mjallen/nix-config
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

nixfmt

Browse Source
This commit is contained in:
mjallen18
2025-07-24 11:06:08 -05:00
parent f05972d6ae
commit 3d213c8769
164 changed files with 1777 additions and 1257 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
checks/pre-commit-hooks/default.nix
View File

@@ -1,6 +1,7 @@
{
inputs,
pkgs,
lib,
...
}:
let
@@ -11,8 +12,8 @@ pre-commit-hooks-nix.lib.${pkgs.system}.run {
hooks = {
pre-commit-hook-ensure-sops.enable = true;
treefmt = {
enable = true;
settings.fail-on-change = false;
enable = lib.mkForce true;
settings.fail-on-change = lib.mkForce false;
packageOverrides.treefmt = inputs.treefmt-nix.lib.mkWrapper pkgs ../../treefmt.nix;
};
};

3
flake.nix
View File

@@ -84,7 +84,8 @@
};
# We will handle this in the next section.
outputs = inputs:
outputs =
inputs:
inputs.snowfall-lib.mkFlake {
# You must provide our flake inputs to Snowfall Lib.
inherit inputs;

7
homes/aarch64-darwin/mattjallen@macbook-pro/default.nix
View File

@@ -1,4 +1,9 @@
{ lib, pkgs, home, ... }:
{
lib,
pkgs,
home,
...
}:
let
shellAliases = {
update-switch = "darwin-rebuild switch --flake ~/nix-config";

1
homes/aarch64-linux/matt@macbook-pro-nixos/default.nix
View File

@@ -41,7 +41,6 @@ in
"name:steam, monitor:${display.input}, default:false, special, class:(.*[Ss]team.*)"
];
windowRule = [
"size 2160 3356, tag:horizonrdp"
];

8
homes/aarch64-linux/matt@pi5/default.nix
View File

@@ -1,4 +1,10 @@
{ pkgs, lib, config, namespace, ... }:
{
pkgs,
lib,
config,
namespace,
...
}:
let
shellAliases = {
update-boot = "sudo nixos-rebuild boot --max-jobs 10 --build-host admin@10.0.1.3";

10
homes/x86_64-linux/deck@steamdeck/default.nix
View File

@@ -44,7 +44,15 @@ in
enable = true;
package = pkgs.dolphin-emu;
romFolder = "gc";
fileTypes = [ ".iso" ".ISO" ".gcm" ".GCM" ".ciso" ".CISO" "rvz" ];
fileTypes = [
".iso"
".ISO"
".gcm"
".GCM"
".ciso"
".CISO"
"rvz"
];
extraArgs = "-b -e \"\${filePath}\"";
};

7
modules/home/desktop/gnome/default.nix
View File

@@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
cfg = config.mjallen.desktop.gnome;
in

13
modules/home/desktop/hyprland/default.nix
View File

@@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
with lib;
let
cfg = config.mjallen.desktop.hyprland;
@@ -390,14 +395,16 @@ in
};
};
extraConfig = ''
extraConfig =
''
exec-once = dbus-update-activation-environment --systemd --all
exec-once = systemctl --user import-environment WAYLAND_DISPLAY XDG_CURRENT_DESKTOP
exec-once = /usr/lib/polkit-gnome/polkit-gnome-authentication-agent-1
exec-once = xhost +SI:localuser:root
exec-once = nwg-look -a
exec-once = nwg-dock-hyprland -d
'' + cfg.extraConfig or '''';
''
+ cfg.extraConfig or '''';
};
};
}

40
modules/home/desktop/hyprland/options.nix
View File

@@ -92,14 +92,38 @@ with lib;
defaultApps = mkOption {
type = types.submodule {
options = {
browser = mkOption { type = types.package; default = pkgs.firefox; };
editor = mkOption { type = types.package; default = pkgs.micro; };
fileExplorer = mkOption { type = types.package; default = pkgs.nemo; };
visual = mkOption { type = types.package; default = pkgs.vscodium; };
terminal = mkOption { type = types.package; default = pkgs.kitty; };
office = mkOption { type = types.package; default = pkgs.onlyoffice-bin_latest; };
video = mkOption { type = types.package; default = pkgs.vlc; };
imageViewer = mkOption { type = types.package; default = pkgs.nomacs; };
browser = mkOption {
type = types.package;
default = pkgs.firefox;
};
editor = mkOption {
type = types.package;
default = pkgs.micro;
};
fileExplorer = mkOption {
type = types.package;
default = pkgs.nemo;
};
visual = mkOption {
type = types.package;
default = pkgs.vscodium;
};
terminal = mkOption {
type = types.package;
default = pkgs.kitty;
};
office = mkOption {
type = types.package;
default = pkgs.onlyoffice-bin_latest;
};
video = mkOption {
type = types.package;
default = pkgs.vlc;
};
imageViewer = mkOption {
type = types.package;
default = pkgs.nomacs;
};
};
};
description = "Default applications used across the system.";

7
modules/home/desktop/hyprland/packages.nix
View File

@@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
with lib;
let
cfg = config.mjallen.desktop.hyprland;

7
modules/home/desktop/hyprland/services/hypridle/default.nix
View File

@@ -1,4 +1,9 @@
{ config, lib, namespace, ... }:
{
config,
lib,
namespace,
...
}:
let
cfg = config.${namespace}.desktop.hyprland;
in

7
modules/home/desktop/hyprland/services/hyprlock/default.nix
View File

@@ -1,4 +1,9 @@
{ config, lib, namespace, ... }:
{
config,
lib,
namespace,
...
}:
let
cfg = config.${namespace}.desktop.hyprland;
in

7
modules/home/desktop/hyprland/services/hyprpaper/default.nix
View File

@@ -1,4 +1,9 @@
{ config, lib, namespace, ... }:
{
config,
lib,
namespace,
...
}:
let
cfg = config.${namespace}.desktop.hyprland;
in

7
modules/home/desktop/hyprland/theme.nix
View File

@@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
with lib;
let
cfg = config.mjallen.desktop.hyprland;

7
modules/home/home/default.nix
View File

@@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
{
home = {
enableNixpkgsReleaseCheck = lib.mkDefault false;

22
modules/home/programs/code/default.nix
View File

@@ -1,4 +1,10 @@
{ config, lib, pkgs, system, ... }:
{
config,
lib,
pkgs,
system,
...
}:
let
isArm = "aarch64-linux" == system;
open-remote-ssh = pkgs.vscode-utils.buildVscodeExtension {
@@ -27,7 +33,9 @@ in
default = {
enableUpdateCheck = false;
enableExtensionUpdateCheck = false;
extensions = with pkgs; [
extensions =
with pkgs;
[
vscode-extensions.arrterian.nix-env-selector
vscode-extensions.bbenoist.nix
vscode-extensions.brettm12345.nixfmt-vscode
@@ -45,7 +53,9 @@ in
# open-remote-ssh
# nix-vscode-extensions.open-vsx.jeanp413.open-remote-ssh
# open-vsx.jeanp413.open-remote-ssh
] ++ ( if !isArm then x86_only else [ ] ) ++ pkgs.vscode-utils.extensionsFromVscodeMarketplace [
]
++ (if !isArm then x86_only else [ ])
++ pkgs.vscode-utils.extensionsFromVscodeMarketplace [
{
name = "copilot-mcp";
publisher = "automatalabs";
@@ -110,10 +120,12 @@ in
# You can write arbitary Nix expressions here, to produce valid "options" declaration result.
# Tip: for flake-based configuration, utilize `builtins.getFlake`
"nixos" = {
"expr" = "(builtins.getFlake \"${config.home.homeDirectory}/nix-config\").nixosConfigurations.<name>.options";
"expr" =
"(builtins.getFlake \"${config.home.homeDirectory}/nix-config\").nixosConfigurations.<name>.options";
};
"home-manager" = {
"expr" = "(builtins.getFlake \"${config.home.homeDirectory}/nix-config\").homeConfigurations.<name>.options";
"expr" =
"(builtins.getFlake \"${config.home.homeDirectory}/nix-config\").homeConfigurations.<name>.options";
};
# # Tip: use ${workspaceFolder} variable to define path
# "nix-darwin" = {

3
modules/home/programs/librewolf/default.nix
View File

@@ -36,7 +36,8 @@
"browser.newtabpage.activity-stream.topSitesRows" = 3; # Set number of rows for top sites on new tab page
"layout.css.light-dark.enabled" = true; # Enable light/dark theme support
"extensions.activeThemeID" = "default-theme@mozilla.org"; # Set active theme
"extensions.webextensions.uuids" = "{\"formautofill@mozilla.org\" =\"851c83b7-26d5-449c-8cc9-d8951a0ce78d\",\"pictureinpicture@mozilla.org\" =\"42fa2650-5134-4bef-bafa-b73f9ae51bad\",\"screenshots@mozilla.org\" =\"efd2b692-43c4-433a-aea5-0cb79f8312d4\",\"webcompat-reporter@mozilla.org\" =\"c43a6be2-fb56-4253-b384-ce8e09a89999\",\"webcompat@mozilla.org\" =\"e25fd1bb-7c53-413f-9528-bb922c322a56\",\"default-theme@mozilla.org\" =\"610b67c3-9145-46f7-814f-d8ee2cc8edff\",\"addons-search-detection@mozilla.com\:\"caedb3ca-5cf5-4e23-a251-d742f23e6fc8\",\"uBlock0@raymondhill.net\" =\"7e7d9fd9-12bf-42d3-9c7c-9ffd05420ec7\",\"78272b6fa58f4a1abaac99321d503a20@proton.me\" =\"7242a067-06d8-430b-94a3-00d264cdd57b\",\"addon@darkreader.org\" =\"2f02b112-6acd-4bdc-af2c-1432eb527339\",\"jid1-xUfzOsOFlzSOXg@jetpack\" =\"d0c72046-9903-4118-8160-a028840bf928\",\"chrome-gnome-shell@gnome.org\" =\"a1ab53e6-b765-4f25-8349-383cc04682a0\",\"user-agent-switcher@ninetailed.ninja\" =\"259d07cc-bb32-4ed5-b90f-6d73abdeb7bb\",\"firefoxdav@icloud.com\" =\"110e6e2c-18f8-461d-9f26-b8f04482b6f1\",\"ciscowebexstart1@cisco.com\" =\"a4062240-e73a-4353-bddb-d608d84881f7\",\"{a6c4a591-f1b2-4f03-b3ff-767e5bedf4e7}\" =\"9164e437-812b-4a07-8dfd-2fd73b39329b\",\"{036a55b4-5e72-4d05-a06c-cba2dfcc134a}\" =\"648fc678-a6fb-47cd-9792-fb9520678c17\",\"{446900e4-71c2-419f-a6a7-df9c091e268b}\" =\"f0b43422-070e-466e-85c9-6543f209f075\",\"jid1-MnnxcxisBPnSXQ@jetpack\" =\"4c448202-c843-4cae-b5c3-d11f2da58fa3\",\"soundfixer@unrelenting.technology\" =\"59b35eb8-1c85-4919-a905-80d120993ddc\",\"floccus@handmadeideas.org\" =\"8ad2956c-8091-41af-a689-7d2108f5958d\",\"{79b9dbcf-cc5a-4cda-89ef-c4ab097eb074}\" =\"c2a223a7-32e0-4726-9f20-17236702b1f5\",\"linkgopher@oooninja.com\" =\"a257858c-0dce-415b-b123-6222876cf843\"}";
"extensions.webextensions.uuids" =
"{\"formautofill@mozilla.org\" =\"851c83b7-26d5-449c-8cc9-d8951a0ce78d\",\"pictureinpicture@mozilla.org\" =\"42fa2650-5134-4bef-bafa-b73f9ae51bad\",\"screenshots@mozilla.org\" =\"efd2b692-43c4-433a-aea5-0cb79f8312d4\",\"webcompat-reporter@mozilla.org\" =\"c43a6be2-fb56-4253-b384-ce8e09a89999\",\"webcompat@mozilla.org\" =\"e25fd1bb-7c53-413f-9528-bb922c322a56\",\"default-theme@mozilla.org\" =\"610b67c3-9145-46f7-814f-d8ee2cc8edff\",\"addons-search-detection@mozilla.com\:\"caedb3ca-5cf5-4e23-a251-d742f23e6fc8\",\"uBlock0@raymondhill.net\" =\"7e7d9fd9-12bf-42d3-9c7c-9ffd05420ec7\",\"78272b6fa58f4a1abaac99321d503a20@proton.me\" =\"7242a067-06d8-430b-94a3-00d264cdd57b\",\"addon@darkreader.org\" =\"2f02b112-6acd-4bdc-af2c-1432eb527339\",\"jid1-xUfzOsOFlzSOXg@jetpack\" =\"d0c72046-9903-4118-8160-a028840bf928\",\"chrome-gnome-shell@gnome.org\" =\"a1ab53e6-b765-4f25-8349-383cc04682a0\",\"user-agent-switcher@ninetailed.ninja\" =\"259d07cc-bb32-4ed5-b90f-6d73abdeb7bb\",\"firefoxdav@icloud.com\" =\"110e6e2c-18f8-461d-9f26-b8f04482b6f1\",\"ciscowebexstart1@cisco.com\" =\"a4062240-e73a-4353-bddb-d608d84881f7\",\"{a6c4a591-f1b2-4f03-b3ff-767e5bedf4e7}\" =\"9164e437-812b-4a07-8dfd-2fd73b39329b\",\"{036a55b4-5e72-4d05-a06c-cba2dfcc134a}\" =\"648fc678-a6fb-47cd-9792-fb9520678c17\",\"{446900e4-71c2-419f-a6a7-df9c091e268b}\" =\"f0b43422-070e-466e-85c9-6543f209f075\",\"jid1-MnnxcxisBPnSXQ@jetpack\" =\"4c448202-c843-4cae-b5c3-d11f2da58fa3\",\"soundfixer@unrelenting.technology\" =\"59b35eb8-1c85-4919-a905-80d120993ddc\",\"floccus@handmadeideas.org\" =\"8ad2956c-8091-41af-a689-7d2108f5958d\",\"{79b9dbcf-cc5a-4cda-89ef-c4ab097eb074}\" =\"c2a223a7-32e0-4726-9f20-17236702b1f5\",\"linkgopher@oooninja.com\" =\"a257858c-0dce-415b-b123-6222876cf843\"}";
};
};
}

7
modules/home/programs/nwg-dock/default.nix
View File

@@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
with lib;
let
cfg = config.mjallen.programs.nwg-dock;

7
modules/home/programs/nwg-drawer/default.nix
View File

@@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
with lib;
let
cfg = config.mjallen.programs.nwg-drawer;

40
modules/home/programs/nwg-panel/options.nix
View File

@@ -7,14 +7,38 @@ with lib;
defaultApps = mkOption {
type = types.submodule {
options = {
browser = mkOption { type = types.package; default = pkgs.firefox; };
editor = mkOption { type = types.package; default = pkgs.micro; };
fileExplorer = mkOption { type = types.package; default = pkgs.nemo; };
visual = mkOption { type = types.package; default = pkgs.vscodium; };
terminal = mkOption { type = types.package; default = pkgs.kitty; };
office = mkOption { type = types.package; default = pkgs.onlyoffice-bin_latest; };
video = mkOption { type = types.package; default = pkgs.vlc; };
imageViewer = mkOption { type = types.package; default = pkgs.gnome-photos; };
browser = mkOption {
type = types.package;
default = pkgs.firefox;
};
editor = mkOption {
type = types.package;
default = pkgs.micro;
};
fileExplorer = mkOption {
type = types.package;
default = pkgs.nemo;
};
visual = mkOption {
type = types.package;
default = pkgs.vscodium;
};
terminal = mkOption {
type = types.package;
default = pkgs.kitty;
};
office = mkOption {
type = types.package;
default = pkgs.onlyoffice-bin_latest;
};
video = mkOption {
type = types.package;
default = pkgs.vlc;
};
imageViewer = mkOption {
type = types.package;
default = pkgs.gnome-photos;
};
};
};
description = "Default applications used across the system.";

6
modules/home/programs/waybar/default.nix
View File

@@ -296,7 +296,8 @@ in
# * { font-size: 13px; }
# window.eDP-1 * { font-size: 10px; }
style = ''
style =
''
.blink_me {
animation: blinker 1s linear infinite;
}
@@ -528,7 +529,8 @@ in
}
/* ------------- */
'' + cfg.extraModulesStyle or '''';
''
+ cfg.extraModulesStyle or '''';
};
};
}

8
modules/home/programs/waybar/scripts/hass.nix
View File

@@ -1,4 +1,10 @@
{ config, lib, namespace, pkgs, ... }:
{
config,
lib,
namespace,
pkgs,
...
}:
let
cfg = config.mjallen.programs.waybar;

7
modules/home/programs/waybar/scripts/weather.nix
View File

@@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
cfg = config.mjallen.programs.waybar;

7
modules/home/sops/default.nix
View File

@@ -1,4 +1,9 @@
{ config, lib, namespace, ... }:
{
config,
lib,
namespace,
...
}:
let
cfg = config.mjallen.sops;

12
modules/nixos/actual/default.nix
View File

@@ -1,4 +1,9 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}:
with lib;
let
cfg = config.nas-apps.actual;
@@ -24,7 +29,8 @@ in
};
};
config = { lib, ... }:
config =
{ lib, ... }:
{
services.actual = {
enable = true;
@@ -69,7 +75,7 @@ in
ExecStart = lib.mkForce "${pkgs.actual-server}/bin/actual-server --config ${dataDir}/config.json";
WorkingDirectory = lib.mkForce dataDir;
StateDirectory = lib.mkForce dataDir;
StateDirectoryMode = lib.mkForce 0700;
StateDirectoryMode = lib.mkForce 700;
DynamicUser = lib.mkForce false;
ProtectSystem = lib.mkForce null;
};

22
modules/nixos/arrs/default.nix
View File

@@ -40,7 +40,9 @@ in
{
nixpkgs.config = {
allowUnfree = lib.mkForce true;
allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
allowUnfreePredicate =
pkg:
builtins.elem (lib.getName pkg) [
"unrar"
];
};
@@ -232,8 +234,22 @@ in
];
};
firewall = {
allowedTCPPorts = [ cfg.radarr.port cfg.sonarr.port cfg.sabnzbd.port 8080 cfg.deluge.port cfg.jackett.port ];
allowedUDPPorts = [ cfg.radarr.port cfg.sonarr.port cfg.sabnzbd.port 8080 cfg.deluge.port cfg.jackett.port ];
allowedTCPPorts = [
cfg.radarr.port
cfg.sonarr.port
cfg.sabnzbd.port
8080
cfg.deluge.port
cfg.jackett.port
];
allowedUDPPorts = [
cfg.radarr.port
cfg.sonarr.port
cfg.sabnzbd.port
8080
cfg.deluge.port
cfg.jackett.port
];
};
};
};

7
modules/nixos/boot/default.nix
View File

@@ -1,4 +1,9 @@
{ pkgs, system, lib, ... }:
{
pkgs,
system,
lib,
...
}:
let
isArm = ("aarch64-linux" == system);
in

7
modules/nixos/boot/lanzaboote/default.nix
View File

@@ -1,4 +1,9 @@
{ config, lib, namespace, ... }:
{
config,
lib,
namespace,
...
}:
with lib;
let
cfg = config.${namespace}.bootloader.lanzaboote;

19
modules/nixos/crowdsec/default.nix
View File

@@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
with lib;
let
cfg = config.nas-apps.crowdsec;
@@ -7,14 +12,16 @@ in
imports = [ ./options.nix ];
config = lib.mkIf cfg.enable {
services = {
crowdsec = let
crowdsec =
let
yaml = (pkgs.formats.yaml { }).generate;
acquisitions_file = yaml "acquisitions.yaml" {
source = "journalctl";
journalctl_filter = [ "_SYSTEMD_UNIT=sshd.service" ];
labels.type = "syslog";
};
in {
in
{
enable = true;
enrollKeyFile = "${cfg.dataDir}/enroll.key";
settings = {
@@ -35,7 +42,8 @@ in
};
systemd.services.crowdsec.serviceConfig = {
ExecStartPre = let
ExecStartPre =
let
script = pkgs.writeScriptBin "register-bouncer" ''
#!${pkgs.runtimeShell}
set -eu
@@ -45,7 +53,8 @@ in
cscli bouncers add "nas-bouncer" --key "${cfg.apiKey}"
fi
'';
in ["${script}/bin/register-bouncer"];
in
[ "${script}/bin/register-bouncer" ];
};
networking = {

7
modules/nixos/desktop/cosmic/default.nix
View File

@@ -1,4 +1,9 @@
{ config, lib, namespace, ... }:
{
config,
lib,
namespace,
...
}:
let
cfg = config.${namespace}.desktop.cosmic;
in

8
modules/nixos/desktop/gnome/default.nix
View File

@@ -1,4 +1,10 @@
{ config, lib, pkgs, namespace, ... }:
{
config,
lib,
pkgs,
namespace,
...
}:
let
cfg = config.${namespace}.desktop.gnome;
in

13
modules/nixos/desktop/hyprland/default.nix
View File

@@ -1,4 +1,10 @@
{ config, pkgs, lib, namespace, ... }:
{
config,
pkgs,
lib,
namespace,
...
}:
let
cfg = config.${namespace}.desktop.hyprland;
@@ -26,7 +32,10 @@ in
imports = [ ../../../home/desktop/hyprland/options.nix ];
config = lib.mkIf cfg.enable {
environment.systemPackages = [ bing-wallpaper pkgs.jq ];
environment.systemPackages = [
bing-wallpaper
pkgs.jq
];
services = {
displayManager = {

7
modules/nixos/disko/aarch64-linux/default.nix
View File

@@ -1,4 +1,9 @@
{ config, lib, system, ... }:
{
config,
lib,
system,
...
}:
let
isArm = builtins.match "aarch64*" system != null;
rootDisk = "/dev/nvme0n1";

8
modules/nixos/disko/x86_64-linux/default.nix
View File

@@ -1,4 +1,10 @@
{ config, lib, system, namespace, ... }:
{
config,
lib,
system,
namespace,
...
}:
let
cfg = config.${namespace}.hardware.disko;
isArm = builtins.match "aarch64*" system != null;

7
modules/nixos/fonts/default.nix
View File

@@ -1,11 +1,14 @@
{ lib, pkgs, ... }:
{
fonts.packages = with pkgs; [
fonts.packages =
with pkgs;
[
font-awesome
noto-fonts
noto-fonts-color-emoji
meslo-lgs-nf
] ++ builtins.filter lib.attrsets.isDerivation (builtins.attrValues pkgs.nerd-fonts);
]
++ builtins.filter lib.attrsets.isDerivation (builtins.attrValues pkgs.nerd-fonts);
fonts.fontconfig.defaultFonts = {
emoji = [

7
modules/nixos/gaming/default.nix
View File

@@ -1,4 +1,9 @@
{ lib, config, pkgs, ... }:
{
lib,
config,
pkgs,
...
}:
let
cfg = config.share.gaming;
pkgsVersion = pkgs; # .unstable;

18
modules/nixos/gitea/default.nix
View File

@@ -34,7 +34,8 @@ in
};
};
config = { lib, ... }:
config =
{ lib, ... }:
{
services.gitea = {
enable = true;
@@ -71,7 +72,10 @@ in
networking = {
firewall = {
enable = true;
allowedTCPPorts = [ cfg.httpPort cfg.sshPort ];
allowedTCPPorts = [
cfg.httpPort
cfg.sshPort
];
};
# Use systemd-resolved inside the container
# Workaround for bug https://github.com/NixOS/nixpkgs/issues/162686
@@ -122,8 +126,14 @@ in
];
};
firewall = {
allowedTCPPorts = [ cfg.httpPort cfg.sshPort ];
allowedUDPPorts = [ cfg.httpPort cfg.sshPort ];
allowedTCPPorts = [
cfg.httpPort
cfg.sshPort
];
allowedUDPPorts = [
cfg.httpPort
cfg.sshPort
];
};
};
};

11
modules/nixos/home/default.nix
View File

@@ -51,12 +51,17 @@ in
};
# Make ALL external HM modules available globally
sharedModules = with inputs; [
sharedModules =
with inputs;
[
sops-nix.homeManagerModules.sops
# Add any other external HM modules here
] ++ (if (!isArm) then with inputs; [ steam-rom-manager.homeManagerModules.default ] else [ ]);
]
++ (if (!isArm) then with inputs; [ steam-rom-manager.homeManagerModules.default ] else [ ]);
users.${config.${namespace}.user.name} = lib.mkAliasDefinitions options.${namespace}.home.extraOptions;
users.${config.${namespace}.user.name} =
lib.mkAliasDefinitions
options.${namespace}.home.extraOptions;
# users.admin = lib.mkAliasDefinitions options.${namespace}.home.extraOptions;
verbose = true;

17
modules/nixos/homeassistant/default.nix
View File

@@ -1,4 +1,10 @@
{ config, lib, pkgs, namespace, ... }:
{
config,
lib,
pkgs,
namespace,
...
}:
let
cfg = config.${namespace}.services.home-assistant;
mosquittoPort = 1883;
@@ -106,7 +112,8 @@ in
zigbee2mqtt-networkmap
];
# use postgresql instead of sqlite
extraPackages = ps: with ps; [
extraPackages =
ps: with ps; [
# Core functionality
aiohttp
aiodns
@@ -262,10 +269,12 @@ in
postgresql = {
enable = true;
ensureDatabases = [ "hass" ];
ensureUsers = [{
ensureUsers = [
{
name = "hass";
ensureDBOwnership = true;
}];
}
];
};
# Enable and configure Mosquitto MQTT broker

7
modules/nixos/immich/default.nix
View File

@@ -1,4 +1,9 @@
{ config, lib, namespace, ... }:
{
config,
lib,
namespace,
...
}:
with lib;
let
cfg = config.${namespace}.services.immich;

7
modules/nixos/jellyfin/default.nix
View File

@@ -1,4 +1,9 @@
{ config, lib, namespace, ... }:
{
config,
lib,
namespace,
...
}:
with lib;
let
cfg = config.${namespace}.services.jellyfin;

7
modules/nixos/jellyseerr/default.nix
View File

@@ -1,4 +1,9 @@
{ config, lib, namespace, ... }:
{
config,
lib,
namespace,
...
}:
with lib;
let
cfg = config.${namespace}.services.jellyseerr;

7
modules/nixos/lubelogger/default.nix
View File

@@ -1,4 +1,9 @@
{ config, lib, namespace, ... }:
{
config,
lib,
namespace,
...
}:
with lib;
let
cfg = config.${namespace}.services.lubelogger;

8
modules/nixos/network/default.nix
View File

@@ -56,8 +56,8 @@ in
id = "Joey's Jungle 6G";
type = "wifi";
};
ipv4 = if (cfg.ipv4.method == "auto")
then
ipv4 =
if (cfg.ipv4.method == "auto") then
{
method = "auto";
}
@@ -87,8 +87,8 @@ in
id = "Joey's Jungle 5G";
type = "wifi";
};
ipv4 = if (cfg.ipv4.method == "auto")
then
ipv4 =
if (cfg.ipv4.method == "auto") then
{
method = "auto";
}

15
modules/nixos/nextcloud/default.nix
View File

@@ -1,4 +1,10 @@
{ config, lib, pkgs, namespace, ... }:
{
config,
lib,
pkgs,
namespace,
...
}:
with lib;
let
cfg = config.${namespace}.services.nextcloud;
@@ -60,7 +66,12 @@ in
};
config =
{ pkgs, lib, namespace, ... }:
{
pkgs,
lib,
namespace,
...
}:
{
nixpkgs.config.allowUnfree = true;
networking.extraHosts = ''

8
modules/nixos/ollama/default.nix
View File

@@ -1,4 +1,10 @@
{ config, lib, pkgs, namespace, ... }:
{
config,
lib,
pkgs,
namespace,
...
}:
with lib;
let
cfg = config.${namespace}.services.ollama;

7
modules/nixos/paperless/default.nix
View File

@@ -1,4 +1,9 @@
{ config, lib, namespace, ... }:
{
config,
lib,
namespace,
...
}:
with lib;
let
cfg = config.${namespace}.services.paperless;

83
modules/nixos/traefik/default.nix
View File

@@ -1,4 +1,9 @@
{ config, lib, namespace, ... }:
{
config,
lib,
namespace,
...
}:
with lib;
let
cfg = config.${namespace}.services.traefik;
@@ -76,7 +81,9 @@ in
"traefik.env" = {
content = ''
CLOUDFLARE_DNS_API_TOKEN = ${config.sops.placeholder."jallen-nas/traefik/cloudflare-dns-api-token"}
CLOUDFLARE_ZONE_API_TOKEN = ${config.sops.placeholder."jallen-nas/traefik/cloudflare-zone-api-token"}
CLOUDFLARE_ZONE_API_TOKEN = ${
config.sops.placeholder."jallen-nas/traefik/cloudflare-zone-api-token"
}
CLOUDFLARE_API_KEY = ${config.sops.placeholder."jallen-nas/traefik/cloudflare-api-key"}
CLOUDFLARE_EMAIL = ${config.sops.placeholder."jallen-nas/traefik/cloudflare-email"}
'';
@@ -129,7 +136,12 @@ in
entryPoint = "metrics";
addEntryPointsLabels = true;
addServicesLabels = true;
buckets = [0.1 0.3 1.2 5.0]; # Response time buckets
buckets = [
0.1
0.3
1.2
5.0
]; # Response time buckets
};
};
@@ -215,8 +227,7 @@ in
};
};
};
internal-ipallowlist =
{
internal-ipallowlist = {
ipAllowList = {
sourceRange = [
"127.0.0.1/32"
@@ -305,7 +316,10 @@ in
entryPoints = [ "websecure" ];
rule = "HostRegexp(`{subdomain:[a-z]+}.mjallen.dev`) && PathPrefix(`/outpost.goauthentik.io/`)";
service = "auth";
middlewares = [ "crowdsec" "whitelist-geoblock" ];
middlewares = [
"crowdsec"
"whitelist-geoblock"
];
priority = 15;
tls.certResolver = "letsencrypt";
};
@@ -314,21 +328,30 @@ in
entryPoints = [ "websecure" ];
rule = "Host(`actual.${domain}`)";
service = "actual";
middlewares = [ "crowdsec" "whitelist-geoblock" ];
middlewares = [
"crowdsec"
"whitelist-geoblock"
];
tls.certResolver = "letsencrypt";
};
authentik = {
entryPoints = [ "websecure" ];
rule = "Host(`authentik.${domain}`)";
service = "authentik";
middlewares = [ "crowdsec" "whitelist-geoblock" ];
middlewares = [
"crowdsec"
"whitelist-geoblock"
];
tls.certResolver = "letsencrypt";
};
cache = {
entryPoints = [ "websecure" ];
rule = "Host(`cache.${domain}`)";
service = "cache";
middlewares = [ "crowdsec" "whitelist-geoblock" ];
middlewares = [
"crowdsec"
"whitelist-geoblock"
];
priority = 10;
tls.certResolver = "letsencrypt";
};
@@ -336,21 +359,31 @@ in
entryPoints = [ "websecure" ];
rule = "Host(`cloud.${domain}`)";
service = "cloud";
middlewares = [ "crowdsec" "whitelist-geoblock" ];
middlewares = [
"crowdsec"
"whitelist-geoblock"
];
tls.certResolver = "letsencrypt";
};
gitea = {
entryPoints = [ "websecure" ];
rule = "Host(`gitea.${domain}`)";
service = "gitea";
middlewares = [ "crowdsec" "whitelist-geoblock" ];
middlewares = [
"crowdsec"
"whitelist-geoblock"
];
tls.certResolver = "letsencrypt";
};
hass = {
entryPoints = [ "websecure" ];
rule = "Host(`hass.${domain}`)";
service = "hass";
middlewares = [ "crowdsec" "whitelist-geoblock" "authentik" ];
middlewares = [
"crowdsec"
"whitelist-geoblock"
"authentik"
];
priority = 10;
tls.certResolver = "letsencrypt";
};
@@ -358,35 +391,51 @@ in
entryPoints = [ "websecure" ];
rule = "Host(`immich.${domain}`)";
service = "immich";
middlewares = [ "crowdsec" "whitelist-geoblock" ];
middlewares = [
"crowdsec"
"whitelist-geoblock"
];
tls.certResolver = "letsencrypt";
};
jellyfin = {
entryPoints = [ "websecure" ];
rule = "Host(`jellyfin.${domain}`)";
service = "jellyfin";
middlewares = [ "crowdsec" "whitelist-geoblock" ];
middlewares = [
"crowdsec"
"whitelist-geoblock"
];
tls.certResolver = "letsencrypt";
};
jellyseerr = {
entryPoints = [ "websecure" ];
rule = "Host(`jellyseerr.${domain}`)";
service = "jellyseerr";
middlewares = [ "crowdsec" "whitelist-geoblock" ];
middlewares = [
"crowdsec"
"whitelist-geoblock"
];
tls.certResolver = "letsencrypt";
};
lubelogger = {
entryPoints = [ "websecure" ];
rule = "Host(`lubelogger.${domain}`)";
service = "lubelogger";
middlewares = [ "crowdsec" "whitelist-geoblock" ];
middlewares = [
"crowdsec"
"whitelist-geoblock"
];
tls.certResolver = "letsencrypt";
};
onlyoffice = {
entryPoints = [ "websecure" ];
rule = "Host(`office.${domain}`)";
service = "onlyoffice";
middlewares = [ "crowdsec" "whitelist-geoblock" "onlyoffice-websocket" ];
middlewares = [
"crowdsec"
"whitelist-geoblock"
"onlyoffice-websocket"
];
tls.certResolver = "letsencrypt";
};
};

7
modules/nixos/wyoming/default.nix
View File

@@ -1,4 +1,9 @@
{ config, lib, namespace, ... }:
{
config,
lib,
namespace,
...
}:
with lib;
let
cfg = config.${namespace}.services.wyoming;

7
packages/ha-anycubic/default.nix
View File

@@ -1,4 +1,9 @@
{ buildHomeAssistantComponent, pkgs, namespace, ... }:
{
buildHomeAssistantComponent,
pkgs,
namespace,
...
}:
buildHomeAssistantComponent rec {
owner = "adamoutler";
domain = "anycubic_wifi";

7
packages/ha-bambulab/default.nix
View File

@@ -1,4 +1,9 @@
{ buildHomeAssistantComponent, python3Packages, fetchFromGitHub, ... }:
{
buildHomeAssistantComponent,
python3Packages,
fetchFromGitHub,
...
}:
buildHomeAssistantComponent rec {
owner = "greghesp";
domain = "bambu_lab";

8
packages/ha-gehome/default.nix
View File

@@ -1,4 +1,10 @@
{ buildHomeAssistantComponent, fetchFromGitHub, python3Packages, namespace, ... }:
{
buildHomeAssistantComponent,
fetchFromGitHub,
python3Packages,
namespace,
...
}:
buildHomeAssistantComponent rec {
owner = "simbaja";
domain = "ge_home";

7
packages/ha-icloud3/default.nix
View File

@@ -1,4 +1,9 @@
{ buildHomeAssistantComponent, fetchFromGitHub, python3Packages, ... }:
{
buildHomeAssistantComponent,
fetchFromGitHub,
python3Packages,
...
}:
buildHomeAssistantComponent rec {
owner = "gcobb321";
domain = "icloud3";

7
packages/ha-mail-and-packages/default.nix
View File

@@ -1,4 +1,9 @@
{ buildHomeAssistantComponent, fetchFromGitHub, python3Packages, ... }:
{
buildHomeAssistantComponent,
fetchFromGitHub,
python3Packages,
...
}:
buildHomeAssistantComponent rec {
owner = "moralmunky";
domain = "mail_and_packages";

8
packages/ha-nanokvm/default.nix
View File

@@ -1,4 +1,10 @@
{ buildHomeAssistantComponent, fetchFromGitHub, pkgs, namespace, ... }:
{
buildHomeAssistantComponent,
fetchFromGitHub,
pkgs,
namespace,
...
}:
buildHomeAssistantComponent rec {
owner = "Wouter0100";
domain = "nanokvm";

8
packages/ha-overseerr/default.nix
View File

@@ -1,4 +1,10 @@
{ buildHomeAssistantComponent, fetchFromGitHub, pkgs, namespace, ... }:
{
buildHomeAssistantComponent,
fetchFromGitHub,
pkgs,
namespace,
...
}:
buildHomeAssistantComponent rec {
owner = "vaparr";
domain = "overseerr";

8
packages/ha-wyzeapi/default.nix
View File

@@ -1,4 +1,10 @@
{ buildHomeAssistantComponent, fetchFromGitHub, pkgs, namespace, ... }:
{
buildHomeAssistantComponent,
fetchFromGitHub,
pkgs,
namespace,
...
}:
buildHomeAssistantComponent rec {
owner = "SecKatie";
domain = "wyzeapi";

5
packages/homeassistant-api/default.nix
View File

@@ -10,7 +10,10 @@ python3Packages.buildPythonPackage rec {
# do not run tests
doCheck = false;
nativeBuildInputs = with python3Packages; [ poetry-core requests-cache ];
nativeBuildInputs = with python3Packages; [
poetry-core
requests-cache
];
dependencies = with python3Packages; [
requests-cache
pydantic

7
packages/magicattr/default.nix
View File

@@ -1,4 +1,9 @@
{ lib, python3Packages, fetchFromGitHub, ... }:
{
lib,
python3Packages,
fetchFromGitHub,
...
}:
python3Packages.buildPythonPackage rec {
pname = "magicattr";

7
systems/aarch64-darwin/macbook-pro/default.nix
View File

@@ -1,4 +1,9 @@
{ config, inputs, pkgs, ... }:
{
config,
inputs,
pkgs,
...
}:
{
imports = [
./nix.nix

1
systems/aarch64-linux/macbook-pro-nixos/default.nix
View File

@@ -52,7 +52,6 @@ in
"name:steam, monitor:${display.input}, default:false, special, class:(.*[Ss]team.*)"
];
windowRule = [
"size 2160 3356, tag:horizonrdp"
];

81
systems/aarch64-linux/macbook-pro-nixos/hardware-configuration.nix
View File

@@ -4,60 +4,89 @@
{ lib, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "uas" "sdhci_pci" ];
boot.initrd.availableKernelModules = [
"uas"
"sdhci_pci"
];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "none";
fileSystems."/" = {
device = "none";
fsType = "tmpfs";
};
fileSystems."/root" =
{ device = "/dev/disk/by-uuid/adcc14fa-8bf7-4b4b-a9e4-b038993b96cc";
fileSystems."/root" = {
device = "/dev/disk/by-uuid/adcc14fa-8bf7-4b4b-a9e4-b038993b96cc";
fsType = "btrfs";
options = [ "compress=zstd" "noatime" "subvol=root" ];
options = [
"compress=zstd"
"noatime"
"subvol=root"
];
};
fileSystems."/etc" =
{ device = "/dev/disk/by-uuid/adcc14fa-8bf7-4b4b-a9e4-b038993b96cc";
fileSystems."/etc" = {
device = "/dev/disk/by-uuid/adcc14fa-8bf7-4b4b-a9e4-b038993b96cc";
fsType = "btrfs";
options = [ "compress=zstd" "noatime" "subvol=etc" ];
options = [
"compress=zstd"
"noatime"
"subvol=etc"
];
};
fileSystems."/tmp" =
{ device = "/dev/disk/by-uuid/adcc14fa-8bf7-4b4b-a9e4-b038993b96cc";
fileSystems."/tmp" = {
device = "/dev/disk/by-uuid/adcc14fa-8bf7-4b4b-a9e4-b038993b96cc";
fsType = "btrfs";
options = [ "compress=zstd" "noatime" "subvol=tmp" ];
options = [
"compress=zstd"
"noatime"
"subvol=tmp"
];
};
fileSystems."/nix" =
{ device = "/dev/disk/by-uuid/adcc14fa-8bf7-4b4b-a9e4-b038993b96cc";
fileSystems."/nix" = {
device = "/dev/disk/by-uuid/adcc14fa-8bf7-4b4b-a9e4-b038993b96cc";
fsType = "btrfs";
options = [ "compress=zstd" "noatime" "subvol=nix" ];
options = [
"compress=zstd"
"noatime"
"subvol=nix"
];
};
fileSystems."/var/log" =
{ device = "/dev/disk/by-uuid/adcc14fa-8bf7-4b4b-a9e4-b038993b96cc";
fileSystems."/var/log" = {
device = "/dev/disk/by-uuid/adcc14fa-8bf7-4b4b-a9e4-b038993b96cc";
fsType = "btrfs";
options = [ "compress=zstd" "noatime" "subvol=log" ];
options = [
"compress=zstd"
"noatime"
"subvol=log"
];
};
fileSystems."/home" =
{ device = "/dev/disk/by-uuid/adcc14fa-8bf7-4b4b-a9e4-b038993b96cc";
fileSystems."/home" = {
device = "/dev/disk/by-uuid/adcc14fa-8bf7-4b4b-a9e4-b038993b96cc";
fsType = "btrfs";
options = [ "compress=zstd" "subvol=home" ];
options = [
"compress=zstd"
"subvol=home"
];
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/23FA-AD3E";
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/23FA-AD3E";
fsType = "vfat";
options = [ "fmask=0022" "dmask=0022" ];
options = [
"fmask=0022"
"dmask=0022"
];
};
# swapDevices = [

16
systems/aarch64-linux/pi4/boot.nix
View File

@@ -21,14 +21,21 @@
# # cp -r ${uefi_pi4}/share/uefi_rpi4/* /boot/firmware/
# # '';
# }
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}:
let
kernelBundle = pkgs.linuxAndFirmware.latest;
in
{
system.nixos.tags = let
system.nixos.tags =
let
cfg = config.boot.loader.raspberry-pi;
in [
in
[
"raspberry-pi-${cfg.variant}"
cfg.bootloader
config.boot.kernelPackages.kernel.version
@@ -43,7 +50,8 @@ in
};
hardware.raspberry-pi.config = {
all = { # [all] conditional filter, https://www.raspberrypi.com/documentation/computers/config_txt.html#conditional-filters
all = {
# [all] conditional filter, https://www.raspberrypi.com/documentation/computers/config_txt.html#conditional-filters
base-dt-params = {
i2c_arm = {

8
systems/aarch64-linux/pi4/default.nix
View File

@@ -2,7 +2,13 @@
# your system. Help is available in the configuration.nix(5) man page, on
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
{ config, lib, pkgs, namespace, ... }:
{
config,
lib,
pkgs,
namespace,
...
}:
let
user = "matt";
# password = config.sops.secrets."pi4/matt-password".path;

3
systems/aarch64-linux/pi5/boot.nix
View File

@@ -9,7 +9,8 @@ in
};
hardware.raspberry-pi.config = {
all = { # [all] conditional filter, https://www.raspberrypi.com/documentation/computers/config_txt.html#conditional-filters
all = {
# [all] conditional filter, https://www.raspberrypi.com/documentation/computers/config_txt.html#conditional-filters
options = {
# https://www.raspberrypi.com/documentation/computers/config_txt.html#enable_uart

14
systems/aarch64-linux/pi5/default.nix
View File

@@ -2,7 +2,13 @@
# your system. Help is available in the configuration.nix(5) man page, on
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
{ config, lib, pkgs, namespace, ... }:
{
config,
lib,
pkgs,
namespace,
...
}:
let
user = "matt";
password = config.sops.secrets."pi5/matt-password".path;
@@ -53,9 +59,11 @@ in
];
};
system.nixos.tags = let
system.nixos.tags =
let
cfg = config.boot.loader.raspberry-pi;
in [
in
[
"raspberry-pi-${cfg.variant}"
cfg.bootloader
config.boot.kernelPackages.kernel.version

4
systems/x86_64-linux/desktop/default.nix
View File

@@ -1,4 +1,5 @@
{ # Snowfall Lib provides a customized `lib` instance with access to your flake's library
# Snowfall Lib provides a customized `lib` instance with access to your flake's library
{
# as well as the libraries available from your flake's inputs.
# lib,
# # An instance of `pkgs` with your overlays and packages applied is also available.
@@ -31,7 +32,6 @@ in
./nix.nix
./sops.nix
./specialisations/hyprland
];

7
systems/x86_64-linux/desktop/nix.nix
View File

@@ -26,7 +26,12 @@ in
system = "x86_64-linux";
maxJobs = 10;
sshUser = "admin";
supportedFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" ];
supportedFeatures = [
"nixos-test"
"benchmark"
"big-parallel"
"kvm"
];
}
];
};

7
systems/x86_64-linux/desktop/users.nix
View File

@@ -1,4 +1,9 @@
{ config, namespace, lib, ... }:
{
config,
namespace,
lib,
...
}:
let
passwordFile = config.sops.secrets."desktop/matt_password".path;
in

10
systems/x86_64-linux/nas/apps.nix
View File

@@ -23,7 +23,10 @@
reverseProxy = {
enable = true;
host = "actual.mjallen.dev";
middlewares = [ "crowdsec" "whitelist-geoblock" ];
middlewares = [
"crowdsec"
"whitelist-geoblock"
];
};
};
@@ -78,7 +81,10 @@
reverseProxy = {
enable = true;
host = "gitea.mjallen.dev";
middlewares = [ "crowdsec" "whitelist-geoblock" ];
middlewares = [
"crowdsec"
"whitelist-geoblock"
];
};
};

9
systems/x86_64-linux/nas/apps/options.nix
View File

@@ -4,7 +4,10 @@ let
in
{
options.nas-apps = mkOption {
type = types.attrsOf (types.submodule ({ config, name, ... }: {
type = types.attrsOf (
types.submodule (
{ config, name, ... }:
{
options = {
enable = mkOption {
type = types.bool;
@@ -41,6 +44,8 @@ in
};
};
};
}));
}
)
);
};
}

4
systems/x86_64-linux/nas/default.nix
View File

@@ -207,7 +207,9 @@
];
};
};
nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
nixpkgs.config.allowUnfreePredicate =
pkg:
builtins.elem (lib.getName pkg) [
"vscode-extension-github-copilot"
];
}

18
systems/x86_64-linux/nas/grafana.nix
View File

@@ -40,15 +40,19 @@ in
scrapeConfigs = [
{
job_name = "node";
static_configs = [{
static_configs = [
{
targets = [ "localhost:${toString config.services.prometheus.exporters.node.port}" ];
}];
}
];
}
{
job_name = "traefik";
static_configs = [{
static_configs = [
{
targets = [ "localhost:8082" ];
}];
}
];
}
];
};
@@ -66,12 +70,14 @@ in
provision = {
enable = true;
datasources.settings.datasources = [{
datasources.settings.datasources = [
{
name = "Prometheus";
type = "prometheus";
access = "proxy";
url = "http://localhost:${toString config.services.prometheus.port}";
}];
}
];
};
};
};

7
systems/x86_64-linux/nas/nix-serve.nix
View File

@@ -339,7 +339,12 @@ in
system = "aarch64-linux";
maxJobs = 4;
sshUser = "matt";
supportedFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" ];
supportedFeatures = [
"nixos-test"
"benchmark"
"big-parallel"
"kvm"
];
}
];
};

3
systems/x86_64-linux/nas/nixpkgs.nix
View File

@@ -8,7 +8,8 @@
# enable cuda support
cudaSupport = true;
allowUnfreePredicate = p:
allowUnfreePredicate =
p:
builtins.all (
license:
license.free

6
systems/x86_64-linux/nas/sops.nix
View File

@@ -264,7 +264,11 @@ in
PAPERLESS_SECRET = ${config.sops.placeholder."jallen-nas/paperless/secret"}
PAPERLESS_ENABLE_ALLAUTH = true
PAPERLESS_APPS = "allauth.socialaccount.providers.openid_connect"
PAPERLESS_SOCIALACCOUNT_PROVIDERS = {"openid_connect":{"OAUTH_PKCE_ENABLED":true,"APPS":[{"provider_id":"authentik","name":"authentik","client_id":"${config.sops.placeholder."jallen-nas/paperless/authentik-client-id"}","secret":"${config.sops.placeholder."jallen-nas/paperless/authentik-client-secret"}","settings":{"server_url":"https://authentik.mjallen.dev/application/o/paperless/.well-known/openid-configuration"}}]}}
PAPERLESS_SOCIALACCOUNT_PROVIDERS = {"openid_connect":{"OAUTH_PKCE_ENABLED":true,"APPS":[{"provider_id":"authentik","name":"authentik","client_id":"${
config.sops.placeholder."jallen-nas/paperless/authentik-client-id"
}","secret":"${
config.sops.placeholder."jallen-nas/paperless/authentik-client-secret"
}","settings":{"server_url":"https://authentik.mjallen.dev/application/o/paperless/.well-known/openid-configuration"}}]}}
'';
mode = "0650";
owner = config.users.users."${user}".name;

7
systems/x86_64-linux/nas/users.nix
View File

@@ -1,4 +1,9 @@
{ pkgs, config, lib, ... }:
{
pkgs,
config,
lib,
...
}:
let
user = "admin";
passwordFile = config.sops.secrets."jallen-nas/admin_password".path;

16
systems/x86_64-linux/steamdeck/configuration.nix
View File

@@ -2,7 +2,13 @@
# your system. Help is available in the configuration.nix(5) man page, on
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
{ config, lib, pkgs, namespace, ... }:
{
config,
lib,
pkgs,
namespace,
...
}:
{
nix = {
@@ -22,7 +28,12 @@
system = "x86_64-linux";
maxJobs = 10;
sshUser = "admin";
supportedFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" ];
supportedFeatures = [
"nixos-test"
"benchmark"
"big-parallel"
"kvm"
];
}
];
};
@@ -80,4 +91,3 @@
};
};
}

3
systems/x86_64-linux/steamdeck/default.nix
View File

@@ -1,4 +1,5 @@
{ # Snowfall Lib provides a customized `lib` instance with access to your flake's library
# Snowfall Lib provides a customized `lib` instance with access to your flake's library
{
# as well as the libraries available from your flake's inputs.
lib,
# An instance of `pkgs` with your overlays and packages applied is also available.

7
systems/x86_64-linux/steamdeck/sops.nix
View File

@@ -1,4 +1,9 @@
{ config, lib, namespace, ... }:
{
config,
lib,
namespace,
...
}:
let
user = config.${namespace}.user.name;
in

33
treefmt.nix
View File

@@ -2,17 +2,17 @@
projectRootFile = "flake.nix";
programs = {
actionlint.enable = true;
actionlint.enable = false;
biome = {
enable = true;
enable = false;
settings.formatter.formatWithErrors = true;
};
clang-format.enable = true;
clang-format.enable = false;
deadnix = {
enable = true;
};
deno = {
enable = true;
enable = false;
# Using biome for these
excludes = [
"*.ts"
@@ -21,26 +21,27 @@
"*.jsonc"
];
};
fantomas.enable = true;
fish_indent.enable = true;
gofmt.enable = true;
isort.enable = true;
fantomas.enable = false;
fish_indent.enable = false;
gofmt.enable = false;
isort.enable = false;
nixfmt.enable = true;
# nufmt.enable = true;
ruff-check.enable = true;
ruff-format.enable = true;
rustfmt.enable = true;
ruff-check.enable = false;
ruff-format.enable = false;
rustfmt.enable = false;
shfmt = {
enable = true;
enable = false;
indent_size = 4;
};
statix.enable = true;
stylua.enable = true;
taplo.enable = true;
statix.enable = false;
stylua.enable = false;
taplo.enable = false;
yamlfmt.enable = true;
};
settings = {
fail-on-change = false;
global.excludes = [
"*.editorconfig"
"*.envrc"
@@ -77,6 +78,6 @@
"*makefile"
];
formatter.ruff-format.options = [ "--isolated" ];
#formatter.ruff-format.options = [ "--isolated" ];
};
}