youthlic/nixos
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Reformat nix source file using nixfmt

Browse source
This commit is contained in:
ulic-youthlic 2025-07-13 06:04:55 +08:00
parent 2e4a532958
commit 9201969c1b
Signed by: youthlic
GPG key ID: 63E86C3C14A0D721
220 changed files with 3169 additions and 2487 deletions
Download patch file Download diff file Expand all files Collapse all files

11
nixos/configurations/Akun/default.nix
View file

@ -4,7 +4,8 @@
lib,
outputs,
...
}: {
}:
{
imports =
(with inputs.nixos-hardware.nixosModules; [
common-cpu-intel
@ -75,9 +76,13 @@
kernelPackages = pkgs.linuxPackages_cachyos;
loader.systemd-boot.enable = true;
loader.efi.canTouchEfiVariables = true;
kernelParams = ["i915.enable_guc=2"];
kernelParams = [ "i915.enable_guc=2" ];
};
nix = {
settings = {
system-features = [ "gccarch-skylake" ];
};
};
nix = {settings = {system-features = ["gccarch-skylake"];};};
hardware = {
graphics.package = pkgs.mesa_git;
intelgpu = {

2
nixos/configurations/Akun/disk-config.nix
View file

@ -49,7 +49,7 @@
];
content = {
type = "btrfs";
extraArgs = ["-f"];
extraArgs = [ "-f" ];
subvolumes = {
"@root" = {
mountpoint = "/";

3
nixos/configurations/Akun/gui.nix
View file

@ -1,4 +1,5 @@
{...}: {
{ ... }:
{
youthlic.gui = {
enabled = "niri";
};

18
nixos/configurations/Akun/hardware-configuration.nix
View file

@ -7,15 +7,23 @@
pkgs,
modulesPath,
...
}: {
}:
{
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod"];
boot.initrd.kernelModules = [];
boot.kernelModules = [];
boot.extraModulePackages = [];
boot.initrd.availableKernelModules = [
"xhci_pci"
"ahci"
"nvme"
"usbhid"
"usb_storage"
"sd_mod"
];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

3
nixos/configurations/Akun/networking.nix
View file

@ -1,4 +1,5 @@
{...}: {
{ ... }:
{
systemd.network = {
enable = true;
wait-online.enable = false;

3
nixos/configurations/Akun/stylix.nix
View file

@ -2,7 +2,8 @@
pkgs,
rootPath,
...
}: {
}:
{
stylix = {
enable = true;
image = rootPath + "/assets/wallpaper/01.png";

3
nixos/configurations/Akun/users/default.nix
View file

@ -2,7 +2,8 @@
lib,
pkgs,
...
}: {
}:
{
users = {
mutableUsers = true;
users.david = {

14
nixos/configurations/Cape/default.nix
View file

@ -3,12 +3,12 @@
lib,
outputs,
...
}: {
imports =
[
outputs.nixosModules.default
]
++ (lib.youthlic.loadImports ./.);
}:
{
imports = [
outputs.nixosModules.default
]
++ (lib.youthlic.loadImports ./.);
youthlic = {
home-manager = {
@ -68,7 +68,7 @@
};
nix = {
settings = {
system-features = ["gccarch-ivybridge"];
system-features = [ "gccarch-ivybridge" ];
};
};

2
nixos/configurations/Cape/disko-config.nix
View file

@ -15,7 +15,7 @@
size = "100%";
content = {
type = "btrfs";
extraArgs = ["-f"];
extraArgs = [ "-f" ];
subvolumes = {
"@root" = {
mountpoint = "/";

5
nixos/configurations/Cape/forgejo.nix
View file

@ -1,11 +1,12 @@
{config, ...}: {
{ config, ... }:
{
youthlic.containers.forgejo = {
enable = true;
domain = "forgejo.youthlic.social";
sshPort = 2222;
httpPort = 8480;
};
networking.firewall.allowedTCPPorts = [2222];
networking.firewall.allowedTCPPorts = [ 2222 ];
services.caddy.virtualHosts = {
"forgejo.${config.youthlic.programs.caddy.baseDomain}" = {
extraConfig = ''

17
nixos/configurations/Cape/hardware-configuration.nix
View file

@ -7,15 +7,22 @@
pkgs,
modulesPath,
...
}: {
}:
{
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
boot.initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "virtio_pci" "sr_mod" "virtio_blk"];
boot.initrd.kernelModules = [];
boot.kernelModules = [];
boot.extraModulePackages = [];
boot.initrd.availableKernelModules = [
"ata_piix"
"uhci_hcd"
"virtio_pci"
"sr_mod"
"virtio_blk"
];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

3
nixos/configurations/Cape/miniflux.nix
View file

@ -1,4 +1,5 @@
{config, ...}: {
{ config, ... }:
{
sops.secrets."miniflux" = {
};
youthlic.containers.miniflux = {

3
nixos/configurations/Cape/networking.nix
View file

@ -1,4 +1,5 @@
{...}: {
{ ... }:
{
systemd.network = {
enable = true;
wait-online.enable = true;

5
nixos/configurations/Cape/radicle.nix
View file

@ -1,5 +1,6 @@
{config, ...}: {
sops.secrets."ssh-private-key/radicle/Cape" = {};
{ config, ... }:
{
sops.secrets."ssh-private-key/radicle/Cape" = { };
youthlic.programs.radicle = {
enable = true;
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBbQrJNWcWsFncTX4w/hkhz6zPNwHrTjA+6lnq5dmu/s radicle";

3
nixos/configurations/Cape/stylix.nix
View file

@ -1,4 +1,5 @@
{...}: {
{ ... }:
{
stylix = {
enable = false;
};

3
nixos/configurations/Cape/users/default.nix
View file

@ -1,4 +1,5 @@
{pkgs, ...}: {
{ pkgs, ... }:
{
users.users.alice = {
initialHashedPassword = "$y$j9T$eS5zCi4W.4IPpf3P8Tb/o1$xhumXY1.PJKmTguNi/zlljLbLemNGiubWoUEc878S36";
isNormalUser = true;

5
nixos/configurations/Tytonidae/default.nix
View file

@ -4,7 +4,8 @@
inputs,
outputs,
...
}: {
}:
{
imports =
(with inputs.nixos-hardware.nixosModules; [
common-hidpi
@ -17,7 +18,7 @@
++ (with outputs; [
nixosModules.gui
])
++ [inputs.lanzaboote.nixosModules.lanzaboote]
++ [ inputs.lanzaboote.nixosModules.lanzaboote ]
++ (lib.youthlic.loadImports ./.);
youthlic = {

3
nixos/configurations/Tytonidae/disk-config.nix
View file

@ -1,4 +1,5 @@
{...}: {
{ ... }:
{
disko.devices = {
disk = {
disk1 = {

3
nixos/configurations/Tytonidae/gui.nix
View file

@ -1,4 +1,5 @@
{...}: {
{ ... }:
{
youthlic.gui = {
enabled = "niri";
};

17
nixos/configurations/Tytonidae/hardware-configuration.nix
View file

@ -7,15 +7,22 @@
pkgs,
modulesPath,
...
}: {
}:
{
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = ["xhci_pci" "thunderbolt" "nvme" "usb_storage" "sd_mod"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = [];
boot.initrd.availableKernelModules = [
"xhci_pci"
"thunderbolt"
"nvme"
"usb_storage"
"sd_mod"
];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

72
nixos/configurations/Tytonidae/hardware.nix
View file

@ -3,7 +3,8 @@
lib,
config,
...
}: {
}:
{
nixpkgs.config.cudaSupport = true;
services = {
hardware.bolt.enable = true;
@ -13,11 +14,15 @@
enableUdevRules = true;
};
};
nix = {settings = {system-features = ["gccarch-alderlake"];};};
nix = {
settings = {
system-features = [ "gccarch-alderlake" ];
};
};
hardware = {
openrazer = {
enable = true;
users = ["david"];
users = [ "david" ];
};
graphics.package = pkgs.mesa_git;
intelgpu = {
@ -35,8 +40,12 @@
};
};
boot = {
extraModulePackages = with config.boot.kernelPackages; [ddcci-driver];
kernelModules = ["ddcci" "ddcci-backlight" "i2c-dev"];
extraModulePackages = with config.boot.kernelPackages; [ ddcci-driver ];
kernelModules = [
"ddcci"
"ddcci-backlight"
"i2c-dev"
];
binfmt = {
emulatedSystems = [
"aarch64-linux"
@ -47,33 +56,38 @@
};
systemd.services."ddcci@" = {
description = "ddcci handler";
after = ["graphical.target"];
before = ["shutdown.target"];
conflicts = ["shutdown.target"];
after = [ "graphical.target" ];
before = [ "shutdown.target" ];
conflicts = [ "shutdown.target" ];
serviceConfig = {
Type = "oneshot";
ExecStart = let
script = pkgs.writeShellApplication {
name = "ddcci-handler";
runtimeInputs = with pkgs; [coreutils ddcutil];
text = ''
echo Trying to attach ddcci to "$1"
success=0
i=0
id=$(echo "$1" | cut -d "-" -f 2)
while ((success < 1)) && ((i++ < 5)); do
if ddcutil getvcp 10 -b "$id"; then
if echo ddcci 0x37 > "/sys/bus/i2c/devices/$1/new_device"; then
success=1
echo ddcci attached to "$1"
ExecStart =
let
script = pkgs.writeShellApplication {
name = "ddcci-handler";
runtimeInputs = with pkgs; [
coreutils
ddcutil
];
text = ''
echo Trying to attach ddcci to "$1"
success=0
i=0
id=$(echo "$1" | cut -d "-" -f 2)
while ((success < 1)) && ((i++ < 5)); do
if ddcutil getvcp 10 -b "$id"; then
if echo ddcci 0x37 > "/sys/bus/i2c/devices/$1/new_device"; then
success=1
echo ddcci attached to "$1"
fi
fi
fi
echo "Try $i"
sleep 1;
done
'';
};
in "${lib.getExe' script "ddcci-handler"} %i";
echo "Try $i"
sleep 1;
done
'';
};
in
"${lib.getExe' script "ddcci-handler"} %i";
};
};
services.udev.extraRules = ''

3
nixos/configurations/Tytonidae/networking.nix
View file

@ -1,4 +1,5 @@
{...}: {
{ ... }:
{
systemd.network = {
enable = true;
wait-online.enable = false;

3
nixos/configurations/Tytonidae/specialisation/kde.nix
View file

@ -1,4 +1,5 @@
{lib, ...}: {
{ lib, ... }:
{
config.specialisation.kde = {
inheritParentConfig = true;
configuration = {

8
nixos/configurations/Tytonidae/specialisation/niri-hybrid.nix
View file

@ -2,7 +2,8 @@
inputs,
lib,
...
}: let
}:
let
extraConfig = ''
output "DP-1" {
mode "2560x1440@169.900"
@ -22,11 +23,12 @@
open-on-output "DP-1"
}
'';
in {
in
{
config.specialisation.niri-hybrid = {
inheritParentConfig = true;
configuration = {
imports = [inputs.nixos-hardware.nixosModules.common-gpu-nvidia];
imports = [ inputs.nixos-hardware.nixosModules.common-gpu-nvidia ];
youthlic.gui.niri.extraConfig = lib.mkForce extraConfig;
hardware.nvidia.prime.reverseSync.enable = lib.mkForce false;
};

3
nixos/configurations/Tytonidae/stylix.nix
View file

@ -2,7 +2,8 @@
pkgs,
rootPath,
...
}: {
}:
{
stylix = {
enable = true;
image = rootPath + "/assets/wallpaper/01.png";

3
nixos/configurations/Tytonidae/users/default.nix
View file

@ -2,7 +2,8 @@
lib,
pkgs,
...
}: {
}:
{
users.users.david = {
initialHashedPassword = "$y$j9T$eS5zCi4W.4IPpf3P8Tb/o1$xhumXY1.PJKmTguNi/zlljLbLemNGiubWoUEc878S36";
isNormalUser = true;

6
nixos/modules/containers/default.nix
View file

@ -2,9 +2,11 @@
config,
lib,
...
}: let
}:
let
cfg = config.youthlic.containers;
in {
in
{
imports = lib.youthlic.loadImports ./.;
options = {
youthlic.containers = {

104
nixos/modules/containers/forgejo.nix
View file

@ -3,9 +3,11 @@
config,
lib,
...
}: let
}:
let
cfg = config.youthlic.containers.forgejo;
in {
in
{
options = {
youthlic.containers.forgejo = {
enable = lib.mkEnableOption "forgejo container";
@ -54,62 +56,64 @@ in {
}
];
config = {lib, ...}: {
imports = [
./../programs/forgejo.nix
./../programs/postgresql.nix
];
config =
{ lib, ... }:
{
imports = [
./../programs/forgejo.nix
./../programs/postgresql.nix
];
nixpkgs.pkgs = pkgs;
nixpkgs.pkgs = pkgs;
systemd.tmpfiles.rules = [
"d /var/lib/forgejo 770 forgejo forgejo -"
"d /var/lib/postgresql 770 postgres postgres -"
];
systemd.tmpfiles.rules = [
"d /var/lib/forgejo 770 forgejo forgejo -"
"d /var/lib/postgresql 770 postgres postgres -"
];
youthlic.programs = {
forgejo = {
enable = true;
domain = cfg.domain;
sshPort = cfg.sshPort;
httpPort = cfg.httpPort;
database = {
user = "forgejo";
youthlic.programs = {
forgejo = {
enable = true;
domain = cfg.domain;
sshPort = cfg.sshPort;
httpPort = cfg.httpPort;
database = {
user = "forgejo";
};
};
postgresql = {
enable = true;
database = "forgejo";
auth_method = "peer";
version = "17";
};
};
postgresql = {
enable = true;
database = "forgejo";
auth_method = "peer";
version = "17";
};
};
systemd.services.forgejo = {
wants = ["postgresql.service"];
requires = ["postgresql.service"];
after = ["postgresql.service"];
wantedBy = ["default.target"];
};
networking = {
defaultGateway = "192.168.111.1";
firewall = {
enable = true;
allowedTCPPorts = [
cfg.httpPort
cfg.sshPort
];
allowedUDPPorts = [
cfg.httpPort
cfg.sshPort
];
systemd.services.forgejo = {
wants = [ "postgresql.service" ];
requires = [ "postgresql.service" ];
after = [ "postgresql.service" ];
wantedBy = [ "default.target" ];
};
useHostResolvConf = lib.mkForce false;
networking = {
defaultGateway = "192.168.111.1";
firewall = {
enable = true;
allowedTCPPorts = [
cfg.httpPort
cfg.sshPort
];
allowedUDPPorts = [
cfg.httpPort
cfg.sshPort
];
};
useHostResolvConf = lib.mkForce false;
};
services.resolved.enable = true;
system.stateVersion = "24.11";
};
services.resolved.enable = true;
system.stateVersion = "24.11";
};
};
};
}

90
nixos/modules/containers/miniflux.nix
View file

@ -3,9 +3,11 @@
config,
lib,
...
}: let
}:
let
cfg = config.youthlic.containers.miniflux;
in {
in
{
options = {
youthlic.containers.miniflux = {
enable = lib.mkEnableOption "miniflux container";
@ -36,55 +38,57 @@ in {
};
};
config = {lib, ...}: {
imports = [
./../programs/miniflux.nix
./../programs/postgresql.nix
];
config =
{ lib, ... }:
{
imports = [
./../programs/miniflux.nix
./../programs/postgresql.nix
];
nixpkgs.pkgs = pkgs;
nixpkgs.pkgs = pkgs;
systemd.tmpfiles.rules = [
"d /var/lib/miniflux 770 miniflux miniflux -"
"d /var/lib/postgresql 770 postgres postgres -"
"d /run/secrets 770 root miniflux -"
];
systemd.tmpfiles.rules = [
"d /var/lib/miniflux 770 miniflux miniflux -"
"d /var/lib/postgresql 770 postgres postgres -"
"d /run/secrets 770 root miniflux -"
];
youthlic.programs = {
miniflux = {
enable = true;
database = {
user = "miniflux";
youthlic.programs = {
miniflux = {
enable = true;
database = {
user = "miniflux";
};
adminCredentialsFile = cfg.adminCredentialsFile;
};
postgresql = {
enable = true;
database = "miniflux";
auth_method = "peer";
version = "17";
};
adminCredentialsFile = cfg.adminCredentialsFile;
};
postgresql = {
enable = true;
database = "miniflux";
auth_method = "peer";
version = "17";
};
};
systemd.services.miniflux = {
wants = ["postgresql.service"];
requires = ["postgresql.service"];
after = ["postgresql.service"];
wantedBy = ["default.target"];
};
networking = {
defaultGateway = "192.168.111.1";
firewall = {
enable = true;
allowedTCPPorts = [8485];
allowedUDPPorts = [8485];
systemd.services.miniflux = {
wants = [ "postgresql.service" ];
requires = [ "postgresql.service" ];
after = [ "postgresql.service" ];
wantedBy = [ "default.target" ];
};
useHostResolvConf = lib.mkForce false;
networking = {
defaultGateway = "192.168.111.1";
firewall = {
enable = true;
allowedTCPPorts = [ 8485 ];
allowedUDPPorts = [ 8485 ];
};
useHostResolvConf = lib.mkForce false;
};
services.resolved.enable = true;
system.stateVersion = "24.11";
};
services.resolved.enable = true;
system.stateVersion = "24.11";
};
};
};
}

7
nixos/modules/default.nix
View file

@ -1,3 +1,6 @@
{lib, ...}: {
imports = with lib; youthlic.loadImports' ./. (filter (name: !hasSuffix "/top-level" (toString name)));
{ lib, ... }:
{
imports =
with lib;
youthlic.loadImports' ./. (filter (name: !hasSuffix "/top-level" (toString name)));
}

6
nixos/modules/deploy/default.nix
View file

@ -2,9 +2,11 @@
config,
lib,
...
}: let
}:
let
cfg = config.youthlic.users.deploy;
in {
in
{
options = {
youthlic.users.deploy = {
enable = lib.mkEnableOption "deploy";

202
nixos/modules/documentation.nix
View file

@ -6,119 +6,125 @@
}:
lib.mkMerge [
{
environment.systemPackages = with pkgs; [man-pages man-pages-posix];
environment.systemPackages = with pkgs; [
man-pages
man-pages-posix
];
documentation = {
info.enable = true;
nixos.enable = false;
dev.enable = true;
};
}
(let
inherit (pkgs.writers) writeFish;
cfg = config.documentation.man.man-db;
cachePath = "/var/cache/man/nixos";
in {
documentation.man.generateCaches = false;
(
let
inherit (pkgs.writers) writeFish;
cfg = config.documentation.man.man-db;
cachePath = "/var/cache/man/nixos";
in
{
documentation.man.generateCaches = false;
systemd.services."man-db" = {
requires = ["sysinit-reactivation.target"];
after = ["sysinit-reactivation.target"];
partOf = ["sysinit-reactivation.target"];
wantedBy = ["default.target"];
path = [
cfg.package
pkgs.gawk
];
systemd.services."man-db" = {
requires = [ "sysinit-reactivation.target" ];
after = [ "sysinit-reactivation.target" ];
partOf = [ "sysinit-reactivation.target" ];
wantedBy = [ "default.target" ];
path = [
cfg.package
pkgs.gawk
];
serviceConfig = {
Nice = 19;
IOSchedulingClass = "idle";
IOSchedulingPrioriry = 7;
ExecStart =
writeFish "mandbsvc" # fish
''
set -l SystemManLoc "/run/current-system/sw/share/man"
set -l ContentRecord "${cachePath}/man-db-state"
serviceConfig = {
Nice = 19;
IOSchedulingClass = "idle";
IOSchedulingPrioriry = 7;
ExecStart =
writeFish "mandbsvc" # fish
if [ ! -d "${cachePath}" ]
mkdir -pv "${cachePath}" || exit 1
end
''
set -l SystemManLoc "/run/current-system/sw/share/man"
set -l ContentRecord "${cachePath}/man-db-state"
if [ ! -f "$ContentRecord" ]
touch "$ContentRecord" || exit 1
end
# 1) Collect list of all manpage files and calculate hashes
# of them
#
# man1/ls.1.gz
# man3/func.3.gz
#
# hash ->
#
# bbbbbbbbbbbb (man1/ls.1.gz)
# aaaaaaaaaaaa (man3/func.3.gz)
set -l hashes "$(
find -L "$SystemManLoc" -type f -iname "*.gz" \
-exec sha256sum "{}" "+" \
| awk '{ print $1 }'
or exit 1
)"
if [ ! -d "${cachePath}" ]
mkdir -pv "${cachePath}" || exit 1
end
# 2) Sort the hashes to make them "stable",
# and then join them toghther into a big long string,
# and then hash this big string to get the hash of the directory
#
# bbbbbbbbbbbb
# aaaaaaaaaaaa
#
# sort ->
#
# aaaaaaaaaaaa
# bbbbbbbbbbbb
#
# join ->
#
# aaaaaaaaaaaabbbbbbbbbbbb
#
# hash ->
#
# cccccccccccc
set -l ultimate_hash (
echo $hashes \
| sort \
| string join "" \
| sha256sum - \
| awk '{ print $1 }'
or exit 1
)
if [ ! -f "$ContentRecord" ]
touch "$ContentRecord" || exit 1
end
# 1) Collect list of all manpage files and calculate hashes
# of them
#
# man1/ls.1.gz
# man3/func.3.gz
#
# hash ->
#
# bbbbbbbbbbbb (man1/ls.1.gz)
# aaaaaaaaaaaa (man3/func.3.gz)
set -l hashes "$(
find -L "$SystemManLoc" -type f -iname "*.gz" \
-exec sha256sum "{}" "+" \
| awk '{ print $1 }'
or exit 1
)"
set -l old_hash "$( string collect < "$ContentRecord" )"
# 2) Sort the hashes to make them "stable",
# and then join them toghther into a big long string,
# and then hash this big string to get the hash of the directory
#
# bbbbbbbbbbbb
# aaaaaaaaaaaa
#
# sort ->
#
# aaaaaaaaaaaa
# bbbbbbbbbbbb
#
# join ->
#
# aaaaaaaaaaaabbbbbbbbbbbb
#
# hash ->
#
# cccccccccccc
set -l ultimate_hash (
echo $hashes \
| sort \
| string join "" \
| sha256sum - \
| awk '{ print $1 }'
or exit 1
)
echo "Old hash: $old_hash"
echo "New hash: $ultimate_hash"
set -l old_hash "$( string collect < "$ContentRecord" )"
if [ "$old_hash" != "$ultimate_hash" ]
echo "Hash changed, do a full man-db rebuild"
mandb -psc || exit 1
echo "Write new hash"
echo "$ultimate_hash" > "$ContentRecord"
else
echo "Hash not changed, skip"
end
'';
echo "Old hash: $old_hash"
echo "New hash: $ultimate_hash"
if [ "$old_hash" != "$ultimate_hash" ]
echo "Hash changed, do a full man-db rebuild"
mandb -psc || exit 1
echo "Write new hash"
echo "$ultimate_hash" > "$ContentRecord"
else
echo "Hash not changed, skip"
end
'';
};
};
};
environment.extraSetup =
# bash
''
find "$out/share/man" \
-mindepth 1 -maxdepth 1 \
-not -name "man[1-8]" \
-exec rm -r "{}" ";"
environment.extraSetup =
# bash
''
find "$out/share/man" \
-mindepth 1 -maxdepth 1 \
-not -name "man[1-8]" \
-exec rm -r "{}" ";"
rm -r "$out/share/man/man3"
'';
})
rm -r "$out/share/man/man3"
'';
}
)
]

6
nixos/modules/gui/cosmic.nix
View file

@ -2,9 +2,11 @@
config,
lib,
...
}: let
}:
let
cfg = config.youthlic.gui;
in {
in
{
config = lib.mkIf (cfg.enabled == "cosmic") {
# Enable the X11 windowing system.
# You can disable this if you're only using the Wayland session.

6
nixos/modules/gui/default.nix
View file

@ -3,9 +3,11 @@
lib,
pkgs,
...
}: let
}:
let
cfg = config.youthlic.gui;
in {
in
{
imports = with lib; youthlic.loadImports ./.;
options = {
youthlic.gui = {

6
nixos/modules/gui/kde.nix
View file

@ -2,9 +2,11 @@
config,
lib,
...
}: let
}:
let
cfg = config.youthlic.gui;
in {
in
{
config = lib.mkIf (cfg.enabled == "kde") {
services = {
desktopManager.plasma6.enable = true;

16
nixos/modules/gui/niri.nix
View file

@ -3,9 +3,11 @@
lib,
pkgs,
...
}: let
}:
let
cfg = config.youthlic.gui;
in {
in
{
options = {
youthlic.gui.niri = {
};
@ -27,7 +29,7 @@ in {
terminal-exec = {
enable = true;
settings = {
default = ["Alacritty.desktop"];
default = [ "Alacritty.desktop" ];
};
};
mime = {
@ -59,7 +61,7 @@ in {
"firefox.desktop"
"chromium-browser.desktop"
];
"x-scheme-handler/tg" = ["telegramdesktop.desktop"];
"x-scheme-handler/tg" = [ "telegramdesktop.desktop" ];
"x-scheme-handler/unknown" = [
"firefox.desktop"
"chromium-browser.desktop"
@ -97,7 +99,11 @@ in {
programs = {
regreet = {
enable = true;
cageArgs = ["-s" "-m" "last"];
cageArgs = [
"-s"
"-m"
"last"
];
};
niri = {
enable = true;

6
nixos/modules/hardware.nix
View file

@ -2,9 +2,11 @@
config,
lib,
...
}: let
}:
let
cfg = config.youthlic.hardware;
in {
in
{
options = {
youthlic.hardware = {
asus = {

19
nixos/modules/home.nix
View file

@ -6,7 +6,8 @@
pkgs,
rootPath,
...
}: {
}:
{
options.youthlic.home-manager = {
enable = lib.mkOption {
type = lib.types.bool;
@ -32,17 +33,19 @@
'';
};
};
config = let
cfg = config.youthlic.home-manager;
unixName = cfg.unixName;
hostName = cfg.hostName;
in
config =
let
cfg = config.youthlic.home-manager;
unixName = cfg.unixName;
hostName = cfg.hostName;
in
lib.mkIf cfg.enable {
home-manager = {
useGlobalPkgs = true;
useUserPackages = true;
users."${cfg.unixName}" = (
{...}: {
{ ... }:
{
imports = [
outputs.homeModules."${unixName}"
(rootPath + "/home/${unixName}/configurations/${hostName}")
@ -55,7 +58,7 @@
inherit (pkgs) system;
};
backupFileExtension = "backup";
sharedModules = [outputs.homeModules.default];
sharedModules = [ outputs.homeModules.default ];
};
};
}

6
nixos/modules/i18n.nix
View file

@ -3,9 +3,11 @@
lib,
config,
...
}: let
}:
let
cfg = config.youthlic.i18n;
in {
in
{
options = {
youthlic.i18n = {
enable = lib.mkEnableOption "zh env";

39
nixos/modules/nix.nix
View file

@ -5,18 +5,22 @@
pkgs,
lib,
...
}: {
}:
{
config = {
environment.etc =
inputs
|> lib.mapAttrs' (name: value:
|> lib.mapAttrs' (
name: value:
lib.nameValuePair "nix/inputs/${name}" {
source = value;
});
}
);
nixpkgs = {
config = {
allowUnfree = true;
allowInsecurePredicate = p:
allowInsecurePredicate =
p:
builtins.elem (lib.getName p) [
# for fluffychat and neochat
"olm"
@ -29,7 +33,7 @@
mode = "0444";
};
nix = {
nixPath = ["/etc/nix/inputs"];
nixPath = [ "/etc/nix/inputs" ];
extraOptions = ''
!include ${config.sops.secrets."access-tokens".path}
'';
@ -44,13 +48,12 @@
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
];
auto-optimise-store = lib.mkDefault true;
experimental-features =
[
"nix-command"
"flakes"
]
++ (lib.optional config.lix.enable "pipe-operator")
++ (lib.optional (!config.lix.enable) "pipe-operators");
experimental-features = [
"nix-command"
"flakes"
]
++ (lib.optional config.lix.enable "pipe-operator")
++ (lib.optional (!config.lix.enable) "pipe-operators");
warn-dirty = false;
system-features = [
"kvm"
@ -63,11 +66,13 @@
registry =
inputs
|> lib.filterAttrs (name: _value: name != "nixpkgs")
|> lib.mapAttrs (_name: value: {
flake = lib.mkForce {
outPath = value;
};
});
|> lib.mapAttrs (
_name: value: {
flake = lib.mkForce {
outPath = value;
};
}
);
};
};
}

6
nixos/modules/programs/asusd.nix
View file

@ -2,9 +2,11 @@
config,
lib,
...
}: let
}:
let
cfg = config.youthlic.programs.asusd;
in {
in
{
options = {
youthlic.programs.asusd = {
enable = lib.mkEnableOption "asusd";

6
nixos/modules/programs/bash.nix
View file

@ -2,9 +2,11 @@
config,
lib,
...
}: let
}:
let
cfg = config.youthlic.programs.bash;
in {
in
{
options = {
youthlic.programs.bash = {
enable = lib.mkEnableOption "bash";

6
nixos/modules/programs/caddy/OuterWildsTextAdventure.nix
View file

@ -3,10 +3,12 @@
lib,
pkgs,
...
}: let
}:
let
cfg = config.youthlic.programs.caddy.outer-wilds-text-adventure;
caddy-cfg = config.youthlic.programs.caddy;
in {
in
{
options = {
youthlic.programs.caddy.outer-wilds-text-adventure = {
enable = lib.mkEnableOption "caddy.OuterWildsTextAdventure";

8
nixos/modules/programs/caddy/default.nix
View file

@ -2,9 +2,11 @@
lib,
config,
...
}: let
}:
let
cfg = config.youthlic.programs.caddy;
in {
in
{
imports = lib.youthlic.loadImports ./.;
options = {
youthlic.programs.caddy = {
@ -20,7 +22,7 @@ in {
enable = true;
};
networking.firewall = {
allowedTCPPorts = [443];
allowedTCPPorts = [ 443 ];
};
};
}

6
nixos/modules/programs/caddy/garage.nix
View file

@ -2,10 +2,12 @@
config,
lib,
...
}: let
}:
let
cfg = config.youthlic.programs.caddy.garage;
caddy-cfg = config.youthlic.programs.caddy;
in {
in
{
options = {
youthlic.programs.caddy.garage = {
enable = lib.mkEnableOption "caddy.garage";

6
nixos/modules/programs/caddy/radicle-explorer.nix
View file

@ -3,10 +3,12 @@
lib,
pkgs,
...
}: let
}:
let
cfg = config.youthlic.programs.caddy.radicle-explorer;
caddy-cfg = config.youthlic.programs.caddy;
in {
in
{
options = {
youthlic.programs.caddy.radicle-explorer = {
enable = lib.mkEnableOption "caddy.radicle-explorer";

184
nixos/modules/programs/dae/default.nix
View file

@ -4,9 +4,11 @@
pkgs,
lib,
...
}: let
}:
let
cfg = config.youthlic.programs.dae;
in {
in
{
options = {
youthlic.programs.dae = {
enable = lib.mkEnableOption "dae";
@ -28,100 +30,102 @@ in {
mode = "0444";
sopsFile = rootPath + "/secrets/general.yaml";
};
systemd.services = let
update = ''
head="user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36"
new_proxy=/etc/dae/proxy.d.new
num=0
check=1
urls="$(cat ${config.sops.secrets.url.path})"
mkdir -p ''${new_proxy}
for url in ''${urls}; do
txt=''${new_proxy}/''${num}.txt
config="''${new_proxy}/''${num}.dae"
echo \'curl -LH \""''${head}"\" \""''${url}"\" -o \""''${txt}"\"\'
curl -LH "''${head}" "''${url}" -o "''${txt}"
echo End curl
echo "" > ''${config}
{
echo 'subscription {'
echo \ \ wget:\ \"file://proxy.d/''${num}.txt\"
echo "}"
} >> ''${config}
if [[ ! -s ''${txt} ]]; then
check=0
fi
chmod 0640 ''${txt}
chmod 0640 ''${config}
num=$((num+1))
systemd.services =
let
update = ''
head="user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36"
new_proxy=/etc/dae/proxy.d.new
num=0
check=1
urls="$(cat ${config.sops.secrets.url.path})"
mkdir -p ''${new_proxy}
for url in ''${urls}; do
txt=''${new_proxy}/''${num}.txt
config="''${new_proxy}/''${num}.dae"
echo \'curl -LH \""''${head}"\" \""''${url}"\" -o \""''${txt}"\"\'
curl -LH "''${head}" "''${url}" -o "''${txt}"
echo End curl
echo "" > ''${config}
{
echo 'subscription {'
echo \ \ wget:\ \"file://proxy.d/''${num}.txt\"
echo "}"
} >> ''${config}
if [[ ! -s ''${txt} ]]; then
check=0
fi
chmod 0640 ''${txt}
chmod 0640 ''${config}
num=$((num+1))
if [[ ''${check} -eq 0 ]]; then
echo "''${txt}" is empty
exit 103
if [[ ''${check} -eq 0 ]]; then
echo "''${txt}" is empty
exit 103
fi
done
if [[ -d /etc/dae/proxy.d ]]; then
rm -rf /etc/proxy.d.old
mv /etc/dae/proxy.d /etc/dae/proxy.d.old
fi
done
if [[ -d /etc/dae/proxy.d ]]; then
rm -rf /etc/proxy.d.old
mv /etc/dae/proxy.d /etc/dae/proxy.d.old
fi
mv ''${new_proxy} /etc/dae/proxy.d
'';
updateScript = pkgs.writeShellApplication {
name = "update.sh";
runtimeInputs = with pkgs; [
coreutils
curl
];
text = ''
mkdir -p /etc/proxy.d
if [ -z "$(ls -A /etc/dae/proxy.d 2>/dev/null)" ]; then
echo "No subscription file found in /etc/dae/proxy.d. Update now..."
mv ''${new_proxy} /etc/dae/proxy.d
'';
updateScript = pkgs.writeShellApplication {
name = "update.sh";
runtimeInputs = with pkgs; [
coreutils
curl
];
text = ''
mkdir -p /etc/proxy.d
if [ -z "$(ls -A /etc/dae/proxy.d 2>/dev/null)" ]; then
echo "No subscription file found in /etc/dae/proxy.d. Update now..."
${update}
else
echo "Found existing subscription files. Skipping immediate update."
fi
'';
};
updateForceScript = pkgs.writeShellApplication {
name = "update-force.sh";
runtimeInputs = with pkgs; [
coreutils
curl
];
text = ''
${update}
else
echo "Found existing subscription files. Skipping immediate update."
fi
'';
};
updateForceScript = pkgs.writeShellApplication {
name = "update-force.sh";
runtimeInputs = with pkgs; [
coreutils
curl
];
text = ''
${update}
'';
};
in {
"update-dae-subscription-immediate" = {
after = ["network-online.target"];
wants = ["network-online.target"];
before = ["dae.service"];
serviceConfig = {
Type = "oneshot";
User = "root";
ExecStart = [
"${updateScript}/bin/update.sh"
];
'';
};
wantedBy = ["multi-user.target"];
};
"update-dae-subscription-force" = {
serviceConfig = {
Type = "oneshot";
User = "root";
ExecStartPre = [
"-${pkgs.systemd}/bin/systemctl stop dae.service"
];
ExecStartPost = [
"-${pkgs.systemd}/bin/systemctl start dae.service"
];
ExecStart = [
"${updateForceScript}/bin/update-force.sh"
];
in
{
"update-dae-subscription-immediate" = {
after = [ "network-online.target" ];
wants = [ "network-online.target" ];
before = [ "dae.service" ];
serviceConfig = {
Type = "oneshot";
User = "root";
ExecStart = [
"${updateScript}/bin/update.sh"
];
};
wantedBy = [ "multi-user.target" ];
};
"update-dae-subscription-force" = {
serviceConfig = {
Type = "oneshot";
User = "root";
ExecStartPre = [
"-${pkgs.systemd}/bin/systemctl stop dae.service"
];
ExecStartPost = [
"-${pkgs.systemd}/bin/systemctl start dae.service"
];
ExecStart = [
"${updateForceScript}/bin/update-force.sh"
];
};
};
};
};
})
(lib.mkIf (cfg.enable && config.youthlic.programs.juicity.client.enable) {
environment.etc."dae/local.d/0.dae" = {

16
nixos/modules/programs/emacs.nix
View file

@ -3,9 +3,11 @@
lib,
pkgs,
...
}: let
}:
let
cfg = config.youthlic.programs.emacs;
in {
in
{
options = {
youthlic.programs.emacs = {
enable = lib.mkEnableOption "emacs";
@ -15,13 +17,15 @@ in {
services.emacs = {
enable = true;
install = true;
package = with pkgs;
(emacsPackagesFor emacs-pgtk).emacsWithPackages (p:
with p; [
package =
with pkgs;
(emacsPackagesFor emacs-pgtk).emacsWithPackages (
p: with p; [
vterm
evil
gruvbox-theme
]);
]
);
};
};
}

22
nixos/modules/programs/forgejo.nix
View file

@ -3,9 +3,11 @@
config,
lib,
...
}: let
}:
let
cfg = config.youthlic.programs.forgejo;
in {
in
{
options = {
youthlic.programs.forgejo = {
enable = lib.mkEnableOption "forgejo";
@ -90,15 +92,15 @@ in {
let
caddy-cfg = config.youthlic.programs.caddy;
in
lib.mkIf (cfg.enable && caddy-cfg.enable) {
services.caddy.virtualHosts = {
"forgejo.${caddy-cfg.baseDomain}" = {
extraConfig = ''
reverse_proxy 127.0.0.1:${cfg.httpPort}
'';
};
lib.mkIf (cfg.enable && caddy-cfg.enable) {
services.caddy.virtualHosts = {
"forgejo.${caddy-cfg.baseDomain}" = {
extraConfig = ''
reverse_proxy 127.0.0.1:${cfg.httpPort}
'';
};
}
};
}
)
];
}

6
nixos/modules/programs/garage.nix
View file

@ -3,9 +3,11 @@
lib,
config,
...
}: let
}:
let
cfg = config.youthlic.programs.garage;
in {
in
{
options = {
youthlic.programs.garage = {
enable = lib.mkEnableOption "garage";

6
nixos/modules/programs/guix.nix
View file

@ -2,9 +2,11 @@
lib,
config,
...
}: let
}:
let
cfg = config.youthlic.programs.guix;
in {
in
{
options = {
youthlic.programs.guix = {
enable = lib.mkEnableOption "guix";

20
nixos/modules/programs/juicity/default.nix
View file

@ -3,9 +3,11 @@
lib,
config,
...
}: let
}:
let
cfg = config.youthlic.programs.juicity;
in {
in
{
imports = lib.youthlic.loadImports ./.;
options = {
youthlic.programs.juicity = {
@ -19,12 +21,12 @@ in {
};
config = lib.mkMerge [
(lib.mkIf cfg.client.enable {
users.groups.juicity.members = ["root"];
users.groups.juicity.members = [ "root" ];
sops = {
secrets = {
"juicity/serverIp" = {};
"juicity/sni" = {};
"juicity/certchainSha256" = {};
"juicity/serverIp" = { };
"juicity/sni" = { };
"juicity/certchainSha256" = { };
};
templates."juicity-client-config.json" = {
group = "juicity";
@ -54,7 +56,7 @@ in {
};
})
(lib.mkIf cfg.server.enable {
users.groups.juicity.members = ["root"];
users.groups.juicity.members = [ "root" ];
sops = {
secrets = {
"juicity/certificate" = {
@ -94,8 +96,8 @@ in {
})
(lib.mkIf (cfg.server.enable || cfg.client.enable) {
sops.secrets = {
"juicity/uuid" = {};
"juicity/password" = {};
"juicity/uuid" = { };
"juicity/password" = { };
};
})
];

34
nixos/modules/programs/juicity/template.nix
View file

@ -3,23 +3,27 @@
lib,
pkgs,
...
}: let
}:
let
cfg = config.services.juicity;
settingsFormat = pkgs.formats.json {};
settingsFormat = pkgs.formats.json { };
clientConfigFile =
if (cfg.client.configFile != null)
then cfg.client.configFile
else settingsFormat cfg.client.settings;
if (cfg.client.configFile != null) then
cfg.client.configFile
else
settingsFormat cfg.client.settings;
serverConfigFile =
if (cfg.server.configFile != null)
then cfg.server.configFile
else settingsFormat cfg.server.settings;
in {
if (cfg.server.configFile != null) then
cfg.server.configFile
else
settingsFormat cfg.server.settings;
in
{
options = {
services.juicity = {
client = {
enable = lib.mkEnableOption "juicity-client";
package = lib.mkPackageOption pkgs "juicity" {};
package = lib.mkPackageOption pkgs "juicity" { };
group = lib.mkOption {
type = lib.types.nullOr lib.types.str;
example = "juicity";
@ -27,7 +31,7 @@ in {
};
settings = lib.mkOption {
type = settingsFormat.type;
default = {};
default = { };
example = {
listen = ":1000";
server = "112.32.62.11:23182";
@ -55,7 +59,7 @@ in {
};
allowedOpenFirewallPorts = lib.mkOption {
type = lib.types.nullOr (lib.types.listOf lib.types.port);
example = [23182];
example = [ 23182 ];
default = null;
description = ''
the ports should be open
@ -64,7 +68,7 @@ in {
};
server = {
enable = lib.mkEnableOption "juicity-server";
package = lib.mkPackageOption pkgs "juicity" {};
package = lib.mkPackageOption pkgs "juicity" { };
group = lib.mkOption {
type = lib.types.nullOr lib.types.str;
example = "juicity";
@ -72,7 +76,7 @@ in {
};
settings = lib.mkOption {
type = settingsFormat.type;
default = {};
default = { };
description = ''
Juicity server configuration, for configuration options
see example of [server](https://github.com/juicity/juicity/blob/main/install/example-server.json) on github.
@ -100,7 +104,7 @@ in {
};
allowedOpenFirewallPorts = lib.mkOption {
type = lib.types.nullOr (lib.types.listOf lib.types.port);
example = [23182];
example = [ 23182 ];
default = null;
description = ''
the ports should be open

8
nixos/modules/programs/kanata.nix
View file

@ -3,16 +3,18 @@
lib,
pkgs,
...
}: let
}:
let
cfg = config.youthlic.programs.kanata;
in {
in
{
options = {
youthlic.programs.kanata = {
enable = lib.mkEnableOption "kanata";
};
};
config = lib.mkIf cfg.enable {
boot.kernelModules = ["uinput"];
boot.kernelModules = [ "uinput" ];
hardware.uinput.enable = true;
services.kanata = {
enable = true;

8
nixos/modules/programs/mautrix-telegram.nix
View file

@ -2,16 +2,18 @@
config,
lib,
...
}: let
}:
let
cfg = config.youthlic.programs.mautrix-telegram;
in {
in
{
options = {
youthlic.programs.mautrix-telegram = {
enable = lib.mkEnableOption "mautrix-telegram";
};
};
config = lib.mkIf cfg.enable {
sops.secrets.matrix-telegram-bot = {};
sops.secrets.matrix-telegram-bot = { };
services.mautrix-telegram = {
enable = true;
environmentFile = "${config.sops.secrets.matrix-telegram-bot.path}";

6
nixos/modules/programs/miniflux.nix
View file

@ -2,9 +2,11 @@
lib,
config,
...
}: let
}:
let
cfg = config.youthlic.programs.miniflux;
in {
in
{
options = {
youthlic.programs.miniflux = {
enable = lib.mkEnableOption "miniflux";

6
nixos/modules/programs/minio.nix
View file

@ -2,9 +2,11 @@
lib,
config,
...
}: let
}:
let
cfg = config.youthlic.programs.minio;
in {
in
{
options = {
youthlic.programs.minio = {
enable = lib.mkEnableOption "minio";

3
nixos/modules/programs/nh.nix
View file

@ -1,4 +1,5 @@
{...}: {
{ ... }:
{
config = {
programs.nh = {
enable = true;

6
nixos/modules/programs/nix-ld.nix
View file

@ -2,9 +2,11 @@
config,
lib,
...
}: let
}:
let
cfg = config.youthlic.programs.nix-ld;
in {
in
{
options = {
youthlic.programs.nix-ld = {
enable = lib.mkEnableOption "nix-ld";

6
nixos/modules/programs/obs.nix
View file

@ -3,9 +3,11 @@
lib,
config,
...
}: let
}:
let
cfg = config.youthlic.programs.obs;
in {
in
{
options = {
youthlic.programs.obs = {
enable = lib.mkEnableOption "obs";

22
nixos/modules/programs/open-webui.nix
View file

@ -2,9 +2,11 @@
config,
lib,
...
}: let
}:
let
cfg = config.youthlic.programs.open-webui;
in {
in
{
options = {
youthlic.programs.open-webui = {
enable = lib.mkEnableOption "open-webui";
@ -25,15 +27,15 @@ in {
let
caddy-cfg = config.youthlic.programs.caddy;
in
lib.mkIf (cfg.enable && caddy-cfg.enable) {
services.caddy.virtualHosts = {
"open-webui.${caddy-cfg.baseDomain}" = {
extraConfig = ''
reverse_proxy 127.0.0.1:8083
'';
};
lib.mkIf (cfg.enable && caddy-cfg.enable) {
services.caddy.virtualHosts = {
"open-webui.${caddy-cfg.baseDomain}" = {
extraConfig = ''
reverse_proxy 127.0.0.1:8083
'';
};
}
};
}
)
];
}

8
nixos/modules/programs/openssh.nix
View file

@ -2,9 +2,11 @@
config,
lib,
...
}: let
}:
let
cfg = config.youthlic.programs.openssh;
in {
in
{
options = {
youthlic.programs.openssh = {
enable = lib.mkEnableOption "openssh";
@ -44,7 +46,7 @@ in {
"diffie-hellman-group-exchange-sha256"
];
};
ports = [3022];
ports = [ 3022 ];
};
};
}

6
nixos/modules/programs/owncast.nix
View file

@ -2,9 +2,11 @@
lib,
config,
...
}: let
}:
let
cfg = config.youthlic.programs.owncast;
in {
in
{
options = {
youthlic.programs.owncast = {
enable = lib.mkEnableOption "owncast";

8
nixos/modules/programs/postgresql.nix
View file

@ -3,9 +3,11 @@
config,
lib,
...
}: let
}:
let
cfg = config.youthlic.programs.postgresql;
in {
in
{
options = {
youthlic.programs.postgresql = {
enable = lib.mkEnableOption "postgresql";
@ -27,7 +29,7 @@ in {
# default socket: /var/lib/postgresql
services.postgresql = {
enable = true;
ensureDatabases = [cfg.database];
ensureDatabases = [ cfg.database ];
ensureUsers = [
{
name = "${cfg.database}";

10
nixos/modules/programs/radicle.nix
View file

@ -2,9 +2,11 @@
config,
lib,
...
}: let
}:
let
cfg = config.youthlic.programs.radicle;
in {
in
{
options = {
youthlic.programs.radicle = {
enable = lib.mkEnableOption "radicle";
@ -55,11 +57,11 @@ in {
};
node = {
alias = cfg.domain;
listen = [];
listen = [ ];
peers = {
type = "dynamic";
};
connect = [];
connect = [ ];
externalAddresses = [
"${cfg.domain}:8776"
];

6
nixos/modules/programs/rustypaste/default.nix
View file

@ -2,9 +2,11 @@
lib,
config,
...
}: let
}:
let
cfg = config.youthlic.programs.rustypaste;
in {
in
{
imports = lib.youthlic.loadImports ./.;
options = {

18
nixos/modules/programs/rustypaste/template.nix
View file

@ -3,18 +3,20 @@
lib,
config,
...
}: let
}:
let
cfg = config.services.rustypaste;
settingsFormat = pkgs.formats.toml {};
settingsFormat = pkgs.formats.toml { };
configFile = settingsFormat.generate "rustypaste-config.toml" cfg.settings;
in {
in
{
options = {
services.rustypaste = {
enable = lib.mkEnableOption "rustypaste";
package = lib.mkPackageOption pkgs "rustypaste" {};
package = lib.mkPackageOption pkgs "rustypaste" { };
settings = lib.mkOption {
type = settingsFormat.type;
default = {};
default = { };
description = ''
Rustypaste configuration
'';
@ -61,7 +63,7 @@ in {
isSystemUser = true;
};
groups = lib.optionalAttrs (cfg.group == "rustypaste") {
rustypaste = {};
rustypaste = { };
};
};
systemd.services.rustypaste = {
@ -86,8 +88,8 @@ in {
Type = "simple";
Restart = "on-failure";
Home = "/var/lib/rustypaste";
ReadWritePaths = ["/var/lib/rustypaste"];
StateDirectory = ["rustypaste"];
ReadWritePaths = [ "/var/lib/rustypaste" ];
StateDirectory = [ "rustypaste" ];
ExecStart = ''
${lib.getExe cfg.package}
'';

6
nixos/modules/programs/steam.nix
View file

@ -3,9 +3,11 @@
lib,
config,
...
}: let
}:
let
cfg = config.youthlic.programs.steam;
in {
in
{
options = {
youthlic.programs.steam = {
enable = lib.mkEnableOption "steam";

6
nixos/modules/programs/supergfxd.nix
View file

@ -2,9 +2,11 @@
config,
lib,
...
}: let
}:
let
cfg = config.youthlic.programs.supergfxd;
in {
in
{
options = {
youthlic.programs.supergfxd = {
enable = lib.mkEnableOption "supergfxd";

6
nixos/modules/programs/tailscale.nix
View file

@ -2,9 +2,11 @@
config,
lib,
...
}: let
}:
let
cfg = config.youthlic.programs.tailscale;
in {
in
{
options = {
youthlic.programs.tailscale = {
enable = lib.mkEnableOption "tailscale";

6
nixos/modules/programs/transfer-sh.nix
View file

@ -2,9 +2,11 @@
lib,
config,
...
}: let
}:
let
cfg = config.youthlic.programs.transfer-sh;
in {
in
{
options = {
youthlic.programs.transfer-sh = {
enable = lib.mkEnableOption "transfer.sh";

32
nixos/modules/programs/transmission.nix
View file

@ -4,9 +4,11 @@
lib,
rootPath,
...
}: let
}:
let
cfg = config.youthlic.programs.transmission;
in {
in
{
options = {
youthlic.programs.transmission = {
enable = lib.mkEnableOption "transmission";
@ -40,21 +42,21 @@ in {
let
caddy-cfg = config.youthlic.programs.caddy;
in
lib.mkIf (cfg.enable && caddy-cfg.enable) {
services.transmission = {
openRPCPort = lib.mkForce false;
settings = {
rpc-bind-address = lib.mkForce "127.0.0.1";
};
lib.mkIf (cfg.enable && caddy-cfg.enable) {
services.transmission = {
openRPCPort = lib.mkForce false;
settings = {
rpc-bind-address = lib.mkForce "127.0.0.1";
};
services.caddy.virtualHosts = {
"transmission.${caddy-cfg.baseDomain}" = {
extraConfig = ''
reverse_proxy 127.0.0.1:9091
'';
};
};
services.caddy.virtualHosts = {
"transmission.${caddy-cfg.baseDomain}" = {
extraConfig = ''
reverse_proxy 127.0.0.1:9091
'';
};
}
};
}
)
];
}

6
nixos/modules/programs/wshowkeys.nix
View file

@ -2,9 +2,11 @@
config,
lib,
...
}: let
}:
let
cfg = config.youthlic.programs.wshowkeys;
in {
in
{
options = {
youthlic.programs.wshowkeys = {
enable = lib.mkEnableOption "wshowkeys";

5
nixos/modules/sops.nix
View file

@ -1,9 +1,10 @@
{rootPath, ...}: {
{ rootPath, ... }:
{
config = {
sops.defaultSopsFile = rootPath + "/secrets/general.yaml";
sops.age = {
keyFile = "/var/sops/key.txt";
sshKeyPaths = [];
sshKeyPaths = [ ];
generateKey = false;
};
};

3
nixos/modules/top-level/default.nix
View file

@ -3,7 +3,8 @@
inputs,
outputs,
...
}: {
}:
{
imports = with inputs; [
home-manager.nixosModules.home-manager
dae.nixosModules.dae

16
nixos/modules/top-level/gui.nix
View file

@ -1,9 +1,9 @@
{inputs, ...}: {
imports =
[
./.
]
++ (with inputs; [
niri-flake.nixosModules.niri
]);
{ inputs, ... }:
{
imports = [
./.
]
++ (with inputs; [
niri-flake.nixosModules.niri
]);
}

10
nixos/modules/virtualisation/kvm.nix
View file

@ -3,9 +3,11 @@
lib,
pkgs,
...
}: let
}:
let
cfg = config.youthlic.virtualisation.kvm;
in {
in
{
options = {
youthlic.virtualisation.kvm = {
enable = lib.mkEnableOption "kvm";
@ -22,11 +24,11 @@ in {
programs.virt-manager = {
enable = true;
};
users.groups.libvirtd.members = [cfg.unixName];
users.groups.libvirtd.members = [ cfg.unixName ];
virtualisation = {
libvirtd = {
enable = true;
qemu.vhostUserPackages = with pkgs; [virtiofsd];
qemu.vhostUserPackages = with pkgs; [ virtiofsd ];
};
spiceUSBRedirection = {
enable = true;

8
nixos/modules/virtualisation/waydroid.nix
View file

@ -3,9 +3,11 @@
config,
pkgs,
...
}: let
}:
let
cfg = config.youthlic.virtualisation.waydroid;
in {
in
{
options = {
youthlic.virtualisation.waydroid = {
enable = lib.mkEnableOption "waydroid";
@ -15,6 +17,6 @@ in {
virtualisation.waydroid = {
enable = true;
};
environment.systemPackages = [pkgs.nur.repos.ataraxiasjel.waydroid-script];
environment.systemPackages = [ pkgs.nur.repos.ataraxiasjel.waydroid-script ];
};
}