alejandro-angulo/dotfiles
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Reformatted with nixfmt

Browse source
This commit is contained in:
alejandro-angulo 2025-03-31 22:34:25 -07:00
parent f51256c3ae
commit 3f16537322
Signed by: alejandro-angulo
GPG key ID: 75579581C74554B6
80 changed files with 1454 additions and 992 deletions
Download patch file Download diff file Expand all files Collapse all files

6
modules/nixos/apps/steam/default.nix
View file

@ -3,9 +3,11 @@
pkgs,
lib,
...
}: let
}:
let
cfg = config.aa.apps.steam;
in {
in
{
options.aa.apps.steam = {
enable = lib.options.mkEnableOption "steam";
};

6
modules/nixos/apps/yubikey/default.nix
View file

@ -3,11 +3,13 @@
pkgs,
lib,
...
}: let
}:
let
inherit (lib) mkEnableOption mkIf;
cfg = config.aa.apps.yubikey;
in {
in
{
options.aa.apps.yubikey = {
enable = mkEnableOption "yubikey";
};

6
modules/nixos/archetypes/workstation/default.nix
View file

@ -2,11 +2,13 @@
config,
lib,
...
}: let
}:
let
inherit (lib) mkIf mkEnableOption;
cfg = config.aa.archetypes.workstation;
in {
in
{
options.aa.archetypes.workstation = {
enable = mkEnableOption "workstation archetype";
};

8
modules/nixos/hardware/audio/default.nix
View file

@ -3,17 +3,19 @@
lib,
pkgs,
...
}: let
}:
let
inherit (lib) mkEnableOption mkIf;
cfg = config.aa.hardware.audio;
in {
in
{
options.aa.hardware.audio = {
enable = mkEnableOption "audio";
};
config = mkIf cfg.enable {
environment.systemPackages = with pkgs; [pamixer];
environment.systemPackages = with pkgs; [ pamixer ];
security.rtkit.enable = true;
services.pipewire = {
enable = true;

6
modules/nixos/hardware/bluetooth/default.nix
View file

@ -2,11 +2,13 @@
config,
lib,
...
}: let
}:
let
inherit (lib) mkIf mkEnableOption;
cfg = config.aa.hardware.bluetooth;
in {
in
{
options.aa.hardware.bluetooth = {
enable = mkEnableOption "bluetooth";
};

14
modules/nixos/hardware/logitech/default.nix
View file

@ -4,12 +4,14 @@
pkgs,
namespace,
...
}: let
}:
let
inherit (lib) mkIf mkEnableOption;
cfg = config.${namespace}.hardware.logitech;
username = config.${namespace}.user.name;
in {
in
{
options.${namespace}.hardware.logitech = {
enable = mkEnableOption "logitech devices";
};
@ -22,13 +24,15 @@ in {
systemd.user.services.solaar = {
description = "Linux device manager for Logitech devices";
documentation = ["https://pwr-solaar.github.io/Solaar/"];
partOf = ["graphical-session.target"];
documentation = [ "https://pwr-solaar.github.io/Solaar/" ];
partOf = [ "graphical-session.target" ];
serviceConfig = {
Type = "simple";
ExecStart = "${pkgs.solaar}/bin/solaar -w hide";
};
};
systemd.user.services.solaar.wantedBy = mkIf config.home-manager.users.${username}.wayland.windowManager.sway.enable ["sway-session.target"];
systemd.user.services.solaar.wantedBy =
mkIf config.home-manager.users.${username}.wayland.windowManager.sway.enable
[ "sway-session.target" ];
};
}

6
modules/nixos/hardware/tlp/default.nix
View file

@ -2,11 +2,13 @@
config,
lib,
...
}: let
}:
let
inherit (lib) mkEnableOption mkIf;
cfg = config.aa.hardware.tlp;
in {
in
{
options.aa.hardware.tlp = {
enable = mkEnableOption "tlp";
};

17
modules/nixos/home/default.nix
View file

@ -5,10 +5,12 @@
inputs,
namespace,
...
}: let
}:
let
inherit (lib) mkAliasDefinitions mkOption;
inherit (lib.types) attrs;
in {
in
{
imports = with inputs; [
home-manager.nixosModules.home-manager
];
@ -16,22 +18,22 @@ in {
options.${namespace}.home = {
file = mkOption {
type = attrs;
default = {};
default = { };
description = "A set of files to be manged by home-manager's <option>home.file</option> option.";
};
configFile = mkOption {
type = attrs;
default = {};
default = { };
description = "A set of files to be managed by home-manager's <option>xdg.configFile</option>.";
};
dataFile = mkOption {
type = attrs;
default = {};
default = { };
description = "A set of files to be managed by home-manager's <option>xdg.dataFile</option>.";
};
extraOptions = mkOption {
type = attrs;
default = {};
default = { };
description = "Options to pass directly to home-manager.";
};
};
@ -50,8 +52,7 @@ in {
home-manager = {
useUserPackages = true;
users.${config.aa.user.name} =
mkAliasDefinitions options.aa.home.extraOptions;
users.${config.aa.user.name} = mkAliasDefinitions options.aa.home.extraOptions;
};
};
}

77
modules/nixos/nix/default.nix
View file

@ -3,12 +3,19 @@
pkgs,
lib,
...
}: let
inherit (lib) mkIf mkEnableOption mkOption types;
}:
let
inherit (lib)
mkIf
mkEnableOption
mkOption
types
;
cfg = config.aa.nix;
selfHostedCacheHost = "https://cache.kilonull.com/";
in {
in
{
options.aa.nix = {
enable = mkEnableOption "manage nix configuration.";
package = mkOption {
@ -26,37 +33,43 @@ in {
nixfmt-rfc-style
];
nix = let
users = ["root" config.aa.user.name];
in {
package = cfg.package;
nix =
let
users = [
"root"
config.aa.user.name
];
in
{
package = cfg.package;
settings = {
experimental-features = "nix-command flakes";
trusted-users = users;
allowed-users = users;
settings = {
experimental-features = "nix-command flakes";
trusted-users = users;
allowed-users = users;
builders-use-substitutes = cfg.useSelfhostedCache;
substituters =
if cfg.useSelfhostedCache
then [
# TESTING
"https://minio.kilonull.com/nix-store"
selfHostedCacheHost
]
else [];
trusted-public-keys =
mkIf cfg.useSelfhostedCache
["gospelCache:9cbn8Wm54BbwpPS0TXw+15wrYZBpfOJt4Fzfbfcq/pc="];
builders-use-substitutes = cfg.useSelfhostedCache;
substituters =
if cfg.useSelfhostedCache then
[
# TESTING
"https://minio.kilonull.com/nix-store"
selfHostedCacheHost
]
else
[ ];
trusted-public-keys = mkIf cfg.useSelfhostedCache [
"gospelCache:9cbn8Wm54BbwpPS0TXw+15wrYZBpfOJt4Fzfbfcq/pc="
];
};
# TODO: Configure distributedBuilds and buildMachines?
gc = {
automatic = lib.mkDefault true;
dates = lib.mkDefault "weekly";
options = lib.mkDefault "--delete-older-than 30d";
};
};
# TODO: Configure distributedBuilds and buildMachines?
gc = {
automatic = lib.mkDefault true;
dates = lib.mkDefault "weekly";
options = lib.mkDefault "--delete-older-than 30d";
};
};
};
}

10
modules/nixos/programs/android-studio/default.nix
View file

@ -4,18 +4,20 @@
lib,
namespace,
...
}: let
}:
let
cfg = config.${namespace}.programs.android-studio;
in {
in
{
options.${namespace}.programs.android-studio = {
enable = lib.mkEnableOption "Android Studio";
};
config = lib.mkIf cfg.enable {
${namespace}.user.extraGroups = ["kvm"];
${namespace}.user.extraGroups = [ "kvm" ];
programs.adb.enable = true;
environment.systemPackages = [pkgs.android-studio];
environment.systemPackages = [ pkgs.android-studio ];
};
}

15
modules/nixos/security/acme/default.nix
View file

@ -3,11 +3,18 @@
lib,
namespace,
...
}: let
inherit (lib) mkOption mkEnableOption mkIf types;
}:
let
inherit (lib)
mkOption
mkEnableOption
mkIf
types
;
cfg = config.aa.security.acme;
in {
in
{
options.aa.security.acme = {
enable = mkEnableOption "Automatic Certificate Management Environment (ACME)";
useStaging = mkOption {
@ -53,7 +60,7 @@ in {
# own DNS to make `lego` happy (will resolve names to a public IP).
dnsResolver = "1.1.1.1:53";
credentialsFile = cfg.dnsCredentialsFile;
extraDomainNames = mkIf cfg.isWildcard [("*." + cfg.domainName)];
extraDomainNames = mkIf cfg.isWildcard [ ("*." + cfg.domainName) ];
};
};
};

13
modules/nixos/services/adguardhome/default.nix
View file

@ -3,11 +3,18 @@
lib,
namespace,
...
}: let
inherit (lib) mkIf mkEnableOption mkOption types;
}:
let
inherit (lib)
mkIf
mkEnableOption
mkOption
types
;
cfg = config.${namespace}.services.adguardhome;
in {
in
{
options.${namespace}.services.adguardhome = {
enable = mkEnableOption "adguardhome";
acmeCertName = mkOption {

13
modules/nixos/services/forgejo/default.nix
View file

@ -4,12 +4,19 @@
pkgs,
namespace,
...
}: let
inherit (lib) mkIf mkEnableOption mkOption types;
}:
let
inherit (lib)
mkIf
mkEnableOption
mkOption
types
;
cfg = config.${namespace}.services.forgejo;
forgejo_cfg = config.services.forgejo;
in {
in
{
options.${namespace}.services.forgejo = {
enable = mkEnableOption "forgejo";
domain = mkOption {

18
modules/nixos/services/grafana/default.nix
View file

@ -4,13 +4,20 @@
pkgs,
namespace,
...
}: let
inherit (lib) mkIf mkEnableOption mkOption types;
}:
let
inherit (lib)
mkIf
mkEnableOption
mkOption
types
;
cfg = config.${namespace}.services.grafana;
server_settings = config.services.grafana.settings.server;
grafana_dashboards = pkgs.${namespace}.teslamate-grafana-dashboards;
in {
in
{
options.${namespace}.services.grafana = {
enable = mkEnableOption "grafana";
acmeCertName = mkOption {
@ -120,7 +127,10 @@ in {
};
networking.firewall = {
allowedTCPPorts = [80 443];
allowedTCPPorts = [
80
443
];
};
};
}

13
modules/nixos/services/hydra/default.nix
View file

@ -3,9 +3,11 @@
lib,
namespace,
...
}: let
}:
let
cfg = config.${namespace}.services.hydra;
in {
in
{
options.${namespace}.services.hydra = with lib; {
enable = mkEnableOption "hydra";
hostname = mkOption {
@ -72,7 +74,7 @@ in {
enable = true;
hydraURL = "https://${cfg.hostname}";
notificationSender = "hydra@localhost";
buildMachinesFiles = [];
buildMachinesFiles = [ ];
useSubstitutes = true;
extraConfig = ''
store_uri = s3://${cfg.s3Bucket}?compression=zstd&parallel-compression=true&write-nar-listing=1&ls-compression=br&log-compression=br&scheme=${cfg.s3Scheme}&endpoint=${cfg.s3Endpoint}&secret-key=${cfg.secretKeyPath}
@ -103,7 +105,10 @@ in {
"hydra"
"hydra-www"
];
allowed-uris = ["github:" "git+https://git.alejandr0angul0.dev/"];
allowed-uris = [
"github:"
"git+https://git.alejandr0angul0.dev/"
];
};
};
}

8
modules/nixos/services/loki/default.nix
View file

@ -3,10 +3,12 @@
lib,
namespace,
...
}: let
}:
let
cfg = config.${namespace}.services.loki;
loki = config.services.loki;
in {
in
{
options.${namespace}.services.loki = with lib; {
enable = mkEnableOption "loki";
};
@ -102,7 +104,7 @@ in {
};
networking.firewall = {
allowedTCPPorts = [loki.configuration.server.http_listen_port];
allowedTCPPorts = [ loki.configuration.server.http_listen_port ];
};
};
}

6
modules/nixos/services/minio/default.nix
View file

@ -3,9 +3,11 @@
lib,
namespace,
...
}: let
}:
let
cfg = config.${namespace}.services.minio;
in {
in
{
options.${namespace}.services.minio = with lib; {
enable = mkEnableOption "minio";
acmeCertName = mkOption {

10
modules/nixos/services/mosquitto/default.nix
View file

@ -2,9 +2,11 @@
config,
lib,
...
}: let
}:
let
cfg = config.aa.services.mosquitto;
in {
in
{
options.aa.services.mosquitto = with lib; {
enable = mkEnableOption "home assistant";
};
@ -36,7 +38,7 @@ in {
passwordFile = config.age.secrets.theengs_ble_mqtt.path;
};
teslamate = {
acl = ["readwrite teslamate/#"];
acl = [ "readwrite teslamate/#" ];
passwordFile = config.age.secrets.teslamate_mqtt.path;
};
};
@ -44,6 +46,6 @@ in {
];
};
networking.firewall.allowedTCPPorts = [1883];
networking.firewall.allowedTCPPorts = [ 1883 ];
};
}

19
modules/nixos/services/nix-serve/default.nix
View file

@ -3,9 +3,11 @@
lib,
pkgs,
...
}: let
}:
let
cfg = config.aa.services.nix-serve;
in {
in
{
options.aa.services.nix-serve = with lib; {
enable = mkEnableOption "nix-serve";
domain_name = mkOption {
@ -28,11 +30,11 @@ in {
config = lib.mkIf cfg.enable {
nix.settings = {
allowed-users = ["nix-serve"];
trusted-users = ["nix-serve"];
allowed-users = [ "nix-serve" ];
trusted-users = [ "nix-serve" ];
};
environment.systemPackages = [pkgs.nix-serve];
environment.systemPackages = [ pkgs.nix-serve ];
services = {
nix-serve = {
@ -45,7 +47,7 @@ in {
enable = true;
virtualHosts."${cfg.subdomain_name}.${cfg.domain_name}" =
{
serverAliases = ["${cfg.subdomain_name}"];
serverAliases = [ "${cfg.subdomain_name}" ];
locations."/".extraConfig = ''
proxy_pass http://localhost:${toString config.services.nix-serve.port};
proxy_set_header Host $host;
@ -61,7 +63,10 @@ in {
};
networking.firewall = {
allowedTCPPorts = [80 443];
allowedTCPPorts = [
80
443
];
};
};
}

11
modules/nixos/services/octoprint/default.nix
View file

@ -2,9 +2,11 @@
config,
lib,
...
}: let
}:
let
cfg = config.aa.services.octoprint;
in {
in
{
options.aa.services.octoprint = with lib; {
enable = mkEnableOption "octoprint";
acmeCertName = mkOption {
@ -39,6 +41,9 @@ in {
};
};
networking.firewall.allowedTCPPorts = [80 443];
networking.firewall.allowedTCPPorts = [
80
443
];
};
}

22
modules/nixos/services/openssh/default.nix
View file

@ -3,17 +3,25 @@
lib,
format,
...
}: let
inherit (lib) mkIf mkEnableOption mkOption mkDefault types;
}:
let
inherit (lib)
mkIf
mkEnableOption
mkOption
mkDefault
types
;
cfg = config.aa.services.openssh;
default-key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEmPdQcM0KCQ3YunF1gwN+B+i1Q8KrIfiUvNtgFQjTy2";
in {
in
{
options.aa.services.openssh = {
enable = mkEnableOption "ssh";
authorizedKeys = mkOption {
type = types.listOf types.str;
default = [default-key];
default = [ default-key ];
description = "The public keys to authorize";
};
};
@ -23,11 +31,7 @@ in {
enable = true;
settings = {
PasswordAuthentication = false;
PermitRootLogin = mkDefault (
if format == "install-iso"
then "yes"
else "no"
);
PermitRootLogin = mkDefault (if format == "install-iso" then "yes" else "no");
};
};

6
modules/nixos/services/printing/default.nix
View file

@ -2,9 +2,11 @@
config,
lib,
...
}: let
}:
let
cfg = config.aa.apps.steam;
in {
in
{
options.aa.services.printing = with lib; {
enable = mkEnableOption "printing";
};

10
modules/nixos/services/prometheus/default.nix
View file

@ -2,12 +2,14 @@
config,
lib,
...
}: let
}:
let
inherit (lib) mkIf;
cfg = config.aa.services.prometheus;
exporters = config.services.prometheus.exporters;
in {
in
{
options.aa.services.prometheus = with lib; {
enable = mkEnableOption "prometheus";
enableServer = mkOption {
@ -28,7 +30,7 @@ in {
exporters = {
node = {
enable = cfg.enableNodeExporter;
enabledCollectors = ["systemd"];
enabledCollectors = [ "systemd" ];
port = 9002;
openFirewall = true;
};
@ -52,7 +54,7 @@ in {
};
networking.firewall = mkIf cfg.enableServer {
allowedTCPPorts = [config.services.prometheus.port];
allowedTCPPorts = [ config.services.prometheus.port ];
};
};
}

8
modules/nixos/services/promtail/default.nix
View file

@ -2,9 +2,11 @@
config,
lib,
...
}: let
}:
let
cfg = config.aa.services.promtail;
in {
in
{
options.aa.services.promtail = with lib; {
enable = mkEnableOption "promtail";
};
@ -38,7 +40,7 @@ in {
};
relabel_configs = [
{
source_labels = ["__journal__systemd_unit"];
source_labels = [ "__journal__systemd_unit" ];
target_label = "unit";
}
];

18
modules/nixos/services/tailscale/default.nix
View file

@ -3,11 +3,13 @@
pkgs,
lib,
...
}: let
}:
let
inherit (lib) mkIf;
cfg = config.aa.services.tailscale;
in {
in
{
options.aa.services.tailscale = with lib; {
enable = mkEnableOption "tailscale";
configureClientRouting = mkOption {
@ -35,18 +37,14 @@ in {
tailscale
tailscale-systray
];
networking.firewall.allowedUDPPorts = [config.services.tailscale.port];
networking.firewall.allowedUDPPorts = [ config.services.tailscale.port ];
services.tailscale = {
enable = true;
useRoutingFeatures = mkIf (cfg.configureClientRouting || cfg.configureServerRouting) (
if (cfg.configureClientRouting && cfg.configureServerRouting)
then "both"
if (cfg.configureClientRouting && cfg.configureServerRouting) then
"both"
else
(
if cfg.configureClientRouting
then "client"
else "server"
)
(if cfg.configureClientRouting then "client" else "server")
);
};
};

21
modules/nixos/services/teslamate/default.nix
View file

@ -2,9 +2,11 @@
config,
lib,
...
}: let
}:
let
cfg = config.aa.services.teslamate;
in {
in
{
options.aa.services.teslamate = with lib; {
enable = mkEnableOption "teslamate";
@ -104,7 +106,7 @@ in {
backend = "docker";
containers."teslamate" = {
image = "teslamate/teslamate:1.32";
environmentFiles = ["/var/lib/teslamate/env"];
environmentFiles = [ "/var/lib/teslamate/env" ];
environment = {
# TODO: Make this configurable
PORT = "4000";
@ -116,9 +118,12 @@ in {
MQTT_USERNAME = "teslamate";
TZ = "America/Los_Angeles";
};
extraOptions = ["--cap-drop=all" "--network=host"];
extraOptions = [
"--cap-drop=all"
"--network=host"
];
# TODO: Make this configurable
ports = ["4000:4000"];
ports = [ "4000:4000" ];
};
};
@ -126,12 +131,12 @@ in {
isSystemUser = true;
group = cfg.group;
};
users.groups.${cfg.group} = {};
users.groups.${cfg.group} = { };
services.postgresql = lib.optionalAttrs cfg.database.createDatabase {
enable = lib.mkDefault true;
ensureDatabases = [cfg.database.name];
ensureDatabases = [ cfg.database.name ];
ensureUsers = [
{
name = cfg.database.user;
@ -157,6 +162,6 @@ in {
};
};
networking.firewall.allowedTCPPorts = [4000];
networking.firewall.allowedTCPPorts = [ 4000 ];
};
}

8
modules/nixos/suites/desktop/default.nix
View file

@ -3,11 +3,13 @@
lib,
namespace,
...
}: let
}:
let
inherit (lib) mkEnableOption mkIf;
cfg = config.${namespace}.suites.desktop;
in {
in
{
options.${namespace}.suites.desktop = {
enable = mkEnableOption "common desktop configuration";
};
@ -19,7 +21,7 @@ in {
# The following fixes an issue with using swaylcock as a home module
# Workaround for https://github.com/NixOS/nixpkgs/issues/158025
# This comment specifically: https://github.com/NixOS/nixpkgs/issues/158025#issuecomment-1344766809
security.pam.services.swaylock = {};
security.pam.services.swaylock = { };
# Required for GUIs (like sway) to work correctly.
hardware.graphics.enable = true;

6
modules/nixos/suites/development/default.nix
View file

@ -3,10 +3,12 @@
lib,
pkgs,
...
}: let
}:
let
inherit (lib) mkIf mkEnableOption;
cfg = config.aa.suites.development;
in {
in
{
options.aa.suites.development = {
enable = mkEnableOption "common configuration";
};

6
modules/nixos/suites/gaming/default.nix
View file

@ -5,9 +5,11 @@
pkgs,
...
}:
with lib; let
with lib;
let
cfg = config.aa.suites.gaming;
in {
in
{
options.aa.suites.gaming = with lib.types; {
enable = mkEnableOption "gaming configuration";
};

8
modules/nixos/suites/utils/default.nix
View file

@ -4,11 +4,13 @@
pkgs,
inputs,
...
}: let
}:
let
inherit (lib) mkIf mkEnableOption;
cfg = config.aa.suites.utils;
in {
in
{
options.aa.suites.utils = {
enable = mkEnableOption "common configuration";
};
@ -38,6 +40,6 @@ in {
usbutils
wget
])
++ [inputs.agenix.packages.x86_64-linux.default];
++ [ inputs.agenix.packages.x86_64-linux.default ];
};
}

6
modules/nixos/system/fonts/default.nix
View file

@ -5,9 +5,11 @@
lib,
...
}:
with lib; let
with lib;
let
cfg = config.aa.system.fonts;
in {
in
{
options.aa.system.fonts = with types; {
enable = mkEnableOption "manage fonts";
};

6
modules/nixos/system/monitoring/default.nix
View file

@ -3,11 +3,13 @@
pkgs,
lib,
...
}: let
}:
let
inherit (lib) mkIf mkEnableOption;
cfg = config.aa.system.monitoring;
in {
in
{
options.aa.system.monitoring = {
enable = mkEnableOption "monitoring";
};

8
modules/nixos/system/zfs/default.nix
View file

@ -5,16 +5,18 @@
lib,
...
}:
with lib; let
with lib;
let
cfg = config.aa.system.zfs;
in {
in
{
options.aa.system.zfs = with types; {
enable = mkEnableOption "zfs";
# TODO: Introduce a zfsOnRoot option
};
config = mkIf cfg.enable {
environment.systemPackages = [pkgs.zfs-prune-snapshots];
environment.systemPackages = [ pkgs.zfs-prune-snapshots ];
services.zfs = {
autoScrub.enable = true;

31
modules/nixos/user/default.nix
View file

@ -5,9 +5,11 @@
lib,
...
}:
with lib; let
with lib;
let
cfg = config.aa.user;
in {
in
{
options.aa.user = with types; {
name = mkOption {
type = str;
@ -26,12 +28,15 @@ in {
};
extraGroups = mkOption {
type = listOf str;
default = ["video" "networkmanager"];
default = [
"video"
"networkmanager"
];
description = "Groups to for the user to be assigned.";
};
extraOptions = mkOption {
type = attrs;
default = {};
default = { };
description = "Extra options passed to <option>users.users.<name></option>.";
};
};
@ -42,19 +47,17 @@ in {
# Refer to modules/tools/zsh/default.nix
programs.zsh.enable = true;
users.users.${cfg.name} =
{
isNormalUser = true;
users.users.${cfg.name} = {
isNormalUser = true;
inherit (cfg) name;
inherit (cfg) name;
home = "/home/${cfg.name}";
group = "users";
home = "/home/${cfg.name}";
group = "users";
shell = pkgs.zsh;
shell = pkgs.zsh;
extraGroups = ["wheel"] ++ cfg.extraGroups;
}
// cfg.extraOptions;
extraGroups = [ "wheel" ] ++ cfg.extraGroups;
} // cfg.extraOptions;
};
}