git source '${name}': Please specify `ref`, `tag` or `branch`!"; - submodules = if spec ? submodules then spec.submodules else false; - submoduleArg = let - nixSupportsSubmodules = - builtins.compareVersions builtins.nixVersion "2.4" >= 0; - emptyArgWithWarning = if submodules == true then - builtins.trace (''The niv input "${name}" uses submodules '' + submodules = + if spec ? submodules + then spec.submodules + else false; + submoduleArg = let + nixSupportsSubmodules = + builtins.compareVersions builtins.nixVersion "2.4" >= 0; + emptyArgWithWarning = + if submodules == true + then + builtins.trace + (''The niv input "${name}" uses submodules '' + "but your nix's (${builtins.nixVersion}) builtins.fetchGit " - + "does not support them") { } - else - { }; - in if nixSupportsSubmodules then { + + "does not support them") + {} + else {}; + in + if nixSupportsSubmodules + then { inherit submodules; - } else - emptyArgWithWarning; - in builtins.fetchGit ({ - url = spec.repo; - inherit (spec) rev; - inherit ref; - } // submoduleArg); + } + else emptyArgWithWarning; + in + builtins.fetchGit ({ + url = spec.repo; + inherit (spec) rev; + inherit ref; + } + // submoduleArg); fetch_local = spec: spec.path; @@ -80,24 +93,28 @@ let # # https://github.com/NixOS/nixpkgs/pull/83241/files#diff-c6f540a4f3bfa4b0e8b6bafd4cd54e8bR695 - sanitizeName = name: - (concatMapStrings (s: if builtins.isList s then "-" else s) - (builtins.split "[^[:alnum:]+._?=-]+" - ((x: builtins.elemAt (builtins.match "\\.*(.*)" x) 0) name))); + sanitizeName = name: (concatMapStrings (s: + if builtins.isList s + then "-" + else s) + (builtins.split "[^[:alnum:]+._?=-]+" + ((x: builtins.elemAt (builtins.match "\\.*(.*)" x) 0) name))); # The set of packages used when specs are fetched using non-builtins. - mkPkgs = sources: system: - let - sourcesNixpkgs = import - (builtins_fetchTarball { inherit (sources.nixpkgs) url sha256; }) { - inherit system; - }; - hasNixpkgsPath = builtins.any (x: x.prefix == "nixpkgs") builtins.nixPath; - hasThisAsNixpkgsPath = == ./.; - in if builtins.hasAttr "nixpkgs" sources then - sourcesNixpkgs - else if hasNixpkgsPath && !hasThisAsNixpkgsPath then - import { } + mkPkgs = sources: system: let + sourcesNixpkgs = + import + (builtins_fetchTarball {inherit (sources.nixpkgs) url sha256;}) + { + inherit system; + }; + hasNixpkgsPath = builtins.any (x: x.prefix == "nixpkgs") builtins.nixPath; + hasThisAsNixpkgsPath = == ./.; + in + if builtins.hasAttr "nixpkgs" sources + then sourcesNixpkgs + else if hasNixpkgsPath && !hasThisAsNixpkgsPath + then import {} else abort '' Please specify either (through -I or NIX_PATH=nixpkgs=...) or @@ -106,58 +123,64 @@ let # The actual fetching function. fetch = pkgs: name: spec: - - if !builtins.hasAttr "type" spec then - abort "ERROR: niv spec ${name} does not have a 'type' attribute" - else if spec.type == "file" then - fetch_file pkgs name spec - else if spec.type == "tarball" then - fetch_tarball pkgs name spec - else if spec.type == "git" then - fetch_git name spec - else if spec.type == "local" then - fetch_local spec - else if spec.type == "builtin-tarball" then - fetch_builtin-tarball name - else if spec.type == "builtin-url" then - fetch_builtin-url name + if !builtins.hasAttr "type" spec + then abort "ERROR: niv spec ${name} does not have a 'type' attribute" + else if spec.type == "file" + then fetch_file pkgs name spec + else if spec.type == "tarball" + then fetch_tarball pkgs name spec + else if spec.type == "git" + then fetch_git name spec + else if spec.type == "local" + then fetch_local spec + else if spec.type == "builtin-tarball" + then fetch_builtin-tarball name + else if spec.type == "builtin-url" + then fetch_builtin-url name else abort "ERROR: niv spec ${name} has unknown type ${builtins.toJSON spec.type}"; # If the environment variable NIV_OVERRIDE_${name} is set, then use # the path directly as opposed to the fetched source. - replace = name: drv: - let - saneName = stringAsChars - (c: if isNull (builtins.match "[a-zA-Z0-9]" c) then "_" else c) name; - ersatz = builtins.getEnv "NIV_OVERRIDE_${saneName}"; - in if ersatz == "" then - drv + replace = name: drv: let + saneName = + stringAsChars + (c: + if isNull (builtins.match "[a-zA-Z0-9]" c) + then "_" + else c) + name; + ersatz = builtins.getEnv "NIV_OVERRIDE_${saneName}"; + in + if ersatz == "" + then drv else - # this turns the string into an actual Nix path (for both absolute and - # relative paths) - if builtins.substring 0 1 ersatz == "/" then - /. + ersatz - else - /. + builtins.getEnv "PWD" + "/${ersatz}"; + # this turns the string into an actual Nix path (for both absolute and + # relative paths) + if builtins.substring 0 1 ersatz == "/" + then /. + ersatz + else /. + builtins.getEnv "PWD" + "/${ersatz}"; # Ports of functions for older nix versions # a Nix version of mapAttrs if the built-in doesn't exist - mapAttrs = builtins.mapAttrs or (f: set: - with builtins; - listToAttrs (map (attr: { - name = attr; - value = f attr set.${attr}; - }) (attrNames set))); + mapAttrs = + builtins.mapAttrs + or (f: set: + with builtins; + listToAttrs (map + (attr: { + name = attr; + value = f attr set.${attr}; + }) + (attrNames set))); # https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/lists.nix#L295 range = first: last: - if first > last then - [ ] - else - builtins.genList (n: first + n) (last - first + 1); + if first > last + then [] + else builtins.genList (n: first + n) (last - first + 1); # https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/strings.nix#L257 stringToCharacters = s: @@ -169,51 +192,71 @@ let concatStrings = builtins.concatStringsSep ""; # https://github.com/NixOS/nixpkgs/blob/8a9f58a375c401b96da862d969f66429def1d118/lib/attrsets.nix#L331 - optionalAttrs = cond: as: if cond then as else { }; + optionalAttrs = cond: as: + if cond + then as + else {}; # fetchTarball version that is compatible between all the versions of Nix - builtins_fetchTarball = { url, name ? null, sha256 }@attrs: - let inherit (builtins) lessThan nixVersion fetchTarball; - in if lessThan nixVersion "1.12" then + builtins_fetchTarball = { + url, + name ? null, + sha256, + } @ attrs: let + inherit (builtins) lessThan nixVersion fetchTarball; + in + if lessThan nixVersion "1.12" + then fetchTarball - ({ inherit url; } // (optionalAttrs (!isNull name) { inherit name; })) - else - fetchTarball attrs; + ({inherit url;} // (optionalAttrs (!isNull name) {inherit name;})) + else fetchTarball attrs; # fetchurl version that is compatible between all the versions of Nix - builtins_fetchurl = { url, name ? null, sha256 }@attrs: - let inherit (builtins) lessThan nixVersion fetchurl; - in if lessThan nixVersion "1.12" then + builtins_fetchurl = { + url, + name ? null, + sha256, + } @ attrs: let + inherit (builtins) lessThan nixVersion fetchurl; + in + if lessThan nixVersion "1.12" + then fetchurl - ({ inherit url; } // (optionalAttrs (!isNull name) { inherit name; })) - else - fetchurl attrs; + ({inherit url;} // (optionalAttrs (!isNull name) {inherit name;})) + else fetchurl attrs; # Create the final "sources" from the config mkSources = config: - mapAttrs (name: spec: - if builtins.hasAttr "outPath" spec then + mapAttrs + (name: spec: + if builtins.hasAttr "outPath" spec + then abort "The values in sources.json should not have an 'outPath' attribute" - else - spec // { outPath = replace name (fetch config.pkgs name spec); }) + else spec // {outPath = replace name (fetch config.pkgs name spec);}) config.sources; # The "config" used by the fetchers - mkConfig = { sourcesFile ? - if builtins.pathExists ./sources.json then ./sources.json else null - , sources ? if isNull sourcesFile then - { } - else - builtins.fromJSON (builtins.readFile sourcesFile) - , system ? builtins.currentSystem, pkgs ? mkPkgs sources system }: rec { - # The sources, i.e. the attribute set of spec name to spec - inherit sources; + mkConfig = { + sourcesFile ? + if builtins.pathExists ./sources.json + then ./sources.json + else null, + sources ? + if isNull sourcesFile + then {} + else builtins.fromJSON (builtins.readFile sourcesFile), + system ? builtins.currentSystem, + pkgs ? mkPkgs sources system, + }: rec { + # The sources, i.e. the attribute set of spec name to spec + inherit sources; - # The "pkgs" (evaluated nixpkgs) to use for e.g. non-builtin fetchers - inherit pkgs; - }; - -in mkSources (mkConfig { }) // { - __functor = _: settings: mkSources (mkConfig settings); -} + # The "pkgs" (evaluated nixpkgs) to use for e.g. non-builtin fetchers + inherit pkgs; + }; +in + mkSources (mkConfig {}) + // { + __functor = _: settings: mkSources (mkConfig settings); + } diff --git a/nix/tests/buildvmwithbootloader/build-vm.nix b/nix/tests/buildvmwithbootloader/build-vm.nix index 6010c82..be819b6 100644 --- a/nix/tests/buildvmwithbootloader/build-vm.nix +++ b/nix/tests/buildvmwithbootloader/build-vm.nix @@ -1,15 +1,22 @@ -{ system ? builtins.currentSystem, vmPkgsPath, buildPkgsPath, nixosConfigPath }: +{ + system ? builtins.currentSystem, + vmPkgsPath, + buildPkgsPath, + nixosConfigPath, +}: let + buildPkgs = import buildPkgsPath {}; + vmPkgs' = import vmPkgsPath {}; + vmPkgs = + vmPkgs' + // { + runtimeShell = "${vmPkgs'.bash}/${vmPkgs'.bash.shellPath}"; + }; -let - buildPkgs = import buildPkgsPath { }; - vmPkgs' = import vmPkgsPath { }; - vmPkgs = vmPkgs' // { - runtimeShell = "${vmPkgs'.bash}/${vmPkgs'.bash.shellPath}"; - }; - - importWithPkgs = { path, pkgs }: - args: - import path (args // { inherit pkgs; }); + importWithPkgs = { + path, + pkgs, + }: args: + import path (args // {inherit pkgs;}); nixosConfig = importWithPkgs { path = "${nixosConfigPath}"; @@ -24,12 +31,13 @@ let pkgs = null; }; - vmWithBootLoaderConfigMixed = (evalConfig { - modules = [ - nixosConfig - vmConfig - { virtualisation.useBootLoader = true; } - - ]; - }).config; -in { vmWithBootLoaderMixed = vmWithBootLoaderConfigMixed.system.build.vm; } + vmWithBootLoaderConfigMixed = + (evalConfig { + modules = [ + nixosConfig + vmConfig + {virtualisation.useBootLoader = true;} + ]; + }) + .config; +in {vmWithBootLoaderMixed = vmWithBootLoaderConfigMixed.system.build.vm;} diff --git a/nix/tests/buildvmwithbootloader/configuration.nix b/nix/tests/buildvmwithbootloader/configuration.nix index 893c9d4..92072fe 100644 --- a/nix/tests/buildvmwithbootloader/configuration.nix +++ b/nix/tests/buildvmwithbootloader/configuration.nix @@ -1,6 +1,8 @@ -{ pkgs, lib, ... }: -let - +{ + pkgs, + lib, + ... +}: let in { boot.loader.grub = { enable = true; @@ -12,20 +14,21 @@ in { boot.loader.efi.canTouchEfiVariables = true; boot.loader.systemd-boot.enable = true; - boot.initrd.luks.devices = [{ - name = "crypt"; - device = "/dev/disk/uuid/463d886d-7dfe-421b-8cef-f9af3a3fa09d"; - preLVM = true; - allowDiscards = true; - }]; - fileSystems."/" = { label = "root"; }; + boot.initrd.luks.devices = [ + { + name = "crypt"; + device = "/dev/disk/uuid/463d886d-7dfe-421b-8cef-f9af3a3fa09d"; + preLVM = true; + allowDiscards = true; + } + ]; + fileSystems."/" = {label = "root";}; - fileSystems."/boot" = { label = "boot"; }; + fileSystems."/boot" = {label = "boot";}; boot.tmpOnTmpfs = true; - boot.initrd.availableKernelModules = - [ "xhci_pci" "ahci" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ]; + boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "usb_storage" "sd_mod" "rtsx_pci_sdmmc"]; users.extraUsers.root.initialPassword = lib.mkForce "toorroot"; users.mutableUsers = false; diff --git a/nix/tests/test-vm.nix b/nix/tests/test-vm.nix index a48b94f..55053e2 100644 --- a/nix/tests/test-vm.nix +++ b/nix/tests/test-vm.nix @@ -1,4 +1,10 @@ -{ lib, config, pkgs, fetchgit, ... }: { +{ + lib, + config, + pkgs, + fetchgit, + ... +}: { boot.consoleLogLevel = 6; users.users.root.initialPassword = "root"; systemd.services."serial-getty@ttyS0".enable = true; diff --git a/nix/variables/passwords.crypt.nix b/nix/variables/passwords.crypt.nix index 6af41af565c43d0176bab793d34add1ea9e396d6..24c3d5eda177d7ad307fc58aed6f11ea93aeb033 100644 GIT binary patch literal 2234 zcmZQ@_Y83kiVO&0$PEiKkDA#Yc3wC8ZbJjV?;E+N2KnKUB|%>r&a8sGVpCUV5 zq?J$0l|-9zZA#iG@8Ewf<--Eatgll}L_E84C{kuy|AsQpod5NFx2BvD%<{9dJk?;R zH1l~5du-wEze^I#=8C#I&jGMxACJhACR%TH#<`4?v2%P_mr_b+&D8b`2Ux~t?d#>^k<O+G^8*gPF zb>7DJc<=oq`pNMR9&WG;J;k3AqqsrMMA7HhHJj5Ow^hv+t;&p;aprr_h9mpqPrTiI zb}hRS|AxLJydh_ovHv@*E2ZU-x$3F+m&vW4_THQ)+Nhmd%D4Sg+Pt~C9_}+QtloO# zli|x{r3|N%Iz+UhKCf*^QcO6u=YTE)pW4f`XlKbv>szz3+dfOM^n@SISRcZ?D)CeD z-Jdp_e5M#=ob}YmTEA%5yUFjf?)~``RT1+oL!@~AE0q#$-iShP%R4d?CO)3L`H$|@ zcHMPX!{6oGP7V*2%f5S0VVCLb=0ug%Zx}SzY-%pZUZ-}wzvbyy(`U<=r#4ib=f8fS zSnAHLybR78j|1xF37?Ht)x5sxYkXBj-`_+Vk7&gj|H~779?gs1CoA9h)LQfW|CBX{ ziz_|F{BD+>Sk3FtBJfeCOs4a$S##N}jS>}YAI*i>Z)|l9A6l5I^fCECw3E$e$t<2!MEe%$3KN>UGr_GITh_XA8}(Lm-ip3 zq(?ueUeT)vymh|%e9z)3SFd<8ZCem;*e&#k|M@XAr6 zW6PRDN+v8jvGr5#H_!RL`6vD;>Wp+CwD7mb!;^yv31K+ot z7MV)wzV`oY78uMA6hCdWNI&*8>o)PQxm-^-x;&V_e(SI1?UfIb=5#54SoDkS5%=2# z7b@mxH$Kyf+p+wShy(w|7e5!X%K8@_as1w*Ja0pGYoW71l-Bz$f%h9Ga2}QGOnR&Gy zjJBy~xyE_#FP2&FURYO`?6J(Gvd^ve!}mA~?ul*c43^=kXEoh;CkWIpWO@24GRx!H zpUaFQYx-X>7lnOm`2Ip6_VoYTwc@&Jlg>(Ixu1XAea$xHpZ9|A+1Iu1`6hM;Ef8%h zX5!I5`1bp$){?|k0zV$?;9gaBZJ(^x3r>Yg30aTKek?ONwa2Hm+xijbEB4F@T!Mn8 zAIhdmI)vJ-FO|~X=J2S#TKCeCr(Y!Bd~*5HR3NU|cJ@+1=4n&aW7ZZnmceA`v!HM}hhjH;6!yM|x5#APae zlI7h?i9qFIadnnB37MB??j1_ft=c1!EgiEhsN}ZHvWfm1=dFITrhDG?bAS2nten+Y zI(Okk*V}72-aQvAkZ67H(k#vOXra#Eh?+TXvidr*U0C-m)_HYIU0m$SsnfFcHd<<* z*>v23svA^}zPL0aOQ2DKb-8R#_w03v1$PuhIA-!IEq<~^b;6FEg!WHQ)so#5d?PL@ z=dW5;eCUAq{g=)2F7?jeY9F+pZ+5GC_0+!~fBWbCxy&gdzQRHGpODM(^RFCMr#!m5 z*u>_B*1td7c~*J$UXmA=^N7s-u<6ykJ))vZ&OMuN{zfQf{A;0V66eA=hY z=C0Eng5R%SAzm$Lwz#v*E-dhWYsJK5*JD;Df9k+m5bW6X}(PPbE7uJ8%aAJZ>jAKx^8-E zb!@@1j&3=o*xxam{Hz@0s{dbGJO8KZ>8t;XZ*z4MDY5p7}erU(VyU&=97Ny*B z{}DcS_y3ow>%P{#`8)NKtLgidx~fbI`mVBcv!>T5*z8|-ar(xy57?@8FKr3Znz;Y) zwfqxzT!N&HFEJjUI;CBk`_9QD!u34KNq0E26eUwXET~M>=>9wBXP7MKojOyg`3o-? z7+bZiaQIj)-dFlYHtY!R2Wv(~*h~?3TY@qxC=AUBdkg09A-!Qvd(} literal 2266 zcmZQ@_Y83kiVO&0cqHT6(mVP4Es-wI zyPQJy8Qrm*#+9@-?Chl?SMi+X`vl4ZPBhfNy)`j4YnJ=Gt=@~LPb;w9*_z=X+VyE$ zuaHZjNA2+h<{qZL_o@MQ4+32J)iZ1@(4K zoyNY(Ugr5leL0M%z5m$8^t4-^BYdq-kEUX9g7ago9f2uN!qz%heLL7F z8Tn!D_U?_p5A|>Gn##QYQ2wM-doN@>Xw-T0GAl9iyNv(JgcAxIH$}G|S|kwU`~G%2 z*M`XBF9Y{j?pecQkea`$Lq4&kZEkeUVIRdvi5;y>b9N=oiueLQg zp0Mti)T^JZH@?|Ff5z=6kYoJo=F_SpXC~g>&a_Y|H`M5~oa5D|zXfgO z6$-q4`Y-++{-N6$5v9~qU9cs2a>~{JM~wPb*@lSas2tX2&WRIyCa1kFh5r(xXVqWU zLQnPN8JQNGf-mmw|Ekt}mg_kG?Pr436BXL!0((*y1fCF_^ue{{H(Hj;(&V zxbq;-QEn6FpzyKsW=8o#{C)htKIzn1PAuON**b-`?5>ESjQ)?YWv+e;dapBV=PihS)JnDi#}E7 zOr6oOcPaZJ<4H{W#O6NSshRk-JY##iMaI??$N4tCXUj9ThsCXwc_uHAmn7q`<$j{t zGI%~{!M{#1moEILII~IH zYt1#o)y%3nkslYEzIndln25-620`sJT2sCW>b}{f(ZqU>xmYtyc+T;iM{HDIEPlgX zcw+g5+)BZ-bLzBruxk7cdbxS>9=r98{rdfho$Q7)@PKSNc>mt(3E3wq=?pFyq(dmX*Bezi-xhEDYTAMpbX-u10@1$1T}5 zVLhwPW;!W7tb6d^=!&#L$-GzRHmZk;i3&}ez3{Wd2a|#_<8u>NxSZEGX7ks}TiTH) z{~^Cw{G?Z6J6fC+oEujOXLwEW-z?$~mMwDc`C^gisRn!hs;^30}$8Bez1D z=T-|ZWn9rFw?6lotkM*>5GR>w987{ui>IDkuwrU_mcqR&X=gJg9gM13RO=_%Jk z7JuN(NiMvPUyr{dkJ` zf*Vi0{krp56Bq?peNfRcu3jrn|2*L#fm$FOIHb#`2Hd>Htq2 BR)+up diff --git a/nix/variables/versions.nix b/nix/variables/versions.nix index f5d8a52..dfd0677 100644 --- a/nix/variables/versions.nix +++ b/nix/variables/versions.nix @@ -2,30 +2,25 @@ let nixpkgs = { url = "https://github.com/NixOS/nixpkgs/"; ref = "nixos-22.11"; - rev = '' - dac57a4eccf1442e8bf4030df6fcbb55883cb682''; + rev = "dac57a4eccf1442e8bf4030df6fcbb55883cb682"; }; - in { inherit nixpkgs; - nixos = nixpkgs // { suffix = "/nixos"; }; + nixos = nixpkgs // {suffix = "/nixos";}; "channels-nixos-stable" = nixpkgs; "channels-nixos-unstable" = { url = "https://github.com/NixOS/nixpkgs/"; ref = "nixos-unstable"; - rev = '' - 1eb875e811dd59e21e77f6337f2c1592889b48b3''; + rev = "1eb875e811dd59e21e77f6337f2c1592889b48b3"; }; "nixpkgs-master" = { url = "https://github.com/NixOS/nixpkgs/"; ref = "master"; - rev = '' - 590321a5defbbabe96f8def70013d5b45406dee4''; + rev = "590321a5defbbabe96f8def70013d5b45406dee4"; }; "home-manager-module" = { url = "https://github.com/nix-community/home-manager"; ref = "release-22.11"; - rev = '' - 89a8ba0b5b43b3350ff2e3ef37b66736b2ef8706''; + rev = "89a8ba0b5b43b3350ff2e3ef37b66736b2ef8706"; }; } diff --git a/nix/variables/versions.tmpl.nix b/nix/variables/versions.tmpl.nix index 31a95a0..e0734f1 100644 --- a/nix/variables/versions.tmpl.nix +++ b/nix/variables/versions.tmpl.nix @@ -6,10 +6,9 @@ let <% git ls-remote https://github.com/nixos/nixpkgs nixos-22.11 | awk '{ print $1 }' | tr -d ' ' -%>''; }; - in { inherit nixpkgs; - nixos = nixpkgs // { suffix = "/nixos"; }; + nixos = nixpkgs // {suffix = "/nixos";}; "channels-nixos-stable" = nixpkgs; "channels-nixos-unstable" = { url = "https://github.com/NixOS/nixpkgs/"; diff --git a/shell.nix b/shell.nix index e049b4f..a177e6e 100644 --- a/shell.nix +++ b/shell.nix @@ -1,59 +1,59 @@ -{ ... }: - -let +{...}: let pkgsPath = (import ./nix/sources.nix).nixpkgs; pkgs = - import pkgsPath { overlays = builtins.attrValues (import ./nix/overlays); }; + import pkgsPath {overlays = builtins.attrValues (import ./nix/overlays);}; +in + pkgs.stdenv.mkDerivation { + name = "infra-env"; + buildInputs = + [ + (with import (pkgsPath + "/nixos") {configuration = {};}; + with config.system.build; [ + nixos-generate-config + nixos-install + nixos-enter + manual.manpages + ]) + ] + ++ (with pkgs; [ + just + git-crypt + vcsh + gnupg + git + nixUnstable + niv + nixos-install-tools + apacheHttpd -in pkgs.stdenv.mkDerivation { - name = "infra-env"; - buildInputs = [ - (with import (pkgsPath + "/nixos") { configuration = { }; }; - with config.system.build; [ - nixos-generate-config - nixos-install - nixos-enter - manual.manpages - ]) - ] ++ (with pkgs; [ - just - git-crypt - vcsh - gnupg - git - nixUnstable - niv - nixos-install-tools - apacheHttpd + vncdo + tesseract + imagemagick - vncdo - tesseract - imagemagick + esh - esh + xorg.xwininfo + nmap + sysstat + lshw + xxHash + linssid + wavemon + wirelesstools + lm_sensors - xorg.xwininfo - nmap - sysstat - lshw - xxHash - linssid - wavemon - wirelesstools - lm_sensors + zathura - zathura + ripgrep + neovim + glxinfo + nixfmt - ripgrep - neovim - glxinfo - nixfmt + ntfy - ntfy + playerctl + ]); - playerctl - ]); - - # Set Environment Variables - RUST_BACKTRACE = 1; -} + # Set Environment Variables + RUST_BACKTRACE = 1; + }