diff --git a/flake.nix b/flake.nix index 0d77dc7..f4c39d0 100755 --- a/flake.nix +++ b/flake.nix @@ -41,50 +41,53 @@ inputs.nixpkgs.follows = "nixpkgs"; }; }; - outputs = { - self, - nixpkgs, - pre-commit-hooks, - ... - } @ inputs: let - system = "x86_64-linux"; - pkgs = import nixpkgs { - inherit system; - }; - in { - checks = { - pre-commit-check = pre-commit-hooks.lib.${system}.run { - src = ./.; - hooks = { - stylua.enable = true; - eslint.enable = true; - statix.enable = true; - alejandra.enable = false; - deadnix = { - enable = true; - excludes = ["overlays.nix"]; - }; - prettier = { - enable = true; - files = "\\.(js|ts|md|json)$"; + outputs = + { + self, + nixpkgs, + pre-commit-hooks, + ... + }@inputs: + let + system = "x86_64-linux"; + pkgs = import nixpkgs { inherit system; }; + in + { + checks = { + pre-commit-check = pre-commit-hooks.lib.${system}.run { + src = ./.; + hooks = { + stylua.enable = true; + eslint.enable = true; + statix.enable = true; + alejandra.enable = false; + deadnix = { + enable = true; + excludes = [ "overlays.nix" ]; + }; + prettier = { + enable = true; + files = "\\.(js|ts|md|json)$"; + }; }; }; }; + devShells.${system}.default = pkgs.mkShell { + name = "snowflake"; + inherit (self.checks.pre-commit-check) shellHook; + packages = with pkgs; [ + git + sops + # alejandra + nixfmt-rfc-style + statix + deadnix + yaml-language-server + lua-language-server + ]; + }; + # formatter.${system} = pkgs.alejandra; + deploy = import ./hosts/deploy.nix inputs; + nixosConfigurations = import ./hosts inputs; }; - devShells.${system}.default = pkgs.mkShell { - name = "snowflake"; - inherit (self.checks.pre-commit-check) shellHook; - packages = with pkgs; [ - git - sops - # alejandra - nixfmt-rfc-style - yaml-language-server - lua-language-server - ]; - }; - # formatter.${system} = pkgs.alejandra; - deploy = import ./hosts/deploy.nix inputs; - nixosConfigurations = import ./hosts inputs; - }; } diff --git a/home/ags/default.nix b/home/ags/default.nix index db78e95..407393a 100644 --- a/home/ags/default.nix +++ b/home/ags/default.nix @@ -1,15 +1,16 @@ -{ - pkgs, - config, - ... -}: let +{ pkgs, config, ... }: +let configDir = "/home/notoh/snowflake/home/ags/config"; -in { +in +{ programs.ags = { enable = true; - extraPackages = with pkgs; [libsoup_3 libdbusmenu-gtk3]; + extraPackages = with pkgs; [ + libsoup_3 + libdbusmenu-gtk3 + ]; }; - home.packages = with pkgs; [dart-sass]; + home.packages = with pkgs; [ dart-sass ]; xdg.configFile = { "ags".source = config.lib.file.mkOutOfStoreSymlink "${configDir}"; }; diff --git a/home/anyrun/default.nix b/home/anyrun/default.nix index cff9638..9ff3c53 100644 --- a/home/anyrun/default.nix +++ b/home/anyrun/default.nix @@ -3,12 +3,18 @@ pkgs, lib, ... -}: let - compileSCSS = name: source: "${pkgs.runCommandLocal name {} '' - mkdir -p $out - ${lib.getExe pkgs.sassc} -t expanded '${source}' > $out/${name}.css - ''}/${name}.css"; -in { +}: +let + compileSCSS = + name: source: + "${ + pkgs.runCommandLocal name { } '' + mkdir -p $out + ${lib.getExe pkgs.sassc} -t expanded '${source}' > $out/${name}.css + '' + }/${name}.css"; +in +{ programs.anyrun = { enable = true; config = { @@ -17,7 +23,9 @@ in { dictionary websearch ]; - width = {fraction = 0.3;}; + width = { + fraction = 0.3; + }; hideIcons = false; ignoreExclusiveZones = false; layer = "overlay"; diff --git a/home/default.nix b/home/default.nix index cbe2a25..79e00da 100644 --- a/home/default.nix +++ b/home/default.nix @@ -1,4 +1,5 @@ -{pkgs, ...}: { +{ pkgs, ... }: +{ imports = [ ./helix ./neofetch @@ -63,7 +64,11 @@ key = "BD47506D475EE86D"; signByDefault = true; }; - ignores = ["*result*" ".direnv" "node_modules"]; + ignores = [ + "*result*" + ".direnv" + "node_modules" + ]; }; gh = { enable = true; @@ -81,7 +86,7 @@ zoxide = { enable = true; enableNushellIntegration = true; - options = ["--cmd cdd"]; + options = [ "--cmd cdd" ]; }; }; } diff --git a/home/firefox/default.nix b/home/firefox/default.nix index 86be340..b8120fc 100644 --- a/home/firefox/default.nix +++ b/home/firefox/default.nix @@ -1,4 +1,5 @@ -{pkgs, ...}: { +{ pkgs, ... }: +{ programs.firefox = { enable = true; policies = { @@ -42,7 +43,7 @@ ]; } ]; - definedAliases = ["@g"]; + definedAliases = [ "@g" ]; }; "SearXNG" = { urls = [ @@ -56,7 +57,7 @@ ]; } ]; - definedAliases = ["@sx"]; + definedAliases = [ "@sx" ]; }; "Nix Packages" = { urls = [ @@ -75,7 +76,7 @@ } ]; icon = "''${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg"; - definedAliases = ["@np"]; + definedAliases = [ "@np" ]; }; "Bing".metaData.hidden = true; "Google".metaData.hidden = true; @@ -108,19 +109,19 @@ xdg.mimeApps = { enable = true; defaultApplications = { - "x-scheme-handler/discord-409416265891971072" = ["discord-409416265891971072.desktop"]; - "x-scheme-handler/discord-402572971681644545" = ["discord-402572971681644545.desktop"]; - "x-scheme-handler/discord-696343075731144724" = ["discord-696343075731144724.desktop"]; - "x-scheme-handler/http" = ["firefox.desktop"]; - "x-scheme-handler/https" = ["firefox.desktop"]; - "x-scheme-handler/chrome" = ["firefox.desktop"]; - "text/html" = ["firefox.desktop"]; - "application/x-extension-htm" = ["firefox.desktop"]; - "application/x-extension-html" = ["firefox.desktop"]; - "application/x-extension-shtml" = ["firefox.desktop"]; - "application/xhtml+xml" = ["firefox.desktop"]; - "application/x-extension-xhtml" = ["firefox.desktop"]; - "application/x-extension-xht" = ["firefox.desktop"]; + "x-scheme-handler/discord-409416265891971072" = [ "discord-409416265891971072.desktop" ]; + "x-scheme-handler/discord-402572971681644545" = [ "discord-402572971681644545.desktop" ]; + "x-scheme-handler/discord-696343075731144724" = [ "discord-696343075731144724.desktop" ]; + "x-scheme-handler/http" = [ "firefox.desktop" ]; + "x-scheme-handler/https" = [ "firefox.desktop" ]; + "x-scheme-handler/chrome" = [ "firefox.desktop" ]; + "text/html" = [ "firefox.desktop" ]; + "application/x-extension-htm" = [ "firefox.desktop" ]; + "application/x-extension-html" = [ "firefox.desktop" ]; + "application/x-extension-shtml" = [ "firefox.desktop" ]; + "application/xhtml+xml" = [ "firefox.desktop" ]; + "application/x-extension-xhtml" = [ "firefox.desktop" ]; + "application/x-extension-xht" = [ "firefox.desktop" ]; }; }; } diff --git a/home/gtk/catppuccin-red.nix b/home/gtk/catppuccin-red.nix index efc2e3f..4ac2280 100644 --- a/home/gtk/catppuccin-red.nix +++ b/home/gtk/catppuccin-red.nix @@ -1,4 +1,5 @@ -{pkgs, ...}: { +{ pkgs, ... }: +{ home.pointerCursor = { package = pkgs.bibata-cursors; name = "Bibata-Modern-Classic"; @@ -12,7 +13,7 @@ theme = { name = "Catppuccin-Mocha-Standard-Red-Dark"; package = pkgs.catppuccin-gtk.override { - accents = ["red"]; + accents = [ "red" ]; size = "standard"; variant = "mocha"; }; diff --git a/home/gtk/default.nix b/home/gtk/default.nix index b4eae7a..7914c94 100644 --- a/home/gtk/default.nix +++ b/home/gtk/default.nix @@ -1,4 +1,5 @@ -{pkgs, ...}: { +{ pkgs, ... }: +{ home.pointerCursor = { package = pkgs.bibata-cursors; name = "Bibata-Modern-Classic"; diff --git a/home/helix/default.nix b/home/helix/default.nix index 82e699a..d95a06f 100644 --- a/home/helix/default.nix +++ b/home/helix/default.nix @@ -1,4 +1,5 @@ -{...}: { +{ ... }: +{ imports = [ ./languages.nix ./themes/catppuccin_mocha.nix @@ -16,11 +17,26 @@ completion-replace = true; soft-wrap.enable = true; idle-timeout = 1; - gutters = ["diff" "diagnostics" "line-numbers" "spacer"]; + gutters = [ + "diff" + "diagnostics" + "line-numbers" + "spacer" + ]; statusline = { - left = ["mode" "spinner"]; - center = ["file-name"]; - right = ["diagnostics" "selections" "position" "file-line-ending" "file-type" "version-control"]; + left = [ + "mode" + "spinner" + ]; + center = [ "file-name" ]; + right = [ + "diagnostics" + "selections" + "position" + "file-line-ending" + "file-type" + "version-control" + ]; separator = "|"; mode = { normal = "NORMAL"; diff --git a/home/helix/languages.nix b/home/helix/languages.nix index e4fdd3c..82c582c 100644 --- a/home/helix/languages.nix +++ b/home/helix/languages.nix @@ -1,8 +1,5 @@ +{ pkgs, lib, ... }: { - pkgs, - lib, - ... -}: { programs.helix.languages = { language = with pkgs; [ { @@ -10,7 +7,7 @@ auto-format = true; formatter = { command = lib.getExe alejandra; - args = ["-q"]; + args = [ "-q" ]; }; } { @@ -34,7 +31,7 @@ }; vscode-css-language-server = { command = "${nodePackages.vscode-css-languageserver-bin}/bin/css-languageserver"; - args = ["--stdio"]; + args = [ "--stdio" ]; }; }; }; diff --git a/home/helix/themes/catppuccin_mocha.nix b/home/helix/themes/catppuccin_mocha.nix index 8c87ea6..34f8d03 100644 --- a/home/helix/themes/catppuccin_mocha.nix +++ b/home/helix/themes/catppuccin_mocha.nix @@ -1,216 +1,243 @@ _: { programs.helix = { - themes.catppuccin_mocha = let - rosewater = "#f5e0dc"; - flamingo = "#f2cdcd"; - pink = "#f5c2e7"; - mauve = "#cba6f7"; - red = "#f38ba8"; - maroon = "#eba0ac"; - peach = "#fab387"; - yellow = "#f9e2af"; - green = "#a6e3a1"; - teal = "#94e2d5"; - sky = "#89dceb"; - sapphire = "#74c7ec"; - blue = "#89b4fa"; - lavender = "#b4befe"; + themes.catppuccin_mocha = + let + rosewater = "#f5e0dc"; + flamingo = "#f2cdcd"; + pink = "#f5c2e7"; + mauve = "#cba6f7"; + red = "#f38ba8"; + maroon = "#eba0ac"; + peach = "#fab387"; + yellow = "#f9e2af"; + green = "#a6e3a1"; + teal = "#94e2d5"; + sky = "#89dceb"; + sapphire = "#74c7ec"; + blue = "#89b4fa"; + lavender = "#b4befe"; - text = "#cdd6f4"; - subtext1 = "#bac2de"; - subtext0 = "#a6adc8"; - overlay2 = "#9399b2"; - overlay1 = "#7f849c"; - overlay0 = "#6c7086"; - surface2 = "#585b70"; - surface1 = "#45475a"; - surface0 = "#313244"; + text = "#cdd6f4"; + subtext1 = "#bac2de"; + subtext0 = "#a6adc8"; + overlay2 = "#9399b2"; + overlay1 = "#7f849c"; + overlay0 = "#6c7086"; + surface2 = "#585b70"; + surface1 = "#45475a"; + surface0 = "#313244"; - base = "#1e1e2e"; - mantle = "#181825"; - crust = "#11111b"; + base = "#1e1e2e"; + mantle = "#181825"; + crust = "#11111b"; - cursorline = "#2a2b3c"; - secondary_cursor = "#b5a6a8"; - in { - "type" = yellow; - "constructor" = sapphire; - "constant" = peach; - "constant.builtin" = peach; - "constant.character" = teal; - "constant.character.escape" = pink; - "string" = green; - "string.regexp" = peach; - "string.special" = blue; - "comment" = { - fg = maroon; - modifiers = ["italic"]; - }; - "variable" = "text"; - "variable.parameter" = { - fg = maroon; - modifiers = ["italic"]; - }; - "variable.builtin" = red; - "variable.other.member" = teal; - "label" = sapphire; - "punctuation" = overlay2; - "punctuation.special" = sky; - "keyword" = mauve; - "keyword.control.conditional" = { - fg = mauve; - modifiers = ["italic"]; - }; - "operator" = sky; - "function" = blue; - "function.macro" = mauve; - "tag" = mauve; - "attribute" = blue; - "namespace" = { - fg = blue; - modifiers = ["italic"]; - }; - "special" = blue; - "markup.heading.marker" = { - fg = peach; - modifiers = ["bold"]; - }; - "markup.heading.1" = lavender; - "markup.heading.2" = mauve; - "markup.heading.3" = green; - "markup.heading.4" = yellow; - "markup.heading.5" = pink; - "markup.heading.6" = teal; - "markup.list" = mauve; - "markup.bold" = {modifiers = ["bold"];}; - "markup.italic" = {modifiers = ["italic"];}; - "markup.link.url" = { - fg = rosewater; - modifiers = ["italic" "underlined"]; - }; - "markup.link.text" = blue; - "markup.raw" = flamingo; - "diff.plus" = green; - "diff.minus" = red; - "diff.delta" = blue; - "ui.background" = {fg = surface1;}; - "ui.linenr" = {fg = surface1;}; - "ui.linenr.selected" = {fg = lavender;}; - "ui.statusline" = { - fg = subtext1; - bg = mantle; - }; - "ui.statusline.inactive" = { - fg = surface2; - bg = mantle; - }; - "ui.statusline.normal" = { - fg = base; - bg = lavender; - modifiers = ["bold"]; - }; - "ui.statusline.insert" = { - fg = base; - bg = green; - modifiers = ["bold"]; - }; - "ui.statusline.select" = { - fg = base; - bg = flamingo; - modifiers = ["bold"]; - }; - "ui.popup" = { - fg = text; - bg = surface0; - }; - "ui.window" = {fg = crust;}; - "ui.help" = { - fg = overlay2; - bg = surface0; - }; - "ui.bufferline" = { - fg = subtext0; - bg = mantle; - }; - "ui.bufferline.active" = { - fg = mauve; - bg = base; - underline = { - color = mauve; - style = "line"; + cursorline = "#2a2b3c"; + secondary_cursor = "#b5a6a8"; + in + { + "type" = yellow; + "constructor" = sapphire; + "constant" = peach; + "constant.builtin" = peach; + "constant.character" = teal; + "constant.character.escape" = pink; + "string" = green; + "string.regexp" = peach; + "string.special" = blue; + "comment" = { + fg = maroon; + modifiers = [ "italic" ]; }; - }; - "ui.bufferline.background" = {bg = crust;}; - "ui.text" = text; - "ui.text.focus" = { - fg = text; - bg = surface0; - modifiers = ["bold"]; - }; - "ui.text.inactive" = {fg = overlay1;}; - "ui.virtual" = overlay0; - "ui.virtual.ruler" = {bg = surface0;}; - "ui.virtual.indent-guide" = surface0; - "ui.virtual.inlay-hint" = { - fg = surface1; - bg = mantle; - }; - "ui.selection" = {bg = surface1;}; - "ui.cursor" = { - fg = base; - bg = secondary_cursor; - }; - "ui.cursor.primary" = { - fg = base; - bg = rosewater; - }; - "ui.cursor.match" = { - fg = peach; - modifiers = ["bold"]; - }; - "ui.cursorline.primary" = {bg = cursorline;}; - "ui.highlight" = { - bg = surface1; - modifiers = ["bold"]; - }; - "ui.menu" = { - fg = overlay2; - bg = surface0; - }; - "ui.menu.selected" = { - fg = text; - bg = surface1; - modifiers = ["bold"]; - }; - "diagnostic.error" = { - underline = { - color = red; - style = "curl"; + "variable" = "text"; + "variable.parameter" = { + fg = maroon; + modifiers = [ "italic" ]; }; - }; - "diagnostic.warning" = { - underline = { - color = yellow; - style = "curl"; + "variable.builtin" = red; + "variable.other.member" = teal; + "label" = sapphire; + "punctuation" = overlay2; + "punctuation.special" = sky; + "keyword" = mauve; + "keyword.control.conditional" = { + fg = mauve; + modifiers = [ "italic" ]; }; - }; - "diagnostic.info" = { - underline = { - color = sky; - style = "curl"; + "operator" = sky; + "function" = blue; + "function.macro" = mauve; + "tag" = mauve; + "attribute" = blue; + "namespace" = { + fg = blue; + modifiers = [ "italic" ]; }; - }; - "diagnostic.hint" = { - underline = { - color = teal; - style = "curl"; + "special" = blue; + "markup.heading.marker" = { + fg = peach; + modifiers = [ "bold" ]; + }; + "markup.heading.1" = lavender; + "markup.heading.2" = mauve; + "markup.heading.3" = green; + "markup.heading.4" = yellow; + "markup.heading.5" = pink; + "markup.heading.6" = teal; + "markup.list" = mauve; + "markup.bold" = { + modifiers = [ "bold" ]; + }; + "markup.italic" = { + modifiers = [ "italic" ]; + }; + "markup.link.url" = { + fg = rosewater; + modifiers = [ + "italic" + "underlined" + ]; + }; + "markup.link.text" = blue; + "markup.raw" = flamingo; + "diff.plus" = green; + "diff.minus" = red; + "diff.delta" = blue; + "ui.background" = { + fg = surface1; + }; + "ui.linenr" = { + fg = surface1; + }; + "ui.linenr.selected" = { + fg = lavender; + }; + "ui.statusline" = { + fg = subtext1; + bg = mantle; + }; + "ui.statusline.inactive" = { + fg = surface2; + bg = mantle; + }; + "ui.statusline.normal" = { + fg = base; + bg = lavender; + modifiers = [ "bold" ]; + }; + "ui.statusline.insert" = { + fg = base; + bg = green; + modifiers = [ "bold" ]; + }; + "ui.statusline.select" = { + fg = base; + bg = flamingo; + modifiers = [ "bold" ]; + }; + "ui.popup" = { + fg = text; + bg = surface0; + }; + "ui.window" = { + fg = crust; + }; + "ui.help" = { + fg = overlay2; + bg = surface0; + }; + "ui.bufferline" = { + fg = subtext0; + bg = mantle; + }; + "ui.bufferline.active" = { + fg = mauve; + bg = base; + underline = { + color = mauve; + style = "line"; + }; + }; + "ui.bufferline.background" = { + bg = crust; + }; + "ui.text" = text; + "ui.text.focus" = { + fg = text; + bg = surface0; + modifiers = [ "bold" ]; + }; + "ui.text.inactive" = { + fg = overlay1; + }; + "ui.virtual" = overlay0; + "ui.virtual.ruler" = { + bg = surface0; + }; + "ui.virtual.indent-guide" = surface0; + "ui.virtual.inlay-hint" = { + fg = surface1; + bg = mantle; + }; + "ui.selection" = { + bg = surface1; + }; + "ui.cursor" = { + fg = base; + bg = secondary_cursor; + }; + "ui.cursor.primary" = { + fg = base; + bg = rosewater; + }; + "ui.cursor.match" = { + fg = peach; + modifiers = [ "bold" ]; + }; + "ui.cursorline.primary" = { + bg = cursorline; + }; + "ui.highlight" = { + bg = surface1; + modifiers = [ "bold" ]; + }; + "ui.menu" = { + fg = overlay2; + bg = surface0; + }; + "ui.menu.selected" = { + fg = text; + bg = surface1; + modifiers = [ "bold" ]; + }; + "diagnostic.error" = { + underline = { + color = red; + style = "curl"; + }; + }; + "diagnostic.warning" = { + underline = { + color = yellow; + style = "curl"; + }; + }; + "diagnostic.info" = { + underline = { + color = sky; + style = "curl"; + }; + }; + "diagnostic.hint" = { + underline = { + color = teal; + style = "curl"; + }; }; - }; - "error" = red; - "warning" = yellow; - "info" = sky; - "hint" = teal; - }; + "error" = red; + "warning" = yellow; + "info" = sky; + "hint" = teal; + }; }; } diff --git a/home/helix/themes/tokyonight.nix b/home/helix/themes/tokyonight.nix index 6377971..5f2c83b 100644 --- a/home/helix/themes/tokyonight.nix +++ b/home/helix/themes/tokyonight.nix @@ -1,170 +1,260 @@ _: { programs.helix = { - themes.tokyonight = let - red = "#f7768e"; - orange = "#ff9e64"; - yellow = "#e0af68"; - light-green = "#9ece6a"; - green = "#73daca"; - turquoise = "#89ddff"; - teal = "#2ac3de"; - cyan = "#7dcfff"; - blue = "#7aa2f7"; - magenta = "#bb9af7"; - white = "#c0caf5"; - light-gray = "#9aa5ce"; - comment = "#565f89"; - black = "#414868"; - foreground = "#a9b1d6"; - foreground_gutter = "#363b54"; - background_highlight = "#30374b"; - background_menu = "#16161e"; - in { - "comment" = { - fg = comment; - modifiers = ["italic"]; - }; - "constant" = {fg = orange;}; - "constant.character.escape" = {fg = magenta;}; - "function" = { - fg = blue; - modifiers = ["italic"]; - }; - "function.macro" = {fg = cyan;}; - "keyword" = { - fg = cyan; - modifiers = ["italic"]; - }; - "keyword.control" = {fg = magenta;}; - "keyword.control.import" = {fg = cyan;}; - "keyword.operator" = {fg = turquoise;}; - "keyword.function" = { - fg = magenta; - modifiers = ["italic"]; - }; - "operator" = {fg = turquoise;}; - "punctuation" = {fg = turquoise;}; - "string" = {fg = light-green;}; - "string.regexp" = {fg = "light-blue";}; - "tag" = {fg = red;}; - "type" = {fg = teal;}; - "namespace" = {fg = blue;}; - "variable" = {fg = white;}; - "variable.builtin" = {fg = red;}; - "variable.other.member" = {fg = green;}; - "variable.parameter" = { - fg = yellow; - modifiers = ["italic"]; - }; + themes.tokyonight = + let + red = "#f7768e"; + orange = "#ff9e64"; + yellow = "#e0af68"; + light-green = "#9ece6a"; + green = "#73daca"; + turquoise = "#89ddff"; + teal = "#2ac3de"; + cyan = "#7dcfff"; + blue = "#7aa2f7"; + magenta = "#bb9af7"; + white = "#c0caf5"; + light-gray = "#9aa5ce"; + comment = "#565f89"; + black = "#414868"; + foreground = "#a9b1d6"; + foreground_gutter = "#363b54"; + background_highlight = "#30374b"; + background_menu = "#16161e"; + in + { + "comment" = { + fg = comment; + modifiers = [ "italic" ]; + }; + "constant" = { + fg = orange; + }; + "constant.character.escape" = { + fg = magenta; + }; + "function" = { + fg = blue; + modifiers = [ "italic" ]; + }; + "function.macro" = { + fg = cyan; + }; + "keyword" = { + fg = cyan; + modifiers = [ "italic" ]; + }; + "keyword.control" = { + fg = magenta; + }; + "keyword.control.import" = { + fg = cyan; + }; + "keyword.operator" = { + fg = turquoise; + }; + "keyword.function" = { + fg = magenta; + modifiers = [ "italic" ]; + }; + "operator" = { + fg = turquoise; + }; + "punctuation" = { + fg = turquoise; + }; + "string" = { + fg = light-green; + }; + "string.regexp" = { + fg = "light-blue"; + }; + "tag" = { + fg = red; + }; + "type" = { + fg = teal; + }; + "namespace" = { + fg = blue; + }; + "variable" = { + fg = white; + }; + "variable.builtin" = { + fg = red; + }; + "variable.other.member" = { + fg = green; + }; + "variable.parameter" = { + fg = yellow; + modifiers = [ "italic" ]; + }; - "diff.plus" = {fg = green;}; - "diff.delta" = {fg = orange;}; - "diff.minus" = {fg = red;}; + "diff.plus" = { + fg = green; + }; + "diff.delta" = { + fg = orange; + }; + "diff.minus" = { + fg = red; + }; - "ui.background" = {fg = foreground;}; + "ui.background" = { + fg = foreground; + }; - "ui.cursor" = {modifiers = ["reversed"];}; - "ui.cursor.match" = { - fg = orange; - modifiers = ["bold"]; - }; - "ui.cursor.primary" = {modifiers = ["reversed"];}; - "ui.cursorline.primary" = {bg = background_menu;}; - "ui.help" = { - fg = foreground; - bg = background_menu; - }; - "ui.linenr" = {fg = foreground_gutter;}; - "ui.linenr.selected" = {fg = foreground;}; - "ui.menu" = { - fg = foreground; - bg = background_menu; - }; - "ui.menu.selected" = {bg = background_highlight;}; - "ui.popup" = { - fg = foreground; - bg = background_menu; - }; - "ui.selection" = {bg = background_highlight;}; - "ui.selection.primary" = {bg = background_highlight;}; - "ui.statusline" = { - fg = foreground; - bg = background_menu; - }; - "ui.statusline.inactive" = { - fg = foreground_gutter; - bg = background_menu; - }; - "ui.statusline.normal" = { - fg = black; - bg = blue; - }; - "ui.statusline.insert" = { - fg = black; - bg = green; - }; - "ui.statusline.select" = { - fg = black; - bg = magenta; - }; - "ui.text" = {fg = foreground;}; - "ui.text.focus" = {fg = cyan;}; - "ui.virtual.ruler" = {bg = foreground_gutter;}; - "ui.virtual.whitespace" = {fg = foreground_gutter;}; - "ui.virtual.inlay-hint" = {fg = comment;}; - "ui.window" = {fg = black;}; + "ui.cursor" = { + modifiers = [ "reversed" ]; + }; + "ui.cursor.match" = { + fg = orange; + modifiers = [ "bold" ]; + }; + "ui.cursor.primary" = { + modifiers = [ "reversed" ]; + }; + "ui.cursorline.primary" = { + bg = background_menu; + }; + "ui.help" = { + fg = foreground; + bg = background_menu; + }; + "ui.linenr" = { + fg = foreground_gutter; + }; + "ui.linenr.selected" = { + fg = foreground; + }; + "ui.menu" = { + fg = foreground; + bg = background_menu; + }; + "ui.menu.selected" = { + bg = background_highlight; + }; + "ui.popup" = { + fg = foreground; + bg = background_menu; + }; + "ui.selection" = { + bg = background_highlight; + }; + "ui.selection.primary" = { + bg = background_highlight; + }; + "ui.statusline" = { + fg = foreground; + bg = background_menu; + }; + "ui.statusline.inactive" = { + fg = foreground_gutter; + bg = background_menu; + }; + "ui.statusline.normal" = { + fg = black; + bg = blue; + }; + "ui.statusline.insert" = { + fg = black; + bg = green; + }; + "ui.statusline.select" = { + fg = black; + bg = magenta; + }; + "ui.text" = { + fg = foreground; + }; + "ui.text.focus" = { + fg = cyan; + }; + "ui.virtual.ruler" = { + bg = foreground_gutter; + }; + "ui.virtual.whitespace" = { + fg = foreground_gutter; + }; + "ui.virtual.inlay-hint" = { + fg = comment; + }; + "ui.window" = { + fg = black; + }; - "error" = {fg = red;}; - "warning" = {fg = yellow;}; - "info" = {fg = blue;}; - "hint" = {fg = teal;}; - "diagnostic.error" = { - underline = { - style = "curl"; - color = red; + "error" = { + fg = red; + }; + "warning" = { + fg = yellow; + }; + "info" = { + fg = blue; + }; + "hint" = { + fg = teal; + }; + "diagnostic.error" = { + underline = { + style = "curl"; + color = red; + }; + }; + "diagnostic.warning" = { + underline = { + style = "curl"; + color = yellow; + }; + }; + "diagnostic.info" = { + underline = { + style = "curl"; + color = blue; + }; + }; + "diagnostic.hint" = { + underline = { + style = "curl"; + color = teal; + }; + }; + "special" = { + fg = orange; + }; + + "markup.heading" = { + fg = cyan; + modifiers = [ "bold" ]; + }; + "markup.list" = { + fg = cyan; + }; + "markup.bold" = { + fg = orange; + modifiers = [ "bold" ]; + }; + "markup.italic" = { + fg = yellow; + modifiers = [ "italic" ]; + }; + "markup.strikethrough" = { + modifiers = [ "crossed_out" ]; + }; + "markup.link.url" = { + fg = green; + }; + "markup.link.text" = { + fg = light-gray; + }; + "markup.quote" = { + fg = yellow; + modifiers = [ "italic" ]; + }; + "markup.raw" = { + fg = cyan; }; }; - "diagnostic.warning" = { - underline = { - style = "curl"; - color = yellow; - }; - }; - "diagnostic.info" = { - underline = { - style = "curl"; - color = blue; - }; - }; - "diagnostic.hint" = { - underline = { - style = "curl"; - color = teal; - }; - }; - "special" = {fg = orange;}; - - "markup.heading" = { - fg = cyan; - modifiers = ["bold"]; - }; - "markup.list" = {fg = cyan;}; - "markup.bold" = { - fg = orange; - modifiers = ["bold"]; - }; - "markup.italic" = { - fg = yellow; - modifiers = ["italic"]; - }; - "markup.strikethrough" = {modifiers = ["crossed_out"];}; - "markup.link.url" = {fg = green;}; - "markup.link.text" = {fg = light-gray;}; - "markup.quote" = { - fg = yellow; - modifiers = ["italic"]; - }; - "markup.raw" = {fg = cyan;}; - }; }; } diff --git a/home/lazygit/default.nix b/home/lazygit/default.nix index 9ba8236..56215ee 100644 --- a/home/lazygit/default.nix +++ b/home/lazygit/default.nix @@ -5,14 +5,17 @@ _: { windowSize = "normal"; gui.theme = { lightTheme = false; - activeBorderColor = ["#2ac3de" "bold"]; - inactiveBorderColor = ["#f7768e"]; - optionsTextColor = [" #c0caf5"]; - selectedLineBgColor = ["#24283b"]; - selectedRangeByColor = ["#24283b"]; - cherryPickedCommitBgColor = ["#94e2d5"]; - cherryPickedCommitFgColor = ["#89b4fa"]; - unstagedChangesColor = ["red"]; + activeBorderColor = [ + "#2ac3de" + "bold" + ]; + inactiveBorderColor = [ "#f7768e" ]; + optionsTextColor = [ " #c0caf5" ]; + selectedLineBgColor = [ "#24283b" ]; + selectedRangeByColor = [ "#24283b" ]; + cherryPickedCommitBgColor = [ "#94e2d5" ]; + cherryPickedCommitFgColor = [ "#89b4fa" ]; + unstagedChangesColor = [ "red" ]; showRandomTip = false; animateExplosion = true; }; diff --git a/home/neofetch/default.nix b/home/neofetch/default.nix index 8248cd4..f7367b9 100644 --- a/home/neofetch/default.nix +++ b/home/neofetch/default.nix @@ -1,4 +1,5 @@ -{pkgs, ...}: { - home.packages = [pkgs.neofetch]; +{ pkgs, ... }: +{ + home.packages = [ pkgs.neofetch ]; xdg.configFile."neofetch/config.conf".source = ./config.conf; } diff --git a/home/spotify-player/default.nix b/home/spotify-player/default.nix index bbba13f..5b293e7 100644 --- a/home/spotify-player/default.nix +++ b/home/spotify-player/default.nix @@ -1,5 +1,6 @@ -{pkgs, ...}: { - home.packages = [pkgs.spotify-player]; +{ pkgs, ... }: +{ + home.packages = [ pkgs.spotify-player ]; xdg.configFile."spotify-player/app.toml" = { text = '' theme = "tokyonight" diff --git a/home/starship/default.nix b/home/starship/default.nix index b283cb7..7d9dd22 100644 --- a/home/starship/default.nix +++ b/home/starship/default.nix @@ -1,8 +1,5 @@ +{ config, lib, ... }: { - config, - lib, - ... -}: { home.sessionVariables.STARSHIP_CACHE = "${config.xdg.cacheHome}/starship"; programs.starship = { @@ -40,9 +37,7 @@ "$rust" "$golang" ]; - right_format = lib.concatStrings [ - "$nix_shell" - ]; + right_format = lib.concatStrings [ "$nix_shell" ]; character = { error_symbol = "[](bold red)"; success_symbol = "[](bold teal)"; @@ -77,7 +72,7 @@ impure_msg = "[impure shell](bold red)"; pure_msg = "[pure shell](bold green)"; unknown_msg = "[unknown shell](bold yellow)"; - format = "via [ $state( \($name\))](bold teal)"; + format = "via [ $state( ($name))](bold teal)"; }; git_branch = { symbol = ""; diff --git a/home/wayland/default.nix b/home/wayland/default.nix index 5676a23..ffe30d9 100644 --- a/home/wayland/default.nix +++ b/home/wayland/default.nix @@ -1,8 +1,5 @@ -{ - pkgs, - inputs, - ... -}: let +{ pkgs, inputs, ... }: +let dbus-hyprland-environment = pkgs.writeTextFile { name = "dbus-hyprland-environment"; destination = "/bin/dbus-hyprland-environment"; @@ -13,8 +10,9 @@ systemctl --user start pipewire wireplumber pipewire-media-session xdg-desktop-portal xdg-desktop-portal-hyprland ''; }; -in { - imports = [./greetd.nix]; +in +{ + imports = [ ./greetd.nix ]; environment = { systemPackages = with pkgs; [ dbus-hyprland-environment diff --git a/home/wayland/hyprland/config/general.nix b/home/wayland/hyprland/config/general.nix index 6ee13ba..4c62a72 100644 --- a/home/wayland/hyprland/config/general.nix +++ b/home/wayland/hyprland/config/general.nix @@ -1,11 +1,12 @@ -{pkgs, ...}: { +{ pkgs, ... }: +{ wayland.windowManager.hyprland = { settings = { monitor = [ - "HDMI-A-1,1920x1080@60, 3640x560, auto, transform, 3" #right - "DP-1,1920x1080@60, 0x560, auto, transform, 1" #left - "DP-2,2560x1440@144, 1080x1080, auto" #middle - "DP-3,1920x1080@144, 1400x0, auto" #top + "HDMI-A-1,1920x1080@60, 3640x560, auto, transform, 3" # right + "DP-1,1920x1080@60, 0x560, auto, transform, 1" # left + "DP-2,2560x1440@144, 1080x1080, auto" # middle + "DP-3,1920x1080@144, 1400x0, auto" # top ]; exec-once = [ "ags" diff --git a/home/yazi/default.nix b/home/yazi/default.nix index a2084d2..cf176e9 100644 --- a/home/yazi/default.nix +++ b/home/yazi/default.nix @@ -1,10 +1,10 @@ +{ config, pkgs, ... }: { - config, - pkgs, - ... -}: { xdg.configFile."yazi/init.lua".source = ./init.lua; - imports = [./keymap.nix ./openers.nix]; + imports = [ + ./keymap.nix + ./openers.nix + ]; programs.yazi = { enable = true; @@ -12,7 +12,11 @@ enableNushellIntegration = true; settings = { manager = { - ratio = [1 3 3]; + ratio = [ + 1 + 3 + 3 + ]; sort_by = "natural"; sort_reverse = false; sort_dir_first = true; diff --git a/home/yazi/keymap.nix b/home/yazi/keymap.nix index a890510..0c6160b 100644 --- a/home/yazi/keymap.nix +++ b/home/yazi/keymap.nix @@ -2,17 +2,17 @@ _: { programs.yazi.keymap = { manager.keymap = [ { - on = [""]; + on = [ "" ]; exec = "escape"; desc = "Exit visual mode; clear selected; or cancel search"; } { - on = ["q"]; + on = [ "q" ]; exec = "quit"; desc = "Exit the process"; } { - on = [""]; + on = [ "" ]; exec = "close"; desc = "Close the current tab; or quit if it is last tab"; } @@ -20,59 +20,65 @@ _: { # Navigation { - on = [""]; + on = [ "" ]; exec = "arrow -1"; desc = "Move cursor up"; } { - on = [""]; + on = [ "" ]; exec = "arrow 1"; desc = "Move cursor down"; } { - on = [""]; + on = [ "" ]; exec = "leave"; desc = "Go back to the parent directory"; } { - on = [""]; + on = [ "" ]; exec = "enter"; desc = "Enter the child directory"; } { - on = ["g" "g"]; + on = [ + "g" + "g" + ]; exec = "arrow -99999999"; desc = "Move cursor to the top"; } { - on = ["G"]; + on = [ "G" ]; exec = "arrow 99999999"; desc = "Move cursor to the bottom"; } # Selection { - on = [""]; - exec = ["select --state=none" "arrow 1"]; + on = [ "" ]; + exec = [ + "select --state=none" + "arrow 1" + ]; desc = "Toggle the current selection state"; } { - on = ["i"]; + on = [ "i" ]; exec = "visual_mode"; desc = "Enter visual mode (selection mode)"; } { - on = ["I"]; + on = [ "I" ]; exec = "visual_mode --unset"; desc = "Enter visual mode (unset mode)"; } { - on = [""]; + on = [ "" ]; exec = "select_all --state=true"; desc = "Select all files"; } { - on = [""]; + on = [ "" ]; exec = "select_all --state=none"; desc = "Inverse selection of all files"; } @@ -80,67 +86,67 @@ _: { # Operations { - on = [""]; + on = [ "" ]; exec = "open"; desc = "Open selected file(s)"; } { - on = ["y"]; + on = [ "y" ]; exec = "yank"; desc = "Copy selected file(s)"; } { - on = ["x"]; + on = [ "x" ]; exec = "yank --cut"; desc = "Cut selected file(s)"; } { - on = ["p"]; + on = [ "p" ]; exec = "paste"; desc = "Paste the file(s)"; } { - on = ["P"]; + on = [ "P" ]; exec = "paste --force"; desc = "Paste the files (overwrite)"; } { - on = ["d"]; + on = [ "d" ]; exec = "remove --permanently"; desc = "Permanently delete the file(s)"; } { - on = ["D"]; + on = [ "D" ]; exec = "remove --permanently"; desc = "Permanently delete the files(s)"; } { - on = ["a"]; + on = [ "a" ]; exec = "create"; desc = "create a file or directory (ends with / for directories)"; } { - on = ["r"]; + on = [ "r" ]; exec = "rename"; desc = "rename a file or directory"; } { - on = [":"]; + on = [ ":" ]; exec = "shell --block"; desc = "run a blocking shell command"; } { - on = ["."]; + on = [ "." ]; exec = "hidden toggle"; desc = "toggle hidden files"; } { - on = ["z"]; + on = [ "z" ]; exec = "jump zoxide"; desc = "jump to a directory using zoxide"; } { - on = ["Z"]; + on = [ "Z" ]; exec = "jump fzf"; desc = "reveal files with fzf"; } @@ -148,17 +154,26 @@ _: { # Copy { - on = ["c" "c"]; + on = [ + "c" + "c" + ]; exec = "copy path"; desc = "copy the absolute path"; } { - on = ["c" "d"]; + on = [ + "c" + "d" + ]; exec = "copy dirname"; desc = "copy parent directory path"; } { - on = ["c" "f"]; + on = [ + "c" + "f" + ]; exec = "copy filename"; desc = "copy file name"; } @@ -166,105 +181,105 @@ _: { # Find { - on = ["/"]; + on = [ "/" ]; exec = "find"; } { - on = ["?"]; + on = [ "?" ]; exec = "find --previous"; } { - on = ["n"]; + on = [ "n" ]; exec = "find_arrow"; } { - on = ["N"]; + on = [ "N" ]; exec = "find_arrow --previous"; } { - on = ["s"]; + on = [ "s" ]; exec = "search fd"; } { - on = ["S"]; + on = [ "S" ]; exec = "search rg"; } { - on = [""]; + on = [ "" ]; exec = "search none"; } # Tabs { - on = ["t"]; + on = [ "t" ]; exec = "tab_create --current"; desc = "Create a new tab using the current path"; } { - on = ["1"]; + on = [ "1" ]; exec = "tab_switch 0"; desc = "Switch to the first tab"; } { - on = ["2"]; + on = [ "2" ]; exec = "tab_switch 1"; desc = "Switch to the second tab"; } { - on = ["3"]; + on = [ "3" ]; exec = "tab_switch 2"; desc = "Switch to the third tab"; } { - on = ["4"]; + on = [ "4" ]; exec = "tab_switch 3"; desc = "Switch to the fourth tab"; } { - on = ["5"]; + on = [ "5" ]; exec = "tab_switch 4"; desc = "Switch to the fifth tab"; } { - on = ["6"]; + on = [ "6" ]; exec = "tab_switch 5"; desc = "Switch to the sixth tab"; } { - on = ["7"]; + on = [ "7" ]; exec = "tab_switch 6"; desc = "Switch to the seventh tab"; } { - on = ["8"]; + on = [ "8" ]; exec = "tab_switch 7"; desc = "Switch to the eighth tab"; } { - on = ["9"]; + on = [ "9" ]; exec = "tab_switch 8"; desc = "Switch to the ninth tab"; } { - on = ["["]; + on = [ "[" ]; exec = "tab_switch -1 --relative"; desc = "Switch to the previous tab"; } { - on = ["]"]; + on = [ "]" ]; exec = "tab_switch 1 --relative"; desc = "Switch to the next tab"; } { - on = ["{"]; + on = [ "{" ]; exec = "tab_swap -1"; desc = "Swap the current tab with the previous tab"; } { - on = ["}"]; + on = [ "}" ]; exec = "tab_swap 1"; desc = "Swap the current tab with the next tab"; } @@ -272,7 +287,7 @@ _: { # Tasks { - on = ["w"]; + on = [ "w" ]; exec = "tasks_show"; desc = "Show the tasks manager"; } @@ -280,7 +295,7 @@ _: { # Help { - on = ["~"]; + on = [ "~" ]; exec = "help"; desc = "Open help"; } diff --git a/home/yazi/openers.nix b/home/yazi/openers.nix index 2a20753..2571ddd 100644 --- a/home/yazi/openers.nix +++ b/home/yazi/openers.nix @@ -1,25 +1,42 @@ -{pkgs, ...}: { +{ pkgs, ... }: +{ programs.yazi.settings = { open.rules = [ { mime = "text/*"; - use = ["edit" "reveal"]; + use = [ + "edit" + "reveal" + ]; } { mime = "image/*"; - use = ["image" "reveal"]; + use = [ + "image" + "reveal" + ]; } { mime = "video/*"; - use = ["play" "reveal"]; + use = [ + "play" + "reveal" + ]; } { mime = "application/json"; - use = ["edit" "reveal"]; + use = [ + "edit" + "reveal" + ]; } { mime = "*"; - use = ["edit" "open" "reveal"]; + use = [ + "edit" + "open" + "reveal" + ]; } ]; opener = { diff --git a/home/zellij/default.nix b/home/zellij/default.nix index 205e4b2..932915e 100644 --- a/home/zellij/default.nix +++ b/home/zellij/default.nix @@ -1,7 +1,5 @@ _: { - imports = [ - ./layouts.nix - ]; + imports = [ ./layouts.nix ]; programs.zellij = { enable = true; diff --git a/hosts/ame/default.nix b/hosts/ame/default.nix index a77443a..951855f 100644 --- a/hosts/ame/default.nix +++ b/hosts/ame/default.nix @@ -1,4 +1,5 @@ -{...}: { +{ ... }: +{ imports = [ ./hardware.nix ./services diff --git a/hosts/ame/hardware.nix b/hosts/ame/hardware.nix index fdde3e6..9fae2b7 100644 --- a/hosts/ame/hardware.nix +++ b/hosts/ame/hardware.nix @@ -3,14 +3,13 @@ lib, modulesPath, ... -}: { - imports = [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; +}: +{ + imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; boot = { - kernelModules = ["kvm-intel"]; - extraModulePackages = []; + kernelModules = [ "kvm-intel" ]; + extraModulePackages = [ ]; loader = { systemd-boot = { enable = true; @@ -22,8 +21,13 @@ }; }; initrd = { - availableKernelModules = ["xhci_pci" "ahci" "usb_storage" "sd_mod"]; - kernelModules = []; + availableKernelModules = [ + "xhci_pci" + "ahci" + "usb_storage" + "sd_mod" + ]; + kernelModules = [ ]; }; }; @@ -42,9 +46,7 @@ }; }; - swapDevices = [ - {device = "/dev/disk/by-uuid/4f69ab31-f6a9-4799-92f1-5abbe0dc9180";} - ]; + swapDevices = [ { device = "/dev/disk/by-uuid/4f69ab31-f6a9-4799-92f1-5abbe0dc9180"; } ]; networking.useDHCP = lib.mkDefault true; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; diff --git a/hosts/ame/home.nix b/hosts/ame/home.nix index ba309df..5d0fe10 100755 --- a/hosts/ame/home.nix +++ b/hosts/ame/home.nix @@ -1,4 +1,5 @@ -{pkgs, ...}: { +{ pkgs, ... }: +{ imports = [ ../../home ../../home/anyrun @@ -35,7 +36,7 @@ wl-clipboard swww hyprpicker - (libsForQt5.callPackage ../../pkgs/chatterino7 {}) + (libsForQt5.callPackage ../../pkgs/chatterino7 { }) ]; stateVersion = "23.05"; }; diff --git a/hosts/ame/services/default.nix b/hosts/ame/services/default.nix index 3175140..8ab063a 100644 --- a/hosts/ame/services/default.nix +++ b/hosts/ame/services/default.nix @@ -1,5 +1,4 @@ -{...}: { - imports = [ - ./restic.nix - ]; +{ ... }: +{ + imports = [ ./restic.nix ]; } diff --git a/hosts/ame/services/restic.nix b/hosts/ame/services/restic.nix index af51f37..c9555b6 100644 --- a/hosts/ame/services/restic.nix +++ b/hosts/ame/services/restic.nix @@ -1,17 +1,16 @@ +{ pkgs, config, ... }: { - pkgs, - config, - ... -}: { - sops.secrets.restic-ame = {sopsFile = ../../../secrets/restic/secrets.yaml;}; - sops.secrets.ame-s3 = {sopsFile = ../../../secrets/s3/secrets.yaml;}; - environment.systemPackages = [pkgs.restic]; + sops.secrets.restic-ame = { + sopsFile = ../../../secrets/restic/secrets.yaml; + }; + sops.secrets.ame-s3 = { + sopsFile = ../../../secrets/s3/secrets.yaml; + }; + environment.systemPackages = [ pkgs.restic ]; services.restic = { backups = { ame = { - paths = [ - "/home" - ]; + paths = [ "/home" ]; exclude = [ "*.qcow2" "*.iso" diff --git a/hosts/arashi/default.nix b/hosts/arashi/default.nix index 0ceef1f..a38003c 100644 --- a/hosts/arashi/default.nix +++ b/hosts/arashi/default.nix @@ -1,4 +1,5 @@ -{...}: { +{ ... }: +{ imports = [ ./hardware.nix ./services diff --git a/hosts/arashi/hardware.nix b/hosts/arashi/hardware.nix index 34febfc..15b3072 100644 --- a/hosts/arashi/hardware.nix +++ b/hosts/arashi/hardware.nix @@ -1,16 +1,13 @@ +{ lib, modulesPath, ... }: { - lib, - modulesPath, - ... -}: { - imports = [ - (modulesPath + "/profiles/qemu-guest.nix") - ]; + imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; boot = { - kernelModules = []; - kernel.sysctl = {"kernel.shmmax" = 100663296;}; - extraModulePackages = []; + kernelModules = [ ]; + kernel.sysctl = { + "kernel.shmmax" = 100663296; + }; + extraModulePackages = [ ]; loader.grub = { enable = true; configurationLimit = 5; @@ -18,8 +15,15 @@ useOSProber = false; }; initrd = { - availableKernelModules = ["ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod"]; - kernelModules = []; + availableKernelModules = [ + "ata_piix" + "uhci_hcd" + "virtio_pci" + "virtio_scsi" + "sd_mod" + "sr_mod" + ]; + kernelModules = [ ]; }; }; @@ -34,9 +38,7 @@ }; }; - swapDevices = [ - {device = "/dev/disk/by-uuid/e9eb4b6a-e9a1-4616-8c82-349d2f38d140";} - ]; + swapDevices = [ { device = "/dev/disk/by-uuid/e9eb4b6a-e9a1-4616-8c82-349d2f38d140"; } ]; networking.useDHCP = lib.mkDefault true; diff --git a/hosts/arashi/home.nix b/hosts/arashi/home.nix index c7eafac..3341f1e 100644 --- a/hosts/arashi/home.nix +++ b/hosts/arashi/home.nix @@ -1,7 +1,6 @@ -{...}: { - imports = [ - ../../home - ]; +{ ... }: +{ + imports = [ ../../home ]; systemd.user.startServices = "sd-switch"; programs.home-manager.enable = true; diff --git a/hosts/arashi/services/postgresql.nix b/hosts/arashi/services/postgresql.nix index 3062006..fe47c63 100644 --- a/hosts/arashi/services/postgresql.nix +++ b/hosts/arashi/services/postgresql.nix @@ -1,9 +1,6 @@ +{ pkgs, lib, ... }: { - pkgs, - lib, - ... -}: { - networking.firewall.allowedTCPPorts = [5432]; + networking.firewall.allowedTCPPorts = [ 5432 ]; services.postgresql = { enable = true; enableTCPIP = true; diff --git a/hosts/arashi/services/redis.nix b/hosts/arashi/services/redis.nix index 6574a4e..5a684f7 100644 --- a/hosts/arashi/services/redis.nix +++ b/hosts/arashi/services/redis.nix @@ -1,5 +1,6 @@ -{pkgs, ...}: { - environment.systemPackages = [pkgs.redis-dump]; +{ pkgs, ... }: +{ + environment.systemPackages = [ pkgs.redis-dump ]; services.redis.servers = { forgejo = { enable = true; diff --git a/hosts/arashi/services/restic.nix b/hosts/arashi/services/restic.nix index 5ed8f56..1100f70 100644 --- a/hosts/arashi/services/restic.nix +++ b/hosts/arashi/services/restic.nix @@ -1,17 +1,14 @@ +{ pkgs, config, ... }: { - pkgs, - config, - ... -}: { - sops.secrets.restic-arashi = {sopsFile = ../../../secrets/restic/secrets.yaml;}; - environment.systemPackages = [pkgs.restic]; + sops.secrets.restic-arashi = { + sopsFile = ../../../secrets/restic/secrets.yaml; + }; + environment.systemPackages = [ pkgs.restic ]; services.restic = { backups = { arashi = { user = "root"; - paths = [ - "/var/backup/" - ]; + paths = [ "/var/backup/" ]; pruneOpts = [ "--keep-daily=7" "--keep-weekly=6" diff --git a/hosts/default.nix b/hosts/default.nix index 22ff50c..3cefd6e 100644 --- a/hosts/default.nix +++ b/hosts/default.nix @@ -1,4 +1,5 @@ -inputs: let +inputs: +let system = "x86_64-linux"; sopsModule = inputs.sops-nix.nixosModules.sops; hmModule = inputs.home-manager.nixosModules.home-manager; @@ -9,10 +10,13 @@ inputs: let atticModule = inputs.attic.nixosModules.atticd; nurModule = inputs.nur.nixosModules.nur; inherit (inputs.nixpkgs.lib) nixosSystem; -in { +in +{ tsuki = nixosSystem { inherit system; - specialArgs = {inherit inputs;}; + specialArgs = { + inherit inputs; + }; modules = [ ./tsuki sopsModule @@ -23,7 +27,9 @@ in { home-manager = { useGlobalPkgs = true; useUserPackages = true; - extraSpecialArgs = {inherit inputs;}; + extraSpecialArgs = { + inherit inputs; + }; users.notoh = { imports = [ ./tsuki/home.nix @@ -39,7 +45,9 @@ in { }; sakura = nixosSystem { inherit system; - specialArgs = {inherit inputs;}; + specialArgs = { + inherit inputs; + }; modules = [ ./sakura sopsModule @@ -48,11 +56,11 @@ in { home-manager = { useGlobalPkgs = true; useUserPackages = true; - extraSpecialArgs = {inherit inputs;}; + extraSpecialArgs = { + inherit inputs; + }; users.notoh = { - imports = [ - ./sakura/home.nix - ]; + imports = [ ./sakura/home.nix ]; }; }; } @@ -60,7 +68,9 @@ in { }; kariru = nixosSystem { inherit system; - specialArgs = {inherit inputs;}; + specialArgs = { + inherit inputs; + }; modules = [ ./kariru sopsModule @@ -69,11 +79,11 @@ in { home-manager = { useGlobalPkgs = true; useUserPackages = true; - extraSpecialArgs = {inherit inputs;}; + extraSpecialArgs = { + inherit inputs; + }; users.notoh = { - imports = [ - ./kariru/home.nix - ]; + imports = [ ./kariru/home.nix ]; }; }; } @@ -81,7 +91,9 @@ in { }; yuki = nixosSystem { inherit system; - specialArgs = {inherit inputs;}; + specialArgs = { + inherit inputs; + }; modules = [ ./yuki sopsModule @@ -90,11 +102,11 @@ in { home-manager = { useGlobalPkgs = true; useUserPackages = true; - extraSpecialArgs = {inherit inputs;}; + extraSpecialArgs = { + inherit inputs; + }; users.notoh = { - imports = [ - ./yuki/home.nix - ]; + imports = [ ./yuki/home.nix ]; }; }; } @@ -102,7 +114,9 @@ in { }; ame = nixosSystem { inherit system; - specialArgs = {inherit inputs;}; + specialArgs = { + inherit inputs; + }; modules = [ ./ame sopsModule @@ -111,7 +125,9 @@ in { home-manager = { useGlobalPkgs = true; useUserPackages = true; - extraSpecialArgs = {inherit inputs;}; + extraSpecialArgs = { + inherit inputs; + }; users.notoh = { imports = [ ./ame/home.nix @@ -125,7 +141,9 @@ in { }; arashi = nixosSystem { inherit system; - specialArgs = {inherit inputs;}; + specialArgs = { + inherit inputs; + }; modules = [ ./arashi sopsModule @@ -134,11 +152,11 @@ in { home-manager = { useGlobalPkgs = true; useUserPackages = true; - extraSpecialArgs = {inherit inputs;}; + extraSpecialArgs = { + inherit inputs; + }; users.notoh = { - imports = [ - ./arashi/home.nix - ]; + imports = [ ./arashi/home.nix ]; }; }; } @@ -146,7 +164,9 @@ in { }; sora = nixosSystem { inherit system; - specialArgs = {inherit inputs;}; + specialArgs = { + inherit inputs; + }; modules = [ ./sora sopsModule @@ -156,11 +176,11 @@ in { home-manager = { useGlobalPkgs = true; useUserPackages = true; - extraSpecialArgs = {inherit inputs;}; + extraSpecialArgs = { + inherit inputs; + }; users.notoh = { - imports = [ - ./sora/home.nix - ]; + imports = [ ./sora/home.nix ]; }; }; } @@ -168,7 +188,9 @@ in { }; tsuru = nixosSystem { inherit system; - specialArgs = {inherit inputs;}; + specialArgs = { + inherit inputs; + }; modules = [ ./tsuru sopsModule @@ -177,11 +199,11 @@ in { home-manager = { useGlobalPkgs = true; useUserPackages = true; - extraSpecialArgs = {inherit inputs;}; + extraSpecialArgs = { + inherit inputs; + }; users.notoh = { - imports = [ - ./tsuru/home.nix - ]; + imports = [ ./tsuru/home.nix ]; }; }; } @@ -189,7 +211,9 @@ in { }; haru = nixosSystem { inherit system; - specialArgs = {inherit inputs;}; + specialArgs = { + inherit inputs; + }; modules = [ ./haru sopsModule @@ -198,11 +222,11 @@ in { home-manager = { useGlobalPkgs = true; useUserPackages = true; - extraSpecialArgs = {inherit inputs;}; + extraSpecialArgs = { + inherit inputs; + }; users.notoh = { - imports = [ - ./haru/home.nix - ]; + imports = [ ./haru/home.nix ]; }; }; } @@ -210,7 +234,9 @@ in { }; kaze = nixosSystem { inherit system; - specialArgs = {inherit inputs;}; + specialArgs = { + inherit inputs; + }; modules = [ ./kaze sopsModule @@ -219,11 +245,11 @@ in { home-manager = { useGlobalPkgs = true; useUserPackages = true; - extraSpecialArgs = {inherit inputs;}; + extraSpecialArgs = { + inherit inputs; + }; users.notoh = { - imports = [ - ./kaze/home.nix - ]; + imports = [ ./kaze/home.nix ]; }; }; } diff --git a/hosts/deploy.nix b/hosts/deploy.nix index ad4bde0..9712600 100644 --- a/hosts/deploy.nix +++ b/hosts/deploy.nix @@ -7,7 +7,11 @@ inputs: { path = activate.nixos inputs.self.nixosConfigurations.sakura; }; sshUser = "root"; - sshOpts = ["-t" "-i" "~/.ssh/forgejo"]; + sshOpts = [ + "-t" + "-i" + "~/.ssh/forgejo" + ]; magicRollback = true; }; kariru = { @@ -17,7 +21,11 @@ inputs: { path = activate.nixos inputs.self.nixosConfigurations.kariru; }; sshUser = "root"; - sshOpts = ["-t" "-i" "~/.ssh/forgejo"]; + sshOpts = [ + "-t" + "-i" + "~/.ssh/forgejo" + ]; magicRollback = true; }; yuki = { @@ -27,7 +35,11 @@ inputs: { path = activate.nixos inputs.self.nixosConfigurations.yuki; }; sshUser = "root"; - sshOpts = ["-t" "-i" "~/.ssh/forgejo"]; + sshOpts = [ + "-t" + "-i" + "~/.ssh/forgejo" + ]; magicRollback = true; }; arashi = { @@ -37,7 +49,11 @@ inputs: { path = activate.nixos inputs.self.nixosConfigurations.arashi; }; sshUser = "root"; - sshOpts = ["-t" "-i" "~/.ssh/forgejo"]; + sshOpts = [ + "-t" + "-i" + "~/.ssh/forgejo" + ]; magicRollback = true; }; sora = { @@ -47,7 +63,11 @@ inputs: { path = activate.nixos inputs.self.nixosConfigurations.sora; }; sshUser = "root"; - sshOpts = ["-t" "-i" "~/.ssh/forgejo"]; + sshOpts = [ + "-t" + "-i" + "~/.ssh/forgejo" + ]; magicRollback = true; }; tsuru = { @@ -57,7 +77,11 @@ inputs: { path = activate.nixos inputs.self.nixosConfigurations.tsuru; }; sshUser = "root"; - sshOpts = ["-t" "-i" "~/.ssh/forgejo"]; + sshOpts = [ + "-t" + "-i" + "~/.ssh/forgejo" + ]; magicRollback = true; }; haru = { @@ -67,7 +91,11 @@ inputs: { path = activate.nixos inputs.self.nixosConfigurations.haru; }; sshUser = "root"; - sshOpts = ["-t" "-i" "~/.ssh/forgejo"]; + sshOpts = [ + "-t" + "-i" + "~/.ssh/forgejo" + ]; magicRollback = true; }; kaze = { @@ -77,7 +105,11 @@ inputs: { path = activate.nixos inputs.self.nixosConfigurations.kaze; }; sshUser = "root"; - sshOpts = ["-t" "-i" "~/.ssh/forgejo"]; + sshOpts = [ + "-t" + "-i" + "~/.ssh/forgejo" + ]; magicRollback = true; }; }; diff --git a/hosts/haru/default.nix b/hosts/haru/default.nix index c7f3ef6..4a65798 100644 --- a/hosts/haru/default.nix +++ b/hosts/haru/default.nix @@ -1,4 +1,5 @@ -{...}: { +{ ... }: +{ imports = [ ./hardware.nix ./services diff --git a/hosts/haru/hardware.nix b/hosts/haru/hardware.nix index 26d580b..3c64ace 100644 --- a/hosts/haru/hardware.nix +++ b/hosts/haru/hardware.nix @@ -1,15 +1,10 @@ +{ lib, modulesPath, ... }: { - lib, - modulesPath, - ... -}: { - imports = [ - (modulesPath + "/profiles/qemu-guest.nix") - ]; + imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; boot = { - kernelModules = []; - extraModulePackages = []; + kernelModules = [ ]; + extraModulePackages = [ ]; loader.grub = { enable = true; configurationLimit = 5; @@ -17,8 +12,15 @@ useOSProber = false; }; initrd = { - availableKernelModules = ["ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod"]; - kernelModules = []; + availableKernelModules = [ + "ata_piix" + "uhci_hcd" + "virtio_pci" + "virtio_scsi" + "sd_mod" + "sr_mod" + ]; + kernelModules = [ ]; }; }; @@ -29,9 +31,7 @@ }; }; - swapDevices = [ - {device = "/dev/disk/by-uuid/c879fa21-fd80-422c-9aef-0becce5ff19c";} - ]; + swapDevices = [ { device = "/dev/disk/by-uuid/c879fa21-fd80-422c-9aef-0becce5ff19c"; } ]; networking.useDHCP = lib.mkDefault true; diff --git a/hosts/haru/home.nix b/hosts/haru/home.nix index c7eafac..3341f1e 100644 --- a/hosts/haru/home.nix +++ b/hosts/haru/home.nix @@ -1,7 +1,6 @@ -{...}: { - imports = [ - ../../home - ]; +{ ... }: +{ + imports = [ ../../home ]; systemd.user.startServices = "sd-switch"; programs.home-manager.enable = true; diff --git a/hosts/haru/services/blocky.nix b/hosts/haru/services/blocky.nix index 1ea5bc3..5660c50 100644 --- a/hosts/haru/services/blocky.nix +++ b/hosts/haru/services/blocky.nix @@ -1,8 +1,12 @@ -{pkgs, ...}: { - networking.firewall.allowedTCPPorts = [53 4000]; - networking.firewall.allowedUDPPorts = [53]; +{ pkgs, ... }: +{ + networking.firewall.allowedTCPPorts = [ + 53 + 4000 + ]; + networking.firewall.allowedUDPPorts = [ 53 ]; - environment.systemPackages = [pkgs.blocky]; + environment.systemPackages = [ pkgs.blocky ]; services.blocky = { enable = true; @@ -72,25 +76,25 @@ "https://zerodot1.gitlab.io/CoinBlockerLists/hosts_browser" "https://raw.githubusercontent.com/StevenBlack/hosts/master/alternates/fakenews-only/hosts" ]; - catchall = [ - "https://big.oisd.nl/domainswild" - ]; - }; - whiteLists = let - customWhitelist = pkgs.writeText "misc.txt" '' - ax.phobos.apple.com.edgesuite.net - amp-api-edge.apps.apple.com - (\.|^)dscx\.akamaiedge\.net$ - (\.|^)wac\.phicdn\.net$ - *.flake.sh - ''; - in { - ads = [ - "https://raw.githubusercontent.com/anudeepND/whitelist/master/domains/whitelist.txt" - "https://raw.githubusercontent.com/anudeepND/whitelist/master/domains/optional-list.txt" - ]; - misc = [customWhitelist]; + catchall = [ "https://big.oisd.nl/domainswild" ]; }; + whiteLists = + let + customWhitelist = pkgs.writeText "misc.txt" '' + ax.phobos.apple.com.edgesuite.net + amp-api-edge.apps.apple.com + (\.|^)dscx\.akamaiedge\.net$ + (\.|^)wac\.phicdn\.net$ + *.flake.sh + ''; + in + { + ads = [ + "https://raw.githubusercontent.com/anudeepND/whitelist/master/domains/whitelist.txt" + "https://raw.githubusercontent.com/anudeepND/whitelist/master/domains/optional-list.txt" + ]; + misc = [ customWhitelist ]; + }; clientGroupsBlock = { default = [ "ads" @@ -103,39 +107,41 @@ }; customDNS = { customTTL = "1h"; - mapping = let - yukiIp = "192.168.1.98"; - in { - # infra + mapping = + let + yukiIp = "192.168.1.98"; + in + { + # infra - "truenas.internal.flake.sh" = "192.168.1.199"; - "hass.internal.flake.sh" = "${yukiIp}"; - "dashboard.internal.flake.sh" = "${yukiIp}"; - "udm.internal.flake.sh" = "192.168.1.1"; - "pve.internal.flake.sh" = "192.168.1.37"; - "pbs.internal.flake.sh" = "192.168.1.38"; + "truenas.internal.flake.sh" = "192.168.1.199"; + "hass.internal.flake.sh" = "${yukiIp}"; + "dashboard.internal.flake.sh" = "${yukiIp}"; + "udm.internal.flake.sh" = "192.168.1.1"; + "pve.internal.flake.sh" = "192.168.1.37"; + "pbs.internal.flake.sh" = "192.168.1.38"; - # media + # media - "jellyfin.internal.flake.sh" = "${yukiIp}"; - "jellyseerr.internal.flake.sh" = "${yukiIp}"; - "sonarr.internal.flake.sh" = "${yukiIp}"; - "radarr.internal.flake.sh" = "${yukiIp}"; - "readarr.internal.flake.sh" = "${yukiIp}"; - "lidarr.internal.flake.sh" = "${yukiIp}"; - "whisparr.internal.flake.sh" = "${yukiIp}"; - "bazarr.internal.flake.sh" = "${yukiIp}"; - "prowlarr.internal.flake.sh" = "${yukiIp}"; - "stash.internal.flake.sh" = "${yukiIp}"; - "nextcloud.internal.flake.sh" = "192.168.1.199"; + "jellyfin.internal.flake.sh" = "${yukiIp}"; + "jellyseerr.internal.flake.sh" = "${yukiIp}"; + "sonarr.internal.flake.sh" = "${yukiIp}"; + "radarr.internal.flake.sh" = "${yukiIp}"; + "readarr.internal.flake.sh" = "${yukiIp}"; + "lidarr.internal.flake.sh" = "${yukiIp}"; + "whisparr.internal.flake.sh" = "${yukiIp}"; + "bazarr.internal.flake.sh" = "${yukiIp}"; + "prowlarr.internal.flake.sh" = "${yukiIp}"; + "stash.internal.flake.sh" = "${yukiIp}"; + "nextcloud.internal.flake.sh" = "192.168.1.199"; - # misc + # misc - "wallos.internal.flake.sh" = "${yukiIp}"; - "synology.internal.flake.sh" = "192.168.1.71"; - "paperless.internal.flake.sh" = "${yukiIp}"; - "rss.internal.flake.sh" = "${yukiIp}"; - }; + "wallos.internal.flake.sh" = "${yukiIp}"; + "synology.internal.flake.sh" = "192.168.1.71"; + "paperless.internal.flake.sh" = "${yukiIp}"; + "rss.internal.flake.sh" = "${yukiIp}"; + }; }; redis = { address = "192.168.1.211:6381"; diff --git a/hosts/kariru/default.nix b/hosts/kariru/default.nix index 2afeffc..ee0571c 100644 --- a/hosts/kariru/default.nix +++ b/hosts/kariru/default.nix @@ -1,4 +1,5 @@ -{...}: { +{ ... }: +{ imports = [ ./hardware.nix ./services diff --git a/hosts/kariru/hardware.nix b/hosts/kariru/hardware.nix index 9e7e325..3eb08ab 100644 --- a/hosts/kariru/hardware.nix +++ b/hosts/kariru/hardware.nix @@ -1,15 +1,10 @@ +{ lib, modulesPath, ... }: { - lib, - modulesPath, - ... -}: { - imports = [ - (modulesPath + "/profiles/qemu-guest.nix") - ]; + imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; boot = { - kernelModules = []; - extraModulePackages = []; + kernelModules = [ ]; + extraModulePackages = [ ]; loader.grub = { enable = true; configurationLimit = 5; @@ -17,8 +12,15 @@ useOSProber = false; }; initrd = { - availableKernelModules = ["ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod"]; - kernelModules = []; + availableKernelModules = [ + "ata_piix" + "uhci_hcd" + "virtio_pci" + "virtio_scsi" + "sd_mod" + "sr_mod" + ]; + kernelModules = [ ]; }; }; @@ -41,9 +43,7 @@ }; }; - swapDevices = [ - {device = "/dev/disk/by-uuid/f28bad28-ae14-4aa7-85c5-47abe46bae56";} - ]; + swapDevices = [ { device = "/dev/disk/by-uuid/f28bad28-ae14-4aa7-85c5-47abe46bae56"; } ]; networking.useDHCP = lib.mkDefault true; diff --git a/hosts/kariru/home.nix b/hosts/kariru/home.nix index c7eafac..3341f1e 100644 --- a/hosts/kariru/home.nix +++ b/hosts/kariru/home.nix @@ -1,7 +1,6 @@ -{...}: { - imports = [ - ../../home - ]; +{ ... }: +{ + imports = [ ../../home ]; systemd.user.startServices = "sd-switch"; programs.home-manager.enable = true; diff --git a/hosts/kariru/services/default.nix b/hosts/kariru/services/default.nix index 20560e2..1bd96cc 100644 --- a/hosts/kariru/services/default.nix +++ b/hosts/kariru/services/default.nix @@ -1,12 +1,13 @@ -{pkgs, ...}: { - networking.firewall.allowedTCPPorts = [9292]; +{ pkgs, ... }: +{ + networking.firewall.allowedTCPPorts = [ 9292 ]; imports = [ ./restic.nix ./torrent.nix ]; - environment.systemPackages = [pkgs.recyclarr]; + environment.systemPackages = [ pkgs.recyclarr ]; services = { radarr = { enable = true; @@ -38,18 +39,18 @@ virtualisation.oci-containers.containers = { whisparr = { image = "ghcr.io/hotio/whisparr@sha256:88b91920b77339e2deda418960be28868df538413abea6cdddaf4013e43c4c0f"; # v3-3.0.0.425 - ports = ["6969:6969"]; + ports = [ "6969:6969" ]; volumes = [ "/var/lib/whisparr:/config" "/stash:/media/stash" "/media/downloads:/media/downloads" ]; - extraOptions = ["--network=host"]; + extraOptions = [ "--network=host" ]; }; flaresolverr = { image = "ghcr.io/flaresolverr/flaresolverr@sha256:213bb58aa341a0188e64ce2c21e1c5748b167c719828bc61dd904eb0fb1aec63"; # v3.3.13 - ports = ["8191:8191"]; - extraOptions = ["--network=host"]; + ports = [ "8191:8191" ]; + extraOptions = [ "--network=host" ]; }; }; } diff --git a/hosts/kariru/services/restic.nix b/hosts/kariru/services/restic.nix index 53d859d..2762d04 100644 --- a/hosts/kariru/services/restic.nix +++ b/hosts/kariru/services/restic.nix @@ -1,10 +1,9 @@ +{ pkgs, config, ... }: { - pkgs, - config, - ... -}: { - sops.secrets.restic-kariru = {sopsFile = ../../../secrets/restic/secrets.yaml;}; - environment.systemPackages = [pkgs.restic]; + sops.secrets.restic-kariru = { + sopsFile = ../../../secrets/restic/secrets.yaml; + }; + environment.systemPackages = [ pkgs.restic ]; services.restic = { backups = { kariru = { diff --git a/hosts/kariru/services/torrent.nix b/hosts/kariru/services/torrent.nix index 4c67c14..53d7ee3 100644 --- a/hosts/kariru/services/torrent.nix +++ b/hosts/kariru/services/torrent.nix @@ -1,24 +1,25 @@ -{config, ...}: { - sops.secrets.gluetun = {}; +{ config, ... }: +{ + sops.secrets.gluetun = { }; virtualisation.oci-containers.containers = { gluetun = { - image = "qmcgaw/gluetun@sha256:e15ede3ce007e3f6e3f6532c7d8d6051f4bb0dca4bb3c5edd7aa3316916e9990"; #v3.37.0 + image = "qmcgaw/gluetun@sha256:e15ede3ce007e3f6e3f6532c7d8d6051f4bb0dca4bb3c5edd7aa3316916e9990"; # v3.37.0 hostname = "gluetun"; ports = [ "8000:8000/tcp" # HTTP control server "8888:8888/tcp" # HTTP proxy "8388:8388/tcp" # Shadowsocks "8388:8388/udp" # Shadowsocks - "8080:8080" #qb - "6881:6881" #qb - "6881:6881/udp" #qb + "8080:8080" # qb + "6881:6881" # qb + "6881:6881/udp" # qb ]; - environmentFiles = [config.sops.secrets.gluetun.path]; - extraOptions = ["--cap-add=NET_ADMIN"]; + environmentFiles = [ config.sops.secrets.gluetun.path ]; + extraOptions = [ "--cap-add=NET_ADMIN" ]; }; qbittorrent = { image = "linuxserver/qbittorrent@sha256:c388ef02586a7d37c708c63eef069025663f4ac99cd29c9480bc34018d8b4194"; # v4.6.3 - dependsOn = ["gluetun"]; + dependsOn = [ "gluetun" ]; environment = { PUID = "1001"; PGID = "2001"; @@ -30,7 +31,7 @@ "/media/downloads:/downloads" "/media/incomplete-downloads:/incomplete-downloads" ]; - extraOptions = ["--network=container:gluetun"]; + extraOptions = [ "--network=container:gluetun" ]; }; }; } diff --git a/hosts/kaze/default.nix b/hosts/kaze/default.nix index 17ec406..2d59005 100644 --- a/hosts/kaze/default.nix +++ b/hosts/kaze/default.nix @@ -1,4 +1,5 @@ -{...}: { +{ ... }: +{ imports = [ ./hardware.nix ./services diff --git a/hosts/kaze/hardware.nix b/hosts/kaze/hardware.nix index 88bb176..c555e26 100644 --- a/hosts/kaze/hardware.nix +++ b/hosts/kaze/hardware.nix @@ -1,15 +1,10 @@ +{ lib, modulesPath, ... }: { - lib, - modulesPath, - ... -}: { - imports = [ - (modulesPath + "/profiles/qemu-guest.nix") - ]; + imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; boot = { - kernelModules = ["kvm-amd"]; - extraModulePackages = []; + kernelModules = [ "kvm-amd" ]; + extraModulePackages = [ ]; loader.grub = { enable = true; configurationLimit = 5; @@ -17,8 +12,16 @@ useOSProber = true; }; initrd = { - availableKernelModules = ["ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" "virtio_blk"]; - kernelModules = []; + availableKernelModules = [ + "ata_piix" + "uhci_hcd" + "virtio_pci" + "virtio_scsi" + "sd_mod" + "sr_mod" + "virtio_blk" + ]; + kernelModules = [ ]; }; }; @@ -33,9 +36,7 @@ }; }; - swapDevices = [ - {device = "/dev/disk/by-uuid/100a4262-ce57-47a7-b99a-f124a8e369de";} - ]; + swapDevices = [ { device = "/dev/disk/by-uuid/100a4262-ce57-47a7-b99a-f124a8e369de"; } ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's diff --git a/hosts/kaze/home.nix b/hosts/kaze/home.nix index c7eafac..3341f1e 100644 --- a/hosts/kaze/home.nix +++ b/hosts/kaze/home.nix @@ -1,7 +1,6 @@ -{...}: { - imports = [ - ../../home - ]; +{ ... }: +{ + imports = [ ../../home ]; systemd.user.startServices = "sd-switch"; programs.home-manager.enable = true; diff --git a/hosts/kaze/services/minio.nix b/hosts/kaze/services/minio.nix index 3fe5120..577cb2b 100644 --- a/hosts/kaze/services/minio.nix +++ b/hosts/kaze/services/minio.nix @@ -1,27 +1,28 @@ +{ config, pkgs, ... }: { - config, - pkgs, - ... -}: { - environment.systemPackages = [pkgs.minio-client]; + environment.systemPackages = [ pkgs.minio-client ]; - systemd.services.minio.environment = {MINIO_BROWSER_REDIRECT = "false";}; + systemd.services.minio.environment = { + MINIO_BROWSER_REDIRECT = "false"; + }; sops.secrets.minio = { owner = "minio"; group = "minio"; mode = "0600"; - restartUnits = ["minio.service"]; - }; - services.minio = let - dataDir = "/var/lib/slab/minio"; - in { - enable = true; - region = "us-east-1"; - consoleAddress = "0.0.0.0:9006"; - listenAddress = "0.0.0.0:9005"; - rootCredentialsFile = config.sops.secrets.minio.path; - dataDir = ["${dataDir}/data"]; - configDir = "${dataDir}/config"; + restartUnits = [ "minio.service" ]; }; + services.minio = + let + dataDir = "/var/lib/slab/minio"; + in + { + enable = true; + region = "us-east-1"; + consoleAddress = "0.0.0.0:9006"; + listenAddress = "0.0.0.0:9005"; + rootCredentialsFile = config.sops.secrets.minio.path; + dataDir = [ "${dataDir}/data" ]; + configDir = "${dataDir}/config"; + }; } diff --git a/hosts/kaze/services/tailscale.nix b/hosts/kaze/services/tailscale.nix index b81ec21..79883d0 100644 --- a/hosts/kaze/services/tailscale.nix +++ b/hosts/kaze/services/tailscale.nix @@ -3,22 +3,34 @@ lib, pkgs, ... -}: { - sops.secrets.tsauth-kaze = {sopsFile = ../../../secrets/tailscale/secrets.yaml;}; - environment.systemPackages = [pkgs.jq pkgs.tailscale]; +}: +{ + sops.secrets.tsauth-kaze = { + sopsFile = ../../../secrets/tailscale/secrets.yaml; + }; + environment.systemPackages = [ + pkgs.jq + pkgs.tailscale + ]; services.tailscale = { useRoutingFeatures = lib.mkDefault "client"; }; - networking.firewall.allowedUDPPorts = [config.services.tailscale.port]; - networking.firewall.trustedInterfaces = [config.services.tailscale.interfaceName]; + networking.firewall.allowedUDPPorts = [ config.services.tailscale.port ]; + networking.firewall.trustedInterfaces = [ config.services.tailscale.interfaceName ]; systemd.services.tailscale-autoconnect = { description = "Automatic connection to Tailscale"; # make sure tailscale is running before trying to connect to tailscale - after = ["network-pre.target" "tailscale.service"]; - wants = ["network-pre.target" "tailscale.service"]; - wantedBy = ["multi-user.target"]; + after = [ + "network-pre.target" + "tailscale.service" + ]; + wants = [ + "network-pre.target" + "tailscale.service" + ]; + wantedBy = [ "multi-user.target" ]; # set this service as a oneshot job serviceConfig.Type = "oneshot"; diff --git a/hosts/sakura/hardware.nix b/hosts/sakura/hardware.nix index f0a6596..87cb03c 100644 --- a/hosts/sakura/hardware.nix +++ b/hosts/sakura/hardware.nix @@ -1,15 +1,10 @@ +{ lib, modulesPath, ... }: { - lib, - modulesPath, - ... -}: { - imports = [ - (modulesPath + "/profiles/qemu-guest.nix") - ]; + imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; boot = { - kernelModules = []; - extraModulePackages = []; + kernelModules = [ ]; + extraModulePackages = [ ]; loader.grub = { enable = true; configurationLimit = 5; @@ -17,8 +12,15 @@ useOSProber = false; }; initrd = { - availableKernelModules = ["ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod"]; - kernelModules = []; + availableKernelModules = [ + "ata_piix" + "uhci_hcd" + "virtio_pci" + "virtio_scsi" + "sd_mod" + "sr_mod" + ]; + kernelModules = [ ]; }; }; @@ -37,9 +39,7 @@ }; }; - swapDevices = [ - {device = "/dev/disk/by-uuid/c5afba13-f1af-4e7f-994b-f565c52d92fc";} - ]; + swapDevices = [ { device = "/dev/disk/by-uuid/c5afba13-f1af-4e7f-994b-f565c52d92fc"; } ]; networking.useDHCP = lib.mkDefault true; diff --git a/hosts/sakura/home.nix b/hosts/sakura/home.nix index c7eafac..3341f1e 100644 --- a/hosts/sakura/home.nix +++ b/hosts/sakura/home.nix @@ -1,7 +1,6 @@ -{...}: { - imports = [ - ../../home - ]; +{ ... }: +{ + imports = [ ../../home ]; systemd.user.startServices = "sd-switch"; programs.home-manager.enable = true; diff --git a/hosts/sakura/services/authelia.nix b/hosts/sakura/services/authelia.nix index 1e9f901..c47e5ff 100644 --- a/hosts/sakura/services/authelia.nix +++ b/hosts/sakura/services/authelia.nix @@ -1,68 +1,77 @@ -{config, ...}: { - networking.firewall.allowedTCPPorts = [9091]; - sops.secrets.authelia-jwt = {owner = config.systemd.services.authelia-default.serviceConfig.User;}; - sops.secrets.authelia-sek = {owner = config.systemd.services.authelia-default.serviceConfig.User;}; +{ config, ... }: +{ + networking.firewall.allowedTCPPorts = [ 9091 ]; + sops.secrets.authelia-jwt = { + owner = config.systemd.services.authelia-default.serviceConfig.User; + }; + sops.secrets.authelia-sek = { + owner = config.systemd.services.authelia-default.serviceConfig.User; + }; services.authelia.instances.default = { enable = true; secrets = { jwtSecretFile = config.sops.secrets.authelia-jwt.path; storageEncryptionKeyFile = config.sops.secrets.authelia-sek.path; }; - settings = let - pqdn = "notohh.dev"; - in { - log.level = "debug"; - theme = "dark"; - default_2fa_method = "totp"; - default_redirection_url = "https://passport.${pqdn}/"; - authentication_backend = { - file.path = "/var/lib/authelia-default/user.yml"; - }; - session = { - domain = pqdn; - expiration = 3600; - inactivity = 300; - }; - totp = { - issuer = "authelia.com"; - disable = false; - algorithm = "sha1"; - digits = 6; - period = 30; - skew = 1; - secret_size = 32; - }; - server = { - host = "0.0.0.0"; - port = 9091; - }; - access_control = { - default_policy = "deny"; - rules = [ + settings = + let + pqdn = "notohh.dev"; + in + { + log.level = "debug"; + theme = "dark"; + default_2fa_method = "totp"; + default_redirection_url = "https://passport.${pqdn}/"; + authentication_backend = { + file.path = "/var/lib/authelia-default/user.yml"; + }; + session = { + domain = pqdn; + expiration = 3600; + inactivity = 300; + }; + totp = { + issuer = "authelia.com"; + disable = false; + algorithm = "sha1"; + digits = 6; + period = 30; + skew = 1; + secret_size = 32; + }; + server = { + host = "0.0.0.0"; + port = 9091; + }; + access_control = { + default_policy = "deny"; + rules = [ + { + domain = pqdn; + policy = "bypass"; + } + ]; + }; + regulation = { + max_retries = 3; + find_time = 120; + ban_time = 300; + }; + notifier.filesystem = { + filename = "/var/lib/authelia-default/notif.txt"; + }; + storage.postgres = + let + dbInfo = "authelia"; + in { - domain = pqdn; - policy = "bypass"; - } - ]; + host = "192.168.1.211"; + port = 5432; + database = dbInfo; + schema = "public"; + username = dbInfo; + password = dbInfo; + }; }; - regulation = { - max_retries = 3; - find_time = 120; - ban_time = 300; - }; - notifier.filesystem = { - filename = "/var/lib/authelia-default/notif.txt"; - }; - storage.postgres = let - dbInfo = "authelia"; - in { - host = "192.168.1.211"; - port = 5432; - database = dbInfo; - schema = "public"; - username = dbInfo; - password = dbInfo; - }; - }; }; } diff --git a/hosts/sakura/services/conduit.nix b/hosts/sakura/services/conduit.nix index 7faef8c..6db91a5 100644 --- a/hosts/sakura/services/conduit.nix +++ b/hosts/sakura/services/conduit.nix @@ -1,5 +1,8 @@ _: { - networking.firewall.allowedTCPPorts = [6167 8448]; + networking.firewall.allowedTCPPorts = [ + 6167 + 8448 + ]; services.matrix-conduit = { enable = true; settings = { @@ -14,7 +17,7 @@ _: { max_request_size = 20000000; database_backend = "rocksdb"; enable_lightning_bolt = false; - trusted_servers = ["matrix.org"]; + trusted_servers = [ "matrix.org" ]; }; }; }; diff --git a/hosts/sakura/services/default.nix b/hosts/sakura/services/default.nix index cbf8e30..f666882 100644 --- a/hosts/sakura/services/default.nix +++ b/hosts/sakura/services/default.nix @@ -1,4 +1,5 @@ -{...}: { +{ ... }: +{ imports = [ ./restic.nix ./authelia.nix diff --git a/hosts/sakura/services/forgejo.nix b/hosts/sakura/services/forgejo.nix index ad4818a..e7dcccc 100644 --- a/hosts/sakura/services/forgejo.nix +++ b/hosts/sakura/services/forgejo.nix @@ -1,14 +1,14 @@ -{ - lib, - config, - ... -}: let +{ lib, config, ... }: +let sshPort = 2222; dbHost = "192.168.1.211"; dbLogin = "forgejo"; -in { - sops.secrets.smtp2go-pwd = {owner = "forgejo";}; - networking.firewall.allowedTCPPorts = [2222]; +in +{ + sops.secrets.smtp2go-pwd = { + owner = "forgejo"; + }; + networking.firewall.allowedTCPPorts = [ 2222 ]; services.forgejo = { enable = true; stateDir = "/var/lib/forgejo"; @@ -78,7 +78,7 @@ in { services.fail2ban.jails.forgejo = { settings = { filter = "forgejo"; - action = ''iptables-allports''; + action = "iptables-allports"; mode = "aggressive"; maxretry = 3; findtime = 3600; diff --git a/hosts/sakura/services/grafana.nix b/hosts/sakura/services/grafana.nix index 4ec34ca..31de524 100644 --- a/hosts/sakura/services/grafana.nix +++ b/hosts/sakura/services/grafana.nix @@ -1,7 +1,9 @@ -_: let +_: +let prometheusPort = "9090"; dbLogin = "grafana"; -in { +in +{ services.grafana = { enable = true; settings = { diff --git a/hosts/sakura/services/hedgedoc.nix b/hosts/sakura/services/hedgedoc.nix index 66f03ba..4c7d1c8 100644 --- a/hosts/sakura/services/hedgedoc.nix +++ b/hosts/sakura/services/hedgedoc.nix @@ -5,7 +5,7 @@ _: { port = 3300; domain = "scratch.flake.sh"; host = "100.121.201.47"; - allowOrigin = ["scratch.flake.sh"]; + allowOrigin = [ "scratch.flake.sh" ]; allowAnonymous = true; allowFreeURL = true; allowEmailRegister = false; diff --git a/hosts/sakura/services/justlog.nix b/hosts/sakura/services/justlog.nix index a2c785e..58cd0ad 100644 --- a/hosts/sakura/services/justlog.nix +++ b/hosts/sakura/services/justlog.nix @@ -1,8 +1,8 @@ _: { - networking.firewall.allowedTCPPorts = [8025]; + networking.firewall.allowedTCPPorts = [ 8025 ]; virtualisation.oci-containers.containers.justlog = { image = "ghcr.io/gempir/justlog@sha256:44b2426c0057b44019b78b1daece13dac2356ff68f9f506f067c8c4c92f54f22"; - ports = ["8025:8025"]; + ports = [ "8025:8025" ]; volumes = [ "/home/notoh/justlog/config.json:/etc/justlog.json" "/home/notoh/justlog/logs:/logs" diff --git a/hosts/sakura/services/restic.nix b/hosts/sakura/services/restic.nix index 58ac93c..0ce17c9 100644 --- a/hosts/sakura/services/restic.nix +++ b/hosts/sakura/services/restic.nix @@ -1,10 +1,9 @@ +{ pkgs, config, ... }: { - pkgs, - config, - ... -}: { - sops.secrets.restic-sakura = {sopsFile = ../../../secrets/restic/secrets.yaml;}; - environment.systemPackages = [pkgs.restic]; + sops.secrets.restic-sakura = { + sopsFile = ../../../secrets/restic/secrets.yaml; + }; + environment.systemPackages = [ pkgs.restic ]; services.restic = { backups = { sakura = { diff --git a/hosts/sakura/services/rustypaste.nix b/hosts/sakura/services/rustypaste.nix index b7bf771..93eac27 100644 --- a/hosts/sakura/services/rustypaste.nix +++ b/hosts/sakura/services/rustypaste.nix @@ -1,9 +1,10 @@ -{pkgs, ...}: { - environment.systemPackages = with pkgs; [rustypaste]; +{ pkgs, ... }: +{ + environment.systemPackages = with pkgs; [ rustypaste ]; systemd.services.rustypaste = { enable = true; - wantedBy = ["multi-user.target"]; + wantedBy = [ "multi-user.target" ]; description = "A minimal file upload/pastebin service."; environment = { CONFIG = "/var/lib/rustypaste/config.toml"; diff --git a/hosts/sakura/services/tailscale.nix b/hosts/sakura/services/tailscale.nix index 6f4459d..f126b3d 100644 --- a/hosts/sakura/services/tailscale.nix +++ b/hosts/sakura/services/tailscale.nix @@ -3,22 +3,34 @@ lib, pkgs, ... -}: { - sops.secrets.tsauth-sakura = {sopsFile = ../../../secrets/tailscale/secrets.yaml;}; - environment.systemPackages = [pkgs.jq pkgs.tailscale]; +}: +{ + sops.secrets.tsauth-sakura = { + sopsFile = ../../../secrets/tailscale/secrets.yaml; + }; + environment.systemPackages = [ + pkgs.jq + pkgs.tailscale + ]; services.tailscale = { useRoutingFeatures = lib.mkDefault "client"; }; - networking.firewall.allowedUDPPorts = [config.services.tailscale.port]; - networking.firewall.trustedInterfaces = [config.services.tailscale.interfaceName]; + networking.firewall.allowedUDPPorts = [ config.services.tailscale.port ]; + networking.firewall.trustedInterfaces = [ config.services.tailscale.interfaceName ]; systemd.services.tailscale-autoconnect = { description = "Automatic connection to Tailscale"; # make sure tailscale is running before trying to connect to tailscale - after = ["network-pre.target" "tailscale.service"]; - wants = ["network-pre.target" "tailscale.service"]; - wantedBy = ["multi-user.target"]; + after = [ + "network-pre.target" + "tailscale.service" + ]; + wants = [ + "network-pre.target" + "tailscale.service" + ]; + wantedBy = [ "multi-user.target" ]; # set this service as a oneshot job serviceConfig.Type = "oneshot"; diff --git a/hosts/sakura/services/vaultwarden.nix b/hosts/sakura/services/vaultwarden.nix index 2226952..35c91b4 100644 --- a/hosts/sakura/services/vaultwarden.nix +++ b/hosts/sakura/services/vaultwarden.nix @@ -1,9 +1,6 @@ +{ pkgs, config, ... }: { - pkgs, - config, - ... -}: { - sops.secrets.vaultwarden-env = {}; + sops.secrets.vaultwarden-env = { }; services.vaultwarden = { enable = true; package = pkgs.vaultwarden-postgresql; diff --git a/hosts/sora/hardware.nix b/hosts/sora/hardware.nix index 018c1f0..5afec8c 100644 --- a/hosts/sora/hardware.nix +++ b/hosts/sora/hardware.nix @@ -1,5 +1,6 @@ -{modulesPath, ...}: { - imports = [(modulesPath + "/profiles/qemu-guest.nix")]; +{ modulesPath, ... }: +{ + imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; zramSwap.enable = true; @@ -11,8 +12,13 @@ device = "nodev"; }; initrd = { - availableKernelModules = ["ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi"]; - kernelModules = ["nvme"]; + availableKernelModules = [ + "ata_piix" + "uhci_hcd" + "xen_blkfront" + "vmw_pvscsi" + ]; + kernelModules = [ "nvme" ]; }; }; diff --git a/hosts/sora/home.nix b/hosts/sora/home.nix index c7eafac..3341f1e 100644 --- a/hosts/sora/home.nix +++ b/hosts/sora/home.nix @@ -1,7 +1,6 @@ -{...}: { - imports = [ - ../../home - ]; +{ ... }: +{ + imports = [ ../../home ]; systemd.user.startServices = "sd-switch"; programs.home-manager.enable = true; diff --git a/hosts/sora/networking.nix b/hosts/sora/networking.nix index 69b7015..83aa954 100644 --- a/hosts/sora/networking.nix +++ b/hosts/sora/networking.nix @@ -1,4 +1,5 @@ -{lib, ...}: { +{ lib, ... }: +{ networking = { hostName = "sora"; nameservers = [ diff --git a/hosts/sora/services/attic.nix b/hosts/sora/services/attic.nix index 8456381..d7a3e16 100644 --- a/hosts/sora/services/attic.nix +++ b/hosts/sora/services/attic.nix @@ -1,18 +1,15 @@ +{ config, pkgs, ... }: { - config, - pkgs, - ... -}: { - sops.secrets.attic = {}; + sops.secrets.attic = { }; - environment.systemPackages = [pkgs.attic]; + environment.systemPackages = [ pkgs.attic ]; services.atticd = { enable = true; credentialsFile = config.sops.secrets.attic.path; settings = { listen = "[::]:8200"; - allowed-hosts = ["cache.flake.sh"]; + allowed-hosts = [ "cache.flake.sh" ]; database.url = "postgres://attic:attic@100.94.214.100:5432/attic"; api-endpoint = "https://cache.flake.sh/"; require-proof-of-possession = false; diff --git a/hosts/sora/services/atuin.nix b/hosts/sora/services/atuin.nix index 4c30957..d4c3144 100644 --- a/hosts/sora/services/atuin.nix +++ b/hosts/sora/services/atuin.nix @@ -1,5 +1,6 @@ -{lib, ...}: { - networking.firewall.allowedTCPPorts = [8888]; +{ lib, ... }: +{ + networking.firewall.allowedTCPPorts = [ 8888 ]; services.atuin = { enable = true; openRegistration = false; diff --git a/hosts/sora/services/default.nix b/hosts/sora/services/default.nix index e97e835..bc7515a 100644 --- a/hosts/sora/services/default.nix +++ b/hosts/sora/services/default.nix @@ -1,4 +1,5 @@ -{...}: { +{ ... }: +{ imports = [ ./restic.nix ./traefik.nix diff --git a/hosts/sora/services/factorio.nix b/hosts/sora/services/factorio.nix index b352b6d..6a62d58 100644 --- a/hosts/sora/services/factorio.nix +++ b/hosts/sora/services/factorio.nix @@ -4,7 +4,7 @@ _: { public = false; lan = false; openFirewall = true; - admins = ["notoh"]; + admins = [ "notoh" ]; game-name = "forsen"; autosave-interval = 20; }; diff --git a/hosts/sora/services/foundryvtt.nix b/hosts/sora/services/foundryvtt.nix index 8d4cd78..9de070b 100644 --- a/hosts/sora/services/foundryvtt.nix +++ b/hosts/sora/services/foundryvtt.nix @@ -1,9 +1,9 @@ _: { - sops.secrets.foundry-username = {}; - sops.secrets.foundry-password = {}; + sops.secrets.foundry-username = { }; + sops.secrets.foundry-password = { }; virtualisation.oci-containers.containers.foundryvtt = { image = "felddy/foundryvtt@sha256:d85dab9704d771f3a33f21439f1bf34748fb5bf1987668ff402b5b17d1973f5a"; - volumes = ["/home/notoh/docker/foundryvtt:/data"]; + volumes = [ "/home/notoh/docker/foundryvtt:/data" ]; environment = { CONTAINER_PRESERVE_CONFIG = "true"; }; @@ -11,6 +11,6 @@ _: { /run/secrets/foundry-username /run/secrets/foundry-password ]; - ports = ["30000:30000"]; + ports = [ "30000:30000" ]; }; } diff --git a/hosts/sora/services/glances.nix b/hosts/sora/services/glances.nix index 1554a0e..470f1f7 100644 --- a/hosts/sora/services/glances.nix +++ b/hosts/sora/services/glances.nix @@ -1,8 +1,8 @@ _: { virtualisation.oci-containers.containers.glances = { image = "nicolargo/glances"; - ports = ["61208-61209:61208-61209"]; - volumes = ["/var/run/docker.sock:/var/run/docker.sock"]; + ports = [ "61208-61209:61208-61209" ]; + volumes = [ "/var/run/docker.sock:/var/run/docker.sock" ]; environment = { GLANCES_OPT = "-w"; }; diff --git a/hosts/sora/services/minecraft.nix b/hosts/sora/services/minecraft.nix index 1c44497..26d9bf5 100644 --- a/hosts/sora/services/minecraft.nix +++ b/hosts/sora/services/minecraft.nix @@ -1,9 +1,12 @@ _: { - networking.firewall.allowedTCPPorts = [25565]; - networking.firewall.allowedUDPPorts = [24454]; + networking.firewall.allowedTCPPorts = [ 25565 ]; + networking.firewall.allowedUDPPorts = [ 24454 ]; virtualisation.oci-containers.containers.minecraft = { image = "itzg/minecraft-server"; - ports = ["25565:25565" "24454:24454/udp"]; + ports = [ + "25565:25565" + "24454:24454/udp" + ]; environment = { EULA = "TRUE"; VERSION = "1.19.2"; @@ -12,6 +15,6 @@ _: { FABRIC_LOADER_VERSION = "0.14.23"; FABRIC_LAUNCHER_VERSION = "0.11.2"; }; - volumes = ["/home/notoh/docker/modded-mc:/data:rw"]; + volumes = [ "/home/notoh/docker/modded-mc:/data:rw" ]; }; } diff --git a/hosts/sora/services/ntfy-sh.nix b/hosts/sora/services/ntfy-sh.nix index f7c104a..c866b78 100644 --- a/hosts/sora/services/ntfy-sh.nix +++ b/hosts/sora/services/ntfy-sh.nix @@ -1,5 +1,6 @@ -{pkgs, ...}: { - environment.systemPackages = [pkgs.ntfy-sh]; +{ pkgs, ... }: +{ + environment.systemPackages = [ pkgs.ntfy-sh ]; services.ntfy-sh = { enable = true; settings = { diff --git a/hosts/sora/services/restic.nix b/hosts/sora/services/restic.nix index 127398b..0e90977 100644 --- a/hosts/sora/services/restic.nix +++ b/hosts/sora/services/restic.nix @@ -1,13 +1,14 @@ +{ pkgs, config, ... }: { - pkgs, - config, - ... -}: { sops.secrets = { - restic-sora = {sopsFile = ../../../secrets/restic/secrets.yaml;}; - sora-s3 = {sopsFile = ../../../secrets/s3/secrets.yaml;}; + restic-sora = { + sopsFile = ../../../secrets/restic/secrets.yaml; + }; + sora-s3 = { + sopsFile = ../../../secrets/s3/secrets.yaml; + }; }; - environment.systemPackages = [pkgs.restic]; + environment.systemPackages = [ pkgs.restic ]; services.restic = { backups = { sora = { diff --git a/hosts/sora/services/tailscale.nix b/hosts/sora/services/tailscale.nix index ba6558e..44c22f5 100644 --- a/hosts/sora/services/tailscale.nix +++ b/hosts/sora/services/tailscale.nix @@ -3,22 +3,34 @@ lib, pkgs, ... -}: { - sops.secrets.tsauth-sora = {sopsFile = ../../../secrets/tailscale/secrets.yaml;}; - environment.systemPackages = [pkgs.jq pkgs.tailscale]; +}: +{ + sops.secrets.tsauth-sora = { + sopsFile = ../../../secrets/tailscale/secrets.yaml; + }; + environment.systemPackages = [ + pkgs.jq + pkgs.tailscale + ]; services.tailscale = { useRoutingFeatures = lib.mkDefault "server"; # important to make it a server, it sets sysctl for ip forwarding without intervention and reboot }; - networking.firewall.allowedUDPPorts = [config.services.tailscale.port]; - networking.firewall.trustedInterfaces = [config.services.tailscale.interfaceName]; + networking.firewall.allowedUDPPorts = [ config.services.tailscale.port ]; + networking.firewall.trustedInterfaces = [ config.services.tailscale.interfaceName ]; systemd.services.tailscale-autoconnect = { description = "Automatic connection to Tailscale"; # make sure tailscale is running before trying to connect to tailscale - after = ["network-pre.target" "tailscale.service"]; - wants = ["network-pre.target" "tailscale.service"]; - wantedBy = ["multi-user.target"]; + after = [ + "network-pre.target" + "tailscale.service" + ]; + wants = [ + "network-pre.target" + "tailscale.service" + ]; + wantedBy = [ "multi-user.target" ]; # set this service as a oneshot job serviceConfig.Type = "oneshot"; diff --git a/hosts/sora/services/terraria.nix b/hosts/sora/services/terraria.nix index 953215b..4c287aa 100644 --- a/hosts/sora/services/terraria.nix +++ b/hosts/sora/services/terraria.nix @@ -1,9 +1,9 @@ _: { - networking.firewall.allowedTCPPorts = [7777]; + networking.firewall.allowedTCPPorts = [ 7777 ]; virtualisation.oci-containers.containers.terraria = { image = "jacobsmile/tmodloader1.4:v2023.11.3.3"; - ports = ["7777:7777"]; - volumes = ["/var/lib/terraria/tmodloader:/data"]; + ports = [ "7777:7777" ]; + volumes = [ "/var/lib/terraria/tmodloader:/data" ]; environment = { TMOD_MOTD = "forsen"; TMOD_PASS = "forsen"; diff --git a/hosts/sora/services/traefik.nix b/hosts/sora/services/traefik.nix index 22255e0..119ffdc 100644 --- a/hosts/sora/services/traefik.nix +++ b/hosts/sora/services/traefik.nix @@ -1,12 +1,18 @@ -{config, ...}: { - sops.secrets.cloudflare-api-key = {}; - networking.firewall.allowedTCPPorts = [80 443 2222 8080]; +{ config, ... }: +{ + sops.secrets.cloudflare-api-key = { }; + networking.firewall.allowedTCPPorts = [ + 80 + 443 + 2222 + 8080 + ]; systemd.services.traefik = { environment = { CLOUDFLARE_EMAIL = "jch0tm2e@notohh.dev"; }; serviceConfig = { - EnvironmentFile = [config.sops.secrets.cloudflare-api-key.path]; + EnvironmentFile = [ config.sops.secrets.cloudflare-api-key.path ]; }; }; services.traefik = { @@ -16,12 +22,12 @@ routers = { gitssh = { rule = "HostSNI(`*`)"; - entrypoints = ["ssh"]; + entrypoints = [ "ssh" ]; service = "gitssh"; }; }; services = { - gitssh.loadBalancer.servers = [{address = "100.121.201.47:2222";}]; + gitssh.loadBalancer.servers = [ { address = "100.121.201.47:2222"; } ]; }; }; http = { @@ -47,149 +53,153 @@ }; }; }; - routers = let - pqdn = "flake.sh"; - in { - api = { - rule = "PathPrefix(`/api/`)"; - entrypoints = ["websecure"]; - service = "api@internal"; + routers = + let + pqdn = "flake.sh"; + in + { + api = { + rule = "PathPrefix(`/api/`)"; + entrypoints = [ "websecure" ]; + service = "api@internal"; + }; + authelia = { + rule = "Host(`passport.notohh.dev`)"; + entrypoints = [ "websecure" ]; + service = "authelia"; + tls.domains = [ { main = "*.notohh.dev"; } ]; + tls.certresolver = "production"; + }; + uptime-kuma = { + rule = "Host(`status.${pqdn}`)"; + entrypoints = [ "websecure" ]; + service = "uptime-kuma"; + tls.domains = [ { main = "*.${pqdn}"; } ]; + tls.certresolver = "production"; + }; + conduit = { + rule = "Host(`matrix.${pqdn}`)"; + entrypoints = [ "websecure" ]; + service = "conduit"; + tls.domains = [ { main = "*.${pqdn}"; } ]; + tls.certresolver = "production"; + }; + foundryvtt = { + rule = "Host(`foundry.${pqdn}`)"; + entrypoints = [ "websecure" ]; + service = "foundryvtt"; + tls.domains = [ { main = "*.${pqdn}"; } ]; + tls.certresolver = "production"; + }; + forgejo = { + rule = "Host(`git.${pqdn}`)"; + entrypoints = [ "websecure" ]; + service = "forgejo"; + tls.domains = [ { main = "*.${pqdn}"; } ]; + tls.certresolver = "production"; + middlewares = "cors"; + }; + rustypaste = { + rule = "Host(`i.${pqdn}`)"; + entrypoints = [ "websecure" ]; + service = "rustypaste"; + tls.domains = [ { main = "*.${pqdn}"; } ]; + tls.certresolver = "production"; + }; + grafana = { + rule = "Host(`metrics.${pqdn}`)"; + entrypoints = [ "websecure" ]; + service = "grafana"; + tls.domains = [ { main = "*.${pqdn}"; } ]; + tls.certresolver = "production"; + }; + hedgedoc = { + rule = "Host(`scratch.${pqdn}`)"; + entrypoints = [ "websecure" ]; + service = "hedgedoc"; + tls.domains = [ { main = "*.${pqdn}"; } ]; + tls.certresolver = "production"; + }; + vaultwarden = { + rule = "Host(`vault.${pqdn}`)"; + entrypoints = [ "websecure" ]; + service = "vaultwarden"; + tls.domains = [ { main = "*.${pqdn}"; } ]; + tls.certresolver = "production"; + }; + neko = { + rule = "Host(`neko.${pqdn}`)"; + entrypoints = [ "websecure" ]; + service = "neko"; + tls.domains = [ { main = "*.${pqdn}"; } ]; + tls.certresolver = "production"; + }; + justlog = { + rule = "Host(`logs.${pqdn}`)"; + entrypoints = [ "websecure" ]; + service = "justlog"; + tls.domains = [ { main = "*.${pqdn}"; } ]; + tls.certresolver = "production"; + }; + ntfy = { + rule = "Host(`ntfy.${pqdn}`)"; + entrypoints = [ "websecure" ]; + service = "ntfy-sh"; + tls.domains = [ { main = "*.${pqdn}"; } ]; + tls.certresolver = "production"; + }; + attic = { + rule = "Host(`cache.${pqdn}`)"; + entrypoints = [ "websecure" ]; + service = "attic"; + tls.domains = [ { main = "*.${pqdn}"; } ]; + tls.certresolver = "production"; + }; + minio = { + rule = "Host(`s3.${pqdn}`)"; + entrypoints = [ "websecure" ]; + service = "minio"; + tls.domains = [ { main = "*.${pqdn}"; } ]; + tls.certresolver = "production"; + middlewares = "cors-allow-all"; + }; + woodpecker = { + rule = "Host(`ci.${pqdn}`)"; + entrypoints = [ "websecure" ]; + service = "woodpecker"; + tls.domains = [ { main = "*.${pqdn}"; } ]; + tls.certresolver = "production"; + }; }; - authelia = { - rule = "Host(`passport.notohh.dev`)"; - entrypoints = ["websecure"]; - service = "authelia"; - tls.domains = [{main = "*.notohh.dev";}]; - tls.certresolver = "production"; - }; - uptime-kuma = { - rule = "Host(`status.${pqdn}`)"; - entrypoints = ["websecure"]; - service = "uptime-kuma"; - tls.domains = [{main = "*.${pqdn}";}]; - tls.certresolver = "production"; - }; - conduit = { - rule = "Host(`matrix.${pqdn}`)"; - entrypoints = ["websecure"]; - service = "conduit"; - tls.domains = [{main = "*.${pqdn}";}]; - tls.certresolver = "production"; - }; - foundryvtt = { - rule = "Host(`foundry.${pqdn}`)"; - entrypoints = ["websecure"]; - service = "foundryvtt"; - tls.domains = [{main = "*.${pqdn}";}]; - tls.certresolver = "production"; - }; - forgejo = { - rule = "Host(`git.${pqdn}`)"; - entrypoints = ["websecure"]; - service = "forgejo"; - tls.domains = [{main = "*.${pqdn}";}]; - tls.certresolver = "production"; - middlewares = "cors"; - }; - rustypaste = { - rule = "Host(`i.${pqdn}`)"; - entrypoints = ["websecure"]; - service = "rustypaste"; - tls.domains = [{main = "*.${pqdn}";}]; - tls.certresolver = "production"; - }; - grafana = { - rule = "Host(`metrics.${pqdn}`)"; - entrypoints = ["websecure"]; - service = "grafana"; - tls.domains = [{main = "*.${pqdn}";}]; - tls.certresolver = "production"; - }; - hedgedoc = { - rule = "Host(`scratch.${pqdn}`)"; - entrypoints = ["websecure"]; - service = "hedgedoc"; - tls.domains = [{main = "*.${pqdn}";}]; - tls.certresolver = "production"; - }; - vaultwarden = { - rule = "Host(`vault.${pqdn}`)"; - entrypoints = ["websecure"]; - service = "vaultwarden"; - tls.domains = [{main = "*.${pqdn}";}]; - tls.certresolver = "production"; - }; - neko = { - rule = "Host(`neko.${pqdn}`)"; - entrypoints = ["websecure"]; - service = "neko"; - tls.domains = [{main = "*.${pqdn}";}]; - tls.certresolver = "production"; - }; - justlog = { - rule = "Host(`logs.${pqdn}`)"; - entrypoints = ["websecure"]; - service = "justlog"; - tls.domains = [{main = "*.${pqdn}";}]; - tls.certresolver = "production"; - }; - ntfy = { - rule = "Host(`ntfy.${pqdn}`)"; - entrypoints = ["websecure"]; - service = "ntfy-sh"; - tls.domains = [{main = "*.${pqdn}";}]; - tls.certresolver = "production"; - }; - attic = { - rule = "Host(`cache.${pqdn}`)"; - entrypoints = ["websecure"]; - service = "attic"; - tls.domains = [{main = "*.${pqdn}";}]; - tls.certresolver = "production"; - }; - minio = { - rule = "Host(`s3.${pqdn}`)"; - entrypoints = ["websecure"]; - service = "minio"; - tls.domains = [{main = "*.${pqdn}";}]; - tls.certresolver = "production"; - middlewares = "cors-allow-all"; - }; - woodpecker = { - rule = "Host(`ci.${pqdn}`)"; - entrypoints = ["websecure"]; - service = "woodpecker"; - tls.domains = [{main = "*.${pqdn}";}]; - tls.certresolver = "production"; - }; - }; - services = let - sakuraIp = "100.121.201.47:"; - soraIp = "100.104.42.96:"; - in { - # sora - uptime-kuma.loadBalancer.servers = [{url = "http://${soraIp}4000";}]; - foundryvtt.loadBalancer.servers = [{url = "http://${soraIp}30000";}]; - ntfy-sh.loadBalancer.servers = [{url = "http://${soraIp}8090";}]; - attic.loadBalancer.servers = [{url = "http://${soraIp}8200";}]; + services = + let + sakuraIp = "100.121.201.47:"; + soraIp = "100.104.42.96:"; + in + { + # sora + uptime-kuma.loadBalancer.servers = [ { url = "http://${soraIp}4000"; } ]; + foundryvtt.loadBalancer.servers = [ { url = "http://${soraIp}30000"; } ]; + ntfy-sh.loadBalancer.servers = [ { url = "http://${soraIp}8090"; } ]; + attic.loadBalancer.servers = [ { url = "http://${soraIp}8200"; } ]; - # sakura - forgejo.loadBalancer.servers = [{url = "http://${sakuraIp}3200";}]; - conduit.loadBalancer.servers = [{url = "http://${sakuraIp}6167";}]; - authelia.loadBalancer.servers = [{url = "http://${sakuraIp}9091";}]; - rustypaste.loadBalancer.servers = [{url = "http://${sakuraIp}8000";}]; - grafana.loadBalancer.servers = [{url = "http://${sakuraIp}3100";}]; - hedgedoc.loadBalancer.servers = [{url = "http://${sakuraIp}3300";}]; - vaultwarden.loadBalancer.servers = [{url = "http://${sakuraIp}8222";}]; - searxng.loadBalancer.servers = [{url = "http://${sakuraIp}8100";}]; - justlog.loadBalancer.servers = [{url = "http://${sakuraIp}8025";}]; + # sakura + forgejo.loadBalancer.servers = [ { url = "http://${sakuraIp}3200"; } ]; + conduit.loadBalancer.servers = [ { url = "http://${sakuraIp}6167"; } ]; + authelia.loadBalancer.servers = [ { url = "http://${sakuraIp}9091"; } ]; + rustypaste.loadBalancer.servers = [ { url = "http://${sakuraIp}8000"; } ]; + grafana.loadBalancer.servers = [ { url = "http://${sakuraIp}3100"; } ]; + hedgedoc.loadBalancer.servers = [ { url = "http://${sakuraIp}3300"; } ]; + vaultwarden.loadBalancer.servers = [ { url = "http://${sakuraIp}8222"; } ]; + searxng.loadBalancer.servers = [ { url = "http://${sakuraIp}8100"; } ]; + justlog.loadBalancer.servers = [ { url = "http://${sakuraIp}8025"; } ]; - # kaze - minio.loadBalancer.servers = [{url = "http://100.69.79.81:9005";}]; + # kaze + minio.loadBalancer.servers = [ { url = "http://100.69.79.81:9005"; } ]; - # tsuru - woodpecker.loadBalancer.servers = [{url = "http://100.82.146.40:8200";}]; - }; + # tsuru + woodpecker.loadBalancer.servers = [ { url = "http://100.82.146.40:8200"; } ]; + }; }; }; staticConfigOptions = { @@ -227,7 +237,10 @@ caServer = "https://acme-staging-v02.api.letsencrypt.org/directory"; dnsChallenge = { provider = "cloudflare"; - resolvers = ["1.1.1.1:53" "1.0.0.1:53"]; + resolvers = [ + "1.1.1.1:53" + "1.0.0.1:53" + ]; delayBeforeCheck = "0"; }; }; @@ -237,7 +250,10 @@ caServer = "https://acme-v02.api.letsencrypt.org/directory"; dnsChallenge = { provider = "cloudflare"; - resolvers = ["1.1.1.1:53" "1.0.0.1:53"]; + resolvers = [ + "1.1.1.1:53" + "1.0.0.1:53" + ]; delayBeforeCheck = "0"; }; }; diff --git a/hosts/tsuki/default.nix b/hosts/tsuki/default.nix index a8578da..c891b0f 100755 --- a/hosts/tsuki/default.nix +++ b/hosts/tsuki/default.nix @@ -3,7 +3,8 @@ config, pkgs, ... -}: { +}: +{ imports = [ inputs.nix-gaming.nixosModules.steamCompat inputs.nix-gaming.nixosModules.pipewireLowLatency @@ -34,7 +35,7 @@ }; xserver = { enable = true; - videoDrivers = ["nvidia"]; + videoDrivers = [ "nvidia" ]; xkb = { layout = "us"; variant = ""; @@ -56,9 +57,7 @@ gamemode.enable = true; steam = { enable = true; - extraCompatPackages = [ - inputs.nix-gaming.packages.${pkgs.system}.proton-ge - ]; + extraCompatPackages = [ inputs.nix-gaming.packages.${pkgs.system}.proton-ge ]; }; }; @@ -71,7 +70,7 @@ }; opengl = { enable = true; - extraPackages = [pkgs.nvidia-vaapi-driver]; + extraPackages = [ pkgs.nvidia-vaapi-driver ]; }; opentabletdriver = { enable = true; diff --git a/hosts/tsuki/hardware.nix b/hosts/tsuki/hardware.nix index 32ed5a9..e117d50 100755 --- a/hosts/tsuki/hardware.nix +++ b/hosts/tsuki/hardware.nix @@ -3,14 +3,16 @@ lib, modulesPath, ... -}: { - imports = [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; +}: +{ + imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; boot = { - kernelModules = ["v4l2loopback" "kvm-intel"]; - extraModulePackages = with config.boot.kernelPackages; [v4l2loopback.out]; + kernelModules = [ + "v4l2loopback" + "kvm-intel" + ]; + extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback.out ]; loader = { systemd-boot = { enable = true; @@ -22,8 +24,15 @@ }; }; initrd = { - availableKernelModules = ["xhci_pci" "ahci" "nvme" "usb_storage" "usbhid" "sd_mod"]; - kernelModules = []; + availableKernelModules = [ + "xhci_pci" + "ahci" + "nvme" + "usb_storage" + "usbhid" + "sd_mod" + ]; + kernelModules = [ ]; }; }; @@ -58,9 +67,7 @@ }; }; - swapDevices = [ - {device = "/dev/disk/by-uuid/2f5e2c64-99b8-4fa0-943c-c9dd45c84fdc";} - ]; + swapDevices = [ { device = "/dev/disk/by-uuid/2f5e2c64-99b8-4fa0-943c-c9dd45c84fdc"; } ]; networking.useDHCP = lib.mkDefault true; diff --git a/hosts/tsuki/home.nix b/hosts/tsuki/home.nix index c713798..46fc94f 100755 --- a/hosts/tsuki/home.nix +++ b/hosts/tsuki/home.nix @@ -1,8 +1,5 @@ +{ inputs, pkgs, ... }: { - inputs, - pkgs, - ... -}: { imports = [ ./services/swayidle.nix ../../home @@ -54,8 +51,8 @@ prismlauncher yuzu inputs.nix-gaming.packages.${pkgs.system}.osu-lazer-bin - (libsForQt5.callPackage ../../pkgs/chatterino7 {}) - (callPackage ../../pkgs/jellyfin-rpc {}) + (libsForQt5.callPackage ../../pkgs/chatterino7 { }) + (callPackage ../../pkgs/jellyfin-rpc { }) ]; stateVersion = "23.05"; }; diff --git a/hosts/tsuki/services/atticd.nix b/hosts/tsuki/services/atticd.nix index fd625b5..dec04c6 100644 --- a/hosts/tsuki/services/atticd.nix +++ b/hosts/tsuki/services/atticd.nix @@ -1,9 +1,10 @@ -{pkgs, ...}: { - environment.systemPackages = [pkgs.attic]; +{ pkgs, ... }: +{ + environment.systemPackages = [ pkgs.attic ]; systemd.services.atticd = { enable = true; - wantedBy = ["multi-user.target"]; + wantedBy = [ "multi-user.target" ]; description = "atticd"; serviceConfig = { diff --git a/hosts/tsuki/services/default.nix b/hosts/tsuki/services/default.nix index e7e280b..7c4cf2a 100644 --- a/hosts/tsuki/services/default.nix +++ b/hosts/tsuki/services/default.nix @@ -1,4 +1,5 @@ -{...}: { +{ ... }: +{ imports = [ ./restic.nix ./atticd.nix diff --git a/hosts/tsuki/services/hydroxide.nix b/hosts/tsuki/services/hydroxide.nix index 690332c..353abbf 100644 --- a/hosts/tsuki/services/hydroxide.nix +++ b/hosts/tsuki/services/hydroxide.nix @@ -1,10 +1,14 @@ -{pkgs, ...}: { - environment.systemPackages = [pkgs.hydroxide]; - networking.firewall.allowedTCPPorts = [1025 1143]; +{ pkgs, ... }: +{ + environment.systemPackages = [ pkgs.hydroxide ]; + networking.firewall.allowedTCPPorts = [ + 1025 + 1143 + ]; systemd.services.hydroxide = { enable = true; - wantedBy = ["multi-user.target"]; + wantedBy = [ "multi-user.target" ]; description = "A third-party, open-source ProtonMail bridge"; serviceConfig = { diff --git a/hosts/tsuki/services/restic.nix b/hosts/tsuki/services/restic.nix index 585a7fe..80fe03c 100644 --- a/hosts/tsuki/services/restic.nix +++ b/hosts/tsuki/services/restic.nix @@ -1,16 +1,17 @@ +{ pkgs, config, ... }: { - pkgs, - config, - ... -}: { - sops.secrets.restic-tsuki = {sopsFile = ../../../secrets/restic/secrets.yaml;}; - sops.secrets.restic-osu = {sopsFile = ../../../secrets/restic/secrets.yaml;}; - environment.systemPackages = [pkgs.restic]; + sops.secrets.restic-tsuki = { + sopsFile = ../../../secrets/restic/secrets.yaml; + }; + sops.secrets.restic-osu = { + sopsFile = ../../../secrets/restic/secrets.yaml; + }; + environment.systemPackages = [ pkgs.restic ]; services.restic = { backups = { tsuki = { user = "root"; - paths = ["/home"]; + paths = [ "/home" ]; exclude = [ "*.qcow2" "*.iso" @@ -47,8 +48,8 @@ }; osu = { user = "root"; - paths = ["/home/*/osu!"]; - pruneOpts = ["--keep-last=2"]; + paths = [ "/home/*/osu!" ]; + pruneOpts = [ "--keep-last=2" ]; initialize = true; repository = "/nas/osu-backups"; passwordFile = config.sops.secrets.restic-osu.path; diff --git a/hosts/tsuru/default.nix b/hosts/tsuru/default.nix index 72b2b65..33f4a94 100644 --- a/hosts/tsuru/default.nix +++ b/hosts/tsuru/default.nix @@ -1,4 +1,5 @@ -{...}: { +{ ... }: +{ imports = [ ./hardware.nix ./services diff --git a/hosts/tsuru/hardware.nix b/hosts/tsuru/hardware.nix index 0a34d6d..75ba198 100644 --- a/hosts/tsuru/hardware.nix +++ b/hosts/tsuru/hardware.nix @@ -1,15 +1,10 @@ +{ lib, modulesPath, ... }: { - lib, - modulesPath, - ... -}: { - imports = [ - (modulesPath + "/profiles/qemu-guest.nix") - ]; + imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; boot = { - kernelModules = []; - extraModulePackages = []; + kernelModules = [ ]; + extraModulePackages = [ ]; loader.grub = { enable = true; configurationLimit = 5; @@ -17,8 +12,15 @@ useOSProber = false; }; initrd = { - availableKernelModules = ["ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod"]; - kernelModules = []; + availableKernelModules = [ + "ata_piix" + "uhci_hcd" + "virtio_pci" + "virtio_scsi" + "sd_mod" + "sr_mod" + ]; + kernelModules = [ ]; }; }; @@ -29,9 +31,7 @@ }; }; - swapDevices = [ - {device = "/dev/disk/by-uuid/5be1a83b-5b40-4068-ade3-fcf28ff07e35";} - ]; + swapDevices = [ { device = "/dev/disk/by-uuid/5be1a83b-5b40-4068-ade3-fcf28ff07e35"; } ]; networking.useDHCP = lib.mkDefault true; diff --git a/hosts/tsuru/home.nix b/hosts/tsuru/home.nix index c7eafac..3341f1e 100644 --- a/hosts/tsuru/home.nix +++ b/hosts/tsuru/home.nix @@ -1,7 +1,6 @@ -{...}: { - imports = [ - ../../home - ]; +{ ... }: +{ + imports = [ ../../home ]; systemd.user.startServices = "sd-switch"; programs.home-manager.enable = true; diff --git a/hosts/tsuru/services/default.nix b/hosts/tsuru/services/default.nix index f811024..eadb5f5 100644 --- a/hosts/tsuru/services/default.nix +++ b/hosts/tsuru/services/default.nix @@ -1,5 +1 @@ -_: { - imports = [ - ./woodpecker.nix - ]; -} +_: { imports = [ ./woodpecker.nix ]; } diff --git a/hosts/tsuru/services/tailscale.nix b/hosts/tsuru/services/tailscale.nix index 65c243b..4227223 100644 --- a/hosts/tsuru/services/tailscale.nix +++ b/hosts/tsuru/services/tailscale.nix @@ -3,22 +3,34 @@ lib, pkgs, ... -}: { - sops.secrets.tsauth-tsuru = {sopsFile = ../../../secrets/tailscale/secrets.yaml;}; - environment.systemPackages = [pkgs.jq pkgs.tailscale]; +}: +{ + sops.secrets.tsauth-tsuru = { + sopsFile = ../../../secrets/tailscale/secrets.yaml; + }; + environment.systemPackages = [ + pkgs.jq + pkgs.tailscale + ]; services.tailscale = { useRoutingFeatures = lib.mkDefault "client"; }; - networking.firewall.allowedUDPPorts = [config.services.tailscale.port]; - networking.firewall.trustedInterfaces = [config.services.tailscale.interfaceName]; + networking.firewall.allowedUDPPorts = [ config.services.tailscale.port ]; + networking.firewall.trustedInterfaces = [ config.services.tailscale.interfaceName ]; systemd.services.tailscale-autoconnect = { description = "Automatic connection to Tailscale"; # make sure tailscale is running before trying to connect to tailscale - after = ["network-pre.target" "tailscale.service"]; - wants = ["network-pre.target" "tailscale.service"]; - wantedBy = ["multi-user.target"]; + after = [ + "network-pre.target" + "tailscale.service" + ]; + wants = [ + "network-pre.target" + "tailscale.service" + ]; + wantedBy = [ "multi-user.target" ]; # set this service as a oneshot job serviceConfig.Type = "oneshot"; diff --git a/hosts/tsuru/services/woodpecker.nix b/hosts/tsuru/services/woodpecker.nix index b2d3f7f..3c7d8af 100644 --- a/hosts/tsuru/services/woodpecker.nix +++ b/hosts/tsuru/services/woodpecker.nix @@ -1,6 +1,7 @@ -{config, ...}: { - sops.secrets.woodpecker-server = {}; - sops.secrets.woodpecker-agent-secret = {}; +{ config, ... }: +{ + sops.secrets.woodpecker-server = { }; + sops.secrets.woodpecker-agent-secret = { }; services.woodpecker-server = { enable = true; environment = { @@ -31,6 +32,6 @@ WOODPECKER_KEEPALIVE_MIN_TIME = "10s"; WOODPECKER_HEALTHCHECK = "true"; }; - extraGroups = ["docker"]; + extraGroups = [ "docker" ]; }; } diff --git a/hosts/yuki/default.nix b/hosts/yuki/default.nix index a1505c7..5d250c7 100644 --- a/hosts/yuki/default.nix +++ b/hosts/yuki/default.nix @@ -1,4 +1,5 @@ -{...}: { +{ ... }: +{ imports = [ ./hardware.nix ./services diff --git a/hosts/yuki/hardware.nix b/hosts/yuki/hardware.nix index fd0c8a9..7fa743d 100644 --- a/hosts/yuki/hardware.nix +++ b/hosts/yuki/hardware.nix @@ -1,15 +1,10 @@ +{ lib, modulesPath, ... }: { - lib, - modulesPath, - ... -}: { - imports = [ - (modulesPath + "/profiles/qemu-guest.nix") - ]; + imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; boot = { - kernelModules = []; - extraModulePackages = []; + kernelModules = [ ]; + extraModulePackages = [ ]; loader.grub = { enable = true; configurationLimit = 5; @@ -17,8 +12,15 @@ useOSProber = false; }; initrd = { - availableKernelModules = ["ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod"]; - kernelModules = []; + availableKernelModules = [ + "ata_piix" + "uhci_hcd" + "virtio_pci" + "virtio_scsi" + "sd_mod" + "sr_mod" + ]; + kernelModules = [ ]; }; }; @@ -45,9 +47,7 @@ }; }; - swapDevices = [ - {device = "/dev/disk/by-uuid/bd7ccb73-6f85-4b3d-b37f-5cff58a6ab59";} - ]; + swapDevices = [ { device = "/dev/disk/by-uuid/bd7ccb73-6f85-4b3d-b37f-5cff58a6ab59"; } ]; networking.useDHCP = lib.mkDefault true; diff --git a/hosts/yuki/home.nix b/hosts/yuki/home.nix index c7eafac..3341f1e 100644 --- a/hosts/yuki/home.nix +++ b/hosts/yuki/home.nix @@ -1,7 +1,6 @@ -{...}: { - imports = [ - ../../home - ]; +{ ... }: +{ + imports = [ ../../home ]; systemd.user.startServices = "sd-switch"; programs.home-manager.enable = true; diff --git a/hosts/yuki/services/anki-sync-server.nix b/hosts/yuki/services/anki-sync-server.nix index f891622..ba37095 100644 --- a/hosts/yuki/services/anki-sync-server.nix +++ b/hosts/yuki/services/anki-sync-server.nix @@ -1,5 +1,6 @@ -{config, ...}: { - sops.secrets.anki-pwd = {}; +{ config, ... }: +{ + sops.secrets.anki-pwd = { }; services.anki-sync-server = { enable = true; openFirewall = true; diff --git a/hosts/yuki/services/default.nix b/hosts/yuki/services/default.nix index 6f1b88b..82ac2a1 100644 --- a/hosts/yuki/services/default.nix +++ b/hosts/yuki/services/default.nix @@ -1,4 +1,5 @@ -{...}: { +{ ... }: +{ imports = [ ./hass ./restic.nix diff --git a/hosts/yuki/services/hass/config.nix b/hosts/yuki/services/hass/config.nix index 34f5cb7..e544b2d 100644 --- a/hosts/yuki/services/hass/config.nix +++ b/hosts/yuki/services/hass/config.nix @@ -13,6 +13,6 @@ _: { currency = "USD"; country = "US"; }; - default_config = {}; + default_config = { }; }; } diff --git a/hosts/yuki/services/hass/default.nix b/hosts/yuki/services/hass/default.nix index 81f1b01..76c4d13 100644 --- a/hosts/yuki/services/hass/default.nix +++ b/hosts/yuki/services/hass/default.nix @@ -4,7 +4,7 @@ _: { ./config.nix ]; - nixpkgs.config.permittedInsecurePackages = ["openssl-1.1.1w"]; + nixpkgs.config.permittedInsecurePackages = [ "openssl-1.1.1w" ]; services.home-assistant = { enable = true; diff --git a/hosts/yuki/services/hass/lovelace.nix b/hosts/yuki/services/hass/lovelace.nix index 4e81771..4b699c4 100644 --- a/hosts/yuki/services/hass/lovelace.nix +++ b/hosts/yuki/services/hass/lovelace.nix @@ -24,8 +24,12 @@ _: { { type = "light"; entity = "light.living_room"; - tap_action = {action = "toggle";}; - hold_action = {action = "Default action";}; + tap_action = { + action = "toggle"; + }; + hold_action = { + action = "Default action"; + }; style = { top = "72.8%"; left = "75.3%"; @@ -34,8 +38,12 @@ _: { { type = "light"; entity = "light.hall_light"; - tap_action = {action = "toggle";}; - hold_action = {action = "Default action";}; + tap_action = { + action = "toggle"; + }; + hold_action = { + action = "Default action"; + }; style = { top = "72.8%"; left = "75.3%"; @@ -49,8 +57,12 @@ _: { { type = "light"; entity = "light.master_bedroom_lamp"; - tap_action = {action = "toggle";}; - hold_action = {action = "Default action";}; + tap_action = { + action = "toggle"; + }; + hold_action = { + action = "Default action"; + }; style = { top = "72.8%"; left = "75.3%"; @@ -66,8 +78,12 @@ _: { entity = "light.bedroom_1"; show_state = true; show_icon = true; - tap_action = {action = "toggle";}; - hold_action = {action = "Default action";}; + tap_action = { + action = "toggle"; + }; + hold_action = { + action = "Default action"; + }; style = { top = "72.8%"; left = "75.3%"; @@ -78,8 +94,12 @@ _: { entity = "light.light_panels_58_6c_84"; show_state = true; show_icon = true; - tap_action = {action = "toggle";}; - hold_action = {action = "Default action";}; + tap_action = { + action = "toggle"; + }; + hold_action = { + action = "Default action"; + }; style = { top = "72.8%"; left = "75.3%"; @@ -102,8 +122,7 @@ _: { } { title = "Bedroom 2"; - cards = [ - ]; + cards = [ ]; } ]; }; diff --git a/hosts/yuki/services/hydroxide.nix b/hosts/yuki/services/hydroxide.nix index 690332c..353abbf 100644 --- a/hosts/yuki/services/hydroxide.nix +++ b/hosts/yuki/services/hydroxide.nix @@ -1,10 +1,14 @@ -{pkgs, ...}: { - environment.systemPackages = [pkgs.hydroxide]; - networking.firewall.allowedTCPPorts = [1025 1143]; +{ pkgs, ... }: +{ + environment.systemPackages = [ pkgs.hydroxide ]; + networking.firewall.allowedTCPPorts = [ + 1025 + 1143 + ]; systemd.services.hydroxide = { enable = true; - wantedBy = ["multi-user.target"]; + wantedBy = [ "multi-user.target" ]; description = "A third-party, open-source ProtonMail bridge"; serviceConfig = { diff --git a/hosts/yuki/services/miniflux.nix b/hosts/yuki/services/miniflux.nix index fc93d4f..12d3ee8 100644 --- a/hosts/yuki/services/miniflux.nix +++ b/hosts/yuki/services/miniflux.nix @@ -1,9 +1,6 @@ +{ config, lib, ... }: { - config, - lib, - ... -}: { - sops.secrets.miniflux = {}; + sops.secrets.miniflux = { }; services.miniflux = { enable = true; diff --git a/hosts/yuki/services/paperless.nix b/hosts/yuki/services/paperless.nix index 73df8ef..4cffe01 100644 --- a/hosts/yuki/services/paperless.nix +++ b/hosts/yuki/services/paperless.nix @@ -3,32 +3,39 @@ config, lib, ... -}: { +}: +{ sops.secrets.paperless-pwd = { owner = "paperless"; group = "paperless"; }; systemd.services = { - paperless-task-queue.serviceConfig = {PrivateNetwork = false;}; - paperless-scheduler.serviceConfig = {PrivateNetwork = lib.mkForce false;}; - }; - - services.paperless = let - dataDir = "/var/lib/paperless-ngx"; - in { - package = pkgs.paperless-ngx; - enable = true; - address = "0.0.0.0"; - port = 28981; - passwordFile = config.sops.secrets.paperless-pwd.path; - dataDir = "${dataDir}"; - mediaDir = "${dataDir}/media"; - consumptionDir = "${dataDir}/consume"; - settings = { - PAPERLESS_ADMIN_USER = "notoh"; - PAPERLESS_REDIS = "redis://:paperless-ngx@192.168.1.211:6382"; - PAPERLESS_EMAIL_TASK_CRON = "*/5 * * * *"; + paperless-task-queue.serviceConfig = { + PrivateNetwork = false; + }; + paperless-scheduler.serviceConfig = { + PrivateNetwork = lib.mkForce false; }; }; + + services.paperless = + let + dataDir = "/var/lib/paperless-ngx"; + in + { + package = pkgs.paperless-ngx; + enable = true; + address = "0.0.0.0"; + port = 28981; + passwordFile = config.sops.secrets.paperless-pwd.path; + dataDir = "${dataDir}"; + mediaDir = "${dataDir}/media"; + consumptionDir = "${dataDir}/consume"; + settings = { + PAPERLESS_ADMIN_USER = "notoh"; + PAPERLESS_REDIS = "redis://:paperless-ngx@192.168.1.211:6382"; + PAPERLESS_EMAIL_TASK_CRON = "*/5 * * * *"; + }; + }; } diff --git a/hosts/yuki/services/restic.nix b/hosts/yuki/services/restic.nix index 8215afc..618130d 100644 --- a/hosts/yuki/services/restic.nix +++ b/hosts/yuki/services/restic.nix @@ -1,10 +1,9 @@ +{ pkgs, config, ... }: { - pkgs, - config, - ... -}: { - sops.secrets.restic-yuki = {sopsFile = ../../../secrets/restic/secrets.yaml;}; - environment.systemPackages = [pkgs.restic]; + sops.secrets.restic-yuki = { + sopsFile = ../../../secrets/restic/secrets.yaml; + }; + environment.systemPackages = [ pkgs.restic ]; services.restic = { backups = { yuki = { @@ -15,9 +14,7 @@ "/var/lib/private/jellyseerr" "/var/lib/private/homepage-dashboard" ]; - exclude = [ - "/home/notoh/docker/stash/data" - ]; + exclude = [ "/home/notoh/docker/stash/data" ]; pruneOpts = [ "--keep-daily=7" "--keep-weekly=6" diff --git a/hosts/yuki/services/searxng.nix b/hosts/yuki/services/searxng.nix index c3a7bd2..8d6864f 100644 --- a/hosts/yuki/services/searxng.nix +++ b/hosts/yuki/services/searxng.nix @@ -1,10 +1,7 @@ +{ pkgs, config, ... }: { - pkgs, - config, - ... -}: { - sops.secrets.searxng-secret = {}; - networking.firewall.allowedTCPPorts = [8100]; + sops.secrets.searxng-secret = { }; + networking.firewall.allowedTCPPorts = [ 8100 ]; services.searx = { package = pkgs.searxng; enable = false; diff --git a/hosts/yuki/services/stash.nix b/hosts/yuki/services/stash.nix index 4d113d3..75e4831 100644 --- a/hosts/yuki/services/stash.nix +++ b/hosts/yuki/services/stash.nix @@ -1,9 +1,11 @@ -_: let +_: +let storagePath = "/home/notoh/docker/stash"; -in { +in +{ virtualisation.oci-containers.containers.stash = { image = "stashapp/stash@sha256:b3b59809d5be1d82467253ec9e2ee98628a0db7527d27a6c7daa75e1fcda7deb"; # v0.24.3 - ports = ["9999:9999"]; + ports = [ "9999:9999" ]; environment = { STASH_STASH = "/data/"; STASH_GENERATED = "/generated/"; diff --git a/hosts/yuki/services/traefik.nix b/hosts/yuki/services/traefik.nix index 016b0b5..f7fa657 100644 --- a/hosts/yuki/services/traefik.nix +++ b/hosts/yuki/services/traefik.nix @@ -1,155 +1,164 @@ -{config, ...}: { - networking.firewall.allowedTCPPorts = [80 443 8080]; - sops.secrets.cloudflare-api-key = {}; +{ config, ... }: +{ + networking.firewall.allowedTCPPorts = [ + 80 + 443 + 8080 + ]; + sops.secrets.cloudflare-api-key = { }; systemd.services.traefik = { environment = { CLOUDFLARE_EMAIL = "jch0tm2e@notohh.dev"; }; serviceConfig = { - EnvironmentFile = [config.sops.secrets.cloudflare-api-key.path]; + EnvironmentFile = [ config.sops.secrets.cloudflare-api-key.path ]; }; }; services.traefik = { enable = true; dynamicConfigOptions = { http = { - routers = let - fqdn = "internal.flake.sh"; - in { - # local - api = { - rule = "PathPrefix(`/api/`)"; - entryPoints = ["websecure"]; - service = "api@internal"; + routers = + let + fqdn = "internal.flake.sh"; + in + { + # local + api = { + rule = "PathPrefix(`/api/`)"; + entryPoints = [ "websecure" ]; + service = "api@internal"; + }; + homepage = { + rule = "Host(`dashboard.${fqdn}`)"; + entrypoints = [ "websecure" ]; + service = "homepage"; + tls.domains = [ { main = "*.${fqdn}"; } ]; + tls.certresolver = "production"; + }; + stash = { + rule = "Host(`stash.${fqdn}`)"; + entrypoints = [ "websecure" ]; + service = "stash"; + tls.domains = [ { main = "*.${fqdn}"; } ]; + tls.certresolver = "production"; + }; + jellyfin = { + rule = "Host(`jellyfin.${fqdn}`)"; + entrypoints = [ "websecure" ]; + service = "jellyfin"; + tls.domains = [ { main = "*.${fqdn}"; } ]; + tls.certresolver = "production"; + }; + jellyseerr = { + rule = "Host(`jellyseerr.${fqdn}`)"; + entrypoints = [ "websecure" ]; + service = "jellyseerr"; + tls.domains = [ { main = "*.${fqdn}"; } ]; + tls.certresolver = "production"; + }; + wallos = { + rule = "Host(`wallos.${fqdn}`)"; + entrypoints = [ "websecure" ]; + service = "wallos"; + tls.domains = [ { main = "*.${fqdn}"; } ]; + tls.certresolver = "production"; + }; + hass = { + rule = "Host(`hass.${fqdn}`)"; + entrypoints = [ "websecure" ]; + service = "hass"; + tls.domains = [ { main = "*.${fqdn}"; } ]; + tls.certresolver = "production"; + }; + paperless = { + rule = "Host(`paperless.${fqdn}`)"; + entrypoints = [ "websecure" ]; + service = "paperless"; + tls.domains = [ { main = "*.${fqdn}"; } ]; + tls.certresolver = "production"; + }; + miniflux = { + rule = "Host(`rss.${fqdn}`)"; + entrypoints = [ "websecure" ]; + service = "miniflux"; + tls.domains = [ { main = "*.${fqdn}"; } ]; + tls.certresolver = "production"; + }; + # kariru + sonarr = { + rule = "Host(`sonarr.${fqdn}`)"; + entryPoints = [ "websecure" ]; + service = "sonarr"; + tls.domains = [ { main = "*.${fqdn}"; } ]; + tls.certresolver = "production"; + }; + radarr = { + rule = "Host(`radarr.${fqdn}`)"; + entryPoints = [ "websecure" ]; + service = "radarr"; + tls.domains = [ { main = "*.${fqdn}"; } ]; + tls.certresolver = "production"; + }; + readarr = { + rule = "Host(`readarr.${fqdn}`)"; + entryPoints = [ "websecure" ]; + service = "readarr"; + tls.domains = [ { main = "*.${fqdn}"; } ]; + tls.certresolver = "production"; + }; + lidarr = { + rule = "Host(`lidarr.${fqdn}`)"; + entryPoints = [ "websecure" ]; + service = "lidarr"; + tls.domains = [ { main = "*.${fqdn}"; } ]; + tls.certresolver = "production"; + }; + bazarr = { + rule = "Host(`bazarr.${fqdn}`)"; + entryPoints = [ "websecure" ]; + service = "bazarr"; + tls.domains = [ { main = "*.${fqdn}"; } ]; + tls.certresolver = "production"; + }; + whisparr = { + rule = "Host(`whisparr.${fqdn}`)"; + entryPoints = [ "websecure" ]; + service = "whisparr"; + tls.domains = [ { main = "*.${fqdn}"; } ]; + tls.certresolver = "production"; + }; + prowlarr = { + rule = "Host(`prowlarr.${fqdn}`)"; + entrypoints = [ "websecure" ]; + service = "prowlarr"; + tls.domains = [ { main = "*.${fqdn}"; } ]; + tls.certresolver = "production"; + }; }; - homepage = { - rule = "Host(`dashboard.${fqdn}`)"; - entrypoints = ["websecure"]; - service = "homepage"; - tls.domains = [{main = "*.${fqdn}";}]; - tls.certresolver = "production"; + services = + let + kariruHost = "192.168.1.54:"; + in + { + # local + stash.loadBalancer.servers = [ { url = "http://localhost:9999"; } ]; + homepage.loadBalancer.servers = [ { url = "http://localhost:7676"; } ]; + jellyfin.loadBalancer.servers = [ { url = "http://localhost:8096"; } ]; + jellyseerr.loadBalancer.servers = [ { url = "http://localhost:5055"; } ]; + wallos.loadBalancer.servers = [ { url = "http://localhost:8282"; } ]; + hass.loadBalancer.servers = [ { url = "http://localhost:8123"; } ]; + paperless.loadBalancer.servers = [ { url = "http://localhost:28981"; } ]; + miniflux.loadBalancer.servers = [ { url = "http://localhost:9000"; } ]; + # kariru + sonarr.loadBalancer.servers = [ { url = "http://${kariruHost}8989"; } ]; + radarr.loadBalancer.servers = [ { url = "http://${kariruHost}7878"; } ]; + readarr.loadBalancer.servers = [ { url = "http://${kariruHost}8787"; } ]; + lidarr.loadBalancer.servers = [ { url = "http://${kariruHost}8686"; } ]; + bazarr.loadBalancer.servers = [ { url = "http://${kariruHost}6767"; } ]; + whisparr.loadBalancer.servers = [ { url = "http://${kariruHost}6969"; } ]; + prowlarr.loadBalancer.servers = [ { url = "http://${kariruHost}9696"; } ]; }; - stash = { - rule = "Host(`stash.${fqdn}`)"; - entrypoints = ["websecure"]; - service = "stash"; - tls.domains = [{main = "*.${fqdn}";}]; - tls.certresolver = "production"; - }; - jellyfin = { - rule = "Host(`jellyfin.${fqdn}`)"; - entrypoints = ["websecure"]; - service = "jellyfin"; - tls.domains = [{main = "*.${fqdn}";}]; - tls.certresolver = "production"; - }; - jellyseerr = { - rule = "Host(`jellyseerr.${fqdn}`)"; - entrypoints = ["websecure"]; - service = "jellyseerr"; - tls.domains = [{main = "*.${fqdn}";}]; - tls.certresolver = "production"; - }; - wallos = { - rule = "Host(`wallos.${fqdn}`)"; - entrypoints = ["websecure"]; - service = "wallos"; - tls.domains = [{main = "*.${fqdn}";}]; - tls.certresolver = "production"; - }; - hass = { - rule = "Host(`hass.${fqdn}`)"; - entrypoints = ["websecure"]; - service = "hass"; - tls.domains = [{main = "*.${fqdn}";}]; - tls.certresolver = "production"; - }; - paperless = { - rule = "Host(`paperless.${fqdn}`)"; - entrypoints = ["websecure"]; - service = "paperless"; - tls.domains = [{main = "*.${fqdn}";}]; - tls.certresolver = "production"; - }; - miniflux = { - rule = "Host(`rss.${fqdn}`)"; - entrypoints = ["websecure"]; - service = "miniflux"; - tls.domains = [{main = "*.${fqdn}";}]; - tls.certresolver = "production"; - }; - # kariru - sonarr = { - rule = "Host(`sonarr.${fqdn}`)"; - entryPoints = ["websecure"]; - service = "sonarr"; - tls.domains = [{main = "*.${fqdn}";}]; - tls.certresolver = "production"; - }; - radarr = { - rule = "Host(`radarr.${fqdn}`)"; - entryPoints = ["websecure"]; - service = "radarr"; - tls.domains = [{main = "*.${fqdn}";}]; - tls.certresolver = "production"; - }; - readarr = { - rule = "Host(`readarr.${fqdn}`)"; - entryPoints = ["websecure"]; - service = "readarr"; - tls.domains = [{main = "*.${fqdn}";}]; - tls.certresolver = "production"; - }; - lidarr = { - rule = "Host(`lidarr.${fqdn}`)"; - entryPoints = ["websecure"]; - service = "lidarr"; - tls.domains = [{main = "*.${fqdn}";}]; - tls.certresolver = "production"; - }; - bazarr = { - rule = "Host(`bazarr.${fqdn}`)"; - entryPoints = ["websecure"]; - service = "bazarr"; - tls.domains = [{main = "*.${fqdn}";}]; - tls.certresolver = "production"; - }; - whisparr = { - rule = "Host(`whisparr.${fqdn}`)"; - entryPoints = ["websecure"]; - service = "whisparr"; - tls.domains = [{main = "*.${fqdn}";}]; - tls.certresolver = "production"; - }; - prowlarr = { - rule = "Host(`prowlarr.${fqdn}`)"; - entrypoints = ["websecure"]; - service = "prowlarr"; - tls.domains = [{main = "*.${fqdn}";}]; - tls.certresolver = "production"; - }; - }; - services = let - kariruHost = "192.168.1.54:"; - in { - # local - stash.loadBalancer.servers = [{url = "http://localhost:9999";}]; - homepage.loadBalancer.servers = [{url = "http://localhost:7676";}]; - jellyfin.loadBalancer.servers = [{url = "http://localhost:8096";}]; - jellyseerr.loadBalancer.servers = [{url = "http://localhost:5055";}]; - wallos.loadBalancer.servers = [{url = "http://localhost:8282";}]; - hass.loadBalancer.servers = [{url = "http://localhost:8123";}]; - paperless.loadBalancer.servers = [{url = "http://localhost:28981";}]; - miniflux.loadBalancer.servers = [{url = "http://localhost:9000";}]; - # kariru - sonarr.loadBalancer.servers = [{url = "http://${kariruHost}8989";}]; - radarr.loadBalancer.servers = [{url = "http://${kariruHost}7878";}]; - readarr.loadBalancer.servers = [{url = "http://${kariruHost}8787";}]; - lidarr.loadBalancer.servers = [{url = "http://${kariruHost}8686";}]; - bazarr.loadBalancer.servers = [{url = "http://${kariruHost}6767";}]; - whisparr.loadBalancer.servers = [{url = "http://${kariruHost}6969";}]; - prowlarr.loadBalancer.servers = [{url = "http://${kariruHost}9696";}]; - }; }; }; staticConfigOptions = { @@ -177,7 +186,10 @@ caServer = "https://acme-v02.api.letsencrypt.org/directory"; dnsChallenge = { provider = "cloudflare"; - resolvers = ["1.1.1.1:53" "1.0.0.1:53"]; + resolvers = [ + "1.1.1.1:53" + "1.0.0.1:53" + ]; delayBeforeCheck = "0"; }; }; diff --git a/hosts/yuki/services/wallos.nix b/hosts/yuki/services/wallos.nix index 5eb6225..93911a1 100644 --- a/hosts/yuki/services/wallos.nix +++ b/hosts/yuki/services/wallos.nix @@ -1,11 +1,13 @@ _: { virtualisation.oci-containers.containers.wallos = { image = "bellamy/wallos@sha256:d3846ab980095be55a3c07633cca905bf29505bc63e5d92ad49938f56fd7b9f7"; - ports = ["8282:80"]; + ports = [ "8282:80" ]; volumes = [ "/home/notoh/docker/wallos/db:/var/www/html/db" "/home/notoh/docker/wallos/logos:/var/www/html/images/uploads/logos" ]; - environment = {TZ = "America/New_York";}; + environment = { + TZ = "America/New_York"; + }; }; } diff --git a/modules/default.nix b/modules/default.nix index 6ba508e..022c335 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -1,4 +1,5 @@ -{inputs, ...}: { +{ inputs, ... }: +{ imports = [ inputs.nh.nixosModules.default ./prometheus.nix diff --git a/modules/fonts.nix b/modules/fonts.nix index 3b4dc24..0de91b9 100644 --- a/modules/fonts.nix +++ b/modules/fonts.nix @@ -1,4 +1,5 @@ -{pkgs, ...}: { +{ pkgs, ... }: +{ fonts = { enableDefaultPackages = false; fontDir.enable = true; @@ -14,10 +15,19 @@ enable = true; allowBitmaps = true; defaultFonts = { - monospace = ["JetBrainsMono NF Medium" "Twitter Color Emoji"]; - serif = ["Noto Serif" "Twitter Color Emoji"]; - sansSerif = ["Noto Sans" "Twitter Color Emoji"]; - emoji = ["Twitter Color Emoji"]; + monospace = [ + "JetBrainsMono NF Medium" + "Twitter Color Emoji" + ]; + serif = [ + "Noto Serif" + "Twitter Color Emoji" + ]; + sansSerif = [ + "Noto Sans" + "Twitter Color Emoji" + ]; + emoji = [ "Twitter Color Emoji" ]; }; hinting = { enable = true; diff --git a/modules/nix.nix b/modules/nix.nix index 090fdb3..b75d0a5 100644 --- a/modules/nix.nix +++ b/modules/nix.nix @@ -1,4 +1,5 @@ -{inputs, ...}: { +{ inputs, ... }: +{ nixpkgs = { overlays = [ inputs.nur.overlay @@ -26,13 +27,19 @@ nix = { settings = { - extra-experimental-features = ["flakes" "nix-command"]; + extra-experimental-features = [ + "flakes" + "nix-command" + ]; warn-dirty = false; auto-optimise-store = true; builders-use-substitutes = true; keep-outputs = true; - allowed-users = ["@wheel"]; - trusted-users = ["root" "@wheel"]; + allowed-users = [ "@wheel" ]; + trusted-users = [ + "root" + "@wheel" + ]; substituters = [ "https://cache.flake.sh/kyasshu" "https://hyprland.cachix.org" diff --git a/modules/openssh.nix b/modules/openssh.nix index 14d7c60..d2b319c 100644 --- a/modules/openssh.nix +++ b/modules/openssh.nix @@ -1,4 +1,5 @@ -{lib, ...}: { +{ lib, ... }: +{ services.openssh = { enable = true; settings = { diff --git a/modules/prometheus.nix b/modules/prometheus.nix index ae51649..4ad5092 100644 --- a/modules/prometheus.nix +++ b/modules/prometheus.nix @@ -1,5 +1,5 @@ _: { - networking.firewall.allowedTCPPorts = [9090]; + networking.firewall.allowedTCPPorts = [ 9090 ]; services.prometheus = { enable = true; globalConfig = { @@ -9,33 +9,36 @@ _: { scrapeConfigs = [ { job_name = "prometheus"; - static_configs = [{targets = ["localhost:9090"];}]; + static_configs = [ { targets = [ "localhost:9090" ]; } ]; } { job_name = "node"; - static_configs = [{targets = ["localhost:9100"];}]; + static_configs = [ { targets = [ "localhost:9100" ]; } ]; } { job_name = "traefik"; - static_configs = [{targets = ["100.104.42.96:8080"];}]; + static_configs = [ { targets = [ "100.104.42.96:8080" ]; } ]; } { job_name = "postgres"; - static_configs = [{targets = ["100.94.214.100:9003"];}]; + static_configs = [ { targets = [ "100.94.214.100:9003" ]; } ]; } { job_name = "blocky"; - static_configs = [{targets = ["100.73.192.45:4000"];}]; + static_configs = [ { targets = [ "100.73.192.45:4000" ]; } ]; } { job_name = "redis_exporter"; - static_configs = [{targets = ["100.94.214.100:9002"];}]; + static_configs = [ { targets = [ "100.94.214.100:9002" ]; } ]; } ]; exporters = { node = { enable = true; - enabledCollectors = ["systemd" "cpu"]; + enabledCollectors = [ + "systemd" + "cpu" + ]; }; }; }; diff --git a/modules/security.nix b/modules/security.nix index e6db1da..cba2680 100644 --- a/modules/security.nix +++ b/modules/security.nix @@ -41,7 +41,7 @@ "net.core.default_qdisc" = "cake"; }; - boot.kernelModules = ["tcp_bbr"]; + boot.kernelModules = [ "tcp_bbr" ]; security.acme = { acceptTerms = true; diff --git a/modules/system.nix b/modules/system.nix index fe5e765..42a1e2c 100644 --- a/modules/system.nix +++ b/modules/system.nix @@ -1,4 +1,5 @@ -{pkgs, ...}: { +{ pkgs, ... }: +{ documentation = { enable = true; doc.enable = false; diff --git a/modules/users.nix b/modules/users.nix index 8f9fba5..428f4de 100644 --- a/modules/users.nix +++ b/modules/users.nix @@ -1,4 +1,5 @@ -{pkgs, ...}: { +{ pkgs, ... }: +{ users = { defaultUserShell = pkgs.nushell; users.notoh = { diff --git a/modules/virtualisation.nix b/modules/virtualisation.nix index 07fa804..f5399d8 100644 --- a/modules/virtualisation.nix +++ b/modules/virtualisation.nix @@ -7,9 +7,9 @@ _: { autoPrune = { enable = true; dates = "weekly"; - flags = ["--all"]; + flags = [ "--all" ]; }; - listenOptions = ["/run/docker.sock"]; + listenOptions = [ "/run/docker.sock" ]; }; }; } diff --git a/pkgs/chatterino7/default.nix b/pkgs/chatterino7/default.nix index 2c298aa..e789fe7 100644 --- a/pkgs/chatterino7/default.nix +++ b/pkgs/chatterino7/default.nix @@ -26,8 +26,21 @@ stdenv.mkDerivation rec { fetchSubmodules = true; }; - nativeBuildInputs = [cmake pkg-config wrapQtAppsHook]; - buildInputs = [qtbase qtsvg qtmultimedia qtimageformats qttools boost openssl libsecret]; + nativeBuildInputs = [ + cmake + pkg-config + wrapQtAppsHook + ]; + buildInputs = [ + qtbase + qtsvg + qtmultimedia + qtimageformats + qttools + boost + openssl + libsecret + ]; postInstall = '' @@ -47,6 +60,6 @@ stdenv.mkDerivation rec { ''; homepage = "https://github.com/SevenTV/chatterino7"; license = licenses.mit; - maintainers = with maintainers; [notohh]; + maintainers = with maintainers; [ notohh ]; }; } diff --git a/pkgs/jellyfin-rpc/default.nix b/pkgs/jellyfin-rpc/default.nix index 47a3ec5..99268ed 100644 --- a/pkgs/jellyfin-rpc/default.nix +++ b/pkgs/jellyfin-rpc/default.nix @@ -19,6 +19,6 @@ rustPlatform.buildRustPackage rec { description = "Displays the content you're currently watching on Discord!"; homepage = "https://github.com/Radiicall/jellyfin-rpc"; license = licenses.gpl3; - maintainers = with maintainers; [notohh]; + maintainers = with maintainers; [ notohh ]; }; } diff --git a/pkgs/overlays.nix b/pkgs/overlays.nix index c6a2a34..4ebd392 100644 --- a/pkgs/overlays.nix +++ b/pkgs/overlays.nix @@ -1,25 +1,28 @@ -{lib, ...}: { +{ lib, ... }: +{ nixpkgs = { overlays = [ + (final: prev: { obsidian-wayland = prev.obsidian.override { electron = final.electron_24; }; }) (final: prev: { - obsidian-wayland = prev.obsidian.override {electron = final.electron_24;}; - }) - (final: prev: { - spotify-player = prev.spotify-player.overrideAttrs (old: rec { - pname = "spotify-player"; - version = "0.16.3"; - src = prev.fetchFromGitHub { - owner = "aome510"; - repo = pname; - rev = "refs/tags/v${version}"; - hash = "sha256-8naLLHAVGB8ow88XjU3BpnNzY3SFC2F5uYin67hMc0E="; - }; - cargoDeps = old.cargoDeps.overrideAttrs (lib.const { - name = "spotify-player.tar.gz"; - inherit src; - outputHash = "sha256-KiqQH356tOEz+Hjhh5XZa3/R+Jw/dH9Ys4KPyZZSTec="; - }); - }); + spotify-player = prev.spotify-player.overrideAttrs ( + old: rec { + pname = "spotify-player"; + version = "0.16.3"; + src = prev.fetchFromGitHub { + owner = "aome510"; + repo = pname; + rev = "refs/tags/v${version}"; + hash = "sha256-8naLLHAVGB8ow88XjU3BpnNzY3SFC2F5uYin67hMc0E="; + }; + cargoDeps = old.cargoDeps.overrideAttrs ( + lib.const { + name = "spotify-player.tar.gz"; + inherit src; + outputHash = "sha256-KiqQH356tOEz+Hjhh5XZa3/R+Jw/dH9Ys4KPyZZSTec="; + } + ); + } + ); }) ]; };