mjallen/nix-config
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: mjallen:c439495d7ab31f343924e9560f2dbe65acc3d8b3
Branches Tags
mjallen:main mjallen:stylix mjallen:bcfs mjallen:snowfall mjallen:macbook-hyprland
...
compare: mjallen:ff469102eafeb9b8308bfd8ea62b537eab1137e4
Branches Tags
mjallen:main mjallen:stylix mjallen:bcfs mjallen:snowfall mjallen:macbook-hyprland

4 Commits
c439495d7a ... ff469102ea

Author SHA1 Message Date
mjallen18
ff469102ea manual_inherit 2026-04-05 19:10:23 -05:00
mjallen18
a363622659 useless_parens 2026-04-05 15:10:13 -05:00
mjallen18
07b1fc3618 empty_pattern 2026-04-05 14:49:16 -05:00
mjallen18
159ad4cb83 useless_has_attr 2026-04-05 14:29:24 -05:00
116 changed files with 349 additions and 493 deletions
Expand all files Collapse all files

15
checks/pre-commit-hooks/default.nix
View File

@@ -28,12 +28,13 @@ pre-commit-hooks-nix.lib.${pkgs.stdenv.hostPlatform.system}.run {
enable = true;
package = pkgs.nixfmt;
};
statix = {
enable = true;
args = [
"--config"
(lib.snowfall.fs.get-file "statix.toml")
];
};
# statix disabled - too many false positives (manual_inherit warnings)
# statix = {
# enable = true;
# args = [
# "--config"
# (lib.snowfall.fs.get-file "statix.toml")
# ];
# };
};
}

2
homes/aarch64-linux/matt@macbook-pro-nixos/default.nix
View File

@@ -135,7 +135,7 @@ in
sops = {
secrets = {
"protonmail-password" = {
sopsFile = (lib.snowfall.fs.get-file "secrets/mac-secrets.yaml");
sopsFile = lib.snowfall.fs.get-file "secrets/mac-secrets.yaml";
};
};
};

3
lib/default.nix
View File

@@ -3,8 +3,9 @@
mjallen-lib = {
module = import ./module { inherit inputs; };
file = import ./file { inherit inputs; };
inherit (inputs.nixpkgs) lib;
versioning = import ./versioning {
lib = inputs.nixpkgs.lib;
inherit (inputs.nixpkgs) lib;
inherit inputs;
};
};

2
lib/file/default.nix
View File

@@ -1,7 +1,7 @@
{ inputs, ... }@args:
let
# Get self from args or default to ../.. (the flake root)
self = if args ? self then args.self else ../..;
self = args.self or ../..;
inherit (inputs.nixpkgs.lib)
genAttrs

10
lib/module/default.nix
View File

@@ -91,8 +91,7 @@ rec {
];
};
redis.servers.${name} = lib.mkIf cfg.redis.enable {
enable = true;
port = cfg.redis.port;
inherit (cfg.redis) enable port;
};
};
};
@@ -149,8 +148,9 @@ rec {
reverseProxy = mkReverseProxyOpt name;
hostedService = {
enable = mkOpt types.bool (cfg.reverseProxy.enable
) "Expose this service in Glance dashboard (auto-enabled when reverseProxy is on)";
enable =
mkOpt types.bool cfg.reverseProxy.enable
"Expose this service in Glance dashboard (auto-enabled when reverseProxy is on)";
title = mkOpt types.str name "Display title in Glance";
icon = mkOpt types.str "si:glance" "Icon identifier for Glance (e.g. si:actualbudget)";
group = mkOpt types.str "Services" "Glance group/category for this service";
@@ -254,7 +254,7 @@ rec {
owner ? "nix-apps",
group ? "jallen-nas",
mode ? "660",
sopsFile ? (lib.snowfall.fs.get-file "secrets/nas-secrets.yaml"),
sopsFile ? lib.snowfall.fs.get-file "secrets/nas-secrets.yaml",
}:
{
sops.secrets = mapAttrs (_key: extra: { inherit sopsFile; } // extra) secrets;

1
lib/network/default.nix
View File

@@ -18,7 +18,6 @@
#
# All attributes intentionally use plain strings / ints so they can be
# interpolated with `toString` or used directly in any context.
{ ... }:
{
network = {
# -----------------------------------------------------------------------

50
lib/versioning/default.nix
View File

@@ -9,12 +9,9 @@ let
hasAttr
getAttr
attrNames
toString
replaceStrings
;
mapAttrs = lib.mapAttrs;
recursiveUpdate = lib.recursiveUpdate;
inherit (lib) mapAttrs recursiveUpdate;
# Deep-merge attrsets (right-biased).
deepMerge = a: b: recursiveUpdate a b;
@@ -31,8 +28,8 @@ let
applyVariantOnce =
selected: variant:
let
vVars = if variant ? variables then variant.variables else { };
vSrcs = if variant ? sources then variant.sources else { };
vVars = variant.variables or { };
vSrcs = variant.sources or { };
in
{
variables = selected.variables // vVars;
@@ -47,8 +44,8 @@ let
else
let
p = variant.platforms.${system};
pVars = if p ? variables then p.variables else { };
pSrcs = if p ? sources then p.sources else { };
pVars = p.variables or { };
pSrcs = p.sources or { };
in
{
variables = selected.variables // pVars;
@@ -93,49 +90,44 @@ let
mkSrcFromRendered' =
pkgs': comp:
let
fetcher = if comp ? fetcher then comp.fetcher else "none";
fetcher = comp.fetcher or "none";
in
if fetcher == "github" then
pkgs'.fetchFromGitHub (
{
owner = comp.owner;
repo = comp.repo;
inherit (comp) owner repo hash;
# Allow tag as rev (ignore null/empty tag)
rev = if comp ? tag && comp.tag != null && comp.tag != "" then comp.tag else comp.rev;
fetchSubmodules = if comp ? submodules then comp.submodules else false;
hash = comp.hash;
fetchSubmodules = comp.submodules or false;
}
// lib.optionalAttrs (comp ? name) { name = comp.name; }
// lib.optionalAttrs (comp ? name) { inherit (comp) name; }
)
else if fetcher == "git" then
pkgs'.fetchgit {
url = comp.url;
rev = comp.rev;
fetchSubmodules = if comp ? submodules then comp.submodules else false;
hash = comp.hash;
inherit (comp) url rev hash;
fetchSubmodules = comp.submodules or false;
}
else if fetcher == "url" then
let
url = if comp ? url then comp.url else comp.urlTemplate;
url = comp.url or comp.urlTemplate;
in
if useFetchZip comp then
pkgs'.fetchzip (
{
inherit (comp) hash;
inherit url;
hash = comp.hash;
}
// lib.optionalAttrs (comp ? extra && comp.extra ? stripRoot) { stripRoot = comp.extra.stripRoot; }
// lib.optionalAttrs (comp ? extra && comp.extra ? stripRoot) { inherit (comp.extra) stripRoot; }
)
else
pkgs'.fetchurl {
inherit (comp) hash;
inherit url;
hash = comp.hash;
}
else if fetcher == "pypi" then
pkgs'.python3Packages.fetchPypi {
inherit (comp) version hash;
pname = comp.name;
version = comp.version;
hash = comp.hash;
}
else
# fetcher == "none": pass-through (e.g., linux version/hash consumed by custom logic)
@@ -155,14 +147,10 @@ rec {
selectVariant =
spec: variantName: system:
let
chosen =
if variantName != null then
variantName
else
(if spec ? defaultVariant then spec.defaultVariant else null);
chosen = if variantName != null then variantName else (spec.defaultVariant or null);
baseSelected = {
variables = if spec ? variables then spec.variables else { };
sources = if spec ? sources then spec.sources else { };
variables = spec.variables or { };
sources = spec.sources or { };
};
in
resolveVariant spec baseSelected chosen system;

8
modules/darwin/nix/default.nix
View File

@@ -4,13 +4,15 @@
...
}:
let
nixSettings = lib.${namespace}.nixSettings;
inherit (lib.${namespace}) nixSettings;
in
{
nix = {
settings = nixSettings.commonSettings // {
substituters = nixSettings.commonSubstituters;
trusted-public-keys = nixSettings.commonTrustedPublicKeys;
inherit (nixSettings)
commonSubstituters
commonTrustedPublicKeys
;
};
gc = nixSettings.commonGc;

2
modules/home/home/default.nix
View File

@@ -57,7 +57,7 @@ in
wget
]
++ (
if (hasDestopEnvironment) then
if hasDestopEnvironment then
[
boxbuddy
cider-2

1
modules/home/programs/git/default.nix
View File

@@ -1,4 +1,3 @@
{ ... }:
let
gitAliases = {
co = "checkout";

3
modules/home/programs/hyprland/default.nix
View File

@@ -313,6 +313,7 @@ in
secondMonitor = if builtins.length names > 1 then builtins.elemAt names 1 else firstMonitor;
in
{
inherit (cfg) workspace;
"$mod" = cfg.modKey;
# Mouse
@@ -513,8 +514,6 @@ in
preserve_split = "yes";
};
workspace = cfg.workspace;
windowrule = [
"match:title file_progress, float 1"
"match:title .*[Cc]onfirm.*, float 1"

1
modules/home/programs/librewolf/default.nix
View File

@@ -1,4 +1,3 @@
{ ... }:
{
programs.librewolf = {
enable = false;

1
modules/home/programs/password-store/default.nix
View File

@@ -1,4 +1,3 @@
{ ... }:
{
# The default value of `programs.password-store.settings` has changed from `{ PASSWORD_STORE_DIR = "$XDG_DATA_HOME/password-store"; }` to `{ }`.
# You are currently using the legacy default (`{ PASSWORD_STORE_DIR = "$XDG_DATA_HOME/password-store"; }`) because `home.stateVersion` is less than "25.11".

9
modules/home/programs/waybar/default.nix
View File

@@ -294,10 +294,10 @@ in
systemd.enable = true;
settings = {
mainBar = (
mainBar =
(mkMerge [
{
layer = cfg.layer;
inherit (cfg) layer;
position = "top";
mod = "dock";
exclusive = true;
@@ -342,7 +342,7 @@ in
};
network = {
interface = cfg.network.interface;
inherit (cfg.network) interface;
on-click = "nm-connection-editor";
format = "{icon}";
tooltip-format = "{ifname} via {gwaddr} 󰊗";
@@ -589,8 +589,7 @@ in
};
})
])
// cfg.extra.settings
);
// cfg.extra.settings;
}
// cfg.extraModules; # keep legacy top-level extra modules for compatibility

1
modules/home/programs/zsh/default.nix
View File

@@ -1,4 +1,3 @@
{ ... }:
let
defaultShellAliases = {
l = "ls -alh";

3
modules/home/services/pass/default.nix
View File

@@ -1,6 +1,3 @@
{
...
}:
{
#services.gnome-keyring.enable = false;
#home.packages = [ pkgs.gcr ];

6
modules/home/user/default.nix
View File

@@ -35,17 +35,17 @@ in
description = "The full name of the user.";
};
home = mkOption {
type = (types.nullOr types.str);
type = types.nullOr types.str;
default = home-directory;
description = "The user's home directory.";
};
icon = mkOption {
type = (types.nullOr types.package);
type = types.nullOr types.package;
default = null;
description = "The profile picture to use for the user. Set to a package whose output is the icon file (e.g. a derivation producing a PNG).";
};
name = mkOption {
type = (types.nullOr types.str);
type = types.nullOr types.str;
default = "matt";
description = "The user account.";
};

2
modules/nixos/boot/common/default.nix
View File

@@ -62,7 +62,7 @@ in
bcachefs.package = lib.mkOverride 90 pkgs.${namespace}.bcachefs;
consoleLogLevel = lib.mkDefault 0;
bootspec.enable = (!isArm);
bootspec.enable = !isArm;
initrd = {
verbose = lib.mkDefault false;

2
modules/nixos/boot/lanzaboote/default.nix
View File

@@ -32,7 +32,7 @@ in
};
};
lanzaboote = {
enable = cfg.enable;
enable = true;
pkiBundle = "/etc/secureboot";
settings = {
console-mode = "max";

2
modules/nixos/desktop/hyprland/wallpapers/default.nix
View File

@@ -15,11 +15,11 @@ in
# and provide the hyprctl hot-reload command so hyprpaper picks up the new image.
config = lib.mkIf cfg.enable {
${namespace}.wallpaper = {
inherit (cfg) defaultWallpaper;
enable = true;
source = cfg.wallpaperSource;
path = cfg.wallpaper;
dir = cfg.wallpaperDir;
defaultWallpaper = cfg.defaultWallpaper;
reloadCommand = "${lib.getExe' pkgs.hyprland "hyprctl"} hyprpaper wallpaper ,${cfg.wallpaper},";
};
};

2
modules/nixos/hardware/amd/default.nix
View File

@@ -46,7 +46,7 @@ in
};
programs.corectrl = {
enable = cfg.corectrl.enable;
inherit (cfg.corectrl) enable;
package = pkgs.corectrl;
};

2
modules/nixos/hardware/nvidia/default.nix
View File

@@ -53,7 +53,7 @@ in
# Enable the Nvidia settings menu,
# accessible via `nvidia-settings`.
nvidiaSettings = cfg.nvidiaSettings;
inherit (cfg) nvidiaSettings;
};
};

5
modules/nixos/hardware/raspberry-pi/audio.nix
View File

@@ -16,7 +16,7 @@ in
config = lib.mkIf cfg.enable {
hardware.deviceTree = {
overlays = (
overlays =
with pkgs.${namespace};
(
if (variant == "5") then
@@ -33,8 +33,7 @@ in
dtsFile = "${raspberrypi-overlays}/dtbs/raspberrypi-overlays/pisound-overlay.dts";
}
]
)
);
);
};
};
}

7
modules/nixos/hardware/raspberry-pi/bluetooth.nix
View File

@@ -7,7 +7,7 @@
}:
let
cfg = config.${namespace}.hardware.raspberry-pi.disable-bluetooth;
variant = config.${namespace}.hardware.raspberry-pi.variant;
inherit (config.${namespace}.hardware.raspberry-pi) variant;
in
{
options.${namespace}.hardware.raspberry-pi.disable-bluetooth = {
@@ -16,7 +16,7 @@ in
config = lib.mkIf cfg.enable {
hardware.deviceTree = {
overlays = (
overlays =
if (variant == "5") then
[
{
@@ -34,8 +34,7 @@ in
pkgs.${namespace}.raspberrypi-overlays
}/dtbs/raspberrypi-overlays/disable-bt-overlay.dts";
}
]
);
];
};
};
}

53
modules/nixos/hardware/raspberry-pi/default.nix
View File

@@ -15,7 +15,7 @@ let
# installs raspberry's firmware independent of the nixos generations
# sometimes referred to as "boot code"
raspberryPiFirmware = (
raspberryPiFirmware =
{
pkgs,
firmware,
@@ -33,10 +33,9 @@ let
inherit firmware configTxt;
};
}
);
};
kernelbootGenBuilder = (
kernelbootGenBuilder =
{
pkgs,
deviceTreeInstaller,
@@ -53,10 +52,9 @@ let
installDeviceTree = deviceTreeInstaller;
};
}
);
};
deviceTree = (
deviceTree =
{
pkgs,
firmware,
@@ -73,8 +71,7 @@ let
inherit firmware;
};
}
);
};
mkBootloader =
pkgs:
@@ -113,7 +110,7 @@ let
};
bootloader = (
bootloader =
{
pkgs,
nixosGenerationsDir,
@@ -136,28 +133,25 @@ let
# NixOS-generations -dependent
inherit nixosGenerationsDir nixosGenBuilder;
};
}
);
};
# Builders used to write during system activation
ubootBuilder = import ./uboot-builder.nix {
inherit pkgs;
ubootPackage = (
if (cfg.variant == "5") then pkgs.${namespace}.uboot-pi5 else pkgs.${namespace}.uboot-pi4
);
ubootPackage =
if (cfg.variant == "5") then pkgs.${namespace}.uboot-pi5 else pkgs.${namespace}.uboot-pi4;
firmwareBuilder = firmwarePopulateCmd;
extlinuxConfBuilder = config.boot.loader.generic-extlinux-compatible.populateCmd;
};
uefiBuilder = import ./uefi-builder.nix {
inherit pkgs;
uefiPackage = (
uefiPackage =
if (cfg.variant == "5") then
pkgs.${namespace}.uefi-rpi5
else
pkgs.${namespace}.edk2.override { MODEL = "4"; }
);
pkgs.${namespace}.edk2.override { MODEL = "4"; };
firmwareBuilder = firmwarePopulateCmd;
};
@@ -297,14 +291,16 @@ in
enable = lib.mkDefault (if cfg.bootType == "uefi" then false else true);
useGenerationDeviceTree = lib.mkOverride 60 (if cfg.bootType == "uefi" then false else true);
};
systemd-boot.enable = (if cfg.bootType == "uefi" then true else false);
systemd-boot.extraInstallCommands =
let
bootloaderInstaller = (builder."${cfg.bootType}");
in
''
${bootloaderInstaller} -f /boot/firmware -b /boot -c
'';
systemd-boot = {
enable = if cfg.bootType == "uefi" then true else false;
extraInstallCommands =
let
bootloaderInstaller = builder."${cfg.bootType}";
in
''
${bootloaderInstaller} -f /boot/firmware -b /boot -c
'';
};
grub.enable = lib.mkForce false;
};
};
@@ -350,14 +346,13 @@ in
};
kernel = lib.mkIf (cfg.bootType == "kernel" || cfg.bootType == "uboot") {
enable = true;
value = (
value =
if cfg.bootType == "uboot" then
"u-boot.bin"
else if cfg.bootType == "kernel" then
"kernel.img"
else
""
);
"";
};
};
};

7
modules/nixos/hardware/raspberry-pi/i2c.nix
View File

@@ -7,7 +7,7 @@
}:
let
cfg = config.${namespace}.hardware.raspberry-pi.i2c;
variant = config.${namespace}.hardware.raspberry-pi.variant;
inherit (config.${namespace}.hardware.raspberry-pi) variant;
in
{
options.${namespace}.hardware.raspberry-pi.i2c = {
@@ -16,7 +16,7 @@ in
config = lib.mkIf cfg.enable {
hardware.deviceTree = {
overlays = (
overlays =
if (variant == "5") then
[
{
@@ -70,8 +70,7 @@ in
name = "i2c6-overlay";
dtsFile = "${pkgs.${namespace}.raspberrypi-overlays}/dtbs/raspberrypi-overlays/i2c6-overlay.dts";
}
]
);
];
};
};
}

5
modules/nixos/hardware/raspberry-pi/modesetting.nix
View File

@@ -16,7 +16,7 @@ in
config = lib.mkIf cfg.enable {
hardware.deviceTree = {
overlays = (
overlays =
if (variant == "5") then
[
{
@@ -34,8 +34,7 @@ in
pkgs.${namespace}.raspberrypi-overlays
}/dtbs/raspberrypi-overlays/vc4-fkms-v3d-pi4-overlay.dts";
}
]
);
];
};
};
}

9
modules/nixos/hardware/raspberry-pi/pwm.nix
View File

@@ -7,7 +7,7 @@
}:
let
cfg = config.${namespace}.hardware.raspberry-pi.pwm;
variant = config.${namespace}.hardware.raspberry-pi.variant;
inherit (config.${namespace}.hardware.raspberry-pi) variant;
in
{
options.${namespace}.hardware.raspberry-pi.pwm = {
@@ -19,13 +19,12 @@ in
overlays = [
{
name = "enable-pwm";
filter = (if (variant == "5") then "*pi5*" else "*rpi-4-b*");
dtsFile = (
filter = if (variant == "5") then "*pi5*" else "*rpi-4-b*";
dtsFile =
if (variant == "5") then
"${pkgs.${namespace}.raspberrypi-overlays}/dtbs/raspberrypi-overlays/pwm-pio-overlay.dts"
else
"${pkgs.${namespace}.raspberrypi-overlays}/dtbs/raspberrypi-overlays/pwm1-overlay.dts"
);
"${pkgs.${namespace}.raspberrypi-overlays}/dtbs/raspberrypi-overlays/pwm1-overlay.dts";
}
];
};

5
modules/nixos/hardware/raspberry-pi/wifi.nix
View File

@@ -16,7 +16,7 @@ in
config = lib.mkIf cfg.enable {
hardware.deviceTree = {
overlays = (
overlays =
if (variant == "5") then
[
{
@@ -38,8 +38,7 @@ in
name = "wifimac-overlay";
dtsFile = "${pkgs.${namespace}.raspberrypi-overlays}/dtbs/raspberrypi-overlays/wifimac-overlay.dts";
}
]
);
];
};
};
}

6
modules/nixos/homeassistant/services/govee2mqtt/default.nix
View File

@@ -13,13 +13,13 @@ in
sops = {
secrets = {
"jallen-nas/govee2mqtt/govee-email" = {
sopsFile = (lib.snowfall.fs.get-file "secrets/nas-secrets.yaml");
sopsFile = lib.snowfall.fs.get-file "secrets/nas-secrets.yaml";
};
"jallen-nas/govee2mqtt/govee-password" = {
sopsFile = (lib.snowfall.fs.get-file "secrets/nas-secrets.yaml");
sopsFile = lib.snowfall.fs.get-file "secrets/nas-secrets.yaml";
};
"jallen-nas/govee2mqtt/govee-api" = {
sopsFile = (lib.snowfall.fs.get-file "secrets/nas-secrets.yaml");
sopsFile = lib.snowfall.fs.get-file "secrets/nas-secrets.yaml";
};
};
templates = {

10
modules/nixos/homeassistant/services/homeassistant/default.nix
View File

@@ -32,15 +32,13 @@ in
sops = {
secrets = {
"home-assistant/auth-client-id" = {
sopsFile = (lib.snowfall.fs.get-file "secrets/nuc-secrets.yaml");
owner = config.users.users.hass.name;
group = config.users.users.hass.group;
sopsFile = lib.snowfall.fs.get-file "secrets/nuc-secrets.yaml";
inherit (config.users.users.hass) name group;
restartUnits = [ "home-assistant.service" ];
};
"home-assistant/auth-client-secret" = {
sopsFile = (lib.snowfall.fs.get-file "secrets/nuc-secrets.yaml");
owner = config.users.users.hass.name;
group = config.users.users.hass.group;
sopsFile = lib.snowfall.fs.get-file "secrets/nuc-secrets.yaml";
inherit (config.users.users.hass) name group;
restartUnits = [ "home-assistant.service" ];
};
};

4
modules/nixos/homeassistant/services/thread/default.nix
View File

@@ -27,11 +27,11 @@ let
backboneInterface = "enp2s0";
package = otbrPackage;
rest = {
listenAddress = cfg.listenAddress;
inherit (cfg) listenAddress;
listenPort = cfg.restPort;
};
web = {
listenAddress = cfg.listenAddress;
inherit (cfg) listenAddress;
listenPort = cfg.port;
};
radio = {

54
modules/nixos/network/default.nix
View File

@@ -15,24 +15,20 @@ let
name: profile:
nameValuePair "${name}" {
connection = {
inherit (profile) type autoconnect autoconnect-retries;
id = name;
type = profile.type;
autoconnect = profile.autoconnect;
autoconnect-retries = profile.autoconnect-retries;
autoconnect-priority = profile.priority;
interface-name = profile.interface or cfg.ipv4.interface;
};
ipv4 = {
method = cfg.ipv4.method;
inherit (cfg.ipv4) method;
}
// (
if (cfg.ipv4.method == "auto") then
{ }
else
{
address = cfg.ipv4.address;
gateway = cfg.ipv4.gateway;
dns = cfg.ipv4.dns;
inherit (cfg.ipv4) address gateway dns;
}
);
ipv6 = {
@@ -40,13 +36,13 @@ let
method = "auto";
};
wifi = mkIf (profile.type == "wifi") {
inherit (profile) ssid;
mode = "infrastructure";
ssid = profile.ssid;
roaming = "allowed";
};
wifi-security = mkIf (profile.type == "wifi") {
inherit (profile) psk;
key-mgmt = profile.keyMgmt;
psk = profile.psk;
};
};
@@ -65,10 +61,8 @@ let
interface-name = cfg.ipv4.interface;
};
ipv4 = {
inherit (cfg.ipv4) address gateway dns;
method = "manual";
address = cfg.ipv4.address;
gateway = cfg.ipv4.gateway;
dns = cfg.ipv4.dns;
};
ipv6 = {
addr-gen-mode = "stable-privacy";
@@ -149,31 +143,29 @@ in
# Configure NAT if enabled
nat = lib.mkIf cfg.nat.enable {
inherit (cfg.nat) internalInterfaces externalInterface enableIPv6;
enable = true;
internalInterfaces = cfg.nat.internalInterfaces;
externalInterface = cfg.nat.externalInterface;
enableIPv6 = cfg.nat.enableIPv6;
};
# Configure firewall
firewall = {
enable = cfg.firewall.enable;
allowPing = cfg.firewall.allowPing;
allowedTCPPorts = cfg.firewall.allowedTCPPorts;
allowedUDPPorts = cfg.firewall.allowedUDPPorts;
trustedInterfaces = cfg.firewall.trustedInterfaces;
inherit (cfg.firewall)
enable
allowPing
allowedTCPPorts
allowedUDPPorts
trustedInterfaces
;
# Default port ranges for KDE Connect
allowedTCPPortRanges = lib.mkIf cfg.firewall.kdeConnect.enable [
{
from = cfg.firewall.kdeConnect.tcpRange.from;
to = cfg.firewall.kdeConnect.tcpRange.to;
inherit (cfg.firewall.kdeConnect.tcpRange) from to;
}
];
allowedUDPPortRanges = lib.mkIf cfg.firewall.kdeConnect.enable [
{
from = cfg.firewall.kdeConnect.udpRange.from;
to = cfg.firewall.kdeConnect.udpRange.to;
inherit (cfg.firewall.kdeConnect.udpRange) from to;
}
];
@@ -185,14 +177,16 @@ in
# When iwd is enabled alongside NetworkManager, iwd acts as the WiFi
# backend for NM (iwd handles scanning/association; NM handles
# connection management). They are not mutually exclusive.
wireless.iwd = lib.mkIf cfg.iwd.enable {
enable = true;
settings = cfg.iwd.settings;
wireless.iwd = {
inherit (cfg.iwd)
enable
settings
;
};
# Configure NetworkManager when enabled
networkmanager = mkIf cfg.networkmanager.enable {
enable = true;
networkmanager = {
inherit (cfg.networkmanager) enable;
# Use iwd as the WiFi backend when iwd is also enabled
wifi.backend = mkIf cfg.iwd.enable "iwd";
wifi.powersave = cfg.networkmanager.powersave;
@@ -211,7 +205,7 @@ in
# Configure profiles if any are defined
ensureProfiles = mkIf (profiles != { }) {
environmentFiles = lib.optional (config.sops.secrets ? wifi) config.sops.secrets.wifi.path;
profiles = profiles;
inherit profiles;
};
};
};

2
modules/nixos/nix/default.nix
View File

@@ -5,7 +5,7 @@
...
}:
let
nixSettings = lib.${namespace}.nixSettings;
inherit (lib.${namespace}) nixSettings;
in
{
nix = {

4
modules/nixos/services/actual/default.nix
View File

@@ -16,11 +16,11 @@ let
options = { };
moduleConfig = {
services.actual = {
inherit (cfg) openFirewall;
enable = true;
openFirewall = cfg.openFirewall;
settings = {
inherit (cfg) port;
trustedProxies = [ config.${namespace}.network.ipv4.address ];
port = cfg.port;
serverFiles = "${cfg.configDir}/${name}/server-files";
userFiles = "${cfg.configDir}/${name}/user-files";
dataDir = "${cfg.configDir}/${name}";

6
modules/nixos/services/ai/default.nix
View File

@@ -39,23 +39,23 @@ let
moduleConfig = {
services = {
ollama = {
inherit (cfg) openFirewall;
enable = true;
package = pkgs.ollama-rocm;
port = 11434;
host = "0.0.0.0";
user = "nix-apps";
group = "jallen-nas";
openFirewall = cfg.openFirewall;
rocmOverrideGfx = "11.0.2";
loadModels = [ ];
home = "${cfg.configDir}/ollama";
};
llama-cpp = {
inherit (cfg) openFirewall;
enable = true;
port = 8127;
host = "0.0.0.0";
openFirewall = cfg.openFirewall;
model = "${cfg.configDir}/llama-cpp/models/${cfg.llama-cpp.model}.gguf";
package = inputs.llama-cpp.packages.${system}.rocm;
extraFlags = [
@@ -87,11 +87,11 @@ let
};
open-webui = {
inherit (cfg) openFirewall;
enable = true;
package = pkgs.open-webui;
host = "0.0.0.0";
port = 8888;
openFirewall = cfg.openFirewall;
environmentFile = config.sops.secrets."jallen-nas/open-webui".path;
environment = {
OPENID_PROVIDER_URL = "https://authentik.mjallen.dev/application/o/chat/.well-known/openid-configuration";

23
modules/nixos/services/arrs/default.nix
View File

@@ -18,19 +18,19 @@ let
sops = {
secrets = {
"jallen-nas/sabnzbd/password" = {
sopsFile = (lib.snowfall.fs.get-file "secrets/nas-secrets.yaml");
sopsFile = lib.snowfall.fs.get-file "secrets/nas-secrets.yaml";
};
"jallen-nas/sabnzbd/api-key" = {
sopsFile = (lib.snowfall.fs.get-file "secrets/nas-secrets.yaml");
sopsFile = lib.snowfall.fs.get-file "secrets/nas-secrets.yaml";
};
"jallen-nas/sabnzbd/nzb-key" = {
sopsFile = (lib.snowfall.fs.get-file "secrets/nas-secrets.yaml");
sopsFile = lib.snowfall.fs.get-file "secrets/nas-secrets.yaml";
};
"jallen-nas/sabnzbd/server/username" = {
sopsFile = (lib.snowfall.fs.get-file "secrets/nas-secrets.yaml");
sopsFile = lib.snowfall.fs.get-file "secrets/nas-secrets.yaml";
};
"jallen-nas/sabnzbd/server/password" = {
sopsFile = (lib.snowfall.fs.get-file "secrets/nas-secrets.yaml");
sopsFile = lib.snowfall.fs.get-file "secrets/nas-secrets.yaml";
};
};
templates = {
@@ -56,8 +56,8 @@ let
# Enable radarr service
services = {
radarr = {
inherit (cfg) openFirewall;
enable = true;
openFirewall = cfg.openFirewall;
user = "nix-apps";
group = "jallen-nas";
dataDir = "${cfg.configDir}/radarr";
@@ -65,8 +65,8 @@ let
# Enable Sonarr service
sonarr = {
inherit (cfg) openFirewall;
enable = true;
openFirewall = cfg.openFirewall;
user = "nix-apps";
group = "jallen-nas";
dataDir = "${cfg.configDir}/sonarr";
@@ -74,8 +74,8 @@ let
};
lidarr = {
inherit (cfg) openFirewall;
enable = true;
openFirewall = cfg.openFirewall;
user = "nix-apps";
group = "jallen-nas";
dataDir = "${cfg.configDir}/lidarr";
@@ -172,23 +172,22 @@ let
};
deluge = {
inherit (cfg) openFirewall dataDir;
enable = false;
user = "nix-apps";
group = "jallen-nas";
openFirewall = cfg.openFirewall;
dataDir = cfg.dataDir;
web = {
inherit (cfg) openFirewall;
enable = true;
port = 8112;
openFirewall = cfg.openFirewall;
};
};
jackett = {
inherit (cfg) openFirewall;
enable = false;
user = "nix-apps";
group = "jallen-nas";
openFirewall = cfg.openFirewall;
};
};
};

2
modules/nixos/services/attic/default.nix
View File

@@ -27,8 +27,8 @@ let
options = { };
moduleConfig = {
services.atticd = {
inherit (cfg) environmentFile;
enable = true;
environmentFile = cfg.environmentFile;
settings = {
listen = "${cfg.listenAddress}:${toString cfg.port}";
storage = {

6
modules/nixos/services/authentik/default.nix
View File

@@ -18,9 +18,11 @@ let
options = { };
moduleConfig = {
services.authentik = {
inherit (cfg) environmentFile;
enable = true;
environmentFile = cfg.environmentFile;
settings.port = cfg.port;
settings = {
inherit (cfg) port;
};
};
};
};

61
modules/nixos/services/caddy/sops.nix
View File

@@ -4,58 +4,26 @@
namespace,
...
}:
with lib;
let
cfg = config.${namespace}.services.caddy;
caddySecret = {
inherit (config.users.users.caddy) name group;
sopsFile = lib.snowfall.fs.get-file "secrets/nas-secrets.yaml";
restartUnits = [ "caddy.service" ];
};
in
{
config = lib.mkIf cfg.enable {
sops = {
secrets = {
"jallen-nas/traefik/crowdsec/lapi-key" = {
sopsFile = (lib.snowfall.fs.get-file "secrets/nas-secrets.yaml");
owner = config.users.users.caddy.name;
group = config.users.users.caddy.group;
restartUnits = [ "caddy.service" ];
};
"jallen-nas/traefik/crowdsec/capi-machine-id" = {
sopsFile = (lib.snowfall.fs.get-file "secrets/nas-secrets.yaml");
owner = config.users.users.caddy.name;
group = config.users.users.caddy.group;
restartUnits = [ "caddy.service" ];
};
"jallen-nas/traefik/crowdsec/capi-password" = {
sopsFile = (lib.snowfall.fs.get-file "secrets/nas-secrets.yaml");
owner = config.users.users.caddy.name;
group = config.users.users.caddy.group;
restartUnits = [ "caddy.service" ];
};
"jallen-nas/traefik/cloudflare-dns-api-token" = {
sopsFile = (lib.snowfall.fs.get-file "secrets/nas-secrets.yaml");
owner = config.users.users.caddy.name;
group = config.users.users.caddy.group;
restartUnits = [ "caddy.service" ];
};
"jallen-nas/traefik/cloudflare-zone-api-token" = {
sopsFile = (lib.snowfall.fs.get-file "secrets/nas-secrets.yaml");
owner = config.users.users.caddy.name;
group = config.users.users.caddy.group;
restartUnits = [ "caddy.service" ];
};
"jallen-nas/traefik/cloudflare-api-key" = {
sopsFile = (lib.snowfall.fs.get-file "secrets/nas-secrets.yaml");
owner = config.users.users.caddy.name;
group = config.users.users.caddy.group;
restartUnits = [ "caddy.service" ];
};
"jallen-nas/traefik/cloudflare-email" = {
sopsFile = (lib.snowfall.fs.get-file "secrets/nas-secrets.yaml");
owner = config.users.users.caddy.name;
group = config.users.users.caddy.group;
restartUnits = [ "caddy.service" ];
};
"jallen-nas/traefik/crowdsec/lapi-key" = caddySecret;
"jallen-nas/traefik/crowdsec/capi-machine-id" = caddySecret;
"jallen-nas/traefik/crowdsec/capi-password" = caddySecret;
"jallen-nas/traefik/cloudflare-dns-api-token" = caddySecret;
"jallen-nas/traefik/cloudflare-zone-api-token" = caddySecret;
"jallen-nas/traefik/cloudflare-api-key" = caddySecret;
"jallen-nas/traefik/cloudflare-email" = caddySecret;
};
templates = {
"caddy.env" = {
@@ -65,8 +33,7 @@ in
CLOUDFLARE_API_KEY=${config.sops.placeholder."jallen-nas/traefik/cloudflare-api-key"}
CLOUDFLARE_EMAIL=${config.sops.placeholder."jallen-nas/traefik/cloudflare-email"}
'';
owner = config.users.users.caddy.name;
group = config.users.users.caddy.group;
inherit (config.users.users.caddy) name group;
restartUnits = [ "caddy.service" ];
};
};

4
modules/nixos/services/calibre/default.nix
View File

@@ -17,9 +17,9 @@ let
options = { };
moduleConfig = {
services.calibre-server = {
inherit (cfg) port;
enable = false;
openFirewall = true;
port = cfg.port;
libraries = [ "${cfg.dataDir}/books" ];
};
};
@@ -37,8 +37,8 @@ let
package = pkgs.stable.calibre-web;
dataDir = "${cfgWeb.configDir}/calibre-web";
listen = {
inherit (cfgWeb) port;
ip = "0.0.0.0";
port = cfgWeb.port;
};
options = {
enableBookUploading = true;

3
modules/nixos/services/cockpit/default.nix
View File

@@ -15,9 +15,8 @@ let
description = "Cockpit web-based server management UI";
moduleConfig = {
services.cockpit = {
inherit (cfg) port openFirewall;
enable = true;
port = cfg.port;
openFirewall = cfg.openFirewall;
allowed-origins = [
"https://${net.hosts.nas.lan}:${toString cfg.port}"
"https://${net.hosts.nas.hostname}:${toString cfg.port}"

5
modules/nixos/services/code-server/default.nix
View File

@@ -16,22 +16,21 @@ let
moduleConfig = {
# Configure the standard NixOS code-server service
services.code-server = {
inherit (cfg) port extraEnvironment;
enable = true;
port = cfg.port;
user = "admin";
group = "jallen-nas";
host = cfg.listenAddress;
auth = "none"; # "password"
disableTelemetry = true;
disableUpdateCheck = true;
extraEnvironment = cfg.extraEnvironment;
extraGroups = [
"admin"
"wheel"
];
}
// optionalAttrs (cfg.hashedPassword != null) {
hashedPassword = cfg.hashedPassword;
inherit (cfg) hashedPassword;
};
};
};

2
modules/nixos/services/collabora/default.nix
View File

@@ -17,7 +17,7 @@ let
moduleConfig = {
services.collabora-online = {
enable = true;
port = cfg.port;
inherit (cfg) port;
settings = {
# Rely on reverse proxy for SSL
ssl = {

2
modules/nixos/services/crowdsec/default.nix
View File

@@ -39,7 +39,7 @@ let
services = {
crowdsec = {
enable = true;
openFirewall = cfg.openFirewall;
inherit (cfg) openFirewall;
hub = {
appSecConfigs = [
"crowdsecurity/appsec-default"

4
modules/nixos/services/gitea/default.nix
View File

@@ -22,8 +22,8 @@ let
stateDir = "${cfg.configDir}/gitea";
user = "nix-apps";
group = "jallen-nas";
mailerPasswordFile = mailerPasswordFile;
metricsTokenFile = metricsTokenFile;
inherit mailerPasswordFile;
inherit metricsTokenFile;
settings = {
server = {
DOMAIN = "jallen-nas";

38
modules/nixos/services/glance/default.nix
View File

@@ -12,9 +12,9 @@ let
hostedServiceSites =
let
servicesCfg = config.${namespace}.services;
serviceNames = builtins.attrNames servicesCfg;
serviceNames = attrNames servicesCfg;
in
builtins.concatMap (
concatMap (
serviceName:
let
serviceCfg = servicesCfg.${serviceName};
@@ -24,9 +24,7 @@ let
[
(
{
title = hosted.title;
url = hosted.url;
icon = hosted.icon;
inherit (hosted) title url icon;
}
// optionalAttrs hosted.basicAuth {
basic-auth = {
@@ -40,9 +38,9 @@ let
[ ]
) serviceNames;
hostedServicesByGroup = builtins.groupBy (svc: svc.hostedService.group) (
builtins.filter (svc: svc.hostedService != null && svc.hostedService.enable) (
builtins.map (
hostedServicesByGroup = groupBy (svc: svc.hostedService.group) (
filter (svc: svc.hostedService != null && svc.hostedService.enable) (
map (
serviceName:
let
serviceCfg = config.${namespace}.services.${serviceName};
@@ -50,7 +48,7 @@ let
{
hostedService = serviceCfg.hostedService or null;
}
) (builtins.attrNames config.${namespace}.services)
) (attrNames config.${namespace}.services)
)
);
@@ -332,7 +330,7 @@ let
settings = {
server = {
host = "0.0.0.0";
port = cfg.port;
inherit (cfg) port;
};
pages = [
{
@@ -371,31 +369,27 @@ let
}
]
++ lib.optionals cfg.hostedServiceGroups (
builtins.map (
map (
groupName:
makeMonitorWidget groupName (
builtins.map (svc: {
title = svc.hostedService.title;
url = svc.hostedService.url;
icon = svc.hostedService.icon;
map (svc: {
inherit (svc.hostedService) title url icon;
}) (hostedServicesByGroup.${groupName} or [ ])
)
) (builtins.attrNames hostedServicesByGroup)
) (attrNames hostedServicesByGroup)
)
++ lib.optionals (!cfg.hostedServiceGroups && cfg.enableHostedServices) [
(makeMonitorWidget "Services" hostedServiceSites)
]
++ lib.optionals (cfg.extraSites != [ ]) (
builtins.map (site: {
map (site: {
type = "monitor";
cache = "1m";
title = site.title;
inherit (site) title;
sites = [
(
{
title = site.title;
url = site.url;
icon = site.icon;
inherit (site) title url icon;
}
// optionalAttrs site.allow-insecure { allow-insecure = true; }
)
@@ -407,7 +401,7 @@ let
groups = cfg.bookmarks;
}
++ lib.optionals (cfg.reddit != [ ]) (
builtins.map (subreddit: {
map (subreddit: {
type = "reddit";
inherit subreddit;
}) cfg.reddit

2
modules/nixos/services/headscale/default.nix
View File

@@ -17,7 +17,7 @@ let
services.headscale = {
enable = true;
address = cfg.listenAddress;
port = cfg.port;
inherit (cfg) port;
settings = {
server_url = "https://headscale.mjallen.dev:443";
database.sqlite.path = "${cfg.configDir}/headscale/db.sqlite";

3
modules/nixos/services/immich/default.nix
View File

@@ -19,9 +19,8 @@ let
moduleConfig = {
# Enable immich service
services.immich = {
inherit (cfg) port openFirewall;
enable = true;
port = cfg.port;
openFirewall = true;
secretsFile = dbPassword;
mediaLocation = "${cfg.dataDir}/photos";

2
modules/nixos/services/jellyfin/default.nix
View File

@@ -16,7 +16,7 @@ let
moduleConfig = {
services.jellyfin = {
enable = true;
openFirewall = cfg.openFirewall;
inherit (cfg) openFirewall;
user = "nix-apps";
group = "jallen-nas";
dataDir = "${cfg.configDir}/jellyfin";

3
modules/nixos/services/jellyseerr/default.nix
View File

@@ -16,9 +16,8 @@ let
moduleConfig = {
# Enable seerr service
services.seerr = {
inherit (cfg) port openFirewall;
enable = true;
port = cfg.port;
openFirewall = cfg.openFirewall;
configDir = "${cfg.configDir}/jellyseerr";
};

7
modules/nixos/services/kavita/default.nix
View File

@@ -4,7 +4,6 @@
namespace,
...
}:
with lib;
let
name = "kavita";
cfg = config.${namespace}.services.${name};
@@ -17,9 +16,9 @@ let
sops = {
secrets = {
"jallen-nas/kavita/token" = {
sopsFile = (lib.snowfall.fs.get-file "secrets/nas-secrets.yaml");
sopsFile = lib.snowfall.fs.get-file "secrets/nas-secrets.yaml";
owner = config.users.users.kavita.name;
group = config.users.users.kavita.group;
inherit (config.users.users.kavita) group;
restartUnits = [ "kavita.service" ];
};
};
@@ -29,7 +28,7 @@ let
dataDir = "${cfg.configDir}/kavita";
tokenKeyFile = config.sops.secrets."jallen-nas/kavita/token".path;
settings = {
Port = cfg.port;
inherit (cfg) port;
};
};
};

2
modules/nixos/services/minecraft/default.nix
View File

@@ -14,10 +14,10 @@ let
options = { };
moduleConfig = {
services.minecraft-server = {
inherit (cfg) openFirewall;
enable = true;
eula = true;
declarative = true;
openFirewall = cfg.openFirewall;
dataDir = "${cfg.configDir}/minecraft"; # todo
serverProperties = {
enforce-whitelist = true;

13
modules/nixos/services/nebula/default.nix
View File

@@ -115,20 +115,21 @@ let
'';
services.nebula.networks.${cfg.networkName} = {
inherit (cfg)
isLighthouse
isRelay
lighthouses
staticHostMap
;
enable = true;
enableReload = true;
isLighthouse = cfg.isLighthouse;
isRelay = cfg.isRelay;
inherit ca cert key;
lighthouses = cfg.lighthouses;
staticHostMap = cfg.staticHostMap;
tun.device = if cfg.tunDevice != null then cfg.tunDevice else "nebula0";
listen = {
host = cfg.listenAddress;
port = cfg.port;
inherit (cfg) port;
};
settings.firewall = {

2
modules/nixos/services/nextcloud/default.nix
View File

@@ -115,8 +115,8 @@ let
virtualHosts.${config.services.nextcloud.hostName} = {
listen = [
{
inherit (cfg) port;
addr = "0.0.0.0";
port = cfg.port;
ssl = false;
}
];

2
modules/nixos/services/onlyoffice/default.nix
View File

@@ -17,7 +17,7 @@ let
moduleConfig = {
services.onlyoffice = {
enable = true;
port = cfg.port;
inherit (cfg) port;
wopi = true;
hostname = "office.mjallen.dev";
jwtSecretFile = jwtSecretFile;

2
modules/nixos/services/opencloud/default.nix
View File

@@ -21,7 +21,7 @@ let
enable = true;
url = "https://cloud.mjallen.dev";
address = cfg.listenAddress;
port = cfg.port;
inherit (cfg) port;
stateDir = "${cfg.configDir}/opencloud";
environment = {
PROXY_TLS = "false"; # disable https when behind reverse-proxy

3
modules/nixos/services/owncloud/default.nix
View File

@@ -61,8 +61,7 @@ in
config = mkIf cfg.enable {
virtualisation.oci-containers.containers."${cfg.name}" = {
autoStart = cfg.autoStart;
image = cfg.image;
inherit (cfg) autoStart image;
ports = [ "${cfg.httpPort}:9200" ];
volumes = [
"${cfg.configPath}:/etc/ocis"

2
modules/nixos/services/paperless/default.nix
View File

@@ -18,9 +18,9 @@ let
moduleConfig = {
# Enable paperless service
services.paperless = {
inherit (cfg) port;
enable = true;
package = pkgs.paperless-ngx;
port = cfg.port;
# user = "nix-apps";
address = cfg.listenAddress;
dataDir = "${cfg.configDir}/paperless";

16
modules/nixos/services/restic/default.nix
View File

@@ -202,14 +202,16 @@ in
services.restic.backups = mapAttrs (
_name: jobCfg:
{
initialize = jobCfg.initialize;
createWrapper = jobCfg.createWrapper;
inhibitsSleep = jobCfg.inhibitsSleep;
paths = jobCfg.paths;
inherit (jobCfg)
initialize
createWrapper
inhibitsSleep
paths
timerConfig
pruneOpts
extraBackupArgs
;
exclude = jobCfg.exclude ++ cfg.defaultExcludes;
timerConfig = jobCfg.timerConfig;
pruneOpts = jobCfg.pruneOpts;
extraBackupArgs = jobCfg.extraBackupArgs;
}
// optionalAttrs (jobCfg.passwordFile != null) { inherit (jobCfg) passwordFile; }
// optionalAttrs (jobCfg.repository != null) { inherit (jobCfg) repository; }

2
modules/nixos/services/sunshine/default.nix
View File

@@ -17,7 +17,7 @@ let
moduleConfig = {
services.sunshine = {
enable = true;
openFirewall = cfg.openFirewall;
inherit (cfg) openFirewall;
autoStart = true;
capSysAdmin = true;
applications.apps = with pkgs; [

4
modules/nixos/user/default.nix
View File

@@ -88,7 +88,7 @@ in
config = {
users = {
mutableUsers = cfg.mutableUsers;
inherit (cfg) mutableUsers;
groups.${cfg.group}.gid = lib.mkForce (if cfg.group != "wheel" then cfg.gid else 1);
users = {
root = {
@@ -99,6 +99,7 @@ in
${cfg.name} = {
inherit (cfg)
name
group
uid
linger
packages
@@ -133,7 +134,6 @@ in
]
++ cfg.extraGroups;
group = cfg.group;
home = "/home/${cfg.name}";
isNormalUser = true;
shell = lib.mkForce pkgs.zsh;

2
overlays/linux-rpi/default.nix
View File

@@ -4,7 +4,7 @@
}:
final: prev:
let
linux-rpi5 = final.linuxPackagesFor (final.${namespace}.linux-rpi);
linux-rpi5 = final.linuxPackagesFor final.${namespace}.linux-rpi;
linux-rpi5-latest = final.linuxPackagesFor (
final.${namespace}.linux-rpi.override {
kernelVersion = "unstable";

12
overlays/radios/default.nix
View File

@@ -1,12 +0,0 @@
{ ... }:
final: prev: {
python3 = prev.python3.override {
packageOverrides = _pyFinal: pyPrev: {
radios = pyPrev.radios.overridePythonAttrs (old: {
nativeBuildInputs = (old.nativeBuildInputs or [ ]) ++ [ pyPrev.pythonRelaxDepsHook ];
pythonRelaxDeps = [ "pycountry" ];
});
};
};
python3Packages = final.python3.pkgs;
}

2
overlays/stable/default.nix
View File

@@ -1,7 +1,7 @@
{ inputs, ... }:
final: _prev: {
stable = import inputs.nixpkgs-stable {
system = final.stdenv.hostPlatform.system;
inherit (final.stdenv.hostPlatform) system;
config.allowUnfree = true;
};
}

2
packages/arm-trusted-firmware/default.nix
View File

@@ -18,7 +18,7 @@ let
in
stdenv.mkDerivation {
pname = "arm-trusted-firmware";
version = if fw ? tag then fw.tag else fw.rev;
version = fw.tag or fw.rev;
src = sources.fw;

2
packages/bcachefs/default.nix
View File

@@ -42,7 +42,7 @@ stdenv.mkDerivation (finalAttrs: {
cargoDeps = rustPlatform.fetchCargoVendor {
inherit (finalAttrs) src;
hash = sources.cargoDeps.hash;
inherit (sources.cargoDeps) hash;
};
postPatch = ''

3
packages/cockpit-benchmark/default.nix
View File

@@ -102,10 +102,9 @@ let
in
stdenv.mkDerivation (finalAttrs: {
pname = "cockpit-benchmark";
inherit (sources) src;
inherit version;
src = sources.src;
npmDeps = fetchNpmDeps {
src = "${finalAttrs.src}/benchmark";
packageLock = patchedPackageLock;

3
packages/cockpit-machines/default.nix
View File

@@ -16,10 +16,9 @@ let
in
stdenv.mkDerivation {
pname = "cockpit-machines";
inherit (sources) src;
inherit version;
src = sources.src;
# Pre-vendored node_modules from cockpit-project/node-cache, pinned via the
# node_modules submodule reference in the source tree.
inherit (sources) nodeModules;

7
packages/cockpit-podman/default.nix
View File

@@ -8,6 +8,7 @@
let
inherit (lib.trivial) importJSON;
inherit (lib.${namespace}) mkAllSources selectVariant;
inherit lib;
versionSpec = importJSON ./version.json;
selected = selectVariant versionSpec null null;
@@ -18,11 +19,7 @@ stdenv.mkDerivation {
pname = "cockpit-podman";
inherit version;
src = sources.src;
# Pre-vendored node_modules from cockpit-project/node-cache, pinned via the
# node_modules submodule reference in the source tree.
inherit (sources) nodeModules;
inherit (sources) src nodeModules;
# pkg/lib checked out from the main cockpit repo at the commit pinned in
# the Makefile (COCKPIT_REPO_COMMIT).

6
packages/edk2-basetools/default.nix
View File

@@ -12,14 +12,14 @@ let
pname = "edk2-basetools";
src = srcOverride;
in
stdenv.mkDerivation rec {
stdenv.mkDerivation {
inherit src pname version;
env = {
NIX_CFLAGS_COMPILE =
"-Wno-return-type"
+ lib.optionalString (stdenv.cc.isGNU) " -Wno-error=stringop-truncation"
+ lib.optionalString (stdenv.hostPlatform.isDarwin) " -Wno-error=macro-redefined";
+ lib.optionalString stdenv.cc.isGNU " -Wno-error=stringop-truncation"
+ lib.optionalString stdenv.hostPlatform.isDarwin " -Wno-error=macro-redefined";
PYTHON_COMMAND = lib.getExe pythonEnv;
# trick taken from https://src.fedoraproject.org/rpms/edk2/blob/08f2354cd280b4ce5a7888aa85cf520e042955c3/f/edk2.spec#_319
${"GCC5_AARCH64_PREFIX"} = stdenv.cc.targetPrefix;

4
packages/edk2/default.nix
View File

@@ -61,8 +61,8 @@ stdenv.mkDerivation rec {
env = {
NIX_CFLAGS_COMPILE =
"-Wno-return-type -Wno-error"
+ lib.optionalString (stdenv.cc.isGNU) " -Wno-error=stringop-truncation"
+ lib.optionalString (stdenv.hostPlatform.isDarwin) " -Wno-error=macro-redefined";
+ lib.optionalString stdenv.cc.isGNU " -Wno-error=stringop-truncation"
+ lib.optionalString stdenv.hostPlatform.isDarwin " -Wno-error=macro-redefined";
PYTHON_COMMAND = lib.getExe pythonEnv;
# trick taken from https://src.fedoraproject.org/rpms/edk2/blob/08f2354cd280b4ce5a7888aa85cf520e042955c3/f/edk2.spec#_319
${"GCC5_AARCH64_PREFIX"} = stdenv.cc.targetPrefix;

2
packages/fastflowlm/default.nix
View File

@@ -66,7 +66,7 @@ let
version = "0.9.36";
# XRT userspace runtime — built from packages/xrt in this flake.
xrt = pkgs.${namespace}.xrt;
inherit (pkgs.${namespace}) xrt;
# ── tokenizers-cpp submodule ──────────────────────────────────────────────
# Pinned to the commit referenced in FastFlowLM v0.9.36 .gitmodules.

6
packages/homeassistant/ha-anycubic/default.nix
View File

@@ -13,12 +13,12 @@ let
selected = selectVariant versionSpec null null;
sources = mkAllSources pkgs selected;
src-meta = selected.sources.anycubic;
version = if src-meta ? tag then src-meta.tag else src-meta.rev;
version = src-meta.tag or src-meta.rev;
in
buildHomeAssistantComponent {
owner = src-meta.owner;
domain = "anycubic_wifi";
inherit (src-meta) owner;
inherit version;
domain = "anycubic_wifi";
src = sources.anycubic;

6
packages/homeassistant/ha-bambulab/default.nix
View File

@@ -14,12 +14,12 @@ let
selected = selectVariant versionSpec null null;
sources = mkAllSources pkgs selected;
src-meta = selected.sources.bambu_lab;
version = if src-meta ? tag then src-meta.tag else src-meta.rev;
version = src-meta.tag or src-meta.rev;
in
buildHomeAssistantComponent {
owner = src-meta.owner;
domain = "bambu_lab";
inherit (src-meta) owner;
inherit version;
domain = "bambu_lab";
src = sources.bambu_lab;

4
packages/homeassistant/ha-bedjet/default.nix
View File

@@ -14,10 +14,10 @@ let
selected = selectVariant versionSpec null null;
sources = mkAllSources pkgs selected;
src-meta = selected.sources.bedjet;
version = if src-meta ? tag then src-meta.tag else src-meta.rev;
version = src-meta.tag or src-meta.rev;
in
buildHomeAssistantComponent {
owner = src-meta.owner;
inherit (src-meta) owner;
domain = "bedjet";
inherit version;

4
packages/homeassistant/ha-gehome/default.nix
View File

@@ -14,10 +14,10 @@ let
selected = selectVariant versionSpec null null;
sources = mkAllSources pkgs selected;
src-meta = selected.sources.ge_home;
version = if src-meta ? tag then src-meta.tag else src-meta.rev;
version = src-meta.tag or src-meta.rev;
in
buildHomeAssistantComponent {
owner = src-meta.owner;
inherit (src-meta) owner;
domain = "ge_home";
inherit version;

6
packages/homeassistant/ha-govee/default.nix
View File

@@ -14,12 +14,12 @@ let
selected = selectVariant versionSpec null null;
sources = mkAllSources pkgs selected;
src-meta = selected.sources.govee;
version = if src-meta ? tag then src-meta.tag else src-meta.rev;
version = src-meta.tag or src-meta.rev;
in
buildHomeAssistantComponent {
owner = src-meta.owner;
domain = "govee";
inherit (src-meta) owner;
inherit version;
domain = "govee";
src = sources.govee;

4
packages/homeassistant/ha-icloud3/default.nix
View File

@@ -14,10 +14,10 @@ let
selected = selectVariant versionSpec null null;
sources = mkAllSources pkgs selected;
src-meta = selected.sources.icloud3;
version = if src-meta ? tag then src-meta.tag else src-meta.rev;
version = src-meta.tag or src-meta.rev;
in
buildHomeAssistantComponent {
owner = src-meta.owner;
inherit (src-meta) owner;
domain = "icloud3";
inherit version;

6
packages/homeassistant/ha-local-llm/default.nix
View File

@@ -14,12 +14,12 @@ let
selected = selectVariant versionSpec null null;
sources = mkAllSources pkgs selected;
src-meta = selected.sources.llama_conversation;
version = if src-meta ? tag then src-meta.tag else src-meta.rev;
version = src-meta.tag or src-meta.rev;
in
buildHomeAssistantComponent {
owner = src-meta.owner;
domain = "llama_conversation";
inherit (src-meta) owner;
inherit version;
domain = "llama_conversation";
src = sources.llama_conversation;

6
packages/homeassistant/ha-mail-and-packages/default.nix
View File

@@ -14,12 +14,12 @@ let
selected = selectVariant versionSpec null null;
sources = mkAllSources pkgs selected;
src-meta = selected.sources.mail_and_packages;
version = if src-meta ? tag then src-meta.tag else src-meta.rev;
version = src-meta.tag or src-meta.rev;
in
buildHomeAssistantComponent {
owner = src-meta.owner;
domain = "mail_and_packages";
inherit (src-meta) owner;
inherit version;
domain = "mail_and_packages";
src = sources.mail_and_packages;

9
packages/homeassistant/ha-nanokvm/default.nix
View File

@@ -14,7 +14,7 @@ let
selected = selectVariant versionSpec null null;
sources = mkAllSources pkgs selected;
src-meta = selected.sources.nanokvm;
version = if src-meta ? tag then src-meta.tag else src-meta.rev;
version = src-meta.tag or src-meta.rev;
# python-nanokvm must be built against HA's Python interpreter.
# Re-use the source from its own version.json to avoid duplication.
@@ -26,10 +26,7 @@ let
python-nanokvm = python3Packages.buildPythonPackage {
pname = "nanokvm";
version =
if nanokvm-selected.sources."python-nanokvm" ? tag then
nanokvm-selected.sources."python-nanokvm".tag
else
nanokvm-selected.sources."python-nanokvm".rev;
nanokvm-selected.sources."python-nanokvm".tag or nanokvm-selected.sources."python-nanokvm".rev;
format = "pyproject";
src = nanokvm-sources."python-nanokvm";
@@ -81,7 +78,7 @@ let
};
in
buildHomeAssistantComponent {
owner = src-meta.owner;
inherit (src-meta) owner;
domain = "nanokvm";
inherit version;

4
packages/homeassistant/ha-openhasp/default.nix
View File

@@ -14,10 +14,10 @@ let
selected = selectVariant versionSpec null null;
sources = mkAllSources pkgs selected;
src-meta = selected.sources.openhasp;
version = if src-meta ? tag then src-meta.tag else src-meta.rev;
version = src-meta.tag or src-meta.rev;
in
buildHomeAssistantComponent {
owner = src-meta.owner;
inherit (src-meta) owner;
domain = "openhasp";
inherit version;

6
packages/homeassistant/ha-overseerr/default.nix
View File

@@ -13,12 +13,12 @@ let
selected = selectVariant versionSpec null null;
sources = mkAllSources pkgs selected;
src-meta = selected.sources.overseerr;
version = if src-meta ? tag then src-meta.tag else src-meta.rev;
version = src-meta.tag or src-meta.rev;
in
buildHomeAssistantComponent {
owner = src-meta.owner;
domain = "overseerr";
inherit (src-meta) owner;
inherit version;
domain = "overseerr";
src = sources.overseerr;

6
packages/homeassistant/ha-petlibro/default.nix
View File

@@ -13,12 +13,12 @@ let
selected = selectVariant versionSpec null null;
sources = mkAllSources pkgs selected;
src-meta = selected.sources.petlibro;
version = if src-meta ? tag then src-meta.tag else src-meta.rev;
version = src-meta.tag or src-meta.rev;
in
buildHomeAssistantComponent {
owner = src-meta.owner;
domain = "petlibro";
inherit (src-meta) owner;
inherit version;
domain = "petlibro";
src = sources.petlibro;

4
packages/homeassistant/ha-wyzeapi/default.nix
View File

@@ -13,10 +13,10 @@ let
selected = selectVariant versionSpec null null;
sources = mkAllSources pkgs selected;
src-meta = selected.sources.wyzeapi;
version = if src-meta ? tag then src-meta.tag else src-meta.rev;
version = src-meta.tag or src-meta.rev;
in
buildHomeAssistantComponent {
owner = src-meta.owner;
inherit (src-meta) owner;
domain = "wyzeapi";
inherit version;

5
packages/librepods-beta/default.nix
View File

@@ -21,14 +21,13 @@
let
inherit (lib.trivial) importJSON;
inherit (lib.${namespace}) selectVariant mkAllSources;
inherit lib;
versionSpec = importJSON ./version.json;
selected = selectVariant versionSpec null null;
sources = mkAllSources pkgs selected;
# cargoHash is stored alongside the source in version.json so the TUI can update it
inherit (stdenv.hostPlatform) system;
cargoHash = selected.sources.librepods.cargoHash;
system = stdenv.hostPlatform.system;
in
rustPlatform.buildRustPackage rec {
pname = "librepods";

4
packages/moondeck-buddy/default.nix
View File

@@ -12,11 +12,11 @@ let
versionSpec = importJSON ./version.json;
selected = selectVariant versionSpec null null;
sources = mkAllSources pkgs selected;
moondeck-buddy = selected.sources.moondeck-buddy;
inherit (selected.sources) moondeck-buddy;
in
appimageTools.wrapType2 {
pname = "moondeck-buddy";
version = if moondeck-buddy ? tag then moondeck-buddy.tag else moondeck-buddy.rev;
version = moondeck-buddy.tag or moondeck-buddy.rev;
src = sources.moondeck-buddy;

13
packages/proton-cachyos/default.nix
View File

@@ -23,19 +23,16 @@ let
versionSpec = importJSON ./version.json;
selected = selectVariant versionSpec variant null;
vars = selected.variables or { };
base = vars.base;
release = vars.release;
toolTitle = "proton-${variant}-latest";
# Derived values for the current variant
releaseVersion = "${releasePrefix}${base}-${release}${releaseSuffix}";
homepage = "https://github.com/${owner}/${repo}";
releaseVersion = "${releasePrefix}${vars.base}-${vars.release}${releaseSuffix}";
homepage = "https://${owner}/${repo}";
url = "${homepage}/releases/download/${releaseVersion}/${tarballPrefix}${releaseVersion}${tarballSuffix}";
# Choose fetcher based on file type
intake =
if lib.strings.hasSuffix ".zip" url then
if lib.hasSuffix ".zip" url then
{
fetcher = fetchzip;
input = "$src/*.tar.xz";
@@ -48,7 +45,7 @@ let
in
stdenvNoCC.mkDerivation {
name = repo;
version = "${base}.${release}";
version = "${vars.base}.${vars.release}";
src = intake.fetcher {
inherit url;
@@ -60,7 +57,7 @@ stdenvNoCC.mkDerivation {
tar -C $out/bin --strip=1 -x -f ${intake.input}
''
# Allow to keep the same name between updates
+ lib.strings.optionalString (toolTitle != null) ''
+ lib.optionalString (toolTitle != null) ''
sed -i -r 's|"${toolPattern}"|"${toolTitle}"|' $out/bin/compatibilitytool.vdf
'';

2
packages/python/comfy-aimdo/default.nix
View File

@@ -16,7 +16,7 @@ let
in
python3Packages.buildPythonPackage {
pname = "comfy-aimdo";
version = if src-meta ? tag then src-meta.tag else src-meta.rev;
version = src-meta.tag or src-meta.rev;
format = "pyproject";
src = sources."comfy-aimdo";

2
packages/python/comfy-kitchen/default.nix
View File

@@ -12,7 +12,7 @@ let
versionSpec = importJSON ./version.json;
selected = selectVariant versionSpec null null;
sources = mkAllSources pkgs selected;
version = selected.variables.version;
inherit (selected.variables) version;
in
python3Packages.buildPythonPackage {
pname = "comfy-kitchen";

2
packages/python/gehomesdk/default.nix
View File

@@ -12,7 +12,7 @@ let
versionSpec = importJSON ./version.json;
selected = selectVariant versionSpec null null;
sources = mkAllSources pkgs selected;
version = selected.variables.version;
inherit (selected.variables) version;
in
home-assistant.python.pkgs.buildPythonPackage {
pname = "gehomesdk";

2
packages/python/magicattr/default.nix
View File

@@ -16,7 +16,7 @@ let
in
home-assistant.python.pkgs.buildPythonPackage {
pname = "magicattr";
version = if src-meta ? tag then src-meta.tag else src-meta.rev;
version = src-meta.tag or src-meta.rev;
format = "setuptools";
src = sources.magicattr;

2
packages/python/pipewire-python/default.nix
View File

@@ -16,7 +16,7 @@ let
in
python3Packages.buildPythonPackage {
pname = "pipewire-python";
version = if src-meta ? tag then src-meta.tag else src-meta.rev;
version = src-meta.tag or src-meta.rev;
format = "pyproject";
src = sources."pipewire-python";

2
packages/python/pyoverseerr/default.nix
View File

@@ -16,7 +16,7 @@ let
in
home-assistant.python.pkgs.buildPythonPackage {
pname = "pyoverseerr";
version = if src-meta ? tag then src-meta.tag else src-meta.rev;
version = src-meta.tag or src-meta.rev;
format = "setuptools";
src = sources.pyoverseerr;

2
packages/python/python-nanokvm/default.nix
View File

@@ -16,7 +16,7 @@ let
in
python3Packages.buildPythonPackage {
pname = "nanokvm";
version = if src-meta ? tag then src-meta.tag else src-meta.rev;
version = src-meta.tag or src-meta.rev;
format = "pyproject";
src = sources."python-nanokvm";

2
packages/python/python-steam/default.nix
View File

@@ -12,7 +12,7 @@ let
versionSpec = importJSON ./version.json;
selected = selectVariant versionSpec null null;
sources = mkAllSources pkgs selected;
version = selected.variables.version;
inherit (selected.variables) version;
in
python3Packages.buildPythonPackage {
pname = "steam";

6
packages/python/pyvesync/default.nix
View File

@@ -12,8 +12,8 @@ let
versionSpec = importJSON ./version.json;
selected = selectVariant versionSpec null null;
sources = mkAllSources pkgs selected;
src-meta = selected.sources.pyvesync;
version = selected.variables.version;
inherit (selected.sources) pyvesync;
inherit (selected.variables) version;
in
python3Packages.buildPythonPackage {
pname = "pyvesync";
@@ -37,7 +37,7 @@ python3Packages.buildPythonPackage {
meta = with lib; {
description = "Python library to manage Etekcity Devices and Levoit Air Purifier";
homepage = "https://github.com/webdjoe/pyvesync";
changelog = "https://github.com/webdjoe/pyvesync/releases/tag/${src-meta.tag}";
changelog = "https://github.com/webdjoe/pyvesync/releases/tag/${pyvesync.tag}";
license = with licenses; [ mit ];
maintainers = with maintainers; [ fab ];
};

2
packages/python/wyzeapy/default.nix
View File

@@ -16,7 +16,7 @@ let
in
home-assistant.python.pkgs.buildPythonPackage {
pname = "wyzeapy";
version = if src-meta ? tag then src-meta.tag else src-meta.rev;
version = src-meta.tag or src-meta.rev;
format = "pyproject";
src = sources.wyzeapy;

2
packages/raspberrypi/ffmpeg-rpi/default.nix
View File

@@ -71,9 +71,9 @@ in
];
})).override
{
inherit (rpiFfmpegSrc) hash;
version = ffmpegVersion;
source = rpiFfmpegSrc;
hash = rpiFfmpegSrc.hash;
# version = ffmpegVersion + "-rpi";
# source = rpiFfmpegSrc;

Some files were not shown because too many files have changed in this diff Show More