Reformatted with nixfmt

2025-03-31 22:34:25 -07:00 · 2025-03-31 22:34:25 -07:00 · 3f16537322
parent f51256c3ae
commit 3f16537322
80 changed files with 1454 additions and 992 deletions
--- a/flake.nix
+++ b/flake.nix
@ -35,7 +35,8 @@
    powerlevel10k.flake = false;
  };

-  outputs = inputs:
+  outputs =
+    inputs:
    inputs.snowfall-lib.mkFlake {
      inherit inputs;
      src = ./.;
@ -74,7 +75,8 @@
          };
        };

-        pi4 = let
+        pi4 =
+          let
            system = "aarch64-linux";
            pkgs = import inputs.nixpkgs { inherit system; };
            deployPkgs = import inputs.nixpkgs {
@ -89,7 +91,8 @@
                })
              ];
            };
-        in {
+          in
+          {
            hostname = "pi4";
            profiles.system = {
              user = "root";
@ -106,19 +109,20 @@
      # dependencies for architectures other than the host machine
      # checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks inputs.self.deploy) inputs.deploy-rs.lib;

-      hydraJobs = let
+      hydraJobs =
+        let
          systems_to_build = [
            "gospel"
            "node"
            "carbon"
          ];
-      in {
+        in
+        {
          # Only have a builder for x86_64-linux atm
          packages = inputs.self.packages.x86_64-linux;

          systems = inputs.nixpkgs.lib.attrsets.genAttrs systems_to_build (
-          name:
-            inputs.self.nixosConfigurations."${name}".config.system.build.toplevel
+            name: inputs.self.nixosConfigurations."${name}".config.system.build.toplevel
          );
        };
    };
--- a/homes/aarch64-linux/alejandro@pi4/default.nix
+++ b/homes/aarch64-linux/alejandro@pi4/default.nix
@ -1,4 +1,5 @@
-{...}: {
+{ ... }:
+{
  aa = {
    apps = {
      bat.enable = true;
--- a/homes/x86_64-linux/alejandro@git/default.nix
+++ b/homes/x86_64-linux/alejandro@git/default.nix
@ -1,4 +1,5 @@
-{...}: {
+{ ... }:
+{
  aa = {
    installDefaults = false;

--- a/homes/x86_64-linux/alejandro@gospel/default.nix
+++ b/homes/x86_64-linux/alejandro@gospel/default.nix
@ -1,4 +1,5 @@
-{...}: {
+{ ... }:
+{
  aa.isHeadless = false;
  services.spotifyd = {
    enable = true;
--- a/homes/x86_64-linux/alejandro@minimal/default.nix
+++ b/homes/x86_64-linux/alejandro@minimal/default.nix
@ -1,3 +1,4 @@
-{...}: {
+{ ... }:
+{
  aa.installDefaults = false;
 }
--- a/homes/x86_64-linux/alejandro@node/default.nix
+++ b/homes/x86_64-linux/alejandro@node/default.nix
@ -1,2 +1,3 @@
-{...}: {
+{ ... }:
+{
 }
--- a/modules/home/apps/bat/default.nix
+++ b/modules/home/apps/bat/default.nix
@ -3,11 +3,13 @@
  lib,
  namespace,
  ...
-}: let
+}:
+let
  inherit (lib) mkIf mkEnableOption;

  cfg = config.${namespace}.apps.bat;
-in {
+in
+{
  options.${namespace}.apps.bat = {
    enable = mkEnableOption "bat";
  };
--- a/modules/home/apps/btop/default.nix
+++ b/modules/home/apps/btop/default.nix
@ -3,11 +3,13 @@
  lib,
  namespace,
  ...
-}: let
+}:
+let
  inherit (lib) mkIf mkEnableOption;

  cfg = config.${namespace}.apps.btop;
-in {
+in
+{
  options.${namespace}.apps.btop = {
    enable = mkEnableOption "btop";
  };
--- a/modules/home/apps/tmux/default.nix
+++ b/modules/home/apps/tmux/default.nix
@ -4,7 +4,8 @@
  pkgs,
  namespace,
  ...
-}: let
+}:
+let
  inherit (lib) mkEnableOption;
  inherit (pkgs) tmuxPlugins;

@ -20,7 +21,8 @@
      }
    ];
  };
-in {
+in
+{
  options.${namespace}.apps.tmux = {
    enable = mkEnableOption "tmux";
  };
--- a/modules/home/fonts/default.nix
+++ b/modules/home/fonts/default.nix
@ -4,9 +4,11 @@
  pkgs,
  namespace,
  ...
-}: let
+}:
+let
  cfg = config.${namespace}.fonts;
-in {
+in
+{
  options.${namespace}.fonts = {
    enable = lib.mkEnableOption "font config";
  };
--- a/modules/home/home/default.nix
+++ b/modules/home/home/default.nix
@ -4,7 +4,8 @@
  osConfig ? { },
  namespace,
  ...
-}: {
+}:
+{
  options.${namespace} = {
    isHeadless = lib.mkOption {
      type = lib.types.bool;
@ -20,15 +21,13 @@
  };

  config = lib.mkMerge [
-    (
-      lib.mkIf (!config.${namespace}.isHeadless) {
+    (lib.mkIf (!config.${namespace}.isHeadless) {
      ${namespace} = {
        programs.firefox.enable = true;
        programs.kitty.enable = true;
        windowManagers.sway.enable = true;
      };
-      }
-    )
+    })
    (lib.mkIf (config.${namespace}.installDefaults) {
      ${namespace} = {
        apps = {
--- a/modules/home/programs/firefox/default.nix
+++ b/modules/home/programs/firefox/default.nix
@ -3,11 +3,13 @@
  lib,
  namespace,
  ...
-}: let
+}:
+let
  inherit (lib) mkEnableOption mkIf;

  cfg = config.${namespace}.programs.firefox;
-in {
+in
+{
  options.${namespace}.programs.firefox = {
    enable = mkEnableOption "firefox";
  };
--- a/modules/home/programs/fuzzel/default.nix
+++ b/modules/home/programs/fuzzel/default.nix
@ -4,9 +4,11 @@
  pkgs,
  namespace,
  ...
-}: let
+}:
+let
  cfg = config.${namespace}.programs.fuzzel;
-in {
+in
+{
  options.${namespace}.programs.fuzzel = {
    enable = lib.mkEnableOption "fuzzel";
  };
--- a/modules/home/programs/fzf/default.nix
+++ b/modules/home/programs/fzf/default.nix
@ -3,9 +3,11 @@
  lib,
  namespace,
  ...
-}: let
+}:
+let
  cfg = config.${namespace}.programs.fzf;
-in {
+in
+{
  options.${namespace}.programs.fzf = {
    enable = lib.mkEnableOption "fzf";
  };
--- a/modules/home/programs/gpg/default.nix
+++ b/modules/home/programs/gpg/default.nix
@ -5,11 +5,13 @@
  namespace,
  system,
  ...
-}: let
+}:
+let
  inherit (lib) mkIf mkEnableOption;

  cfg = config.${namespace}.programs.gpg;
-in {
+in
+{
  options.${namespace}.programs.gpg = {
    enable = mkEnableOption "gpg";
  };
@ -33,9 +35,7 @@ in {
    services.gpg-agent = mkIf (system == "x86_64-linux") {
      enable = true;
      pinentryPackage =
-        if config.${namespace}.windowManagers.sway.enable
-        then pkgs.pinentry-qt
-        else pkgs.pinentry-curses;
+        if config.${namespace}.windowManagers.sway.enable then pkgs.pinentry-qt else pkgs.pinentry-curses;
      enableZshIntegration = true;
      enableSshSupport = true;
      sshKeys = [
--- a/modules/home/programs/k9s/default.nix
+++ b/modules/home/programs/k9s/default.nix
@ -3,9 +3,11 @@
  lib,
  namespace,
  ...
-}: let
+}:
+let
  cfg = config.${namespace}.programs.k9s;
-in {
+in
+{
  options.${namespace}.programs.k9s = {
    enable = lib.mkEnableOption "k9s";
  };
--- a/modules/home/programs/kitty/default.nix
+++ b/modules/home/programs/kitty/default.nix
@ -4,11 +4,13 @@
  pkgs,
  namespace,
  ...
-}: let
+}:
+let
  inherit (lib) mkEnableOption mkIf;

  cfg = config.${namespace}.programs.kitty;
-in {
+in
+{
  options.${namespace}.programs.kitty = {
    enable = mkEnableOption "kitty";
  };
--- a/modules/home/programs/neovim/default.nix
+++ b/modules/home/programs/neovim/default.nix
@ -4,9 +4,11 @@
  pkgs,
  namespace,
  ...
-}: let
+}:
+let
  cfg = config.${namespace}.programs.neovim;
-in {
+in
+{
  options.${namespace}.programs.neovim = {
    enable = lib.mkEnableOption "neovim";
    lazygit.enable = lib.mkOption {
@ -21,7 +23,8 @@ in {
    };
  };

-  config = lib.mkIf cfg.enable (lib.mkMerge [
+  config = lib.mkIf cfg.enable (
+    lib.mkMerge [
      { home.packages = [ pkgs.neovim ]; }
      (lib.mkIf cfg.lazygit.enable {
        programs.zsh.shellAliases = {
@ -35,5 +38,6 @@ in {
          '';
        };
      })
-  ]);
+    ]
+  );
 }
--- a/modules/home/programs/rofi/default.nix
+++ b/modules/home/programs/rofi/default.nix
@ -4,11 +4,13 @@
  pkgs,
  namespace,
  ...
-}: let
+}:
+let
  inherit (lib) mkEnableOption mkIf;

  cfg = config.${namespace}.programs.rofi;
-in {
+in
+{
  options.${namespace}.programs.rofi = {
    enable = mkEnableOption "rofi";
  };
--- a/modules/home/programs/swaylock/default.nix
+++ b/modules/home/programs/swaylock/default.nix
@ -3,11 +3,13 @@
  lib,
  namespace,
  ...
-}: let
+}:
+let
  inherit (lib) mkEnableOption mkIf;

  cfg = config.${namespace}.programs.swaylock;
-in {
+in
+{
  options.${namespace}.programs.swaylock = {
    enable = mkEnableOption "swaylock";
  };
--- a/modules/home/programs/waybar/default.nix
+++ b/modules/home/programs/waybar/default.nix
@ -4,11 +4,18 @@
  lib,
  namespace,
  ...
-}: let
-  inherit (lib) mkIf mkEnableOption mkOption types;
+}:
+let
+  inherit (lib)
+    mkIf
+    mkEnableOption
+    mkOption
+    types
+    ;

  cfg = config.${namespace}.programs.waybar;
-in {
+in
+{
  options.aa.programs.waybar = {
    enable = mkEnableOption "waybar";

@ -76,7 +83,11 @@ in {
          temperature = {
            critical-threshold = 80;
            format = "{icon}{temperatureC}°C";
-            format-icons = [" " " " " "];
+            format-icons = [
+              " "
+              " "
+              " "
+            ];
            thermal-zone = cfg.thermal-zone;
          };

@ -99,7 +110,11 @@ in {
              phone = " ";
              portable = " ";
              car = " ";
-              default = [" " " " " "];
+              default = [
+                " "
+                " "
+                " "
+              ];
            };
            tooltip-format = "{desc}, {volume}%";
            # TODO: Figure out how to get pactl binary?
@ -118,7 +133,13 @@ in {
            format-charging = "󰂄 {capacity}%";
            format-plugged = " ";
            format-alt = "{time} {icon}";
-            format-icons = [" " " " " " " " " "];
+            format-icons = [
+              " "
+              " "
+              " "
+              " "
+              " "
+            ];
          };

          memory = {
@ -127,7 +148,10 @@ in {

          backlight = {
            format = "{icon} {percent}%";
-            format-icons = ["󰃞`" "󰃚"];
+            format-icons = [
+              "󰃞`"
+              "󰃚"
+            ];
            on-scroll-up = "light -A 1";
            on-scroll-down = "light -U 1";
          };
--- a/modules/home/programs/yazi/default.nix
+++ b/modules/home/programs/yazi/default.nix
@ -3,9 +3,11 @@
  lib,
  namespace,
  ...
-}: let
+}:
+let
  cfg = config.${namespace}.programs.yazi;
-in {
+in
+{
  options.${namespace}.programs.yazi = {
    enable = lib.mkEnableOption "yazi";
  };
--- a/modules/home/programs/zoxide/default.nix
+++ b/modules/home/programs/zoxide/default.nix
@ -4,9 +4,11 @@
  lib,
  namespace,
  ...
-}: let
+}:
+let
  cfg = config.${namespace}.programs.zoxide;
-in {
+in
+{
  options.${namespace}.programs.zoxide = {
    enable = lib.mkEnableOption "zoxide";
  };
--- a/modules/home/services/gammastep/default.nix
+++ b/modules/home/services/gammastep/default.nix
@ -3,11 +3,13 @@
  lib,
  namespace,
  ...
-}: let
+}:
+let
  inherit (lib) mkIf mkEnableOption;

  cfg = config.${namespace}.services.gammastep;
-in {
+in
+{
  options.${namespace}.services.gammastep = {
    enable = mkEnableOption "gammastep";
  };
--- a/modules/home/services/playerctld/default.nix
+++ b/modules/home/services/playerctld/default.nix
@ -4,11 +4,13 @@
  pkgs,
  namespace,
  ...
-}: let
+}:
+let
  inherit (lib) mkEnableOption mkIf;

  cfg = config.${namespace}.services.playerctld;
-in {
+in
+{
  options.${namespace}.services.playerctld = {
    enable = mkEnableOption "playerctl";
  };
--- a/modules/home/services/swayidle/default.nix
+++ b/modules/home/services/swayidle/default.nix
@ -4,11 +4,13 @@
  lib,
  namespace,
  ...
-}: let
+}:
+let
  inherit (lib) mkIf mkEnableOption;

  cfg = config.${namespace}.services.swayidle;
-in {
+in
+{
  options.${namespace}.services.swayidle = {
    enable = mkEnableOption "swayidle";
  };
--- a/modules/home/services/swaync/default.nix
+++ b/modules/home/services/swaync/default.nix
@ -4,11 +4,13 @@
  pkgs,
  namespace,
  ...
-}: let
+}:
+let
  inherit (lib) mkEnableOption mkIf;

  cfg = config.${namespace}.services.swaync;
-in {
+in
+{
  options.${namespace}.services.swaync = {
    enable = mkEnableOption "sway notification center";
  };
@ -19,7 +21,12 @@ in {
    services.swaync = {
      enable = true;
      settings = {
-        widgets = ["title" "dnd" "notifications" "mpris"];
+        widgets = [
+          "title"
+          "dnd"
+          "notifications"
+          "mpris"
+        ];
      };
    };

--- a/modules/home/tools/direnv/default.nix
+++ b/modules/home/tools/direnv/default.nix
@ -3,11 +3,13 @@
  lib,
  namespace,
  ...
-}: let
+}:
+let
  inherit (lib) mkEnableOption mkIf;

  cfg = config.${namespace}.tools.direnv;
-in {
+in
+{
  options.${namespace}.tools.direnv = {
    enable = mkEnableOption "direnv";
  };
--- a/modules/home/tools/eza/default.nix
+++ b/modules/home/tools/eza/default.nix
@ -3,11 +3,13 @@
  lib,
  namespace,
  ...
-}: let
+}:
+let
  inherit (lib) mkIf mkEnableOption;

  cfg = config.${namespace}.tools.eza;
-in {
+in
+{
  options.${namespace}.tools.eza = {
    enable = mkEnableOption "eza";
  };
--- a/modules/home/tools/git/default.nix
+++ b/modules/home/tools/git/default.nix
@ -4,11 +4,13 @@
  lib,
  namespace,
  ...
-}: let
+}:
+let
  inherit (lib) mkIf mkEnableOption mkDefault;

  cfg = config.${namespace}.tools.git;
-in {
+in
+{
  options.${namespace}.tools.git = {
    enable = mkEnableOption "git";
    userName = lib.options.mkOption {
--- a/modules/home/tools/zsh/default.nix
+++ b/modules/home/tools/zsh/default.nix
@ -5,11 +5,13 @@
  pkgs,
  namespace,
  ...
-}: let
+}:
+let
  inherit (lib) mkEnableOption mkIf;

  cfg = config.${namespace}.tools.zsh;
-in {
+in
+{
  options.${namespace}.tools.zsh = {
    enable = mkEnableOption "zsh";
  };
--- a/modules/nixos/apps/steam/default.nix
+++ b/modules/nixos/apps/steam/default.nix
@ -3,9 +3,11 @@
  pkgs,
  lib,
  ...
-}: let
+}:
+let
  cfg = config.aa.apps.steam;
-in {
+in
+{
  options.aa.apps.steam = {
    enable = lib.options.mkEnableOption "steam";
  };
--- a/modules/nixos/apps/yubikey/default.nix
+++ b/modules/nixos/apps/yubikey/default.nix
@ -3,11 +3,13 @@
  pkgs,
  lib,
  ...
-}: let
+}:
+let
  inherit (lib) mkEnableOption mkIf;

  cfg = config.aa.apps.yubikey;
-in {
+in
+{
  options.aa.apps.yubikey = {
    enable = mkEnableOption "yubikey";
  };
--- a/modules/nixos/archetypes/workstation/default.nix
+++ b/modules/nixos/archetypes/workstation/default.nix
@ -2,11 +2,13 @@
  config,
  lib,
  ...
-}: let
+}:
+let
  inherit (lib) mkIf mkEnableOption;

  cfg = config.aa.archetypes.workstation;
-in {
+in
+{
  options.aa.archetypes.workstation = {
    enable = mkEnableOption "workstation archetype";
  };
--- a/modules/nixos/hardware/audio/default.nix
+++ b/modules/nixos/hardware/audio/default.nix
@ -3,11 +3,13 @@
  lib,
  pkgs,
  ...
-}: let
+}:
+let
  inherit (lib) mkEnableOption mkIf;

  cfg = config.aa.hardware.audio;
-in {
+in
+{
  options.aa.hardware.audio = {
    enable = mkEnableOption "audio";
  };
--- a/modules/nixos/hardware/bluetooth/default.nix
+++ b/modules/nixos/hardware/bluetooth/default.nix
@ -2,11 +2,13 @@
  config,
  lib,
  ...
-}: let
+}:
+let
  inherit (lib) mkIf mkEnableOption;

  cfg = config.aa.hardware.bluetooth;
-in {
+in
+{
  options.aa.hardware.bluetooth = {
    enable = mkEnableOption "bluetooth";
  };
--- a/modules/nixos/hardware/logitech/default.nix
+++ b/modules/nixos/hardware/logitech/default.nix
@ -4,12 +4,14 @@
  pkgs,
  namespace,
  ...
-}: let
+}:
+let
  inherit (lib) mkIf mkEnableOption;

  cfg = config.${namespace}.hardware.logitech;
  username = config.${namespace}.user.name;
-in {
+in
+{
  options.${namespace}.hardware.logitech = {
    enable = mkEnableOption "logitech devices";
  };
@ -29,6 +31,8 @@ in {
        ExecStart = "${pkgs.solaar}/bin/solaar -w hide";
      };
    };
-    systemd.user.services.solaar.wantedBy = mkIf config.home-manager.users.${username}.wayland.windowManager.sway.enable ["sway-session.target"];
+    systemd.user.services.solaar.wantedBy =
+      mkIf config.home-manager.users.${username}.wayland.windowManager.sway.enable
+        [ "sway-session.target" ];
  };
 }
--- a/modules/nixos/hardware/tlp/default.nix
+++ b/modules/nixos/hardware/tlp/default.nix
@ -2,11 +2,13 @@
  config,
  lib,
  ...
-}: let
+}:
+let
  inherit (lib) mkEnableOption mkIf;

  cfg = config.aa.hardware.tlp;
-in {
+in
+{
  options.aa.hardware.tlp = {
    enable = mkEnableOption "tlp";
  };
--- a/modules/nixos/home/default.nix
+++ b/modules/nixos/home/default.nix
@ -5,10 +5,12 @@
  inputs,
  namespace,
  ...
-}: let
+}:
+let
  inherit (lib) mkAliasDefinitions mkOption;
  inherit (lib.types) attrs;
-in {
+in
+{
  imports = with inputs; [
    home-manager.nixosModules.home-manager
  ];
@ -50,8 +52,7 @@ in {
    home-manager = {
      useUserPackages = true;

-      users.${config.aa.user.name} =
-        mkAliasDefinitions options.aa.home.extraOptions;
+      users.${config.aa.user.name} = mkAliasDefinitions options.aa.home.extraOptions;
    };
  };
 }
--- a/modules/nixos/nix/default.nix
+++ b/modules/nixos/nix/default.nix
@ -3,12 +3,19 @@
  pkgs,
  lib,
  ...
-}: let
-  inherit (lib) mkIf mkEnableOption mkOption types;
+}:
+let
+  inherit (lib)
+    mkIf
+    mkEnableOption
+    mkOption
+    types
+    ;

  cfg = config.aa.nix;
  selfHostedCacheHost = "https://cache.kilonull.com/";
-in {
+in
+{
  options.aa.nix = {
    enable = mkEnableOption "manage nix configuration.";
    package = mkOption {
@ -26,9 +33,14 @@ in {
      nixfmt-rfc-style
    ];

-    nix = let
-      users = ["root" config.aa.user.name];
-    in {
+    nix =
+      let
+        users = [
+          "root"
+          config.aa.user.name
+        ];
+      in
+      {
        package = cfg.package;

        settings = {
@ -38,16 +50,17 @@ in {

          builders-use-substitutes = cfg.useSelfhostedCache;
          substituters =
-          if cfg.useSelfhostedCache
-          then [
+            if cfg.useSelfhostedCache then
+              [
                # TESTING
                "https://minio.kilonull.com/nix-store"
                selfHostedCacheHost
              ]
-          else [];
-        trusted-public-keys =
-          mkIf cfg.useSelfhostedCache
-          ["gospelCache:9cbn8Wm54BbwpPS0TXw+15wrYZBpfOJt4Fzfbfcq/pc="];
+            else
+              [ ];
+          trusted-public-keys = mkIf cfg.useSelfhostedCache [
+            "gospelCache:9cbn8Wm54BbwpPS0TXw+15wrYZBpfOJt4Fzfbfcq/pc="
+          ];
        };

        # TODO: Configure distributedBuilds and buildMachines?
--- a/modules/nixos/programs/android-studio/default.nix
+++ b/modules/nixos/programs/android-studio/default.nix
@ -4,9 +4,11 @@
  lib,
  namespace,
  ...
-}: let
+}:
+let
  cfg = config.${namespace}.programs.android-studio;
-in {
+in
+{
  options.${namespace}.programs.android-studio = {
    enable = lib.mkEnableOption "Android Studio";
  };
--- a/modules/nixos/security/acme/default.nix
+++ b/modules/nixos/security/acme/default.nix
@ -3,11 +3,18 @@
  lib,
  namespace,
  ...
-}: let
-  inherit (lib) mkOption mkEnableOption mkIf types;
+}:
+let
+  inherit (lib)
+    mkOption
+    mkEnableOption
+    mkIf
+    types
+    ;

  cfg = config.aa.security.acme;
-in {
+in
+{
  options.aa.security.acme = {
    enable = mkEnableOption "Automatic Certificate Management Environment (ACME)";
    useStaging = mkOption {
--- a/modules/nixos/services/adguardhome/default.nix
+++ b/modules/nixos/services/adguardhome/default.nix
@ -3,11 +3,18 @@
  lib,
  namespace,
  ...
-}: let
-  inherit (lib) mkIf mkEnableOption mkOption types;
+}:
+let
+  inherit (lib)
+    mkIf
+    mkEnableOption
+    mkOption
+    types
+    ;

  cfg = config.${namespace}.services.adguardhome;
-in {
+in
+{
  options.${namespace}.services.adguardhome = {
    enable = mkEnableOption "adguardhome";
    acmeCertName = mkOption {
--- a/modules/nixos/services/forgejo/default.nix
+++ b/modules/nixos/services/forgejo/default.nix
@ -4,12 +4,19 @@
  pkgs,
  namespace,
  ...
-}: let
-  inherit (lib) mkIf mkEnableOption mkOption types;
+}:
+let
+  inherit (lib)
+    mkIf
+    mkEnableOption
+    mkOption
+    types
+    ;

  cfg = config.${namespace}.services.forgejo;
  forgejo_cfg = config.services.forgejo;
-in {
+in
+{
  options.${namespace}.services.forgejo = {
    enable = mkEnableOption "forgejo";
    domain = mkOption {
--- a/modules/nixos/services/grafana/default.nix
+++ b/modules/nixos/services/grafana/default.nix
@ -4,13 +4,20 @@
  pkgs,
  namespace,
  ...
-}: let
-  inherit (lib) mkIf mkEnableOption mkOption types;
+}:
+let
+  inherit (lib)
+    mkIf
+    mkEnableOption
+    mkOption
+    types
+    ;

  cfg = config.${namespace}.services.grafana;
  server_settings = config.services.grafana.settings.server;
  grafana_dashboards = pkgs.${namespace}.teslamate-grafana-dashboards;
-in {
+in
+{
  options.${namespace}.services.grafana = {
    enable = mkEnableOption "grafana";
    acmeCertName = mkOption {
@ -120,7 +127,10 @@ in {
    };

    networking.firewall = {
-      allowedTCPPorts = [80 443];
+      allowedTCPPorts = [
+        80
+        443
+      ];
    };
  };
 }
--- a/modules/nixos/services/hydra/default.nix
+++ b/modules/nixos/services/hydra/default.nix
@ -3,9 +3,11 @@
  lib,
  namespace,
  ...
-}: let
+}:
+let
  cfg = config.${namespace}.services.hydra;
-in {
+in
+{
  options.${namespace}.services.hydra = with lib; {
    enable = mkEnableOption "hydra";
    hostname = mkOption {
@ -103,7 +105,10 @@ in {
        "hydra"
        "hydra-www"
      ];
-      allowed-uris = ["github:" "git+https://git.alejandr0angul0.dev/"];
+      allowed-uris = [
+        "github:"
+        "git+https://git.alejandr0angul0.dev/"
+      ];
    };
  };
 }
--- a/modules/nixos/services/loki/default.nix
+++ b/modules/nixos/services/loki/default.nix
@ -3,10 +3,12 @@
  lib,
  namespace,
  ...
-}: let
+}:
+let
  cfg = config.${namespace}.services.loki;
  loki = config.services.loki;
-in {
+in
+{
  options.${namespace}.services.loki = with lib; {
    enable = mkEnableOption "loki";
  };
--- a/modules/nixos/services/minio/default.nix
+++ b/modules/nixos/services/minio/default.nix
@ -3,9 +3,11 @@
  lib,
  namespace,
  ...
-}: let
+}:
+let
  cfg = config.${namespace}.services.minio;
-in {
+in
+{
  options.${namespace}.services.minio = with lib; {
    enable = mkEnableOption "minio";
    acmeCertName = mkOption {
--- a/modules/nixos/services/mosquitto/default.nix
+++ b/modules/nixos/services/mosquitto/default.nix
@ -2,9 +2,11 @@
  config,
  lib,
  ...
-}: let
+}:
+let
  cfg = config.aa.services.mosquitto;
-in {
+in
+{
  options.aa.services.mosquitto = with lib; {
    enable = mkEnableOption "home assistant";
  };
--- a/modules/nixos/services/nix-serve/default.nix
+++ b/modules/nixos/services/nix-serve/default.nix
@ -3,9 +3,11 @@
  lib,
  pkgs,
  ...
-}: let
+}:
+let
  cfg = config.aa.services.nix-serve;
-in {
+in
+{
  options.aa.services.nix-serve = with lib; {
    enable = mkEnableOption "nix-serve";
    domain_name = mkOption {
@ -61,7 +63,10 @@ in {
    };

    networking.firewall = {
-      allowedTCPPorts = [80 443];
+      allowedTCPPorts = [
+        80
+        443
+      ];
    };
  };
 }
--- a/modules/nixos/services/octoprint/default.nix
+++ b/modules/nixos/services/octoprint/default.nix
@ -2,9 +2,11 @@
  config,
  lib,
  ...
-}: let
+}:
+let
  cfg = config.aa.services.octoprint;
-in {
+in
+{
  options.aa.services.octoprint = with lib; {
    enable = mkEnableOption "octoprint";
    acmeCertName = mkOption {
@ -39,6 +41,9 @@ in {
        };
    };

-    networking.firewall.allowedTCPPorts = [80 443];
+    networking.firewall.allowedTCPPorts = [
+      80
+      443
+    ];
  };
 }
--- a/modules/nixos/services/openssh/default.nix
+++ b/modules/nixos/services/openssh/default.nix
@ -3,12 +3,20 @@
  lib,
  format,
  ...
-}: let
-  inherit (lib) mkIf mkEnableOption mkOption mkDefault types;
+}:
+let
+  inherit (lib)
+    mkIf
+    mkEnableOption
+    mkOption
+    mkDefault
+    types
+    ;

  cfg = config.aa.services.openssh;
  default-key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEmPdQcM0KCQ3YunF1gwN+B+i1Q8KrIfiUvNtgFQjTy2";
-in {
+in
+{
  options.aa.services.openssh = {
    enable = mkEnableOption "ssh";
    authorizedKeys = mkOption {
@ -23,11 +31,7 @@ in {
      enable = true;
      settings = {
        PasswordAuthentication = false;
-        PermitRootLogin = mkDefault (
-          if format == "install-iso"
-          then "yes"
-          else "no"
-        );
+        PermitRootLogin = mkDefault (if format == "install-iso" then "yes" else "no");
      };
    };

--- a/modules/nixos/services/printing/default.nix
+++ b/modules/nixos/services/printing/default.nix
@ -2,9 +2,11 @@
  config,
  lib,
  ...
-}: let
+}:
+let
  cfg = config.aa.apps.steam;
-in {
+in
+{
  options.aa.services.printing = with lib; {
    enable = mkEnableOption "printing";
  };
--- a/modules/nixos/services/prometheus/default.nix
+++ b/modules/nixos/services/prometheus/default.nix
@ -2,12 +2,14 @@
  config,
  lib,
  ...
-}: let
+}:
+let
  inherit (lib) mkIf;

  cfg = config.aa.services.prometheus;
  exporters = config.services.prometheus.exporters;
-in {
+in
+{
  options.aa.services.prometheus = with lib; {
    enable = mkEnableOption "prometheus";
    enableServer = mkOption {
--- a/modules/nixos/services/promtail/default.nix
+++ b/modules/nixos/services/promtail/default.nix
@ -2,9 +2,11 @@
  config,
  lib,
  ...
-}: let
+}:
+let
  cfg = config.aa.services.promtail;
-in {
+in
+{
  options.aa.services.promtail = with lib; {
    enable = mkEnableOption "promtail";
  };
--- a/modules/nixos/services/tailscale/default.nix
+++ b/modules/nixos/services/tailscale/default.nix
@ -3,11 +3,13 @@
  pkgs,
  lib,
  ...
-}: let
+}:
+let
  inherit (lib) mkIf;

  cfg = config.aa.services.tailscale;
-in {
+in
+{
  options.aa.services.tailscale = with lib; {
    enable = mkEnableOption "tailscale";
    configureClientRouting = mkOption {
@ -39,14 +41,10 @@ in {
    services.tailscale = {
      enable = true;
      useRoutingFeatures = mkIf (cfg.configureClientRouting || cfg.configureServerRouting) (
-        if (cfg.configureClientRouting && cfg.configureServerRouting)
-        then "both"
+        if (cfg.configureClientRouting && cfg.configureServerRouting) then
+          "both"
        else
-          (
-            if cfg.configureClientRouting
-            then "client"
-            else "server"
-          )
+          (if cfg.configureClientRouting then "client" else "server")
      );
    };
  };
--- a/modules/nixos/services/teslamate/default.nix
+++ b/modules/nixos/services/teslamate/default.nix
@ -2,9 +2,11 @@
  config,
  lib,
  ...
-}: let
+}:
+let
  cfg = config.aa.services.teslamate;
-in {
+in
+{
  options.aa.services.teslamate = with lib; {
    enable = mkEnableOption "teslamate";

@ -116,7 +118,10 @@ in {
          MQTT_USERNAME = "teslamate";
          TZ = "America/Los_Angeles";
        };
-        extraOptions = ["--cap-drop=all" "--network=host"];
+        extraOptions = [
+          "--cap-drop=all"
+          "--network=host"
+        ];
        # TODO: Make this configurable
        ports = [ "4000:4000" ];
      };
--- a/modules/nixos/suites/desktop/default.nix
+++ b/modules/nixos/suites/desktop/default.nix
@ -3,11 +3,13 @@
  lib,
  namespace,
  ...
-}: let
+}:
+let
  inherit (lib) mkEnableOption mkIf;

  cfg = config.${namespace}.suites.desktop;
-in {
+in
+{
  options.${namespace}.suites.desktop = {
    enable = mkEnableOption "common desktop configuration";
  };
--- a/modules/nixos/suites/development/default.nix
+++ b/modules/nixos/suites/development/default.nix
@ -3,10 +3,12 @@
  lib,
  pkgs,
  ...
-}: let
+}:
+let
  inherit (lib) mkIf mkEnableOption;
  cfg = config.aa.suites.development;
-in {
+in
+{
  options.aa.suites.development = {
    enable = mkEnableOption "common configuration";
  };
--- a/modules/nixos/suites/gaming/default.nix
+++ b/modules/nixos/suites/gaming/default.nix
@ -5,9 +5,11 @@
  pkgs,
  ...
 }:
-with lib; let
+with lib;
+let
  cfg = config.aa.suites.gaming;
-in {
+in
+{
  options.aa.suites.gaming = with lib.types; {
    enable = mkEnableOption "gaming configuration";
  };
--- a/modules/nixos/suites/utils/default.nix
+++ b/modules/nixos/suites/utils/default.nix
@ -4,11 +4,13 @@
  pkgs,
  inputs,
  ...
-}: let
+}:
+let
  inherit (lib) mkIf mkEnableOption;

  cfg = config.aa.suites.utils;
-in {
+in
+{
  options.aa.suites.utils = {
    enable = mkEnableOption "common configuration";
  };
--- a/modules/nixos/system/fonts/default.nix
+++ b/modules/nixos/system/fonts/default.nix
@ -5,9 +5,11 @@
  lib,
  ...
 }:
-with lib; let
+with lib;
+let
  cfg = config.aa.system.fonts;
-in {
+in
+{
  options.aa.system.fonts = with types; {
    enable = mkEnableOption "manage fonts";
  };
--- a/modules/nixos/system/monitoring/default.nix
+++ b/modules/nixos/system/monitoring/default.nix
@ -3,11 +3,13 @@
  pkgs,
  lib,
  ...
-}: let
+}:
+let
  inherit (lib) mkIf mkEnableOption;

  cfg = config.aa.system.monitoring;
-in {
+in
+{
  options.aa.system.monitoring = {
    enable = mkEnableOption "monitoring";
  };
--- a/modules/nixos/system/zfs/default.nix
+++ b/modules/nixos/system/zfs/default.nix
@ -5,9 +5,11 @@
  lib,
  ...
 }:
-with lib; let
+with lib;
+let
  cfg = config.aa.system.zfs;
-in {
+in
+{
  options.aa.system.zfs = with types; {
    enable = mkEnableOption "zfs";
    # TODO: Introduce a zfsOnRoot option
--- a/modules/nixos/user/default.nix
+++ b/modules/nixos/user/default.nix
@ -5,9 +5,11 @@
  lib,
  ...
 }:
-with lib; let
+with lib;
+let
  cfg = config.aa.user;
-in {
+in
+{
  options.aa.user = with types; {
    name = mkOption {
      type = str;
@ -26,7 +28,10 @@ in {
    };
    extraGroups = mkOption {
      type = listOf str;
-      default = ["video" "networkmanager"];
+      default = [
+        "video"
+        "networkmanager"
+      ];
      description = "Groups to for the user to be assigned.";
    };
    extraOptions = mkOption {
@ -42,8 +47,7 @@ in {
    # Refer to modules/tools/zsh/default.nix
    programs.zsh.enable = true;

-    users.users.${cfg.name} =
-      {
+    users.users.${cfg.name} = {
      isNormalUser = true;

      inherit (cfg) name;
@ -54,7 +58,6 @@ in {
      shell = pkgs.zsh;

      extraGroups = [ "wheel" ] ++ cfg.extraGroups;
-      }
-      // cfg.extraOptions;
+    } // cfg.extraOptions;
  };
 }
--- a/overlays/neovim/default.nix
+++ b/overlays/neovim/default.nix
@ -1,3 +1,4 @@
-{nixvim, ...}: (final: prev: {
+{ nixvim, ... }:
+(final: prev: {
  neovim = nixvim.packages.${prev.system}.default;
 })
--- a/packages/teslamate/default.nix
+++ b/packages/teslamate/default.nix
@ -7,7 +7,8 @@
  nodejs,
  breakpointHook,
  ...
-}: let
+}:
+let
  pname = "teslamate";
  version = "1.28.2";

@ -23,12 +24,12 @@

    overrides = (
      final: prev:
-        (lib.mapAttrs
-          (_: value:
+      (lib.mapAttrs (
+        _: value:
        value.override {
          appConfigPath = src + "/config";
-            })
-          prev)
+        }
+      ) prev)
      // {
        ex_cldr = prev.ex_cldr.overrideAttrs (old: rec {
          # Copied from https://github.com/NixOS/nixpkgs/blob/d8fd23629b3910e8bdbd313e29532d3e33dd73d5/pkgs/servers/mobilizon/default.nix#L34-L47
@ -75,7 +76,12 @@
  };
 in
 beamPackages.mixRelease {
-    inherit pname version src mixNixDeps;
+  inherit
+    pname
+    version
+    src
+    mixNixDeps
+    ;

  nativeBuildInputs = [ nodejs ];

--- a/packages/teslamate/mix.nix
+++ b/packages/teslamate/mix.nix
@ -1,4 +1,8 @@
-{ lib, beamPackages, overrides ? (x: y: {}) }:
+{
+  lib,
+  beamPackages,
+  overrides ? (x: y: { }),
+}:

 let
  buildRebar3 = lib.makeOverridable beamPackages.buildRebar3;
@ -7,7 +11,10 @@ let

  self = packages // (overrides self packages);

-  packages = with beamPackages; with self; {
+  packages =
+    with beamPackages;
+    with self;
+    {
      bunt = buildMix rec {
        name = "bunt";
        version = "0.2.1";
@ -57,7 +64,11 @@ let
          sha256 = "3362b838836a9f0fa309de09a7127e36e67310e797d556db92f71b548832c7cf";
        };

-      beamDeps = [ castore certifi decimal ];
+        beamDeps = [
+          castore
+          certifi
+          decimal
+        ];
      };

      cloak = buildMix rec {
@ -83,7 +94,10 @@ let
          sha256 = "8bcc677185c813fe64b786618bd6689b1707b35cd95acaae0834557b15a0c62f";
        };

-      beamDeps = [ cloak ecto ];
+        beamDeps = [
+          cloak
+          ecto
+        ];
      };

      combine = buildMix rec {
@ -109,7 +123,10 @@ let
          sha256 = "3afdccb7183cc6f143cb14d3cf51fa00e53db9ec80cdcd525482f5e99bc41d6b";
        };

-      beamDeps = [ cowlib ranch ];
+        beamDeps = [
+          cowlib
+          ranch
+        ];
      };

      cowboy_telemetry = buildRebar3 rec {
@ -122,7 +139,10 @@ let
          sha256 = "7d98bac1ee4565d31b62d59f8823dfd8356a169e7fcbb83831b8a5397404c9de";
        };

-      beamDeps = [ cowboy telemetry ];
+        beamDeps = [
+          cowboy
+          telemetry
+        ];
      };

      cowlib = buildRebar3 rec {
@ -148,7 +168,11 @@ let
          sha256 = "e9871c6095a4c0381c89b6aa98bc6260a8ba6addccf7f6a53da8849c748a58a2";
        };

-      beamDeps = [ bunt file_system jason ];
+        beamDeps = [
+          bunt
+          file_system
+          jason
+        ];
      };

      db_connection = buildMix rec {
@ -200,7 +224,11 @@ let
          sha256 = "44bec74e2364d491d70f7e42cd0d690922659d329f6465e89feb8a34e8cd3433";
        };

-      beamDeps = [ decimal jason telemetry ];
+        beamDeps = [
+          decimal
+          jason
+          telemetry
+        ];
      };

      ecto_sql = buildMix rec {
@ -213,7 +241,12 @@ let
          sha256 = "68c018debca57cb9235e3889affdaec7a10616a4e3a80c99fa1d01fdafaa9007";
        };

-      beamDeps = [ db_connection ecto postgrex telemetry ];
+        beamDeps = [
+          db_connection
+          ecto
+          postgrex
+          telemetry
+        ];
      };

      erlex = buildMix rec {
@ -239,7 +272,12 @@ let
          sha256 = "74ad5ddff791112ce4156382e171a5f5d3766af9d5c4675e0571f081fe136479";
        };

-      beamDeps = [ cldr_utils decimal gettext jason ];
+        beamDeps = [
+          cldr_utils
+          decimal
+          gettext
+          jason
+        ];
      };

      ex_cldr_plugs = buildMix rec {
@ -252,7 +290,12 @@ let
          sha256 = "4f7b4a5fe061734cef7b62ff29118ed6ac72698cdd7bcfc97495db73611fe0fe";
        };

-      beamDeps = [ ex_cldr gettext jason plug ];
+        beamDeps = [
+          ex_cldr
+          gettext
+          jason
+          plug
+        ];
      };

      excoveralls = buildMix rec {
@ -265,7 +308,10 @@ let
          sha256 = "1109bb911f3cb583401760be49c02cbbd16aed66ea9509fc5479335d284da60b";
        };

-      beamDeps = [ castore jason ];
+        beamDeps = [
+          castore
+          jason
+        ];
      };

      expo = buildMix rec {
@ -304,7 +350,14 @@ let
          sha256 = "f660174c4d519e5fec629016054d60edd822cdfe2b7270836739ac2f97735ec5";
        };

-      beamDeps = [ castore mime mint nimble_options nimble_pool telemetry ];
+        beamDeps = [
+          castore
+          mime
+          mint
+          nimble_options
+          nimble_pool
+          telemetry
+        ];
      };

      floki = buildMix rec {
@ -369,7 +422,15 @@ let
          sha256 = "fe9094e5f1a2a2c0a7d10918fee36bfec0ec2a979994cff8cfe8058cd9af38e3";
        };

-      beamDeps = [ certifi idna metrics mimerl parse_trans ssl_verify_fun unicode_util_compat ];
+        beamDeps = [
+          certifi
+          idna
+          metrics
+          mimerl
+          parse_trans
+          ssl_verify_fun
+          unicode_util_compat
+        ];
      };

      hpax = buildMix rec {
@ -473,7 +534,10 @@ let
          sha256 = "4a63e1e76a7c3956abd2c72f370a0d0aecddc3976dea5c27eccbecfa5e7d5b1e";
        };

-      beamDeps = [ castore hpax ];
+        beamDeps = [
+          castore
+          hpax
+        ];
      };

      mock = buildMix rec {
@ -551,7 +615,16 @@ let
          sha256 = "e15989ff34f670a96b95ef6d1d25bad0d9c50df5df40b671d8f4a669e050ac39";
        };

-      beamDeps = [ castore jason phoenix_pubsub phoenix_view plug plug_cowboy plug_crypto telemetry ];
+        beamDeps = [
+          castore
+          jason
+          phoenix_pubsub
+          phoenix_view
+          plug
+          plug_cowboy
+          plug_crypto
+          telemetry
+        ];
      };

      phoenix_ecto = buildMix rec {
@ -564,7 +637,11 @@ let
          sha256 = "d36c401206f3011fefd63d04e8ef626ec8791975d9d107f9a0817d426f61ac07";
        };

-      beamDeps = [ ecto phoenix_html plug ];
+        beamDeps = [
+          ecto
+          phoenix_html
+          plug
+        ];
      };

      phoenix_html = buildMix rec {
@ -590,7 +667,10 @@ let
          sha256 = "9bffb834e7ddf08467fe54ae58b5785507aaba6255568ae22b4d46e2bb3615ab";
        };

-      beamDeps = [ file_system phoenix ];
+        beamDeps = [
+          file_system
+          phoenix
+        ];
      };

      phoenix_live_view = buildMix rec {
@ -603,7 +683,12 @@ let
          sha256 = "afeb6ba43ce329a6f7fc1c9acdfc6d3039995345f025febb7f409a92f6faebd3";
        };

-      beamDeps = [ jason phoenix phoenix_html telemetry ];
+        beamDeps = [
+          jason
+          phoenix
+          phoenix_html
+          telemetry
+        ];
      };

      phoenix_pubsub = buildMix rec {
@ -642,7 +727,10 @@ let
          sha256 = "cd34049af41be2c627df99cd4eaa71fc52a328c0c3d8e7d4aa28f880c30e7f64";
        };

-      beamDeps = [ phoenix_html phoenix_template ];
+        beamDeps = [
+          phoenix_html
+          phoenix_template
+        ];
      };

      plug = buildMix rec {
@ -655,7 +743,11 @@ let
          sha256 = "459497bd94d041d98d948054ec6c0b76feacd28eec38b219ca04c0de13c79d30";
        };

-      beamDeps = [ mime plug_crypto telemetry ];
+        beamDeps = [
+          mime
+          plug_crypto
+          telemetry
+        ];
      };

      plug_cowboy = buildMix rec {
@ -668,7 +760,11 @@ let
          sha256 = "de36e1a21f451a18b790f37765db198075c25875c64834bcc82d90b309eb6613";
        };

-      beamDeps = [ cowboy cowboy_telemetry plug ];
+        beamDeps = [
+          cowboy
+          cowboy_telemetry
+          plug
+        ];
      };

      plug_crypto = buildMix rec {
@ -694,7 +790,11 @@ let
          sha256 = "946cf46935a4fdca7a81448be76ba3503cff082df42c6ec1ff16a4bdfbfb098d";
        };

-      beamDeps = [ db_connection decimal jason ];
+        beamDeps = [
+          db_connection
+          decimal
+          jason
+        ];
      };

      ranch = buildRebar3 rec {
@ -759,7 +859,16 @@ let
          sha256 = "10501f360cd926a309501287470372af1a6e1cbed0f43949203a4c13300bc79f";
        };

-      beamDeps = [ castore finch fuse hackney jason mime mint telemetry ];
+        beamDeps = [
+          castore
+          finch
+          fuse
+          hackney
+          jason
+          mime
+          mint
+          telemetry
+        ];
      };

      timex = buildMix rec {
@ -772,7 +881,11 @@ let
          sha256 = "8b9024f7efbabaf9bd7aa04f65cf8dcd7c9818ca5737677c7b76acbc6a94d1aa";
        };

-      beamDeps = [ combine gettext tzdata ];
+        beamDeps = [
+          combine
+          gettext
+          tzdata
+        ];
      };

      tortoise = buildMix rec {
@ -827,5 +940,5 @@ let
        beamDeps = [ ];
      };
    };
-in self
-
+in
+self
--- a/secrets/age-yubikey-identity-508106ce.txt
+++ b/secrets/age-yubikey-identity-508106ce.txt
@ -0,0 +1,7 @@
+#       Serial: 20472382, Slot: 1
+#         Name: age_alejandro
+#      Created: Fri, 30 Jun 2023 03:32:36 +0000
+#   PIN policy: Once   (A PIN is required once per session, if set)
+# Touch policy: Always (A physical touch is required for every decryption)
+#    Recipient: age1yubikey1qdwgvfqrcqmyw56ux7azuvqr6f8nanszu27nztvxmn4utmplgxctzt90g25
+AGE-PLUGIN-YUBIKEY-18E3RSQVZ2ZQSDNS67QTTC
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@ -9,18 +9,69 @@ let
    proxy = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAf6Z7SZEOH3H51T/GPIc/B0OpbaydM5l2PP3nMnwpFl";
    git = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN8JLy/ipBfOet3/KT7rXOXHDjjmt+VqqQb3V+ILIuDN";
  };
-in {
-  "cf_dns_kilonull.age".publicKeys = [users.me machines.node machines.gospel machines.pi4 machines.proxy];
-  "gitea-runner-gospel.age".publicKeys = [users.me machines.gospel];
-  "hass_mqtt.age".publicKeys = [users.me machines.pi4 machines.node machines.gospel];
-  "hydra-aws-creds.age".publicKeys = [users.me machines.gospel];
-  "nextcloud_admin.age".publicKeys = [users.me machines.node machines.gospel];
-  "nextcloud_restic_env.age".publicKeys = [users.me machines.node];
-  "nextcloud_restic_password.age".publicKeys = [users.me machines.node];
-  "nextcloud_restic_repo.age".publicKeys = [users.me machines.node];
-  "tailscale_git_server.age".publicKeys = [users.me machines.git]; # This key expires, might have to update
-  "teslamate_db.age".publicKeys = [users.me machines.node machines.gospel];
-  "teslamate_encryption.age".publicKeys = [users.me machines.node machines.gospel];
-  "teslamate_mqtt.age".publicKeys = [users.me machines.pi4 machines.node machines.gospel];
-  "theengs_ble_mqtt.age".publicKeys = [users.me machines.pi4 machines.gospel];
+in
+{
+  "cf_dns_kilonull.age".publicKeys = [
+    users.me
+    machines.node
+    machines.gospel
+    machines.pi4
+    machines.proxy
+  ];
+  "gitea-runner-gospel.age".publicKeys = [
+    users.me
+    machines.gospel
+  ];
+  "hass_mqtt.age".publicKeys = [
+    users.me
+    machines.pi4
+    machines.node
+    machines.gospel
+  ];
+  "hydra-aws-creds.age".publicKeys = [
+    users.me
+    machines.gospel
+  ];
+  "nextcloud_admin.age".publicKeys = [
+    users.me
+    machines.node
+    machines.gospel
+  ];
+  "nextcloud_restic_env.age".publicKeys = [
+    users.me
+    machines.node
+  ];
+  "nextcloud_restic_password.age".publicKeys = [
+    users.me
+    machines.node
+  ];
+  "nextcloud_restic_repo.age".publicKeys = [
+    users.me
+    machines.node
+  ];
+  "tailscale_git_server.age".publicKeys = [
+    users.me
+    machines.git
+  ]; # This key expires, might have to update
+  "teslamate_db.age".publicKeys = [
+    users.me
+    machines.node
+    machines.gospel
+  ];
+  "teslamate_encryption.age".publicKeys = [
+    users.me
+    machines.node
+    machines.gospel
+  ];
+  "teslamate_mqtt.age".publicKeys = [
+    users.me
+    machines.pi4
+    machines.node
+    machines.gospel
+  ];
+  "theengs_ble_mqtt.age".publicKeys = [
+    users.me
+    machines.pi4
+    machines.gospel
+  ];
 }
--- a/systems/aarch64-linux/pi4/default.nix
+++ b/systems/aarch64-linux/pi4/default.nix
@ -4,7 +4,8 @@
  inputs,
  modulesPath,
  ...
-}: {
+}:
+{
  imports = [
    (modulesPath + "/installer/scan/not-detected.nix")
    (modulesPath + "/installer/sd-card/sd-image-aarch64.nix")
@ -15,8 +16,7 @@
  # See here: https://github.com/NixOS/nixpkgs/issues/109280#issuecomment-973636212
  nixpkgs.overlays = [
    (final: super: {
-      makeModulesClosure = x:
-        super.makeModulesClosure (x // {allowMissing = true;});
+      makeModulesClosure = x: super.makeModulesClosure (x // { allowMissing = true; });
    })
  ];

@ -57,7 +57,10 @@
    hostName = "pi4";
    useDHCP = false;
    defaultGateway = "192.168.113.1";
-    nameservers = ["192.168.113.13" "1.1.1.1"];
+    nameservers = [
+      "192.168.113.13"
+      "1.1.1.1"
+    ];
    interfaces.end0.ipv4.addresses = [
      {
        address = "192.168.113.42";
--- a/systems/x86_64-do/minimal/default.nix
+++ b/systems/x86_64-do/minimal/default.nix
@ -1,4 +1,5 @@
-{...}: {
+{ ... }:
+{
  aa = {
    nix.enable = true;

--- a/systems/x86_64-linux/carbon/hardware-configuration-zfs.nix
+++ b/systems/x86_64-linux/carbon/hardware-configuration-zfs.nix
@ -7,12 +7,18 @@
  pkgs,
  modulesPath,
  ...
-}: {
+}:
+{
  imports = [
    (modulesPath + "/installer/scan/not-detected.nix")
  ];

-  boot.initrd.availableKernelModules = ["xhci_pci" "nvme" "usb_storage" "sd_mod"];
+  boot.initrd.availableKernelModules = [
+    "xhci_pci"
+    "nvme"
+    "usb_storage"
+    "sd_mod"
+  ];
  boot.initrd.kernelModules = [ ];
  boot.kernelModules = [ "kvm-intel" ];
  boot.extraModulePackages = [ ];
@ -20,61 +26,91 @@
  fileSystems."/" = {
    device = "rpool_/nixos/ROOT/default";
    fsType = "zfs";
-    options = ["zfsutil" "X-mount.mkdir"];
+    options = [
+      "zfsutil"
+      "X-mount.mkdir"
+    ];
  };

  fileSystems."/boot" = {
    device = "bpool_/nixos/BOOT/default";
    fsType = "zfs";
-    options = ["zfsutil" "X-mount.mkdir"];
+    options = [
+      "zfsutil"
+      "X-mount.mkdir"
+    ];
  };

  fileSystems."/home" = {
    device = "rpool_/nixos/DATA/default/home";
    fsType = "zfs";
-    options = ["zfsutil" "X-mount.mkdir"];
+    options = [
+      "zfsutil"
+      "X-mount.mkdir"
+    ];
  };

  fileSystems."/root" = {
    device = "rpool_/nixos/DATA/default/root";
    fsType = "zfs";
-    options = ["zfsutil" "X-mount.mkdir"];
+    options = [
+      "zfsutil"
+      "X-mount.mkdir"
+    ];
  };

  fileSystems."/srv" = {
    device = "rpool_/nixos/DATA/default/srv";
    fsType = "zfs";
-    options = ["zfsutil" "X-mount.mkdir"];
+    options = [
+      "zfsutil"
+      "X-mount.mkdir"
+    ];
  };

  fileSystems."/usr/local" = {
    device = "rpool_/nixos/DATA/default/usr/local";
    fsType = "zfs";
-    options = ["zfsutil" "X-mount.mkdir"];
+    options = [
+      "zfsutil"
+      "X-mount.mkdir"
+    ];
  };

  fileSystems."/var/log" = {
    device = "rpool_/nixos/DATA/default/var/log";
    fsType = "zfs";
-    options = ["zfsutil" "X-mount.mkdir"];
+    options = [
+      "zfsutil"
+      "X-mount.mkdir"
+    ];
  };

  fileSystems."/var/spool" = {
    device = "rpool_/nixos/DATA/default/var/spool";
    fsType = "zfs";
-    options = ["zfsutil" "X-mount.mkdir"];
+    options = [
+      "zfsutil"
+      "X-mount.mkdir"
+    ];
  };

  fileSystems."/nix" = {
    device = "rpool_/nixos/DATA/local/nix";
    fsType = "zfs";
-    options = ["zfsutil" "X-mount.mkdir"];
+    options = [
+      "zfsutil"
+      "X-mount.mkdir"
+    ];
  };

  fileSystems."/state" = {
    device = "rpool_/nixos/DATA/default/state";
    fsType = "zfs";
-    options = ["zfsutil" "X-mount.mkdir"];
+    options = [
+      "zfsutil"
+      "X-mount.mkdir"
+    ];
  };

  fileSystems."/etc/nixos" = {
@ -92,19 +128,30 @@
  fileSystems."/boot/efis/nvme-SAMSUNG_MZVLW256HEHP-000L7_S35ENX1K539085-part1" = {
    device = "/dev/disk/by-uuid/F429-235F";
    fsType = "vfat";
-    options = ["x-systemd.idle-timeout=1min" "x-systemd.automount" "noauto"];
+    options = [
+      "x-systemd.idle-timeout=1min"
+      "x-systemd.automount"
+      "noauto"
+    ];
  };

  fileSystems."/boot/efis/nvme-WDC_PC_SN520_SDAPTUW-512G_182747800010-part1" = {
    device = "/dev/disk/by-uuid/F429-AB41";
    fsType = "vfat";
-    options = ["x-systemd.idle-timeout=1min" "x-systemd.automount" "noauto"];
+    options = [
+      "x-systemd.idle-timeout=1min"
+      "x-systemd.automount"
+      "noauto"
+    ];
  };

  fileSystems."/var/lib/docker" = {
    device = "rpool_/nixos/DATA/default/var/lib/docker";
    fsType = "zfs";
-    options = ["zfsutil" "X-mount.mkdir"];
+    options = [
+      "zfsutil"
+      "X-mount.mkdir"
+    ];
  };

  powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
--- a/systems/x86_64-linux/carbon/zfs.nix
+++ b/systems/x86_64-linux/carbon/zfs.nix
@ -1,4 +1,5 @@
-{pkgs, ...}: {
+{ pkgs, ... }:
+{
  boot.supportedFilesystems = [ "zfs" ];
  networking.hostId = "b2d25606";
  boot.zfs.devNodes = "/dev/disk/by-id";
--- a/systems/x86_64-linux/git/default.nix
+++ b/systems/x86_64-linux/git/default.nix
@ -2,10 +2,12 @@
  inputs,
  config,
  ...
-}: let
+}:
+let
  domain = "git.alejandr0angul0.dev";
  secrets = config.age.secrets;
-in {
+in
+{
  imports = [ "${inputs.nixpkgs}/nixos/modules/virtualisation/digital-ocean-config.nix" ];

  age.secrets.authKeyFile.file = ../../../secrets/tailscale_git_server.age;
--- a/systems/x86_64-linux/gospel/hardware-configuration.nix
+++ b/systems/x86_64-linux/gospel/hardware-configuration.nix
@ -6,37 +6,57 @@
  lib,
  modulesPath,
  ...
-}: {
+}:
+{
  imports = [
    (modulesPath + "/installer/scan/not-detected.nix")
  ];

-  boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod"];
+  boot.initrd.availableKernelModules = [
+    "xhci_pci"
+    "ahci"
+    "nvme"
+    "usbhid"
+    "usb_storage"
+    "sd_mod"
+  ];
  boot.initrd.kernelModules = [ ];
  boot.kernelModules = [ "kvm-intel" ];

  fileSystems."/" = {
    device = "rpool/nixos/root";
    fsType = "zfs";
-    options = ["zfsutil" "X-mount.mkdir"];
+    options = [
+      "zfsutil"
+      "X-mount.mkdir"
+    ];
  };

  fileSystems."/home" = {
    device = "rpool/nixos/home";
    fsType = "zfs";
-    options = ["zfsutil" "X-mount.mkdir"];
+    options = [
+      "zfsutil"
+      "X-mount.mkdir"
+    ];
  };

  fileSystems."/var/lib" = {
    device = "rpool/nixos/var/lib";
    fsType = "zfs";
-    options = ["zfsutil" "X-mount.mkdir"];
+    options = [
+      "zfsutil"
+      "X-mount.mkdir"
+    ];
  };

  fileSystems."/var/log" = {
    device = "rpool/nixos/var/log";
    fsType = "zfs";
-    options = ["zfsutil" "X-mount.mkdir"];
+    options = [
+      "zfsutil"
+      "X-mount.mkdir"
+    ];
  };

  fileSystems."/boot" = {
--- a/systems/x86_64-linux/gospel/zfs.nix
+++ b/systems/x86_64-linux/gospel/zfs.nix
@ -1,4 +1,5 @@
-{...}: {
+{ ... }:
+{
  boot.supportedFilesystems = [ "zfs" ];
  networking.hostId = "f8616592";
  boot.loader.efi.canTouchEfiVariables = false;
--- a/systems/x86_64-linux/node/hardware-configuration.nix
+++ b/systems/x86_64-linux/node/hardware-configuration.nix
@ -7,12 +7,20 @@
  pkgs,
  modulesPath,
  ...
-}: {
+}:
+{
  imports = [
    (modulesPath + "/installer/scan/not-detected.nix")
  ];

-  boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "usb_storage" "usbhid" "sd_mod"];
+  boot.initrd.availableKernelModules = [
+    "xhci_pci"
+    "ahci"
+    "nvme"
+    "usb_storage"
+    "usbhid"
+    "sd_mod"
+  ];
  boot.initrd.kernelModules = [ ];
  boot.kernelModules = [ "kvm-amd" ];
  boot.extraModulePackages = [ ];
--- a/systems/x86_64-linux/node/zfs.nix
+++ b/systems/x86_64-linux/node/zfs.nix
@ -2,7 +2,8 @@
  config,
  pkgs,
  ...
-}: {
+}:
+{
  boot.supportedFilesystems = [ "zfs" ];
  boot.zfs.extraPools = [ "tank" ];
  networking.hostId = "db616c9e";
--- a/systems/x86_64-vm/virt/default.nix
+++ b/systems/x86_64-vm/virt/default.nix
@ -3,7 +3,8 @@
  lib,
  ...
 }:
-with lib; {
+with lib;
+{
  virtualisation.qemu.options = [ "-vga qxl" ];

  # For sway to work with home manager
@ -31,6 +32,8 @@ with lib; {
    systemPackages = with pkgs; [
      wayland-utils
    ];
-    variables = {"WLR_RENDERER_ALLOW_SOFTWARE" = "1";};
+    variables = {
+      "WLR_RENDERER_ALLOW_SOFTWARE" = "1";
+    };
  };
 }