format all code

This commit is contained in:
Charlotte 🦝 Delenk 2024-11-09 15:02:26 +01:00
parent c524dcaa0f
commit 0fe2e334bb
86 changed files with 787 additions and 603 deletions

View file

@ -1,4 +1,5 @@
{nixos-config, ...}: { { nixos-config, ... }:
{
imports = [ imports = [
"${nixos-config}/modules" "${nixos-config}/modules"
"${nixos-config}/services/tailscale.nix" "${nixos-config}/services/tailscale.nix"

View file

@ -1,4 +1,5 @@
{...}: { { ... }:
{
documentation.nixos.includeAllModules = true; documentation.nixos.includeAllModules = true;
documentation.nixos.options.warningsAreErrors = false; documentation.nixos.options.warningsAreErrors = false;
home-manager.users.darkkirb.manual = { home-manager.users.darkkirb.manual = {

View file

@ -1,4 +1,5 @@
{config, ...}: { { config, ... }:
{
time.timeZone = "Etc/GMT-1"; time.timeZone = "Etc/GMT-1";
isGraphical = true; isGraphical = true;
imports = [ imports = [

View file

@ -1,6 +1,7 @@
# Unlike other modules in this directory, this one is not enabled by default # Unlike other modules in this directory, this one is not enabled by default
# The default graphical configuration would enable this, the verbose configuration would not. # The default graphical configuration would enable this, the verbose configuration would not.
{config, ...}: { { config, ... }:
{
boot = { boot = {
plymouth.enable = true; plymouth.enable = true;
consoleLogLevel = 0; consoleLogLevel = 0;

View file

@ -1,4 +1,5 @@
{config, ...}: { { config, ... }:
{
console.keyMap = "neo"; console.keyMap = "neo";
i18n.extraLocaleSettings = { i18n.extraLocaleSettings = {
LC_ADDRESS = "de_DE.UTF-8"; LC_ADDRESS = "de_DE.UTF-8";

View file

@ -1,4 +1,5 @@
{...}: { { ... }:
{
services.xserver.enable = true; services.xserver.enable = true;
services.displayManager.sddm.enable = true; services.displayManager.sddm.enable = true;
services.desktopManager.plasma6.enable = true; services.desktopManager.plasma6.enable = true;

View file

@ -1,4 +1,5 @@
{plasma-manager, ...}: { { plasma-manager, ... }:
{
programs.plasma.enable = true; programs.plasma.enable = true;
programs.plasma.configFile.baloofilerc."Basic Settings"."Indexing-Enabled" = false; programs.plasma.configFile.baloofilerc."Basic Settings"."Indexing-Enabled" = false;
imports = [ imports = [

View file

@ -1,4 +1,5 @@
{...}: { { ... }:
{
services.libinput.enable = true; services.libinput.enable = true;
services.xserver.xkb = { services.xserver.xkb = {
layout = "de"; layout = "de";

View file

@ -1,4 +1,5 @@
{...}: { { ... }:
{
programs.plasma = { programs.plasma = {
workspace.lookAndFeel = "org.kde.breezedark.desktop"; workspace.lookAndFeel = "org.kde.breezedark.desktop";
hotkeys.commands."launch-konsole" = { hotkeys.commands."launch-konsole" = {

View file

@ -1,4 +1,5 @@
{...}: { { ... }:
{
networking.networkmanager.enable = true; networking.networkmanager.enable = true;
users.users.darkkirb.extraGroups = [ "networkmanager" ]; users.users.darkkirb.extraGroups = [ "networkmanager" ];
environment.persistence."/persistent".directories = [ environment.persistence."/persistent".directories = [

View file

@ -1,6 +1,8 @@
{system, ...}: let { system, ... }:
let
isx86 = system == "x86_64-linux"; isx86 = system == "x86_64-linux";
in { in
{
boot.loader.systemd-boot = { boot.loader.systemd-boot = {
enable = true; enable = true;
memtest86.enable = isx86; memtest86.enable = isx86;

View file

@ -1,4 +1,5 @@
{system, ...}: { { system, ... }:
{
inherit system; inherit system;
config = import ./default.nix; config = import ./default.nix;
autoStart = true; autoStart = true;

View file

@ -1,4 +1,5 @@
{nixos-config, ...}: { { nixos-config, ... }:
{
imports = [ imports = [
nixos-config.nixosModules.containers nixos-config.nixosModules.containers
]; ];

View file

@ -1,14 +1,11 @@
( (import (
import
(
let let
lock = builtins.fromJSON (builtins.readFile ./flake.lock); lock = builtins.fromJSON (builtins.readFile ./flake.lock);
in in
fetchTarball { fetchTarball {
url = lock.nodes.flake-compat.locked.url or "https://github.com/edolstra/flake-compat/archive/${lock.nodes.flake-compat.locked.rev}.tar.gz"; url =
lock.nodes.flake-compat.locked.url
or "https://github.com/edolstra/flake-compat/archive/${lock.nodes.flake-compat.locked.rev}.tar.gz";
sha256 = lock.nodes.flake-compat.locked.narHash; sha256 = lock.nodes.flake-compat.locked.narHash;
} }
) ) { src = ./.; }).defaultNix
{src = ./.;}
)
.defaultNix

107
flake.nix
View file

@ -78,23 +78,23 @@
}; };
}; };
outputs = { outputs =
{
self, self,
nixpkgs, nixpkgs,
... ...
} @ inputs': let }@inputs':
inputs = let
inputs' inputs = inputs' // {
// {
nixos-config = self; nixos-config = self;
inherit inputs; inherit inputs;
inTester = false; inTester = false;
pureInputs = inputs'; pureInputs = inputs';
}; };
pkgsFor = system: let pkgsFor =
inputs' = system:
inputs let
// { inputs' = inputs // {
inherit system; inherit system;
inputs = inputs'; inputs = inputs';
}; };
@ -103,56 +103,78 @@
inherit system; inherit system;
overlays = overlays =
[ [
(_: _: (
_: _:
inputs' inputs'
// { // {
inputs = inputs'; inputs = inputs';
}) }
)
] ]
++ ( ++ (
if system == "riscv64-linux" if system == "riscv64-linux" then
then [ [
inputs.riscv-overlay.overlays.default inputs.riscv-overlay.overlays.default
] ]
else [] else
[ ]
); );
}; };
in { in
checks.x86_64-linux = nixpkgs.lib.listToAttrs (map (testName: { {
checks.x86_64-linux = nixpkgs.lib.listToAttrs (
map (testName: {
name = testName; name = testName;
value = (pkgsFor "x86_64-linux").callPackage ./tests/${testName}.nix { }; value = (pkgsFor "x86_64-linux").callPackage ./tests/${testName}.nix { };
}) ["containers-default"]); }) [ "containers-default" ]
);
nixosModules = { nixosModules = {
containers = import ./modules/containers/default.nix; containers = import ./modules/containers/default.nix;
default = import ./modules/default.nix; default = import ./modules/default.nix;
}; };
nixosContainers = with nixpkgs.lib; let nixosContainers =
with nixpkgs.lib;
let
containerNames = [ containerNames = [
"default" "default"
]; ];
containerArches = ["x86_64-linux" "aarch64-linux" "riscv64-linux"]; containerArches = [
containers = listToAttrs (flatten (map (system: let "x86_64-linux"
"aarch64-linux"
"riscv64-linux"
];
containers = listToAttrs (
flatten (
map (
system:
let
pkgs = pkgsFor system; pkgs = pkgsFor system;
in in
map (container: { map (container: {
name = "container-${container}-${system}"; name = "container-${container}-${system}";
value = pkgs.callPackage ./containers/${container}-configuration.nix { }; value = pkgs.callPackage ./containers/${container}-configuration.nix { };
}) }) containerNames
containerNames) ) containerArches
containerArches)); )
);
in in
containers; containers;
nixosConfigurations = with nixpkgs.lib; let nixosConfigurations =
mkSystem = args: let with nixpkgs.lib;
inputs' = inputs // {inherit (args) system;}; let
mkSystem =
args:
let
inputs' = inputs // {
inherit (args) system;
};
in in
nixosSystem (args nixosSystem (
args
// { // {
specialArgs = specialArgs = args.specialArgs or { } // inputs';
args.specialArgs }
or {} );
// inputs';
});
systems' = { systems' = {
not522 = { not522 = {
config = ./machine/not522; config = ./machine/not522;
@ -175,29 +197,34 @@
system = "x86_64-linux"; system = "x86_64-linux";
}; };
}; };
containers = mapAttrs (_: container: containers = mapAttrs (
_: container:
mkSystem { mkSystem {
inherit (container) system; inherit (container) system;
modules = [ modules = [
container.config container.config
]; ];
}) }
self.nixosContainers; ) self.nixosContainers;
systems = mapAttrs (_: system: systems = mapAttrs (
_: system:
mkSystem { mkSystem {
inherit (system) system; inherit (system) system;
modules = [ modules = [
system.config system.config
]; ];
}) }
systems'; ) systems';
in in
containers // systems; containers // systems;
hydraJobs = { hydraJobs = {
inherit (self) checks devShells; inherit (self) checks devShells;
nixosConfigurations = nixpkgs.lib.mapAttrs (_: v: v.config.system.build.toplevel) self.nixosConfigurations; nixosConfigurations = nixpkgs.lib.mapAttrs (
_: v: v.config.system.build.toplevel
) self.nixosConfigurations;
}; };
devShells.x86_64-linux.default = with pkgsFor "x86_64-linux"; devShells.x86_64-linux.default =
with pkgsFor "x86_64-linux";
mkShell { mkShell {
nativeBuildInputs = with pkgs; [ nativeBuildInputs = with pkgs; [
age age

View file

@ -3,13 +3,15 @@
nixpkgs, nixpkgs,
lix, lix,
... ...
}: let }:
let
pkgs_x86_64 = import nixpkgs { pkgs_x86_64 = import nixpkgs {
system = "x86_64-linux"; system = "x86_64-linux";
crossSystem.system = "riscv64-linux"; crossSystem.system = "riscv64-linux";
overlays = [ lix.overlays.default ]; overlays = [ lix.overlays.default ];
}; };
in { in
{
nixpkgs.overlays = [ nixpkgs.overlays = [
(self: super: { (self: super: {
inherit (pkgs_x86_64) lix nixos-option; inherit (pkgs_x86_64) lix nixos-option;

View file

@ -3,7 +3,8 @@
nixos-hardware, nixos-hardware,
nixpkgs, nixpkgs,
... ...
}: { }:
{
networking.hostName = "not522"; networking.hostName = "not522";
imports = [ imports = [
"${nixos-config}/config" "${nixos-config}/config"

View file

@ -40,7 +40,10 @@
}; };
# Parent is not mounted so the mountpoint must be set # Parent is not mounted so the mountpoint must be set
"/nix" = { "/nix" = {
mountOptions = ["compress=zstd" "noatime"]; mountOptions = [
"compress=zstd"
"noatime"
];
mountpoint = "/nix"; mountpoint = "/nix";
}; };
}; };

View file

@ -3,7 +3,8 @@
nixos-hardware, nixos-hardware,
config, config,
... ...
}: { }:
{
imports = [ imports = [
"${nixos-hardware}/starfive/visionfive/v2/default.nix" "${nixos-hardware}/starfive/visionfive/v2/default.nix"
]; ];

View file

@ -7,19 +7,19 @@
lib, lib,
nixpkgs, nixpkgs,
... ...
}: let }:
dependencies = let
[ dependencies = [
nixos-config.nixosConfigurations.not522.config.system.build.toplevel nixos-config.nixosConfigurations.not522.config.system.build.toplevel
nixos-config.nixosConfigurations.not522.config.system.build.diskoScript nixos-config.nixosConfigurations.not522.config.system.build.diskoScript
nixos-config.nixosConfigurations.not522.config.system.build.diskoScript.drvPath nixos-config.nixosConfigurations.not522.config.system.build.diskoScript.drvPath
nixos-config.nixosConfigurations.not522.pkgs.stdenv.drvPath nixos-config.nixosConfigurations.not522.pkgs.stdenv.drvPath
(nixos-config.nixosConfigurations.not522.pkgs.closureInfo { rootPaths = [ ]; }).drvPath (nixos-config.nixosConfigurations.not522.pkgs.closureInfo { rootPaths = [ ]; }).drvPath
] ] ++ map (i: i.outPath) (builtins.filter builtins.isAttrs (builtins.attrValues pureInputs));
++ map (i: i.outPath) (builtins.filter builtins.isAttrs (builtins.attrValues pureInputs));
closureInfo = pkgs.closureInfo { rootPaths = dependencies; }; closureInfo = pkgs.closureInfo { rootPaths = dependencies; };
in { in
{
networking.hostName = "not522-installer"; networking.hostName = "not522-installer";
imports = [ imports = [
"${nixos-config}/config" "${nixos-config}/config"

View file

@ -40,7 +40,10 @@
}; };
# Parent is not mounted so the mountpoint must be set # Parent is not mounted so the mountpoint must be set
"/nix" = { "/nix" = {
mountOptions = ["compress=zstd" "noatime"]; mountOptions = [
"compress=zstd"
"noatime"
];
mountpoint = "/nix"; mountpoint = "/nix";
}; };
}; };

View file

@ -5,7 +5,8 @@
pkgs, pkgs,
pureInputs, pureInputs,
... ...
}: let }:
let
getDeps = name: [ getDeps = name: [
nixos-config.nixosConfigurations.${name}.config.system.build.toplevel nixos-config.nixosConfigurations.${name}.config.system.build.toplevel
nixos-config.nixosConfigurations.${name}.config.system.build.diskoScript nixos-config.nixosConfigurations.${name}.config.system.build.diskoScript
@ -19,7 +20,8 @@
++ map (i: i.outPath) (builtins.filter builtins.isAttrs (builtins.attrValues pureInputs)); ++ map (i: i.outPath) (builtins.filter builtins.isAttrs (builtins.attrValues pureInputs));
closureInfo = pkgs.closureInfo { rootPaths = dependencies; }; closureInfo = pkgs.closureInfo { rootPaths = dependencies; };
in { in
{
networking.hostName = "pc-installer"; networking.hostName = "pc-installer";
imports = [ imports = [
"${nixos-config}/config" "${nixos-config}/config"

View file

@ -41,7 +41,10 @@
}; };
# Parent is not mounted so the mountpoint must be set # Parent is not mounted so the mountpoint must be set
"/nix" = { "/nix" = {
mountOptions = ["compress=zstd" "noatime"]; mountOptions = [
"compress=zstd"
"noatime"
];
mountpoint = "/nix"; mountpoint = "/nix";
}; };
}; };

View file

@ -2,7 +2,8 @@
config, config,
nixos-config, nixos-config,
... ...
}: { }:
{
imports = [ imports = [
"${nixos-config}/config/graphical.nix" "${nixos-config}/config/graphical.nix"
]; ];

View file

@ -2,7 +2,8 @@
config, config,
lib, lib,
... ...
}: { }:
{
# For legacy pc reason, this needs to be grub # For legacy pc reason, this needs to be grub
boot.loader.systemd-boot.enable = lib.mkForce false; boot.loader.systemd-boot.enable = lib.mkForce false;
boot.loader.grub = { boot.loader.grub = {

View file

@ -1,5 +1,13 @@
{...}: { { ... }:
boot.initrd.availableKernelModules = ["nvme" "ahci" "xhci_pci" "usbhid" "uas" "sd_mod"]; {
boot.initrd.availableKernelModules = [
"nvme"
"ahci"
"xhci_pci"
"usbhid"
"uas"
"sd_mod"
];
hardware.cpu.amd.updateMicrocode = true; hardware.cpu.amd.updateMicrocode = true;
hardware.cpu.intel.updateMicrocode = true; hardware.cpu.intel.updateMicrocode = true;
} }

View file

@ -3,7 +3,8 @@
nixos-config, nixos-config,
lib, lib,
... ...
}: { }:
{
networking.hostName = "rainbow-resort"; networking.hostName = "rainbow-resort";
imports = [ imports = [
"${nixos-config}/config" "${nixos-config}/config"

View file

@ -40,7 +40,10 @@
}; };
# Parent is not mounted so the mountpoint must be set # Parent is not mounted so the mountpoint must be set
"/nix" = { "/nix" = {
mountOptions = ["compress=zstd" "noatime"]; mountOptions = [
"compress=zstd"
"noatime"
];
mountpoint = "/nix"; mountpoint = "/nix";
}; };
}; };

View file

@ -2,7 +2,8 @@
modulesPath, modulesPath,
nixos-hardware, nixos-hardware,
... ...
}: { }:
{
imports = [ imports = [
(modulesPath + "/installer/scan/not-detected.nix") (modulesPath + "/installer/scan/not-detected.nix")
nixos-hardware.nixosModules.common-cpu-amd nixos-hardware.nixosModules.common-cpu-amd
@ -13,9 +14,22 @@
nixos-hardware.nixosModules.common-pc-ssd nixos-hardware.nixosModules.common-pc-ssd
]; ];
hardware.cpu.amd.updateMicrocode = true; hardware.cpu.amd.updateMicrocode = true;
boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" "sr_mod" "k10temp"]; boot.initrd.availableKernelModules = [
"nvme"
"xhci_pci"
"ahci"
"usb_storage"
"usbhid"
"sd_mod"
"sr_mod"
"k10temp"
];
boot.initrd.kernelModules = [ "amdgpu" ]; boot.initrd.kernelModules = [ "amdgpu" ];
boot.kernelModules = ["kvm-amd" "i2c-dev" "i2c-piix4"]; boot.kernelModules = [
"kvm-amd"
"i2c-dev"
"i2c-piix4"
];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [ ];
nix.settings.cores = 16; nix.settings.cores = 16;
boot.binfmt.emulatedSystems = [ boot.binfmt.emulatedSystems = [

View file

@ -1,4 +1,5 @@
{lib, ...}: { { lib, ... }:
{
xdg.configFile."kwinoutputconfig.json".text = lib.strings.toJSON [ xdg.configFile."kwinoutputconfig.json".text = lib.strings.toJSON [
{ {
data = [ data = [

View file

@ -3,7 +3,8 @@
nixos-config, nixos-config,
lib, lib,
... ...
}: { }:
{
networking.hostName = "thinkrac"; networking.hostName = "thinkrac";
imports = [ imports = [
"${nixos-config}/config" "${nixos-config}/config"

View file

@ -40,7 +40,10 @@
}; };
# Parent is not mounted so the mountpoint must be set # Parent is not mounted so the mountpoint must be set
"/nix" = { "/nix" = {
mountOptions = ["compress=zstd" "noatime"]; mountOptions = [
"compress=zstd"
"noatime"
];
mountpoint = "/nix"; mountpoint = "/nix";
}; };
}; };

View file

@ -2,7 +2,8 @@
modulesPath, modulesPath,
nixos-hardware, nixos-hardware,
... ...
}: { }:
{
imports = [ imports = [
(modulesPath + "/installer/scan/not-detected.nix") (modulesPath + "/installer/scan/not-detected.nix")
nixos-hardware.nixosModules.lenovo-thinkpad-t470s nixos-hardware.nixosModules.lenovo-thinkpad-t470s
@ -11,7 +12,12 @@
nixos-hardware.nixosModules.common-pc-laptop-ssd nixos-hardware.nixosModules.common-pc-laptop-ssd
]; ];
hardware.cpu.intel.updateMicrocode = true; hardware.cpu.intel.updateMicrocode = true;
boot.initrd.availableKernelModules = ["xhci_pci" "nvme" "usb_storage" "sd_mod"]; boot.initrd.availableKernelModules = [
"xhci_pci"
"nvme"
"usb_storage"
"sd_mod"
];
boot.initrd.kernelModules = [ ]; boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ]; boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [ ];

View file

@ -6,27 +6,28 @@
inputs, inputs,
... ...
}: }:
with lib; let with lib;
let
badNames = [ badNames = [
"system" "system"
"override" "override"
"overrideDerivation" "overrideDerivation"
]; ];
filterBad = filterAttrs (n: _: lib.all (m: n != m) badNames); filterBad = filterAttrs (n: _: lib.all (m: n != m) badNames);
in { in
{
options.autoContainers = mkOption { options.autoContainers = mkOption {
default = [ ]; default = [ ];
type = types.listOf types.str; type = types.listOf types.str;
}; };
config = { config = {
containers = listToAttrs (map (container: { containers = listToAttrs (
map (container: {
name = container; name = container;
value = value = filterBad (pkgs.callPackage ../../containers/${container}-configuration.nix { }) // {
filterBad (pkgs.callPackage ../../containers/${container}-configuration.nix {})
// {
specialArgs = inputs; specialArgs = inputs;
}; };
}) }) config.autoContainers
config.autoContainers); );
}; };
} }

View file

@ -2,7 +2,8 @@
nixos-config, nixos-config,
lib, lib,
... ...
}: { }:
{
imports = [ imports = [
nixos-config.nixosModules.default nixos-config.nixosModules.default
./hostName.nix ./hostName.nix

View file

@ -3,7 +3,8 @@
lib, lib,
... ...
}: }:
with lib; { with lib;
{
options.networking = { options.networking = {
rootHostName = mkOption { rootHostName = mkOption {
description = "Hostname of the running host"; description = "Hostname of the running host";
@ -26,9 +27,10 @@ with lib; {
config = { config = {
networking = rec { networking = rec {
fullHostName = fullHostName =
if config.networking.rootHostName == "" if config.networking.rootHostName == "" then
then config.networking.hostName config.networking.hostName
else "${config.networking.rootHostName}-${config.networking.hostName}"; else
"${config.networking.rootHostName}-${config.networking.hostName}";
nodeID = lib.substring 0 8 (builtins.hashString "sha256" fullHostName); nodeID = lib.substring 0 8 (builtins.hashString "sha256" fullHostName);
}; };
}; };

View file

@ -1,4 +1,5 @@
{nixpkgs, ...}: { { nixpkgs, ... }:
{
imports = [ imports = [
(nixpkgs.outPath + "/nixos/modules/profiles/minimal.nix") (nixpkgs.outPath + "/nixos/modules/profiles/minimal.nix")
(nixpkgs.outPath + "/nixos/modules/profiles/headless.nix") (nixpkgs.outPath + "/nixos/modules/profiles/headless.nix")

View file

@ -5,7 +5,8 @@
nur, nur,
... ...
}: }:
with lib; { with lib;
{
imports = [ imports = [
./riscv.nix ./riscv.nix
./containers/autoconfig.nix ./containers/autoconfig.nix

View file

@ -6,7 +6,8 @@
inTester, inTester,
... ...
}: }:
with lib; { with lib;
{
imports = [ imports = [
"${impermanence}/nixos.nix" "${impermanence}/nixos.nix"
./user-impermanence.nix ./user-impermanence.nix
@ -70,24 +71,21 @@ with lib; {
} }
{ {
assertion = assertion =
if hasAttr "/" config.fileSystems if hasAttr "/" config.fileSystems then config.fileSystems."/".fsType == "btrfs" else false;
then config.fileSystems."/".fsType == "btrfs"
else false;
message = "rootfs must be btrfs"; message = "rootfs must be btrfs";
} }
{ {
assertion = assertion =
if hasAttr "/" config.fileSystems if hasAttr "/" config.fileSystems then
then any (t: t == "subvol=root" || t == "subvol=/root") config.fileSystems."/".options any (t: t == "subvol=root" || t == "subvol=/root") config.fileSystems."/".options
else false; else
false;
message = "rootfs must mount subvolume root"; message = "rootfs must mount subvolume root";
} }
]; ];
fileSystems."/persistent" = { fileSystems."/persistent" = {
device = device =
if hasAttr "/" config.fileSystems if hasAttr "/" config.fileSystems then mkDefault config.fileSystems."/".device else "/dev/null";
then mkDefault config.fileSystems."/".device
else "/dev/null";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=persistent" ]; options = [ "subvol=persistent" ];
neededForBoot = true; neededForBoot = true;

View file

@ -5,7 +5,8 @@
inTester, inTester,
... ...
}: }:
with lib; { with lib;
{
options = { options = {
environment.impermanence.users = mkOption { environment.impermanence.users = mkOption {
description = "Which users to clean up the home directory for"; description = "Which users to clean up the home directory for";
@ -14,11 +15,16 @@ with lib; {
}; };
}; };
config = mkIf (config.environment.impermanence.enable && config.environment.impermanence.users != []) { config =
mkIf (config.environment.impermanence.enable && config.environment.impermanence.users != [ ])
{
programs.fuse.userAllowOther = true; programs.fuse.userAllowOther = true;
home-manager.users = listToAttrs (map (name: { home-manager.users = listToAttrs (
map (name: {
inherit name; inherit name;
value = {config, ...}: { value =
{ config, ... }:
{
home.file."${config.home.homeDirectory}/.cache/.keep" = { home.file."${config.home.homeDirectory}/.cache/.keep" = {
enable = false; enable = false;
}; };
@ -39,16 +45,22 @@ with lib; {
]; ];
}; };
}; };
}) }) config.environment.impermanence.users
config.environment.impermanence.users); );
systemd.tmpfiles.rules = mkMerge (map (name: [ systemd.tmpfiles.rules = mkMerge (
map (name: [
"d /persistent/home/${name} 700 ${name} ${config.users.users.${name}.group} - -" "d /persistent/home/${name} 700 ${name} ${config.users.users.${name}.group} - -"
"d /persistent/home/${name}/.cache 700 ${name} ${config.users.users.${name}.group} 7d -" "d /persistent/home/${name}/.cache 700 ${name} ${config.users.users.${name}.group} 7d -"
]) ]) config.environment.impermanence.users
config.environment.impermanence.users); );
systemd.services = listToAttrs (flatten (map (name: let systemd.services = listToAttrs (
flatten (
map (
name:
let
cfg = config.users.users.${name}; cfg = config.users.users.${name};
in [ in
[
{ {
name = "cleanup-home-${name}"; name = "cleanup-home-${name}";
description = "Clean home directory for ${name}"; description = "Clean home directory for ${name}";
@ -105,7 +117,9 @@ with lib; {
]; ];
}; };
} }
]) ]
config.environment.impermanence.users)); ) config.environment.impermanence.users
)
);
}; };
} }

View file

@ -3,11 +3,13 @@
config, config,
... ...
}: }:
with lib; { with lib;
{
options.hydra.buildServer.enable = mkEnableOption "Make this device a build server"; options.hydra.buildServer.enable = mkEnableOption "Make this device a build server";
imports = [ imports = [
{ {
config.hydra.buildServer.enable = let config.hydra.buildServer.enable =
let
buildServers = import ./build-server-list.nix; buildServers = import ./build-server-list.nix;
in in
mkDefault (any (t: t == config.networking.hostName) buildServers); mkDefault (any (t: t == config.networking.hostName) buildServers);

View file

@ -3,10 +3,12 @@
pkgs, pkgs,
lib, lib,
... ...
}: let }:
let
cfg = config.nix.auto-update; cfg = config.nix.auto-update;
in in
with lib; { with lib;
{
options.nix.auto-update = { options.nix.auto-update = {
enable = mkEnableOption "enable automatic updates"; enable = mkEnableOption "enable automatic updates";
reboot = mkEnableOption "Reboot if kernel change"; reboot = mkEnableOption "Reboot if kernel change";
@ -50,13 +52,13 @@ in
serviceConfig.Type = "oneshot"; serviceConfig.Type = "oneshot";
script = let script =
let
output = output =
if cfg.specialisation == null if cfg.specialisation == null then "$output" else "$output/specialisation/${cfg.specialisation}";
then "$output"
else "$output/specialisation/${cfg.specialisation}";
switchToConfiguration = "${output}/bin/switch-to-configuration"; switchToConfiguration = "${output}/bin/switch-to-configuration";
in '' in
''
#!${pkgs.bash}/bin/bash #!${pkgs.bash}/bin/bash
set -euxo pipefail set -euxo pipefail
build=$(${pkgs.curl}/bin/curl -H "accept: application/json" -G ${cfg.hydraServer}/api/latestbuilds -d "nr=10" -d "project=${cfg.project}" -d "jobset=${cfg.jobset}" -d "job=${cfg.job}" | ${pkgs.jq}/bin/jq -r '[.[]|select(.buildstatus==0)][0].id') build=$(${pkgs.curl}/bin/curl -H "accept: application/json" -G ${cfg.hydraServer}/api/latestbuilds -d "nr=10" -d "project=${cfg.project}" -d "jobset=${cfg.jobset}" -d "job=${cfg.job}" | ${pkgs.jq}/bin/jq -r '[.[]|select(.buildstatus==0)][0].id')
@ -65,8 +67,8 @@ in
output=$(${pkgs.nix}/bin/nix-store -r $drvname) output=$(${pkgs.nix}/bin/nix-store -r $drvname)
${pkgs.nix}/bin/nix-env -p /nix/var/nix/profiles/system --set ${output} ${pkgs.nix}/bin/nix-env -p /nix/var/nix/profiles/system --set ${output}
${ ${
if cfg.reboot if cfg.reboot then
then '' ''
${switchToConfiguration} boot ${switchToConfiguration} boot
booted="$(${pkgs.coreutils}/bin/readlink /run/booted-system/{initrd,kernel,kernel-modules})" booted="$(${pkgs.coreutils}/bin/readlink /run/booted-system/{initrd,kernel,kernel-modules})"
built="$(${pkgs.coreutils}/bin/readlink ${output}/{initrd,kernel,kernel-modules})" built="$(${pkgs.coreutils}/bin/readlink ${output}/{initrd,kernel,kernel-modules})"
@ -77,7 +79,8 @@ in
fi fi
exit exit
'' ''
else '' else
''
${switchToConfiguration} switch ${switchToConfiguration} switch
'' ''
} }

View file

@ -3,7 +3,8 @@
lib, lib,
... ...
}: }:
with lib; { with lib;
{
config = mkIf (!config.isInstaller) { config = mkIf (!config.isInstaller) {
nix.distributedBuilds = true; nix.distributedBuilds = true;
nix.buildMachines = mkMerge [ nix.buildMachines = mkMerge [
@ -17,7 +18,15 @@ with lib; {
]; ];
maxJobs = 4; maxJobs = 4;
speedFactor = 1; speedFactor = 1;
supportedFeatures = ["nixos-test" "benchmark" "ca-derivations" "gccarch-armv8-a" "gccarch-armv8.1-a" "gccarch-armv8.2-a" "big-parallel"]; supportedFeatures = [
"nixos-test"
"benchmark"
"ca-derivations"
"gccarch-armv8-a"
"gccarch-armv8.1-a"
"gccarch-armv8.2-a"
"big-parallel"
];
} }
] ]
[ [

View file

@ -3,7 +3,8 @@
lib, lib,
... ...
}: }:
with lib; { with lib;
{
imports = [ imports = [
./link-inputs.nix ./link-inputs.nix
./lix.nix ./lix.nix

View file

@ -2,22 +2,20 @@
lib, lib,
inputs, inputs,
... ...
}: let }:
let
# Taken from https://github.com/gytis-ivaskevicius/flake-utils-plus/blob/master/lib/options.nix # Taken from https://github.com/gytis-ivaskevicius/flake-utils-plus/blob/master/lib/options.nix
inherit (lib) filterAttrs mapAttrs'; inherit (lib) filterAttrs mapAttrs';
flakes = filterAttrs (name: value: (value ? outputs)) inputs; flakes = filterAttrs (name: value: (value ? outputs)) inputs;
nixRegistry = nixRegistry = builtins.mapAttrs (name: v: { flake = v; }) flakes;
builtins.mapAttrs in
(name: v: {flake = v;}) {
flakes;
in {
nix.registry = nixRegistry; nix.registry = nixRegistry;
environment.etc = environment.etc = mapAttrs' (name: value: {
mapAttrs'
(name: value: {
name = "nix/inputs/${name}"; name = "nix/inputs/${name}";
value = {source = value.outPath;}; value = {
}) source = value.outPath;
flakes; };
}) flakes;
nix.nixPath = [ "/etc/nix/inputs" ]; nix.nixPath = [ "/etc/nix/inputs" ];
} }

View file

@ -5,11 +5,9 @@
pkgs, pkgs,
lib, lib,
... ...
}: { }:
imports = {
if inTester imports = if inTester then [ ] else [ lix-module.nixosModules.default ];
then []
else [lix-module.nixosModules.default];
environment.systemPackages = lib.mkIf config.nix.enable [ environment.systemPackages = lib.mkIf config.nix.enable [
pkgs.git pkgs.git

View file

@ -3,10 +3,11 @@
riscv-overlay, riscv-overlay,
... ...
}: }:
if system == "riscv64-linux" if system == "riscv64-linux" then
then { {
nixpkgs.overlays = [ nixpkgs.overlays = [
riscv-overlay.overlays.default riscv-overlay.overlays.default
]; ];
} }
else {} else
{ }

View file

@ -2,7 +2,8 @@
sops-nix, sops-nix,
config, config,
... ...
}: { }:
{
imports = [ imports = [
"${sops-nix}/modules/sops" "${sops-nix}/modules/sops"
]; ];

View file

@ -1,4 +1,5 @@
{pkgs, ...}: { { pkgs, ... }:
{
home.packages = with pkgs; [ audacious ]; home.packages = with pkgs; [ audacious ];
home.persistence.default.directories = [ home.persistence.default.directories = [
".config/audacious" ".config/audacious"

View file

@ -1,13 +1,15 @@
{config, pkgs, ...}: { { config, pkgs, ... }:
{
imports = [ imports = [
./steam ./steam
]; ];
home-manager.users.darkkirb.imports = home-manager.users.darkkirb.imports =
if config.isGraphical if config.isGraphical then
then [ [
./home-manager.nix ./home-manager.nix
] ]
else []; else
[ ];
environment.plasma6.excludePackages = with pkgs.kdePackages; [ environment.plasma6.excludePackages = with pkgs.kdePackages; [
pkgs.elisa pkgs.elisa

View file

@ -4,7 +4,8 @@
lib, lib,
nur, nur,
... ...
}: let }:
let
extensions = { extensions = {
"ublock-origin" = [ "ublock-origin" = [
"alarms" "alarms"
@ -102,7 +103,8 @@
nurpkgs = pkgs; nurpkgs = pkgs;
inherit pkgs; inherit pkgs;
}; };
in { in
{
programs.firefox = { programs.firefox = {
enable = true; enable = true;
nativeMessagingHosts = with pkgs; [ nativeMessagingHosts = with pkgs; [
@ -139,18 +141,16 @@ in {
''; '';
}; };
}; };
assertions = assertions = lib.mapAttrsToList (
lib.mapAttrsToList (k: v: let k: v:
unaccepted = let
lib.subtractLists unaccepted = lib.subtractLists v nur'.repos.rycee.firefox-addons.${k}.meta.mozPermissions;
v in
nur'.repos.rycee.firefox-addons.${k}.meta.mozPermissions; {
in {
assertion = unaccepted == [ ]; assertion = unaccepted == [ ];
message = '' message = ''Extension ${k} has unaccepted permissions: ${builtins.toJSON unaccepted}'';
Extension ${k} has unaccepted permissions: ${builtins.toJSON unaccepted}''; }
}) ) extensions;
extensions;
home.persistence.default.directories = [ home.persistence.default.directories = [
".mozilla" ".mozilla"
]; ];

View file

@ -1,4 +1,5 @@
{pkgs, ...}: { { pkgs, ... }:
{
imports = [ imports = [
./ff14 ./ff14
]; ];

View file

@ -1,4 +1,11 @@
{ config, pkgs, lib, systemConfig, ... }: { {
config,
pkgs,
lib,
systemConfig,
...
}:
{
config = lib.mkIf (systemConfig.networking.hostName == "rainbow-resort") { config = lib.mkIf (systemConfig.networking.hostName == "rainbow-resort") {
home.packages = with pkgs; [ xivlauncher ]; home.packages = with pkgs; [ xivlauncher ];
systemd.user.tmpfiles.rules = [ systemd.user.tmpfiles.rules = [

View file

@ -1,4 +1,5 @@
{pkgs, nixos-config, ...}: { { pkgs, nixos-config, ... }:
{
imports = [ imports = [
./firefox ./firefox
./password-manager.nix ./password-manager.nix

View file

@ -1,4 +1,5 @@
{config, pkgs, ...}: { { config, pkgs, ... }:
{
home.packages = with pkgs; [ home.packages = with pkgs; [
telegram-desktop telegram-desktop
]; ];

View file

@ -1,4 +1,5 @@
{ pkgs, lib, ... }: { { pkgs, lib, ... }:
{
home.packages = with pkgs; [ home.packages = with pkgs; [
keepassxc keepassxc
]; ];

View file

@ -1,4 +1,5 @@
{lib, config, ...}: { { lib, config, ... }:
{
programs.steam = lib.mkIf config.isGraphical { programs.steam = lib.mkIf config.isGraphical {
enable = !config.isInstaller; enable = !config.isInstaller;
remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play

View file

@ -1,6 +1,9 @@
{...}: { { ... }:
home.persistence.default.directories = [{ {
home.persistence.default.directories = [
{
directory = ".local/share/Steam"; directory = ".local/share/Steam";
method = "symlink"; method = "symlink";
}]; }
];
} }

View file

@ -1,4 +1,5 @@
{config, systemConfig, ...}: { { config, systemConfig, ... }:
{
services.syncthing = { services.syncthing = {
enable = true; enable = true;
tray.enable = true; tray.enable = true;

View file

@ -1,4 +1,5 @@
{config, ...}: { { config, ... }:
{
imports = [ imports = [
./nvim ./nvim
]; ];

View file

@ -3,16 +3,12 @@
pkgs, pkgs,
lib, lib,
... ...
}: let }:
boolToStr = b: let
if b boolToStr = b: if b then "true" else "false";
then "true" boolToStr' = b: if b then "1" else "0";
else "false"; in
boolToStr' = b: {
if b
then "1"
else "0";
in {
xdg.configFile."nvim/lua/globals.lua".text = '' xdg.configFile."nvim/lua/globals.lua".text = ''
local fn = vim.fn local fn = vim.fn
local api = vim.api local api = vim.api

View file

@ -2,7 +2,8 @@
pkgs, pkgs,
config, config,
... ...
}: { }:
{
imports = [ imports = [
./globals.nix ./globals.nix
./plugins/lazy-nvim.nix ./plugins/lazy-nvim.nix

View file

@ -2,9 +2,11 @@
pkgs, pkgs,
config, config,
... ...
}: { }:
{
programs.neovim = { programs.neovim = {
plugins = with pkgs.vimPlugins; plugins =
with pkgs.vimPlugins;
[ [
(nvim-treesitter.withPlugins (p: [ ])) (nvim-treesitter.withPlugins (p: [ ]))
(pkgs.vimUtils.buildVimPlugin { (pkgs.vimUtils.buildVimPlugin {
@ -39,7 +41,10 @@
indent-blankline-nvim indent-blankline-nvim
lazy-nvim lazy-nvim
(LeaderF.overrideAttrs (super: { (LeaderF.overrideAttrs (super: {
buildInputs = [pkgs.python3 pkgs.python3Packages.setuptools]; buildInputs = [
pkgs.python3
pkgs.python3Packages.setuptools
];
})) }))
lspkind-nvim lspkind-nvim
lualine-nvim lualine-nvim
@ -84,12 +89,13 @@
zen-mode-nvim zen-mode-nvim
] ]
++ ( ++ (
if pkgs.targetPlatform.system != "riscv64-linux" if pkgs.targetPlatform.system != "riscv64-linux" then
then [ [
diffview-nvim diffview-nvim
vim-grammarous vim-grammarous
] ]
else [] else
[ ]
); );
}; };
xdg.configFile."nvim/lua/config/lazy-nvim.lua".text = '' xdg.configFile."nvim/lua/config/lazy-nvim.lua".text = ''
@ -280,11 +286,13 @@
-- Better git commit experience -- Better git commit experience
{ "rhysd/committia.vim", lazy = true }, { "rhysd/committia.vim", lazy = true },
${ ${
if pkgs.targetPlatform.system != "riscv64-linux" if pkgs.targetPlatform.system != "riscv64-linux" then
then '' { ''
{
"sindrets/diffview.nvim" "sindrets/diffview.nvim"
},'' },''
else "" else
""
} }
{ {
"kevinhwang91/nvim-bqf", "kevinhwang91/nvim-bqf",
@ -310,12 +318,14 @@
end, end,
}, },
${ ${
if pkgs.targetPlatform.system != "riscv64-linux" if pkgs.targetPlatform.system != "riscv64-linux" then
then '' { ''
{
"rhysd/vim-grammarous", "rhysd/vim-grammarous",
ft = { "markdown" }, ft = { "markdown" },
},'' },''
else "" else
""
} }
{ "chrisbra/unicode.vim", event = "VeryLazy" }, { "chrisbra/unicode.vim", event = "VeryLazy" },
-- Additional powerful text object for vim, this plugin should be studied -- Additional powerful text object for vim, this plugin should be studied

View file

@ -1,4 +1,5 @@
{vscode-server, pkgs, ...}: { { vscode-server, pkgs, ... }:
{
imports = [ imports = [
"${vscode-server}/modules/vscode-server/home.nix" "${vscode-server}/modules/vscode-server/home.nix"
]; ];

View file

@ -1,4 +1,5 @@
{pkgs, ...}: { { pkgs, ... }:
{
programs.eza.enable = true; programs.eza.enable = true;
programs.bat.enable = true; programs.bat.enable = true;
programs.fzf.enable = true; programs.fzf.enable = true;
@ -6,5 +7,8 @@
cat = "bat"; cat = "bat";
less = "bat"; less = "bat";
}; };
home.packages = with pkgs; [ripgrep fd]; home.packages = with pkgs; [
ripgrep
fd
];
} }

View file

@ -1,4 +1,5 @@
{pkgs, ...}: { { pkgs, ... }:
{
programs.fish.enable = true; programs.fish.enable = true;
home-manager.users.root.imports = [ home-manager.users.root.imports = [
./home-manager.nix ./home-manager.nix

View file

@ -1,4 +1,5 @@
{pkgs, ...}: { { pkgs, ... }:
{
imports = [ imports = [
./tide.nix ./tide.nix
./z.nix ./z.nix

View file

@ -1,4 +1,5 @@
{pkgs, ...}: { { pkgs, ... }:
{
programs.fish.plugins = with pkgs.fishPlugins; [ programs.fish.plugins = with pkgs.fishPlugins; [
{ {
name = "tide"; name = "tide";

View file

@ -1,4 +1,5 @@
{pkgs, ...}: { { pkgs, ... }:
{
programs.fish.plugins = with pkgs.fishPlugins; [ programs.fish.plugins = with pkgs.fishPlugins; [
{ {
name = "z"; name = "z";

View file

@ -1,4 +1,5 @@
{...}: { { ... }:
{
home-manager.users.root.imports = [ home-manager.users.root.imports = [
./home-manager.nix ./home-manager.nix
]; ];

View file

@ -1,4 +1,5 @@
{pkgs, ...}: { { pkgs, ... }:
{
programs.tmux = { programs.tmux = {
enable = true; enable = true;
baseIndex = 1; baseIndex = 1;

View file

@ -3,12 +3,15 @@
systemConfig, systemConfig,
lib, lib,
... ...
}: let }:
let
identityFile = identityFile =
if config.home.username == "root" if config.home.username == "root" then
then systemConfig.sops.secrets.".ssh/builder_id_ed25519".path systemConfig.sops.secrets.".ssh/builder_id_ed25519".path
else config.sops.secrets.".ssh/builder_id_ed25519".path; else
in { config.sops.secrets.".ssh/builder_id_ed25519".path;
in
{
programs.ssh = { programs.ssh = {
enable = true; enable = true;
matchBlocks = { matchBlocks = {

View file

@ -3,18 +3,28 @@
config, config,
systemConfig, systemConfig,
... ...
}: { }:
{
imports = [ imports = [
./builders.nix ./builders.nix
]; ];
programs.ssh = { programs.ssh = {
controlMaster = "auto"; controlMaster = "auto";
controlPersist = "10m"; controlPersist = "10m";
matchBlocks."*" = lib.hm.dag.entryAfter ["build-nas" "build-rainbow-resort" "build-aarch64" "build-riscv"] { matchBlocks."*" =
lib.hm.dag.entryAfter
[
"build-nas"
"build-rainbow-resort"
"build-aarch64"
"build-riscv"
]
{
identityFile = identityFile =
if config.home.username == "root" if config.home.username == "root" then
then systemConfig.sops.secrets.".ssh/id_ed25519_sk".path systemConfig.sops.secrets.".ssh/id_ed25519_sk".path
else config.sops.secrets.".ssh/id_ed25519_sk".path; else
config.sops.secrets.".ssh/id_ed25519_sk".path;
}; };
enable = true; enable = true;
}; };

View file

@ -1,4 +1,5 @@
{...}: { { ... }:
{
imports = [ imports = [
./kdeconnect.nix ./kdeconnect.nix
]; ];

View file

@ -1,4 +1,5 @@
{pkgs, ...}: { { pkgs, ... }:
{
services.kdeconnect = { services.kdeconnect = {
enable = true; enable = true;
indicator = true; indicator = true;

View file

@ -1,4 +1,5 @@
{...}: { { ... }:
{
services.openssh.enable = true; services.openssh.enable = true;
services.openssh.settings = { services.openssh.settings = {
PermitRootLogin = "yes"; PermitRootLogin = "yes";

View file

@ -3,7 +3,8 @@
lib, lib,
... ...
}: }:
with lib; { with lib;
{
config = mkIf (!config.isInstaller) { config = mkIf (!config.isInstaller) {
services.tailscale = { services.tailscale = {
enable = true; enable = true;

View file

@ -6,18 +6,22 @@
}: }:
testers.runNixOSTest { testers.runNixOSTest {
name = "container-default-test"; name = "container-default-test";
nodes.default = { nodes.default =
{
config, config,
pkgs, pkgs,
nixos-config, nixos-config,
... ...
}: { }:
{
imports = [ imports = [
nixos-config.nixosModules.default nixos-config.nixosModules.default
]; ];
autoContainers = [ "default" ]; autoContainers = [ "default" ];
}; };
node.specialArgs = inputs // {inTester = true;}; node.specialArgs = inputs // {
inTester = true;
};
testScript = '' testScript = ''
machine.wait_for_unit("container@default.service") machine.wait_for_unit("container@default.service")
''; '';

View file

@ -1,3 +1,4 @@
{...}: { { ... }:
{
home.stateVersion = "24.11"; home.stateVersion = "24.11";
} }

View file

@ -1,4 +1,5 @@
{config, ...}: { { config, ... }:
{
users.users.darkkirb = { users.users.darkkirb = {
createHome = true; createHome = true;
isNormalUser = true; isNormalUser = true;
@ -16,7 +17,8 @@
owner = "darkkirb"; owner = "darkkirb";
sopsFile = ./system.yaml; sopsFile = ./system.yaml;
}; };
home-manager.users.darkkirb.sops.age.keyFile = config.sops.secrets."users/users/darkkirb/age-key".path; home-manager.users.darkkirb.sops.age.keyFile =
config.sops.secrets."users/users/darkkirb/age-key".path;
home-manager.users.darkkirb.home.persistence.default.directories = [ home-manager.users.darkkirb.home.persistence.default.directories = [
"sources" "sources"
{ {

View file

@ -1,4 +1,5 @@
{...}: { { ... }:
{
imports = [ imports = [
./git.nix ./git.nix
]; ];

View file

@ -1,10 +1,8 @@
{pkgs, systemConfig, ...}: { { pkgs, systemConfig, ... }:
{
programs.git = { programs.git = {
enable = true; enable = true;
package = package = if systemConfig.isGraphical then pkgs.gitAndTools.gitFull else pkgs.git;
if systemConfig.isGraphical
then pkgs.gitAndTools.gitFull
else pkgs.git;
lfs.enable = true; lfs.enable = true;
userEmail = "lotte@chir.rs"; userEmail = "lotte@chir.rs";
userName = "Charlotte 🦝 Delenk"; userName = "Charlotte 🦝 Delenk";
@ -17,4 +15,3 @@
delta.enable = true; delta.enable = true;
}; };
} }

View file

@ -1,4 +1,5 @@
{...}: { { ... }:
{
imports = [ imports = [
./home-manager.nix ./home-manager.nix
./root ./root

View file

@ -5,14 +5,13 @@
config, config,
sops-nix, sops-nix,
... ...
}: { }:
{
home-manager = { home-manager = {
useUserPackages = true; useUserPackages = true;
useGlobalPkgs = true; useGlobalPkgs = true;
backupFileExtension = "backup"; backupFileExtension = "backup";
extraSpecialArgs = extraSpecialArgs = inputs // {
inputs
// {
inherit inputs inputs'; inherit inputs inputs';
systemConfig = config; systemConfig = config;
}; };

View file

@ -3,7 +3,8 @@
config, config,
lib, lib,
... ...
}: { }:
{
users.users.root = { users.users.root = {
createHome = true; createHome = true;
openssh.authorizedKeys.keys = [ openssh.authorizedKeys.keys = [