Format code with alejandra

2025-04-28 22:17:11 +02:00
parent 7d17c52192
commit 68da077c72
90 changed files with 502 additions and 691 deletions
--- a/hosts/aspi/default.nix
+++ b/hosts/aspi/default.nix
@ -46,5 +46,4 @@

  # Enable touchpad support
  services.libinput.enable = true;
-
 }
--- a/hosts/aspi/hardware-configuration.nix
+++ b/hosts/aspi/hardware-configuration.nix
@ -2,9 +2,7 @@
  config,
  lib,
  ...
-}:
-
-{
+}: {
  boot.initrd.availableKernelModules = [
    "vmd"
    "xhci_pci"
@ -14,11 +12,11 @@
    "usbhid"
    "sd_mod"
  ];
-  boot.initrd.kernelModules = [ "dm-snapshot" ];
-  boot.kernelModules = [ "kvm-intel" ];
-  boot.extraModulePackages = [ ];
-  boot.blacklistedKernelModules = [ "pcspkr" ]; # Disables "beep"
-  boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
+  boot.initrd.kernelModules = ["dm-snapshot"];
+  boot.kernelModules = ["kvm-intel"];
+  boot.extraModulePackages = [];
+  boot.blacklistedKernelModules = ["pcspkr"]; # Disables "beep"
+  boot.binfmt.emulatedSystems = ["aarch64-linux"];

  boot.initrd.luks.devices = {
    root = {
@ -62,7 +60,7 @@
  };

  swapDevices = [
-    { device = "/dev/disk/by-uuid/26140b4a-0579-406d-a484-35aa31b32e80"; }
+    {device = "/dev/disk/by-uuid/26140b4a-0579-406d-a484-35aa31b32e80";}
  ];

  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
--- a/hosts/builder/default.nix
+++ b/hosts/builder/default.nix
@ -1,9 +1,11 @@
 # sudo nixos-rebuild switch --flake .#builder --target-host root@192.168.3.118
 # or
 # deploy .#builder
-{ config, pkgs, ... }:
-
 {
+  config,
+  pkgs,
+  ...
+}: {
  imports = [
    ./hardware-configuration.nix

@ -31,7 +33,7 @@
  boot.loader.grub.device = "/dev/sda";

  # Emulated systems used as alternative to cross-compiling
-  boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
+  boot.binfmt.emulatedSystems = ["aarch64-linux"];

  networking.hostName = "builder";

@ -61,16 +63,16 @@
      "https://nix-community.cachix.org"
      "https://cache.nixos.org/"
    ];
-    trusted-public-keys = [ "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" ];
+    trusted-public-keys = ["nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="];

-    trusted-users = [ "nix" ];
+    trusted-users = ["nix"];
    max-jobs = "auto";
    cores = 0;
  };

  # optimize store by hardlinking store files
  nix.optimise.automatic = true;
-  nix.optimise.dates = [ "03:15" ];
+  nix.optimise.dates = ["03:15"];

  # nix.gc.automatic = true;
  # nix.gc.dates = "daily";
@ -209,8 +211,7 @@
    };

    virtualHosts."binarycache.julian-mutter.de" = {
-      locations."/".proxyPass =
-        "http://${config.services.nix-serve.bindAddress}:${toString config.services.nix-serve.port}";
+      locations."/".proxyPass = "http://${config.services.nix-serve.bindAddress}:${toString config.services.nix-serve.port}";
    };

    clientMaxBodySize = "2G";
@ -225,7 +226,7 @@
    url = "https://gitlab.julian-mutter.de";
    name = "builder";
    tokenFile = config.sops.secrets."gitea_token".path;
-    labels = [ ]; # use default labels
+    labels = []; # use default labels
  };

  virtualisation.docker.enable = true;
@ -257,7 +258,7 @@
    settings = {
      listen = "[::]:8080";

-      jwt = { };
+      jwt = {};

      # Data chunking
      #
--- a/hosts/builder/hardware-configuration.nix
+++ b/hosts/builder/hardware-configuration.nix
@ -7,10 +7,8 @@
  pkgs,
  modulesPath,
  ...
-}:
-
-{
-  imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
+}: {
+  imports = [(modulesPath + "/profiles/qemu-guest.nix")];

  boot.initrd.availableKernelModules = [
    "ata_piix"
@ -21,8 +19,8 @@
    "sr_mod"
  ];
  # boot.initrd.kernelModules = [ "amdgpu" ]; # GPU support
-  boot.kernelModules = [ ];
-  boot.extraModulePackages = [ ];
+  boot.kernelModules = [];
+  boot.extraModulePackages = [];

  fileSystems."/" = {
    device = "/dev/disk/by-uuid/f088fe8e-bf3d-4a89-98bd-ead9852d381f";
--- a/hosts/common/global/default.nix
+++ b/hosts/common/global/default.nix
@ -1,11 +1,9 @@
 # Common config for all hosts
-
 {
  inputs,
  outputs,
  ...
-}:
-{
+}: {
  imports =
    [
      ./fish.nix # fish for admin
@ -34,5 +32,4 @@
  home-manager.extraSpecialArgs = {
    inherit inputs outputs;
  };
-
 }
--- a/hosts/common/global/nix.nix
+++ b/hosts/common/global/nix.nix
@ -2,9 +2,7 @@
  lib,
  outputs,
  ...
-}:
-{
-
+}: {
  # Apply overlays
  nixpkgs = {
    # TODO: apply this to hm and nixos without duplicate code
@ -61,5 +59,4 @@
  # Add each flake input as a registry and nix_path
  # registry = lib.mapAttrs (_: flake: { inherit flake; }) flakeInputs;
  # nixPath = lib.mapAttrsToList (n: _: "${n}=flake:${n}") flakeInputs;
-
 }
--- a/hosts/common/global/root.nix
+++ b/hosts/common/global/root.nix
@ -1,6 +1,4 @@
-{ pkgs, ... }:
-
-{
+{pkgs, ...}: {
  # Packages needed as root
  environment.systemPackages = with pkgs; [
    vim
--- a/hosts/common/global/sops.nix
+++ b/hosts/common/global/sops.nix
@ -2,14 +2,12 @@
  inputs,
  config,
  ...
-}:
-let
+}: let
  isEd25519 = k: k.type == "ed25519";
  getKeyPath = k: k.path;
  keys = builtins.filter isEd25519 config.services.openssh.hostKeys;
-in
-{
-  imports = [ inputs.sops-nix.nixosModules.sops ];
+in {
+  imports = [inputs.sops-nix.nixosModules.sops];

  sops.age = {
    sshKeyPaths = map getKeyPath keys;
@ -18,7 +16,6 @@ in
    keyFile = "/home/julian/.config/sops/age/keys.txt";
    # Generate key if none of the above worked. With this, building will still work, just without secrets
    generateKey = true;
-
  };

  sops.defaultSopsFile = ../secrets.yaml;
--- a/hosts/common/optional/authentication.nix
+++ b/hosts/common/optional/authentication.nix
@ -1,5 +1,4 @@
-{ pkgs, ... }:
-{
+{pkgs, ...}: {
  # Make programs like nextcloud client access saved passwords
  programs.seahorse.enable = true;
  services.gnome.gnome-keyring.enable = true;
@ -9,9 +8,9 @@
  systemd = {
    user.services.polkit-gnome-authentication-agent-1 = {
      description = "polkit-gnome-authentication-agent-1";
-      wantedBy = [ "graphical-session.target" ];
-      wants = [ "graphical-session.target" ];
-      after = [ "graphical-session.target" ];
+      wantedBy = ["graphical-session.target"];
+      wants = ["graphical-session.target"];
+      after = ["graphical-session.target"];
      serviceConfig = {
        Type = "simple";
        ExecStart = "${pkgs.polkit_gnome}/libexec/polkit-gnome-authentication-agent-1";
--- a/hosts/common/optional/flatpak.nix
+++ b/hosts/common/optional/flatpak.nix
@ -1,10 +1,6 @@
-{
-  pkgs,
-  ...
-}:
-{
+{pkgs, ...}: {
  services.flatpak.enable = true;
  xdg.portal.enable = true;
-  xdg.portal.extraPortals = [ pkgs.xdg-desktop-portal-gtk ];
+  xdg.portal.extraPortals = [pkgs.xdg-desktop-portal-gtk];
  xdg.portal.config.common.default = "*"; # Use first portal implementation found
 }
--- a/hosts/common/optional/gamemode.nix
+++ b/hosts/common/optional/gamemode.nix
@ -1,6 +1,4 @@
-{ pkgs, ... }:
-{
-
+{pkgs, ...}: {
  programs.gamemode = {
    enable = true;
    settings = {
@ -20,5 +18,4 @@
      };
    };
  };
-
 }
--- a/hosts/common/optional/gdm.nix
+++ b/hosts/common/optional/gdm.nix
@ -3,10 +3,7 @@
  lib,
  pkgs,
  ...
-}:
-
-{
-
+}: {
  services.xserver.displayManager.gdm = {
    enable = true;
  };
--- a/hosts/common/optional/greetd.nix
+++ b/hosts/common/optional/greetd.nix
@ -3,26 +3,22 @@
  lib,
  config,
  ...
-}:
-let
+}: let
  homeCfgs = config.home-manager.users;
  homeSharePaths = lib.mapAttrsToList (_: v: "${v.home.path}/share") homeCfgs;
  vars = ''XDG_DATA_DIRS="$XDG_DATA_DIRS:${lib.concatStringsSep ":" homeSharePaths}" GTK_USE_PORTAL=0'';

  julianCfg = homeCfgs.julian;

-  sway-kiosk =
-    command:
-    "${lib.getExe pkgs.sway} --unsupported-gpu --config ${pkgs.writeText "kiosk.config" ''
-      output * bg #000000 solid_color
-      xwayland disable
-      input "type:touchpad" {
-        tap enabled
-      }
-      exec '${vars} ${command}; ${pkgs.sway}/bin/swaymsg exit'
-    ''}";
-in
-{
+  sway-kiosk = command: "${lib.getExe pkgs.sway} --unsupported-gpu --config ${pkgs.writeText "kiosk.config" ''
+    output * bg #000000 solid_color
+    xwayland disable
+    input "type:touchpad" {
+      tap enabled
+    }
+    exec '${vars} ${command}; ${pkgs.sway}/bin/swaymsg exit'
+  ''}";
+in {
  users.extraUsers.greeter = {
    # For caching and such
    home = "/tmp/greeter-home";
--- a/hosts/common/optional/hyprland.nix
+++ b/hosts/common/optional/hyprland.nix
@ -4,13 +4,10 @@
  pkgs,
  inputs,
  ...
-}:
-
-{
-
+}: {
  programs.hyprland.enable = true;
  programs.hyprland.package = inputs.hyprland.packages.${pkgs.system}.hyprland; # does only work with nixos-unstable
  programs.hyprland.xwayland.enable = true;
-  security.pam.services.hyprlock = { };
+  security.pam.services.hyprlock = {};
  services.displayManager.defaultSession = "hyprland";
 }
--- a/hosts/common/optional/i3.nix
+++ b/hosts/common/optional/i3.nix
@ -3,8 +3,7 @@
  lib,
  pkgs,
  ...
-}:
-{
+}: {
  services.xserver.windowManager.i3.enable = true;
  services.xserver.windowManager.i3.package = pkgs.i3-gaps;
  services.displayManager.defaultSession = "none+i3";
--- a/hosts/common/optional/kerberos.nix
+++ b/hosts/common/optional/kerberos.nix
@ -1,5 +1,4 @@
 {
-
  security.krb5.enable = true;
  security.krb5.settings = {
    # domain_realm = {
@ -15,7 +14,7 @@
    };
    realms = {
      "julian-mutter.de" = {
-        kdc = [ "kerberos.julian-mutter.de" ];
+        kdc = ["kerberos.julian-mutter.de"];
        admin_server = "kerberos-admin.julian-mutter.de";
        default_domain = "julian-mutter.de";
      };
--- a/hosts/common/optional/openssh.nix
+++ b/hosts/common/optional/openssh.nix
@ -3,11 +3,9 @@
  lib,
  config,
  ...
-}:
-let
+}: let
  hosts = lib.attrNames outputs.nixosConfigurations;
-in
-{
+in {
  services.openssh = {
    enable = true;
    settings = {
@ -48,5 +46,4 @@ in
  #       ]);
  #   });
  # };
-
 }
--- a/hosts/common/optional/pcmanfm.nix
+++ b/hosts/common/optional/pcmanfm.nix
@ -1,8 +1,4 @@
-{
-  pkgs,
-  ...
-}:
-{
+{pkgs, ...}: {
  environment.systemPackages = with pkgs; [
    shared-mime-info # extended mimetype support
    lxde.lxmenu-data # open with "Installed Applications"
--- a/hosts/common/optional/podman.nix
+++ b/hosts/common/optional/podman.nix
@ -1,8 +1,6 @@
-{ config, ... }:
-let
+{config, ...}: let
  dockerEnabled = config.virtualisation.docker.enable;
-in
-{
+in {
  virtualisation.podman = {
    enable = true;
    dockerCompat = !dockerEnabled;
--- a/hosts/common/optional/redshift.nix
+++ b/hosts/common/optional/redshift.nix
@ -3,10 +3,7 @@
  lib,
  pkgs,
  ...
-}:
-
-{
-
+}: {
  # Set location used by redshift
  location.provider = "manual";
  location.latitude = 47.92;
--- a/hosts/common/optional/remote-builder.nix
+++ b/hosts/common/optional/remote-builder.nix
@ -19,7 +19,7 @@
        "big-parallel"
        "kvm"
      ];
-      mandatoryFeatures = [ ];
+      mandatoryFeatures = [];
    }
    # {
    #   hostName = "localhost";
--- a/hosts/common/optional/thunar.nix
+++ b/hosts/common/optional/thunar.nix
@ -3,10 +3,7 @@
  lib,
  pkgs,
  ...
-}:
-
-{
-
+}: {
  programs.thunar.enable = true;
  programs.xfconf.enable = true; # Persist saved preferences
  programs.thunar.plugins = with pkgs.xfce; [
--- a/hosts/common/optional/virtualbox.nix
+++ b/hosts/common/optional/virtualbox.nix
@ -3,13 +3,10 @@
  lib,
  pkgs,
  ...
-}:
-
-{
-
+}: {
  virtualisation.virtualbox.host.enable = true;
  # virtualisation.virtualbox.host.enableExtensionPack = true;
  # virtualisation.virtualbox.guest.enable = true;
  # virtualisation.virtualbox.guest.x11 = true;
-  users.extraGroups.vboxusers.members = [ "julian" ];
+  users.extraGroups.vboxusers.members = ["julian"];
 }
--- a/hosts/common/users/julian/default.nix
+++ b/hosts/common/users/julian/default.nix
@ -3,11 +3,9 @@
  config,
  lib,
  ...
-}:
-let
+}: let
  ifTheyExist = groups: builtins.filter (group: builtins.hasAttr group config.users.groups) groups;
-in
-{
+in {
  users.mutableUsers = false;
  users.users.julian = {
    description = "Julian";
@ -31,7 +29,7 @@ in
      builtins.readFile ../../../../homes/julian/ssh.pub
    );
    hashedPasswordFile = config.sops.secrets.julian-password.path;
-    packages = [ pkgs.home-manager ];
+    packages = [pkgs.home-manager];
  };
  users.groups.julian = {
    gid = 1000;
@ -44,6 +42,5 @@ in

  home-manager.users.julian = import ../../../../homes/julian/${config.networking.hostName}.nix;

-  security.pam.services.swaylock = { }; # Make swaylock unlocking work
-
+  security.pam.services.swaylock = {}; # Make swaylock unlocking work
 }
--- a/hosts/kardorf/default.nix
+++ b/hosts/kardorf/default.nix
@ -1,8 +1,4 @@
-{
-  pkgs,
-  ...
-}:
-{
+{pkgs, ...}: {
  imports = [
    ./hardware-configuration.nix

@ -24,12 +20,12 @@
  networking.hostName = "kardorf";
  system.stateVersion = "22.11";

-  services.xserver.videoDrivers = [ "nvidia" ];
+  services.xserver.videoDrivers = ["nvidia"];

  programs.kdeconnect.enable = true;

  # Enable CUPS to print documents.
  services.printing.enable = true;
  services.printing.browsing = true;
-  services.printing.drivers = with pkgs; [ gutenprint ];
+  services.printing.drivers = with pkgs; [gutenprint];
 }
--- a/hosts/kardorf/hardware-configuration.nix
+++ b/hosts/kardorf/hardware-configuration.nix
@ -5,9 +5,7 @@
  config,
  lib,
  ...
-}:
-
-{
+}: {
  boot.initrd.availableKernelModules = [
    "ehci_pci"
    "ahci"
@ -17,9 +15,9 @@
    "sd_mod"
    "sr_mod"
  ];
-  boot.initrd.kernelModules = [ ];
-  boot.kernelModules = [ ];
-  boot.extraModulePackages = [ ];
+  boot.initrd.kernelModules = [];
+  boot.kernelModules = [];
+  boot.extraModulePackages = [];
  boot.loader.efi.efiSysMountPoint = "/boot/efi";

  fileSystems."/" = {
--- a/hosts/pianonix/default.nix
+++ b/hosts/pianonix/default.nix
@ -1,15 +1,13 @@
 # Edit this configuration file to define what should be installed on
 # your system.  Help is available in the configuration.nix(5) man page
 # and in the NixOS manual (accessible by running ‘nixos-help’).
-
 {
  lib,
  inputs,
  config,
  pkgs,
  ...
-}:
-{
+}: {
  imports = [
    inputs.nixos-hardware.nixosModules.raspberry-pi-4

@ -47,9 +45,9 @@
    sopsFile = ./vnc-passwd;
    format = "binary";
  };
-  sops.secrets."wifi/pianonix" = { };
-  sops.secrets."syncthing/pianonix/key" = { };
-  sops.secrets."syncthing/pianonix/cert" = { };
+  sops.secrets."wifi/pianonix" = {};
+  sops.secrets."syncthing/pianonix/key" = {};
+  sops.secrets."syncthing/pianonix/cert" = {};
  # sops.secrets."syncthing/public-keys/aspi-nix" = { };
  # sops.secrets."syncthing/public-keys/pianonix" = { };

@ -69,8 +67,8 @@

  systemd.services.x11vnc = {
    description = "Run x11vnc server";
-    after = [ "display-manager.service" ];
-    wantedBy = [ "multi-user.target" ];
+    after = ["display-manager.service"];
+    wantedBy = ["multi-user.target"];
    serviceConfig = {
      ExecStart = "${pkgs.x11vnc}/bin/x11vnc -rfbauth ${
        config.sops.secrets."vnc-passwd".path
--- a/hosts/pianonix/hardware-configuration.nix
+++ b/hosts/pianonix/hardware-configuration.nix
@ -7,22 +7,20 @@
  pkgs,
  modulesPath,
  ...
-}:
+}: {
+  imports = [(modulesPath + "/installer/scan/not-detected.nix")];

-{
-  imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
-
-  boot.initrd.availableKernelModules = [ "xhci_pci" ];
-  boot.initrd.kernelModules = [ ];
-  boot.kernelModules = [ ];
-  boot.extraModulePackages = [ ];
+  boot.initrd.availableKernelModules = ["xhci_pci"];
+  boot.initrd.kernelModules = [];
+  boot.kernelModules = [];
+  boot.extraModulePackages = [];

  fileSystems."/" = {
    device = "/dev/disk/by-uuid/44444444-4444-4444-8888-888888888888";
    fsType = "ext4";
  };

-  swapDevices = [ ];
+  swapDevices = [];

  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
  # (the default) this is the recommended approach. When using systemd-networkd it's