diff options
Diffstat (limited to 'modules/nixos')
34 files changed, 280 insertions, 247 deletions
diff --git a/modules/nixos/archetypes/personal.nix b/modules/nixos/archetypes/personal.nix index 68aada9..e516fb1 100644 --- a/modules/nixos/archetypes/personal.nix +++ b/modules/nixos/archetypes/personal.nix @@ -1,10 +1,8 @@ -{ - config, - lib, - ... -}: let +{ config, lib, ... }: +let cfg = config.archetypes.personal; -in { +in +{ options.archetypes = { personal.enable = lib.mkEnableOption "personal archetype"; }; diff --git a/modules/nixos/archetypes/server.nix b/modules/nixos/archetypes/server.nix index cbac329..165725d 100644 --- a/modules/nixos/archetypes/server.nix +++ b/modules/nixos/archetypes/server.nix @@ -1,10 +1,8 @@ -{ - config, - lib, - ... -}: let +{ config, lib, ... }: +let cfg = config.archetypes.server; -in { +in +{ options.archetypes = { server.enable = lib.mkEnableOption "server archetype"; }; diff --git a/modules/nixos/base/default.nix b/modules/nixos/base/default.nix index 421f733..d80d573 100644 --- a/modules/nixos/base/default.nix +++ b/modules/nixos/base/default.nix @@ -3,7 +3,8 @@ lib, pkgs, ... -}: { +}: +{ imports = [ ../../shared ./documentation.nix diff --git a/modules/nixos/base/documentation.nix b/modules/nixos/base/documentation.nix index 5792c80..986c6ee 100644 --- a/modules/nixos/base/documentation.nix +++ b/modules/nixos/base/documentation.nix @@ -3,13 +3,18 @@ lib, pkgs, ... -}: let +}: +let cfg = config.base.documentation; enable = config.base.enable && cfg.enable; -in { +in +{ config = lib.mkIf enable { documentation.nixos.enable = false; - environment.systemPackages = with pkgs; [man-pages man-pages-posix]; + environment.systemPackages = with pkgs; [ + man-pages + man-pages-posix + ]; }; } diff --git a/modules/nixos/base/networking.nix b/modules/nixos/base/networking.nix index 895127c..49feca5 100644 --- a/modules/nixos/base/networking.nix +++ b/modules/nixos/base/networking.nix @@ -1,13 +1,13 @@ -{ - config, - lib, - ... -}: let +{ config, lib, ... }: +let cfg = config.base.networking; enable = config.base.enable && cfg.enable; -in { +in +{ options.base.networking = { - enable = lib.mkEnableOption "base network settings" // {default = true;}; + enable = lib.mkEnableOption "base network settings" // { + default = true; + }; }; config = lib.mkIf enable { diff --git a/modules/nixos/base/nix.nix b/modules/nixos/base/nix.nix index 8429346..6c49312 100644 --- a/modules/nixos/base/nix.nix +++ b/modules/nixos/base/nix.nix @@ -1,16 +1,17 @@ -{ - config, - lib, - ... -}: let +{ config, lib, ... }: +let cfg = config.base.nixSettings; enable = config.base.enable && cfg.enable; -in { +in +{ config = lib.mkIf enable { nix = { channel.enable = lib.mkDefault false; gc.dates = lib.mkDefault "weekly"; - settings.trusted-users = ["root" "@wheel"]; + settings.trusted-users = [ + "root" + "@wheel" + ]; }; }; } diff --git a/modules/nixos/base/programs.nix b/modules/nixos/base/programs.nix index 7d1a15b..def710c 100644 --- a/modules/nixos/base/programs.nix +++ b/modules/nixos/base/programs.nix @@ -1,11 +1,9 @@ -{ - config, - lib, - ... -}: let +{ config, lib, ... }: +let cfg = config.base.defaultPrograms; enable = config.base.enable && cfg.enable; -in { +in +{ config = lib.mkIf enable { programs = { git.enable = true; diff --git a/modules/nixos/base/security.nix b/modules/nixos/base/security.nix index 4401f81..c3d606f 100644 --- a/modules/nixos/base/security.nix +++ b/modules/nixos/base/security.nix @@ -1,13 +1,13 @@ -{ - config, - lib, - ... -}: let +{ config, lib, ... }: +let cfg = config.base.security; enable = config.base.enable && cfg.enable; -in { +in +{ options.base.security = { - enable = lib.mkEnableOption "base security settings" // {default = true;}; + enable = lib.mkEnableOption "base security settings" // { + default = true; + }; }; config = lib.mkIf enable { diff --git a/modules/nixos/base/users.nix b/modules/nixos/base/users.nix index 507a82a..b026f73 100644 --- a/modules/nixos/base/users.nix +++ b/modules/nixos/base/users.nix @@ -4,19 +4,23 @@ pkgs, secretsDir, ... -}: let +}: +let cfg = config.base.users; -in { +in +{ options.base.users = { - enable = lib.mkEnableOption "base user configurations" // {default = true;}; + enable = lib.mkEnableOption "base user configurations" // { + default = true; + }; defaultRoot = { - enable = lib.mkEnableOption "default root user configuration" // {default = false;}; - manageSecrets = - lib.mkEnableOption "automatic secrets management" - // { - default = config.traits.secrets.enable; - }; + enable = lib.mkEnableOption "default root user configuration" // { + default = false; + }; + manageSecrets = lib.mkEnableOption "automatic secrets management" // { + default = config.traits.secrets.enable; + }; }; }; diff --git a/modules/nixos/desktop/audio.nix b/modules/nixos/desktop/audio.nix index 1e47ab2..8e0c069 100644 --- a/modules/nixos/desktop/audio.nix +++ b/modules/nixos/desktop/audio.nix @@ -1,13 +1,13 @@ -{ - config, - lib, - ... -}: let +{ config, lib, ... }: +let cfg = config.desktop.audio; enable = config.desktop.enable && cfg.enable; -in { +in +{ options.desktop.audio = { - enable = lib.mkEnableOption "desktop audio configuration" // {default = true;}; + enable = lib.mkEnableOption "desktop audio configuration" // { + default = true; + }; }; config = lib.mkIf enable { diff --git a/modules/nixos/desktop/budgie/default.nix b/modules/nixos/desktop/budgie/default.nix index dbd3715..dce24b4 100644 --- a/modules/nixos/desktop/budgie/default.nix +++ b/modules/nixos/desktop/budgie/default.nix @@ -3,9 +3,11 @@ lib, pkgs, ... -}: let +}: +let cfg = config.desktop.budgie; -in { +in +{ options.desktop.budgie.enable = lib.mkEnableOption "budgie desktop"; config = lib.mkIf cfg.enable { diff --git a/modules/nixos/desktop/default.nix b/modules/nixos/desktop/default.nix index 17392c4..83a4fba 100644 --- a/modules/nixos/desktop/default.nix +++ b/modules/nixos/desktop/default.nix @@ -1,10 +1,8 @@ -{ - config, - lib, - ... -}: let +{ config, lib, ... }: +let cfg = config.desktop; -in { +in +{ options.desktop = { enable = lib.mkEnableOption "desktop settings"; }; @@ -19,7 +17,5 @@ in { ./plasma ]; - config = lib.mkIf cfg.enable { - services.xserver.enable = true; - }; + config = lib.mkIf cfg.enable { services.xserver.enable = true; }; } diff --git a/modules/nixos/desktop/fonts.nix b/modules/nixos/desktop/fonts.nix index 212f88c..f6df64c 100644 --- a/modules/nixos/desktop/fonts.nix +++ b/modules/nixos/desktop/fonts.nix @@ -3,12 +3,16 @@ lib, pkgs, ... -}: let +}: +let cfg = config.desktop.fonts; enable = config.desktop.enable && cfg.enable; -in { +in +{ options.desktop.fonts = { - enable = lib.mkEnableOption "desktop fonts" // {default = true;}; + enable = lib.mkEnableOption "desktop fonts" // { + default = true; + }; }; config = lib.mkIf enable { @@ -16,7 +20,13 @@ in { enableDefaultPackages = true; packages = with pkgs; [ - (nerdfonts.override {fonts = ["FiraCode" "Hack" "Noto"];}) + (nerdfonts.override { + fonts = [ + "FiraCode" + "Hack" + "Noto" + ]; + }) noto-fonts noto-fonts-extra noto-fonts-color-emoji @@ -27,10 +37,10 @@ in { enable = true; cache32Bit = lib.mkDefault true; defaultFonts = lib.mkDefault { - serif = ["Noto Serif"]; - sansSerif = ["Noto Sans"]; - emoji = ["Noto Color Emoji"]; - monospace = ["Noto Sans Mono"]; + serif = [ "Noto Serif" ]; + sansSerif = [ "Noto Sans" ]; + emoji = [ "Noto Color Emoji" ]; + monospace = [ "Noto Sans Mono" ]; }; }; }; diff --git a/modules/nixos/desktop/gnome/default.nix b/modules/nixos/desktop/gnome/default.nix index 8822bd4..1763e6b 100644 --- a/modules/nixos/desktop/gnome/default.nix +++ b/modules/nixos/desktop/gnome/default.nix @@ -3,9 +3,11 @@ lib, pkgs, ... -}: let +}: +let cfg = config.desktop.gnome; -in { +in +{ options.desktop.gnome.enable = lib.mkEnableOption "GNOME desktop"; config = lib.mkIf cfg.enable { diff --git a/modules/nixos/desktop/plasma/default.nix b/modules/nixos/desktop/plasma/default.nix index b6e06da..7c43907 100644 --- a/modules/nixos/desktop/plasma/default.nix +++ b/modules/nixos/desktop/plasma/default.nix @@ -4,9 +4,11 @@ pkgs, inputs, ... -}: let +}: +let cfg = config.desktop.plasma; -in { +in +{ options.desktop.plasma.enable = lib.mkEnableOption "Plasma desktop"; config = lib.mkIf cfg.enable { diff --git a/modules/nixos/desktop/programs.nix b/modules/nixos/desktop/programs.nix index 94bde49..15ddbcc 100644 --- a/modules/nixos/desktop/programs.nix +++ b/modules/nixos/desktop/programs.nix @@ -3,18 +3,25 @@ lib, pkgs, ... -}: let +}: +let cfg = config.desktop.defaultPrograms; enable = config.desktop.enable && cfg.enable; -in { +in +{ options.desktop.defaultPrograms = { - enable = lib.mkEnableOption "default desktop programs" // {default = true;}; + enable = lib.mkEnableOption "default desktop programs" // { + default = true; + }; }; config = lib.mkIf enable { environment = { noXlibs = lib.mkForce false; - systemPackages = with pkgs; [wl-clipboard xclip]; + systemPackages = with pkgs; [ + wl-clipboard + xclip + ]; }; programs = { diff --git a/modules/nixos/server/default.nix b/modules/nixos/server/default.nix index 735a30f..366abb3 100644 --- a/modules/nixos/server/default.nix +++ b/modules/nixos/server/default.nix @@ -4,9 +4,11 @@ pkgs, inputs, ... -}: let +}: +let cfg = config.server; -in { +in +{ options.server = { enable = lib.mkEnableOption "server settings"; }; @@ -26,7 +28,7 @@ in { man.enable = false; }; - environment.defaultPackages = lib.mkForce []; + environment.defaultPackages = lib.mkForce [ ]; nix = { gc = { @@ -34,7 +36,7 @@ in { options = "-d --delete-older-than 2d"; }; - settings.allowed-users = [config.networking.hostName]; + settings.allowed-users = [ config.networking.hostName ]; }; }; } diff --git a/modules/nixos/server/host-user.nix b/modules/nixos/server/host-user.nix index 5aa1ce5..8b76e9d 100644 --- a/modules/nixos/server/host-user.nix +++ b/modules/nixos/server/host-user.nix @@ -3,18 +3,20 @@ lib, secretsDir, ... -}: let +}: +let cfg = config.server.hostUser; inherit (config.networking) hostName; -in { +in +{ options.server.hostUser = { - enable = lib.mkEnableOption "${hostName} user configuration" // {default = config.server.enable;}; + enable = lib.mkEnableOption "${hostName} user configuration" // { + default = config.server.enable; + }; - manageSecrets = - lib.mkEnableOption "automatic secrets management" - // { - default = config.traits.secrets.enable; - }; + manageSecrets = lib.mkEnableOption "automatic secrets management" // { + default = config.traits.secrets.enable; + }; }; config = lib.mkIf cfg.enable ( @@ -22,7 +24,7 @@ in { { users.users.${hostName} = { isNormalUser = true; - extraGroups = ["wheel"]; + extraGroups = [ "wheel" ]; }; } diff --git a/modules/nixos/server/mixins/acme.nix b/modules/nixos/server/mixins/acme.nix index 0e4a6d6..e809ad4 100644 --- a/modules/nixos/server/mixins/acme.nix +++ b/modules/nixos/server/mixins/acme.nix @@ -3,19 +3,21 @@ lib, secretsDir, ... -}: let +}: +let cfg = config.server.mixins.acme; -in { +in +{ options.server.mixins.acme = { enable = lib.mkEnableOption "ACME mixin"; - manageSecrets = - lib.mkEnableOption "automatic secrets management" - // { - default = config.traits.secrets.enable; - }; + manageSecrets = lib.mkEnableOption "automatic secrets management" // { + default = config.traits.secrets.enable; + }; - useDns = lib.mkEnableOption "the usage of Cloudflare to obtain certs" // {default = true;}; + useDns = lib.mkEnableOption "the usage of Cloudflare to obtain certs" // { + default = true; + }; }; config = lib.mkIf cfg.enable ( diff --git a/modules/nixos/server/mixins/cloudflared.nix b/modules/nixos/server/mixins/cloudflared.nix index a5afb62..f781150 100644 --- a/modules/nixos/server/mixins/cloudflared.nix +++ b/modules/nixos/server/mixins/cloudflared.nix @@ -3,10 +3,12 @@ lib, secretsDir, ... -}: let +}: +let cfg = config.server.mixins.cloudflared; inherit (config.services) nginx; -in { +in +{ options.server.mixins.cloudflared = { enable = lib.mkEnableOption "cloudflared mixin"; tunnelName = lib.mkOption { @@ -18,11 +20,9 @@ in { ''; }; - manageSecrets = - lib.mkEnableOption "automatic secrets management" - // { - default = config.traits.secrets.enable; - }; + manageSecrets = lib.mkEnableOption "automatic secrets management" // { + default = config.traits.secrets.enable; + }; }; config = lib.mkIf cfg.enable ( @@ -33,7 +33,9 @@ in { tunnels.${cfg.tunnelName} = { default = "http_status:404"; - ingress = lib.mapAttrs (_: _: {service = "http://localhost:${toString nginx.defaultHTTPListenPort}";}) nginx.virtualHosts; + ingress = lib.mapAttrs (_: _: { + service = "http://localhost:${toString nginx.defaultHTTPListenPort}"; + }) nginx.virtualHosts; }; }; } diff --git a/modules/nixos/server/mixins/hercules.nix b/modules/nixos/server/mixins/hercules.nix index 103f58e..49ba46d 100644 --- a/modules/nixos/server/mixins/hercules.nix +++ b/modules/nixos/server/mixins/hercules.nix @@ -4,16 +4,16 @@ unstable, secretsDir, ... -}: let +}: +let cfg = config.server.mixins.hercules-ci; -in { +in +{ options.server.mixins.hercules-ci = { enable = lib.mkEnableOption "hercules-ci mixin"; - manageSecrets = - lib.mkEnableOption "automatic secrets management" - // { - default = config.traits.secrets.enable; - }; + manageSecrets = lib.mkEnableOption "automatic secrets management" // { + default = config.traits.secrets.enable; + }; }; config = lib.mkIf cfg.enable ( @@ -25,29 +25,29 @@ in { }; } - (let - secretNames = [ - "binaryCaches" - "clusterJoinToken" - "secretsJson" - ]; - in + ( + let + secretNames = [ + "binaryCaches" + "clusterJoinToken" + "secretsJson" + ]; + in lib.mkIf cfg.manageSecrets { - age.secrets = lib.genAttrs secretNames ( - file: { - file = "${secretsDir}/${file}.age"; - mode = "400"; - owner = "hercules-ci-agent"; - group = "hercules-ci-agent"; - } - ); + age.secrets = lib.genAttrs secretNames (file: { + file = "${secretsDir}/${file}.age"; + mode = "400"; + owner = "hercules-ci-agent"; + group = "hercules-ci-agent"; + }); services.hercules-ci-agent = { settings = lib.mapAttrs' (name: lib.nameValuePair (name + "Path")) ( lib.genAttrs secretNames (name: config.age.secrets.${name}.path) ); }; - }) + } + ) ] ); } diff --git a/modules/nixos/server/mixins/nginx.nix b/modules/nixos/server/mixins/nginx.nix index ba18ecf..11306a2 100644 --- a/modules/nixos/server/mixins/nginx.nix +++ b/modules/nixos/server/mixins/nginx.nix @@ -1,10 +1,8 @@ -{ - config, - lib, - ... -}: let +{ config, lib, ... }: +let cfg = config.server.mixins.nginx; -in { +in +{ options.server.mixins.nginx = { enable = lib.mkEnableOption "nginx mixin"; }; diff --git a/modules/nixos/server/mixins/promtail.nix b/modules/nixos/server/mixins/promtail.nix index 1baaac6..6b4cf32 100644 --- a/modules/nixos/server/mixins/promtail.nix +++ b/modules/nixos/server/mixins/promtail.nix @@ -1,17 +1,15 @@ -{ - config, - lib, - ... -}: let +{ config, lib, ... }: +let cfg = config.server.mixins.promtail; inherit (lib) types; -in { +in +{ options.server.mixins.promtail = { enable = lib.mkEnableOption "Promtail mixin"; clients = lib.mkOption { type = types.listOf types.attrs; - default = [{}]; + default = [ { } ]; description = "Clients for promtail"; }; }; @@ -37,7 +35,7 @@ in { relabel_configs = [ { - source_labels = ["__journal__systemd_unit"]; + source_labels = [ "__journal__systemd_unit" ]; target_label = "unit"; } ]; diff --git a/modules/nixos/traits/24.05-compat.nix b/modules/nixos/traits/24.05-compat.nix index 26dcbca..b6422d1 100644 --- a/modules/nixos/traits/24.05-compat.nix +++ b/modules/nixos/traits/24.05-compat.nix @@ -1,5 +1,17 @@ -{lib, ...}: { +{ lib, ... }: +{ imports = lib.optionals (lib.versionOlder lib.version "24.11pre") [ - (lib.mkAliasOptionModule ["hardware" "graphics" "extraPackages"] ["hardware" "opengl" "extraPackages"]) + (lib.mkAliasOptionModule + [ + "hardware" + "graphics" + "extraPackages" + ] + [ + "hardware" + "opengl" + "extraPackages" + ] + ) ]; } diff --git a/modules/nixos/traits/auto-upgrade.nix b/modules/nixos/traits/auto-upgrade.nix index bdb919c..1e65445 100644 --- a/modules/nixos/traits/auto-upgrade.nix +++ b/modules/nixos/traits/auto-upgrade.nix @@ -1,10 +1,8 @@ -{ - config, - lib, - ... -}: let +{ config, lib, ... }: +let cfg = config.traits.autoUpgrade; -in { +in +{ options.traits.autoUpgrade = { enable = lib.mkEnableOption "automatic updates"; }; @@ -14,16 +12,14 @@ in { enable = true; /* - a workflow updates the flake every 24h at ~0:00UTC/8:00EST; - most devices of mine will be in EST currently. this could probably be - "01:00" or "daily" but i think that's a bit of a risk if i ever change/ - dont set the time zone for a device and forget about this lol + a workflow updates the flake every 24h at ~0:00UTC/8:00EST; + most devices of mine will be in EST currently. this could probably be + "01:00" or "daily" but i think that's a bit of a risk if i ever change/ + dont set the time zone for a device and forget about this lol */ dates = lib.mkDefault "02:00"; flake = "github:getchoo/flake#${config.networking.hostName}"; - flags = [ - "--refresh" - ]; + flags = [ "--refresh" ]; }; }; } diff --git a/modules/nixos/traits/containers.nix b/modules/nixos/traits/containers.nix index 5170c34..d13c658 100644 --- a/modules/nixos/traits/containers.nix +++ b/modules/nixos/traits/containers.nix @@ -4,10 +4,12 @@ options, pkgs, ... -}: let +}: +let cfg = config.traits.containers; - enableNvidia = lib.elem "nvidia" (config.services.xserver.videoDrivers or []); -in { + enableNvidia = lib.elem "nvidia" (config.services.xserver.videoDrivers or [ ]); +in +{ options.traits.containers = { enable = lib.mkEnableOption "containers support"; }; @@ -18,7 +20,7 @@ in { virtualisation = { podman = { enable = true; - extraPackages = with pkgs; [podman-compose]; + extraPackages = with pkgs; [ podman-compose ]; autoPrune.enable = true; }; @@ -26,9 +28,7 @@ in { }; } - (lib.mkIf enableNvidia { - hardware.nvidia-container-toolkit.enable = true; - }) + (lib.mkIf enableNvidia { hardware.nvidia-container-toolkit.enable = true; }) ] ); } diff --git a/modules/nixos/traits/home-manager.nix b/modules/nixos/traits/home-manager.nix index 01af5b1..687f01d 100644 --- a/modules/nixos/traits/home-manager.nix +++ b/modules/nixos/traits/home-manager.nix @@ -1,3 +1,4 @@ -{inputs, ...}: { - imports = [inputs.home-manager.nixosModules.home-manager]; +{ inputs, ... }: +{ + imports = [ inputs.home-manager.nixosModules.home-manager ]; } diff --git a/modules/nixos/traits/locale.nix b/modules/nixos/traits/locale.nix index 1de19ce..bd30819 100644 --- a/modules/nixos/traits/locale.nix +++ b/modules/nixos/traits/locale.nix @@ -1,10 +1,8 @@ -{ - config, - lib, - ... -}: let +{ config, lib, ... }: +let cfg = config.traits.locale; -in { +in +{ options.traits.locale = { en_US = { enable = lib.mkEnableOption "en_US locale"; @@ -14,9 +12,7 @@ in { config = lib.mkMerge [ (lib.mkIf cfg.en_US.enable { i18n = { - supportedLocales = [ - "en_US.UTF-8/UTF-8" - ]; + supportedLocales = [ "en_US.UTF-8/UTF-8" ]; defaultLocale = "en_US.UTF-8"; }; diff --git a/modules/nixos/traits/nvidia.nix b/modules/nixos/traits/nvidia.nix index 303d902..5fec7db 100644 --- a/modules/nixos/traits/nvidia.nix +++ b/modules/nixos/traits/nvidia.nix @@ -3,49 +3,53 @@ lib, pkgs, ... -}: let +}: +let cfg = config.traits.nvidia; usingNvidia = lib.elem "nvidia" config.services.xserver.videoDrivers; -in { +in +{ options.traits.nvidia = { enable = lib.mkEnableOption "NVIDIA drivers"; nvk.enable = lib.mkEnableOption "NVK specialisation"; }; - config = lib.mkIf cfg.enable (lib.mkMerge [ - { - boot.kernelParams = lib.optional usingNvidia "nvidia_drm.fbdev=1"; + config = lib.mkIf cfg.enable ( + lib.mkMerge [ + { + boot.kernelParams = lib.optional usingNvidia "nvidia_drm.fbdev=1"; - services.xserver.videoDrivers = ["nvidia"]; + services.xserver.videoDrivers = [ "nvidia" ]; - hardware = { - graphics.extraPackages = [pkgs.vaapiVdpau]; - nvidia = { - package = lib.mkDefault config.boot.kernelPackages.nvidiaPackages.latest; - modesetting.enable = true; - }; - }; - } - - (lib.mkIf cfg.nvk.enable { - specialisation = { - nvk.configuration = { - boot = { - kernelParams = ["nouveau.config=NvGspRm=1"]; - initrd.kernelModules = ["nouveau"]; + hardware = { + graphics.extraPackages = [ pkgs.vaapiVdpau ]; + nvidia = { + package = lib.mkDefault config.boot.kernelPackages.nvidiaPackages.latest; + modesetting.enable = true; }; + }; + } - environment.sessionVariables = { - MESA_VK_VERSION_OVERRIDE = "1.3"; - }; + (lib.mkIf cfg.nvk.enable { + specialisation = { + nvk.configuration = { + boot = { + kernelParams = [ "nouveau.config=NvGspRm=1" ]; + initrd.kernelModules = [ "nouveau" ]; + }; + + environment.sessionVariables = { + MESA_VK_VERSION_OVERRIDE = "1.3"; + }; - hardware.graphics.extraPackages = lib.mkForce []; + hardware.graphics.extraPackages = lib.mkForce [ ]; - services.xserver.videoDrivers = lib.mkForce ["modesetting"]; + services.xserver.videoDrivers = lib.mkForce [ "modesetting" ]; - system.nixos.tags = ["with-nvk"]; + system.nixos.tags = [ "with-nvk" ]; + }; }; - }; - }) - ]); + }) + ] + ); } diff --git a/modules/nixos/traits/secrets.nix b/modules/nixos/traits/secrets.nix index 862e76f..af66969 100644 --- a/modules/nixos/traits/secrets.nix +++ b/modules/nixos/traits/secrets.nix @@ -3,14 +3,16 @@ lib, inputs, ... -}: let +}: +let cfg = config.traits.secrets; -in { +in +{ options.traits.secrets = { enable = lib.mkEnableOption "secrets management"; }; - imports = [inputs.agenix.nixosModules.default]; + imports = [ inputs.agenix.nixosModules.default ]; config = lib.mkIf cfg.enable { _module.args = { @@ -18,7 +20,7 @@ in { }; age = { - identityPaths = ["/etc/age/key"]; + identityPaths = [ "/etc/age/key" ]; }; }; } diff --git a/modules/nixos/traits/tailscale.nix b/modules/nixos/traits/tailscale.nix index a7d8c06..73c74e3 100644 --- a/modules/nixos/traits/tailscale.nix +++ b/modules/nixos/traits/tailscale.nix @@ -3,24 +3,24 @@ lib, secretsDir, ... -}: let +}: +let cfg = config.traits.tailscale; -in { +in +{ options.traits.tailscale = { enable = lib.mkEnableOption "Tailscale"; ssh.enable = lib.mkEnableOption "Tailscale SSH"; - manageSecrets = - lib.mkEnableOption "automatic secrets management" - // { - default = config.traits.secrets.enable && cfg.ssh.enable; - }; + manageSecrets = lib.mkEnableOption "automatic secrets management" // { + default = config.traits.secrets.enable && cfg.ssh.enable; + }; }; config = lib.mkIf cfg.enable ( lib.mkMerge [ { networking.firewall = { - trustedInterfaces = [config.services.tailscale.interfaceName]; + trustedInterfaces = [ config.services.tailscale.interfaceName ]; }; services.tailscale = { @@ -31,11 +31,11 @@ in { (lib.mkIf cfg.ssh.enable { networking.firewall = { - allowedTCPPorts = [22]; + allowedTCPPorts = [ 22 ]; }; services.tailscale = { - extraUpFlags = ["--ssh"]; + extraUpFlags = [ "--ssh" ]; }; }) diff --git a/modules/nixos/traits/users/default.nix b/modules/nixos/traits/users/default.nix index a81dacf..df767b4 100644 --- a/modules/nixos/traits/users/default.nix +++ b/modules/nixos/traits/users/default.nix @@ -1,5 +1 @@ -{ - imports = [ - ./seth.nix - ]; -} +{ imports = [ ./seth.nix ]; } diff --git a/modules/nixos/traits/users/seth.nix b/modules/nixos/traits/users/seth.nix index 9ebb6c8..4b84892 100644 --- a/modules/nixos/traits/users/seth.nix +++ b/modules/nixos/traits/users/seth.nix @@ -3,15 +3,15 @@ lib, secretsDir, ... -}: let +}: +let cfg = config.traits.users.seth; -in { +in +{ options.traits.users.seth = { - manageSecrets = - lib.mkEnableOption "automatic secrets management" - // { - default = config.traits.secrets.enable; - }; + manageSecrets = lib.mkEnableOption "automatic secrets management" // { + default = config.traits.secrets.enable; + }; }; config = lib.mkMerge [ diff --git a/modules/nixos/traits/zram.nix b/modules/nixos/traits/zram.nix index 337137a..d0c6a36 100644 --- a/modules/nixos/traits/zram.nix +++ b/modules/nixos/traits/zram.nix @@ -1,10 +1,8 @@ -{ - config, - lib, - ... -}: let +{ config, lib, ... }: +let cfg = config.traits.zram; -in { +in +{ options.traits.zram = { enable = lib.mkEnableOption "zram setup & configuration"; }; |