diff --git a/flake.nix b/flake.nix index 5d2bc16..3ac52ff 100644 --- a/flake.nix +++ b/flake.nix @@ -44,16 +44,17 @@ }; }; outputs = - inputs @ { self - , nur - , nixpkgs - , home-manager - , sops-nix - , neovim-nightly-overlay - , nix-index-database - , rust-overlay - , nix-flatpak - , ... + inputs@{ + self, + nur, + nixpkgs, + home-manager, + sops-nix, + neovim-nightly-overlay, + nix-index-database, + rust-overlay, + nix-flatpak, + ... }: let commonModules = [ @@ -78,9 +79,7 @@ "https://cache.nixos.org/" "https://nix-community.cachix.org" ]; - trusted-public-keys = [ - "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" - ]; + trusted-public-keys = [ "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" ]; }; } sops-nix.nixosModules.sops @@ -99,61 +98,79 @@ }; in { - nixosConfigurations = - { - castle = - let - profile-path = ./profiles/castle.nix; - hardware-configuration = ./hardware-configuration/castle.nix; - specialArgs = { inherit inputs unstable profile-path hardware-configuration; }; - in - nixpkgs.lib.nixosSystem + nixosConfigurations = { + castle = + let + profile-path = ./profiles/castle.nix; + hardware-configuration = ./hardware-configuration/castle.nix; + specialArgs = { + inherit + inputs + unstable + profile-path + hardware-configuration + ; + }; + in + nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + ./system { - system = "x86_64-linux"; - modules = - [ - ./system - { - home-manager.extraSpecialArgs = specialArgs; - home-manager.users.tigor = import ./home; - } - ] ++ commonModules; - specialArgs = specialArgs; - }; - fort = - let - profile-path = ./profiles/fort.nix; - hardware-configuration = ./hardware-configuration/fort.nix; - specialArgs = { inherit inputs unstable profile-path hardware-configuration; }; - in - nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - modules = [ - ./system - { - home-manager.extraSpecialArgs = specialArgs; - home-manager.users.tigor = import ./home; - } - ] ++ commonModules; - specialArgs = specialArgs; + home-manager.extraSpecialArgs = specialArgs; + home-manager.users.tigor = import ./home; + } + ] ++ commonModules; + specialArgs = specialArgs; + }; + fort = + let + profile-path = ./profiles/fort.nix; + hardware-configuration = ./hardware-configuration/fort.nix; + specialArgs = { + inherit + inputs + unstable + profile-path + hardware-configuration + ; }; - homeserver = - let - profile-path = ./profiles/homeserver.nix; - hardware-configuration = ./hardware-configuration/homeserver.nix; - specialArgs = { inherit inputs unstable profile-path hardware-configuration; }; - in - nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - modules = [ - ./system - { - home-manager.extraSpecialArgs = specialArgs; - home-manager.users.homeserver = import ./home; - } - ] ++ commonModules; - specialArgs = specialArgs; + in + nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + ./system + { + home-manager.extraSpecialArgs = specialArgs; + home-manager.users.tigor = import ./home; + } + ] ++ commonModules; + specialArgs = specialArgs; + }; + homeserver = + let + profile-path = ./profiles/homeserver.nix; + hardware-configuration = ./hardware-configuration/homeserver.nix; + specialArgs = { + inherit + inputs + unstable + profile-path + hardware-configuration + ; }; - }; + in + nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + ./system + { + home-manager.extraSpecialArgs = specialArgs; + home-manager.users.homeserver = import ./home; + } + ] ++ commonModules; + specialArgs = specialArgs; + }; + }; }; } diff --git a/hardware-configuration/castle.nix b/hardware-configuration/castle.nix index 2755a45..a3a5283 100644 --- a/hardware-configuration/castle.nix +++ b/hardware-configuration/castle.nix @@ -1,16 +1,26 @@ -{ config, lib, pkgs, modulesPath, ... }: +{ + config, + lib, + pkgs, + modulesPath, + ... +}: { - imports = - [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; + imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; sops.secrets."smb/secrets" = { owner = config.profile.user.name; }; - boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ]; + boot.initrd.availableKernelModules = [ + "nvme" + "xhci_pci" + "ahci" + "usbhid" + "usb_storage" + "sd_mod" + ]; boot.initrd.kernelModules = [ "dm-snapshot" ]; boot.kernelModules = [ "kvm-amd" ]; boot.extraModulePackages = [ ]; @@ -26,52 +36,47 @@ systemd.packages = with pkgs; [ lact ]; systemd.services.lactd.wantedBy = [ "multi-user.target" ]; - system.fsPackages = [ pkgs.bindfs pkgs.cifs-utils ]; - fileSystems."/nas" = - { - device = "//192.168.100.5/nas"; - fsType = "cifs"; - options = [ - "_netdev" - "x-systemd.automount" - "noauto" - "x-systemd.idle-timeout=60" - "x-systemd.device-timeout=5s" - "x-systemd.mount-timeout=5s" - "uid=${toString config.profile.user.uid}" - "gid=${toString config.profile.user.gid}" - "credentials=${config.sops.secrets."smb/secrets".path}" - ]; - }; - - fileSystems."/" = - { - device = "/dev/disk/by-uuid/6a987bc7-1f00-4494-bcef-b0f8afc62b7b"; - fsType = "ext4"; - }; - - fileSystems."/boot" = - { - device = "/dev/disk/by-uuid/812C-A3A9"; - fsType = "vfat"; - }; - - fileSystems."/home" = - { - device = "/dev/disk/by-uuid/0add1f95-4cd5-4d44-876e-c1b381b7d133"; - fsType = "ext4"; - }; - - fileSystems."/workstation" = - { - device = "/dev/disk/by-uuid/7a3a7a8a-91d5-43fb-a80b-376bacdb54ec"; - fsType = "ext4"; - }; - - swapDevices = - [ - { device = "/dev/disk/by-uuid/15139a5f-a695-47a1-bd59-7e530989860c"; } + system.fsPackages = [ + pkgs.bindfs + pkgs.cifs-utils + ]; + fileSystems."/nas" = { + device = "//192.168.100.5/nas"; + fsType = "cifs"; + options = [ + "_netdev" + "x-systemd.automount" + "noauto" + "x-systemd.idle-timeout=60" + "x-systemd.device-timeout=5s" + "x-systemd.mount-timeout=5s" + "uid=${toString config.profile.user.uid}" + "gid=${toString config.profile.user.gid}" + "credentials=${config.sops.secrets."smb/secrets".path}" ]; + }; + + fileSystems."/" = { + device = "/dev/disk/by-uuid/6a987bc7-1f00-4494-bcef-b0f8afc62b7b"; + fsType = "ext4"; + }; + + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/812C-A3A9"; + fsType = "vfat"; + }; + + fileSystems."/home" = { + device = "/dev/disk/by-uuid/0add1f95-4cd5-4d44-876e-c1b381b7d133"; + fsType = "ext4"; + }; + + fileSystems."/workstation" = { + device = "/dev/disk/by-uuid/7a3a7a8a-91d5-43fb-a80b-376bacdb54ec"; + fsType = "ext4"; + }; + + swapDevices = [ { device = "/dev/disk/by-uuid/15139a5f-a695-47a1-bd59-7e530989860c"; } ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's diff --git a/hardware-configuration/fort.nix b/hardware-configuration/fort.nix index e4f33a7..66d200b 100644 --- a/hardware-configuration/fort.nix +++ b/hardware-configuration/fort.nix @@ -1,32 +1,37 @@ -{ config, lib, modulesPath, ... }: +{ + config, + lib, + modulesPath, + ... +}: { - imports = - [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; + imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "sd_mod" ]; + boot.initrd.availableKernelModules = [ + "xhci_pci" + "ahci" + "nvme" + "usb_storage" + "sd_mod" + ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-intel" ]; boot.extraModulePackages = [ ]; # boot.kernelParams = [ "snd-intel-dspcfg.dsp_driver=1" ]; - fileSystems."/" = - { - device = "/dev/disk/by-label/NIXROOT"; - fsType = "ext4"; - }; + fileSystems."/" = { + device = "/dev/disk/by-label/NIXROOT"; + fsType = "ext4"; + }; - fileSystems."/boot" = - { - device = "/dev/disk/by-label/NIXBOOT"; - fsType = "vfat"; - }; + fileSystems."/boot" = { + device = "/dev/disk/by-label/NIXBOOT"; + fsType = "vfat"; + }; - swapDevices = - [{ device = "/dev/disk/by-label/NIXSWAP"; }]; + swapDevices = [ { device = "/dev/disk/by-label/NIXSWAP"; } ]; networking.useDHCP = lib.mkDefault true; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; diff --git a/hardware-configuration/homeserver.nix b/hardware-configuration/homeserver.nix index 9ead189..7fbb9ba 100644 --- a/hardware-configuration/homeserver.nix +++ b/hardware-configuration/homeserver.nix @@ -1,31 +1,45 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: +{ + config, + lib, + pkgs, + modulesPath, + ... +}: { - imports = - [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; + imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; config = { - boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ]; + boot.initrd.availableKernelModules = [ + "xhci_pci" + "ahci" + "nvme" + "usbhid" + "usb_storage" + "sd_mod" + ]; boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-amd" "nct6775" ]; + boot.kernelModules = [ + "kvm-amd" + "nct6775" + ]; boot.extraModulePackages = [ ]; - fileSystems."/" = - { - device = "/dev/disk/by-uuid/439a1beb-1443-495b-9891-012605819803"; - fsType = "ext4"; - }; + fileSystems."/" = { + device = "/dev/disk/by-uuid/439a1beb-1443-495b-9891-012605819803"; + fsType = "ext4"; + }; - fileSystems."/boot" = - { - device = "/dev/disk/by-uuid/47A1-0296"; - fsType = "vfat"; - options = [ "fmask=0022" "dmask=0022" ]; - }; + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/47A1-0296"; + fsType = "vfat"; + options = [ + "fmask=0022" + "dmask=0022" + ]; + }; fileSystems."/nas" = { device = "/dev/disk/by-label/WD_RED_4T_1"; @@ -123,10 +137,11 @@ ]; }; - services.caddy.virtualHosts."public.tigor.web.id".extraConfig = /*caddy*/ '' - file_server browse - root * /nas/public - ''; + services.caddy.virtualHosts."public.tigor.web.id".extraConfig = # caddy + '' + file_server browse + root * /nas/public + ''; systemd.tmpfiles.settings = { "100-nas-public-dir" = { @@ -151,6 +166,8 @@ libvdpau-va-gl ]; }; - environment.sessionVariables = { LIBVA_DRIVER_NAME = "iHD"; }; # Force intel-media-driver + environment.sessionVariables = { + LIBVA_DRIVER_NAME = "iHD"; + }; # Force intel-media-driver }; } diff --git a/home/environments/default.nix b/home/environments/default.nix index e0287b5..b11e276 100644 --- a/home/environments/default.nix +++ b/home/environments/default.nix @@ -1,6 +1,4 @@ { ... }: { - imports = [ - ./protobuf.nix - ]; + imports = [ ./protobuf.nix ]; } diff --git a/home/environments/protobuf.nix b/home/environments/protobuf.nix index e8d900a..5ff1c5f 100644 --- a/home/environments/protobuf.nix +++ b/home/environments/protobuf.nix @@ -1,4 +1,9 @@ -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: let cfg = config.profile.home.environments.protobuf; inherit (lib) mkIf; diff --git a/home/games/default.nix b/home/games/default.nix index 078d1ae..a29624d 100644 --- a/home/games/default.nix +++ b/home/games/default.nix @@ -1,6 +1,4 @@ { pkgs, ... }: { - imports = [ - ./minecraft.nix - ]; + imports = [ ./minecraft.nix ]; } diff --git a/home/games/minecraft.nix b/home/games/minecraft.nix index 52ea634..9cfbcc2 100644 --- a/home/games/minecraft.nix +++ b/home/games/minecraft.nix @@ -1,4 +1,9 @@ -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: let cfg = config.profile.games.minecraft; inherit (lib) mkIf; diff --git a/home/modules/bareksa.nix b/home/modules/bareksa.nix index 7049db9..5e8b241 100644 --- a/home/modules/bareksa.nix +++ b/home/modules/bareksa.nix @@ -10,6 +10,8 @@ in }; programs.zsh.shellAliases = { - vpn-bareksa = "sudo ${pkgs.openvpn}/bin/openvpn --config ${config.sops.secrets."bareksa/openvpn".path}"; + vpn-bareksa = "sudo ${pkgs.openvpn}/bin/openvpn --config ${ + config.sops.secrets."bareksa/openvpn".path + }"; }; } diff --git a/home/modules/firefox.nix b/home/modules/firefox.nix index 7d3c511..b7b00e8 100644 --- a/home/modules/firefox.nix +++ b/home/modules/firefox.nix @@ -1,4 +1,9 @@ -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: let cfg = config.profile.firefox; in @@ -30,7 +35,7 @@ in id = 0; name = "Tigor"; isDefault = true; - extensions = with pkgs.nur.repos.rycee.firefox-addons; [ + extensions = with pkgs.nur.repos.rycee.firefox-addons; [ ublock-origin bitwarden cookie-autodelete diff --git a/home/modules/gnome/default.nix b/home/modules/gnome/default.nix index 1fc2f97..9e82ba1 100644 --- a/home/modules/gnome/default.nix +++ b/home/modules/gnome/default.nix @@ -1,4 +1,9 @@ -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: let cfg = config.profile.gnome; in diff --git a/home/modules/hyprland/alacritty.nix b/home/modules/hyprland/alacritty.nix index 297cc38..10085b7 100644 --- a/home/modules/hyprland/alacritty.nix +++ b/home/modules/hyprland/alacritty.nix @@ -7,9 +7,7 @@ in programs.alacritty = { enable = true; settings = { - import = [ - "${config.home.homeDirectory}/.cache/wallust/alacritty.toml" - ]; + import = [ "${config.home.homeDirectory}/.cache/wallust/alacritty.toml" ]; live_config_reload = true; font = { normal = { diff --git a/home/modules/hyprland/default.nix b/home/modules/hyprland/default.nix index 7de8e95..6259eba 100644 --- a/home/modules/hyprland/default.nix +++ b/home/modules/hyprland/default.nix @@ -1,4 +1,9 @@ -{ pkgs, lib, config, ... }: +{ + pkgs, + lib, + config, + ... +}: let cfg = config.profile.hyprland; in diff --git a/home/modules/hyprland/dunst.nix b/home/modules/hyprland/dunst.nix index dbc593e..65ab056 100644 --- a/home/modules/hyprland/dunst.nix +++ b/home/modules/hyprland/dunst.nix @@ -1,4 +1,9 @@ -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: let cfg = config.profile.hyprland; inherit (lib) mkIf; diff --git a/home/modules/hyprland/gnome-keyring.nix b/home/modules/hyprland/gnome-keyring.nix index 821f18f..1b3838e 100644 --- a/home/modules/hyprland/gnome-keyring.nix +++ b/home/modules/hyprland/gnome-keyring.nix @@ -1,4 +1,9 @@ -{ lib, pkgs, config, ... }: +{ + lib, + pkgs, + config, + ... +}: let cfg = config.profile.hyprland; inherit (lib) mkIf; @@ -7,21 +12,19 @@ let in { config = mkIf cfg.enable { - home.packages = with pkgs; [ - gnome.gnome-keyring - ]; + home.packages = with pkgs; [ gnome.gnome-keyring ]; sops.secrets.${secretKey} = { }; wayland.windowManager.hyprland.settings.exec-once = let - scriptFile = getExe (pkgs.writeShellScriptBin "gnome-keyring.sh" /*sh*/ '' - cat "${config.sops.secrets.${secretKey}.path}" | gnome-keyring-daemon --unlock - gnome-keyring-daemon --start --components=pkcs11,secrets,ssh - ''); + scriptFile = getExe ( + pkgs.writeShellScriptBin "gnome-keyring.sh" # sh + '' + cat "${config.sops.secrets.${secretKey}.path}" | gnome-keyring-daemon --unlock + gnome-keyring-daemon --start --components=pkcs11,secrets,ssh + '' + ); in - [ - ''${scriptFile}'' - ]; + [ ''${scriptFile}'' ]; }; } - diff --git a/home/modules/hyprland/hypridle.nix b/home/modules/hyprland/hypridle.nix index 5c7635a..5569a17 100644 --- a/home/modules/hyprland/hypridle.nix +++ b/home/modules/hyprland/hypridle.nix @@ -1,4 +1,9 @@ -{ lib, config, unstable, ... }: +{ + lib, + config, + unstable, + ... +}: let cfg = config.profile.hyprland; in diff --git a/home/modules/hyprland/hyprland.nix b/home/modules/hyprland/hyprland.nix index 05c6e04..a273cc5 100644 --- a/home/modules/hyprland/hyprland.nix +++ b/home/modules/hyprland/hyprland.nix @@ -1,4 +1,9 @@ -{ lib, pkgs, config, ... }: +{ + lib, + pkgs, + config, + ... +}: let cfg = config.profile.hyprland; in @@ -14,12 +19,8 @@ in enable = true; systemd.variables = [ "all" ]; settings = { - env = [ - "DBUS_SESSION_BUS_ADDRESS,unix:path=/run/user/${toString config.profile.user.uid}/bus" - ]; - exec-once = lib.mkOrder 5 [ - ''${pkgs.dbus}/bin/dbus-update-activation-environment --all'' - ]; + env = [ "DBUS_SESSION_BUS_ADDRESS,unix:path=/run/user/${toString config.profile.user.uid}/bus" ]; + exec-once = lib.mkOrder 5 [ ''${pkgs.dbus}/bin/dbus-update-activation-environment --all'' ]; # window decors general = { gaps_in = 10; @@ -197,14 +198,15 @@ in ''stayfocused,class:^(lazygit)$'' ]; }; - extraConfig = /*hyprlang*/ '' - exec-once=foot --server + extraConfig = # hyprlang + '' + exec-once=foot --server - exec-once=nm-applet - exec-once=pasystray + exec-once=nm-applet + exec-once=pasystray - source=${config.home.homeDirectory}/.cache/wallust/hyprland.conf - ''; + source=${config.home.homeDirectory}/.cache/wallust/hyprland.conf + ''; }; }; } diff --git a/home/modules/hyprland/hyprlock.nix b/home/modules/hyprland/hyprlock.nix index fb5c5d0..9c5c3e8 100644 --- a/home/modules/hyprland/hyprlock.nix +++ b/home/modules/hyprland/hyprlock.nix @@ -1,4 +1,9 @@ -{ lib, pkgs, config, ... }: +{ + lib, + pkgs, + config, + ... +}: let cfg = config.profile.hyprland; in diff --git a/home/modules/hyprland/hyprpaper.nix b/home/modules/hyprland/hyprpaper.nix index 9a86d14..6ca08ef 100644 --- a/home/modules/hyprland/hyprpaper.nix +++ b/home/modules/hyprland/hyprpaper.nix @@ -1,18 +1,21 @@ -{ lib, unstable, config, ... }: +{ + lib, + unstable, + config, + ... +}: let cfg = config.profile.hyprland; in { config = lib.mkIf cfg.enable { - home.packages = [ - unstable.hyprpaper - ]; + home.packages = [ unstable.hyprpaper ]; home.file.".config/hypr/hyprpaper.conf".text = let recent_wallpaper = "${config.home.homeDirectory}/.cache/wallpaper/current"; in - /*hyprlang*/ + # hyprlang '' preload = ${recent_wallpaper} wallpaper = ,${recent_wallpaper} diff --git a/home/modules/hyprland/hyprshot.nix b/home/modules/hyprland/hyprshot.nix index 93a7b26..ee8f02a 100644 --- a/home/modules/hyprland/hyprshot.nix +++ b/home/modules/hyprland/hyprshot.nix @@ -1,4 +1,9 @@ -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: let cfg = config.profile.hyprland; saveDir = "${config.home.homeDirectory}/Pictures/screenshots"; @@ -10,10 +15,12 @@ in satty ]; - home.activation.sattyDirCreate = lib.hm.dag.entryAfter [ "writeBoundary" ] /*sh*/ '' - mkdir -p "${saveDir}" - chown ${config.home.username} "${saveDir}" - ''; + home.activation.sattyDirCreate = + lib.hm.dag.entryAfter [ "writeBoundary" ] # sh + '' + mkdir -p "${saveDir}" + chown ${config.home.username} "${saveDir}" + ''; wayland.windowManager.hyprland.settings.bind = let diff --git a/home/modules/hyprland/ntfy-sh.nix b/home/modules/hyprland/ntfy-sh.nix index 73f3fdf..18c0d87 100644 --- a/home/modules/hyprland/ntfy-sh.nix +++ b/home/modules/hyprland/ntfy-sh.nix @@ -1,4 +1,9 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: let hyprland = config.profile.hyprland; cfg = config.profile.services.ntfy-sh.client; @@ -6,9 +11,7 @@ let in { config = mkIf (hyprland.enable && cfg.enable) { - home.packages = with pkgs; [ - ntfy-sh - ]; + home.packages = with pkgs; [ ntfy-sh ]; # wayland.windowManager.hyprland.settings.exec-once = [ # "ntfy subscribe --config /etc/ntfy/client.yml --from-config" diff --git a/home/modules/hyprland/pyprland.nix b/home/modules/hyprland/pyprland.nix index 6dfb5d9..d0ac437 100644 --- a/home/modules/hyprland/pyprland.nix +++ b/home/modules/hyprland/pyprland.nix @@ -1,22 +1,30 @@ -{ lib, pkgs, unstable, config, ... }: +{ + lib, + pkgs, + unstable, + config, + ... +}: let cfg = config.profile.hyprland; inherit (lib.meta) getExe; wallpaperDir = "${config.home.homeDirectory}/.cache/wallpaper"; - draw-wallpaper = pkgs.writeShellScriptBin "draw-wallpaper.sh" /*sh*/ '' - image_file=$1 - target="${wallpaperDir}/current" - blur_target="${wallpaperDir}/blurred.png" - square_target="${wallpaperDir}/square.png" + draw-wallpaper = + pkgs.writeShellScriptBin "draw-wallpaper.sh" # sh + '' + image_file=$1 + target="${wallpaperDir}/current" + blur_target="${wallpaperDir}/blurred.png" + square_target="${wallpaperDir}/square.png" - mkdir -p "${wallpaperDir}" - echo "$image_file" > "${wallpaperDir}/origin.txt" - cp "$image_file" "$target" - swww img "$target" - ${unstable.wallust}/bin/wallust run "$target" - ${pkgs.graphicsmagick}/bin/gm convert -resize 75% -blur 50x30 "$target" "$blur_target" - ${pkgs.imagemagick}/bin/magick "$target" -resize 25% -gravity Center -extent 1:1 "$square_target" - ''; + mkdir -p "${wallpaperDir}" + echo "$image_file" > "${wallpaperDir}/origin.txt" + cp "$image_file" "$target" + swww img "$target" + ${unstable.wallust}/bin/wallust run "$target" + ${pkgs.graphicsmagick}/bin/gm convert -resize 75% -blur 50x30 "$target" "$blur_target" + ${pkgs.imagemagick}/bin/magick "$target" -resize 25% -gravity Center -extent 1:1 "$square_target" + ''; in { config = lib.mkIf cfg.enable { @@ -29,9 +37,7 @@ in tomlFormat = pkgs.formats.toml { }; in tomlFormat.generate "pyprland.toml" { - pyprland.plugins = [ - "wallpapers" - ]; + pyprland.plugins = [ "wallpapers" ]; wallpapers = { path = cfg.pyprland.wallpaper-dirs; unique = false; @@ -45,9 +51,7 @@ in "swww-daemon" "sleep 0.2 && swww img ${config.home.homeDirectory}/.cache/wallpaper/current" ]; - bind = [ - "$mod, W, exec, pypr wall next" - ]; + bind = [ "$mod, W, exec, pypr wall next" ]; }; }; } diff --git a/home/modules/hyprland/rofi.nix b/home/modules/hyprland/rofi.nix index 4e7b6e0..947cd3c 100644 --- a/home/modules/hyprland/rofi.nix +++ b/home/modules/hyprland/rofi.nix @@ -1,39 +1,46 @@ -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: let cfg = config.profile.hyprland; inherit (lib.meta) getExe; - selectWindowScript = pkgs.writeShellScriptBin ''select-window.sh'' /*sh*/ '' - state="$(hyprctl -j clients)" - active_window="$(hyprctl -j activewindow)" + selectWindowScript = + pkgs.writeShellScriptBin ''select-window.sh'' # sh + '' + state="$(hyprctl -j clients)" + active_window="$(hyprctl -j activewindow)" - current_addr="$(echo "$active_window" | gojq -r '.address')" + current_addr="$(echo "$active_window" | gojq -r '.address')" - window="$(echo "$state" | - gojq -r '.[] | select(.monitor != -1 ) | "\(.address) \(.workspace.name) \(.title)"' | - grep -v "scratch_term" | - sed "s|$current_addr|focused ->|" | - sort -r | - rofi -dmenu -i -matching fuzzy)" + window="$(echo "$state" | + gojq -r '.[] | select(.monitor != -1 ) | "\(.address) \(.workspace.name) \(.title)"' | + grep -v "scratch_term" | + sed "s|$current_addr|focused ->|" | + sort -r | + rofi -dmenu -i -matching fuzzy)" - addr="$(echo "$window" | awk '{print $1}')" - ws="$(echo "$window" | awk '{print $2}')" + addr="$(echo "$window" | awk '{print $1}')" + ws="$(echo "$window" | awk '{print $2}')" - if [[ "$addr" =~ focused* ]]; then - echo 'already focused, exiting' - exit 0 - fi - - fullscreen_on_same_ws="$(echo "$state" | gojq -r ".[] | select(.fullscreen == true) | select(.workspace.name == \"$ws\") | .address")" - - if [[ "$window" != "" ]]; then - if [[ "$fullscreen_on_same_ws" == "" ]]; then - hyprctl dispatch focuswindow address:''${addr} - else - notify-send 'Complex switch' "$window" - hyprctl --batch "dispatch focuswindow address:''${fullscreen_on_same_ws}; dispatch fullscreen 1;" + if [[ "$addr" =~ focused* ]]; then + echo 'already focused, exiting' + exit 0 fi - fi - ''; + + fullscreen_on_same_ws="$(echo "$state" | gojq -r ".[] | select(.fullscreen == true) | select(.workspace.name == \"$ws\") | .address")" + + if [[ "$window" != "" ]]; then + if [[ "$fullscreen_on_same_ws" == "" ]]; then + hyprctl dispatch focuswindow address:''${addr} + else + notify-send 'Complex switch' "$window" + hyprctl --batch "dispatch focuswindow address:''${fullscreen_on_same_ws}; dispatch fullscreen 1;" + fi + fi + ''; in { config = lib.mkIf cfg.enable { diff --git a/home/modules/hyprland/swappy.nix b/home/modules/hyprland/swappy.nix index 00f9cf4..e1075d4 100644 --- a/home/modules/hyprland/swappy.nix +++ b/home/modules/hyprland/swappy.nix @@ -1,4 +1,9 @@ -{ lib, pkgs, config, ... }: +{ + lib, + pkgs, + config, + ... +}: let cfg = config.profile.hyprland; in diff --git a/home/modules/hyprland/swaync.nix b/home/modules/hyprland/swaync.nix index 6abd638..de36d7a 100644 --- a/home/modules/hyprland/swaync.nix +++ b/home/modules/hyprland/swaync.nix @@ -1,4 +1,9 @@ -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: let cfg = config.profile.hyprland; in @@ -36,18 +41,18 @@ in }; Service = let - reloadScript = pkgs.writeShellScriptBin "swaync-reload.sh" /*sh*/ '' - ${pkgs.swaynotificationcenter}/bin/swaync-client --reload-config - ${pkgs.swaynotificationcenter}/bin/swaync-client --reload-css - ''; + reloadScript = + pkgs.writeShellScriptBin "swaync-reload.sh" # sh + '' + ${pkgs.swaynotificationcenter}/bin/swaync-client --reload-config + ${pkgs.swaynotificationcenter}/bin/swaync-client --reload-css + ''; in { ExecReload = "${lib.meta.getExe reloadScript}"; }; }; - home.packages = with pkgs; [ - libnotify - ]; + home.packages = with pkgs; [ libnotify ]; }; } diff --git a/home/modules/hyprland/swayosd.nix b/home/modules/hyprland/swayosd.nix index 1a8f8c6..9e40eb4 100644 --- a/home/modules/hyprland/swayosd.nix +++ b/home/modules/hyprland/swayosd.nix @@ -1,4 +1,9 @@ -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: let cfg = config.profile.hyprland; in @@ -8,9 +13,7 @@ in # enable = true; # display = config.profile.hyprland.swayosd.display; # }; - home.packages = with pkgs; [ - swayosd - ]; + home.packages = with pkgs; [ swayosd ]; wayland.windowManager.hyprland.settings = { exec-once = [ diff --git a/home/modules/hyprland/wallust-build.nix b/home/modules/hyprland/wallust-build.nix index 038b618..fd74c18 100644 --- a/home/modules/hyprland/wallust-build.nix +++ b/home/modules/hyprland/wallust-build.nix @@ -1,10 +1,11 @@ -{ lib -, fetchFromGitea -, rustPlatform -, nix-update-script -, imagemagick -, makeWrapper -, pkgs +{ + lib, + fetchFromGitea, + rustPlatform, + nix-update-script, + imagemagick, + makeWrapper, + pkgs, }: rustPlatform.buildRustPackage rec { pname = "wallust"; @@ -20,7 +21,10 @@ rustPlatform.buildRustPackage rec { cargoHash = "sha256-o6VRekazqbKTef6SLjHqs9/z/Q70auvunP+yFDkclpg="; - nativeBuildInputs = [ makeWrapper pkgs.rust-bin.stable."1.79.0".default ]; + nativeBuildInputs = [ + makeWrapper + pkgs.rust-bin.stable."1.79.0".default + ]; postFixup = '' wrapProgram $out/bin/wallust \ @@ -33,7 +37,10 @@ rustPlatform.buildRustPackage rec { description = "A better pywal"; homepage = "https://codeberg.org/explosion-mental/wallust"; license = lib.licenses.mit; - maintainers = with lib.maintainers; [ onemoresuza iynaix ]; + maintainers = with lib.maintainers; [ + onemoresuza + iynaix + ]; downloadPage = "https://codeberg.org/explosion-mental/wallust/releases/tag/${version}"; mainProgram = "wallust"; }; diff --git a/home/modules/hyprland/wallust.nix b/home/modules/hyprland/wallust.nix index 3c6cf80..4161a23 100644 --- a/home/modules/hyprland/wallust.nix +++ b/home/modules/hyprland/wallust.nix @@ -1,4 +1,10 @@ -{ pkgs, unstable, lib, config, ... }: +{ + pkgs, + unstable, + lib, + config, + ... +}: let cfg = config.profile.hyprland; inherit (lib.meta) getExe; @@ -45,83 +51,85 @@ in recursive = true; }; - home.file.".config/wallust/wallust.toml".source = ((pkgs.formats.toml { }).generate "wallust.toml" { - # See https://codeberg.org/explosion-mental/wallust/src/branch/master/wallust.toml - # for more information about the configuration options. + home.file.".config/wallust/wallust.toml".source = ( + (pkgs.formats.toml { }).generate "wallust.toml" { + # See https://codeberg.org/explosion-mental/wallust/src/branch/master/wallust.toml + # for more information about the configuration options. - # How the image is parse, in order to get the colors: - # full - resized - wal - thumb - fastresize - kmeans - backend = wallust.backend; + # How the image is parse, in order to get the colors: + # full - resized - wal - thumb - fastresize - kmeans + backend = wallust.backend; - # What color space to use to produce and select the most prominent colors: - # lab - labmixed - lch - lchmixed - color_space = wallust.colorSpace; - threshold = wallust.threshold; + # What color space to use to produce and select the most prominent colors: + # lab - labmixed - lch - lchmixed + color_space = wallust.colorSpace; + threshold = wallust.threshold; - # Use the most prominent colors in a way that makes sense, a scheme color palette: - # dark - dark16 - darkcomp - darkcomp16 - # light - light16 - lightcomp - lightcomp16 - # harddark - harddark16 - harddarkcomp - harddarkcomp16 - # softdark - softdark16 - softdarkcomp - softdarkcomp16 - # softlight - softlight16 - softlightcomp - softlightcomp16 - palette = wallust.palette; + # Use the most prominent colors in a way that makes sense, a scheme color palette: + # dark - dark16 - darkcomp - darkcomp16 + # light - light16 - lightcomp - lightcomp16 + # harddark - harddark16 - harddarkcomp - harddarkcomp16 + # softdark - softdark16 - softdarkcomp - softdarkcomp16 + # softlight - softlight16 - softlightcomp - softlightcomp16 + palette = wallust.palette; - # Ensures a "readable contrast" (OPTIONAL, disabled by default) - # Should only be enabled when you notice an unreadable contrast frequently happening - # with your images. The reference color for the contrast is the background color. - check_contrast = wallust.checkContrast; + # Ensures a "readable contrast" (OPTIONAL, disabled by default) + # Should only be enabled when you notice an unreadable contrast frequently happening + # with your images. The reference color for the contrast is the background color. + check_contrast = wallust.checkContrast; - # Color saturation, between [1% and 100%] (OPTIONAL, disabled by default) - # usually something higher than 50 increases the saturation and below - # decreases it (on a scheme with strong and vivid colors) - # saturation = 50; + # Color saturation, between [1% and 100%] (OPTIONAL, disabled by default) + # usually something higher than 50 increases the saturation and below + # decreases it (on a scheme with strong and vivid colors) + # saturation = 50; - # Alpha value for templating, by default 100 (no other use whatsoever) - alpha = wallust.alpha; + # Alpha value for templating, by default 100 (no other use whatsoever) + alpha = wallust.alpha; - templates = - # Templates requires certain syntax - # - # See: https://codeberg.org/explosion-mental/wallust/wiki/wallust.1-Man-Page - # Note that the documentation is for 3.x and above. - let - out = config.home.homeDirectory + "/.cache/wallust"; - in - { - waybar = { - template = "waybar.css"; - # target = out + "/waybar.css"; - target = "${config.home.homeDirectory}/.config/waybar/style.css"; + templates = + # Templates requires certain syntax + # + # See: https://codeberg.org/explosion-mental/wallust/wiki/wallust.1-Man-Page + # Note that the documentation is for 3.x and above. + let + out = config.home.homeDirectory + "/.cache/wallust"; + in + { + waybar = { + template = "waybar.css"; + # target = out + "/waybar.css"; + target = "${config.home.homeDirectory}/.config/waybar/style.css"; + }; + wlogout = { + template = "wlogout.css"; + target = out + "/wlogout.css"; + }; + hyprland = { + template = "hyprland.conf"; + target = out + "/hyprland.conf"; + }; + kitty = { + template = "kitty.conf"; + target = "${config.home.homeDirectory}/.config/kitty/kitty.d/99-colors.conf"; + }; + base16-nvim = { + template = "base16-nvim.lua"; + target = out + "/base16-nvim.lua"; + }; + rofi = { + template = "rofi.rasi"; + target = out + "/rofi.rasi"; + }; + alacritty = { + template = "alacritty.toml"; + target = out + "/alacritty.toml"; + }; + foot = { + template = "foot.ini"; + target = "${config.home.homeDirectory}/.config/foot/colors.ini"; + }; }; - wlogout = { - template = "wlogout.css"; - target = out + "/wlogout.css"; - }; - hyprland = { - template = "hyprland.conf"; - target = out + "/hyprland.conf"; - }; - kitty = { - template = "kitty.conf"; - target = "${config.home.homeDirectory}/.config/kitty/kitty.d/99-colors.conf"; - }; - base16-nvim = { - template = "base16-nvim.lua"; - target = out + "/base16-nvim.lua"; - }; - rofi = { - template = "rofi.rasi"; - target = out + "/rofi.rasi"; - }; - alacritty = { - template = "alacritty.toml"; - target = out + "/alacritty.toml"; - }; - foot = { - template = "foot.ini"; - target = "${config.home.homeDirectory}/.config/foot/colors.ini"; - }; - }; - }); + } + ); }; } diff --git a/home/modules/hyprland/waybar.nix b/home/modules/hyprland/waybar.nix index 4e3f854..c44a5b7 100644 --- a/home/modules/hyprland/waybar.nix +++ b/home/modules/hyprland/waybar.nix @@ -1,4 +1,10 @@ -{ lib, config, unstable, pkgs, ... }: +{ + lib, + config, + unstable, + pkgs, + ... +}: let cfg = config.profile.hyprland; modules = (pkgs.formats.json { }).generate "modules.json" { @@ -16,7 +22,11 @@ let phone = " "; portable = " "; car = " "; - default = [ " " " " " " ]; + default = [ + " " + " " + " " + ]; }; on-click = "pavucontrol"; }; @@ -37,7 +47,13 @@ let format-charging = " {capacity}%"; format-plugged = " {capacity}%"; format-alt = "{icon} {time}"; - format-icons = [ " " " " " " " " " " ]; + format-icons = [ + " " + " " + " " + " " + " " + ]; }; network = { format = "{ifname}"; @@ -58,7 +74,6 @@ let tooltip = false; }; - "hyprland/workspaces" = { on-click = "activate"; active-only = false; @@ -164,12 +179,8 @@ in margin-right = 0; spacing = 0; reload_style_on_change = true; - include = [ - modules - ]; - modules-left = [ - "hyprland/window" - ]; + include = [ modules ]; + modules-left = [ "hyprland/window" ]; modules-center = [ "hyprland/workspaces" "custom/notification" @@ -193,5 +204,3 @@ in }; }; } - - diff --git a/home/modules/obs.nix b/home/modules/obs.nix index 2c2b5d6..3ce14ce 100644 --- a/home/modules/obs.nix +++ b/home/modules/obs.nix @@ -1,4 +1,9 @@ -{ lib, config, pkgs, ... }: +{ + lib, + config, + pkgs, + ... +}: let cfg = config.profile.obs; in diff --git a/home/programs/bitwarden.nix b/home/programs/bitwarden.nix index fafbc3d..609f5f2 100644 --- a/home/programs/bitwarden.nix +++ b/home/programs/bitwarden.nix @@ -1,14 +1,15 @@ -{ pkgs, config, lib, ... }: +{ + pkgs, + config, + lib, + ... +}: let cfg = config.profile.bitwarden; in { config = lib.mkIf cfg.enable { - home.packages = with pkgs; [ - bitwarden - ]; - - + home.packages = with pkgs; [ bitwarden ]; home.file = { ".config/autostart/bitwarden.desktop" = lib.mkIf cfg.autostart { diff --git a/home/programs/bruno.nix b/home/programs/bruno.nix index 5100925..44a574c 100644 --- a/home/programs/bruno.nix +++ b/home/programs/bruno.nix @@ -1,12 +1,13 @@ -{ pkgs, config, lib, ... }: +{ + pkgs, + config, + lib, + ... +}: let cfg = config.profile.home.programs.bruno; inherit (lib) mkIf; in { - config = mkIf cfg.enable { - home.packages = with pkgs; [ - bruno - ]; - }; + config = mkIf cfg.enable { home.packages = with pkgs; [ bruno ]; }; } diff --git a/home/programs/dbeaver.nix b/home/programs/dbeaver.nix index 52961ae..cf15667 100644 --- a/home/programs/dbeaver.nix +++ b/home/programs/dbeaver.nix @@ -1,9 +1,12 @@ -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: let cfg = config.profile.dbeaver; in { - config = lib.mkIf cfg.enable { - home.packages = [ pkgs.dbeaver-bin ]; - }; + config = lib.mkIf cfg.enable { home.packages = [ pkgs.dbeaver-bin ]; }; } diff --git a/home/programs/discord.nix b/home/programs/discord.nix index e9b2719..3b184e0 100644 --- a/home/programs/discord.nix +++ b/home/programs/discord.nix @@ -1,34 +1,33 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: let inherit (lib) mkIf; inherit (lib.meta) getExe; cfg = config.profile.discord; - autostartScript = pkgs.writeShellScriptBin "discord.sh" /*sh*/ '' - sleep 10; - until ${pkgs.unixtools.ping}/bin/ping -c 1 discord.com; - do sleep 1; - done; - vesktop - ''; + autostartScript = + pkgs.writeShellScriptBin "discord.sh" # sh + '' + sleep 10; + until ${pkgs.unixtools.ping}/bin/ping -c 1 discord.com; + do sleep 1; + done; + vesktop + ''; autostartScriptFile = getExe autostartScript; in { config = mkIf cfg.enable { - home.packages = with pkgs; [ - vesktop - ]; + home.packages = with pkgs; [ vesktop ]; - home.file.".config/discord/settings.json".text = builtins.toJSON { - SKIP_HOST_UPDATE = true; - }; + home.file.".config/discord/settings.json".text = builtins.toJSON { SKIP_HOST_UPDATE = true; }; - wayland.windowManager.hyprland.settings.exec-once = lib.mkIf cfg.autostart [ - autostartScriptFile - ]; + wayland.windowManager.hyprland.settings.exec-once = lib.mkIf cfg.autostart [ autostartScriptFile ]; - home.file.".config/autostart/discord.sh" = lib.mkIf cfg.autostart { - source = autostartScriptFile; - }; + home.file.".config/autostart/discord.sh" = lib.mkIf cfg.autostart { source = autostartScriptFile; }; services.swaync.settings.scripts._10-discord = let diff --git a/home/programs/easyeffects.nix b/home/programs/easyeffects.nix index 9ef7efb..4a6da0a 100644 --- a/home/programs/easyeffects.nix +++ b/home/programs/easyeffects.nix @@ -1,9 +1,12 @@ -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: let cfg = config.profile.programs.easyeffects; in { - config = lib.mkIf cfg.enable { - home.packages = with pkgs; [ easyeffects ]; - }; + config = lib.mkIf cfg.enable { home.packages = with pkgs; [ easyeffects ]; }; } diff --git a/home/programs/elisa.nix b/home/programs/elisa.nix index 561ee9b..798ecfa 100644 --- a/home/programs/elisa.nix +++ b/home/programs/elisa.nix @@ -1,12 +1,13 @@ -{ pkgs, config, lib, ... }: +{ + pkgs, + config, + lib, + ... +}: let cfg = config.profile.home.programs.elisa; inherit (lib) mkIf; in { - config = mkIf cfg.enable { - home.packages = with pkgs; [ - kdePackages.elisa - ]; - }; + config = mkIf cfg.enable { home.packages = with pkgs; [ kdePackages.elisa ]; }; } diff --git a/home/programs/foot.nix b/home/programs/foot.nix index 0f45d4d..991e19a 100644 --- a/home/programs/foot.nix +++ b/home/programs/foot.nix @@ -21,18 +21,19 @@ in }; }; - programs.zsh.initExtra = /*bash*/ '' - function osc7-pwd() { - emulate -L zsh # also sets localoptions for us - setopt extendedglob - local LC_ALL=C - printf '\e]7;file://%s%s\e\' $HOST ''${PWD//(#m)([^@-Za-z&-;_~])/%''${(l:2::0:)$(([##16]#MATCH))}} - } + programs.zsh.initExtra = # bash + '' + function osc7-pwd() { + emulate -L zsh # also sets localoptions for us + setopt extendedglob + local LC_ALL=C + printf '\e]7;file://%s%s\e\' $HOST ''${PWD//(#m)([^@-Za-z&-;_~])/%''${(l:2::0:)$(([##16]#MATCH))}} + } - function chpwd-osc7-pwd() { - (( ZSH_SUBSHELL )) || osc7-pwd - } - add-zsh-hook -Uz chpwd chpwd-osc7-pwd - ''; + function chpwd-osc7-pwd() { + (( ZSH_SUBSHELL )) || osc7-pwd + } + add-zsh-hook -Uz chpwd chpwd-osc7-pwd + ''; }; } diff --git a/home/programs/git.nix b/home/programs/git.nix index 296856c..4ec9700 100644 --- a/home/programs/git.nix +++ b/home/programs/git.nix @@ -85,30 +85,14 @@ "#f4dbd6" "bold" ]; - inactiveBorderColor = [ - "#a5adcb" - ]; - optionsTextColor = [ - "#8aadf4" - ]; - selectedLineBgColor = [ - "#363a4f" - ]; - cherryPickedCommitBgColor = [ - "#494d64" - ]; - cherryPickedCommitFgColor = [ - "#f4dbd6" - ]; - unstagedChangesColor = [ - "#ed8796" - ]; - defaultFgColor = [ - "#cad3f5" - ]; - searchingActiveBorderColor = [ - "#eed49f" - ]; + inactiveBorderColor = [ "#a5adcb" ]; + optionsTextColor = [ "#8aadf4" ]; + selectedLineBgColor = [ "#363a4f" ]; + cherryPickedCommitBgColor = [ "#494d64" ]; + cherryPickedCommitFgColor = [ "#f4dbd6" ]; + unstagedChangesColor = [ "#ed8796" ]; + defaultFgColor = [ "#cad3f5" ]; + searchingActiveBorderColor = [ "#eed49f" ]; }; }; }; diff --git a/home/programs/github.nix b/home/programs/github.nix index abf9abb..9e06bb1 100644 --- a/home/programs/github.nix +++ b/home/programs/github.nix @@ -1,9 +1,12 @@ -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: let cfg = config.profile.gh; in { - config = lib.mkIf cfg.enable { - home.packages = [ pkgs.gh ]; - }; + config = lib.mkIf cfg.enable { home.packages = [ pkgs.gh ]; }; } diff --git a/home/programs/go.nix b/home/programs/go.nix index 12b7607..467ab1f 100644 --- a/home/programs/go.nix +++ b/home/programs/go.nix @@ -1,4 +1,10 @@ -{ config, lib, pkgs, unstable, ... }: +{ + config, + lib, + pkgs, + unstable, + ... +}: let cfg = config.profile.go; impl = pkgs.buildGoModule rec { @@ -17,9 +23,7 @@ in config = lib.mkIf cfg.enable { programs.go = { enable = true; - goPrivate = [ - "gitlab.bareksa.com" - ]; + goPrivate = [ "gitlab.bareksa.com" ]; package = unstable.go_1_23; }; home.packages = with pkgs; [ diff --git a/home/programs/jellyfin.nix b/home/programs/jellyfin.nix index e07a701..6f58612 100644 --- a/home/programs/jellyfin.nix +++ b/home/programs/jellyfin.nix @@ -1,11 +1,12 @@ -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: let cfg = config.profile.jellyfin; in { - config = lib.mkIf cfg.enable { - home.packages = [ - pkgs.jellyfin-media-player - ]; - }; + config = lib.mkIf cfg.enable { home.packages = [ pkgs.jellyfin-media-player ]; }; } diff --git a/home/programs/kitty.nix b/home/programs/kitty.nix index 40a3892..716b79e 100644 --- a/home/programs/kitty.nix +++ b/home/programs/kitty.nix @@ -4,11 +4,12 @@ let in { config = lib.mkIf cfg.enable { - programs.zsh.initExtra = /*bash*/ '' - if [[ "$TERM" == "xterm-kitty" ]]; then - alias ssh="kitty +kitten ssh" - fi - ''; + programs.zsh.initExtra = # bash + '' + if [[ "$TERM" == "xterm-kitty" ]]; then + alias ssh="kitty +kitten ssh" + fi + ''; programs.kitty = { enable = true; settings = { @@ -24,7 +25,7 @@ in tab_bar_margin_width = toString 0.2; tab_bar_style = "slant"; background_blur = 40; - background_opacity = toString 0.90; + background_opacity = toString 0.9; cursor_blink_interval = toString 0.5; }; keybindings = { diff --git a/home/programs/microsoft-edge.nix b/home/programs/microsoft-edge.nix index fe5d2d8..10dfef9 100644 --- a/home/programs/microsoft-edge.nix +++ b/home/programs/microsoft-edge.nix @@ -1,9 +1,12 @@ -{ config, lib, unstable, ... }: +{ + config, + lib, + unstable, + ... +}: let cfg = config.profile.microsoft-edge; in { - config = lib.mkIf cfg.enable { - home.packages = [ unstable.microsoft-edge ]; - }; + config = lib.mkIf cfg.enable { home.packages = [ unstable.microsoft-edge ]; }; } diff --git a/home/programs/mongodb-compass.nix b/home/programs/mongodb-compass.nix index 7d04f8e..cb437e6 100644 --- a/home/programs/mongodb-compass.nix +++ b/home/programs/mongodb-compass.nix @@ -1,11 +1,18 @@ -{ config, lib, unstable, ... }: +{ + config, + lib, + unstable, + ... +}: let cfg = config.profile.programs.mongodb-compass; sopsFile = ../../secrets/bareksa.yaml; in { config = lib.mkIf cfg.enable { - sops.secrets."bareksa/mongodb-compass" = { inherit sopsFile; }; + sops.secrets."bareksa/mongodb-compass" = { + inherit sopsFile; + }; home.packages = [ unstable.mongodb-compass ]; }; } diff --git a/home/programs/mpv.nix b/home/programs/mpv.nix index a10415a..40f7ce6 100644 --- a/home/programs/mpv.nix +++ b/home/programs/mpv.nix @@ -1,4 +1,9 @@ -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: let cfg = config.profile.mpv; in diff --git a/home/programs/neovide.nix b/home/programs/neovide.nix index 1050b2d..02f42ec 100644 --- a/home/programs/neovide.nix +++ b/home/programs/neovide.nix @@ -1,12 +1,16 @@ -{ config, unstable, pkgs, lib, ... }: +{ + config, + unstable, + pkgs, + lib, + ... +}: let cfg = config.profile.neovide; in { config = lib.mkIf cfg.enable { - home.packages = [ - unstable.neovide - ]; + home.packages = [ unstable.neovide ]; home.file.".config/neovide/config.toml".source = let diff --git a/home/programs/neovim.nix b/home/programs/neovim.nix index ec5992a..88af296 100644 --- a/home/programs/neovim.nix +++ b/home/programs/neovim.nix @@ -1,4 +1,10 @@ -{ config, pkgs, lib, unstable, ... }: +{ + config, + pkgs, + lib, + unstable, + ... +}: let cfg = config.profile.neovim; inherit (lib) mkIf; @@ -22,21 +28,23 @@ in ping = "${pkgs.unixtools.ping}/bin/ping"; host = "github.com"; sleep = "${pkgs.coreutils}/bin/sleep"; - script = pkgs.writeScriptBin "clone-nvim.sh" /*bash*/ '' - #!${bash} + script = + pkgs.writeScriptBin "clone-nvim.sh" # bash + '' + #!${bash} - if [ -d "${nvimCloneDir}" ]; then - exit 0; - fi + if [ -d "${nvimCloneDir}" ]; then + exit 0; + fi - until ${ping} -c 1 ${host}; do - ${sleep} 1; - done + until ${ping} -c 1 ${host}; do + ${sleep} 1; + done - mkdir -p ${nvimCloneDir} + mkdir -p ${nvimCloneDir} - ${git} clone ${repository} ${nvimCloneDir} - ''; + ${git} clone ${repository} ${nvimCloneDir} + ''; path = "${script}/bin/clone-nvim.sh"; in { diff --git a/home/programs/nextcloud.nix b/home/programs/nextcloud.nix index 585ef6f..c24ac04 100644 --- a/home/programs/nextcloud.nix +++ b/home/programs/nextcloud.nix @@ -1,9 +1,12 @@ -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: let cfg = config.profile.nextcloud; in { - config = lib.mkIf cfg.enable { - home.packages = [ pkgs.nextcloud-client ]; - }; + config = lib.mkIf cfg.enable { home.packages = [ pkgs.nextcloud-client ]; }; } diff --git a/home/programs/nnn.nix b/home/programs/nnn.nix index 194fd95..b9d14c4 100644 --- a/home/programs/nnn.nix +++ b/home/programs/nnn.nix @@ -3,7 +3,5 @@ let cfg = config.profile.nnn; in { - config = lib.mkIf cfg.enable { - programs.nnn.enable = true; - }; + config = lib.mkIf cfg.enable { programs.nnn.enable = true; }; } diff --git a/home/programs/obsidian.nix b/home/programs/obsidian.nix index 76799a5..5f818ba 100644 --- a/home/programs/obsidian.nix +++ b/home/programs/obsidian.nix @@ -1,12 +1,13 @@ -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: let cfg = config.profile.home.programs.obsidian; inherit (lib) mkIf; in { - config = mkIf cfg.enable { - home.packages = with pkgs; [ - obsidian - ]; - }; + config = mkIf cfg.enable { home.packages = with pkgs; [ obsidian ]; }; } diff --git a/home/programs/redis.nix b/home/programs/redis.nix index 303b409..2e1064d 100644 --- a/home/programs/redis.nix +++ b/home/programs/redis.nix @@ -1,12 +1,11 @@ -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: let cfg = config.profile.services.redis; inherit (lib) mkIf; in -lib.mkMerge [ - (mkIf cfg.client.cli.enable { - home.packages = [ - pkgs.redis - ]; - }) -] +lib.mkMerge [ (mkIf cfg.client.cli.enable { home.packages = [ pkgs.redis ]; }) ] diff --git a/home/programs/slack.nix b/home/programs/slack.nix index 604e2fa..efd5838 100644 --- a/home/programs/slack.nix +++ b/home/programs/slack.nix @@ -1,4 +1,9 @@ -{ pkgs, lib, config, ... }: +{ + pkgs, + lib, + config, + ... +}: let cfg = config.profile.slack; autostartScript = pkgs.writeShellScriptBin "slack.sh" '' @@ -11,13 +16,9 @@ in config = lib.mkIf cfg.enable { home.packages = with pkgs; [ slack ]; - wayland.windowManager.hyprland.settings.exec-once = lib.mkIf cfg.autostart [ - autostartScriptFile - ]; + wayland.windowManager.hyprland.settings.exec-once = lib.mkIf cfg.autostart [ autostartScriptFile ]; - home.file.".config/autostart/slack.sh" = lib.mkIf cfg.autostart { - source = autostartScriptFile; - }; + home.file.".config/autostart/slack.sh" = lib.mkIf cfg.autostart { source = autostartScriptFile; }; services.swaync.settings.scripts._10-slack = let diff --git a/home/programs/spotify.nix b/home/programs/spotify.nix index f096c82..b1e5c22 100644 --- a/home/programs/spotify.nix +++ b/home/programs/spotify.nix @@ -1,11 +1,12 @@ -{ pkgs, config, lib, ... }: +{ + pkgs, + config, + lib, + ... +}: let cfg = config.profile.spotify; in { - config = lib.mkIf cfg.enable { - home.packages = with pkgs; [ - spotify - ]; - }; + config = lib.mkIf cfg.enable { home.packages = with pkgs; [ spotify ]; }; } diff --git a/home/programs/starship.nix b/home/programs/starship.nix index 3270796..d9cfe26 100644 --- a/home/programs/starship.nix +++ b/home/programs/starship.nix @@ -35,7 +35,6 @@ format = "[$ssh_symbol$hostname]($style)\\] "; }; palette = "catppuccin_${flavour}"; - } // builtins.fromTOML (builtins.readFile - (catppuccin-starship-repo + /palettes/${flavour}.toml)); + } // builtins.fromTOML (builtins.readFile (catppuccin-starship-repo + /palettes/${flavour}.toml)); }; } diff --git a/home/programs/tofi.nix b/home/programs/tofi.nix index ce17f71..62ec0de 100644 --- a/home/programs/tofi.nix +++ b/home/programs/tofi.nix @@ -1,4 +1,9 @@ -{ pkgs, config, lib, ... }: +{ + pkgs, + config, + lib, + ... +}: let cfg = config.profile.tofi; in diff --git a/home/programs/variety.nix b/home/programs/variety.nix index ad50ddd..e104e58 100644 --- a/home/programs/variety.nix +++ b/home/programs/variety.nix @@ -1,4 +1,9 @@ -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: let cfg = config.profile.variety; in diff --git a/home/programs/vscode.nix b/home/programs/vscode.nix index 5827620..8e6d8ab 100644 --- a/home/programs/vscode.nix +++ b/home/programs/vscode.nix @@ -1,4 +1,9 @@ -{ config, lib, unstable, ... }: +{ + config, + lib, + unstable, + ... +}: let cfg = config.profile.vscode; in diff --git a/home/programs/wezterm/default.nix b/home/programs/wezterm/default.nix index 57b1fde..80583a3 100644 --- a/home/programs/wezterm/default.nix +++ b/home/programs/wezterm/default.nix @@ -9,22 +9,24 @@ in enableZshIntegration = true; enableBashIntegration = true; - extraConfig = /*lua*/ '' - -- take config from ./base_config.lua - local config = require('base_config') + extraConfig = # lua + '' + -- take config from ./base_config.lua + local config = require('base_config') - -- and override settings for nixos specific things here. - config.window_background_opacity = ${toString cfg.config.window_background_opacity}; + -- and override settings for nixos specific things here. + config.window_background_opacity = ${toString cfg.config.window_background_opacity}; - return config - ''; + return config + ''; }; - programs.zsh.initExtra = /*bash*/ '' - if [ -n "$WEZTERM_PANE" ]; then - alias ssh="wezterm ssh" - fi - ''; + programs.zsh.initExtra = # bash + '' + if [ -n "$WEZTERM_PANE" ]; then + alias ssh="wezterm ssh" + fi + ''; home.file.".config/wezterm" = { source = ./.; diff --git a/home/programs/whatsapp.nix b/home/programs/whatsapp.nix index ad92923..57d5822 100644 --- a/home/programs/whatsapp.nix +++ b/home/programs/whatsapp.nix @@ -1,4 +1,9 @@ -{ lib, config, pkgs, ... }: +{ + lib, + config, + pkgs, + ... +}: let cfg = config.profile.whatsapp; in diff --git a/home/programs/yazi.nix b/home/programs/yazi.nix index 6a5d1f2..c3466bd 100644 --- a/home/programs/yazi.nix +++ b/home/programs/yazi.nix @@ -1,4 +1,9 @@ -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: let cfg = config.profile.programs.yazi; inherit (lib) mkIf; @@ -11,7 +16,11 @@ in settings = { manager = { # 1/8 width for parent, 4/8 width for current, 3/8 width for preview - ratio = [ 1 4 3 ]; + ratio = [ + 1 + 4 + 3 + ]; sort_by = "natural"; sort_sensitive = false; sort_dir_first = true; @@ -22,13 +31,24 @@ in }; opener = { edit = [ - { run = ''nvim "$@"''; block = true; desc = "Edit in Neovim"; } + { + run = ''nvim "$@"''; + block = true; + desc = "Edit in Neovim"; + } ]; play = [ - { run = ''mpv "$@"''; orphan = true; desc = "Play in MPV"; } + { + run = ''mpv "$@"''; + orphan = true; + desc = "Play in MPV"; + } ]; open = [ - { run = ''xdg-open "$@"''; desc = "Open"; } + { + run = ''xdg-open "$@"''; + desc = "Open"; + } ]; }; open = { @@ -48,17 +68,29 @@ in # Multiple openers for a single rule { name = "*.html"; - use = [ "open" "edit" ]; + use = [ + "open" + "edit" + ]; } ]; append_rules = [ - { name = "*"; use = "open"; } + { + name = "*"; + use = "open"; + } ]; }; plugin = { prepend_previewers = [ - { mime = "{image,audio,video}/*"; run = "mediainfo"; } - { mime = "application/x-subrip"; run = "mediainfo"; } + { + mime = "{image,audio,video}/*"; + run = "mediainfo"; + } + { + mime = "application/x-subrip"; + run = "mediainfo"; + } ]; }; }; diff --git a/home/programs/zellij/default.nix b/home/programs/zellij/default.nix index 2903df2..b1c0090 100644 --- a/home/programs/zellij/default.nix +++ b/home/programs/zellij/default.nix @@ -1,4 +1,10 @@ -{ config, lib, pkgs, unstable, ... }: +{ + config, + lib, + pkgs, + unstable, + ... +}: let cfg = config.profile.home.programs.zellij; plugins = { @@ -26,7 +32,7 @@ in # autoloaded first after zshenv. programs.zsh.initExtraFirst = lib.mkOrder 50 ( if cfg.autoAttach then - /*bash*/ + # bash '' if [[ ! -z "$SSH_CLIENT" ]]; then if [[ -z "$ZELLIJ" ]]; then @@ -47,21 +53,23 @@ in fi '' else - /*bash*/ '' - if [[ ! -z "$SSH_CLIENT" ]]; then - if [[ -z "$ZELLIJ" ]]; then - zellij attach -c default - exit - fi - fi - '' + # bash + '' + if [[ ! -z "$SSH_CLIENT" ]]; then + if [[ -z "$ZELLIJ" ]]; then + zellij attach -c default + exit + fi + fi + '' ); home.file.".config/zellij/config.kdl".text = let mod = cfg.mod; in - /*kdl*/ '' + # kdl + '' theme "catppuccin-mocha"; plugins { diff --git a/home/programs/zellij/themes/zjstatus/catppuccin-frappe.nix b/home/programs/zellij/themes/zjstatus/catppuccin-frappe.nix index 20903f2..9149a1c 100644 --- a/home/programs/zellij/themes/zjstatus/catppuccin-frappe.nix +++ b/home/programs/zellij/themes/zjstatus/catppuccin-frappe.nix @@ -1,5 +1,6 @@ { plugins, timezone, ... }: -/*kdl*/ '' +# kdl +'' layout { pane split_direction="vertical" { pane diff --git a/home/programs/zellij/themes/zjstatus/catppuccin-latte.nix b/home/programs/zellij/themes/zjstatus/catppuccin-latte.nix index b641edb..76427d3 100644 --- a/home/programs/zellij/themes/zjstatus/catppuccin-latte.nix +++ b/home/programs/zellij/themes/zjstatus/catppuccin-latte.nix @@ -1,5 +1,6 @@ { plugins, timezone, ... }: -/*kdl*/ '' +# kdl +'' layout { pane split_direction="vertical" { pane diff --git a/home/programs/zellij/themes/zjstatus/catppuccin-macchiato.nix b/home/programs/zellij/themes/zjstatus/catppuccin-macchiato.nix index 294d1e8..4c6415d 100644 --- a/home/programs/zellij/themes/zjstatus/catppuccin-macchiato.nix +++ b/home/programs/zellij/themes/zjstatus/catppuccin-macchiato.nix @@ -1,5 +1,6 @@ { plugins, timezone, ... }: -/*kdl*/ '' +# kdl +'' layout { pane split_direction="vertical" { pane diff --git a/home/programs/zellij/themes/zjstatus/catppuccin-mocha.nix b/home/programs/zellij/themes/zjstatus/catppuccin-mocha.nix index 9c0ac14..80f3abf 100644 --- a/home/programs/zellij/themes/zjstatus/catppuccin-mocha.nix +++ b/home/programs/zellij/themes/zjstatus/catppuccin-mocha.nix @@ -1,5 +1,6 @@ { plugins, timezone, ... }: -/*kdl*/ '' +# kdl +'' layout { pane split_direction="vertical" { pane diff --git a/home/programs/zellij/themes/zjstatus/gruvbox-dark.nix b/home/programs/zellij/themes/zjstatus/gruvbox-dark.nix index 471be2a..c80762e 100644 --- a/home/programs/zellij/themes/zjstatus/gruvbox-dark.nix +++ b/home/programs/zellij/themes/zjstatus/gruvbox-dark.nix @@ -1,5 +1,6 @@ { plugins, timezone, ... }: -/*kdl*/ '' +# kdl +'' layout { pane split_direction="vertical" { pane diff --git a/home/programs/zellij/themes/zjstatus/gruvbox-light.nix b/home/programs/zellij/themes/zjstatus/gruvbox-light.nix index 56a487e..c1904af 100644 --- a/home/programs/zellij/themes/zjstatus/gruvbox-light.nix +++ b/home/programs/zellij/themes/zjstatus/gruvbox-light.nix @@ -1,5 +1,6 @@ { plugins, timezone, ... }: -/*kdl*/ '' +# kdl +'' layout { pane split_direction="vertical" { pane diff --git a/home/programs/zoom.nix b/home/programs/zoom.nix index 9a66553..702c22b 100644 --- a/home/programs/zoom.nix +++ b/home/programs/zoom.nix @@ -1,12 +1,13 @@ -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: let cfg = config.profile.home.programs.zoom; inherit (lib) mkIf; in { - config = mkIf cfg.enable { - home.packages = with pkgs; [ - zoom-us - ]; - }; + config = mkIf cfg.enable { home.packages = with pkgs; [ zoom-us ]; }; } diff --git a/home/programs/zsh.nix b/home/programs/zsh.nix index 5c45de2..d6d45c2 100644 --- a/home/programs/zsh.nix +++ b/home/programs/zsh.nix @@ -1,4 +1,9 @@ -{ pkgs, lib, config, ... }: +{ + pkgs, + lib, + config, + ... +}: let inherit (lib.strings) optionalString concatStrings; in @@ -11,13 +16,14 @@ in ]; programs.zsh = { enable = true; - envExtra = /*bash*/ '' - # Disable loading global RC files in /etc/zsh/* - # Mostly because they are unneeded - # and global rc files has to be small for security reasons (no plugins) - # thus making them saver for Root account to load them. - unsetopt GLOBAL_RCS - ''; + envExtra = # bash + '' + # Disable loading global RC files in /etc/zsh/* + # Mostly because they are unneeded + # and global rc files has to be small for security reasons (no plugins) + # thus making them saver for Root account to load them. + unsetopt GLOBAL_RCS + ''; autosuggestion.enable = true; enableCompletion = true; defaultKeymap = "emacs"; @@ -52,38 +58,41 @@ in size = 40000; }; completionInit = lib.mkOrder 9999 (concatStrings [ - /* bash */ + # bash '' mkdir -p $ZSH_CACHE_DIR/completions fpath+=$ZSH_CACHE_DIR/completions fpath+=${pkgs.zsh-completions}/share/zsh/site-functions '' - (optionalString config.profile.podman.enable /*bash*/ '' - if [ ! -f $ZSH_CACHE_DIR/completions/_podman ]; then - podman completion zsh > $ZSH_CACHE_DIR/completions/_podman - fi - '') + (optionalString config.profile.podman.enable # bash + '' + if [ ! -f $ZSH_CACHE_DIR/completions/_podman ]; then + podman completion zsh > $ZSH_CACHE_DIR/completions/_podman + fi + '' + ) # Value below must be always last in the completionInit - /* bash */ + # bash '' autoload -U compinit && compinit '' ]); syntaxHighlighting.enable = true; - initExtraFirst = /*bash*/ '' - export ZSH_CACHE_DIR=$HOME/.cache/zsh + initExtraFirst = # bash + '' + export ZSH_CACHE_DIR=$HOME/.cache/zsh - # if [ -f $HOME/.config/zsh/.p10k.zsh ]; then - # source $HOME/.config/zsh/.p10k.zsh - # fi + # if [ -f $HOME/.config/zsh/.p10k.zsh ]; then + # source $HOME/.config/zsh/.p10k.zsh + # fi - _ZSH_COLOR_SCHEME_FILE=$HOME/.cache/wallust/sequences - if [ -f "$_ZSH_COLOR_SCHEME_FILE" ]; then - (cat "$_ZSH_COLOR_SCHEME_FILE" &) - fi - ''; + _ZSH_COLOR_SCHEME_FILE=$HOME/.cache/wallust/sequences + if [ -f "$_ZSH_COLOR_SCHEME_FILE" ]; then + (cat "$_ZSH_COLOR_SCHEME_FILE" &) + fi + ''; initExtra = concatStrings [ - /*bash*/ + # bash '' packfiles() { find $(NIXPKGS_ALLOW_UNFREE=1 nix build "nixpkgs#$1" --impure --no-link --print-out-paths) diff --git a/options/default.nix b/options/default.nix index b0167fc..75fecf1 100644 --- a/options/default.nix +++ b/options/default.nix @@ -13,9 +13,7 @@ #### Required Options #### - hostname = lib.mkOption { - type = lib.types.str; - }; + hostname = lib.mkOption { type = lib.types.str; }; networking.disableWaitOnline = lib.mkEnableOption "disable waiting for network"; networking.externalInterface = lib.mkOption { type = lib.types.str; @@ -28,12 +26,8 @@ }; user = { - name = lib.mkOption { - type = lib.types.str; - }; - fullName = lib.mkOption { - type = lib.types.str; - }; + name = lib.mkOption { type = lib.types.str; }; + fullName = lib.mkOption { type = lib.types.str; }; uid = lib.mkOption { type = lib.types.int; default = 1000; @@ -46,9 +40,7 @@ getty.autoLogin = lib.mkEnableOption "auto-login to getty"; }; - system.stateVersion = lib.mkOption { - type = lib.types.str; - }; + system.stateVersion = lib.mkOption { type = lib.types.str; }; #### Optionals #### diff --git a/options/hyprland.nix b/options/hyprland.nix index 62a5de2..218bc4a 100644 --- a/options/hyprland.nix +++ b/options/hyprland.nix @@ -21,7 +21,10 @@ in }; displayManager = lib.mkOption { - type = lib.types.enum [ "sddm" "tuigreet" ]; + type = lib.types.enum [ + "sddm" + "tuigreet" + ]; default = "tuigreet"; }; @@ -74,12 +77,24 @@ in wallust = { backend = lib.mkOption { - type = lib.types.enum [ "full" "resized" "wal" "thumb" "fastresize" "kmeans" ]; + type = lib.types.enum [ + "full" + "resized" + "wal" + "thumb" + "fastresize" + "kmeans" + ]; default = "kmeans"; description = "How the image is parse, in order to get the colors"; }; colorSpace = lib.mkOption { - type = lib.types.enum [ "lab" "labmixed" "lch" "lchmixed" ]; + type = lib.types.enum [ + "lab" + "labmixed" + "lch" + "lchmixed" + ]; default = "lch"; description = "What color space to use to produce and select the most prominent colors"; }; diff --git a/options/programs.nix b/options/programs.nix index aa23622..9b64e54 100644 --- a/options/programs.nix +++ b/options/programs.nix @@ -43,7 +43,6 @@ autostart = lib.mkEnableOption "variety autostart"; }; - bitwarden = { enable = lib.mkEnableOption "bitwarden"; autostart = lib.mkEnableOption "bitwarden autostart"; diff --git a/options/services.nix b/options/services.nix index 95c3372..75e5a01 100644 --- a/options/services.nix +++ b/options/services.nix @@ -1,4 +1,9 @@ -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: let inherit (lib) mkEnableOption mkOption types; in diff --git a/profiles/castle.nix b/profiles/castle.nix index 95c3c1a..d1198b8 100644 --- a/profiles/castle.nix +++ b/profiles/castle.nix @@ -4,9 +4,7 @@ let secondaryMonitor = "ViewSonic Corporation VX3276-QHD V9W204243765"; in { - imports = [ - ../options - ]; + imports = [ ../options ]; profile = { hostname = "castle"; @@ -36,8 +34,20 @@ in ]; }; waybar.persistent-workspaces = { - DP-1 = [ 1 2 3 4 5 6 7 ]; - DP-2 = [ 8 9 10 ]; + DP-1 = [ + 1 + 2 + 3 + 4 + 5 + 6 + 7 + ]; + DP-2 = [ + 8 + 9 + 10 + ]; }; pyprland.wallpaper-dirs = [ "/nas/redmage/images/windows" ]; wallust.alpha = 80; diff --git a/profiles/fort.nix b/profiles/fort.nix index 4b48cea..ba09c65 100644 --- a/profiles/fort.nix +++ b/profiles/fort.nix @@ -1,8 +1,6 @@ { ... }: { - imports = [ - ../options - ]; + imports = [ ../options ]; profile = { hostname = "fort"; @@ -15,9 +13,7 @@ hyprland = { enable = true; settings = { - monitors = [ - ",preferred,auto,1" - ]; + monitors = [ ",preferred,auto,1" ]; workspaces = [ "1,default:true" "2" @@ -32,7 +28,18 @@ ]; }; waybar.persistent-workspaces = { - eDP-1 = [ 1 2 3 4 5 6 7 8 9 10 ]; + eDP-1 = [ + 1 + 2 + 3 + 4 + 5 + 6 + 7 + 8 + 9 + 10 + ]; }; pyprland.wallpaper-dirs = [ "/home/tigor/Syncthing/Redmage/Laptop-Kerja" ]; wallust.alpha = 80; diff --git a/profiles/homeserver.nix b/profiles/homeserver.nix index 824f832..8aebc99 100644 --- a/profiles/homeserver.nix +++ b/profiles/homeserver.nix @@ -1,8 +1,6 @@ { ... }: { - imports = [ - ../options - ]; + imports = [ ../options ]; profile = { hostname = "homeserver"; @@ -23,7 +21,10 @@ openssh.enable = true; go.enable = true; networking.firewall.enable = true; - networking.firewall.allowedTCPPorts = [ 80 443 ]; + networking.firewall.allowedTCPPorts = [ + 80 + 443 + ]; podman = { enable = true; pihole.enable = true; diff --git a/scripts/hyprland/focus-window.nix b/scripts/hyprland/focus-window.nix index 2cfb1b5..425c520 100644 --- a/scripts/hyprland/focus-window.nix +++ b/scripts/hyprland/focus-window.nix @@ -3,12 +3,13 @@ let hyprctl = "${pkgs.hyprland}/bin/hyprctl"; gojq = "${pkgs.gojq}/bin/gojq"; in -pkgs.writeShellScriptBin "focus-window.sh" /*sh*/ '' - appname="$SWAYNC_APP_NAME" - state="$(${hyprctl} -j clients)" - window="$(echo "$state" | ${gojq} -r --arg APP "$appname" '.[] | select(.class == $APP) | .address')" +pkgs.writeShellScriptBin "focus-window.sh" # sh + '' + appname="$SWAYNC_APP_NAME" + state="$(${hyprctl} -j clients)" + window="$(echo "$state" | ${gojq} -r --arg APP "$appname" '.[] | select(.class == $APP) | .address')" - if [[ "$window" != "" ]]; then - ${hyprctl} dispatch focuswindow address:"$window" - fi -'' + if [[ "$window" != "" ]]; then + ${hyprctl} dispatch focuswindow address:"$window" + fi + '' diff --git a/system/default.nix b/system/default.nix index c3219e2..5fc4f0a 100644 --- a/system/default.nix +++ b/system/default.nix @@ -1,4 +1,10 @@ -{ hardware-configuration, profile-path, config, pkgs, ... }: +{ + hardware-configuration, + profile-path, + config, + pkgs, + ... +}: { imports = [ profile-path @@ -16,10 +22,12 @@ networking.hostName = config.profile.hostname; systemd.services.NetworkManager-wait-online.enable = !config.profile.networking.disableWaitOnline; - nixpkgs.config.allowUnfree = true; - nix.settings.experimental-features = [ "nix-command" "flakes" ]; + nix.settings.experimental-features = [ + "nix-command" + "flakes" + ]; nix.extraOptions = '' http-connections = 8 connect-timeout = 5 @@ -79,6 +87,7 @@ # Tools for nh nix-output-monitor nvd + nixfmt-rfc-style ]; services.dbus.implementation = "broker"; diff --git a/system/flatpak/default.nix b/system/flatpak/default.nix index 53a6dd4..2cb1203 100644 --- a/system/flatpak/default.nix +++ b/system/flatpak/default.nix @@ -12,7 +12,8 @@ in enable = true; onCalendar = "weekly"; # Default value }; - packages = [ ] + packages = + [ ] ++ optional cfg.zen-browser.enable "io.github.zen_browser.zen" ++ optional cfg.redisinsight.enable "com.redis.RedisInsight"; }; diff --git a/system/keyboard.nix b/system/keyboard.nix index f46b549..f45abfe 100644 --- a/system/keyboard.nix +++ b/system/keyboard.nix @@ -1,4 +1,9 @@ -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: let cfg = config.profile.keyboard; in diff --git a/system/modules/android.nix b/system/modules/android.nix index 7464946..39d54fd 100644 --- a/system/modules/android.nix +++ b/system/modules/android.nix @@ -1,4 +1,9 @@ -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: let cfg = config.profile.android; username = config.profile.user.name; @@ -7,8 +12,6 @@ in config = lib.mkIf cfg.enable { users.users.${username}.extraGroups = [ "adbusers" ]; programs.adb.enable = true; - environment.systemPackages = with pkgs; [ - androidenv.androidPkgs_9_0.platform-tools - ]; + environment.systemPackages = with pkgs; [ androidenv.androidPkgs_9_0.platform-tools ]; }; } diff --git a/system/modules/brightnessctl.nix b/system/modules/brightnessctl.nix index ef84f5d..6e905a6 100644 --- a/system/modules/brightnessctl.nix +++ b/system/modules/brightnessctl.nix @@ -1,9 +1,12 @@ -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: let cfg = config.profile.brightnessctl; in { - config = lib.mkIf cfg.enable { - environment.systemPackages = [ pkgs.brightnessctl ]; - }; + config = lib.mkIf cfg.enable { environment.systemPackages = [ pkgs.brightnessctl ]; }; } diff --git a/system/modules/font.nix b/system/modules/font.nix index ff3122e..d73e847 100644 --- a/system/modules/font.nix +++ b/system/modules/font.nix @@ -1,23 +1,22 @@ { pkgs, ... }: { fonts = { - packages = with pkgs; - [ - # icon fonts - material-design-icons + packages = with pkgs; [ + # icon fonts + material-design-icons - # normal fonts - noto-fonts - noto-fonts-cjk - noto-fonts-emoji - noto-fonts-color-emoji + # normal fonts + noto-fonts + noto-fonts-cjk + noto-fonts-emoji + noto-fonts-color-emoji - nerdfonts + nerdfonts - # (nerdfonts.override { - # fonts = [ "FiraCode" "JetBrainsMono" "Iosevka" ]; - # }) - ]; + # (nerdfonts.override { + # fonts = [ "FiraCode" "JetBrainsMono" "Iosevka" ]; + # }) + ]; # use fonts specified by user rather than default ones enableDefaultPackages = false; @@ -26,9 +25,18 @@ # the reason there's Noto Color Emoji everywhere is to override DejaVu's # B&W emojis that would sometimes show instead of some Color emojis fontconfig.defaultFonts = { - serif = [ "Noto Serif" "Noto Color Emoji" ]; - sansSerif = [ "Noto Sans" "Noto Color Emoji" ]; - monospace = [ "JetBrainsMono Nerd Font" "Noto Color Emoji" ]; + serif = [ + "Noto Serif" + "Noto Color Emoji" + ]; + sansSerif = [ + "Noto Sans" + "Noto Color Emoji" + ]; + monospace = [ + "JetBrainsMono Nerd Font" + "Noto Color Emoji" + ]; emoji = [ "Noto Color Emoji" ]; }; }; diff --git a/system/modules/hyprland.nix b/system/modules/hyprland.nix index 5b40c8c..dd2c38c 100644 --- a/system/modules/hyprland.nix +++ b/system/modules/hyprland.nix @@ -1,4 +1,10 @@ -{ inputs, config, lib, pkgs, ... }: +{ + inputs, + config, + lib, + pkgs, + ... +}: let cfg = config.profile.hyprland; hyprlandPkg = inputs.hyprland.packages."${pkgs.system}".hyprland; @@ -68,9 +74,7 @@ in services.dbus.enable = true; xdg.portal = { enable = true; - extraPortals = with pkgs; [ - xdg-desktop-portal-gtk - ]; + extraPortals = with pkgs; [ xdg-desktop-portal-gtk ]; }; programs.file-roller.enable = true; diff --git a/system/modules/kde.nix b/system/modules/kde.nix index 1682ff8..3ab2b5f 100644 --- a/system/modules/kde.nix +++ b/system/modules/kde.nix @@ -1,4 +1,9 @@ -{ pkgs, config, lib, ... }: +{ + pkgs, + config, + lib, + ... +}: let cfg = config.profile.kde; in @@ -24,8 +29,7 @@ in haruna ]; - environment.etc."chromium/native-messaging-hosts/org.kde.plasma.browser_integration.json".source = - "${pkgs.plasma-browser-integration}/etc/chromium/native-messaging-hosts/org.kde.plasma.browser_integration.json"; + environment.etc."chromium/native-messaging-hosts/org.kde.plasma.browser_integration.json".source = "${pkgs.plasma-browser-integration}/etc/chromium/native-messaging-hosts/org.kde.plasma.browser_integration.json"; # Configure keymap in X11 services.xserver = { diff --git a/system/modules/networking.nix b/system/modules/networking.nix index 6c7fde8..a94a81c 100644 --- a/system/modules/networking.nix +++ b/system/modules/networking.nix @@ -24,11 +24,13 @@ enable = true; }; - environment.etc."systemd/resolved.conf.d/10-bareksa.conf".source = (pkgs.formats.ini { }).generate "10-bareksa.conf" { - Resolve = { - # This dns server is only available when VPN is connected. - DNS = "192.168.3.215"; - Domains = "~bareksa.local"; - }; - }; + environment.etc."systemd/resolved.conf.d/10-bareksa.conf".source = + (pkgs.formats.ini { }).generate "10-bareksa.conf" + { + Resolve = { + # This dns server is only available when VPN is connected. + DNS = "192.168.3.215"; + Domains = "~bareksa.local"; + }; + }; } diff --git a/system/modules/openssh.nix b/system/modules/openssh.nix index ce48468..94affe1 100644 --- a/system/modules/openssh.nix +++ b/system/modules/openssh.nix @@ -1,4 +1,9 @@ -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: let cfg = config.profile.openssh; inherit (lib.meta) getExe; @@ -39,30 +44,33 @@ lib.mkMerge [ }; }; - sops.secrets."ntfy/tokens/homeserver" = { sopsFile = ../../secrets/ntfy.yaml; }; + sops.secrets."ntfy/tokens/homeserver" = { + sopsFile = ../../secrets/ntfy.yaml; + }; sops.templates."ntfy-ssh-login.sh" = { - content = builtins.readFile (lib.meta.getExe (pkgs.writeShellScriptBin "ntfy-ssh-login.sh" /*sh*/ '' - if [ "$PAM_TYPE" == "open_session" ]; then - ${getExe pkgs.curl} -X POST \ - -H "X-Priority: 4" \ - -H "X-Tags: warning" \ - -H "Authorization: Bearer ${config.sops.placeholder."ntfy/tokens/homeserver"}" \ - -H "X-Title: SSH login" \ - -d "$PAM_USER from $PAM_RHOST" \ - https://ntfy.tigor.web.id/ssh - fi - '')); + content = builtins.readFile ( + lib.meta.getExe ( + pkgs.writeShellScriptBin "ntfy-ssh-login.sh" # sh + '' + if [ "$PAM_TYPE" == "open_session" ]; then + ${getExe pkgs.curl} -X POST \ + -H "X-Priority: 4" \ + -H "X-Tags: warning" \ + -H "Authorization: Bearer ${config.sops.placeholder."ntfy/tokens/homeserver"}" \ + -H "X-Title: SSH login" \ + -d "$PAM_USER from $PAM_RHOST" \ + https://ntfy.tigor.web.id/ssh + fi + '' + ) + ); }; - security.pam.services.sshd.text = lib.mkDefault (lib.mkAfter '' - session optional pam_exec.so ${getExe pkgs.bash} ${config.sops.templates."ntfy-ssh-login.sh".path} - ''); + security.pam.services.sshd.text = lib.mkDefault ( + lib.mkAfter '' + session optional pam_exec.so ${getExe pkgs.bash} ${config.sops.templates."ntfy-ssh-login.sh".path} + '' + ); }) - { - profile.services.ntfy-sh.client.settings.subscribe = [ - { - topic = "ssh"; - } - ]; - } + { profile.services.ntfy-sh.client.settings.subscribe = [ { topic = "ssh"; } ]; } ] diff --git a/system/modules/printing.nix b/system/modules/printing.nix index 097ddec..dab8829 100644 --- a/system/modules/printing.nix +++ b/system/modules/printing.nix @@ -1,4 +1,9 @@ -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: let cfg = config.profile.printing; username = config.profile.user.name; @@ -11,4 +16,4 @@ in drivers = [ pkgs.brlaser ]; # Brother Laser Printer }; }; -} +} diff --git a/system/modules/scanner.nix b/system/modules/scanner.nix index 8eccbaf..fea93fd 100644 --- a/system/modules/scanner.nix +++ b/system/modules/scanner.nix @@ -1,4 +1,9 @@ -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: let cfg = config.profile.scanner; username = config.profile.user.name; @@ -6,15 +11,11 @@ in { config = lib.mkIf cfg.enable { users.users.${username}.extraGroups = [ "scanner" ]; - environment.systemPackages = with pkgs; [ - skanlite - ]; + environment.systemPackages = with pkgs; [ skanlite ]; hardware.sane = { enable = true; brscan4.enable = true; # Brother Scanner - extraBackends = with pkgs; [ - sane-airscan - ]; + extraBackends = with pkgs; [ sane-airscan ]; }; }; } diff --git a/system/modules/vial.nix b/system/modules/vial.nix index 54d38b4..c4051fe 100644 --- a/system/modules/vial.nix +++ b/system/modules/vial.nix @@ -1,4 +1,9 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: let cfg = config.profile.vial; in diff --git a/system/modules/yazi.nix b/system/modules/yazi.nix index 3c37db7..49ecab2 100644 --- a/system/modules/yazi.nix +++ b/system/modules/yazi.nix @@ -1,4 +1,9 @@ -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: let cfg = config.profile.programs.yazi; inherit (lib) mkIf; @@ -16,7 +21,11 @@ in yazi = { manager = { # 1/8 width for parent, 4/8 width for current, 3/8 width for preview - ratio = [ 1 4 3 ]; + ratio = [ + 1 + 4 + 3 + ]; sort_by = "natural"; sort_sensitive = false; sort_dir_first = true; @@ -27,13 +36,24 @@ in }; opener = { edit = [ - { run = ''nvim "$@"''; block = true; desc = "Edit in Neovim"; } + { + run = ''nvim "$@"''; + block = true; + desc = "Edit in Neovim"; + } ]; play = [ - { run = ''mpv "$@"''; orphan = true; desc = "Play in MPV"; } + { + run = ''mpv "$@"''; + orphan = true; + desc = "Play in MPV"; + } ]; open = [ - { run = ''xdg-open "$@"''; desc = "Open"; } + { + run = ''xdg-open "$@"''; + desc = "Open"; + } ]; }; open = { @@ -53,11 +73,17 @@ in # Multiple openers for a single rule { name = "*.html"; - use = [ "open" "edit" ]; + use = [ + "open" + "edit" + ]; } ]; append_rules = [ - { name = "*"; use = "open"; } + { + name = "*"; + use = "open"; + } ]; }; }; diff --git a/system/packages/cockpit-podman.nix b/system/packages/cockpit-podman.nix index db157c8..90b29a3 100644 --- a/system/packages/cockpit-podman.nix +++ b/system/packages/cockpit-podman.nix @@ -1,4 +1,10 @@ -{ lib, stdenv, fetchzip, gettext, ... }: +{ + lib, + stdenv, + fetchzip, + gettext, + ... +}: stdenv.mkDerivation rec { pname = "cockpit-podman"; @@ -9,11 +15,12 @@ stdenv.mkDerivation rec { sha256 = "sha256-qLt6x9W+M/DztzcFxyWZLHUTM1ZsPCOykO+6o/URa6c="; }; - nativeBuildInputs = [ - gettext - ]; + nativeBuildInputs = [ gettext ]; - makeFlags = [ "DESTDIR=$(out)" "PREFIX=" ]; + makeFlags = [ + "DESTDIR=$(out)" + "PREFIX=" + ]; postPatch = '' substituteInPlace Makefile \ diff --git a/system/podman/default.nix b/system/podman/default.nix index 819d8ea..aeee5a4 100644 --- a/system/podman/default.nix +++ b/system/podman/default.nix @@ -1,4 +1,9 @@ -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: let cfg = config.profile.podman; username = config.profile.user.name; @@ -34,7 +39,6 @@ in }; }; - # Taken IP-Range Subnets # # 10.88.0.2 -> Redmage diff --git a/system/podman/memos.nix b/system/podman/memos.nix index 1b30305..d30cad2 100644 --- a/system/podman/memos.nix +++ b/system/podman/memos.nix @@ -31,9 +31,7 @@ in TZ = "Asia/Jakarta"; # MEMOS_PUBLIC = "true"; }; - volumes = [ - "${rootVolume}:/var/opt/memos" - ]; + volumes = [ "${rootVolume}:/var/opt/memos" ]; extraOptions = [ "--network=podman" "--ip=${ip}" diff --git a/system/podman/metrics.nix b/system/podman/metrics.nix index 385c604..b55c2c3 100644 --- a/system/podman/metrics.nix +++ b/system/podman/metrics.nix @@ -5,34 +5,35 @@ let inherit (lib) mkIf; in { - virtualisation.oci-containers.containers."metrics" = mkIf (cfg.enable && config.profile.services.telemetry.enable) { - image = "quay.io/navidys/prometheus-podman-exporter"; - hostname = "metrics"; - autoStart = true; - user = "0:0"; - environment = { - TZ = "Asia/Jakarta"; - CONTAINER_HOST = "unix:///run/podman/podman.sock"; - }; - volumes = [ - "/run/podman/podman.sock:/run/podman/podman.sock" - ]; - extraOptions = [ - "--network=podman" - "--ip=${ip}" - "--security-opt=label=disable" - ]; - labels = { - "io.containers.autoupdate" = "registry"; - }; - }; - environment.etc."alloy/config.alloy".text = /*hcl*/ '' - prometheus.scrape "podman" { - targets = [{__address__ = "${ip}:9882"}] + virtualisation.oci-containers.containers."metrics" = + mkIf (cfg.enable && config.profile.services.telemetry.enable) + { + image = "quay.io/navidys/prometheus-podman-exporter"; + hostname = "metrics"; + autoStart = true; + user = "0:0"; + environment = { + TZ = "Asia/Jakarta"; + CONTAINER_HOST = "unix:///run/podman/podman.sock"; + }; + volumes = [ "/run/podman/podman.sock:/run/podman/podman.sock" ]; + extraOptions = [ + "--network=podman" + "--ip=${ip}" + "--security-opt=label=disable" + ]; + labels = { + "io.containers.autoupdate" = "registry"; + }; + }; + environment.etc."alloy/config.alloy".text = # hcl + '' + prometheus.scrape "podman" { + targets = [{__address__ = "${ip}:9882"}] - job_name = "podman" + job_name = "podman" - forward_to = [prometheus.remote_write.mimir.receiver] - } - ''; + forward_to = [prometheus.remote_write.mimir.receiver] + } + ''; } diff --git a/system/podman/minecraft.nix b/system/podman/minecraft.nix index 6e372c0..4a570bc 100644 --- a/system/podman/minecraft.nix +++ b/system/podman/minecraft.nix @@ -1,4 +1,9 @@ -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: let name = "minecraft"; podman = config.profile.podman; @@ -24,33 +29,36 @@ let in { config = mkIf (podman.enable && podman.${name}.enable) { - services.caddy.virtualHosts.${domain}.extraConfig = /*html*/ '' - header Content-Type text/html - respond < - - - Minecraft Server - - -

Congrats! The minecraft server should be up!

-

- This server is invitation only. - Please contact the server owner for more info. -

-

Server Address: ${domain}

-

Bedrock Server Port: 19132

-

Java Server Port: 25565

- - - EOF 200 - ''; + services.caddy.virtualHosts.${domain}.extraConfig = # html + '' + header Content-Type text/html + respond < + + + Minecraft Server + + +

Congrats! The minecraft server should be up!

+

+ This server is invitation only. + Please contact the server owner for more info. +

+

Server Address: ${domain}

+

Bedrock Server Port: 19132

+

Java Server Port: 25565

+ + + EOF 200 + ''; # Minecraft only autoupdates at startup # # To keep up with the update, restart the server at 4am everyday. systemd = - let serviceName = "podman-${name}"; in + let + serviceName = "podman-${name}"; + in { tmpfiles.settings."${serviceName}-mount".${rootVolume}.d = { group = config.profile.user.name; @@ -88,9 +96,7 @@ in "19132:19132/udp" "19132:19132" ]; - volumes = [ - "${rootVolume}:/minecraft" - ]; + volumes = [ "${rootVolume}:/minecraft" ]; extraOptions = [ "--network=podman" "--ip=${ip}" diff --git a/system/podman/morphos.nix b/system/podman/morphos.nix index e0bb9c6..981c72e 100644 --- a/system/podman/morphos.nix +++ b/system/podman/morphos.nix @@ -24,9 +24,7 @@ in environment = { TZ = "Asia/Jakarta"; }; - volumes = [ - "/tmp:/tmp" - ]; + volumes = [ "/tmp:/tmp" ]; extraOptions = [ "--network=podman" "--ip=${ip}" diff --git a/system/podman/openobserve.nix b/system/podman/openobserve.nix index fd6debf..2ecd7e6 100644 --- a/system/podman/openobserve.nix +++ b/system/podman/openobserve.nix @@ -34,16 +34,12 @@ in ZO_DATA_DIR = "/data"; ZO_WEB_URL = "https://${domain}"; }; - volumes = [ - "${rootVolume}/data:/data" - ]; + volumes = [ "${rootVolume}/data:/data" ]; extraOptions = [ "--network=podman" "--ip=${ip}" ]; - environmentFiles = [ - config.sops.secrets."openobserve/env".path - ]; + environmentFiles = [ config.sops.secrets."openobserve/env".path ]; labels = { "io.containers.autoupdate" = "registry"; }; diff --git a/system/podman/pihole.nix b/system/podman/pihole.nix index 5f1833d..5457d09 100644 --- a/system/podman/pihole.nix +++ b/system/podman/pihole.nix @@ -27,7 +27,9 @@ in # # This works by collecting all the virtual hosts defined in caddy # and check if the length of the list changes, if it does, we restart the pihole container. - systemd.services."podman-${name}".restartTriggers = attrsets.mapAttrsToList (name: _: name) config.services.caddy.virtualHosts; + systemd.services."podman-${name}".restartTriggers = attrsets.mapAttrsToList ( + name: _: name + ) config.services.caddy.virtualHosts; environment.etc."pihole/custom.list" = { # Copy file instead of symlink mode = "0444"; @@ -46,7 +48,9 @@ in '' 192.168.100.5 vpn.tigor.web.id ${strings.concatStringsSep "\n" ( - attrsets.mapAttrsToList (name: _: "192.168.100.5 ${strings.removePrefix "https://" name}") config.services.caddy.virtualHosts + attrsets.mapAttrsToList ( + name: _: "192.168.100.5 ${strings.removePrefix "https://" name}" + ) config.services.caddy.virtualHosts )} ''; }; @@ -72,9 +76,7 @@ in "pihole-dnsmasq:/etc/dnsmasq.d" "/etc/pihole/custom.list:/etc/pihole/custom.list" ]; - environmentFiles = [ - config.sops.secrets."pihole/env".path - ]; + environmentFiles = [ config.sops.secrets."pihole/env".path ]; extraOptions = [ "--ip=${ip}" "--network=podman" diff --git a/system/podman/qbittorrent.nix b/system/podman/qbittorrent.nix index 0b33537..4f8bb7d 100644 --- a/system/podman/qbittorrent.nix +++ b/system/podman/qbittorrent.nix @@ -1,4 +1,9 @@ -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: let name = "qbittorrent"; domain = "${name}.tigor.web.id"; @@ -24,56 +29,64 @@ lib.mkMerge [ chown ${uid}:${gid} ${volume} ${volume}/{config,downloads,progress,watch} ''; - sops = { secrets = let - opts = { sopsFile = ../../secrets/ntfy.yaml; }; + opts = { + sopsFile = ../../secrets/ntfy.yaml; + }; in { "ntfy/tokens/homeserver" = opts; }; templates = { - "qbittorrent-ntfy-env".content = /*sh*/ '' - NTFY_TOKEN=${config.sops.placeholder."ntfy/tokens/homeserver"} - ''; + "qbittorrent-ntfy-env".content = # sh + '' + NTFY_TOKEN=${config.sops.placeholder."ntfy/tokens/homeserver"} + ''; }; }; virtualisation.oci-containers.containers.${name} = let - finish-notify-script = pkgs.writeScriptBin "notify-finish.sh" (optionalString config.services.ntfy-sh.enable /*sh*/ '' - #!/bin/bash - # $1 = %N | Torrent Name - # $2 = %L | Category - # $3 = %G | Tags - # $4 = %F | Content Path - # $5 = %R | Root Path - # $6 = %D | Save Path - # $7 = %C | Number of files - # $8 = %Z | Torrent Size - # $9 = %T | Current Tracker - # $10 = %I | Info Hash v1 - # $11 = %J | Info Hash v2 - # $12 = %K | Torrent ID + finish-notify-script = pkgs.writeScriptBin "notify-finish.sh" ( + optionalString config.services.ntfy-sh.enable # sh + '' + #!/bin/bash + # $1 = %N | Torrent Name + # $2 = %L | Category + # $3 = %G | Tags + # $4 = %F | Content Path + # $5 = %R | Root Path + # $6 = %D | Save Path + # $7 = %C | Number of files + # $8 = %Z | Torrent Size + # $9 = %T | Current Tracker + # $10 = %I | Info Hash v1 + # $11 = %J | Info Hash v2 + # $12 = %K | Torrent ID - size=$(echo $8 | numfmt --to=iec) - curl -X POST \ - -H "Authorization: Bearer $NTFY_TOKEN" \ - -H "X-Title: $1" \ - -H "X-Tags: white_check_mark,$2" \ - -d "Number of Files: $7, Size: $size" \ - https://ntfy.tigor.web.id/qbittorrent?priority=4 - ''); - start-notify-script = pkgs.writeScriptBin "notify-start.sh" (optionalString config.services.ntfy-sh.enable /*sh*/ '' - #!/bin/bash - curl -X POST \ - -H "Authorization: Bearer $NTFY_TOKEN" \ - -H "X-Title: $1" \ - -H "X-Tags: rocket,$2" \ - -d "Starts downloading" \ - https://ntfy.tigor.web.id/qbittorrent - ''); + size=$(echo $8 | numfmt --to=iec) + curl -X POST \ + -H "Authorization: Bearer $NTFY_TOKEN" \ + -H "X-Title: $1" \ + -H "X-Tags: white_check_mark,$2" \ + -d "Number of Files: $7, Size: $size" \ + https://ntfy.tigor.web.id/qbittorrent?priority=4 + '' + ); + start-notify-script = pkgs.writeScriptBin "notify-start.sh" ( + optionalString config.services.ntfy-sh.enable # sh + '' + #!/bin/bash + curl -X POST \ + -H "Authorization: Bearer $NTFY_TOKEN" \ + -H "X-Title: $1" \ + -H "X-Tags: rocket,$2" \ + -d "Starts downloading" \ + https://ntfy.tigor.web.id/qbittorrent + '' + ); in { inherit image; @@ -102,19 +115,11 @@ lib.mkMerge [ "--ip=${ip}" "--network=podman" ]; - environmentFiles = [ - config.sops.templates."qbittorrent-ntfy-env".path - ]; + environmentFiles = [ config.sops.templates."qbittorrent-ntfy-env".path ]; labels = { "io.containers.autoupdate" = "registry"; }; }; }) - { - profile.services.ntfy-sh.client.settings.subscribe = [ - { - topic = "qbittorrent"; - } - ]; - } + { profile.services.ntfy-sh.client.settings.subscribe = [ { topic = "qbittorrent"; } ]; } ] diff --git a/system/podman/servarr/default.nix b/system/podman/servarr/default.nix index 0b49651..fb0ea64 100644 --- a/system/podman/servarr/default.nix +++ b/system/podman/servarr/default.nix @@ -11,9 +11,5 @@ ./recyclarr.nix ]; - profile.services.ntfy-sh.client.settings.subscribe = [ - { - topic = "servarr"; - } - ]; + profile.services.ntfy-sh.client.settings.subscribe = [ { topic = "servarr"; } ]; } diff --git a/system/podman/servarr/prowlarr.nix b/system/podman/servarr/prowlarr.nix index 4ac5979..bdf0483 100644 --- a/system/podman/servarr/prowlarr.nix +++ b/system/podman/servarr/prowlarr.nix @@ -52,9 +52,7 @@ in PGID = gid; TZ = "Asia/Jakarta"; }; - volumes = [ - "${configVolume}:/config" - ]; + volumes = [ "${configVolume}:/config" ]; extraOptions = [ "--ip=${ip}" "--network=podman" @@ -65,4 +63,3 @@ in }; }; } - diff --git a/system/podman/servarr/recyclarr.nix b/system/podman/servarr/recyclarr.nix index 68f1243..c5a6550 100644 --- a/system/podman/servarr/recyclarr.nix +++ b/system/podman/servarr/recyclarr.nix @@ -1,4 +1,9 @@ -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: let podman = config.profile.podman; name = "recyclarr"; @@ -22,7 +27,9 @@ in sops.secrets = let - opts = { sopsFile = ../../../secrets/servarr.yaml; }; + opts = { + sopsFile = ../../../secrets/servarr.yaml; + }; in { "servarr/api_keys/sonarr" = opts; @@ -33,49 +40,51 @@ in sops.templates."recyclarr/recylarr.yml" = { owner = user.name; path = "${configVolume}/recyclarr.yml"; - content = builtins.readFile ((pkgs.formats.yaml { }).generate "recyclarr.yml" { - radarr.movies = { - base_url = "http://radarr:7878"; - api_key = config.sops.placeholder."servarr/api_keys/radarr"; - quality_definition.type = "movie"; - delete_old_custom_formats = true; - custom_formats = [ - { - trash_ids = [ - # x264 only. For 720p and 1080p releases. - "2899d84dc9372de3408e6d8cc18e9666" - ]; - } - ]; - }; - sonarr = { - # tv = { - # base_url = "http://sonarr:8989"; - # api_key = config.sops.placeholder."servarr/api_keys/sonarr"; - # quality_definition.type = "series"; - # custom_formats = [ ]; - # }; - anime = { - base_url = "http://sonarr-anime:8989"; - api_key = config.sops.placeholder."servarr/api_keys/sonarr-anime"; - quality_definition.type = "anime"; + content = builtins.readFile ( + (pkgs.formats.yaml { }).generate "recyclarr.yml" { + radarr.movies = { + base_url = "http://radarr:7878"; + api_key = config.sops.placeholder."servarr/api_keys/radarr"; + quality_definition.type = "movie"; delete_old_custom_formats = true; custom_formats = [ - # sudo podman run --rm ghcr.io/recyclarr/recyclarr list custom-formats sonarr { trash_ids = [ - # Anime Web Tier 02 (Top FanSubs) - "19180499de5ef2b84b6ec59aae444696" - # Anime Web Tier 03 (Official Subs) - "c27f2ae6a4e82373b0f1da094e2489ad" - # Anime web tier 04 (Official Subs) - "4fd5528a3a8024e6b49f9c67053ea5f3" + # x264 only. For 720p and 1080p releases. + "2899d84dc9372de3408e6d8cc18e9666" ]; } ]; }; - }; - }); + sonarr = { + # tv = { + # base_url = "http://sonarr:8989"; + # api_key = config.sops.placeholder."servarr/api_keys/sonarr"; + # quality_definition.type = "series"; + # custom_formats = [ ]; + # }; + anime = { + base_url = "http://sonarr-anime:8989"; + api_key = config.sops.placeholder."servarr/api_keys/sonarr-anime"; + quality_definition.type = "anime"; + delete_old_custom_formats = true; + custom_formats = [ + # sudo podman run --rm ghcr.io/recyclarr/recyclarr list custom-formats sonarr + { + trash_ids = [ + # Anime Web Tier 02 (Top FanSubs) + "19180499de5ef2b84b6ec59aae444696" + # Anime Web Tier 03 (Official Subs) + "c27f2ae6a4e82373b0f1da094e2489ad" + # Anime web tier 04 (Official Subs) + "4fd5528a3a8024e6b49f9c67053ea5f3" + ]; + } + ]; + }; + }; + } + ); }; virtualisation.oci-containers.containers.${name} = { @@ -86,9 +95,7 @@ in environment = { TZ = "Asia/Jakarta"; }; - volumes = [ - "${configVolume}:/config" - ]; + volumes = [ "${configVolume}:/config" ]; extraOptions = [ "--ip=${ip}" "--network=podman" diff --git a/system/podman/soulseek.nix b/system/podman/soulseek.nix index 1703d9e..57d7026 100644 --- a/system/podman/soulseek.nix +++ b/system/podman/soulseek.nix @@ -1,4 +1,9 @@ -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: let name = "soulseek"; podman = config.profile.podman; @@ -32,17 +37,20 @@ in sops = { secrets = let - opts = { sopsFile = ../../secrets/soulseek.yaml; }; + opts = { + sopsFile = ../../secrets/soulseek.yaml; + }; in { ${basic_auth.username} = opts; ${basic_auth.password} = opts; }; templates = { - ${basic_auth.template}.content = /*sh*/ '' - SOULSEEK_USERNAME=${config.sops.placeholder.${basic_auth.username}} - SOULSEEK_PASSWORD=${config.sops.placeholder.${basic_auth.password}} - ''; + ${basic_auth.template}.content = # sh + '' + SOULSEEK_USERNAME=${config.sops.placeholder.${basic_auth.username}} + SOULSEEK_PASSWORD=${config.sops.placeholder.${basic_auth.password}} + ''; }; }; @@ -51,7 +59,6 @@ in chown ${uid}:${gid} ${rootVolume} ${rootVolume}/{config,downloads,incomplete} ''; - # Soulseek only autoscans on startup # # Once a day at 4am, restart the container to trigger a rescan @@ -79,7 +86,6 @@ in }; }; - virtualisation.oci-containers.containers.${name} = { inherit image; hostname = name; @@ -94,9 +100,7 @@ in "${rootVolume}/incomplete:/data/incomplete_downloads" "${rootVolumeMusic}:/data/shared" ]; - ports = [ - "2234-2239:2234-2239" - ]; + ports = [ "2234-2239:2234-2239" ]; extraOptions = [ "--network=podman" "--ip=${ip}" diff --git a/system/podman/suwayomi.nix b/system/podman/suwayomi.nix index 43c39f3..1d38551 100644 --- a/system/podman/suwayomi.nix +++ b/system/podman/suwayomi.nix @@ -45,9 +45,7 @@ in FLARESOLVERR_ENABLED = "true"; FLARESOLVERR_URL = "http://${ip-flaresolverr}:8191"; }; - volumes = [ - "${volume}:/home/suwayomi/.local/share/Tachidesk" - ]; + volumes = [ "${volume}:/home/suwayomi/.local/share/Tachidesk" ]; extraOptions = [ "--ip=${ip}" "--network=podman" diff --git a/system/podman/valheim.nix b/system/podman/valheim.nix index a4633b6..5c84558 100644 --- a/system/podman/valheim.nix +++ b/system/podman/valheim.nix @@ -21,7 +21,9 @@ lib.mkMerge [ sops = let - opts = { sopsFile = ../../secrets/valheim.yaml; }; + opts = { + sopsFile = ../../secrets/valheim.yaml; + }; in { secrets = { @@ -35,9 +37,12 @@ lib.mkMerge [ let placeholder = config.sops.placeholder; in - /*sh*/ '' + # sh + '' SERVER_PASS=${placeholder."valheim/server/password"} - ADMINLIST_IDS=${placeholder."valheim/admins/admin_1"} ${placeholder."valheim/admins/admin_2"} ${placeholder."valheim/admins/admin_3"} + ADMINLIST_IDS=${placeholder."valheim/admins/admin_1"} ${placeholder."valheim/admins/admin_2"} ${ + placeholder."valheim/admins/admin_3" + } ''; }; @@ -57,85 +62,61 @@ lib.mkMerge [ }; }; - - - virtualisation.oci-containers.containers.${name} = - { - inherit image; - hostname = name; - autoStart = true; - ports = [ - "2456:2456/udp" - ]; - volumes = [ - "${base_dir}/config:/config" - "${base_dir}/data:/opt/valheim" - ]; - environment = { - TZ = "Asia/Jakarta"; - SERVER_NAME = "Three Musketeers"; - WORLD_NAME = "Bebas"; - STATUS_HTTP = "true"; - PUID = uid; - PGID = gid; - }; - extraOptions = [ - "--network=podman" - "--ip=${ip}" - "--cap-add=sys_nice" - ]; - environmentFiles = [ - config.sops.templates."valheim-env".path - ]; - labels = { - "io.containers.autoupdate" = "registry"; - }; + virtualisation.oci-containers.containers.${name} = { + inherit image; + hostname = name; + autoStart = true; + ports = [ "2456:2456/udp" ]; + volumes = [ + "${base_dir}/config:/config" + "${base_dir}/data:/opt/valheim" + ]; + environment = { + TZ = "Asia/Jakarta"; + SERVER_NAME = "Three Musketeers"; + WORLD_NAME = "Bebas"; + STATUS_HTTP = "true"; + PUID = uid; + PGID = gid; }; - virtualisation.oci-containers.containers."${name}-hutasuhut" = - { - inherit image; - hostname = name; - autoStart = true; - ports = [ - "2457:2457/udp" - ]; - volumes = [ - "${base_dir_hutasuhut}/config:/config" - "${base_dir_hutasuhut}/data:/opt/valheim" - ]; - environment = { - TZ = "Asia/Jakarta"; - SERVER_NAME = "Hutasuhut"; - WORLD_NAME = "Hutasuhut"; - STATUS_HTTP = "true"; - PUID = uid; - PGID = gid; - }; - extraOptions = [ - "--network=podman" - "--ip=${ip-hutasuhut}" - "--cap-add=sys_nice" - ]; - environmentFiles = [ - config.sops.templates."valheim-env".path - ]; - labels = { - "io.containers.autoupdate" = "registry"; - }; + extraOptions = [ + "--network=podman" + "--ip=${ip}" + "--cap-add=sys_nice" + ]; + environmentFiles = [ config.sops.templates."valheim-env".path ]; + labels = { + "io.containers.autoupdate" = "registry"; }; + }; + virtualisation.oci-containers.containers."${name}-hutasuhut" = { + inherit image; + hostname = name; + autoStart = true; + ports = [ "2457:2457/udp" ]; + volumes = [ + "${base_dir_hutasuhut}/config:/config" + "${base_dir_hutasuhut}/data:/opt/valheim" + ]; + environment = { + TZ = "Asia/Jakarta"; + SERVER_NAME = "Hutasuhut"; + WORLD_NAME = "Hutasuhut"; + STATUS_HTTP = "true"; + PUID = uid; + PGID = gid; + }; + extraOptions = [ + "--network=podman" + "--ip=${ip-hutasuhut}" + "--cap-add=sys_nice" + ]; + environmentFiles = [ config.sops.templates."valheim-env".path ]; + labels = { + "io.containers.autoupdate" = "registry"; + }; + }; }) - { - profile.services.ntfy-sh.client.settings.subscribe = [ - { - topic = "valheim"; - } - ]; - } - { - profile.services.ntfy-sh.client.settings.subscribe = [ - { - topic = "valheim-hutasuhut"; - } - ]; - } + { profile.services.ntfy-sh.client.settings.subscribe = [ { topic = "valheim"; } ]; } + { profile.services.ntfy-sh.client.settings.subscribe = [ { topic = "valheim-hutasuhut"; } ]; } ] diff --git a/system/podman/ytptube.nix b/system/podman/ytptube.nix index 0e47258..75e92a4 100644 --- a/system/podman/ytptube.nix +++ b/system/podman/ytptube.nix @@ -1,4 +1,9 @@ -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: let name = "ytptube"; podman = config.profile.podman; @@ -15,49 +20,51 @@ let password = "caddy/basic_auth/password"; template = "caddy/basic_auth"; }; - webhook = builtins.readFile ((pkgs.formats.json { }).generate "webhooks.json" [ - { - name = "NTFY Webhook Added"; - on = [ "added" ]; - request = { - url = "https://ntfy.tigor.web.id/ytptube?click=https%3A%2F%2F${domain}&tpl=1&t=%7B%7B.title%7D%7D&m=%5B%7B%7B%20.folder%20%7D%7D%5D%20Download%20added."; - type = "json"; - method = "POST"; - headers = { - Authorization = ''Bearer ${config.sops.placeholder."ntfy/tokens/homeserver"}''; - X-Tags = "rocket"; + webhook = builtins.readFile ( + (pkgs.formats.json { }).generate "webhooks.json" [ + { + name = "NTFY Webhook Added"; + on = [ "added" ]; + request = { + url = "https://ntfy.tigor.web.id/ytptube?click=https%3A%2F%2F${domain}&tpl=1&t=%7B%7B.title%7D%7D&m=%5B%7B%7B%20.folder%20%7D%7D%5D%20Download%20added."; + type = "json"; + method = "POST"; + headers = { + Authorization = ''Bearer ${config.sops.placeholder."ntfy/tokens/homeserver"}''; + X-Tags = "rocket"; + }; }; - }; - } - { - name = "NTFY Webhook Completed"; - on = [ "completed" ]; - request = { - url = "https://ntfy.tigor.web.id/ytptube?click=https%3A%2F%2F${domain}&tpl=1&t=%7B%7B.title%7D%7D&m=%5B%7B%7B%20.folder%20%7D%7D%5D%20Download%20%7B%7B%20.status%20%7D%7D"; - type = "json"; - method = "POST"; - headers = { - Authorization = ''Bearer ${config.sops.placeholder."ntfy/tokens/homeserver"}''; - X-Tags = "heavy_check_mark"; - X-Priority = "4"; + } + { + name = "NTFY Webhook Completed"; + on = [ "completed" ]; + request = { + url = "https://ntfy.tigor.web.id/ytptube?click=https%3A%2F%2F${domain}&tpl=1&t=%7B%7B.title%7D%7D&m=%5B%7B%7B%20.folder%20%7D%7D%5D%20Download%20%7B%7B%20.status%20%7D%7D"; + type = "json"; + method = "POST"; + headers = { + Authorization = ''Bearer ${config.sops.placeholder."ntfy/tokens/homeserver"}''; + X-Tags = "heavy_check_mark"; + X-Priority = "4"; + }; }; - }; - } - { - name = "NTFY Webhook Error"; - on = [ "error" ]; - request = { - url = "https://ntfy.tigor.web.id/ytptube?click=https%3A%2F%2F${domain}&tpl=1&t=%7B%7B.title%7D%7D&m=%5B%7B%7B%20.folder%20%7D%7D%5D%20Download%20%7B%7B%20.status%20%7D%7D"; - type = "json"; - method = "POST"; - headers = { - Authorization = ''Bearer ${config.sops.placeholder."ntfy/tokens/homeserver"}''; - X-Priority = "4"; - X-Tags = "x"; + } + { + name = "NTFY Webhook Error"; + on = [ "error" ]; + request = { + url = "https://ntfy.tigor.web.id/ytptube?click=https%3A%2F%2F${domain}&tpl=1&t=%7B%7B.title%7D%7D&m=%5B%7B%7B%20.folder%20%7D%7D%5D%20Download%20%7B%7B%20.status%20%7D%7D"; + type = "json"; + method = "POST"; + headers = { + Authorization = ''Bearer ${config.sops.placeholder."ntfy/tokens/homeserver"}''; + X-Priority = "4"; + X-Tags = "x"; + }; }; - }; - } - ]); + } + ] + ); in lib.mkMerge [ (mkIf podman.${name}.enable { @@ -69,13 +76,16 @@ lib.mkMerge [ { ${basic_auth.username} = opts; ${basic_auth.password} = opts; - "ntfy/tokens/homeserver" = { sopsFile = ../../secrets/ntfy.yaml; }; + "ntfy/tokens/homeserver" = { + sopsFile = ../../secrets/ntfy.yaml; + }; }; templates = { - ${basic_auth.template}.content = /*sh*/ '' - YTPTUBE_USERNAME=${config.sops.placeholder.${basic_auth.username}} - YTPTUBE_PASSWORD=${config.sops.placeholder.${basic_auth.password}} - ''; + ${basic_auth.template}.content = # sh + '' + YTPTUBE_USERNAME=${config.sops.placeholder.${basic_auth.username}} + YTPTUBE_PASSWORD=${config.sops.placeholder.${basic_auth.password}} + ''; "ytptube/webhooks.json" = mkIf config.services.ntfy-sh.enable { content = webhook; path = "/etc/podman/${name}/webhooks.json"; @@ -142,7 +152,6 @@ lib.mkMerge [ mode = "0444"; }; - virtualisation.oci-containers.containers.${name} = { inherit image; hostname = name; diff --git a/system/programs.nix b/system/programs.nix index a4e4fe5..7d0e4dc 100644 --- a/system/programs.nix +++ b/system/programs.nix @@ -1,4 +1,9 @@ -{ inputs, pkgs, unstable, ... }: +{ + inputs, + pkgs, + unstable, + ... +}: { programs.neovim = { enable = true; diff --git a/system/services/caddy.nix b/system/services/caddy.nix index 1f6a910..b99ea45 100644 --- a/system/services/caddy.nix +++ b/system/services/caddy.nix @@ -1,7 +1,17 @@ -{ config, lib, unstable, ... }: +{ + config, + lib, + unstable, + ... +}: let cfg = config.profile.services.caddy; - inherit (lib) mkIf attrsets strings lists; + inherit (lib) + mkIf + attrsets + strings + lists + ; in { config = mkIf cfg.enable { @@ -10,27 +20,31 @@ in package = unstable.caddy; }; - services.caddy.globalConfig = /*caddy*/ '' - servers { - metrics - } - ''; + services.caddy.globalConfig = # caddy + '' + servers { + metrics + } + ''; environment.etc."caddy/static/tigor.web.id/index.html" = { text = let - domains = attrsets.mapAttrsToList (name: _: strings.removePrefix "https://" name) config.services.caddy.virtualHosts; + domains = attrsets.mapAttrsToList ( + name: _: strings.removePrefix "https://" name + ) config.services.caddy.virtualHosts; sortedDomains = lists.sort (a: b: a < b) domains; - list = map - (domain: /*html*/ '' + list = map ( + domain: # html + ''
${domain}
- '') - sortedDomains; + '') sortedDomains; items = strings.concatStringsSep "\n" list; in - /*html*/ '' + # html + '' @@ -53,80 +67,78 @@ in group = "caddy"; }; - services.caddy.virtualHosts = - { - "router.tigor.web.id".extraConfig = '' - @denied not remote_ip private_ranges + services.caddy.virtualHosts = { + "router.tigor.web.id".extraConfig = '' + @denied not remote_ip private_ranges - respond @denied "Access denied" 403 + respond @denied "Access denied" 403 - reverse_proxy 192.168.100.1 - ''; - "tigor.web.id".extraConfig = - '' - root * /etc/caddy/static/tigor.web.id - file_server - ''; - "crowfx.web.id".extraConfig = - '' - root * /etc/caddy/static/tigor.web.id - file_server - ''; - }; + reverse_proxy 192.168.100.1 + ''; + "tigor.web.id".extraConfig = '' + root * /etc/caddy/static/tigor.web.id + file_server + ''; + "crowfx.web.id".extraConfig = '' + root * /etc/caddy/static/tigor.web.id + file_server + ''; + }; environment.etc."alloy/config.alloy".text = - /*hcl*/ '' - local.file_match "caddy_access_log" { - path_targets = [ - { - "__path__" = "/var/log/caddy/*.log", - }, - ] - sync_period = "30s" - } + # hcl + '' + local.file_match "caddy_access_log" { + path_targets = [ + { + "__path__" = "/var/log/caddy/*.log", + }, + ] + sync_period = "30s" + } - loki.source.file "caddy_access_log" { - targets = local.file_match.caddy_access_log.targets - forward_to = [loki.process.caddy_access_log.receiver] - } + loki.source.file "caddy_access_log" { + targets = local.file_match.caddy_access_log.targets + forward_to = [loki.process.caddy_access_log.receiver] + } - loki.process "caddy_access_log" { - forward_to = [loki.write.default.receiver] + loki.process "caddy_access_log" { + forward_to = [loki.write.default.receiver] - stage.json { - expressions = { - level = "", - host = "request.host", - method = "request.method", - proto = "request.proto", - ts = "", - } - } - - stage.labels { - values = { - level = "", - host = "", - method = "", - proto = "", - } - } - - stage.label_drop { - values = ["service_name"] - } - - stage.static_labels { - values = { - job = "caddy_access_log", + stage.json { + expressions = { + level = "", + host = "request.host", + method = "request.method", + proto = "request.proto", + ts = "", + } } - } - stage.timestamp { - source = "ts" - format = "unix" - } - } - ''; + stage.labels { + values = { + level = "", + host = "", + method = "", + proto = "", + } + } + + stage.label_drop { + values = ["service_name"] + } + + stage.static_labels { + values = { + job = "caddy_access_log", + } + } + + stage.timestamp { + source = "ts" + format = "unix" + } + } + ''; }; } diff --git a/system/services/cockpit.nix b/system/services/cockpit.nix index 5ab3ca4..f76a0f9 100644 --- a/system/services/cockpit.nix +++ b/system/services/cockpit.nix @@ -1,4 +1,9 @@ -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: let cfg = config.profile.services.cockpit; inherit (lib) mkIf; @@ -8,13 +13,14 @@ in environment.systemPackages = mkIf config.profile.podman.enable [ (pkgs.callPackage ../packages/cockpit-podman.nix { }) ]; - services.caddy.virtualHosts."cockpit.tigor.web.id".extraConfig = /*caddyfile*/ '' - @denied not remote_ip private_ranges + services.caddy.virtualHosts."cockpit.tigor.web.id".extraConfig = # caddyfile + '' + @denied not remote_ip private_ranges - respond @denied "Access denied" 403 + respond @denied "Access denied" 403 - reverse_proxy 0.0.0.0:9090 - ''; + reverse_proxy 0.0.0.0:9090 + ''; services.udisks2.enable = true; services.cockpit = { enable = true; diff --git a/system/services/couchdb.nix b/system/services/couchdb.nix index 513cfe0..615a8b9 100644 --- a/system/services/couchdb.nix +++ b/system/services/couchdb.nix @@ -1,4 +1,9 @@ -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: let cfg = config.profile.services.couchdb; inherit (lib) mkIf; @@ -6,34 +11,43 @@ in { config = mkIf cfg.enable { sops = { - secrets = let opts = { sopsFile = ../../secrets/couchdb.yaml; }; in { - "couchdb/admin/username" = opts; - "couchdb/admin/password" = opts; - }; + secrets = + let + opts = { + sopsFile = ../../secrets/couchdb.yaml; + }; + in + { + "couchdb/admin/username" = opts; + "couchdb/admin/password" = opts; + }; templates."couchdb.ini" = { - content = builtins.readFile ((pkgs.formats.ini { }).generate "couchdb.ini" { - admins = { - ${config.sops.placeholder."couchdb/admin/username"} = config.sops.placeholder."couchdb/admin/password"; - }; - chttpd = { - require_valid_user = true; - max_http_request_size = 4294967296; - }; - chttpd_auth = { - require_valid_user = true; - }; - httpd = { - WWW-Authenticate = ''Basic realm="couchdb"''; - enable_cors = true; - }; - couchdb = { - max_document_size = 50 * 1000 * 1000; - }; - cors = { - credentials = true; - origin = "*"; - }; - }); + content = builtins.readFile ( + (pkgs.formats.ini { }).generate "couchdb.ini" { + admins = { + ${config.sops.placeholder."couchdb/admin/username"} = + config.sops.placeholder."couchdb/admin/password"; + }; + chttpd = { + require_valid_user = true; + max_http_request_size = 4294967296; + }; + chttpd_auth = { + require_valid_user = true; + }; + httpd = { + WWW-Authenticate = ''Basic realm="couchdb"''; + enable_cors = true; + }; + couchdb = { + max_document_size = 50 * 1000 * 1000; + }; + cors = { + credentials = true; + origin = "*"; + }; + } + ); owner = config.services.couchdb.user; }; }; diff --git a/system/services/forgejo.nix b/system/services/forgejo.nix index a782df8..7949d9b 100644 --- a/system/services/forgejo.nix +++ b/system/services/forgejo.nix @@ -1,4 +1,9 @@ -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: let cfg = config.profile.services.forgejo; inherit (lib) mkIf; @@ -14,7 +19,6 @@ in reverse_proxy * unix//run/forgejo/forgejo.sock ''; - services.forgejo = { enable = true; settings = { diff --git a/system/services/jellyfin.nix b/system/services/jellyfin.nix index 95d53ff..b5a074a 100644 --- a/system/services/jellyfin.nix +++ b/system/services/jellyfin.nix @@ -48,16 +48,15 @@ in inherit dataDir; }; - services.jellyseerr = mkIf cfg.jellyseerr.enable { - enable = true; - }; + services.jellyseerr = mkIf cfg.jellyseerr.enable { enable = true; }; - environment.etc."alloy/config.alloy".text = /*hcl*/ '' - prometheus.scrape "jellyfin" { - targets = [{__address__ = "0.0.0.0:8096"}] - job_name = "jellyfin" - forward_to = [prometheus.remote_write.mimir.receiver] - } - ''; + environment.etc."alloy/config.alloy".text = # hcl + '' + prometheus.scrape "jellyfin" { + targets = [{__address__ = "0.0.0.0:8096"}] + job_name = "jellyfin" + forward_to = [prometheus.remote_write.mimir.receiver] + } + ''; }; } diff --git a/system/services/nextcloud-extras.nix b/system/services/nextcloud-extras.nix index 9b67aaa..8ae04cf 100644 --- a/system/services/nextcloud-extras.nix +++ b/system/services/nextcloud-extras.nix @@ -1,13 +1,9 @@ # Directly ripped from https://github.com/onny/nixos-nextcloud-testumgebung/blob/main/nextcloud-extras.nix -{ config -, lib -, ... -}: +{ config, lib, ... }: let - inherit - (lib) + inherit (lib) optionalString escapeShellArg types @@ -46,28 +42,33 @@ in email = "user2@localhost"; }; }; - type = types.attrsOf (types.submodule { - options = { - passwordFile = mkOption { - type = types.path; - example = "/path/to/file"; - default = null; - description = lib.mdDoc '' - Specifies the path to a file containing the - clear text password for the user. - ''; + type = types.attrsOf ( + types.submodule { + options = { + passwordFile = mkOption { + type = types.path; + example = "/path/to/file"; + default = null; + description = lib.mdDoc '' + Specifies the path to a file containing the + clear text password for the user. + ''; + }; + email = mkOption { + type = types.str; + example = "user1@localhost"; + default = null; + }; }; - email = mkOption { - type = types.str; - example = "user1@localhost"; - default = null; - }; - }; - }); + } + ); }; webserver = mkOption { - type = types.enum [ "nginx" "caddy" ]; + type = types.enum [ + "nginx" + "caddy" + ]; default = "nginx"; description = '' Whether to use nginx or caddy for virtual host management. @@ -84,18 +85,22 @@ in systemd.services.nextcloud-ensure-users = { enable = true; script = '' - ${optionalString (cfg.ensureUsers != {}) '' - ${concatStringsSep "\n" (mapAttrsToList (name: cfg: '' - if ${config.services.nextcloud.occ}/bin/nextcloud-occ user:info "${name}" | grep "user not found"; then - export OC_PASS="$(cat ${escapeShellArg cfg.passwordFile})" - ${config.services.nextcloud.occ}/bin/nextcloud-occ user:add --password-from-env "${name}" - fi - if ! ${config.services.nextcloud.occ}/bin/nextcloud-occ user:info "${name}" | grep "user not found"; then - ${optionalString (cfg.email != null) '' - ${config.services.nextcloud.occ}/bin/nextcloud-occ user:setting "${name}" settings email "${cfg.email}" - ''} - fi - '') cfg.ensureUsers)} + ${optionalString (cfg.ensureUsers != { }) '' + ${concatStringsSep "\n" ( + mapAttrsToList (name: cfg: '' + if ${config.services.nextcloud.occ}/bin/nextcloud-occ user:info "${name}" | grep "user not found"; then + export OC_PASS="$(cat ${escapeShellArg cfg.passwordFile})" + ${config.services.nextcloud.occ}/bin/nextcloud-occ user:add --password-from-env "${name}" + fi + if ! ${config.services.nextcloud.occ}/bin/nextcloud-occ user:info "${name}" | grep "user not found"; then + ${ + optionalString (cfg.email != null) '' + ${config.services.nextcloud.occ}/bin/nextcloud-occ user:setting "${name}" settings email "${cfg.email}" + '' + } + fi + '') cfg.ensureUsers + )} ''} ''; wantedBy = [ "multi-user.target" ]; @@ -107,11 +112,12 @@ in "listen.group" = webserver.group; }; - users.groups.nextcloud.members = [ "nextcloud" webserver.user ]; + users.groups.nextcloud.members = [ + "nextcloud" + webserver.user + ]; - services.nginx = lib.mkIf (cfg.webserver == "caddy") { - enable = mkForce false; - }; + services.nginx = lib.mkIf (cfg.webserver == "caddy") { enable = mkForce false; }; services.caddy = lib.mkIf (cfg.webserver == "caddy") { enable = mkDefault true; diff --git a/system/services/nextcloud.nix b/system/services/nextcloud.nix index a4979d3..6d5d6a1 100644 --- a/system/services/nextcloud.nix +++ b/system/services/nextcloud.nix @@ -1,4 +1,9 @@ -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: let cfg = config.profile.services.nextcloud; in diff --git a/system/services/ntfy-sh.nix b/system/services/ntfy-sh.nix index 1468465..cb18880 100644 --- a/system/services/ntfy-sh.nix +++ b/system/services/ntfy-sh.nix @@ -1,4 +1,9 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: let cfg = config.profile.services.ntfy-sh; client = cfg.client; @@ -59,7 +64,10 @@ lib.mkMerge [ DBUS_SESSION_BUS_ADDRESS = "unix:path=/run/user/${toString config.profile.user.uid}/bus"; }; restartTriggers = [ (builtins.toJSON cfg.client.settings) ]; - path = with pkgs; [ bash libnotify ]; + path = with pkgs; [ + bash + libnotify + ]; description = "ntfy-sh client"; serviceConfig = { ExecStart = "${pkgs.ntfy-sh}/bin/ntfy --debug subscribe --config /etc/ntfy/client.yml --from-config"; @@ -72,23 +80,30 @@ lib.mkMerge [ sops = { secrets = let - opts = { sopsFile = ../../secrets/ntfy.yaml; }; + opts = { + sopsFile = ../../secrets/ntfy.yaml; + }; in { "ntfy/tokens/tigor" = opts; }; templates = - let filename = "ntfy-client.yaml"; in + let + filename = "ntfy-client.yaml"; + in { ${filename} = { - content = builtins.readFile ((pkgs.formats.yaml { }).generate filename ( - { - default-host = "https://${domain}"; - default-token = config.sops.placeholder."ntfy/tokens/tigor"; - default-command = ''${pkgs.libnotify}/bin/notify-send --category=im.received --urgency=normal "$title" "$message"''; - } // cfg.client.settings - )); + content = builtins.readFile ( + (pkgs.formats.yaml { }).generate filename ( + { + default-host = "https://${domain}"; + default-token = config.sops.placeholder."ntfy/tokens/tigor"; + default-command = ''${pkgs.libnotify}/bin/notify-send --category=im.received --urgency=normal "$title" "$message"''; + } + // cfg.client.settings + ) + ); path = configPath; owner = config.profile.user.name; }; diff --git a/system/services/openvpn.nix b/system/services/openvpn.nix index 981f06c..ef3ee4b 100644 --- a/system/services/openvpn.nix +++ b/system/services/openvpn.nix @@ -1,6 +1,11 @@ # Guide on how to create client ovpn files, and server config: https://wiki.archlinux.org/title/OpenVPN/Checklist_guide -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: let cfg = config.profile.services.openvpn; domain = "vpn.tigor.web.id"; @@ -49,31 +54,33 @@ in let # secretPlaceholder is a generated inline file from easyrsa build-client-full. # it contains , , sections. - template = { secretPlaceholder, ifConfig }: '' - client + template = + { secretPlaceholder, ifConfig }: + '' + client - dev tun - remote "${domain}" - port ${toString port} - redirect-gateway def1 + dev tun + remote "${domain}" + port ${toString port} + redirect-gateway def1 - cipher AES-256-CBC - auth-nocache + cipher AES-256-CBC + auth-nocache - keepalive 10 60 - resolv-retry infinite - nobind - persist-key - persist-tun - key-direction 1 + keepalive 10 60 + resolv-retry infinite + nobind + persist-key + persist-tun + key-direction 1 - tls-client - - ${config.sops.placeholder."openvpn/server/tls-auth"} - + tls-client + + ${config.sops.placeholder."openvpn/server/tls-auth"} + - ${secretPlaceholder} - ''; + ${secretPlaceholder} + ''; in { "openvpn/key/phone" = { @@ -127,5 +134,3 @@ in }; }; } - - diff --git a/system/services/rust-motd.nix b/system/services/rust-motd.nix index 0c44286..452254c 100644 --- a/system/services/rust-motd.nix +++ b/system/services/rust-motd.nix @@ -1,13 +1,16 @@ -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: let cfg = config.profile.services.rust-motd; inherit (lib) mkIf; in { config = mkIf cfg.enable { - environment.systemPackages = with pkgs; [ - fail2ban - ]; + environment.systemPackages = with pkgs; [ fail2ban ]; programs.rust-motd = { enable = true; settings = { diff --git a/system/services/stubby.nix b/system/services/stubby.nix index b00eb67..f34715c 100644 --- a/system/services/stubby.nix +++ b/system/services/stubby.nix @@ -1,4 +1,9 @@ -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: let cfg = config.profile.services.stubby; inherit (lib) mkIf lists; @@ -10,9 +15,7 @@ in services.stubby = { enable = true; settings = pkgs.stubby.passthru.settingsExample // { - listen_addresses = [ - "192.168.100.5" - ]; + listen_addresses = [ "192.168.100.5" ]; upstream_recursive_servers = [ { address_data = "1.1.1.1"; diff --git a/system/services/syncthing.nix b/system/services/syncthing.nix index 38895b5..c5aa64c 100644 --- a/system/services/syncthing.nix +++ b/system/services/syncthing.nix @@ -18,7 +18,10 @@ in ''; sops.secrets = let - opts = { owner = user.name; sopsFile = ../../secrets/syncthing.yaml; }; + opts = { + owner = user.name; + sopsFile = ../../secrets/syncthing.yaml; + }; in { "syncthing/server/key.pem" = opts; @@ -33,23 +36,17 @@ in "/nas/redmage/images/windows" = { label = "Redmage/Windows"; id = "Redmage/Windows"; - devices = [ - "windows" - ]; + devices = [ "windows" ]; }; "/nas/redmage/images/laptop-kerja" = { label = "Redmage/Laptop-Kerja"; id = "Redmage/Laptop-Kerja"; - devices = [ - "work-laptop" - ]; + devices = [ "work-laptop" ]; }; "/nas/redmage/images/s20fe-sfw" = { label = "Redmage/S20FE"; id = "Redmage/S20FE"; - devices = [ - "s20fe" - ]; + devices = [ "s20fe" ]; }; "/nas/Syncthing/Sync/Japanese-Homework" = { label = "Japanese Homework"; @@ -63,9 +60,7 @@ in "/nas/kavita/library/light-novels" = { label = "Light Novels"; id = "Light-Novels"; - devices = [ - "onyx" - ]; + devices = [ "onyx" ]; }; "/nas/Syncthing/Sync/VPN" = { label = "OpenVPN"; diff --git a/system/services/telemetry/alloy.nix b/system/services/telemetry/alloy.nix index 644cee8..02b8873 100644 --- a/system/services/telemetry/alloy.nix +++ b/system/services/telemetry/alloy.nix @@ -1,4 +1,10 @@ -{ config, lib, inputs, unstable, ... }: +{ + config, + lib, + inputs, + unstable, + ... +}: let cfg = config.profile.services.telemetry.alloy; webguiListenAddress = "0.0.0.0:5319"; @@ -13,13 +19,10 @@ in config = lib.mkIf cfg.enable { services.alloy = { enable = true; - extraFlags = [ - ''--server.http.listen-addr=${webguiListenAddress}'' - ]; + extraFlags = [ ''--server.http.listen-addr=${webguiListenAddress}'' ]; package = unstable.grafana-alloy; }; - sops = { secrets = let @@ -30,10 +33,11 @@ in "caddy/basic_auth/password" = opts; }; templates = { - "alloy-basic-auth".content = /*sh*/ '' - ALLOY_USERNAME=${config.sops.placeholder."caddy/basic_auth/username"} - ALLOY_PASSWORD=${config.sops.placeholder."caddy/basic_auth/password"} - ''; + "alloy-basic-auth".content = # sh + '' + ALLOY_USERNAME=${config.sops.placeholder."caddy/basic_auth/username"} + ALLOY_PASSWORD=${config.sops.placeholder."caddy/basic_auth/password"} + ''; }; }; @@ -43,7 +47,7 @@ in basicauth @require_auth { {$ALLOY_USERNAME} {$ALLOY_PASSWORD} } - + reverse_proxy ${webguiListenAddress} ''; @@ -55,14 +59,14 @@ in User = "root"; }; - environment.etc."alloy/config.alloy".text = let lokiConfig = config.services.loki.configuration; tempoServer = config.services.tempo.settings.server; mimirServer = config.services.mimir.configuration.server; in - /*hcl*/ '' + # hcl + '' otelcol.receiver.otlp "homeserver" { grpc { endpoint = "0.0.0.0:5317" diff --git a/system/services/telemetry/grafana.nix b/system/services/telemetry/grafana.nix index 9d289ff..5d4845e 100644 --- a/system/services/telemetry/grafana.nix +++ b/system/services/telemetry/grafana.nix @@ -1,4 +1,9 @@ -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: let cfg = config.profile.services.telemetry.grafana; inherit (lib) mkIf; diff --git a/system/services/telemetry/loki.nix b/system/services/telemetry/loki.nix index 383bb5b..4aa92e7 100644 --- a/system/services/telemetry/loki.nix +++ b/system/services/telemetry/loki.nix @@ -15,29 +15,34 @@ in { secrets = let - opts = { sopsFile = ../../../secrets/telemetry.yaml; owner = "grafana"; }; + opts = { + sopsFile = ../../../secrets/telemetry.yaml; + owner = "grafana"; + }; in { ${usernameKey} = opts; ${passwordKey} = opts; }; templates = { - "loki/caddy/basic_auth".content = /*sh*/ '' - LOKI_USERNAME=${config.sops.placeholder.${usernameKey}} - LOKI_PASSWORD=${config.sops.placeholder.${passwordKey}} - ''; + "loki/caddy/basic_auth".content = # sh + '' + LOKI_USERNAME=${config.sops.placeholder.${usernameKey}} + LOKI_PASSWORD=${config.sops.placeholder.${passwordKey}} + ''; }; }; systemd.services."caddy".serviceConfig = { EnvironmentFile = [ config.sops.templates."loki/caddy/basic_auth".path ]; }; - services.caddy.virtualHosts.${lokiDomain}.extraConfig = /*caddy*/ '' - basicauth { - {$LOKI_USERNAME} {$LOKI_PASSWORD} - } - reverse_proxy ${server.http_listen_address}:${toString server.http_listen_port} - ''; + services.caddy.virtualHosts.${lokiDomain}.extraConfig = # caddy + '' + basicauth { + {$LOKI_USERNAME} {$LOKI_PASSWORD} + } + reverse_proxy ${server.http_listen_address}:${toString server.http_listen_port} + ''; services.loki = let diff --git a/system/services/telemetry/mimir.nix b/system/services/telemetry/mimir.nix index e9de564..3865a65 100644 --- a/system/services/telemetry/mimir.nix +++ b/system/services/telemetry/mimir.nix @@ -17,10 +17,11 @@ in "caddy/basic_auth/password" = opts; }; templates = { - "mimir-basic-auth".content = /*sh*/ '' - MIMIR_USERNAME=${config.sops.placeholder."caddy/basic_auth/username"} - MIMIR_PASSWORD=${config.sops.placeholder."caddy/basic_auth/password"} - ''; + "mimir-basic-auth".content = # sh + '' + MIMIR_USERNAME=${config.sops.placeholder."caddy/basic_auth/username"} + MIMIR_PASSWORD=${config.sops.placeholder."caddy/basic_auth/password"} + ''; }; }; @@ -28,7 +29,6 @@ in EnvironmentFile = [ config.sops.templates."mimir-basic-auth".path ]; }; - services.caddy.virtualHosts.${domain}.extraConfig = let mimirServerConfig = config.services.mimir.configuration.server; @@ -40,7 +40,7 @@ in basicauth @require_auth { {$ALLOY_USERNAME} {$ALLOY_PASSWORD} } - + reverse_proxy ${hostAddress} ''; diff --git a/system/services/telemetry/prometheus.nix b/system/services/telemetry/prometheus.nix index 99002ca..4d37ae0 100644 --- a/system/services/telemetry/prometheus.nix +++ b/system/services/telemetry/prometheus.nix @@ -26,18 +26,18 @@ in scrapeConfigs = [ { job_name = "systemd"; - static_configs = [{ - labels = { - job = "systemd"; - }; - targets = - let - systemdExporter = config.services.prometheus.exporters.systemd; - in - [ - "${systemdExporter.listenAddress}:${toString systemdExporter.port}" - ]; - }]; + static_configs = [ + { + labels = { + job = "systemd"; + }; + targets = + let + systemdExporter = config.services.prometheus.exporters.systemd; + in + [ "${systemdExporter.listenAddress}:${toString systemdExporter.port}" ]; + } + ]; } ]; exporters = { diff --git a/system/services/telemetry/tempo.nix b/system/services/telemetry/tempo.nix index a2ef2ed..1ce4402 100644 --- a/system/services/telemetry/tempo.nix +++ b/system/services/telemetry/tempo.nix @@ -15,17 +15,21 @@ in sops = { secrets = let - opts = { sopsFile = ../../../secrets/telemetry.yaml; owner = "grafana"; }; + opts = { + sopsFile = ../../../secrets/telemetry.yaml; + owner = "grafana"; + }; in { ${basic_auth.username} = opts; ${basic_auth.password} = opts; }; templates = { - ${basic_auth.template}.content = /*sh*/ '' - TEMPO_USERNAME=${config.sops.placeholder.${basic_auth.username}} - TEMPO_PASSWORD=${config.sops.placeholder.${basic_auth.password}} - ''; + ${basic_auth.template}.content = # sh + '' + TEMPO_USERNAME=${config.sops.placeholder.${basic_auth.username}} + TEMPO_PASSWORD=${config.sops.placeholder.${basic_auth.password}} + ''; }; }; @@ -93,7 +97,12 @@ in datasourceUid = "loki"; spanStartTimeShift = "-1h"; spanEndTimeShift = "1h"; - tags = [ "job" "instance" "pod" "namespace" ]; + tags = [ + "job" + "instance" + "pod" + "namespace" + ]; filterByTraceID = false; filterBySpanID = false; customQuery = true; diff --git a/system/services/wireguard.nix b/system/services/wireguard.nix index 2755b7e..11f7de3 100644 --- a/system/services/wireguard.nix +++ b/system/services/wireguard.nix @@ -1,4 +1,9 @@ -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: let cfg = config.profile.services.wireguard; externalInterface = config.profile.networking.externalInterface; @@ -22,17 +27,25 @@ let in { config = mkIf cfg.enable { - sops.secrets = mergeAttrsList ([ - { - "wireguard/private_keys/server" = { inherit sopsFile; }; - } - ] ++ - (map (device: { ${device.secret} = { inherit sopsFile; }; }) devices) + sops.secrets = mergeAttrsList ( + [ + { + "wireguard/private_keys/server" = { + inherit sopsFile; + }; + } + ] + ++ (map (device: { + ${device.secret} = { + inherit sopsFile; + }; + }) devices) ); sops.templates = let - template = { privateKey, ip }: + template = + { privateKey, ip }: generators.toINI ({ }) { Interface = { Address = "${ip}/32"; @@ -47,8 +60,8 @@ in }; }; in - mergeAttrsList (map - (device: { + mergeAttrsList ( + map (device: { "wireguard/clients/${device.name}" = { content = template { privateKey = config.sops.placeholder.${device.secret}; @@ -57,8 +70,7 @@ in path = "/nas/Syncthing/Sync/WireGuard/${device.name}.conf"; owner = config.profile.user.name; }; - }) - devices + }) devices ); networking = { @@ -90,12 +102,10 @@ in privateKeyFile = config.sops.secrets."wireguard/private_keys/server".path; - peers = map - (device: { - publicKey = device.publicKey; - allowedIPs = [ device.ip ]; - }) - devices; + peers = map (device: { + publicKey = device.publicKey; + allowedIPs = [ device.ip ]; + }) devices; }; }; }; diff --git a/system/user.nix b/system/user.nix index 8da526a..5d4f0b9 100644 --- a/system/user.nix +++ b/system/user.nix @@ -1,4 +1,9 @@ -{ pkgs, config, lib, ... }: +{ + pkgs, + config, + lib, + ... +}: let user = config.profile.user.name; fullName = config.profile.user.fullName; @@ -7,7 +12,10 @@ in users.users.${user} = { isNormalUser = true; description = fullName; - extraGroups = [ "networkmanager" "wheel" ]; + extraGroups = [ + "networkmanager" + "wheel" + ]; shell = pkgs.zsh; };