cleanup

checks/pre-commit-hooks/default.nix

@@ -4,9 +4,9 @@
   ...
 }:
 let
-  inherit (inputs) git-hooks-nix;
+  inherit (inputs) pre-commit-hooks-nix;
 in
-git-hooks-nix.lib.${pkgs.system}.run {
+pre-commit-hooks-nix.lib.${pkgs.system}.run {
   src = ../..;
   hooks = {
     pre-commit-hook-ensure-sops.enable = true;

flake.nix

@@ -85,8 +85,7 @@
 
   # We will handle this in the next section.
   outputs = inputs:
-  let
-    snowfall = inputs.snowfall-lib.mkFlake {
+  inputs.snowfall-lib.mkFlake {
     # You must provide our flake inputs to Snowfall Lib.
     inherit inputs;
 
@@ -150,7 +149,7 @@
         # ######################################################
         #                   Steamdeck                          #
         # ######################################################
-          deck = {
+        steamdeck = {
           modules = with inputs; [
             disko.nixosModules.disko
             jovian.nixosModules.jovian
@@ -231,7 +230,7 @@
           #     sops-nix.homeManagerModules.sops
           #   ];
           # };
-            "deck@deck" = {
+          "deck@steamdeck" = {
             modules = with inputs; [
               steam-rom-manager.homeManagerModules.default
             ];
@@ -260,8 +259,4 @@
       formatter = inputs.treefmt-nix.lib.mkWrapper channels.nixpkgs ./treefmt.nix;
     };
   };
-  in
-    snowfall // {
-      nixosConfigurations = snowfall.nixosConfigurations;
-    };
 }

modules/home/programs/waybar/default.nix

@@ -372,7 +372,7 @@ in
           ${defaultBorderRadius}
           ${defaultCenterOptions}
           margin-left: 4rem;
-          margin-right: ${cfg.css.window.margin-right}rem;
+          margin-right: 400rem;
         }
 
         /* make window module transparent when no windows present */

modules/nixos/home/default.nix

@@ -4,8 +4,12 @@
   options,
   namespace,
   inputs,
+  system,
   ...
 }:
+let
+  isArm = ("aarch64-linux" == system);
+in
 {
 
   options.${namespace}.home = with lib.types; {
@@ -49,9 +53,8 @@
       # Make ALL external HM modules available globally
       sharedModules = with inputs; [
         sops-nix.homeManagerModules.sops
-        steam-rom-manager.homeManagerModules.default
         # Add any other external HM modules here
-      ];
+      ] ++ (if (!isArm) then with inputs; [ steam-rom-manager.homeManagerModules.default ] else [ ]);
 
       users.${config.${namespace}.user.name} = lib.mkAliasDefinitions options.${namespace}.home.extraOptions;
       # users.admin = lib.mkAliasDefinitions options.${namespace}.home.extraOptions;

systems/aarch64-linux/pi4/default.nix

@@ -87,7 +87,7 @@ in
       "${user}" = {
         isNormalUser = true;
         # hashedPasswordFile = password;
-        password = "BogieDudie1";
+        password = lib.mkForce "BogieDudie1";
         extraGroups = [
           "wheel"
           "docker"

systems/aarch64-linux/pi4/sops.nix

@@ -1,10 +1,10 @@
-{ config, ... }:
+{ config, lib, ... }:
 let
   user = "matt";
 in
 {
   sops = {
-    defaultSopsFile = ../../../secrets/pi4-secrets.yaml;
+    defaultSopsFile = lib.mkForce ../../../secrets/pi4-secrets.yaml;
 #    age = {
 #      generateKey = true;
 #      sshKeyPaths = [ "/etc/ssd/ssh_host_ed25519_key" ];

systems/aarch64-linux/pi5/default.nix

@@ -91,7 +91,7 @@ in
     users."${user}" = {
       isNormalUser = true;
 #      hashedPasswordFile = password;
-      password = "BogieDudie1";
+      password = lib.mkForce "BogieDudie1";
       extraGroups = [
         "wheel"
         "docker"

systems/aarch64-linux/pi5/sops.nix

@@ -1,10 +1,10 @@
-{ config, ... }:
+{ config, lib, ... }:
 let
   user = "matt";
 in
 {
   sops = {
-    defaultSopsFile = ../../../secrets/pi5-secrets.yaml;
+    defaultSopsFile = lib.mkForce ../../../secrets/pi5-secrets.yaml;
     # age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
     age.keyFile = "/home/matt/.config/sops/age/keys.txt";
 

systems/x86_64-linux/desktop/sops.nix

@@ -20,7 +20,7 @@ in
   # Either the group id or group name representation of the secret group
   # It is recommended to get the group name from `config.users.users.<?name>.group` to avoid misconfiguration
   sops = {
-    defaultSopsFile = desktopSopsFile;
+    defaultSopsFile = lib.mkForce desktopSopsFile; # todo
     age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
 
     # ------------------------------

systems/x86_64-linux/desktop/users.nix

@@ -1,9 +1,9 @@
-{ config, namespace, ... }:
+{ config, namespace, lib, ... }:
 let
   passwordFile = config.sops.secrets."desktop/matt_password".path;
 in 
 {
   ${namespace}.user = {
-    passwordFile = passwordFile;
+    passwordFile = lib.mkForce passwordFile;
   };
 }

systems/x86_64-linux/nas/sops.nix

@@ -1,4 +1,4 @@
-{ config, ... }:
+{ config, lib, ... }:
 let
   user = "nix-apps";
 in
@@ -18,7 +18,7 @@ in
   # Either the group id or group name representation of the secret group
   # It is recommended to get the group name from `config.users.users.<?name>.group` to avoid misconfiguration
   sops = {
-    defaultSopsFile = ../../../secrets/nas-secrets.yaml;
+    defaultSopsFile = lib.mkForce ../../../secrets/nas-secrets.yaml;
     age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
 
     # ------------------------------

systems/x86_64-linux/nas/users.nix

@@ -1,4 +1,4 @@
-{ pkgs, config, ... }:
+{ pkgs, config, lib, ... }:
 let
   user = "admin";
   passwordFile = config.sops.secrets."jallen-nas/admin_password".path;
@@ -31,7 +31,7 @@ in
         "62900"
         "1001"
       ];
-      hashedPasswordFile = passwordFile;
+      hashedPasswordFile = lib.mkForce passwordFile;
       shell = pkgs.zsh;
       packages = with pkgs; [
         cachix

systems/x86_64-linux/nuc/sops.nix

@@ -1,4 +1,4 @@
-{ config, ... }:
+{ config, lib, ... }:
 let
   user = "nix-apps";
 in
@@ -18,7 +18,7 @@ in
   # Either the group id or group name representation of the secret group
   # It is recommended to get the group name from `config.users.users.<?name>.group` to avoid misconfiguration
   sops = {
-    defaultSopsFile = ../../../secrets/nuc-secrets.yaml;
+    defaultSopsFile = lib.mkForce ../../../secrets/nuc-secrets.yaml;
     age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
 
     # ------------------------------

systems/x86_64-linux/nuc/users.nix

@@ -1,4 +1,4 @@
-{ pkgs, config, ... }:
+{ pkgs, lib, ... }:
 let
   user = "admin";
   # passwordFile = config.sops.secrets."jallen-nas/admin_password".path;
@@ -22,7 +22,7 @@ in
           "libvirtd"
         ];
         # hashedPasswordFile = passwordFile;
-        password = "BogieDudie1";
+        password = lib.mkForce "BogieDudie1";
         shell = pkgs.zsh;
         packages = with pkgs; [
         ];

systems/x86_64-linux/steamdeck/configuration.nix

@@ -30,9 +30,7 @@
   # Define a user account. Don't forget to set a password with ‘passwd’.
   users.users = {
     deck = {
-      hashedPasswordFile = config.sops.secrets."steamdeck/deck-password".path;
-      isNormalUser = true;
-      extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user.
+      hashedPasswordFile = lib.mkForce config.sops.secrets."steamdeck/deck-password".path;
       openssh.authorizedKeys.keys = [
         # macBook
         "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCw9zq8DLGByI5v2gAn95hKNyOsm3g61a2buxu2BBMFysQJgmZPCCLUqRJKhSM5Vm/JOgsAmdpRBRZQoHD+6S844CJHb4v4VIbjkyQgYCuM7Rst2IOZ5QybvsA2/D0nwytZ+HXQqDj2AagUYDbz0gyyIHkDQ5YGBMkvkWz/h1Vci6aoBM7VihEDM4KlWoTVuPeASGM8r5IZ2FS83Djbqo4ov6AYvLMrKB9Z7hmFgH6R3LE0gxOkzbGVXtSuvJyrjvgytoT22UhATjjxSQ9D+YJXXkQoB3lUdg8OoIquUPjMZpl4mR8ffvseWPfcvD1XlD5t+TOHFqKpESO547tlOBYhdpew+NSgAXpamCU6oyV8tDCywLQu2ucxHRn78u6WXzWHkDtffdhzmk6TZaPhWqVHuTGjR4higBgGqUfSaKOMszt+FDRZAr3HtuQ2+zJ8bowK9fW5OqilTtK2HtQqroD9ApegDNbqOz6kGy5IycSXvqPURy/M4lxZxbtBPuemcJs= mattjallen@MacBook-Pro.local"
@@ -41,11 +39,6 @@
         # desktop nixos
         "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPTBMydhOc6SnOdB5WrEd7X07DrboAtagCUgXiOJjLov matt@matt-nixos"
       ];
-      packages = with pkgs; [
-        firefox
-        tree
-      ];
-      shell = lib.mkForce pkgs.zsh;
     };
   };
 

systems/x86_64-linux/steamdeck/default.nix

@@ -34,5 +34,6 @@
     user = {
       name = "deck";
     };
+    network.hostName = "steamdeck";
   };
 }

systems/x86_64-linux/steamdeck/sops.nix

@@ -18,7 +18,7 @@ in
   # Either the group id or group name representation of the secret group
   # It is recommended to get the group name from `config.users.users.<?name>.group` to avoid misconfiguration
   sops = {
-    defaultSopsFile = (lib.snowfall.fs.get-file "secrets/steamdeck-secrets.yaml");
+    defaultSopsFile = lib.mkForce (lib.snowfall.fs.get-file "secrets/steamdeck-secrets.yaml");
     age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
 
     # ------------------------------

templates/checks/pre-commit-hooks/default.nix

@@ -1,49 +0,0 @@
-{
-  inputs,
-  lib,
-  namespace,
-  pkgs,
-  ...
-}:
-let
-  inherit (inputs) pre-commit-hooks-nix;
-in
-pre-commit-hooks-nix.lib.${pkgs.system}.run {
-  src = ./.;
-  hooks =
-    let
-      excludes = [
-        "flake.lock"
-        "*.md"
-      ];
-      fail_fast = true;
-      verbose = true;
-    in
-    {
-      deadnix = {
-        enable = true;
-
-        settings = {
-          edit = true;
-        };
-      };
-
-      nixfmt = {
-        enable = true;
-        package = pkgs.nixfmt-rfc-style;
-      };
-
-      pre-commit-hook-ensure-sops.enable = true;
-
-      prettier = {
-        enable = true;
-        inherit excludes fail_fast verbose;
-
-        description = "pre-commit hook for prettier";
-        settings = {
-          binPath = "${lib.getExe pkgs.prettierd}";
-          write = true;
-        };
-      };
-    };
-}

treefmt.nix

@@ -26,7 +26,7 @@
     gofmt.enable = true;
     isort.enable = true;
     nixfmt.enable = true;
-    nufmt.enable = true;
+    # nufmt.enable = true;
     ruff-check.enable = true;
     ruff-format.enable = true;
     rustfmt.enable = true;